Page 1 Introduction General information Configuration SIMATIC NET Functions specific to SCALANCE Industrial Ethernet switches SCALANCE XB-200/XC-200/ System time XF-200BA/XP-200/XR-300WG Command Line Interface Network structures Configuration Manual Network protocols Layer 2 management protocols Layer 3 functions Load control Security and authentication Diagnostics 07/2017 C79000-G8976-C361-06...
Page 2 Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems.
Page 3: Table Of Contents
Table of contents Introduction..............................21 General information............................25 System functions hardware equipment..................25 Configuration limits.........................28 Features not supported......................30 Working with the Command Line Interface (CLI)..............31 Structure of the Command Line Interface................32 The CLI command prompt.....................34 Symbols of the CLI commands....................35 Addresses and interface names.....................36 2.8.1 Naming interfaces........................36 2.8.2...
Page 4 Table of contents 3.1.1.13 show lldp status........................56 3.1.1.14 show broadcast-block config....................56 3.1.1.15 show unicast-block config......................57 3.1.1.16 show multicast-block config....................58 3.1.1.17 show versions........................58 3.1.2 clear counters.........................59 3.1.3 clear line vty...........................60 3.1.4 configure terminal........................61 3.1.5 disable............................61 3.1.6 enable............................62 3.1.7 logout.............................63 3.1.8 ping............................63 3.1.9 Commands in the global configuration mode.................64 3.1.9.1...
Page 5 Table of contents 3.2.5 Commands in the global configuration mode.................94 3.2.5.1 loadsave..........................94 3.2.6 Commands in the LOADSAVE configuration mode...............95 3.2.6.1 delete.............................95 3.2.6.2 password..........................96 3.2.6.3 no password...........................97 3.2.6.4 tftp filename..........................97 3.2.6.5 tftp load..........................98 3.2.6.6 tftp save..........................99 3.2.6.7 tftp server..........................100 Reset and Defaults.......................102 3.3.1 restart...........................102 Configuration Save &...
Page 6 Table of contents Functions specific to SCALANCE......................127 PLUG...........................128 4.1.1 The "show" commands......................128 4.1.1.1 show plug..........................128 4.1.2 Commands in the global configuration mode...............128 4.1.2.1 plug............................129 4.1.3 Commands in the Plug configuration mode.................129 4.1.3.1 factoryclean..........................129 4.1.3.2 write............................130 WBM............................131 4.2.1 The "show" commands......................131 4.2.1.1 show web-session-timeout....................131 4.2.2...
Page 7 Table of contents 5.2.3.3 ntp time diff...........................152 SNTP client..........................154 5.3.1 The "show" commands......................154 5.3.1.1 show sntp broadcast-mode status..................154 5.3.1.2 show sntp unicast-mode status....................154 5.3.1.3 show sntp status........................155 5.3.2 Commands in the global configuration mode...............155 5.3.2.1 sntp............................156 5.3.3 Commands in the SNTP configuration mode...............156 5.3.3.1 sntp client addressing-mode....................156 5.3.3.2...
Page 8 Table of contents 6.1.3.16 switchport pvid........................191 6.1.3.17 no switchport pvid........................191 6.1.4 Commands in the VLAN configuration mode (VLAN Bridge)..........192 6.1.4.1 name............................192 6.1.4.2 no name..........................193 6.1.4.3 ports.............................194 6.1.4.4 no ports..........................195 6.1.4.5 priority..........................197 6.1.4.6 no priority..........................198 6.1.4.7 priority-enable........................199 6.1.4.8 no priority-enable.........................199 6.1.4.9 private-vlan...........................200 6.1.4.10 no private-vlan........................201...
Page 9 Table of contents 6.3.4.1 spanning-tree........................228 6.3.4.2 no spanning-tree........................229 6.3.4.3 spanning-tree compatibility....................230 6.3.4.4 no spanning-tree compatibility.....................231 6.3.4.5 spanning-tree mst configuration...................231 6.3.4.6 spanning-tree mst instance-id root..................232 6.3.4.7 no spanning-tree mst instance-id root..................233 6.3.4.8 spanning-tree mst max-hops....................234 6.3.4.9 no spanning-tree mst max-hops...................235 6.3.4.10 spanning-tree priority......................235 6.3.4.11 no spanning-tree priority......................236...
Page 10 Table of contents Network protocols.............................269 IPv4 protocol........................270 7.1.1 The "show" commands......................270 7.1.1.1 show ip gateway........................270 7.1.1.2 show ip telnet........................270 7.1.1.3 show dcp server........................271 7.1.1.4 show dcp forwarding......................271 7.1.2 Commands in the global configuration mode...............272 7.1.2.1 ip gateway..........................272 7.1.2.2 no ip gateway........................273 7.1.2.3 ip echo-reply.........................274 7.1.2.4...
Page 11 Table of contents 7.3.3.7 no pool-enable........................300 7.3.3.8 ports.............................300 7.3.3.9 no ports..........................301 7.3.3.10 relay-information........................302 7.3.3.11 no relay-information......................303 7.3.3.12 set-interface.........................304 7.3.3.13 static-lease...........................305 7.3.3.14 no static-lease........................306 DHCP Relay.........................308 7.4.1 The "show" commands......................308 7.4.1.1 show dhcp server.........................308 7.4.1.2 show ip dhcp relay information.....................308 7.4.2 Commands in the Global Configuration mode..............309 7.4.2.1 ip dhcp server........................309...
Page 12 Table of contents 7.5.2.7 no snmp community index....................335 7.5.2.8 snmp engineid migrate......................336 7.5.2.9 no snmp engineid migrate....................336 7.5.2.10 snmp group..........................337 7.5.2.11 no snmp group........................338 7.5.2.12 snmp notify...........................339 7.5.2.13 no snmp notify........................340 7.5.2.14 snmp targetaddr........................341 7.5.2.15 no snmp targetaddr......................343 7.5.2.16 snmp targetparams......................343 7.5.2.17 no snmp targetparams......................345 7.5.2.18...
Page 13 Table of contents 7.10.2.1 ssh-server..........................367 7.10.2.2 no ssh-server........................367 Layer 2 management protocols........................369 GARP...........................370 8.1.1 The "show" commands......................370 8.1.1.1 show forward-all........................370 8.1.1.2 show forward-unregistered....................370 8.1.2 Commands in the global configuration mode...............371 8.1.2.1 gmrp.............................371 8.1.2.2 no gmrp..........................372 8.1.2.3 gvrp............................373 8.1.2.4 no gvrp..........................373 IGMP snooping........................375 8.2.1 The "show"...
Page 14 Table of contents 8.4.5.5 no ring-redundancy......................397 8.4.5.6 ring-redundancy standby......................398 8.4.5.7 no ring-redundancy standby....................399 8.4.6 Commands in the redundancy configuration mode..............399 8.4.6.1 linkcheck..........................400 8.4.6.2 no linkcheck.........................401 8.4.6.3 ring ports..........................402 8.4.6.4 standby connection-name....................403 8.4.6.5 no standby connection-name....................404 8.4.6.6 standby force-master......................404 8.4.6.7 no standby force-master......................405 8.4.6.8 standby port.........................405 8.4.6.9...
Page 15 Table of contents 9.1.1.1 show ip nat config........................432 9.1.1.2 show ip nat service.......................433 9.1.1.3 show ip nat service portrange....................434 9.1.1.4 show ip nat summary......................434 9.1.1.5 show ip nat...........................435 9.1.2 Commands in the global configuration mode...............436 9.1.2.1 ip nat............................436 9.1.2.2 no ip nat..........................437 9.1.2.3 ip nat timeout........................437 9.1.2.4...
Page 16 Table of contents 10.2.3.1 switchport ingress-filter......................469 10.2.3.2 no switchport ingress-filter....................470 10.3 Dynamic MAC aging......................471 10.3.1 The "show" commands......................471 10.3.1.1 show mac-address-table aging-time..................471 10.3.1.2 show mac-address-table aging-status.................471 10.3.2 Commands in the global configuration mode...............472 10.3.2.1 mac-address-table aging-time....................472 10.3.2.2 no mac-address-table aging-time..................473 10.3.2.3 mac-address-table aging......................474 10.3.2.4...
Page 17 Table of contents 11.1.4.2 user-account........................502 11.1.4.3 no user-account........................504 11.1.4.4 username..........................504 11.2 RADIUS client........................506 11.2.1 The "show" commands......................506 11.2.1.1 show radius statistics......................506 11.2.1.2 show radius server.......................506 11.2.2 Commands in the global configuration mode...............507 11.2.2.1 login authentication......................507 11.2.2.2 no login authentication......................508 11.2.2.3 radius-server........................509 11.2.2.4 no radius-server........................511...
Page 18 Table of contents 11.5.3.8 no dot1x mac-auth.......................534 11.5.3.9 dot1x mac-auth port reset....................534 11.5.3.10 dot1x mac-auth vlan-assign....................535 11.5.3.11 no dot1x mac-auth vlan-assign....................536 11.5.3.12 set dot1x mac-auth mac-addr count..................536 11.5.3.13 dot1x port-control.........................537 11.5.3.14 no dot1x port-control......................538 11.5.3.15 dot1x reauthentication......................539 11.5.3.16 no dot1x reauthentication.....................539 Diagnostics...............................541 12.1 Event and fault handling.......................542...
Page 19 Table of contents 12.2.2.3 fmp power-loss........................570 12.2.2.4 fmp rx-power........................571 12.3 Syslog client.........................573 12.3.1 The "show" commands......................573 12.3.1.1 show events syslogserver....................573 12.3.2 Commands in the Events configuration mode..............573 12.3.2.1 syslogserver.........................574 12.3.2.2 no syslogserver........................575 12.4 RMON..........................576 12.4.1 The "show" commands......................576 12.4.1.1 show rmon..........................576 12.4.2 Commands in the global configuration mode...............577 12.4.2.1...
Page 20 Table of contents 12.6.3.3 loopd port reset........................605 12.6.3.4 no loopd port reset.......................606 12.6.3.5 loopd reaction local......................607 12.6.3.6 no loopd reaction local......................607 12.6.3.7 loopd reaction remote......................608 12.6.3.8 no loopd reaction remote.....................609 Index.................................611 SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 21: Introduction
This Configuration Manual applies to the following software versions: ● SCALANCE XB-200 firmware as of version 3.0 ● SCALANCE XC-200 firmware as of version 3.0 ● SCALANCE XF-200BA firmware as of version 3.1 ● SCALANCE XP-200 firmware as of version 3.0 ●...
Page 22 ● On the data medium that ships with some products: – Product CD / product DVD – SIMATIC NET Manual Collection ● On the Internet pages of Siemens Industry Online Support at. – SCALANCE XB-200 (https://support.industry.siemens.com/cs/ww/en/ps/15291/man) – SCALANCE XC-200 (https://support.industry.siemens.com/cs/ww/en/ps/24185/man) –...
Page 23 ● On the data medium that ships with some products: – Product CD / product DVD – SIMATIC NET Manual Collection ● On the Internet pages of Siemens Industry Online Support under the following entry IDs: – 27069465 (http://support.automation.siemens.com/WW/view/en/27069465) Industrial Ethernet / PROFINET Industrial Ethernet System Manual –...
Page 24 Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer’s exposure to cyber threats.
Page 25: General Information
General information System functions hardware equipment Availability of the system functions The following table shows the availability of the system functions on the IE switches. Note that all functions are described in this configuration manual and in the online help. Depending on your IE switch, some functions are not available.
Page 26: Load Control
General information 2.1 System functions hardware equipment SCALANCE SCALANCE SCALANCE SCALANCE SCALANCE XB-200 XR-300WG XC-200 XP-200 XF-200BA Layer 2 Sending priorities ✓ ✓ ✓ CoS assignment ✓ ✓ ✓ ✓ ✓ DSCP Mapping ✓ ✓ ✓ ✓ ✓ QoS prioritization ✓...
Page 27 General information 2.1 System functions hardware equipment SCALANCE SCALANCE SCALANCE SCALANCE SCALANCE XB-200 XR-300WG XC-200 XP-200 XF-200BA Layer 3 Single-Hop Inter-VLAN- ✓ ✓ Routing DHCP relay agent ✓ ✓ ✓ ✓ ✓ Common agent address ✓ ✓ ✓ ✓ NAT/NAPT ✓...
Page 28: Configuration Limits
General information 2.2 Configuration limits Configuration limits Configuration limits of the device The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device. Depending on your IE switch, some functions are not available. Configurable function Maximum number SCALANCE...
Page 29 General information 2.2 Configuration limits Configurable function Maximum number SCALANCE SCALANCE SCALANCE SCALANCE SCALANCE XB-200 XR-300WG XC-200 XP-200 XF-200BA Layer VLAN IP interfaces DHCP Relay Agent interfaces DHCP Relay Agent server NAT interfaces Secur‐ Users (incl. user preset in the factory "admin") IP addresses from RADIUS servers Simultaneous MAC authentications 4000...
Page 30: Features Not Supported
Even if these features are are listed as parameters in the documentation and are displayed by the help functions help and ? you cannot execute them with a SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XP-200 and SCALANCE XR-300WG. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface...
Page 31: Working With The Command Line Interface (Cli)
General information 2.4 Working with the Command Line Interface (CLI) Working with the Command Line Interface (CLI) Introduction All the configuration settings for the device can be made using the Command Line Interface (CLI). The CLI therefore provides the same options as Web Based Management (WBM). You should read the detailed explanations of the parameters in the relevant configuration manual "Web Based Management".
Page 32: Structure Of The Command Line Interface
General information 2.5 Structure of the Command Line Interface Structure of the Command Line Interface Grouping of the commands in the various modes The commands of the Command Line Interface are grouped according to various modes. Apart from a few exceptions (help, exit), commands can only be called up in the mode to which they are assigned.
Page 33 General information 2.5 Structure of the Command Line Interface To be able to modify configuration parameters, you need to change to the Privileged EXEC mode. Note Default user "user" set in the factory As of firmware version 2.1 the default user set in the factory "user" is no longer available when the product ships.
Page 34: The Cli Command Prompt
General information 2.6 The CLI command prompt The CLI command prompt Overview The Command Line Interface prompt shows the following information: ● The mode in which the CLI is currently operating. Most commands can only be called in a particular mode. You should therefore check the CLI mode based on the command prompt.
Page 35: Symbols Of The Cli Commands
General information 2.7 Symbols of the CLI commands Symbols of the CLI commands Symbols for representing CLI commands When setting parameters for CLI commands, the following characters are used: Charac‐ Meaning < ... > mandatory parameter Instead of the expression in parenthesis, you must enter a value [ ...
Page 36: Addresses And Interface Names
General information 2.8 Addresses and interface names Addresses and interface names 2.8.1 Naming interfaces Addressing interfaces The devices have several types of interface that are addressed in different ways. Addressing physical interfaces The following notation applies to all commands that address a physical interface: ●...
Page 37 General information 2.8 Addresses and interface names The devices support the following interface types: Abbreviation/acronym Devices interface-type SCALANCE XB-200 fast-ethernet SCALANCE XC-200 SCALANCE XF-200BA SCALANCE XP-200 SCALANCE XC206-2SFP (depending gigabitethernet on the pluggable transceivers) SCALANCE XP-200 SCALANCE XR-300WG Available interface identifiers All physical interfaces of the devices are called module 0.
Page 38: Address Types, Address Ranges And Address Masks
General information 2.8 Addresses and interface names 2.8.2 Address types, address ranges and address masks Overview Since the various types of addresses can be represented by different notations, the notations used in the Command Line Interface are shown below: ● IPv4 addresses Addresses for the Internet Protocol version 4 are written in the decimal notation of four numbers from the range 0 to 255, separated by a period.
Page 39: General Cli Commands
General information 2.9 General CLI commands General CLI commands This section describes commands that you can call up in any mode. 2.9.1 clear screen Description With this command, you clear the screen. The command prompt is displayed. Syntax Call the command without parameters: clear screen Result The screen is cleared.
Page 40: Exit
General information 2.9 General CLI commands 2.9.3 exit Description With this command, you close the current mode. Syntax Call the command without parameters: exit Result The current mode was exited. You are then at the next higher level. If you are in Privileged EXEC Modus or in User EXEC Modus mode, you will be logged out. 2.9.4 Help functions and supported input The Command Line Interface provides various functions that are helpful when making entries...
Page 41: The Command
General information 2.9 General CLI commands Result The syntax of the command is displayed. Syntax If you call up help without parameters, you will obtain a list of all permitted commands in the current mode: help Result The mode-specific as well as the global commands are displayed. Note Incomplete command names If you have specified an incomplete command when calling help, a list of all commands that...
Page 42: Completion Of Command Entries
General information 2.9 General CLI commands Note Output in pages With long lists, the results are displayed as pages. If -- more -- appears at the lower edge of the display, you can move to the next page with the spacebar. If the display is in pages, you cannot page back.
Page 43: Reusing The Last Used Commands
General information 2.9 General CLI commands This is only possible if all the parts of the abbreviated input can be assigned to exactly one command or to the parts of the command. Example The show event config command can be replaced by the expression sh e c. 2.9.4.5 Reusing the last used commands Description...
Page 44: The "Show" Commands
General information 2.9 General CLI commands has the same effect as: CLI#conf t CLI(config)#int vlan 1 CLI(config-if-vlan-1)#no ip address dhcp CLI(config-if-vlan-1)#ip address 192.168.1.1 255.255.255.0 CLI(config-if-vlan-1)#end CLI#write startup 2.9.4.7 The "show" commands This section describes commands with which you display various settings. show history Description This command shows the last 14 commands you entered.
