BladeSystem Virtual Connect
Showing results for 
Search instead for 
Did you mean: 

Cisco Private VLAN support with Virtual Connect

Trusted Contributor

Cisco Private VLAN support with Virtual Connect

John had a customer question:




I’m working with a customer that is attempting to utilize Cisco Private VLANs with Virtual Connect / Blades.


We are running into issues where if we put the “access vlan” on a node, we can “ping it / get to it / etc” – however, if we attempt to move it to one of the community VLANs, then traffic flow stops.


On the Virtual Connect:


We have 3 VLANs configured





These are all in a SUS  - and the SUS has a pair of 10GB links going to the upstream switch.


The upstream switch appears to  be configured properly – they are in a LACP channel group, and the VLAN section is showing that 500, 510, and 525 are being passed.

(They are configured as private VLAN).


On the Cisco side, 500 is the parent and 510 and 525 are the community vlans.


The problem at this site is that if I put blade on vlan 500, I can ping it / move traffic / etc.   If I put the blade on vlan 510,  traffic flow stops.




Reply from Robert:




Virtual Connect does not specifically support Cisco proprietary “Private Vlans”.  I believe it can work if the Cisco environment if properly configured.  The link provided is a Cisco link for configuring Private Vlans.  Because VC does not support “Private Vlans” (like many other switches, even some Cisco switches), you may want to recommend that they implement ‘Isolated PVLAN Trunk’ ports for those that connect to VC.  They may still need to implement VC private networks if they require separating hosts inside the VC enclosure from other hosts within the enclosure that belong to the same Vlan.  The ‘Isolated PVLAN Trunk Ports’ section begins on Page 38-6 in the below.




Any other comments or suggestions?