Private vlan

1,374
-1

Published on

ciscobulls@gmail.com per mail kare.............................

Published in: Education, Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,374
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
207
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Private vlan

  1. 1. Anuj Kumar ciscobulls@gmail.com CCNP SWITCH PORTABLE STUDY GUIDE & PRACTICE WORK BOOKANUJ KUMAR email:- ciscobulls@gmail.com anuj_dev007@yahoo.com networkbulls.com
  2. 2. Anuj Kumar ciscobulls@gmail.com Private VlanFeature:-Private Vlan provides isolation between ports within the same network.It’s provided security and reduces the number of IP subnet.pVLANs require VTP switches to be in transparent mode.pVLANs can span multiple switches that support the pVLAN’s trunking feature.Example: - Service providers use pVLANs to deploy hosting services and network access where all devices reside inthe same subnet but only communicate to a default gateway, servers or another network.PRIVATE VLAN CONSIST TWO TYPES OF VLAN.1: - Primary VLAN (Promiscuous is also called Primary VLAN) It is called high level VLAN. It can have many secondary VLANs Secondary VLANs belong to same subnet as primary VLAN.2: - Secondary VLAN It is child VLAN to primary VLAN. All end devices belong to a secondary VLAN.TWO TYPES OF SECONDARY VLAN.1:- Community VLANS These ports communicate with other ports in the same community but not another community VLAN port,and (Primary VLAN Ports) promiscuous port.2: - Isolated VLANS These ports can only communicate with promiscuous ports.Note: -These ports can not communicate with other port in the same isolated.
  3. 3. Anuj Kumar ciscobulls@gmail.comConfiguration of Private VLAN: -Configure switch as an in transparent modeSwitch(config)#vtp mode transparentConfigure Primary VLANSwitch(config)# vlan 100Switch(config-vlan)# private-vlan primaryConfigure Secondary VLANs (two community, one isolated)Switch(config)# vlan 200Switch(config-vlan)# private-vlan communitySwitch(config)# vlan 300Switch(config-vlan)# private-vlan communitySwitch(config)# vlan 400Switch(config-vlan)# private-vlan isolatedAssociate secondary VLANs to primary VLAN
  4. 4. Anuj Kumar ciscobulls@gmail.comSwitch(config)# vlan 100Switch(config-vlan)# private-vlan association 200,300,400Configure access ports for promiscuous mode.Switch(config)# interface range fa 0/7 – 8Switch(config-if)# switchport mode private-vlan promiscuousSwitch(config-if)#switchport private-vlan mapping 100 200,300,400Switch(config-if)# exitConfigure access ports for community-A pVLANs.Switch(config)# interface range fa 0/1 – 2Switch(config-if)# switchport mode private-vlan hostSwitch(config-if)# switchport private-vlan host-association 100 200Switch(config-if)# exitConfigure access ports for community-B pVLANs.Switch(config)# interface range fa 0/3 – 4Switch(config-if)# switchport mode private-vlan hostSwitch(config-if)# switchport private-vlan host-association 100 300Switch(config-if)# exitConfigure access ports for Isolated pVLANs.Switch(config)# interface range fa 0/5 – 6Switch(config-if)# switchport mode private-vlan hostSwitch(config-if)# switchport private-vlan host-association 100 400Switch(config-if)# exitVerify commands: -Switch#show vlan private-vlanSwitch#show vlan private-vlan type

×