Service Manual

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

821

822

823

824

825

826

827

828

829

830

You can associate either a VLT VLAN or a VLT LAG to a PVLAN. First congure the VLT interconnect (VLTi) or a VLT LAG by using

the peer-link port-channel id-number command or the VLT VLAN by using the peer-link port-channel id-

number peer-down-vlan vlan interface number command and the switchport command. After you specify the

VLTi link and VLT LAGs, you can associate the same port channel or LAG bundle that is a part of a VLT to a PVLAN by using the

interface interface and switchport mode private-vlan commands.

When a VLTi port in trunk mode is a member of symmetric VLT PVLANs, the PVLAN packets are forwarded only if the PVLAN

settings of both the VLT nodes are identical. You can congure the VLTi in trunk mode to be a member of non-VLT PVLANs if the

VLTi is congured on both the peers. MAC address synchronization is performed for VLT PVLANs across peers in a VLT domain.

Keep the following points in mind when you congure VLT nodes in a PVLAN:

• Congure the VLTi link to be in trunk mode. Do not congure the VLTi link to be in access or promiscuous mode.

• You can congure a VLT LAG or port channel to be in trunk, access, or promiscuous port modes when you include the VLT LAG

in a PVLAN. The VLT LAG settings must be the same on both the peers. If you congure a VLT LAG as a trunk port, you can

associate that LAG to be a member of a normal VLAN or a PVLAN. If you congure a VLT LAG to be a promiscuous port, you

can congure that LAG to be a member of PVLAN only. If you congure a VLT LAG to be in access port mode, you can add that

LAG to be a member of the secondary VLAN only.

• ARP entries are synchronized even when a mismatch occurs in the PVLAN mode of a VLT LAG.

Any VLAN that contains at least one VLT port as a member is treated as a VLT VLAN. You can congure a VLT VLAN to be a

primary, secondary, or a normal VLAN. However, the VLT VLAN conguration must be symmetrical across peers. If the VLT LAG is

tagged to any one of the primary or secondary VLANs of a PVLAN, then both the primary and secondary VLANs are considered as

VLT VLANs.

If you add an ICL or VLTi link as a member of a primary VLAN, the ICL becomes a part of the primary VLAN and its associated

secondary VLANs, similar to the behavior for normal trunk ports. VLAN parity is not validated if you associate an ICL to a PVLAN.

Similarly, if you dissociate an ICL from a PVLAN, although the PVLAN parity exists, ICL is removed from that PVLAN.

Association of VLTi as a Member of a PVLAN

If a VLAN is congured as a non-VLT VLAN on both the peers, the VLTi link is made a member of that VLAN if the VLTi link is

congured as a PVLAN or normal VLAN on both the peers. If a PVLAN is congured as a VLT VLAN on one peer and a non-VLT

VLAN on another peer, the VLTi is added as a member of that VLAN by verifying the PVLAN parity on both the peers. In such a

case, if a PVLAN is present as a VLT PVLAN on at least one of the peers, then symmetric conguration of the PVLAN is validated to

cause the VLTi to be a member of that VLAN. Whenever a change in the VLAN mode on one of the peers occurs, the information is

synchronized with the other peer and VLTi is either added or removed from the VLAN based on the validation of the VLAN parity.

For VLT VLANs, the association between primary VLAN and secondary VLANs is examined on both the peers. Only if the association

is identical on both the peers, VLTi is congured as a member of those VLANs. This behavior is because of security functionalities in

a PVLAN. For example, if a VLAN is a primary VLT VLAN on one peer and not a primary VLT VLAN on the other peer, VLTi is not

made a part of that VLAN.

MAC Synchronization for VLT Nodes in a PVLAN

For the MAC addresses that are learned on non-VLT ports, MAC address synchronization is performed with the other peer if the

VLTi (ICL) link is part of the same VLAN as the non-VLT port. For MAC addresses that are learned on VLT ports, the VLT LAG mode

of operation and the primary to secondary association of the VLT nodes is determined on both the VLT peers. MAC synchronization

is performed for the VLT LAGs only if the VLT LAG and primary-secondary VLT peer mapping are symmetrical.

The PVLAN mode of VLT LAGs on one peer is validated against the PVLAN mode of VLT LAGs on the other peer. MAC addresses

that are learned on that VLT LAG are synchronized between the peers only if the PVLAN mode on both the peers is identical. For

example, if the MAC address is learned on a VLT LAG and the VLAN is a primary VLT VLAN on one peer and not a primary VLT

VLAN on the other peer, MAC synchronization does not occur.

830

Virtual Link Trunking (VLT)