User Guide

ManualsBrandsCisco Systems ManualsOtherEA6500

141

142

143

144

145

146

147

148

149

150

10-5

Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E

78-14099-04

Chapter 10 Configuring Private VLANs

Configuring Private VLANs

• Because the private VLAN port sticky ARP entries do not age out, you must manually remove

private VLAN port ARP entries if a MAC address changes. You can add or remove private VLAN

ARP entries manually as follows:

Router(config)# no arp 11.1.3.30

IP ARP:Deleting Sticky ARP entry 11.1.3.30

Router(config)# arp 11.1.3.30 0000.5403.2356 arpa

IP ARP:Overwriting Sticky ARP entry 11.1.3.30, hw:00d0.bb09.266e by hw:0000.5403.2356

Configuring Private VLANs

These sections describe how to configure private VLANs:

• Configuring a VLAN as a Private VLAN, page 10-5

• Associating Secondary VLANs with a Primary VLAN, page 10-6

• Mapping Secondary VLANs to the Layer 3 VLAN Interface of a Primary VLAN, page 10-7

• Configuring a Layer 2 Interface as a Private VLAN Host Port, page 10-8

• Configuring a Layer 2 Interface as a Private VLAN Promiscuous Port, page 10-9

Note If the VLAN is not defined already, the private VLAN configuration process defines it.

Note With Release 12.1(11b)E and later, when you are in configuration mode you can enter EXEC mode-level

commands by entering the do keyword before the EXEC mode-level command.

Configuring a VLAN as a Private VLAN

To configure a VLAN as a private VLAN, perform this task:

This example shows how to configure VLAN 202 as a primary VLAN and verify the configuration:

Router# configure terminal

Router(config)# vlan 202

Router(config-vlan)# private-vlan primary

Router(config-vlan)# end

Router# show vlan private-vlan

Command Purpose

Step 1

Router(config)# vlan vlan_ID

Enters VLAN configuration submode.

Step 2

Router(config-vlan)# private-vlan {community |

isolated | primary}

Configures a VLAN as a private VLAN.

Router(config-vlan)# no private-vlan {community |

isolated | primary}

Clears the private VLAN configuration.

Note These commands do not take effect until you exit

VLAN configuration submode.

Step 3

Router(config-vlan)# end

Exits configuration mode.

Step 4

Router# show vlan private-vlan [type]

Verifies the configuration.