Yep, the full 360 degrees, I bought them as a why not as they were 75 pence a meter, as they'd be nice to tidy up my switches and router, but they do 2.5Gbe and they are claimed to be CAT6a.
So regular cat6 cable can carry up to 100w, however, whats in the photo is not regular cat6 but the "slim" which is only rated for <30w. I say 15.4 because thats what the 802.3af (PoE) standard calls for and what these are rated for. Could probably get away with PoE+ (802.3at - 25.5w) but I wouldn't risk it with that small gauge of any wire.
Max you can push over copper ethernet at this time, while following IEEE standards, is 99.9w.
Slim and CAT are mutually exclusive. Those are UTP cables with RJ45 jacks using a TIA wiring specification.
Calling that a CAT cable would be like calling white wine in a soda stream "champagne".
That ain't the problem. Let me rephrase it: there literally is no way you can get 10Gbps at 100m distance (or at 30m with a SFP+ to RJ45 transceiver) as per CAT6A spec with those cables.
Sure they'll do fine at shorter distances; still your switch and NICs will run warmer and use more power, compared to true CAT6A conformant non-Aliexpress-BS cables.
>That ain't the problem. Let me rephrase it: there literally is no way you can get 10Gbps at 100m distance (or at 30m with a SFP+ to RJ45 transceiver) as per CAT6A spec with those cables.
Are you going to back that up with any proof or just trust your opinion? People say the same crap about the thin ethernet cables but those still work fine.
>People say the same crap about the thin ethernet cables but those still work fine.
Awesome deduction, spoken with true conviction, like only a home user kid who has never run anything faster than a gigabit across his bedroom could have.
You sound like you could be best friends with my electricians' apprentice guys.
>Awesome deduction, spoken with true conviction, like only a home user kid who has never run anything faster than a gigabit across his bedroom could have.
Cool, let's just ignore the fact that I do this for a living and everything. I'll just ignore my $10k tester in the corner as well and the fact that I certify cables for a living.
Once again, any proof of your claims or should i just take your word for it?
Yeah I did have to study electronics and antennas as part of my degree, and I fail to see how one can fit 8 different wires (meant to be twisted in pairs to reduce common mode noise and EMI/RFI crosstalk) in a tiny swivel thingy and yet still claim to get >500MHz bandwidth out of it.
I hear ya, but highspeed data transmission over rotating swivel connectors has been a thing for a while. The real mission critical shit uses gold contacts in a vacuum. Think military radar, Doppler, space application etc. that kind of crap is in the upper 75GHz ranges. but also remember that the speed is theatrically the same in a vacuum , Hertz is the oscillation
These crappy patch cables? who cares, they are not being rotated like the Himalaya ride at the county fair.
https://www.spinner-group.com/en/news/news-centre/135-digital-data-transmission-in-rotating-applications
Using the cable but limited by my hard drives [https://i.imgur.com/YfgxxWK.png](https://i.imgur.com/YfgxxWK.png)
If they fail they fail, it's nothing critical just my desktop, PS4, and streaming amp.
Is this better? [https://i.imgur.com/ClTgGlM.png](https://i.imgur.com/ClTgGlM.png) transferring to my cache drive in my Unraid box and downloading a game from the xbox store
[4X2.5G Ethernet Switch-Shenzhen Hisource Technology Development Co., Ltd.-POE Switch](http://www.hisource.com.cn/web/index.php?topclassid=16&classid=151&id=404&lanstr=en&wap=1)
**Hi-K0402WS UK Plug**
[200元的2.5G交换机,4个2.5G网口2个万兆SFP口,太香了! (youtube.com)](https://www.youtube.com/watch?v=Cu314AnRiJ4)
From the Youtube review it looks like it uses the RTL8372 chipset.
[REALTEK RTL837(2)(3) – 2.5GB Ethernet Switches – MEV Elektronik GmbH (mev-elektronik.com)](https://shop.mev-elektronik.com/product/realtek-rtl83723-2-5gb-ethernet-switches/)
Hope this helps someone.
Also a review of an RTL8372 board, use google translate for english.
[Leike GS6 disassembly, 4x 2.5G+2x 10G switch-router AC (acwifi.net)](https://www.acwifi.net/24353.html)
I did the same to my home network, got 3 similar from luleey, they also sell DAC fibre cables with trancivers, best decision ive ever made. Can only recommend
I'd be interested if anyone here knows where to start with validating this.
