Configuring the ECN330-switch
3031553-KDU 137 365 Uen D 2006-06-16
CLI – This example sets port 2 to tunnel mode, indicates that the TPID used for
802.1Q tagged frames will be 9100 hexadecimal, and enables address monitor
mode to pass traffic between the management VLANs and the tunnel port.
6.12.2 Configuring Private VLANs
Private VLANs provide port-based security and isolation between ports within
the assigned VLAN. The ECN330-switch supports private VLANs in the form of
primary/secondary associated groups, where the secondary groups are isolated
VLANs whose members cannot directly communicate with each other, and can
only send/receive traffic outside of the group through promiscuous ports that
have been assigned to an associated primary VLAN. In other words, a primary
VLAN contains promiscuous ports that can communicate with all other ports in
the primary VLAN group and with members of any isolated VLAN group that has
been associated with the primary group. An isolated VLAN contains isolated
ports that cannot communicate with any other hosts within the isolated VLAN,
and can only communicate with promiscuous ports in the associated primary
VLAN. In all cases, the promiscuous ports are designed to provide open access
to an external network such as the Internet, while the isolated ports provide
restricted access to local users.
One or more isolated VLAN can be configured. An isolated port can also join a
normal VLAN, but at most host-associate to one isolated VLAN. A promiscuous
port can join to normal VLAN but at most be mapped to one primary VLAN. (Note
that private VLANs and normal VLANs can exist simultaneously within the same
ECN330-switch.)
Multiple primary VLANs can be configured on the ECN330-switch, an isolated
VLAN can only be associated with only one primary VLAN, but multiple isolated
VLANs can be associated with each primary VLAN.
Console(config)#interface ethernet 1/2
Console(config-if)#switchport mode dot1q-tunnel
Console(config-if)#switchport dot1q-ethertype 9100
Console(config-if)#address-monitor qinq
Console(config-if)#
To Next Page
Loading...
