Owner's Manual
256 | Chapter 9. VLANs
NETGEAR 8800 User Manual
VLAN that are located on a different physical switch. An isolated VLAN can span multiple
switches and maintain isolation between the VLAN ports.
The network and subscriber VLANs can be extended to other switches that are not
configured for the PVLAN (as described in
Extending Network and Subscriber VLANs to
Other Switches on page 256). The advantage to extending the PVLAN is that tag translation
and VLAN isolation is supported on the additional switch or switches.
Extending Network and Subscriber VLANs to Other Switches
A network or subscriber VLAN can be extended to additional switches without a PVLAN
configuration on the additional switches. You might want to do this to connect to existing
servers, switches, or other network devices. You probably do not want to use this approach to
support clients, as tag translation and VLAN isolation are not supported unless the PVLAN is
configured on all PVLAN switches as described in
PVLAN Support over Multiple Switches on
page 255.
Figure 15 illustrates PVLAN connections to switches outside the PVLAN.
Figure 15. Private VLAN Connections to Switches Outside the PVLAN
In Figure 15, Switch 1, Network VLAN Port 21, connects to a Switch 3 port that only supports
the Network VLAN. In this configuration, the Network VLAN Port 21 on Switch 1 is configured
as “translated,” which translates subscriber VLAN tags to the network VLAN tag for access to
Network VLAN
21 22 23 24
21 22 23 2421 22 23 24
21 22 23 24
Tagged 1
Network VLAN
Tagged 1
Tagged 101
Tagged 101
Private VLAN
Isolated VLANNon-Isolated VLAN
Switch 1
Switch 3
Network VLAN
Tagged 1
Tagged 101
Tagged 101
Isolated VLAN
Non-Isolated VLAN
Switch 2
22
21 22 23 24
PVLAN
endpoint
EX_vlan_0004