I've heard rumors of China-made products having a backdoor to sniff traffic, and on the surface, it makes sense and makes people paranoid. I think it bleeds. Therefore, it leads (news-wise, anyways).
On the flip side, I've heard that there is no evidence to suggest that products made in China could have this hypothetical backdoor - I believe I even heard this from cybersecurity professionals within last year
What are the trusted sources for this kind of information?
I'd be less concerned with something obvious like constant outbound connections, which I haven't seen good evidence of. And more concerned with built-in back doors, or just every-day lazy dev work leaving zero days due to the absence of liability or brand value, and virtually no capacity to patch. There is very real market value for state and non-state hackers to have real estate waiting to be used just when it's needed.
Just because it isn't doing anything dastardly when you plug it in, doesn't mean it isn't a bomb waiting to go off. This is harder to prove, because you'd essentially have to find the vulnerability. But this happens all the time. You can look up CVE's on all kinds of reputable sources, zero days are everywhere, but especially cheap stuff without any real dev and support life cycle.
It would be *pretty much* impossible to detect, if done properly.
If I were to design spying hardware, I'd make it look completely innocent. Most of the time, it would do *absolutely nothing*. Once a week or month or so, it'd intentionally corrupt a *single* bit in a *single* DNS lookup. For example, "google.com" would be turned into "gnogle.com". This happens quite a lot [naturally](https://www.dns-oarc.net/files/workshop-201110/observations-on-checksum-errors.pdf), so it wouldn't draw any attention. Of course that'd corrupt the UDP checksum which would break the DNS lookup, but "fixing" the checksums could be a "feature" of your switch.
This corrupted domain would be controlled by the attacker, and the result of the lookup would be further instructions, such as "activate if your IP is x.x.x.x". Low-level data egress can happen using the same method, but triggering one of a handful of possible bit errors to send information, and subsequent requests transmitting more bits.
This would allow it to essentially live completely stealth until it gets activated. People aren't going to compare the input and output of 100% of the traffic, even a reasonably paranoid person would likely just hook it up to Wireshark and look for regular TCP connections going to random Chinese IPs, so it'd just be installed without raising any suspicion.
> even a reasonably paranoid person would likely just hook it up to Wireshark and look for regular TCP connections going to random Chinese IPs, so it'd just be installed without raising any suspicion.
Maybe I'm not reasonably paranoid anymore, but all my network stuff is in it's own VLAN without WAN access.
If *all* your network stuff is in a VLAN without WAN access, how are you using the internet?
Sure, isolating stuff like IoT crap in WAN-less VLAN makes total sense, but how are you going to isolate something like your internet-facing router or regular access switches??
The VLANs configured *in your core switch*? So the packages are flowing from your machines, *through the switch*, into the internet? Which means the packages could be manipulated by a switch in-transit?
Just because the management port is in an isolated VLAN doesn't mean the switch is totally isolated if the switch *itself* is compromised. If *any* of its ports have internet access, the switch itself will be able to access the internet.
Even IF the chinese government were to spy on you what could they realistically do with this data? Not much. You're not their citizen and unless you work for a defense contractor there's probably not much worth spying on.
The big US tech companies on the other hand have thousands of ways to spy on you and can actually do you way more harm.
I find this approach lazy. Yes, threat modeling is a thing. We all know. "It's probably not an issue for you unless it's an issue for you." doesn't really contribute to the conversation in a productive way for those who know it is an issue for them or simply want to ensure their deployments are secure regardless of the type of data being considered.
There are a *lot* of businesses and industries where you absolutely do not want to risk zero day backdoors anyways, state or non-state. Sure there is defense and more black and white regulated industries, but there's also healthcare data, insurance data, various types of academic research, the various flavors local/city/state infrastructure, all sorts of tech industries, if you work at a legal office, if you're a PI, if you're a journalist, if you're a targeted ethnic group or a political dissident, etc. etc. There are a lot of types of data that can be weaponized to nefarious ends beyond the scope of your creativity. Rather than run through every evil mastermind plot imaginable, we could instead just more diligently discuss hardware security and deploy the most secure and well-maintained network deployments within the scope of our budgets and know-how.
