Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

STP

The SG500-28P supports class Spanning Tree Protocol (STP), Rapid STP (RSTP), and Multiple STP (MSTP).  Rapid STP is enabled on the SG500 by default.

STP prevents network loops from being formed by automatically taking down one or more interfaces suspected to be part of a loop.  RSTP is a faster version of STP.  MSTP allows for running multiple instances of RSTP to enable to loop prevention in a network running multiple VLANs.

To test RSTP, I connected two trunks on ports 1 and 5 between the SG500 and my NETGEAR GS108T with RSTP enabled on both switches.  Without RSTP, both trunks would come up on both sides, resulting in a switching loop.  With RSTP enabled, one interface on one switch should go into an Alternate (= blocking) state, preventing a switching loop.  

The default settings of both switches led to the GS108T becoming the Root bridge and the Alternate port being established on port 5 the SG500 as shown in Figure 9, validating proper RSTP functionality.

RSTP settings

Figure 9: RSTP settings

Jumbo Frames

The SG500-28P supports up to 10k byte jumbo frames.  Enabling jumbo frames on the switch is a check box and reboot, as shown in Figure 10.  Once enabled, I was able to pass up to 4k jumbo frames over the SG500, which is my end device limit.

Jumbo frame enable

Figure 10: Jumbo frame enable

LAG

Link Aggregation Groups allow for grouping multiple interfaces to form a single “pipe” between the switch and another LAG capable device.  LAG trunking increases bandwidth between devices and improves redundancy as the LAG connection will stay up and carry traffic as long as one of its interfaces is up.

The SG500 supports static LAG trunks and dynamic LAG trunks using Link Aggregation Control Protocol (LACP).  I configured two ports on the SG500 and GS108T to form a static LAG trunk.  As shown in Figure 11, my LAG trunk came up without issue.

LAG settings

Figure 11: LAG settings

QoS

Quality of Service (QoS) is quite advanced on the SG500-28P.  The switch can recognize Class of Service (CoS) values or Differentiated Service Code Point (DSCP) values for applying traffic prioritization.  There are four queues and two different methods for queue management, as well as options for bandwidth limiting via ingress and egress rate controls.

In basic QoS mode on the SG500, QoS values can either be trusted or overridden per interface.  In advanced QoS mode, QoS rules can be configured using Access Control Lists (ACLs) as part of a Class Map to match different traffic types, using the Class Map in a Policy Map to define how to prioritize that specific traffic type and finally applying the Policy Map to an interface via Policy Binding. 

Traffic prioritization is handled via four queues, with traffic assigned to each queue based on QoS value.  If there is congestion on the switch, traffic will get delivered based on queue priority.  The SG500 can operate using either strict priority or Weighted Round Robin (WRR) method.  Strict priority will ensure that traffic in the high priority queue gets through first, but can result in dropping too much traffic in the low priority queue.  WRR provides a middle ground, allowing prioritization of delay sensitive traffic, yet permitting all traffic access to network resources.

Basic bandwidth utilization can be managed by port with Ingress and Egress rate limits.  I ran a simple test by configuring a port on the SG500 with Ingress and Egress rate limits of 500Kbps.  See port GE13 in Figure 12. 

Bandwidth control

Figure 12: Bandwidth control

I connected my PC to port 13 with the above bandwidth limits and connected another PC to an unlimited port on the SG500.  I then tested the SG500's bandwidth limiting capability with iperf using default TCP settings.  Using iperf, I measured 540 Kbps in each direction with the bandwidth limit applied, closely matching the 500 Kbps limit set.

Security

The SG500-28P has extensive security controls.  Access to the switch can be controlled via a local database of user names or via external TACACS+ or RADIUS servers.  To protect against various network threats, the SG500 has options for Storm Control, Port Security, 802.1x end device authentication, DoS Prevention, DHCP Snooping, IP Source Guard, and ARP Inspection.

To control traffic flows, the SG500 supports filtering traffic based on source and destination MAC, IPv4 or IPv6 addresses, QoS values, Layer 4 ports, and protocols. Traffic filters on the SG500 are applied to physical interfaces with Access Control Lists (ACLs).  ACLs are lists of Access Control Entries (ACE).  A total of 2000 different ACEs can be created on the SG500.  

As a test, I created a basic MAC based ACL with a single ACE to shutdown the port if it saw traffic from a specific MAC and applied it to port 7.  I then plugged the device with the specified MAC to port 7 on the SG500, which resulted in the switch disabling port 7 as expected.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I run an OpenVPN client on my ASUS RT-AC86U with 384.10_2 firmware. Everything works fine except that whenever the VPN client disconnects (happens occ...
View attachment 17763why would a device be trying to access a private IP address from my network....View attachment 17764mysteriously here it is tryin...
Can you use an USB Wifi antena (not those with port like the coaxial cable) for your router to extend and have more powerful Wifi. Some routers have a...
I'm looking for a router that can:- support up to 150Mb/s- support both 2.4GHz and 5GHz- actively monitor network traffic on a per device basis- creat...
I currently have OpenVPN setup on my router to LAN access only. But I need it to assign all the clients the internal DNS server.So I added:Code: push...

Don't Miss These

  • 1
  • 2
  • 3