beautypg.com

Brocade FastIron Ethernet Switch Platform and Layer 2 Switching Configuration Guide User Manual

Page 419

background image

device(config-vlan-100)# pvlan type primary

device(config-vlan-100)# pvlan pvlan-trunk 102 ethernet 1/1/10 to 1/1/11

device(config-vlan-100)# pvlan pvlan-trunk 101 ethernet 1/1/10 to 1/1/11

FCX Switch 4

device(config)# vlan 101 by port

device(config-vlan-101)# untagged ethernet 1/1/3

device(config-vlan-101)# pvlan type isolated

device(config)# vlan 102 by port

device(config-vlan-102)# untagged ethernet 1/1/1 to 1/1/2

device(config-vlan-102)# pvlan type community

device(config)# vlan 100 by port

device(config-vlan-100)# tagged ethernet 1/1/10 to 1/1/11

device(config-vlan-100)# pvlan type primary

device(config-vlan-100)# pvlan pvlan-trunk 102 ethernet 1/1/10 to 1/1/11

device(config-vlan-100)# pvlan pvlan-trunk 101 ethernet 1/1/10 to 1/1/11

Multiple promiscuous ports support in private VLANs

Promiscuous ports are member ports of a primary VLAN. Prior versions of the FastIron software
supported only a single promiscuous port to be mapped to a secondary VLAN. However, now each
secondary VLAN can associate with one or more promiscuous ports.

An isolated VLAN with member ports, when mapped to one or more promiscuous ports of the primary
VLAN achieves the same forwarding behavior as that of the uplink ports in a port based VLAN (uplink-
switch). The broadcast and unknown unicast traffic from a host (isolated) port is flooded to the uplink
(promiscuous) ports only. Due to the hardware forwarding functionality of the private VLAN (in the
supported stackable SKUs) this method of achieving the uplink port behavior achieves a better
throughput than the conventional method of achieving uplink port.

Mapping secondary VLAN to primary VLAN by multiple promiscuous ports

1. Add the tagged ethernet ports to a VLAN.
2. Configure the VLAN as isolated.
3. Create VLAN 101.
4. Configure the VLAN 101 as primary VLAN in a PVLAN.
5. Map the isolated VLAN to the primary VLAN with uplink-ports as promiscuous ports. All broadcast

and unknown-unicast traffic from isolated VLAN ports will be sent to only promiscuous ports.

In the following example configuration, the isolated VLAN 100 has multiple
promiscuous ports 1/1/3 and 1/1/4.

device(config-vlan-100)# tagged ethernet 1/1/1 to 1/1/2

device(config-vlan-100)# pvlan type isolated

device(config-vlan-101)# tagged ethernet 1/1/3 to 1/1/5

device(config-vlan-101)# pvlan type primary

device(config-vlan-101)# pvlan map 100 ethernet 1/1/3

device(config-vlan-101)# pvlan map 100 ethernet 1/1/4

NOTE
Multiple promiscuous ports support for PVLAN is available on FCX, ICX 6610,
ICX 6430, ICX 6450, ICX 6450-C12, ICX 6430-C12, ICX 6650 and ICX 7750
devices. The Brocade ICX 6430, ICX6430-C12 and SXL do not support tagged
ports as part of PVLANs.

Multiple promiscuous ports support in private VLANs

FastIron Ethernet Switch Platform and Layer 2 Switching Configuration Guide

419

53-1003086-04

See also other documents in the category Brocade Computer Accessories: