Hi,
we use private vlan in a Datacenter environment, the router is connected to the promiscuous port an the clients are connected to isolated ports...
Network design:
[NX3K64]---------[NX3K64]-----------[NX3K64]-------[Client]
| |
[Router] [NX3K64]-----------[NX3K64]-------[Client]
| |
[Client] [Client]
-->Switches are connected through trunk ports
During a bandwidth test using iperf (UDP) we noticed that the traffic originated from the promiscuous port to the clients was sent to all client-ports like a broadcast, but it was normal udp unicast traffic for one client.
The destination clients mac was correctly learned over the switches on the right way!
Config:
Router-Port:
interface Ethernet1/42
description Router
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping 1111 1112
switchport private-vlan trunk allowed vlan 100,1111-1112
switchport private-vlan mapping trunk 1111 1112
spanning-tree port type edge trunk
Client Ports:
interface Ethernet1/16
switchport mode private-vlan host
switchport private-vlan host-association 1111 1112
spanning-tree port type edge
speed 1000
storm-control broadcast level 5.00
storm-control multicast level 5.00
storm-control action shutdown
no vtp
Pvlan-Config on all switches:
vlan 1111
name PVLan_PPPoE_Prim
private-vlan primary
private-vlan association 1112
vlan 1112
name PVlan_Iso
private-vlan isolated
Hardware: Nexus 3064PQ
Software: 9.2.3
That mus be a bug or someone els has an idea?
Thanks!