• Supported Platforms
• EX Series

• Related Topics
• Example: Configuring a Private VLAN on an EX Series Switch
• Verifying That a Private VLAN Is Working
• Understanding Private VLANs on EX Series Switches

Creating a Private VLAN (CLI Procedure)

The private VLAN (PVLAN) feature on EX Series switches allows an administrator to split a broadcast domain into multiple isolated broadcast subdomains, essentially putting a VLAN inside a VLAN.

Before you begin, make sure you set up your VLANs. See Configuring VLANs for EX Series Switches (CLI Procedure) or Configuring VLANs for EX Series Switches (J-Web Procedure).

Note: Configuring a voice over IP (VoIP) VLAN on PVLAN interfaces is not supported.

To configure a private VLAN:

1. Set the primary VLAN to have no local switching:

   Note: The primary VLAN must be a tagged VLAN.

   
   

   [edit vlans]
user@switch# set primary-vlan-name no-local-switching
2. For each community VLAN, configure access interfaces:

   Note: The secondary VLANs must be untagged VLANs.

   
   

   [edit vlans]
user@switch# set community-vlan-name interface interface-name
3. For each community VLAN, set the primary VLAN:
   
   

   [edit vlans]
user@switch# set community-vlan-name primary-vlan primary-vlan-name
4. For each isolated VLAN, add the interface to the primary VLAN:
   
   

   [edit vlans]
user@switch# set primary-vlan-name interface interface-name