From: Michy Eika (cciemaster@shingor.net)
Date: Sat Oct 14 2006 - 06:03:58 ART
Hi folks
I'm stuck in the issue related to SVI for Private VLAN. I configured as
below.
I was able to communicate with each other within same community(30) using
ping.
Naturally, I wasn't able to communicate within isolated domain.
Subsequently, I created SVI of VLAN10 and issued ping to the router in
secondary
domain(VL20,30) from SVI and vice versa. But it wasn't successful.
Does anybody know why?
TIA.
Michy
Primary VLAN:10
Secondary VLAN:20,30
Isolated :20
Community:30
CAT1#sh vl pri
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
10 20 isolated Fa0/2, Fa0/4
10 30 community Fa0/1, Fa0/5
CAT1#sh int private-vlan map
Interface Secondary VLAN Type
--------- -------------- -----------------
vlan10 20 isolated
vlan10 30 community
CAT1#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform
Port ID
R2 Fas 0/2 130 R S I 2811
Fas 0/0
R1 Fas 0/1 129 R S I 2811
Fas 0/0
R4 Fas 0/4 157 R S I 2811
Fas 0/0
R5 Fas 0/5 153 R S I 2811
Fas 0/0
CAT1#sh run
Building configuration...
Current configuration : 2551 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CAT1
!
!
no aaa new-model
vtp mode transparent
ip subnet-zero
no ip domain-lookup
!
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10
private-vlan primary
private-vlan association 20,30
!
vlan 20
private-vlan isolated
!
vlan 30
private-vlan community
!
vlan 40
!
!
interface FastEthernet0/1
switchport private-vlan host-association 10 30
switchport mode private-vlan host
!
interface FastEthernet0/2
switchport private-vlan host-association 10 20
switchport mode private-vlan host
!
interface FastEthernet0/3
!
interface FastEthernet0/4
switchport private-vlan host-association 10 20
switchport mode private-vlan host
!
interface FastEthernet0/5
switchport private-vlan host-association 10 30
switchport mode private-vlan host
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.0.0.10 255.255.255.0
private-vlan mapping 20,30
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
no login
line vty 5 15
no login
!
end
CAT1#deb ip pa
IP packet debugging is on
CAT1#p 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
00:09:11: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:12: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
full packet.
00:09:13: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:13: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
full packet.
00:09:15: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:15: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
full packet.
00:09:17: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:17: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
full packet.
00:09:19: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:19: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
full packet.
Success rate is 0 percent (0/5)
CAT1#p 10.0.0.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:
00:15:52: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:53: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
full packet.
00:15:54: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:54: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
full packet.
00:15:56: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:56: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
full packet.
00:15:58: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:58: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
full packet.
00:16:00: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:16:00: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
full packet.
Success rate is 0 percent (0/5)
CAT1#p 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
00:17:02: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:03: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
full packet.
00:17:04: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:04: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
full packet.
00:17:06: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:06: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
full packet.
00:17:08: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:08: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
full packet.
00:17:10: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:10: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
full packet.
Success rate is 0 percent (0/5)
CAT1#p 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
00:17:31: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:32: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
full packet.
00:17:33: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:33: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
full packet.
00:17:35: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:35: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
full packet.
00:17:37: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:37: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
full packet.
00:17:39: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:39: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
full packet.
Success rate is 0 percent (0/5)
CAT1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.10 - 0018.b974.52c1 ARPA Vlan10
Internet 10.0.0.2 8 0011.93fc.10bf ARPA Vlan10 pv 20
Internet 10.0.0.1 0 000a.b82c.7ed0 ARPA Vlan10 pv 30
Internet 10.0.0.4 2 000a.b86b.a388 ARPA Vlan10 pv 20
Internet 10.0.0.5 0 0018.737a.8510 ARPA Vlan10 pv 30
[R1 debug ip packet while CAT1 issued ping to R1]
R1#
*Oct 14 08:50:18.214: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0),
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:18.214: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:18.214: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:18.214: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending
*Oct 14 08:50:19.210: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0),
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:19.210: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1
(FastEthernet0/0), len 100, rcvd 3
R1#
*Oct 14 08:50:19.210: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:19.210: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending
R1#
*Oct 14 08:50:21.214: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0),
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:21.214: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:21.214: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:21.214: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending
R1#
*Oct 14 08:50:23.218: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0),
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:23.218: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:23.218: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:23.218: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending
R1#
*Oct 14 08:50:25.222: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0),
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:25.222: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:25.222: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:25.226: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending
R1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.10 2 0018.b974.52c1 ARPA FastEthernet0/0
Internet 10.0.0.1 - 000a.b82c.7ed0 ARPA FastEthernet0/0
[R1 issued ping to CAT1]
R1#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
*Oct 14 08:54:01.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:01.922: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending.
*Oct 14 08:54:03.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:03.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending.
*Oct 14 08:54:05.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:05.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending.
*Oct 14 08:54:07.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:07.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending.
*Oct 14 08:54:09.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:09.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0),
len 100, sending.
Success rate is 0 percent (0/5)
[R5 is almost same like R1 above.]
omitting
[R2 debug ip packet while CAT1 issued ping to R1]
R2#
*Oct 14 08:58:19.794: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0),
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:19.794: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:19.794: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:19.794: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending
R2#
*Oct 14 08:58:21.794: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0),
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:21.798: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:21.798: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:21.798: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending
R2#
*Oct 14 08:58:23.802: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0),
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:23.802: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:23.802: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:23.802: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending
R2#
*Oct 14 08:58:25.806: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0),
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:25.806: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:25.806: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:25.806: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending
R2#
*Oct 14 08:58:27.810: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0),
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:27.810: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:27.810: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:27.810: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending
[R2 issued ping to CAT1]
R2#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
*Oct 14 08:54:51.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:51.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending.
*Oct 14 08:54:53.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:53.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending.
*Oct 14 08:54:55.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:55.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending.
*Oct 14 08:54:57.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:57.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending.
*Oct 14 08:54:59.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:59.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0),
len 100, sending.
Success rate is 0 percent (0/5)
R2#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.10 9 0018.b974.52c1 ARPA FastEthernet1/0
Internet 10.0.0.2 - 0011.93fc.10bf ARPA FastEthernet1/0
[R4 is almost same like R2 above.]
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:05 ART