Associating Primary And Secondary Vlans - Cisco Nexus 3000 Series Configuration Manual
Nx-os layer 2 switching configuration
guide, release 6.x
Hide thumbs
Also See for Nexus 3000 Series:
- Command reference manual (356 pages) ,
- Configuration manual (338 pages) ,
- Installation manual (112 pages)
Table of Contents
Advertisement
Primary, Isolated, and Community Private VLANs
The following figure shows the traffic flows within a PVLAN, along with the types of VLANs and types of
ports.
Figure 3: Private VLAN Traffic Flows
Note
The PVLAN traffic flows are unidirectional from the host ports to the promiscuous ports. Traffic received
on primary VLAN enforces no separation and forwarding is done as in a normal VLAN.
A promiscuous access port can serve only one primary VLAN and multiple secondary VLANs (community
and isolated VLANs). With a promiscuous port, you can connect a wide range of devices as access points to
a PVLAN. For example, you can use a promiscuous port to monitor or back up all the PVLAN servers from
an administration workstation.
In a switched environment, you can assign an individual PVLAN and associated IP subnet to each individual
or common group of end stations.
Associating Primary and Secondary VLANs
To allow host ports in secondary VLANs to communicate outside the PVLAN, you associate secondary
VLANs to the primary VLAN. If the association is not operational, the host ports (community and isolated
ports) in the secondary VLAN are brought down.
You can associate a secondary VLAN with only one primary VLAN.
Note
For an association to be operational, the following conditions must be met:
Cisco Nexus 3000 Series NX-OS Layer 2 Switching Configuration Guide, Release 6.x
22
Configuring Private VLANs
OL-29545-03
Hide quick links:
Advertisement
Table of Contents
