Private-vlan, Private-vlan 4-159 – LevelOne GSW-2692 User Manual
Page 337

VLAN Commands
4-159
4
3.
Use the switchport mode private-vlan command to configure ports as 
promiscuous (i.e., having access to all ports in the primary VLAN) or host (i.e., 
community port).
4.
Use the switchport private-vlan host-association command to assign a port 
to a secondary VLAN.
5.
Use the switchport private-vlan mapping command to assign a port to a 
primary VLAN.
6.
Use the show vlan private-vlan command to verify your configuration settings.
To configure isolated VLANs, follow these steps:
1.
Use the private-vlan command to designate an isolated VLAN that will contain 
a single promiscuous port and one or more isolated ports.
2.
Use the switchport mode private-vlan command to configure one port as 
promiscuous (i.e., having access to all ports in the isolated VLAN) one or more 
ports as host (i.e., isolated port).
3.
Use the switchport private-vlan isolated command to assign a port to an 
isolated VLAN.
4.
Use the show vlan private-vlan command to verify your configuration settings.
private-vlan
Use this command to create a primary, community, or isolated private VLAN. Use 
the no form to remove the specified private VLAN.
Syntax
private-vlan vlan-id {community | primary | isolated}
no private-vlan vlan-id
• vlan-id - ID of private VLAN. (Range: 1-4094, no leading zeroes).
• community - A VLAN in which traffic is restricted to host members in the 
same VLAN and to promiscuous ports in the associate primary VLAN.
• primary - A VLAN which can contain one or more community VLANs, and
serves to channel traffic between community VLANs and other locations.
• isolated – Specifies an isolated VLAN. Ports assigned to an isolated VLAN
can only communicate with the promiscuous port within their own VLAN.
Default Setting
None
Command Mode
VLAN Configuration
Command Usage
• Private VLANs are used to restrict traffic to ports within the same community
or isolated VLAN, and channel traffic passing outside the community through 
promiscuous ports. When using community VLANs, they must be mapped to 
