Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch

121

122

123

124

125

126

127

128

129

130

Send feedback to nx5000-docfeedback@cisco.com

7-7

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide

OL-16597-01

Chapter 7 Configuring Private VLANs

Configuring a Private VLAN

Configuring a VLAN as a Private VLAN

To create a private VLAN, you first create a VLAN, and then configure that VLAN to be a private

VLAN. Ensure that the private VLAN feature is enabled.

To create a private VLAN, perform this task:

This example shows how to assign VLAN 5 to a private VLAN as the primary VLAN:

switch# configure terminal

switch(config)# vlan 5

switch(config-vlan)# private-vlan primary

This example shows how to assign VLAN 100 to a private VLAN as a community VLAN:

switch(config-vlan)# exit

switch(config)# vlan 100

switch(config-vlan)# private-vlan community

This example shows how to assign VLAN 109 to a private VLAN as an insolated VLAN:

switch(config-vlan)# exit

switch(config)# vlan 109

switch(config-vlan)# private-vlan isolated

To disable a private VLAN, perform this task:

Associating Secondary VLANs with a Primary Private VLAN

When you associate secondary VLANs with a primary VLAN, follow these guidelines:

• The secondary-vlan-list parameter cannot contain spaces. It can contain multiple comma-separated

items. Each item can be a single secondary VLAN ID or a hyphenated range of secondary VLAN

IDs.

• The secondary-vlan-list parameter can contain multiple community and isolated VLAN IDs.

Command Purpose

Step 1

switch# configure terminal

Enters configuration mode.

Step 2

switch(config)# vlan {vlan-id |

vlan-range}

Places you into the VLAN configuration submode.

Step 3

switch(config-vlan)# private-vlan

{community | isolated | primary}

Configures the VLAN as either a community,

isolated, or primary private VLAN. In a private

VLAN, you must have one primary VLAN. You can

have multiple community and isolated VLANs.

Command Purpose

switch(config-vlan)# no private-vlan

{community | isolated | primary}

Removes the private VLAN configuration from the

specified VLAN(s) and returns it to normal VLAN

mode. If you delete either the primary or secondary

VLAN, the ports that are associated with the VLAN

become inactive.