SCALANCE XM-400/XR-500 Command Line Interface

SCALANCE XM-400/XR-500 Command Line Interface

SIMATIC NET

Industrial Ethernet switches

SCALANCE XM-400/XR-500

Command Line Interface

Configuration Manual

Introduction

General information

Configuration

Functions specific to

SCALANCE

System time

Network structures

Network protocols

Layer 2 management protocols

Layer 3 functions

Load control

Security and authentication

Diagnostics

1

2

3

4

5

6

7

8

9

10

11

12

03/2014

C79000-G8976-C252-06

Legal information

Warning notice system

This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

WARNING indicates that death or severe personal injury may result if proper precautions are not taken.

CAUTION indicates that minor personal injury can result if proper precautions are not taken.

NOTICE indicates that property damage can result if proper precautions are not taken.

If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.

Qualified Personnel

The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems.

Proper use of Siemens products

Note the following:

WARNING

Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be complied with. The information in the relevant documentation must be observed.

Trademarks

All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.

Disclaimer of Liability

We have reviewed the contents of this publication to ensure consistency with the hardware and software described.

Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.

Siemens AG

Industry Sector

Postfach 48 48

90026 NÜRNBERG

GERMANY

Order number: C79000-G8976-C252

Ⓟ 03/2014 Subject to change

Copyright © Siemens AG 2011 - 2014.

All rights reserved

Table of contents

2

3

1

2.1

2.2

2.3

2.4

Introduction.................................................................................................................................................21

1.1

Information on the configuration manual (CLI)............................................................................21

1.2

Security information.....................................................................................................................23

General information....................................................................................................................................25

General information on the Command Line Interface.................................................................25

Structure of the Command Line Interface...................................................................................26

Configuration limits......................................................................................................................28

The CLI command prompt...........................................................................................................30

2.5

2.6

2.6.1

2.6.2

Symbols of the CLI commands...................................................................................................31

Addresses and interface names..................................................................................................32

Address types, address ranges and address masks...................................................................32

Naming interfaces.......................................................................................................................33

2.7

2.7.1

2.7.2

2.7.3

General CLI commands..............................................................................................................36

clear screen.................................................................................................................................36

end..............................................................................................................................................36

exit...............................................................................................................................................37

2.7.4

Help functions and supported input.............................................................................................37

2.7.4.1 help..............................................................................................................................................37

2.7.4.2 The command "?"........................................................................................................................38

2.7.4.3 Completion of command entries..................................................................................................39

2.7.4.4 Abbreviated notation of commands.............................................................................................40

2.7.4.5 Reusing the last used commands...............................................................................................40

2.7.4.6 Working through a command sequence......................................................................................40

2.7.4.7 show history................................................................................................................................41

Configuration..............................................................................................................................................43

3.1

3.1.1

System........................................................................................................................................44

The "show" commands................................................................................................................44

3.1.1.1 show cli-console-timeout.............................................................................................................44

3.1.1.2 show coordinates........................................................................................................................44

3.1.1.3 show device information..............................................................................................................45

3.1.1.4 show env temperature.................................................................................................................45

3.1.1.5 show hardware............................................................................................................................46

3.1.1.6 show interface mtu......................................................................................................................46

3.1.1.7 show interfaces...........................................................................................................................47

3.1.1.8 show interfaces ... counters.........................................................................................................48

3.1.1.9 show ip interface.........................................................................................................................49

3.1.1.10 show pnio....................................................................................................................................50

3.1.1.11 show broadcast-block config.......................................................................................................51

3.1.1.12 show unicast-block config...........................................................................................................51

3.1.1.13 show multicast-block config.........................................................................................................52

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

3

Table of contents

3.1.1.14 show versions..............................................................................................................................53

3.1.2

3.1.3

3.1.4

3.1.5

3.1.6

clear counters..............................................................................................................................53

configure terminal........................................................................................................................54

disable.........................................................................................................................................55

enable..........................................................................................................................................55

lock..............................................................................................................................................56

logout...........................................................................................................................................57

3.1.7

3.1.8

3.1.9

ping..............................................................................................................................................57

clear line vty................................................................................................................................58

3.1.10

Commands in the global configuration mode..............................................................................59

3.1.10.1 interface.......................................................................................................................................59

3.1.10.2 no interface..................................................................................................................................61

3.1.10.3 cli-console-timeout......................................................................................................................62

3.1.10.4 no cli-console-timeout.................................................................................................................63

3.1.10.5 coordinates height.......................................................................................................................63

3.1.10.6 coordinates latitude.....................................................................................................................64

3.1.10.7 coordinates longitude..................................................................................................................64

3.1.10.8 system contact............................................................................................................................65

3.1.10.9 system location............................................................................................................................66

3.1.10.10

system name..........................................................................................................................66

3.1.10.11

username...............................................................................................................................67

3.1.11

Commands in the interface configuration mode..........................................................................68

3.1.11.1 alias.............................................................................................................................................68

3.1.11.2 duplex..........................................................................................................................................69

3.1.11.3 no duplex.....................................................................................................................................70

3.1.11.4 mtu..............................................................................................................................................70

3.1.11.5 negotiation...................................................................................................................................71

3.1.11.6 no negotiation..............................................................................................................................72

3.1.11.7 set broadcast-block.....................................................................................................................72

3.1.11.8 set multicast-block.......................................................................................................................73

3.1.11.9 shutdown.....................................................................................................................................73

3.1.11.10

no shutdown...........................................................................................................................74

3.1.11.11

speed.....................................................................................................................................75

3.1.11.12

switchport...............................................................................................................................75

3.1.11.13

no switchport..........................................................................................................................76

3.1.11.14

lldp..........................................................................................................................................77

3.1.11.15

no lldp.....................................................................................................................................78

3.1.11.16

media type (SCALANCE XM400 only)...................................................................................79

3.2

3.2.1

3.2.2

3.2.3

Load and Save............................................................................................................................81

show loadsave files.....................................................................................................................81

show loadsave tftp.......................................................................................................................81

load tftp........................................................................................................................................82

3.2.4

3.2.5

save filetype................................................................................................................................83

Commands in the global configuration mode..............................................................................84

3.2.5.1 loadsave......................................................................................................................................84

3.2.6

Commands in the LOADSAVE configuration mode....................................................................84

3.2.6.1 delete...........................................................................................................................................85

3.2.6.2 tftp filename.................................................................................................................................85

3.2.6.3 tftp load........................................................................................................................................86

3.2.6.4 tftp save.......................................................................................................................................87

3.2.6.5 tftp server....................................................................................................................................88

4

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

4

3.3

3.3.1

Reset and Defaults......................................................................................................................89

restart..........................................................................................................................................89

3.4

3.4.1

3.4.2

3.4.3

Configuration Save & Restore.....................................................................................................90

show running-config....................................................................................................................90

write startup-config......................................................................................................................92

Commands in the global configuration mode..............................................................................93

3.4.3.1 auto-save.....................................................................................................................................93

3.4.3.2 no auto-save................................................................................................................................94

3.5

3.5.1

3.5.2

3.5.3

PoE..............................................................................................................................................95

show poe status..........................................................................................................................95

show pse status...........................................................................................................................95

Commands in the global configuration mode..............................................................................96

3.5.3.1 poe pse usage.............................................................................................................................96

3.5.3.2 no poe pse usage........................................................................................................................97

3.5.4

Commands in the Interface Configuration mode.........................................................................97

3.5.4.1 poe active....................................................................................................................................98

3.5.4.2 no poe active...............................................................................................................................98

3.5.4.3 poe type.......................................................................................................................................99

3.5.4.4 no poe type................................................................................................................................100

3.5.4.5 poe prio.....................................................................................................................................100

3.5.4.6 no poe prio................................................................................................................................101

3.6

3.6.1

NFC (SCALANCE XM400 only)................................................................................................102

show nfc active status...............................................................................................................102

3.6.2

Commands in the global configuration mode............................................................................102

3.6.2.1 nfc active...................................................................................................................................103

3.6.2.2 no nfc active..............................................................................................................................103

Functions specific to SCALANCE.............................................................................................................105

4.1

4.1.1

C-PLUG.....................................................................................................................................106

show plug..................................................................................................................................106

4.1.2

Commands in the global configuration mode............................................................................106

4.1.2.1 plug............................................................................................................................................107

4.1.3

Commands in the C-PLUG configuration mode........................................................................107

4.1.3.1 factoryclean...............................................................................................................................107

4.1.3.2 write...........................................................................................................................................108

4.2

4.2.1

WBM..........................................................................................................................................109

show web-session-timeout........................................................................................................109

4.2.2

Commands in the global configuration mode............................................................................109

4.2.2.1 web-session-timeout.................................................................................................................110

4.2.2.2 no web-session-timeout............................................................................................................110

4.3

4.3.1

Panel button..............................................................................................................................112

Commands in the global configuration mode............................................................................112

4.3.1.1 set panel-button control-factory-defaults...................................................................................112

4.3.1.2 set panel-button control-faultmask............................................................................................113

4.4

4.4.1

Signaling contact.......................................................................................................................114

show signaling contact..............................................................................................................114

4.4.2

Commands in the global configuration mode............................................................................114

4.4.2.1 set signaling contact mode........................................................................................................114

4.4.2.2 set signaling contact status.......................................................................................................115

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

5

Table of contents

5

6

System time..............................................................................................................................................117

5.1

5.1.1

5.1.2

5.1.3

System time setting...................................................................................................................117

show time..................................................................................................................................117

show dst info.............................................................................................................................117

Commands in the global configuration mode............................................................................118

5.1.3.1 time............................................................................................................................................118

5.1.3.2 time set......................................................................................................................................119

5.1.3.3 time dst date..............................................................................................................................120

5.1.3.4 time dst recurring.......................................................................................................................121

5.1.3.5 no time dst.................................................................................................................................122

5.2

5.2.1

NTP client..................................................................................................................................123

show ntp info.............................................................................................................................123

5.2.2

Commands in the global configuration mode............................................................................123

5.2.2.1 ntp.............................................................................................................................................123

5.2.3

Commands in the NTP configuration mode..............................................................................124

5.2.3.1 ntp server..................................................................................................................................124

5.2.3.2 no ntp server.............................................................................................................................125

5.2.3.3 ntp time diff................................................................................................................................126

5.3

5.3.1

5.3.2

5.3.3

SNTP client...............................................................................................................................128

show sntp broadcast-mode status.............................................................................................128

show sntp unicast-mode status.................................................................................................128

show sntp status........................................................................................................................129

5.3.4

Commands in the global configuration mode............................................................................129

5.3.4.1 sntp............................................................................................................................................130

5.3.5

Commands in the SNTP configuration mode............................................................................130

5.3.5.1 sntp client addressing-mode.....................................................................................................131

5.3.5.2 sntp time diff..............................................................................................................................131

5.3.5.3 set sntp unicast-poll-interval......................................................................................................132

5.3.5.4 sntp unicast-server....................................................................................................................133

5.3.5.5 no sntp unicast-server...............................................................................................................134

5.4

5.4.1

PTP...........................................................................................................................................136

show ptp info.............................................................................................................................136

5.4.2

Commands in the global configuration mode............................................................................136

5.4.2.1 ptp.............................................................................................................................................137

5.4.2.2 no ptp........................................................................................................................................137

5.4.2.3 ptp time diff................................................................................................................................138

5.4.3

Commands in the PTP Transparent Clock configuration mode................................................138

5.4.3.1 delay-mechanism......................................................................................................................139

5.4.3.2 primary-domain.........................................................................................................................139

Network structures....................................................................................................................................141

6.1

6.1.1

VLAN.........................................................................................................................................142

The "show" commands..............................................................................................................142

6.1.1.1 show mac-address-table...........................................................................................................142

6.1.1.2 show mac-address-table dynamic multicast..............................................................................143

6.1.1.3 show mac-address-table dynamic unicast................................................................................144

6.1.1.4 show mac-address-table static multicast...................................................................................145

6.1.1.5 show mac-address-table static unicast.....................................................................................145

6.1.1.6 show mac-address-table count.................................................................................................146

6.1.1.7 show subnet-vlan mapping........................................................................................................147

6

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

6.1.1.8 show vlan..................................................................................................................................148

6.1.1.9 show vlan device info................................................................................................................148

6.1.1.10 show vlan learning params........................................................................................................149

6.1.1.11 show vlan port config.................................................................................................................150

6.1.1.12 show vlan protocols-group........................................................................................................150

6.1.2

Commands in the global configuration mode............................................................................151

6.1.2.1 interface range..........................................................................................................................151

6.1.2.2 no interface range.....................................................................................................................152

6.1.2.3 map protocol..............................................................................................................................153

6.1.2.4 no map protocol.........................................................................................................................154

6.1.2.5 protocol-vlan..............................................................................................................................155

6.1.2.6 no protocol-vlan.........................................................................................................................156

6.1.2.7 subnet-vlan................................................................................................................................157

6.1.2.8 no subnet-vlan...........................................................................................................................157

6.1.2.9 vlan............................................................................................................................................158

6.1.2.10 no vlan.......................................................................................................................................159

6.1.3

Commands in the interface configuration mode........................................................................159

6.1.3.1 map subnet................................................................................................................................160

6.1.3.2 no map subnet...........................................................................................................................161

6.1.3.3 switchport acceptable-frame-type.............................................................................................162

6.1.3.4 no switchport acceptable-frame-type........................................................................................162

6.1.3.5 switchport access vlan..............................................................................................................163

6.1.3.6 no switchport access vlan.........................................................................................................164

6.1.3.7 switchport map protocols-group................................................................................................164

6.1.3.8 no switchport map protocols-group...........................................................................................165

6.1.3.9 switchport mode........................................................................................................................166

6.1.3.10 no switchport mode...................................................................................................................167

6.1.3.11 switchport priority default...........................................................................................................168

6.1.3.12 no switchport priority default......................................................................................................169

6.1.3.13 switchport pvid...........................................................................................................................169

6.1.3.14 no switchport pvid......................................................................................................................170

6.1.4

Commands in the VLAN configuration mode............................................................................171

6.1.4.1 ports..........................................................................................................................................171

6.1.4.2 no ports.....................................................................................................................................173

6.1.4.3 name.........................................................................................................................................174

6.1.4.4 no name....................................................................................................................................175

6.1.4.5 tia interface................................................................................................................................176

6.1.4.6 transparent-vlan........................................................................................................................176

6.1.4.7 no transparent-vlan...................................................................................................................177

6.2

6.2.1

6.2.2

6.2.3

6.2.5

Link aggregation........................................................................................................................179

show etherchannel....................................................................................................................179

show interfaces etherchannel....................................................................................................180

show lacp..................................................................................................................................180

6.2.4

Commands in the global configuration mode............................................................................181

6.2.4.1 port-channel load-balance.........................................................................................................181

6.2.4.2 no port-channel load-balance....................................................................................................182

Commands in the interface configuration mode........................................................................183

6.2.5.1 channel-group...........................................................................................................................183

6.2.5.2 no channel-group......................................................................................................................184

6.3

6.3.1

Spanning Tree...........................................................................................................................186

The "show" commands..............................................................................................................186

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7

Table of contents

6.3.1.1 show spanning-tree...................................................................................................................186

6.3.1.2 show spanning-tree mst............................................................................................................187

6.3.1.3 show spanning-tree active.........................................................................................................188

6.3.1.4 show spanning-tree bridge........................................................................................................188

6.3.1.5 show spanning-tree detail.........................................................................................................189

6.3.1.6 show spanning-tree interface....................................................................................................190

6.3.1.7 show spanning-tree interface layer2-gateway-port...................................................................191

6.3.1.8 show spanning-tree root............................................................................................................191

6.3.1.9 show spanning-tree mst configuration.......................................................................................192

6.3.1.10 show spanning-tree mst interface.............................................................................................193

6.3.2

6.3.3

clear spanning-tree detected protocols.....................................................................................194

clear spanning-tree counters.....................................................................................................195

6.3.4

Commands in the global configuration mode............................................................................195

6.3.4.1 spanning-tree............................................................................................................................195

6.3.4.2 no spanning-tree.......................................................................................................................196

6.3.4.3 spanning-tree compatibility........................................................................................................197

6.3.4.4 no spanning-tree compatibility...................................................................................................198

6.3.4.5 spanning-tree priority.................................................................................................................198

6.3.4.6 no spanning-tree priority............................................................................................................199

6.3.4.7 spanning-tree mst configuration................................................................................................200

6.3.4.8 spanning-tree mst max-hops.....................................................................................................201

6.3.4.9 no spanning-tree mst max-hops................................................................................................202

6.3.4.10 spanning-tree mst instance-id root............................................................................................202

6.3.4.11 no spanning-tree mst instance-id root.......................................................................................203

6.3.4.12 Time settings for the Spanning Tree protocol...........................................................................204

6.3.5

Commands in the interface configuration mode........................................................................207

6.3.5.1 spanning-tree............................................................................................................................207

6.3.5.2 no spanning-tree.......................................................................................................................209

6.3.5.3 spanning-tree mst......................................................................................................................210

6.3.5.4 no spanning-tree mst.................................................................................................................211

6.3.5.5 spanning-tree auto-edge...........................................................................................................213

6.3.5.6 no spanning-tree auto-edge......................................................................................................213

6.3.5.7 spanning-tree bpdu-transmit.....................................................................................................214

6.3.5.8 spanning-tree bpdu-receive.......................................................................................................215

6.3.5.9 spanning-tree bpdufilter.............................................................................................................215

6.3.5.10 spanning-tree layer2-gateway-port............................................................................................216

6.3.5.11 no spanning-tree layer2-gateway-port.......................................................................................217

6.3.5.12 spanning-tree loop-guard..........................................................................................................217

6.3.5.13 no spanning-tree loop-guard.....................................................................................................218

6.3.5.14 spanning-tree restricted-role.....................................................................................................219

6.3.5.15 no spanning-tree restricted-role................................................................................................219

6.3.5.16 spanning-tree restricted-tcn.......................................................................................................220

6.3.5.17 no spanning-tree restricted-tcn..................................................................................................221

6.3.5.18 spanning-tree mst hello-time.....................................................................................................221

6.3.5.19 no spanning-tree mst hello-time................................................................................................222

6.3.5.20 spanning-tree mst PseudoRootId..............................................................................................223

6.3.5.21 no spanning-tree mst PseudoRootId.........................................................................................224

6.3.6

Commands in the MSTP configuration mode............................................................................225

6.3.6.1 instance.....................................................................................................................................225

6.3.6.2 no instance................................................................................................................................226

6.3.6.3 name.........................................................................................................................................227

6.3.6.4 no name....................................................................................................................................227

8

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

7

6.3.6.5 revision......................................................................................................................................228

6.3.6.6 no revision.................................................................................................................................229

6.4

6.4.1

6.4.2

6.4.3

Passive Listening......................................................................................................................230

show passive-listening..............................................................................................................230

passive-listening........................................................................................................................230

no passive-listening...................................................................................................................231

Network protocols.....................................................................................................................................233

7.1

7.1.1

7.1.2

7.1.3

7.1.4

7.1.5

7.1.6

7.1.7

IPv4 protocol.............................................................................................................................234

show ip route.............................................................................................................................234

show ip static route....................................................................................................................234

show ip gateway........................................................................................................................235

show ip telnet............................................................................................................................235

show dcp server........................................................................................................................236

show dcp forwarding.................................................................................................................237

show ip dns...............................................................................................................................237

7.1.8

7.1.9

show ip dns cache.....................................................................................................................238

show ip dns name-server..........................................................................................................238

7.1.10

show ip dns statistics.................................................................................................................239

7.1.11

Commands in the global configuration mode............................................................................239

7.1.11.1 ip route......................................................................................................................................240

7.1.11.2 no ip route.................................................................................................................................241

7.1.11.3 ip routing....................................................................................................................................242

7.1.11.4 no ip routing...............................................................................................................................242

7.1.11.5 ip echo-reply..............................................................................................................................243

7.1.11.6 no ip echo-reply.........................................................................................................................244

7.1.11.7 telnet-server..............................................................................................................................244

7.1.11.8 no telnet-server.........................................................................................................................245

7.1.11.9 dcp server..................................................................................................................................246

7.1.11.10

no dcp server.......................................................................................................................246

7.1.11.11

ip domain lookup..................................................................................................................247

7.1.11.12

no ip domain lookup.............................................................................................................247

7.1.11.13

ip name-server.....................................................................................................................248

7.1.11.14

no ip name server................................................................................................................249

7.1.12

Commands in the interface configuration mode........................................................................249

7.1.12.1 ip address..................................................................................................................................250

7.1.12.2 no ip address.............................................................................................................................251

7.1.12.3 dcp forwarding...........................................................................................................................252

7.2

7.2.1

7.2.2

7.2.3

DHCP client...............................................................................................................................254

show ip dhcp client stats...........................................................................................................254

show ip dhcp client ...................................................................................................................254

Commands in the global configuration mode............................................................................255

7.2.3.1 ip dhcp config-file-request.........................................................................................................255

7.2.3.2 no ip dhcp config-file-request....................................................................................................256

7.2.3.3 ip dhcp client mode...................................................................................................................256

7.3

7.3.1

7.3.2

7.3.3

DHCP Relay..............................................................................................................................258

show dhcp server......................................................................................................................258

show ip dhcp relay information..................................................................................................258

Commands in the Global Configuration mode..........................................................................259

7.3.3.1 ip dhcp server............................................................................................................................259

7.3.3.2 no ip dhcp server.......................................................................................................................260

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

9

Table of contents

7.3.3.3 ip dhcp relay circuit-id option.....................................................................................................261

7.3.3.4 ip dhcp relay information option................................................................................................262

7.3.3.5 no ip dhcp relay information option...........................................................................................263

7.3.3.6 service dhcp-relay.....................................................................................................................263

7.3.3.7 no service dhcp-relay................................................................................................................264

7.3.4

Commands in the Interface Configuration mode.......................................................................265

7.3.4.1 ip dhcp relay circuit-id ...............................................................................................................265

7.3.4.2 no ip dhcp relay circuit-id ..........................................................................................................266

7.3.4.3 ip dhcp relay remote-id .............................................................................................................266

7.4

7.4.1

SNMP........................................................................................................................................268

The "show" commands..............................................................................................................268

7.4.1.1 show snmp................................................................................................................................268

7.4.1.2 show snmp community..............................................................................................................268

7.4.1.3 show snmp engineID.................................................................................................................269

7.4.1.4 show snmp filter........................................................................................................................269

7.4.1.5 show snmp group......................................................................................................................270

7.4.1.6 show snmp group access..........................................................................................................270

7.4.1.7 show snmp inform statistics......................................................................................................271

7.4.1.8 show snmp notif........................................................................................................................271

7.4.1.9 show snmp targetaddr...............................................................................................................272

7.4.1.10 show snmp targetparam............................................................................................................272

7.4.1.11 show snmp tcp..........................................................................................................................273

7.4.1.12 show snmp user........................................................................................................................273

7.4.1.13 show snmp viewtree..................................................................................................................274

7.4.2

Commands in the global configuration mode............................................................................274

7.4.2.1 snmpagent.................................................................................................................................275

7.4.2.2 no snmpagent............................................................................................................................275

7.4.2.3 snmp agent version...................................................................................................................276

7.4.2.4 snmp access.............................................................................................................................276

7.4.2.5 no snmp access........................................................................................................................278

7.4.2.6 snmp community index..............................................................................................................279

7.4.2.7 no snmp community index.........................................................................................................280

7.4.2.8 snmp group...............................................................................................................................281

7.4.2.9 no snmp group..........................................................................................................................282

7.4.2.10 snmp notify................................................................................................................................283

7.4.2.11 no snmp notify...........................................................................................................................284

7.4.2.12 snmp targetaddr........................................................................................................................285

7.4.2.13 no snmp targetaddr...................................................................................................................287

7.4.2.14 snmp targetparams...................................................................................................................287

7.4.2.15 no snmp targetparams..............................................................................................................289

7.4.2.16 snmp v1-v2 readonly.................................................................................................................289

7.4.2.17 no snmp v1-v2 readonly............................................................................................................290

7.4.2.18 snmp user..................................................................................................................................291

7.4.2.19 no snmp user.............................................................................................................................292

7.4.2.20 snmp view.................................................................................................................................292

7.4.2.21 no snmp view............................................................................................................................294

7.5

7.5.1

7.5.2

7.5.3

7.5.4

SMTP client...............................................................................................................................295

show events smtp-server..........................................................................................................295

show events sender email.........................................................................................................295

show events smtp-port..............................................................................................................296

Commands in the Events configuration mode...........................................................................296

10

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

8

7.5.4.1 smtp-server...............................................................................................................................297

7.5.4.2 no smtp-server..........................................................................................................................297

7.5.4.3 sender mail-address..................................................................................................................298

7.5.4.4 no sender mail-address.............................................................................................................299

7.5.4.5 send test mail............................................................................................................................300

