From: Joseph Saad (joseph.samir.saad@gmail.com)
Date: Thu Dec 13 2007 - 10:56:26 ART
Private Vlan can work across multiple switches. VACL's work on the same
switch only.
I'd suggest that you go through config guide for both Private VLAN and
Switch Access list of the 3560.
Joseph.
On Dec 13, 2007 5:09 PM, Dane Newman <dnewman@datasc.com> wrote:
> Can someone explain when to use each in different situations?
>
> From what I understand private vlans are used to prevent hosts from
> communicating with each other in the same vlan. We can put them in
> communities so they an talk to each other in the same community and the
> primary vlan or isolate them so they can only talk to the primary vlan.
>
> From what I understand we can use the vlan filter command to attach a vlan
> access-map to the vlan which works like a route map doing top down
> matching
> till it finds a hit.
>
> It strikes me we can use them both to accomplish the same goals if Im not
> wrong but you can be more specific in what kind of traffic can communicate
> with the VACL? Is this a ok assumption to say we need to use VACL if we
> want to match specific traffic ? I'm just alittle confused when to pick
> what method? Can someone clarify when to use what?
>
> Dane
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jan 01 2008 - 12:04:30 ARST