12-12
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
OL-9639-07
Chapter 12 Configuring Private VLANs
Configuring Private VLANs
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Administrative private-vlan host-association: 20 501
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan:
20 501
<output truncated>
Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port
You can configure only NNIs as promiscuous ports. Beginning in privileged EXEC mode, follow these
steps to configure a Layer 2 interface as a private-VLAN promiscuous port and map it to primary and
secondary VLANs:
Note Isolated and community VLANs are both secondary VLANs.
When you configure a Layer 2 interface as a private-VLAN promiscuous port, note this syntax
information:
• The secondary_vlan_list parameter cannot contain spaces. It can contain multiple comma-separated
items. Each item can be a single private-VLAN ID or a hyphenated range of private-VLAN IDs.
• Enter a secondary_vlan_list, or use the add keyword with a secondary_vlan_list to map the
secondary VLANs to the private-VLAN promiscuous port.
• Use the remove keyword with a secondary_vlan_list to clear the mapping between secondary
VLANs and the private-VLAN promiscuous port.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
interface interface-id Enter interface configuration mode for the Layer 2
interface to be configured. The interface must be an NNI.
Note If the interface is a UNI or ENI, you must enter
the port-type nni interface configuration
command before configuring it as a promiscuous
port.
Step 3
switchport mode private-vlan promiscuous Configure the Layer 2 NNI port as a private-VLAN
promiscuous port.
Step 4
switchport private-vlan mapping primary_vlan_id
{add | remove} secondary_vlan_list
Map the private-VLAN promiscuous port to a primary
VLAN and to selected secondary VLANs.
Step 5
end Return to privileged EXEC mode.
Step 6
show interfaces [interface-id] switchport Verify the configuration.
Step 7
copy running-config startup config (Optional) Save your entries in the switch startup
configuration file.
To Next Page
Loading...