7.5.4.6 smtp-port...................................................................................................................................300

7.5.4.7 no smtp-port..............................................................................................................................301

7.6

7.6.1

HTTP server..............................................................................................................................302

show ip http server status..........................................................................................................302

7.6.2

Commands in the global configuration mode............................................................................302

7.6.2.1 ip http.........................................................................................................................................302

7.6.2.2 no ip http....................................................................................................................................303

7.7

7.7.1

7.7.2

HTTPS server............................................................................................................................305

show ip http secure server status..............................................................................................305

show ssl server-cert..................................................................................................................305

7.8

7.8.1

ARP...........................................................................................................................................307

show ip arp................................................................................................................................307

7.8.2

Commands in the global configuration mode............................................................................308

7.8.2.1 arp.............................................................................................................................................308

7.8.2.2 no arp........................................................................................................................................309

7.8.2.3 arp timeout................................................................................................................................310

7.8.2.4 no arp timeout...........................................................................................................................311

7.9

7.9.1

SSH server................................................................................................................................312

show ip ssh................................................................................................................................312

7.9.2

Commands in the global configuration mode............................................................................312

7.9.2.1 ssh-server..................................................................................................................................312

7.9.2.2 no ssh-server.............................................................................................................................313

Layer 2 management protocols................................................................................................................315

8.1

8.1.1

8.1.2

8.1.3

GARP........................................................................................................................................316

show forward-all........................................................................................................................316

show forward-unregistered........................................................................................................316

Commands in the global configuration mode............................................................................317

8.1.3.1 gmrp..........................................................................................................................................317

8.1.3.2 no gmrp.....................................................................................................................................318

8.1.3.3 gvrp...........................................................................................................................................319

8.1.3.4 no gvrp......................................................................................................................................319

8.2

8.2.1

8.2.2

8.2.3

IGMP snooping..........................................................................................................................321

show ip igmp snooping..............................................................................................................321

show ip igmp snooping forwarding-database............................................................................321

show ip igmp snooping statistics...............................................................................................322

8.2.4

8.2.5

show ip igmp snooping switch-ip...............................................................................................323

Commands in the global configuration mode............................................................................324

8.2.5.1 ip igmp snooping version...........................................................................................................324

8.2.5.2 ip igmp vlan-snooping...............................................................................................................325

8.2.5.3 no ip igmp vlan-snooping..........................................................................................................325

8.2.5.4 ip igmp snooping clear counters................................................................................................326

8.2.5.5 ip igmp snooping switch-ip........................................................................................................326

8.2.5.6 ip igmp snooping port-purge-interval.........................................................................................327

8.2.5.7 no ip igmp snooping port-purge-interval....................................................................................328

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

11

Table of contents

9

8.3

8.3.1

IGMP querier.............................................................................................................................329

Commands in the Global Configuration mode..........................................................................329

8.3.1.1 ip igmp snooping querier...........................................................................................................329

8.3.1.2 no ip igmp snooping querier......................................................................................................330

8.4

8.4.1

8.4.2

8.4.3

Ring redundancy and standby connection................................................................................331

clear hrp counters......................................................................................................................331

clear standby counter................................................................................................................332

show hrp counters.....................................................................................................................332

8.4.4

8.4.5

show ring-redundancy...............................................................................................................333

Commands in the global configuration mode............................................................................333

8.4.5.1 ring-redundancy configuration...................................................................................................334

8.4.5.2 ring-redundancy mode..............................................................................................................334

8.4.5.3 no ring-redundancy...................................................................................................................335

8.4.5.4 ring-redundancy standby...........................................................................................................336

8.4.5.5 no ring-redundancy standby......................................................................................................336

8.4.6

Commands in the redundancy configuration mode...................................................................337

8.4.6.1 ring ports...................................................................................................................................337

8.4.6.2 standby connection-name.........................................................................................................338

8.4.6.3 no standby connection-name....................................................................................................339

8.4.6.4 standby force-master.................................................................................................................339

8.4.6.5 no standby force-master............................................................................................................340

8.4.6.6 standby port...............................................................................................................................341

8.4.6.7 no standby port..........................................................................................................................342

8.4.6.8 standby wait-for-partner............................................................................................................342

8.4.6.9 no standby wait-for-partner.......................................................................................................343

8.5

8.5.1

8.5.2

8.5.3

Unicast......................................................................................................................................344

show unicast-block config.........................................................................................................344

show mac-address-table dynamic unicast................................................................................345

show mac-address-table static unicast.....................................................................................346

8.5.4

Commands in the global configuration mode............................................................................346

8.5.4.1 no mac-address-table static unicast..........................................................................................347

8.6

8.6.1

8.6.2

8.6.3

Multicast....................................................................................................................................349

show multicast-block config.......................................................................................................349

show mac-address-table dynamic multicast..............................................................................350

show mac-address-table static multicast...................................................................................351

8.6.4

Commands in the global configuration mode............................................................................352

8.6.4.1 mac-address-table block static multicast...................................................................................352

8.6.4.2 mac-address-table static multicast............................................................................................353

8.6.4.3 no mac-address-table static multicast.......................................................................................354

Layer 3 functions......................................................................................................................................355

9.1

show ip route.............................................................................................................................356

9.2

9.2.1

9.2.2

9.2.3

9.2.4

9.2.5

9.2.6

9.2.7

OSPFv2.....................................................................................................................................357

show ip ospf..............................................................................................................................357

show ip ospf route.....................................................................................................................357

show ip ospf - database summary.............................................................................................358

show ip ospf ... database ..........................................................................................................359

show ip ospf border-routers.......................................................................................................360

show ip ospf interface................................................................................................................361

show ip ospf neighbor...............................................................................................................361

12

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

9.2.8

9.2.9

show ip ospf request-list............................................................................................................362

show ip ospf retransmission-list................................................................................................363

9.2.10

show ip ospf virtual-links ..........................................................................................................364

9.2.11

show ip ospf area-range............................................................................................................365

9.2.12

Commands in the Global Configuration mode..........................................................................366

9.2.12.1 router ospf.................................................................................................................................366

9.2.12.2 no router ospf............................................................................................................................367

9.2.13

Commands in the Router Configuration mode..........................................................................367

9.2.13.1 ASBR Router.............................................................................................................................368

9.2.13.2 no ASBR Router........................................................................................................................369

9.2.13.3 area range.................................................................................................................................369

9.2.13.4 area range summary.................................................................................................................371

9.2.13.5 no area range............................................................................................................................372

9.2.13.6 area nssa...................................................................................................................................373

9.2.13.7 area stub...................................................................................................................................374

9.2.13.8 no area .....................................................................................................................................375

9.2.13.9 area virtual-link..........................................................................................................................376

9.2.13.10

no area virtual-link................................................................................................................378

9.2.13.11

compatible rfc1583...............................................................................................................380

9.2.13.12

no compatible rfc1583..........................................................................................................380

9.2.13.13

default-information originate.................................................................................................381

9.2.13.14

no default-information originate............................................................................................382

9.2.13.15

default-information originate always.....................................................................................383

9.2.13.16

no default-information originate always................................................................................384

9.2.13.17

network area........................................................................................................................385

9.2.13.18

no network area...................................................................................................................386

9.2.13.19

redist-config..........................................................................................................................387

9.2.13.20

no redist-config.....................................................................................................................388

9.2.13.21

redistribute...........................................................................................................................389

9.2.13.22

no redistribute......................................................................................................................390

9.2.13.23

distribute-list route-map........................................................................................................391

9.2.13.24

no distribute-list route-map...................................................................................................391

9.2.13.25

router id................................................................................................................................392

9.2.13.26

summary-address................................................................................................................393

9.2.13.27

no summary-address...........................................................................................................395

9.2.14

Commands in the Interface Configuration mode.......................................................................395

9.2.14.1 ip ospf authentication................................................................................................................396

9.2.14.2 no ip ospf authentication...........................................................................................................397

9.2.14.3 ip ospf authentication-key..........................................................................................................398

9.2.14.4 no ip ospf authentication-key.....................................................................................................399

9.2.14.5 ip ospf cost................................................................................................................................399

9.2.14.6 no ip ospf cost...........................................................................................................................400

9.2.14.7 ip ospf dead-interval..................................................................................................................401

9.2.14.8 no ip ospf dead-interval.............................................................................................................402

9.2.14.9 ip ospf hello-interval..................................................................................................................403

9.2.14.10

no ip ospf hello-interval........................................................................................................404

9.2.14.11

ip ospf message-digest-key.................................................................................................404

9.2.14.12

no ip ospf message-digest-key............................................................................................405

9.2.14.13

ip ospf retransmit-interval.....................................................................................................406

9.2.14.14

no ip ospf retransmit-interval................................................................................................407

9.2.14.15

ip ospf transmit-delay...........................................................................................................408

9.2.14.16

no ip ospf transmit-delay......................................................................................................408

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

13

Table of contents

9.2.14.17

ip ospf priority.......................................................................................................................409

9.2.14.18

no ip ospf priority..................................................................................................................410

9.3

9.3.1

RIPv2.........................................................................................................................................412

show ip rip.................................................................................................................................412

9.3.2

Commands in the global configuration mode............................................................................412

9.3.2.1 router rip....................................................................................................................................413

9.3.2.2 no router rip...............................................................................................................................413

9.3.3

Commands in the RIPv2 Router configuration mode................................................................414

9.3.3.1 auto-summary...........................................................................................................................414

9.3.3.2 no auto-summary......................................................................................................................415

9.3.3.3 distance.....................................................................................................................................415

9.3.3.4 no distance................................................................................................................................416

9.3.3.5 distibute-list route-map..............................................................................................................417

9.3.3.6 no distibute-list route-map.........................................................................................................417

9.3.3.7 network......................................................................................................................................418

9.3.3.8 no network.................................................................................................................................419

9.3.3.9 redistribute.................................................................................................................................419

9.3.3.10 no redistribute............................................................................................................................420

9.3.3.11 version.......................................................................................................................................421

9.3.3.12 no version..................................................................................................................................422

9.3.3.13 output-delay...............................................................................................................................422

9.3.4

Commands in the VLAN configuration mode for an interface...................................................423

9.3.4.1 ip rip default route originate.......................................................................................................423

9.3.4.2 no ip rip default route originate..................................................................................................424

9.3.4.3 ip rip receive version.................................................................................................................425

9.3.4.4 no ip rip receive version............................................................................................................425

9.3.4.5 ip rip send version.....................................................................................................................426

9.3.4.6 no ip rip send version................................................................................................................427

9.4

9.4.1

9.4.2

9.4.3

VRRP........................................................................................................................................428

show vrrp interface....................................................................................................................428

show vrrp interface - vrid...........................................................................................................429

Commands in the Global Configuration mode..........................................................................430

9.4.3.1 router vrrp..................................................................................................................................430

9.4.3.2 no router vrrp.............................................................................................................................431

9.4.4

Commands in the VRRP Router Configuration mode...............................................................432

9.4.4.1 interface.....................................................................................................................................432

9.4.4.2 no interface................................................................................................................................433

9.4.4.3 vrrp virtual-ping..........................................................................................................................434

9.4.4.4 no vrrp virtual-ping.....................................................................................................................435

9.4.5

Commands in the Interface Configuration mode.......................................................................436

9.4.5.1 vrrp associated-ip......................................................................................................................436

9.4.5.2 no vrrp associated-ip.................................................................................................................437

9.4.5.3 vrrp group shutdown..................................................................................................................438

9.4.5.4 vrrp preempt..............................................................................................................................439

9.4.5.5 no vrrp preempt.........................................................................................................................440

9.4.5.6 vrrp primary-ip...........................................................................................................................441

9.4.5.7 no vrrp primary-ip......................................................................................................................442

9.4.5.8 vrrp priority................................................................................................................................443

9.4.5.9 no vrrp priority...........................................................................................................................444

9.4.5.10 vrrp text-authentication..............................................................................................................445

9.4.5.11 no vrrp text-authentication.........................................................................................................446

14

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

9.4.5.12 vrrp timer...................................................................................................................................447

9.4.5.13 no vrrp timer..............................................................................................................................448

10 Load control..............................................................................................................................................449

10.1

Rate control...............................................................................................................................450

10.1.1

show rate-limit output................................................................................................................450

10.1.2

Commands in the interface configuration mode........................................................................451

10.1.2.1 rate-limit output..........................................................................................................................451

10.1.2.2 no rate-limit output.....................................................................................................................452

10.1.2.3 storm-control.............................................................................................................................452

10.1.2.4 no storm-control........................................................................................................................454

10.1.2.5 storm-control level.....................................................................................................................454

10.1.2.6 no storm-control level................................................................................................................455

10.2

Static MAC filtering....................................................................................................................457

10.2.1

Commands in the global configuration mode............................................................................457

10.2.1.1 mac-address-table block static multicast...................................................................................457

10.2.1.2 mac-address-table static multicast............................................................................................458

10.2.1.3 no mac-address-table static multicast.......................................................................................459

10.2.1.4 mac-address-table static unicast...............................................................................................460

10.2.1.5 no mac-address-table static unicast..........................................................................................461

10.2.2

Commands in the interface configuration mode........................................................................462

10.2.2.1 switchport ingress-filter..............................................................................................................462

10.2.2.2 no switchport ingress-filter.........................................................................................................463

10.3

Dynamic MAC aging..................................................................................................................464

10.3.1

show mac-address-table aging-time.........................................................................................464

10.3.2

show mac-address-table aging-status.......................................................................................464

10.3.3

Commands in the global configuration mode............................................................................465

10.3.3.1 mac-address-table aging-time...................................................................................................465

10.3.3.2 no mac-address-table aging-time..............................................................................................466

10.3.3.3 mac-address-table aging...........................................................................................................467

10.3.3.4 no mac-address-table aging......................................................................................................467

10.4

Flow control...............................................................................................................................469

10.4.1

show flow-control.......................................................................................................................469

10.4.2

Commands in the interface configuration mode........................................................................470

10.4.2.1 flowcontrol.................................................................................................................................470

10.5

Service classes.........................................................................................................................472

10.5.1

show qos cos-map....................................................................................................................472

10.5.2

show qos dscp-map..................................................................................................................472

10.5.3

Commands in the Global configuration mode...........................................................................473

10.5.3.1 qos.............................................................................................................................................473

10.5.4

Commands in the QOS configuration mode..............................................................................474

10.5.4.1 cos-map.....................................................................................................................................474

10.5.4.2 dscp-map...................................................................................................................................475

11 Security and authentication......................................................................................................................477

11.1

User rights management...........................................................................................................478

11.1.1

show users................................................................................................................................478

11.1.2

whoami......................................................................................................................................478

11.2

Radius client..............................................................................................................................480

11.2.1

show radius statistics................................................................................................................480

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

15

Table of contents

11.2.2

show radius server....................................................................................................................480

11.2.3

Commands in the global configuration mode............................................................................481

11.2.3.1 radius-server.............................................................................................................................481

11.2.3.2 no radius-server........................................................................................................................482

11.3

MAC access control list.............................................................................................................484

11.3.1

show access-lists......................................................................................................................484

11.3.2

show interface access lists........................................................................................................484

11.3.3

Commands in the global configuration mode............................................................................485

11.3.3.1 mac access-list extended..........................................................................................................485

11.3.3.2 no mac access-list extended.....................................................................................................486

11.3.4

Commands in the interface configuration mode........................................................................487

11.3.4.1 mac access-group.....................................................................................................................487

11.3.4.2 no mac access-group................................................................................................................488

11.3.5

Commands in the MAC ACL configuration mode .....................................................................489

11.3.5.1 permit........................................................................................................................................489

11.3.5.2 deny...........................................................................................................................................491

11.4

IP access control list..................................................................................................................493

11.4.1

Commands in the Global Configuration mode..........................................................................493

11.4.1.1 ip access-list..............................................................................................................................493

11.4.1.2 no ip access-list.........................................................................................................................494

11.4.2

Commands in the Interface Configuration mode.......................................................................495

11.4.2.1 ip access-group.........................................................................................................................495

11.4.2.2 no ip access-group....................................................................................................................496

11.4.3

Commands in the ACL standard configuration mode................................................................497

11.4.3.1 permit........................................................................................................................................497

11.4.3.2 deny...........................................................................................................................................499

11.4.3.3 permit icmp................................................................................................................................501

11.4.3.4 deny icmp..................................................................................................................................503

11.4.3.5 permit tcp...................................................................................................................................504

11.4.3.6 deny tcp.....................................................................................................................................506

11.4.3.7 permit udp.................................................................................................................................508

11.4.3.8 deny udp....................................................................................................................................510

11.5

Port Access Control List Locked Ports......................................................................................512

11.5.1

show lock port...........................................................................................................................512

11.5.2

Commands in the Global configuration mode...........................................................................513

11.5.2.1 clear-all-static-unicast................................................................................................................513

11.5.2.2 auto-learn..................................................................................................................................513

11.5.3

Commands in the interface configuration mode........................................................................514

11.5.3.1 switchport lock...........................................................................................................................514

11.5.3.2 no switchport lock......................................................................................................................515

11.5.4

Commands in the AUTOLEARN mode.....................................................................................515

11.5.4.1 start...........................................................................................................................................516

11.5.4.2 stop............................................................................................................................................516

11.6

Management Access Control List..............................................................................................518

11.6.1

show authorized-managers.......................................................................................................518

11.6.2

Commands in the Global configuration mode...........................................................................518

11.6.2.1 authorized-manager..................................................................................................................519

11.6.2.2 no authorized-manager.............................................................................................................519

11.6.2.3 authorized-manager ip-source..................................................................................................520

11.6.2.4 no authorized-manager ip-source.............................................................................................522

16

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

11.7

Port Based Network Access Control.........................................................................................523

11.7.1

show dot1x................................................................................................................................523

11.7.2

show dot1x guest-vlan mac-info................................................................................................524

11.7.3

show dot1x mac-auth mac-info.................................................................................................524

11.7.4

Commands in the global configuration mode............................................................................525

11.7.4.1 dot1x guest-vlan........................................................................................................................525

11.7.4.2 no dot1x guest-vlan...................................................................................................................525

11.7.4.3 dot1x mac-auth..........................................................................................................................526

11.7.4.4 no dot1x mac-auth.....................................................................................................................527

11.7.5

Commands in the interface configuration mode........................................................................527

11.7.5.1 dot1x guest-vlan........................................................................................................................527

11.7.5.2 no dot1x guest-vlan...................................................................................................................528

11.7.5.3 dot1x guest-vlan vlan-id............................................................................................................529

11.7.5.4 no dot1x guest-vlan vlan-id.......................................................................................................529

11.7.5.5 dot1x guest-vlan reset...............................................................................................................530

11.7.5.6 set dot1x guest-vlan mac-addr count........................................................................................530

11.7.5.7 dot1x mac-auth..........................................................................................................................531

11.7.5.8 no dot1x mac-auth.....................................................................................................................532

11.7.5.9 dot1x mac-auth port reset.........................................................................................................532

11.7.5.10

dot1x mac-auth vlan-assign.................................................................................................533

11.7.5.11

no dot1x mac-auth vlan-assign............................................................................................533

11.7.5.12

dot1x port-control.................................................................................................................534

11.7.5.13

no dot1x port-control............................................................................................................535

11.7.5.14

set dot1x mac-auth mac-addr count.....................................................................................535

11.7.5.15

dot1x reauthentication..........................................................................................................536

11.7.5.16

no dot1x reauthentication.....................................................................................................537

12 Diagnostics...............................................................................................................................................539

12.1

Event and fault handling............................................................................................................540

12.1.1

logging console.........................................................................................................................540

12.1.2

no logging console....................................................................................................................540

12.1.3

show events config....................................................................................................................541

12.1.4

show events severity.................................................................................................................542

12.1.5

show events faults config..........................................................................................................542

12.1.6

show events faults status..........................................................................................................543

12.1.7

show startup-information...........................................................................................................544

12.1.8

show logbook............................................................................................................................544

12.1.9

clear logbook.............................................................................................................................545

12.1.10 show cabletest interface............................................................................................................545

12.1.11 show interface transceiver details.............................................................................................546

12.1.12 show power-line-state...............................................................................................................547

12.1.13 Commands in the global configuration mode............................................................................548

12.1.13.1

12.1.13.2

12.1.14 Commands in the Events configuration mode...........................................................................549

12.1.14.1

12.1.14.2

12.1.14.3

12.1.14.4

12.1.14.5

12.1.14.6

12.1.14.7

events...................................................................................................................................548

cabletest interface................................................................................................................548

add log.................................................................................................................................550

client config..........................................................................................................................550

no client config.....................................................................................................................551

event config..........................................................................................................................552

no event config.....................................................................................................................554

eventgroup...........................................................................................................................555

no event...............................................................................................................................556

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

17

Table of contents

12.1.14.8

severity.................................................................................................................................557

12.1.14.9

no severity............................................................................................................................558

12.1.14.10 power...................................................................................................................................559

12.1.14.11 no power..............................................................................................................................559

12.1.14.12 link........................................................................................................................................560

12.1.14.13 no link...................................................................................................................................561

12.1.14.14 syslogserver.........................................................................................................................562

12.1.14.15 no syslogserver....................................................................................................................563

12.2

Syslog client..............................................................................................................................565

12.2.1

show events syslogserver.........................................................................................................565

12.2.2

Commands in the Events configuration mode...........................................................................565

12.2.2.1 syslogserver..............................................................................................................................566

12.2.2.2 no syslogserver.........................................................................................................................567

12.3

RMON.......................................................................................................................................568

12.3.1

show rmon.................................................................................................................................568

12.3.2

Commands in the global configuration mode............................................................................569

12.3.2.1 rmon alarm................................................................................................................................569

12.3.2.2 no rmon alarm...........................................................................................................................571

12.3.2.3 rmon event................................................................................................................................571

12.3.2.4 no rmon event...........................................................................................................................572

12.3.2.5 set rmon....................................................................................................................................573

12.3.3

Commands in the interface configuration mode........................................................................574

12.3.3.1 rmon collection stats..................................................................................................................574

12.3.3.2 no rmon collection stats.............................................................................................................575

12.3.3.3 rmon collection history...............................................................................................................575

12.3.3.4 no rmon collection history..........................................................................................................576

12.4

Port Mirroring ............................................................................................................................578

12.4.1

show monitor.............................................................................................................................578

12.4.2

show monitor barrier..................................................................................................................578

12.4.3

show monitor session................................................................................................................579

12.4.4

Commands in the global configuration mode............................................................................580

12.4.4.1 monitor......................................................................................................................................580

12.4.4.2 no monitor.................................................................................................................................581

12.4.4.3 monitor barrier enabled.............................................................................................................582

12.4.4.4 no monitor barrier enabled........................................................................................................583

12.4.4.5 monitor session destination.......................................................................................................583

12.4.4.6 no monitor session destination..................................................................................................584

12.4.4.7 monitor session source.............................................................................................................585

12.4.4.8 no monitor session source........................................................................................................587

12.4.4.9 no monitor session....................................................................................................................588

12.5

Loop detection...........................................................................................................................590

12.5.1

show loopd................................................................................................................................590

12.5.2

show loopd interface.................................................................................................................591

12.5.3

Commands in the global configuration mode............................................................................592

12.5.3.1 loopd..........................................................................................................................................592

12.5.3.2 no loopd.....................................................................................................................................593

12.5.3.3 loopd vlan mode........................................................................................................................593

12.5.3.4 no loopd vlan mode...................................................................................................................594

12.5.4

Commands in the Interface Configuration mode.......................................................................595

12.5.4.1 loopd..........................................................................................................................................595

18

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Table of contents

12.5.4.2 loopd port reset.........................................................................................................................596

12.5.4.3 no loopd port reset....................................................................................................................597

12.5.4.4 loopd reaction local...................................................................................................................597

12.5.4.5 no loopd reaction local..............................................................................................................598

12.5.4.6 loopd reaction remote................................................................................................................599

12.5.4.7 no loopd reaction remote...........................................................................................................600

Index.........................................................................................................................................................601

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

19

Introduction

1

1.1

Information on the configuration manual (CLI)

Validity of the configuration manual

This Configuration Manual covers the following products:

● SCALANCE XR-500

– SCALANCE XR552-12M

– SCALANCE XR528-6M

The devices are available with or without routing functions. For the devices without routing functions, the functions can be enabled by a KEY-PLUG.

● SCALANCE XM-400

– SCALANCE XM408-8C

– SCALANCE XM416-4C

The devices are available with or without routing functions.

This Configuration Manual applies to the following software version:

● SCALANCE XR-500 firmware as of version 4.0

● SCALANCE XM-400 firmware as of version 4.0

Purpose of the Configuration Manual

This Configuration Manual is intended to provide you with the information you require to install, commission and operate IE switches. It provides you with the information you require to configure the IE switches.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

21

Introduction

1.1 Information on the configuration manual (CLI)

Orientation in the documentation

Apart from the configuration manual you are currently reading, the products also have the following documentation:

● Configuration Manual:

– SCALANCE XM-400/XR-500 Web Based Mangement

This document is intended to provide you with the information you require to commission and configure IE switches using Web Based Management.

● Operating instructions:

– SCALANCE XR-500M

– MM900 media modules for SCALANCE XR-500M

– Fan unit FAN597-1 for SCALANCE XR-500M

– Power supply PS598-1 for SCALANCE XR-500M

– SCALANCE XM-400

– Extender for SCALANCE XM-400

These documents contain information on installing and connecting up and approvals for the products.

The following documentation is also available from SIMATIC NET on the topic of Industrial

Ethernet:

● System manual "Industrial Ethernet / PROFINET"

● System manual "Industrial Ethernet / PROFINET - Passive network components"

All these documents are available in digital form on the SCALANCE X DVD.

SIMATIC NET glossary

Explanations of many of the specialist terms used in this documentation can be found in the

SIMATIC NET glossary.

You will find the SIMATIC NET glossary here:

● SIMATIC NET Manual Collection or product DVD

The DVD ships with certain SIMATIC NET products.

● On the Internet under the following entry ID:

50305045 ( http://support.automation.siemens.com/WW/view/en/50305045 )

22

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

1.2

Introduction

1.2 Security information

Security information

Siemens provides automation and drive products with industrial security functions that support the secure operation of plants or machines. They are an important component in a holistic industrial security concept. With this in mind, our products undergo continuous development.

We therefore recommend that you keep yourself informed with respect to our product updates.

Please find further information and newsletters on this subject at: http:// support.automation.siemens.com.

To ensure the secure operation of a plant or machine it is also necessary to take suitable preventive action (e.g. cell protection concept) and to integrate the automation and drive components into a state-of-the-art holistic industrial security concept for the entire plant or machine. Any third-party products that may be in use must also be taken into account. Please find further information at: http://www.siemens.com/industrialsecurity

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

23

General information

2

2.1

Introduction

General information on the Command Line Interface

All the configuration settings for the device can be made using the Command Line Interface

(CLI). The CLI therefore provides the same options as Web Based Management (WBM). You should read the detailed explanations of the parameters in the manual "Configuration with Web

Based Management".

The CLI also allows remote configuration over Telnet.

Starting the CLI in a Windows console

Follow the steps outlined below to start the Command Line Interface in a Windows console:

1. Open a Windows console and type in the command "telnet" followed by the IP address of the device you are configuring:

C:\>telnet <IP address>

2. Enter your login and password.

As an alternative, you can also enter the command "telnet" followed by the IP address of the device you are configuring in the Start > Run menu.

Note

Requirement for use of the CLI

You should only use the command line interface if you are an experienced user.

Even commands that bring about fundamental changes to the configuration are executed without a prompt for confirmation.

Errors in the configuration can mean that no further operation is possible in the entire network.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

25

General information

2.2 Structure of the Command Line Interface

2.2

Structure of the Command Line Interface

Grouping of the commands in the various modes

The commands of the Command Line Interface are grouped according to various modes. Apart from a few exceptions (help, exit), commands can only be called up in the mode to which they are assigned. This grouping allows different levels of access rights for each individual group of commands. The following graphic is an overview of the available modes.

User EXEC mode

This mode is active after you log in with the user name user in a console window. In this mode, you can use show commands to display the current values of configuration parameters. It is not possible to modify parameters in this mode.

To be able to modify configuration parameters, you need to change to the Privileged EXEC mode.

26

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.2 Structure of the Command Line Interface

Privileged EXEC mode

You change to this mode if you log in with the name admin OR by entering "enable" in user exec mode. There are 2 ways of exiting the privileged exec mode:

1. The exit command logs you out; the login prompt appears.

2. The "disable" command brings you one level back from the privileged exec mode to the user exec mode. (The "disable" command is not available in user exec mode).

Global Configuration mode

In this mode, you can make basic configuration settings. In addition to this, you can also call up modes for the configuration of special interfaces or functions, for example to configure a

VLAN or a C-PLUG. You change to this mode by entering configure terminal in the

Privileged EXEC mode. You exit this mode by entering end.

Other configuration modes

From the Global Configuration mode, you can change to other configuration modes for special tasks. These are either general configuration modes (for example line configuration, interface configuration) or protocol-specific configuration modes (SNTP, NTP).

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

27

General information

2.3 Configuration limits

2.3

Configuration limits

Configuration limits of the device

The following table lists the configuration limits for Web Based Management and the Command

Line Interpreter of the device.

The usability of various functions depends on the device type you are using and whether or not a KEY-PLUG is inserted.

Configurable function

System Syslog server

E-mail server

SNMPv1 trap recipient

Layer 2 Virtual LANs (port-based; including VLAN 1)

Protocol-based VLAN groups per port

IPv4 subnet-based VLANs

Multiple Spanning Tree instances

Link aggregations or Etherchannels each with a maximum of 8 ports per aggregation

Ports in a link aggregation

Static MAC addresses in the forward database (FDB)

Multicast addresses without active GMRP

Multicast addresses with active GMRP

VLANs whose data traffic can be mirrored to a monitor port

Security IP addresses from a RADIUS server

Management ACLs (access rules for management)

Rules for port ACL MAC

Ingress and egress rules for port ACL MAC

Rules for port ACL IP

Ingress and egress rules for port ACL IP

Layer 3 Layer 3 interfaces

Entries in the hardware routing table

Static routes

Possible routes to the same destination

DHCP Relay Agent interfaces

DHCP Relay Agent servers

VRRP router interfaces (VLAN interfaces only)

OSPF areas per device

OSPF area range entries per OSPF area (intra-area summary)

OSPF interfaces

OSPF interfaces per OSPF area

OSPF virtual links (within an autonomous system)

Maximum number

12

150

16

8

10

257

3

3

127

4096

100

8

128

256

128

256

8

256

512

50

255

3

10

3

40

40

8

127

4

52

5

28

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configurable function

OSPF interface authentication key

OSPF virtual link authentication key

General information

2.3 Configuration limits

Maximum number

200

(40 interfaces each with 5 keys)

40

(8 virtual links each with 5 keys)

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

29

General information

2.4 The CLI command prompt

2.4

The CLI command prompt

Overview

The Command Line Interface prompt shows the following information:

● The mode in which the CLI is currently operating.

Most commands can only be called in a particular mode. You should therefore check the

CLI mode based on the command prompt.

– User Exec mode: CLI>

– Privileged Exec mode and configuration modes: CLI(...)#

● The selected interface when the CLI is in an Interface Configuration mode.

In the Interface Configuration mode, the parameters are configured for one specific interface. The command prompt is displayed in the form CLI(config-if-$$$)# where the placeholder $$$ is replaced by the identifier of the Interface. You select the Interface by setting suitable parameters for the interface command.

● An identifier when the Trial mode is enabled.

If you first test changes to the configuration and then want to discard them, disable the auto save function with the no auto-save command. You are then in Trial mode.

Changes to the configuration that you have not saved are indicated by an asterisk in front of the command prompt: *CLI(...)#.

You save the changes to the configuration with the command write startup-config.

With the auto-save command, you enable the auto save function again.

Note

Upper and lower case

The Command Line Interface does not distinguish between upper case and lower case letters.

Make sure, however, that names used by the operating system or other programs are correctly written.

Blank

To use blanks in a text, enter the text in quotes, for example "H e l l o"

30

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.5 Symbols of the CLI commands

2.5

Symbols of the CLI commands

Symbols for representing CLI commands

When setting parameters for CLI commands, the following characters are used: r

Characte Meaning

< ... >

[ ... ] mandatory parameter optional parameter

Instead of the expression in parenthesis, you must enter a value

Instead of the expression in parenthesis, you can enter a value

( ... ) Value or range of values Enter a value to replace the expression in parenthesis

( ... - ... ) Range of values Enter a value from this range

{ ... } Selection list

{ ... | ... } exclusive selection

Select one more elements from the list

Select exactly one element from this list

These characters are used in combinations to describe mandatory and optional entries.

There is a general description of some of these combinations below:

Character combinations

< variable >

< variable (a - b) >

[< variable 1 >< variable 2 >]

[ keyword < variable (a - b)>]

[ keyword < variable (a - b) unit >]

[keyword { A | B | C }] keyword { [A] [B] [C] }

Meaning

Instead of the expression in parentheses<>, enter a permitted value

Instead of the expression in parentheses <>, enter a value from the range "a" to "b"

The parameter pair is optional.

If you use the parameter assignment, you need to enter a permitted value to replace both expressions in parenthesis <>

The parameter assignment is optional.

If you use the keyword, you need to enter a value from the range "a" to "b" to replace the expression in parenthesis <>

The parameter assignment is optional.

If you use the keyword, you need to enter a value from the range "a" to "b" to replace the expression in parenthesis <>.

"Unit" is one of the variables and is also replaced by the entry.

The parameter assignment is optional.

If you use the keyword, you need to specify exactly one of the values "A", "B" or "C"

After the keyword, enter one or more of the values "A",

"B" or "C"

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

31

General information

2.6 Addresses and interface names

2.6

Addresses and interface names

2.6.1

Overview

Address types, address ranges and address masks

Since the various types of addresses can be represented by different notations, the notations used in the Command Line Interface are shown below:

● IP v4 addresses

Addresses for the Internet Protocol version 4 are written in the decimal notation of four numbers from the range 0 to 255, separated by a period.

● Network masks

A network mask is a series of bits that describes the network part of an IP address.

The notation is normally decimal in keeping with the IP address.

● Alternative notation for network masks

In contrast to the notation described above, network masks can also be represented as a number of 1 bits. The mask of the decimal representation 255.255.0.0 is then written as /16.

The syntax is then for example: <ipaddress> / 16

Note that there must be a space before and after the "/".

● MAC addresses

In the syntax of the Command Line Interface, a MAC address is represented as a sequence of 6 bytes in hexadecimal format, in each case separated by a colon.

The syntax is then, e.g. aa:bb:cc:dd:ee:ff.

● Multicast addresses

Layer 2 multicast addresses as used on this device use the notation of MAC addresses.

For permitted address ranges, check the rules or ask your network administrator.

32

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.6 Addresses and interface names

2.6.2

Overview

Naming interfaces

The device has several types of interface that are addressed in different ways:

● Physical interfaces on the SCALANCE X500:

– Permanently installed interfaces

The interfaces permanently installed on the SCALANCE X500 are called module 0.

– Interfaces of modules

The slots for modules are called module 1 followed by numbers. The numbering range depends on the hardware configuration. The numbering is fixed and does not depend on the number of modules being used.

Each module has 4 ports numbered 1 to 4.

The port name is made up of the module number and the port number, for example 0/1 is module 0, port 1.

● Physical interfaces on the SCALANCE XM400:

– Interfaces of the basic device

The interfaces of the basic device SCALANCE XM400 are called module 1.

– Interfaces of extenders

The port extenders are called module 2 and module 3 starting from the basic device.

The number of port extenders depends on the number of ports of the basic device.

The port name is made up of the module number and the port number, for example 1/5 is module 1, port 5.

● Logical interfaces:

– VLAN

To be able to use a VLAN, create it with the vlan command.

– The device supports up to 40 OSPF interfaces and 127 VLAN ports.

– Aggregated links, aggregated ports, port channel, etherchannel

These terms are used for the same function:

Several ports or connections between two devices are logically bundled together

(aggregated) to achieve a higher data transmission rate and a lower failure risk.

Combo ports

Combo port is the name for two communication ports. A combo port has the two following jacks:

● a fixed RJ-45 port

● an SFP transceiver slot that can be equipped individually

Of these two ports, only one can ever be active.

You can set the active port with the command media-type.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

33

General information

2.6 Addresses and interface names

Naming the interface in the interface command and in other commands

If you call up the interface command to configure an interface in the Global configuration mode, enter the interface you want to configure.

The interfaces are addressed with commands with the syntax interface <interfacetype> <interface-id>. Note the section below for more information on the notation of the address.

VLAN and port channel interfaces are selected using the number that you assigned in the vlan or channel-group command.

interface-type can have the following values:

● extreme-ethernet

● gigabit-ethernet

● vlan

The interface ID is represented as follows:

● The short form gi stands for gigabit-ethernet and the short form ex stands for extreme-ethernet.

● Enter a blank followed by the slot and port number of the Interface separated by a slash.

The permitted ranges of values depend on the hardware configuration in your device.

This notation also applies to other commands that address an Interface.

Examples

You call a gigabit Ethernet interface in the second port of slot 1 with the interface gi

1/2 command. For Fast Ethernet use fa.

Port channel ports are called as follows: interface po1

VLAN ports are called as follows: interface vlan 2

Identification of the interfaces in the command prompt of the Interface configuration mode

Since you configure precisely one of the existing interfaces in the Interface configuration mode, the command prompt shows not only the mode but also the name of this interface.

The command prompt is as follows: cli(config-if-$$$)#

The placeholder $$$ is replaced by the following name of the interface:

Type of interface cpu0 vlan port-channel gigabitethernet extreme-ethernet

Router-Port

Command prompt cli(config-if-cpu0)# cli(config-if-vlan-$)# cli(config-if-po-$)# cli(config-if-Gi$-$)# cli(config-if-Ex$-$)# cli(config-RPort-Gi$-$)#

34

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.6 Addresses and interface names

The placeholders $ or $-$ denote the numbering of the interface.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

35

General information

2.7 General CLI commands

2.7

General CLI commands

This section describes commands that you can call up in any mode.

2.7.1

Description

clear screen

With this command, you clear the screen.

The command prompt is displayed.

Syntax

Call the command without parameters: clear screen

Result

The screen is cleared.

The command prompt is displayed.

2.7.2

Description

end

With this command, you close all configuration modes.

You are then in the Privileged EXEC mode.

Requirement

You are in a configuration mode.

Syntax

Call the command without parameters: end

Result

You are in the Privileged EXEC mode.

36

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.7 General CLI commands

The command prompt is as follows: cli#

2.7.3

Description

exit

With this command, you close the current mode.

You are then at the next higher level in the user modes.

If you are in Privileged EXEC Modus or in User EXEC Modus mode, you will be logged out.

Syntax

Call the command without parameters: exit

Result

The current mode was exited.

2.7.4

Help functions and supported input

The Command Line Interface provides various functions that are helpful when making entries in the command line:

● help

● ?

● Command completion with the tab key

● Automatic completion of incomplete commands

● Paging in the list of most recently used commands

● Display of the list of most recently used commands (show history)

2.7.4.1

Description help

With this command, you display the help entry for a command or the command list.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

37

General information

2.7 General CLI commands

Help on a specific command

Syntax

Call up help with the following parameters: help [command]

Here, you replace [command] with the command for which you require help.

If the command for which you require help consists of several words, enter these words without spaces.

Result

The syntax of the command is displayed.

Command overview

Syntax

If you call up help without parameters, you will obtain a list of all permitted commands in the current mode: help

Result

Both the mode-specific as well as the global commands are displayed.

Note

Incomplete command names

If you have specified an incomplete command when calling help, a list of all commands that start with the term you have entered is created.

2.7.4.2

Description

The command "?"

With this command, you call up the command list.

Syntax

Enter a question mark to obtain a list of all permitted commands in the current mode:

?

For this command, you do not need to press the enter key.

The command executes immediately after you type the character.

38

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.7 General CLI commands

Both the mode-specific as well as the global commands are displayed.

Note

Incomplete command names

If you have specified an incomplete command when calling the help function, a list of all commands that start with the term you have entered is created.

Note

Output in pages

With long lists, the results are displayed as pages. If -- more -- appears at the lower edge of the display, you can move to the next page with the spacebar. If the display is in pages, you cannot page back. You exit the page display with the q key.

2.7.4.3

Description

Completion of command entries

The command interpreter of the Command Line Interface supports you when you enter commands.

As soon as the first characters of the command have been entered in the input line, the system can complete the entry as long as the character string is unambiguous.

This can be repeated after entering further characters.

Procedure

Enter the first characters of the command.

Press the TAB key.

Result

The command interpreter completes the input as long as the command is unambiguous.

If you enter a character string that cannot be completed to form a command, an error message is displayed.

● The command is not unique: % Ambiguous Command

● The command is unknown: % Invalid Command

● The command is incomplete: % Incomplete command

If the entry is not yet complete, enter further characters.

With ?, you obtain a list of the possible commands.

Repeat this if necessary until the command is complete and can execute.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

39

General information

2.7 General CLI commands

2.7.4.4

Abbreviated notation of commands

Description

The command interpreter of the Command Line Interface also detects commands if only the first character of the command or its parts is entered.

This is only possible if all the parts of the abbreviated input can be assigned to exactly one command or to the parts of the command.

Example

2.7.4.5

The show event config command can be replaced by the expression sh e c.

Reusing the last used commands

Description

The Command Line Interface saves the last 14 commands used in a list assigned to the particular mode. This can then only be called up in the relevant mode.

Example: In the Global Configuration mode, all entered commands are saved. If you entered commands earlier in the Interface Configuration mode, these commands are not included in the list of the Global Configuration mode. You can only call up and reuse these commands in the Interface Configuration mode.

Procedure

You can page through the list of the commands most recently used using the arrow up and arrow down keys.

If the command you are looking for is displayed, you can edit the command line as required and execute the command with the enter key.

Further notes

2.7.4.6

You display the list of commands last used with the show history command. This function is available in every mode.

Working through a command sequence

Separators for multiple commands in one line

You can call up several commands one after the other in one line in the CLI.

Separate the commands with a semicolon ";".

After completing your input, start the processing of this command sequence with the enter key.

40

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

General information

2.7 General CLI commands

Example

The command sequence CLI#conf t; int gi 1/1; shut; no switchport; no shut; no ip address; end; write startup has the same effect as:

CLI#conf t

CLI(config)#int gi 1/1

CLI(config-IF-gi1-1)#shutdown

CLI(config-IF-gi1-1)#no switchport

CLI(config-IF-gi1-1)#no shutdown

CLI(config-IF-gi1-1)#no ip address

CLI#write startup

2.7.4.7

Description show history

This command shows the last 14 commands you entered.

The commands are listed in the order in which they were called up. The show history command is listed as the last command to be entered.

The list depends on the mode. In the Global configuration mode, the last 14 commands entered in this mode are displayed. These commands are not included in the list of the Interface configuration mode.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show history

Result

The list of used commands is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

41

Configuration

This part contains the sections that describe the following:

● System settings

● Saving / loading configurations and firmware

3

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

43

Configuration

3.1 System

3.1

System

This section describes commands with which general system properties can be displayed and configured.

3.1.1

The "show" commands

This section describes commands with which you display various settings.

3.1.1.1

Description show cli-console-timeout

This command shows the global configuration for the timeout of the CLI console.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show cli-console-timeout

Result

The configuration for the timeout is displayed.

3.1.1.2

Description show coordinates

This command shows the system coordinates.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

44

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

cli> or cli#

Syntax

Result

3.1.1.3

Description

The system coordinates are displayed.

show device information

This command shows information about the device.

Requirement

Call the command without parameters: show coordinates

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show device information

Result

The information about the device is displayed.

3.1.1.4

Description show env temperature

This command shows the temperature of the system.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

45

Configuration

3.1 System

Syntax

Result

3.1.1.5

Description

The temperature of the system is displayed.

show hardware

This command shows the type and number as well as the position of the installed interface cards of the system.

Requirement

Call the command without parameters: show env temperature

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show hardware

Result

The table of interface cards is displayed.

The slot ID, the status and the type or name of the card is listed.

3.1.1.6

Description show interface mtu

With this command, you show the setting for the Maximum Transmission Unit (MTU) of the interfaces on the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

46

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System cli> or cli#

Syntax

Call up the command with the following parameters: show interface mtu [{Vlan<vlan-id(1-4094)>|

portchannel<port-channel-id(1-8)>|

<interface-type><interface-id>}]

The parameters have the following meaning:

Parameter

Vlan vlan-id portchannel

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Keyword for a port channel connection port-channel-id Number of the addressed port channel interface-type

Type of interface interface-id

Slot no. and port no. of the interface

Range of values

-

1 ... 4094

-

1 ... 8

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If no parameters are specified, the settings for all interfaces are displayed.

Note

If you use an MM900 with an optical interface, use gigabitethernet for the interfacetype parameter. For further information on the media modules, refer to the compact operating instructions of the MM900 media modules for SCALANCE XR-500M.

Result

3.1.1.7

Description

The settings are displayed.

show interfaces

This command shows the status and the configuration of one, several or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

47

Configuration

3.1 System

Syntax

Call up the command with the following parameters: show interfaces

[{

[<interface-type><interface-id>]

[{description|stormcontrol|flowcontrol|status}]

|

{vlan<vlan-id(1-4094)>}

|

port-channel<port-channel-id(1-8)>

}]

The parameters have the following meaning:

Parameters interfacetype

Description

Type or speed of the interface interface-id

Slot no. and port no. of the interface description

Shows the description of the interface stormcontrol

Shows the storm control settings flowcontrol status vlan

Shows the flow control settings

Shows the status of the interface

Keyword for a VLAN connection

Number of the addressed VLAN vlan-id port-channel

Keyword for a port channel connection port-channelid

Number of the addressed port channel

Range of values

-

-

-

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

-

1 ... 4094

-

1 ... 8

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the status and configuration of all available interfaces will be displayed.

Result

The status and the configuration of the selected interfaces are displayed.

3.1.1.8

Description show interfaces ... counters

This command shows the counters of one, several or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

48

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Syntax

Result

3.1.1.9

Description

The counters of the selected interfaces are displayed.

show ip interface

This command shows the configuration of one, several or all IP interfaces.

Requirement

Call up the command with the following parameters: show interfaces

[{<interface-type><interface-id>]|{vlan<vlanid(1-4094)>}]counters

The parameters have the following meaning:

Parameters interfacetype interface-id vlan vlan-id

Description

Type or speed of the interface

Slot no. and port no. of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

-

1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available counters.

You are in the User EXEC mode or in Privileged EXEC.

The command prompt is as follows: cli> or cli#

Syntax

The command prompt is as follows: cli> or cli#

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

49

Configuration

3.1 System show ip interface [Vlan<vlan-id(1-4094)>]

[<interface-type><interface-id>]

[loopback<loopback-id(0)>]

The parameters have the following meaning:

Parameters

Vlan vlan-id interfacetype

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface interfaceid

Slot no. and port no. of the interface loopback

Keyword for a loopback loopback-id

Number of the addressed loopback

-

0

Values

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the configuration is displayed for all available IP interfaces.

Result

The configuration of the selected IP interface is displayed.

3.1.1.10

show pnio

Description

This command shows the current PROFINET IO configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show pnio

Result

The current PROFINET IO configuration is displayed.

50

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

3.1.1.11

show broadcast-block config

Description

This command shows the broadcast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show broadcast-block config [port<interface-type><interface-id)>]

The parameters have the following meaning:

Parameters port interfacetype

Description

Keyword for a port description

Type or speed of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The broadcast blocking settings for ports are displayed.

3.1.1.12

show unicast-block config

Description

This command shows the unicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

51

Configuration

3.1 System

Syntax

Call up the command with the following parameters: show unicast-block config [port<interface-type><interface-id)>]

The parameters have the following meaning:

Parameters port interfacetype

Description

Keyword for a port description

Type or speed of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The unicast blocking settings for ports are displayed.

3.1.1.13

show multicast-block config

Description

This command shows the multicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show multicast-block config[port<interface-type><interface-id)>]

The parameters have the following meaning:

Parameter Description port

Keyword for a port description interface-type

Type of interface interface-id

Slot no. and port no. of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

52

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If no parameters are specified, the settings for all ports are displayed.

Result

The multicast blocking settings for ports are displayed.

3.1.1.14

show versions

Description

This command shows the version information of the entire system.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show versions

Result

The version information of the entire system is displayed.

3.1.2

Description

clear counters

With this command, you reset the counters of an interface.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

53

Configuration

3.1 System

Syntax

Call up the command with the following parameters: clear counters [<interface-type><interface-id>]

The parameters have the following meaning:

Parameters interfacetype

Description

Type or speed of the interface

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If no parameters are specified, the counters for all interfaces are reset.

Result

The counters of the interface are reset.

Further notes

You can display the statistical information of the interfaces with the show interfaces - counters command.

3.1.3

Description

configure terminal

With this command, you change to the Global configuration mode.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: configure terminal

54

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

You are now in the Global configuration mode.

The command prompt is as follows: cli(config)#

Further notes

You exit the Global configuration mode with the end command.

3.1.4

Description

disable

With this command, you close the Privileged EXEC mode.

You are then in the User EXEC mode.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: disable

Result

You are in the User EXEC mode.

The command prompt is as follows: cli>

3.1.5

Description

enable

With this command, you change to the Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

55

Configuration

3.1 System

Requirement

You are in the User EXEC mode.

