Monthly Archives: November 2014

Cisco SG500 Small Business Switches and Smart Ports

Wow, I’ve been using Cisco switches for over a decade and I’ve never come across something quite so ugly as Smart Ports.

Cisco now have a set of Small Business switches which are designed for a smaller budget – the first of the managed switches is the SG300 and they are cheap for Cisco, about a fifth of the price of a 2650X, and a stackable series called the SG500 which are at least half the price of a 2650X.

They run a cut down version of IOS that is mostly familiar, but has a few interesting quirks. The most infuriating of which are Smart Ports.

Smart Ports are basically a set of macros that get triggered based on the characteristics of a device you connect to a switch port. The idea is, if you plug a Cisco phone in, the port gets configured for the phone. If you daisy chain a PC to the phone, it gets configured appropriately for that. If you plug another Cisco switch in, it gets configured as a trunk between switches etc..

It’s a nice theory and to be honest nothing new, as cisco have had macros for a long time – just look at the way auto qos worked on their catalyst switches.

The bit that is particularly crap about these macros is that despite the intelligence to work out what has been connected, the implementation of the macro is plain dumb. For starters, the default macros make the assumption that your data VLAN is VLAN 1. I didn’t realise this at first, I had my desktops on VLAN 50 daisy chained through phones, as the voice vlan command is not supported on these switches I merrily configured a trunk with a native VLAN of 50 for my data, and a tagged VLAN of 215 for my voice

switchport mode trunk
switchport trunk native vlan 50
switchport trunk allowed vlan add 215

Only to discover that when I plugged in a phone, it reconfigured the native vlan to be VLAN 1 and broke the PC. Brilliant.

I also had a bunch of ports configured as a simple access port on VLAN 50.

switchport mode access
switchport access vlan 50

The web GUI showed these ports as being in an unknown state as far as Smart Ports was concerned, and when I tried to reset them and push a Smart Port macro to them, they fell over part way through and left them in a semi configured state (of course the web GUI didn’t report any problems, had to look at the switch console and logs to see the Macro was falling over at line 13). The only way to fix this was to manually remove the broken config the Macro had applied using the CLI, and then get it to apply again.

Also these switches only support a single voice vlan. As a result, you configure this voice vlan globally and it is then updated in all the macros.

Another issue is with the firmware updates. The switch has the concept of a boot firmware and a switch firmware – these are issued as two separate files. The switch firmware can be uploaded via the web gui and seems fairly straight forward. For reasons only known to Cisco the boot firmware can’t be uploaded in the same way and must be sent via SCP or TFTP. Also I found that I couldn’t upgrade from an old firmware directly to the latest (I would just get errors after the upload process). In the end I found stepping through each version in turn and rebooting after each worked. Nice.

Once you get over these foibles, the switch is alright. Its pretty comprehensive for a small business switch, however its poorly implemented. Cisco have pushed you towards the GUI to manage the switch rather than the slightly odd CLI – but have only done this half-heartedly. For example they’ve provided a reasonably simple web interface, but have clung on to some old concepts of copying running-config to start-up config. For Cisco engineers this is bread and butter, but then for Cisco engineers the CLI would be preferable rather than the GUI. For non Cisco engineers, a GUI is a welcome addition – but why have the complexity of copying running-config to startup-config just to save a change you made in a GUI screen – why can’t you just click “Save” !?

Basically, if you have to deal with one of these switches – my recommendation would be restore it to factory settings, manage it purely through the GUI and update the default smart port macros to suit your environment. If you want to use the CLI, make sure you disable smart ports through the GUI first, or this thing will drive you mad!