GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
SVI for Private VLAN posted 10/14/2006
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Hi folks

I'm stuck in the issue related to SVI for Private VLAN. I configured as 
below.
I was able to communicate with each other within same community(30) using 
ping.
Naturally, I wasn't able to communicate within isolated domain.
Subsequently, I created SVI of VLAN10 and issued ping to the router in 
secondary
domain(VL20,30) from SVI and vice versa. But it wasn't successful.
Does anybody know why?

TIA.

Michy

Primary VLAN:10
Secondary VLAN:20,30
Isolated :20
Community:30

CAT1#sh vl pri

Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------
10      20        isolated          Fa0/2, Fa0/4
10      30        community         Fa0/1, Fa0/5

CAT1#sh int private-vlan map
Interface Secondary VLAN Type
--------- -------------- -----------------
vlan10    20             isolated
vlan10    30             community

CAT1#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone

Device ID            Local Intrfce         Holdtme   Capability    Platform 
Port ID
R2                  Fas 0/2               130           R S I     2811 
Fas 0/0
R1                  Fas 0/1               129           R S I     2811 
Fas 0/0
R4                  Fas 0/4               157           R S I     2811 
Fas 0/0
R5                  Fas 0/5               153           R S I     2811 
Fas 0/0

CAT1#sh run
Building configuration...

Current configuration : 2551 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CAT1
!
!
no aaa new-model
vtp mode transparent
ip subnet-zero
no ip domain-lookup
!
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10
  private-vlan primary
  private-vlan association 20,30
!
vlan 20
  private-vlan isolated
!
vlan 30
  private-vlan community
!
vlan 40
!
!
interface FastEthernet0/1
 switchport private-vlan host-association 10 30
 switchport mode private-vlan host
!
interface FastEthernet0/2
 switchport private-vlan host-association 10 20
 switchport mode private-vlan host
!
interface FastEthernet0/3
!
interface FastEthernet0/4
 switchport private-vlan host-association 10 20
 switchport mode private-vlan host
!
interface FastEthernet0/5
 switchport private-vlan host-association 10 30
 switchport mode private-vlan host
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 10.0.0.10 255.255.255.0
 private-vlan mapping 20,30
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
line con 0
 exec-timeout 0 0
 logging synchronous
line vty 0 4
 no login
line vty 5 15
 no login
!
end

CAT1#deb ip pa
IP packet debugging is on
CAT1#p 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

00:09:11: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:12: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending 
full packet.
00:09:13: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:13: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending 
full packet.
00:09:15: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:15: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending 
full packet.
00:09:17: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:17: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending 
full packet.
00:09:19: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending
00:09:19: IP: s=10.0.0.10 (local), d=10.0.0.2 (Vlan10), len 100, sending 
full packet.
Success rate is 0 percent (0/5)

CAT1#p 10.0.0.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

00:15:52: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:53: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending 
full packet.
00:15:54: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:54: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending 
full packet.
00:15:56: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:56: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending 
full packet.
00:15:58: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:15:58: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending 
full packet.
00:16:00: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending
00:16:00: IP: s=10.0.0.10 (local), d=10.0.0.4 (Vlan10), len 100, sending 
full packet.
Success rate is 0 percent (0/5)
CAT1#p 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

00:17:02: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:03: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending 
full packet.
00:17:04: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:04: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending 
full packet.
00:17:06: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:06: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending 
full packet.
00:17:08: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:08: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending 
full packet.
00:17:10: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending
00:17:10: IP: s=10.0.0.10 (local), d=10.0.0.1 (Vlan10), len 100, sending 
full packet.
Success rate is 0 percent (0/5)
CAT1#p 10.0.0.5

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:

00:17:31: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:32: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending 
full packet.
00:17:33: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:33: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending 
full packet.
00:17:35: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:35: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending 
full packet.
00:17:37: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:37: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending 
full packet.
00:17:39: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending
00:17:39: IP: s=10.0.0.10 (local), d=10.0.0.5 (Vlan10), len 100, sending 
full packet.
Success rate is 0 percent (0/5)

