I have an architecture with N5k-UCS-N1K(ESXi) where private-vlan need pass to virtual machine inerface. I set the whole environment but not get it to work properly the PVLAN through the UCS.
My configuration is
- Vlan 2200 primary, 2201 isolated, 2202 comunity
- Po200: Promiscuous conected to Cisco ASA (L3 Gateway of vlans)
- Po10: Interconection trunk with UCS with vlan 2200-2202 as regulars vlan
- Fabric InterConnect
- Vlans 2200-2202 as regulars vlan
- 2xvnics with server
- Vlan 2200 primary. 2201 isolated, 2202 comunity
- port-profile port-channel uplink trunk with vlan 2200-2202 as regulars vlan
- prot-profile vethernet with 2201 as isolated
- prot-profile vethernet with 2202 as comunity
I know that in N5k the private vlans work ok because i can ping to ASA from a machine connected to n5k in vlan 2201. I know that it work ok in n1k because i can ping between two vm in 2202 in same host and can't ping if the virtual machine is in 2201. My problema is that from vm in one host I can not ping either the ASA or virtual machines on another host.
Is my architecture ok, or i can a problem of concept?.
Do you know
and the pvlan limitations in UCS ?
Thanks for your reply Walter.
I know the limitations of UCS with pvlans, but i think that it don't impact in my environment because the UCS don't know about pvlans. All is in n5k (promiscuous, comunity and isolated ports) and n1k (comunity and isolated), and i have 2.2.3f version that support transport of regular an pvlans.