Table of Contents.
Information About Private VLANs
In general VLAN is a concept of segregating a physical network, so that separate broadcast domains can be created. As we know, Ethernet VLANs are not allowed to communicate directly with each other; they need some Layer three L3 devices like router, multilayer switch.
The same concept is applicable to the PVLANS — since the sub-domains are segregated at level 2, they need to communicate using an upper level L3 and packet forwarding entity — such as router. This kind of configurations commonly arises in shared environments, e.
ISP co-location where it is beneficial to put multiple customers into the same IP subnet and provide a good level of isolation between them.
Beside this it is also helpful to provide isolation at Layer 2 as a security measure. Private VLANs could be trunked. In order to implement sub-VLAN behaviour; we need to define how packets are forwarded between different port types.
Private VLAN tutorial and demonstration
Creating secondary community VLAN. Associating Primary with secondary Vlans, sub-Vlans. Note that a host port belongs to different VLANs at the same time; i.
In the below case communication from the promiscuous port [Downstream] is via the primary Vlan and the Upstream communication to the promiscuous port via secondary Vlan or Configure isolated port.
Configure community ports. Step 3: Create a promiscuous port, and configure downstream mapping, for the communication from outside to downstream hosts.
Router port — the port connected to the router or upstream L3 device. In our case the config would look like as below:.
Follow by Email
Currently Being Moderated. Introduction 2. This type of ports usually connects to hosts. Community C : Community ports are allowed to talk to their buddies ie.
Community ports. This content has been marked as final.
Show 8 comments. Email Address. Website Address.
Name Required. Email Address Required, will not be published. Close Are you sure you want to delete this document? Retrieving data