Configuration Guide Private VLAN Configuration
Configuring a VLAN as a Private VLAN
To configure a VLAN as a private VLAN, execute the following commands:
Enter the global configuration mode.
Enter the VLAN configuration mode.
private-vlan{community | isolated| primary}
Configure a private VLAN.
no private-vlan{community | isolated | primary}
Remove the configured private VLAN.
Exit the VLAN configuration mode.
show vlan private-vlan [type]
The member port in the 802.1Q VLAN cannot be declared as a private VLAN.
VLAN 1 cannot be declared as a private VLAN as well. If there is a trunk or
uplink port in the 802.1Q VLAN, first delete this VLAN from the allowed VLAN
list. The following conditions must be met in order to make a private VLAN
become active:
1. The primary VLAN is available.
2. The secondary VLANs are available.
3. The secondary VLANs are associated with the primary VLAN.
The following example configures 802.1Q VLAN as a private VLAN:
Ruijie# configure terminal
Ruijie(config)# vlan 303
Ruijie(config-vlan)# private-vlan community
Ruijie(config-vlan)# end
Ruijie# show vlan private-vlan community
VLAN Type Status Routed Interface Associated VLANs
--- ---- -------- ------ --------- ------------------
303 comm inactive Disabled no association
Ruijie#configure terminal
Ruijie(config)#vlan 404
Ruijie(config-vlan)# private-vlan isolated
Ruijie(config-vlan)# end
Ruijie# show vlan private-vlan
VLAN Type Status Routed Interface Associated VLANs
--- ---- -------- ------ --------- ------------------
303 comm inactive Disabled no association
404 isol inactive Disabled no association
Associating the Secondary VLANs with the Primary VLAN
To associate the secondary VLANs with the primary VLAN, execute the
following commands:
To Next Page
Loading...
