Reference Guide

ManualsBrandsDell ManualsComputer equipmentNetworking Z9500

581

582

583

584

585

586

587

588

589

590

Creating a Primary VLAN

A primary VLAN is a port-based VLAN that is specifically enabled as a primary VLAN to contain the promiscuous ports and

PVLAN trunk ports for the private VLAN.

A primary VLAN also contains a mapping to secondary VLANs, which are comprised of community VLANs and isolated VLANs.

1. Access INTERFACE VLAN mode for the VLAN to which you want to assign the PVLAN interfaces.

CONFIGURATION mode

interface vlan vlan-id

2. Enable the VLAN.

INTERFACE VLAN mode

no shutdown

3. Set the PVLAN mode of the selected VLAN to primary.

INTERFACE VLAN mode

private-vlan mode primary

4. Map secondary VLANs to the selected primary VLAN.

INTERFACE VLAN mode

private-vlan mapping secondary-vlan vlan-list

The list of secondary VLANs can be:

● Specified in comma-delimited (VLAN-ID,VLAN-ID) or hyphenated-range format (VLAN-ID-VLAN-ID).

● Specified with this command even before they have been created.

● Amended by specifying the new secondary VLAN to be added to the list.

5. Add promiscuous ports as tagged or untagged interfaces.

INTERFACE VLAN mode

tagged interface or untagged interface

Add PVLAN trunk ports to the VLAN only as tagged interfaces.

You can enter interfaces singly or in range format, either comma-delimited (slot/port,port,port) or hyphenated

(slot/port-port).

You can only add promiscuous ports or PVLAN trunk ports to the PVLAN (no host or regular ports).

6. (OPTIONAL) Assign an IP address to the VLAN.

INTERFACE VLAN mode

ip address ip address

7. (OPTIONAL) Enable/disable Layer 3 communication between secondary VLANs.

INTERFACE VLAN mode

ip local-proxy-arp

NOTE:

If a promiscuous or host port is untagged in a VLAN and it receives a tagged packet in the same VLAN, the packet is

NOT dropped.

Creating a Community VLAN

A community VLAN is a secondary VLAN of the primary VLAN in a private VLAN.

The ports in a community VLAN can talk to each other and with the promiscuous ports in the primary VLAN.

1. Access INTERFACE VLAN mode for the VLAN that you want to make a community VLAN.

CONFIGURATION mode

interface vlan vlan-id

2. Enable the VLAN.

INTERFACE VLAN mode

no shutdown

3. Set the PVLAN mode of the selected VLAN to community.

Private VLANs (PVLAN)

587