217
be equal to or greater than the value for the vlan-id1 argument. Though the system default VLAN
(VLAN 1) is in the valid value range, it cannot be configured in the command.
Usage guidelines
If the specified VLANs are secondary VLANs that have been associated with primary VLANs, the
command also assigns the port to the associated primary VLANs. Also, the following events occur:
• For an access port, the device performs the following operations:
{ Changes the port link type to hybrid. The PVID of the port does not change.
{ Assigns the port to the secondary VLANs and the associated primary VLANs as a tagged
member.
• For a trunk port, the device does not change the port link type or PVID.
• For a hybrid port, the device does not change the port link type or PVID.
{ If the port has been an untagged or tagged member of part of the secondary VLANs and
their associated primary VLANs, this member attribute remains in these VLANs. The device
assigns the port to the rest of the secondary VLANs and their associated primary VLANs as
a tagged member.
{ If the hybrid port does not allow any of the secondary VLANs and their associated primary
VLANs, the device assigns the port to these VLANs as a tagged member.
A trunk secondary port can join only one secondary VLAN among all secondary VLANs associated
with a primary VLAN. However, it can join multiple secondary VLANs that are associated with
different primary VLANs.
The
undo form of this command does not change the VLAN attributes (allowed primary VLANs, port
link type, and PVID) of the port.
When you execute the undo form of this command on a trunk secondary port of the VLANs specified
by the
vlan-id-list argument, one of the following events occurs:
• If the port is an access port, the device does not change the VLAN configuration of the port.
• If the port is a trunk or hybrid port, the device removes the port from the specified VLANs.
You can associate the specified VLANs with their respective primary VLANs before or after you
execute this command.
This command does not take effect on the specified VLAN if any of the following conditions applies:
• The specified VLAN does not exist.
• The specified VLAN is not a secondary VLAN and is used for other purposes.
• The specified VLAN shares the same primary VLAN with other secondary VLANs, and the
current port has been configured as a trunk secondary port in one of the other secondary
VLANs.
This command is mutually exclusive with the
port private-vlan host, port private-vlan
promiscuous
and port private-vlan trunk promiscuous commands.
For a downlink port to permit multiple secondary VLANs associated with different primary VLANs,
use the
port private-vlan trunk secondary command to assign the port to these
secondary VLANs. The port can then transmit packets from these secondary VLANs with VLAN tags.
For a downlink port to permit only one secondary VLAN, use the
port private-vlan host
command to assign the port to the secondary VLAN. The port can then transmit packets from the
secondary VLAN without VLAN tags.
Examples
• In this example, VLANs 2 and 3 are primary VLANs. VLAN 2 is associated with secondary
VLAN 20. VLAN 3 is associated with secondary VLAN 30.
# Display information about GigabitEthernet 1/0/1.
<Sysname> system-view
To Next Page
Loading...
Need help?
General