Page 45 General information 2.9 General CLI commands Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameters: clear history Result The last commands to be input are deleted. Further notes You display a list of the last 14 commands entered with the show history command.
Page 46 General information 2.9 General CLI commands SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 47: Configuration
Configuration The following is described in this section: ● System settings ● Saving and loading configurations and firmware ● Restart of the device and restoring the factory defaults ● Saving and restoring configuration backups SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 48: System
Configuration 3.1 System System This section describes commands with which general system properties can be displayed and configured. 3.1.1 The "show" commands This section describes commands with which you display various settings. 3.1.1.1 show cli-console-timeout Description This command shows the global configuration for the timeout of the CLI console. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 49: Show Device Information
Configuration 3.1 System Syntax Call the command without parameters: show coordinates Result The system coordinates are displayed. 3.1.1.3 show device information Description This command shows information about the device. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 50: Show Ethernetip
Configuration 3.1 System cli# Syntax Call the command without parameters: show environmental temperature Result The temperature values are displayed. 3.1.1.5 show ethernetip Description This command shows the current EtherNet/IP configuration. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 51: Show Im
The slot ID, the status and the type or name of the card is listed. Note With SCALANCE XB-200, SCALANCE XC-200, SCALANCE XP-200 and SCALANCE XR-300WG the slot ID is always 0. The table therefore always shows precisely one row.
Page 52: Show Interfaces
Configuration 3.1 System 3.1.1.8 show interfaces Description This command shows the status and the configuration of one, several or all interfaces. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 53: Show Interfaces
Configuration 3.1 System Result The status and the configuration of the selected interfaces are displayed. 3.1.1.9 show interfaces ... counters Description This command shows the counters of one, several or all interfaces. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 54: Show Ip Interface
Configuration 3.1 System 3.1.1.10 show ip interface show ip interface Description This command shows the configuration of one, several or all IP interfaces. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: Thiscli>...
Page 55: Show Pnio
Configuration 3.1 System 3.1.1.11 show pnio Description This command shows the current PROFINET configuration. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: Thiscli> or cli# Syntax Call the command without parameters: show pnio Result The current PROFINET configuration is displayed.
Page 56: Show Lldp Status
Configuration 3.1 System 3.1.1.13 show lldp status Description This command shows per port whether LLDP frames are sent or received. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 57: Show Unicast-Block Config
Configuration 3.1 System Syntax Call up the command with the following parameters: show broadcast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning: Parameter Description Range of values / note Keyword for a port description port Type or speed of the interface Enter a valid interface.
Page 58: Show Multicast-Block Config
Configuration 3.1 System Result The unicast blocking settings for ports are displayed. 3.1.1.16 show multicast-block config Description This command shows the multicast blocking settings for ports. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 59: Clear Counters
Configuration 3.1 System The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show versions Result The version information of the entire system is displayed. 3.1.2 clear counters Description With this command, you reset the counters of an interface. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 60: Clear Line Vty
Configuration 3.1 System Further notes You can display the statistical information of the interfaces with the show interfaces ... counters command. 3.1.3 clear line vty Description With this command, you close a console session on the device. With the forceful-clear option, you close a session and that is not reacting. Requirement You are in the Privileged EXEC mode.
Page 61: Configure Terminal
Configuration 3.1 System 3.1.4 configure terminal Description With this command, you change to the Global configuration mode. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameters: configure terminal Result You are now in the Global configuration mode.
Page 62: Enable
Configuration 3.1 System Syntax Call the command without parameters: disable Result You are in the User EXEC mode. The command prompt is as follows: cli> 3.1.6 enable With the commands enable and disable you temporarily change the function rights of the logged in user, the login data remains unchanged.
Page 63: Logout
Configuration 3.1 System 3.1.7 logout Description With this command, you exit the Command Line Interface. If you are connected to the device via telnet, the session is closed. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 64: Commands In The Global Configuration Mode
Configuration 3.1 System The parameters have the following meaning: Parameter Description Range of values/note Address of the called node Enter a valid IPv4 address or a valid destination- host name. address Keyword for the size of the packets to be size transferred Keyword for the size of the packets in bytes 0 …...
Page 65: Interface
Configuration 3.1 System 3.1.9.1 interface Description With this command, you change to the Interface configuration mode. There you can edit the settings for one interface. You select the interface with the parameters of this command. If you specify a logical interface that does not exist, it will be created. The name of the selected interface is displayed in the command prompt.
Page 66: No Interface
Configuration 3.1 System Type of interface Command prompt fast-ethernet cli(config-if-Fa$-$)# gigabitethernet cli(config-if-Gi$-$)# The placeholders $ or $-$ denote the numbering of the interface. The ranges of values for the logical interface VLAN and port channel can be found in the table above.
Page 67: Cli-Console-Timeout
Configuration 3.1 System Parameter Description Range of values / note Keyword for a port channel connection port-channel Number of the addressed port channel 1 … 8 port-channel-id For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 68: No Cli-Console-Timeout
Configuration 3.1 System The parameters have the following meaning: Parameter Description Range of values / note Time in seconds until automatic logout 60 ... 600 seconds after the last entry Default: 300 Result The time is configured and automatic logout is enabled. Further notes You disable automatic logout with the no cli-console-timeout command.
Page 69: Coordinates Height
Configuration 3.1 System 3.1.9.5 coordinates height Description With this command, you enter a height coordinate. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: coordinates height <meter> The parameter has the following meaning: Parameter Description...
Page 70: Coordinates Longitude
Configuration 3.1 System coordinates latitude <latitude> The parameter has the following meaning: Parameter Description Range of values / note Input box for the latitude coordinate max. 32 characters latitude To use spaces in the entry, enter the latitude coordinate in quotes: coordinates latitude "123 456"...
Page 71: Ethernetip
Configuration 3.1 System 3.1.9.8 ethernetip Description With this command, you set whether EtherNet/IP will be enabled or disabled after the next device restart. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: ethernetip {off|on} The parameters have the following meaning: Parameter...
Page 72: System Contact
Configuration 3.1 System Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: pnio {off|on} The parameters have the following meaning: Parameter Description Range of values / note PROFINET is disabled.
Page 73: System Location
Configuration 3.1 System system contact <contact info> The parameter has the following meaning: Parameter Description Range of values / note Input box for contact information max. 255 characters contact info Result The contact information is created in the system. 3.1.9.11 system location Description With this command, you enter the location information for the system.
Page 74: Username
Configuration 3.1 System Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: system name <system name> The parameter has the following meaning: Parameter Description Range of values / note Input box for the name max.
Page 75: Commands In The Interface Configuration Mode
Configuration 3.1 System The parameters have the following meaning: Parameter Description Range of values / note User name of the default user with admin read and write access to the config‐ uration data. Keyword for a password password Value for the password Enter the password.
Page 76: Alias
Configuration 3.1 System Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections. ● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
Page 77: Broadcast-Block
Configuration 3.1 System Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameter assignment: no alias Result The name of the interface is removed. Further notes You configure the name of the interface with the alias command. 3.1.10.3 broadcast-block Description...
Page 78: No Broadcast-Block
Configuration 3.1 System 3.1.10.4 no broadcast-block Description With this command, you disable the blocking of broadcast frames on an interface. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameter assignment: no broadcast-block Result The blocking of broadcast frames is disabled.
Page 79: No Duplex
Configuration 3.1 System Syntax Call up the command with the following parameters: duplex {full|half} The parameters have the following meaning: Parameter Description Range of values / note The Interface will be operated in full du‐ Default: full full plex mode. The Interface will be operated in half du‐...
Page 80: Lldp
Configuration 3.1 System Further notes You configure the duplex mode of the interface with the duplex command. 3.1.10.7 lldp Description With this command, you enable the sending and receipt of LLDP packets on the interface. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax...
Page 81: No Lldp
Configuration 3.1 System 3.1.10.8 no lldp Description With this command, you disable the sending or receipt of LLDP packets on the interface. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: no lldp{transmit|receive} The parameters have the following meaning: Parameter...
Page 82: Media Type
Configuration 3.1 System 3.1.10.9 media type Description With this command, you configure the mode of a combo port. Note This command only influences combo ports. If you attempt to configure a different port with this command, an error message will be displayed.
Page 83: Multicast-Block
Configuration 3.1 System The parameters have the following meaning: Parameter Description Range of values / note The auto mode is enabled for the com‐ Default: auto auto bo port. In this mode, the SFP transceiver port has priority. As soon as an SFP trans‐ ceiver is plugged in, an existing connec‐...
Page 84: No Multicast-Block
Configuration 3.1 System Syntax Call the command without parameter assignment: multicast-block Result Multicast frames are blocked. Further notes You disable the blocking of multicast frames with the no multicast-block command. 3.1.10.11 no multicast-block Description With this command, you disable the blocking of multicast frames on an interface. Requirement You are in the Interface configuration mode.
Page 85: No Negotiation
Configuration 3.1 System Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: negotiation Result The automatic negotiation of connection parameters on an interface is activated. Further notes You disable the autonegotiation of connection parameters with the no negotiation command.
Page 86: Shutdown
Configuration 3.1 System 3.1.10.14 shutdown Description With this command, you shut down the interface. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: shutdown [complete] The parameter has the following meaning: Parameter Description...
Page 87: Speed
Configuration 3.1 System Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: no shutdown Result The Interface is activated. Further notes You deactivate the interface with the shutdown command. You can display the status of this function and other information with the show interfacescommand.
Page 88: Unicast-Block
Configuration 3.1 System The parameters have the following meaning: Parameter Description Transmission speed 10 Mbps Transmission speed 100 Mbps Result The transmission speed of the interface is configured. 3.1.10.17 unicast-block Description With this command, you enable the blocking of unknown unicast frames on an interface. Requirement You are in the Interface configuration mode.
Page 89 Configuration 3.1 System Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameter assignment: no unicast-block Result The blocking of unicast frames is disabled. Further notes You enable the blocking of unicast frames with the unicast-block command. You display the status of this function with show unicast-block config.
Page 90: Load And Save
ZIP file consisting of the Config, Users and LSYS fle. Debug This file contains information for Siemens Support. It is encrypted and can be sent by e-mail to Siemens Support without any security risk. Electronic Data Sheet (EDS) Electronic data sheet for describing devices in the EtherNet/IP mode Firmware The firmware is signed and encrypted.
Page 91: The "Show" Commands
Configuration 3.2 Load and Save File type Description Script Text file with CLI commands You can upload a script file in a device. The CLI commands it contains are executed appropriately. StartupInfo Startup log file This file contains the messages that were entered in the log during the last start‐ Users This file contains the assignment of the user names to the corresponding pass‐...
Page 92: Load Tftp
The current configuration of the TFTP server for Load&Save is displayed. 3.2.3 load tftp Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Description With this command, you load the files from a TFTP server.
Page 93: Save Filetype
Configuration 3.2 Load and Save Parameter Description Range of values / note Keyword for the port of the server via port which the TFTP connection runs Number of the port 1 … 65535 tcp port Default: 69 Keyword for a file name to be assigned - file Name of the file max.
Page 94: Commands In The Global Configuration Mode
Configuration 3.2 Load and Save Parameter Description Range of values / note Keyword for an IPv4 address ipv4 Value for an IPv4 unicast address Enter a valid IPv4 unicast address. ipv4-address Keyword for the port of the server via port which the TFTP connection runs Number of the port 1 …...
Page 95: Commands In The Loadsave Configuration Mode
Configuration 3.2 Load and Save Syntax Call the command without parameters: loadsave Result You are now in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)# Further notes You exit the LOADSAVE configuration mode with the exit command. 3.2.6 Commands in the LOADSAVE configuration mode This section describes commands that you can call up in the LOADSAVE configuration mode.
Page 96: Password
Configuration 3.2 Load and Save delete{showfiles|filetype<filetype>} The parameters have the following meaning: Parameter Description Range of values / note Shows the available files showfiles Keyword for the file type to be deleted filetype Name of the file type max. 100 characters filetype Result The files are displayed or the file is deleted.
Page 97: No Password
Configuration 3.2 Load and Save Result The password for the file is configured and activated. Further notes You disable the password with the no password command. 3.2.6.3 no password Description With this command, you disable the password for a file. Requirement You are in the LOADSAVE configuration mode.
Page 98: Tftp Load
3.2.6.5 tftp load Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. Description With this command, you load a file from a TFTP server into the file system of the device. The TFTP protocol is used for the transfer.
Page 99: Tftp Save
Configuration 3.2 Load and Save Requirement ● The name of the file is specified ● You are in the LOADSAVE configuration mode. The command prompt is: cli(config-loadsave)# Syntax Call up the command with the following parameters: tftp load{showfiles|filetype<filetype>} The parameters have the following meaning: Parameter Description Range of values / note...
Page 100: Tftp Server
Configuration 3.2 Load and Save The parameters have the following meaning: Parameter Description Range of values / note Shows the available files showfiles Keyword for a file type to be loaded filetype Name of the file type max. 100 characters filetype Result The file types are displayed or the file is copied.
Page 101 Configuration 3.2 Load and Save Result The settings for the access to the selected TFTP server are configured. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 102: Reset And Defaults
Configuration 3.3 Reset and Defaults Reset and Defaults This section describes commands for restarting the device and for restoring the original configuration. 3.3.1 restart Description With this command, you restart the device. Select one of the following configuration settings: ● Device restart with the current configuration ●...
Page 103 Configuration 3.3 Reset and Defaults Parameter Description Range of values / note Restores the default settings of the ● The profiles provide a preconfiguration for various use cases of pnio PROFINET IO profile and restarts the devices. the device. ● When you start a device with the default settings of a profile, the Restores the default settings of the ethernetip settings are reset to the factory settings and some parameters...
Page 104: Configuration Save & Restore
Configuration 3.4 Configuration Save & Restore Configuration Save & Restore This section describes commands for displaying, saving and restoring configuration settings. 3.4.1 The "show" commands This section describes commands with which you display various settings. 3.4.1.1 show running-config Note The IE switch does not support all parameters, refer to the section "Features not supported (Page 30)".
Page 105 Configuration 3.4 Configuration Save & Restore The parameters have the following meaning: Parameter Description Range of values / note Shows the configuration settings of the syslog Syslog function shows the configuration settings of the dhcp Dynamic Host Configuration Protocol shows the configuration settings of QoS (Quality of Service) Shows the configuration settings of the Spanning Tree protocol...
Page 106 Configuration 3.4 Configuration Save & Restore Parameter Description Range of values / note Shows the configuration settings of the auto-logout auto logout function Shows the configuration settings of the time system time Shows the configuration settings of the Network Time Protocol Shows the configuration settings of the auto-save auto save function...
Page 107: Write Startup-Config
Configuration 3.4 Configuration Save & Restore Result The selected configuration settings of the device are displayed. Passwords are masked as follows: [PASSWORD] In other "show" commands, passwords are masked as follows: ****** 3.4.2 write startup-config Description With this command, you save the changes to the configuration in the configuration file. The use of this command is required in the Trial mode.
Page 108: Auto-Save
Configuration 3.4 Configuration Save & Restore You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. 3.4.3.1 auto-save Description The CLI can save changes to the configuration automatically. If you first want to test changes made to the configuration so that you can discard them afterwards if necessary, you can disable the auto save function.
Page 109: No Auto-Save
Configuration 3.4 Configuration Save & Restore 3.4.3.2 no auto-save Description With this command, you disable the auto save function. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no auto-save Result The auto save function is disabled.
Page 110: Poe
Configuration 3.5 PoE 3.5.1 The "show" commands This section describes commands with which you display various settings. 3.5.1.1 show poe status Description This command shows specific information for all or for a selected PoE interface (PoE: Power over Ethernet). Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 111: Show Pse Status
Configuration 3.5 PoE 3.5.1.2 show pse status Description This command shows the current settings of the PoE power supply of the device. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 112: Poe Pse Usage
Configuration 3.5 PoE 3.5.2.1 poe pse usage Description With this command, you set a value (as a percentage) for the "Usage Threshold" parameter. This specifies how many percent of the maximum power the connected devices will use. As soon as the power being used by the end devices exceeds this percentage, an event is triggered.
Page 113: Commands In The Interface Configuration Mode
Configuration 3.5 PoE Syntax Call up the command with the following parameters: no poe pse <integer (1-4)> usage The parameter has the following meaning: Parameter Description Range of values / note Number of the PSE 1 … 4 integer Result The parameter "Usage Threshold"...
Page 114: No Poe Active
Configuration 3.5 PoE Result PoE is activated for the corresponding interface. 3.5.3.2 no poe active Description With this command, you deactivate PoE for the interface in whose interface configuration mode you are currently working. Requirement You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)# Syntax...
Page 115: No Poe Custom Maxpwr
Configuration 3.5 PoE poe custom maxpwr <integer(0-30)> The parameter has the following meaning: Parameter Description Range of values / note Value for the user-defined maximum pow‐ 0 ... 30 integer er in watts Result The maximum power is set. Further notes You enable the user-defined maximum power for the interface with the poe custom maxpwr active command.
Page 116: Poe Custom Maxpwr Active
Configuration 3.5 PoE Further notes You configure the user-defined maximum power for the interface with the poe custom maxpwr command. You enable the user-defined maximum power for the interface with the poe custom maxpwr active command. You disable the user-defined maximum power for the interface with the no poe custom maxpwr active command.
Page 117: Poe Type
Configuration 3.5 PoE Requirement You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: no poe custom maxpwr active Result The user-defined maximum power is disabled for the relevant interface. Further notes You configure the user-defined maximum power for an interface with the poe custom maxpwr command.
Page 118: No Poe Type
Configuration 3.5 PoE Result The description of the connected device has been specified. 3.5.3.8 no poe type Description With this command, you delete the description for a connected device. Requirement You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)# Syntax...