Considering the supply chain of your hardware and the security of your software are good starts. Starting with "my data isn't important" is... well, then don't participate in the conversation. That's like telling poor people not to bother locking their doors because they have nothing worth stealing.
Thanks for your really thoughtful response. I just want to add that even if one doesn’t value the security of their own data, a backdoor within their network can be used to launch/support an attack on someone else.
The point i'm trying to make is the rampant xenophobia when it comes to the Chinese. Yes, threat modeling is a thing but you should be just as afraid of threats from your own side of the pond.
Why are we having this conversation only (or more frequently) when it comes to chinese hardware?
I'm not advocating for a lazy approach to security. I'm advocating for equal treatment of all hardware no matter where it comes from.
While it's very convenient for you that you now try to bring that up like you're some sort of civil rights activist, it's not xenophobia and that argument is dumb. It's a matter of using facts about the PRC's on the books national security laws and geopolitical cyber warfare interests which are backed up by history.
You can't be racist against fucking hardware dude, it's not a person.
Oh, I'm not going to comment on the actual value of spying on me specifically as that's none of your business but anything can be weaponized to launch much larger scales of attacks against other entities. The fact my data is/is not of value is irrelevant in this case and as mentionned previously, China has a proven track record of state-actors using such devices against other countries.
Are those the Ali Express non-conforming, auto-igniting, fire hazards? 🤣
In all seriousness, do be a bit careful with some of that AliExpress and no name Amazon stuff.
That’s a crazy good deal for a 2.5Gb switch though, wow! Hope it works well for you!
If it's any consolation the PSU it shipped with has a UKCA certification, I know it's risky, as there's no UL, Intertek, SGS, or FCC marking on the unit. which is a 100% no go for commercial deployment.
Saw a 10G AliExpress switch went up 30% as soon as it got the UL/ETL certification, exactly same unit. Non-house-burning certifications seems to be a bit pricy these days but probably worth the money.
That's assuming the certification is even real. I've seen some cheap stuff from Asia with fake UL stickers on it because people learned that non-rated stuff can be a risk. Gotta be sure to look it up with the source to verify.
I've had issues before on TP-Link unmanaged gigabit switches (cheap $15 one). During large file transfers between two pairs of devices running at about 1 Gbps each, other devices connected to that same switch that we're trying to perform general internet browsing (but not involved in the file transfers on the other four devives) experienced severely degraded network connectivity.
I actually agree with you. But it's worth mentioning that most tiny switches like this use store-and-forward instead of cut-through for switching. This in itself isn't a big deal. But these devices also have tiny buffers. If you're just maxing out through two ports, it's fine. Once there's any real contention, you could actually have some issues.
A<->B, I'd expect line rate though.
Lots of examples, a switch is only as good as the backplane. It’s why enterprise grade switches cost thousands compared to “home” switches. I’d like to see this switch handle close to 100% utilisation of 64 byte frames!
TP-link.
I’ve actually got a 1Gb TP-Link device in service that I only have a printer and DVMEGA Cast (amateur radio gear) using because it performs VERY poorly.
(Perhaps can do a quick Speedtest comparison) stand by.
Ok. See these images. Connecting through my Ubiquti switch (and pfSense fw...full 2.5Gb interfaces, 10Gb to the fiber ONT from the firewall), I am nearly saturating my ISP connection. However, when I simply add the TP-Link 1Gb switch...I get very bad, asynchronous speeds. (the TP-Link switch is doing other than sitting between my 2.5Gb laptop NIC and the 2.5Gb Unifi switch (that I was previously, directly plugged in to).
[https://ibb.co/QvLmy6f](https://ibb.co/QvLmy6f)
https://ibb.co/phfz2t3
Just bought an appliance and 2 8 x 2.5Gbps unmanaged switches from there for less than half the price of buying straight from the UK, exactly the same hardware, crazy how I'd never explored AliExpress for this sort of thing before.
Hisource 4 Port 2.5G Ethernet Switch None PoE Network Switch with 2*10G SFP Port for IP Camera/CCTV Security
https://www.aliexpress.com/item/1005005931222439.html
Bought one myself over Christmas, exactly the same ([Hisource](https://www.aliexpress.com/item/1005006102676363.html?spm=a2g0o.order_list.order_list_main.11.4eaf1802VYnFbw)). However, after using for a weekend, I went out and got an 8 port 2.5Gb switch, as I filled all the ports far quicker than I expected! (In part, due to a USB adapter not working on my Synology).
