EasyManua.ls Logo

Alcatel-Lucent OmniSwitch 6860 Series

Alcatel-Lucent OmniSwitch 6860 Series
1078 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring VLANs Using Private VLANs
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 4-17
4 Associate the ports that will be part of the PVLAN. For example, to tag ports with Primary VLAN 200
and Secondary VLANs 250 and 251, enter:
-> pvlan 200 members port 1/1/1-3 tagged
-> pvlan 250 members port 1/1/10-12 tagged
-> pvlan 251 members port 1/1/20-22 tagged
PVLAN Management Overview
The PVLAN feature provides the ability to create Secondary VLANs within a Primary VLAN. A regular
VLAN usually represents a single broadcast domain. However, a PVLAN divides a VLAN (Primary) into
sub-VLANs (Secondary) to partition the single broadcast domain into smaller broadcast sub-domains
while keeping the existing Layer 3 configuration.
The ports can be isolated from each other at the data link layer to improve security and performance and
also simplify IP address assignment. The following PVLAN configuration tasks can be performed on the
switch:
Create a Primary VLAN, see page 4-18.
Create Secondary VLANs (Community or Isolated) to associate with a Primary VLAN, see page 4-19.
Configure a user port or a link aggregate as a promiscuous port or ISL port for a Primary VLAN, see
page 4-20.
Note. Optional. To verify the PVLAN configuration, use the show pvlan command. For example:
-> show pvlan
pvlan type admin oper mtu name
------+----------+-------+------+------+------------------
200 Primary Ena Dis 1500 PVLAN 200
250 Isolated Ena Dis 1500 PVLAN 250
251 Community Ena Dis 1500 PVLAN 251
To verify the mapping of Secondary VLANs to a Primary VLAN, use the show pvlan mapping command.
For example:
-> show pvlan mapping
Primary Secondary
VLAN VLAN Type
----------+----------+------------
200 250 Isolated
200 251 Community
To verify the port assignments for the PVLAN, use the show pvlan members command. For example:
-> show pvlan members
pvlan port type status port-type
-------+---------+------------------+------------+------------
200 1/1 qtagged inactive promiscuous
200 1/2 qtagged inactive promiscuous
200 1/3 qtagged inactive promiscuous
250 1/10 qtagged inactive isolated
250 1/11 qtagged inactive isolated
250 1/12 qtagged inactive isolated
251 1/20 qtagged inactive community
251 1/21 qtagged inactive community
251 1/22 qtagged inactive community

Table of Contents

Related product manuals