Page 119: No Poe Prio
Configuration 3.5 PoE The parameters have the following meaning: Parameter Description low priority high priority high highest priority critical If the power of the connected power supply is inadequate to supply all connected devices, devices with a higher priority are given preference. If the same priority is set for two ports, the port with the lower number will be preferred when necessary.
Page 120: Sinema
Configuration 3.6 SINEMA SINEMA 3.6.1 The "show" commands This section describes commands with which you display various settings. 3.6.1.1 show sinema Description This command shows whether the SINEMA configuration interface is enabled or disabled. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 121: Sinema
Configuration 3.6 SINEMA 3.6.2.1 sinema Description With this command, you enable the SINEMA configuration interface. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: sinema Result The SINEMA configuration interface is enabled. Further notes You disable the SINEMA configuration interface with the no sinema command.
Page 122 Configuration 3.6 SINEMA Result The SINEMA configuration interface is disabled. Further notes You enable the SINEMA configuration interface with the sinema command. You display the setting whether the SINEMA configuration interface is enabled or disabled with the command show sinema. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 123: Nfc
3.7.1 The "show" commands This section describes commands with which you display various settings. Note You will find further information on NFC in the operating instructions "SCALANCE XC-200". 3.7.1.1 show nfc active status Description This command shows whether or not the NFC function (Near Field Communication) is activated or deactivated.
Page 124: Nfc Active
Configuration 3.7 NFC 3.7.2.1 nfc active Description With this command, you activate NFC. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: nfc active Result NFC is activated. Further notes You deactivate NFC with the no nfc active command.
Page 125 Configuration 3.7 NFC Result NFC is deactivated. Further notes You activate NFC with the nfc active command. You display the status, i.e. whether the NFC function is activated or deactivated with the command show nfc active status. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 126 Configuration 3.7 NFC SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 127: Functions Specific To Scalance
Functions specific to SCALANCE This part contains the sections that describe functions specific to SCALANCE. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 128: Plug
Functions specific to SCALANCE 4.1 PLUG PLUG The C-PLUG stores the configuration of a device and can therefore transfer the configuration of the old device to the new device when a device is replaced. This section describes the commands relevant for working with the C-PLUG. 4.1.1 The "show"...
Page 129: Plug
Functions specific to SCALANCE 4.1 PLUG 4.1.2.1 plug Description With this command, you change to the Plug Configuration mode. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: plug Result You are now in the Plug Configuration mode.
Page 130: Write
Functions specific to SCALANCE 4.1 PLUG Requirement ● There is a device configuration on the PLUG. ● You are in the Plug Configuration mode. The command prompt is: cli(config-plug)# Syntax Call the command without parameters: factoryclean Result The device configuration on the PLUG is deleted. 4.1.3.2 write Description...
Page 131: Wbm
Functions specific to SCALANCE 4.2 WBM On the device, you can limit the time available for access with Web Based Management. If no entry is made for a specific time, the WBM session is closed. This section describes commands relevant for the configuration of this feature. 4.2.1 The "show"...
Page 132: Web-Session-Timeout
Functions specific to SCALANCE 4.2 WBM 4.2.2.1 web-session-timeout Description With this command, you enable the automatic logoff and you configure the timeout setting for the WBM. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters:...
Page 133 Functions specific to SCALANCE 4.2 WBM Syntax Call the command without parameters: no web-session-timeout Result Automatic logoff is disabled. Further notes You enable automatic logoff with the web-session-timeout command. You display the current timeout setting with the show web-session-timeout command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 134: Panel Button
Functions specific to SCALANCE 4.3 Panel button Panel button This section describes the commands relevant for working with the button. You will find a detailed description of the function available using the button in the device operating instructions. Availability of the buttons Depending on your IE switch, different buttons and functions are available, see section "System functions hardware equipment (Page 25)".
Page 135: No Panel-Button Control-Factory-Defaults
Functions specific to SCALANCE 4.3 Panel button Result The function of the button for restarting with factory settings is enabled. Further notes You disable this function with the no panel-button control-factory-defaults command. 4.3.1.2 no panel-button control-factory-defaults Description With this command, you disable the following function of the button: ●...
Page 136: No Panel-Button Control-Faultmask
Functions specific to SCALANCE 4.3 Panel button Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: panel-button control-faultmask Result The function of the button for setting the fault mask is enabled. Further notes You disable this function with the no panel-button control-faultmask command.
Page 137: Panel-Button Control-Hsr-Manager
Functions specific to SCALANCE 4.3 Panel button Further notes You enable this function with the panel-button control-faultmask command. 4.3.1.5 panel-button control-hsr-manager Description With this command, you enable the following function of the button: ● If display mode B is displayed and the button is pressed for 5 seconds, the "redundancy manager"...
Page 138 Functions specific to SCALANCE 4.3 Panel button cli(config)# Syntax Call the command without parameter assignment: no panel-button control-hsr-manager Result The function of the button for switching over the redundancy manager is disabled. Further notes You enable this function with the panel-button control-hsr-manager command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 139: Signaling Contact
Functions specific to SCALANCE 4.4 Signaling contact Signaling contact This section describes the commands relevant for working with the signaling contact. 4.4.1 The "show" commands This section describes commands with which you display various settings. 4.4.1.1 show signaling contact Description This command shows the current configuration of the signaling contact.
Page 140: Signaling Contact Mode
Functions specific to SCALANCE 4.4 Signaling contact 4.4.2.1 signaling contact mode Description With this command, you specify the reaction of the signaling contact. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: signaling-contact mode {conventional | aligned} The parameters have the following meaning: Parameter...
Page 141 Functions specific to SCALANCE 4.4 Signaling contact cli(config)# Syntax Call up the command with the following parameters: signaling-contact status {open|close} The parameters have the following meaning: Parameter Description Signaling contact is opened. open Signaling contact is closed. close Result The signaling contact is opened or closed. Further notes You display the setting with the show signaling contact command.
Page 142 Functions specific to SCALANCE 4.4 Signaling contact SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 143: System Time
System time System time setting This section describes commands relevant for the configuration of the system time. 5.1.1 The "show" commands This section describes commands with which you display various settings. 5.1.1.1 show dst info Description This command shows all the entries for daylight saving time stored on the device. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 144: Commands In The Global Configuration Mode
System time 5.1 System time setting Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show time Result The settings for the system clock are displayed. 5.1.2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 145: Time Set
System time 5.1 System time setting The parameters have the following meaning: Parameter Description The system time is entered by the user manual The system time is obtained from an NTP server The system time is obtained from an SNTP server sntp The system time is obtained using the "SIMATIC time protocol"...
Page 146: Time Dst Date
System time 5.1 System time setting Result The system time is set. Further notes You display the settings for the system clock with the show time command. 5.1.2.3 time dst date Description With this command, you configure the start and end of daylight saving time. Requirement You are in the Global Configuration mode.
Page 147: Time Dst Recurring
System time 5.1 System time setting Result The entry for the start and end of daylight saving time was created. Further notes You display the settings for the daylight saving time changeover with the show dst info command. 5.1.2.4 time dst recurring Description With this command, you configure the start and end of daylight saving time with a generic description.
Page 148: No Time Dst
System time 5.1 System time setting Result The entry for the start and end of daylight saving time was created. Further notes You display the settings for the daylight saving time changeover with the show dst info command. 5.1.2.5 no time dst Description With this command you delete the entry for the start and end of daylight saving time with the specified name.
Page 149: Ntp Client
System time 5.2 NTP client NTP client This section describes commands relevant for configuration of the NTP client. 5.2.1 The "show" commands This section describes commands with which you display various settings. 5.2.1.1 show ntp info Description This command shows the current settings for the Network Time Protocol (NTP). Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 150: Ntp
System time 5.2 NTP client 5.2.2.1 Description With this command, you change to the Network Time Protocol (NTP). Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: Result You are now in the NTP configuration mode.
Page 151: Ntp Server
System time 5.2 NTP client 5.2.3.1 ntp server Description With this command, you configure the connection to a server on the NTP client. Note To avoid time jumps, make sure that there is only one time server in the network. Requirement You are in the NTP configuration mode.
Page 152: No Ntp Server
System time 5.2 NTP client 5.2.3.2 no ntp server Description With this command, you delete the connection to a server on the NTP client. Requirement You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)# Syntax Call the command without parameter assignment: no ntp server Result...
Page 153 System time 5.2 NTP client The parameter has the following meaning: Parameter Description Time zones to the west of the NTP server time zone Time zones to the east of the NTP server time zone Number of hours difference Number of minutes difference Enter the number of hours and number of minutes with two digits each.
Page 154: Sntp Client
System time 5.3 SNTP client SNTP client This section describes commands relevant for configuration of the SNTP client. 5.3.1 The "show" commands This section describes commands with which you display various settings. 5.3.1.1 show sntp broadcast-mode status Description This command shows the current configuration of the broadcast mode of SNTP. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 155: Show Sntp Status
System time 5.3 SNTP client Syntax Call the command without parameters: show sntp unicast-mode status Result The current SNTP unicast configuration is displayed. 5.3.1.3 show sntp status Description This command shows the settings of the Simple Network Time Protocol. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 156: Sntp
System time 5.3 SNTP client 5.3.2.1 sntp Description With this command, you change to the SNTP configuration mode. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: sntp Result You are now in the SNTP configuration mode.
Page 157: Sntp Time Diff
System time 5.3 SNTP client Requirement ● The SNTP client is activated. ● You are in the SNTP Configuration mode. The command prompt is: cli(config-sntp)# Syntax Call up the command with the following parameters: sntp client addressing-mode{unicast|broadcast} The parameters have the following meaning: Parameter Description Range of values / note...
Page 158: Sntp Unicast-Server Ipv4
System time 5.3 SNTP client Syntax Call up the command with the following parameters: sntp time diff <(+/-hh:mm)> The parameter has the following meaning: Parameter Description Time zones to the west of the SNTP server time zone Time zones to the east of the SNTP server time zone Number of hours difference Number of minutes difference Enter the time difference as follows:...
Page 159: No Sntp Unicast-Server Ipv4
System time 5.3 SNTP client Syntax Call up the command with the following parameters: sntp unicast-server ipv4 <ucast_addr> [port<1025-36564>] [poll<seconds(16-16284)>] The parameters have the following meaning: Parameter Description Range of values / note Keyword for an IP address ipv4 Value for an IPv4 unicast address Enter a valid IPv4 unicast address.
Page 160 System time 5.3 SNTP client The parameters have the following meaning: Parameter Description Range of values Value for an IPv4 unicast address Enter a valid IPv4 unicast address. ucast_addr For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 161: Network Structures
Network structures This part contains the sections that describe the commands for configuring and managing various network structures. The following technologies are available: ● The establishment of independent structures even across the boundaries of subnets using virtual networks (VLANs) This can result in the following advantages: –...
Page 162: Vlan
Network structures 6.1 VLAN VLAN This section describes commands for configuring and managing virtual networks (VLANs). With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1. You change the mode with the base bridge-mode command.
Page 163: Show Mac-Address-Table Count
Network structures 6.1 VLAN Syntax Call up the command with the following parameters: show mac-address-table [vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>] [interface <interface-type><interface-id>] The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN or VLAN range vlan Number of the addressed VLAN or 1 ...
Page 164: Show Mac-Address-Table Dynamic Multicast
Network structures 6.1 VLAN The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id If you do not select any parameter from the parameter list, the total number of entries is displayed for all VLANs.
Page 165: Show Mac-Address-Table Dynamic Unicast
Network structures 6.1 VLAN If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces. Result The dynamic multicast MAC addresses are displayed. 6.1.1.4 show mac-address-table dynamic unicast Description This command shows the table with the dynamic unicast MAC addresses assigned by the device.
Page 166: Show Mac-Address-Table Static Multicast
Network structures 6.1 VLAN Result The dynamic unicast MAC addresses are displayed. 6.1.1.5 show mac-address-table static multicast Description This command shows the table with the static multicast MAC addresses. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 167: Show Mac-Address-Table Static Unicast
Network structures 6.1 VLAN 6.1.1.6 show mac-address-table static unicast Description This command shows the table with the static unicast MAC addresses. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 168: Show Vlan Device Info
Network structures 6.1 VLAN Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call up the command with the following parameters: show vlan[brief|id<vlan-range>|summary] The parameters have the following meaning: Parameter Description Range of values / note...
Page 169: Show Vlan Learning Params
Network structures 6.1 VLAN Result The global information is displayed. 6.1.1.9 show vlan learning params Description This command shows the parameters for the automatic learning of addresses for selected or all VLANs (active and inactive VLANs). Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 170: Show Vlan Private-Vlan
Network structures 6.1 VLAN The command prompt is as follows: cli> or cli# Syntax Call up the command with the following parameters: show vlan port config[{port<interface-type><interface-id>}] The parameters have the following meaning: Parameter Description Range of values / note Keyword for a port port Type of interface Enter a valid interface.
Page 171: Commands In The Global Configuration Mode (Vlan Bridge)
Network structures 6.1 VLAN The parameter has the following meaning: Parameter Description Range of values / note Displays information on all PVLAN pvlan-type types. Displays information on the Primary primary PVLAN. Displays information on the Isolated isolated Secondary PVLANs. Displays information on the Community community Secondary PVLANs.
Page 172 Network structures 6.1 VLAN Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: base bridge-mode {dot1d-bridge|dot1q-vlan} The parameters have the following meaning: Parameter Description Range of values / notes Sets the mode "Transparent Bridge"...
Page 173: Interface Range
Network structures 6.1 VLAN ● You cannot use guest VLAN. ● The VLAN assignment cannot be adopted from the RADIUS server. ● You cannot configure the port type. ● Defined access rules must be valid for all VLANs: authorized-manager ip-source Further notes You can display the status of this function and other VLAN information with the show vlan device info command.
Page 174: No Interface Range
Network structures 6.1 VLAN Result The interfaces or interfaces of VLANs were put together to form an interface range. The command prompt is as follows: cli(config-if-vlan-range)# The configuration commands you enter in a mode apply to all interfaces of this area. Further notes With the no interface range command, you remove VLANs from this range or break it 6.1.2.3...
Page 175: Mgmt Vlan
Network structures 6.1 VLAN Further notes With the interface range command, you can put several interfaces or VLANs together to be able to configure them together. 6.1.2.4 mgmt vlan Description With this command, you change the agent VLAN ID. You can only use VLANs that have already been configured.
Page 176: Vlan
Network structures 6.1 VLAN 6.1.2.5 vlan Description With this command, you create a VLAN on the device and change to the VLAN configuration mode. In the provider backbone bridge mode, this command is used to create user, service and backbone VLANs. Requirement You are in the Global configuration mode.
Page 177: Vlan Range
Network structures 6.1 VLAN Requirement ● The VLAN must not be assigned to a physical port. ● You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameter: no vlan <vlan-id(1-4094)>...
Page 178: Commands In The Interface Configuration Mode (Vlan Bridge)
Network structures 6.1 VLAN The parameters have the following meaning: Parameter Description Range of values / note Number of the addressed VLAN 1 ... 4094 vlan-id Number of the addressed VLAN 2 ... 4094 vlan-id Enter a space before and after the hyphen, e.g. vlan range 5 - 10. For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 179: No Private-Vlan Mapping
Network structures 6.1 VLAN Requirement ● The interface is configured as an IP interface. ● You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)# Syntax Call up the command with the following parameters: private-vlan mapping [{add | remove}] <vlan-list> The parameters have the following meaning: Parameter Description...
Page 180: Switchport Acceptable-Frame-Type
Network structures 6.1 VLAN Syntax Call the command without parameter assignment: no private-vlan mapping Result The IP interface of the primary PVLAN cannot be reached from the selected secondary PVLANs. Further notes You configure a link between secondary PVLANs and the IP interface of the primary PVLAN with the command private-vlan mapping.
Page 181: No Switchport Acceptable-Frame-Type
Network structures 6.1 VLAN Result The setting is enabled. Further notes You can reset the setting to the default with the no switchport acceptable-frame- type command. You can display the status of this function and other information with the show vlan port config command.
Page 182: Switchport Access Vlan
Network structures 6.1 VLAN 6.1.3.5 switchport access vlan Description With this command, you assign an VLAN to an interface and configure the port VLAN identifier (PVID) for it. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters:...
Page 183: Switchport Mode
Network structures 6.1 VLAN cli(config-if-$$$)# Syntax Call the command without parameters: no switchport access vlan Result The setting is reset to the default value. Further notes You configure the setting with the switchport access vlan command. You can display the status of this function and other information with the show vlan port configcommand.
Page 184: No Switchport Mode
Network structures 6.1 VLAN The parameters have the following meaning: Parameter Description Range of values / note Configures the port as a trunk port that only forwards tagged trunk frames. The port can then only be configured as the trunk port if the port is not entered in any VLAN that exchanges untagged frames.
Page 185: Switchport Mode Private Vlan
Network structures 6.1 VLAN Syntax Call the command without parameters: no switchport mode Result The setting is reset to the default value. Further notes You configure the operating mode with the switchport mode command. You display this setting and other information with the show vlan port config command. You configure the interface as a switch port with the switchport command.
Page 186: Switchport Priority Default
Network structures 6.1 VLAN Result The operating mode for the private VLAN port is configured. Further notes You display this setting and other information with the show vlan port config command. You configure the interface as a switch port with the switchport command. You configure a host port with the switchport private-vlan host-association command.
Page 187: No Switchport Priority Default
Network structures 6.1 VLAN 6.1.3.11 no switchport priority default Description With this command, you reset the priority default for the interface to the default value. The default value is 0. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters:...
