C
HAPTER
36
| VLAN Commands
Configuring Private VLANs
– 854 –
private vlan
association
Use this command to associate a primary VLAN with a secondary (i.e.,
community) VLAN. Use the no form to remove all associations for the
specified primary VLAN.
SYNTAX
private-vlan primary-vlan-id association {secondary-vlan-id |
add secondary-vlan-id | remove secondary-vlan-id}
no private-vlan primary-vlan-id association
primary-vlan-id - ID of primary VLAN. (Range: 1-4093, no leading
zeroes).
secondary-vlan-id - ID of secondary (i.e, community) VLAN.
(Range: 1-4093, no leading zeroes).
DEFAULT SETTING
None
COMMAND MODE
VLAN Configuration
COMMAND USAGE
Secondary VLANs provide security for group members. The associated
primary VLAN provides a common interface for access to other network
resources within the primary VLAN (e.g., servers configured with
promiscuous ports) and to resources outside of the primary VLAN (via
promiscuous ports).
EXAMPLE
Console(config-vlan)#private-vlan 2 association 3
Console(config)#
switchport mode
private-vlan
Use this command to set the private VLAN mode for an interface. Use the
no form to restore the default setting.
SYNTAX
switchport mode private-vlan {host | promiscuous}
no switchport mode private-vlan
host – This port type can subsequently be assigned to a community
VLAN.
promiscuous – This port type can communicate with all other
promiscuous ports in the same primary VLAN, as well as with all the
ports in the associated secondary VLANs.
DEFAULT SETTING
Normal VLAN
To Next Page
Loading...
Need help?
General
