RE: Private VLANs on the 6509's

From: Edward S. Desouza (edward_desouza@yahoo.com)
Date: Thu Feb 15 2001 - 22:49:31 EST


Hi Fabio,
  If two of your customer need to excahnge traffic,
both theese customers can be part of the same
"community" This is a secondary port that you
configure. Thus you make both the ports which need to
exchange traffic as commnity ports. THe community
ports can talk with each other and also with the
promiscous port.
     Yes, you can trunk the private vlans to another
switch. Have tested it out and works fine !

Rgds,
Edward
--- Fabio Ribas <fabio_ribas@optiglobe.com.br> wrote:
> Hi Edward,
>
> just one question, because I thought sometime ago on
> use private vlan and I
> didnīt.
> Do you know what happend if two customer, which are
> connected on the switch
> to the isolated vlan, want to exchange traffic with
> each other ? I think
> they canīt.
> Another thing, when we implement private vlan can we
> use trunk to export the
> pvlan the another switch ? I am asking because the
> domain is private not
> client or server.
>
> Regards,
> Fabio
>
> -----Original Message-----
> From: Edward S. Desouza
> [mailto:edward_desouza@yahoo.com]
> Sent: quinta-feira, 15 de fevereiro de 2001 02:48
> To: Rich Sena
> Cc: cisco-nsp@puck.nether.net
> Subject: Re: Private VLANs on the 6509's
>
>
> Hi,
> I finally got a soln :
>
>
> 1. Make A primary pVLAN
> 2. Create a secondary VLAN as isolated assign all
> ports on the switch to the isolated VLAN
> 3. Set port 15/1 as a promiscous port
>
>
> Now, each isolated VLAN can ping the default
> gateway.
> ( Since 15/1 is a prmiscous port )
>
> Each port cannot ping other ports on the switch due
> to
> isolated VLANs
>
> All other VLANs ( normal VLANS ) cann communicate
> with
> each of the isolated port the router ( since port
> 15/1
> ) is configured as a promiscous port.
>
>
> Tried it out and works fine. THe key was to set 15/1
> as a promiscous port !!!!!
> Rgds,
>
> Edward
>
> --- Rich Sena <ras@poppa.thick.net> wrote:
> >
> > Ed you just need to set a trunk between the
> > switches... since everyitng is
> > in a private vLAN it will have to be routed
> traffic
> > for any hosts on the
> > private segment to intercommunicate - i-e: they
> will
> > have to exchange at a
> > router or MSFC - not at layer 2
> >
> > On Feb 14, 2001 Edward S. Desouza reported:
> >
> > > Hi Guys,
> > > Have any of you implemented Private VLANs on
> > the
> > > 6500 series CISCO switches ? The documentation
> is
> > > pretty sketchy. I need to do the following :
> > >
> > >
> > >
> > >
> > > 1.Each Customer that co-locates in my IDC will
> be
> > > given an isolated port on the Primary VLAN ( at
> > the
> > > access layer )
> > >
> > > 2. The primary and secondary VLAN's will be
> > trunked
> > > through the MSFC to the distribution layer (
> also
> > ) a
> > > 6500 series.
> > >
> > > 3. Now, is where my problem starts. I need to
> > assign a
> > > promiscuos port on my distribution switch.
> > >
> > > Once I set up the promiscous port and assign it
> to
> > the
> > > primary vlan, do I create another VLAN and
> enable
> > > routing between the two VLANs ( primary vlan and
> > the
> > > new VLAN ? Even after doing so, othervlans in
> > other
> > > switch blocks cannot access the isolated ports
> > even
> > > after passing through the distribution switch.
> > >
> > >
> > > Would really appreciate if any of you guys have
> > some
> > > sample configs.
> > > Rgds,
> > > Edward
> > >
> > >
> > >
> > >
> __________________________________________________
> > > Do You Yahoo!?
> > > Get personalized email addresses from Yahoo!
> Mail
> > - only $35
> > > a year! http://personal.mail.yahoo.com/
> > >
> >
> > --
> > Rich Sena - ras@thick.net
> > ThickNET Consulting
> > "On the way to understanding; you understand, and
> > forget."
> >
>
>
> =====
> Edward S. Desouza
> 23/24 Manali 5,
> Evershine Nagar,
> Malad (W),
> Bombay 400064.
> Tel :9122-8886362
>
> __________________________________________________
> Do You Yahoo!?
> Get personalized email addresses from Yahoo! Mail -
> only $35
> a year! http://personal.mail.yahoo.com/

=====
Edward S. Desouza
23/24 Manali 5,
Evershine Nagar,
Malad (W),
Bombay 400064.
Tel :9122-8886362

__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:29 EDT