189
Ten-GigabitEthernet1/0/3
The output shows that:
• The trunk promiscuous port (Ten-GigabitEthernet 1/0/5) is a tagged member of primary VLAN
10 and secondary VLANs 11 and 12.
• The trunk secondary port (Ten-GigabitEthernet 1/0/2) is a tagged member of primary VLAN 10
and secondary VLAN 11.
• The host port (Ten-GigabitEthernet 1/0/3) is an untagged member of primary VLAN 10 and
secondary VLAN 12.
Secondary VLAN Layer 3 communication configuration
example
Network requirements
As shown in Figure 62, configure the private VLAN feature to meet the following requirements:
• Primary VLAN 10 on Device A is associated with secondary VLANs 2 and 3. The IP address of
VLAN-interface 10 is 192.168.1.1/24.
• Ten-GigabitEthernet 1/0/1 belongs to VLAN 10. Ten-GigabitEthernet 1/0/2 and
Ten-GigabitEthernet 1/0/3 belong to VLAN 2 and VLAN 3, respectively.
• Secondary VLANs are isolated at Layer 2 but interoperable at Layer 3.
Figure 62 Network diagram
Configuration procedure
# Create VLAN 10 and configure it as a primary VLAN.
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] private-vlan primary
[DeviceA-vlan10] quit
# Create VLANs 2 and 3.
<DeviceA> system-view
[DeviceA] vlan 2 to 3
# Associate primary VLAN 10 with secondary VLANs 2 and 3.
[DeviceA] vlan 10
[DeviceA-vlan10] private-vlan primary
[DeviceA-vlan10] private-vlan secondary 2 3
[DeviceA-vlan10] quit
To Next Page
Loading...
Need help?
General