Exactly Bryan, that was the scenario that I was talking about. PVLANs across switchres.
Can you please paste your configs. With regards Kings On Thu, Jan 7, 2010 at 9:20 PM, Bryan Bartik <[email protected]> wrote: > Charles, > > Not sure exactly what you mean but here is a scenario I was practicing > with, with no special configuration on the trunk between the 3560s. > > 2 devices in isolated vlan 101 ----> 3560 ----> 3560 -----> Router in > primary vlan 100 (with association to secondary vlan 101) > > The two devices could only communicate with the router and not each other. > > Is this the type of scenario you are talking about? > > > On Thu, Jan 7, 2010 at 7:42 AM, Kingsley Charles < > [email protected]> wrote: > >> H Tyson >> >> I too was in the same lines but the following surprised me and hence I am >> preparing for PVLANs :-( >> >> >> Catalyst Platform >> >> PVLAN Supported Minimum Software Version >> >> Isolated VLAN >> >> PVLAN Edge (Protected Port) >> >> Community VLAN >> >> Catalyst 6500/6000 - Hybrid mode (CatOS on Supervisor and Cisco IOSĀ® on >> MSFC)<http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a00800c8441.html> >> >> 5.4(1) on Supervisor and 12.0(7)XE1 on MSFC >> >> Yes >> >> Not Supported >> >> Yes >> >> Catalyst 6500/6000 - Native mode (Cisco IOSĀ® System software on both >> Supervisor and >> MSFC)<http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper09186a00800c8441.html> >> >> 12.1(8a)EX, 12.1(11b)E1 and later. >> >> Yes >> >> Not Supported >> >> Yes >> >> Catalyst 5500/5000 >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Catalyst 4500/4000 - >> CatOS<http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.1/configuration/guide/vlans.html#wp1028273> >> >> 6.2(1) >> >> Yes >> >> Not Supported >> >> Yes >> >> Catalyst 4500/4000 - Cisco >> IOS<http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/pvlans.html> >> >> 12.1(8a)EW >> >> Yes >> >> Not Supported >> >> Yes. 12.2(20)EW onwards. >> >> Catalyst >> 3550<http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.2_25_se/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.1(4)EA1 onwards. >> >> Not Supported >> >> Catalyst >> 2950<http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea2/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.0(5.2)WC1, 12.1(4)EA1 and later. >> >> Not Supported >> >> Catalyst >> 2900XL/3500XL<http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc5/swg/swports.html> >> >> Not Supported >> >> Not Supported >> >> Yes.12.0(5)XU (on 8MB switches only) onwards. >> >> Not Supported >> >> Catalyst 2948G-L3 / 4908G-L3 >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Catalyst 1900 >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Catalyst 8500 >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Catalyst >> 3560<http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_20_se/configuration/guide/swpvlan.html> >> >> 12.2(20)SE - EMI >> >> Yes >> >> Yes. 12.1(19)EA1 onwards. >> >> Yes >> >> Catalyst >> 3750<http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swpvlan.html> >> >> 12.2(20)SE - EMI >> >> Yes >> >> Yes. 12.1(11)AX onwards. >> >> Yes >> >> Catalyst 3750 >> Metro<http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/release/12.2_25_seg_seg1/configuration/guide/swpvlan.html> >> >> 12.2(25)EY - EMI >> >> Yes >> >> Yes. 12.1(14)AX onwards. >> >> Yes >> >> Catalyst >> 2940<http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.1(13)AY onwards. >> >> Not Supported >> >> Catalyst >> 2948G/2980G<http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/6.3and6.4/configuration/guide/vlans.html> >> >> 6.2 >> >> Yes >> >> Not Supported >> >> Yes >> >> Catalyst >> 2955<http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea2/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.1(6)EA2 onwards. >> >> Not Supported >> >> Catalyst >> 2970<http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.2_25_se/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.1(11)AX onwards. >> >> Not Supported >> >> Catalyst >> 2960<http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_25_see/configuration/guide/swtrafc.html> >> >> Not Supported >> >> Not Supported >> >> Yes. 12.2(25)FX and later. >> >> Not Supported >> >> Catalyst Express 500 >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> Not Supported >> >> >> >> http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml >> >> With regards >> Kings >> >> On Thu, Jan 7, 2010 at 8:03 PM, Tyson Scott <[email protected]> wrote: >> >>> I thought you were asking about trunking between switches. Private >>> VLAN support on a trunk port is not supported on the 3560's >>> >>> >>> >>> Regards, >>> >>> >>> >>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>> >>> Technical Instructor - IPexpert, Inc. >>> >>> Mailto: [email protected] >>> >>> Telephone: +1.810.326.1444, ext. 208 >>> >>> Live Assistance, Please visit: www.ipexpert.com/chat >>> >>> eFax: +1.810.454.0130 >>> >>> >>> >>> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA >>> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & >>> Service Provider) Certification Training with locations throughout the >>> United States, Europe and Australia. Be sure to check out our online >>> communities at www.ipexpert.com/communities and our public website at >>> www.ipexpert.com >>> >>> >>> >>> *From:* Kingsley Charles [mailto:[email protected]] >>> *Sent:* Thursday, January 07, 2010 9:30 AM >>> *To:* Tyson Scott >>> *Cc:* [email protected] >>> >>> *Subject:* Re: [OSL | CCIE_Security] Private vlans >>> >>> >>> >>> Hi Tyson >>> >>> >>> >>> Please find the commands below. But I am not clear off where to use >>> "switchport >>> mode private-vlan trunk promiscuous" and >>> >>> "switchport mode private-vlan trunk secondary" >>> >>> >>> >>> Switch(config-if)# *switchport mode private-vlan trunk promiscuous* >>> >>> Switch(config-if)# *switchport private-vlan trunk native vlan 10* >>> >>> Switch(config-if)# *switchport private-vlan trunk allowed vlan 10, 3-4* >>> >>> Switch(config-if)# *switchport private-vlan mapping trunk 3 301, 302* >>> >>> >>> >>> >>> >>> >>> Switch(config-if)# *switchport mode private-vlan trunk secondary* >>> >>> Switch(config-if)# *switchport private-vlan trunk native vlan 10* >>> >>> Switch(config-if)# *switchport private-vlan trunk allowed vlan 10. 3-4* >>> >>> Switch(config-if)# *switchport private-vlan association trunk 3 301*** >>> >>> >>> >>> >>> http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/pvlans.html#wp1158145 >>> >>> >>> >>> >>> >>> >>> >>> With regards >>> >>> Kings >>> >>> >>> >>> >>> >>> >>> >>> On Thu, Jan 7, 2010 at 7:45 PM, Kingsley Charles < >>> [email protected]> wrote: >>> >>> Hi Tyson >>> >>> >>> >>> I am not getting the commands but in the Cisco site, I saw that we have >>> separate switchport trunking commands for primary and secondary vlans. >>> >>> >>> >>> I am still searching >>> >>> >>> >>> >>> >>> With regards >>> >>> Kings >>> >>> On Thu, Jan 7, 2010 at 7:40 PM, Tyson Scott <[email protected]> wrote: >>> >>> It is just as normal trunking. You just need to configure the VLAN's on >>> each switch with the necessary perameters. >>> >>> >>> >>> Regards, >>> >>> >>> >>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>> >>> Technical Instructor - IPexpert, Inc. >>> >>> Mailto: [email protected] >>> >>> Telephone: +1.810.326.1444, ext. 208 >>> >>> Live Assistance, Please visit: www.ipexpert.com/chat >>> >>> eFax: +1.810.454.0130 >>> >>> >>> >>> IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA >>> (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & >>> Service Provider) Certification Training with locations throughout the >>> United States, Europe and Australia. Be sure to check out our online >>> communities at www.ipexpert.com/communities and our public website at >>> www.ipexpert.com >>> >>> >>> >>> *From:* [email protected] [mailto: >>> [email protected]] *On Behalf Of *Kingsley >>> Charles >>> *Sent:* Thursday, January 07, 2010 8:58 AM >>> *To:* [email protected] >>> *Subject:* Re: [OSL | CCIE_Security] Private vlans >>> >>> >>> >>> >>> >>> I have an understanding on PVLAN trunking but with some confusions. >>> >>> >>> >>> Can some please explain how does PVLAN trunking works and necessary >>> commands to enable private primary and secondary vlan trunking. >>> >>> >>> >>> >>> >>> With regards >>> >>> Kingsley Charles >>> >>> >>> >>> >>> >>> >>> >>> On Thu, Jan 7, 2010 at 7:05 PM, Kingsley Charles < >>> [email protected]> wrote: >>> >>> Hi all >>> >>> >>> >>> I am trying to configure private PVLANS. Here vlan 4 is the private vlan >>> and 5,6 are secondary vlans. >>> >>> >>> >>> Please let me know, if the below configuration is fine: >>> >>> >>> >>> >>> >>> >>> >>> Switch(config)#vlan 4 >>> Switch(config-vlan)#private-vlan primary >>> >>> >>> Switch(config)#vlan 5 >>> Switch(config-vlan)#private-vlan community >>> >>> >>> Switch(config)#vlan 6 >>> Switch(config-vlan)#private-vlan isolated >>> >>> >>> Switch(config)#vlan 4 >>> Switch(config-vlan)#private-vlan association 5-6 >>> >>> >>> Switch(config)#int f0/1 >>> Switch(config-if)#switchport mode private-vlan promiscuous >>> Switch(config-if)#switchport private-vlan mapping 4 5-6 >>> >>> >>> Switch(config)#int f0/2 >>> Switch(config-if)#switchport mode private-vlan host >>> Switch(config-if)#switchport private-vlan host-association 4 5 >>> >>> >>> Switch(config)#int f0/3 >>> Switch(config-if)#switchport mode private-vlan host >>> Switch(config-if)#switchport private-vlan host-association 4 6 >>> >>> >>> Switch(config)#int vlan 4 >>> Switch(config-if)#private-vlan mapping 4 5-6 >>> >>> >>> >>> >>> >>> With regards >>> >>> Kingsley Charles >>> >>> >>> >>> >>> >>> >>> >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> > > > -- > Bryan Bartik > CCIE #23707 (R&S, SP), CCNP > Sr. Support Engineer - IPexpert, Inc. > URL: http://www.IPexpert.com <http://www.ipexpert.com/> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
