beautypg.com

Configuring the private vlan, Configuration task list, Configuring the port priority – H3C Technologies H3C S12500-X Series Switches User Manual

Page 130

background image

119

Configuring the private VLAN

The private VLAN feature uses a two-tier VLAN structure, including a primary VLAN and secondary

VLANs. This feature simplifies the network configuration and saves VLAN resources.
A primary VLAN is used for upstream data exchange. A primary VLAN can be associated with multiple
secondary VLANs. Because the upstream device identifies only the primary VLAN and not the secondary

VLANs, network configuration is simplified and VLAN resources are saved.
Secondary VLANs are isolated at Layer 2. To enable communication between secondary VLANs

associated with the same primary VLAN, you can enable local proxy ARP on the upstream device (for

example, Device A in

Figure 33

) to implement Layer 3 communication between the secondary VLANs.

As shown in

Figure 33

, the private VLAN feature is enabled on Device B. VLAN 10 is the primary VLAN.

VLAN 2, VLAN 5, and VLAN 8 are secondary VLANs associated with VLAN 10 and are invisible to

Device A.

Figure 33 Private VLAN example

Configuration task list

To configure the private VLAN feature, perform the following tasks:

1.

Configure the primary VLAN.

2.

Configure secondary VLANs.

3.

Configure uplink and downlink ports in the following workflow:

{

Configure the uplink port, for example, the port connecting Device B to Device A in

Figure 33

.

When the port allows only one primary VLAN, configure the port to operate in promiscuous

mode in the specified VLAN, so that uplink ports can be automatically assigned to the specified
primary VLAN and the secondary VLANs associated with the primary VLAN. When the port

allows multiple primary VLANs, configure the port to operate in trunk promiscuous mode in the

specified VLANs, so that uplink ports can be automatically assigned to the specified primary

VLANs and the secondary VLANs associated with these primary VLANs.

{

Configure the downlink ports, for example, the ports connecting Device B to hosts in

Figure 33

,

to operate in host mode, so that downlink ports can be automatically assigned to the primary

VLAN 2

VLAN 5

VLAN 8

VLAN 10

Device A

Device B

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: