How to configure PVLAN in a Cisco Catalyst switch that runs Catalyst OS system software

Document

Jun 22, 2009 5:08 PM
Jun 22nd, 2009

Core issue

A Private VLAN (PVLAN) is a VLAN with configuration for Layer 2 (L2) isolation from other ports within the same broadcast domain or subnet.

Assign a specific set of ports within a PVLAN to control access among the ports at L2. PVLANs and normal VLANs can be configured on the same switch.

The three types of PVLAN ports are:

  • Promiscuous
  • Isolated
  • Community

Resolution

To create a PVLAN, perform these steps in privileged mode:

  1. Issue the set vlan vlan_num pvlan-type primary command to create the primary VLAN.  

  2. Issue the set vlan vlan_num pvlan-type {isolated | community} command to set the isolated or community VLAN(s).  

  3. Issue the set pvlan primary_vlan_num {isolated_vlan_num | community_vlan_num}mod/ports command to bind the isolated or community VLAN(s) to the primary VLAN, and to associate the isolated or community port(s) to the private VLAN.  

  4. Issue the set pvlan mapping primary_vlan_num {isolated_vlan_num | community_vlan_num} mod/ports command to map the isolated or community VLAN to the primary VLAN on the promiscuous port.  

  5. Issue the show pvlan [vlan_num] and show pvlan mapping commands to verify the private VLAN configuration.

       

For more information, refer to the Configure the Primary and Isolated VLANs section of Configuring Isolated Private VLANs on Catalyst Switches.

Average Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Document

Posted June 22, 2009 at 5:08 PM
Stats:
Comments:0 Avg. Rating:0
Views:2503 Contributors:0
Shares:0
Categories: Switches
+

Related Content

Documents Leaderboard

Rank Username Points
1 177
2 64
3 60
4 50
5 23
Rank Username Points
5
0