The command prompt is as follows: cli>

Syntax

Call the command without parameters: enable

Result

You are prompted to enter the administrator password. After logging in successfully, you are in the Privileged EXEC mode.

The command prompt is as follows: cli#

3.1.6

Description

lock

With this command, you lock the console.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: lock

Result

The console is locked. The system expects the entry of the password.

Further notes

You cancel the lock by entering the Login password.

56

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

3.1.7

Description

logout

With this command, you exit the Command Line Interface.

If you are connected to the device via telnet, the session is closed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: logout

Result

The CLI session is ended and the Windows Login prompt is displayed.

3.1.8

Description

ping

With this command, you request a response from a device in the network.

This allows you to check whether or not another node is reachable.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: ping [ip]<destination-address>

[size<packet_size(0-2080)>]

[count<packet_count(1-10)>]

[timeout<time_out(1-100)>]

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

57

Configuration

3.1 System

The parameters have the following meaning:

Parameter Description Range of values ip destination address size packet_size count

Uses an IP address

Address of the called node

-

-

Enter a valid IP address or a valid hostname

Keyword for the size of the packets to be transferred

Keyword for the size of the packets in bytes 0 … 2080

Default: 32

Keyword for the number of packets to be requested packet_count

Number of packets

timeout

-

1 … 10

Default: 3 time_out

Response wait time

If this time expires, the request is reported as "timed out".

Time to the timeout in seconds 1 … 100

Default: 1

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the default values are used.

Result

The messages relating to the response of the called node are displayed.

3.1.9

Description

clear line vty

With this command, you close a console session on the device.

With the forceful-clear option, you close a session and that is not reacting.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters:

58

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System clear line vty {<line-number(2-9)>|all}[forceful-clear]

The parameters have the following meaning:

Parameters Description line-number all

Number of the connection that will be terminated terminates all connections forceful-clear closes a session that is not reacting

Values

-

2 ... 9

Result

The console session is closed.

Further notes

You show the logged-on users with the show users command.

See also

Addresses and interface names (Page 32)

3.1.10

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

3.1.10.1

interface

Description

With this command, you change to the Interface configuration mode.

There you can edit the settings for one interface. You select the interface with the parameters of this command. If you specify a logical interface that does not exist, it will be created. The name of the selected interface is displayed in the command prompt.

Requirement

You are in the Global Configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

59

Configuration

3.1 System

Syntax

Result

60

The command prompt is as follows: cli(config)#

Call up the command with the following parameters: interface{cpu0|vlan<vlan-id(1-4094)>|port-channel<port-channelid(1-8)>|

<interface-type><interface-id>}

The parameters have the following meaning:

Parameters Description cpu0 vlan

The configuration mode for the "Out of Band

Management interface" is called up

Keyword for a VLAN connection

Number of the addressed VLAN vlan-id port-channel

Keyword for a port channel connection port-channel-id

Number of the addressed port channel interface-type

Type or speed of the interface

-

Values

-

1 … 4094

-

1 … 8

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interface-id

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

The placeholder $$$ is replaced by the following name of the interface:

Type of interface cpu0 vlan port-channel gigabitethernet extreme-ethernet

Command prompt cli(config-if-cpu0)# cli(config-if-vlan-$)# cli(config-if-po-$)# cli(config-if-Gi$-$)# cli(config-if-Ex$-$)#

The placeholders $ or $-$ denote the numbering of the interface.

The ranges of values for the logical interfaces VLAN and port channel can be found in the table above. You can only call up interfaces that you created with the vlan or channel-group command.

The ranges of values from the physical interfaces depend on the hardware configuration.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Further notes

You exit the Interface configuration mode with the end or exit command.

You delete a logical interface with the no interface command.

You display the status and the configuration of the interfaces with the show interfaces command.

3.1.10.2

no interface

Description

With this command, you delete a logical interface.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no interface{vlan<vlan-id(1-4094)>|port-channel<port-channelid(1-8)>}

The parameters have the following meaning:

Parameters Description vlan vlan-id

Keyword for a VLAN connection

Number of the addressed VLAN port-channel

Keyword for a port channel connection port-channel-id

Number of the addressed port channel

Values

-

1 … 4094

-

1 … 8

Result

The logical interface is deleted.

Further notes

You configure an interface with the interface command.

You display the status and the configuration of the interfaces with the show interfaces command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

61

Configuration

3.1 System

3.1.10.3

cli-console-timeout

Description

With this command, you enable the automatic logout and you configure the timeout setting for the CLI.

Note

No automatic logout from the CLI

If the connection is not terminated after the set time, check the setting of the "keepalive" function on the Telnet client. If the set interval is shorter than the configured time, the lower value applies. You have set, for example, 300 seconds for the automatic logout and the

"keepalive" function is set to 120 seconds. In this case, a packet is sent every 120 seconds that keeps the connection up.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: cli-console-timeout [seconds(60-600)]

The parameters have the following meaning:

Parameter seconds

Description

Time in seconds until automatic logout after the last entry

Range of values

60 ... 600

Default: 300

Result

The time is configured and automatic logout is enabled.

Further notes

You disable automatic logout with the no cli-console-timeout command.

You display the current timeout setting with the show cli-console-timeout command.

62

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

3.1.10.4

no cli-console-timeout

Description

With this command, you disable the automatic logout.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no cli-console-timeout

Result

Automatic logout is disabled.

Further notes

You enable automatic logout with the cli-console-timeout command.

3.1.10.5

coordinates height

Description

With this command, you enter a height coordinate.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: coordinates height <meter>

The parameter has the following meaning:

Configuration

3.1 System

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

63

Configuration

3.1 System

Parameters meter

Description

Input box for the height coordinate

Note max. 32 characters

To use spaces in the entry, enter the height coordinate in quotes: coordinates height "123 456"

Result

The height coordinate is created.

3.1.10.6

coordinates latitude

Description

With this command, you enter a latitude coordinate.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: coordinates latitude <latitude>

The parameter has the following meaning:

Parameters latitude

Description

Input box for the latitude coordinate

Note max. 32 characters

To use spaces in the entry, enter the latitude coordinate in quotes: coordinates latitude "123 456"

Result

The latitude coordinate is created.

3.1.10.7

coordinates longitude

Description

With this command, you enter a longitude coordinate.

64

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: coordinates longitude <longitude>

The parameter has the following meaning:

Parameters Description longitude

Input box for the longitude coordinate

Note max. 32 characters

To use spaces in the entry, enter the longitude coordinate in quotes: coordinates longitude

"123 456"

Result

The longitude coordinate is created.

3.1.10.8

system contact

Description

With this command, you enter contact information for the system.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: system contact <string>

The parameter has the following meaning:

Parameter s string

Description

Input box for contact information

Note max. 255 characters

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

65

Configuration

3.1 System

Result

The contact information is created in the system.

3.1.10.9

system location

Description

With this command, you enter the location information for the system.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: system location <string>

The parameter has the following meaning:

Parameter s string

Description

Input box for the location information

Note max. 255 characters

Result

The location information is created in the system.

3.1.10.10 system name

Description

This command, you enter a name for the system.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

66

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Call up the command with the following parameters: system name <string>

The parameter has the following meaning:

Parameter s string

Description

Input box for the name

Result

The name is created in the system.

3.1.10.11 username

Description

With this command, you change the password of a user.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: username {user|admin}password<passwd>

The parameters have the following meaning:

Parameters Description user admin passwd the password for the user is changed the password for the administrator is changed

Value for the password

Note

Length of the password

The password must be at least 6 characters long.

Note max. 255 characters

Configuration

3.1 System

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

67

Configuration

3.1 System

Result

The password is changed.

Note

Changing the password in Trial mode

Even if you change the password in Trial mode, this change is saved immediately.

3.1.11

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

3.1.11.1

alias

Description

With this command, you assign a name to an interface. The name only provides information and has no effect on the configuration.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: alias <port-name>

The parameter has the following meaning:

68

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Parameters port-name

Description

Name of the interface max. 63 characters

Result

The interface is assigned a name.

3.1.11.2

duplex

Description

Certain interfaces can be operated in full duplex mode or half duplex mode. The options here depend on the connected device.

Optical connections, for example, are always operated in full duplex mode since they have a fiber for each transmission direction.

With this command, you configure the duplex mode of an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: duplex {full|half}

The parameters have the following meaning:

Parameter full half

Description

The Interface will be operated in full duplex mode. Default: full

The Interface will be operated in half duplex mode

Result

The duplex mode of the interface is configured.

Further notes

You can reset the duplex mode of the Interface to the default value with the no duplex command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

69

Configuration

3.1 System

3.1.11.3

no duplex

Description

With this command, you reset the duplex mode of an interface to the default value.

The default value is full.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no duplex

Result

The duplex mode of the Interface is reset to the default value.

Further notes

You configure the duplex mode of the interface with the duplex command.

3.1.11.4

mtu

Description

With this command, you configure the size of the Maximum Transmission Unit (MTU) for an interface.

Requirement

● The Interface must be shut down.

● You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:

70

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System mtu <frame-size(64-9216)>

The parameter has the following meaning:

Parameter frame-size

Description

Size of the MTU in bytes

Range of values

64 ... 9216

Default: 1514

Result

The setting for the size of the MTU is configured.

Further notes

You can shut down the interface with the shutdown command.

You display this setting with the show interface mtu command.

You display this setting and other information with the show interfaces command.

3.1.11.5

negotiation

Description

With this command, you enable autonegotiation of connection parameters on an interface.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: negotiation

Result

The function is enabled.

Further notes

You disable the autonegotiation of connection parameters with the no negotiation command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

71

Configuration

3.1 System

3.1.11.6

no negotiation

Description

With this command, you disable autonegotiation of connection parameters on an interface.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no negotiation

Result

The function is disabled.

Further notes

You enable the autonegotiation of connection parameters with the negotiation command.

3.1.11.7

set broadcast-block

Description

With this command, you enable / disable the blocking of broadcast frames on an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: set broadcast-block{enable|disable}

The parameters have the following meaning:

72

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Parameter enable disable

Description

The blocking of broadcast frames is enabled.

The blocking of broadcast frames is disabled. Default: disabled

Result

The blocking of broadcast frames is enabled / disabled.

3.1.11.8

set multicast-block

Description

With this command, you enable / disable the blocking of multicast frames on an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: set multicast-block{enable|disable}

The parameters have the following meaning:

Parameter enable disable

Description

The blocking of multicast frames is enabled.

The blocking of multicast frames is disabled. Default: disabled

Result

The blocking of multicast frames is enabled / disabled.

3.1.11.9

shutdown

Description

With this command, you shut down the interface.

Requirement

You are in the Interface Configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

73

Configuration

3.1 System

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: shutdown

Result

The Interface is shut down. A connection continues to be indicated if a switch port is turned off. The LED for the port status flashes 3 times cyclically. However no data is sent or received.

Further notes

You activate the interface with the no shutdown command.

You can display the status of this function and other information with the show interfacescommand.

3.1.11.10 no shutdown

Description

With this command, you shut down an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no shutdown

Result

The Interface is activated.

Further notes

You activate the interface with the shutdown command.

74

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

You can display the status of this function and other information with the show interfacescommand.

Configuration

3.1 System

3.1.11.11 speed

Description

With this command, you configure the transmission speed of an interface.

Note

Availability of this function

The transmission speed can only be configured for electrical data transfer.

On optical connections, the transmission speed is fixed.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: speed {10|100|1000}

The parameters have the following meaning:

Parameters

10

100

1000

Description

Transmission speed 10 Mbps

Transmission speed 100 Mbps

Transmission speed 1000 Mbps

Result

The transmission speed of the interface is configured.

3.1.11.12 switchport

Description

With this command, you configure the interface as a switch port.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

75

Configuration

3.1 System

Requirement

● The Interface is shut down.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: switchport

Result

The interface is configured as a switch port. Activate the interface again.

Further notes

You shut down the interface with the shutdown command.

You activate the interface with the no shutdown command.

You configure the interface with the no switchport command.

You can display the status of this function and other information with the show ip interfacecommand.

3.1.11.13 no switchport

Description

With this command you configure the interface as a router port. This disables all switching and layer 2 functions.

Requirement

● The Interface is shut down.

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport

76

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Result

The interface is configured as a router port.

The command prompt is as follows: cli(config-if_RPort-Gi$$$)#

Activate the interface again.

Further notes

You shut down the interface with the shutdown command.

You activate the interface with the no shutdown command.

You configure the interface as a switch port with the switchport command.

You can display the status of this function and other information with the show ip interfacecommand.

3.1.11.14 lldp

Description

With this command, you enable the sending and receipt of LLDP packets on the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: lldp{transmit|receive}

The parameters have the following meaning:

Parameter transmit receive

Description

The sending of LLDP packets is enabled.

Default: enabled

The receipt of LLDP packets is enabled.

Default: enabled

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

77

Configuration

3.1 System

Note

Enabling both options

When you call this command, you can only select one option.

If you want to enable both options, call up the command again.

Result

The setting is configured.

Further notes

You disable the sending or receipt of LLDP packets with the no lldp command.

3.1.11.15 no lldp

Description

With this command, you disable the sending and receipt of LLDP packets on the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no lldp{transmit|receive}

The parameters have the following meaning:

Parameters transmit receive

Description the sending of LLDP packets is enabled the receipt of LLDP packets is disabled

Note

Disabling both options

When you call this command, you can only select one option.

If you want to disable both options, call up the command again.

78

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.1 System

Result

The setting is configured.

Further notes

You enable the sending or receipt of LLDP packets with the lldp command.

3.1.11.16 media type (SCALANCE XM400 only)

Description

With this command, you configure the mode of a combo port.

Note

This command only influences combo ports.

If you attempt to configure a different port with this command, an error message will be displayed.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: media-type {auto|rj45|sfp}

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

79

Configuration

3.1 System

Parameter auto rj45 sfp

Description

The auto mode is enabled for the combo port.

In this mode, the SFP transceiver port has priority. As soon as an SFP transceiver is plugged in, an existing connection at the fixed RJ-45 port is terminated. If no SFC transceiver is plugged in, a connection can be established via the fixed RJ-45 port.

Default: auto

The rj45 mode is enabled for the combo port.

In this mode, the fixed RJ-45 port is used independent of the SFP transceiver port.

If an SFP transceiver is plugged in, it is disabled and the power turned off.

The sfp mode is enabled for the combo port.

In this mode, the SFP transceiver port is used independent of the fixed RJ-45 port.

If an RJ-45 connection is established, it is terminated because the power of the RJ-45 port is turned off.

Result

The mode of the combo port is configured.

Further notes

You display the mode of a combo port with the command show interface and the parameter description.

80

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

3.2

Configuration

3.2 Load and Save

Load and Save

This section describes commands for displaying, copying, saving and downloading files for the device.

Note

Please note: During the installation of a previous version, the configuration data can be lost.

In this case, the device starts up with the factory configuration settings after the firmware has been installed.

3.2.1

Description

show loadsave files

This command shows the current Load&Save file information.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show loadsave files

Result

The current Load&Save file information is displayed.

3.2.2

Description

show loadsave tftp

This command shows the current Load&Save TFTP server configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

81

Configuration

3.2 Load and Save

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show loadsave tftp

Result

The current Load&Save TFTP server configuration is displayed.

3.2.3

Description

load tftp

With this command, you load the files from a TFTP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: load tftp <ipv4-address> [port <tcp port (1-65535)>] file <filename> filetype <filetype>

The parameters have the following meaning:

Parameter ipv4-addr port tcp port filetype filetype file filename

Description

Identifies the unicast IPv4 address

Keyword for the port of the server via which the

TFTP connection runs

Number of the port

Keyword for the file type to be loaded

Name of the file type

Shows that the name follows that will be assigned to the file type

Name of the file

Values

-

Enter a valid unicast IPv4 address

-

1 … 65535

max. 100 characters max. 100 characters

82

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.2 Load and Save

Result

The file is loaded on the device from the TFTP server.

3.2.4

Description

save filetype

With this command, you save files on a TFTP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: save filetype <filetype> tftp <ipv4-address> [port <tcp port

(1-65535)>] file <filename>

The parameters have the following meaning:

Parameter ipv4-addr port tcp port filetype filetype file filename

Description

Identifies the unicast IPv4 address

Keyword for the port of the server via which the

TFTP connection runs

Number of the port

Shows that the file type follows that will be loaded

Name of the file type

Shows that the name follows that will be assigned to the file type

Name of the file

Values

-

Enter a valid unicast IPv4 address

-

1 … 65535

max. 100 characters max. 100 characters

Result

The file is saved on the TFTP server.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

83

Configuration

3.2 Load and Save

3.2.5

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

3.2.5.1

Description loadsave

With this command, you change to the LOADSAVE configuration mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: loadsave

Result

You are now in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Further notes

You exit the LOADSAVE configuration mode with the exit command.

3.2.6

84

Commands in the LOADSAVE configuration mode

This section describes commands that you can call up in the LOADSAVE configuration mode.

In the Global Configuration mode, enter the loadsave command to change to this mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.2 Load and Save

You display the valid file types for the commands in the LOADSAVE Configuration mode with the global command show loadsave tftp.

● If you exit the LOADSAVE configuration mode with the exitcommand, you return to the

Global Configuration mode.

● If you exit the LOADSAVE configuration mode with the end command, you return to the

Privileged EXEC mode.

3.2.6.1

Description delete

With this command, you call up the possible files or delete a specific file.

Requirement

You are in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: delete{showfiles|filetype<filetype>}

The parameters have the following meaning:

Parameter showfiles filetype filetype

Description

Shows the available files

Shows that the file type follows that will be deleted

Name of the file type

Values

-

max. 100 characters

Result

The files are displayed or the file is deleted.

3.2.6.2

Description tftp filename

With this command, you assign a name to a file type.

The file type decides the type that is affected by the tftp load or tftp save action. The name decides the file to be copied to or from the TFTP server.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

85

Configuration

3.2 Load and Save

Requirement

You are in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp filename {showfiles|filetype< filetype >name<filename>}

The parameters have the following meaning:

Parameter showfiles filetype filetype name filename

Description

Shows the available files

Shows that the file type follows to which a name will be assigned

Name of the file type

Shows that the name follows that will be assigned to the file type

Name of the file

-

-

Values

max. 100 characters max. 100 characters

Result

The file types are displayed or the file type is assigned a name.

3.2.6.3

tftp load

Description

With this command, you load a file from a tftp server into the file system of the device. The tftp protocol is used for the transfer. You can also display a list of available files.

Requirement

● The name of the file is specified

You are in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp load{showfiles|filetype<filetype>}

86

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.2 Load and Save

The parameters have the following meaning:

Parameter showfiles filetype filetype

Description

Shows the available files

Shows that the file type follows that will be loaded

Name of the file type

Values

-

max. 100 characters

Result

The file types are displayed or the file is downloaded to the device.

Further notes

You configure the name of the file with the tftp filename command.

3.2.6.4

Description tftp save

With this command, you copy a file from the file system of the device to a tftp server. The tftp protocol is used for the transfer. You can also display a list of available files.

Requirement

● The name of the file is specified

You are in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp save {showfiles|filetype<filetype>}

The parameters have the following meaning:

Parameter showfiles filetype filetype

Description

Shows the available files

Shows that the file type follows that will be loaded

Name of the file type

Values

-

max. 100 characters

Result

The file types are displayed or the file is copied.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

87

Configuration

3.2 Load and Save

Further notes

You configure the name of the file with the tftp filename command.

3.2.6.5

Description tftp server

With this command, you configure the access to a TFTP server.

Requirement

You are in the LOADSAVE configuration mode.

The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp server {<ipv4-addr>}[port<tcp port(1-65535)>]

The parameters have the following meaning:

Parameter ipv4-addr port

Description

Identifies the unicast IPv4 address

Keyword for the port of the server via which the

TFTP connection runs

Parameter

Values

-

Enter a valid unicast IPv4 address tcp port

1 … 65535

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings are configured.

88

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

3.3

Configuration

3.3 Reset and Defaults

Reset and Defaults

This section describes commands for restarting the device and for restoring the original configuration.

3.3.1

Description

restart

With this command, you restart the device.

Select one of the following configuration settings:

● Device restart with the current configuration

● Device restart with the factory configuration settings.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters: restart[{factory}]

The parameters have the following meaning:

● if no parameters are specified: restarts the system with the current configuration

Parameter factory

Description

Restarts the system with the factory configuration settings

Result

The device is restarted with the selected settings.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

89

Configuration

3.4 Configuration Save & Restore

3.4

Configuration Save & Restore

This section describes commands for displaying, saving and restoring configuration settings.

3.4.1

Description

show running-config

This command shows configuration settings of the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show running-config

[{

syslog|dhcp|stp|la|pnac|vlan<vlan-id(1-4094)>|

interface

{

port-channel<port-channel-id(1-8)>|

<interface-type><interface-id>|

vlan<vlan-id(1-4094)>

}|

ssh|ssl|acl|ip|snmp|radius|rmon|igmp|sntp|http|

broadcast-blocking|multicast-blocking|locked-port|auto-logout| time|

ntp|auto-save|panel-button|cos-map|dscp-map|output-rate-limit|

unicast-blocking|ospf| vrrp

}]

[all]

The parameters have the following meaning:

Parameter syslog dhcp stp

Description

Shows the configuration settings of the Syslog function shows the configuration settings of the Dynamic

Host Configuration Protocol

Shows the configuration settings of the

Spanning Tree protocol

-

-

-

Range of values

90

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.4 Configuration Save & Restore

Parameter la pnac vlan vlan-id interface port-channel port-channelid interfacetype interface-id ssh ssl acl ip snmp radius rmon igmp sntp http broadcastblocking multicastblocking locked-port auto-logout time ntp auto-save

Description

Shows the configuration settings of the Link

Aggregation function shows the configuration settings of the portbased network access control

Keyword for a VLAN connection

Number of the addressed VLAN

Shows that an interface description follows

Keyword for a port channel connection

Number of the addressed port channel

-

-

-

-

-

Range of values

1 ... 4094

1 ... 8

Type of interface

Slot no. and port no. of the interface

Shows the configuration settings of the Secure

Shell protocol

Shows the configuration settings of the Secure

Sockets Layer protocol

Shows the configuration settings of the access control lists

Shows the configuration settings of the Internet

Protocol

Shows the configuration settings of the Simple

Network Management Protocol shows the configuration settings of the Remote

Authentication Dial-In User service

Shows the configuration settings of the Remote

Monitoring function

Shows the configuration settings of the Internet

Group Management Protocol

Shows the configuration settings of the Simple

Network Time Protocol

Shows the configuration settings of the

Hypertext Transfer Protocol

Shows the configuration settings of the broadcast blocking

Shows the configuration settings of the multicast blocking

Shows the configuration settings of the locked port function

Shows the configuration settings of the auto logout function

Shows the configuration settings of the system time

Shows the configuration settings of the Network

Time Protocol

Shows the configuration settings of the auto save function

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

91

Configuration

3.4 Configuration Save & Restore

Parameter Description panel-button

Shows the configuration settings of the Panel

Button function cos-map

Shows the configuration settings of the COS function dscp-map output-ratelimit

Shows the configuration settings of the DSCP map function

Shows the configuration settings of the output rate limit function unicastblocking ospf vrrp all

Shows the configuration settings of the unicast blocking

Shows the configuration settings of OSPF

Shows the configuration settings of OSPF shows all configuration settings and all default parameters. Some parameters cannot be changed.

-

-

-

-

-

-

-

-

Range of values

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The selected configuration settings of the device are displayed.

3.4.2

Description

write startup-config

With this command, you save the changes to the configuration in the configuration file.

The use of this command is required in the Trial mode. It can also be used in "auto save" mode.

Requirement

● The Trial mode is activated.

You are in the Privileged EXEC mode.

The command prompt is as follows:

*cli(...)#

Syntax

Call the command without parameter assignment: write startup-config

92

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.4 Configuration Save & Restore

Result

The changes are saved in the configuration file.

Use the restart command without parameters to restart the system with this configuration.

Further notes

You enable / disable the auto save function or the Trial mode with the auto-save command.

3.4.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

3.4.3.1

Description auto-save

The CLI can save changes to the configuration automatically.

If you first want to test changes made to the configuration so that you can discard them afterwards if necessary, you can disable the auto save function.

You are then in the Trial mode.

Changes to the configuration that you have not saved, are indicated by an asterisk in front of the command prompt: *cli(...)#.

You save the changes to the configuration with the write startup-config command.

With the auto-save command, you enable the auto save function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

93

Configuration

3.4 Configuration Save & Restore auto-save

As default the function is "enabled".

Result

The auto save function is enabled.

Further notes

You save changes to the configuration in the Trial mode with the write startup-config command.

You disable the function with the no auto-save command.

You can display the status of this function and other information with the show device informationcommand.

3.4.3.2

Description no auto-save

With this command, you disable the auto save function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no auto-save

Result

The auto save function is disabled. The Trial mode is disabled.

Further notes

You enable the function with the auto-save command.