CAT1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.0.0.10               -   0018.b974.52c1  ARPA   Vlan10
Internet  10.0.0.2                8   0011.93fc.10bf  ARPA   Vlan10 pv 20
Internet  10.0.0.1                0   000a.b82c.7ed0  ARPA   Vlan10 pv 30
Internet  10.0.0.4                2   000a.b86b.a388  ARPA   Vlan10 pv 20
Internet  10.0.0.5                0   0018.737a.8510  ARPA   Vlan10 pv 30



[R1 debug ip packet while CAT1 issued ping to R1]
R1#
*Oct 14 08:50:18.214: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0), 
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:18.214: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1 
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:18.214: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:18.214: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending
*Oct 14 08:50:19.210: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0), 
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:19.210: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1 
(FastEthernet0/0), len 100, rcvd 3
R1#
*Oct 14 08:50:19.210: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:19.210: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending
R1#
*Oct 14 08:50:21.214: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0), 
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:21.214: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1 
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:21.214: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:21.214: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending
R1#
*Oct 14 08:50:23.218: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0), 
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:23.218: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1 
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:23.218: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:23.218: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending
R1#
*Oct 14 08:50:25.222: IP: tableid=0, s=10.0.0.10 (FastEthernet0/0), 
d=10.0.0.1 (FastEthernet0/0), routed via RIB
*Oct 14 08:50:25.222: IP: s=10.0.0.10 (FastEthernet0/0), d=10.0.0.1 
(FastEthernet0/0), len 100, rcvd 3
*Oct 14 08:50:25.222: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:50:25.226: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending
R1#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.0.0.10               2   0018.b974.52c1  ARPA   FastEthernet0/0
Internet  10.0.0.1                -   000a.b82c.7ed0  ARPA   FastEthernet0/0

[R1 issued ping to CAT1]
R1#ping 10.0.0.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:

*Oct 14 08:54:01.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:01.922: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending.
*Oct 14 08:54:03.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:03.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending.
*Oct 14 08:54:05.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:05.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending.
*Oct 14 08:54:07.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:07.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending.
*Oct 14 08:54:09.918: IP: tableid=0, s=10.0.0.1 (local), d=10.0.0.10 
(FastEthernet0/0), routed via FIB
*Oct 14 08:54:09.918: IP: s=10.0.0.1 (local), d=10.0.0.10 (FastEthernet0/0), 
len 100, sending.
Success rate is 0 percent (0/5)

[R5 is almost same like R1 above.]
omitting

[R2 debug ip packet while CAT1 issued ping to R1]
R2#
*Oct 14 08:58:19.794: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0), 
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:19.794: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2 
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:19.794: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:19.794: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending
R2#
*Oct 14 08:58:21.794: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0), 
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:21.798: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2 
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:21.798: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:21.798: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending
R2#
*Oct 14 08:58:23.802: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0), 
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:23.802: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2 
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:23.802: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:23.802: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending
R2#
*Oct 14 08:58:25.806: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0), 
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:25.806: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2 
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:25.806: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:25.806: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending
R2#
*Oct 14 08:58:27.810: IP: tableid=0, s=10.0.0.10 (FastEthernet1/0), 
d=10.0.0.2 (FastEthernet1/0), routed via RIB
*Oct 14 08:58:27.810: IP: s=10.0.0.10 (FastEthernet1/0), d=10.0.0.2 
(FastEthernet1/0), len 100, rcvd 3
*Oct 14 08:58:27.810: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:58:27.810: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending

[R2 issued ping to CAT1]
R2#ping 10.0.0.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:

*Oct 14 08:54:51.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:51.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending.
*Oct 14 08:54:53.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:53.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending.
*Oct 14 08:54:55.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:55.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending.
*Oct 14 08:54:57.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:57.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending.
*Oct 14 08:54:59.254: IP: tableid=0, s=10.0.0.2 (local), d=10.0.0.10 
(FastEthernet1/0), routed via FIB
*Oct 14 08:54:59.254: IP: s=10.0.0.2 (local), d=10.0.0.10 (FastEthernet1/0), 
len 100, sending.
Success rate is 0 percent (0/5)
R2#sh arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.0.0.10               9   0018.b974.52c1  ARPA   FastEthernet1/0
Internet  10.0.0.2                -   0011.93fc.10bf  ARPA   FastEthernet1/0

[R4 is almost same like R2 above.]