Inspecting The Private Vlan Configuration - Dell Force10 S4810P Configuration Manual
High-density, 1ru 48-port 10gbe switch
Hide thumbs
Also See for Force10 S4810P:
- Manual (60 pages) ,
- Quick start manual (27 pages) ,
- Reference manual (1637 pages)
Table of Contents
Advertisement
The result is that:
•
The ports in community VLAN 4001 can communicate directly with each other and with promiscuous
ports.
•
The ports in community VLAN 4002 can communicate directly with each other and with promiscuous
ports
•
The ports in isolated VLAN 4003 can only communicate with the promiscuous ports in the primary
VLAN 4000.
•
All the ports in the secondary VLANs (both community and isolated VLANs) can only communicate
with ports in the other secondary VLANs of that PVLAN over Layer 3, and only when the command
local-proxy-arp
Note: Even after
communication may happen between some secondary VLAN hosts, until the ARP timeout happens on
those secondary VLAN hosts.
In parallel, on S50-1:
•
Gi 0/3 is a promiscuous port and Gi 0/25 is a PVLAN trunk port, assigned to the primary VLAN 4000.
•
Gi 0/4-6 are host ports. Gi 0/4 and Gi 0/5 are assigned to the community VLAN 4001, while Gi 0/6 is
assigned to the isolated VLAN 4003.
The result is that:
•
The S50V ports would have the same intra-switch communication characteristics as described above
for the C300.
•
For transmission between switches, tagged packets originating from host PVLAN ports in one
secondary VLAN and destined for host PVLAN ports in the other switch travel through the
promiscuous ports in the local VLAN 4000 and then through the trunk ports (0/25 in each switch).
Inspecting the Private VLAN Configuration
The standard methods of inspecting configurations also apply in PVLANs:
•
Within the INTERFACE and INTERFACE VLAN modes, use the
specific interface configuration.
•
Inspect the running-config, and, with the
display a specific part of the running-config.
running-config from the S50V switch in the topology diagram shown in
•
You can also use one of three
•
show interfaces private-vlan
PVLAN interfaces. See the example output in the Security chapter of the
Reference
•
show vlan private-vlan
Display the configured PVLANs or interfaces that are part of a PVLAN.
results of using the command without command options on the C300 switch in the topology
diagram shown in
802
|
Private VLANs (PVLAN)
is invoked in the primary VLAN.
is disabled (
ip-local-proxy-arp
commands that are specific to the Private VLAN feature:
show
[
interface interface
.
[
community
Figure
37-3, above, while
) in a secondary VLAN, Layer 3
no ip-local-proxy-arp
pipe option (
show running-config
grep
Figure 37-8
shows the PVLAN parts of the
]: Display the type and status of the configured
|
|
|
isolated
primary
interface
Figure 37-5
shows the results on the S50V.
command to display the
show config
|
grep string
Figure
37-3, above.
FTOS Command Line
|
|
interface interface
primary_vlan
Figure 37-4
shows the
ip
), you can
]:
Advertisement
Table of Contents
Troubleshooting