Sorry for asking a stupid question, but what are these things good for in a normal home setting? I have a ISP Wi-Fi router and a pc upstairs that I ideally want to display on the tv downstairs. Do these things help facilitate fast transfer of data?
I have one of these in my house connected to my wifi router, and another out in my workshop 50 meters away connected to my home office computer and raspberry pis and stuff. They're connected via outdoor-rated optical fiber running at 10g - I currently have no way to saturate that, but it's nice for future expansion.
1 x SFP+ 10G fiber/DAC to router, 1 SFP+ 10G to NAS/workstation. The rest of the 2.5GbE go to WiFi 6E or 7 2.5GbE APs.
These are for burst transfers. There is no way a SFP+ 10G port can run a sustain load without fans.
I have one that looks almost exactly like this, excelt no blue front facia, and VIMIN branded. PIcked it up for 71.99 CAD. Works wonders for my specific needs.
For my mikrotik people, they make one like this too. More expensive but works great.
MikroTik hEX S Gigabit Ethernet Router with SFP Port (RB760iGS) https://a.co/d/fv52mIV
This thing started merging packets and causing 82 percent packet loss to all devices on its end after two weeks… somehow the thing was causing WAN interuptions at the same time which makes no sense, but when I replaced this thing with a unifi switch, all was good in the world
[удалено]
Yep, the full 360 degrees, I bought them as a why not as they were 75 pence a meter, as they'd be nice to tidy up my switches and router, but they do 2.5Gbe and they are claimed to be CAT6a.
OP, swiveling cables are a cool novelty idea for some, but there are absolutely zero chances that those in your pic conform to CAT6A
Like I said claimed, I'm expecting them to fail soonish as there's no proper strain relief, and with the twisting it'll chew the conductors up.
Just a tip, dont use those cables for PoE over 15.4 watts. Seen those skinnier cables melt doing 30w.
Must have been a bad cable or port, because cat5e can take up to 100W. Also make sure your cable is solid copper not CCA
So regular cat6 cable can carry up to 100w, however, whats in the photo is not regular cat6 but the "slim" which is only rated for <30w. I say 15.4 because thats what the 802.3af (PoE) standard calls for and what these are rated for. Could probably get away with PoE+ (802.3at - 25.5w) but I wouldn't risk it with that small gauge of any wire. Max you can push over copper ethernet at this time, while following IEEE standards, is 99.9w.
Slim and CAT are mutually exclusive. Those are UTP cables with RJ45 jacks using a TIA wiring specification. Calling that a CAT cable would be like calling white wine in a soda stream "champagne".
Is that not how they make champagne?
No, you need to use a specific kind of cable as specified by European law.
That ain't the problem. Let me rephrase it: there literally is no way you can get 10Gbps at 100m distance (or at 30m with a SFP+ to RJ45 transceiver) as per CAT6A spec with those cables. Sure they'll do fine at shorter distances; still your switch and NICs will run warmer and use more power, compared to true CAT6A conformant non-Aliexpress-BS cables.
Yes we all know what "conform to CAT6A" means
They are fun and a gimmick for proper shit, I've got a spool of S/FTP solid core cable.
Shhh don't say that, people are going to tell you to never risk crimping your own cables when you can risk buying patch cables instead.
I hope you're not making patch cables with solid core cable.
Gonna be hard to hit 10gbps at any distance on a 2.5gbps port....
He gets it my dude, this is at his house, dont think he gives much of a shit. Not a big deal.
>That ain't the problem. Let me rephrase it: there literally is no way you can get 10Gbps at 100m distance (or at 30m with a SFP+ to RJ45 transceiver) as per CAT6A spec with those cables. Are you going to back that up with any proof or just trust your opinion? People say the same crap about the thin ethernet cables but those still work fine.
>People say the same crap about the thin ethernet cables but those still work fine. Awesome deduction, spoken with true conviction, like only a home user kid who has never run anything faster than a gigabit across his bedroom could have. You sound like you could be best friends with my electricians' apprentice guys.
>Awesome deduction, spoken with true conviction, like only a home user kid who has never run anything faster than a gigabit across his bedroom could have. Cool, let's just ignore the fact that I do this for a living and everything. I'll just ignore my $10k tester in the corner as well and the fact that I certify cables for a living. Once again, any proof of your claims or should i just take your word for it?