Page 188: No Switchport Private-Vlan Host-Association
Network structures 6.1 VLAN Requirement ● The interface is configured as a host port. ● You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)# Syntax Call up the command with the following parameters: switchport private-vlan host-association <primary-vlanId(1-4094)> <secondary-vlanId(1-4094)>...
Page 189: Switchport Private-Vlan Mapping
Network structures 6.1 VLAN no switchport private-vlan host-association Result The configuration is deleted. Further notes You configure a host port with the switchport private-vlan host-association command. You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan. You configure the interface as a host port with the command.
Page 190: No Switchport Private-Vlan Mapping
Network structures 6.1 VLAN Parameter Description Range of values / note Removes secondary PVLANs. remove VLAN ID of the secondary PVLAN 1 ... 4094 secondary_vlan_li Separate the PVLANs with commas if you specify sev‐ eral PVLANs. Result The interface is configured. Further notes You delete the configuration with the no switchport private-vlan mapping command.
Page 191: Switchport Pvid
Network structures 6.1 VLAN You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan. You configure the interface as a promiscuous port with the switchport mode command. 6.1.3.16 switchport pvid Description With this command, you assign an interface to a VLAN and configure the port VLAN identifier (PVID) for it.
Page 192: Commands In The Vlan Configuration Mode (Vlan Bridge)
Network structures 6.1 VLAN The default value is 1. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: no switchport pvid Result The setting is reset to the default value. Further notes You configure the setting with the switchport pvid command.
Page 193: No Name
Network structures 6.1 VLAN Requirement You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)# Syntax Call up the command with the following parameters: name <vlan-name> The parameter has the following meaning: Parameter Description Range of values / note Name that will be assigned to the VLAN max.
Page 194: Ports
Network structures 6.1 VLAN Further notes You assign the VLAN a name with the command name. 6.1.4.3 ports Description With this command, you generate a list that specifies the behavior of the interfaces and replaces the existing VLAN configuration. ● Member Port (tagged port) The interface is added permanently to the list of incoming and outgoing connections.
Page 195: No Ports
Network structures 6.1 VLAN forbidden<interface-type><0/a-b,0/c,...> [<interface-type><0/a-b,0/c,...>] [portchannel<a,b,c-d>] [name<vlan-name>] The parameters have the following meaning: Parameter Description Range of values / note Type or speed of the interface Enter a valid interface. interface-type Port no. of the interface /a-b,0/c,... Keyword for a port channel port-channel Port no.
Page 196 Network structures 6.1 VLAN The command prompt is as follows: cli(config-vlan-$$$)# Syntax Call up the command with the following parameters: no ports [<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>] [port-channel<a,b,c-d>] [all] untagged<interface-type> <0/a-b,0/c,...> [<interface-type><0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all] forbidden<interface-type><0/a-b,0/c,...> [<interface-type><0/a-b,0/c,...>] [portchannel<a,b,c-d>] [all] [name<vlan-name>] The parameters have the following meaning: Parameter Description Range of values / note...
Page 197: Priority
Network structures 6.1 VLAN Parameter Description Range of values / note This parameter appears at several points in the command. ● no ports all This command removes all Member Ports (Tagged Member - M) from the VLAN. ● no ports untagged all This command removes all Untagged Member Ports (U) from the VLAN.
Page 198: No Priority
Network structures 6.1 VLAN Syntax Call up the command with the following parameters: priority <prio (0-7)> The parameter has the following meaning: Parameter Description Range of values / note Value of the priority 0 ... 7 prio Default: 0 Result The VLAN has been assigned a priority.
Page 199: Priority-Enable
Network structures 6.1 VLAN Further notes You change the priority with the prioritycommand. You enable the priority with the priority-enable command. You disable the priority with the no priority-enable command. You display the current priority with the show vlan command. You configure the assignment of the priority to a queue with the cos-map command.
Page 200: Private-Vlan
Network structures 6.1 VLAN Requirement You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)# Syntax Call the command without parameter assignment: no priority-enable Result The priority of the VLAN is disabled. Further notes You enable the priority with the priority-enable command. You change the priority with the prioritycommand.
Page 201: No Private-Vlan
Network structures 6.1 VLAN The parameters have the following meaning: Parameter Description Range of values / note With this type, you define a primary PVLAN. primary The primary PVLAN uses the VLAN ID of the VLAN. With this type, you define a secondary PVLAN. isolated Devices within an isolated secondary PVLAN cannot communicate with each other via layer 2.
Page 202: Private-Vlan Association
Network structures 6.1 VLAN Further notes You define a VLAN as a private VLAN and specify the PVLAN type with the command private-vlan. You display this setting with the show vlan private-vlan command. 6.1.4.11 private-vlan association Description With this command, you assign secondary PVLANs to a primary PVLAN. Requirement ●...
Page 203: No Private-Vlan Association
Network structures 6.1 VLAN 6.1.4.12 no private-vlan association Description With this command you delete the link between secondary PVLANs and a primary PVLAN. Requirement ● The interface is configured as a primary PVLAN. ● You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)# Syntax...
Page 204: Show Mac-Address-Table Count
Network structures 6.1 VLAN The command prompt is as follows: cli# Syntax Call up the command with the following parameters: show dot1d mac-address-table [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id>}] The parameters have the following meaning: Parameter Description Range of values/note Keyword for a MAC address address MAC address Specify a valid MAC ad‐...
Page 205: Show Dot1D Mac-Address-Table Static Multicast
Network structures 6.1 VLAN The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id If you do not select any parameter from the parameter list, the total number of entries is displayed for all VLANs.
Page 206: Show Dot1D Mac-Address-Table Static Unicast
Network structures 6.1 VLAN Result The static multicast MAC addresses are displayed. 6.1.5.4 show dot1d mac-address-table static unicast Description This command shows the table with the static unicast MAC addresses. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 207: Commands In The Global Configuration Mode (Transparent Bridge)
Network structures 6.1 VLAN Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show vlan device info Result The global information is displayed. 6.1.6 Commands in the global configuration mode (Transparent Bridge) This section describes commands that you can call up in the Global configuration mode.
Page 208 Network structures 6.1 VLAN cli(config)# Syntax Call up the command with the following parameters: base bridge-mode {dot1d-bridge|dot1q-vlan} The parameters have the following meaning: Parameter Description Range of values / notes Sets the mode "Transparent Bridge" for the de‐ Default setting with PROFI‐ dot1d-bridge vice.
Page 209: Vlan
Network structures 6.1 VLAN ● You cannot configure the port type. ● Defined access rules must be valid for all VLANs: authorized-manager ip-source Further notes You can display the status of this function and other VLAN information with the show vlan device info command.
Page 210: Commands In The Vlan Configuration Mode (Transparent Bridgee)
Network structures 6.1 VLAN 6.1.7 Commands in the VLAN configuration mode (Transparent Bridgee) This section describes commands that you can call up in the VLAN Configuration mode. In the Global Configuration mode, enter the vlan $$$ command to change to this mode. When doing this, you need to replace the $$$ placeholders with the relevant VLAN ID.
Page 211: No Ip Address
Network structures 6.1 VLAN Result The IP address is assigned. Note Effectiveness of the command The command is effective immediately. If you configure the interface via which you access the device, the connection will be lost! Further notes You delete the setting with the no ip address command. 6.1.7.2 no ip address Description...
Page 212 Network structures 6.1 VLAN If a static IP address was specified explicitly, this address is deleted from this interface. Note Effectiveness of the command The command is effective immediately. If you configure the interface via which you access the device, you can lose the connection! Further notes You assign an IP address with the ip address or ip address dhcp command.
Page 213: Link Aggregation
Network structures 6.2 Link aggregation Link aggregation This section describes commands that configure or manage the bundling of interfaces or connections between devices. 6.2.1 The "show" commands This section describes commands with which you display various settings. 6.2.1.1 show etherchannel Description This command shows the settings of the Etherchannel.
Page 214: Show Interfaces Etherchannel
Network structures 6.2 Link aggregation 6.2.1.2 show interfaces etherchannel Description This command shows the interface-specific information for a port channel. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 215: Commands In The Interface Configuration Mode
Network structures 6.2 Link aggregation Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call up the command with the following parameters: show lacp [<port-channel(1-8)>]{counters|neighbor[detail]} The parameters have the following meaning: Parameter Description...
Page 216: No Channel-Group
Network structures 6.2 Link aggregation Requirement With the interface po <channel-group-id(1-8)> command, you have already generated a logical interface for an Etherchannel. You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: channel-group <channel-group-number(1-8)>...
Page 217 Network structures 6.2 Link aggregation no channel-group Result The interface is deleted from the Etherchannel. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 218: Spanning Tree
Network structures 6.3 Spanning Tree Spanning Tree The Spanning Tree Protocol is used to monitor a LAN for redundant connections. These are blocked and reactivated when necessary if there are changes to the network topology. This section describes the commands of the Spanning Tree Protocol (STP), the Rapid Spanning Tree Protocol (RSTP) and the Multiple Spanning Tree Protocol (MSTP).
Page 219: Show Spanning-Tree Active
Network structures 6.3 Spanning Tree Result The settings for the spanning tree function are displayed. Further notes You can show further settings for special aspects of the Spanning Tree Protocol with the following commands: ● show spanning-tree active ● show spanning-tree bridge ●...
Page 220: Show Spanning-Tree Bridge
Network structures 6.3 Spanning Tree 6.3.1.3 show spanning-tree bridge Description This command shows the settings of the spanning tree function of the bridge. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 221: Show Spanning-Tree Interface
Network structures 6.3 Spanning Tree The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show spanning-tree detail Result The detailed settings for the spanning tree function are displayed. 6.3.1.5 show spanning-tree interface Description This command shows the settings of the ports for the spanning tree function. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 222: Show Spanning-Tree Interface Layer2-Gateway-Port
Network structures 6.3 Spanning Tree Parameter Description Range of values / note Shows whether spanning-tree restricted-tcn restricted-tcn is enabled. Shows the status of the interface. state Shows the counters of the various stats BPDU transmissions. Shows detailed information about the detail spanning tree settings of the interface.
Page 223: Show Spanning-Tree Mst
Network structures 6.3 Spanning Tree Result The settings for Layer 2 Gateway Port (L2GP) are displayed. 6.3.1.7 show spanning-tree mst Description This command shows various settings of the spanning tree configuration specific to a Common Internal Spanning Tree (CIST) instance or a selected instance of the Multiple Spanning Tree Protocol.
Page 224: Show Spanning-Tree Mst Interface
Network structures 6.3 Spanning Tree Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show spanning-tree mst configuration Result The settings of an instance of the Multiple Spanning Tree protocol are displayed. Further notes You display the general settings for the Spanning Tree Protocol with the show spanning- tree command.
Page 225: Show Spanning-Tree Passive-Listening-Compatibility
Network structures 6.3 Spanning Tree The parameters have the following meaning: Parameter Description Range of values / note Number of the instance or range of in‐ ● 1 ... 64 instance-id stances whose settings are displayed ● 4094 Type or speed of the interface Enter a valid interface interface-type Module no.
Page 226: Show Spanning-Tree Root
Network structures 6.3 Spanning Tree Result The setting for the "Enhanced Passive Listening Compatibility" function is displayed. Further notes You enable the "Enhanced Passive Listening Compatibility" function with the spanning- tree passive-listening-compatibility command. You disable the "Enhanced Passive Listening Compatibility" function with the no spanning- tree passive-listening-compatibility command.
Page 227: Clear Spanning-Tree Detected Protocols
Network structures 6.3 Spanning Tree 6.3.2 clear spanning-tree detected protocols Description With this command, you restart the protocol transmission process on a specific or on all interfaces and force renegotiation of the connection settings with the neighboring devices. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax...
Page 228: Commands In The Global Configuration Mode
Network structures 6.3 Spanning Tree The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: clear spanning-tree counters Result The spanning tree counters are reset. 6.3.4 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.
Page 229: No Spanning-Tree
Network structures 6.3 Spanning Tree Result The spanning tree function is enabled. If you enable Spanning Tree, passive listening is disabled. Further notes The default setting of the function with PROFINET variants is "disabled". The default setting of the function with EtherNet/IP variants is "enabled". You disable the ring redundancy function with the no ring-redundancy command.
Page 230: Spanning-Tree Compatibility
Network structures 6.3 Spanning Tree You can display information about active ports with the show spanning-tree active command. 6.3.4.3 spanning-tree compatibility Description With this command, you configure the compatibility version of the protocol that will be used by the spanning tree function. Requirement You are in the Global Configuration mode.
Page 231: No Spanning-Tree Compatibility
Network structures 6.3 Spanning Tree 6.3.4.4 no spanning-tree compatibility Description With this command, you reset the compatibility version of the protocol of the spanning tree function to the default value. The default value is RST. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax...
Page 232: Spanning-Tree Mst Instance-Id Root
Network structures 6.3 Spanning Tree Syntax Call the command without parameters: spanning-tree mst configuration Result You are now in the MSTP configuration mode. The command prompt is as follows: cli(config-mst)# Further notes You exit the MSTP configuration mode with the end or exit command. 6.3.4.6 spanning-tree mst instance-id root Description...
Page 233: No Spanning-Tree Mst Instance-Id Root
Network structures 6.3 Spanning Tree Parameter Description Range of values / note The priority of the device is set to a low value so that the The priority is set to the val‐ primary device can become the root bridge (primary) of the Span‐ ue 24576.
Page 234: Spanning-Tree Mst Max-Hops
Network structures 6.3 Spanning Tree Result The "root bridge" function is disabled. Further notes You enable the root bridge function with the spanning-tree mst instance-id root command. You display this setting and other information with the commands that start with show spanning tree ..
Page 235: No Spanning-Tree Mst Max-Hops
Network structures 6.3 Spanning Tree 6.3.4.9 no spanning-tree mst max-hops Description With this command, you reset the maximum number of hops that a path in an MST can run through to the default value. The default value is 20. Requirement You are in the Global configuration mode.
Page 236: No Spanning-Tree Priority
Network structures 6.3 Spanning Tree Syntax Call up the command with the following parameters: spanning-tree[mst <instance-id(1-64)>] priority <value(0-61440)> The parameters have the following meaning: Parameter Description Range of values / note Keyword for a Multiple Spanning Tree instance Number of the instance 1 ...
Page 237: Spanning-Tree Passive-Listening-Compatibility
Network structures 6.3 Spanning Tree The parameters have the following meaning: Parameter Description Range of values / note Keyword for a Multiple Spanning Tree instance Number of the instance 1 ... 64 instance-id Result The priority of the device is reset to the default value. Further notes You configure the setting with the spanning-tree priority command.
Page 238: No Spanning-Tree Passive-Listening-Compatibility
Network structures 6.3 Spanning Tree You can display the status of this function with the show spanning-tree passive- listening-compatibilitycommand. 6.3.4.13 no spanning-tree passive-listening-compatibility Description With this command you disable the "Enhanced Passive Listening Compatibility" function. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax...
Page 239: Time Settings For The Spanning Tree Protocol
Network structures 6.3 Spanning Tree 6.3.4.14 Time settings for the Spanning Tree protocol spanning-tree (time settings) Description With this command, you configure the various time settings of the spanning tree function: ● With the forward-time option, you configure the time after which a port changes its spanning tree status from "Blocking"...
Page 240 Network structures 6.3 Spanning Tree Note Dependencies when setting the timing If you specify the time settings for spanning tree, you need to keep to the following two rules: ● 2 * (forward-time - 1) ≥ max-age ● max-age ≥ 2 * (hello-time + 1) Result The selected setting for the time is configured.
Page 241: Commands In The Interface Configuration Mode
Network structures 6.3 Spanning Tree The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no spanning-tree{forward-time|hello-time|max-age} The parameters have the following meaning: Parameter Description Time after which a port changes its spanning tree status from "Blocking" to forward-time "Forwarding"...
Page 242: Spanning-Tree
Network structures 6.3 Spanning Tree 6.3.5.1 spanning-tree Description With this command, you configure the various properties of the spanning tree function: ● With the cost option, you configure the port costs used to calculate the lowest-cost path. ● With the disable option, you disable the interface for the spanning tree function. ●...
Page 243: No Spanning-Tree
Network structures 6.3 Spanning Tree Parameter Description Range of values / note Connection status of the following net‐ ● point-to-point link-type work segment ● shared Default: ● point-to-point The connection is configured as full-duplex ● shared in all other cases Enables the PortFast function portfast Default: disabled...
Page 244 Network structures 6.3 Spanning Tree Parameter Default value ● point-to-point link-type The connection is configured as full-duplex ● shared in all other cases disabled portfast port-priority Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters:...
Page 245: Spanning-Tree Auto-Edge
Network structures 6.3 Spanning Tree 6.3.5.3 spanning-tree auto-edge Description With this command, you enable automatic discovery of a bridge connected to the interface. Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: spanning-tree auto-edge Result The automatic discovery of a bridge on the interface is enabled.
Page 246: Spanning-Tree Bpdu-Transmit
Network structures 6.3 Spanning Tree Result The automatic discovery of a bridge on the interface is disabled. Further notes The automatic discovery of a bridge on the interface is enabled with the spanning-tree auto-edge command. 6.3.5.5 spanning-tree bpdu-transmit Description With this command, you enable or disable the BPDU transmit status at the port. Requirement You are in the Interface Configuration mode.
Page 247: Spanning-Tree Bpdu-Receive
Network structures 6.3 Spanning Tree 6.3.5.6 spanning-tree bpdu-receive Description With this command, you enable or disable the BPDU receive status at the port. Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: spanning-tree bpdu-receive{enabled|disabled} The parameters have the following meaning: Parameter...
