From: Petr Lapukhov (petr@internetworkexpert.com)
Date: Tue Oct 31 2006 - 04:02:10 ART
No, you just configure router link as an "access" link in VLAN 100
(primary).
You don't need any subinterfaces, and no tagged frames should reach the
router.
Remember, all nodes share *same* subnet, and *same* primary VLAN
in essense. It's just level 2 that makes difference, though this is
transparent
to end devices (in sense they don't see "additional" VLANs)
interface fa x/y
description == Link to router
switchport mode private-vlan promisc
switchport private-vlan mapping 100 add 10 , 20 , 30
You only need trunks to transport private VLANs between switches.
HTH
2006/10/31, Adhu Ajit <adhu_ajit@yahoo.com>:
>
> Folks, let's say that VLANs 10 and 30 are community VLANs and VLAN 20 is a
> isolated VLAN. They all use VLAN 100 as the main VLAN to reach the router.
> (In other words, the promisicuous port on the switch is part of VLAN 100 and
> VLANs 10, 20 and 30 are mapped to 100)
>
> When I configure the dot1q trunk interface on the router, I'm assuming
> that I would create one sub-interface each for VLAN 10, 20, 30 and 100.
>
> Any caveats/gotchas that I should know about ?
>
> Thanks in advance.
>
>
>
> ---------------------------------
> Everyone is raving about the all-new Yahoo! Mail.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Petr Lapukhov, CCIE #16379 petr@internetworkexpert.comInternetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-224-8987 Outside US: 775-826-4344
This archive was generated by hypermail 2.1.4 : Wed Nov 01 2006 - 07:29:07 ART