user manual
Table Of Contents
- Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)
- Contents
- Preface
- New and Changed Information for this Release
- Overview
- Configuring Ethernet Interfaces
- Information About Ethernet Interfaces
- Configuring Ethernet Interfaces
- Configuring the UDLD Mode
- Changing an Interface Port Mode
- Configuring Interface Speed
- Disabling Link Negotiation
- Configuring the CDP Characteristics
- Enabling or Disabling CDP
- Enabling the Error-Disabled Detection
- Enabling the Error-Disabled Recovery
- Configuring the Error-Disabled Recovery Interval
- Configuring the Debounce Timer
- Configuring the Description Parameter
- Disabling and Restarting Ethernet Interfaces
- Displaying Interface Information
- Displaying Input Packet Discard Information
- Default Physical Ethernet Settings
- Configuring VLANs
- Configuring Private VLANs
- Information About Private VLANs
- Guidelines and Limitations for Private VLANs
- Configuring a Private VLAN
- Enabling Private VLANs
- Configuring a VLAN as a Private VLAN
- Associating Secondary VLANs with a Primary Private VLAN
- Configuring an Interface as a Private VLAN Host Port
- Configuring an Interface as a Private VLAN Promiscuous Port
- Configuring a Promiscuous Trunk Port
- Configuring an Isolated Trunk Port
- Configuring the Allowed VLANs for PVLAN Trunking Ports
- Configuring Native 802.1Q VLANs on Private VLANs
- Verifying the Private VLAN Configuration
- Configuring Access and Trunk Interfaces
- Configuring Switching Modes
- Configuring Rapid PVST+
- Information About Rapid PVST+
- Understanding STP
- Understanding Rapid PVST+
- Rapid PVST+ and IEEE 802.1Q Trunks
- Rapid PVST+ Interoperation with Legacy 802.1D STP
- Rapid PVST+ Interoperation with 802.1s MST
- Configuring Rapid PVST+
- Enabling Rapid PVST+
- Enabling Rapid PVST+ per VLAN
- Configuring the Root Bridge ID
- Configuring a Secondary Root Bridge
- Configuring the Rapid PVST+ Port Priority
- Configuring the Rapid PVST+ Pathcost Method and Port Cost
- Configuring the Rapid PVST+ Bridge Priority of a VLAN
- Configuring the Rapid PVST+ Hello Time for a VLAN
- Configuring the Rapid PVST+ Forward Delay Time for a VLAN
- Configuring the Rapid PVST+ Maximum Age Time for a VLAN
- Specifying the Link Type
- Restarting the Protocol
- Verifying Rapid PVST+ Configurations
- Information About Rapid PVST+
- Configuring Multiple Spanning Tree
- Information About MST
- Configuring MST
- MST Configuration Guidelines
- Enabling MST
- Entering MST Configuration Mode
- Specifying the MST Name
- Specifying the MST Configuration Revision Number
- Specifying the Configuration on an MST Region
- Mapping and Unmapping VLANs to MST Instances
- Mapping Secondary VLANs to Same MSTI as Primary VLANs for Private VLANs
- Configuring the Root Bridge
- Configuring a Secondary Root Bridge
- Configuring the Port Priority
- Configuring the Port Cost
- Configuring the Switch Priority
- Configuring the Hello Time
- Configuring the Forwarding-Delay Time
- Configuring the Maximum-Aging Time
- Configuring the Maximum-Hop Count
- Configuring PVST Simulation Globally
- Configuring PVST Simulation Per Port
- Specifying the Link Type
- Restarting the Protocol
- Verifying MST Configurations
- Configuring STP Extensions
- About STP Extensions
- Information About STP Extensions
- Configuring STP Extensions
- STP Extensions Configuration Guidelines
- Configuring Spanning Tree Port Types Globally
- Configuring Spanning Tree Edge Ports on Specified Interfaces
- Configuring Spanning Tree Network Ports on Specified Interfaces
- Enabling BPDU Guard Globally
- Enabling BPDU Guard on Specified Interfaces
- Enabling BPDU Filtering Globally
- Enabling BPDU Filtering on Specified Interfaces
- Enabling Loop Guard Globally
- Enabling Loop Guard or Root Guard on Specified Interfaces
- Verifying STP Extension Configuration
- About STP Extensions
- Configuring LLDP
- Configuring the MAC Address Table
- Configuring IGMP Snooping
- Configuring Traffic Storm Control
- INDEX
CHAPTER 5
Configuring Private VLANs
This chapter contains the following sections:
•
Information About Private VLANs, page 37
•
Guidelines and Limitations for Private VLANs, page 42
•
Configuring a Private VLAN, page 42
•
Verifying the Private VLAN Configuration, page 47
Information About Private VLANs
A private VLAN (PVLAN) partitions the Ethernet broadcast domain of a VLAN into subdomains, allowing
you to isolate the ports on the switch from each other. A subdomain consists of a primary VLAN and one or
more secondary VLANs (see the following figure). All VLANs in a PVLAN domain share the same primary
VLAN. The secondary VLAN ID differentiates one subdomain from another. The secondary VLANs may
either be isolated VLANs or community VLANs. A host on an isolated VLAN can only communicate with
Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)
OL-26590-01 37