To configure a PVLAN, you must provide the following information:
Primary VLAN ID. The primary VLAN ID is the port VLAN ID (PVID) that is used to configure a PVLAN for a single virtual network device. This configuration ensures that a guest domain does receive VLAN packets. Note that you cannot configure VIDs with a PVLAN.
Secondary VLAN ID. A secondary VLAN ID is used by a particular VLAN to provide PVLAN functionality. secondary-vid is the secondary VLAN ID and is an integer value in the range of 1-4094. A primary VLAN can have many secondary VLANs, with the following restrictions:
Neither the primary VLAN ID nor the secondary VLAN ID can be the same as the default VLAN ID.
The primary VLAN ID and the secondary VLAN ID cannot have the same values for both isolated and community PVLAN types.
Each primary VLAN can have a single isolated PVLAN associated with it. All virtual networks configured with this secondary PVLAN ID are isolated from each other and from any configured community PVLANs.
A primary VLAN can have multiple community VLANs with the following restrictions:
A primary VLAN ID cannot be used as secondary VLAN ID create another community PVLAN.
For example, you have a community PVLAN with a primary VLAN ID of 3 and a secondary VLAN ID of 100, you cannot create another community PVLAN that uses 3 as the secondary VLAN ID.
A secondary VLAN ID cannot be used as primary VLAN ID to create a community PVLAN.
For example, you have a community PVLAN with a primary VLAN ID of 3 and a secondary VLAN ID of 100, you cannot create another community PVLAN that uses 100 as the primary VLAN ID.
The secondary VLAN ID cannot be used already as a VLAN ID for regular virtual networks or VNICs.
Caution - The Logical Domains Manager can validate only the configuration of the virtual networks on a particular virtual switch. If a PVLAN configuration is set up for Oracle Solaris VNICs on the same back-end device, ensure that the same requirements are met across all VNICs and virtual networks.
PVLAN type. The available PLVAN types are isolated and community.
isolated. The ports that are associated with an isolated PVLAN are isolated from all of the peer virtual networks and Oracle Solaris virtual NICs on the back-end network device. The packets reach only the external network based on the values you specified for the PVLAN.
community. The ports that are associated with a community PVLAN can communicate with other ports that are in the same community PVLAN but are isolated from all other ports. The packets reach the external network based on the values you specified for the PVLAN.