Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

HP Procurve vlan isolation

 
jtintegration
Occasional Visitor

HP Procurve vlan isolation

I am looking for a feature on procurve  for solation the port. We provide a internet connection for the student rooms., 400 rooms. We want to make sure each student are on their own island, they can do what ever they wish that will  not affect other students and us.  We have dhcp server that assigned IP for them. I have tried port filtering but it is not good enough. What other things can I do to create this isloation?  

thanks

3 REPLIES
parnassus
Honored Contributor

Re: HP Procurve vlan isolation

I bet an answer could be to investigate the "Private VLAN" feature concept.

Basically each host that is residing in a Private VLAN (a Secondary "isolated" VLAN whitin a Primary VLAN [*], think about it like - sort of - a child VLAN inside a parent VLAN) that is declared isolated and so it is isolated at Layer 2 level from all other hosts that belong to other Private VLANs.

That's from a very general high level perspective...then you need to go deep with respect your network topology/logic and also with respect to the types of Switches your access infrastructure is running on (HPE ArubaOS-Switch based or HPE Comware based Switch series) to understand restrictions, requirements and implementation procedures for this type of approach.

[*] The Primary VLAN has the duty of providing Layer 3 traffic forwarding (to other classic VLANs you may have yet defined in your infrastructure) and also the duty of providing VLANs interconnection between those Secondary VLANs (when that VLANs interconnection is required for some of those Secondary VLANs and not for others, as example).

Vince-Whirlwind
Honored Contributor

Re: HP Procurve vlan isolation

Which switch model are you using?

I seem to recall the 5400-series supports Private VLANs.

parnassus
Honored Contributor

Re: HP Procurve vlan isolation

Not only the 5400R zl2 (recent - 16.01 and 16.02 - software branch are required, see HPE ArubaOS-Switch Software Feature Support Matrix of November 2016) but also those HP/Aruba series too:

  • 3500
  • 5400 zl
  • 6200
  • 6600
  • 8200 zl
  • 3810M
  • 3800
  • 2930F
  • 2920