The Private VLAN packet forwarding process (here we take traffic transmission for PC2) based on
the figure above is illustrated as follows:
1) PC2 sends out its first upstream packet with the source MAC as mac_2 and the
destination MAC as mac_a. This packet is untagged.
2) When the host port Port2 on the switch receives this packet, it adds a default VLAN ID
2 to this packet and learns its source MAC address. The MAC address entry,
mac_2+VLAN2+Port2 is created, indicating that the egress port for the traffic with
destination MAC address mac_2 and VLAN ID 2 is Port2.
3) According to the MAC address duplication, this MAC address entry is copied to VLAN
5, and the switch adds the MAC address entry mac_2+VLAN5+Port2 to its address
table.
4) As mac_a is not in the MAC address table of the switch, the switch will broadcast this
packet in VLAN 2.
5) As the switch has performed the port configuration synchronization, Port5 can receive
this packet from VLAN 2 and forward it to the Router untagged.
6) The Router responds to the switch upon receiving this packet.
7) When the promiscuous port Port5 receives the response packet, it tags this packet a
default VLAN ID 5 and learns the MAC address entry mac_a+VLAN5+Port5.
8) According to the MAC address duplication, this MAC address entry is copied to VLAN
2 and VLAN 3, and the switch adds two more MAC address entries
mac_a+VLAN2+Port5 and mac_a+VLAN3+Port5 to its address table.
9) The switch looks up the MAC address table based on mac_2+VLAN5. It finds out the
egress port Port2 through which the packet is forwarded to PC2 untagged.
After all the steps above are finished, the bidirectional communication between PC2 and the
Router is achieved.
Private VLAN functions are implemented on the PVLAN Config and Port Config pages.
6.8.1 PVLAN Config
On this page, you can create Private VLAN and view the information of the current defined Private
VLANs.
85