Page 248: Spanning-Tree Layer2-Gateway-Port
Network structures 6.3 Spanning Tree Syntax Call up the command with the following parameters: spanning-tree bpdufilter{disable|enable} The parameters have the following meaning: Parameter Description Range of values / note The transfer of BPDU packets is disa‐ Default: disabled disable bled for the port The transfer of BPDU packets is ena‐...
Page 249: No Spanning-Tree Layer2-Gateway-Port
Network structures 6.3 Spanning Tree 6.3.5.9 no spanning-tree layer2-gateway-port Description With this command, you delete the configuration of the port as a layer 2 gateway port. Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters:...
Page 250: No Spanning-Tree Loop-Guard
Network structures 6.3 Spanning Tree Syntax Call the command without parameters: spanning-tree loop-guard Result The "Spanning Tree Loop Guard" function is enabled. Further notes You disable the setting with the no spanning-tree loop-guard command. You can display the status of this function and other information with the following commands: ●...
Page 251: Spanning-Tree Mst
Network structures 6.3 Spanning Tree You can display the status of this function and other information with the following commands: ● show spanning-tree detail ● show spanning-tree active detail ● show spanning-tree interface 6.3.5.12 spanning-tree mst Description With this command, you configure the various properties of the Multiple Spanning Tree function: ●...
Page 252: No Spanning-Tree Mst
Network structures 6.3 Spanning Tree Note Configure multiple properties With each call of the command, you can configure precisely one property. If you want to configure several properties, call the command several times. Result The selected property is configured. Further notes You can reset the setting to the default with the no spanning-tree mst (properties) command.
Page 253: Spanning-Tree Mst Hello-Time
Network structures 6.3 Spanning Tree The parameters have the following meaning: Parameter Description Range of values / note Number of the addressed instance 1 ... 64 instance-id Keyword for the costs of the port for cal‐ cost culating the lowest-cost path. Keyword for the priority of the interface port-priority Enables the interface for multiple span‐...
Page 254: No Spanning-Tree Mst Hello-Time
Network structures 6.3 Spanning Tree The parameter has the following meaning: Parameter Description Range of values / note Time after which the bridge sends its 1 ... 2 seconds configuration frames (BPDUs) Default: 2 Result The setting for the hello time is configured. Further notes You can reset the setting for the hello time to the default with the no spanning-tree mst hello-time command.
Page 255: Spanning-Tree Mst Pseudorootid
Network structures 6.3 Spanning Tree You display this setting and other information with the commands that start with show spanning tree ..6.3.5.16 spanning-tree mst PseudoRootId Description With this command, you configure a pseudoroot MAC address and the priority for a spanning tree configuration.
Page 256: No Spanning-Tree Mst Pseudorootid
Network structures 6.3 Spanning Tree Further notes You can reset the settings to the default values with the no spanning-tree mst pseudoRootIdcommand. You display this setting and other information with the commands that start with show spanning tree ..6.3.5.17 no spanning-tree mst PseudoRootId Description With this command, you reset a pseudoroot MAC address and the priority of the spanning tree...
Page 257: Spanning-Tree Restricted-Role
Network structures 6.3 Spanning Tree 6.3.5.18 spanning-tree restricted-role Description With this command, you prevent the port adopting the role of root port. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: spanning-tree restricted-role As default the function is "disabled".
Page 258: Spanning-Tree Restricted-Tcn
Network structures 6.3 Spanning Tree no spanning-tree restricted-role Result The port is released for the role of root port. Further notes You prevent the port adopting the role of the root port with the spanning-tree restricted-role command. 6.3.5.20 spanning-tree restricted-tcn Description With this command, you restrict the port for the Topology Change Notification (TCN) function.
Page 259: Commands In The Mstp Configuration Mode
Network structures 6.3 Spanning Tree Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: no spanning-tree restricted-tcn Result The port is released for the TCN function. Further notes You restrict the port for the TCN function with the spanning-tree restricted-tcn command.
Page 260: No Instance
Network structures 6.3 Spanning Tree Syntax Call up the command with the following parameters: instance <instance-id(1-64)> vlan <vlan-range> The parameters have the following meaning: Parameter Description Range of values / note Number of the instance 1 ... 64 instance-id You can define up to 16 MSTP in‐ stances.
Page 261: Name
Network structures 6.3 Spanning Tree no instance <instance-id (1-64)> [vlan <vlan-range>] The parameters have the following meaning: Parameter Description Range of values / note Number of the MST instance 1 ... 64 instance-id Keyword for a VLAN connection vlan Range of VLANs that will be deleted 1 ...
Page 262: No Name
Network structures 6.3 Spanning Tree Result The name is configured. Further notes You delete the name of the MST region with the no namecommand. You display this setting and other information with the show spanning tree mst configuration command. 6.3.6.4 no name Description With this command, you reset the name for the MST region to the default value.
Page 263: Revision
Network structures 6.3 Spanning Tree 6.3.6.5 revision Description With this command, you assign a revision number to the MST region. Requirement You are in the MSTP Configuration mode. The command prompt is as follows: cli(config-mst)# Syntax Call up the command with the following parameters: revision <revision-no(0-65535)>...
Page 264: Configuration Command
Network structures 6.3 Spanning Tree cli(config-mst)# Syntax Call the command without parameters: no revision Result The revision number of the MST region is reset to the default value. Further notes You assign a revision number to the MST region with the revision command. You display this setting and other information with the show spanning tree mst configuration command.
Page 265: Passive Listening
Network structures 6.4 Passive Listening Passive Listening This section describes commands of the passive listening function. If you enable passive listening, the IE switch forwards (R)STP configuration frames (BPDUs) transparently even when (R)STP is disabled for it. The IE switch also reacts to topology change frames.
Page 266: Passive-Listening Bpdu-Vlan-Flood
Network structures 6.4 Passive Listening 6.4.2.1 passive-listening bpdu-vlan-flood Description With this command you enable forwarding of BPDUs for specific VLANs; in other words to all ports that are members of a VLAN. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax...
Page 267: Passive-Listening
Network structures 6.4 Passive Listening Syntax Call the command without parameters: no passive-listening bpdu-vlan-flood Result BPDUs are flooded to all available ports. Further notes You enable this function with the passive-listening bpdu-vlan-flood command. You display the status of "passive listening" with the show passive-listening command. 6.4.2.3 passive-listening Description...
Page 268: No Passive-Listening
Network structures 6.4 Passive Listening 6.4.2.4 no passive-listening Description This command disables "passive listening". Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no passive-listening Result The "passive listening" function is disabled. Further notes You enable "passive listening"...
Page 269: Network Protocols
Network protocols This part contains the sections that describe the commands for working with the various network protocols. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 270: Ipv4 Protocol
Network protocols 7.1 IPv4 protocol IPv4 protocol This section describes commands of the Internet Protocol (IP) version 4. 7.1.1 The "show" commands This section describes commands with which you display various settings. 7.1.1.1 show ip gateway Description This command shows the default gateway configured for the device. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 271: Show Dcp Server
Network protocols 7.1 IPv4 protocol Syntax Call the command without parameters: show ip telnet Result The admin status and the port number of the Telnet server are displayed. 7.1.1.3 show dcp server Description This command shows whether or not the DCP function is enabled on the device. If the DCP function is enabled, the read and write permissions are displayed.
Page 272: Commands In The Global Configuration Mode
Network protocols 7.1 IPv4 protocol Syntax Call up the command with the following parameters: show dcp forwarding [port<interface-type><interface-id>] The parameters have the following meaning: Parameter Description Range of values / note Keyword for a an interface description port Type or speed of the interface Enter a valid interface.
Page 273: No Ip Gateway
Network protocols 7.1 IPv4 protocol The parameter has the following meaning: Parameter Description Range of values Specifies the IP address of the gateway enter a valid IP address gateway Result The entry is configured. Further notes You delete the default gateway with the no ip gateway command. You show the default gateway with the show ip gateway command.
Page 274: Ip Echo-Reply
Network protocols 7.1 IPv4 protocol 7.1.2.3 ip echo-reply Description To check the availability of a network node, packets of the Internet Control Message Protocol (ICMP) can be sent to it. These packets of type 8 request the recipient to send a packet back to the sender (echo reply).
Page 275: Telnet-Server
Network protocols 7.1 IPv4 protocol no ip echo-reply Result "ICMP echo reply messages" are disabled. The network node does not react to ping queries. Further notes You change the setting with the ip echo-reply command. 7.1.2.5 telnet-server Description With this command, you enable the Telnet server. Requirement You are in the Global configuration mode.
Page 276: Dcp Server
Network protocols 7.1 IPv4 protocol Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no telnet-server Result The Telnet server is disabled. Further notes You enable the Telnet server with the telnet-server command. 7.1.2.7 dcp server Description...
Page 277: No Dcp Server
Network protocols 7.1 IPv4 protocol Result The read and write permissions for the DPC server are configured. The DCP server is enabled. Further notes You disable the DCP server with the no dcp server command. 7.1.2.8 no dcp server Description With this command, you disable the DCP server.
Page 278: Dcp Forwarding
Network protocols 7.1 IPv4 protocol Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections. ● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
Page 279: Ip Address
Network protocols 7.1 IPv4 protocol 7.1.3.2 ip address Description With this command, you assign an IP address. Requirement You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)# Syntax Call up the command with the following parameters: ip address <ip-address>...
Page 280: No Ip Address
Network protocols 7.1 IPv4 protocol 7.1.3.3 no ip address Description With this command, you delete the assignment of an IP address and disable DHCP. Requirement You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)# Syntax Call up the command with the following parameters:...
Page 281: Ip Address Dhcp
Network protocols 7.1 IPv4 protocol 7.1.3.4 ip address dhcp Description With this command, the VLAN interface obtains the IP address via DHCP. Requirement You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)# Syntax Call the command without parameters: ip address dhcp Result...
Page 282: Dhcp Client
Network protocols 7.2 DHCP client DHCP client This section describes commands of the Dynamic Host Configuration Protocol (DHCP). 7.2.1 The "show" commands This section describes commands with which you display various settings. 7.2.1.1 show ip dhcp client stats Description With this command, you display the statistical counters of the DHCP client. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 283: Commands In The Global Configuration Mode
Network protocols 7.2 DHCP client Syntax Call the command without parameters: show ip dhcp client Result The configuration settings of the DHCP client are displayed. 7.2.2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.
Page 284: No Ip Dhcp Config-File-Request
Network protocols 7.2 DHCP client Further notes You disable the DHCP config file request option with the no ip dhcp config-file- request command. 7.2.2.2 no ip dhcp config-file-request Description With this command, you disable the DHCP config file request option. Requirement You are in the Global configuration mode.
Page 285: Commands In The Interface Configuration Mode
Network protocols 7.2 DHCP client Syntax Call up the command with the following parameters: ip dhcp client mode {mac|client-id<client-id>|sysname|pnio-name-of- station} The parameters have the following meaning: Parameter Description Range of values / note The client registers with its MAC ad‐ dress The client registers with the assigned ID - client-id...
Page 286: No Ip Address
Network protocols 7.2 DHCP client The command prompt is as follows: cli(config-vlan-$$$)# Syntax Call the command without parameter assignment: ip address dhcp Result The IP address is assigned using DHCP. Further notes You delete the setting with the no ip address command. 7.2.3.2 no ip address Description...
Page 287 Network protocols 7.2 DHCP client Result If DHCP was enabled on this interface, DHCP is now disabled. Any existing dynamically learned IP address will be automatically converted to a static IP address. If static IP addresses were configured and if no explicit IP address was transferred as a parameter, all static IP addresses will be deleted from this interface.
Page 288: Dhcp Server
Network protocols 7.3 DHCP server DHCP server You can operate the device as a DHCP server. This allows IP addresses to be assigned automatically to the connected devices. The IP addresses are either distributed dynamically from an address band (pool) you have specified or a specific IP address is assigned to a particular device.
Page 289: Show Ip Dhcp-Server Pools
Network protocols 7.3 DHCP server Result The information is displayed. 7.3.1.2 show ip dhcp-server pools Description The command shows the DHCP server configuration of a specific IPv4 address band or all IPv4 address bands. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 290: Ip Dhcp-Server
Network protocols 7.3 DHCP server 7.3.2.1 ip dhcp-server Description With this command, you enable the DHCP server on the device. Note To avoid conflicts with IPv4 addresses, only one device may be configured as a DHCP server in the network. Requirement You are in the Global Configuration mode.
Page 291: Ip Dhcp-Server Icmp-Probe
Network protocols 7.3 DHCP server Syntax Call the command without parameter assignment: no ip dhcp-server Result The DHCP server is disabled. Further notes You enable the DHCP server with the ip dhcp-server command. 7.3.2.3 ip dhcp-server icmp-probe Description With this command you enable the function "Probe address with ICMP echo before offer". The DHCP server checks whether or not the IPv4 address has already been assigned.
Page 292: No Ip Dhcp-Server Icmp-Probe
Network protocols 7.3 DHCP server 7.3.2.4 no ip dhcp-server icmp-probe Description With this command you disable the function "Probe address with ICMP echo before offer". Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: no ip dhcp-server icmp-probe...
Page 293: No Ip Dhcp-Server Pool
Network protocols 7.3 DHCP server Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: ip dhcp-server pool [{ <pool-id (1-24)> | [{ vlan <vlan-id (1-4094)> | <interface-type>...
Page 294: Commands In The Dhcppool Configuration Mode
Network protocols 7.3 DHCP server Requirement ● The IPv4 address band is not enabled. ● You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no ip dhcp-server pool <pool-id (1-24)> The parameter has the following meaning: Parameter Description...
Page 295: Network
Network protocols 7.3 DHCP server Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: lease-time <seconds (60-31536000)> The parameter has the following meaning: Parameter Description Range of values / note Time until renewal of the assigned 60 ...
Page 296: Option (Ip Address)
Network protocols 7.3 DHCP server cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: network <lower-IP> <upper-IP> { <subnet-mask> | / <prefix-length (1-32)> } The parameters have the following meaning: Parameter Description Range of values / note Start of the IPv4 address band Enter a valid IPv4 address.
Page 297: Option Value-String
Network protocols 7.3 DHCP server Syntax Call up the command with the following parameters: option <option-code> { <ip-address-list> | int-ip } The parameters have the following meaning: Parameter Description Range of values / note Code of the DHCP option ● 3 - Default gateway option- code ●...
Page 298: No Option
Network protocols 7.3 DHCP server cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: option <option-code> value-string <dhcp-param> The parameters have the following meaning: Parameter Description Range of values / note Code of the DHCP option ● 12 - Host name option- code ●...
Page 299: Pool-Enable
Network protocols 7.3 DHCP server The parameter has the following meaning: Parameter Description Range of values / note Code of the DHCP option Enter a valid DHCP option code. option-code Result The specified DHCP option is deleted. Further notes You configure the DHCP options 12, 66 and 67 with the option value-string command. You configure the DHCP options 3 and 6 with the option command.
Page 300: No Pool-Enable
Network protocols 7.3 DHCP server Further notes You display the setting with the show ip dhcp-server pools command. You disable the setting with the no pool-enable command. 7.3.3.7 no pool-enable Description With this command you specify that this IPv4 address band will not be used. Note Deleting DHCP server bindings If you disable or delete an IPv4 address band or you switch the DHCP server off and on again,...
Page 301: No Ports
Network protocols 7.3 DHCP server After you have created an IPv4 address band, all ports are selected that are currently located in the corresponding VLAN. If you add ports to the VLAN later, these ports are not automatically enabled. With address assignments via a relay agent, you cannot restrict the ports. Requirement You are in the DHCPPOOL configuration mode.
Page 302: Relay-Information
Network protocols 7.3 DHCP server Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: no ports [<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a- b, 0/c, ...>] [all] The parameters have the following meaning: Parameter Description...
Page 303: No Relay-Information
Network protocols 7.3 DHCP server cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: relay-information <remote-id> <circuit-id> The parameters have the following meaning: Parameter Description Range of values / note Remote ID of the device Enter the remote ID of the de‐ remote-id vice.
Page 304: Set-Interface
Network protocols 7.3 DHCP server The parameters have the following meaning: Parameter Description Range of values / note Remote ID of the device Enter the remote ID of the de‐ remote-id vice. Circuit ID of the device. Enter the circuit ID of the device. circuit-id Result The assignment is canceled.
Page 305: Static-Lease
Network protocols 7.3 DHCP server set-interface {vlan <vlan-id (1-4094)> | <interface-type> <interface- id> } The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection. vlan Number of the 1 ... 4094 vlan-id addressed VLAN Type or speed of the interface Enter a valid interface...
Page 306: No Static-Lease
Network protocols 7.3 DHCP server The parameters have the following meaning: Parameter Description Range of values / note Keyword for a MAC address Unicast MAC address Specify the MAC address. mac-address aa:bb:cc:dd:ee:ff Keyword for a DHCP client ID client-id Freely definable DHCP client ID Enter the required designation.
Page 307 Network protocols 7.3 DHCP server The parameter has the following meaning: Parameter Description Range of values / note Keyword for a MAC address Unicast MAC address Specify the MAC address. mac-address aa:bb:cc:dd:ee:ff Keyword for a DHCP client-id client ID Freely definable Enter the required designation.
Page 308: Dhcp Relay
Network protocols 7.4 DHCP Relay DHCP Relay This section describes commands for the DHCP Relay Agent. 7.4.1 The "show" commands This section describes commands with which you display various settings. 7.4.1.1 show dhcp server Description With this command, you display the IP addresses of the DHCP servers to which the device forwards the frames.
