The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to create a port profile for a private VLAN (PVLAN).
This chapter includes the following sections:
•Information About Private VLANs
•Configuring a Port Profile as a Private VLAN
•Feature History for Private VLAN Port Profiles
Private VLANs (PVLANs) are used to segregate Layer 2 ISP traffic and convey it to a single router interface. PVLANs achieve device isolation by applying Layer 2 forwarding constraints that allow end devices to share the same IP subnet while being Layer 2 isolated. In turn, the use of larger subnets reduces address management overhead.
For more information about PVLAN, see the Cisco Nexus 1000V Layer 2 Switching Configuration Guide, Release 4.2(1)SV1(4)
You can use this procedure to configure a port profile to be used as a private VLAN (PVLAN).
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
•You know the VLAN IDs for both the primary and secondary VLAN in the private VLAN pair.
•You know whether this private VLAN inherits its configuration.
1. config t
2. port-profile [type {ethernet | vethernet}] name
3. switchport mode private-vlan {host | promiscuous | trunk promiscuous}
4. switchport private-vlan host-association primary-vlan secondary-vlan
5. switchport private-vlan trunk allowed vlan vlan-range
6. switchport private-vlan mapping primary_vlan [add | remove] secondary_vlan
7. switchport private-vlan mapping trunk primary_vlan [add | remove] secondary_vlan
8. show port-profile [brief | expand-interface | usage] [name profile-name]
9. copy running-config startup-config
switch# config t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# port-profile type vethernet pvcomm
switch(config-port-prof)# vmware port-group
switch(config-port-prof)# switchport mode private-vlan host
switch(config-port-prof)# switchport private-vlan host-association 153 154
switch(config-port-prof)# no shutdown
switch(config-port-prof)# state enabled
switch(config-port-prof)# show run port-profile pv154
!Command: show running-config port-profile pv154
!Time: Fri Jan 7 15:10:43 2011
version 4.2(1)SV1(4)
port-profile type vethernet pv154
vmware port-group
switchport mode private-vlan host
switchport private-vlan host-association 153 154
no shutdown
max-ports 1024
state enabled
switch(config-port-prof)# port-profile type vethernet pvprom
switch(config-port-prof)# vmware port-group
switch(config-port-prof)# switchport mode private-vlan promiscuous
switch(config-port-prof)# switchport private-vlan mapping 153 154-155
switch(config-port-prof)# no shutdown
switch(config-port-prof)# state enabled
switch(config-port-prof)# show run port-profile pvprom
!Command: show running-config port-profile pvprom
!Time: Fri Jan 7 15:11:43 2011
version 4.2(1)SV1(4)
port-profile type vethernet pv153
vmware port-group
switchport mode private-vlan promiscuous
switchport private-vlan mapping 153 154-155
no shutdown
max-ports 1024
state enabled
switch(config-port-prof)# port-profile type ethernet pvpromtrunk
switch(config-port-prof)# vmware port-group
switch(config-port-prof)# switchport mode private-vlan trunk promiscuous
switch(config-port-prof)# switchport private-vlan mapping trunk 153 154-155
switch(config-port-prof)# switchport private-vlan mapping trunk 156 157
switch(config-port-prof)# switchport private-vlan trunk allowed vlan all
switch(config-port-prof)# no shutdown
switch(config-port-prof)# state enabled
switch(config-port-prof)# show run port-profile pvpromtrunk
!Command: show running-config port-profile pvpromtrunk
!Time: Fri Jan 7 15:12:24 2011
version 4.2(1)SV1(4)
port-profile type ethernet pvpromtrunk
vmware port-group
switchport mode private-vlan trunk promiscuous
switchport private-vlan mapping trunk 153 154-155
switchport private-vlan mapping trunk 156 157
switchport private-vlan trunk allowed vlan 1-3967,4048-4093
no shutdown
state enabled
This section provides the feature history for system port profiles.
|
|
|
---|---|---|
Private VLAN Port Profiles |
4.0(4)SV1(1) |
This feature was introduced. |