BladeSystem - General
Showing results for 
Search instead for 
Did you mean: 

Virtual Connect and pvlans (Private Vlans)

Occasional Visitor

Virtual Connect and pvlans (Private Vlans)

hi i have a problem with virtual connect and private vlans.

using vmware i can put virtual servers on a pvlan so they cannot talk to each other (only the gateway).

this is working using tunnelled networks through virtual connect and the inbuilt functionality in vmware vsphere


where this falls down is with physical blades.

i have this setup:

LOM 1:a - main LAN - vlan 100

LOM 2:a - main LAN - vlan 100

LOM 1:b - private vlan - vlan 106


on the cisco end the primary vlan is 105, and the isolated vlan 106

i have set the network to be private so the servers cannot communicate with eachother but they also cannot communicate with the gateway.

all the uplinks are trunked and i suspect this is where the issue lies

is there a proven solution for this? or will i have to have a pair of uplinks PER pvlan?


pretty disappointed by the networking capabilities of the virtual connect modules in general!


Trusted Contributor

Re: Virtual Connect and pvlans (Private Vlans)

As long as your Gateway's MAC is external to VC it should work just fine.

I dont understand why you even mentioned VLAN 105 since it is not associated with the Blade's profile.

Private on the VC module means the gateway's MAC/IP must be on the same VLAN as the NIC in the Server Profile (106 in your example).

Re: Virtual Connect and pvlans (Private Vlans)

You need to configure LOM 1:a and LOM 1:b with multiple VLANs i.e with primary and secondary VLANs then configure dVswitch accordingly.
Just finished implementing Private VLANs in combination with Cisco Swicthes- VMware dVSwitch and HP Virtual connect Flexfabrics. It's tricky first time but not rocket science. Step by step instructions are documented here.

Trusted Contributor

Re: Virtual Connect and pvlans (Private Vlans)

I just ran across these videos my co-worker Hongjun had created a while back showing one way to get this doe in VC using Tunneled mode.


Part 1:

Part 2:

Part 3:

Part 4:


Keep in mind you can mix and match Tunnel and Mapped VLAN modes starting in 3.30, but each type has to have its own unique uplinks.  But this way you can have one set of uplinks in Tunnel mode for all the VMs, and with PVLAN working.

And then you can bring in your Management VLANs over a seperate uplink in Mapped mode and spread those Networks out using FlexNICs, for things like Management Console, vMotion, Backups or IP Storage like NFS or iSCSI.