Implementation Notes; Configuration Notes - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series configuration guide v02.8.00
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1436 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
Each private VLAN must have a primary VLAN. The primary VLAN is the interface between the
secured ports and the rest of the network. The private VLAN can have any combination of
community and isolated VLANs. (Refer to
Table 66
TABLE 66
Forwarding behavior
All ports within a VLAN constitute a
common Layer broadcast domain
Broadcasts and unknown unicasts
are forwarded to all the VLAN's ports
by default
Known unicasts
Implementation notes
•
•
Configuration notes
•
•
•
•
•
BigIron RX Series Configuration Guide
53-1002253-01
•
Isolated – Broadcasts and unknown unicasts received on isolated ports are sent only to
the primary port. They are not flooded to other ports in the isolated VLAN.
•
Community – Broadcasts and unknown unicasts received on community ports are sent to
the primary port and also are flooded to the other ports in the community VLAN.
list the differences between private VLANs and standard VLANs.
Comparison of private VLANs and standard port-based VLANs
The private VLAN implementation in the current release uses the CPU for forwarding packets
on the primary VLAN's "promiscuous" port. Other forwarding is performed in the hardware.
Support for the hardware forwarding in this feature sometimes results in multiple MAC address
entries for the same MAC address in the device's MAC address table. In this case, each of the
entries is associated with a different VLAN. The multiple entries are a normal aspect of the
implementation of this feature and do not indicate a software problem.
By default, the primary VLAN does not forward broadcast or unknown unicast packets into the
private VLAN. You also can use MAC address filters to control traffic forwarded into and out of
the private VLAN. If you are implementing the private VLAN on a Layer 2 Switch, you also can
use ACLs to control the traffic into and out of the private VLAN.
When Private VLAN mappings are enabled, the BigIron RX forwards unknown unicast, unknown
multicast, and broadcast packets in software. By default, the device forwards unknown
unicast, unknown multicast, and broadcast packets in hardware.
Release 02.4.00 supports private VLANs on untagged ports only. You cannot configure
isolated, community, or primary VLANs on 802.1Q tagged ports.
The device forwards all known unicast traffic in hardware. On the BigIron RX, multiple MAC
entries do not appear in the MAC address table because the device transparently manages
multiple MAC entries in hardware.
There is currently no support for IGMP Snooping within Private VLANs. In order to let clients in
Private VLANs get multicast traffic, IGMP Snooping must be disabled, so that all multicast
packets are treated as unregistered multicast packets and get flooded in software to all the
ports.
You can configure private VLANs and dual-mode VLAN ports on the same device. However, the
dual-mode VLAN ports cannot be members of Private VLANs.
"Configuration rules"
Private VLANs
No
No (isolated VLAN)
Yes (community VLAN)
Yes
Private VLANs
on page 316.)
Standard VLANs
Yes
Yes
Yes
11
315
Advertisement
Table of Contents
