protect ports on redundant switches

Unanswered Question
Sep 13th, 2009

I have two 3750G which are trunked together. We want to connect some external router to these switches adn we don't want the routers to talk to each other - only to two firewalls also connected to these switches. Some of hte routers will be on eone switch and some on the other. We will have hSRP on the switch pair. We would going to use protected ports to prevent the routers from talking to each other. If we don't protect the trunk port then the routers on one switch can talk to the other switch. if we do protect the trunk ports will we lose HSRP traffic and will spanning tree still work?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rducombl Tue, 09/15/2009 - 03:58

What you need is private vlan.

Private vlan is an extension of the old feature Protecter port which was local to one switch. With Private vlan you can extend to 2 or more switches.

See documentation at :

and specially the example with private vlan across 2 switches.




This Discussion