Dell 3424P Computer Accessories User Manual


 
Configuring Switch Information 315
Configuring Private VLANs
Private VLANs (PVLAN) increase network security by limiting inter-port communication within a
VLAN. Private VLANs limit network traffic at the Layer 2 level. Network administrators define a
Primary VLAN. Within the Primary VLAN there are Isolated and Community VLANs. Private
VLAN ports can have the following states:
Promiscuous
— Promiscuous ports can communicate with all ports within a PVLAN. All
promiscuous packets are automatically assigned to both the Isolated and the Community
VLANs.
Isolated
— Isolated ports are completely isolated from other ports in the same PVLAN.
However isolated ports can communicate with promiscuous ports. In addition, all traffic to
and from isolated ports with a VLANs is blocked, except for traffic from promiscuous ports.
All isolated ports are automatically assigned to the Isolated VLAN.
Community
— Community ports communicate with other community ports and with
promiscuous ports. Community ports are separated from all other interfaces in other
communities or isolated ports in the same PVLAN. All community ports are automatically
assigned to the Community VLAN and to the Private VLAN.
NOTE: Ports cannot be defined as either promiscuous or isolated port if the ports are existing
VLAN members.
NOTE: Previously created VLANs cannot be configured as isolated or community VLANs.
NOTE: Isolated and Community VLANs included in the total VLAN count.
If the Primary VLAN is deleted, both the Isolated and the Community VLANs are also deleted. In
addition, the Isolated and Community VLANs only forward untagged traffic.
To open the
Private VLAN
page, click
Switch
VLAN
Private VLAN
in the tree view.