Hey Terry, You are correct -- switchport protected is local only. Additionally, it is only relevant to L2 hence "switchport" in the command. Making the port L3 by definition means "no switchport" right? So switchport commands have no relevance
------Original Message------ From: Terry Vinson Sender: [email protected] To: CCIE OSL Subject: [OSL | CCIE_RS] Lab 2.25 WB1 Ver11 Sent: Jul 11, 2009 9:33 PM Hi guys, I have a question regarding lab 2.25. In the task we are asked to put Fa0/12-13 on cat3 and cat4 in vlan 90. Furthermore we are instructed to configure switchport protected on all four ports. I thought that "switchport protected" was only local to users in a vlan on a single switch. Though we are not instructed to do so specifically in the question the PG has us allow vlan 90 on the trunk. It was my understand that if you split users up on two switches that are trunking the protection does not span across switches. (ie users in the protected vlan on an individual switch would not be able to communicate to each other but can communicate to users in the same vlan on the other switch via the trunk.) Is this thinking wrong, it seems to work this way when I lab it up? I also have another question: When using switch port protected the "protection" is limited to layer 2, if the frame becomes a packet at layer 3 will it be allowed to communicate? And if so is that functionality actually different with Private Vlans? Sorry if I'm showing my ignorance here, but after this many hours of studying things get a little fuzzy for me. Thanks, Terry _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Regards, Joe Astorino CCIE #24347 (R&S) Sr. Support Engineer – IPexpert, Inc. URL: http://www.IPexpert.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