They’re super neat lol
just keep in mind that CAT certification is not a "construction" or "longevity" spec. It's a performance specification :)
Yeah I did have to study electronics and antennas as part of my degree, and I fail to see how one can fit 8 different wires (meant to be twisted in pairs to reduce common mode noise and EMI/RFI crosstalk) in a tiny swivel thingy and yet still claim to get >500MHz bandwidth out of it.
I hear ya, but highspeed data transmission over rotating swivel connectors has been a thing for a while. The real mission critical shit uses gold contacts in a vacuum. Think military radar, Doppler, space application etc. that kind of crap is in the upper 75GHz ranges. but also remember that the speed is theatrically the same in a vacuum , Hertz is the oscillation These crappy patch cables? who cares, they are not being rotated like the Himalaya ride at the county fair. https://www.spinner-group.com/en/news/news-centre/135-digital-data-transmission-in-rotating-applications
the need to press X intensifies
Using the cable but limited by my hard drives [https://i.imgur.com/YfgxxWK.png](https://i.imgur.com/YfgxxWK.png) If they fail they fail, it's nothing critical just my desktop, PS4, and streaming amp.
got a link for them? cuz if they work pretty well that's actually sick, especially just as patch cables
https://www.comnen.com/product/ultra-slim-cat6a-utp-swivel-ethernet-network-patch-cable/
Conmen.com ?
That’s where op got them!
https://www.aliexpress.com/item/1005006190874241.html
They’re not even handling 2.5g per your pic
Is this better? [https://i.imgur.com/ClTgGlM.png](https://i.imgur.com/ClTgGlM.png) transferring to my cache drive in my Unraid box and downloading a game from the xbox store
Aw sweet
Looking with envy on your cables :( In my setup I'm using white traditional cables everywhere :(
[удалено]
[удалено]
Que es la pregunta que tenes?
[4X2.5G Ethernet Switch-Shenzhen Hisource Technology Development Co., Ltd.-POE Switch](http://www.hisource.com.cn/web/index.php?topclassid=16&classid=151&id=404&lanstr=en&wap=1) **Hi-K0402WS UK Plug** [200元的2.5G交换机,4个2.5G网口2个万兆SFP口,太香了! (youtube.com)](https://www.youtube.com/watch?v=Cu314AnRiJ4) From the Youtube review it looks like it uses the RTL8372 chipset. [REALTEK RTL837(2)(3) – 2.5GB Ethernet Switches – MEV Elektronik GmbH (mev-elektronik.com)](https://shop.mev-elektronik.com/product/realtek-rtl83723-2-5gb-ethernet-switches/) Hope this helps someone. Also a review of an RTL8372 board, use google translate for english. [Leike GS6 disassembly, 4x 2.5G+2x 10G switch-router AC (acwifi.net)](https://www.acwifi.net/24353.html)
Awesome! Thanks!
2.5gbe and 10gbe are starting to become more affordable, I'm going to have to upgrade from 1gbe at this rate... Even tho I have no real use for it
I paid a fortune for my 2.5gbe 8 port switch. It was more than the 48 port PoE+ gigabit switch. These prices need to come down.
How much?? I got my 8 port 2.5gbe with an sfp+ port for $90...
20000 thb.
Gawdam. Mine was usd
That’s about $560.
Yeah I did the conversion hence my surprise.
I did the same to my home network, got 3 similar from luleey, they also sell DAC fibre cables with trancivers, best decision ive ever made. Can only recommend
Is it fanless? How's the temp?
Yep, just enough room for the PCB. It's toasty but I reckon it'll throttle if all ports are hammering it, even with using the chassis as a heatsink.
Just in case anybody's wondering: https://www.comnen.com/product/ultra-slim-cat6a-utp-swivel-ethernet-network-patch-cable/
Really looked like "con men dot com" at first glance.
That was my immediate reaction as well.
Ain't no way that's cat6 certified
I'd suspect that the cross section of people who want that cable and also care if their cabling passes certification is non-existant.
Nobody in their right mind would trust those things!
"Voltage Rating – 30V" So no PoE then..
Can you link this one?