Page 309: Commands In The Global Configuration Mode
Network protocols 7.4 DHCP Relay Requirement You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode. The command prompt is as follows: cli> or cli# Syntax Call up the command with the following parameters: show ip dhcp relay information [vlan <vlan-id>] The parameter has the following meaning: Parameter...
Page 310: No Ip Dhcp Server
Network protocols 7.4 DHCP Relay Requirement ● You are in the Global configuration mode. The command prompt is: cli(config)# Syntax Call up the command with the following parameters: ip dhcp server <ip address> The parameter has the following meaning: Parameter Description Range of values / note IPv4 address of the DHCP server...
Page 311: Ip Dhcp Relay Circuit-Id Option
Network protocols 7.4 DHCP Relay The parameter has the following meaning: Parameter Description Range of values / note IP address of the DHCP server Enter the IP address to be deleted. ip address For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 312: Ip Dhcp Relay Information Option
Network protocols 7.4 DHCP Relay The parameters have the following meaning: Parameter Description Range of values / note The router index is added to the Circuit Default setting router-index The VLAN ID is added to the Circuit ID. - vlanid The Circuit ID is added to the receiving recv-prot port.
Page 313: No Ip Dhcp Relay Information Option
Network protocols 7.4 DHCP Relay Further notes You disable the option with the no ip dhcp relay information option command. You enable the DHCP Relay Agent with the service dhcp-relay command. You configure the content of the information with the ip dhcp relay circuit-id option command.
Page 314: No Ip Dhcp Relay Common-Agent-Address
Network protocols 7.4 DHCP Relay Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: ip dhcp relay common-agent-address Result The relay agent uses a common agent address in DHCP requests. Further notes You disable the use of a common agent address with the no ip dhcp relay common- agent-address command.
Page 315: Ip Dhcp Relay Common-Agent-Address-Interface
Network protocols 7.4 DHCP Relay Result The relay agent uses the address of the receiving port in DHCP requests. Further notes You enable the use of a common agent address with the ip dhcp relay common-agent- address command. You define a common agent address with the ip dhcp relay common-agent-address- interface command.
Page 316: No Ip Dhcp Relay Common-Agent-Address-Interface
Network protocols 7.4 DHCP Relay Further notes You reset the common agent address to the default value with the no ip dhcp relay common-agent-address-interface command. You enable the use of a common agent address with the ip dhcp relay common-agent- address command.
Page 317: No Service Dhcp-Relay
Network protocols 7.4 DHCP Relay Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: service dhcp-relay Result The DHCP Relay Agent is activated. Further notes You disable the DHCP Relay Agent with the no service dhcp-relay command. You create the IP addresses of the DHCP server with the ip dhcp server command.
Page 318: Commands In The Interface Configuration Mode
Network protocols 7.4 DHCP Relay Further notes You enable the DHCP Relay Agent with the service dhcp-relay command. You can display the status of this function and other information with the show ip dhcp relay informationcommand. 7.4.3 Commands in the Interface Configuration mode This section describes commands that you can call up in the Interface Configuration mode of VLAN.
Page 319: No Ip Dhcp Relay Circuit-Id
Network protocols 7.4 DHCP Relay Result The Circuit ID is assigned. Further notes You remove the Circuit ID with the no ip dhcp relay circuit-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command. 7.4.3.2 no ip dhcp relay circuit-id Description...
Page 320: No Ip Dhcp Relay Remote-Id
Network protocols 7.4 DHCP Relay Requirement ● The interface is an IP interface. ● You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$)# Syntax Call up the command with the following parameters: ip dhcp relay remote-id <remote-id name> The parameter has the following meaning: Parameter Description...
Page 321 Network protocols 7.4 DHCP Relay Result The device ID is removed. Further notes You configure the device ID with the ip dhcp relay remote-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 322: Snmp
Network protocols 7.5 SNMP SNMP This section describes commands of the Simple Network Management Protocol (SNMP). Example of a configuration IP configuration IP address setting of the device suitable for the SNMP trap recipient used. Execute the following commands: configure terminal int vlan 1 no ip address ip address 192.168.1.1 255.255.255.0...
Page 323: The "Show" Commands
Network protocols 7.5 SNMP With RMOB events. the SNMP notifications to be called must be configured explicitly, see section "RMON (Page 576)". 7.5.1 The "show" commands This section describes commands with which you display various settings. 7.5.1.1 show snmp Description This command shows the status information of SNMP.
Page 324: Show Snmp Engineid
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp community Result The details of the configured SNMP communities are displayed. 7.5.1.3 show snmp engineID Description This command shows the SNMP identification number of the device. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 325: Show Snmp Group
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp filter Result The configured SNMP filters are displayed. 7.5.1.5 show snmp group Description This command shows the configured SNMP groups. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 326: Show Snmp Inform Statistics
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp group access Result The rights of the configured SNMP groups are displayed. 7.5.1.7 show snmp inform statistics Description This command shows the statistics of the Inform Messages. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 327: Show Snmp Targetaddr
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp notif Result The configured SNMP notification types are displayed. 7.5.1.9 show snmp targetaddr Description This command shows the configured SNMP target addresses. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 328: Show Snmp Tcp
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp targetparam Result The configured SNMP target parameters are displayed. 7.5.1.11 show snmp tcp Description This command shows the configuration for SNMP via TCP. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 329: Show Snmp Viewtree
Network protocols 7.5 SNMP Syntax Call the command without parameters: show snmp user Result The settings for the SNMP user are displayed. 7.5.1.13 show snmp viewtree Description This command shows the settings for the SNMP tree view. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 330: Snmpagent
Network protocols 7.5 SNMP 7.5.2.1 snmpagent Description With this command, you enable the SNMP agent function. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: snmpagent Result The SNMP agent function is enabled. Further notes You disable the SNMP agent function with theno snmpagent command.
Page 331: Snmp Agent Version
Network protocols 7.5 SNMP Result The SNMP agent function is disabled. Further notes You enable the SNMP agent function with the snmpagent command. 7.5.2.3 snmp agent version Description With this command, you configure whether all SNMP queries or only SNMPv3 queries are processed.
Page 332 Network protocols 7.5 SNMP The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: snmp access <GroupName> {v1|v2c|v3 {auth|noauth|priv}} [read <ReadView|none>][write <WriteView|none>][notify <NotifyView| none>] [{volatile|nonvolatile}] The parameters have the following meaning: Parameter Description Range of values / note Name of the group to which access is max.
Page 333: No Snmp Access
Network protocols 7.5 SNMP Further notes You delete the access to an SNMP group with the no snmp access command. You display the configured SNMP groups with the show snmp group command. You display the access configurations for SNMP groups with the show snmp group access command.
Page 334: Snmp Community Index
Network protocols 7.5 SNMP You display the configured SNMP groups with the show snmp group command. You display the access configurations for SNMP groups with the show snmp group access command. You display the configured SNMP tree views with the show snmp viewtree command. 7.5.2.6 snmp community index Description...
Page 335: No Snmp Community Index
Network protocols 7.5 SNMP If optional parameters are not specified when configuring a community, the default values apply. Note Community string For security reasons, do not use the standard values "public" or "private". Change the community strings following the initial installation. The recommended minimum length for community strings is 6 characters.
Page 336: Snmp Engineid Migrate
Network protocols 7.5 SNMP Result The details of an SNMP community are deleted. Further notes You configure the details of an SNMP community with the snmp community index command. You show the details of an SNMP community with the show snmp community command. You show the status information of the SNMP communication with the show snmp command.
Page 337: Snmp Group
Network protocols 7.5 SNMP If the function is disabled, a device-specific SNMP engine ID is generated. To generate the ID, the agent MAC address of the device is used. You cannot transfer this SNMP user configuration to other devices. If you load the configuration of the device on another device, all configured SNMPv3 users are deleted.
Page 338: No Snmp Group
Network protocols 7.5 SNMP The parameters have the following meaning: Parameter Description Range of values / note Name of the group max. 32 characters GroupName Keyword for the user name user Name of the user max. 32 characters UserName Specifies which security settings will be ●...
Page 339: Snmp Notify
Network protocols 7.5 SNMP The parameters have the following meaning: Parameter Description Range of values / note Name of the group max. 32 characters GroupName Keyword for the user name user Name of the user max. 32 characters UserName Specifies which security settings are ●...
Page 340: No Snmp Notify
Network protocols 7.5 SNMP Parameter Description Range of values / note Type of the SNMP notification ● Trap Type Generates a trap. ● Inform Generates a log entry or sends an entry to the log server. Storage type Specifies whether the settings remain ●...
Page 341: Snmp Targetaddr
Network protocols 7.5 SNMP Result The details of the SNMP notifications are deleted. Further notes You change the details of an SNMP group with the snmp notify command. You display the configured SNMP notifications with the show snmp notif command. You display the configured SNMP target addresses with the show snmp targetaddr command.
Page 342 Network protocols 7.5 SNMP Parameter Description Range of values Time in seconds 1 ... 1500 Seconds Keyword for the maximum number of retries attempts to obtain a response to an inform request message Number of attempts 1 ... 3 RetryCount Keyword for tag list taglist Tag identifier that selects the target...
Page 343: No Snmp Targetaddr
Network protocols 7.5 SNMP 7.5.2.15 no snmp targetaddr Description With this command, you delete the SNMP target address. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no snmp targetaddr <TargetAddressName>...
Page 344 Network protocols 7.5 SNMP Syntax Call up the command with the following parameters: snmp targetparams <ParamName> user <UserName> security-model {v1|v2c|v3 {auth|noauth|priv}} message-processing {v1|v2c|v3}[{volatile|nonvolatile}] The parameters have the following meaning: Parameter Description Range of values / note Name of the SNMP parameter max.
Page 345: No Snmp Targetparams
Network protocols 7.5 SNMP Further notes You delete the SNMP target parameters with the no snmp targetparams command. You display settings of this function with the show snmp targetparam command. You configure the user profile with the snmp user command. You display the list of users with the show snmp user command.
Page 346: No Snmp V1-V2 Readonly
Network protocols 7.5 SNMP Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: snmp v1-v2 readonly Result Write access for SNMPv1 and SNMPv2 PDUs is blocked. Further notes You release write access for SNMPv1 and SNMPv2 PDUs with the no snmp v1-v2 readonly command.
Page 347: Snmp User
Network protocols 7.5 SNMP 7.5.2.20 snmp user Description With this command, you configure the details of an SNMP user. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: snmp user <UserName>...
Page 348: No Snmp User
Network protocols 7.5 SNMP Result The details of the SNMP user are configured. Further notes You delete the settings with the no snmp user command. You display the configured users with the show snmp user command. 7.5.2.21 no snmp user Description With this command, you delete the details of an SNMP user.
Page 349 Network protocols 7.5 SNMP Requirement ● An SNMP group has been created ● The access to the group is configured with snmp access ● You are in the Global Configuration mode. The command prompt is: cli(config)# Syntax Call up the command with the following parameters: snmp view <ViewName>...
Page 350: No Snmp View
Network protocols 7.5 SNMP 7.5.2.23 no snmp view Description With this command, you delete an SNMP view. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no snmp view <ViewName>...
Page 351: Smtp Client
Network protocols 7.6 SMTP client SMTP client This section describes commands of the Simple Mail Transfer Protocol (SMTP). 7.6.1 The "show" commands This section describes commands with which you display various settings. 7.6.1.1 show events smtp-server Description This command shows the configured e-mail servers. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 352: Show Events Smtp-Port
Network protocols 7.6 SMTP client Syntax Call the command without parameters: show events sender email Result The configured e-mail sender address is displayed. 7.6.1.3 show events smtp-port Description This command shows the configured SNMP port. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 353: Smtp-Server
Network protocols 7.6 SMTP client 7.6.2.1 smtp-server Description With this command, you configure an entry for an SMTP server. Requirement You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)# Syntax Call up the command with the following parameters: smtp-server {ipv4 <ucast_addr>} <receiver mail-address>...
Page 354: Sender Mail-Address
Network protocols 7.6 SMTP client cli(config-events)# Syntax Call up the command with the following parameters: no smtp-server ipv4 <ucast_addr> The parameter has the following meaning: Parameter Description Range of values Keyword for an IPv4 address ipv4 Value for an IPv4 address Enter a valid IPv4 address.
Page 355: No Sender Mail-Address
Network protocols 7.6 SMTP client Result The e-mail name of the sender is configured. Further notes You reset the e-mail name of the sender with the no sender mail-address. You display the setting with the show events sender email command. 7.6.2.4 no sender mail-address Description...
Page 356: Smtp-Port
Network protocols 7.6 SMTP client The command prompt is as follows: cli(config-events)# Syntax Call the command without parameters: send test mail Result An e-mail according to the currently configured SMTP settings is sent. Further notes You can display the current SMTP settings with the show events smtp-server command. 7.6.2.6 smtp-port Description...
Page 357: No Smtp-Port
Network protocols 7.6 SMTP client Further notes You can reset the setting to the default with the no smtp-port command. You display the setting with the show smtp-port command. 7.6.2.7 no smtp-port Description With this command, you reset the SMTP port to the default. The default value is 25.
Page 358: Http Server
Network protocols 7.7 HTTP server HTTP server This section describes commands of the Hypertext Transfer Protocol (HTTP). 7.7.1 The "show" commands This section describes commands with which you display various settings. 7.7.1.1 show ip http server status Description This command shows the status of the HTTP server. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 359: Ip Http
Network protocols 7.7 HTTP server 7.7.2.1 ip http Description With this command, you enable HTTP on the device. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: ip http As default the function is "enabled".
Page 360 Network protocols 7.7 HTTP server no ip http Result HTTP is disabled on the device. Further notes You can display the setting of this function and other information with the show ip http server statuscommand. You enable HTTP with the ip http command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 361: Https Server
Network protocols 7.8 HTTPS server HTTPS server This section describes commands of the Hypertext Transfer Protocol Secure (HTTPS). 7.8.1 The "show" commands This section describes commands with which you display various settings. 7.8.1.1 show ip http secure server status Description This command shows the status of the HTTPS server.
Page 362 Network protocols 7.8 HTTPS server Syntax Call the command without parameters: show ssl server-cert Result The SSL server certificate is displayed. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 363: Arp
Network protocols 7.9 ARP This section describes commands of the Address Resolution Protocol (ARP). 7.9.1 The "show" commands This section describes commands with which you display various settings. 7.9.1.1 show ip arp Description With this command, you display the IP ARP table. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 364: Commands In The Global Configuration Mode
Network protocols 7.9 ARP Result The IP ARP table is displayed. 7.9.2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.
Page 365: No Arp Timeout
Network protocols 7.9 ARP You can display the status of this function and other information with the show ip arp command. 7.9.2.2 no arp timeout Description With this command, you reset the timeout setting of the ARP cache back to the default value. The default value for the timeout setting is 300 seconds.
Page 366: Ssh Server
Network protocols 7.10 SSH server 7.10 SSH server This section describes commands of the Secure Shell (SSH) Server. 7.10.1 The "show" commands This section describes commands with which you display various settings. 7.10.1.1 show ip ssh Description This command shows the settings of the SSH server. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 367: Ssh-Server
Network protocols 7.10 SSH server 7.10.2.1 ssh-server Description With this command, you enable the SSH protocol on the device. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: ssh-server As default the function is "enabled".
Page 368 Network protocols 7.10 SSH server Result The SSH protocol is disabled on the device. Further notes You enable the SSH protocol with the ssh-server command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 369: Layer 2 Management Protocols
Layer 2 management protocols In this part, you will find sections relating to the topics GARP, IGMP snooping and IGMP querying. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 370: Garp
Layer 2 management protocols 8.1 GARP GARP This section describes commands of the following protocols: ● GARP - Generic Attribute Registration Protocol ● GMRP - GARP Multicast Registration Protocol ● GVRP - GARP VLAN Registration Protocol 8.1.1 The "show" commands This section describes commands with which you display various settings.
Page 371: Commands In The Global Configuration Mode
Layer 2 management protocols 8.1 GARP The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show forward-unregistered Result The entries of the GMRP forward unregistered table are displayed. 8.1.2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 372: No Gmrp
Layer 2 management protocols 8.1 GARP Result In the Global configuration mode: The GMRP function is enabled on the device. In the Interface configuration mode: The GMRP function is enabled for this interface. Further notes You need to enable GMRP globally for this device before you enable GMRP for individual interfaces.
Page 373: Gvrp
Layer 2 management protocols 8.1 GARP You can display the status of this function and other information with the show vlan device info command. 8.1.2.3 gvrp Description With this command, you enable the GVRP function for all or individual interfaces on the device. Requirement You are in the Global configuration mode You are in the Interface configuration mode...
Page 374 Layer 2 management protocols 8.1 GARP Requirement You are in the Global configuration mode You are in the Interface configuration mode The command prompt is as follows: cli(config)# cli (config-if-$$$) # Syntax Call the command without parameters: no gvrp Result In the Global configuration mode: The GVRP function is disabled on the device.
Page 375: Igmp Snooping
Layer 2 management protocols 8.2 IGMP snooping IGMP snooping This section describes the snooping functionality of the Internet Group Management Protocol. 8.2.1 The "show" commands This section describes commands with which you display various settings. 8.2.1.1 show ip igmp snooping Description This command shows information about IGMP snooping for all or a selected VLAN.
Page 376: Show Ip Igmp Snooping Globals
Layer 2 management protocols 8.2 IGMP snooping Requirement ● IGMP snooping is enabled on the device ● You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is: cli> or cli# Syntax Call up the command with the following parameters: show ip igmp snooping forwarding-database [Vlan<vlan id>] The parameters have the following meaning: Parameter...
