Private vlans, Private vlan membership configuration – Niveo Professional NGSME16T2H User Manual

Chapter 3: Featuring Configuration

– Web UI

Featuring Configuration

– Web UI

NGSME16T2H User Manual | 160

Private VLANs

The Private VLAN feature provides the ability to extend the capabilities of a

"standard" VLAN. The additional concepts, Primary VLAN, Community VLAN and

Isolated VLAN are introduced in Private VLAN.

The Primary VLAN can be considered the master in the master/slave relationship

with the other 2 sub-types, Community VLAN and Isolated VLAN. The switch Ports

assigned with the primary VLAN are able to access the ports in the 2 sub-tyupes.

Both the Community VLN and Isolated VLAN can be considered slaves in the

master/slave relationship with the primary VLAN. The switch ports assigned to a

Community VLAN can see traffic from all other devices in the same Community. The

switch ports assigned to an Isolated VLAN can send traffic to the primary VLAN, but

CANNOT see traffic from other devices in the same Isolated VLAN.

In this section, the switch allows you to assign Private VLAN Member Configuration

and Port Isolation Configuration.

Private VLAN Membership Configuration

The Private VLAN membership configurations for the switch can be monitored and

modified here. Private VLANs can be added or deleted here. Port members of each

Private VLAN can be added or removed here.

Private VLANs are based on the source port mask, and there are no connections to

VLANs. This means that VLAN IDs and Private VLAN IDs can be identical.

A port must be a member of both a VLAN and a Private VLAN to be able to forward

packets. By default, all ports are VLAN unaware and members of VLAN 1 and

Private VLAN 1.

A VLAN unaware port can only be a member of one VLAN, but it can be a member

of multiple Private VLANs.

Private VLANs do not work across the stack.