Re: [pfSense] 10GBASE-T hardware

2018-03-28 Thread Paul Mather
On Mar 27, 2018, at 8:47 PM, Yehuda Katz  wrote:

> I agree with everything my brother said except recommending the Uniquiti
> EdgeSwitch.
> We have seen a few instances of the EdgeSwitch locking up without any
> apparent reason (once we traced it to a thermal issue, but we couldn't find
> a cause for the others).
> The EdgeSwitch also only has a 1 year warranty while the Netgear you
> mentioned has a Lifetime Warranty (for whatever that is worth).
> At (insert university name here) we were happily standardizing on Brocade
> ICX switches until we hit major OSPF firmware bugs. Dell N and S series are
> good, but also more expensive than that Netgear.


Thank you for the information.  Actually, having done some more searching, our 
budget could probably also stretch to getting a Cisco SG350X-48 switch instead 
of the Netgear.  Like the Netgear, it apparently features 48 1000Base-T ports 
plus two 10GBASE-T/SFP+ combo ports + 2 10GbE SFP+ ports.  So, port-wise, the 
same as the Netgear, but likely better firmware-wise/support.  (I have 
experience with the firmware of the Cisco SG350-28 model and really like its 
feature set.)

Cheers,

Paul.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 10GBASE-T hardware

2018-03-28 Thread Paul Mather
On Mar 27, 2018, at 8:10 PM, Moshe Katz  wrote:

Many thanks for the information and advice.  It is much appreciated.

> According to the specs that I found on HP's website, your HP switch does
> not support 10Gb, only 1Gb on its mini-GBIC ports. You will definitely need
> a new switch to take advantage of 10Gb.


It's true that the mini-GBIC ports support only 1Gb, but that HP switch also 
can accommodate two(?) option modules at the rear of the switch that can be 
used to provide 10 Gb connectivity.  According to the "HP ProCurve Switch - 
What modules are available for the 2910al?" page at the HP Support site 
(https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02620659 
) you 
can get dual-port 10-GbE CX4 and 10-GbE SFP+ option modules.  Well, at least I 
suppose you could, as I'm not sure how widely available they are, and, this 
being an old switch, it may be that buying option modules from vendors with 
which $WORK are willing to purchase may result in them being prohibitively 
expensive due to them being legacy/discontinued equipment.  In my experience, 
those tend to command a premium price (except when buying via eBay).  (The SFP+ 
option module---J9008A---appears to cost $700+ on a quick search.)


> If you do get a switch that supports 10GBase-T, you should definitely
> consider the Intel X540. The vast majority of reports that I have seen say
> that it works great. (There was one report I found on a forum claiming
> performance issues, but others on the same thread said it worked fine for
> them.)


Thanks, that's very good to know.


> There are also many dual-port SFP+ cards out there (such as the Intel X520)
> that are not too expensive and support lots of different types of SFP+
> connectors. Although Intel does not make a 10GBase-T SFP+ itself, there are
> third parties that make it. You would use one of those to connect to the
> 10GbE feed into the rack and then a regular fiber SFP (or the option listed
> below) to connect to the switch.


See below for queries/concerns about obtaining a 10GBase-T SFP+ transceiver.


> To connect the pfSense to the switch, I would probably use a Direct-Attach
> cable (DAC) instead of fiber or Ethernet. Approved Optics
>  is a company that makes many OEM network
> connectors under contract and they also make their own versions of them at
> significantly reduced prices. Their DAC Finder
>  tool lets you order a cable that
> has SFP+ ends for different manufacturers (for example, an Intel end for
> your pfSense and an HP end for your switch). There's no need to worry about
> fiber or CAT7A Ethernet cables; just plug the cable in (taking care to make
> sure it is oriented correctly) and that's it.


Again, many thanks for the Approved Optics link.  That will be very useful.

I don't have any practical SFP+ experience, so maybe you or someone else can 
verify whether I am understanding this correctly: the Direct-Attach cable 
basically encapsulates a transceiver at each end with an appropriate cable 
connecting them, all in one unit?


> Since you have a limited budget, I really recommend going the
> direct-attached route. They are so much cheaper and more resilient than
> fiber, and switches with SFP+ slots are often much cheaper than switches
> with 10GbE. For example, you can get a Uniquiti EdgeSwitch with 48 Gb ports
> and 2 SFP+ ports for just around $400. These are the switches I have used
> in many of our limited-budget installations in the past (including in a
> University setting like yours seems to be from your email address) and they
> perform well. (Note that Approved Optics does not have official Ubiquiti
> cables, but many on the Ubiquiti forums report that it works with Cisco and
> other brand cables as long as they are 2 meters or shorter. In a single
> rack, that should not be an issue.)


My main issue with going the SFP+ route is that my rack uplink port is still 
10GBASE-T and so I'd need to find a 10GBASE-T transceiver for the pfSense 10 
GbE NIC and these seem difficult to find or they are 3rd party or they are 
expensive themselves (e.g., $200--$300+).  I've also heard there are thermal 
issues with those transceivers as there's not much opportunity to build in the 
requisite heat sinks that 10GBASE-T appears to need.  (I've noticed 10GBASE-T 
NICs have pretty hefty heatsinks on them.)  Besides that, I've not been able to 
find a 10GBASE-T transceiver for Chelsio NICs and only 3rd party ones for 
Intel---e.g., by some company called 10Gtek.

Does anyone have any advice/experience to share regarding 10GBASE-T 
transceivers?

Thanks again for the info.

Cheers,

Paul.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold