Private VLAN / pVLAN on vDS

icehckyplyr22 · ‎09-13-2020

I have the following pVLAN setup on my VMWare vDS (6.5)

3000 Primary VLAN (Promiscuous)

3001 Secondary VLAN (Isolated)

3002 Secondary VLAN (Community)

I am trying to figure out how to get traffic outside the VMware vDS environment to my router connected to the physical switching environment. The uplink port on my router is tagged VLAN 3000, but not as a promiscuous port (my Cisco 3850's don't support pVLANs). If the pVLAN traffic is only leaving the vDS to reach the internet does my physical switch need to be pVLAN aware?

Lalegre · ‎09-13-2020

Hello icehckyplyr22,

You need to configure the ports in trunk mode and tag all the VLANs to those ports not only the promiscuous ones but the isolated and community one. I suggest you to read the next article which explains everything in detail (no worries if you not use UCS): Configure Private VLAN and UCS with VMware DVS or Cisco Nexus 1000v - Cisco

icehckyplyr22 · ‎09-13-2020

My Cisco 3850 stack between my host & router doesn't support pVLANs, otherwise I could see how that might apply to me.

Lalegre · ‎09-13-2020

Hey,

That is why i was saying that for those cases you need to configure plain VLANs. From the VDS perspective you can connect ot the physical switches which supports PVLANs and then from the switch to the router you can use VLANs all tagged in the trunk port. In your case you have to configure VLAN 3000, 3001 and 3002.

All

Private VLAN / pVLAN on vDS