15-4
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter15 Configuring Private VLANs
Understanding Private VLANs
Private VLANs across Multiple Switches
As with regular VLANs, private VLANs can span multiple switches. A trunk port carries the primary
VLAN and secondary VLANs to a neighboring switch. The trunk por t t rea ts t he p rivate VLAN a s any
other VLAN. A feature of private VLANs across multiple switches is that traffic from an isolated port
in switch A does not reach an isolated port on Switch B. See Figure15 -2.
Figure 15-2 Private VLANs across Switches
Because VTP does not support private VLANs, you must manually configure private VLANs on all
switches in the Layer 2 network. If you do not configure the primary and secondary VLAN association
in some switches in the network, the Layer 2 databases in these switches are not merged. This can result
in unnecessary flooding of private-VLAN traffic on those switches.
Note When configuring private VLANs on the switch, always use the default Switch Database Management
(SDM) template to balance system resources between unicast routes and Layer 2 entries. If another SDM
template is configured, use the sdm prefer default global configuration command to set the default
template. See Chapter8, “Configuring SDM Templates.”
Private-VLAN Interaction with Other Features
Private VLANs have specific interaction with some other features, described in these sections:
Private VLANs and Unicast, Broadcast, and Multicast Traffic, page15-5
Private VLANs and SVIs, page15-5
Private VLANs and Switch Stacks, page15-5
201785
VLAN 10
0
VLAN 201 VLAN 202
Switch B
V
LAN 100
V
LAN 100 = Primary VLAN
V
LAN 201 = Secondary isolated VLAN
V
LAN 202 = Secondary community VLAN
VLAN 201
Carries VLAN 100,
201, and 202 traffic
Trunk ports
VLAN 202
Switch A