SMC Networks 10/100 L, I, 3-134, private-vlan

C

OMMAND

L

INE

I

NTERFACE

3-134private-vlan

Use this command to create a primary or secondary (i.e.,

community) private VLAN. Use the no form to remove the

specified private VLAN.

Syntax

private-vlan vlan-id {community | primary}

no private-vlan vlan-id

•vlan-id - ID of private VLAN. (Range: 2-4094, no leading

zeroes).

•community - A VLAN in which traffic is restricted to port

members.

•primary - A VLAN which can contain one or more

community VLANs, and serves to channel traffic between

community VLANs and other locations.

Default Setting

None

Command Mode

VLAN Configuration

Command Usage

• Private VLANs are used to restrict traffic to ports within the

same VLAN “community,” and channel traffic passing outside

the community through promiscuous ports that have been

mapped to the associated “primary” VLAN.

• Port membership for private VLANs is static. Once a port has

been assigned

to a private VLAN, it cannot be dynamically

moved to another VLAN via GVRP.

• Private VLAN ports cannot be set to trunked mode. (See

“switchport mode” on page125.)

Contents

Main TigerSwitch 10/100 24-Port Fast Ethernet Switch Management Guide Page Page Page L W IMITED v ARRANTY W IMITED ARRANTY vi ONTENTS 1 Switch Management . . . . . . . . . . . . . . . . . . . . . . 1-1 2 Configuring the Switch . . . . . . . . . . . . . . . . . . . . 2-1 ii iii 3 Command Line Interface . . . . . . . . . . . . . . . . . . 3-1 iv v vi vii Page 1-1 1 S M WITCH ANAGEMENT Connecting to the Switch M 1-2 S 1-3 Required Connections M 1-4 Remote Connections C 1-5 Basic Configuration Console Connection M 1-6 Setting Passwords C 1-7 Setting an IP Address M 1-8 C 1-9 M 1-10 Enabling SNMP Management Access C 1-11 M 1-12 Saving Configuration Settings S F Managing System Files M 1-14 System Defaults D 1-15 M 1-16 D 1-17 Page 2-1 2 S THE ONFIGURING Navigating the Web Browser Interface Page S 2-4 Panel Display M 2-5 Main Menu S 2-6 M 2-7 S 2-8 C 2-9 Basic Configuration Displaying System Information Page C 2-11 Setting the IP Address S 2-12 C 2-13 Manual Configuration Using DHCP/BOOTP S 2-14 U A Configuring User Authentication Configuring the Logon Password S 2-16 U A 2-17 Configuring RADIUS Logon Authentication S 2-18 U A 2-19 Managing Firmware F 2-21 S 2-22 Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server F 2-23 S 2-24 Resetting the System Displaying Bridge Extension Capabilities B C E 2-25 Page Enabling or Disabling GVRP (Global Setting) S 2-28 Displaying Switch Hardware/Software Versions Page S 2-30 Port Configuration Displaying Connection Status C 2-31 S 2-32 Configuring Interface Connections C 2-33 S 2-34 Setting Broadcast Storm Thresholds C 2-35 S 2-36 Page Address Table Settings Page Page Page Spanning Tree Algorithm Configuration T C A 2-43 Managing Global Settings S 2-44 Page S CLI THE 2-46 Page S 2-48 T C A 2-49 S 2-50 T C LGORITHM A REE VLAN Configuration 2-53 Assigning Ports to VLANs S 2-54 2-55 S 2-56 Forwarding Tagged/Untagged Frames Displaying Basic VLAN Information 2-57 Displaying Current VLANs Command Attributes (Web) Page 2-59 Creating VLANs S 2-60 2-61 Adding Static Members to VLANs (VLAN Index) S 2-62 2-63 Page 2-65 Configuring VLAN Behavior for Interfaces S 2-66 2-67 S 2-68 Configuring Private VLANs P VLAN 2-69 Displaying Current Private VLANs Page P VLAN 2-71 Configuring Private VLANs S 2-72 Associating Community VLANs Page S 2-74 P VLAN 2-75 Configuring Private VLAN Interfaces S 2-76 C Class of Service Configuration S 2-78 Setting the Queue Mode T Port Trunk Configuration S 2-80 Page S 2-82 Configuring SNMP SNMP 2-83 Setting Community Access Strings Page SNMP 2-85 S 2-86 Multicast Configuration C 2-87 Configuring IGMP Parameters S 2-88 C 2-89 Interfaces Attached to a Multicast Router S 2-90 Displaying Interfaces Attached to a Multicast Router Page Page Page Page C 2-95 Showing Port Statistics Page S THE 2-98 Rate Limit Configuration L C 2-99 Command Attribute Configuring 