Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Catalyst 6500 Block Switching Between Trunk Ports

Hello all,

I have a Catalyst 6509-E with SUP2T and a WS-68xx series SFP line card. On this line card I will have 5 trunk connections going to ME3400 4 port access switches. There is one tagged VLAN allowed on all trunk ports and it is the same across them all. I need to have one trunk connection be allowed to switch to all ports within this VLAN and the remaining 3 ports be denied to switch between eachother. The remaining three ports would only be able to switch to the primary trunk port.

For informational purposes I want to point out that the downstream ME3400 access switches are performing QinQ on each connection so that when the traffic reaches the 6509 it will be double tagged.

Traditionally I have been able to do this on 12 port ME3400s using the built in UNI/NNI structure and on ME3800/3600 switches using EVCs and the "split-horizon" keyword on the bridge domain. However, the 6500 doesn't seem to support either one of these commands.

Does anyone have any ideas on how to accomplish this?

  • LAN Switching and Routing
2 REPLIES
Silver

Catalyst 6500 Block Switching Between Trunk Ports

Have you looked into private VLANs? Isolated VLANs can't talk to each other. Either that or switchport protected might work.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib CCIE #37149 Please rate helpful posts.
New Member

Catalyst 6500 Block Switching Between Trunk Ports

I'm really not all that savvy on private VLANs but I did look at them as an option. Would they be affective on trunk ports? Most config examples I have seen have shown them applied on access ports.

Can't see switchport protected:

6509(config-if)#switchport protected

                                          ^

% Invalid input detected at '^' marker.

162
Views
0
Helpful
2
Replies