You can display the status of this function and other information with the show device informationcommand.

94

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.5 PoE

3.5

PoE

3.5.1

Description

show poe status

This command shows specific information for all or for a selected PoE interface (PoE: Power over Ethernet).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Parameter iftype ifnum

Call up the command with the following parameters: show poe status [interface <iftype> <ifnum>]

The parameters have the following meaning:

Description

Type of interface

Slot no. and port no. of an interface separated by a slash

Values gigabitethernet

E.g. 1/2 for slot 1, port 2

Note

Calling commands without parameters

If you use the command without setting parameters, information about all PoE interfaces is displayed.

Result

The information is displayed.

3.5.2

Description

show pse status

This command shows the current settings of the PoE power supply of the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

95

Configuration

3.5 PoE

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show pse status

Result

The information is displayed.

3.5.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

3.5.3.1

Description poe pse usage

With this command, you set a value (as a percentage) for the Usage Threshold parameter.

This specifies how many percent of the maximum power the connected devices will use. As soon as the power being used by the end devices exceeds this percentage, an event is triggered. An event is also entered in the logbook.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

96

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.5 PoE

Parameter percent poe pse usage <percent>

The parameters have the following meaning:

Description

Value for Usage Threshold as a percentage.

Result

The value for Usage Threshold is configured.

3.5.3.2

Description no poe pse usage

With this command, you set the Usage Threshold parameter to the default value of 80%.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: poe pse usage

Result

Usage Threshold is set to 80%.

3.5.4

Commands in the Interface Configuration mode

This section describes commands that you can call up in the Interface Configuration modePoE.

Depending on the Interface selected, various command sets are available.

In the Interface Configuration mode, enter the interface gigabitethernet <ifnum> command to change to this mode.

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

97

Configuration

3.5 PoE

Parameters ifnum

Description

Specify the interface.

Values

Slot no. and port no. of an interface separated by a slash e.g. 1/2 for slot 1, port 2

If you exit the Interface configuration mode PoE with the exit command, you return to the

Global Configuration mode.

If you exit the WLAN Interface Configuration mode PoE with the end command, you return to the Privileged EXEC mode.

3.5.4.1

Description poe active

With this command, you activate PoE for the interface in whose interface configuration mode you are currently working.

Requirement

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows: cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Syntax

Call the command without parameters: poe active

Result

PoE is activated for the corresponding interface.

3.5.4.2

Description no poe active

With this command, you deactivate PoE for the interface in whose interface configuration mode you are currently working.

Requirement

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows:

98

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.5 PoE

Syntax

Result

3.5.4.3

Description

PoE is deactivated for the corresponding interface.

poe type

This command specifies a character string that describes a connected device in greater detail.

Requirement

Call the command without parameters: no poe active

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows: cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Syntax cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Parameters string

Call up the command with the following parameters: poe type <string>

The parameters have the following meaning:

Description

Description of a connected device

Range of values max. 255 characters

Result

The description of the connected device has been specified.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

99

Configuration

3.5 PoE

3.5.4.4

no poe type

Description

With this command, you delete the description for a connected device.

Requirement

Syntax

Result

3.5.4.5

Description

The description of the corresponding device is deleted.

poe prio

With this command, you specify the priority of the power supply for an interface.

Requirement

Call the command without parameters: no poe type

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows: cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Syntax

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows: cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Call up the command with the following parameters: poe prio {low|high|critical}

The parameters have the following meaning:

100

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameters low high critical

Description low priority medium priority high priority

Result

The priority of the corresponding interface has been specified.

3.5.4.6

Description no poe prio

With this command, you set the priority of an interface to the default value "low".

Requirement

You are in the Interface Configuration mode of a PoE interface.

The command prompt is as follows: cli(config-if-Gi$-$)#

The placeholders $-$ stand for the numbering of the interface.

Syntax

Call the command without parameters: no poe prio

Result

The priority of the corresponding interface has been set to "low".

Configuration

3.5 PoE

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

101

Configuration

3.6 NFC (SCALANCE XM400 only)

3.6

NFC (SCALANCE XM400 only)

3.6.1

Description

show nfc active status

This command shows whether or not the NFC function (Near Field Communication) is activated or deactivated.

Note

You will find further information on NFC in the operating instructions "SCALANCE XM400".

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show nfc active status

Result

The status of the NFC function is displayed.

3.6.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

102

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Configuration

3.6 NFC (SCALANCE XM400 only)

3.6.2.1

Description nfc active

With this command, you activate NFC.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: nfc active

Result

NFC is activated.

Further notes

You deactivate NFC with the no nfc active command.

You display the status, i.e. whether the NFC function is activated or deactivated with the command show nfc active status.

3.6.2.2

Description no nfc active

With this command, you deactivate NFC.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no nfc active

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

103

Configuration

3.6 NFC (SCALANCE XM400 only)

Result

NFC is deactivated.

Further notes

You activate NFC with the nfc active command.

You display the status, i.e. whether the NFC function is activated or deactivated with the command show nfc active status.

104

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Functions specific to SCALANCE

This part contains the sections that describe functions specific to SCALANCE.

4

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

105

Functions specific to SCALANCE

4.1 C-PLUG

4.1

C-PLUG

The C-PLUG or KEY-PLUG stores the configuration of a device and can therefore transfer the configuration of the old device to the new device when a device is replaced.

In addition to the configuration, the KEY-PLUG also contains a license that enables the use of certain functions.

This section describes commands relevant for working with the C-PLUG or KEY-PLUG.

4.1.1

Description

show plug

This command shows the current C-PLUG or KEY-PLUG information.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show plug

Result

The current information of the C-PLUG or KEY-PLUG is displayed.

4.1.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

106

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Functions specific to SCALANCE

4.1 C-PLUG

4.1.2.1

Description plug

With this command, you change to the Plug Configuration mode.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: plug

Result

You are now in the Plug Configuration mode.

The command prompt is as follows: cli(config-plug)#

Further notes

You exit the Plug Configuration mode with the end or exit command.

4.1.3

Commands in the C-PLUG configuration mode

This section describes commands that you can call up in the Plug Configuration mode.

In the Global Configuration mode, enter the plug command to change to this mode.

● If you exit the Plug Configuration mode with the exit command, you return to the Global

Configuration mode.

● If you exit the Plug Configuration mode with the end command, you return to the Privileged

EXEC mode.

4.1.3.1

Description factoryclean

With this command, you delete the device configuration stored on the C-PLUG or KEY-PLUG.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

107

Functions specific to SCALANCE

4.1 C-PLUG

Requirement

● There is a device configuration on the C-PLUG or KEY-PLUG.

You are in the Plug Configuration mode.

The command prompt is as follows: cli(config-plug)#

Syntax

Call the command without parameters: factoryclean

Result

The device configuration on the C-PLUG or KEY-PLUG is deleted.

4.1.3.2

Description write

With this command, you format the C-PLUG or KEY-PLUG and copy the current device configuration to it.

Requirement

● The C-PLUG or KEY-PLUG is formatted.

You are in the Plug Configuration mode.

The command prompt is as follows: cli(config-plug)#

Syntax

Call the command without parameter assignment: write

Result

The current device configuration has been copied to the formatted C-PLUG or KEY-PLUG.

108

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

4.2

Functions specific to SCALANCE

4.2 WBM

WBM

On the device, you can limit the time available for access with Web Based Management. If no entry is made for a specific time, the WBM session is closed.

This section describes commands relevant for the configuration of this feature.

4.2.1

Description

show web-session-timeout

This command shows the timeout setting for the WBM.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show web-session-timeout

Result

The timeout setting for the WBM is displayed.

4.2.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

109

Functions specific to SCALANCE

4.2 WBM

4.2.2.1

web-session-timeout

Description

With this command, you enable the automatic logoff and you configure the timeout setting for the WBM.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: web-session-timeout[seconds(60-3600)]

The parameter has the following meaning:

Parameter seconds

Description Range of values

Time in seconds until automatic logoff after the last entry 60 … 3600

Default: 900

Result

The time is configured and automatic logout is enabled.

Further notes

You disable automatic logoff with the no web-session-timeout command.

You display the current timeout setting with the show web-session-timeout command.

4.2.2.2

Description no web-session-timeout

With this command, you disable the automatic logoff.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

110

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Functions specific to SCALANCE

4.2 WBM

Syntax

Call the command without parameters: no web-session-timeout

Result

Automatic logoff is disabled.

Additional notes

You enable automatic logoff with the web-session-timeout command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

111

Functions specific to SCALANCE

4.3 Panel button

4.3

Panel button

This section describes the commands relevant for working with the Panel Button function.

4.3.1

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

4.3.1.1

Description set panel-button control-factory-defaults

With this command, you enable or disable the following function of the "SELECT/SET" button:

● When display mode "1" "port status" is displayed, and the button is pressed for more than

12 seconds, there is a restart with the factory settings.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: set panel-button control-factory-defaults{enable|disable}

The parameters have the following meaning:

Parameter enable disable

Description

Enables the function for restarting with factory settings

Default: enabled

Disables the function for restarting with factory settings

112

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Functions specific to SCALANCE

4.3 Panel button

Result

The function of the "SELECT/SET" button for restarting with factory settings is enabled / disabled.

4.3.1.2

Description set panel-button control-faultmask

With this command, you enable or disable the following function of the "SELECT/SET" button:

● If display mode "4" "fault mask" is displayed and the button is pressed for 5 - 12 seconds, the fault mask is set.

This function corresponds to calling the power and link down commands.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: set panel-button control-faultmask{enable|disable}

The parameters have the following meaning:

Parameter enable disable

Description enables the function for setting the fault mask

Default: enabled disables the function for setting the fault mask

Result

The function of the "SELECT/SET" button for setting the fault mask is enabled / disabled.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

113

Functions specific to SCALANCE

4.4 Signaling contact

4.4

Signaling contact

This section describes the commands relevant for working with the signaling contact.

4.4.1

Description

show signaling contact

This command shows the current configuration of the signaling contact.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show signaling-contact

Result

The current configuration of the signaling contact is displayed.

4.4.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

4.4.2.1

Description set signaling contact mode

With this command, you specify the reaction of the signaling contact.

114

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Functions specific to SCALANCE

4.4 Signaling contact

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: set signaling contact mode {conventional | aligned}

The parameters have the following meaning:

Parameters conventional aligned

Description

An error/fault is displayed by the fault LED and the signaling contact is opened. When the error/fault state no longer exists, the fault LED goes off and the signaling contact is closed.

The way the signaling contact works does not depend on the error/fault that has occurred. The signaling contact can be opened or closed as required by user actions.

Result

The reaction of the signaling contact is specified.

Further notes

4.4.2.2

You display the setting with the show signaling contact command.

set signaling contact status

Description

With this command, you close or open the signaling contact.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: set signaling contact status {open|close}

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

115

Functions specific to SCALANCE

4.4 Signaling contact

The parameters have the following meaning:

Parameters open close

Description

Signaling contact is opened.

Signaling contact is closed.

Result

The signaling contact is opened or closed.

Further notes

You display the setting with the show signaling contact command.

116

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.1

System time setting

This section describes commands relevant for the configuration of the system time.

5.1.1

Description

show time

This command shows the settings of the system clock.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show time

Result

The settings for the system clock are displayed.

5.1.2

Description

show dst info

This command shows all the entries for daylight saving time stored on the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

5

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

117

System time

5.1 System time setting cli> or cli#

Syntax

Call the command without parameters: show dst info

Result

The entries for daylight saving time are displayed.

5.1.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

5.1.3.1

Description time

With this command, you configure the way in which the system time is obtained.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: time{manual | ntp | sntp | SINEC | ptp_tc_client}

The parameters have the following meaning:

118

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter manual ntp sntp

SINEC ptp_tc_client

System time

5.1 System time setting

Description

The system time is entered by the user.

The system time is obtained from an NTP server.

The system time is obtained from an SNTP server.

The system time is obtained using the SIMATIC time protocol .

The system time is obtained with the Precision Time Protocol (PTP) from a grandmaster clock.

Result

The method of obtaining the system time is configured.

Further notes

5.1.3.2

You display the settings for the system clock with the show time command.

time set

Description

With this command, you set the system clock.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: time set hh:mm:ss <day (1-31)> {january|february|march|april|may| june|july|august|september|october|november|december}

<year (2000 - 2035)>

The parameters have the following meaning:

Parameter hh:mm:ss

day year

Description

Time of day

Day of the month

Month

Year

Range of values

Hour, minute, second each separated by ":" no link

1 ... 31 january, february, march, april, may, june, july, august, september, october, november, december

2000 ... 2035

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

119

System time

5.1 System time setting

Result

The system time is set.

Further notes

You display the settings for the system clock with the show time command.

5.1.3.3

Description time dst date

With this command, you configure the start and end of daylight saving time.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: time dst date <name(16> <year (1900-2099)> begin <MMDDhh> end

<MMDDhh>

The parameters have the following meaning:

Parameter name year begin

MMDDhh end

MMDDhh

Description Range of values

Name of the entry

Year maximum 16 characters

1900 ... 2099

Keyword for the start of daylight saving time.

-

Time for the start of daylight saving time. Time in the format

MM Month

DD Day hh Hour

Keyword for the end of daylight saving time.

-

Time for the end of daylight saving time.

Time in the format

MM Month

DD Day hh Hour

120

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.1 System time setting

Result

5.1.3.4

Description

The entry for the start and end of daylight saving time was created.

time dst recurring

With this command, you configure the start and end of daylight saving time with a generic description.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: time dst recurring <name(16)> begin {<week(1-5)> | last} <weekday>

<month> <hour> end {<week(1-5)> | last} <weekday> <month> <hour>

The parameters have the following meaning:

Parameter name begin week last weekday month hour end

Description

Name of the entry

Keyword for the start of daylight saving time.

Calendar week in a month

Keyword for the last calendar week in a month

Weekday

Month

Hour

Keyword for the end of daylight saving time.

-

Range of values

maximum 16 characters

1 ... 5

monday, tuesday, wednesday, thursday, friday, saturday, sunday january, february, march, april, may, june, july, august, september, october, november, december

0 ... 23

Result

The entry for the start and end of daylight saving time was created.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

121

System time

5.1 System time setting

5.1.3.5

no time dst

Description

With this command you delete the entry for the start and end of daylight saving time with the specified name. If you do not specify a name as the parameter, all entries are deleted.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no time dst [<name(16>]

The parameter has the following meaning:

Parameter name

Description

Name of the entry

Range of values maximum 16 characters

Result

An entry or the entries for the start and end of daylight saving time was/were deleted.

122

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

5.2

NTP client

This section describes commands relevant for configuration of the NTP client.

System time

5.2 NTP client

5.2.1

Description

show ntp info

This command shows the current settings for the Network Time Protocol (NTP).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ntp info

Result

The current NTP settings are displayed.

5.2.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

5.2.2.1

Description ntp

With this command, you change to the Network Time Protocol (NTP).

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

123

System time

5.2 NTP client

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ntp

Result

You are now in the NTP configuration mode.

The command prompt is as follows: cli(config-ntp)#

Further notes

You exit the NTP configuration mode with the end or exit command.

5.2.3

Commands in the NTP configuration mode

This section describes commands that you can call up in the NTP configuration mode.

In the Global configuration mode, enter the ntp command to change to this mode.

● If you exit the NTP configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the NTP configuration mode with the end command, you return to the Privileged

EXEC mode.

5.2.3.1

Description ntp server

With this command, you configure the connection to a server on the NTP client.

Requirement

You are in the NTP configuration mode.

The command prompt is as follows: cli(config-ntp)#

124

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.2 NTP client

Syntax

Call up the command with the following parameters: ntp server{ipv4 <ip_addr> | fqdn-name <FQDN(100)>}

[port<123,1025-36564>][poll<seconds(64-1024)>]

The parameter has the following meaning:

Parameter Description ipv4 ip_addr

Keyword for an IPv4 address

Value for the IPv4 address of the time server fqdn-name Keyword for a domain name

FQDN(100) Domain name (Fully Qualified Domain Name) port

UDP port of the time server

Range of values / note

-

Enter a valid IPv4 address

-

Maximum of 100 characters

● 123

● 1025 … 36564

-

Default: 123 poll seconds

Keyword for the time after which the time of day is requested again

Value for the time in seconds 64 … 1024

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The connection to a server is configured on the NTP client.

Further notes

5.2.3.2

You delete the connection to a server with the no ntp server command.

no ntp server

Description

With this command, you delete the connection to a server on the NTP client.

Requirement

You are in the NTP configuration mode.

The command prompt is as follows: cli(config-ntp)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

125

System time

5.2 NTP client no ntp server {ipv4 <ip_addr> | fqdn-name <FQDN(100)>}

The parameters have the following meaning:

Parameter Description ipv4 ip_addr

Keyword for an IPv4 address

Value for the IPv4 address of the time server fqdn-name Keyword for a domain name

FQDN(100) Domain name (Fully Qualified Domain Name)

Range of values / note

-

Enter a valid IPv4 address

-

Maximum of 100 characters

Result

The connection to a server is deleted on the NTP client.

Further notes

5.2.3.3

You configure the connection to a server with the ntp server command.

ntp time diff

Description

With this command, you configure the time difference between the device and the NTP server.

Requirement

You are in the NTP configuration mode.

The command prompt is as follows: cli(config-ntp)#

Syntax

Call up the command with the following parameters: ntp time diff <(+/-hh:mm)>

The parameter has the following meaning:

Parameter

+

hh mm

Description

Time zones to the west of the NTP server time zone

Time zones to the east of the NTP server time zone

Number of hours difference

Number of minutes difference

Enter the number of hours and number of minutes with two digits each.

Default: No time difference.

126

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

The time difference between the device and the NTP server is configured.

System time

5.2 NTP client

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

127

System time

5.3 SNTP client

5.3

SNTP client

This section describes commands relevant for configuration of the Simple Network Time

Protocol (SNTP) client.

5.3.1

Description

show sntp broadcast-mode status

This command shows the current configuration of the brodcast mode of SNTP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show sntp broadcast-mode status

Result

The current SNTP broadcast configuration is displayed.

5.3.2

Description

show sntp unicast-mode status

This command shows the current configuration of the unicast mode of SNTP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

128

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.3 SNTP client show sntp unicast-mode status

Result

The current SNTP unicast configuration is displayed.

5.3.3

Description

show sntp status

This command shows the settings of SNTP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show sntp status

Result

The settings are displayed.

5.3.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

129

System time

5.3 SNTP client

5.3.4.1

sntp

Description

With this command, you change to the SNTP configuration mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: sntp

Result

You are now in the SNTP configuration mode.

The command prompt is as follows: cli(config-sntp)#

Further notes

You exit the SNTP configuration modewith the end or exit command.

5.3.5

Commands in the SNTP configuration mode

This section describes commands that you can call up in the SNTP configuration mode.

In the Global configuration mode, enter the sntp command to change to this mode.

● If you exit the SNTP configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the SNTP configuration mode with the end command, you return to the Privileged

EXEC mode.

130

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.3 SNTP client

5.3.5.1

Description sntp client addressing-mode

With this command, you configure the addressing mode of the SNTP client as unicast, multicast, broadcast or anycast.

Requirement

● The SNTP client is activated.

You are in the SNTP Configuration mode.

The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters: sntp client addressing-mode{unicast|broadcast}

The parameters have the following meaning:

Parameter unicast broadcast

Description configures the SNTP client in unicast mode

Default: unicast enabled configures the SNTP client in brodcast mode

Result

The addressing mode of the SNTP client is configured.

Further notes

You display this setting and other information with the show sntp status command.

You display the settings for the unicast mode with the show sntp unicast-mode status command.

You display the settings for the broadcast mode with the show sntp broadcast-mode status command.

5.3.5.2

Description sntp time diff

With this command, you configure the time difference of the system time relative to the UTC time.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

131

System time

5.3 SNTP client

Requirement

● The SNTP server must have started up.

You are in the SNTP configuration mode.

The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters: sntp time diff <(+/-hh:mm)>

The parameter has the following meaning:

Parameter

+

hh mm

Description

Time zones to the west of the SNTP server time zone

Time zones to the east of the SNTP server time zone

Number of hours difference

Number of minutes difference

Enter the time difference as follows:

● with sign

● without spaces

● Hours and minutes both two digits (with leading zero)

Default: no time difference

Result

The time zone of the system time of day is configured.

Further notes

You can display the settings of this function and other information with the show sntp statuscommand.

5.3.5.3

Description set sntp unicast-poll-interval

With this command, you configure the polling interval of the SNTP client in the unicast mode.

132

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.3 SNTP client

Requirement

● The addressing mode of the SNTP client is configured as "unicast".

You are in the SNTP Configuration mode.

The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters: set sntp unicast-poll-interval<value(16-16284)seconds>

The parameter has the following meaning:

Parameter Description value

Specifies the length of the polling interval in seconds

Range of values

16 ... 16284

Default: 64

Result

The polling interval of the SNTP client in unicast mode is configured.

Further notes

You display this setting and other information with the show sntp unicast–mode status command.

5.3.5.4

Description sntp unicast-server

With this command, you configure an SNTP unicast server.

Requirement

● The addressing mode of the SNTP client is configured as "unicast".

You are in the SNTP configuration mode.

The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

133

System time

5.3 SNTP client sntp unicast-server {ipv4 <ucast_addr> | fqdn-name <FQDN(100)>}

[port<1025-36564>][poll<seconds(16-16284)>]

The parameters have the following meaning:

Parameter ipv4 ucast_addr fqdn-name

FQDN(100) port poll seconds

Description

Keyword for an IP address

Value for an IPv4 unicast address

Keyword for a domain name

Domain name (Fully Qualified Domain Name)

UDP port of the time server

-

Range of values / note

-

-

Enter a valid IPv4 unicast address.

Maximum of 100 characters

1025 … 36564

Default: 123

Keyword for the time after which the time of day is requested again

Value for the time in seconds 16 ... 16284

Result

The SNTP unicast server is configured.

Further notes

You can reset the setting to the default with the no sntp unicast-server command.

You display this setting and other information with the show sntp unicast–mode status command.

5.3.5.5

Description no sntp unicast-server

With this command, you delete the attributes for an SNTP unicast server and reset the address.

Requirement

You are in the SNTP configuration mode.

The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters: no sntp unicast-server {ipv4 <ucast_addr> | fqdn-name <FQDN(100)>}

134

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.3 SNTP client

The parameters have the following meaning:

Parameter ipv4 ucast_addr fqdn-name

FQDN(100)

Description

Keyword for an IP address

Value for an IPv4 unicast address

Keyword for a domain name

Domain name (Fully Qualified Domain Name)

Range of values / note

-

-

Enter a valid IPv4 unicast address

Maximum of 100 characters

Result

The SNTP unicast server is reset to the default value.

Further notes

You configure the setting with the sntp unicast-server ipv4 command.

You display this setting and other information with the show sntp unicast–mode status command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

135

System time

5.4 PTP

5.4

PTP

This section describes commands relevant for configuration of the Precision Time Protocol according to IEEE 1588.

5.4.1

Description

show ptp info

This command shows the current settings for the Precision Time Protocol (PTP).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ptp info [ interfaces <interface-type> <ifnum> ]

The parameters have the following meaning:

Parameter interfaces interfacetype ifnum

Description

Keyword for a an interface name.

Type or speed of the interface.

Slot no. and port no. of the interface.

-

Range of values / note gigabitethernet extreme-ethernet

Enter a valid interface name.

Result

The current settings for the Precision Time Protocol (PTP) are displayed.

5.4.2

136

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.4 PTP

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

5.4.2.1

Description ptp

With this command, you enable the Precision Time Protocol for the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ptp

Result

The Precision Time Protocol is enabled.

5.4.2.2

Description no ptp

With this command, you disable the Precision Time Protocol for the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ptp

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

137

System time

5.4 PTP

Result

5.4.2.3

The Precision Time Protocol is disabled.

ptp time diff

Description

With this command, you set the time zone for the Precision Time Protocol.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ptp time diff <duration>

The parameter has the following meaning:

Parameter duration

Description

The value for the time difference.

Range of values / note

Hours and minutes specified in the format +/-HH:MM

Result

The time zone for the Precision Time Protocol is specified.

5.4.3

Commands in the PTP Transparent Clock configuration mode

This section describes commands that you can call up in the PTP Transparent Clock configuration mode.

In the Global configuration mode, enter the ptp transparent-clock configuration command to change to this mode.

● If you exit the PTP Transparent Clock configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the PTP Transparent Clock configuration mode with the end command, you return to the Privileged EXEC mode.

138

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

System time

5.4 PTP

5.4.3.1

Description delay-mechanism

With this command, you specify which correction mechanism the Precision Time Protocol uses.

Requirement

You are in the PTP Transparent Clock configuration mode.

