Private Vlan Tagging not happening

Unanswered Question
Feb 1st, 2007

Hi, I'm trying to setup a server access switch with private vlans enabled to isolate the servers from each other. Here is my lab configuration:

Primary Vlan: 2

Secondary Vlan: 102

interface GigabitEthernet1/1

switchport private-vlan mapping 2 102

switchport mode private-vlan promiscuous

interface GigabitEthernet1/2

switchport private-vlan host-association 2 102

switchport mode private-vlan host

vlan 2

name Primary

private-vlan primary

private-vlan association 102

vlan 102

name Isolated

private-vlan isolated

interface Vlan2

ip address dhcp

private-vlan mapping 102


My switch is connecting to a Juniper ISG. With the configuration as shown, traffic is passed to the router and the router is responding with a vlan 1 dhcp address. This suggests to me that the tagging is not happening as I'd like it to.

Am I wrong in assuming that traffic coming from an interface configured like Gig1/2 would be tagged for vlan 102, and traffic coming from interface vlan 2 would be tagged with vlanid 2?

I guess my question is, how do I know what my frames will be tagged when configuring a switch for private-vlans? And, on a 4948, how do I configure trunking of private-vlans to opperate similar to a standard trunk port?

Thanks in advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion