Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

871

872

873

874

875

876

877

878

879

880

FastIron Configuration Guide 815

53-1002494-02

Private VLAN configuration

Configuring an isolated or community PVLAN

You can use the pvlan type command to configure the PVLAN as an isolated or community PVLAN.

The following are some configuration considerations to be noted for configuring isolated and

community PVLANs.

Isolated VLANs

• A port being added to the isolated VLAN can be either a tagged port or an untagged port.

• A member port of an isolated VLAN classifies a frame based on PVID only.

• An isolated port (member of an isolated VLAN) communicates only with the promiscuous port,

if a promiscuous port is configured.

• An isolated VLAN must be associated with the primary VLAN for traffic from the isolated port to

be switched. An isolated VLAN is associated with only one primary VLAN and to the same

primary VLAN in the entire switched network.

• An isolated port communicates only with the configured switch-switch link port if there are no

promiscuous ports configured for the isolated VLAN.

• A primary VLAN is associated with only one isolated VLAN. An isolated VLAN can only be

mapped to a promiscuous port and a switch-switch link port that belong to the same primary

VLAN.

• Link Aggregation Group (LAG) ports are not allowed as member ports of an isolated VLAN.

Community VLANs

• A port being added to the community VLAN can be either a tagged port or an untagged port.

• A member port of a community VLAN classifies a frame based on PVID only.

• A community VLAN is associated with only one primary VLAN and to the same primary VLAN in

the entire switched network. A primary VLAN is associated with multiple community VLANs.

• A community VLAN must be associated with the primary VLAN for traffic from the community

port to be switched.

• LAG ports are not allowed as member ports of a community VLAN.

To configure a community PVLAN, enter commands such as the following.

Brocade(config)# vlan 901

Brocade(config-vlan-901)# untagged ethernet 3/5 to 3/6

Brocade(config-vlan-901)# pvlan type community

These commands create port-based VLAN 901, add ports 3/5 and 3/6 to the VLAN as untagged

ports, then specify that the VLAN is a community PVLAN.

Syntax: untagged ethernet [<slotnum>/]<portnum> [to [<slotnum>/]<portnum> | ethernet

[<slotnum>/]<portnum>]

Syntax: tagged ethernet [<slotnum>/]<portnum> [to [<slotnum>/]<portnum> | ethernet

[<slotnum>/]<portnum>]

Syntax: [no] pvlan type community | isolated | primary

The untagged ethernet or taggd ethernet command adds the ports to the VLAN.