L2+ 10-Gigabit Managed Switch Datasheet
MODELS: TL-SG3210XHP-M2/TL-SG3428X/TL-SG3428XMP
The TP-Link Solution
One-Step Solution
Professional. Reliable. Secure.
Overview
TP-Link’s JetStream L2+ managed switches provide high performance, powerful L2 and L2+ features like
static routing, enterprise-level QoS, advanced security strategies and a bundle of ISP features. The 10-gigabit
ports ensure high-speed data transfer, and their backward compatility with gigabit products reserves room
for network upgrades, therefore guarantees stable and long-term usability. The IP-MAC-Port Binding (IMPB)
and Access Control List (ACL) functions protect against broadcast storm, ARP and Denial-of-Service (DoS)
attacks, etc. Quality of Service (QoS, L2 to L4) provides enhanced trac management capabilities to move your
data smoother and faster. The OAM function helps facilitate network management. Moreover, the easy-to-use
web management interfaces, along with CLI, SNMP and Dual Image mean faster setup and conguration with
less downtime. TP-Link JetStream L2+ 10-gigabit managed switches provide a reliable, secure solution for
enterprise, campus and ISP networks.
Omada Solution
Software Dened Networking (SDN) with Cloud Access
Omada Software Dened Networking (SDN) platform integrates network devices, including access points,
switches and gateways, providing 100% centralized cloud management. Omada creates a highly scalable
network——all controlled from a single interface. Seamless wireless and wired connections are provided, ideal
for use in hospitality, education, retail, oces, and more.
Hassle-Free Centralized Cloud Management
100% centralized cloud management of the whole network from dierent sites——all controlled from a single
interface anywhere, anytime.
1
Zero-Touch Provisioning for Ecient Deplyment
Omada zero-touch provisioning allows remotely deployment and conguration of multi-site networks, so there's
no need to send out an engineer for on-site conguration. The Omada Cloud ensures ecient deployment with
lower costs.
1. Zero-Touch Provisioning is supported when using Omada Cloud-Based Controller
AI-Driven Technology for Stronger Performance and Easy Network Maintenance
Assign Different Management Roles
user privilege assignment is available to increase management efficiency and security. Multi-person
Multimanagement, multi-level permissions, and the ability to add admins as needed, enable exible network
operation and maintenance.
Easy and Intelligent Network Monitoring
The easy-to-use dashboard makes it easy to see your real-time network status; check network usage and
trac distribution; receive network condition logs, abnormal event warnings, and notications; or even track key
data for better business results. Network topology helps IP admins quickly see and troubleshoot connection at
a glance.
Comprehensive Protection for the Whole Network
Multiple Factors Guarantee Higher Reliability
Higher reliability of cloud service is guaranteed with 99.99% SLA availability, 24/7 automated fault detection,
geographically isolated backup servers, and reliable product quality. Your network functions even if
management trac is interrupted.
Reliable Connections Even with High-Density Clients
Equipped with enterprise chipsets, dedicated antennas, advanced RF functions, auto channel selection,
and power adjustment, Omada Wi-Fi 6 and Wi-Fi 5 APs have high concurrency capacities for remarkable
performance in high-density environments.
Switch Product Features
Networking Security
The L2+ managed switches provide IP-MAC-Port Binding, Port Security, Storm control and DHCP Snooping which protect
against broadcast storms, ARP attacks, etc. It integrates some typical DoS attacks to select. You can protect these attacks
more easily ever than before. In addition, the Access Control Lists (ACL, L2 to L4) feature restricts access to sensitive
network resources by denying packets based on source and destination MAC address, IP address, TCP/UDP ports and
even VLAN ID. Moreover, the switch supports 802.1X authentication, which is used in conjunction with a RADIUS/TACACS+
server to require some authentication information before access to the network is allowed.
Advanced QoS features
To integrate voice, data and video service on one trac based on a variety of means including IP or MAC address, TCP or
UDP port number, etc. to ensure that voice and video are always clear, smooth and jitter free. In conjunction with the Voice
VLAN the switch supporting, the voice applications will operate with much smoother performance.
Abundant L2+ features
The L2+ managed switches support a complete lineup of L2 features, including 802.1Q VLAN, Port Mirroring, STP/RSTP/
MSTP, Link Aggregation Control Protocol and 802.3x Flow Control function. Any more, the switch provides advanced
features for network maintenance. Such as Loopback Detection, Cable Diagnostics and IGMP Snooping. IGMP snooping
ensures the switch intelligently forward the multicast stream only to the appropriate subscribers while IGMP throttling
& ltering restrict each subscriber on a port level to prevent unauthorized multicast access. Moreover, L2+ managed
switches support L2+ feature-static routing, which is a simple way to provide segmentation of the network with internal
routing through the switch and helps network trac for more ecient use.
