Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Private VLANs restriction

Hi all

from http://www.cisco.com/en/US/products/ps6845/products_configuration_guide_chapter09186a00806e9f41.html

In networks with some devices using MAC address reduction, and others not using MAC address reduction, STP parameters do not necessarily propagate to ensure that the spanning tree topologies match. You should manually check the STP configuration to ensure that the primary, isolated, and community VLANs' spanning tree topologies match.

am I to understand that if I am using a root bride, it should be the same for primary and isolated vlan. and therefore if spanning tree is to be used it has to be consistently used for both primary and isolated.

what is the meaning of mac address reduction ? is the document reffing to aging time out, which again if changed from default must be consistent for both primary and isolated.

TIA

Sam

2 REPLIES
Silver

Re: Private VLANs restriction

If you enable MAC address reduction on the switch, we recommend that you enable MAC address reduction on all the devices in your network to ensure that the STP topologies of the private VLANs match. In networks with some devices using MAC address reduction, and others not using MAC address reduction, STP parameters do not necessarily propagate to ensure that the spanning tree topologies match. You should manually check the STP configuration to ensure that the primary, isolated, and community VLANs' spanning tree topologies match.

The following URL will give you restrictions and guidelines to configure private VLANs

http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007e717.html#wp1090979

Re: Private VLANs restriction

the link I posted has same info that is available on ur link.

I have actually tested since and confirmed few things.

both Primary and isolated vlans must either be running SPT or not. this provides the best behavior as topology is consistent.

Regrds

Sam

110
Views
0
Helpful
2
Replies