Re: private vlan

From: A.G. Ananth Sarma (GMail) (ananth.sarma@gmail.com)
Date: Sun May 18 2008 - 16:36:17 ART

• Next message: Luan Nguyen: "Re: Security lab Rack Rental InternetworkExpert topology"
• Previous message: Dane Newman: "Re: Security lab Rack Rental InternetworkExpert topology"
• Maybe in reply to: sathappan sathappan: "private vlan"
• Next in thread: sathappan sathappan: "Re: private vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear Sathappan,

Look at this cisco links:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/pvlans.html

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_44_se/configuration/guide/swpvlan.html

*This example shows how to configure an interface as a private-VLAN host
port, associate it with a private-VLAN pair, and verify the configuration:*

Switch# *configure terminal*

Switch(config)# *interface fastethernet0/22*

Switch(config-if)# *switchport mode private-vlan host*

Switch(config-if)# *switchport private-vlan host-association 20 25*

Switch(config-if)# *end*

Switch# *show interfaces fastethernet0/22 switchport*

Name: Fa0/22

Switchport: Enabled

Administrative Mode: private-vlan host

Operational Mode: private-vlan host

Administrative Trunking Encapsulation: negotiate

Operational Trunking Encapsulation: native

Negotiation of Trunking: Off

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabled

Voice VLAN: none

Administrative private-vlan host-association: 20 (VLAN0020) 25 (VLAN0025)

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk Native VLAN tagging: enabled

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan:

20 (VLAN0020) 25 (VLAN0025

They do not mention about explictly removing the line "switchport access
vlan 28".

I feel that once you enter "Switch(config-if)# *switchport mode private-vlan
host" *command, it will recognize it automatically.

I am unable to lab it as I do not have a 3560 switch with me right now.

HTH,

Ananth
On Sun, May 18, 2008 at 8:13 PM, sathappan sathappan <
sathappan2003@gmail.com> wrote:

> Hi GS,
>
>
> I am working on my multiprotocol labs. I need a clarification on
> configuring
> private vlans.
> first task asks me to configure one port in vlan 28.
>
> My configuration will be as follows.
>
> *interface FastEthernet0/7
> switchport access vlan 28*
> * switchport mode access*
>
> the subsequent task asks me to configure it as private vlan isolated with
> vlans 28 281.
>
>
> My question is whether I should retain the "switchport access vlan 28"
> which
> I configured for the first task or should I remove the command for enabling
> private vlan.
>
> *interface FastEthernet0/7
> switchport access vlan 28
> switchport private-vlan host-association 28 281
> switchport mode private-vlan host
> spanning-tree portfast
> spanning-tree bpduguard enable*
>
>
>
> please guide me
>
>
> with thanks
> sathappan
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Luan Nguyen: "Re: Security lab Rack Rental InternetworkExpert topology"
• Previous message: Dane Newman: "Re: Security lab Rack Rental InternetworkExpert topology"
• Maybe in reply to: sathappan sathappan: "private vlan"
• Next in thread: sathappan sathappan: "Re: private vlan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:17 ART