Administrator Guide
• TenGig 4/0 and TenGig 0/23 are congured as host ports and assigned to the community VLAN, VLAN 4001.
• TenGig 4/24 and TenGig 4/47 are congured as host ports and assigned to community VLAN 4002.
The result is that:
• The ports in community VLAN 4001 can communicate directly with each other and with promiscuous ports.
• The ports in community VLAN 4002 can communicate directly with each other and with promiscuous ports.
• The ports in isolated VLAN 4003 can only communicate with the promiscuous ports in the primary VLAN 4000.
• All the ports in the secondary VLANs (both community and isolated VLANs) can only communicate with ports in the other
secondary VLANs of that PVLAN over Layer 3, and only when the ip local-proxy-arp command is invoked in the primary
VLAN.
NOTE: Even after you disable ip-local-proxy-arp (no ip-local-proxy-arp) in a secondary VLAN, Layer 3
communication may happen between some secondary VLAN hosts, until the ARP timeout happens on those secondary
VLAN hosts.
Inspecting the Private VLAN Conguration
The standard methods of inspecting congurations also apply in PVLANs.
To inspect your PVLAN congurations, use the following commands.
• Display the specic interface conguration.
INTERFACE mode and INTERFACE VLAN mode
show config
• Inspect the running-cong, and, with the grep pipe option, display a specic part of the running-cong.
show running-config | grep string
The following example shows the PVLAN parts of the running-cong from the S50V switch in the topology diagram previously
shown.
• Display the type and status of the congured PVLAN interfaces.
show interfaces private-vlan [interface interface]
This command is specic to the PVLAN feature.
For more information, refer to the Security chapter in the Dell Networking OS Command Line Reference Guide.
• Display the congured PVLANs or interfaces that are part of a PVLAN.
show vlan private-vlan [community | interface | isolated | primary | primary_vlan |
interface interface]
This command is specic to the PVLAN feature.
The following examples show the results of using this command without the command options on the MXL switch in the
topology diagram previously shown.
• Display the primary-secondary VLAN mapping. The following example shows the output from the MXL switch.
show vlan private-vlan mapping
This command is specic to the PVLAN feature.
Example of Viewing a Private VLAN
Example of the show vlan private-vlan mapping Command
Example of Viewing VLAN Status
Example of Viewing Private VLAN Conguration
The show arp and show vlan commands are revised to display PVLAN data.
Dell#show vlan private-vlan
Primary Secondary Type Active Ports
Private VLANs (PVLAN)
611