ISP Features
The L2+ managed switches support a bundle of ISP features such as 802.3ah OAM, DDM, sFlow, QinQ, L2PT PPPoE ID
Insertion, IGMP authentication etc. 802.3ah OAM and Device Link Detection Protocol (DLDP) functions improve monitor
and troubleshoot Ethernet networks, help facilitate network management. DDM(Digital Diagnostic Monitoring) function
helps view the status of SFP modules inserting to the Switch and to congure alarm settings, warning settings, temperature
threshold settings, voltage threshold settings, bias current threshold settings, TX power threshold settings, and Rx power
threshold settings.
Enterprise Level Management Features
TP-Link’s new L2+ managed switches are easy to use and manage. It supports various user-friendly standard management
features, such as intuitive web-based Graphical User Interface (GUI), industry-standard Command Line Interface (CLI),
SNMP (v1/v2c/v3), and RMON. This allows the switch to provide valuable status information and send reports on abnormal
events. It also supports Dual Image and Dual Conguration to provide improved reliability and network uptime.
IPv6 Support
The L2+ managed switches support various IPv6 functions such as Dual IPv4/IPv6 Stack, MLD Snooping, IPv6 ACL,
DHCPv6 Snooping, IPv6 Interface, Path Maximum Transmission Unit (PMTU) Discovery and IPv6 Neighbor Discovery, which
guarantees your network is ready for the Next Generation Network (NGN) without upgrading your network equipment.
Specications
Hardware Features & Performance
Product Picture
Model TL-SG3210XHP-M2
General
PoE
Performance
Interface
Console 1 RJ45 Console Port, 1 Micro-USB Console Port
PoE Standard 802.3af/at
PoE Ports 8, up to 30 W
PoE Power Budget 240 W
Switching Capacity 80 Gbps
Packet Forwarding Rate 59.52 Mpps
MAC Address Table 16K
Packet Buer 12 Mbit
Number of IP Interfaces 16
Number of Static
Routers
Jumbo Frame 9 KB
Power Supply 100-240 V AC~50/60 Hz
Max Power
Consumption
8 100/1000Mbps/2.5Gbps RJ45 Ports
2 10GE SFP+ Slots
48 (IPv4, IPv6)
17.24 W (110V/60Hz) (no PD connected)
291.49 W (110V/60Hz) (with 240 W PD connected)
Physical &
Environmet
Max Heat Dissipation
Dimensions (W x D x H) 17.3 × 7.1 × 1.7 in (440 × 180 × 44 mm)
Fan Quantity 2
Installation Rack Mountable
Operating Temperature 0 °C to 50 °C (32 °F to 122 °F)
Storage Temperature -40 °C to 70 °C (-40 °F to 158 °F)
Operation Humidity 10% to 90% RH, non-condensing
Storage Humidity 5% to 90% RH, non-condensing
Certication CE, FCC, RoHS
58.82 BTU/h (110 V/60 Hz) (no PD connected)
994.56 BTU/h (110 V/60 Hz) (with 240 W PD connected)
Hardware Features & Performance
Product Picture
Model TL-SG3428X TL-SG3428XMP
General
PoE
Performance
Interface
Console 1 RJ45 Console Port, 1 Micro-USB Console Port
PoE Standard - 802.3af/at
PoE Ports - 24, up to 30W
PoE Power Budget - 384 W
Switching Capacity 128 Gbps
Packet Forwarding Rate 95.23 Mpps
MAC Address Table 16K
Packet Buer 12 Mbit
Number of IP Interfaces 16
Number of Static
Routers
Jumbo Frame 9 KB
Power Supply 100-240 V AC~50/60 Hz
Max Power
Consumption
Max Heat Dissipation 80.52 BTU/h (110 V/60 Hz)
24 10/100/1000Mbps RJ45 Ports
4 10GE SFP+ Slots
48 (IPv4, IPv6)
23.6 W (110V/60Hz)
34.4 W (110V/60Hz) ( no PD connected)
465.8 W (110V/60Hz) ( with 384 W PD
connected)
117.38 BTU/h (110 V/60 Hz) (no PD
connected)
1589.31 BTU/h (110 V/60 Hz) (with 384 W
PD connected)
Physical &
Environmet
Dimensions (W x D x H) 17.3 × 7.1 × 1.7 in (440 × 180 × 44 mm) 17.3 × 13.0 × 1.7 in (440 × 330 × 44 mm)
Fan Quantity Fanless 2
Installation Rack Mountable
Operating Temperature 0 °C to 45 °C (32 °F to 113 °F)
Storage Temperature -40 °C to 70 °C (-40 °F to 158 °F)
