The TP-Link TL-SG108 uses a Realtek RTL8370N chip identical to managed switches; full VLAN management is unlockable by swapping the SPI flash.
Key Takeaways
RTL8370N powers both unmanaged and “web smart” managed 5-8 port gigabit switches; the feature gap is almost entirely a firmware/flash-size limitation, not hardware.
The TL-SG108 ships with a 4Mbit (512KiB) Cfeon SPI flash – too small for a web UI. Replacing it with a 32Mbit GigaDevice GD25Q32 (150mil SOP8 package) and flashing a Netgear GS308Ev4 firmware dump enables VLAN management.
MAC address and serial number are stored unprotected at flash offset 0x1fc000 – 6 bytes MAC, 16-byte null-terminated serial, no checksum. Cloning firmware across multiple switches requires manually patching this offset to avoid L2 MAC conflicts.
Araknis AN-110 “Unmanaged+” switches also use the RTL8370N with the same MAC/serial offset, but none of the known firmware dumps boot on it, and no UART debug path exists on this chip.
Practical verdict: the TL-SG108E managed variant costs roughly $5 more new, which covers the BOM upgrade cost, and used managed L2/L3 RTL switches with OpenWrt support are now inexpensive.
Hacker News Comment Review
Commenters confirmed the managed/unmanaged BOM-only split is a well-established silicon industry pattern – one hardware SKU, feature tier controlled purely by flash size and firmware.
A critical practical warning surfaced: the GS308Ev4 (the firmware used in this hack) has a known defect where non-VLAN traffic leaks across all ports regardless of VLAN config, undermining the core use case of the upgrade.
Notable Comments
@superkuh: SG108E has a confirmed VLAN isolation bug – non-VLAN traffic broadcasts across all ports; v1 hardware additionally requires ancient Java and an iptables ip_forward workaround to manage at all.
