EasyManuals Logo

Cisco WS-C3750-48PS-S User Manual

Cisco WS-C3750-48PS-S
1010 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #343 background imageLoading...
Page #343 background image
15-9
Catalyst 3750 Switch Software Configuration Guide
78-16180-02
Chapter 15 Configuring Private VLANs
Configuring Private VLANs
Limitations with Other Features
When configuring private VLANs, remember these limitations with other features:
Note In some cases, the configuration is accepted with no error messages, but the commands have no effect.
Do not configure fallback bridging on switches with private VLANs.
When IGMP snooping is enabled on the switch (the default), the switch stack supports no more than
20 private-VLAN domains.
IP source guard is not supported in private VLANs.
Do not configure a remote SPAN (RSPAN) VLAN as a private-VLAN primary or secondary VLAN.
For more information about SPAN, see Chapter 27, “Configuring SPAN and RSPAN.”
Do not configure private-VLAN ports on interfaces configured for these other features:
dynamic-access port VLAN membership
Dynamic Trunking Protocol (DTP)
Port Aggregation Protocol (PAgP)
Link Aggregation Control Protocol (LACP)
Multicast VLAN Registration (MVR)
voice VLAN
dynamic ARP inspection
A private-VLAN port cannot be a secure port and should not be configured as a protected port.
You can configure IEEE 802.1x port-based authentication on a private-VLAN port, but do not
configure 802.1x with port security, voice VLAN, or per-user ACL on private-VLAN ports.
A private-VLAN host or promiscuous port cannot be a SPAN destination port. If you configure a
SPAN destination port as a private-VLAN port, the port becomes inactive.
If you configure a static MAC address on a promiscuous port in the primary VLAN, you must add
the same static address to all associated secondary VLANs. If you configure a static MAC address
on a host port in a secondary VLAN, you must add the same static MAC address to the associated
primary VLAN. When you delete a static MAC address from a private-VLAN port, you must remove
all instances of the configured MAC address from the private VLAN.
Note Dynamic MAC addresses learned in one VLAN of a private VLAN are replicated in the
associated VLANs. For example, a MAC address learned in a secondary VLAN is replicated
in the primary VLAN. When the original dynamic MAC address is deleted or aged out, the
replicated addresses are removed from the MAC address table.
Configure Layer 3 VLAN interfaces (SVIs) only for primary VLANs.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C3750-48PS-S and is the answer not in the manual?

Cisco WS-C3750-48PS-S Specifications

General IconGeneral
BrandCisco
ModelWS-C3750-48PS-S
CategorySwitch
LanguageEnglish

Related product manuals