Page 377: Show Ip Igmp Snooping Groups
Layer 2 management protocols 8.2 IGMP snooping 8.2.1.4 show ip igmp snooping groups Description This command shows information about IGMP snooping for all or a selected VLAN. Requirement You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode.
Page 378: Show Ip Igmp Snooping Statistics
Layer 2 management protocols 8.2 IGMP snooping The command prompt is as follows: cli# Syntax Call up the command with the following parameters: show ip igmp snooping mrouter [Vlan <vlan index>] [detail] The parameters have the following meaning: Parameters Description Range of values Keyword for a VLAN or VLAN range Vlan...
Page 379: Show Ip Igmp Snooping Switch-Ip
Layer 2 management protocols 8.2 IGMP snooping Result The statistical information is displayed. 8.2.1.7 show ip igmp snooping switch-ip Description This command shows the IP address of the source for IGMP snooping. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 380: Ip Igmp Snooping Version
Layer 2 management protocols 8.2 IGMP snooping 8.2.2.1 ip igmp snooping version Description This command specifies which version of IGMP snooping the device will use. When shipped, the device uses IGMPv3. Note There is no separate show command to display the version of IGMP used by the device. This information is shown when you enter the show ip igmp snooping command in the User EXEC mode or in the Privileged EXEC mode.
Page 381: No Ip Igmp Vlan-Snooping
Layer 2 management protocols 8.2 IGMP snooping cli(config)# Syntax Call the command without parameters: ip igmp vlan-snooping Result IGMP snooping is enabled for all VLANs. Further notes You disable IGMP snooping with the no ip igmp vlan-snooping command. 8.2.2.3 no ip igmp vlan-snooping Description With this command, you disable IGMP snooping for all VLANs.
Page 382: Ip Igmp Snooping Clear Counters
Layer 2 management protocols 8.2 IGMP snooping 8.2.2.4 ip igmp snooping clear counters Description With this command, you delete the counters for all or a selected VLAN. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters:...
Page 383: Ip Igmp Snooping Port-Purge-Interval
Layer 2 management protocols 8.2 IGMP snooping Syntax Call up the command with the following parameters: ip igmp snooping switch-ip<switch-ipaddr> The parameter has the following meaning: Parameter Description Range of values / note Address of the source Specify a valid IP address. switch-ipaddr Default: 10.0.0.1 For information on names of addresses and interfaces, refer to the section "Addresses and...
Page 384: No Ip Igmp Snooping Port-Purge-Interval
Layer 2 management protocols 8.2 IGMP snooping Further notes You can reset the setting to the default with the no ip igmp snooping port-purge- interval command. You can display the status of this function and other information with the show ip igmp snooping globals command.
Page 385: Ip Igmp Snooping Static-Group
Layer 2 management protocols 8.2 IGMP snooping Commands relating to other topics that can be called in the VLAN Configuration mode can be found in the relevant sections. ● If you exit the VLAN Configuration mode with the exit command, you return to the Global Configuration mode.
Page 386: No Ip Igmp Snooping Static-Group
Layer 2 management protocols 8.2 IGMP snooping 8.2.3.2 no ip igmp snooping static-group Description With this command, you delete a static IGMP entry. Requirement You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)# Syntax Call up the command with the following parameters: no ip igmp snooping static-group <mcast_addr>...
Page 387: Igmp Querier
Layer 2 management protocols 8.3 IGMP querier IGMP querier This section describes the commands for the query functionality of the Internet Group Management Protocol (IGMP). 8.3.1 Commands in the Global Configuration mode This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.
Page 388: No Ip Igmp Snooping Querier
Layer 2 management protocols 8.3 IGMP querier 8.3.1.2 no ip igmp snooping querier Description With this command, you delete the configuration of an IGMP snooping switch as querier. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters:...
Page 389: Ring Redundancy And Standby Connection
Layer 2 management protocols 8.4 Ring redundancy and standby connection Ring redundancy and standby connection Note Avoiding bad configurations When using the commands in this section, you should take particular care because a bad configuration of this function can have serious negative affects on the network. Ring redundancy The ring redundancy function allows several devices to be interconnected in a ring structure.
Page 390: Clear Hrp Counters
Layer 2 management protocols 8.4 Ring redundancy and standby connection off. When the disturbed section is turned off, the redundancy manager can close the ring and restore communication. NOTICE Make sure that the frames used by Link Check for monitoring the optical connections are not supplanted by an overload of high priority frames in the network.
Page 391: Clear Standby Counter
Layer 2 management protocols 8.4 Ring redundancy and standby connection Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: clear ring-redundancy manager counters Result The counters are reset.
Page 392: Show Hrp Counters
Layer 2 management protocols 8.4 Ring redundancy and standby connection 8.4.4.1 show hrp counters Description With this command, you display the following information: ● How often the device as redundancy manager switched to the active status, i.e. opened its blocked port because it no longer receives its sent RM frames. ●...
Page 393: Show Ring-Redundancy
Layer 2 management protocols 8.4 Ring redundancy and standby connection Syntax Call the command without parameters: show linkcheck Result The current information is displayed. 8.4.4.3 show ring-redundancy Description With this command, you show the current configuration of the ring redundancy and standby functions.
Page 394: Commands In The Global Configuration Mode
Layer 2 management protocols 8.4 Ring redundancy and standby connection The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show ring-redundancy manager counters Result The counters are displayed. 8.4.5 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 395: Ring-Redundancy Hrpobserver
Layer 2 management protocols 8.4 Ring redundancy and standby connection The command prompt is as follows: cli(config-red)# Further notes You exit the Redundancy Configuration mode with the end or exit command. 8.4.5.2 ring-redundancy hrpobserver Description With this command, you enable the observer or restart it. The “observer”...
Page 396: No Ring-Redundancy Hrpobserver
Layer 2 management protocols 8.4 Ring redundancy and standby connection Further notes You disable the observer with the no ring-redundancy hrpobserver command. You can display the status of this function and other information with the show ring- redundancy command. 8.4.5.3 no ring-redundancy hrpobserver Description With this command, you disable the observer.
Page 397: No Ring-Redundancy
Layer 2 management protocols 8.4 Ring redundancy and standby connection cli(config)# Syntax Call up the command with the following parameters: ring-redundancy mode {ard | mrpauto | mrpclient | hrpclient | hrpmanager} The parameters have the following meaning: Parameter Description Range of values / note Enables the automatic redundancy mode ●...
Page 398: Ring-Redundancy Standby
Layer 2 management protocols 8.4 Ring redundancy and standby connection Syntax Call the command without parameters: no ring-redundancy Result The ring redundancy function is disabled. Further notes You enable the ring redundancy function with the ring-redundancy mode command. 8.4.5.6 ring-redundancy standby Description With this command, you enable the standby function.
Page 399: No Ring-Redundancy Standby
Layer 2 management protocols 8.4 Ring redundancy and standby connection 8.4.5.7 no ring-redundancy standby Description With this command, you disable the standby function. Requirement ● HRP is enabled ● You are in the Global configuration mode. The command prompt is: cli(config)# Syntax Call the command without parameters:...
Page 400: Linkcheck
Layer 2 management protocols 8.4 Ring redundancy and standby connection 8.4.6.1 linkcheck Description With this command, you enable the Link Check function on a ring port and you can reset the function. Note Enable Link Check on only one of two connection partners. This can lead to incorrect behavior. Note If Link Check is enabled on all devices of a ring at the same time, and several connections within the ring have problems, this leads to fragmentation of the ring.
Page 401: No Linkcheck
Layer 2 management protocols 8.4 Ring redundancy and standby connection The parameters have the following meaning: Parameter Description Range of values / note Type or speed of the interface Enter a valid interface. interface-type Module no. and port no. of the interface interface-id After resetting Link Check, the function When you use the reset param‐...
Page 402: Ring Ports
Layer 2 management protocols 8.4 Ring redundancy and standby connection The parameters have the following meaning: Parameter Description Range of values / note Type or speed of the interface Enter a valid interface. interface-type Module no. and port no. of the interface interface-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 403: Standby Connection-Name
Layer 2 management protocols 8.4 Ring redundancy and standby connection The parameters have the following meaning: Parameter Description Specifies the interface type for the first ring port interface-type Specifies the number of the interface for the first ring port interface-id Specifies the interface type for the second ring port interface-type Specifies the number of the interface for the second ring port...
Page 404: No Standby Connection-Name
Layer 2 management protocols 8.4 Ring redundancy and standby connection 8.4.6.5 no standby connection-name Description With this command, you delete the name of a standby connection. Requirement You are in the Redundancy Configuration mode. The command prompt is as follows: cli(config-red)# Syntax Call the command without parameters:...
Page 405: No Standby Force-Master
Layer 2 management protocols 8.4 Ring redundancy and standby connection Further notes You disable the setting with the no standby force-master command. You can display the status of this function and other information with the show ring- redundancycommand. 8.4.6.7 no standby force-master Description With this command, you disable the standby force-master function.
Page 406: No Standby Port
Layer 2 management protocols 8.4 Ring redundancy and standby connection Requirement ● The ports are disabled in spanning tree. ● You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)# Syntax Call up the command with the following parameters: standby port {<interface-type>...
Page 407: Standby Wait-For-Partner
Layer 2 management protocols 8.4 Ring redundancy and standby connection no standby port {<interface-type><interface-id>} The parameters have the following meaning: Parameter Description Range of values / note Type or speed of the interface Enter a valid interface. interface-type Module no. and port no. of the interface interface-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 408: No Standby Wait-For-Partner
Layer 2 management protocols 8.4 Ring redundancy and standby connection 8.4.6.11 no standby wait-for-partner Description With this command, you disable the "Wait for standby partner" function on the device. A standby connection is enabled even if the standby master has not yet established a connection to the standby slave.
Page 409: Unicast
Layer 2 management protocols 8.5 Unicast Unicast The commands in this section configure the procedures for handling Unicast frames. The commands allow the following: ● Filtering of Unicast frames ● Blocking of ports ● Automatic learning of Unicast ● Blocking unknown Unicast frames. With the "show"...
Page 410: Show Mac-Address-Table Dynamic Unicast
Layer 2 management protocols 8.5 Unicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN or VLAN range vlan Number of the addressed VLAN or 1 ... 4094 vlan-range VLAN range Enter the range limits with a hy‐ phen or a space.
Page 411: Show Mac-Address-Table Static Unicast
Layer 2 management protocols 8.5 Unicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-range Enter the range limits with a hy‐ phen without spaces.
Page 412: Show Unicast-Block Config
Layer 2 management protocols 8.5 Unicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-range Enter the range limits with a hy‐ phen without spaces.
Page 413: Commands In The Global Configuration Mode (Vlan Bridge)
Layer 2 management protocols 8.5 Unicast For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 36)". Result The unicast blocking settings for ports are displayed. 8.5.2 Commands in the global configuration mode (VLAN bridge) This section describes commands that you can call up in the Global configuration mode.
Page 414: No Mac-Address-Table Static Unicast
Layer 2 management protocols 8.5 Unicast Parameter Description Range of values / note Number of the addressed VLAN 1 ... 4094 vlan-id Keyword for a an interface description interface Type or speed of the interface Enter a valid interface. interface-type Module no.
Page 415: The "Show" Commands (Transparent Bridge)
Layer 2 management protocols 8.5 Unicast The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 416: Show Dot1D Mac-Address-Table Static Unicast
Layer 2 management protocols 8.5 Unicast The parameters have the following meaning: Parameter Description Range of values/note Keyword for a MAC address address MAC address Specify a valid MAC ad‐ aa:aa:aa:aa:aa:aa dress. Keyword for a an interface description interface Type or speed of the interface Enter a valid interface.
Page 417: Show Unicast-Block Config
Layer 2 management protocols 8.5 Unicast For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)". If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.
Page 418: Mac-Address-Table Static Unicast
Layer 2 management protocols 8.5 Unicast Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.
Page 419: No Mac-Address-Table Static Unicast
Layer 2 management protocols 8.5 Unicast Further notes With the show dot1d mac-address-table static unicast command, you display the list of configured entries. With the no mac-address-table static unicast command, you delete an entry. 8.5.4.2 no mac-address-table static unicast Description With this command, you delete a static unicast MAC address entry from the forwarding database.
Page 420: Multicast
Layer 2 management protocols 8.6 Multicast Multicast The commands in this section configure the procedures for handling Multicast frames. The commands allow the following: ● Configuration of groups ● IGMP ● Blocking unknown Multicast frames. With the "show" commands, you can display the configuration data. With the following commands, note which "Base bridge mode"...
Page 421: Show Mac-Address-Table Dynamic Multicast
Layer 2 management protocols 8.6 Multicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN or VLAN range vlan Number of the addressed VLAN or 1 ... 4094 vlan-range VLAN range Enter the range limits with a hy‐ phen or a space.
Page 422: Show Mac-Address-Table Static Multicast
Layer 2 management protocols 8.6 Multicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-range Enter the range limits with a hy‐ phen without spaces.
Page 423: Show Multicast-Block Config
Layer 2 management protocols 8.6 Multicast The parameters have the following meaning: Parameter Description Range of values / note Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-range Enter the range limits with a hy‐ phen without spaces.
Page 424: Commands In The Global Configuration Mode (Vlan Bridge)
Layer 2 management protocols 8.6 Multicast For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)". If no parameters are specified, the settings for all ports are displayed. Result The multicast blocking settings for ports are displayed. 8.6.2 Commands in the global configuration mode (VLAN bridge) This section describes commands that you can call up in the Global configuration mode.
Page 425: No Mac-Address-Table Static Multicast
Layer 2 management protocols 8.6 Multicast The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id Keyword for a an interface description interface Type or speed of the interface...
Page 426: The "Show" Commands (Transparent Bridge)
Layer 2 management protocols 8.6 Multicast The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa :aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 427: Show Dot1D Mac-Address-Table Static Multicast
Layer 2 management protocols 8.6 Multicast Parameter Description Range of values/note Keyword for a an interface description interface Type or speed of the interface Enter a valid interface. interface-type Module no. and port no. of the interface interface-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 428: Show Multicast-Block Config
Layer 2 management protocols 8.6 Multicast Result The static multicast MAC addresses are displayed. 8.6.3.3 show multicast-block config Description This command shows the multicast blocking settings for ports. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 429: Mac-Address-Table Static Multicast
Layer 2 management protocols 8.6 Multicast 8.6.4.1 mac-address-table static multicast Description With this command, you generate a static multicast MAC address entry in the forwarding database. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters:...
Page 430: No Mac-Address-Table Static Multicast
Layer 2 management protocols 8.6 Multicast Further notes With the show dot1d mac-address-table static multicast command, you display the list of configured entries. With the no mac-address-table static multicast command, you delete an entry. 8.6.4.2 no mac-address-table static multicast Description With this command, you delete a static multicast MAC address entry from the forwarding database.
Page 431: Layer 3 Functions
Layer 3 functions Note NAT/NAPT is possible only on layer 3 of the ISO/OSI reference model. To use the NAT function, the networks must use the IPv4 protocol. When using the ISO protocol that operates at layer 2, it is not possible to use NAT. With Network Address Translation (NAT), IP subnets are divided into "Inside"...
Page 432: The "Show" Commands
Layer 3 functions 9.1 NAT With source NAT, the inside local source address of an IP packet from a device in the internal network is rewritten to an inside global address by a NAT device at the network transition. With destination NAT, the inside global destination address of an IP packet from a device in the external network is rewritten to an inside local address by a NAT device at the network transition.
Page 433: Show Ip Nat Service
Layer 3 functions 9.1 NAT Result The global NAT configuration is displayed. Further notes You enable NAT/NAPT for the entire device with the ip nat command in the Global configuration mode. You disable NAT/NAPT for the entire device with the no ip nat command in the Global configuration mode.
Page 434: Show Ip Nat Service Portrange
Layer 3 functions 9.1 NAT 9.1.1.3 show ip nat service portrange Description This command shows static port translations (NAPT) for an interface with a port range. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 435: Show Ip Nat
Layer 3 functions 9.1 NAT Result The current NAT/NAPT configuration of the interfaces is displayed. Further notes You enable NAT for the selected IP interface with the ip nat command in the Interface configuration mode. You disable NAT for the selected IP interface with the no ip nat command in the Interface configuration mode.
Page 436: Commands In The Global Configuration Mode
Layer 3 functions 9.1 NAT Further notes You configure a static address translation with the ip nat static command. You delete a static address translation with the no ip nat static command. You configure a dynamic address translation with the ip nat pool command. You delete a dynamic address translation with the no ip nat pool command.
Page 437: No Ip Nat
Layer 3 functions 9.1 NAT 9.1.2.2 no ip nat Description With this command you disable NAT/NAPT for the entire device. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no ip nat Result NAT/NAPT is disabled globally for the entire device.
Page 438: No Ip Nat Timeout
Layer 3 functions 9.1 NAT ip nat {idle timeout <seconds (60-86400)> | {tcp | udp } timeout <seconds (300-86400)>} The parameters have the following meaning: Parameter Description Range of values / note Keyword for the time after which a xxxx con‐ idle timeout nection is deleted Value for the time in seconds...
Page 439: Commands In The Interface Configuration Mode
Layer 3 functions 9.1 NAT The parameters have the following meaning: Parameter Description Range of values / note Keyword for the time period of a xxxx con‐ idle nection Keyword for the time period of a TCP con‐ nection Keyword for the time period of a UDP con‐ nection Result The time periods are reset.
Page 440: No Ip Nat
Layer 3 functions 9.1 NAT Syntax Call the command without parameter assignment: ip nat Result NAT is activated for the IP interface. Further notes You disable NAT for the selected IP interface with the no ip nat command. You display the current configuration with the show ip nat summary command. 9.1.3.2 no ip nat Description...