Operation Humidity 10% to 90% RH, non-condensing
Storage Humidity 5% to 90% RH, non-condensing
Certication CE, FCC, RoHS
Software Features
Model TL-SG3210XHP-M2/TL-SG3428X/TL-SG3428XMP
SDN Support
L3 Features
L2 Features
• Support Omada Hardware Controller (OC200/
OC300), Software Controller, Cloud-Based
Controller
• Automatic Device Discovery
• Batch Conguration
• Batch Firmware Upgrading
• 16 IPv4/IPv6 Interfaces
• Static Routing
- 48 static routes
• Static ARP
- 128 static entries
• 512 ARP Entries
• Link Aggregation
- Static link aggregation
- 802.3ad LACP
- Up to 8 aggregation groups and up to 8 ports
per group
• Spanning Tree Protocol
- 802.1d STP
- 802.1w RSTP
- 802.1s MSTP
- STP Security: TC Protect, BPDU Filter, BPDU
Protect, Root Protect, Loop Protect
• Intelligent Network Monitoring
• Abnormal Event Warnings
• Unied Conguration
• Reboot Schedule
• ZTP (Zero-Touch Provisioning)*
• Proxy ARP
• Gratuitous ARP
• DHCP Server
• DHCP Relay
- DHCP interface relay
- DHCP VLAN relay
• DHCP L2 Relay
• Loopback Detection
- Port based
- VLAN based
• Flow Control
- 802.3x Flow Control
- HOL Blocking Prevention
• Mirroring
- Port Mirroring
- CPU Mirroring
- One-to-One
- Many-to-One
- Tx/Rx/Both
L2 Multicast
VLAN
QoS
• Supports 1000 (IPv4, IPv6) IGMP groups
• IGMP Snooping
- IGMP v1/v2/v3 Snooping
- Fast Leave
- IGMP Snooping Querier
- IGMP Authentication
• IGMP Authentication
• MVR
• VLAN Group
- Max 4K VLAN Groups
• 802.1Q Tagged VLAN
• MAC VLAN: 30 Entries
• Protocol VLAN: Protocol Template 16, Protocol
VLAN 16
• 8 priority queues
• 802.1p CoS/DSCP priority
• Queue scheduling
- SP (Strict Priority)
- WRR (Weighted Round Robin)
- SP+WRR
• Bandwidth Control
- Port/Flow based Rating Limiting
• MLD Snooping
- MLD v1/v2 Snooping
- Fast Leave
- MLD Snooping Querier
- Static Group Cong
- Limited IP Multicast
• Multicast Filtering: 256 proles and 16 entries
per prole
• Private VLAN
• GVRP
• VLAN VPN (QinQ)
- Port-Based QinQ
- Selective QinQ
• Voice VLAN
• Smoother Performance
• Action for Flows
- Mirror (to supported interface)
- Redirect (to supported interface)
- Rate Limit
- QoS Remark
* Zero-Touch Provisioning is supported when using Omada Cloud-Based Controller
Software Features
Model TL-SG3210XHP-M2/TL-SG3428X/TL-SG3428XMP
ACL
Security
• MAC ACL
- Source MAC
- Destination MAC
- VLAN ID
- User Priority
- Ether Type
• IP ACL
-Source IP
- Destination IP
- Fragment
- IP Protocol
- TCP Flag
• IP-MAC-Port Binding
-512 Entries
- DHCP Snooping
- ARP Inspection
- IPv4 Source Guard: 100 Entries
• IPv6-MAC-Port Binding
-512 Entries
- DHCPv6 Snooping
- ND Detection
- IPv6 Source Guard: 100 Entries
• DoS Defend
• Static/Dynamic Port Security
- Up to 64 MAC addresses per port
• Broadcast/Multicast/Unicast Storm Control
- kbps/ratio/pps control mode
- TCP/UDP Port
- DSCP/IP TOS
- User Priority
• Combined ACL
• IPv6 ACL
• Policy
- Mirroring
- Redirect
- Rate Limit
- QoS Remark
• ACL apply to Port/VLAN
• Time-based ACL
• 802.1X
- Port base authentication
- Mac base authentication
- VLAN Assignment
- MAB
- Guest VLAN
- Support RADIUS authentication and
accountability
• AAA (including TACACS+)
• Port Isolation
• Secure web management through HTTPS with
SSLv3/TLS 1.2
• Secure Command Line Interface (CLI)
management with SSHv1/SSHv2
• IP/Port/MAC based access control
ISP Features
Management
IPv6 Support
• 802.3ah Ethernet Link OAM
• L2PT (Layer 2 Protocol Tunneling)
• PPPoE ID Insertion
• Web-based GUI
• Command Line Interface (CLI) through
consoleport, telnet
• SNMPv1/v2c/v3
- Trap/Inform
- RMON (1, 2, 3, 9 groups)
• SDM Template
• DHCP/BOOTP Client
• 802.1ab LLDP/LLDP-MED
• IPv6 Dual IPv4/IPv6
• Multicast Listener Discovery (MLD) Snooping
• IPv6 ACL
• IPv6 Interface
• Static IPv6 Routing
• IPv6 neighbor discovery (ND)
• Path maximum transmission unit (MTU) discovery
• Internet Control Message Protocol (ICMP)
version 6
• TCPv6/UDPv6
• Device Link Detect Protocol (DLDP)
• sFlow
• DDM
• DHCP Auto Install
• Dual Image, Dual Conguration
• CPU Monitoring
• Cable Diagnostics
• EEE
• Password Recovery
• SNTP
• System Log
• IPv6 applications
- DHCPv6 Client
- Ping6
- Tracert6
- Telnet (v6)
- IPv6 SNMP
- IPv6 SSH
- IPv6 SSL
- Http/Https
- IPv6 TFTP
Software Features
Model TL-SG3210XHP-M2/TL-SG3428X/TL-SG3428XMP
MIBs
• MIB II (RFC1213)
• Interface MIB (RFC2233)
• Ethernet Interface MIB (RFC1643)
• Bridge MIB (RFC1493)
• P/Q-Bridge MIB (RFC2674)
• RMON MIB (RFC2819)
• RMON2 MIB (RFC2021)
• RADIUS Accounting Client MIB (RFC2620)
• RADIUS Authentication Client MIB (RFC2618)
• Remote Ping, Traceroute MIB (RFC2925)
• Support TP-Link Private MIB
Ordering Information
Host Switch
Model Description
TL-SG3210XHP-M2 JetStream 8-Port 2.5GBASE-T and 2-Port 10GE SFP+ L2+ Managed Switch with 8-Port PoE+
TL-SG3428XMP JetStream 24-Port Gigabit and 4-Port 10GE SFP+ L2+ Managed Switch with 24-Port PoE+
TL-SG3428X JetStream 24-Port Gigabit L2+ Managed Switch with 4 10GE SFP+ Slots
SFP/SFP+ Modules
Model Description
TL-SM311LS Gigabit SFP module, Single-mode, LC interface, Up to 20km distance
TL-SM311LM Gigabit SFP module, Multi-mode, LC interface, Up to 550m distance
TL-SM321A Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX: 1550 nm/RX: 1310 nm, 20 km
TL-SM321A-2 Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX: 1550 nm/RX: 1310 nm, 2 km
TL-SM321B Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX: 1310 nm/RX: 1550 nm, 20 km
TL-SM321B-2 Gigabit WDM Bi-Directional SFP Module, single-mode, LC connector, TX: 1310 nm/RX: 1550 nm, 2 km
TL-SM5110-LR 10GBase-LR SFP+ LC Transceiver, single-mode, LC connector, 1310nm, 10 km
TL-SM5110-SR 10GBase-SR SFP+ LC Transceiver, multi-mode, LC connector, 850nm, 300 m
MC Series Media Converter
Model Description
MC210CS Gigabit Single-Mode Media Converter, up to 20 km, chassis mountable
MC200CM Gigabit multi-mode SC SFP Transceiver, up to 550 m, chassis mountable
MC200L Gigabit SFP slot supporting mini-GBIC modules, chassis mountable
TL-MC1400 14-slot power supply chassis for TP-LINK MC Series Media Converter, 19-inch rack-mountable
SFP/SFP+ Modules
Model Description
TL-FC111A-20 100Mbps Single-Mode WDM Media Converter, up to 20 km, TX:1550nm, RX:1310nm, chassis mountable
TL-FC111B-20 100Mbps Single-Mode WDM Media Converter, up to 20 km, TX:1310nm, RX:1550nm,chassis mountable
TL-FC311A-2 Gigabit Single-Mode WDM Media Converter, up to 2 km, TX:1550nm, RX:1310nm, chassis mountable
TL-FC311B-2 Gigabit Single-Mode WDM Media Converter, up to 2 km, TX:1310nm, RX:1550nm, chassis mountable
TL-FC311A-20 Gigabit Single-Mode WDM Media Converter, up to 20 km, TX:1550nm, RX:1310nm, chassis mountable
TL-FC311B-20 Gigabit Single-Mode WDM Media Converter, up to 20 km, TX:1310nm, RX:1550nm, chassis mountable
TL-FC1400 14-slot power supply chassis for TP-LINK FC Series Media Converter, 19-inch rack-mountable
Some models featured in this guide may be unavailable in your country or region. Visit TP-Link website for local sales information: www.
tp-link.com.
PoE budget calculations are based on laboratory testing. Actual PoE power budget is not guaranteed and will vary as a result of client
limitations and environmental factors.
Specications are subject to change without notice. All the brands and product names are trademarks or registered trademarks of their
respective holders. © 2020 TP-Link
Loading...