Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
0
Helpful
4
Replies

PVLAN over Trunk Ports

Go to solution
vsurresh
Level 1
Level 1

‎09-03-2024 12:25 AM - edited ‎09-03-2024 12:45 AM

IMG_0322.jpg
(Edited) Let’s assume I have two access switches and one distribution switch. The clients only connect to the access switches. The distribution switch connects to the firewall or router where the default gateway is located (router on a stick). I also have some other normal VLANs (100, 105, 110)

Suppose I have a primary VLAN 10 and an isolated VLAN 11 configured on both access switches.

My understanding is that I don’t need to create the PVLAN configs on the distribution switch, right? All I need to do is configure the following on the trunk between SW-01/SW02 and the distribution switch.

 

switchport trunk allowed vlan add 10, 100, 105, 110
switchport private-vlan mapping trunk 10 11
switchport mode private-vlan trunk promiscuous

 

Does this need to be configured on both sides of the trunk? (both access switch side and distribution switch side) This is where I'm confused.

On the other side, I can configure the same commands on the trunk between switch 2 and the firewall, right? (only on the switch 2 side, of course). Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP
In response to vsurresh

‎09-03-2024 01:13 AM

Hello
Assuming all your host reside in a single flat address range and reside on both Sw01-02 which are access switches then you ONLY need Pvlan enabled on those switches, the trunk interconnects will be just L2 trunks.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
4 Replies 4

Go to solution
paul driver
VIP
VIP

‎09-03-2024 12:42 AM

Hello

@vsurresh wrote:

If the clients don’t connect directly to the distribution switch, my understanding is that I don’t need to create the PVLAN configs on switch 2, right? All I need to do is configure the following on the trunk between SW-01 and SW02.


Correct .. if you do not have Pvlan hosts on the dist switch then you do not need to create it on that sw


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
vsurresh
Level 1
Level 1
In response to paul driver

‎09-03-2024 12:46 AM

Thank you. Sorry, I modified the question slightly and added a diagram

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to vsurresh

‎09-03-2024 01:13 AM

Hello
Assuming all your host reside in a single flat address range and reside on both Sw01-02 which are access switches then you ONLY need Pvlan enabled on those switches, the trunk interconnects will be just L2 trunks.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
vsurresh
Level 1
Level 1
In response to paul driver

‎09-03-2024 12:09 PM

Thank you

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card