Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
968
Views
0
Helpful
3
Replies

communcation between secondary vlan and primary vlan

Go to solution
sarahr202
Level 5
Level 5

‎06-06-2012 06:20 PM - edited ‎03-07-2019 07:06 AM

Hi everybody.

How is everybody doing?

I could not use GNS3 to perform the following setup:

h1--------f1/1-sw--f1/2--------h2

Sw1 has only vlan2.  Sw f1/2 is in vlan2

switch( config) int f1/2

switch( config-if) switchport access vlan 2

Next we create secondary vlan 3

switch( con) vlan 3

switch (congfig-vlan) private -valn secondary

Next we declare vlan 2 as primary and associate secondary vlan 3 with primary vlan 2

switch( config) vlan 2

switch( config-vlan )private-vlan primary

switch(config-vlan) private-vlan association 3.

Next we configure the port f1/1:

switch(config) int f1/1

switch(config-if) switchport private-vlan  host

switch(config-if) switchport private-vlan host-association 2  3

My question is :  Will h1 be able to h2 just considering the above config while keeping in mind h1 is secondary vlan 3 while h2 is vlan2 primary vlan ?

================================================

What if we replace  secondary vlan 3 above by isolated vlan 3, will h1 be able top ping h2 ?

thanks and have a great week.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎06-06-2012 07:47 PM

Hi Sarah,

What if we replace  secondary vlan 3 above by isolated vlan 3, will h1 be able top ping h2 ?

If you pur each port where each host in connected in isolated mode, than the hosts will not be able to communicated with each other.  The ports in isolated mode can communicate with ports in promiscuous mode but not with each other.

HTH

View solution in original post

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to sarahr202

‎06-07-2012 10:09 AM

Hi Sarah,

Yes, since the router interface is a promiscuos mode, h1 can communicate with the router. This is actually the way it should be designed, if not hosts will not be able to communicate with the router.

HTH

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎06-06-2012 07:47 PM

Hi Sarah,

What if we replace  secondary vlan 3 above by isolated vlan 3, will h1 be able top ping h2 ?

If you pur each port where each host in connected in isolated mode, than the hosts will not be able to communicated with each other.  The ports in isolated mode can communicate with ports in promiscuous mode but not with each other.

HTH

0 Helpful

Go to solution
sarahr202
Level 5
Level 5
In response to Reza Sharifi

‎06-07-2012 09:38 AM

Thanks Reza

Can regular port i.e port not belonging to any secondary vlan communicate with promiscuous port ? Let me illustrate that:

h1------f1/1SW---f1/2--------Router

Sw(config) int f1/1

sw( config-if) iswitchport access vlan 2

Sw f1/2 port  is in promiscuos mode

The primary vlan is vlan 2

Will h1 be able to communicate with Router?  ( Please keep in mind, h1 is just connected to regular vlan2 not to any secondary vlan)

thanks

0 Helpful

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame
In response to sarahr202

‎06-07-2012 10:09 AM

Hi Sarah,

Yes, since the router interface is a promiscuos mode, h1 can communicate with the router. This is actually the way it should be designed, if not hosts will not be able to communicate with the router.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card