Command Line Interface

4-182

4
Configuring Private VLANs
Private VLANs provide port-based security and isolation between ports within the
assigned VLAN. This section describes commands used to configure private VlANs.

pvlan

This command enables or configures a private VLAN. Use the no form to disable the
private VLAN.
Syntax
pvlan [up-link interface-list down-link interface-list]
no pvlan
up-link – Specifies an uplink interface.
down-link – Specifies a downlink interface.
Default Setting
No private VLANs are defined.
Command Mode
Global Configuration
Command Usage
A private VLAN provides port-based security and isolation between ports
within the VLAN. Data traffic on the downlink ports can only be forwarded to,
and from, the uplink port.
Private VLANs and normal VLANs can exist simultaneously within the same
switch.
Entering the pvlan command without any parameters enables the private
VLAN. Entering no pvlan disables the private VLAN.
Example
This example enables the private VLAN, and then sets port 24 as the uplink and
ports 1-4 as the downlinks.
Table 4-56. Private VLAN Commands
Command Function Mode Page
pvlan Enables and configured private VLANS GC 4-182
show pvlan Displays the configured private VLANS PE 4-183
Console(config)#pvlan
Console(config)#pvlan up-link ethernet 1/24 down-link ethernet 1/1-4
Console(config)#