Support User Manuals

Cisco Systems ME 3400 Switch User Manual

Open as PDF

of 1086

12-11

Cisco ME 3400 Ethernet Access Switch Software Configuration Guide

OL-9639-06

Chapter 12 Configuring Private VLANs

Configuring Private VLANs

• The secondary_vlan_list parameter can contain multiple community VLAN IDs but only one

isolated VLAN ID.

• Enter a secondary_vlan_list, or use the add keyword with a secondary_vlan_list to associate

secondary VLANs with a primary VLAN.

• Use the remove keyword with a secondary_vlan_list to clear the association between secondary

VLANs and a primary VLAN.

• The private-vlan association VLAN configuration command does not take effect until you exit

VLAN configuration mode.

This example shows how to configure VLAN 20 as a primary VLAN, VLAN 501 as an isolated VLAN,

and VLANs 502 and 503 as community VLANs, to associate them in a private VLAN, and to verify the

configuration. It assumes that VLANs 502 and 503 have previously been configured as UNI-ENI

community VLANs:

Switch# configure terminal

Switch(config)# vlan 20

Switch(config-vlan)# private-vlan primary

Switch(config-vlan)# exit

Switch(config)# vlan 501

Switch(config-vlan)# private-vlan isolated

Switch(config-vlan)# exit

Switch(config)# vlan 502

Switch(config-vlan)# no-uni vlan

Switch(config-vlan)# private-vlan community

Switch(config-vlan)# exit

Switch(config)# vlan 503

Switch(config-vlan)# no-uni vlan

Switch(config-vlan)# private-vlan community

Switch(config-vlan)# exit

Switch(config)# vlan 20

Switch(config-vlan)# private-vlan association 501-503

Switch(config-vlan)# end

Switch(config)# show vlan private vlan

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

20 501 isolated

20 502 community

20 503 community

20 504 non-operational

Configuring a Layer 2 Interface as a Private-VLAN Host Port

Beginning in privileged EXEC mode, follow these steps to configure a Layer 2 interface as a

private-VLAN host port and to associate it with primary and secondary VLANs:

Note Isolated and community VLANs are both secondary VLANs.

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Enter interface configuration mode for the Layer 2

interface to be configured.

previous next