beautypg.com

Associating the primary and secondary vlans, Configuring an interface as a pvlan host port – Brocade Network OS Administrator’s Guide v4.1.1 User Manual

Page 366

background image

• For private VLANs, egress ACLs on the primary VLAN are applied only for the traffic that ingresses

and egresses from the primary VLAN, and not for the traffic that gets translated from the
secondary VLAN to the primary VLAN.

• For private VLANs, egress ACLs on the primary VLAN are also applied to the traffic that gets

translated to the secondary VLAN.

• STP is not supported on private VLAN host ports.

Associating the primary and secondary VLANs

This procedure configures the PVLAN and associates the secondary VLAN with the primary VLAN.

1. Configure the VLAN interface.

switch(config)# interface vlan 10

2. Configure the VLAN as a primary PVLAN.

switch(conf-if-vl-10)# private-vlan primary

3. Configure the secondary VLAN (community).

switch(config)# interface vlan 100

switch(conf-if-vl-100)# private-vlan community

4. Configure the secondary VLAN (isolated).

switch(config)# interface vlan 200

switch(conf-if-vl-200)# private-vlan isolated

5. Associate the secondary VLAN with the primary VLAN. The list can contain one isolated VLAN and

multiple community VLAN.

switch(config)# interface vlan 10

switch(conf-if-vl-10)# private-vlan association add 100

6. Exit VLAN configuration mode.

switch(conf-if-vl-10)# exit

Configuring an interface as a PVLAN promiscuous port

This procedure configures an interface as the PVLAN promiscuous port.

1. Specify the interface.

switch(config)# interface tengigabitethernet 0/1

2. Mark the interface as switch port

switch(conf-if-te-0/1)#switchport

3. Configure the interface as a PVLAN promiscuous port (untagged).

switch(conf-if-te-0/1)# switchport mode private-vlan promiscuous

4. Configure the interface as a PVLAN promiscuous port (tagged).

switch(conf-if-te-0/1)# switchport mode private-vlan trunk promiscuous

5. Associate the interface with a PVLAN.

switch(conf-if-te-0/1)# switchport private-vlan mapping add 10 100,200

6. Configure a normal VLAN on the PVLAN promiscuous port.

switch(conf-if-te-0/1)# switchport trunk allowed vlan add 500

Configuring an interface as a PVLAN host port

This procedure configures an interface as the PVLAN host port.

1. Specify the interface.

switch(config)#interface tengigabitethernet 0/1

2. Mark the interface as a switch port.

switch(conf-if-te-0/1)# switchport

3. Configure the interface as a PVLAN host port that is tagged, or as a PVLAN host port that is

untagged.

Associating the primary and secondary VLANs

366

Network OS Administrator’s Guide

53-1003225-04

See also other documents in the category Brocade Computer Accessories: