[129028] in North American Network Operators' Group
Re: Tagged vlan inside isolated pvlan
daemon@ATHENA.MIT.EDU (sfouant@shortestpathfirst.net)
Mon Aug 23 13:50:15 2010
In-Reply-To: <4C72A693.2080304@gmail.com>
Date: Mon, 23 Aug 2010 11:50:00 -0600
From: sfouant@shortestpathfirst.net
To: "lorddoskias" <lorddoskias@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> Hello,
>
> I have a catalyst 6503 with sup32 and was trying to set a tagged vlan
> inside a pvlan. Basically I wanna have the behavior of:
>
> switchport mode access
> switchport access vlan 101
> switchport protected.
>
> So that other machines connected to the 6503 won't be able to
> communicate with this port (apart from the uplink) and in the same time
> I want to have vlan 101 tagged in the isolated port.
Check out
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/pvlans.html#wp1130380
for more information on configuring PVLANs for trunking. You're going to
want to configure VLAN 101 as your Isolated VLAN inside the Native
(Primary) VLAN, and you'll enable the trunking on the secondary VLAN.
Something along the following will give you the expected behavior:
switchport mode private-vlan trunk secondary
HTHs.
Stefan Fouant
