Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
1
Replies

Redundancy restriction with Private Vlans

andtran
Level 1
Level 1

‎06-04-2004 09:10 AM - edited ‎03-02-2019 04:10 PM

I want to set up full redundancy environment in the DMZ for Web servers with two CSS 11050, two PIXs, and two 4506 switches. There is trunking between the 4506. One CSS connects (uplink) to one of the 4506.

Based on the Private Vlan config guidelines, A promiscuous port can serve only one primary VLAN and An isolated or community VLAN can have only one primary VLAN associated with it.

I configure the active CSS port as promiscuous to carry ingress traffic for the web servers that connect to the two 4506. If the CSS port fails, the promiscuous port will not failover to the other CSS port. Therefore it will loose the redundancy with PVLAN configuration.

Please advise any PVAN configuration that provides full redundancy including hardware and port failover.

Thanks !!!

Andy Tran

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents