Any hex device makes a great little managed switch that works great in a home setting or even an office setting.
If one is in a corporate setting where, for example, the same vlan spans two or more ports on the switch, to users that will be sending huge amounts of data back and forth across the switch, a proper managed switch is better. Typically though users on home or office switches are sending stuff over the internet or the volume across switch port to switch port on the same vlan, is not significant. In most cases 98% you should be fine.
I was looking for the same thing some time ago and arrived at a conclusion that hEX is indeed the least expensive switch with RouterOS. There are some limitations to keep in mind though.
As a pure switch, I think the original RB750Gr3 is better than the hEX refresh.
On the other hand, if it is being used as a router with one port connected to the internet source and the other 4 ports as a switch for the LAN side, then the hEX refresh may be better.
If you are going to use the hEX refresh as a 5 port switch, then it would be best to put the least used device on ether1, since traffic to/from ether1 will have to be relayed by the CPU with the software bridge to be able to connect to the other 4 ports on the switch.
While it supports ACLs, I was never able to understand how to make them work other than for extremely simple things. There is essentially no documentation for the ACLs in SwOS. See Is there any SwOS ACL documentation with example?
SwOS can’t initiate outbound tcp connections. There is no default gateway. It just hijacks the request packet tcp/ip headers and swaps src and dst ip addresses, mac addresses, and ports. It makes it easy to configure, but it is one of the reasons that updating the firmware requires assistance from a PC browser that is the initiator.
right now i have a range extender in the basement bringing my main network from my ISP to my NVR , therefore i want to get rid finally of the range extender, i will now run a cat 8 ethernet cable to the basement from my ISP router in the kitchen and connect directly to the NVR. but my ISP router has only only one spare port so will connect the hEX as switch to this last port to get more port availability from my isp network.
what is this story about issues with port 1 on the heX?? i was thinking of connecting my isp router out to hex port 1 in and connecting my 30 mt cable to the basement on port 2. so here is a diagram:
ISP router → (port1)hex(port 2)-> NVR
so basically will just follow these basic steps to create a simple switch:
• 1) Factory reset device with no default config
• 2) Create a new bridge and all add all ports to bridge
• 3) Set dhcp client to bridge
I have a question concerning point 1) above should I reset the config at the beginning when i power on the hex? or should i let it get the original config and then go in and reset through the system menu?? what is best??can you suggest?
ah ok!! thanks!! therefore I should actually not use it , for my architecture i actaully have only the isp & the NVR to connect so i can easily exclude port 1!
can you suggest what is the best practice to reset a config on a routerboard?
As a router, ISP should be on ether1 since normally that port is not to be HW offloaded.
Unless you have an ISP connection going way above 500Mbs or so…
As a switch, you need to see what you want to connect to that port then. Preferably something with low traffic needs.
Reset:
When accessing the device, go to system / Reset configuration.
I typically tick
Keep users
no default config (this will make it completely clean)
While what you are doing will work perfectly well, how many cameras do you have? Their traffic rates are normally very low, a few Mb/s each, with no chance of overloading a Hex. For a while I was running viewing from my NVR through a Map lite, a theoretical 300 Mb/s WiFi but only 100 Mb/s on a single ethernet link to the NVR, trivial capacity compared with the Hex with its Gb links and 500 Mb/s routing. Now I too use a Hex R but routed rather than switched (security lockdown reasons). I changed over only because the Hex was spare while the Map is handy to have around for odd jobs, not because performance was ever an issue.
if you want to use it as a simple switch, then it is not the best idea, because a) it is expensive b) it is of low quality
if you want to use it as a simple vlan switch, then it is also a bad idea, because there is tplink tl-sg105\108\1016e\de which a) is cheaper, for example, tl-sg108e costs only 34 dollars, that’s 25 less than the hex b) also tplink has works well QoS functions which don’t exist on hex
if you want to use as router or with the inclusion of additional functions, for example, dhcp server or vrrp, then hex better solution
I can Agree with you, but I really like to test equipment, this is more of an experiment..
I have my home network connecting PC/TV/UPS in the kitchen actually through a cisco switch managed low end.
this hEX will be for my cameras traffic only towards my NVR. Currently i have a range extender in the basement with an ethernet out towards the NVR, which i want to replace
Yes, it seems to me also that unless we are talking of tens of cameras, the actual used/needed bandwidth will be much less than what a hex refresh can handle.
Yep, which confirms that the hex refresh is largely over-dimensioned for the task at hand.
Likely a 100 Mbit device like (say) a hap lite or a hex lite would have been enough and not become a bottleneck (not that it makes much sense to buy a 16 Mb device, and one with 10/100 interface new nowadays, but probably an old, replaced because too slow for its current use device would have been enough in the intended role).