Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to isolate Layer two traffic between access layer and core layer in a multi tenant environment?

Hi Guys.

I'm working on a datacenter environment, i implement switching access layer with cisco catalyst 3750X stacking and collapsed Core Layer with Catalys 6500, also is a multi tenant environment, I'm trying to find the best way to isloated the layer two traffic between the server across the date center; i think that one way is thru Private Vlan but this is the best way?; How i can isloated the layer two traffic even at the core layer; I need to implement private vlan on access layer and core layer too?, Is posible to trunking the secondary vlan?; how to send that private Vlan to core layer to islolated even if the traffic is going to core layer.

Thnk yuo so much.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

How to isolate Layer two traffic between access layer and core l

This might be of good help to you.

http://blog.ine.com/tag/private-vlan/

8 REPLIES
Hall of Fame Super Blue

How to isolate Layer two traffic between access layer and core l

It's difficult to say what to do without more details.

Are the servers for each customer in different vlans already or are they all mixed up ?

If they are in their own vlans and you want to keep it entirely separate i would suggest looking at VRF-LIte.

Perhaps you could clarify exactly what the setup is ?

Jon

New Member

Re: How to isolate Layer two traffic between access layer and co

Hi Jon.


All the server are in the same vlan using the same ip address space.

Sent from Cisco Technical Support iPad App

New Member

Re: How to isolate Layer two traffic between access layer and co

The default gateway of the server Is a firewall.

Sent from Cisco Technical Support iPad App

Hall of Fame Super Blue

How to isolate Layer two traffic between access layer and core l

If the servers are all in the same vlan using the same address space then private vlans would be the thing to use. You could use VACLs but these would get complicated very easily.

Yes you can send secondary vlans across trunk ports from the access to the core/distro layer.

Jon

New Member

How to isolate Layer two traffic between access layer and core l

Thank you so much jon, do you know if cisco has a configuration guide in order to implement pvlan on access and core layer?.

New Member

How to isolate Layer two traffic between access layer and core l

This might be of good help to you.

http://blog.ine.com/tag/private-vlan/

New Member

How to isolate Layer two traffic between access layer and core l

Thank so much, this will be helpful for my.

New Member

Hi Jon.

Hi Jon. Sorry, Is possible to config a trunk port as Promiscuous port?. Because in my case my router Is a firewall with trunk ports carry several vlans. Thnks you so much.
85
Views
10
Helpful
8
Replies
CreatePlease login to create content