Cisco WS-C3560V2-24TS-E Command Reference - Page 662
private-vlan, show interfaces, switchport private-vlan, spanning-tree portfast bpduguard default
View all Cisco WS-C3560V2-24TS-E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 662 highlights
switchport mode private-vlan Chapter 2 Catalyst 3560 Switch Cisco IOS Commands We strongly recommend that you enable spanning tree Port Fast and bridge-protocol-data-unit (BPDU) guard on isolated and community host ports to prevent STP loops due to misconfigurations and to speed up STP convergence. If you configure a port as a private-VLAN host port and you do not configure a valid private-VLAN association by using the switchport private-vlan host-association interface configuration command, the interface becomes inactive. If you configure a port as a private-VLAN promiscuous port and you do not configure a valid private VLAN mapping by using the switchport private-vlan mapping interface configuration command, the interface becomes inactive. Examples This example shows how to configure an interface as a private-VLAN host port and associate it to primary VLAN 20. The interface is a member of secondary isolated VLAN 501 and primary VLAN 20. Note When you configure a port as a private VLAN host port, you should also enable BPDU guard and Port Fast by using the spanning-tree portfast bpduguard default global configuration command and the spanning-tree portfast interface configuration command. Switch# configure terminal Switch(config)# interface fastethernet 0/1 Switch(config-if)# switchport mode private-vlan host Switch(config-if)# switchport private-vlan host-association 20 501 Switch(config-if)# end This example shows how to configure an interface as a private VLAN promiscuous port and map it to a private VLAN. The interface is a member of primary VLAN 20 and secondary VLANs 501 to 503 are mapped to it. Switch# configure terminal Switch(config)# interface fastethernet 0/2 Switch(config-if)# switchport mode private-vlan promiscuous Switch(config-if)# switchport private-vlan mapping 20 501-503 Switch(config-if)# end You can verify private VLAN switchport mode by using the show interfaces interface-id switchport privileged EXEC command. Related Commands Command private-vlan show interfaces switchport switchport private-vlan Description Configures a VLAN as a community, isolated, or primary VLAN or associates a primary VLAN with secondary VLANs. Displays the administrative and operational status of a switching (nonrouting) port, including private VLAN configuration. Configures private VLAN associations and mappings between primary and secondary VLANs on an interface. 2-630 Catalyst 3560 Switch Command Reference 78-16405-05