Manuals / Brands / Computer Equipment / Switch / Cisco Systems / Computer Equipment / Switch

Cisco Systems WSC2960XR48FPSI Restrictions for Private VLANs

1 178

Download 178 pages, 3.74 Mb

Restrictions for Private VLANs

Thefollowing arerestrictions for configuring private VLANs:

•PrivateVLANs are only supported on switches running the IP Lite image.

Limitations with Other Features

Whenconfiguring privateVLANs, rememberthese limitations with other features:

Insome cases, the configuration is accepted with no error messages, but the commands have no effect.Note

•Donot configure fallback bridging on switches with private VLANs.

•WhenIGMP snooping is enabled on the switch (the default), the switch or switch stack supports no

morethan 20 private VLAN domains.

•Donot configure a remoteSPAN (RSPAN) VLAN as a private VLAN primary or secondary VLAN.

•Donot configure privateVLAN ports on interfaces configured for these other features:

◦Dynamic-accessport VLAN membership

◦DynamicTrunking Protocol (DTP)

◦PortAggregation Protocol (PAgP)

◦LinkAggregation Control Protocol (LACP)

◦MulticastVLAN Registration (MVR)

◦VoiceVLAN

◦WebCache Communication Protocol (WCCP)

•Youcan configure IEEE 802.1x port-based authentication on a private VLAN port, but do not configure

802.1xwith port security, voice VLAN, or per-user ACL on private VLAN ports.

•Aprivate VLAN host or promiscuous port cannot be a SPAN destination port. If you configure a SPAN

destinationport as a private VLAN port, the port becomes inactive.

•Ifyou configure a staticMAC address on a promiscuous port in the primary VLAN, you must add the

samestatic address to all associated secondary VLANs. If you configure a static MAC address on a host

portin a secondary VLAN, you must add the same static MAC address to the associated primary VLAN.

Whenyou delete a static MAC address from a private VLAN port, you must remove all instances of the

configuredMAC address from the private VLAN.

