beautypg.com

Membership rules for private vlans in access mode, Promiscuous ports, Host ports – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 418

background image

VLAN Introduction

Software Reference for x310 Series Switches

16.6

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

Membership rules for private VLANs in access mode

The following membership rules apply when creating and operating private VLANs in
access mode.

Each private VLAN:

must contain one promiscuous port (or aggregated link)

may contain multiple host ports

can be configured to span switch instances

can only contain promiscuous and host ports

cannot use the default VLAN (vlan1)

a private isolated VLAN can only contain a single promiscuous port

a private community VLAN can contain more than one promiscuous port

A promiscuous port:

is a member of the primary VLAN and all its associated secondary VLANs

cannot be a member of both private and non-private VLANs

A host port:

can be a member of multiple private (community) VLANs, but all these VLANs must
share the same promiscuous port

cannot be a host port in some VLANs and a non-host port in others

cannot be a promiscuous port in another VLAN

Promiscuous ports

A promiscuous port can communicate with all ports that are members of its associated
secondary VLANs. Multiple promiscuous ports can exist in a primary VLAN, but only if the
primary VLAN is only associated with community VLANS (that is, that there are no isolated
VLANs associated with this port).

A promiscuous port is a member of the primary VLAN and all associated secondary VLANs.
Its Port VID is set to the VLAN ID of the primary VLAN.

Host ports

Host ports have two levels of connectivity depending on whether they exist in an isolated
or a community VLAN.

1.

Host ports within an isolated VLAN

These ports are only allowed to communicate with their VLAN’s promiscuous port, even
though they share their secondary (isolated) VLAN with other hosts. The host ports receive
their data from the promiscuous port via the primary VLAN, and individually transmit their
data to the promiscuous port via their common secondary VLAN.

2.

Host ports within a community VLAN

These ports are able to communicate with both the promiscuous port and the other ports
within the community VLAN that they are associated with. They receive their data from
the promiscuous port via the primary VLAN, and transmit their data to both the
promiscuous port and the other host ports (within their community VLAN) via their
common secondary VLAN. However, the only external path from a community VLAN is
from its promiscuous port.

See also other documents in the category Allied Telesis Computer hardware: