VLAN C
OMMANDS
4-211
Default Setting
None
Command Mode
VLAN Configuration
Command Usage
• Private VLANs are used to restrict traffic to ports within the same
community or isolated VLAN, and channel traffic passing outside the
community through promiscuous ports. When using community
VLANs, they must be mapped to an associated “primary” VLAN that
contains promiscuous ports. When using an isolated VLAN, it must
be configured to contain a single promiscuous port.
• Port membership for private VLANs is static. Once a port has been
assigned to a private VLAN, it cannot be dynamically moved to
another VLAN via GVRP.
• Private VLAN ports cannot be set to trunked mode. (See “switchport
mode” on page 4-201.)
Example
Console(config)#vlan database
Console(config-vlan)#private-vlan 2 primary
Console(config-vlan)#private-vlan 3 community
Console(config)#