[c-nsp] What is "pv" in "show ip arp"?
Matt Buford
matt at overloaded.net
Fri Feb 22 14:06:45 EST 2008
> Yeah that doesn't ring a bell either. It's a very simple config:
>
> 10 VLANs,
> 2 SVIs
> 1 default-gateway
> 1 TAC+ server
> 1 TAC+ source-interface
> vlan dot1q tag native
> 1 dot1q trunk port (uplink)
> 8 access ports in each their VLANs
>
"sh run int vlan15". Are you sure you don't have private vlans on?
The pv does mean private vlan. It takes 2 VLANs working together to
make one private VLAN.
For reference, here is an example using private vlans:
vlan 31
name backup-customers-primary
private-vlan primary
private-vlan association 32
!
vlan 32
name backup-customers-isolated
private-vlan isolated
interface Vlan31
description backup-customers-pvlan
ip address 192.168.64.2 255.255.240.0
no ip redirects
no ip unreachables
no ip proxy-arp
private-vlan mapping 32
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.68.86 167 0012.7991.4823 ARPA Vlan31 pv 32
Internet 192.168.75.19 9 001c.c412.d62a ARPA Vlan31 pv 32
Internet 192.168.67.23 255 0011.85d5.f77f ARPA Vlan31 pv 32
Internet 192.168.64.3 14 0011.5d7f.ec09 ARPA Vlan31
The first 3 IPs are connected to "isolated" switch ports. These
clients are not able to communicate at layer 2 at all. The 4th IP in
the ARP table is on a "promiscuous" port, which is allowed to talk to
everyone in the private VLAN.
More information about the cisco-nsp
mailing list