Charles, Not sure exactly what you mean but here is a scenario I was practicing with, with no special configuration on the trunk between the 3560s.
2 devices in isolated vlan 101 ----> 3560 ----> 3560 -----> Router in primary vlan 100 (with association to secondary vlan 101) The two devices could only communicate with the router and not each other. Is this the type of scenario you are talking about? On Thu, Jan 7, 2010 at 7:42 AM, Kingsley Charles <[email protected] > wrote: > H Tyson > > I too was in the same lines but the following surprised me and hence I am > preparing for PVLANs :-( > > > Catalyst Platform > > PVLAN Supported Minimum Software Version > > Isolated VLAN > > PVLAN Edge (Protected Port) > > Community VLAN > > Catalyst 6500/6000 - Hybrid mode (CatOS on Supervisor and Cisco IOSĀ® on > MSFC)<http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a00800c8441.html> > > 5.4(1) on Supervisor and 12.0(7)XE1 on MSFC > > Yes > > Not Supported > > Yes > > Catalyst 6500/6000 - Native mode (Cisco IOSĀ® System software on both > Supervisor and > MSFC)<http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a00800c8441.html> > > 12.1(8a)EX, 12.1(11b)E1 and later. > > Yes > > Not Supported > > Yes > > Catalyst 5500/5000 > > Not Supported > > Not Supported > > Not Supported > > Not Supported > > Catalyst 4500/4000 - > CatOS<http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.1/configuration/guide/vlans.html#wp1028273> > > 6.2(1) > > Yes > > Not Supported > > Yes > > Catalyst 4500/4000 - Cisco > IOS<http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/pvlans.html> > > 12.1(8a)EW > > Yes > > Not Supported > > Yes. 12.2(20)EW onwards. > > Catalyst > 3550<http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_se/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.1(4)EA1 onwards. > > Not Supported > > Catalyst > 2950<http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea2/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.0(5.2)WC1, 12.1(4)EA1 and later. > > Not Supported > > Catalyst > 2900XL/3500XL<http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc5/swg/swports.html> > > Not Supported > > Not Supported > > Yes.12.0(5)XU (on 8MB switches only) onwards. > > Not Supported > > Catalyst 2948G-L3 / 4908G-L3 > > Not Supported > > Not Supported > > Not Supported > > Not Supported > > Catalyst 1900 > > Not Supported > > Not Supported > > Not Supported > > Not Supported > > Catalyst 8500 > > Not Supported > > Not Supported > > Not Supported > > Not Supported > > Catalyst > 3560<http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_20_se/configuration/guide/swpvlan.html> > > 12.2(20)SE - EMI > > Yes > > Yes. 12.1(19)EA1 onwards. > > Yes > > Catalyst > 3750<http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swpvlan.html> > > 12.2(20)SE - EMI > > Yes > > Yes. 12.1(11)AX onwards. > > Yes > > Catalyst 3750 > Metro<http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/release/12.2_25_seg_seg1/configuration/guide/swpvlan.html> > > 12.2(25)EY - EMI > > Yes > > Yes. 12.1(14)AX onwards. > > Yes > > Catalyst > 2940<http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.1(13)AY onwards. > > Not Supported > > Catalyst > 2948G/2980G<http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/6.3and6.4/configuration/guide/vlans.html> > > 6.2 > > Yes > > Not Supported > > Yes > > Catalyst > 2955<http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea2/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.1(6)EA2 onwards. > > Not Supported > > Catalyst > 2970<http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.2_25_se/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.1(11)AX onwards. > > Not Supported > > Catalyst > 2960<http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_25_see/configuration/guide/swtrafc.html> > > Not Supported > > Not Supported > > Yes. 12.2(25)FX and later. > > Not Supported > > Catalyst Express 500 > > Not Supported > > Not Supported > > Not Supported > > Not Supported > > > > http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml > > With regards > Kings > > On Thu, Jan 7, 2010 at 8:03 PM, Tyson Scott <[email protected]> wrote: > >> I thought you were asking about trunking between switches. Private VLAN >> support on a trunk port is not supported on the 3560's >> >> >> >> Regards, >> >> >> >> Tyson Scott - CCIE #13513 R&S, Security, and SP >> >> Technical Instructor - IPexpert, Inc. >> >> Mailto: [email protected] >> >> Telephone: +1.810.326.1444, ext. 208 >> >> Live Assistance, Please visit: www.ipexpert.com/chat >> >> eFax: +1.810.454.0130 >> >> >> >> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA >> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & >> Service Provider) Certification Training with locations throughout the >> United States, Europe and Australia. Be sure to check out our online >> communities at www.ipexpert.com/communities and our public website at >> www.ipexpert.com >> >> >> >> *From:* Kingsley Charles [mailto:[email protected]] >> *Sent:* Thursday, January 07, 2010 9:30 AM >> *To:* Tyson Scott >> *Cc:* [email protected] >> >> *Subject:* Re: [OSL | CCIE_Security] Private vlans >> >> >> >> Hi Tyson >> >> >> >> Please find the commands below. But I am not clear off where to use >> "switchport >> mode private-vlan trunk promiscuous" and >> >> "switchport mode private-vlan trunk secondary" >> >> >> >> Switch(config-if)# *switchport mode private-vlan trunk promiscuous* >> >> Switch(config-if)# *switchport private-vlan trunk native vlan 10* >> >> Switch(config-if)# *switchport private-vlan trunk allowed vlan 10, 3-4* >> >> Switch(config-if)# *switchport private-vlan mapping trunk 3 301, 302* >> >> >> >> >> >> >> Switch(config-if)# *switchport mode private-vlan trunk secondary* >> >> Switch(config-if)# *switchport private-vlan trunk native vlan 10* >> >> Switch(config-if)# *switchport private-vlan trunk allowed vlan 10. 3-4* >> >> Switch(config-if)# *switchport private-vlan association trunk 3 301*** >> >> >> >> >> http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/pvlans.html#wp1158145 >> >> >> >> >> >> >> >> With regards >> >> Kings >> >> >> >> >> >> >> >> On Thu, Jan 7, 2010 at 7:45 PM, Kingsley Charles < >> [email protected]> wrote: >> >> Hi Tyson >> >> >> >> I am not getting the commands but in the Cisco site, I saw that we have >> separate switchport trunking commands for primary and secondary vlans. >> >> >> >> I am still searching >> >> >> >> >> >> With regards >> >> Kings >> >> On Thu, Jan 7, 2010 at 7:40 PM, Tyson Scott <[email protected]> wrote: >> >> It is just as normal trunking. You just need to configure the VLAN's on >> each switch with the necessary perameters. >> >> >> >> Regards, >> >> >> >> Tyson Scott - CCIE #13513 R&S, Security, and SP >> >> Technical Instructor - IPexpert, Inc. >> >> Mailto: [email protected] >> >> Telephone: +1.810.326.1444, ext. 208 >> >> Live Assistance, Please visit: www.ipexpert.com/chat >> >> eFax: +1.810.454.0130 >> >> >> >> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA >> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & >> Service Provider) Certification Training with locations throughout the >> United States, Europe and Australia. Be sure to check out our online >> communities at www.ipexpert.com/communities and our public website at >> www.ipexpert.com >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Kingsley >> Charles >> *Sent:* Thursday, January 07, 2010 8:58 AM >> *To:* [email protected] >> *Subject:* Re: [OSL | CCIE_Security] Private vlans >> >> >> >> >> >> I have an understanding on PVLAN trunking but with some confusions. >> >> >> >> Can some please explain how does PVLAN trunking works and necessary >> commands to enable private primary and secondary vlan trunking. >> >> >> >> >> >> With regards >> >> Kingsley Charles >> >> >> >> >> >> >> >> On Thu, Jan 7, 2010 at 7:05 PM, Kingsley Charles < >> [email protected]> wrote: >> >> Hi all >> >> >> >> I am trying to configure private PVLANS. Here vlan 4 is the private vlan >> and 5,6 are secondary vlans. >> >> >> >> Please let me know, if the below configuration is fine: >> >> >> >> >> >> >> >> Switch(config)#vlan 4 >> Switch(config-vlan)#private-vlan primary >> >> >> Switch(config)#vlan 5 >> Switch(config-vlan)#private-vlan community >> >> >> Switch(config)#vlan 6 >> Switch(config-vlan)#private-vlan isolated >> >> >> Switch(config)#vlan 4 >> Switch(config-vlan)#private-vlan association 5-6 >> >> >> Switch(config)#int f0/1 >> Switch(config-if)#switchport mode private-vlan promiscuous >> Switch(config-if)#switchport private-vlan mapping 4 5-6 >> >> >> Switch(config)#int f0/2 >> Switch(config-if)#switchport mode private-vlan host >> Switch(config-if)#switchport private-vlan host-association 4 5 >> >> >> Switch(config)#int f0/3 >> Switch(config-if)#switchport mode private-vlan host >> Switch(config-if)#switchport private-vlan host-association 4 6 >> >> >> Switch(config)#int vlan 4 >> Switch(config-if)#private-vlan mapping 4 5-6 >> >> >> >> >> >> With regards >> >> Kingsley Charles >> >> >> >> >> >> >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > -- Bryan Bartik CCIE #23707 (R&S, SP), CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
