XikeStor SKS8300-8X Management
Logging into the web management interface at 192.168.10.12 we are greeted with this prompt. The dropdown allows us to select English but the default username and password is admin / admin.
Once logged on, we get a relatively nice web management interface with a lot of features.
One feature that is downright scary is that you can see the admin / admin in plaintext on the User Management page. Sending a password over a HTTP mangement interface in plain text is one of the scarier things we have seen from a security perspective.
There are other options for management such as SSH, SNMP, and more.
We also have port configuration featuers.
You can assign VLANs.
There is even the ability to assign static routes.
There is a lot here, but the security is very far from a leading practice.
XikeStor SKS8300-8X Performance
Here is the performance chart we use by blasting traffic across the switch.
Performance is certainly OK. We tried DACs and cheap SFP+ multi-mode optics and they all worked at 10GbE speeds without issue.
XikeStor SKS8300-8X Power Consumption
The power adapter is interesting. It is a 12V 2A 24W adapter and here are the markings.
At idle, we saw 6.3W.
With the SFP+ 10Gbase-T module connected, we got 8.3W
This is a silent switch as we showed there are no fans inside. Still, power consumption is OK, but not spectacular. That SFP+ to 10Gbase-T adapter being installed is adding more power consumption than we see on many of the lower-cost 2.5GbE switches when used in their SFP+ ports.
Final Words
This is one of those that we are very conflicted on. On the one hand, it is very cheap, and quite frankly has more management features than most of the switches we review in the “cheap” category. It also performs well and sometimes people just want a 10G SFP+ switch.
On the other hand, we have an unknown quantity USB to serial console cable that comes with the unit, and those always scare us. Especially when those come with systems that allow one to keep an admin/ admin default and also show the password in plaintext. From a security perspective, we almost would prefer an unmanaged switch. Still, we have many users that use XikeStor products, so we wanted to give one a go.
Where to Buy
We purchased our unit on Amazon. Here is the affiliate link for this model.
Ultimate Fanless 10GbE Switch Buyer’s Guide
You may have seen that we published the Ultimate Cheap 10GbE Switch Buyer’s Guide. We will add this to the list.
Curious article. No expression of concern over the fact that 1 SFP inserted raised the power consumption level to 8.3W for a device the article says has a 24W power supply.
Kinda under-powered if you plan to utilize the entire switch, eh?
A managed switch with poor security seems much worse than an unmanaged switch with 8 ports. What do people even do with the management interface on an 8-port switch? There are only 8 ports.
I’d love to replace a mostly useless and annoying Qnap switch with device today (and might).
The Qnap switch I use with 8x 1g and 4x 10g ports, 2x 10g to my upstream switch with aoc, one to my desktop with tx, one to an old desktop I use as a server at my desk via sfp+ twinax, and hand off some 1g tx ports to gadgets I keep on my desk. It however is such a useless switch that even though managed, I can’t change the native IP management vlan on it that is NOT vlan 1. Support said they might fix it, and that was a year and a half ago.
Don’t ever, ever buy Qnap for networking.
I just want a switch with 4x 10g and 4-8 1g ports. Sadly no one really makes one other than stupid Qnap.
Actually, I’d be curious to know @Patrick how the CLI is on this, and if useful for any actual configuration. Qnap’s is again useless for any actual configuration, I don’t even know why they put a serial port externally on it.
I just need to run a management IP on another vlan, say 10 instead of vlan 1, and the Qnap can’t even do that.
6.3W base + 2W per port is 16W so that’s 22.3W at the wall or maybe 20W if the adapter’s good at the device so 24W PSU is fine. Those adapters use more than copper SFP+ and optics so I don’t see an issue at all.
From the picture in the article, XikeStor switch’s web interface looks very similar to Ruijie switch’s one. I wonder if they come from the same OEM.
@Eric Olson: The management interface can be useful even on a small switch if you want to aggregate things on different VLANs over a single link, like say a security camera, IP phone, WiFi access point and a point-of-sale device. These can all be on different VLANs but you only have to run the one cable out for them.
It can also make troubleshooting easier, because you can connect to the switch remotely and spot that say a device is disconnected, and give someone instructions to check the cable before you go to the trouble of a site visit.
