From: Toh Soon, Lim (tohsoon28@gmail.com)
Date: Tue Aug 21 2007 - 04:47:03 ART
Hi All,
I'm configuring Private VLAN on a Catalyst 3560. It has the following
config:
* VTP transparent mode
* VLAN20 - Primary VLAN
* VLAN21 - Secondary isolated VLAN associated to VLAN20
* SVI Vlan20 - mapped to VLAN21
Two hosts are connected to the switch. The port config is as follows:
!
interface GigabitEthernet0/x
switchport private-vlan host-association 20 21
switchport mode private-vlan host
spanning-tree portfast
!
True enough, they can't ping to each other but each can ping to the SVI. And
the Cat3560 can ping to both hosts.
I want to extend the PVLAN to another Catalyst 3560 which I trunk to the
first Cat3560. I configured the second Cat3560 exactly the same as the
first. Then set up an ordinary dot1q trunk between them (I even do an LACP
etherchannel for the fun of it).
Connect two hosts to the second switch. Again, I got an expected result. All
4 hosts can't ping to each other but each can ping to the SVI. My question,
is this supposed to be the correct way of extending PVLAN? Second question,
what are the things to watch out for if I'm extending PVLAN to a non-Cisco
switch, e.g. Nortel?
Appreciate it if you have any live experience that you can share with us.
Thank you.
B.Rgds,
Lim TS
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:12 ART