holy guacamole... i´ve never seen this level of perfection, the clearest sound, concise and concrete video and the best ilustration!

The only 1 man on youtube, who actually explained how this mechanism of pvlans works! Ty a lot!!

@cbtnuggets

3 жыл бұрын

Thank you for the kind words!

i enjoyed how much you loved talking about private-vlans you almost couldn't contain your joy at the end there ! 10/10

Thanks a lot for these MicroNuggets. Makes my learning and labbing so much better and easier. Just watch micronugget and lab it out!! Don't have to read 300 pages or watch 30 min video about a topic!! I really encourage you guys to do more of such videos, these are golden. Thanks again.

no words to thank. i am complete new to topic and at age 55+ i can understand. you made it easy through your nice presentation. be blessed.

Bryan McGann thinks that this Private VLAN video is excellent. This is great training for the Cisco SWITCH exam.

Great video. I can say now that I know about how private vlan works. With a simple analogy you explain a hard concept very wel. Thanks.

As always, your the best Keith!!

The nicest explanation I got about private vlans!

You just demystified PVLAN. thanks a bunch

This is wonderfully described. Just perfect. Thanks you very much Keith. :)

I saw some videos in a ccnp security training but really this explaination is still kicking! Thanks a LOT!!!

Thanks Keith.

great explanantion,hat's off mr keith

Very brilliant explanation

Keith, that was amazing .. this was more then a good review before i start reading the Private VLANs at CCIE Level ..thanks a lot :)

@Bleachiiigo

4 жыл бұрын

اهلا احمد ان شاء الله تكون جهزت و اخذت شهادة ال CCIE ياصديقي

Great Video.. I have some queries 1) what about communicating between two different Primary VLAN having secondary VLAN? 2) Does inter VLAN routing will work as it is as before or it will be affected by PVLAN security? 3)What in case we have access between two devices in terms of interVLAN routing but no access in terms of PVLAN security. What would be effective access?

Amazing Thank you

just a question when typing the description, [! explanation] is that a way to do hostnames or is it meant just as a description for the video. maybe a note like in programing [//explanation]. was curious

excellent explanation

@cbtnuggets

3 жыл бұрын

Thank you!

Thanks Keith, perfectly explained and makes sense. +1 subscription from me

I have done and ensured all this thing.but my vlan type is not changing it is showing type as normal,i have made it to community and isolated but not working

If I sign up for cbtnuggets again it would be because of Kieth.

@nitroboxster4267

4 жыл бұрын

He's amazing :)

Wow, great analogy, explanation and full config in under 10 minutes! Are you going to cover VACL's?

@keithbarker4353

10 жыл бұрын

Hi Peter- We cover VACL's in the CCNP Security SENSS course at www.CBTNuggets.com If you aren't yet a member, there is a 7 day free trial and during that time you could check out the videos on VACLs, as well as the more in depth videos about Private VLANs. Thanks for the feedback. Keith

Great

Thanks for the great video!! Can the same port be part of isolated and community VLANs with different VLAN ids? Eg: Gi 0/11 as a part of VLAN200 and VLAN300 where VLAN200 is isolated VLAN and VLAN300 is community VLAN

Are the VLANs 200, 300, 400, 500 visible outside the switch, i.e. past the uplink port, or will the Ethernet frames show up as tagged with ID 100?

commendable job.

but even the creation of vlan access ports also does the same job right?

Does the primary vlan have to be the only one for all ports or can. I have two primaries to half the switch

@cbtnuggets

3 жыл бұрын

Hi Bernd, thank you for your question! The primary VLAN will be the native VLAN, this is for the untagged traffic. There isn’t really a purpose to have two native VLANs. You’d have your VLAN 10, 20 for example on let’s say each half of the switch and that would isolate the traffic for the respective ports. There will still be a VLAN 1, which by default is the native VLAN. We hope this is helpful, let us know if you have any other questions. Thank you for learning with us!

wow where did you get that stuff? it must be pretty strong.

OMG its a lot of work for only couple of VLANs....in case it's used for security, then why not implement VACL or Protected Edge Ports concept?

don't get me started on intervlan routing on trunk ports of a dist switch, what a pain! access switch1 has vlan xxx , access switch2 has vlan yyy connected to dist switch's trunk designated ports. router on a stick set up correctly, and guess what, vlan xxx and yyy won't come online... kill me

@cowboyspace1

Жыл бұрын

facts, this is a pain like no one shows that i believe.

show vlan private-vlan command shows non-operational.

Hello Keith....this is new for me....can you add some use of this Private VLANs....realistic schenarios....why to use them instead of using normal access vlans?...regards from Chile!

@DavisTasar

10 жыл бұрын

Imagine if you hosted a server farm for clients (like Rackspace or Microsoft Azure, VMWare, etc.). Instead of creating a subnet for each host, you can put them in an isolated VLAN and not worry about who can talk to whom. That's the first one that comes to my mind.

@cristobalvallejosv

10 жыл бұрын

DavisTasar Thanks david....I have been reading more about this feature but now I realize this is not supported in whole cisco Switch suit...

@lynxlive555

10 жыл бұрын

Cristobal Vallejos yep need a layer 3 switch I believe. 3560 or later series. if your running a 3550 youd need to go "router-on-a-stick" topology for inter vlan routing. The trunk port would become the "dock".

@keithbarker4353

10 жыл бұрын

Thanks Davis on an excellent example! Cheers, Keith

Started going way too fast on the console commands around the 8 minute mark forward. Slow it down

@cbtnuggets

10 жыл бұрын

sbentjies Thanks for the comment. We have passed along your feedback to Keith for him to take into consideration when creating future MicroNuggets.

@jessesanchez5294

5 жыл бұрын

I thought the speed is fine...

What's the need of using Private VLANs ?

@Unimath22

5 жыл бұрын

VAN Added security. Isolated ports can only talk to promiscuous ports. So you have a way of isolating hosts which are in the same subnet from each other. Another use would be to save address space. If you need to have lots of vlans with just a few hosts in them, you could use the private vlan concept. Normally one vlan would be mapped to one subnet, here you can have the subnet mapped to the primary vlan and you can have the community/isolated vlans in the same subnet.

The single one thing that was left off and still leaving me with questions is the "WHY" why do you need isolated ports? the fact that was left off is agitating... No use learning a feature and not knowing why you would use it. What is the significance of isolated ports?...

@jeffdoe1210

7 жыл бұрын

Isolated ports is nice because you can configure different department within them VLANS. This means that a switch is only going to forward a broadcast to only those in the group.Once you get beyond a few hundred devices in your broadcast domain, your broadcast traffic gets to the point where it's making a serious negative impact on your network.