Filter
Top Products
EX2500 Ethernet Switch Configuration Guide
30 Private VLANs
Private VLAN Configuration Guidelines
The following guidelines apply when configuring private VLANs:
The default VLAN 1 cannot be a private VLAN.
The management VLAN 4095 cannot be a private VLAN. The management port
cannot be a member of a private VLAN.
IGMP Snooping must be disabled on isolated VLANs.
Each secondary port’s (isolated port and community ports) PVID must match
its corresponding secondary VLAN ID.
Ports within a secondary VLAN cannot be members of other VLANs.
All VLANs that make up the private VLAN must belong to the same Spanning
Tree Group.
Private VLAN Configuration Example
Follow this procedure to configure a private VLAN.
1. Select a VLAN and define the private VLAN type as primary.
ex2500(config)# vlan 100
ex2500(config-vlan)# enable
ex2500(config-vlan)# member 2
ex2500(config-vlan)# private-vlan type primary
ex2500(config-vlan)# private-vlan enable
ex2500(config-vlan)# exit
2. Configure a secondary VLAN and map it to the primary VLAN.
ex2500(config)# vlan 110
ex2500(config-vlan)# enable
ex2500(config-vlan)# member 3
ex2500(config-vlan)# member 4
ex2500(config-vlan)# private-vlan type isolated
ex2500(config-vlan)# private-vlan map 100
ex2500(config-vlan)# private-vlan enable
ex2500(config-vlan)# exit
3. Verify the configuration.
ex2500(config)# show private-vlan
Private-VLAN Type Mapped-To Status Ports
------------ --------- ---------- ---------- -----------------
100 primary 110 ena 2
110 isolated 100 ena 3-4