HP Comware 5 - Community Private VLANs

Discussion in 'Networking' started by muhfugen, Oct 3, 2018.

  1. muhfugen

    muhfugen Member

    Joined:
    Dec 5, 2016
    Messages:
    94
    Likes Received:
    22
    I was wondering how do you implement community private VLANs on a switch (HPE FlexFabric A5800) running Comware 5?

    The current configuration looks like:

    Code:
    HP A5800 g1/0/1 <-> g1/0/25 Cisco Catalyst 3750E <-> VMware vSphere Virtual Distributed Switch
    Cisco config:

    Code:
    vlan 50
    name Internet_Promiscuous
    private-vlan primary
    private-vlan association 51-52
    !
    vlan 51
    name Internet_Isolated
    private-vlan isolated
    !
    vlan 52
    name Internet_Exchange
    private-vlan community
    !
    interface GigabitEthernet1/0/25
    description HP_A5800_Uplink
    switchport trunk encapsulation dot1q
    switchport mode trunk
    Comware config:

    Code:
    vlan 50
    description Internet_Promiscuous
    isolate-user-vlan enable
    #
    vlan 51
    description Internet_Isolated
    #
    vlan 52
    description Internet_Exchange
    #
    interface GigabitEthernet1/0/1
    description Catalyst_3750E_Uplink
    port link-mode bridge
    port link-type trunk
    port trunk permit vlan all
    #
    interface GigabitEthernet1/0/2
    description Internet_Promiscuous
    port link-mode bridge
    port isolate-user-vlan 50 promiscuous
    port link-type hybrid
    undo port hybrid vlan 1
    port hybrid vlan 50 to 52 untagged
    port hybrid pvid vlan 50
    #
    isolate-user-vlan 50 secondary 51 to 52
    Comware: display isolate-user-vlan

    Code:
    Isolate-user-VLAN VLAN ID : 50
    Secondary VLAN ID : 51-52
    VLAN ID: 50
    VLAN Type: static
    Isolate-user-VLAN type: isolate-user-VLAN
    Route Interface: not configured
    Description: Internet_Promiscuous
    Name: VLAN 0050
    Tagged  Ports:
    GigabitEthernet1/0/1
    Untagged Ports:
    GigabitEthernet1/0/2
    VLAN ID: 51
    VLAN Type: static
    Isolate-user-VLAN type: secondary
    Route Interface: not configured
    Description: Internet_Isolated
    Name: VLAN 0051
    Tagged  Ports:
    GigabitEthernet1/0/1
    Untagged Ports:
    GigabitEthernet1/0/2
    VLAN ID: 52
    VLAN Type: static
    Isolate-user-VLAN type: secondary
    Route Interface: not configured
    Description: Internet_Exchange
    Name: VLAN 0052
    Tagged  Ports:
    GigabitEthernet1/0/1
    Untagged Ports:
    GigabitEthernet1/0/2
    The 5800s are new and everything has been confirmed as working on the Cisco and vSphere side for a long time. When I hook my laptop to g1/0/2 on the HP, I can talk to VMs in VLANs 50 and 51 but not 52, I can also talk to VMs in other (non PVLAN) VLANs/subnets. So my questions would be, why arent community PVLANs working on the Comware side? Obviously i'm missing some sort of config, but I've tried googling and I can find references to promiscuous and isolated PVLANs in Comware but nothing about community PVLANs. Does Comware 5 just not support community PVLANs?
     
    #1

Share This Page