Skip to content
Mar 5 / Greg

Mikrotik CRS328-24P-4S+RM – 24 Port PoE Switch

It looks like the CRS328 is about to be a thing, and I was looking at where it fits in.

Switching Features

• Non-blocking Layer 2 switching capacity
• 16K host table
• IEEE 802.1Q VLAN
• Supports up to 4K simultaneous VLANs
• Port isolation
• Port security
• Broadcast storm control
• Port mirroring of ingress/egress traffic
• STP / RSTP / MSTP
• Access Control List
• MikroTik neighbor discovery
• SNMP
• 10218-byte jumbo frames support
• IGMP snooping
• IEEE 802.3ad and static link aggregation

Quick Specs

• 24 Gigabit Ethernet ports
• 4 SFP+ ports
• RJ45 serial console port
• Non-Blocking throughput: 64 Gbps
• Switching capacity: 128 Gbps
• Forwarding rate: 95.2 Mpps
• Maximum power consumption: 44 W (without PoE
devices connected)
• Supports PoE+ IEEE 802.3at/af and 26 V
Passive PoE (per port individually selected/auto)
• Temperature based fan control
• 1U rackmount
• Selectable power output per port (26 / 48 V)

This switch has an ARM32 CPU, and the hardware incorporates a lot of interesting features that can be thrown into hardware…once it is integrated into ROS. I say ROS, it has SWOS support, but nobody likes or uses SWOS.

Here’s a typical MDU setup; many APs going into a switch. This switch can terminate AF/AT compliant devices as well as standard passive PoE devices. Prior to this switch coming out I would be looking at something like the Ubiquiti EdgeSwitch 24(EdgeSwitch ES-24-250W).

They both support port security(mac limiting), storm control(limit broadcast/multicast storms), and I believe DHCP snooping(prevent rogue DHCP servers). The CRS has SFP+ ports while the ES only has SFP ports, so this gives it an advantage there. Price wise the CRS will sell for around $379 and the ES24 sells for around $400, so there’s a slight cost savings from the CRS.

I don’t believe either does dynamic ARP inspection(ensuring that clients can’t spoof addresses), but I can always hold out hope.

While the CRS is new(I can’t yet order one), it seems to have a bit of an edge for my scenarios(MDU environment)…especially as they begin to unlock some of those hardware features.

What say you…interested in giving it a go?

5 Comments

leave a comment
  1. Daniel / Mar 8 2018

    GS1920-24HP has “IP Source Guard” features, like Static Binding, DHCP Snooping and ARP Inspection.

  2. Greg / Mar 8 2018

    @Daniel, and boom goes the dynamite 🙂 That’s a Zyxel switch, is it not?

  3. Daniel / Mar 8 2018

    @Grep, that’s correct, but it’s in the same price range and supports nearly every layer2 switch feature. It seems odd to me that both Mikrotik and Ubiquiti show off that they have the most versatile and best priced device and in fact are lacking some of the “standard” features we are expecting from a switch…

  4. Greg / Mar 8 2018

    @Daniel, very good point. It didn’t look like the Zyxel switch did passive PoE, which, unfortunately, a lot of Mikrotik gear requires. It’s for this reason I didn’t really investigate other devices. If they would just make everything standards compliant, then the game would change massively.

  5. Andrew / Apr 12 2018

    It would’ve been sweet if those new hAP ac2 units supported regular PoE!

    I can only dream though.

Leave a Comment

 

*