The insecure management interface isn’t a huge deal because it’s usually isolated on a separate VLAN as well, with only limited access available. I mean sure it could be better, but there are so many insecure devices out there already that need to be handled on the network that it’s nothing out of the ordinary.
@Quy Nguyễn the OEM for most of these is likely to be Shenzhen HongRui Optical Technology Co., Ltd (hruitech.com). The base models on most of them are exactly the same as the Web- and L2-managed switches. L3 versions come with an additional processor to handle some functions.
Generally the CLI is terrible or non-existent, many functions dont work as expected (SNMP, EEE, SSH, user security, VLAN config, saving and restoring config). The OEM expects their ‘partners’ to build these functions but none do and you end up using the bare-bones device where you cant swap a different firmware in, and the default one is too basic for any STH user.
I had multiple of them, and ultimately traded for a Zyxel 10G L2+ model with a Noctua fan-mod. The CLI works, SSH works, users and security work as I expect, EEE and flow-control work, ARP table is accurate and the 10G ports actually give line rate.
is there also support for 100mbit?
or is this depending of the sfp+ module?
Concerned about the secutiry of a USB lead but not a Made in China switch. Interesting.
Elijah did you see the management section?
I have that same switch but labeled as binardat. You must tell it if you’re using Fibre or dac cables or it won’t play, and apart from that I’ve had it crash using the web guitar a few times….but once setup it just runs and runs and runs, no issues whatsoever. Bought mine used from ebay for I think 35 bucks without a psu and spent a few bucks on that.
@Alfonso, I believe Elijah was implying that it’s silly to be concerned about a potentially compromised serial cable when the entire firmware from a company no one has ever heard from may be compromised. It’d be far easier and useful to embed some backdoor into the management code and have it go unnoticed than a very small microcontroller embedded in a serial connector.
With a cable, and there’s tons of counterfeit cables out there, you’re plugging in a USB device to your system that has access to whatever you’ve got on there and whatever you’re doing. A switch you’re just worried about it being used as a DDoS endpoint since at 10G you’d see if it was mirroring traffic to WAN really quickly. Almost everything else you’d have encrypted by the time it hits the switch anyway. I’d be much more worried about anything USB I plug into my Dell.
It’s actually baffling that it would cost WAY more from TP Link to have the same as this (realtek chipset on all these) but if you want management, it’s embedded onto the realtek chip!
Either way, management seems to be a major miss from xikestor
If you look on Alibaba you can find cheaper RTL9303-based devices. I bought a couple of Horaco SWTGW2C8F for $65 a piece and they’ve been going strong for a few months now.
I would suggest even a home labber stay away from these chinese voodoo boxes and just get a used enterprise switch off ebay. You will have better security and likely learn more. It’s this cheap for a reason and I simply do not trust something like this to handle network traffic.
I have two of these that I have setup now, 1 for myself as a kind of home core switch and one for a friend. They are great little switches and with the new firmware can easily be configured for secure management with encrypted passwords. They run cool and sip power compared to my previous Brocade ICX, no problem to have all ports populated even with two 10Gb-T adaptors in there. Not tried the command line yet but guess it’s nice as an alternative. I was initially weary of security being a cheap chinese box but i monitored it for a week in a sandboxed environment then in a DMZ and saw nothing untoward. Alex
Hey @AdamTheItGuy, what exactly is “using the web guitar”?
Please try to find and test a 10GbE switch with ethernet ports. Anywhere from 5 to 16 ports is good and no mgmt is ok. This one is not cheap (when fully populated), the PSU seems a bit weak for a full load and I’m not to keen on cheap end mgmt (security). Thank you!
Really surprised that none of its L3 capabilities was looked into. Half of the review seems to be around the fact that they shipped a serial to USB adapter and that the password was admin.
Having a 10G switch that can do BGP and OSPF for 80 USD.. what
Couldn’t there be a procedure to evaluate unknown USB devices if you’re paranoid? Like, plug them into an old Linux laptop that isn’t connected to your network, and observe what pops up through lsusb and dmesg. In this case, you’d expect a serial device to pop up. Linux tends to have drivers for those (FTDI, etc). If it presents itself as a storage device, or anything else unexpected, you might think twice about using it.
I’d be curious to know what other warning signs there might be.