Table of Contents
Advertisement
| VLAN Commands
C
40
HAPTER
Configuring Private VLANs
private vlan
association
community - A VLAN in which traffic is restricted to host
members in the same VLAN and to promiscuous ports in the
associate primary VLAN.
primary - A VLAN which can contain one or more community
VLANs, and serves to channel traffic between community VLANs
and other locations.
D
S
EFAULT
ETTING
None
C
M
OMMAND
ODE
VLAN Configuration
C
U
OMMAND
SAGE
Private VLANs are used to restrict traffic to ports within the same
◆
community, and channel traffic passing outside the community through
promiscuous ports. When using community VLANs, they must be
mapped to an associated "primary" VLAN that contains promiscuous
ports.
Port membership for private VLANs is static. Once a port has been
◆
assigned to a private VLAN, it cannot be dynamically moved to another
VLAN via GVRP.
Private VLAN ports cannot be set to trunked mode. (See
◆
mode" on page
1349.)
E
XAMPLE
Console(config)#vlan database
Console(config-vlan)#private-vlan 2 primary
Console(config-vlan)#private-vlan 3 community
Console(config)#
Use this command to associate a primary VLAN with a secondary (i.e.,
community) VLAN. Use the no form to remove all associations for the
specified primary VLAN.
S
YNTAX
private-vlan primary-vlan-id association {secondary-vlan-id |
add secondary-vlan-id | remove secondary-vlan-id}
no private-vlan primary-vlan-id association
primary-vlan-id - ID of primary VLAN. (Range: 1-4094)
secondary-vlan-id - ID of secondary (i.e, community) VLAN.
(Range: 1-4094).
D
S
EFAULT
ETTING
None
– 1368 –
"switchport
Advertisement
Chapters
Table of Contents