Page 441: Ip Nat Napt
Layer 3 functions 9.1 NAT 9.1.3.3 ip nat napt Description With this command, you enable NAPT for the selected IP interface. Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call the command without parameter assignment: ip nat napt Result NAPT is activated for the selected IP interface.
Page 442: Ip Nat Pool
Layer 3 functions 9.1 NAT Result NAPT is deactivated for the selected IP interface. Further notes You enable NAPT for the selected IP interface with the ip nat napt command. You display the current configuration with the show ip nat summary command. 9.1.3.5 ip nat pool Description...
Page 443: No Ip Nat Pool
Layer 3 functions 9.1 NAT 9.1.3.6 no ip nat pool Description With this command, you delete a pool for dynamic address translations. Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call up the command with the following parameters: no ip nat pool <inside global ip>...
Page 444 Layer 3 functions 9.1 NAT Syntax Call up the command with the following parameters: ip nat service <inside local ip> [<inside local port number>] { auth | dns | ftp | pop3 | pptp | smtp | telnet | http | nntp | snmp | other [<inside global port number>]} [{ tcp | udp | any }] [<description>] The parameters have the following meaning:...
Page 445: No Ip Nat Service
Layer 3 functions 9.1 NAT 9.1.3.8 no ip nat service Description With this command you delete static port translations (NAPT) for an interface with a service. Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call up the command with the following parameters:...
Page 446: Ip Nat Service Portrange
Layer 3 functions 9.1 NAT 9.1.3.9 ip nat service portrange Description With this command you configure static port translations (NAPT) for an interface with a port range. Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call up the command with the following parameters:...
Page 447: No Ip Nat Service Portrange
Layer 3 functions 9.1 NAT 9.1.3.10 no ip nat service portrange Description With this command you delete static port translations (NAPT) for an interface with a port range. Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call up the command with the following parameters:...
Page 448: Ip Nat Static
Layer 3 functions 9.1 NAT 9.1.3.11 ip nat static Description With this command, you configure static 1:1 address translations. You specify which inside global address the inside local address of a device will be converted to and vice versa. This variant allows connection establishment in both directions. The device in the internal network can be reached from the external network.
Page 449 Layer 3 functions 9.1 NAT Requirement You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)# Syntax Call up the command with the following parameters: no ip nat static <inside local ip> The parameter has the following meaning: Parameter Description Range of values / note...
Page 450: Single-Hop Inter-Vlan-Routing
Layer 3 functions 9.2 Single-Hop Inter-VLAN-Routing Single-Hop Inter-VLAN-Routing Introduction A physical network is divided into broadcast domains and subnets by VLANs. Devices (hosts) within a VLAN can communicate with each other directly via layer 2. The frames are forwarded to the relevant device based on the MAC address. Devices from different VLANs cannot communicate with each other directly via layer 2.
Page 451: No Ip Single-Hop Inter-Vlan-Routing
Layer 3 functions 9.2 Single-Hop Inter-VLAN-Routing cli(config)# Syntax Call the command without parameters: ip single-hop inter-vlan-routing Result The function is enabled. The device can route between two local IP interfaces. Further notes You disable the Single-Hop Inter-VLAN-Routing function with the no ip single-hop inter-vlan-routing command.
Page 452 Layer 3 functions 9.2 Single-Hop Inter-VLAN-Routing SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 453: Load Control
Load control This part contains the sections describing the functions for controlling and balancing network load. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 454: Rate Control
Load control 10.1 Rate control 10.1 Rate control This section describes commands for controlling and restricting the data transmission rate of an interface. 10.1.1 The "show" commands This section describes commands with which you display various settings. 10.1.1.1 show rate-limit output Description This command shows the packet rate for limiting the outgoing data stream of one or all interfaces.
Page 455: Commands In The Interface Configuration Mode
Load control 10.1 Rate control 10.1.2 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available. In the Global configuration mode, enter the interface command to change to this mode. Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
Page 456: No Rate-Limit Output
Load control 10.1 Rate control Further notes You disable the function with the no rate-limit output command. 10.1.2.2 no rate-limit output Description With this command, you disable the data rate for limiting the outgoing data stream of the interface. Requirement You are in the Interface configuration mode.
Page 457: No Storm-Control
Load control 10.1 Rate control Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: storm-control{broadcast|multicast|dlf} The parameters have the following meaning: Parameter Description Limits broadcast packets broadcast Limits multicast packets multicast...
Page 458: Storm-Control Level
Load control 10.1 Rate control Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call up the command with the following parameters: no storm-control{broadcast|multicast|dlf} The parameters have the following meaning: Parameter Description Disables broadcast storm control broadcast Disables multicast storm control multicast...
Page 459: No Storm-Control Level
Load control 10.1 Rate control The parameters have the following meaning: Parameter Description Range of values / note Value for the in data rate in Kbps The value range depends on the rate-value port speed. The entry is rounded down to the next valid value. If small values are entered, the val‐...
Page 460 Load control 10.1 Rate control Further notes You configure the value for the storm control function with the storm-control level command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 461: Static Mac Filtering
Load control 10.2 Static MAC filtering 10.2 Static MAC filtering This section describes commands for filtering data packet on an interface. With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1. You change the mode with the base bridge-mode command.
Page 462: No Mac-Address-Table Static Multicast
Load control 10.2 Static MAC filtering The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id Keyword for a an interface description interface Type or speed of the interface...
Page 463: Mac-Address-Table Static Unicast
Load control 10.2 Static MAC filtering The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for the number of a VLAN con‐ vlan nection Number of the addressed VLAN 1 ...
Page 464: No Mac-Address-Table Static Unicast
Load control 10.2 Static MAC filtering The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id Keyword for a an interface description interface Type or speed of the interface...
Page 465: Commands In The Global Configuration Mode (Transparent Bridge)
Load control 10.2 Static MAC filtering The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a VLAN connection vlan Number of the addressed VLAN 1 ... 4094 vlan-id For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 466: No Mac-Address-Table Static Multicast
Load control 10.2 Static MAC filtering Syntax Call up the command with the following parameters: mac-address-table static multicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]]) [forbidden-ports ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]]) The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface...
Page 467: Mac-Address-Table Static Unicast
Load control 10.2 Static MAC filtering The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> The parameter has the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa: For information on names of addresses and interfaces, refer to the section "Addresses and...
Page 468: No Mac-Address-Table Static Unicast
Load control 10.2 Static MAC filtering mac-address-table static unicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <0/a-b, 0/c,...>] [port-channel <interface-list>]) The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa Keyword for a an interface description interface Type or speed of the interface Enter a valid interface.
Page 469: Commands In The Interface Configuration Mode
Load control 10.2 Static MAC filtering The parameters have the following meaning: Parameter Description Range of values / note MAC address of the interface aa:aa:aa:aa:aa:aa For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)". Result The entry is deleted from the forwarding database.
Page 470: No Switchport Ingress-Filter
Load control 10.2 Static MAC filtering Syntax Call the command without parameters: switchport ingress-filter Result The ingress filter is activated. Further notes You disable the filter with the no switchport ingress-filter command. You can display the status of the ingress filter and other settings with the show vlan port config command.
Page 471: Dynamic Mac Aging
Load control 10.3 Dynamic MAC aging 10.3 Dynamic MAC aging The section describes commands with which the aging of dynamically learned entries is configured in a MAC address list. 10.3.1 The "show" commands This section describes commands with which you display various settings. 10.3.1.1 show mac-address-table aging-time Description...
Page 472: Commands In The Global Configuration Mode
Load control 10.3 Dynamic MAC aging The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show mac-address-table aging-status Result The status of the MAC aging is displayed. 10.3.2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 473: No Mac-Address-Table Aging-Time
Load control 10.3 Dynamic MAC aging The parameter has the following meaning: Parameter Description Range of values / note Life of the entry in seconds 15 ... 630 seconds Default: 300 Enter the period of time in seconds in steps of 15. When you input the Aging Time, note that the WBM rounds to cor‐...
Page 474: Mac-Address-Table Aging
Load control 10.3 Dynamic MAC aging Further notes You configure the setting with the mac-address-table aging-time command. You display the setting with the show mac-address-table aging-time command. 10.3.2.3 mac-address-table aging Description With this command, you enable the "Aging" function. The "Aging" function ensures that an entry in the MAC address list that was learned dynamically is deleted again after a certain time.
Page 475 Load control 10.3 Dynamic MAC aging cli(config)# Syntax Call the command without parameters: no mac-address-table aging Result The "Aging" function is disabled. Further notes You enable the "Aging" function with the mac-address-table aging command. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 476: Flow Control
Load control 10.4 Flow control 10.4 Flow control The flow control function monitors the incoming data traffic of a port. If there is overload ("Congestion", "Overflow") it sends a signal to the connection partner. If the flow control function receives a signal at the sending end, it stops the data transmission to avoid loss of data.
Page 477: Commands In The Interface Configuration Mode
Load control 10.4 Flow control 10.4.2 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available. In the Global configuration mode, enter the interface command to change to this mode. Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
Page 478 Load control 10.4 Flow control The parameters have the following meaning: Parameter Description Range of values / note Enables the function You can only enable or disable flow control when the "Auto negotiation" function is turned off. Afterwards you can enable "Auto negotiation" again. To use the flow control function, enable flow control at the appropriate input and output ports.
Page 479: Service Classes
Load control 10.5 Service classes 10.5 Service classes This section describes commands for configuring the assignment tables for service classes and the Differentiated Services Code Point (DSCP). 10.5.1 The "show" commands This section describes commands with which you display various settings. 10.5.1.1 show qos agent-priority Description...
Page 480: Show Qos Cos-Map
Load control 10.5 Service classes Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show qos broadcast-priority Result The current priority of the broadcast frames is displayed. Further notes You configure the priority of broadcast frames with the broadcast-priority command.
Page 481: Show Qos Cos-Remap
Load control 10.5 Service classes 10.5.1.4 show qos cos-remap Description For individual ports, this command shows the priority with which frames are sent. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>...
Page 482: Show Qos Scheduling Mode
Load control 10.5 Service classes Result The assignment table of DSCP priorities to queues is displayed. Further notes You configure the assignment of the DSCP priority to a queue with the dscp-map command. 10.5.1.6 show qos scheduling mode Description This command shows the method with which the processing order of the frames is decided. Requirement You are in the User EXEC mode or in the Privileged EXEC mode.
Page 483: Commands In The Global Configuration Mode
Load control 10.5 Service classes The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show qos-trust-mode Result The list for all ports with the corresponding Trust mode is displayed. 10.5.2 Commands in the Global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 484: Commands In The Qos Configuration Mode
Load control 10.5 Service classes The command prompt is as follows: cli(config-qos)# Further notes You exit the QOS configuration modewith the command end or exit. 10.5.3 Commands in the QOS configuration mode Quality of Service (QoS) Quality of Service (QoS) is a method to allow efficient use of the existing bandwidth in a network. QoS is implemented by prioritization of the data traffic.
Page 485: Agent-Priority
Load control 10.5 Service classes 10.5.3.1 agent-priority Description With this command you specify the priority of agent frames. The switch sorts incoming frames into a queue according to this prioritization . Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax Call up the command with the following parameters:...
Page 486: Broadcast-Priority
Load control 10.5 Service classes cli(config-qos)# Syntax Call the command without parameters: no agent-priority Result The priority of agent frames has been reset to the default value. Further notes You change the priority of agent frames with the agent-priority command. You display the current priority of agent frames with the show qos agent-priority command.
Page 487: No Broadcast-Priority
Load control 10.5 Service classes Further notes You reset the priority of broadcast frames to the default value with the no broadcast- priority command. You display the current priority of broadcast frames with the show qos broadcast- priority command. You configure the assignment of the CoS priority to a queue with the cos-map command. 10.5.3.4 no broadcast-priority Description...
Page 488 Load control 10.5 Service classes Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax Call up the command with the following parameters: cos-map <cos(0-7)> queue <queue(1-4)> The parameters have the following meaning: Parameter Description Range of values / note Priority...
Page 489: Cos-Remap
Load control 10.5 Service classes 10.5.3.6 cos-remap Description With this command depending on the priority when receiving a frame, you can change the priority with which it is sent. Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax Call up the command with the following parameters:...
Page 490: No Cos-Remap
Load control 10.5 Service classes 10.5.3.7 no cos-remap Description With this command, you reset the send priority back to the default value. Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax Call the command without parameters: no cos-remap Result The send priorities are reset to the default value.
Page 491: No Cos-Remap-Enable
Load control 10.5 Service classes Syntax Call the command without parameters: cos-remap-enable Result The CoS reassignment function is enabled. Further notes You disable the function with the no cos-remap-enable command. You change the priority with which frames are sent with the cos-remap command. You reset the send priority to the default value with the no cos-remap command.
Page 492: Dscp-Map
Load control 10.5 Service classes You display the assignment table for the send priority with the show qos cos-remap command. 10.5.3.10 dscp-map Description With this command, you configure the assignment of DSCP priorities to queues. Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax...
Page 493: Qos-Trust-Mode
Load control 10.5 Service classes 10.5.3.11 qos-trust-mode Description With this command you can set the method according to which frames to be forwarded are prioritized port by port. Requirement You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)# Syntax Call up the command with the following parameters:...
Page 494: Scheduling Mode
Load control 10.5 Service classes Parameter Description Range of values / note If an incoming frame contains a DSCP prioritization, the switch sorts it into Default setting with dscp a queue according to this prioritization. EtherNet/IP variants If the frame does not contain a DSCP prioritization, the switch sorts the frame into a queue according to the prioritization of the receiving port.
Page 495 Load control 10.5 Service classes scheduling mode <strict | weighted> The parameters have the following meaning: Parameter Description Range of values / note As long as there are frames with high priority in the strict queue, only these high-priority frames are pro‐ cessed.
Page 496 Load control 10.5 Service classes SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 497: Security And Authentication
Security and authentication This part contains the sections that describe the access rights and authentication methods. SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 07/2017, C79000-G8976-C361-06...
Page 498: User Management
Security and authentication 11.1 User management 11.1 User management This section describes commands for access as administrator and the configuration of the authentication methods. 11.1.1 The "show" commands This section describes commands with which you display various settings. 11.1.1.1 show password-policy Description This command shows which password policy is currently being used.
Page 499: Show User-Accounts
Security and authentication 11.1 User management Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: show users Result The logged-in CLI users are displayed. 11.1.1.3 show user-accounts Description...
Page 500: Whoami
Security and authentication 11.1 User management Requirement ● You are logged into the device with a local user account ● You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call up the command with the following parameters: change password <passwd>...
Page 501: Commands In The Global Configuration Mode
Security and authentication 11.1 User management Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli# Syntax Call the command without parameters: whoami Result The user name of the logged in user is displayed. 11.1.4 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode.
Page 502: User-Account
Security and authentication 11.1 User management The parameters have the following meaning: Parameter Description Range of values / note Password policy: Low Password length: at least 6 characters high Password policy: High Password length: at least 8 characters at least 1 uppercase letter at least 1 special character at least 1 number Result...
Page 503 Security and authentication 11.1 User management The parameters have the following meaning: Parameter Description Range of values / note User name Enter a user name. The name must be string unique. The name must meet the following condi‐ tions: ● It must be unique. ●...
Page 504: No User-Account
Security and authentication 11.1 User management 11.1.4.3 no user-account Description With this command, you delete a user. Note Default users "admin" as well as logged in users cannot be deleted. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters:...
Page 505 Security and authentication 11.1 User management The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: username {admin} password <passwd> The parameters have the following meaning: Parameter Description Range of values / note User name of the default user with admin read and write access to the config‐...
Page 506: Radius Client
Security and authentication 11.2 RADIUS client 11.2 RADIUS client RADIUS (Remote Authentication Dial-In User Service) is a client/server protocol that allows the centralized logging in of users logging on in a physical or virtual network. This makes central administration of user data possible. This section describes commands relevant for the configuration of this service.
Page 507: Commands In The Global Configuration Mode
Security and authentication 11.2 RADIUS client cli# Syntax Call up the command with the following parameters: show radius server [<ucast_addr>] The parameters have the following meaning: Parameter Description Range of values / note Value for an IPv4 unicast address Enter a valid unicast address ucast_addr For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 36)".
Page 508: No Login Authentication
Security and authentication 11.2 RADIUS client Syntax Call up the command with the following parameters: login authentication {radius | local-and-radius | radius-fallback- local} The parameters have the following meaning: Parameter Description Range of values / note The login is via a RADIUS server. radius The login is possible both with the users The local users have priority.
Page 509: Radius-Server
Security and authentication 11.2 RADIUS client Result The RADIUS authentication is deactivated. Note The login is possible only with a local user name and password. If the local logon fails, there is no authentication via a RADIUS server. Further notes You enable the authentication via a RADIUS server with the login authentication command.
Page 510 Security and authentication 11.2 RADIUS client Parameter Description Range of values / note Maximum number of connection retries 1 ... 254 <1-254> Default: 3 Keyword for the key for communication between the authenticator and the serv‐ Value for the key 46 characters secret-key-string Default: empty string...
Page 511: No Radius-Server
Security and authentication 11.2 RADIUS client 11.2.2.4 no radius-server Description With this command, you delete a RADIUS server entry on the client. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no radius-server ipv4 <

Siemens SCALANCE XC-200 Configuration Manual

Quick Links

1 Introduction

2 General Information

3 Configuration

4 Functions Specific to SCALANCE

5 System Time

6 Network Structures

Related Manuals for Siemens SCALANCE XC-200

Summary of Contents for Siemens SCALANCE XC-200