cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
317
Views
0
Helpful
2
Replies

Private Vlan Routing

kmiller
Level 1
Level 1

Hello,

I would like to route to/from my private vlan using an SVI. I have a Cat3560 and the config is below. However, when I try to ping to a router interface on the private vlan I do not get any response. The router i/f ip is 134.2.1.129/25 and is connected to port F0/1. Can anyone help me please? Config is below.

Thanks,

Kevin

vlan 32

name v32

private-vlan primary

private-vlan association 99

vlan 99

private-vlan community

interface FastEthernet0/1

switchport private-vlan host-association 32 99

switchport mode private-vlan host

spanning-tree portfast

interface Vlan32

ip address 134.2.1.133 255.255.255.128

private-vlan mapping 99

MetroSW1#ping 134.2.1.129

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 134.2.1.129, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

2 Replies 2

purohit_810
Level 5
Level 5

Can you check ACL at router?

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008013565f.shtml

It should pIng.

Regards,

Dharmesh Purohit

kmiller
Level 1
Level 1

I have checked for any acls and there aren't any applied on the router or the switch. Furthermore, if I put another switchport as part of the private vlan then I can ping between them. This also works, if I configure the port as a promiscuous port for the private vlan. The problem comes into play when I map the private vlan to an SVI. Then I lose layer 3 connectivity.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: