16-10
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
OL-9775-08
Chapter 16 Configuring Private VLANs
Configuring Private VLANs
When you associate secondary VLANs with a primary VLAN, note this syntax information:
• The secondary_vlan_list parameter cannot contain spaces. It can contain multiple comma-separated
items. Each item can be a single private-VLAN ID or a hyphenated range of private-VLAN IDs.
• The secondary_vlan_list parameter can contain multiple community VLAN IDs but only one
isolated VLAN ID.
• Enter a secondary_vlan_list, or use the add keyword with a secondary_vlan_list to associate
secondary VLANs with a primary VLAN.
• Use the remove keyword with a secondary_vlan_list to clear the association between secondary
VLANs and a primary VLAN.
• The command does not take effect until you exit VLAN configuration mode.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
vtp mode transparent Set VTP mode to transparent (disable VTP).
Step 3
vlan vlan-id Enter VLAN configuration mode and designate or create a VLAN that
will be the primary VLAN. The VLAN ID range is 2 to 1001 and 1006
to 4094.
Step 4
private-vlan primary Designate the VLAN as the primary VLAN.
Step 5
exit Return to global configuration mode.
Step 6
vlan vlan-id (Optional) Enter VLAN configuration mode and designate or create a
VLAN that will be an isolated VLAN. The VLAN ID range is 2 to 1001
and 1006 to 4094.
Step 7
private-vlan isolated Designate the VLAN as an isolated VLAN.
Step 8
exit Return to global configuration mode.
Step 9
vlan vlan-id (Optional) Enter VLAN configuration mode and designate or create a
VLAN that will be a community VLAN. The VLAN ID range is 2 to
1001 and 1006 to 4094.
Step 10
private-vlan community Designate the VLAN as a community VLAN.
Step 11
exit Return to global configuration mode.
Step 12
vlan vlan-id Enter VLAN configuration mode for the primary VLAN designated in
Step 2.
Step 13
private-vlan association [add | remove]
secondary_vlan_list
Associate the secondary VLANs with the primary VLAN.
Step 14
end Return to privileged EXEC mode.
Step 15
show vlan private-vlan [type]
or
show interfaces status
Verify the configuration.
Step 16
copy running-config startup config Save your entries in the switch startup configuration file. To save the
private-VLAN configuration, you need to save the VTP transparent
mode configuration and private-VLAN configuration in the switch
startup configuration file. Otherwise, if the switch resets, it defaults to
VTP server mode, which does not support private VLANs.
To Next Page
Loading...
