Skip to main content

Cisco PVLAN configuration details


CCIE exam dumps Cisco PVLAN configuration details

PVLAN is private VLAN . The PVLAN uses two-layer VLAN isolation technology. Only the upper VLANs are visible globally, and the lower VLANs are isolated from each other.ccie exam dumps .If each port of a switch or IP DSLAM device is zoned as one (lower) VLAN, isolation of all ports is achieved.

pVLANs are typically used on intranets to prevent communication between network devices connected to certain interfaces or groups of interfaces, but allow communication with the default gateway. Although each device is in a different pVLAN, they can use the same IP subnet.

PVLANs allow traffic to be limited between certain ports within the same VLAN

PVLAN implements port isolation in one VLAN.








With the rapid development of the network, users put forward higher requirements for the security of network data communication, such as preventing hacker attacks and controlling virus transmission, etc., all of which require the relative security of network users to communicate;ccie exam dumps The traditional solution is to assign each client a VLAN and associated IP subnet. By using VLANs, each client is isolated from Layer 2 to prevent any malicious behavior and Ethernet snooping.However, this model of assigning a single VLAN and IP subnet per customer creates enormous scalability limitations. These limitations mainly include the following aspects.


(1) VLAN limitation: the limitation of the number of VLANs inherent in the switch;

(2) Complex STP: For each VLAN, the topology of each relevant Spanning Tree needs to be managed;

(3) The shortage of IP addresses: the division of IP subnets will inevitably result in the waste of some IP addresses;

(4) Routing restrictions: Each subnet requires a corresponding default gateway configuration.


Therefore, a new VLAN mechanism has emerged, which is a PVLAN.



PVLANs have two VLANs:

Primary vlan and auxiliary vlan.

The auxiliary vlan contains two types of vlan:

lsolated vlan and Community vlan

Two port types of PVLAN:

Promiscuous Port and Host Port

The "hybrid port" belongs to the "Primary VLAN"; the "host port" belongs to the "Secondary VLAN".Since the "Secondary VLAN" has two attributes, the "host port" in the "Secondary VLAN" differs depending on the "Secondary VLAN" attribute, that is, the "Host Port" inherits the "Secondary VLAN".ccie exam dumps Attributes.As can be seen from this, "host ports" are also divided into two categories - "isolated port" and "community port".

A physical port on a switch in a pVLAN is either a "promiscuous port" or an "isolated" port or a "community" port.



PVLAN usage notes:

1. There is at least one "Secondary VLAN" in a "Primary VLAN" with no upper limit.

2. There can only be one "Isolated VLAN" in a "Primary VLAN", and there can be multiple "Community VLANs".

3. Any port between different "Primary VLANs" cannot communicate with each other (here "communication with each other" refers to Layer 2 connectivity).

4. "Isolated Port" can only communicate with "hybrid ports" and cannot communicate with any other port.

5. "Community port" can communicate with "promiscuous port" or with other physical ports in the same "Community VLAN", and cannot communicate with other ports.

6. There can only be one "Promiscuous Port" in a "Primary PVLAN";

7. To create PVLAN money, you need to configure the switch VTP to be in transparent mode.

8. The Layer 3 Vlan interface can only be assigned to the primary VLAN.

9. You cannot configure etherchannel in PVLAN.

At present, many vendors support PVLAN technology. Pvlan has obvious advantages in solving the security of the same letter and preventing broadcast storms, and it helps network optimization.


Publisher:IE LAB

publish Website: http://ielab.network

WhatsApp: +8617782638871

Skype:live:ielab.anna

Comments

Post a Comment

Popular posts from this blog

Cisco ccie exam Linux overview and history

      Cisco ccie exam Linux overview and history Simply put, the Linux operating system is a clone of the UNIX operating system, which was born on October 5, 1991 (the first time it was officially announced). It's the same as Microsoft's Windows, apple's MAC OS and android on mobile phones. Cisco ccie exam.Compared to ordinary people, Linux system may be relatively unfamiliar, and most of them are probably familiar with Windows system. Since the graphical interface of Windows is simpler and easier to use, Windows occupies more markets, and Linux systems are mainly command-line operations, which are more demanding for professionalism.Cisco ccie exam Linux systems are stable, secure, and have strong concurrency, so they are widely used in the server field. The professional servers are almost all Linux systems. Linux is open source, free, everyone can see the source code of Linux, you can use Linux for free. And the Linux kernel is short and lean, and some can only be a ...
Post a Comment
Read more

Cisco ccie exam You must know about SD-WAN... (1)

Cisco ccie exam You must know about SD-WAN... (1) 1. What is SD-WAN? "SD-WAN is a service formed by applying SDN technology to a wide area network scenario. Cisco ccie exam.This service is used to connect a wide range of enterprise networks, including enterprise branches and data centers."Although in many consulting reports or vendor solutions, SD-WAN is often limited to the networking scenarios where enterprise branch offices are interconnected.However, based on the definition of SD-WAN, the application scenarios of SD-WAN can be summarized into three categories: enterprise interconnection, data center interconnection and cloud interconnection scenarios. The enterprise interconnection SD-EN (SDN based Enterprise Network) focuses on the WAN connection on the user side, providing an efficient SDN-based solution for the connection between the enterprise headquarters and branch offices across the WAN.SD-DCI (SDN based Data Center Interconnection) refers to an SDN-based solutio...
Post a Comment
Read more

CCIE LAB EXAM Three minutes to learn the application of NAT address translation technology

CCIE LAB EXAM  Three minutes to learn the application of NAT address translation technology NAT translates the private IP address into the external network IP address through the border route, and records the conversion mapping record in the NAT address translation table of the border route.When external data is returned, the route uses NAT technology to query the NAT translation table, and then replaces the destination address with the IP address of the intranet user. ccie lab dumps Before we learned the theoretical information of NAT, we know its specifi...
Post a Comment
Read more