Configuring a Private VLAN in a Port Profile
This chapter contains the following sections:
- Information About Private VLANs
- Configuring a Port Profile as a Private VLAN
- Feature History for Private VLAN Port Profiles
Information About Private VLANs
Private VLANs (PVLANs) are used to segregate Layer 2 ISP traffic and convey it to a single router interface. PVLANs achieve device isolation by applying Layer 2 forwarding constraints that allow end devices to share the same IP subnet while being Layer 2 isolated. In turn, the use of larger subnets reduces address management overhead.
For more information about PVLANs, see the Cisco Nexus 1000V Layer 2 Switching Configuration Guide.
Configuring a Port Profile as a Private VLAN
1. switch# configure terminal
2. switch(config)# port-profile [type {ethernet | vethernet}] name
3. switch(config-port-prof)# switchport mode private-vlan {host| promiscuous|trunk promiscuous}
4. switch(config-port-prof)# switchport private-vlan host-association primary-vlan secondary-vlan
5. switch(config-port-prof)# switchport private-vlan trunk allowed vlan vlan-range
6. switch(config-port-prof)# switchport private-vlan mapping primary_vlan [add | remove] secondary_vlan
7. switch(config-port-prof)# switchport private-vlan mapping trunk primary_vlan [add | remove] secondary_vlan
8. (Optional) switch(config-port-prof)# show port-profile [brief | expand-interface | usage] [name profile-name]
9. (Optional) switch(config-port-prof)# copy running-config startup-config
DETAILED STEPS
The following examples show different ways that port profiles can be configured as private VLANs.
switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)# port-profile type vethernet pvcomm switch(config-port-prof)# vmware port-group switch(config-port-prof)# switchport mode private-vlan host switch(config-port-prof)# switchport private-vlan host-association 153 154 switch(config-port-prof)# no shutdown switch(config-port-prof)# state enabled switch(config-port-prof)# show run port-profile pv154 !Command: show running-config port-profile pv154 !Time: Fri Jan 7 15:10:43 2011 version 4.2(1)SV1(4) port-profile type vethernet pv154 vmware port-group switchport mode private-vlan host switchport private-vlan host-association 153 154 no shutdown max-ports 1024 state enabled switch(config-port-prof)# port-profile type vethernet pvprom switch(config-port-prof)# vmware port-group switch(config-port-prof)# switchport mode private-vlan promiscuous switch(config-port-prof)# switchport private-vlan mapping 153 154-155 switch(config-port-prof)# no shutdown switch(config-port-prof)# state enabled switch(config-port-prof)# show run port-profile pvprom !Command: show running-config port-profile pvprom !Time: Fri Jan 7 15:11:43 2011 version 4.2(1)SV1(4) port-profile type vethernet pv153 vmware port-group switchport mode private-vlan promiscuous switchport private-vlan mapping 153 154-155 no shutdown max-ports 1024 state enabled switch(config-port-prof)# port-profile type ethernet pvpromtrunk switch(config-port-prof)# vmware port-group switch(config-port-prof)# switchport mode private-vlan trunk promiscuous switch(config-port-prof)# switchport private-vlan mapping trunk 153 154-155 switch(config-port-prof)# switchport private-vlan mapping trunk 156 157 switch(config-port-prof)# switchport private-vlan trunk allowed vlan all switch(config-port-prof)# no shutdown switch(config-port-prof)# state enabled switch(config-port-prof)# show run port-profile pvpromtrunk !Command: show running-config port-profile pvpromtrunk !Time: Fri Jan 7 15:12:24 2011 version 4.2(1)SV1(4) port-profile type ethernet pvpromtrunk vmware port-group switchport mode private-vlan trunk promiscuous switchport private-vlan mapping trunk 153 154-155 switchport private-vlan mapping trunk 156 157 switchport private-vlan trunk allowed vlan 1-3967,4048-4093 no shutdown state enabled
Feature History for Private VLAN Port Profiles
Feature Name |
Release |
Feature Information |
---|---|---|
Private VLAN Port Profiles |
4.0(4)SV1(1) |
This feature was introduced. |