The command prompt is as follows: cli(config-ptp-tc)#

Syntax

Call up the command with the following parameters: delay-mechanism { end-to-end | peer-to-peer }

The parameter has the following meaning:

Parameter end-to-end peer-to-peer

Description

The device operates as an end-to-end transparent clock.

The device operates as a peer-to-peer transparent clock.

-

-

Range of values / note

Result

5.4.3.2

Description

The correction mechanism for the Precision Time Protocol is specified.

primary-domain

With this command, you specify the primary domain.

Requirement

You are in the PTP Transparent Clock configuration mode.

The command prompt is as follows: cli(config-ptp-tc)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

139

System time

5.4 PTP

Syntax

Call up the command with the following parameters: primary-domain <domain-id(0-255)>}

The parameter has the following meaning:

Parameter domain-id

Description

The identifier of the primary domain.

Result

The primary domain is specified.

Range of values / note

0 ... 255

140

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6

This part contains the sections that describe the commands for configuring and managing various network structures.

The following technologies are available:

● The establishment of independent structures even across the boundaries of subnets using virtual networks (VLANs)

This can result in the following advantages:

– Administration:

Devices can be grouped together to form a logical units regardless of their physical location

– Performance:

By prioritizing, time-critical data (process data, streams) can be given priority for transfer

– Security:

The transition between VLANs can only be controlled by an administrator

● Aggregation of interfaces or connections between devices to increase the data transmission rate and reliability (link aggregation, port aggregation)

● Detection and monitoring of parallel connections or loops in an Ethernet network by setting up a tree structure (loop detection)

● Improved reliability by adapting the tree structure if transmission is disrupted (Spanning

Tree)

● Splitting up of the network into smaller units that are connected together via managed connection pairs (standby connection)

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

141

Network structures

6.1 VLAN

6.1

VLAN

This section describes commands for configuring and managing virtual networks (VLANs).

6.1.1

The "show" commands

This section describes commands with which you display various settings.

6.1.1.1

Description show mac-address-table

This command shows the table with the static and dynamic unicast MAC addresses and multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table [vlan<vlan-range>]

[address<aa:aa:aa:aa:aa:aa>]

[interface <interface-type><interface-id>]

The parameters have the following meaning:

Parameters Description vlan vlan-range

Keyword for a VLAN or VLAN range

Number of the addressed VLAN or VLAN range address

Keyword for a MAC address aa:aa:aa:aa:aa:aa

MAC address interface interface-type

Keyword for a an interface description

Type or speed of the interface interface-id

Slot no. and port no. of the interface

Values

-

1 ... 4094

-

-

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

142

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

6.1.1.2

Description

The entries are displayed.

show mac-address-table dynamic multicast

This command shows the table with the dynamic multicast MAC addresses assigned by the device.

Requirement

Network structures

6.1 VLAN

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table dynamic multicast[vlan<vlan-range>]

[address<aa:bb:cc:dd:ee:ff>]

[{interface<interface-type><interface-id>}]

The parameters have the following meaning:

Parameter Description vlan vlan-range

Keyword for a VLAN

Number of the addressed VLAN address

Keyword for a MAC address aa:bb:cc:dd:ee:ff

MAC address interface interface-type

Keyword for a an interface description

Type of interface interface-id

Slot no. and port no. of the interface

Values

-

-

-

1 ... 4094

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

143

Network structures

6.1 VLAN

Result

The entries are displayed.

6.1.1.3

Description show mac-address-table dynamic unicast

This command shows the table with the dynamic unicast MAC addresses assigned by the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table dynamic unicast[vlan<vlan-range>]

[address<aa:bb:cc:dd:ee:ff>][{interface<interface-type>

<interface-id>}]

The parameters have the following meaning:

Parameter Description vlan vlan-range address

Keyword for a VLAN

Number of the addressed VLAN

Keyword for a MAC address

MAC address aa:bb:cc:dd:ee: ff interface

Keyword for a an interface description interface-type

Type or speed of the interface

Values

-

-

-

1 ... 4094 interface-id

Slot no. and port no. of the interface

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries are displayed.

144

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

6.1.1.4

Description show mac-address-table static multicast

This command shows the table with the static multicast MAC addresses.

Network structures

6.1 VLAN

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table static multicast[vlan<vlan-range>]

[address<aa:bb:cc:dd:ee:ff>][{interface<interface-type><interfaceid>}]

The parameters have the following meaning:

Parameter Description vlan vlan-range

Keyword for a VLAN

Number of the addressed VLAN address

Keyword for a MAC address aa:bb:cc:dd:ee:ff

MAC address interface interface-type

Keyword for a an interface description

Type or speed of the interface interface-id

Slot no. and port no. of the interface

Values

-

-

-

1 ... 4094

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries are displayed.

6.1.1.5

Description show mac-address-table static unicast

This command shows the table with the static unicast MAC addresses.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

145

Network structures

6.1 VLAN

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table static unicast[vlan<vlan-range>]

[address<aa:bb:cc:dd:ee:ff>][{interface<interface-type><interfaceid>}]

The parameters have the following meaning:

Parameter Description vlan vlan-range

Keyword for a VLAN

Number of the addressed VLAN address

Keyword for a MAC address aa:bb:cc:dd:ee:ff

MAC address interface interface-type

Keyword for a an interface description

Type or speed of the interface interface-id

Slot no. and port no. of the interface

Values

-

-

-

1 ... 4094

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries are displayed.

6.1.1.6

Description show mac-address-table count

With this command, you show the number of MAC addresses for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

146

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Syntax

Result

6.1.1.7

Description

The number is displayed.

show subnet-vlan mapping

This command shows the entries of a subnet VLAN table.

Requirement

Call up the command with the following parameters: show mac-address-table count[vlan<vlan-id(1-4094)>]

The parameters have the following meaning:

Parameters vlan vlan-id

Description

Keyword for a VLAN

Number of the addressed VLAN

Values

-

1 ... 4094

If you do not select any parameter from the parameter list, the total number of entries is displayed for all VLANs.

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show subnet-vlan mapping

[{interface<interface-type><interface-id>|switch<string(32)>}]

The parameters have the following meaning:

Parameter interface interface-type interface-id

Description

Shows that an interface description follows

Type or speed of the interface

Slot no. and port no. of the interface

Values

-

● fastethernet

● gigabitethernet

Enter a valid interface name

If you do not select any parameter from the parameter list, all entries are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

147

Network structures

6.1 VLAN

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entries are displayed.

6.1.1.8

Description show vlan

This command shows the specific information for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vlan[brief|id<vlan-range>|summary]

The parameters have the following meaning:

Parameters brief id vlan-range summary

Description

Shows brief information about all VLANs

Keyword for a VLAN or VLAN range

Number of the addressed VLAN or VLAN range

Shows a summary of the VLANs

Values

-

-

1 ... 4094

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The information is displayed.

6.1.1.9

Description show vlan device info

This command shows all the global information that is valid for all VLANs.

148

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show vlan device info

Result

The information is displayed.

6.1.1.10

show vlan learning params

Description

This command shows the parameters for the automatic learning of addresses for selected or all VLANs (active and inactive VLANs).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vlan learning params[vlan<vlan-range>]

The parameters have the following meaning:

Parameters vlan vlan-id

Description

Keyword for a VLAN or VLAN range

Number of the addressed VLAN or VLAN range

Values

-

1 ... 4094

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The settings are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

149

Network structures

6.1 VLAN

6.1.1.11

show vlan port config

Description

This command shows the VLAN-specific information for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vlan port config[{port<interface-type><interface-id>}]

The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Keyword for a port

Type of interface

Slot no. and port no. of the interface

Values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The information is displayed.

6.1.1.12

show vlan protocols-group

Description

This command displays the table with the protocol group entries.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

150

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN cli> or cli#

Syntax

Call the command without parameter assignment: show vlan protocols-group

Result

The table is displayed.

6.1.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

6.1.2.1

Description interface range

With this command, you can put several interfaces or the interfaces of VLANs together and configure them together. The configurations are valid for all interfaces of the specified range.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: interface range

(

{<interface-type> <0/a-b,0/c,...>}

{vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>}

)

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

151

Network structures

6.1 VLAN

The parameters have the following meaning:

Parameter interface

0/a-b, 0/ c,...

vlan vlan-id vlan vlan-id

Description

Keyword for an interface

Slot no. and port no. of the interface

Keyword for a VLAN

Number of the addressed VLAN

Keyword for a VLAN

Number of the addressed VLAN

Values or range of values

-

-

Enter a valid interface name

-

1 ... 4094

2 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you want to address several VLANs with this command, you must insert a blank before and after the hyphen, for example interface range vlan 5 - 10.

Result

The interfaces or interfaces of VLANs were put together to form an interface range. The following configuration commands apply to this range.

Further notes

With the no interface range command, you remove VLANs from this range or break it up.

6.1.2.2

Description no interface range

With this command, you remove the interfaces or interfaces of VLANs from the interface range or break it up if you first remove all previously added interfaces.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no interface range

(

152

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

{vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>}

)

The parameters have the following meaning:

Parameter interface

0/a-b, 0/ c,...

vlan vlan-id vlan vlan-id

Description

Keyword for a an interface description

Slot no. and port no. of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Keyword for a VLAN connection

Number of the addressed VLAN

Values or range of values

-

-

Enter a valid interface name

-

1 ... 4094

2 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you address several VLANs, you must insert a blank before and after the hyphen, for example no interface range vlan 5 - 10.

Result

The VLANs are removed.

Further notes

With the interface range command, you can put several interfaces or VLANs together to be able to configure them together.

6.1.2.3

Description map protocol

With this command, you assign a protocol to a protocol group.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: map protocol

{ip | novell | netbios | appletalk | other <aa:aa>}

enet-v2 protocols-group <Group id integer(1-100)>

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

153

Network structures

6.1 VLAN

The parameters have the following meaning:

Parameter ip novell netbios appletalk other

Description

Internet Protocol v4

Novell Netware protocol

Netbios via TCP/IP

Appletalk

Other protocol.

Range of values

HEX 08:00

HEX 81:38

HEX f0:f0

HEX 80:9b enter the hexadecimal protocol value.

● other: aa:aa

● IPV6: 86:DD

● LLDP: 88:CC

● PTP IEEE1588: 88:F7

● EAP (802.1X): 88:8E

decimal 0 ... 100 enet-v2

Group id integer

Frame structure is Ethernet II

Number of the group

Result

The protocol group is created.

Further notes

You delete the protocol group with the no map protocol command.

You can display the status of this function and other information with the show vlan protocols-group command.

6.1.2.4

Description no map protocol

With this command, you delete a protocol from all protocol groups.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

154

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN no map protocol

{ip | novell | netbios | appletalk | other <aa:aa>}

enet-v2

The parameters have the following meaning:

Parameter ip novell netbios appletalk other enet-v2

Description

Internet Protocol v4

Novell Netware protocol

Netbios via TCP/IP

Appletalk

Other protocol.

Frame structure is Ethernet II

Range of values

HEX 08:00

HEX 81:38

HEX f0:f0

-

HEX 80:9b enter the hexadecimal protocol value.

● other: aa:aa

● IPV6: 86:DD

● LLDP: 88:CC

● PTP IEEE1588: 88:F7

● EAP (802.1X): 88:8E

Result

The protocol is removed from all protocol groups.

Further notes

You create the protocol group with the map protocol command.

You can display the status of this function and other information with the show vlan protocols-group command.

6.1.2.5

Description protocol-vlan

With this command, you enable the protocol-based classification on all interfaces.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

155

Network structures

6.1 VLAN protocol-vlan

Result

The classification is enabled.

Further notes

You disable the setting with the protocol-vlan command.

You can display the status of this function and other information with the show vlan device infocommand.

6.1.2.6

Description no protocol-vlan

With this command, you disable the protocol-based classification on all interfaces.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no protocol-vlan

Result

The classification is disabled.

Further notes

You enable the setting with the protocol-vlan command.

You can display the status of this function and other information with the show vlan device infocommand.

156

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

6.1.2.7

Description subnet-vlan

With this command, you enable the subnet-based VLAN classification on all interfaces.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: subnet-vlan

Result

The classification is enabled.

Further notes

You disable the setting with the no subnet-vlan command.

You can display the status of this function and other information with the show vlan device info command.

6.1.2.8

Description no subnet-vlan

With this command, you disable the subnet-based VLAN classification on all interfaces.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no subnet-vlan

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

157

Network structures

6.1 VLAN

Result

The classification is disabled.

Further notes

You enable the setting with the subnet-vlan command.

You can display the status of this function and other information with the show vlan device info command.

6.1.2.9

Description vlan

With this command, you create a VLAN on the device and change to the VLAN configuration mode.

In the provider backbone bridge mode, this command is used to create user, service and backbone VLANs.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: vlan <vlan-id(1-4094)>

The parameter has the following meaning:

Parameters vlan-id

Description

Number of the addressed VLAN

Do not enter any leading zeros with the number of the VLAN.

Range of values

1 ... 4094

Result

The VLAN is created.

You are now in the VLAN configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

158

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Further notes

You delete the VLAN with the no vlan command.

You can display information about the VLAN with the show vlan command.

6.1.2.10

no vlan

Description

With this command, you delete a VLAN on the device.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameter: no vlan <vlan-id(2-4094)>

Parameters vlan-id

Description

Number of the addressed VLAN

The VLAN with number 1 cannot be deleted.

Result

The VLAN is deleted

Further notes

Range of values

2 ... 4094

With the vlan command, you create a VLAN on the device.

You can display information about the VLAN with the show vlan command.

6.1.3

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

159

Network structures

6.1 VLAN

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

6.1.3.1

Description map subnet

With this command, you configure the subnet assignment to a VLAN.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:

map subnet <ip-subnet-address> vlan <vlan-id(1-4094)> <mask> [arp

{suppress | allow}]

The parameters have the following meaning:

Parameter ip-subnetaddress mask vlan vlan-id arp suppress allow

Description

IP subnet address

Subnet mask

Keyword for a VLAN

Number of the addressed VLAN

Keyword ARP protocol

Suppress the ARP protocol

Allow the ARP protocol

Range of values / note

Enter a valid subnet address

-

-

aaa.bbb.ccc.ddd

-

1 ... 4094

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The subnet with subnet mask and subnet address is assigned to a VLAN.

160

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Further notes

You cancel the setting with the no map subnet command.

You can display the status of this function and other information with the show subnet-vlan mapping command.

6.1.3.2

Description no map subnet

With this command, you remove a subnet from a VLAN.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:

no map subnet <ip-subnet-address>

The parameters have the following meaning:

Parameter ip-subnetaddress

Description

IP subnet address

Range of values / note

Enter a valid subnet address

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The subnet with subnet mask and subnet address is assigned to a VLAN.

Further notes

You cancel the setting with the no map subnet command.

You can display the status of this function and other information with the show subnet-vlan mapping command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

161

Network structures

6.1 VLAN

6.1.3.3

switchport acceptable-frame-type

Description

With this command, you configure which types of frames are accepted.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport acceptable-frame-type{all|tagged}

The parameters have the following meaning:

Parameter all tagged

Description

All frames are accepted.

Default: all

Untagged frames are discarded.

Result

The setting is enabled.

Further notes

You can reset the setting to the default with the no switchport acceptable-frametype command.

You can display the status of this function and other information with the show vlan port config command.

6.1.3.4

Description no switchport acceptable-frame-type

With this command, you reset the setting for the types of frames accepted by the interface to the default value.

The default value is all.

The interface accepts tagged and untagged frames.

162

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport acceptable-frame-type

Result

The setting is reset to the default value.

Further notes

You configure the setting with the switchport acceptable-frame-type command.

You can display the status of this function and other information with the show vlan port configcommand.

6.1.3.5

Description switchport access vlan

With this command, you assign a VLAN to the interface and configure the port VLAN identifier

(PVID) for it.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport access vlan <vlan-id(1-4094)>

The parameter has the following meaning:

Parameters vlan-id

Description

Number of the addressed VLAN

Range of values

1 ... 4094

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

163

Network structures

6.1 VLAN

Result

The Interface is added to the VLAN as an "untagged port" and the corresponding VLAN ID is set.

Further notes

You can reset the setting to the default with the no switchport access vlan command.

You display the setting and other information with the show vlan port config command.

6.1.3.6

Description no switchport access vlan

With this command, you reset the setting for the port VLAN identifier (PVID) for an interface to the default value.

The default value is 1.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport access vlan

Result

The setting is reset to the default value.

Further notes

You configure the setting with the switchport access vlan command.

You can display the status of this function and other information with the show vlan port configcommand.

6.1.3.7

Description switchport map protocols-group

With this command, you assign the protocol group and a VLAN to an interface.

164

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Requirement

● The protocol group is configured.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport map protocols-group

<group id(0-2147483647)>vlan<vlan-id(1-4094)>

The parameters have the following meaning:

Parameter group id vlan vlan-id

Description

Number of the group

Shows that the number of a VLAN follows

Number of the addressed VLAN

Range of values

-

0 ... 2147483647

1 ... 4094

Result

The group is assigned to the port and the VLAN.

Further notes

You delete the setting with the no switchport map protocols-group command.

You can display the status of this function and other information with the show vlan protocols-group command.

6.1.3.8

Description no switchport map protocols-group

With this command, you delete the assignment of a configured protocol group to a specific

VLAN.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

165

Network structures

6.1 VLAN

Syntax

Call up the command with the following parameters: no switchport map protocols-group <group id(0-2147483647)>

The parameter has the following meaning:

Parameter group id

Description

Shows that the number of the group follows

Range of values

0 ... 2147483647

Result

The assignment is deleted.

Further notes

You assign a protocol group and a VLAN to an interface with the switchport map protocols-group command.

You can display the status of this function and other information with the show vlan protocols-group command.

6.1.3.9

Description switchport mode

With this command, you specify the operating mode for the switch port.

Requirement

● The interface is configured as a switch port.

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport mode { trunk | hybrid }

The parameters have the following meaning:

166

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

Parameter Description trunk hybrid

Configures the port as a trunk port that only forwards tagged frames. The port can then only be configured as the trunk port if the port is not entered in any VLAN that exchanges untagged frames.

For the trunk port to forward tagged frames, all VLAN IDs to which the trunk port forwards frames must be stored.

If a new VLAN is created, the VLAN ID is automatically entered at the trunk port.

With a trunk port, the VLAN assignment is dynamic. Static configurations can only be created if, in addition to the trunk port property, the port is also entered statically as a member in the VLANs involved. An example of a static configuration is the assignment of the multicast groups in certain VLANs.

If you execute the "acceptable frame-type all" command at the trunk port, the port also receives untagged frames.

Configures the port as a hybrid port that accepts tagged and untagged frames.

Result

The operating mode is configured.

Further notes

You reset the operating mode to the default with the no switchport mode command.

You display this setting and other information with the show vlan port config command.

You configure the interface as a switch port with the switchport command.

6.1.3.10

no switchport mode

Description

With this command, you reset the operating mode for the switch port to the default.

The default value is Hybrid.

Requirement

● The interface is configured as a switch port.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport mode

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

167

Network structures

6.1 VLAN

Result

The setting is reset to the default value.

Further notes

You configure the operating mode with the switchport mode command.

You display this setting and other information with the show vlan port config command.

You configure the interface as a switch port with the switchport command.

6.1.3.11

switchport priority default

Description

With this command, you configure the default priority for the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport priority default <0-7>

The parameter has the following meaning:

Parameter

-

Description

Value for the default priority

Range of values

0 ... 7

Default: 0

Result

The setting is configured.

Further notes

You reset the default priority to the default value with the no switchport priority default command.

You display this setting and other information with the show vlan port config command.

168

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

6.1.3.12

no switchport priority default

Description

With this command, you reset the default priority for the interface to the default value.

The default value is 0.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport priority default

Result

The setting is reset to the default value.

Further notes

You configure the default priority with the switchport priority default command.

You display this setting and other information with the show vlan port config command.

6.1.3.13

switchport pvid

Description

With this command, you assign an interface to a VLAN and configure the port VLAN identifier

(PVID) for it. If a received frame has no VLAN tag, it has a tag added with the VLAN-ID specified here and is sent according to the switch rules for the port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

169

Network structures

6.1 VLAN

Syntax

Call up the command with the following parameters: switchport pvid <vlan-id(1-4094)>

The parameter has the following meaning:

Parameters vlan-id

Description

Number of the addressed VLAN

Range of values

1 ... 4094

Result

The PVID is configured

Further notes

You can reset the setting to the default with the no switchport pvid command.

You display the setting and other information with the show vlan port config command.

6.1.3.14

no switchport pvid

Description

With this command, you reset the setting for the port VLAN identifier (PVID) for an interface to the default value.

The default value is 1.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport pvid

Result

The setting is reset to the default value.

Further notes

You configure the setting with the switchport pvid command.

170

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

You configure the VLAN ID with the switchport access vlan command.

You can display the status of this function and other information with the show vlan port configcommand.

6.1.4

Commands in the VLAN configuration mode

This section describes commands that you can call up in the VLAN configuration mode.

In the Global configuration mode, enter the vlan $$$ command to change to this mode. When doing this, you need to replace the $$$ placeholders with the relevant VLAN ID.

Commands relating to other topics that can be called in the VLAN configuration mode can be found in the relevant sections.

● If you exit the VLAN configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the VLAN configuration mode with the end command, you return to the Privileged

EXEC mode.

6.1.4.1

Description ports

With this command, you generate a list that specifies the behavior of the interfaces and replaces the existing VLAN configuration.

● Member Port (tagged port)

The interface is added permanently to the list of incoming and outgoing connections.

Tagged and untagged frames are transferred.

● Untagged Port

The interface transfers untagged frames. If the VLAN ID (PVID) is set, incoming untagged frames are given a tag with the VLAN ID specified there. If the received frames already contain a VLAN ID, frames are only accepted if their VLAN ID matches the set PVID. With outgoing frames, the tag with the VLAN ID is removed.

● Forbidden ports

This interface is not used for communication in a VLAN

The "tagged port" and "untagged port" you specify with this command are used for outgoing data traffic.

Requirement

You are in the VLAN configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

171

Network structures

6.1 VLAN

Syntax

Call up the command with the following parameters: ports

(

[<interface-type><0/a-b,0/c,...>]

[<interface-type><0/a-b,0/c,...>]

[port-channel<a,b,c-d>]

)

[

untagged<interface-type> <0/a-b,0/c,...>

(

[<interface-type><0/a-b,0/c,...>]

[port-channel <a,b,c-d>]

[all]

)

]

[

forbidden<interface-type><0/a-b,0/c,...>

[<interface-type><0/a-b,0/c,...>]

[portchannel<a,b,c-d>]

]

[name<vlan-name>]

The parameters have the following meaning:

Parameter Description interface-type

Type or speed of the interface

/a-b,0/c,...

port-channel

/a-b,0/c,...

untagged all forbidden name vlan-name

Port no. of the interface

Keyword for a port channel

Port no. of the interface

Keyword for interfaces or ports that transfer data packets without VLAN marking

Specifies that all interfaces or ports are set to

"untagged"

Keyword for forbidden interfaces or ports

Keyword for the name assignment

Name of the VLAN

-

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

-

-

Enter a valid interface name

-

max. 32 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The existing VLAN configuration is replaced. To add individual interfaces, you need to recreate the full list.

172

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Further notes

You display details of the function with the show vlan command.

You reset the settings with the no ports command.

6.1.4.2

Description no ports

With this command, you remove ports from a VLAN.

Requirement

You are in the VLAN configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters: no ports

(

[<interface-type><0/a-b,0/c,...>]

[<interface-type><0/a-b,0/c,...>]

[port-channel<a,b,c-d>]

[all]

)

[

untagged<interface-type> <0/a-b,0/c,...>

(

[<interface-type><0/a-b,0/c,...>]

[port-channel <a,b,c-d>]

[all]

)

]

[

(

forbidden<interface-type><0/a-b,0/c,...>

[<interface-type><0/a-b,0/c,...>]

[portchannel<a,b,c-d>]

[all]

)

]

[name<vlan-name>]

The parameters have the following meaning:

Network structures

6.1 VLAN

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

173

Network structures

6.1 VLAN

Parameter interface-type

/a-b,0/c,...

port-channel

/a-b,0/c,...

untagged all forbidden name vlan-name

Description

Type of interface

Port no. of the interface

Keyword for a port channel

Port no. of the interface

Keyword for interfaces or ports that transfer data packets without VLAN marking

Specifies that all interfaces or ports are set to

"untagged"

Keyword for forbidden interfaces or ports

Keyword for the name assignment

Name of the VLAN

-

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

-

-

Enter a valid interface name

-

max. 32 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The ports are removed from the VLAN configuration.

Further notes

It is possible to remove individual ports from a VLAN configuration without needing to rewrite the entire configuration (in contrast to creating ports because it is not possible to add individual ports later).

You display details of the function with the show vlan command.

You reset the setting with the no ports command.

6.1.4.3

Description name

With this command, you assign a name to the VLAN.

