Switchport protected – Allied Telesis AT-S95 CLI User Manual

Page 340

Allied Telesis
AT-S95 Management Software CLI User’s Guide

Example

The following example gives VLAN number 19 the name Marketing.

switchport protected

The switchport protected Interface Configuration mode command enables Private VLAN Edge, by overriding the
FDB decision, and sends all Unicast, Multicast and Broadcast traffic to an uplink port. Use the no form of this
command to disable overriding the FDB decision.

Syntax

switchport protected {ethernet port | port-channel port-channel-number}

no switchport protected

Parameters
•

port— Specifies the uplink Ethernet port.

•

port-channel-number — Specifies the uplink port-channel.

Default Configuration

Switchport protected is disabled.

Command Mode

Interface Configuration (Ethernet, port-channel) mode

User Guidelines

Private VLAN Edge (PVE) supports private communication by isolating PVE-defined ports and ensuring that all
Unicast, Broadcast and Multicast traffic from these ports is only forwarded to uplink port(s).

PVE requires only one VLAN on each device, but not on every port; this reduces the number of VLANs required
by the device. Private VLANs and the default VLAN function simultaneously in the same device.

The uplink must be a GE port.

Example

This example configures ethernet port 1/e8 as a protected port, so that all traffic is sent to its uplink (ethernet port
1/e9).

console(config)# interface vlan 19
console(config-if)# name Marketing

console(config)# interface ethernet 1/e8
console(config-if)# switchport forbidden vlan add 234-256
console(config-if)# exit
console(config)# interface ethernet 1/e9
console(config-if)# switchport protected ethernet 1/e1