P
RIVATE
VLAN C
OMMANDS
3-131
Private VLAN Commands
Private VLANs provide port-based security and isolation between ports
within the assigned VLAN. This switch supports three types of private
VLAN ports: promiscuous, isolated, and community ports. A promiscuous
port can communicate with all interfaces within a private VLAN. An
isolated port can only communicate with promiscuous ports within its own
VLAN. Community ports can only communicate with other ports in their
own community VLAN, and with their designated promiscuous ports.
This section describes commands used to configure private VLANs.
To configure private VLANs, follow these steps:
1. Use the private-vlan command to designate one or more isolated or
community VLANs and the primary VLAN that will channel traffic
outside the community groups.
Command Function Mode Page
Edit Private VLAN Groups
private-vlan Adds or deletes primary and secondary
VLANs
VC 3-133
private-vlan
association
Associates a secondary with a primary
VLAN
VC 3-133
Configure Private VLAN Interfaces
switchport mode
private-vlan
Sets an interface to host, isolated, or
promiscuous mode
IC 3-135
switchport
private-vlan
host-association
Associates an interface with a secondary
VLAN
IC 3-136
switchport
private-vlan mapping
Maps an interface to a primary VLAN IC 3-137
Display Private VLAN Information
show vlan
private-vlan
Shows Private VLAN information NE,
PE
3-138
To Next Page
Loading...
Need help?
General
