RE: private-vlan and SVI

From: Mike Kraus \(mikraus\) (mikraus@cisco.com)
Date: Thu Jun 14 2007 - 00:27:30 ART

• Next message: Pat More: "BGP route reachability in LAB"
• Previous message: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I mocked up this configuration, and my host on the isolated port was
able to ping the SVI.

I assume you tested connectivity prior to adding the private vlan? (To
verify no other parts of your configuration on the switch/host is
causing the problem.)

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Bit Gossip
Sent: Sunday, May 27, 2007 7:17 AM
To: ccielab@groupstudy.com
Subject: private-vlan and SVI

Group,
I have configured basic private-vlan setup. My problem is that the host
behind the isolated port fast1/0/43 can not ping the SVI interface
Vlan28 on the same switch. How can i fix this?
I guessed that even isolated hosts should be able to talk to the SVI
because the SVI is their gateway as explained here:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg
/swpv
lan.htm#wp1038990
Thanks,
bit.

vlan 28
 name VLAN_28
  private-vlan primary
  private-vlan association 281
!
vlan 281
  private-vlan isolated
!
interface FastEthernet1/0/43
 switchport access vlan 28
 switchport private-vlan host-association 28 281 switchport mode
private-vlan host speed 100 duplex full spanning-tree portfast
spanning-tree bpdufilter enable spanning-tree bpduguard enable !
interface Vlan28
 ip address 183.1.28.7 255.255.255.0
 private-vlan mapping 281
!

Rack1SW1#show interfaces vlan28 private-vlan mapping Interface Secondary
VLANs
---------
--------------------------------------------------------------------
vlan28 281

Rack1SW1#show vlan private-vlan

Primary Secondary Type Ports
------- --------- -----------------
------------------------------------------
28 281 isolated Fa1/0/7, Fa1/0/43

Rack1SW1#show int f1/0/43 switchport
Name: Fa1/0/43
Switchport: Enabled
Administrative Mode: private-vlan host
Operational Mode: private-vlan host
Administrative Trunking Encapsulation: negotiate Operational Trunking
Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 28
(primary) Trunking Native Mode VLAN: 1 (default) Administrative Native
VLAN tagging: enabled Voice VLAN: none Administrative private-vlan
host-association: 28 (VLAN_28) 281 (VLAN0281) Administrative
private-vlan mapping: none Administrative private-vlan trunk native
VLAN: none Administrative private-vlan trunk Native VLAN tagging:
enabled Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none Administrative
private-vlan trunk private VLANs: none Operational private-vlan:
  28 (VLAN_28) 281 (VLAN0281)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

• Next message: Pat More: "BGP route reachability in LAB"
• Previous message: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART