Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4112F-ON/S4112T-ON

691

692

693

694

695

696

697

698

699

700

To verify private VLAN configurations, use the show vlan private-vlan mapping command.

AG1# show vlan private-vlan mapping

Private Vlan:

Primary : 100

Isolated : 13

Community : 11-12

Private Vlan:

Primary : 200

Isolated : 22

Community : 21

AG1#

To verify the MAC address table entries for the primary VLAN, use the show mac address-table command.

On primary VLAN

The output of this show command displays:

● The MAC addresses that are learned on the primary VLAN.

● The MAC addresses that are learned on the secondary VLANs being replicated to the primary VLAN.

AG1# show mac address-table vlan 100

Codes: pv <vlan-id> - private vlan where the mac is originally learnt

VlanId Mac Address Type Interface

100 54:bf:64:bd:d8:45 dynamic port-channel101

100 00:00:06:00:88:01 dynamic ethernet1/1/1 pv 11

100 00:00:06:00:89:01 dynamic port-channel1 pv 12

100 00:00:06:00:8a:01 dynamic port-channel2 pv 13

On secondary VLAN

The output of this show command displays:

● The MAC addresses that are learned on the secondary VLAN.

● The MAC addresses that are learned on the primary VLAN being replicated to the secondary VLAN.

AG1# show mac address-table vlan 11

Codes: pv <vlan-id> - private vlan where the mac is originally learnt

VlanId Mac Address Type Interface

11 00:00:06:00:88:01 dynamic ethernet1/1/1

11 54:bf:64:bd:d8:45 dynamic port-channel101 pv 100

Example: PVLAN deployment with L2-L3 boundary at the leaf layer

The following use case illustrates a deployment scenario in which the end devices that belong to different tenants are

segregated using secondary VLANs. Here, the private VLAN domain is spanned across two data centers using an ISL trunk port.

In this example:

● The configured trunk port carries the traffic for both the primary and secondary VLANs.

● The leaf nodes provide L3 connectivity to the external network and between end devices in secondary VLANs. The gateway

for all the hosts in the PVLAN domains is the anycast ip address on the primary VLANs.

Configuration notes

● IP addresses are configured on the primary VLANs of the leaf nodes.

● Anycast IP address is also configured on the primary VLANs.

● The anycast IP address remains the same for PVLAN domains that are extended across the data centers.

● Configure IP Local Proxy ARP feature on the primary VLANs of the leaf nodes to enable connectivity between end devices

that belong to different secondary VLANs (community or isolated or both) of a PVLAN domain.

● The uplink ports from the leaf nodes to the spine switch are non-PVLAN L3 networks.

694

Layer 2