Requirement

You are in the VLAN Configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters: name <vlan-name>

174

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

The parameter has the following meaning:

Parameters vlan-name

Description

Name that will be assigned to the VLAN

Range of values max. 32 characters

Result

The VLAN is assigned a name.

Further notes

You delete name assignment for a VLAN with the no name command.

6.1.4.4

Description no name

With this command, you delete the name assignment for a VLAN.

Requirement

You are in the VLAN configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameters: no name

Result

The name of the VLAN is deleted.

Further notes

You assign the VLAN a name with the command name.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

175

Network structures

6.1 VLAN

6.1.4.5

tia interface

Description

With this command, you enable / disable the TIA interface property. The interface can only be used for PNIO.

Requirement

● The interface is activated

You are in the VLAN configuration mode of the VLAN interfaces with the ID $$$.

The command prompt is as follows: cli (config-if-vlan-$$$) #

Syntax

Call the command without parameters: tia-interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The TIA interface is enabled exclusively for the specified VLAN. The function was disabled on the other interfaces.

Further notes

6.1.4.6

Note that only one VLAN interface can become the TIA interface.

transparent-vlan

Description

With this command, you change a VLAN to the transparent mode.

Ports that were assigned to this VLAN as members or untagged members now become transparent ports.

This means the following:

● The port VLAN ID of the transparent ports is set to the ID of this VLAN.

● Untagged frames that are received at these ports are forwarded to all other transparent ports once again without tag as long as they are not forwarded to a standard VLAN by a protocol or subnet rule.

176

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.1 VLAN

● Flags tagged with VLAN ID 0 and that are received at these ports are forwarded to all other transparent ports once again tagged with VLAN ID 0 as long as they are not forwarded to a standard VLAN by a protocol or subnet rule.

● Frames tagged with the VLAN ID of the transparent VLAN and that are received at these ports are forwarded to all transparent ports once again tagged with the VLAN ID of the transparent VLAN.

● Other frames are forwarded according to the normal VLAN rules and a transparent port behaves like an untagged member in this VLAN.

Requirement

You are in the VLAN configuration mode.

The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameters: transparent-vlan

Result

The VLAN is changed to transparent mode.

Further notes

● All ports that were not members or untagged members in the relevant VLAN are automatically set to the Forbidden status after the command executes.

● As long as a VLAN is configured as a transparent VLAN, the ports belonging to this VLAN cannot be modified.

● Note that only one VLAN can become a transparent VLAN.

You disable the setting with the no transparent-vlan command.

6.1.4.7

Description no transparent-vlan

With this command, you return a VLAN from the transparent mode to the mode conforming with the standard.

Requirement

You are in the VLAN configuration mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

177

Network structures

6.1 VLAN cli(config-vlan-$$$)#

Syntax

Call the command without parameters: no transparent-vlan

Result

If the VLAN was configured as a transparent VLAN, this function is deactivated.

This means the following:

● All transparent ports become untagged members in this VLAN

● The port VLAN ID of the previous transparent ports remains set to the ID of this VLAN.

● All other ports remain marked as forbidden in this VLAN.

Further notes

You enable the setting with the transparent-vlan command.

178

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

6.2

Network structures

6.2 Link aggregation

Link aggregation

This section describes commands that configure or manage the bundling of interfaces or connections between devices.

6.2.1

Description

show etherchannel

This command shows the settings of the Etherchannel.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show etherchannel [[channel-group-number]

{detail|load-balance|port|port-channel|summary|protocol}]

The parameters have the following meaning:

Parameter channel-groupnumber detail load-balance port port-channel summary protocol

Description

Number of the channel-group

Detailed display of the settings

Shows which load balancing method is enabled

Information on the Etherchannel port

Information on the port-channel

Brief overview of the settings of a channel-group

Specification of the protocol set for a channel-group

If you do not select any parameters from the parameter list, the settings of all channels will be displayed in detail.

Result

The Etherchannel settings are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

179

Network structures

6.2 Link aggregation

6.2.2

show interfaces etherchannel

Description

This command shows the interface-specific information for a port channel.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show interfaces[<interface-type><interface-id>]etherchannel

The parameters have the following meaning:

Parameters interfacetype

Description

Type or speed of the interface

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select an interface, information for all interfaces is displayed.

Result

The interface-specific information for a port channel is displayed.

6.2.3

Description

show lacp

This command shows the information about the settings and information about the ports involved in the link aggregation. The number of sent and received packets is also displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

180

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.2 Link aggregation cli> or cli#

Syntax

Call up the command with the following parameters: show lacp [<port-channel(1-8)>]{counters|neighbor[detail]}

The parameters have the following meaning:

Parameter portchannel counters neighbor detail

Description

Number of the channel-group

Shows the values of the counters

Displays information on neighbor ports

Displays detailed information on neighbor ports

-

-

-

Range of values

1 ... 8

If you do not select a port channel, information for all available interfaces is displayed.

Result

The information is displayed.

6.2.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

6.2.4.1

Description port-channel load-balance

With this command, you configure the load balancing policy for the interconnected ports of the previously defined port channels.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

181

Network structures

6.2 Link aggregation cli(config)#

Syntax

Call up the command with the following parameters: port-channel load-balance

{mac-src-dst | ip-mac-src-dst}

[<port-channel-index(1-8)>]

The parameters have the following meaning:

Parameter mac-src-dst

Description

Load balancing is based on the MAC addresses of the sources and destinations.

Range of values

-

-

Default: enabled ip-mac-srcdst port-channelindex

Load balancing is based on the IP and MAC addresses of the sources and destinations.

Number of the port channel 1 ... 8

If you do not enter a value for port-channel-index, the setting is used for all port channels.

Result

The load balancing policy is set.

Further notes

You can reset the setting for the load balancing policy to the default with the no portchannel load-balance command.

You can display the status of this function and other settings with the show etherchannel command.

6.2.4.2

Description no port-channel load-balance

With this command, you reset the load balancing policy for the interconnected ports of the previously defined port channels to the default.

The default value is src-dest-mac.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows:

182

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.2 Link aggregation cli(config)#

Syntax

Call up the command with the following parameters: port-channel load-balance [<port-channel-index(1-8)>]

The parameter has the following meaning:

Parameters port-channel-index

Description

Number of the port channel

Range of values

1 ... 8

If you do not enter a value for port-channel-index, the setting is used for all port channels.

Result

The load balancing policy is reset to the default value.

Further notes

You can change the setting for the load balancing policy with the port-channel loadbalance command.

You can display the status of this function and other settings with the show etherchannel command.

6.2.5

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

6.2.5.1

Description channel-group

With this command, you add an interface to an Etherchannel.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

183

Network structures

6.2 Link aggregation

Requirement

With the interface po <channel-group-id(1-8)> command, you have already generated a logical interface for an Etherchannel.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: channel-group <channel-group-number(1-8)>mode{on|active|passive}

The parameters have the following meaning:

Parameter channel-groupnumber on active passive

Description

Number of the channel-group

Adds the interface without LACP to a channel group.

This corresponds to manual bundling.

The negotiation of a connection via LACP is started unconditionally

The negotiation of a connection via LACP is started when an LACP packet arrives from the connection partner

-

-

-

Range of values

1 ... 8

Result

6.2.5.2

Description

The Etherchannel is configured.

no channel-group

With this command, you remove the interface from an Etherchannel.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters:

184

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result no channel-group

The interface is deleted from the Etherchannel.

Network structures

6.2 Link aggregation

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

185

Network structures

6.3 Spanning Tree

6.3

Spanning Tree

The Spanning Tree Protocol is used to monitor a LAN for redundant connections. These are blocked and reactivated when necessary if there are changes to the network topology.

This section describes the commands of the Spanning Tree Protocol (STP), the Rapid

Spanning Tree Protocol (RSTP) and the Multiple Spanning Tree Protocol (MSTP).

Note

Avoiding bad configurations

When using the commands in this section, you should take particular care because a bad configuration of this function can have serious negative affects on the network.

6.3.1

The "show" commands

6.3.1.1

Description show spanning-tree

This command shows the settings of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree [{summary|blockedports|pathcost method}]

The parameters have the following meaning:

Parameters Description summary

Displays a summary blockedports

Shows the blocked ports pathcost method shows whether 16-bit (short) or 32 bit (long) values are used in the calculation

Result

186

The settings for the spanning tree function are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Further notes

You can show further settings for special aspects of the Spanning Tree Protocol with the following commands:

● show spanning-tree active

● show spanning-tree bridge

● show spanning-tree detail

● show spanning-tree interface

● show spanning-tree root

● show spanning-tree mst

6.3.1.2

Description show spanning-tree mst

This command shows various settings of the spanning tree configuration specific to a Common

Internal Spanning Tree (CIST) instance or a selected instance of the Multiple Spanning Tree

Protocol.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with one of the following parameter assignments: show spanning-tree mst[<instance-id(1-64)>][detail]

The parameters have the following meaning:

Parameters Description instance-id

Number of the instance or range of instances whose settings are displayed detail

Shows detailed information about the selected interface -

Range of values

1 ... 64

Result

The settings are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

187

Network structures

6.3 Spanning Tree

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

6.3.1.3

Description show spanning-tree active

This command shows the settings for the active ports of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree active [detail]

The parameter has the following meaning:

Parameters detail

Description

Shows settings in detail

Result

The settings for the active ports of the spanning tree function are displayed.

6.3.1.4

Description show spanning-tree bridge

This command shows the settings of the spanning tree function of the bridge.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

188

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: show spanning-tree bridge

[{address|forward-time|hello-time|id|max-age|protocol|priority| detail}]

The parameters have the following meaning:

Parameters Description address forwardtime hellotime

Shows the MAC address of the bridge

Shows the time that the bridge is in the listening mode when changing from the blocking mode to the learning mode

Shows the time after which the bridge sends configuration BPDUs id max-age protocol priority detail

Shows the ID of the bridge

Shows the maximum age of the data packet after which it is deleted

Shows the protocol used

Shows the priority of the bridge

Shows detailed information about the spanning tree settings of the interface

Result

6.3.1.5

Description

The settings for the spanning tree function of the bridge are displayed.

show spanning-tree detail

This command shows the detailed settings of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show spanning-tree detail

Result

The detailed settings for the spanning tree function are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

189

Network structures

6.3 Spanning Tree

6.3.1.6

show spanning-tree interface

Description

This command shows the settings of the ports for the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree interface <interface-type><interface-id>

[{cost|priority|portfast|rootcost|restricted-role|

restricted-tcn|state|stats|detail}]

The parameters have the following meaning:

Parameter interfacetype rootcost restrictedrole restrictedtcn state stats

Description

Type or speed of the interface

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid cost priority portfast detail

Slot no. and port no. of the interface

Shows the port costs used to calculate the lowestcost path.

Shows the priority of the port.

Shows whether spanning-tree portfast is enabled.

Shows the costs of the path to the root bridge.

Shows whether spanning-tree restrictedrole is enabled.

Shows whether spanning-tree restrictedtcn is enabled.

Shows the status of the interface.

Shows the counters of the various BPDU transmissions.

Shows detailed information about the spanning tree settings of the interface.

-

-

-

-

-

-

-

-

-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

190

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Result

6.3.1.7

Description

The settings of the ports for the spanning tree function are displayed.

show spanning-tree interface layer2-gateway-port

This command shows the settings for the layer2 gateway port (L2GP). For example the pseudoroot priority, pseudo root MAC address and the status of L2GP are displayed

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree interface

[<interface-type><interface-id>] layer2-gateway-port

The parameters have the following meaning:

Parameters interfacetype

Description

Type or speed of the interface

Values

● gigabitethernet

● extreme-ethernet

● port-channel

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings are displayed.

6.3.1.8

Description show spanning-tree root

This command shows the settings of the root bridge for the spanning tree function.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

191

Network structures

6.3 Spanning Tree

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree root

[{address|cost|forward-time|id|max-age|port|priority|detail}]

The parameters have the following meaning:

Parameter Description address cost

Shows the MAC address of the root bridge

Shows the costs of the connection to the root bridge.

forward-time

Shows the time that the bridge is in the listening mode when changing from the blocking mode to the learning mode id max-age port priority detail

Shows the ID of the root bridge

Shows the maximum age of the data packet after which it is deleted

Shows the interface via which the spanning tree is set up

Shows the priority of the bridge

Shows detailed information about the root bridge

Result

The settings of the root bridge for the spanning tree function are displayed.

6.3.1.9

Description show spanning-tree mst configuration

This command shows various settings for an instance of the Multiple Spanning Tree

Protocol.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

192

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree show spanning-tree mst configuration

Result

The settings are displayed.

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

6.3.1.10

show spanning-tree mst interface

Description

This command shows port-specific settings of a Multiple Spanning Tree configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with one of the following parameter assignments: show spanning-tree mst

[<instance-id(1-64)>] interface<interface-type><interface-id>

[{stats|hello-time|detail}]

The parameters have the following meaning:

Parameters Description instance-id

Number of the instance or range of instances whose settings are displayed interfacetype

Type or speed of the interface

Slot no. and port no. of the interface interfaceid stats hello-time detail

Shows the number of incoming and outgoing packets for each path of the interface

Shows the intervals at which the root switch sends its "Hello" message to the other switches

Shows detailed information about the selected interface

-

-

-

Range of values

1 ... 64

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

193

Network structures

6.3 Spanning Tree

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings are displayed.

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

6.3.2

Description

clear spanning-tree detected protocols

With this command, you restart the protocol transmission process on a specific or on all interfaces and force renegotiation of the connection settings with the neighboring devices.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters: clear spanning-tree detected protocols

[{interface<interface-type><interface-id>}]

The parameters have the following meaning:

Parameters Description interface

Keyword for a an interface description interfacetype

Type or speed of the interface interfaceid

Slot no. and port no. of the interface

Values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the process is restarted for all interfaces.

194

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Result

The connection settings for spanning tree are renegotiated.

6.3.3

Description

clear spanning-tree counters

With this command, you reset all the statistical counters of the spanning tree function at the device and port level.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: clear spanning-tree counters

Result

The counters are reset.

6.3.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

6.3.4.1

Description spanning-tree

The Spanning Tree Protocol is used to monitor a LAN for redundant connections. These are blocked and reactivated when necessary if there are changes to the network topology.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

195

Network structures

6.3 Spanning Tree

With this command, you enable the spanning tree function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: spanning-tree

Result

The spanning tree function is enabled.

Further notes

As default the function is "enabled".

You disable the spanning tree function with the no spanning tree command.

You can display the status of this function and other information with the show spanning tree detailcommand.

You can display information about active ports with the show spanning tree active command.

6.3.4.2

Description no spanning-tree

With this command, you disable the spanning tree function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree

196

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Result

The spanning tree function is disabled.

Further notes

You enable the spanning tree function with the spanning tree command.

You can display the status of this function and other information with the show spanning tree detailcommand.

You can display information about active ports with the show spanning tree active command.

6.3.4.3

Description spanning-tree compatibility

With this command, you configure the compatibility version of the protocol that will be used by the spanning tree function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: spanning-tree compatibility {stp|rst|mst}

The parameters have the following meaning:

Parameter stp rst mst

Description

The version is compatible with the Spanning Tree protocol

The version is compatible with the Rapic Spanning Tree protocol

Default: enabled

The version is compatible with the Multiple Spanning Tree protocol

Result

The compatibility version of the protocol is selected.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

197

Network structures

6.3 Spanning Tree

Further notes

You can reset the setting to the default mst with the no spanning-tree compatibility command.

You can display the status of this function and other information with the show spanning tree detail command.

You can display information about active ports with the show spanning tree active command.

6.3.4.4

Description no spanning-tree compatibility

With this command, you reset the compatibility version of the protocol of the spanning tree function to the default value.

The default value is MST.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree compatibility

Result

The compatibility version is reset to the default value.

Further notes

You configure the setting with the spanning-tree compatibility command.

6.3.4.5

Description spanning-tree priority

With this command, you configure the priority of the device. Which device becomes the root bridge is decided based on the priority. The bridge with the highest priority becomes the root bridge. The lower the value, the higher the priority.

198

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: spanning-tree[mst <instance-id(1-64)>] priority <value(0-61440)>

The parameters have the following meaning:

Parameter Description mst

Keyword for a Multiple Spanning Tree instance instance-id

Number of the instance priority value

Keyword for the priority

Value for the priority

Range of values

-

1 ... 64

-

0 ... 61440

Default: 32768

You can only change the value for the priority in the steps of 4096.

Result

The priority of the device is configured.

Further notes

You can reset the setting to the default with the no spanning-tree mst priority command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.4.6

Description no spanning-tree priority

With this command, you reset the priority of the device back to the default value.

The default value is 32768.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

199

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: no spanning-tree[mst <instance-id(1-64)>]priority

The parameters have the following meaning:

Parameters Description mst instanceid

Keyword for a Multiple Spanning Tree instance

Number of the instance

Range of values

-

1 ... 64

Result

The priority of the device is reset to the default value.

Further notes

You configure the setting with the spanning-tree mst priority command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.4.7

Description spanning-tree mst configuration

With this command, you change to the MSTP configuration mode.

Requirement

You are in the Global configuration mode.

● MSTP is enabled

● Base bridge mode: 802.1Q VLAN Bridge

● Compatibility mode: MSTP

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: spanning-tree mst configuration

200

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Result

You are now in the MSTP configuration mode.

The command prompt is as follows: cli(config-mst)#

Further notes

6.3.4.8

You exit the MSTP configuration mode with the end or exit command.

spanning-tree mst max-hops

Description

With this command, you configure the maximum number of nodes (hops) that a path can run through in an MST.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: spanning-tree mst max-hops <value(6-40)>

The parameter has the following meaning:

Parameter value

Description Range of values

Maximum number of hops that a path can run through in an MST 6 ... 40

Default: 20

Result

The setting for the maximum number of hops is configured.

Further notes

You can reset the setting for the maximum number of nodes to the default with the no spanning-tree mst max-hops command.

You display this setting and other information with the show spanning tree mst configuration command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

201

Network structures

6.3 Spanning Tree

6.3.4.9

no spanning-tree mst max-hops

Description

With this command, you reset the maximum number of hops that a path in an MST can run through to the default value.

The default value is 20.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree mst max-hops

Result

The setting for the maximum number of nodes is reset to the default value.

Further notes

You can configure the setting for the maximum number of nodes with the spanning-tree mst max-hops command.

You display this setting and other information with the show spanning tree mst configuration command.

6.3.4.10

spanning-tree mst instance-id root

Description

With this command you specify whether the device is a root bridge (primary) or a substitute root bridge (secondary).

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

202

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: spanning-tree mst{instance-id<instance-id(1-64)>}root{primary| secondary}

The parameters have the following meaning:

Parameter Description instanceid

Keyword for the instance instanceid

Number of the instance primary

The priority of the device is set to a low value so that the device can become the root bridge (primary) of the

Spanning Tree instance. The lower the value, the higher the priority.

secondary

The priority of the device is set to a low value so that the device becomes the substitute root bridge (secondary) of the Spanning Tree instance. If the root bridge (primary) fails, the substitute root bridge (secondary) takes over the task of the root bridge without delay.

-

Range of values

1 ... 64

The priority is set to the value 24576.

The priority is set to the value 28672.

Result

The function of the device is specified.

Further notes

You disable the root bridge with the no spanning-tree mst instance-id root command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.4.11

no spanning-tree mst instance-id root

Description

With this command, you disable the root bridge function on the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

203

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: spanning-tree mst{instance-id<instance-id(1-64)>}root

The parameters have the following meaning:

Parameter instance-id instance-id

Description

Keyword for the instance

Number of the instance

Range of values

-

1 ... 64

Result

The function is disabled.

Further notes

You enable the root bridge function with the spanning-tree mst instance-id root command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.4.12

Time settings for the Spanning Tree protocol spanning-tree

Description

With this command, you configure the various time settings of the spanning tree function:

● With the forward-time option, you configure the time after which a port changes its spanning tree status from "Blocking" to "Forwarding".

● With the hello-time option, you configure the time after which the bridge sends its configuration BPDUs.

● With the max-age option, you configure the time after which the information of the BPDUs becomes invalid.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

204

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: spanning-tree{forward-time<seconds(4-30)>|hello-time<seconds(1-2)>|

max-age<seconds(6-40)>}

The parameters have the following meaning:

Parameter forward-time seconds hello-time seconds max-age seconds

Description

Keyword for the time after which a port changes its spanning tree status from "Blocking" to "Forwarding"

Time after which the changeover takes place

-

Range of values

-

4 ... 30

Default: 15

Keyword for the time after which the bridge sends its configuration BPDUs

Time after which they are sent

-

1 ... 2

Default: 2

Keyword for the time after which the information of the BPDUs becomes invalid

Maximum age of the BPDUs in seconds 6 ... 40

Default: 20

Note

Dependencies when setting the timing

If you specify the time settings for spanning tree, you need to keep to the following two rules:

2 * (forward-time - 1) >= max-age and max-age >= 2 * (hello-time + 1)

Result

The selected setting for the time is configured.

Further notes

You can reset the time to the default with the no spanning-tree command (time settings).

You display these settings and other information with the commands that start with show spanning tree ....

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

205

Network structures

6.3 Spanning Tree no spanning-tree

Description

With this command, you reset the various time settings of the spanning tree function to the default value.

The default values are as follows:

Parameters forward-time hello-time max-age

Default value

15 seconds

2 seconds

20 seconds

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no spanning-tree{forward-time|hello-time|max-age}

The parameters have the following meaning:

Parameters forward-time hello-time max-age

Description

Time after which a port changes its spanning tree status from "Blocking" to

"Forwarding"

Time after which the bridge sends its configuration BPDUs

Time after which the information of the BPDUs becomes invalid

Result

The selected setting for the time is reset to the default value.

Further notes

You configure the time with the spanning-tree command (time settings).

You display these settings and other information with the commands that start with show spanning tree ....

206

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

6.3.5

Network structures

6.3 Spanning Tree

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

6.3.5.1

Description spanning-tree

With this command, you configure the various properties of the spanning tree function:

● With the cost option, you configure the port costs used to calculate the lowest-cost path.

● With the disable option, you disable the interface for the spanning tree function.

● With the link-type option, you configure the connection status of the following network segment. The following settings are possible:

– point-to-point – the interface communicates with precisely one network component

– shared - the interface is connected to more than one network component

● With the portfast option, you enable the PortFast function on the interface. The interface is connected to an end device and can therefore ignore the waiting time before changing to Forwarding mode.

● With the port-priority option, you configure the priority of the interface for negotiating a spanning tree configuration.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree {cost <0-200000000>|disable|

link-type{point-to-point|shared}|portfast|

port-priority<0-240>}

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

207

Network structures

6.3 Spanning Tree

The parameters have the following meaning:

Parameter cost disable link-type portfast port-priority

Description

Keyword

Describes the costs of the port for calculating the lowest cost path.

disables the interface for spanning tree

Connection status of the following network segment

Enables the PortFast function

Priority of the interface

Range of values

0 ... 200000000

Default: if dynamic calculation of the path costs is not enabled:

● 200000 for physical interfaces

-

● 199999 for port channels

Default:

The spanning tree function is enabled on the interface

● point-to-point

● shared

Default:

● point-to-point

The connection is configured as fullduplex

● shared in all other cases

-

Default: disabled

0 ... 240 in steps of 16

Default: 128

Note

Configure multiple properties

Each time the command is called, you can configure precisely one property.

If you want to configure more than one property, call up the command more than once.

Result

The selected setting is configured.

Further notes

You can reset the setting to the default with the no spanning-tree (properties) command.

You display these settings and other information with the commands that start with show spanning tree ....

208

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.5.2

Description no spanning-tree

With this command, you reset the various properties of the spanning tree function to the default value:

The default values are as follows:

Parameter cost disable link-type portfast port-priority

Default value if dynamic calculation of the path costs is not enabled:

● 200000 for physical interfaces

● 199999 for port channels

The spanning tree function is enabled on the interface

● point-to-point

The connection is configured as full-duplex

● shared in all other cases disabled

128

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree {cost|disable|link-type|portfast|port-priority}

The parameters have the following meaning:

Parameter cost disable link-type portfast portpriority

Description

Keyword for the costs of the port for calculating the lowest-cost path.

Enables the interface for spanning tree.

Connection status of the following network segment

Disables the PortFast function.

Keyword for the priority of the interface

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

209

Network structures

6.3 Spanning Tree

Note

Configure multiple properties

Each time the command is called, you can configure precisely one property.

If you want to configure more than one property, call up the command more than once.

Result

The selected setting is reset to the default value.

Further notes

You configure the setting with the spanning-tree command (properties).

You display these settings and other information with the commands that start with show spanning tree ....

6.3.5.3

Description spanning-tree mst

With this command, you configure the various properties of the multiple spanning tree function:

● With the cost option, you configure the port costs used to calculate the lowest-cost path.

