– There are two types of secondary VLAN — community VLAN and isolated VLAN.PVLAN port types include:• Community port — a port that belongs to a community VLAN and is allowed to communicate with other ports in the samecommunity VLAN and with promiscuous ports.• Host port — in the context of a private VLAN, is a port in a secondary VLAN:– The port must first be assigned that role in INTERFACE mode.– A port assigned the host role cannot be added to a regular VLAN.• Isolated port — a port that, in Layer 2, can only communicate with promiscuous ports that are in the same PVLAN.• Promiscuous port — a port that is allowed to communicate with any other port type in the PVLAN:– A promiscuous port can be part of more than one primary VLAN.– A promiscuous port cannot be added to a regular VLAN.• Trunk port — carries traffic between switches:– A trunk port in a PVLAN is always tagged.– In tagged mode, the trunk port carries the primary or secondary VLAN traffic. The tag on the packet helps identify the VLANto which the packet belongs.– A trunk port can also belong to a regular VLAN (non-private VLAN).Each of the port types can be any type of physical Ethernet port, including port channels (LAGs). For more information about portchannels, refer to Port Channel Interfaces in the Interfaces chapter.For an introduction to VLANs, refer to Layer 2.Using the Private VLAN CommandsTo use the PVLAN feature, use the following commands.• Enable/disable Layer 3 communication between secondary VLANs.INTERFACE VLAN mode[no] ip local-proxy-arpNOTE: Even after you disable ip-local-proxy-arp (no ip-local-proxy-arp) in a secondary VLAN, Layer 3communication may happen between some secondary VLAN hosts, until the address resolution protocol (ARP)timeout happens on those secondary VLAN hosts.• Set the mode of the selected VLAN to community, isolated, or primary.INTERFACE VLAN mode[no] private-vlan mode {community | isolated | primary}• Map secondary VLANs to the selected primary VLAN.INTERFACE VLAN mode[no] private-vlan mapping secondary-vlan vlan-list• Display type and status of PVLAN interfaces.EXEC mode or EXEC Privilege modeshow interfaces private-vlan [interface interface]• Display PVLANs and/or interfaces that are part of a PVLAN.EXEC mode or EXEC Privilege modeshow vlan private-vlan [community | interface | isolated | primary | primary_vlan |interface interface]560 Private VLANs (PVLAN)