private vlan trouble

mtarquin · ‎07-07-2010

Hi friends

just having some tests here with 1000v and ucs , im configuring a ucs with cisco vic mezz card , vsphere and 1000v , everything is working except that i can communicate two machines on the same private vlan (isolated) , here is the config

vlan 50
name tier1_pvlan
private-vlan primary
private-vlan association 100-199

vlan 100
name tenants-isolated-tier1
private-vlan isolated

-> my uplink port-profile

od-vsm01# show run port-profile UPLINK-prod-pvlan
version 4.0(4)SV1(3)
port-profile type ethernet UPLINK-prod-pvlan
vmware port-group
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 50 100-199
switchport private-vlan mapping trunk 55 200-299
switchport private-vlan mapping trunk 60 300-399
switchport private-vlan mapping trunk 65 66
switchport private-vlan mapping trunk 67 68
channel-group auto mode on mac-pinning
no shutdown
state enabled

-> my vm port-profile

od-vsm01# show running-config port-profile VM-tier1-100
version 4.0(4)SV1(3)
port-profile type vethernet VM-tier1-100
vmware port-group
switchport mode private-vlan host
switchport private-vlan host-association 50 100
no shutdown
state enabled

both machines are connected to VM-tier1-100 port-profile and can comunicate each other

here the machine interfaces

od-vsm01# show int Vethernet52
Vethernet52 is up
    Port description is VM_OND_PDC-PSTD-001-Linux-Tier1,
    Hardware is Virtual, address is 0050.56a1.42ac
    Owner is VM "VM_OND_PDC-PSTD-001-Linux-Tier1"
    Active on module 15
    VMware DVS port 265
    Port-Profile is VM-tier1-100
    Port mode is Private-vlan host
    5 minute input rate 136 bytes/second, 1 packets/second
    5 minute output rate 151 bytes/second, 1 packets/second
    Rx
    76099 Input Packets 75829 Unicast Packets
    135 Multicast Packets 135 Broadcast Packets
    7367033 Bytes
    Tx
    133596 Output Packets 75008 Unicast Packets
    4 Multicast Packets 58584 Broadcast Packets 35955 Flood Packets
    10771068 Bytes
    3 Input Packet Drops 314 Output Packet Drops

od-vsm01# show int Vethernet56
Vethernet56 is up
    Port description is PDC-PSTD-002-Linux-Tier1 ethern,
    Hardware is Virtual, address is 0050.56a1.2d19
    Owner is VM "PDC-PSTD-002-Linux-Tier1 ethern"
    Active on module 11
    VMware DVS port 266
    Port-Profile is VM-tier1-100
    Port mode is Private-vlan host
    5 minute input rate 206 bytes/second, 1 packets/second
    5 minute output rate 233 bytes/second, 2 packets/second
    Rx
    180783 Input Packets 180676 Unicast Packets
    0 Multicast Packets 107 Broadcast Packets
    14959548 Bytes
    Tx
    221238 Output Packets 198282 Unicast Packets
    4 Multicast Packets 22952 Broadcast Packets 22956 Flood Packets
    16953778 Bytes
    1 Input Packet Drops 0 Output Packet Drops

ideas?

dumlutimuralp · ‎10-20-2010

Have you got a reply for this thread ? I am trying to find whether if there is a support for private vlans and port channels on Nexus ?

Matthew Faiello · ‎10-20-2010

Nexus, including N1KV support PVLANs.. UCS will have limitted support for PVLANs in FW 1.4

dumlutimuralp · ‎10-20-2010

Hi,

Actually, what I mean is, whether if Nexus 1000v will support configuring PortChannel on a private vlan trunk or promiscous mode port ?

Matthew Faiello · ‎10-20-2010

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3/interface/configuration/guide/n1000v_if_5portchannel.pdf

Check-out the 8th Bullet down...

Hope this helps.

dumlutimuralp · ‎10-21-2010

Hi Matthew,

Ive just gone through the same doc and noticed that it is supported. Thanks for getting back. Now I have to drill down the other side of the port channel , which is Cisco 4507 and seems like it does NOT support Private VLANs through Port Channels...

Appreciate your feedback.

Cheers.

Dumlu

admin11111 · ‎10-22-2013

i dont see the command switchport private-vlan trunk allowed vlan ... under the uplink, it could be the issue u didn t allow the vlans