Cisco SG250 and SG350 in comparison
If there are two switch series that have been discussed over and over again for Dante applications, it is the Cisco SG250 and SG350 series. And of course one question comes up regularly: "is the SG250 sufficient or should I rather use the SG350?"
The photo above is admittedly a bit misleading. Only the SG250-08 is so nice and small, all other models are absolutely identical in size between the SG250 and SG350 series.
At Cisco itself there is no detailed comparison. And the discussions in various forums always only provide small puzzle pieces instead of a complete comparison.
It's annoying when you either invest a lot of money in your network only to find at some point that the type of switch you bought does not support the functions you need. And it's a shame for money when you pay for functions that you will never actually need.
If you fluctuate between the two switch types, you've come to the right place! I hope my following comparison tables provide you with all the information you need to make an informed decision.
Of course, my focus is on my daily field of work, building networks in theater / sound applications. But I tried to at least list everything in the comparison table that I noticed during the comparison, regardless of audio applications.
Technical specifications
The biggest concern about compromising the cheaper series is of course the performance of the switch.
| Cisco SG 250 |
Cisco SG 350 |
|||
| Millions of Packets per Second (mmps) | Switching Capacity in Gigabits per Second (Gbps) | Millions of Packets per Second (mmps) | Switching Capacity in Gigabits per Second (Gbps) | |
| 8 Ports | 11.90 | 16 | ||
| 10 Ports | 14.88 | 20 | 14.88 | 20 |
| 18 Ports | 26.78 | 36 | ||
| 20 Ports | 29.76 | 40 | ||
| 26 Ports | 38.69 | 52 | ||
| 28 Ports | 41.66 | 56 | ||
| 50 Ports | 74.41 | 100 | ||
| 52 Ports | 77.38 | 104 | ||
Due to the different number of uplink ports, there are initially different numbers. If you divide the information by the number of ports, you get exactly to the decimal point the identical numbers of 1,488 mmps or 2 Gbps per port. In this respect, the all-clear, both series have the same amount of horsepower under the hood.
Incidentally, I have the information mentioned from the following Cisco sources:
SG250 and SG250X: datasheet-c78-737061.pdf
SG350: datasheet-c78-737359.pdf, SG350X: datasheet-c78-735986.pdf
Model overview
Most of the models can be found in both series. The SG250 models consistently only have 2 uplink ports in contrast to the mostly 4 uplink ports in the SG350 models. And so the SG250 are ruled out for star-shaped topologies, at least at a central location. Because with two SFP ports I can only connect a switch in daisy chain or ring topology, but not use it as a distributor.
The pure SFP models are also missing from the SG250 list. With the SG350 even more than 4 switches can be connected from a central point for a large star topology (SG350-10SFP* and SG350-28SFP*).
A special feature of the SG250 series on the other hand is a mini model with only 8 ports without uplinks (SG250-08* and SG250-08HP*). I myself use this very often on my travels, as it only takes up half as much space in the case as the 10-port models. It should be noted, however, that there is no rackmount kit in return for this mini switch.
| Cisco SG 250 | Cisco SG 350 | |
| 8 Ports | SG250-08 | SG350-10 |
| SG250-08HP (PoE: 45W) | SG350-10P (PoE: 62W) | |
| SG250-10P (62W) | SG350-10MP (124W) | |
| SG350-10SFP | ||
| 16 Ports | SG250-18 | SG350-20 |
| 24 Ports | SG250-26 | SG350-28 |
| SG250-26HP (100W) | SG350-28P (195W) | |
| SG250-26P (195W) | SG350-28MP (382W) | |
| SG350-28SFP | ||
| 48 Ports | SG250-50 | SG350-52 |
| SG250-50HP (192W) | SG350-52P (375W) | |
| SG250-50P (375W) | SG350-52MP (740W) | |
| 24 Ports (10G-Uplinks) | SG250X-24 | SG350X-24 |
| SG250X-24P (195W) | SG350X-24P (195W) | |
| SG350X-24MP (382W) | ||
| 48 Ports (10G-Uplinks) | SG250X-48 | SG350X-48 |
| SG250X-48P (382W) | SG350X-48P (382W) | |
| SG350X-48MP (740W) |
The PoE models in the P version have the same overall output power in both series. Alternatively, the SG250 has the HP version with half the PoE power, and the SG350 has the MP version with double the power.
Both switch series support the standards PoE (with max. 15.4W per device) and PoE+ (max. 25.5W per device).
