Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S5000

831

832

833

834

835

836

837

838

839

840

The following configuration is based on the example diagram for the S5000–1:

• TenGig 0/0 and TenGig 23 are configured as promiscuous ports, assigned to the primary VLAN, VLAN

4000.

• TenGig 0/25 is configured as a PVLAN trunk port, also assigned to the primary VLAN 4000.

• TenGig 0/24 and TenGig 0/47 are configured as host ports and assigned to the isolated VLAN, VLAN

4003.

• TenGig 4/0 and TenGig 23 are configured as host ports and assigned to the community VLAN, VLAN

4001.

• TenGig 4/24 and TenGig 4/47 are configured as host ports and assigned to community VLAN 4002.

The result is that:

• The ports in community VLAN 4001 can communicate directly with each other and with promiscuous

ports.

• The ports in community VLAN 4002 can communicate directly with each other and with promiscuous

ports.

• The ports in isolated VLAN 4003 can only communicate with the promiscuous ports in the primary

VLAN 4000.

• All the ports in the secondary VLANs (both community and isolated VLANs) can only communicate with

ports in the other secondary VLANs of that PVLAN over Layer 3, and only when the ip local-proxy-

arp command is invoked in the primary VLAN.

NOTE: Even after you disable ip-local-proxy-arp (no ip-local-proxy-arp) in a secondary VLAN,

Layer 3 communication may happen between some secondary VLAN hosts, until the ARP timeout

happens on those secondary VLAN hosts.

In parallel, on S5000-2:

• TenGig 0/3 is a promiscuous port and TenGig 0/25 is a PVLAN trunk port, assigned to the primary VLAN

4000.

• TenGig 0/4-6 are host ports. TenGig 0/4 and TenGig 0/5 are assigned to the community VLAN 4001,

while TenGig 0/6 is assigned to the isolated VLAN 4003.

The result is that:

• The S5000-2 ports would have the same intra-switch communication characteristics as described

previously for the S5000-1.

• For transmission between switches, tagged packets originating from host PVLAN ports in one secondary

VLAN and destined for host PVLAN ports in the other switch travel through the promiscuous ports in the

local VLAN 4000 and then through the trunk ports (0/25 in each switch).

Inspecting the Private VLAN Configuration

The standard methods of inspecting configurations also apply in PVLANs.

To inspect your PVLAN configurations, use the following commands.

• Display the specific interface configuration.

INTERFACE mode and INTERFACE VLAN mode

show config

• Inspect the running-config, and, with the grep pipe option, display a specific part of the running-config.

show running-config | grep string

Private VLANs (PVLAN) 839