Private VLAN

inyournameinyourname Member Posts: 6 ■□□□□□□□□□
in CCNP
Primary VLAN 100. VLAN 101 and 102 are community VLAN that belong to VLAN 100.
VLAN 200 is not associated with any other vlan.

Can VLAN 200 access to VLAN 101 as long as there is inter vlan routing and no ACL that is blocking?
· Share on FacebookShare on Twitter

Comments

  • PCTechLincPCTechLinc Senior Member King City, CAMember Posts: 646 ■■■■■■□□□□
    For Private VLANs, the major purpose is to control communication internally without having to change the IP addressing for that specific VLAN. That being said, they are locally significant. Communication inside the Private VLAN is tightly controlled by the different types of ports (Isolated, Community, Promiscuous). All the VLANs that are part of the Private VLAN are going to communicate through a Promiscuous Port on the gateway device so they can reach the rest of the network.

    So to answer your question, yes, you have that exactly right. Private VLANs are complicated to understand at first, but if you watch a video where you can see the implementation graphically, it makes a lot more sense. Keith Barker does a great job of this by comparing Private VLANs to "islands" with different groups of visitors. It was really awesome to see it explained that way.
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
    · Share on FacebookShare on Twitter
Sign In or Register to comment.