Posted on May 14, 2020 4:54 pm
 |  Asked by Sven Dummel
 |  266 views
RESOLVED
0
0
Print Friendly, PDF & Email

Dear Community,

I am looking for an example how to configure pvlans with arista.

like a Backup Server on a promiscuous port than can talk to other servers on an isolated port. The other servers should be able to communicate only eith the Backup server.

Any hint where I can find documentation or an example config?

thx Sven

0
Posted by Neha Sakhalkar
Answered on May 14, 2020 10:06 pm

Hi Sven,

 

Let's say you have 3 servers -- Backup server A connected to Et1 of SW1, Server B connected to Et2 of SW1, and Server C connected to Et3 of SW1.

Now, if I understand your requirement correctly, Backup server A should be able to talk with both Server B and Server C. But, Server B and C should only be able to communicate with Backup server A; they should not be able to talk to each other, right?

 

If that's the case, then you can use the below configuration for private VLAN configuration:

  1. Define a primary VLAN --> let's say VLAN 1000 (The ports on this VLAN will be able to talk with all the other ports of the VLAN - including the ones that are part of private VLAN)
  2. Define the private VLAN (isolated) --> let's say VLAN 500
  3. Associate the private VLAN (isolated) with the primary VLAN using "private-vlan isolated primary vlan <primary_VLAN_id>" under the private VLAN configuration

 

Config example:

vlan 1000

!

vlan 500

private-vlan isolated primary vlan 1000

!

interface Ethernet1

switchport access vlan 1000

!

interface Ethernet2

switchport access vlan 500

!

interface Ethernet3

switchport access vlan 500

!

 

Switch#show vlan 500,1000

VLAN Name                Status     Ports

-----   -----------------   --------- ------------------

500   VLAN0500          active     Et1, Et2, Et3+

1000  VLAN1000          active    Et1+, Et2+, Et3

+ indicates a private VLAN promoted port

 

With the above configuration in place, Server B and Server C will only be able to communicate with Backup server A. However, Backup Server A should be able to talk with both the servers.

Note: The "private-vlan" feature support is only available for international EOS releases (not for US distributions).

Please try the above configuration on your device and let us know if you face any issues.

 

Regards,

Neha

0
Posted by Alla Anunitya
Answered on May 15, 2020 2:02 am

Hi Sven

Please refer to the  Eos UserManual at https://www.arista.com/en/um-eos/ under the Section 21.4: VLAN Configuration Commands

Hope this helps,

Anunitya Alla

 

 

0
Answered on May 15, 2020 7:56 am

Hello Sven,

You can find the configuration on private VLAN in the following manual (Refer VLAN)

https://www.arista.com/en/um-eos/eos-section-21-4-vlan-configuration-commands

Regards,

Pushkar

 

0
Posted by Sven Dummel
Answered on May 18, 2020 6:44 am

Hi Neha, hi Alla, hi Pushkraj

thx for your quick respones you helped me a lot.

Sven

0
Posted by Chao Jiang
Answered on May 20, 2020 2:48 pm

When will US image have this feature?  Patent will be expired soon, right?

Post your Answer

You must be logged in to post an answer.