How to separate VLANs in a switch

Unanswered Question
May 8th, 2008

Hi there, I've got a 6500 switch which has 6 VLANs on it (1,2,3,4,5,6). All of the VLANs have IP addresses for routing. How would I be able to make it so that VLANs 1,2 and 3 can route to each other, and VLANs 4,5 and 6 can route to each other but the 2 groups of 3 VLANs can't see each other (i.e. so 1,2,3 can't see (or pass traffic between) 4,5,6).

Any advice appreciated, thanks


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Thu, 05/08/2008 - 01:32


You could just use access-lists on the vlan interfaces to keep the traffic segregated but if you wanted separate routing tables then you need to look into vrf-lite which is supported on the 6500.


cisco_lad2004 Thu, 05/08/2008 - 01:36

I stand corrected, but I think the solution is the combination on the above 2 replies.

PVLAN will take care of L2 cross talk, where as ACL takes care of L3.

I have using PVLAN + ACLs at edge 4500 to protect customers from each other and network customers.



Peter.D.Brown Thu, 05/08/2008 - 03:17

Thanks for all the replies guys. They've given me some good ideas to think about so now I'll have a bit of a read round.


This Discussion