From: M Asif (masif1c383@rogers.com)
Date: Sun May 27 2007 - 10:27:06 ART
You need to configure your default gateway port as Promiscuous port.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpvlan.htm#wp1039067
----- Original Message -----
From: "Bit Gossip" <bit.gossip@chello.nl>
To: <ccielab@groupstudy.com>
Sent: Sunday, May 27, 2007 8:16 AM
Subject: [Bulk] private-vlan and SVI
> Group,
> I have configured basic private-vlan setup. My problem is that the host
> behind
> the isolated port fast1/0/43 can not ping the SVI interface Vlan28 on the
> same
> switch. How can i fix this?
> I guessed that even isolated hosts should be able to talk to the SVI
> because
> the SVI is their gateway as explained here:
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpv
> lan.htm#wp1038990
> Thanks,
> bit.
>
> vlan 28
> name VLAN_28
> private-vlan primary
> private-vlan association 281
> !
> vlan 281
> private-vlan isolated
> !
> interface FastEthernet1/0/43
> switchport access vlan 28
> switchport private-vlan host-association 28 281
> switchport mode private-vlan host
> speed 100
> duplex full
> spanning-tree portfast
> spanning-tree bpdufilter enable
> spanning-tree bpduguard enable
> !
> interface Vlan28
> ip address 183.1.28.7 255.255.255.0
> private-vlan mapping 281
> !
>
> Rack1SW1#show interfaces vlan28 private-vlan mapping
> Interface Secondary VLANs
> ---------
> --------------------------------------------------------------------
> vlan28 281
>
>
> Rack1SW1#show vlan private-vlan
>
> Primary Secondary Type Ports
> ------- --------- -----------------
> ------------------------------------------
> 28 281 isolated Fa1/0/7, Fa1/0/43
>
>
> Rack1SW1#show int f1/0/43 switchport
> Name: Fa1/0/43
> Switchport: Enabled
> Administrative Mode: private-vlan host
> Operational Mode: private-vlan host
> Administrative Trunking Encapsulation: negotiate
> Operational Trunking Encapsulation: native
> Negotiation of Trunking: Off
> Access Mode VLAN: 28 (primary)
> Trunking Native Mode VLAN: 1 (default)
> Administrative Native VLAN tagging: enabled
> Voice VLAN: none
> Administrative private-vlan host-association: 28 (VLAN_28) 281 (VLAN0281)
> Administrative private-vlan mapping: none
> Administrative private-vlan trunk native VLAN: none
> Administrative private-vlan trunk Native VLAN tagging: enabled
> Administrative private-vlan trunk encapsulation: dot1q
> Administrative private-vlan trunk normal VLANs: none
> Administrative private-vlan trunk private VLANs: none
> Operational private-vlan:
> 28 (VLAN_28) 281 (VLAN0281)
> Trunking VLANs Enabled: ALL
> Pruning VLANs Enabled: 2-1001
> Capture Mode Disabled
> Capture VLANs Allowed: ALL
>
> Protected: false
> Unknown unicast blocked: disabled
> Unknown multicast blocked: disabled
> Appliance trust: none
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.472 / Virus Database: 269.8.0/819 - Release Date: 5/26/2007
> 10:47 AM
This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:22 ART