Private Vlans; Membership Rules - Allied Telesis SwitchBlade x908 Series Software Reference Manual
Switchblade x908/x900 series alliedware plus operating system software reference for version 5.3.1
Hide thumbs
Also See for SwitchBlade x908 Series:
- Hardware reference manual (65 pages) ,
- Software manual (56 pages) ,
- Installation and safety manual (55 pages)
Table of Contents
Advertisement
VLAN Introduction
Private VLANs
Private VLANs combine the network advantages of conventional VLANs, with an added
degree of privacy obtained by limiting the connectivity between selected ports.
An example application of a private VLAN would be a library in which user booths each have a
PC with Internet access. In this situation it would usually be undesirable to allow
communication between these individual PCs. Connecting the PC to ports within a private
isolated VLAN would enable each PC to access the Internet or a library server via a single
connection, whilst preventing access between the PCs in the booths.
Another application might be to use private VLANs to simplify IP address assignment. Ports can
be isolated from each other whilst still belonging to the same subnet.
A private VLAN comprises the following components:
■
■
■
■
Membership Rules
The following membership rules apply when creating and operating private VLANs
Each private VLAN:
■
■
■
■
■
■
■
16.8
a single promiscuous port (sometimes called an uplink port)
one or more host ports (sometimes called private ports)
There are two types of host ports:
«
isolated ports
These can only communicate with the promiscuous port that is associated with the
isolated VLAN.
«
community ports
These can communicate with their associated promiscuous port and other
community ports within the community VLAN.
a single primary VLAN
one or more secondary VLANS
There are two types of secondary VLANs:
«
isolated VLANs (
In this VLAN type, communication can only take place between each host port and its
associated promiscuous port.
«
community VLANs
In this VLAN type, communication can take place between host ports and between
each host port and its associated promiscuous port.
must contain one promiscuous port or (aggregated link)
may contain multiple host ports
can be configured to span switch instances
can only contain either promiscuous or host ports.
cannot use the default VLAN (vlan1)
a private isolated VLAN can only contain a single promiscuous port
a private community VLAN can contain more than one promiscuous port
Software Reference for SwitchBlade® x908, x900 and x600 Series Switches
TM
AlliedWare Plus
Operating System - Software Version 5.3.1
C613-50007-01 REV B
- Quick Links:
- Thrash-Limiting
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
