[c-nsp] PVLANs in a Hosting Environment

Saxon Jones saxon.jones at gmail.com
Fri Feb 26 11:22:30 EST 2010

We used to use (at a previous job) 3550's, private VLAN's, and
local-proxy-arp to achieve this. It would occasionally irritate customers
because our 3550 would win the ARP response for traffic going between their
hosts, though this usually wasn't an issue since we'd happily push those
few customers to a dedicated VLAN.


On 26 February 2010 05:59, Matthew Melbourne <matt at melbourne.org.uk> wrote:

> Hi,
> We are investigating options to provide a "VLAN-per-customer" within a
> hosting environment. Inside each VLAN could be hosting services, e.g.
> hosted web servers, AD, Exchange (etc). In order to maximum the number
> of supported VLANs, then the use of Private VLANs has been raised.
> However, although L2 isolation is desirable between customers
> (effectively a PVLAN community), there may be a requirement to
> communicate at L3 (e.g. one customer accessing the web site of
> another). A classical VLAN per customer would utilise more address
> space than a PVLAN and would require an SVI per customer. What do
> others do in this type of environment? We would want to offer
> additional services going forward, e.g. firewalling/load-balancing
> which may have implications for PVLAN awareness. A number of services
> may well be hosted within a virtual environment, and it is my
> understanding that all devices need to support PVLANs including
> virtual switches within any VMware/HyperV-like server environment?
> Cheers,
> Matt
> --
> Matthew Melbourne
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list