Implementation Notes; Configuration Notes - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.7.02
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
•
Each private VLAN must have a primary VLAN. The primary VLAN is the interface between the
secured ports and the rest of the network. The private VLAN can have any combination of
community and isolated VLANs. (Refer to
Table 64
TABLE 64
Forwarding behavior
All ports within a VLAN constitute a
common Layer broadcast domain
Broadcasts and unknown unicasts
are forwarded to all the VLAN's ports
by default
Known unicasts
Implementation notes
•
•
Configuration notes
•
•
BigIron RX Series Configuration Guide
53-1001810-01
Secondary – The secondary private VLAN are secure VLANs that are separated from the rest
of the network by the primary private VLAN. Every secondary private VLAN needs to be
associated with a primary private VLAN. There are 2 different types of secondary private VLANs
- 'community' and 'isolated' private VLANs:
•
Isolated – Broadcasts and unknown unicasts received on isolated ports are sent only to
the primary port. They are not flooded to other ports in the isolated VLAN.
•
Community – Broadcasts and unknown unicasts received on community ports are sent to
the primary port and also are flooded to the other ports in the community VLAN.
list the differences between private VLANs and standard VLANs.
Comparison of private VLANs and standard port-based VLANs
The private VLAN implementation in the current release uses the CPU for forwarding packets
on the primary VLAN's "promiscuous" port. Other forwarding is performed in the hardware.
Support for the hardware forwarding in this feature sometimes results in multiple MAC address
entries for the same MAC address in the device's MAC address table. In this case, each of the
entries is associated with a different VLAN. The multiple entries are a normal aspect of the
implementation of this feature and do not indicate a software problem.
By default, the primary VLAN does not forward broadcast or unknown unicast packets into the
private VLAN. You also can use MAC address filters to control traffic forwarded into and out of
the private VLAN. If you are implementing the private VLAN on a Layer 2 Switch, you also can
use ACLs to control the traffic into and out of the private VLAN.
When Private VLAN mappings are enabled, the device forwards unknown unicast, unknown
multicast, and broadcast packets in software. By default, the device forwards unknown
unicast, unknown multicast, and broadcast packets in hardware.
Release 02.4.00 supports private VLANs on untagged ports only. You cannot configure
isolated, community, or primary VLANs on 802.1Q tagged ports.
"Configuration rules"
Private VLANs
No
No (isolated VLAN)
Yes (community VLAN)
Yes
Private VLANs
on page 308.)
Standard VLANs
Yes
Yes
Yes
11
307
Advertisement
Table of Contents
