PVLAN provides Layer 2 isolation to quarantine hosts from one another among ports within the same
PVLAN.
Access ports in a PVLAN are allowed to communicate only with the certain designated router ports. In most
cases, this is the default gateway IP address. Private VLANs and normal VLANs can coexist on the same switch.
The PVLAN feature allows segregating traffic at Layer 2, thereby transforming a broadcast segment into a
nonbroadcast multi-access-like segment. To prevent interhost and interserver communication, PVLAN can be
used efficiently because the number of subnets or VLANs is greatly reduced, although the segmented approach
within a single network segment is still achieved. The number is reduced because there is no need to create
extra subnet/VLANs.
Note
The PVLAN feature is not available on all Cisco switches. Refer to Table 4-1 for a list of supported
platforms.
Table 4-1. VLAN Support on Catalyst Switches
Platform Software Version Isolated VLAN PVLAN Edge
(Protected
Port)
Community
VLAN
Catalyst 8500 Not Supported ??” ??” ??”
Catalyst
6500/6000??”CatOS
on Supervisor and
Cisco IOS on MSFC
5.4(1) on Supervisor
and 12.0(7)XE1 on
MSFC
Yes N/A Yes
Catalyst
6500/6000??”Cisco
IOS System
software
12.
Pages:
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170