Cisco Systems N3KC3064TFAL3 Manual De Usuario
• Configure selected interfaces connected to end stations as isolated ports to prevent any communication.
For example, if the end stations are servers, this configuration prevents communication between the
servers.
servers.
• Configure interfaces connected to default gateways and selected end stations (for example, backup
servers) as promiscuous ports to allow all end stations access to a default gateway.
Guidelines and Limitations for Private VLANs
When configuring PVLANs, follow these guidelines:
• You must have already created the VLAN before you can assign the specified VLAN as a private VLAN.
• You must enable PVLANs before the switch can apply the PVLAN functionality.
• You cannot disable PVLANs if the switch has any operational ports in a PVLAN mode.
• Enter the private-vlan synchronize command from within the Multiple Spanning Tree (MST) region
definition to map the secondary VLANs to the same MST instance as the primary VLAN.
Configuring a Private VLAN
Enabling Private VLANs
You must enable PVLANs on the switch to use the PVLAN functionality.
The PVLAN commands do not appear until you enable the PVLAN feature.
Note
Procedure
Purpose
Command or Action
Enters configuration mode.
switch# configure terminal
Step 1
Enables the PVLAN feature on the switch.
switch(config)# feature private-vlan
Step 2
(Optional)
Disables the PVLAN feature on the switch.
Disables the PVLAN feature on the switch.
switch(config)# no feature
private-vlan
private-vlan
Step 3
You cannot disable PVLANs if there are
operational ports on the switch that are in
PVLAN mode.
operational ports on the switch that are in
PVLAN mode.
Note
This example shows how to enable the PVLAN feature on the switch:
switch#
configure terminal
switch(config)#
feature private-vlan
Cisco Nexus 3000 NX-OS Layer 2 Switching Configuration Guide, Release 5.0(3)U3(1)
42
OL-26590-01
Configuring Private VLANs
Guidelines and Limitations for Private VLANs