[x]

Private VLAN configuration examples > Promiscuous port configuration example

 

 Next

Promiscuous port configuration example

Network requirements

As shown in Figure 48, configure the private VLAN feature to meet the following requirements:

Figure 48: Network diagram

Configuration procedure

This example describes the configurations on Device B and Device C.

  1. Configure Device B:

    # Configure VLAN 5 as a primary VLAN. 

    <DeviceB> system-view
[DeviceB] vlan 5
[DeviceB-vlan5] private-vlan primary
[DeviceB-vlan5] quit

    # Create VLANs 2 and 3. 

    [DeviceB] vlan 2 to 3

    # Configure the uplink port Ten-GigabitEthernet 1/0/5 as a promiscuous port of VLAN 5. 

    [DeviceB] interface ten-gigabitethernet 1/0/5
[DeviceB-Ten-GigabitEthernet1/0/5] port private-vlan 5 promiscuous
[DeviceB-Ten-GigabitEthernet1/0/5] quit

    # Assign the downlink port Ten-GigabitEthernet 1/0/1 to VLAN 3, and configure the port as a host port.

    [DeviceB] interface ten-gigabitethernet 1/0/1
[DeviceB-Ten-GigabitEthernet1/0/1] port access vlan 3
[DeviceB-Ten-GigabitEthernet1/0/1] port private-vlan host
[DeviceB-Ten-GigabitEthernet1/0/1] quit

    # Assign the downlink port Ten-GigabitEthernet 1/0/2 to VLAN 2, and configure the port as a host port.

    [DeviceB] interface ten-gigabitethernet 1/0/2
[DeviceB-Ten-GigabitEthernet1/0/2] port access vlan 2
[DeviceB-Ten-GigabitEthernet1/0/2] port private-vlan host
[DeviceB-Ten-GigabitEthernet1/0/2] quit

    # Associate the secondary VLANs 2 and 3 with the primary VLAN 5. 

    [DeviceB] vlan 5
[DeviceB-vlan5] private-vlan secondary 2 to 3
[DeviceB-vlan5] quit

  2. Configure Device C:

    # Configure VLAN 6 as a primary VLAN. 

    <DeviceC> system-view
[DeviceC] vlan 6
[DeviceC–vlan6] private-vlan primary
[DeviceC–vlan6] quit

    # Create VLANs 3 and 4. 

    [DeviceC] vlan 3 to 4

    # Configure the uplink port Ten-GigabitEthernet 1/0/5 as a promiscuous port of VLAN 6. 

    [DeviceC] interface ten-gigabitethernet 1/0/5
[DeviceC-Ten-GigabitEthernet1/0/5] port private-vlan 6 promiscuous
[DeviceC-Ten-GigabitEthernet1/0/5] quit

    # Assign the downlink port Ten-GigabitEthernet 1/0/3 to VLAN 3, and configure the port as a host port. 

    [DeviceC] interface ten-gigabitethernet 1/0/3
[DeviceC-Ten-GigabitEthernet1/0/3] port access vlan 3
[DeviceC-Ten-GigabitEthernet1/0/3] port private-vlan host
[DeviceC-Ten-GigabitEthernet1/0/3] quit

    # Assign the downlink port Ten-GigabitEthernet 1/0/4 to VLAN 4, and configure the port as a host port.

    [DeviceC] interface ten-gigabitethernet 1/0/4
[DeviceC-Ten-GigabitEthernet1/0/4] port access vlan 4
[DeviceC-Ten-GigabitEthernet1/0/4] port private-vlan host
[DeviceC-Ten-GigabitEthernet1/0/4] quit

    # Associate the secondary VLANs 3 and 4 with the primary VLAN 6. 

    [DeviceC] vlan 6
[DeviceC-vlan6] private-vlan secondary 3 to 4
[DeviceC-vlan6] quit

Verifying the configuration

# Display the private VLAN configuration on the devices, for example, on Device B.

[DeviceB] display private-vlan
 Primary VLAN ID: 5
 Secondary VLAN ID: 2-3

 VLAN ID: 5
 VLAN type: Static
 Private VLAN type: Primary
 Route interface: Not configured
 Description: VLAN 0005
 Name: VLAN 0005
 Tagged   ports: None
 Untagged ports:
    Ten-GigabitEthernet1/0/1            Ten-GigabitEthernet1/0/2            Ten-GigabitEthernet1/0/5

 VLAN ID: 2
 VLAN type: Static
 Private VLAN type: Secondary
 Route interface: Not configured
 Description: VLAN 0002
 Name: VLAN 0002
 Tagged   ports: None
 Untagged ports:
    Ten-GigabitEthernet1/0/2            Ten-GigabitEthernet1/0/5

 VLAN ID: 3
 VLAN type: Static
 Private VLAN type: Secondary
 Route interface: Not configured
 Description: VLAN 0003
 Name: VLAN 0003
 Tagged   Ports: None
 Untagged Ports:
    Ten-GigabitEthernet1/0/1            Ten-GigabitEthernet1/0/5

The output shows that:

prev

 

up

 next

Private VLAN configuration examples 

home

 Trunk promiscuous port configuration example

© Copyright 2017 Hewlett Packard Enterprise Development LP