Cisco Systems EA6500 Manual De Usuario

This chapter describes how to configure private VLANs on the Catalyst 6500 series switches. 
Release 12.1 E supports private VLANs with Release 12.1(11b)E and later.

For complete syntax and usage information for the commands used in this chapter, refer to the 
Catalyst 6500 Series Switch Cisco IOS Command Reference publication.

This chapter consists of these sections:

To configure private VLANs, the switch must be in VTP transparent mode.

Private VLANs provide Layer 2 isolation between ports within the same private VLAN. There are three 
types of private VLAN ports: 

Promiscuous—A promiscuous port can communicate with all interfaces, including the community 
and isolated ports within a private VLAN.

Isolated—An isolated port has complete Layer 2 separation from other ports within the same private 
VLAN except for the promiscuous port. Private VLANs block all traffic to isolated ports except 
traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to 
promiscuous ports.

Community—Community ports communicate among themselves and with their promiscuous ports. 
These interfaces are isolated at Layer 2 from all other interfaces in other communities or isolated 
ports within their private VLAN. 

Because trunks can support the VLANs carrying traffic between isolated, community, and 
promiscuous ports, isolated and community port traffic might enter or leave the switch 
through a trunk interface.