Example Configuration - Allied Telesis SwitchBlade x908 Series Software Reference Manual

Switchblade x908/x900 series alliedware plus operating system software reference for version 5.3.1

Hide thumbs Also See for SwitchBlade x908 Series:

Hardware reference manual (65 pages)

Software manual (56 pages)

Installation and safety manual (55 pages)

Table of Contents

Private VLANs operate within a single switch and comprise one primary VLAN plus a number

of secondary VLANS. All data enters the private VLAN ports untagged. Using the example of

the host ports using VLAN 20, the primary VLAN. Data returning from the host ports to the

promiscuous port (and exiting the switch) use the secondary VLAN associated with its

particular host port, VLAN 21, 22, or 23 in the example. Thus the data flows into the switch via

the primary VLAN and out of the switch via the secondary VLANs. This situation is not

detected outside of the switch, because all its private ports are untagged. Note however, that

data flowing between ports within the same community VLAN will do so using the VID of the

community VLAN.

Portfast on Private VLANS

Within private VLANs, we recommend that you place all host ports into spanning-tree portfast

mode and enable BPDU guard. Portfast assumes that because host ports will also be edge

ports, they will have no alternative paths (loops) via other bridges. These ports are therefore

allowed to move directly from the spanning-tree blocking state into the forwarding state, thus

bypassing the intermediate states.

Applying BPDU guard is an extra precaution. This feature disables an edge port if it receives a

BPDU frame, because receiving such a frame would indicate that the port has a connection to

another network bridge.

For more information on BPDU guard and portfast, see their following commands:

spanning-tree portfast bpdu-filter command on page 19.41

spanning-tree portfast command on page 19.40