32
Restrictions and guidelines: Private VLAN
configuration
• Make sure the following requirements are met:
{ For a promiscuous port:
− The primary VLAN is the PVID of the port.
− The port is an untagged member of the primary VLAN and secondary VLANs.
{ For a host port:
− The PVID of the port is a secondary VLAN.
− The port is an untagged member of the primary VLAN and the secondary VLAN.
{ A trunk promiscuous or trunk secondary port must be a tagged member of the primary
VLANs and the secondary VLANs.
• VLAN 1 (system default VLAN) does not support the private VLAN configuration.
Private VLAN tasks at a glance
To configure a private VLAN, perform the following tasks:
1. Creating a primary VLAN
2. Creating secondary VLANs
3. Associating the primary VLAN with secondary VLANs
4. Configuring the uplink port
5. Configuring a downlink port
6. (Optional.) Configuring Layer 3 communication for secondary VLANs
Creating a primary VLAN
1. Enter system view.
system-view
2. Create a VLAN and enter VLAN view.
vlan vlan-id
3. Configure the VLAN as a primary VLAN.
private-vlan primary
By default, a VLAN is not a primary VLAN.
Creating secondary VLANs
1. Enter system view.
system-view
2. Create one or multiple secondary VLANs.
vlan { vlan-id-list | all }
To Next Page
Loading...
Need help?
General