COMMAND LINE INTERFACE
private-vlan
Use this command to create a primary or secondary (i.e., community) private VLAN. Use the no form to remove the specified private VLAN.
Syntax
private-vlan vlan-id {community primary}
no
•
•community - A VLAN in which traffic is restricted to port members.
•primary - A VLAN which can contain one or more community VLANs, and serves to channel traffic between community VLANs and other locations.
Default Setting
None
Command Mode
VLAN Configuration
Command Usage
•Private VLANs are used to restrict traffic to ports within the same VLAN “community,” and channel traffic passing outside the community through promiscuous ports that have been mapped to the associated “primary” VLAN.
•Port membership for private VLANs is static. Once a port has been assigned to a private VLAN, it cannot be dynamically moved to another VLAN via GVRP.
•Private VLAN ports cannot be set to trunked mode. (See “switchport mode” on page 125.)
