cisco pvlan layer 3 processing?

Posted on 2011-04-22
Medium Priority
Last Modified: 2012-05-11
As I understand it, in order for different pvlan types to communicate, they have to cross at layer 3.

Does this communication use the router processor? Does it not? How does this transaction take place?

Please provide documentation if possible.
Question by:c-h-r-i-s-t-o-p-h
  • 3
LVL 17

Expert Comment

ID: 35450525
Yes, vlan need a L3 device to communicate. How do you communicate between 2 networks? It's via router. Vlan splits network and hence to communicate vlans need a router to route traffic from one network(vlan) to another(vlan).

L3 switches like cisco6500 has got L3 card that does routing. It's called the route processor or MSFC card. Several terminologies exist but zest is either you need a router or a routing card in L3 switch.

Type "what is a vlan" in google and pick any document out of 1000's available.

Author Comment

ID: 35450797
According to documentation, the pvlan secondary vlans can communicate via proxy arp. Is this a layer 3 function?
LVL 17

Accepted Solution

surbabu140977 earned 1000 total points
ID: 35451910
It's not a L3 function. It is is a L2 function since it works on the MAC address of the hosts.

Well, vlans actually never communicates. It's the hosts in the vlans that will communicate. Proxy arp is only one mean to reach destination. Please do not confuse it with routing. It's not a replacement of routing for VLAN communication. You can only install some proxy arp server and make 2 hosts talk in 2 different subnets.

Proxy ARP (Address Resolution Protocol) is a technique by which a device on a given network answers the ARP queries for a network address that is not on that network. The ARP Proxy is aware of the location of the traffic's destination, and offers its own MAC address in reply, effectively saying, "send it to me, and I'll get it to where it needs to go." Serving as an ARP Proxy for another host effectively directs LAN traffic to the Proxy. The "captured" traffic is then typically routed by the Proxy to the intended destination via another interface or via a tunnel.

LVL 17

Expert Comment

ID: 35451925
Proxy arp can be used to communicate, but in real life scenario it has got very limited use. You can enable "local proxy arp" feature in cisco devices or rather most networking routers/switches.


For example, suppose a host, say A, wants to contact another host B, where B is on a different subnet/broadcast domain than A. For this, host A will send an ARP request with a Destination IP address of B in its ARP packet. The multi-homed router which is connected to both the subnets, responds to host A's request with its MAC address instead of host B's actual MAC address, thus proxying for host B. In the due course of time, when host A sends a packet to the router which is actually destined to host B, the router just forwards the packet to host B. The communication between host A and B is totally unaware of the router proxying for each other

You can consider both A and B to be in separate VLAN's.

LVL 17

Assisted Solution

by:Marius Gunnerud
Marius Gunnerud earned 1000 total points
ID: 35452127
I would say that proxy arp is neither a layer 2 or layer 3 function. It works inbetween the two associating mac addresses to ip addresses.

Lets say you have two networks. Network A has a subnet of and network B has a subnet of routing is configured on the router that connects the two subnets.

In this scenario Network A believes it has access to the whole network and therefore beleives it is directly connected to (which is not the case). to get these two to communicate you can configure proxy arp on the router interface connected to network A. Now Hosts on network A will associate IP addresses on the network to the router's interface mac address.

All traffic to the network will have a destination mac address of the router and a destination ip address of the network. The router will just forward the traffic and neither network will be any wiser as to what is going on.

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question