Features
While the two switches hardly showed any distinguishing points in the previous sections, we now come to a more exciting point: the supported features!
And here there are indeed clear differences. If the many abbreviations don't mean anything to you, I recommend you read my blog article "What features must a Dante switch have?" as a short intermediate reading, with explanations of the most important functions of a managed switch.
| SG 250 | SG 350 |
|
| MAC-Address-List | 8k | 16k |
| VLANs | 255 | 4094 |
| Private VLANs | - | ✔ |
| Dynamic VLANs | - | ✔ |
| VLAN Mapping | - | ✔ |
| MAC-based Authent. | - | ✔ |
| RADIUS Client / Server | ✔ / - | ✔ / ✔ |
| Access Control List | 512 rules | 1024 rules |
| LAGs | 4 groups | 8 groups |
| IGMP Snooping | 255 multicast groups | 2000 multicast groups |
| IGMP Querier | ✔ | ✔ |
| IGMP Proxy | - | ✔ |
| RSTP / MSTP | ✔ / 8 instances | ✔ / 8 instances |
| IPv4 Routing | 32 static routes | 990 static routes |
| DHCP Server | - | ✔ |
| DHCP Snooping | - | ✔ |
| QoS | 8 queues | 8 queues |
| SPAN / RSPAN | ✔ / - | ✔ / ✔ |
| Console Port | - | ✔ |
| sFlow | - | ✔ |
| FindIT Probe / Manager | ✔ / - | ✔ / ✔ |
| SNA | ✔ | ✔ |
| CPU | 800 MHz ARM | 800 MHz ARM |
| Packet-Buffer | 1.5MB (48 Ports: 3MB) | 1.5MB (48 Ports: 3MB) |
Some information can be seen from the data sheet if you look closely. And there are some things that you only become aware of when you look through the menus of both switch types in the web browser. In the table above I have tried to list as many points as possible that I have noticed.
Not all of this affects us as sound engineers when setting up Dante networks. Therefore, my personal assessment of only a few selected points:
MAC address list: 8000 addresses are quite a lot. In addition to the actual audio devices, this naturally includes all network participants, including switches. And some devices have multiple MAC addresses at the same time. Especially when you combine several networks in a large switch topology - for example several Dante networks, control, video, light - a lot of addresses come together. I would still assume that 8000 MAC addresses should be sufficient for the vast majority of cases.
VLANs: With a maximum of 255 VLANs, the matter is also clear to me. Even if we put all the VLANs together from technical departments in a large theater, we shouldn't even get beyond 100 VLANs.
Private VLANs: Private VLANs can be used to create sub-VLANs that can all communicate with the main VLAN (e.g. a server) but are separated from one another. Since we definitely want to send signals from every device to every other device in the Dante network, isolating individual devices would be counterproductive. So there is no disadvantage that the SG250 does not support this.
Dynamic VLANs: With mobile devices, it might make sense to assign the assignment to a VLAN not statically per port, but dynamically. For example, in connection with a RADIUS server, you could store the MAC addresses of all devices and assign a VLAN to each. Regardless of which port a device is plugged into, it then automatically gets access to the appropriate VLAN. Rather uncommon for Dante networks, but definitely interesting in mixed networks in connection with outlet boxes on the stage.
VLAN mapping: One application in which VLAN mapping could be helpful or necessary would be two separate networks, for example for the sound and lighting departments. If they set up their networks separately from one another and one day think about a merger, the VLAN IDs are guaranteed not to match. Using VLAN mapping, a VLAN can then be “mapped” to a different ID during the transition from one network to the other. If you consider such a later association from the start and assign the VLAN IDs accordingly, you do not need mapping later . It would also be possible to change the VLAN IDs for all switches in one of the two networks.
MAC-based authentication: The MAC address can be used in conjunction with a RADIUS server to allow or block access to the network.
ACL: In most Dante networks, no access control list functionality should be used. And if it does, then 512 rules should certainly be sufficient to allow or block access to enough devices.
LAGs: Link aggregation groups will definitely be used to get more bandwidth and redundancy between switches. It is good and necessary that they are also available on the SG250. Since they are only used for links between switches, the 4 LAGs on the SG250 should be sufficient.
IGMP Snooping: 255 multicast groups sound more like a hurdle. If you consider that there are usually 4 Dante channels per multicast flow, with 255 multicast addresses we still achieve around 1000 audio channels. For the limit of 255 addresses, only the multicast flows count, not the unicast connections. Here too, of course, you have to take some reserve into account, because even without audio routing, some multicast addresses are already occupied. Dante occupies several addresses, for example for clock distribution and for mDNS communication between the Dante devices. If you plan to integrate the primary and secondary Dante network into an overall network, the number of groups will of course be doubled. Nonetheless, 255 multicast groups should usually be more than sufficient.
