PVLAN Configuration Example 2 shows a PVLAN configuration example for a motel.
This motel has guest rooms, a conference room, and their web proxy server on the first floor, and guest rooms on the second floor. The motel has three Summit switches. There is one on the first floor in a closet, one on the first floor in the conference room, and one on the second floor.
Note
The following examples contain comments that follow the CLI comment character (#). All text that follows this character is ignored by the switch and can be omitted from the switch configuration.The following commands configure the Summit in the first floor closet:
# Create and configure the VLANs. create vlan Main configure vlan Main add port 1 configure vlan Main tag 100 configure vlan Main add port 2 tagged create vlan ClientConnections configure vlan ClientConnections tag 200 configure vlan ClientConnections add port 5-19 configure vlan ClientConnections add port 20 tagged create vlan ConfRoom configure vlan ConfRoom tag 300 configure vlan ConfRoom add port 21-30 configure vlan ConfRoom add port 20 tagged
# Create and configure the PVLAN named Motel. create private-vlan Motel configure private-vlan Motel add network Main configure private-vlan Motel add subscriber ClientConnections # isolated subscriber VLAN configure private-vlan "Motel" add subscriber "ConfRoom" non-isolated loopback-port 30 configure private-vlan Motel add subscriber ConfRoom non-isolated # If you omit the loopback-port command, the above command produces the following error message: # Cannot add subscriber because another subscriber vlan is already present on the same port, assign a loopback port when adding the subscriber vlan to the private vlan
# show vlan "ConfRoom" VLAN Interface with name ConfRoom created by user Admin State: Enabled Tagging: 802.1Q Tag 300 Virtual router: VR-Default IPv6: None STPD: None Protocol: Match all unfiltered protocols Loopback: Disabled NetLogin: Disabled QosProfile: None configured Egress Rate Limit Designated Port: None configured Private-VLAN Name: Motel VLAN Type in Private-VLAN: Non-Isolated Subscriber Ports: 13. (Number of active ports=1) Untag: 21, 22, 23, 24, 25, 26, 27, 28, 29 Tag: 1s, 2s, 20, *30L Flags: (*) Active, (!) Disabled, (g) Load Sharing port (b) Port blocked on the vlan, (m) Mac-Based port (a) Egress traffic allowed for NetLogin (u) Egress traffic unallowed for NetLogin (t) Translate VLAN tag for Private-VLAN (s) Private-VLAN System Port, (L) Loopback port (x) VMAN Tag Translated port (G) Multi-switch LAG Group port # Note that the loopback port is flagged with an "L" and listed as a tagged port, and the network VLAN ports are flagged with an "s" and listed as tagged ports.
The following commands configure the Summit on the second floor:
# create and configure the VLANs create vlan Main configure vlan Main tag 100 configure vlan Main add port 2 tagged create vlan ClientConnections configure vlan ClientConnections tag 200 configure vlan ClientConnections add port 5-20 create vlan ConfRoom configure vlan ConfRoom tag 300 # Create and configure the PVLAN named Motel. create private-vlan Motel configure private-vlan Motel add network Main configure private-vlan Motel add subscriber ClientConnections # isolated subscriber VLAN configure private-vlan Motel add subscriber ConfRoom non-isolated
The following commands configure the Summit in the conference room:
# create and configure the VLANs create vlan ClientConnections configure vlan ClientConnections tag 200 configure vlan ClientConnections add port 1-19 configure vlan ClientConnections add port 20 tag create vlan ConfRoom configure vlan ConfRoom tag 300 configure vlan ConfRoom add port 21-30 configure vlan ConfRoom add port 20 tag # The VLANs operate as extensions of the VLANs on the Summit in the first floor closet. There is no PVLAN configuration on this switch.