Which IOS interface configuration command is required to configure a switch port to be a promiscuous PVLAN access port?

Last Updated on August 1, 2021 by Admin 2

300-420 : All Parts

300-420 : Designing Cisco Enterprise Networks (ENSLD) : All Parts
300-420 Part 01	300-420 Part 05
300-420 Part 02	300-420 Part 06
300-420 Part 03	300-420 Part 07
300-420 Part 04

Which IOS interface configuration command is required to configure a switch port to be a promiscuous PVLAN access port?

switchport mode promiscuous
switchport mode promiscuous-vlan
switchport mode private-vlan host
switchport mode private-vlan promiscuous

Explanation:

A promiscuous port type can send frames to all other ports in the same private VLAN (PVLAN). The switchport mode private-vlan promiscuous command configures a port to be a promiscuous port. The syntax is as follows:

switch(config-if)# switchport mode private-vlan promiscuous

There are three types of ports in a private VLAN (PVLAN): promiscuous, isolated, and community. A promiscuous port can send and receive frames with other promiscuous, isolated, or community ports assigned to the same private VLAN. Isolated ports are able to send frames to promiscuous ports, but not to each other. A community port can communicate with other community ports of the same private VLAN or with promiscuous ports.

Private VLANs are supported on switches that allow the configuration of primary and secondary VLANs. A primary VLAN carries the traffic between the promiscuous port and the isolated and community ports assigned to the same primary VLAN. There are two types of secondaryVLANs, isolated and community. Isolated VLANs carry traffic from isolated ports to promiscuous ports. Community VLANs carry traffic between community ports and to the promiscuous port. Therefore, on a promiscuous port, you would use the following command syntax to configure its primary and secondary VLANs:

switch(config-if)# private-vlan mapping primary_vlan_id secondary_vlan_id

PVLANs are created using the following special VLAN configuration commands:

switch(config)# vlan vlan_id
switch(config-vlan)# private-vlan [primary | isolated | community]
switch(config-vlan)# private-vlan association secondary_vlan_list

Host ports are defined using the following special PVLAN configuration command:

switch(config-if)# switchport mode private-vlan host

The command used for isolated and community ports is as follows:

switch(config-if)# switchport mode private-vlan host-association primary_vlan_id secondary_vlan_id

Objective:
Infrastructure Security
Sub-Objective:
Configure and verify switch security features

300-420 : All Parts

300-420 : Designing Cisco Enterprise Networks (ENSLD) : All Parts
300-420 Part 01	300-420 Part 05
300-420 Part 02	300-420 Part 06
300-420 Part 03	300-420 Part 07
300-420 Part 04

0 0 votes

Article Rating

0 Comments

Inline Feedbacks

View all comments

Which IOS interface configuration command is required to configure a switch port to be a promiscuous PVLAN access port?

You Might Also Like

Which of the following IP addresses are valid Class B host addresses if a default Class B mask is in use? (Choose all that apply.)

You need to ensure that the co-worker uses the updated version of the component library. What should you do?

Why is it vitally important that senior management endorse a security policy?