IPv4 routing: In principle, one switch that could take over the routing is sufficient in our closed network. Occasionally, a media controller from the control network might want to reach a device in the Dante VLAN. Or you want to make the internet available for some VLANs. As a rule, 32 static routings should be sufficient for this. And if things get a little more complex, one central switch with more routing capabilities is usually sufficient, which takes over the routing for everyone.
DHCP server: A missing DHCP server on the SG250 is no big deal, because you can also provide Dante devices with a static IP address or operate them in auto-IP mode. I'm also a friend of a DHCP server for guest devices on Dante networks. But for this luxury, one switch per network is sufficient as a DHCP server. So it would be enough to have one or two SG350s. All other switches could be of type SG250 without DHCP server functionality.
SPAN / RSPAN: With the Switch Port Analyzer function, all traffic from one port can be copied to another port. For error analysis, you can use Wireshark, for example, to read which packets a device is sending or receiving. Using remote SPAN, a port can also be copied to another switch via a trunk line. Since we are dealing with mature technology or ready-made Dante chips from Audinate in a Dante network, there are usually hardly any applications for SPAN or RSPAN. The lack of RSPAN support on the SG250 means that you can use SPAN, but only on ports on the same switch.
Console Port: The normal way for sound engineers to set up a switch is probably through the web interface. And even if you like to program via the command line, this is also possible without a console port via Telnet. Most users shouldn't miss the port on the SG250. In larger networks, however, it happens that you have to reach a specific switch and you are either unsure about the IP address or several switches respond to the default IP address (192.168.1.254). And sometimes you lock yourself out if you don't put a single port on the management VLAN. Then either a complete reset helps, or you plug yourself into the console port via a serial cable and gain access again using some CLI commands.
sFlow: When sFlow is activated, a switch randomly sends some packets to a central server. This gives a good overview of the entire network traffic. For example, you can see the percentage of unicast or multicast packets, how much traffic flows to the Internet router and even which addresses have been visited. A nice tool for network administrators who want to know what kind of data is constantly driving a link to 100% utilization. For Dante networks, we actually already know from the crosspoints in the Dante controller which signals and which bandwidth will flow in our network. In this respect, I see no need for sFlow support for audio applications. Especially since this only works with the appropriate server and software.
GUI
The web interface is identical for both series. The SG250 is only missing a few sub-items if the function is not supported. In the screenshot of the SG250 (left), for example, the pages for VLAN Translation and Private VLAN Settings are missing.
If you already know one series, you will find your way around the other straight away.
Optical modules
| SG 250 | SG 350 |
|
| SFP-Modules |
MGBBX1 |
MGBSX1 |
| SFP+-Modules |
(only SG250X) |
(only SG350X) |
The supported SFP and SFP+ modules are almost identical and allow the modules to be exchanged between the two series and thus topology changes, if necessary, without having to buy new modules each time.
Incidentally, there is no control of the SFP modules used in the SG series. In this respect, most of the modules available on the market should work.
Conclusion
So they actually exist, the advantages of an SG350 over an SG250!
As long as it is “just” a single Dante network without the integration of additional Dante and control / video networks, I see no concern whatsoever that this can be implemented with a pure SG250 network. I don't see any of the limits in the SG250 (such as 8000 MAC addresses, 255 VLANs or 255 multicast addresses) being reached. If you don't want to miss the convenience of a DHCP server, this can be solved by adding one or two SG350s.
Only the 2 uplink ports on the SG250 could be a valid reason to use some of the SG350 for star-shaped network topologies.
The price difference is relatively small between the two series, so if in doubt you should of course rather use the SG350. The PoE performance of a switch usually has more influence on the price than the choice of features or series. With regard to costs, you should also deal with how many devices you want to feed through PoE and how high the power at the respective switch location will be in total.
For complex networks that not only contain Dante but also control, video, lighting, etc. in many VLANs, it can make sense to rely exclusively on SG350 from the start. This allows security and assignment functions (dynamic VLANs) to be implemented based on the MAC address of each device.
I hope I was able to reinforce your choice a little! If you miss any information in my comparison, I would be very happy to receive a short message and of course I will be happy to extend the article!
* Affiliate link
More articles on the Dante network: