From: Bit Gossip (bit.gossip@chello.nl)
Date: Sun May 27 2007 - 13:03:39 ART
That is the all point: a promiscuos port is a L2 port while the SVI is L3
so how can you configure it as promiscuous?
Thanks,
bit
----- Original Message -----
From: "M Asif" <masif1c383@rogers.com>
To: <ccielab@groupstudy.com>
Sent: Sunday, May 27, 2007 3:27 PM
Subject: Re: [Bulk] private-vlan and SVI
> You need to configure your default gateway port as Promiscuous port.
>
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpvlan.htm#wp1039067
>
>
> ----- Original Message -----
> From: "Bit Gossip" <bit.gossip@chello.nl>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, May 27, 2007 8:16 AM
> Subject: [Bulk] private-vlan and SVI
>
>
>> Group,
>> I have configured basic private-vlan setup. My problem is that the host
>> behind
>> the isolated port fast1/0/43 can not ping the SVI interface Vlan28 on the
>> same
>> switch. How can i fix this?
>> I guessed that even isolated hosts should be able to talk to the SVI
>> because
>> the SVI is their gateway as explained here:
>> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpv
>> lan.htm#wp1038990
>> Thanks,
>> bit.
>>
>> vlan 28
>> name VLAN_28
>> private-vlan primary
>> private-vlan association 281
>> !
>> vlan 281
>> private-vlan isolated
>> !
>> interface FastEthernet1/0/43
>> switchport access vlan 28
>> switchport private-vlan host-association 28 281
>> switchport mode private-vlan host
>> speed 100
>> duplex full
>> spanning-tree portfast
>> spanning-tree bpdufilter enable
>> spanning-tree bpduguard enable
>> !
>> interface Vlan28
>> ip address 183.1.28.7 255.255.255.0
>> private-vlan mapping 281
>> !
>>
>> Rack1SW1#show interfaces vlan28 private-vlan mapping
>> Interface Secondary VLANs
>> ---------
>> --------------------------------------------------------------------
>> vlan28 281
>>
>>
>> Rack1SW1#show vlan private-vlan
>>
>> Primary Secondary Type Ports
>> ------- --------- -----------------
>> ------------------------------------------
>> 28 281 isolated Fa1/0/7, Fa1/0/43
>>
>>
>> Rack1SW1#show int f1/0/43 switchport
>> Name: Fa1/0/43
>> Switchport: Enabled
>> Administrative Mode: private-vlan host
>> Operational Mode: private-vlan host
>> Administrative Trunking Encapsulation: negotiate
>> Operational Trunking Encapsulation: native
>> Negotiation of Trunking: Off
>> Access Mode VLAN: 28 (primary)
>> Trunking Native Mode VLAN: 1 (default)
>> Administrative Native VLAN tagging: enabled
>> Voice VLAN: none
>> Administrative private-vlan host-association: 28 (VLAN_28) 281 (VLAN0281)
>> Administrative private-vlan mapping: none
>> Administrative private-vlan trunk native VLAN: none
>> Administrative private-vlan trunk Native VLAN tagging: enabled
>> Administrative private-vlan trunk encapsulation: dot1q
>> Administrative private-vlan trunk normal VLANs: none
>> Administrative private-vlan trunk private VLANs: none
>> Operational private-vlan:
>> 28 (VLAN_28) 281 (VLAN0281)
>> Trunking VLANs Enabled: ALL
>> Pruning VLANs Enabled: 2-1001
>> Capture Mode Disabled
>> Capture VLANs Allowed: ALL
>>
>> Protected: false
>> Unknown unicast blocked: disabled
>> Unknown multicast blocked: disabled
>> Appliance trust: none
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.472 / Virus Database: 269.8.0/819 - Release Date: 5/26/2007
>> 10:47 AM
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:22 ART