My homelab – The Network design with Cisco SG 300 – a Layer 3 switch for €199.

Lately I was working on the redesign of my lab at home and I purchased a Cisco L3 capable switch.

In my quest for a VMware vSphere homelab, I recently purchased my first Cisco switch. You could see it in my recent post called My switch adventures where I bought the wrong switch because of similarities in the device’s model numbers. If you’re seeking cheap L3 switch make sure you read it.

The Cisco SG 300 – 10 port, a gigabit port model is layer 3 switch. It’s a switch for the SMB market with the capability to enable Layer 3 functionality via the CLI. By default the switch comes in L2 mode and the L2 to L3 change can be done only through the CLI, not through the GUI.

When in L3 mode, you can assign up to 32 static routes and up to 32 IP interfaces, this means 31 routed VLANs (1 route per VLAN plus default GW) providing inter routing VLAN functionality. This was the feature which I wanted. Creating VLANs activates the routing leaving only to configure my ESXi hosts for them. (I have 2 physical ESXi hosts and small homemade NAS device which you could read about in my article about how it’s been built for about a half of the price of commercial NAS device).

The ESXi hosts have 3 NICs each. The motherboard’s built-in NIC is not recognized and I didn’t want to bother to hack the ISO to try to make it work. But there are built-in NIC cards which works (or) the drivers works, but they’re not in the original VMware ISO, so you ‘ll have to “hack” the ISO in order your built-in NIC card to be recognized.

So, the first thing to do is to connect the console cable to the serial port on the switch. I did not have a Hyper terminal on my W7 so I went an fired up one of my Windows XP VMs through a VMware Workstation and connected through the COM port with a serial cable.

The default login/password combination is cisco/cisco. Note that when you put the switch from L2 to L3 all other configuration is lost, so don’t bother trying to configure anything else before changing to L3 mode. After the restart of the switch, while still in CLI you can configure the login/password and IP address of the default VLAN which is VLAN1.

The rest of the operations can be done through the GUI. The GUI is nice done. Clean and sharp.

The creation of VLANs through the GUI on the Cisco SG300 is not difficult, assigning the IP address to each VLAN too. But the hard part is the creating of static routes on the VLANs. Those routes should be created (populated) automatically when you go to the menu “Port to VLAN” and change the radio buttons.

Without an understanding of networking terminology the GUI can be a bit tricky and I was struggling to get the routes to populate (there is a way to manually create those routes). I restarted several times from scratch The screenshots below walk through the process of creating a VLAN and associated IP interface.

Be sure that you save your work before you reboot the switch. On the Cisco’s interface there is little link and when not saved configuration is detected, there is a little red cross inside a circle. I did not see this sign and after reboot the conf was lost several times… -:(. I was learning the hard way… But wait it’s not over.

I was facing a problem. My internet access is going through my ISP router which I rent from my ISP. The device is not my property and I don’t have a CLI or GUI access to be able to create a routes back for my newly created VLANs. You need to create a route back from your router for each VLAN used on the Cisco, otherwise VMs will not be able to communicate outside the SG300. I’m not a routing expert, but with the help of Andy Grant, he gave me the idea to place another router in between the ISP box and the Cisco SG 300 to configure the route back on that device. This is not normally required if you have access to your home router and it provides static routing functionality.

I had a router which was not used in my lab at the moment. A Linksys WRT 54 GL. I went and flashed the device with the DD-WRT firmware and configured the routes back with Andy’s help. I also needed to configure this router in “mode gateway” and not “router”. This is something I discovered when testing, but DD-WRT is well documented on that as well, and also on creating a static routes too.

So now I had 2 routers in my lab, with the traffic going from my ISP box on the 192.168.1.X network back through the Linksys WRT 54GL to my Cisco SG 300 at 10.10.1.x lan. Perfect. I was ready to go and start configure my 2 ESXi hosts and I put the network layout like this. I’m not saying that this is the perfect network desing, but it’s the one I did for my homelab needs.

Note from Andy: We created the link between the SG300 and the router as an access port to provide a configuration that a broader user-base could use.

I had 3 NICs available in each ESXi host and I knew that my NAS box had only one NIC (no redundancy there… on the NAS side). So I dedicated one nic on each ESXi host to the iSCSI storage traffic. I put the storage traffic on VLAN 8.

The other 2 LAN cards on each ESXi host are used with VLANs for:

- Management Network, VM network, FT, vMotion

Network configuration lab vladan And in a book (which everyone reads…) from Duncan and Frank called HA & DRS Deep Dive the recommendations are to have at least 2 NICs for the heart beats (HA functionality). I followed those good practices and applied that to my design, since I had enough NICs for that purpose.

I have the first NIC in Active mode configured for Management Network. The second NIC is configured for Management Network NIC too, but in standby mode with failover set to no.

The First NIC is in standby mode for VM network traffic, for redundancy. The second NIC is in active mode for VM network traffic.

All those networks are separated in VLANs to achieve the best performance and isolation.

So that is the story of my home lab network upgrade, it took me some time and some sweat too…, but with help of Andy I could manage to go deeper in routing and Cisco in general. In fact, the experience you get by building your own homelab is enormous.

If you haven’t read the How to build a cheap Do it Yourself NAS system, you might want to have a look at this series of articles, where I’m building a Home made NAS system for a bit more than €300.

Stay tuned for more via RSS.

