15-6
Catalyst 3750 Switch Software Configuration Guide
78-16180-02
Chapter 15 Configuring Private VLANs
Configuring Private VLANs
• If a stack master stack that contains the only private-VLAN promiscuous port in the stack fails or
leaves the stack and a new stack master is elected, host ports in a private VLAN that had its
promiscuous port on the old stack master lose connectivity outside of the private VLAN.
• If two stacks merge, private VLANs on the winning stack are not affected, but private-VLAN
configuration on the losing switch is lost when that switch reboots.
For more information about switch stacks, see Chapter 5, “Managing Switch Stacks.”
Configuring Private VLANs
This section includes guidelines and procedures for configuring private VLANs. These sections are
included:
• Tasks for Configuring Private VLANs, page 15-6
• Default Private-VLAN Configuration, page 15-7
• Private-VLAN Configuration Guidelines, page 15-7
• Configuring and Associating VLANs in a Private VLAN, page 15-10
• Configuring a Layer 2 Interface as a Private-VLAN Host Port, page 15-11
• Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port, page 15-13
• Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface, page 15-14
Tasks for Configuring Private VLANs
To configure a private VLAN, perform these steps:
Step 1 Set VTP mode to transparent.
Step 2 Create the primary and secondary VLANs and associate them. See the “Configuring and Associating
VLANs in a Private VLAN” section on page 15-10.
Note If the VLAN is not created already, the private-VLAN configuration process creates it.
Step 3 Configure interfaces to be isolated or community host ports, and assign VLAN membership to the host
port. See the “Configuring a Layer 2 Interface as a Private-VLAN Host Port” section on page 15-11.
Step 4 Configure interfaces as promiscuous ports, and map the promiscuous ports to the primary-secondary
VLAN pair. See the “Configuring a Layer 2 Interface as a Private-VLAN Promiscuous Port” section on
page 15-13.
Step 5 If inter-VLAN routing will be used, configure the primary SVI, and map secondary VLANs to the
primary. See the “Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface” section on
page 15-14.
Step 6 Verify private-VLAN configuration.
To Next Page
Loading...
Need help?
General