Private VLANs (PVLAN) | 393
Each of the port types can be any type of physical Ethernet port, including port channels (LAGs). For
details about port channels, refer to Port Channel Interfaces in Interfaces.
For an introduction to VLANs, refer to Layer 2.
Private VLAN Commands
The commands dedicated to supporting the PVLANs feature are:
To provide PVLAN data, the outputs of the following commands are augmented in FTOS version 7.8.1.0:
•
show arp: refer to the IP Routing Commands chapter in the FTOS Command Reference Guide.
•
show vlan: refer to the Layer 2 Commands chapter in the FTOS Command Reference Guide.
Table 22-1. Private VLAN Commands
Task Command Syntax Command Mode
Enable/disable Layer 3 communication between
secondary VLANs.
[no] ip local-proxy-arp
Note: Even after you disable ip-local-proxy-arp
(no ip-local-proxy-arp) in a secondary VLAN,
Layer 3 communication may happen between
some secondary VLAN hosts, until the ARP
timeout happens on those secondary VLAN
hosts.
INTERFACE VLAN
Set the mode of the selected VLAN to
community, isolated, or primary.
[no] private-vlan mode {community | isolated |
primary}
INTERFACE VLAN
Map secondary VLANs to the selected primary
VLAN.
[no] private-vlan mapping secondary-vlan
vlan-list
INTERFACE VLAN
Display type and status of PVLAN interfaces.
show interfaces private-vlan [interface
interface]
EXEC
EXEC Privilege
Display PVLANs and/or interfaces that are part
of a PVLAN.
show vlan private-vlan [community | interface |
isolated | primary | primary_vlan | interface
interface]
EXEC
EXEC Privilege
Display primary-secondary VLAN mapping.
show vlan private-vlan mapping
EXEC
EXEC Privilege
Set the PVLAN mode of the selected port.
switchport mode private-vlan {host |
promiscuous | trunk}
INTERFACE
Note: Secondary VLANs are Layer 2 VLANs, so even if they are operationally down while primary VLANs
are operationally up, Layer 3 traffic is still transmitted across the secondary VLANs.
To Next Page
Loading...
