Configuring private vlans, Enabling private vlans, Figure 3-81 – Accton Technology ES5508 User Manual

VLAN Configuration

3-143

3

CLI – This example sets port 3 to accept only tagged frames, assigns PVID 3 as the
native VLAN ID, enables GVRP, sets the GARP timers, and then sets the switchport
mode to hybrid.

Configuring Private VLANs

Private VLANs provide port-based security and isolation between ports within the
assigned VLAN. Data traffic on downlink ports can only be forwarded to, and from,
uplink ports. (Note that private VLANs and normal VLANs can exist simultaneously
within the same switch.)

Enabling Private VLANs

Use the Private VLAN Status page to enable/disable the Private VLAN function.

Web – Click VLAN, Private VLAN, Status. Select Enable or Disable from the
scroll-down box, and click Apply.

Figure 3-81 Private VLAN Status

CLI – This example enables private VLANs.

Console(config)#interface ethernet 1/3

4-125

Console(config-if)#switchport acceptable-frame-types tagged

4-172

Console(config-if)#switchport ingress-filtering

4-172

Console(config-if)#switchport native vlan 3

4-173

Console(config-if)#switchport gvrp

4-183

Console(config-if)#garp timer join 20

4-184

Console(config-if)#garp timer leave 90
Console(config-if)#garp timer leaveall 2000
Console(config-if)#switchport mode hybrid

4-171

Console(config-if)#

Console(config)#pvlan

4-177

Console(config)#

Uplink Ports
Primary VLAN
(promiscuous ports)

x

Downlink Ports
Secondary VLAN
(private ports)