1 port isolation, 2 shared vlan, 1 port isolation 8.1.9.2 shared vlan – Siemens S223 User Manual

User Manual UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

A50010-Y3-C150-2-7619 187

isolation. If you want to configure Private VLAN on the hiD 6615 S223/S323 switch, refer
to Port Isolation configuration.

8.1.9.1 Port

Isolation

The Port Isolation feature is a method that restricts L2 switching between isolated ports in
a VLAN. Nevertheless, flows between isolated port and non-isolated port are not re-
stricted. If you use the port protected command, packet cannot be transmitted between
protected ports. However, to non-protected ports, communication is possible.

To configure Port Isolation, use the following command.

Command Mode

Description

port protected

PORTS

Enables port isolation.

no port protected

[PORTS]

Bridge

Disables port isolation.

8.1.9.2 Shared

VLAN

This chapter is only for Layer 2 switch operation. The hiD 6615 S223/S323 is Layer 3
switch, but it can be used for Layer 2 also. Because there is no routing information in
Layer 2 switch, each VLAN cannot communicate. Especially, the uplink port should re-
ceive packets from all VLANs. Therefore, when you configure the hiD 6615 S223/S323 as
Layer 2 switch, the uplink ports have to be included in all VLANs.

Fig. 8.4

In Case Packets Going Outside in Layer 2 environment

As above configuration with untagged packet, if an untagged packet comes into port 1, it
is added with tag 1 for PVID 1. And the uplink port 24 is also included in the default
VLAN; it can transmit to port 24.

However, a problem is possible to occur for coming down untagged packets to uplink
ports. If an untagged packet comes to uplink ports from outer network, the system does
not know which PIVD it has and where should it forward.