cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
535
Views
0
Helpful
4
Replies

PVLAN question

zubairjalal
Level 1
Level 1

Hi.

I have three servers which communicate to each other using broadcast messages. 2 of these servers are on switch A and 1 server is on server B. All the servers are currently in default VLAN 1. Both the switches are connected to each other by a trunk port. Idea is to segregate the broadcast domain of VLAN 1 so that broadcasts from these servers do not reach the other workstations/servers in the same VLAN.Only these 3 servers should send/receive broadcast traffic to each other. Can i acheive the same using PVLANS. If yes, can someone please let me know how to configure the same.

regards

Zubair

4 Replies 4

when you want to seperate the devices in 2 vlans you will need a layer 3 device to connect the IP traffic between the two vlans ... which switch do you use? only layer 2 capable switches and a router? layer 3 switches? ... please give us more information so that we can help you.

nambi_gct
Level 1
Level 1

Hi Zubair,

First of all, VLAN 1 can NOT be configured as PVLAN.

If you just want to sepetrate the 3 servers in a broadcast domain, but you allow communications between the 3 servers, you really dont need a pvlan.You can as well create another VLAN and put all the servers in that VLAN.[I assume that there are just 3 servers in that vlan and nothing more]

In case if you want to seperate the servers in to more than one broadcast domains with in one vlan you can consider PVLAN and it resolves your requirement.

Hope this helps.

Thanks

Nambi.

Hi.

In case if you want to seperate the servers in to more than one broadcast domains with in one vlan you can consider PVLAN and it resolves your requirement. .....

zubair: How will the configuration be in that case.

Hi Zubair,

Here is an exmaple config.

Here VLAN 90 is primary.900 is isolated and 901 is the community

vlan.promiscuous ports are Gi1/2 and SVI90.

For your req you need to put the servers in the community vlan.

Switch#vlan database

Switch(vlan)#vtp transparent

Switch(vlan)#exit

Switch#conf t

Switch(config)#vlan 90

Switch(config-vlan)#private-vlan primary

Switch(config-vlan)#vlan 900

Switch(config-vlan)#private-vlan isolated

Switch(config-vlan)#vlan 901

Switch(config-vlan)#private-vlan community

Switch(config-vlan)#vlan 90

Switch(config-vlan)#private-vlan association 900,901

Switch(config-vlan)#interface range fastethernet 3/1 - 2

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan host

Switch(config-if)#switchport mode private-vlan host-association 90 900

Switch(config-if)#no shut

Switch(config-if)#interface range fastethernet 3/46 , 3/48

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan host

Switch(config-if)#switchport mode private-vlan host-association 90 901

Switch(config-if)#no shut

Switch(config-if)#interface gigabitethernet 1/2

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan promiscuous

Switch(config-if)#switchport mode private-vlan mapping 90 900,901

Switch(config-if)#no shut

Switch(config-vif)#interface vlan 90

Switch(config-if)#ip address x.x.x.x 255.255.255.0

Switch(config-if)#private-vlan mapping 90 900,901

Switch(config-if)#no shut

Switch(config-if)#end

Switch #

Hope this helps.

Regards,

Nambi

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco