Private vlans, Private vlans -159 – SMC Networks TIGERSWITCH SMC6752AL2 User Manual
Page 206
C
ONFIGURING
THE
S
WITCH
3-158
CLI – This example sets port 3 to accept only tagged frames, assigns
PVID 3 as the native VLAN ID, enables GVRP, sets the GARP timers,
and then sets the switchport mode to hybrid.
Private VLANs
Private VLANs provide port-based security and isolation between ports
within the assigned VLAN. This switch supports three types of private
VLAN ports: promiscuous, isolated, and community ports. A promiscuous
port can communicate with all interfaces within a private VLAN. An
isolated port can only communicate with promiscuous ports within its own
VLAN. Community ports can only communicate with other ports in their
own community VLAN, and with their designated promiscuous ports.
(Note that private VLANs and normal VLANs can exist simultaneously
within the same switch.)
Each private VLAN consists of two components: a primary VLAN and
one or more community VLANs. A primary VLAN allows traffic to pass
between promiscuous ports, and between promiscuous ports and
community ports subordinate to the primary VLAN. A community VLAN
conveys traffic between community ports, and from the community ports
to their associated promiscuous ports. Multiple primary VLANs can be
configured on this switch, and multiple community VLANs can be
configured within each primary VLAN.
Console(config)#interface ethernet 1/3
Console(config-if)#switchport acceptable-frame-types tagged
Console(config-if)#switchport ingress-filtering
Console(config-if)#switchport native vlan 3
Console(config-if)#switchport gvrp
Console(config-if)#garp timer join 20
Console(config-if)#garp timer leave 90
Console(config-if)#garp timer leaveall 2000
Console(config-if)#switchport mode hybrid
Console(config-if)#