CHAPTER 4
Configuring Private VLANs
This chapter contains the following sections:
•
Guidelines and Limitations for Private VLANs, page 27
•
Information About Private VLANs, page 28
•
Configuring a Private VLAN, page 34
•
Verifying the Private VLAN Configuration, page 42
Guidelines and Limitations for Private VLANs
When configuring PVLANs, follow these guidelines:
•
You must create a VLAN before you can assign the specified VLAN as a private VLAN.
•
You must enable PVLANs before the switch can apply the PVLAN functionality.
•
You cannot disable PVLANs if the switch has any operational ports in a PVLAN mode.
•
Enter the private-vlan synchronize command from within the Multiple Spanning Tree (MST) region
definition to map the secondary VLANs to the same MST instance as the primary VLAN.
•
You must disable all the FEX isolated trunk ports before configuring FEX trunk ports.
•
The number of mappings on a PVLAN trunk port is limited to 128.
•
You cannot connect a second switch to a promiscuous or isolated PVLAN trunk. The promiscuous or
isolated PVLAN trunk is supported only on host-switch.
•
You cannot configure promiscuous ports and promiscuous trunk ports on the FEX interfaces (HIF) ports.
•
If you configure a private-vlan association under a VLAN, but do not configure the private-vlan type
as primary, this association will reappear in the running configuration under the same VLAN when the
VLAN is deleted and re-created. Note that this earlier association cannot be removed by using the no
private-vlan association command. It can be removed only by performing either of the following tasks:
◦
Disable the PVLAN feature.
Or
Cisco Nexus 6000 Series NX-OS Layer 2 Switching Configuration Guide, Release 7.x
27
To Next Page
Loading...
