[x]

Private VLAN commands > private-vlan isolated

 

 Next

private-vlan isolated

Use private-vlan isolated to isolate ports in a secondary VLAN at Layer 2.

Use undo private-vlan isolated to restore the default.

Syntax

private-vlan isolated

undo private-vlan isolated

Default

Ports in the same secondary VLAN can communicate with each other at Layer 2.

Views

VLAN view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command takes effect when the following conditions exist:

This command is mutually exclusive with the primary VLAN, super VLAN, and sub-VLAN configuration commands.

Examples

This example shows how to meet the following requirements:

# Configure VLAN 2 as a primary VLAN and associate it with secondary VLAN 4.

<Sysname> system-view
[Sysname] vlan 4
[Sysname-vlan4] quit
[Sysname] vlan 2
[Sysname-vlan2] private-vlan primary
[Sysname-vlan2] private-vlan secondary 4
[Sysname-vlan2] quit

# Configure Ten-GigabitEthernet 1/0/1 as a promiscuous port of VLAN 2.

[Sysname] interface ten-gigabitethernet 1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] port private-vlan 2 promiscuous
[Sysname-Ten-GigabitEthernet1/0/1] quit

# Assign Ten-GigabitEthernet 1/0/2 to VLAN 4 and configure the port as a host port.

[Sysname] interface ten-gigabitethernet 1/0/2
[Sysname-Ten-GigabitEthernet1/0/2] port access vlan 4
[Sysname-Ten-GigabitEthernet1/0/2] quit
[Sysname-Ten-GigabitEthernet1/0/2] port private-vlan host

# Assign Ten-GigabitEthernet 1/0/3 to VLAN 4 and configure the port as a host port.

[Sysname] interface ten-gigabitethernet 1/0/3
[Sysname-Ten-GigabitEthernet1/0/3] port access vlan 4
[Sysname-Ten-GigabitEthernet1/0/3] port private-vlan host

# Configure port isolation at Layer 2 in secondary VLAN 4.

[Sysname] vlan 4
[Sysname-vlan4] private-vlan isolated

Related commands

private-vlan (VLAN view)

private-vlan community

private-vlan primary

prev

 

up

 next

private-vlan community 

home

 private-vlan primary

© Copyright 2017 Hewlett Packard Enterprise Development LP