NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Private VLAN Configuration with 802.1Q
I am wanting to create a dedicated vlan for my servers to communicate to a NAS backup device. The servers will use a dedicated 1gb interface on this backup network. The NAS device has 2 10gb interfaces connected to two different switches using rtsp via an internal vswitch on the NAS. It is on the mgt vlan. i planned on creating another vlan in the NAS vswitch, & tag with the backup vlan#.
Based on the user manual for the xs748t's setup for private vlan, it looks like i set the private vlan type for the backup vlan# to primary. The NAS will be a promiscuous port, while the servers will be isolated ports.
In the vlan association setting, i select the backup vlan# as the primary vlan. I do not have a secondary vlan. But while reading through some Cisco documentation, it sounds like i should have one.
Next in the private vlan port mode, i set the server switch ports to private, & the NAS port to promiscuous. But does this change impact the NAS access as it needs general for normal mgt access? Right now the pvid on the two NAS ports is the mgt vlan, no tagging. Or to use private vlans, does it need to be a dedicated port?
3 Replies
bsen wrote:
In the vlan association setting, i select the backup vlan# as the primary vlan. I do not have a secondary vlan. But while reading through some Cisco documentation, it sounds like i should have one.
Don't hesitate to consult the fine documentation 28-Port and 48-Port 10-Gigabit Copper Smart Switches with 4 10GE SFP+ Models XS728T and XS748T Ports User Manual in the section Configure Private VLANs starting from p.272 down to p.278. Everything there what you are behind, including Private VLAN Association Settings and the Private VLAN Promiscuous Interface Settings.
Thanks, yes i have read through the Netgear documentation many times trying to understand how to setup a pvlan for my network. I was reading through Cisco also because their docs normally have more details on what certain settings do, why to configure or why not good idea, & generally better at listing potential interop issues or limitations. I am trying to understand the concept of pvlan as a 802.1q on a general port.
That and then i will need the pvlan configured on a lag between the switches. But i assume this would just be adding the vlan to the lag as it is only a transit between the switches.
Configuring and deploying a Private VLAN for this purpose comes certainly with a much longer learning curve than simply creating say a dedicated VLAN for this special purpose. The enact concepts and naming must be understood, before reaching some workable results. This is not specific to the Netgear Private VLAN implementation, but also say to a Cisco IOS Private VLAN config, or a HPE/Aruba one.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
