RE: quick private vlan question

From: Mike Kraus \(mikraus\) (mikraus@cisco.com)
Date: Fri Jun 15 2007 - 14:28:06 ART

• Next message: Mike Kraus \(mikraus\): "RE: RIPv2 summary-address problem."
• Previous message: Mike Kraus \(mikraus\): "RE: RIPv2 summary-address problem."
• Maybe in reply to: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Next in thread: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

3560swt001(config)#vlan 850
3560swt001(config-vlan)# private-vlan primary
3560swt001(config-vlan)#vlan 851
3560swt001(config-vlan)# private-vlan isolated
3560swt001(config-vlan)#vlan 850
3560swt001(config-vlan)# private-vlan association 851
3560swt001(config-vlan)#vlan 860
3560swt001(config-vlan)# private-vlan primary
3560swt001(config-vlan)# private-vlan association 851
%Command rejected: invalid private vlan association between vlan860 and
vlan851. VLAN 851 is already associated with VLAN 850.

So, as the docs state: "An isolated or community VLAN can have only one
primary VLAN associated with it. "

________________________________

From: Anthony Bonilla [mailto:anthonybonilla.ccie@gmail.com]
Sent: Friday, June 15, 2007 10:08 AM
To: Mike Kraus (mikraus)
Cc: roehsler; ccielab@groupstudy.com
Subject: Re: quick private vlan question

can you share the whole configs - what is vlan851 configured as?

On 6/13/07, Mike Kraus (mikraus) <mikraus@cisco.com> wrote:

        Doesn't let you do it:

        Switch(config-vlan)#private-vlan association 851
        %Command rejected: invalid private vlan association between
vlan860 and
        vlan851. VLAN 851 is already associated with VLAN 850.

        (3560 running 12.2(35)SE, advanced IP services)

        -----Original Message-----
        From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf Of
        roehsler
        Sent: Thursday, May 03, 2007 9:39 AM
        To: Anthony Bonilla
        Cc: ccielab@groupstudy.com
        Subject: Re: quick private vlan question

        Hi,

        Are you sure? Sorry for the confusion but I just read:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg

        /swpvlan.htm

        Which states:

        A primary VLAN can have one isolated VLAN and multiple community
VLANs
        associated with it. An isolated or community VLAN can have only
one
        primary VLAN associated with it.

        Thanks again.

        On 5/3/07, Anthony Bonilla <anthonybonilla.ccie@gmail.com>
wrote:
> Yes, you can use the same number for isolated VLANs and they
will
> still not be able to talk to each other. Thanks.
>
>
>
> On 5/3/07, roehsler <roehsler@gmail.com> wrote:
> > Hi,
> >
> > Lets say I have multiple primary vlans:
> >
> > vlan_2
> > vlan_3
> > vlan_4
> >
> > And I have one isloated vlan:
> >
> > vlan_10
> >
> > Can I use the same isolated vlan in each/all of my primary
vlans? I
> > think the answer is yes.
> >
> > Thanks
> >
> > David
> >
> >
>

• Next message: Mike Kraus \(mikraus\): "RE: RIPv2 summary-address problem."
• Previous message: Mike Kraus \(mikraus\): "RE: RIPv2 summary-address problem."
• Maybe in reply to: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Next in thread: Mike Kraus \(mikraus\): "RE: quick private vlan question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART