The Cloud Router Switches CRS112 use Port Isolation profiles for Private VLAN implementation:
Uplink ports – Port-level isolation profile 0
Isolated ports – Port-level isolation profile 1
This example requires a group of switched ports. Assume that all ports used in this example are in one switch group.
Plaintext
/interface bridge
add name=bridge1
/interface bridge port
add bridge=bridge1 interface=ether1 hw=yes
add bridge=bridge1 interface=ether2 hw=yes
add bridge=bridge1 interface=ether3 hw=yes
add bridge=bridge1 interface=ether4 hw=yes
add bridge=bridge1 interface=ether5 hw=yes
add bridge=bridge1 interface=ether6 hw=yes
add bridge=bridge1 interface=ether7 hw=yes
add bridge=bridge1 interface=ether8 hw=yes
add bridge=bridge1 interface=sfp9 hw=yes
add bridge=bridge1 interface=sfp10 hw=yes
add bridge=bridge1 interface=sfp11 hw=yes
add bridge=bridge1 interface=sfp12 hw=yesThe first part of port isolation configuration is setting the Uplink port – set port profile to 0 for sfp9:
Plaintext
/interface ethernet switch port
set sfp9 isolation-leakage-profile-override=0Then continue with setting isolation profile 1 to all isolated ports and adding the communication port for port isolation profile 1:
Plaintext
/interface ethernet switch port
set ether1 isolation-leakage-profile-override=1
set ether2 isolation-leakage-profile-override=1
set ether3 isolation-leakage-profile-override=1
set ether4 isolation-leakage-profile-override=1
set ether5 isolation-leakage-profile-override=1
set ether6 isolation-leakage-profile-override=1
set ether7 isolation-leakage-profile-override=1
set ether8 isolation-leakage-profile-override=1
set sfp10 isolation-leakage-profile-override=1
set sfp11 isolation-leakage-profile-override=1
set sfp12 isolation-leakage-profile-override=1
/interface ethernet switch port-isolation
add port-profile=1 ports=sfp9 type=dst
