What is Private VLAN and what are the port roles in them?

Private VLAN is a layer 2 network structure which an extension of the common VLAN technology. Within a Private VLAN domain there are three very different port designations exist. Each port designation has its own unique set of rules, which regulate a connected endpoint’s ability to communicate with other endpoints connected to ports within the Private VLAN.

Promiscuous—: A promiscuous port can communicate with all interfaces, including the isolated and community ports within a PVLAN.

Isolated—: An isolated port has complete Layer 2 separation from the other ports within the same PVLAN, but not from the promiscuous ports. Private VLANs block all traffic to isolated ports other than traffic from promiscuous ports. Traffic from isolated port is forwarded only to promiscuous ports.

Community:— Community ports communicate among themselves and with their promiscuous ports. These interfaces are separated at Layer 2 from all other interfaces in other communities or isolated ports within their Private VLAN.