Private-vlan, Private-vlan 1136 – LevelOne GTL-2691 User Manual

C

HAPTER

39

| VLAN Commands

Configuring Private VLANs

– 1136 –

private-vlan

Use this command to create a primary or community private VLAN. Use the

no form to remove the specified private VLAN.

S

YNTAX

private-vlan vlan-id {community | primary}
no private-vlan vlan-id

vlan-id - ID of private VLAN. (Range: 1-4093).
community - A VLAN in which traffic is restricted to host

members in the same VLAN and to promiscuous ports in the

associate primary VLAN.
primary - A VLAN which can contain one or more community

VLANs, and serves to channel traffic between community VLANs

and other locations.

D

EFAULT

S

ETTING

None

C

OMMAND

M

ODE

VLAN Configuration

C

OMMAND

U

SAGE

◆

Private VLANs are used to restrict traffic to ports within the same

community, and channel traffic passing outside the community through

promiscuous ports. When using community VLANs, they must be

mapped to an associated “primary” VLAN that contains promiscuous

ports.

◆

Port membership for private VLANs is static. Once a port has been

assigned to a private VLAN, it cannot be dynamically moved to another

VLAN via GVRP.

◆

Private VLAN ports cannot be set to trunked mode. (See

"switchport

mode" on page 1119

.)

E

XAMPLE

Console(config)#vlan database

Console(config-vlan)#private-vlan 2 primary

Console(config-vlan)#private-vlan 3 community

Console(config)#