private-vlan and SVI

From: Bit Gossip (bit.gossip@chello.nl)
Date: Sun May 27 2007 - 09:16:38 ART

• Next message: Du, Jianbo: "reuse TCL script in router"
• Previous message: Darby Weaver: "Re: Can my company use my ccie for their partnet contract"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Group,
I have configured basic private-vlan setup. My problem is that the host behind
the isolated port fast1/0/43 can not ping the SVI interface Vlan28 on the same
switch. How can i fix this?
I guessed that even isolated hosts should be able to talk to the SVI because
the SVI is their gateway as explained here:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg/swpv
lan.htm#wp1038990
Thanks,
bit.

vlan 28
 name VLAN_28
  private-vlan primary
  private-vlan association 281
!
vlan 281
  private-vlan isolated
!
interface FastEthernet1/0/43
 switchport access vlan 28
 switchport private-vlan host-association 28 281
 switchport mode private-vlan host
 speed 100
 duplex full
 spanning-tree portfast
 spanning-tree bpdufilter enable
 spanning-tree bpduguard enable
!
interface Vlan28
 ip address 183.1.28.7 255.255.255.0
 private-vlan mapping 281
!

Rack1SW1#show interfaces vlan28 private-vlan mapping
Interface Secondary VLANs
---------
--------------------------------------------------------------------
vlan28 281

Rack1SW1#show vlan private-vlan

Primary Secondary Type Ports
------- --------- -----------------
------------------------------------------
28 281 isolated Fa1/0/7, Fa1/0/43

Rack1SW1#show int f1/0/43 switchport
Name: Fa1/0/43
Switchport: Enabled
Administrative Mode: private-vlan host
Operational Mode: private-vlan host
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 28 (primary)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: 28 (VLAN_28) 281 (VLAN0281)
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan:
  28 (VLAN_28) 281 (VLAN0281)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

• Next message: Du, Jianbo: "reuse TCL script in router"
• Previous message: Darby Weaver: "Re: Can my company use my ccie for their partnet contract"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 01 2007 - 06:55:22 ART