Filter
Top Products
Guidelines for VLAN IDs
You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
VLANs in the LAN cloud and FCoE VLANs in the SAN cloud must have different IDs. Using the same
ID for a VLAN and an FCoE VLAN in a VSAN results in a critical fault and traffic disruption for all
vNICs and uplink ports using that VLAN. Ethernet traffic is dropped on any VLAN which has an ID that
overlaps with an FCoE VLAN ID.
Important
VLAN 4048 is user-configurable. However, Cisco UCS Manager uses VLAN 4048 for the following default
values. If you want to assign 4048 to a VLAN, you must reconfigure these values:
• After an upgrade to Cisco UCS, release 2.0: The FCoE storage port native VLAN uses VLAN 4048 by
default. If the default FCoE VSAN was set to use VLAN 1 before the upgrade, you must change it to a
VLAN ID that is not used or reserved. For example, consider changing the default to 4049 if that VLAN
ID is not in use.
• After a fresh install of Cisco UCS, release 2.0: The FCoE VLAN for the default VSAN uses VLAN
4048 by default. The FCoE storage port native VLAN uses VLAN 4049.
The VLAN name is case sensitive.
Private VLANs
A private VLAN (PVLAN) partitions the Ethernet broadcast domain of a VLAN into subdomains and allows
you to isolate some ports. Each subdomain in a PVLAN includes a primary VLAN and one or more secondary
VLANs. All secondary VLANs in a PVLAN must share the same primary VLAN. The secondary VLAN ID
differentiates one subdomain from another.
Isolated VLANs
All secondary VLANs in a Cisco UCS domain must be isolated VLANs. Cisco UCS does not support
community VLANs.
Ports on Isolated VLANs
Communications on an isolated VLAN can only use the associated port in the primary VLAN. These ports
are isolated ports and are not configurable in Cisco UCS Manager. If the primary VLAN includes multiple
secondary VLANs, those isolated VLANs cannot communicate directly with each other.
An isolated port is a host port that belongs to an isolated secondary VLAN. This port has complete isolation
from other ports within the same private VLAN domain. PVLANs block all traffic to isolated ports except
traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to promiscuous ports.
You can have more than one isolated port in a specified isolated VLAN. Each port is completely isolated from
all other ports in the isolated VLAN.
Guidelines for Uplink Ports
When you create PVLANs, be aware of the following guidelines:
• The uplink Ethernet port channel cannot be in promiscuous mode.
• Each primary VLAN can have only one isolated VLAN.
Cisco UCS Manager GUI Configuration Guide, Release 2.0
278 OL-25712-04
Private VLANs