Switching

Expand all | Collapse all

Private VLAN

Jump to Best Answer
  • 1.  Private VLAN

    Posted 08-04-2017 19:38

    Hi all, 

    I have a topology shown below
    Capture.GIF
    Two switches run VLAN with two primary VLAN 100 and 200. Two primary VLAN 100 and 200 also have secondary VLAN community VLAN 40. The interface connects between two switches is run trunk member VLAN 100 and VLAN 200 as well as pvlan-trunk

    [edit vlans]
    root@sw1# show pvlan-100
    vlan-id 100;
    interface {
       ge-0/0/12.0 {
          pvlan-trunk;
       }
    no-local-switching;
    
    [edit vlans]
    root@sw1# show pvlan-200
    vlan-id 200;
    interface {
       ge-0/0/12.0 {
          pvlan-trunk;
       }
    no-local-switching;
    
    [edit interface ge-0/0/12.0 family ethernet-switching]
    root@sw1# show
    vlan members [pvlan-100 pvlan-200]
    interface-mode trunk
    
    



    So, is the configuration valid? And Does PC2 ping PC3 successfully? Does the same result with PC1 ping PC4?

    Thank all,
    Hoang Nguyen HUy 



  • 2.  RE: Private VLAN

    Posted 08-06-2017 20:31

    NO. You are missing the community vlan  among other statements. You configure one Primary vlan and the primary vlan must be set to be primary for the community vlans. This article explains:

    https://www.juniper.net/documentation/en_US/junos/topics/example/private-vlans-multiple-switches-ex-series.html

     



  • 3.  RE: Private VLAN

    Posted 08-07-2017 01:10

    Hi lyndidon, 

    I gave the idea and didn't show full configuration. 
    So, If I configured more command line as you said, Will PCs which are same community vlan and match primary vlan ping successfully? 

    Thanks



  • 4.  RE: Private VLAN
    Best Answer

    Posted 08-07-2017 06:51

    Yes. Once properly configured, all the devices in the separate community vlans will be able to communicate with each other.