Kingsley,
Have you worked thru Lab 17 or 20 from the workbook yet? Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com> www.ipexpert.com From: Kingsley Charles [mailto:[email protected]] Sent: Thursday, January 07, 2010 9:43 AM To: Tyson Scott Cc: [email protected] Subject: Re: [OSL | CCIE_Security] Private vlans H Tyson I too was in the same lines but the following surprised me and hence I am preparing for PVLANs :-( Catalyst Platform PVLAN Supported Minimum Software Version Isolated VLAN PVLAN Edge (Protected Port) Community VLAN Catalyst <http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white _paper09186a00800c8441.html> 6500/6000 - Hybrid mode (CatOS on Supervisor and Cisco IOSR on MSFC) 5.4(1) on Supervisor and 12.0(7)XE1 on MSFC Yes Not Supported Yes Catalyst <http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white _paper09186a00800c8441.html> 6500/6000 - Native mode (Cisco IOSR System software on both Supervisor and MSFC) 12.1(8a)EX, 12.1(11b)E1 and later. Yes Not Supported Yes Catalyst 5500/5000 Not Supported Not Supported Not Supported Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.1/configuration /guide/vlans.html#wp1028273> 4500/4000 - CatOS 6.2(1) Yes Not Supported Yes Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configu ration/guide/pvlans.html> 4500/4000 - Cisco IOS 12.1(8a)EW Yes Not Supported Yes. 12.2(20)EW onwards. Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/ 12.2_25_se/configuration/guide/swtrafc.html> 3550 Not Supported Not Supported Yes. 12.1(4)EA1 onwards. Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/ 12.1_22_ea2/configuration/guide/swtrafc.html> 2950 Not Supported Not Supported Yes. 12.0(5.2)WC1, 12.1(4)EA1 and later. Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release1 2.0_5_wc5/swg/swports.html> 2900XL/3500XL Not Supported Not Supported Yes.12.0(5)XU (on 8MB switches only) onwards. Not Supported Catalyst 2948G-L3 / 4908G-L3 Not Supported Not Supported Not Supported Not Supported Catalyst 1900 Not Supported Not Supported Not Supported Not Supported Catalyst 8500 Not Supported Not Supported Not Supported Not Supported <http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/ 12.2_20_se/configuration/guide/swpvlan.html> Catalyst 3560 12.2(20)SE - EMI Yes Yes. 12.1(19)EA1 onwards. Yes Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/ 12.2_25_see/configuration/guide/swpvlan.html> 3750 12.2(20)SE - EMI Yes Yes. 12.1(11)AX onwards. Yes Catalyst <http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/relea se/12.2_25_seg_seg1/configuration/guide/swpvlan.html> 3750 Metro 12.2(25)EY - EMI Yes Yes. 12.1(14)AX onwards. Yes Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/ 12.1_19_ea1/configuration/guide/swtrafc.html> 2940 Not Supported Not Supported Yes. 12.1(13)AY onwards. Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/6.3and6.4/configu ration/guide/vlans.html> 2948G/2980G 6.2 Yes Not Supported Yes Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/ 12.1_22_ea2/configuration/guide/swtrafc.html> 2955 Not Supported Not Supported Yes. 12.1(6)EA2 onwards. Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/ 12.2_25_se/configuration/guide/swtrafc.html> 2970 Not Supported Not Supported Yes. 12.1(11)AX onwards. Not Supported Catalyst <http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/ 12.2_25_see/configuration/guide/swtrafc.html> 2960 Not Supported Not Supported Yes. 12.2(25)FX and later. Not Supported Catalyst Express 500 Not Supported Not Supported Not Supported Not Supported http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note0918 6a0080094830.shtml With regards Kings On Thu, Jan 7, 2010 at 8:03 PM, Tyson Scott <[email protected]> wrote: I thought you were asking about trunking between switches. Private VLAN support on a trunk port is not supported on the 3560's Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: Kingsley Charles [mailto:[email protected]] Sent: Thursday, January 07, 2010 9:30 AM To: Tyson Scott Cc: [email protected] Subject: Re: [OSL | CCIE_Security] Private vlans Hi Tyson Please find the commands below. But I am not clear off where to use "switchport mode private-vlan trunk promiscuous" and "switchport mode private-vlan trunk secondary" Switch(config-if)# switchport mode private-vlan trunk promiscuous Switch(config-if)# switchport private-vlan trunk native vlan 10 Switch(config-if)# switchport private-vlan trunk allowed vlan 10, 3-4 Switch(config-if)# switchport private-vlan mapping trunk 3 301, 302 Switch(config-if)# switchport mode private-vlan trunk secondary Switch(config-if)# switchport private-vlan trunk native vlan 10 Switch(config-if)# switchport private-vlan trunk allowed vlan 10. 3-4 Switch(config-if)# switchport private-vlan association trunk 3 301 http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configu ration/guide/pvlans.html#wp1158145 With regards Kings On Thu, Jan 7, 2010 at 7:45 PM, Kingsley Charles <[email protected]> wrote: Hi Tyson I am not getting the commands but in the Cisco site, I saw that we have separate switchport trunking commands for primary and secondary vlans. I am still searching With regards Kings On Thu, Jan 7, 2010 at 7:40 PM, Tyson Scott <[email protected]> wrote: It is just as normal trunking. You just need to configure the VLAN's on each switch with the necessary perameters. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Thursday, January 07, 2010 8:58 AM To: [email protected] Subject: Re: [OSL | CCIE_Security] Private vlans I have an understanding on PVLAN trunking but with some confusions. Can some please explain how does PVLAN trunking works and necessary commands to enable private primary and secondary vlan trunking. With regards Kingsley Charles On Thu, Jan 7, 2010 at 7:05 PM, Kingsley Charles <[email protected]> wrote: Hi all I am trying to configure private PVLANS. Here vlan 4 is the private vlan and 5,6 are secondary vlans. Please let me know, if the below configuration is fine: Switch(config)#vlan 4 Switch(config-vlan)#private-vlan primary Switch(config)#vlan 5 Switch(config-vlan)#private-vlan community Switch(config)#vlan 6 Switch(config-vlan)#private-vlan isolated Switch(config)#vlan 4 Switch(config-vlan)#private-vlan association 5-6 Switch(config)#int f0/1 Switch(config-if)#switchport mode private-vlan promiscuous Switch(config-if)#switchport private-vlan mapping 4 5-6 Switch(config)#int f0/2 Switch(config-if)#switchport mode private-vlan host Switch(config-if)#switchport private-vlan host-association 4 5 Switch(config)#int f0/3 Switch(config-if)#switchport mode private-vlan host Switch(config-if)#switchport private-vlan host-association 4 6 Switch(config)#int vlan 4 Switch(config-if)#private-vlan mapping 4 5-6 With regards Kingsley Charles
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
