Some applications require that no traffic be forwarded at Layer 2 between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of the Private VLAN (PVLAN) Edge feature, also known as protected ports, ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch (Figure 1).

The PVLAN Edge feature has the following characteristics:

To configure the PVLAN Edge feature, enter the switchport protected command in interface configuration mode (Figure 2). To disable protected port, use the no switchport protected interface configuration mode command. To verify the configuration of the PVLAN Edge feature, use the show interfaces interface-id switchport global configuration mode command.

Use the Syntax Checker in Figure 3 to configure the PVLAN Edge feature on interface G0/1 and verify the configuration.