Catalyst 2960-XR Switch VLAN Configuration Guide, Cisco IOS Release 15.0(2)EX1

86 OL-29440-01

Configuring Private VLANs

Restrictions for Private VLANs

Contents

Main www.cisco.com/go/trademarks CONTENTS Page Page Page Page Page Page Page Preface Document Conventions Page Related Documentation Obtaining Documentation and Submitting a Service Request Page CHAPTER 1 Using the Command-Line Interface Information About Using the Command-Line Interface Command Modes Page Using the Help System Understanding Abbreviated Commands No and default Forms of Commands CLI Error Messages Configuration Logging How to Use the CLI to Configure Features Configuring the Command History Changing the Command History Buffer Size Recalling Commands Disabling the Command History Feature Enabling and Disabling Editing Features Editing Commands through Keystrokes Editing Command Lines That Wrap Searching and Filtering Output of show and more Commands Accessing the CLI through a Console Connection or through Telnet Page CHAPTER 2 Configuring VTP Prerequisites for VTP Information About VTP VTP VTP Domain VTP Modes VTP Advertisements VTP Version 2 VTP Version 3 VTP Pruning Page VTP and Switch Stacks VTP Configuration Guidelines Configuration Requirements VTP Settings Domain Names for Configuring VTP Passwords for the VTP Domain VTP Version Default VTP Configuration How to Configure VTP Configuring VTP Mode Page Configuring a VTP Version 3 Password Configuring a VTP Version 3 Primary Server Enabling the VTP Version Enabling VTP Pruning Page Configuring VTP on a Per-Port Basis Adding a VTP Client Switch to a VTP Domain Page Monitoring VTP Configuration Examples for VTP Example: Configuring the Switch as a VTP Server Example: Configuring a Hidden Password Example: Configuring a VTP Version 3 Primary Server Example: Configuring VTP on a Per-Port Basis Feature History and Information for VTP Page CHAPTER 3 Configuring VLANs Prerequisites for VLANs Restrictions for VLANs Information About VLANs Logical Networks Supported VLANs VLAN Port Membership Modes Normal-Range VLAN Overview Token Ring VLANs Normal-Range VLANs Configuration Process VLAN Configuration Saving Process Normal-Range VLAN Configuration Guidelines Extended-Range VLAN Configuration Guidelines Default Ethernet VLAN Configuration Default VLAN Configuration How to Configure VLANs How to Configure Normal-Range VLANs Creating or Modifying an Ethernet VLAN Page Deleting a VLAN Assigning Static-Access Ports to a VLAN Page How to Configure Extended-Range VLANs Creating an Extended-Range VLAN Page Creating an Extended-Range VLAN with an Internal VLAN ID Page Monitoring VLANs Configuration Examples Example: Creating a VLAN Name Example: Configuring a Port as Access Port Example: Creating an Extended-Range VLAN Page Feature History and Information for VLAN Page CHAPTER 4 Configuring VLAN Trunks Prerequisites for VLAN Trunks Restrictions for VLAN Trunks Information About VLAN Trunks Trunking Overview Trunking Modes Layer 2 Interface Modes Allowed VLANs on a Trunk Load Sharing on Trunk Ports Network Load Sharing Using STP Priorities Network Load Sharing Using STP Path Cost Feature Interactions Default Layer 2 Ethernet Interface VLAN Configuration How to Configure VLAN Trunks Configuring an Ethernet Interface as a Trunk Port Configuring a Trunk Port Page Defining the Allowed VLANs on a Trunk Page Changing the Pruning-Eligible List Configuring the Native VLAN for Untagged Traffic Configuring Trunk Ports for Load Sharing Configuring Load Sharing Using STP Port Priorities Page Page Page Configuring Load Sharing Using STP Path Cost Page Page Configuration Examples for VLAN Trunking Example: Configuring an IEEE 802.1Q Trunk Example: Removing a VLAN Feature History and Information for VLAN Trunks CHAPTER 5 Configuring Private VLANs Prerequisites for Private VLANs Secondary and Primary VLAN Configuration Private VLAN Port Configuration Restrictions for Private VLANs Limitations with Other Features Information About Private VLANs Private VLAN Domains Secondary VLANs Private VLANs Ports Private VLANs in Networks IP Addressing Scheme with Private VLANs Private VLANs Across Multiple Switches Private VLAN Interaction with Other Features Private VLANs and Unicast, Broadcast, and Multicast Traffic Private VLANs and SVIs Private VLANs and Switch Stacks Private VLAN Configuration Tasks Default Private VLAN Configuration How to Configure Private VLANs Configuring and Associating VLANs in a Private VLAN Page Page Configuring a Layer 2 Interface as a Private VLAN Host Port Page Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface Page Monitoring Private VLANs Configuration Examples for Private VLANs Example: Configuring a Primary VLAN, Isolated VLAN, and a Community of VLANs Example: Configuring an Interface as a Host Port Example: Configuring an Interface as a Private VLAN Promiscuous Port Example: Mapping Secondary VLANs to a Primary VLAN Interface Example: Monitoring Private VLANs Feature History and Information for Private VLANs Page CHAPTER 6 Configuring VMPS Prerequisites for VMPS Restrictions for VMPS Information About VMPS Dynamic VLAN Assignments Dynamic-Access Port VLAN Membership Default VMPS Client Configuration How to Configure VMPS Entering the IP Address of the VMPS Configuring Dynamic-Access Ports on VMPS Clients Page Reconfirming VLAN Memberships Changing the Reconfirmation Interval Changing the Retry Count Troubleshooting Dynamic-Access Port VLAN Membership Monitoring the VMPS Configuration Example for VMPS Example: VMPS Configuration Page Page Feature History and Information for VMPS CHAPTER 7 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling Prerequisites for Configuring Tunneling IEEE 802.1Q Tunneling and Incompatibilities Layer 2 Protocol Tunneling Page Layer 2 Tunneling for EtherChannels Information about Tunneling IEEE 802.1Q and Layer 2 Protocol Overview IEEE 802.1Q Tunneling Page Page IEEE 802.1Q Tunneling Configuration Guidelines Native VLANs System MTU Default IEEE 802.1Q Tunneling Configuration Layer 2 Protocol Tunneling Overview Page Layer 2 Protocol Tunneling on Ports Default Layer 2 Protocol Tunneling Configuration How to Configure Tunneling Configuring an IEEE 802.1Q Tunneling Port Page Configuring Layer 2 Protocol Tunneling Page Page Configuring the SP Edge Switch Page Page Configuring the Customer Switch Page Configuration Examples for IEEE 802.1Q and Layer 2 Protocol Tunneling Example: Configuring an IEEE 802.1Q Tunneling Port Example: Configuring Layer 2 Protocol Tunneling Examples: Configuring the SP Edge and Customer Switches SPedge switch2 configuration: Monitoring Tunneling Status Page Feature History and Information for Tunneling CHAPTER 8 Configuring Voice VLANs Prerequisites for Voice VLANs Restrictions for Voice VLANs Information About Voice VLAN Voice VLANs Cisco IP Phone Voice Traffic Cisco IP Phone Data Traffic Voice VLAN Configuration Guidelines Default Voice VLAN Configuration How to Configure Voice VLAN Configuring Cisco IP Phone Voice Traffic Page Configuring the Priority of Incoming Data Frames Page Monitoring Voice VLAN Configuration Examples for Voice VLANs Example: Configuring Cisco IP Phone Voice Traffic Example: Configuring a Port Connected to an IP Phone Not to Change Frame Priority Page Feature History and Information for Voice VLAN INDEX C D E F H M N P R S