Cisco Systems 3560 Manual Do Utilizador
C H A P T E R
14-1
Catalyst 3560 Switch Software Configuration Guide
OL-8553-06
14
Configuring Private VLANs
This chapter describes how to configure private VLANs on the Cisco Catalyst 3560 switch.
Note
For complete syntax and usage information for the commands used in this chapter, see the command
reference for this release.
reference for this release.
The chapter consists of these sections:
•
•
•
Note
When you configure private VLANs, the switch must be in VTP transparent mode. See
Understanding Private VLANs
The private-VLAN feature addresses two problems that service providers face when using VLANs:
•
Scalability: The switch supports up to 1005 active VLANs. If a service provider assigns one VLAN
per customer, this limits the numbers of customers that the service provider can support.
per customer, this limits the numbers of customers that the service provider can support.
•
To enable IP routing, each VLAN is assigned a subnet address space or a block of addresses, which
can waste the unused IP addresses and cause IP address management problems.
can waste the unused IP addresses and cause IP address management problems.
Using private VLANs addresses the scalability problem and provides IP address management benefits
for service providers and Layer 2 security for customers.
for service providers and Layer 2 security for customers.
Private VLANs partition a regular VLAN domain into subdomains and can have multiple VLAN
pairs—one for each subdomain. A subdomain is represented by a primary VLAN and a secondary
VLAN.
pairs—one for each subdomain. A subdomain is represented by a primary VLAN and a secondary
VLAN.
All VLAN pairs in a private VLAN share the same primary VLAN. The secondary VLAN ID
differentiates one subdomain from another. See
differentiates one subdomain from another. See
.