I tried to isolate the VM of PROXMOX VM 7.2 using VLANs. Every VM has its own VLAN.
But for unite many VLAN to one ip subnet with real ip address I try to use Private VLAN with switch VDX-6720 NOS 4.1.3a.
In private-vlan trunk host mode all works ok, on the server side it is seen as PRIMARY VLAN 652, but on one switch interface can be only one host VLAN 621 and one VM.
do show running-config int te 1/0/19
interface TenGigabitEthernet 1/0/19
fabric isl enable
fabric trunk enable
switchport
switchport mode private-vlan trunk host
switchport private-vlan host-association 652 621
spanning-tree shutdown
no shutdown
!
When I try to use private-vlan trunk mode:
do show running-config int te 1/0/19
interface TenGigabitEthernet 1/0/19
fabric isl enable
fabric trunk enable
switchport
switchport mode private-vlan trunk
switchport private-vlan association trunk 652 621
switchport private-vlan association trunk 652 622
switchport private-vlan trunk allowed vlan add 653
spanning-tree shutdown
no shutdown
!
Primary VLAN 652, SECONDARY VLANs 621, 622. VLAN 653 is a pass-through to server for management IP of proxmox.
VLAN 653 on PROXMOX side work ok. But VLANs 621, 622 assigned to VM100, VM101 work on one side of the server. Server can see DHCP request from VM, Server answered with assigned IP to VM, but VM does not receive it answer.
What special must be configured for the correct work VM in private-vlan trunk host mode ?
show vlan private-vlan
Primary Secondary Type Ports Classification
======= ======= ====== =========== ==============================
652 primary Te 1/0/30(t)
Te 1/0/19(t)
Te 1/0/16(t)
652 601 community Te 1/0/36(u)
652 602 community
652 621 isolated Te 1/0/19(t)
Te 1/0/16(t)
652 622 isolated Te 1/0/19(t)
Te 1/0/16(t)
