Manuals / Brands / Computer Equipment / Switch / Cisco Systems / Computer Equipment / Switch

Cisco Systems WSC2960XR48FPSI Information About Private VLANs

1 178

Download 178 pages, 3.74 Mb

DynamicMAC addresses learned in one VLAN of a private VLAN are replicated in

theassociated VLANs. For example, a MAC address learned in a secondary VLAN is

replicatedin the primary VLAN. When the original dynamic MAC address is deleted

oraged out, thereplicated addresses are removed from the MAC address table.

Note

•ConfigureLayer 3VLAN interfaces (SVIs) onlyfor primaryVLANs.

Information About Private VLANs

Private VLAN Domains

Theprivate VLAN featureaddresses two problems that service providers facewhen using VLANs:

•Theswitch supports up to 1005 active VLANs. If a service provider assigns one VLAN per customer,

thislimits the numbers of customers the service provider can support.

•Toenable IP routing, each VLAN is assigned a subnet address space or a block of addresses, which can

resultin wasting the unused IP addresses, and cause IP address management problems.

Usingprivate VLANsaddresses the scalabilityproblem and providesIP addressmanagement benefits for

serviceproviders and Layer 2 security for customers.Private VLANs partition a regular VLAN domain into

subdomains.A subdomain is represented by a pair of VLANs: a primary VLAN and a secondary VLAN. A

Catalyst 2960-XR Switch VLAN Configuration Guide, Cisco IOS Release 15.0(2)EX1

OL-29440-01 87

Configuring Private VLANs

Information About Private VLANs

Contents

Main www.cisco.com/go/trademarks CONTENTS Page Page Page Page Page Page Page Preface Document Conventions Page Related Documentation Obtaining Documentation and Submitting a Service Request Page CHAPTER 1 Using the Command-Line Interface Information About Using the Command-Line Interface Command Modes Page Using the Help System Understanding Abbreviated Commands No and default Forms of Commands CLI Error Messages Configuration Logging How to Use the CLI to Configure Features Configuring the Command History Changing the Command History Buffer Size Recalling Commands Disabling the Command History Feature Enabling and Disabling Editing Features Editing Commands through Keystrokes Editing Command Lines That Wrap Searching and Filtering Output of show and more Commands Accessing the CLI through a Console Connection or through Telnet Page CHAPTER 2 Configuring VTP Prerequisites for VTP Information About VTP VTP VTP Domain VTP Modes VTP Advertisements VTP Version 2 VTP Version 3 VTP Pruning Page VTP and Switch Stacks VTP Configuration Guidelines Configuration Requirements VTP Settings Domain Names for Configuring VTP Passwords for the VTP Domain VTP Version Default VTP Configuration How to Configure VTP Configuring VTP Mode Page Configuring a VTP Version 3 Password Configuring a VTP Version 3 Primary Server Enabling the VTP Version Enabling VTP Pruning Page Configuring VTP on a Per-Port Basis Adding a VTP Client Switch to a VTP Domain Page Monitoring VTP Configuration Examples for VTP Example: Configuring the Switch as a VTP Server Example: Configuring a Hidden Password Example: Configuring a VTP Version 3 Primary Server Example: Configuring VTP on a Per-Port Basis Feature History and Information for VTP Page CHAPTER 3 Configuring VLANs Prerequisites for VLANs Restrictions for VLANs Information About VLANs Logical Networks Supported VLANs VLAN Port Membership Modes Normal-Range VLAN Overview Token Ring VLANs Normal-Range VLANs Configuration Process VLAN Configuration Saving Process Normal-Range VLAN Configuration Guidelines Extended-Range VLAN Configuration Guidelines Default Ethernet VLAN Configuration Default VLAN Configuration How to Configure VLANs How to Configure Normal-Range VLANs Creating or Modifying an Ethernet VLAN Page Deleting a VLAN Assigning Static-Access Ports to a VLAN Page How to Configure Extended-Range VLANs Creating an Extended-Range VLAN Page Creating an Extended-Range VLAN with an Internal VLAN ID Page Monitoring VLANs Configuration Examples Example: Creating a VLAN Name Example: Configuring a Port as Access Port Example: Creating an Extended-Range VLAN Page Feature History and Information for VLAN Page CHAPTER 4 Configuring VLAN Trunks Prerequisites for VLAN Trunks Restrictions for VLAN Trunks Information About VLAN Trunks Trunking Overview Trunking Modes Layer 2 Interface Modes Allowed VLANs on a Trunk Load Sharing on Trunk Ports Network Load Sharing Using STP Priorities Network Load Sharing Using STP Path Cost Feature Interactions Default Layer 2 Ethernet Interface VLAN Configuration How to Configure VLAN Trunks Configuring an Ethernet Interface as a Trunk Port Configuring a Trunk Port Page Defining the Allowed VLANs on a Trunk Page Changing the Pruning-Eligible List Configuring the Native VLAN for Untagged Traffic Configuring Trunk Ports for Load Sharing Configuring Load Sharing Using STP Port Priorities Page Page Page Configuring Load Sharing Using STP Path Cost Page Page Configuration Examples for VLAN Trunking Example: Configuring an IEEE 802.1Q Trunk Example: Removing a VLAN Feature History and Information for VLAN Trunks CHAPTER 5 Configuring Private VLANs Prerequisites for Private VLANs Secondary and Primary VLAN Configuration Private VLAN Port Configuration Restrictions for Private VLANs Limitations with Other Features Information About Private VLANs Private VLAN Domains Secondary VLANs Private VLANs Ports Private VLANs in Networks IP Addressing Scheme with Private VLANs Private VLANs Across Multiple Switches Private VLAN Interaction with Other Features Private VLANs and Unicast, Broadcast, and Multicast Traffic Private VLANs and SVIs Private VLANs and Switch Stacks Private VLAN Configuration Tasks Default Private VLAN Configuration How to Configure Private VLANs Configuring and Associating VLANs in a Private VLAN Page Page Configuring a Layer 2 Interface as a Private VLAN Host Port Page Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port Mapping Secondary VLANs to a Primary VLAN Layer 3 VLAN Interface Page Monitoring Private VLANs Configuration Examples for Private VLANs Example: Configuring a Primary VLAN, Isolated VLAN, and a Community of VLANs Example: Configuring an Interface as a Host Port Example: Configuring an Interface as a Private VLAN Promiscuous Port Example: Mapping Secondary VLANs to a Primary VLAN Interface Example: Monitoring Private VLANs Feature History and Information for Private VLANs Page CHAPTER 6 Configuring VMPS Prerequisites for VMPS Restrictions for VMPS Information About VMPS Dynamic VLAN Assignments Dynamic-Access Port VLAN Membership Default VMPS Client Configuration How to Configure VMPS Entering the IP Address of the VMPS Configuring Dynamic-Access Ports on VMPS Clients Page Reconfirming VLAN Memberships Changing the Reconfirmation Interval Changing the Retry Count Troubleshooting Dynamic-Access Port VLAN Membership Monitoring the VMPS Configuration Example for VMPS Example: VMPS Configuration Page Page Feature History and Information for VMPS CHAPTER 7 Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling Prerequisites for Configuring Tunneling IEEE 802.1Q Tunneling and Incompatibilities Layer 2 Protocol Tunneling Page Layer 2 Tunneling for EtherChannels Information about Tunneling IEEE 802.1Q and Layer 2 Protocol Overview IEEE 802.1Q Tunneling Page Page IEEE 802.1Q Tunneling Configuration Guidelines Native VLANs System MTU Default IEEE 802.1Q Tunneling Configuration Layer 2 Protocol Tunneling Overview Page Layer 2 Protocol Tunneling on Ports Default Layer 2 Protocol Tunneling Configuration How to Configure Tunneling Configuring an IEEE 802.1Q Tunneling Port Page Configuring Layer 2 Protocol Tunneling Page Page Configuring the SP Edge Switch Page Page Configuring the Customer Switch Page Configuration Examples for IEEE 802.1Q and Layer 2 Protocol Tunneling Example: Configuring an IEEE 802.1Q Tunneling Port Example: Configuring Layer 2 Protocol Tunneling Examples: Configuring the SP Edge and Customer Switches SPedge switch2 configuration: Monitoring Tunneling Status Page Feature History and Information for Tunneling CHAPTER 8 Configuring Voice VLANs Prerequisites for Voice VLANs Restrictions for Voice VLANs Information About Voice VLAN Voice VLANs Cisco IP Phone Voice Traffic Cisco IP Phone Data Traffic Voice VLAN Configuration Guidelines Default Voice VLAN Configuration How to Configure Voice VLAN Configuring Cisco IP Phone Voice Traffic Page Configuring the Priority of Incoming Data Frames Page Monitoring Voice VLAN Configuration Examples for Voice VLANs Example: Configuring Cisco IP Phone Voice Traffic Example: Configuring a Port Connected to an IP Phone Not to Change Frame Priority Page Feature History and Information for Voice VLAN INDEX C D E F H M N P R S