104 Cisco LAN Switching Configuration Handbook
Distribution_1 (config)# vtp domain GO-CATS
Distribution_1 (config)# interface gigabitethernet 1/1
Distribution_1 (config-if)# switchport mode trunk
Distribution_1 (config-if)# switchport trunk encapsulation isl
Distribution_1 (config-if)# end
Distribution_1 (config)# interface gigabitethernet 2/1
Distribution_1 (config-if)# switchport mode trunk
Distribution_1 (config-if)# switchport trunk encapsulation dot1q
Distribution_1 (config-if)# end
Distribution_1# copy running-config startup-config
An example of the configuration for Distribution_2 follows:
Router(config)# vtp pruning
Router(config)# interface gigabitethernet 1/1
Router (config-if)# switchport mode trunk
Router (config-if)# switchport trunk encapsulation isl
Router (config-if)# end
Router (config-if)# copy running-config startup-config
An example of the Layer 2 IOS configuration for Access_1 follows
Access_1 #config t
Access_1 (config)# vtp mode client
Access_1 (config)# interface gigabitethernet 0/1
Access_1 (config-if)# switchport mode trunk
Access_1 (config-if)# switchport trunk encapsulation dot1Q
Access_1 (config-if)# switchport trunk pruning vlan remove 10
Access_1 (config-if)# end
Access_1# copy running-config startup-config
6-5: Private VLANs
Private VLANs allow for additional security between devices in a common subnet.
■
■
Private edge VLANs can be configured to prevent connectivity between devices on
access switches.
Private VLANs can be configured on the Catalyst 6000 and Catalyst 4000 series
■
products.
■
Within a private VLAN, you can isolate devices to prevent connectivity between
devices within the isolated VLAN.
Within a private VLAN, communities can be created to allow connection between
■
some devices and to prevent them from communicating with others.
Promiscuous ports are mapped to private VLANs to allow for connectivity to VLANs
■
outside of this network.