Hello all, I am trying to figure out if the following will work:
Have a 6500 w/ sup2/msfc2 Native IOS. Would like to configure some ports as Isolated Private VLAN ports. These Isolated ports need to only speak to a 802.1q trunk port I have. I believe I can't configure this 802.1q trunk port as a .1q trunk and a Promiscuous port "switchport mode private-vlan promiscuous" at the same time (its either "switchport mode trunk" or switchport mode priavte-vlan promiscuous" - not both). The .1q trunk port will carry lots of other VLANS. Behind this .1q trunk port will be the L3 device responsible for the L3 portion of the Private VLAN. I need to make sure the Private VLAN can talk to the L3 device behind the .1q trunk port... The .1q trunk port is kind of like a router-on-a-stick. # VID 100 Private VLAN # VID 101 Isolated VLAN vlan 100 private-vlan primary vlan 101 private-vlan isolated vlan 100 priavte-vlan association 101 interface GigabitEthernet1/1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 100-200 switchport mode trunk no ip address load-interval 30 spanning-tree portfast trunk interface GigabitEthernet1/2 switchport switchport mode private-vlan host switchport private-vlan host-association 100 101 spanning-tree portfast Will something like that work? Cheers, RR _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/