Private Vlan Concepts - Dell Force10 Z9000 Configuration Manual
Ftos configuration guide for z9000 system
Hide thumbs
Also See for Force10 Z9000:
- Reference manual (1483 pages) ,
- Configuration manual (848 pages) ,
- Manual (56 pages)
Table of Contents
Advertisement
Private VLAN Concepts
The VLAN types in a private VLAN (PVLAN) include:
Community VLAN — A
•
Ports in a community VLAN can communicate with each other.
•
Ports in a community VLAN can communicate with all promiscuous ports in the primary VLAN.
•
A community VLAN can only contain ports configured as
Isolated VLAN — An isolated VLAN is a type of secondary VLAN in a primary VLAN:
•
Ports in an isolated VLAN cannot talk directly to each other.
•
Ports in an isolated VLAN can only communicate with promiscuous ports in the primary VLAN.
•
An isolated VLAN can only contain ports configured as
Primary VLAN—A primary VLAN is the base VLAN of a private VLAN:
•
A switch can have one or more primary VLANs, and it can have none.
•
A primary VLAN has one or more secondary VLANs.
•
A primary VLAN and each of its secondary VLANs decrement the available number of VLAN IDs in
the switch.
•
A primary VLAN has one or more promiscuous ports.
•
A primary VLAN might have one or more trunk ports, or none.
Secondary VLAN — A
secondary VLAN — community VLAN and isolated VLAN.
PVLAN port types:
•
Community port: A community port is, by definition, a port that belongs to a community VLAN and
is allowed to communicate with other ports in the same community VLAN and with promiscuous
ports.
•
Host port: A host port, in the context of a private VLAN, is a port in a secondary VLAN:
•
The port must first be assigned that role in INTERFACE mode.
•
A port assigned the host role cannot be added to a regular VLAN.
•
Isolated port: An isolated port is, by definition, a port that, in Layer 2, can only communicate with
promiscuous ports that are in the same PVLAN.
•
Promiscuous port: A promiscuous port is, by definition, a port that is allowed to communicate with
any other port type in the PVLAN:
•
A promiscuous port can be part of more than one primary VLAN.
•
A promiscuous port cannot be added to a regular VLAN.
•
Trunk port: A trunk port, by definition, carries traffic between switches:
•
A trunk port in a PVLAN is always tagged.
•
Primary or secondary VLAN traffic is carried by the trunk port in tagged mode. The tag on the
packet helps identify the VLAN to which the packet belongs.
•
A trunk port can also belong to a regular VLAN (non-private VLAN).
|
Private VLANs
700
is a type of secondary VLAN in a primary VLAN:
community VLAN
is a subdomain of the primary VLAN. There are two types of
secondary VLAN
host
.
host
.
Advertisement
Chapters
Table of Contents
Troubleshooting
