Ports in the isolated VLAN
cannot communicate at Layer 2 with any other port within the Private VLAN (either another community
VLAN port or a port in the same isolated VLAN). To communicate with other ports, it must go through the
promiscuous port.
As a community VLAN: Carries traffic between community ports within the same community VLAN and
to promiscuous ports. Ports in the community VLAN can communicate at Layer 2 with each other (only
within the same community VLAN) but cannot communicate with ports in other community or isolated
VLANs. To communicate with other ports, they must go through the promiscuous port. Multiple community
VLANs can be configured in a PVLAN.
Figure 4-1a depicts the basic PVLAN components and the different types of PVLAN ports.
The isolated and community VLANs are also called secondary VLANs. PVLANs can be extended across multiple
devices by trunking the primary, isolated, and community VLANs to other devices that support PVLANs.
In summary, a Private VLAN contains three elements: the Private VLAN itself, the secondary VLANs (known as
the community VLAN and isolated VLAN), and the promiscuous port.
Figure 4-1b summarizes the PVLAN components and traffic flow policies among the PVLAN ports.
Pages:
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173