beautypg.com

Private vlans – SMC Networks 16 10BASE-T User Manual

Page 149

background image

VLAN Configuration

3-113

3

CLI – This example sets port 3 to accept only tagged frames, assigns PVID 3 as the
native VLAN ID, enables GVRP, sets the GARP timers, and then sets the switchport
mode to hybrid.

Private VLANs

Private VLANs provide port-based security and isolation between ports within the
assigned VLAN. This switch supports two types of private VLAN ports: promiscuous,
and community ports. A promiscuous port can communicate with all interfaces within
a private VLAN. Community ports can only communicate with other ports in their
own community VLAN, and with their designated promiscuous ports. (Note that
private VLANs and normal VLANs can exist simultaneously within the same switch.)

Each private VLAN consists of two components: a primary VLAN and one or more
community VLANs. A primary VLAN allows traffic to pass between promiscuous
ports, and between promiscuous ports and community ports subordinate to the
primary VLAN. A community VLAN conveys traffic between community ports, and
from the community ports to their associated promiscuous ports. Multiple primary
VLANs can be configured on this switch, and multiple community VLANs can be
configured within each primary VLAN.

To configure private VLANs, follow these steps:

1.

Use the Private VLAN Configuration menu (page 3-115) to designate one or
more community VLANs and the primary VLAN that will channel traffic outside
of the community groups.

2.

Use the Private VLAN Association menu (page 3-116) to map the secondary
(i.e., community) VLAN(s) to the primary VLAN.

3.

Use the Private VLAN Port Configuration menu (page 3-118) to set the port
type to promiscuous (i.e., having access to all ports in the primary VLAN) or
host (i.e., having access restricted to community VLAN members, and

Console(config)#interface ethernet 1/3

4-104

Console(config-if)#switchport acceptable-frame-types tagged

4-148

Console(config-if)#switchport ingress-filtering

4-149

Console(config-if)#switchport native vlan 3

4-150

Console(config-if)#switchport gvrp

4-160

Console(config-if)#garp timer join 20

4-161

Console(config-if)#garp timer leave 90

4-161

Console(config-if)#garp timer leaveall 2000

4-161

Console(config-if)#switchport mode hybrid

4-148

Console(config-if)#

Uplink Ports
Primary VLAN
(promiscuous ports)

x

Downlink Ports
Secondary VLAN
(private ports)

This manual is related to the following products:
See also other documents in the category SMC Networks Computer Accessories: