Solved

normal trunk and private Vlan

Posted on 2014-09-10
3
593 Views
Last Modified: 2014-09-14
Hello Expert

I have a trunk on a Nexus 1000V Interface

interface Ethernet3/7
  inherit port-profile MY-UPLINK

interface Ethernet3/8
  inherit port-profile MY-UPLINK

++++++++++++++++++++

port-profile type ethernet MY-UPLINK
  vmware port-group
  switchport mode trunk
  switchport trunk allowed vlan 500, 600, 700                                          
  no shutdown
  system vlan 500
  state enabled
++++++++++++++++++++

Vlan 600 will be in Future a Private Vlan associated wit private Vlan 601 and 602

##
sh feature
conf t
fearture private-vlan
vlan 601 private-vlan isolated
vlan 602 private-vlan isolated


vlan 600 private-vlan primaery
private-vlan association 601, 602

##################################################

is the Trunk Config Ok like this?

++++++++++++++++++++

port-profile type ethernet MY-UPLINK
  vmware port-group
  switchport mode trunk
  switchport trunk allowed vlan 500, 600, 601, 602, 700                                          
  no shutdown
  system vlan 500
  state enabled
++++++++++++++++++++

on the other Side of the trunk is a cisco nexus 5548 and i will go to configure the promisc port there

is this Configuration possible?
to put private Vlans and normal vlans in on trunk?
0
Comment
Question by:michapdm
3 Comments
 
LVL 32

Expert Comment

by:harbor235
ID: 40316921
Why do you want to do that? A private vlan separates the vlan into separate broadcast domains, trunks connect switches and extend vlans and broadcast domains so you can add hosts anywhere in the switch mesh, the trunk port is not where you want to implement PVLANs.

harbor235 ;}
0
 
LVL 22

Accepted Solution

by:
eeRoot earned 500 total points
ID: 40320940
You config is technically correct.  But if the Nexus switches are all operating as layer 2 devices, they will not route traffic between VLAN's anyway.  If you want an isolated VLAN on the Nexus switches, simply do not allow that VLAN to pass across the uplinks to your core switch/router (or where the intra VLAN routing is taking place)
0
 

Author Closing Comment

by:michapdm
ID: 40321614
I found a config that is working as i explained.
Thanks Experts
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question