[c-nsp] Private VLANS w/ Promiscuous port a trunk port?

Christian Koch christian at broknrobot.com
Tue Jul 15 21:01:18 EDT 2008


i am not sure i am correct, but i thought the 'other' side of the trunk had
to support PVLAN's as well...

can anyone clarify if thats wrong or right?

ck

On Tue, Jul 15, 2008 at 3:37 PM, Rafael Rodriguez <Rafael.Rodriguez at msmc.com>
wrote:

> Hello all,
>
> I am trying to figure out if the following will work:
>
> Have a 6500 w/ sup2/msfc2 Native IOS.
> Would like to configure some ports as Isolated Private VLAN ports.
> These Isolated ports need to only speak to a 802.1q trunk port I have.
> I believe I can't configure this 802.1q trunk port as a .1q trunk and a
> Promiscuous port "switchport mode private-vlan promiscuous" at the same
> time (its either "switchport mode trunk" or switchport mode priavte-vlan
> promiscuous" - not both).
> The .1q trunk port will carry lots of other VLANS. Behind this .1q trunk
> port will be the L3 device responsible for the L3 portion of the Private
> VLAN.
>
> I need to make sure the Private VLAN can talk to the L3 device behind
> the .1q trunk port... The .1q trunk port is kind of like a
> router-on-a-stick.
>
> # VID 100 Private VLAN
> # VID 101 Isolated VLAN
>
> vlan 100
>  private-vlan primary
>
> vlan 101
>  private-vlan isolated
>
> vlan 100
>  priavte-vlan association 101
>
> interface GigabitEthernet1/1
>  switchport
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 100-200
>  switchport mode trunk
>  no ip address
>  load-interval 30
>  spanning-tree portfast trunk
>
> interface GigabitEthernet1/2
>  switchport
>  switchport mode private-vlan host
>  switchport private-vlan host-association 100 101
>  spanning-tree portfast
>
> Will something like that work?
>
> Cheers,
>
> RR
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



-- 
^christian$


More information about the cisco-nsp mailing list