Configuring VLANs Using Private VLANs
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 4-19
When the Primary VLAN for a PVLAN is deleted, any router interfaces defined for the PVLAN are
removed and all VLAN port associations are dropped.
To view a list of PVLANs already configured on the switch, use the show pvlan command. See
“Verifying the PVLAN Configuration” on page 4-25 for more information.
Enabling/Disabling the PVLAN Administrative Status
The administrative state of a PVLAN is enabled by default. To enable or disable the administrative status
for an existing PVLAN, enter pvlan followed by an existing Primary VLAN ID and either admin-state
enable or admin-state disable. For example:
-> pvlan 200 admin-state enable
-> pvlan 200 admin-state disable
When the administrative status for the Primary VLAN of a PVLAN is changed, the following occurs:
• The change is automatically made to any Secondary VLANs associated with the Primary VLAN.
• PVLAN port assignments are retained but traffic is not forwarded on these ports if the administrative
status is disabled.
Modifying the PVLAN Description
To change the description for the Primary VLAN of a PVLAN, enter pvlan followed by an existing
VLAN ID and the keyword name followed by the new description (up to 32 characters). For example, the
following command changes the description for Primary VLAN 200 to “Corporate IP Network”:
-> pvlan 455 name “Corporate IP Network”
Creating Secondary VLANs
Before creating Secondary VLANs for a PVLAN, consider the following points:
• The VLAN ID used to configure the Secondary VLAN must not already exist in the system.
• The Secondary VLAN can be created only after the Primary VLAN for the PVLAN is created.
• There are two types of Secondary VLANs: Isolated and Community. Only one Isolated VLAN can be
associated with a Primary VLAN, but multiple Community VLANs can be associated with the same
Primary VLAN.
• The administrative state of Secondary VLANs is derived from the administrative state of the Primary
VLAN.
• The Spanning Tree state of Secondary VLANs is derived from the Spanning Tree state of the
associated Primary VLAN.
• MVRP cannot be enabled on a Secondary VLAN.
To create and associate a Secondary VLAN to a Primary VLAN, use the pvlan secondary command. For
example, the following commands create Isolated and Community VLANs for Primary VLAN 200:
-> pvlan 200 secondary 250 type isolated
-> pvlan 200 secondary 251 type community
By default, the administrative status and the Spanning Tree status of the associated Primary VLAN is
applied to both of the configured Secondary VLANs.
To Next Page
Loading...
Need help?
General
