Pvlans And Svis - Cisco Catalyst 4500 Series Configuration Manual
Release ios xe 3.3.0sg and ios 15.1(1)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1254 pages)
Table of Contents
Advertisement
PVLAN Commands
PVLANs and SVIs
In a Layer 3 switch, a switch virtual interface (SVI) represents the Layer 3 interface of a VLAN. Layer 3
devices communicate with a PVLAN only using the primary VLAN and not through secondary VLANs.
Configure Layer 3 VLAN interfaces (SVIs) only for primary VLANs. You cannot configure Layer 3
VLAN interfaces for secondary VLANs. SVIs for secondary VLANs are inactive while the VLAN is
configured as a secondary VLAN.
•
•
When the primary VLAN is associated with and mapped to the secondary VLAN, any configuration on
the primary VLAN is propagated to the secondary VLAN SVIs. For example, if you assign an IP subnet
to the primary VLAN SVI, this subnet is the IP subnet address of the entire PVLAN.
Per-Virtual Port Error-Disable on PVLANs
For PVLANs, per-virtual port error-disable behavior is defined as follows:
•
•
•
PVLAN Commands
This table lists the commands most commonly used with PVLANs.
Command
private-vlan {community |
twoway-community | isolated |
primary}
private-vlan association
{secondary_vlan_list | add
secondary_vlan_list | remove
secondary_vlan_list}
show vlan private-vlan [type]
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
42-10
If you try to configure a VLAN with an active SVI as a secondary VLAN, the configuration is not
allowed until you disable the SVI.
If you try to create an SVI on a VLAN that is configured as a secondary VLAN and the secondary
VLAN is already mapped at Layer 3, the SVI is not created, and an error is returned. If the SVI is
not mapped at Layer 3, the SVI is created, but it is automatically shut down.
On a PVLAN promiscuous or promiscuous trunk ports, if a violation occurs on the primary VLAN,
it is error-disabled.
On a PVLAN host or trunk port, if a violation occurs on the secondary VLAN, the associated
primary VLAN is error-disabled.
On a standard trunk port that carries both primary and secondary VLANs, if a violation occurs on
the primary VLAN, this VLAN and all its associated secondary VLANs are error-disabled. If a
violation occurs on a secondary VLAN, the associated primary VLAN and all its associated
secondary VLANs are error-disabled.
Purpose
Configures a VLAN as a PVLAN.
Associates the secondary VLAN
with the primary VLAN.
The list can contain only one isolated
VLAN ID; it can also contain
multiple community VLAN IDs.
Verifies the configuration.
Chapter 42
Configuring Private VLANs
Location
Configuring a VLAN as a PVLAN,
page 42-15
Associating a Secondary VLAN with
a Primary VLAN, page 42-16
Configuring a VLAN as a PVLAN,
page 42-15
Associating a Secondary VLAN with
a Primary VLAN, page 42-16
OL-25340-01
- Quick Links:
- Resetting a Switch to Factory Default...
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
