Vlan need not to communicate to one perticular Vlan

Answered Question
Feb 3rd, 2010
User Badges:

Hi,

I have a question on Vlan communications.



I have a scenario where in i have 5 Vlans ( Vlan 1,2,3,4,5) in my switch, and my requirment is that i don want the VLAN 3 and Vlan 4 to communicate to each other. where as all other vlans except Vlan3 should communicate to Vlan4 and vice versa  ....and all vlans except 4 should communicate to Vlan3 and vice-versa...


Please reply me with the logic and neccesary cammands.


Thanks

Correct Answer by Jon Marshall about 7 years 5 months ago

azharuddininamdar wrote:


Hi Jon,

Thanks a ton for this info..


Can i implement the same using distribute list?


No, distribute lists are used primarily for filtering inbound or outbound routing updates. If you want to restrict traffic between vlans then acls are the way to go.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Wed, 02/03/2010 - 17:02
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

azharuddininamdar wrote:


Hi,

I have a question on Vlan communications.



I have a scenario where in i have 5 Vlans ( Vlan 1,2,3,4,5) in my switch, and my requirment is that i don want the VLAN 3 and Vlan 4 to communicate to each other. where as all other vlans except Vlan3 should communicate to Vlan4 and vice versa  ....and all vlans except 4 should communicate to Vlan3 and vice-versa...


Please reply me with the logic and neccesary cammands.


Thanks


vlan 3 = 192.168.5.0/24

vlan 4 = 192.168.6.0/24



access-list 101 deny ip 192.168.5.0 0.0.0.255 192.168.6.0 0.0.0.255

access-list 101 permit ip 192.168.5.0 0.0.0.255 any


access-list 102 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 102 permit ip 192.168.6.0 0.0.0.255 any


int vlan 3

ip access-group 101 in


int vlan 4

ip access-group 102 in


Jon

azharuddininamdar Wed, 02/03/2010 - 17:08
User Badges:

Hi Jon,

Thanks a ton for this info..


Can i implement the same using distribute list?

Correct Answer
Jon Marshall Wed, 02/03/2010 - 17:11
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

azharuddininamdar wrote:


Hi Jon,

Thanks a ton for this info..


Can i implement the same using distribute list?


No, distribute lists are used primarily for filtering inbound or outbound routing updates. If you want to restrict traffic between vlans then acls are the way to go.


Jon

azharuddininamdar Wed, 02/03/2010 - 17:13
User Badges:

Got it Jon,


I was known to this, but needed to confirm..


thanks for resolving my Query...



Actions

This Discussion