Private vlans, Figure 72: showing the members of a dynamic vlan, Vlan – LevelOne GTL-2691 User Manual

C

HAPTER

6

| VLAN Configuration

Private VLANs

– 210 –

To show the members of a dynamic VLAN:

1.

Click VLAN, Dynamic.

2.

Select Show Dynamic VLAN from the Step list.

3.

Select Show VLAN Members from the Action list.

Figure 72: Showing the Members of a Dynamic VLAN

P

RIVATE

VLAN

S

Private VLANs provide port-based security and isolation of local ports

contained within different private VLAN groups. This switch supports two

types of private VLANs – primary and community groups. A primary VLAN

contains promiscuous ports that can communicate with all other ports in

the associated private VLAN groups, while a community (or secondary)

VLAN contains community ports that can only communicate with other

hosts within the community VLAN and with any of the promiscuous ports in

the associated primary VLAN. The promiscuous ports are designed to

provide open access to an external network such as the Internet, while the

community ports provide restricted access to local users.

Multiple primary VLANs can be configured on this switch, and multiple

community VLANs can be associated with each primary VLAN. (Note that

private VLANs and normal VLANs can exist simultaneously within the same

switch.)

To configure primary/secondary associated groups, follow these steps:

1.

Use the Configure VLAN (Add) page to designate one or more
community VLANs, and the primary VLAN that will channel traffic

outside of the VLAN groups.

2.

Use the Configure VLAN (Add Community VLAN) page to map a
community VLAN to the primary VLAN.

3.

Use the Configure Interface page to set the port type to promiscuous
(i.e., having access to all ports in the primary VLAN), or host (i.e.,

having access restricted to community VLAN members, and channeling