[c-nsp] PVLAN support

Maik Bachmann maik at Ironmaik.COM
Fri Nov 12 09:25:35 EST 2004


On Fri, Nov 12, 2004 at 08:12:35AM -0600, Mike Bacher wrote:
> I've been reading up on ways to use dot1q VLANs to isolate our Co-lo customers 
> from one another (they are currently sharing the same subnet).  I came across an 
> interesting Cisco feature called PVLAN (Private VLAN) that seems to be an 
> alternative to doing dot1q and might work better in our environment.
> 
> My question is, what are the pros/cons of using PVLAN vs dot1q?  Also, I've seen 
> conflicting data on what Cisco switches support PLVAN -- one document:
> 
> http://www.cisco.com/warp/public/473/90.shtml
> 
> ..says that it is supported in the 2948G-L3,
> 
> "PVLANs are available on the Catalyst 6000 running CatOS 5.4 or later, on the 
> Catalyst 4000, 2980G, 2980G-A, 2948G, and 4912G running CatOS 6.2 or later"
> 
> but another:
> 
> http://www.cisco.com/warp/public/473/63.html
> 
> ..says it isn't..


I tested it on the Cat65K with success but there is one drawback to take
into account.

It has been possible to flood all isolated ports when initiating the traffic
from the promiscous port - after long discussion this has been agreed by 
Cisco tech stuff. I don't know if the status is fixed for this problem
now.

---Maik

> 
> -- 
> 
> -----------------------------------------
> Mike Bacher / isp-list at tulsaconnect.com
> TCIS - TulsaConnect Internet Services
> Phone: 918-584-1100x110 Fax: 918-582-5776
> -----------------------------------------
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
_/ Maik Bachmann ---------------- secnetix GmbH & Co KG
_/ Oettingenstr. 2 -------------- D-80538 Muenchen
_/ Tel(priv.): +49-8093-2962 ---- Mobil: +49-172-8305649
_/ Email: bachmann at secnetix.de -- IRC: IronMaik 
_/ PGP KeyID: F7A67E11 ---------- PGP Fingerprint:
_/ CA 3B AA EB 7F 6F 7D 7A  54 D4 AA 01 82 8E 32 9C
_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/


More information about the cisco-nsp mailing list