Asus GigaX2024SX User Manual

4-162

private vlan association

Use this command to associate a primary VLAN with a secondary (i.e.,
community) VLAN. Use the no form to remove all associations for the specified
primary VLAN.

Syntax

private-vlan primary-vlan-id association {secondary-vlan-id |

add secondary-vlan-id | remove secondary-vlan-id}
no private-vlan primary-vlan-id association
• primary-vlan-id - ID of primary VLAN.
(Range: 1-4094, no leading zeroes).
• secondary-vlan-id - ID of secondary (i.e, community) VLAN.
(Range: 1-4094, no leading zeroes).

Default Setting

None

Command Mode

VLAN Configuration

Command Usage
Secondary VLANs provide security for group members. The associated primary
VLAN provides a common interface for access to other network resources within
the primary VLAN (e.g., servers configured with promiscuous ports) and to
resources outside of the primary VLAN (via promiscuous ports).
Example

switchport mode private-vlan

Use this command to set the private VLAN mode for an interface. Use the no form
to restore the default setting.

Syntax

switchport mode private-vlan {host | promiscuous}
no switchport mode private-vlan

• host – This port type can communicate with all other host ports assigned to
the same secondary VLAN. All communications outside of this VLAN must
pass through a promiscuous port in the associated primary VLAN.
• promiscuous – This port type can communicate with all other promiscuous
ports in the same primary VLAN, as well as with all the ports in the associated
secondary VLANs.

Default Setting

Normal VLAN

Command Mode

Interface Configuration (Ethernet, Port Channel)