Private VLANs

Question 1

What are private VLANs?

Answer 1

VLANs that have limited access to other VLANs on the network, or even limited access to other hosts on the same VLAN.

Question 2

What are the three type of private VLANs?

Answer 2

Community VLANs, isolated VLANs, and Primary VLANs.

Question 3

Describe a community VLAN.

Answer 3

Hosts on community VLANs can speak to each other but cannot talk to other VLANs on the network.

Question 4

Describe an isolated VLAN.

Answer 4

Hosts on an isolated VLAN cannot talk to other VLANs on the network or even other hosts in the same isolated VLAN.

Question 5

List two benefits of private VLANs.

Answer 5

Increased security, and the ability to use the same IP range across multiple VLANs without subnetting.

Question 6

Describe a primary VLAN.

Answer 6

Primary VLANs contain the gateway used by community and isolated VLANs to get out of the network. Primary VLANs can only be reached via a promiscuous port.

Question 7

Describe a promiscuous port.

Answer 7

A promiscuous port is the only type of port that community and isolated VLANs are allowed to use to access their gateway.

Question 8

What feature must be disabled for private VLANs to work?

Answer 8

VTP. It must be set to transparent or off.

Question 9

Briefly describe the steps in configuring private VLANs.

Answer 9

1. Configure a primary VLAN and associate it with your community and isolated VLANs.
2. Configure your community and isolated VLANs.
3. Configure your promiscuous interface and associate it with all private VLANs (primary, community and isolated).
4. Configure your community and isolated ports and associate them with their respective VLAN AND the primary VLAN.