[c-nsp] Trunking Private VLANs on 6509

Pavel Skovajsa pavel.skovajsa at gmail.com
Sun Mar 4 12:12:24 EST 2012 

Hi,

indeed there is no option for 'Private Vlan Trunk' on a 6500 nowdays. Some
time ago this was possible with CatOS but somehow the support for this did
not get into Native IOS. The only real 'solution' is to use some loopback
cables that 'translate' the incoming dot1q tag. Obviously you would need
twice as many ports as there are vlans for this this, so I would not call
it a solution.

Alternatively if you have the possibility to configure private vlans on the
other switches, you can simply trunk the private vlans using a normal
'switchport mode trunk' on 6500 and allowing both primary and secondary
over the trunk.

Hope it helps.
-pavel



On Fri, Mar 2, 2012 at 1:21 AM, Justin Krejci <jkrejci at usinternet.com>wrote:

> I am trying to trunk private vlans from a Cisco 6509 to some other
> switches. There does not appear to be a way to do this but it works
> great on a Cisco 4948. Does the 6509 not support doing this or is there
> something else needed to make this work?
>
> Here is some sample config.
>
> ############
> Cisco 4948
> ############
>
> vlan 850
>  private-vlan isolated
> vlan 851
>  private-vlan primary
>  private-vlan association 850
>
> interface GigabitEthernet1/34
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 850,900,910,911
>  switchport private-vlan trunk allowed vlan 850,900,910,911
>  switchport private-vlan association trunk 851 850
>  switchport private-vlan association trunk 901 900
>  switchport private-vlan association trunk 909 910
>  switchport private-vlan association trunk 912 911
>  switchport private-vlan association trunk 853 852
>  switchport mode private-vlan trunk
>
> interface Vlan851
>  ip address x.x.x.1 255.255.255.0
>  private-vlan mapping 850
>
>
>
> ############
> Cisco 6509
> Sup720-3BXL
> WS-X6748-GE-TX or WS-X6548-GE-TX
> IOS Version 12.2(33)SXI6 Advanced Enterprise
> ############
>
> vlan 850
>  private-vlan isolated
> vlan 851
>  private-vlan primary
>  private-vlan association 850
>
> interface GigabitEthernet1/1
> switchport trunk encapsulation dot1q
> (everything after this point errors out because "trunk" is not an option
> for any of these)
> switchport private-vlan trunk allowed vlan 850,900,910,911
> switchport private-vlan association trunk 851 850
> switchport private-vlan association trunk 901 900
> switchport private-vlan association trunk 909 910
> switchport private-vlan association trunk 912 911
> switchport private-vlan association trunk 853 852
> switchport mode private-vlan trunk
>
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list