Re: Private vlan Question.

From: Alexei Monastyrnyi (alexeim@orcsoftware.com)
Date: Wed Mar 22 2006 - 05:39:48 GMT-3

• Next message: PhiL: "Re: FALLBACK BRIDGING made me mad today"
• Previous message: KC: "FALLBACK BRIDGING made me mad today"
• Maybe in reply to: Nadeem Lughmani: "Private vlan Question."
• Next in thread: Nadeem Lughmani: "RE: Private vlan Question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

In my reading it is a sort of extension for isolated to form a community
within which one can communicate with one another + promiscuous port.

Example
Community VLAN 12 - 3 hosts (A,B,C)
Community VLAN 13 - 2 hosts (D,E)
Promiscuous VLAN 14 - 1 host (F)

All those hosts share the same IP subnet, say 11.11.14.0/24

Allowed communications
between any of A,B,C,F
between any of D,E,F

Disallowed communications
any of A,B,C <-X-> any of D,E

In other words VLAN 12 and 13 are a sort of sub-VLANs for one logical
(from IP addressing standpoint) VLAN 12+13+14, sub-VLANs that cannot
reach each other via L2 though they share the same subnet.

Hope it was not very brain exhausting. :-)

A.

on 22/03/2006 02:49 Nadeem Lughmani wrote:
> Hi All,
>
> To understand Private vlans one needs to understand Primary and Secondary
> vlans. Secondary vlans can be of two types
>
> Isolated- Any switch ports associated with an isolated VLAN can reach the
> primary VLAN but not any other secondary VLAN. In addition, hosts associated
> with the same isolated VLAN cannot reach each other. They are, in effect,
> isolated from everything except the primary VLAN.
>
> Community- Any switch ports associated with a common community VLAN can
> communicate with each other and with the primary VLAN but not with any other
> secondary VLAN. This provides the basis for server farms and workgroups
> within an organization, while giving isolation between organizations.
>
>
>
> I understand the logic behind the Isolated, but Community seems to be just
> like any other (normal) vlan, where hosts within a vlan can communicate with
> each other at layer2
>
> If you have better explanation, why community was required , please let me
> know.
>
>
> Thanks
> Nadeem
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: PhiL: "Re: FALLBACK BRIDGING made me mad today"
• Previous message: KC: "FALLBACK BRIDGING made me mad today"
• Maybe in reply to: Nadeem Lughmani: "Private vlan Question."
• Next in thread: Nadeem Lughmani: "RE: Private vlan Question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:39 GMT-3