WE RECOMMEND

Home Lab Gear: Cisco SG300-10 Layer 3 switch gets even better

My switch adventures

My ESXi 4 Whitebox

Video of my VMware vSphere HomeLAB

Performance tests with FreeNAS 7.2 with my homelab

Vladan SEGET

Vladan is an Independent consultant, vExpert, VCP and owner of this website. This website ESX Virtualization started as a bookmarking site, but very fast found itself many readers and supporters. Feel free to network via Twitter @vladan

More Posts - Website - Twitter - Facebook - LinkedIn - Google Plus

You may also like:

http://virtualbean.blogspot.com Craig Herring

Nice article! I too have looked at this switch as a nice addition to the home lab. The other thing to note is this switch also supports LLDP and CDP so those little squares next to the NICs on the Networking config screen work too. Also they are fanless so no noise. Right now I’m using a couple Dell 2708s and work OK but my next choice would be 1 or 2 of these. The key reason is they are L3, have 4MB in port buffering, and have CDP.
One difference between your setup and mine is I’m using vSwitch0 for everything including iSCSI and so far have not had an issue with 2 physical nics. The other nics in the box are for a dvSwitch. Also I’m using Nexenta as the SAN. I’m waiting for FreeNAS (BSD) to get ZFS a little more ‘in’ however, both are nice solutions. As an alternative anyone looking for a nice NAS already made and on VMware HCL are the small EMC/Iomega and Netgear devices in order of preference.

http://www.vladan.fr Vladan SEGET

Yes , I definitely love the fanless option too. The Cisco CDP is to explore… -:). In one of my future articles.

Best
Vladan

http://ca.linkedin.com/in/andybgrant Andy

I don’t believe CDP is supported in the v1.0.0.27 firmware. Rumor has it that CDP will show up in the next firmware release.

And if it is there now, I cannot find the option to enable it LLDP is most definitely there but without official vSphere support it does us little good

http://virtualbean.blogspot.com Craig Herring

Check this
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps10898/data_sheet_c78-610061.html
I remember installing a couple and the ‘squares’ worked. Under ‘Discovery’, also supports Bonjour, why… I don’t know, don’t personally have one, YET
http://ca.linkedin.com/in/andybgrant Andy

Hi Craig

You are correct that the specs do list CDP, but I surely cannot find the option to enable it, plus if you crawl the Cisco Support forums there are posts confirming this by Cisco personnel.

https://supportforums.cisco.com/message/3340724#3340724
https://supportforums.cisco.com/message/3313229#3313229

http://www.frycz.org Marcin Frycz

Hi,

Good post especially when you chosen switch that i bought not long ago myself

I bought it for £153.59 from http://www.ilgs.co.uk/products.asp?partno=SRW2008-K9-G5

Looking forward for more in depth reads

Marcin
http://www.lcl.fr Karim

Hi Guys !

Very good article, …can’t wait for vSphere 5, my lab is tuned to vmware.com on ssh, telnet, http, https, ….

Great job Vladan !!!

Quand je passe sur la Réunion, on va se boire un jus d’ananas Promis !
http://www.nizmotek.com Nizam Mohamed

Great article. Reading it pretty much summed up my config. Right now however, I have a Cisco Catalyst 2621xm VLAN trunking to a Linksys SRW2024. I’m thinking (not entirely convinced!) of upgrading to the model you have (24 port version) so I only use one switch/router/etc. Hopefully I’ll get the same results as you.

Cheers!
Daniel Allemann

Thanks for this nice article. I’m quite new into the VLAN and routing thangs, thus I did not fully get your concept here. What is in your case the benefit of having static routes? What are the 7 subnets for?

We’ve got here in our little team a Dell R5400 with ESXi 4.1, Bufallo TeraStation III, Dell switch for engineers and recently we bought the SG300-20 to separate the storage network. vSwitch0 for VMs with 1 NIC, vSwitch1 for storage with 2 NICs and linking, vSwitch2 with 1 NIC for corporate access to web services. Virtual router to deal between the corporate net and the VM network. All engineers with their notebooks are connected to the Dell switch. The Dell switch is connected to the vSwitch0.

Here in my lab I’m still struggling with my network performance! When a virtual machine is being suspended or when there is higher access to the Buffalo, the whole network becomes slow.

Unfortunately, there is not clear information in the net in terms of LACP/Etherlink/Port Trunking/Link Aggregation together with VLAN and ESXi. The big question marks are: route based on IP hash vs. source port?, trunk vs. access, tagged vs. untagged, etc. … The examples in the VMWare KB cover EST, VST and VGT, but they refer to the professional switch series with IOS.

Is there any chance to get little support for my set-up? Is there any chance to get in contact? Thanks very much!
@vmmikec

Thanks so much for this post. I just received my SG300 and was having a rough time getting it to work. I totally forgot that I needed to create the routes back. I have a WRT54G that I use as my wireless router, so luckily I was able to create the routes on that without the need of DD-WRT. I got it all setup, plugged my laptop into port 2 and configured it with VLAN 2 (10.10.2.0/24), and then was like #@%^&*&*
, it’s not working. I realized quickly what it was. I assigned port 2 as a tagged trunk. My laptop does not send traffic tagged, so I switched it to an access port and everything worked like a charm. Thanks again for a great post.

http://www.vladan.fr Vladan SEGET

Glad you had success with the setup…-:)

Vladan

ruy

I dont understand why you use the linksys router. If the switch is in Layer 3 why you use it? you could put the routes there. or am i wrong? thanks and greetings.

http://www.vladan.fr Vladan SEGET

I did not have an access to my ISP box to create the routes back to my virtual infra….

Pete

Great post. In hindsight, do you wish you would have gone with the 20 port SG 300-20 instead? I’m contemplating a switch for my home lab (not yet purchased), and really like the SG 300 series being L3, and fanless, but I’m concerned with the port count. a few hosts with say, 4 NICs, a Dual port Synology NAS, that I’m already tapped out of ports, let alone any uplinking, etc. If I went with 3 NICs on each host, I suppose I could get away with the SG 300-10. Do you find 3 NICs per host adequate?