Dell POWEREDGE M1000E User Manual

Page 436

Advertising
background image

2-406

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference

OL-13271-03

Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands

private-vlan

If you delete either the primary or secondary VLANs, the ports associated with the VLAN become
inactive.

A community VLAN carries traffic among community ports and from community ports to the
promiscuous ports on the corresponding primary VLAN.

An isolated VLAN is used by isolated ports to communicate with promiscuous ports. It does not carry
traffic to other community ports or isolated ports with the same primary vlan domain.

A primary VLAN is the VLAN that carries traffic from a gateway to customer end stations on private
ports.

Configure Layer 3 VLAN interfaces (SVIs) only for primary VLANs. You cannot configure Layer 3
VLAN interfaces for secondary VLANs. SVIs for secondary VLANs are inactive while the VLAN is
configured as a secondary VLAN.

The private-vlan commands do not take effect until you exit from VLAN configuration mode.

Do not configure private-VLAN ports as EtherChannels. While a port is part of the private-VLAN
configuration, any EtherChannel configuration for it is inactive.

Do not configure a private VLAN as a Remote Switched Port Analyzer (RSPAN) VLAN.

Do not configure a private VLAN as a voice VLAN.

Do not configure fallback bridging on switches with private VLANs.

Although a private VLAN contains more than one VLAN, only one STP instance runs for the entire
private VLAN. When a secondary VLAN is associated with the primary VLAN, the STP parameters of
the primary VLAN are propagated to the secondary VLAN.

For information about configuring host ports and promiscuous ports, see the

switchport mode

private-vlan

command.

For more information about private-VLAN interaction with other features, see the software
configuration guide for this release.

Examples

This example shows how to configure VLAN 20 as a primary VLAN, VLAN 501 as an isolated VLAN,
and VLANs 502 and 503 as community VLANs, and to associate them in a private VLAN:

Switch# configure terminal

Switch(config)# vlan 20

Switch(config-vlan)# private-vlan primary

Switch(config-vlan)# exit

Switch(config)# vlan 501

Switch(config-vlan)# private-vlan isolated

Switch(config-vlan)# exit

Switch(config)# vlan 502

Switch(config-vlan)# private-vlan community

Switch(config-vlan)# exit

Switch(config)# vlan 503

Switch(config-vlan)# private-vlan community

Switch(config-vlan)# exit

Switch(config)# vlan 20

Switch(config-vlan)# private-vlan association 501-503

Switch(config-vlan)# end

You can verify your setting by entering the show vlan private-vlan or show interfaces status privileged
EXEC command.

Advertising
Popular Brands
Popular manuals