Users Guide

Layer 2 Switching Commands 850

In order to enable Private VLAN operation across multiple switches which are

not stacked, the inter-switch links should carry VLANs which belong to a

private VLAN. The trunk ports which connect neighbor switches have to be

assigned to the primary, isolated, and community VLANs of a private VLAN.

In regular VLANs, ports in the same VLAN switch traffic at L2. However for

private VLAN, the promiscuous port is in the primary VLAN whereas the

isolated or community ports are in the secondary VLAN. Similarly, for

broadcasts, in regular VLANs, ports in the same VLAN receive broadcast

traffic. However, for private VLANs, the ports to which the broadcast traffic is

forwarded depend on the type of port on which the traffic was received. If the

received port is a host port; the traffic is forwarded to all promiscuous and

trunk ports. If the received port is community port the broadcast traffic is

forwarded to promiscuous, trunk and community ports in the same VLAN. A

promiscuous port sends traffic to other promiscuous ports, isolated and

community ports.

interface vlan

Use the interface vlan command in Global Configuration mode to enable L3

on a VLAN and enter VLAN Interface Configuration mode. Use the no form

of the command to disable routing on the VLAN.

Syntax

interface vlan {vlan-id}

no interface vlan { vlan-id }

• vlan-id—The ID of a valid VLAN (Range 1–4093).

Default Configuration

By default, Layer 3 is enabled on VLAN 1 on the N1100-

ON/N1500/N2000/N2100-ON/N2200-ON Series switches. However, VLAN

routing interfaces do not route packets until an IP address is assigned to the

VLAN and IP routing is globally enabled. DHCP and Layer 3 are not enabled

on VLAN 1 by default for the N3000-ON, N3100-ON, and N3200-ON Series

switches. DHCP is enabled on VLAN 1 by default for the N1100-

ON/N1500/N2000/N2100-ON/N2200-ON switches. The N1100-ON does not

support routing.