An isolated VLAN's traffic is blocked on all other private ports in the same VLAN. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers.Īn isolated VLAN is a VLAN that is used by isolated ports to communicate with promiscuous ports. You cannot configure VLAN1 or the internally allocated VLANs as private VLANs.Ī private VLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. However, if you enter the no vlan command for a secondary VLAN, the private VLAN associations with that VLAN are suspended and return when you recreate the specified VLAN and configure it as the previous secondary VLAN. If you enter the no vlan command for the primary VLAN, all private VLAN associations with that VLAN are lost. However, when you reconvert the specified VLAN to private VLAN mode, the original associations are reinstated. All primary and secondary associations on that VLAN are suspended, but the interfaces remain in private VLAN mode. When you enter the no private-vlan command, the VLAN returns to the normal VLAN mode. If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive.
Note Before you configure a VLAN as a secondary VLAN, either community or isolated, you must shut down the VLAN interface, or Switched Virtual Interface (SVI), for that VLAN.
CISCO MAC ADDRESS FORMAT HOW TO
This example shows how to change the length of time an entry remains in the MAC address table to 500 seconds for the entire device:
The aging time is counted from the last time that the switch detected the MAC address. When you use the no form of this command and specify a VLAN, the aging time for the VLAN is returned to the current global configuration for the aging time, which might or might not be the default value of 300 seconds depending if the global configuration of the device for the aging time has been changed. When you use this command and specify a VLAN, the aging time for only that specified VLAN is modified. Those VLANs with specifically modified aging times are not modified. When you use the no form of this command without the VLAN parameter, only those VLANs that have not been specifically configured for the aging time reset to the default value. When you use this command in the global configuration mode, the age values of all VLANs for which a configuration has not been specified are modified and those VLANs with specifically modified aging times are not modified. If the system rounds the value to a different value from that specified by the user (from the rounding process), the system returns an informational message. The age value may be rounded off to the nearest multiple of 5 seconds. This example shows how to restart the protocol migration on a specific interface:Įnter 0 seconds to disable the aging process. If you enter the clear spanning-tree detected-protocol command with no arguments, the command is applied to every port of the device. To force the MST port to renegotiate with the neighbors, enter the clear spanning-tree detected-protocol command. Similarly, an MST port assumes that it is a boundary port when the bridges to which it is connected have joined the same region. For example, a Rapid PVST+ bridge that is designated for a legacy 802.1D bridge stays in 802.1D mode even after the legacy bridge has been removed from the link. These mechanisms are not always able to revert to the most efficient mode. An MST bridge can detect that a port is at the boundary of a region when it receives a legacy BPDU or an MST BPDU that is associated with a different region. For example, a bridge running Rapid PVST+ can send 802.1D bridge protocol data units (BPDUs) on one of its ports when it is connected to a legacy bridge.
CISCO MAC ADDRESS FORMAT PLUS
Rapid per VLAN Spanning Tree Plus (Rapid PVST+) and Multiple Spanning Tree (MST) have built-in compatibility mechanisms that allow them to interact properly with other versions of IEEE spanning tree or other regions. To clear the dynamic address entries from the MAC address table in Layer 2, use the clear mac address-table dynamic command.Ĭlear mac address-table dynamic Syntax Description This chapter describes the Cisco NX-OS Layer 2 commands. Switchport private-vlan trunk native vlan Switchport private-vlan trunk allowed vlan Switchport private-vlan association trunk Switchport mode private-vlan trunk secondary Switchport mode private-vlan promiscuous trunk
Spanning-tree port type edge bpduguard default Spanning-tree port type edge bpdufilter default Cisco NX-OS Layer 2 Commands Table Of Contents