Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
2
Replies

question about private vlan

Go to solution
Agor85
Level 1
Level 1

‎10-07-2010 01:21 PM - edited ‎03-06-2019 01:23 PM

Hello guys,

I am currently learning on the private vlans topic and sticking to a question.

Imagine we have Switch A und B.

A has a privat vlan 100 isolate

B has a privat vlan 100 community.

A frame of VLAN 100 isolate from Switch A is trunked to the Switch B.  Actually Switch B is not allowed to hand over the frame, as it originates from an isolate VLAN port.

But how can Switch B know about it? The tag 100 itself cannot provide it this information.

Is this "isolate information" included within the 802.1q type field?

Or is this configuration above faulty and the network admin must ensure that the configs are the same on both switches?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎10-07-2010 01:36 PM

Hello,

As you have stated yourself, the 802.1Q tag itself does not say anything about the type of the secondary PVLAN. Only the configuration of the switches describes the type of the secondary PVLAN. If this configuration is different on two switches, inconsistent and incorrect delivery of frames may result.

The scenario you have described is indeed an incorrect configuration of PVLANs in network. If PVLANs are to work as expected, the administrator must make sure that all private VLANs are configured on all switches and that their configured type is identical. In other words, the VLAN database must be consistent across the switched domain. In recent IOSes, the VTPv3 can be used to convey information about PVLANs (the previous versions of VTP do not propagate information about PVLANs).

Best regards,

Peter

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎10-07-2010 01:36 PM

Hello,

As you have stated yourself, the 802.1Q tag itself does not say anything about the type of the secondary PVLAN. Only the configuration of the switches describes the type of the secondary PVLAN. If this configuration is different on two switches, inconsistent and incorrect delivery of frames may result.

The scenario you have described is indeed an incorrect configuration of PVLANs in network. If PVLANs are to work as expected, the administrator must make sure that all private VLANs are configured on all switches and that their configured type is identical. In other words, the VLAN database must be consistent across the switched domain. In recent IOSes, the VTPv3 can be used to convey information about PVLANs (the previous versions of VTP do not propagate information about PVLANs).

Best regards,

Peter

0 Helpful

Go to solution
Agor85
Level 1
Level 1
In response to Peter Paluch

‎10-07-2010 02:04 PM

Thanks Peter for confirming my assumption!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card