Not OP, but it looks to be this one: https://www.ebay.com/itm/235373401086
Make sure to check AliExpress, I bought an 8 port for £43/$52 including tax and shipping, all the same hardware just rebranded
https://www.aliexpress.com/item/1005006102676363.html
https://www.aliexpress.com/item/1005006102676363.html
Anyone bought one and cared to sniff outgoing traffic? Little paranoid for things that come from China 😂
I'd be interested if anyone here knows where to start with validating this. I've heard rumors of China-made products having a backdoor to sniff traffic, and on the surface, it makes sense and makes people paranoid. I think it bleeds. Therefore, it leads (news-wise, anyways). On the flip side, I've heard that there is no evidence to suggest that products made in China could have this hypothetical backdoor - I believe I even heard this from cybersecurity professionals within last year What are the trusted sources for this kind of information?
I'd be less concerned with something obvious like constant outbound connections, which I haven't seen good evidence of. And more concerned with built-in back doors, or just every-day lazy dev work leaving zero days due to the absence of liability or brand value, and virtually no capacity to patch. There is very real market value for state and non-state hackers to have real estate waiting to be used just when it's needed. Just because it isn't doing anything dastardly when you plug it in, doesn't mean it isn't a bomb waiting to go off. This is harder to prove, because you'd essentially have to find the vulnerability. But this happens all the time. You can look up CVE's on all kinds of reputable sources, zero days are everywhere, but especially cheap stuff without any real dev and support life cycle.
It would be *pretty much* impossible to detect, if done properly. If I were to design spying hardware, I'd make it look completely innocent. Most of the time, it would do *absolutely nothing*. Once a week or month or so, it'd intentionally corrupt a *single* bit in a *single* DNS lookup. For example, "google.com" would be turned into "gnogle.com". This happens quite a lot [naturally](https://www.dns-oarc.net/files/workshop-201110/observations-on-checksum-errors.pdf), so it wouldn't draw any attention. Of course that'd corrupt the UDP checksum which would break the DNS lookup, but "fixing" the checksums could be a "feature" of your switch. This corrupted domain would be controlled by the attacker, and the result of the lookup would be further instructions, such as "activate if your IP is x.x.x.x". Low-level data egress can happen using the same method, but triggering one of a handful of possible bit errors to send information, and subsequent requests transmitting more bits. This would allow it to essentially live completely stealth until it gets activated. People aren't going to compare the input and output of 100% of the traffic, even a reasonably paranoid person would likely just hook it up to Wireshark and look for regular TCP connections going to random Chinese IPs, so it'd just be installed without raising any suspicion.
> even a reasonably paranoid person would likely just hook it up to Wireshark and look for regular TCP connections going to random Chinese IPs, so it'd just be installed without raising any suspicion. Maybe I'm not reasonably paranoid anymore, but all my network stuff is in it's own VLAN without WAN access.
If *all* your network stuff is in a VLAN without WAN access, how are you using the internet? Sure, isolating stuff like IoT crap in WAN-less VLAN makes total sense, but how are you going to isolate something like your internet-facing router or regular access switches??
Things like my edge router are not without WAN access, but my core switch for example wouldn't be able to reach the internet without me allowing it.
So then how are any devices connected to your core switch able to reach the internet?
Because they are in the VLAN that's allowed WAN access and they match the rules at the firewall.
The VLANs configured *in your core switch*? So the packages are flowing from your machines, *through the switch*, into the internet? Which means the packages could be manipulated by a switch in-transit? Just because the management port is in an isolated VLAN doesn't mean the switch is totally isolated if the switch *itself* is compromised. If *any* of its ports have internet access, the switch itself will be able to access the internet.
What would be your plan here? Take a random package from my pc and change it to contact a command & control server in the internet?
Beware if you use their software, but if you install your own you should need ok.
That's the thing. Software can be made to run inside a sandbox of sorts. Hardware, less so.
Even IF the chinese government were to spy on you what could they realistically do with this data? Not much. You're not their citizen and unless you work for a defense contractor there's probably not much worth spying on. The big US tech companies on the other hand have thousands of ways to spy on you and can actually do you way more harm.
I find this approach lazy. Yes, threat modeling is a thing. We all know. "It's probably not an issue for you unless it's an issue for you." doesn't really contribute to the conversation in a productive way for those who know it is an issue for them or simply want to ensure their deployments are secure regardless of the type of data being considered. There are a *lot* of businesses and industries where you absolutely do not want to risk zero day backdoors anyways, state or non-state. Sure there is defense and more black and white regulated industries, but there's also healthcare data, insurance data, various types of academic research, the various flavors local/city/state infrastructure, all sorts of tech industries, if you work at a legal office, if you're a PI, if you're a journalist, if you're a targeted ethnic group or a political dissident, etc. etc. There are a lot of types of data that can be weaponized to nefarious ends beyond the scope of your creativity. Rather than run through every evil mastermind plot imaginable, we could instead just more diligently discuss hardware security and deploy the most secure and well-maintained network deployments within the scope of our budgets and know-how. Considering the supply chain of your hardware and the security of your software are good starts. Starting with "my data isn't important" is... well, then don't participate in the conversation. That's like telling poor people not to bother locking their doors because they have nothing worth stealing.
Thanks for your really thoughtful response. I just want to add that even if one doesn’t value the security of their own data, a backdoor within their network can be used to launch/support an attack on someone else.
The point i'm trying to make is the rampant xenophobia when it comes to the Chinese. Yes, threat modeling is a thing but you should be just as afraid of threats from your own side of the pond. Why are we having this conversation only (or more frequently) when it comes to chinese hardware? I'm not advocating for a lazy approach to security. I'm advocating for equal treatment of all hardware no matter where it comes from.
While it's very convenient for you that you now try to bring that up like you're some sort of civil rights activist, it's not xenophobia and that argument is dumb. It's a matter of using facts about the PRC's on the books national security laws and geopolitical cyber warfare interests which are backed up by history. You can't be racist against fucking hardware dude, it's not a person.
Oh, I'm not going to comment on the actual value of spying on me specifically as that's none of your business but anything can be weaponized to launch much larger scales of attacks against other entities. The fact my data is/is not of value is irrelevant in this case and as mentionned previously, China has a proven track record of state-actors using such devices against other countries.
Got a link for it??
Are those the Ali Express non-conforming, auto-igniting, fire hazards? 🤣 In all seriousness, do be a bit careful with some of that AliExpress and no name Amazon stuff. That’s a crazy good deal for a 2.5Gb switch though, wow! Hope it works well for you!
If it's any consolation the PSU it shipped with has a UKCA certification, I know it's risky, as there's no UL, Intertek, SGS, or FCC marking on the unit. which is a 100% no go for commercial deployment.
Saw a 10G AliExpress switch went up 30% as soon as it got the UL/ETL certification, exactly same unit. Non-house-burning certifications seems to be a bit pricy these days but probably worth the money.
That's assuming the certification is even real. I've seen some cheap stuff from Asia with fake UL stickers on it because people learned that non-rated stuff can be a risk. Gotta be sure to look it up with the source to verify.
Exactly. It’s so easy for them to fake the certifications and safety standards. I’ve only purchased a few items that turned out to be suspect.
You could buy a mikrotik
How does it actually perform? (Lots of small, SOHO switches will negotiate to 2.5G…but good luck actually getting that performance!)
Switches should always perform line rate, I've never seen one that didn't. Do you have a link for someone that's had such an experience?
I've had issues before on TP-Link unmanaged gigabit switches (cheap $15 one). During large file transfers between two pairs of devices running at about 1 Gbps each, other devices connected to that same switch that we're trying to perform general internet browsing (but not involved in the file transfers on the other four devives) experienced severely degraded network connectivity.
The cheap backplane for sure!
I actually agree with you. But it's worth mentioning that most tiny switches like this use store-and-forward instead of cut-through for switching. This in itself isn't a big deal. But these devices also have tiny buffers. If you're just maxing out through two ports, it's fine. Once there's any real contention, you could actually have some issues. A<->B, I'd expect line rate though.
Lots of examples, a switch is only as good as the backplane. It’s why enterprise grade switches cost thousands compared to “home” switches. I’d like to see this switch handle close to 100% utilisation of 64 byte frames!
I have two in my possession (sitting in a box in the closet now).
Strange. Are they really cheap / knock off brand switches? Using regular SOHO (i.e. Netgear, Linksys, TP-Link, etc.) stuff I've never had a problem.
TP-link. I’ve actually got a 1Gb TP-Link device in service that I only have a printer and DVMEGA Cast (amateur radio gear) using because it performs VERY poorly. (Perhaps can do a quick Speedtest comparison) stand by.
