Private VLANs (PVLANs) provide Layer 2 isolation between ports within the same broadcast domain. When a PVLAN spans multiple switches, a special type of trunk configuration is required to maintain the isolation and community logic across the inter-switch links.
Isolated VLAN Trunking (Option D):To extend an isolated VLAN across multiple switches, you must configure the trunk port on each switch to allow the isolated VLAN ID. In Junos OS, this is specifically achieved by configuring the interface as a trunk and associating it with the primary VLAN and the specific isolated VLAN. The correct syntax for enabling this inter-switch communication is to configure trunk ports that recognize the isolated VLAN tag (e.g., set interfaces unit 0 family ethernet-switching vlan members [ primary-vlan isolated-vlan ]).
Forwarding Rules:Traffic from an isolated port on Switch A must reach a promiscuous port (often on Switch B) to exit the PVLAN. The inter-switch trunk carries this traffic using the secondary (isolated) VLAN ID, ensuring that it remains isolated from other host ports on the remote switch.
Option A (inter-switch-link):In standard Junos switching, the inter-switch-link statement is used in Virtual Chassis or specific fabric designs, but for standard PVLAN extension, standard 802.1Q trunking with secondary VLAN IDs is the mechanism used.
Options B and C:These describe specific portroles(isolated vs. community) rather than the method used to enable trunking between switches.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit