02-11-2023 06:12 AM
Hello,
I have configured my Cisco c1000 with some VLAN and one PVLAN. That works so far as expected but I am unsure if it is possible to use the same uplink interface?
# works for VLAN (uplink)
int gi1/0/1
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan 100-108
end
# works for PVLAN (uplink)
int gi1/0/1
switchport private-vlan mapping 302 402
switchport mode private-vlan promiscuous
end
How can both, VLAN and PVLAN on one interface???
02-11-2023 07:28 AM
Cat 9K is possible - never tested on cat 1K switches (check the version you using on the configuration guide)
below example for Cat 9K
02-11-2023 09:03 AM - edited 02-11-2023 09:03 AM
Hello
The promiscuous port ( in this case a trunk) should be applicable when implementing PVLANS, its a port that all hosts within either the secondary/isolated pvlans can gain access to, and they do this by being associated to a primary vlan, and if that primary vlan is then allowed to traverse a trunk then that should be okay as then the PVLAN hosts will be able to reach hosts residing across that trunk in another switch, which is also implementing PLVAN or not.
02-11-2023 04:27 PM
My friends,
Please allow me to join.
Let's first clarify the terminology:
So clearly, we cannot have gi1/0/1 act both as a PVLAN host and a trunk port - it can't be an access port and a trunk at the same time.
How we should configure it depends on the capability of the upstream device connected to it:
Additional details and config examples can be found here: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-4/configuration_guide/vlan/b_174_vlan_9600_cg/configuring_private_vlans.html
Best regards,
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide