Use this command to create a secondary VLAN by assigning the secondary VLAN to a VLAN interface.
| vlan-id | Specify the secondary VLAN ID. Valid values are 1 - 4095. |
None.
Interface Configuration.
The secondary VLAN configuration on an IP Interface provides the ability to associate multiple L2 VLANs with one L3 IP interface. A secondary VLAN can be configured as a private VLAN. Members of the private VLAN are connected hosts that share the IP interface of the primary VLAN, while at the same time are restricted from directly communicating with each other. Hosts on the primary VLAN, also referred to as the community VLAN, can communicate directly with hosts on both the primary and private VLANs.
Refer to Secondary and Private VLAN in the S-, K-, and 7100 Series Configuration Guide for a complete private VLAN configuration discussion.
When configuring a secondary VLAN, set both the secondary and primary VLAN constraint to shared, using the same constraint set ID. This setting assures that both the primary and secondary VLAN use the same FID. VLAN constraint is set using the set vlan constraint command.
An IP address is only configured for the primary VLAN, not for the secondary VLAN.
This example shows how to:
System(rw)->set vlan name 100 PrimaryVlan System(rw)->set vlan name 200 SecondaryVlan System(rw)->set port vlan ge.1.1-2 100 System(rw)->set port vlan ge.1.3-4 200 System(rw)->set vlan egress 100 ge.1.1-4 untagged System(rw)->set vlan egress 200 ge.1.1-2 untagged System(rw)->set vlan constraint 100 100 shared System(rw)->set vlan constraint 200 100 shared System(rw)->configure System(rw-config)->interface vlan 100 System(rw-config-intf-vlan.0.1)->ip address 100.1.1.1/24 primary System(rw-config-intf-vlan.0.1)->secondary-vlan 200 System(rw-config-intf-vlan.0.1)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB