VMware Cloud Community
RanjnaAggarwal
VMware Employee
VMware Employee
‎10-18-2016 12:56 AM

Maximum Secondary VLANs in Primary VLAN

How many maximum secondary vlans can be there under one primary vlan?

Regards, Ranjna Aggarwal
0 Kudos
6 Replies
jameswalkervmw
VMware Employee
VMware Employee
‎10-20-2016 03:02 PM

The VMware's  PVlan is off the RFC 5517:  RFC 5517 - Cisco Systems' Private VLANs: Scalable Security in a Multi-Client Environment

Cisco's documentation reads as followed.

The maximum number of unique private VLAN pairs supported by the

switchport private-vlan mapping trunk command above is 500. For example, one thousand secondary

VLANs could map to one primary VLAN, or one thousand secondary VLANs could map one to one to

one thousand primary VLANs

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/configuration/guide/conf/pv...

According to what I can find on the VMware side it appears there is a maximum of 4094, but I am unable to verify for certain.

James Walker VMware Support Moderator
0 Kudos
RanjnaAggarwal
VMware Employee
VMware Employee
‎10-20-2016 09:53 PM

Thanks James, Now let me share what i tried to emulate in my home lab , i tried primary vlan with one with ID 1 and then i created approx 118 secondary vlans then i was unable to use the same id in any other primary pvlan or secondary pvlan of the same vSwitch.

pvlan.png

Regards, Ranjna Aggarwal
0 Kudos
jameswalkervmw
VMware Employee
VMware Employee
‎10-21-2016 07:32 AM

What does the more details on the error say? At the time of the error what does the vpxd.log say?

James Walker VMware Support Moderator
0 Kudos
RanjnaAggarwal
VMware Employee
VMware Employee
‎10-21-2016 08:27 AM

It is not letting to use same vlan number as primary vlan that was used in secondary vlan as in this example it is 118.

Regards, Ranjna Aggarwal
0 Kudos
jameswalkervmw
VMware Employee
VMware Employee
‎10-21-2016 08:49 AM

the  secondary has to be promiscuous to have the same vlan ID as the primary. Please refer to the following KB.

Private VLAN (PVLAN) on vNetwork Distributed Switch - Concept Overview (1010691) | VMware KB

James Walker VMware Support Moderator
0 Kudos
RanjnaAggarwal
VMware Employee
VMware Employee
‎10-21-2016 08:54 AM

Scenario was like this as explain in below table:-

Primary vlan

Secondary vlan

1

1 (Promiscous)

2 (Community)

3 (Community)

3 (Can’t Use 3 as Primary vlan again as this was secondary vlan in another primary vlan)

I want to understand basically the logic why can't i use same  ID in another primary vlan.

Regards, Ranjna Aggarwal
0 Kudos