beautypg.com

NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual

Page 715

background image

Primary VLAN: The primary VLAN ID is the same for all subdomains that belong to
a private VLAN.

Secondary VLAN: The secondary VLAN ID differentiates subdomains from each
other and provides Layer 2 isolation between ports of the same private VLAN.

Within a private VLAN, three types of VLANs can exist:

Primary VLAN: The VLAN forwards traffic from promiscuous ports to isolated ports,
community ports, and other promiscuous ports in the same private VLAN. In a private
VLAN, you can configure one primary VLAN only. All ports in a private VLAN share
the same primary VLAN.

Isolated VLAN: The VLAN is a secondary VLAN that carries traffic from isolated ports
to promiscuous ports. In a private VLAN, you can configure one isolated VLAN only.

Community VLAN: The VLAN is a secondary VLAN that forwards traffic between
ports that belong to the same community and to the promiscuous ports. In a private
VLAN, you can configure multiple community VLANs.

Within a private VLAN, the switch supports four types of special port designations:

Host port: The port is a host port that is a member of a community VLAN or an
isolated VLAN, both of which are secondary VLANs within the private VLAN. Two
host port subtypes exist:

-

Community port: The port is a member of a community VLAN. A community
port can communicate with other community ports and promiscuous ports.

-

Isolated port: The port is a member of an isolated VLAN. An isolated port can
communicate with promiscuous ports.

Promiscuous port: The port is a member of a primary VLAN (within the private VLAN)
and can communicate with all types of ports in the private VLAN, including other
promiscuous ports, community ports, and isolated ports.

Promiscuous trunk port: The port is both an uplink trunk port (for example, it can
connect a router) and a promiscuous port that can be a member of multiple primary
VLANs (within the private VLAN) as well as regular VLANs. The port processes tagged
traffic to communicate with all types of ports in private VLANs (including promiscuous
ports, community ports, and isolated ports) and with ports in regular VLANs.

Isolated trunk port: The port is both a downlink trunk port (for example, it can
connect to multiple downstream devices) and can be a member of multiple isolated
VLANs (secondary VLANs within private VLANs) as well as regular VLANs. The port
processes tagged traffic to communicate with ports in isolated VLANs and with ports
in regular VLANs. The downstream devices that are connected to the isolated trunk
port do not need to be capable of supported private VLANs.

Main User Manual

715

Manage Switch Security

Fully Managed Switches M4350 Series Main User Manual