802.1x Port Authentication 802.1 A P 2-101 S 2-102 Displaying 802.1x Global Settings 802.1 A ORT P X S 2-104 Page Page 802.1 A Statistical Values P 2-107 Page Page Page 3 I INE L OMMAND L I 3-2 Telnet Connection I L C 3-3 Entering Commands C 3-5 Command Completion Getting Help on Commands Showing Commands Page C 3-7 Understanding Command Modes Exec Commands L I 3-8 Configuration Commands C 3-9 L I 3-10 Command Groups G 3-11 L I 3-12 C 3-13 General Commands enable L I 3-14 disable C 3-15 configure L I 3-16 show history C 3-17 reload end L I 3-18 exit C Flash/File Commands L I 3-20 copy C 3-21 L I 3-22 delete C 3-23 dir L I 3-24 whichboot C 3-25 boot system L I System Management Commands M C 3-27 hostname username L I 3-28 M C 3-29 enable password L I 3-30 ip http port Page Page M C ANAGEMENT YSTEM 3-33 Page M C ANAGEMENT YSTEM 3-35 L I 3-36 show system M C 3-37 show users show version Authentication Commands C 3-39 authentication login L I 3-40 radius-server host C 3-41 radius-server port Page C 3-43 radius-server timeout show radius-server L Port Authentication Commands A C 3-45 authentication dot1x Page Page Page Page Page A C 3-51 show dot1x L I 3-52 A C UTHENTICATION ORT 3-53 SNMP Commands snmp-server community 3-55 snmp-server contact Page 3-57 snmp-server host L I 3-58 snmp-server enable traps 3-59 show snmp L I 3-60 C 3-61 IGMP Snooping Commands ip igmp snooping L I 3-62 ip igmp snooping query-count C 3-63 ip igmp snooping query-max-response-time L I 3-64 ip igmp snooping router-port-expire-time C 3-65 ip igmp snooping version L I 3-66 show ip igmp snooping C 3-67 show mac-address-table multicast L I Line Commands C 3-69 line L I 3-70 login C 3-71 password L I 3-72 exec-timeout C 3-73 password-thresh L I 3-74 silent-time C 3-75 databits L I 3-76 parity C 3-77 speed Page 3-79 Example To show all lines, enter this command: IP Commands L I 3-80 ip address 3-81 ip dhcp restart L I 3-82 ip default-gateway 3-83 show ip interface Page 3-85 L I 3-86 HOL Blocking Prevention Commands queue hol-prevention HOL B C P 3-87 show queue hol-prevention Interface Commands C 3-89 interface L I 3-90 description speed-duplex C 3-91 L I 3-92 negotiation C 3-93 capabilities Default Setting L I 3-94 flowcontrol C 3-95 Page C 3-97 switchport broadcast percent L I 3-98 clear counters Page L I 3-100 show interfaces counters C NTERFACE 3-101 L I 3-102 show interfaces switchport C 3-103 L I 3-104 Rate Limit Commands L C 3-105 rate-limit L Address Table Commands T C 3-107 mac-address-table static L I 3-108 clear mac-address-table dynamic T C 3-109 show mac-address-table L I 3-110 mac-address-table aging-time T Spanning Tree Commands L I 3-112 spanning-tree T C 3-113 spanning-tree forward-time Page T C 3-115 spanning-tree max-age Page T C 3-117 spanning-tree port-priority L I 3-118 spanning-tree portfast T C 3-119 show spanning-tree L I 3-120 3-121 VLAN Commands L I 3-122 vlan database 3-123 Page 3-125 switchport mode L I 3-126 switchport acceptable-frame-types 3-127 switchport ingress-filtering L I 3-128 switchport native vlan 3-129 switchport allowed vlan L I 3-130 switchport forbidden vlan 3-131 show vlan L I 3-132 Private VLAN Commands VLAN C 3-133 L I 3-134 private-vlan VLAN C 3-135 private vlan association L I 3-136 switchport mode private-vlan VLAN C 3-137 switchport private-vlan host-association Page VLAN C 3-139 show vlan private-vlan L I GVRP and Bridge Extension Commands switchport gvrp GVRP C E B 3-141 L I 3-142 garp timer GVRP C E B 3-143 L I 3-144 bridge-ext gvrp GVRP C E B 3-145 Priority Commands C 3-147 queue mode show queue mode L Mirror Port Commands port monitor P C 3-149 show port monitor L Port Trunking Commands T C 3-151 L I 3-152 port-group Page Page A PPENDIX A-1 A T ROUBLESHOOTING A-2 Page F P S B-2 B-3 F P S Restoring Switch Defaults S D 4. Enter <q> and then <x> to return to the main menu. ESTORING EFAULTS Page G Glossary-1 LOSSARY Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Page Page Page I NDEX Index-1 A B R S T U V