Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

PVLAN question

Hi.

I have three servers which communicate to each other using broadcast messages. 2 of these servers are on switch A and 1 server is on server B. All the servers are currently in default VLAN 1. Both the switches are connected to each other by a trunk port. Idea is to segregate the broadcast domain of VLAN 1 so that broadcasts from these servers do not reach the other workstations/servers in the same VLAN.Only these 3 servers should send/receive broadcast traffic to each other. Can i acheive the same using PVLANS. If yes, can someone please let me know how to configure the same.

regards

Zubair

4 REPLIES

Re: PVLAN question

when you want to seperate the devices in 2 vlans you will need a layer 3 device to connect the IP traffic between the two vlans ... which switch do you use? only layer 2 capable switches and a router? layer 3 switches? ... please give us more information so that we can help you.

New Member

Re: PVLAN question

Hi Zubair,

First of all, VLAN 1 can NOT be configured as PVLAN.

If you just want to sepetrate the 3 servers in a broadcast domain, but you allow communications between the 3 servers, you really dont need a pvlan.You can as well create another VLAN and put all the servers in that VLAN.[I assume that there are just 3 servers in that vlan and nothing more]

In case if you want to seperate the servers in to more than one broadcast domains with in one vlan you can consider PVLAN and it resolves your requirement.

Hope this helps.

Thanks

Nambi.

Bronze

Re: PVLAN question

Hi.

In case if you want to seperate the servers in to more than one broadcast domains with in one vlan you can consider PVLAN and it resolves your requirement. .....

zubair: How will the configuration be in that case.

New Member

Re: PVLAN question

Hi Zubair,

Here is an exmaple config.

Here VLAN 90 is primary.900 is isolated and 901 is the community

vlan.promiscuous ports are Gi1/2 and SVI90.

For your req you need to put the servers in the community vlan.

Switch#vlan database

Switch(vlan)#vtp transparent

Switch(vlan)#exit

Switch#conf t

Switch(config)#vlan 90

Switch(config-vlan)#private-vlan primary

Switch(config-vlan)#vlan 900

Switch(config-vlan)#private-vlan isolated

Switch(config-vlan)#vlan 901

Switch(config-vlan)#private-vlan community

Switch(config-vlan)#vlan 90

Switch(config-vlan)#private-vlan association 900,901

Switch(config-vlan)#interface range fastethernet 3/1 - 2

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan host

Switch(config-if)#switchport mode private-vlan host-association 90 900

Switch(config-if)#no shut

Switch(config-if)#interface range fastethernet 3/46 , 3/48

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan host

Switch(config-if)#switchport mode private-vlan host-association 90 901

Switch(config-if)#no shut

Switch(config-if)#interface gigabitethernet 1/2

Switch(config-if)#switchport

Switch(config-if)#switchport mode private-vlan promiscuous

Switch(config-if)#switchport mode private-vlan mapping 90 900,901

Switch(config-if)#no shut

Switch(config-vif)#interface vlan 90

Switch(config-if)#ip address x.x.x.x 255.255.255.0

Switch(config-if)#private-vlan mapping 90 900,901

Switch(config-if)#no shut

Switch(config-if)#end

Switch #

Hope this helps.

Regards,

Nambi

108
Views
0
Helpful
4
Replies