Reference Guide
Private VLANs | 643
Each of the port types can be any type of physical Ethernet port, including port channels (LAGs). For
details on port channels, refer to Port Channel Interfaces on page 373 in Chapter 20, Interfaces.
For an introduction to VLANs, refer to Chapter 26, Layer 2.
Private VLAN Commands
The commands dedicated to supporting the Private VLANs feature are:
The outputs of the following commands are augmented in FTOS 7.8.1.0 to provide PVLAN data:
•
show arp: Refer to the IP Routing Commands chapter in the FTOS Command Reference.
•
show vlan: Refer to the Layer 2 Commands chapter in the FTOS Command Reference.
Table 35-1. Private VLAN Commands
Task Command Syntax Command Mode
Enable/disable Layer 3 communication between
secondary VLANs.
[
no] ip local-proxy-arp
Note: Even after ip-local-proxy-arp is
disabled (
no ip-local-proxy-arp) in a
secondary VLAN, Layer 3 communication may
happen between some secondary VLAN hosts,
until the ARP timeout happens on those
secondary VLAN hosts.
INTERFACE VLAN
Set the mode of the selected VLAN to
community, isolated, or primary.
[no] private-vlan mode {community |
isolated | primary}
INTERFACE VLAN
Map secondary VLANs to the selected primary
VLAN.
[no] private-vlan mapping
secondary-vlan vlan-list
INTERFACE VLAN
Display type and status of PVLAN interfaces. show interfaces private-vlan [interface
interface]
EXEC
EXEC Privilege
Display PVLANs and/or interfaces that are part
of a PVLAN.
show vlan private-vlan [community |
interface | isolated | primary | primary_vlan |
interface interface]
EXEC
EXEC Privilege
Display primary-secondary VLAN mapping.
show vlan private-vlan mapping
EXEC
EXEC Privilege
Set the PVLAN mode of the selected port. switchport mode private-vlan {host |
promiscuous | trunk}
INTERFACE
Note: Secondary VLANs are Layer 2 VLANs, so even if they are operationally down while primary VLANs
are operationally up, Layer 3 traffic will still be transmitted across secondary VLANs.