Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

47-7

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 47 Configuring Private VLANs

About Private VLANs

Traffic in the upstream direction is sent by host1 to the non-PVLAN switch, arriving in VLAN 11. The

packets are then transmitted to the switch tagged with that VLAN’s tag (VLAN 11) over the trunk port.

On the switch, VLAN 11 is configured as the isolated VLAN, and the traffic is forwarded as if it came

from an isolated host port.

Note When an isolated trunk is used in this way, Catalyst 4500 series switch provides isolation between the

isolated trunk and directly connected hosts (such as host3) but not between hosts connected to the

non-PVLAN switch (such as host1 and host2). The non-PVLAN switch must provide isolation between

these hosts, using a feature such as protected ports on a Catalyst 2950.

For details on protected ports, see the URL:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configur

ation/guide/swtrafc.html#wp1158863

Promiscuous PVLAN Trunk Ports

PVLAN promiscuous trunks are used in situations where one would normally use a PVLAN

promiscuous host port but where it is necessary to carry multiple VLANs, either normal VLANs or for

multiple PVLAN domains. This makes it useful for connecting an upstream router that does not support

PVLANs, such as a Cisco 7200.

Figure 47-4 Promiscuous PVLAN Trunk Ports

In Figure 47-4, a Catalyst 4500 series switch connects a PVLAN domain to an upstream router that does

not support PVLANs. Traffic being sent upstream by host1 arrives on the switch in the community

VLAN (VLAN 12). When this traffic is bridged onto the promiscuous PVLAN trunk towards the router,

it is tagged with the primary VLAN (VLAN 10). This way it can be routed using the correct subinterface

configured on the router.

Traffic in the downstream direction is received on the promiscuous PVLAN trunk port by the switch in

the primary VLAN (VLAN 10), just as if it had been received on a promiscuous host port. It can then be

bridged to the destination host as in any PVLAN domain.

PVLAN promiscuous trunks interact with VLAN QoS. Refer to the section “PVLANs and VLAN

ACL/QoS” section on page 47-8.

Catalyst

7200 router

Catalyst

4500 switch

Primary VLAN = VLAN10

Isolated VLAN = VLAN11

Community VLAN = VLAN12

Isolated

port, VLAN11

Community

port, VLAN12

204201

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E