Private vlans

access_time 2018-10-26T12:27:46.472Z face atul CCNP

A private VLAN is defined as a pairing of a primary VLAN with a secondary VLAN. Primary VLANs are the normal VLANs we all know and love. Secondary VLANs use the same VLAN ID range and are defined in the same manner as primary VLANs, but are specially designated to operate as secondary VLANs in one of two modes:

  • Isolated - The end points of all ports assigned to an isolated private VLAN cannot communicate with one another, nor with host ports in any other private VLANs.
  • Community - End points attached to community ports can communicate with one another, but not with ports in other private VLANs.

An access port assigned to a private VLAN operates in one of two modes:

  • Host - The port inherits its behavior from the type of private VLAN it is assigned to.
  • Promiscuous - The port can communicate with any other private VLAN port in the same primary VLAN.

vtp mode transparent

Vlan 501
private-vlan community 
Vlan 502
private-vlan isolated

Vlan 500
private-vlan primary 
private-vlan association add 501
private-vlan association add 502

int range gi0/1 - 2
switchport mode private-vlan host
switchport private-vlan host-assoc 500 501

int range gi1/0 - 1
switchport mode private-vlan host
switchport private-vlan host-assoc 500 502

int gi0/3
 switchport mode private-vlan promiscuous
 switchport private-vlan mapping 500 501-502



Office :

Networkkings IT services  Private Limited, Chandigarh Citi Center , VIP Road, D& E Block 3rd floor, Zirakpur, Chandigarh



Toll Free

1800 120 1334 ( India )


+1 (647) 694-0111 ( International )
Alternate No +91 1762- 500341
WE do not OFFER REFUNDS as these are digital products. These are live Class recordings. Please watch our free previews before payment.