[c-nsp] Private VLAN

Manaf Oqlah manafo at gmail.com
Mon Apr 21 09:48:10 EDT 2008 

Hi Abo Zaid,

I will choose option 2 because i want to separate hosts on layer 2 for
multiple VLANs but at the same time they should have the same network and
same gateway if it is possible.
it would be great if you can advice me with another scenario.

Regards,
Manaf

On Mon, Apr 21, 2008 at 4:37 PM, Ibrahim Abo Zaid <ibrahim.abozaid at gmail.com>
wrote:

>
> Hi Manaf
>
>
> as you know primary VLAN can have one isolated VLAN only but have multiple
> community VLANs , so we have 2 options here
>
> 1- make VLANs 200 and 300 isolated VLANs and create other primary VLAN say
> 110 so VLAN 200 has VLAN 100 as primary VLAN and VLAN 300 has VLAN 110 as
> primary
>
> 2- make either VLAN 200 or 300 isolated and the other community and both
> have the VLAN 100 as primary VLAN
>
> which one you will choose
>
>
> best regards
> --Abo Zaid
>
> On 4/21/08, Manaf Oqlah <manafo at gmail.com> wrote:
> >
> > yes they are on the same switch
> >
> > thanks a lot
> >
> > On Mon, Apr 21, 2008 at 3:54 PM, Ibrahim Abo Zaid <
> > ibrahim.abozaid at gmail.com> wrote:
> >
> > > Dear Manaf
> > >
> > >
> > > i assume all VLANs on the same switch , i will prepare a configuration
> > > template and send it shortly
> > >
> > >
> > > best luck :)
> > >
> > >
> > > Abo Zaid
> > >
> > >
> > > On 4/21/08, Manaf Oqlah <manafo at gmail.com> wrote:
> > > >
> > > > thank u Abo Zaid for the reply.
> > > >
> > > > what i want to do is to isolate vlans on L2 which they are sharing
> > > > the same primary VLAN, and at the same time, the hosts on these isolated
> > > > vlans can reach L3 ip address of the primary VLAN.
> > > >
> > > > it is like this
> > > >
> > > >              interface VLAN100
> > > >                          |
> > > > -------------VLAN100 (Primary)----------------
> > > >                          |
> > > > ---------------------------------------------------------
> > > >          |                                  |
> > > > VLAN200 (isolated)     VLAN300 (isolated)
> > > >
> > > >
> > > > On Mon, Apr 21, 2008 at 2:58 PM, Ibrahim Abo Zaid <
> > > > ibrahim.abozaid at gmail.com> wrote:
> > > >
> > > > > Hi Manaf
> > > > >
> > > > > what do u mean reach global vlan at L3 ? private VLAN provides L2
> > > > > isolation and L3 should be transparent i mean you can keep hosts ip planning
> > > > > and routing policy should match with the L2 topolgy after configuring
> > > > > private VLANs  .
> > > > >
> > > > > if you added more info about your problem or solution , it'd be
> > > > > better
> > > > >
> > > > >
> > > > > best regards
> > > > > --Abo Zaid
> > > > >
> > > > >
> > > > >
> > > > >  On 4/21/08, Manaf Oqlah <manafo at gmail.com> wrote:
> > > > >
> > > > > > I want to segregate traffic between some VLANs at layer 2 using
> > > > > > private but
> > > > > > still can reach the global vlan at layer 3.
> > > > > >
> > > > > > _______________________________________________
> > > > > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > > > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > > > > >
> > > > >
> > > > >
> > > >
> > >
> > >
> >
> >
>

More information about the cisco-nsp mailing list