Friday, March 6, 2009

Cisco Sucks

(Yes, the title was meant to be a play on the classic "disco sucks" chant of the '1970s)

Today I had the misfortune to encounter a Linksys (owned by Cisco) SRW2008P Gigabit Switch at work. On the surface this seems like a pretty nice little device. However, deep inside lurks evil. For background, the SRW2008P is an 8-port Gigabit Ethernet switch with Power-over-Ethernet (PoE) support. Two of the 8 ports are shared with two SFP GBIC slots (Linksys calls these "combo ports") that can be used for fiber optic cable. The switch is a "managed switch," meaning that it has an internal processor allowing the switch to be configured in various ways.

We had some problems today where a connection between one of these SRW2008P switches and an enterprise Cisco 3560G-48PS switch kept "flapping" up and down. There was no way to tell why this was happening - the 3560-series switch was indicating many thousand CRC or input errors. The person who installed the SRW2008P forgot to configure a management IP address, so we had to go on-site to diagnose the problem as well as set-up the management IP addresses.

So about the SRW2008P: I was pleased to find a telnet text-based interface was supported. I was not pleased that it was this hokey menu interface. I was looking for some information about errors on the port that was giving us problems. All the menu interface could tell me is that the port was configured, and the speed that was detected. That was not helpful.

So I break out a web browser (Firefox) on my trusty Linux-based laptop. Connected to the web interface, and got the login prompt. I logged-in, and what appears next is....nothing. Nothing usable,that is. It's a mostly blue screen with the Linksys logo and a "Save Settings" and "Cancel Changes" link. Nothing else. WTF?! Oh well, I guess that the hokey menu interface was good enough (I would have liked a stripped-down IOS-like command line, but's cheaper than a Cisco brand switch). I did finally diagnose the problem with the link, but I'll get to that later...

When I got back to the office, just for the heck of it, my coworker and I decided to pull over a Windows system, run Internet Explorer, and see if that allowed us to get into their web interface. Surprise - it did. Well, it looks like the futhermuckers at Linksys did it again: forget web standards, let's build a device that just works on fscking Microsoft Windows! This is an excellent reason to never buy a Linksys product, ever. In this day and age, for something as simple as a switch management interface, this should have been supported at least under Firefox and Internet Explorer (no Flash, either, damn it). I say "at least" because in reality, for something like this, it should work on SeaMonkey, Opera, Safari, and any other modern web browser as well, on any operating system platform.

I was trying to find something that would shed some light on this disappointing revelation. I went to Linksys' web site, only to find the usual half screen worth of "To see our sucking web site, you must download the latest Flash plug-in, because we have no idea how to write HTML" (paraphrased, of course). I grumbled and clicked "Support" and tried to use their customer support expert system (called "Ask Linksys"). My question was, "Why doesn't Firefox work on the SRW2008P?" Among its 6 responses, the one that best fit was, "03) You have trouble accessing a manageable switch's web-based setup page." Exactly, so I select that one. It sends me to a document called, "Encountering Difficulties Accessing the Manageable Switch’s Web-Based Setup Page." Okay, still sounding good. All the stupid article said was how to configure HyperTerminal to reset the switch to factory settings using the telnet interface. Completely worthless, as was my remaining "Ask Linksys" experience.

Finally, in desperation, I looked at the firmware release notes. There, under "Web browser availability" was my problem in a nutshell:
-Using Mozilla Firefox Web Browser:
(a) Install Firefox "IE Tab" add-ons. The latest version is available on
(b) Select Tools --> IE Tab. Add in the IP address of switches to Sites Fitters
(e.g. �� accepts wildcard http://172.18.1.*).
(c) Ensure that cookies are enabled, by clicking "enable" to "All sites to set cookies"Tools -> Options -> Privacy -> Cookies.
-Using Netscape Web Browser: Click the icon in the left corner, and select "IE Display".

In other words, someone at Linksys decided that they couldn't program a table-based setup screen without using a Microsoft IE-specific web browser extension. It also looks like someone developed a Firefox plug-in to create a workaround for this kind of thing. Unfortunately, that doesn't help those of us using something other than Firefox, and it doesn't fix the underlying problem of a poorly-designed web configuration interface. It isn't even a good interface.

The switch itself has a lot of pretty powerful options (only accessible via the web interface), including a cable test command that does a TDR-like cable length measurement. It's just a shame that they wrapped all these functions inside a bad web interface.

The problem with the flapping link was a strange one, and continues to perplex me and my coworkers. After a lot of testing, we discovered that the Cisco 3560-series switch appears to be unable to provide a usable signal on the two cables that are going to the location in question. The cables run near some old power distribution equipment, and since the installation is on a barge on a lake, it is possible that the cables are acting as antennas. In any case, we decided to put the connection through a fiber-to-twisted-pair Gigabit Ethernet media converter and use fiber to connect to the 3560 switch (which would also provide some lightning protection for the 3560). The media converter's timing and/or cable drive characteristics were sufficient to overcome whatever the 3560 couldn't, and we now have a clean, reliable connection. The Linksys switch was actually working correctly, despite all the ridiculousness with their configuration and status interface. I'm still not sure if the 3560 is malfunctioning, or if it is working as designed.

So in conclusion, I have a few things to say:
  1. I said it once, and I'll say it again: Linksys - please hire new web interface programmers that know something about supporting multiple browser/OS platforms. Lots of us are using Linux and Macs, so only supporting something Microsoft is a bad idea.
  2. Until Linksys changes its evil ways, I won't buy any of their products, no matter how cheap they may be.
  3. Sometimes an expensive Cisco switch doesn't work as well as a $200 media converter for cable under certain cable conditions.
  4. Linksys' stupid web interface makes this the the next item in my "blatant stupidity" list.
I think it's time to walk away from this for a while and sit with some cats at the Humane Society.


bjorn said...

Your blog showed up on my search for "firefox srw2008p" and I see that you've been through the same frustrations as me. Just wanted to mention that I have found a way to configure the switch using Firefox, by modifying a couple of the *.js files between the switch and the browser.

Please see if you're interested in the details.


Raffi said...

Realize this is an old post, but I was having the exact same problem with the ports flapping between 2 SRW2008p's and a Cisco 6513 since upgrading the IOS on the 6513.

With no help from Cisco I've found that the code I'm running seems to have a bug related to MDX/MDIX negotiation.

I replaced the straight through cable with a crossover and it's working without flapping now.

Hope this helps anyone having the same problem.

kenmiller said...

nice information about cisco switches keep going on with new updates.

Cisco Gbic

Keith said...

Does anyone know if a firmware update will fix this problem? It annoyed the hell out of me to. I don't have a Windows machine in the house and I don't want one either so the firefox IE tab doesn't fix it for me. I have to borrow a machine to maintain the network - pathetic

cpu said...


Did you try the fix that bjorn posted (see for details)? I thankfully have not had to deal with that switch again, but bjorn's fix actually looks pretty sound.

It normally would amaze me that a prominent network equipment company like Cisco/Linksys would permit their products to have such an unnecessary OS bias. The reason why it doesn't (surprise me) is that when I worked for a certain large computer manufacturer near Houston they had all sorts of under-the-table deals with Microsoft restricting technology. That ultimately was what caused me to leave.

Where I work now, we have a web-based network management utility developed in-house. My staff (one person) has had very little trouble supporting all modern browsers (there have been a few small bumps along the way, but no show-stoppers). I think the only ones we can't fully support are the text-only browsers (lynx, for example). If we can do this with one person doing the development, then Cisco can do it too... Maybe they should ask the people at the other company they acquired (Sipura) to show them how it's done!!

Anonymous said...

I googled "Cisco Sucks" and your blog came up. I also think that Cisco sucks and wrote a song to that effect. You are welcome to check it out:

Anonymous said...

An amateur posing as a network admin. I suspect your company is a 2-bit operation, which is why you're likely a desktop/help desk-type person or a student, fumbling your way through things you don't understand.