The SRW2008MP 8-port PoE switch has a fan in its (huge) power-brick and also a fan within its case. Both of these now sound very unhappy with varying degrees of vibration and volume. Whilst I was searching t'Web for replacement fans I stumbled across what seemed to be a much better solution. Cisco now offer a fourth tier of product, fitting neatly after their SOHO and "Business Series" but before the fully-featured Catalyst range. An ESW-540-8P-K9 is the smallest (8-port) gigabit model of the new "Small Business Pro" ESW 500 range. Apart from increased performance and many other supported features, crucially this device is listed as "fanless" - hopefully that would be true of the PSU as well.
Or so it seemed. When I looked to confirm syslog messages from the new switch were reaching my Splunk server I discovered that this (virtual) machine was apparently AWOL. I'd configured three switch uplinks and two VMware ESXi hosts as trunks and had allowed the necessary VLANs for my environment. Therein lies the gotcha. Looking in the logs on the switch I saw...
%2SWPORT-W-LOCKPORTACTIVE: A packet with source MAC 00:0c:29:81:21:a7 tried to access through port g6 which is locked...and sure enough, looking deeper down in the configuration, I discovered all eight ports were configured by default with port security, allowing only three active MACs at a time. Some sort of warning when configuring a port as a trunk would have been a nice touch. Fixing the problem was easy but I bet this setting will be the cause of many a support call.
I suppose, bearing my mind my day job, I should be happy that Cisco thought some on-by-default security would be a good thing. I can't help but feel my experience is a typical example of why most people will simply turn off all that good stuff and enjoy their life just as they've always done.