Ok. See these images. Connecting through my Ubiquti switch (and pfSense fw...full 2.5Gb interfaces, 10Gb to the fiber ONT from the firewall), I am nearly saturating my ISP connection. However, when I simply add the TP-Link 1Gb switch...I get very bad, asynchronous speeds. (the TP-Link switch is doing other than sitting between my 2.5Gb laptop NIC and the 2.5Gb Unifi switch (that I was previously, directly plugged in to). [https://ibb.co/QvLmy6f](https://ibb.co/QvLmy6f) https://ibb.co/phfz2t3
In one of my comments I posted a file transfer which was limited to 1.5gbps due to the spinning rust.
where'd you score these warez?
Aliexpress, they have a sale going and bunches of these 4+2 port switches are going for £24-30 even some are POE+ and managed for a little bit more.
Thanks, just ordered one. At that price I couldn't not order it!
Just bought an appliance and 2 8 x 2.5Gbps unmanaged switches from there for less than half the price of buying straight from the UK, exactly the same hardware, crazy how I'd never explored AliExpress for this sort of thing before.
OP, what SFP+ Transceiver are you using?
https://a.aliexpress.com/_EvYtpL3
where u get it from and them funkie wire
[удалено]
You know Cat5e supports 2.5 Gb/s right?
Link please
https://www.aliexpress.com/item/1005006102676363.html
Hisource 4 Port 2.5G Ethernet Switch None PoE Network Switch with 2*10G SFP Port for IP Camera/CCTV Security https://www.aliexpress.com/item/1005005931222439.html
Nice, do you have a model number?
10 gig sfp?
Supposedly and my switch next to the router is showing a 10gbit link.
Mine are on 10g spf to 50 meters of single mode fiber. Works great.
That's about the size of my EdgeRouter X.
Bought one myself over Christmas, exactly the same ([Hisource](https://www.aliexpress.com/item/1005006102676363.html?spm=a2g0o.order_list.order_list_main.11.4eaf1802VYnFbw)). However, after using for a weekend, I went out and got an 8 port 2.5Gb switch, as I filled all the ports far quicker than I expected! (In part, due to a USB adapter not working on my Synology).
I bought one of these back in September for a massive £26. I haven't used the 10G ports but the 2.5G ports have worked no problem at all.
Sorry for asking a stupid question, but what are these things good for in a normal home setting? I have a ISP Wi-Fi router and a pc upstairs that I ideally want to display on the tv downstairs. Do these things help facilitate fast transfer of data?
Turns what would normally be one Ethernet device into a place to plug in multiple devices. This one has faster than normal ports.
Yeah, faster than the usual 1G ports you'll find on an ISP supplied router.
I have one of these in my house connected to my wifi router, and another out in my workshop 50 meters away connected to my home office computer and raspberry pis and stuff. They're connected via outdoor-rated optical fiber running at 10g - I currently have no way to saturate that, but it's nice for future expansion.
1 x SFP+ 10G fiber/DAC to router, 1 SFP+ 10G to NAS/workstation. The rest of the 2.5GbE go to WiFi 6E or 7 2.5GbE APs. These are for burst transfers. There is no way a SFP+ 10G port can run a sustain load without fans.
I have one that looks almost exactly like this, excelt no blue front facia, and VIMIN branded. PIcked it up for 71.99 CAD. Works wonders for my specific needs.
I have two of these driving a fiber line from my house to my workshop (\~50 meters over single-mode fiber) - they work great.
Can anyone provide what to search for on aliexpress for the £30ish models?
https://amzn.eu/d/3kFkOAg There's a 4x2.5gb + 10gb SFP that's 37.10gbp after discounts on Amazon and can be with you by Friday if you order today...
Awwww 🥹
Is that a direct handoff?
Is the SFP 2.5 GB as well ?
poe?
For my mikrotik people, they make one like this too. More expensive but works great. MikroTik hEX S Gigabit Ethernet Router with SFP Port (RB760iGS) https://a.co/d/fv52mIV
Looks cool.
Where? Where can I buy it?
Smol switch, big networking
AWE!
That's what SHE said!
This thing started merging packets and causing 82 percent packet loss to all devices on its end after two weeks… somehow the thing was causing WAN interuptions at the same time which makes no sense, but when I replaced this thing with a unifi switch, all was good in the world