● With the port-priority option, you configure the priority of the interface for negotiating a multiple spanning tree configuration.

● With the disable option, you disable the interface for the multiple spanning tree function.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree mst<instance-id(1-64)>

{cost(0-200000000)|port-priority (0-240)|disable}

The parameters have the following meaning:

210

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Parameter Description Range of values instance-id cost port-priority disable

Number of the addressed instance

Costs of the port for calculating the lowest cost path.

Priority of the interface

1 ... 64

0 ... 200000000

Default:

● 200000 for physical interfaces

● 199999 for port channels

0 ... 240 in steps of 16

Default: 128 disables the interface for multiple spanning tree -

Default:

The multiple spanning tree function is enabled on the interface

Note

Configure multiple properties

Each time the command is called, you can configure precisely one property.

If you want to configure more than one property, call up the command more than once.

Result

The selected setting is configured.

Further notes

You can reset the setting to the default with the no spanning-tree mst (properties) command.

You display these settings and other information with the commands that start with show spanning tree ....

6.3.5.4

Description no spanning-tree mst

With this command, you reset the various properties of the multiple spanning tree function to the default value.

The default values are as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

211

Network structures

6.3 Spanning Tree

Parameter cost port-priority disable

Default value

● 200000 for physical interfaces

● 199999 for port channels

128

The multiple spanning tree function is enabled on the interface

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree mst<instance-id(1-64)>{cost|port-priority|disable}

The parameters have the following meaning:

Parameter Description Range of values instance-id cost

Number of the addressed instance

Keyword for the costs of the port for calculating the lowest-cost path.

port-priority

Keyword for the priority of the interface disable

Enables the interface for multiple spanning tree.

-

-

-

1 ... 64

Note

Configure multiple properties

Each time the command is called, you can configure precisely one property.

If you want to configure more than one property, call up the command more than once.

Result

The selected setting is reset to the default value.

Further notes

You configure the setting with the spanning-tree mst command (properties).

You display these settings and other information with the commands that start with show spanning tree ....

212

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.5.5

Description spanning-tree auto-edge

With this command, you enable automatic discovery of a bridge connected to the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree auto-edge

Result

The automatic discovery of a bridge on the interface is enabled.

Further notes

The automatic discovery of a bridge on the interface is enabled with the no spanning-tree auto-edge command.

6.3.5.6

Description no spanning-tree auto-edge

With this command, you disable automatic discovery of a bridge connected to the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree auto-edge

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

213

Network structures

6.3 Spanning Tree

Result

The automatic discovery of a bridge on the interface is disabled.

Further notes

The automatic discovery of a bridge on the interface is disabled with the spanning-tree auto-edge command.

6.3.5.7

Description spanning-tree bpdu-transmit

With this command, you enable or disable the BPDU transmit status at the port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree bpdu-transmit{enabled|disabled}

The parameters have the following meaning:

Parameter enabled disabled

Description

BPDU packets are transmitted at the port

Default: enabled

BPDU packets are not transmitted at the port

Result

The BPDU transmit status has switched over.

Further notes

You can display the status of this function and other information with the show spanning tree interface command with the detail option.

214

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.5.8

Description spanning-tree bpdu-receive

With this command, you enable / disable the BPDU receive status at the port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree bpdu-receive{enabled|disabled}

The parameters have the following meaning:

Parameter enabled disabled

Description

BPDU packets are received at the port

Default: enabled

BPDU packets are ignored at the port

Result

The BPDU receive status is enabled / disabled.

Further notes

You can display the status of this function and other information with the show spanning tree interface command with the detail option.

6.3.5.9

Description spanning-tree bpdufilter

With this command, you configure the BPDU transmission status for a port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

215

Network structures

6.3 Spanning Tree

Syntax

Call up the command with the following parameters: spanning-tree bpdufilter{disable|enable}

The parameters have the following meaning:

Parameter disable enable

Description

The transfer of BPDU packets is disabled for the port

Default: disabled

The transfer of BPDU packets is enabled for the port

Result

The BPDU transmit status is configured.

6.3.5.10

spanning-tree layer2-gateway-port

Description

With this command, you configure a port as a layer 2 gateway port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree layer2-gateway-port

Result

The port is configured as a layer 2 gateway port.

Further notes

You delete the configuration of a port as a layer 2 gateway port with the commandno spanning-tree layer2-gateway-port.

You can display other information with the show spanning tree interface command with the detail option.

216

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.5.11

no spanning-tree layer2-gateway-port

Description

With this command, you delete the configuration of the port as a layer 2 gateway port.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree layer2-gateway-port

Result

The configuration of the port as a layer 2 gateway port is deleted.

Further notes

You configure a port as a layer 2 gateway port with the commandspanning-tree layer2gateway-port.

You can display other information with the show spanning tree interface command with the detail option.

6.3.5.12

spanning-tree loop-guard

Description

This function prevents alternative ports or root ports becoming designated ports if there is a disruption of a one-way link.

With this command, you enable the function.

Requirement

● Spanning tree is enabled.

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

217

Network structures

6.3 Spanning Tree

Syntax

Call the command without parameters: spanning-tree loop-guard

Result

The function is enabled.

Further notes

You disable the setting with the no spanning-tree loop-guard command.

You can display the status of this function and other information with the following commands:

● show spanning-tree detail

● show spanning-tree active detail

● show spanning-tree interface

6.3.5.13

no spanning-tree loop-guard

Description

This function prevents alternative ports or root ports becoming designated ports if there is a disruption of a one-way link.

With this command, you disable the function.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree loop-guard

Result

The function is disabled.

Further notes

You enable the setting with the spanning-tree loop-guard command.

218

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

You can display the status of this function and other information with the following commands:

● show spanning-tree detail

● show spanning-tree active detail

● show spanning-tree interface

6.3.5.14

spanning-tree restricted-role

Description

With this command, you prevent the port adopting the role of root port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree restricted-role

As default the function is "disabled".

Result

The port is prevented from adopting the role of root port.

Further notes

You cancel the lock with the no spanning-tree restricted-role command.

You can display the status of this function and other information with the show spanning tree detail command.

6.3.5.15

no spanning-tree restricted-role

Description

With this command, you release the port for the role as root port.

Requirement

You are in the interface configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

219

Network structures

6.3 Spanning Tree

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree restricted-role

Result

The port is released for the role of root port.

Further notes

You prevent the port adopting the role of the root port with the spanning-tree restricted-role command.

6.3.5.16

spanning-tree restricted-tcn

Description

With this command, you restrict the port for the Topology Change Notification (TCN) function.

The port cannot initiate any modifications to the network topology.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree restricted-tcn

Result

The port is prevented from using the TCN function.

Further notes

You cancel the lock with the no spanning-tree restricted-tcn command.

You can display the status of this function and other information with the show spanning tree detailcommand.

220

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.5.17

no spanning-tree restricted-tcn

Description

With this command, you release the port for the TCN function.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree restricted-tcn

Result

The port is released for the TCN function.

Further notes

You restrict the port for the TCN function with the spanning-tree restricted-tcn command.

6.3.5.18

spanning-tree mst hello-time

Description

With this command, you configure the Hello time after which the bridge sends its configuration

BPDUs.

A change to this value applies to all MST instances active on this interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

221

Network structures

6.3 Spanning Tree spanning-tree mst hello-time <seconds(1-2)>

The parameter has the following meaning:

Parameter Description seconds

Time after which the bridge sends its configuration BPDUs

Range of values

1 ... 2

Default: 2

Result

The setting for the hello time is configured.

Further notes

You can reset the setting for the hello time to the default with the no spanning-tree mst hello-time command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.5.19

no spanning-tree mst hello-time

Description

With this command, you reset the hello time after which the bridge sends its configuration

BPDUs to the default value.

The default value is 2 seconds.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree mst hello-time

Result

The setting for the hello time is reset to the default value.

222

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

Further notes

You can configure the setting for the hello time with the spanning-tree mst hellotime command.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.5.20

spanning-tree mst PseudoRootId

Description

With this command, you configure a pseudoroot MAC address and the priority for a spanning tree configuration. The command is used in conjunction with the layer 2 gateway port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree[mst<instance-id>]pseudoRootId

priority<value(0-61440)>mac-address<ucast_mac>

The parameters have the following meaning:

Parameter mst instance-id priority value

Description

Keyword for a spanning tree instance

Number of the instance

Keyword for the priority

Value for the priority mac-address ucast_mac

Keyword for the pseudoroot unicast MAC address

MAC address of the interface

Range of values

-

1 ... 64

-

0 ... 61440

Default:

Priority of the device

- aa:aa:aa:aa:aa:aa

Default:

MAC address of the device

You can only change the value for the priority in the steps of 4096.

Result

The pseudoroot MAC address and the priority are configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

223

Network structures

6.3 Spanning Tree

Further notes

You can reset the settings to the default values with the no spanning-tree mst pseudoRootIdcommand.

You display this setting and other information with the commands that start with show spanning tree ....

6.3.5.21

no spanning-tree mst PseudoRootId

Description

With this command, you reset a pseudoroot MAC address and the priority of the spanning tree configuration to the default values.

The default values are as follows:

● The priority is configured to the priority of the device.

● The MAC address is configured to the MAC address of the device.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree[mst<instance-id(1-64)>]pseudoRootId

The parameters have the following meaning:

Parameters mst instance-id

Description

Keyword for a spanning tree instance

Number of the instance

Range of values

-

1 ... 64

Result

The pseudoroot MAC address and the priority are rest to the defaults.

Further notes

You configure the settings with the spanning-tree mst pseudoRootId command.

You display this setting and other information with the commands that start with show spanning tree ....

224

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

6.3.6

Network structures

6.3 Spanning Tree

Commands in the MSTP configuration mode

This section describes commands that you can call up in the MSTP configuration mode.

In the Global configuration mode, enter the spanning-tree mst configuration command to change to this mode.

● If you exit the MSTP configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the MSTP configuration mode with the end command, you return to the Privileged

EXEC mode.

6.3.6.1

Description instance

With this command, you assign a range of VLANs to an MST instance.

Requirement

You are in the MSTP configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: instance <instance-id(1-64)> vlan <vlan-range>

The parameters have the following meaning:

Parameter instance-id vlan-range

Description

Number of the instance

Range of VLANs assigned to an instance

Range of values

1 ... 64

Default:

The VLANs 1 – 4094 are assigned to instance "0" enter the range limts with a hyphen or blank

Result

The range of VLANs is assigned to the MST instance.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

225

Network structures

6.3 Spanning Tree

Further notes

You cancel the assignment of the VLAN to an MST instance with the no instance command.

You delete the MST instance with the no instance command.

You display this setting and other information with the show spanning-tree mst configuration command.

6.3.6.2

Description no instance

With this command, you cancel the assignment of a VLAN to an MST instance or delete the

MST instance.

Requirement

You are in the MSTP configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: no instance <instance-id (1-64)> [vlan <vlan-range>]

The parameters have the following meaning:

Parameter Description instance-id

Number of the MST instance vlan-range

Range of VLANs that will be deleted from the instance

Range of values

1 ... 64 enter the range limts with a hyphen or blank

If you specify a VLAN or a VLAN range, the assignment to an MST instance is canceled.

If you do not specify a VLAN, the MST instance is deleted.

Result

The assignment of a VLAN to an MST instance is canceled or the MST instance is deleted.

Further notes

You delete a VLAN of an MST instance with the instance command.

You display this setting and other information with the show spanning-tree mst configuration command.

226

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.3 Spanning Tree

6.3.6.3

Description name

With this command, you delete the name for the MST region.

Requirement

You are in the MSTP configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: name <region-name>

The parameter has the following meaning:

Parameter region-name

Description

Name of the MST region

The default value of the name is the MAC address of the device.

Result

The name is configured.

Further notes

Range of values

-max. 32 characters

You delete the name of the MST region with the no namecommand.

You display this setting and other information with the show spanning tree mst configuration command.

6.3.6.4

Description no name

With this command, you reset the name fot the MST region to the default value.

The default value is:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

227

Network structures

6.3 Spanning Tree

● The MAC address of the device is configured as name.

Requirement

You are in the MSTP Configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call the command without parameters: no name

Result

The name is reset to the default value.

Further notes

You configure the name of the MST region with the name command.

You display this setting and other information with the show spanning tree mst configuration command.

6.3.6.5

Description revision

With this command, you assign a revision number to the MST region.

Requirement

You are in the MSTP Configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: revision <revision-no(0-65535)>

The parameters have the following meaning:

228

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter revision-no

Description value of the revision number

Range of values

0 ... 65535

Default: 0

Network structures

6.3 Spanning Tree

Result

The MST region is assigned a revision number.

Further notes

You delete the revision number with the no revision command.

You display this setting and other information with the show spanning tree mst configuration command.

6.3.6.6

Description no revision

With this command, you reset the revision number of the MST region to the default value.

The default value is 0.

Requirement

You are in the MSTP configuration mode.

The command prompt is as follows: cli(config-mst)#

Syntax

Call the command without parameters: no revision

Result

The revision number of the MST region is reset to the default value.

Further notes

You assign a revision number to the MST region with the revision command.

You display this setting and other information with the show spanning tree mst configuration command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

229

Network structures

6.4 Passive Listening

6.4

Passive Listening

6.4.1

Description

show passive-listening

This command shows whether or not passive listening is enabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show passive-listening

Result disabled is displayed if passive listening is disabled. If passive listening is enabled, enabled is displayed.

6.4.2

passive-listening

Description

This command enables passive listening.

Requirement

Note

No simultaneous operation with MSTP

Passive listening can only be enabled when MSTP is disabled.

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

230

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network structures

6.4 Passive Listening

Syntax

Call the command without parameters: passive-listening

Result

The passive listening function is enabled.

Further notes

You disable passive listening with the no passive-listening command.

You display the status of passive listening with the show passive-listening command.

6.4.3

Description

no passive-listening

This command disables passive listening.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no passive-listening

Result

The passive listening function is disabled.

Further notes

You enable passive listening with the passive-listening command.

You display the status of passive listening with the show passive-listening command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

231

Network protocols

This part contains the sections that describe the commands for working with the various network protocols.

7

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

233

Network protocols

7.1 IPv4 protocol

7.1

IPv4 protocol

This section describes commands of the Internet Protocol (IP) version 4.

7.1.1

Description

show ip route

This command shows the routes currently being used.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip route[{<ip-address>[<mask>]|connected|ospf|static|summary}]

The parameters have the following meaning:

Parameter Description ip-address Shows the information for a specific IP address.

mask

Defines an address range using the subnet mask.

connected

Shows the direct connections.

ospf

Shows the OSPF routes.

static summary

Shows the static routes.

Shows a summary.

Range of values

-

-

-

enter a valid IP address

/8, /16 or /24

Result

The routing table is displayed.

7.1.2

Description

show ip static route

This command shows the routes that were generated statically.

234

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip static route

Result

The static routes are displayed.

7.1.3

Description

show ip gateway

This command shows the default gateway configured for the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip gateway

Result

The default gateway is displayed.

7.1.4

Description

show ip telnet

This command shows the admin status and the port number of the telnet server.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

235

Network protocols

7.1 IPv4 protocol

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip telnet

Result

The admin status and the port number of the Telnet server are displayed.

7.1.5

Description

show dcp server

This command shows whether or not the DCP function is enabled on the device.

If the DCP function is enabled, the read and write permissions are displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dcp server

Result

The overview of the status of the DCP function and access rights is displayed.

236

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

7.1.6

Description

show dcp forwarding

This command shows an overview of the DCP forwarding behavior on one or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show dcp forwarding [port<interface-type><interface-id>]

The parameters have the following meaning:

Parameters port interfacetype

Description

Keyword for a an interface description

Type or speed of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The overview of the DCP forwarding behavior is displayed.

7.1.7

Description

show ip dns

This command shows information about the DNS client, for example the status of the DNS client and parameters for querying the DNS server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

237

Network protocols

7.1 IPv4 protocol cli> or cli#

Syntax

Call the command without parameters: show ip dns

Result

Information on the DNS client is displayed.

7.1.8

Description

show ip dns cache

This command shows the content of the DNS cache. The DNS cache buffers replies of the

DNS server for a brief time. This allows other queries for the same name to be replied to directly without sending another query to the DNS server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip dns cache

Result

The content of the DNS cache is displayed.

7.1.9

Description

show ip dns name-server

This command shows information about the DNS servers configured on the device. The table contains the index, the address type (e.g. IPv4) and the IP address.

238

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip dns name-server

Result

The table with the information about the DNS servers is displayed.

7.1.10

show ip dns statistics

Description

This command shows DNS statistics. It provides information about the type and number of queries to the DNS server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip dns statistics

Result

Information about the communication with the DNS server is displayed.

7.1.11

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

239

Network protocols

7.1 IPv4 protocol

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.1.11.1

ip route

Description

With this command, you configure a static entry in the IP routing table.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip route <prefix> <mask> <next-hop> [<distance(1-255)>]

The parameter has the following meaning:

Parameter Description prefix mask specifies the IP address or the address range specifies the subnet mask used for prefix.

Use decimal notation.

next-hop specifies the IP address to which the selected addresses will be forwarded.

distance The value for the administrative distance.

Range of values enter a valid IP address enter a valid subnet mask enter a valid IP address

1 ... 255

Result

The entry is configured.

Further notes

You delete an entry from the IP routing table with the no ip route command.

You display the IP routing table with the show ip route command.

See also

Addresses and interface names (Page 32)

240

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

7.1.11.2

no ip route

Description

With this command, you delete a static entry from the IP routing table.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip route <prefix> <mask> <next-hop> [<distance(1-255)>]

The parameter has the following meaning:

Parameter Description prefix mask specifies the IP address or the address range specifies the subnet mask used for prefix.

Use decimal notation.

next-hop specifies the IP address to which the selected addresses were forwarded.

distance The value for the administrative distance.

Range of values enter a valid IP address enter a valid subnet mask enter a valid IP address

1 ... 255

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is deleted.

Further notes

You configure an entry from the IP routing table with the ip route command.

You display the IP routing table with the show ip route command.

See also

Addresses and interface names (Page 32)

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

241

Network protocols

7.1 IPv4 protocol

7.1.11.3

ip routing

Description

With this command, you enable the routing function.

Note

This command is available only with layer 3. DHCP must not be enabled on any IP interface.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip routing

Result

The routing function is enabled.

Further notes

You disable the function with the no ip routing command.

You display the setting with the show ip route command.

7.1.11.4

no ip routing

Description

With this command, you disable the routing function.

Note

This command is available only with layer 3.

Requirement

You are in the Global configuration mode.

242

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip routing

Result

The routing function is disabled.

Further notes

You enable the function with the ip routing command.

You display the setting with the show ip route command.

7.1.11.5

ip echo-reply

Description

To check the availability of a network node, packets of the Internet Control Message Protocol

(ICMP) can be sent to it. These packets of type 8 request the recipient to send a packet back to the sender (echo reply).

With this command, you enable the ICMP echo reply messages.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip echo-reply

Result

ICMP echo reply messages are enabled.

Further notes

You disable the setting with the no ip echo-reply command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

243

Network protocols

7.1 IPv4 protocol

You can display the setting of this function and other information with the show ip informationcommand.

7.1.11.6

no ip echo-reply

Description

With this command, you disable the ICMP echo reply messages.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip echo-reply

Result

ICMP echo reply messages are disabled.

Further notes

You change the setting with the ip echo-reply command.

You can display the setting of this function and other information with the show ip informationcommand.

7.1.11.7

telnet-server

Description

With this command, you enable the Telnet server.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

244

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Call the command without parameters: telnet-server

As default the function is "enabled".

Result

The Telnet server is enabled.

Further notes

You disable the Telnet server with the no telnet-server command.

7.1.11.8

no telnet-server

Description

With this command, you disable the Telnet server.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no telnet-server

Result

The Telnet server is enabled or disabled.

Further notes

You enable the Telnet server with the telnet-server command.

Network protocols

7.1 IPv4 protocol

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

245

Network protocols

7.1 IPv4 protocol

7.1.11.9

dcp server

Description

With this command, you configure the read and write permissions for the DCP server and enable it.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: dcp server {read-only|read-write}

The parameters have the following meaning:

Parameter read-only read-write

Description only reading is permitted on the DCP server reading and writing is permitted on the DPC server

Default: read-write

Result

The read and write permissions for the DPC server are configured.

The DCP server is enabled.

Further notes

You disable the DCP server with the no dcp server command.

7.1.11.10 no dcp server

Description

With this command, you disable the DCP server.

Requirement

You are in the Global configuration mode.

246

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no dcp server

Result

The DCP server is disabled.

Further notes

You enable and configure the DCP server with the dcp server command.

7.1.11.11 ip domain lookup

Network protocols

7.1 IPv4 protocol

Description

This command enables the DNS client of the device. To be able to use the function, a DNS server must be reachable.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip domain lookup

Result

The DNS client of the device is enabled and when necessary sends queries to the DNS server.

7.1.11.12 no ip domain lookup

Description

This command disables the DNS client of the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

247

Network protocols

7.1 IPv4 protocol

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip domain lookup

Result

The DNS client of the device is disabled.

7.1.11.13 ip name-server

Description

This command specifies an IP address of a DNS server. If there is more than one server, you can specify the order in which the servers are queried. To allow this, the optional parameter index is available. The server with the lowest index is queried first.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip name-server ipv4 <ip-address> [index <id1-3>]

The parameters have the following meaning:

Parameter ipv4 ip-address index id

Description

Keyword for IPv4

IP address of the DNS server

Keyword for the index

Index of the DNS server

Range of values

-

Format 0.0.0.0

-

1 ... 3

Result

248

The IP address and, if specified, the index for a DNS server has been set.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

7.1.11.14 no ip name server

Description

This command deletes the entry with the specified index for a DNS server. If you do not specify an index, all entries are deleted.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip name-server [index <id1-3>]

The parameters have the following meaning:

Parameter index id

Description

Keyword for the index

Index of the DNS server

Range of values

-

1 ... 3

Result

The specified entries for the DNS servers were deleted.

7.1.12

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

249

Network protocols

7.1 IPv4 protocol

7.1.12.1

ip address

Description

With this command, you assign an IP address to a VLAN interface.

Requirement

You are in the Interface configuration mode of VLAN or a router port and DHCP was disabled with the "no ip address" command.

The command prompt is as follows: cli(config-if-vlan$)# or with a router port: cli(config-RPort-if-Int$-$)

Syntax

Call up the command with the following parameters: ip address <ip-address> {<subnet-mask>|/<prefix-length(0-32)>}

[secondary]

The parameters have the following meaning:

Parameter Description ip-address IP address for the VLAN interface subnetmask prefixlength

Subnet mask of the corresponding subnet

Decimal representation of the mask as a number of "1" bits secondary

Further subnet for this interface -

Values enter a valid IP address enter a valid subnet mask

0 ... 32

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The IP address is assigned to the VLAN interface.

Note

Effectiveness of the command

The command is effective immediately.

If you configure the interface via which you access the device, the connection will be lost!

250

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.1 IPv4 protocol

Further notes

You delete the settings with the no ip address command.

You display this setting and other information with the show ip interface command.

7.1.12.2

no ip address

Description

With this command, you delete the assignment of an IP address to a VLAN interface and disable DHCP.

Requirement

You are in the Interface configuration mode of VLAN.

The command prompt is as follows: cli(config-if-vlan-$$$)#

Syntax

Call up the command without parameters or with the following parameter assignment: no ip address [<ip-address> | dhcp]

The parameter has the following meaning:

Parameter Description ipaddress

Address of the interface that will be deleted dhcp

Specify this parameter if you want to disable the DHCP function explicitly.

-

Values specify a valid IP address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

If DHCP was enabled on this interface, DHCP is now disabled. Any existing dynamically learned IP address will be automatically converted to a static IP address.

If static IP addresses were configured and if no explicit IP address was transferred as a parameter, all static IP addresses will be deleted from this interface.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

251

Network protocols

7.1 IPv4 protocol

If a static IP address was specified explicitly, this address is deleted from this interface.

Note

Effectiveness of the command

The command is effective immediately.

If you configure the interface via which you access the device, you can lose the connection!

Further notes

You configure the setting with the ip address command.

You display this setting and other information with the show ip interface command.

7.1.12.3

dcp forwarding

Description

With this command, you configure the forwarding behavior of the interface for DCP frames.

Note

PNIO configuration

Since DCP is a PROFINET protocol, the configuration created here is only effective with the

VLAN associated with the TIA interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dcp forwarding {block|forward}

The parameters have the following meaning:

Parameter block forward

Description

DCP frames are discarded

DCP frames are forwarded

Default: forward

252

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

The forwarding behavior of the interface for DCP frames is configured.

Network protocols

7.1 IPv4 protocol

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

253

Network protocols

7.2 DHCP client

7.2

DHCP client

This section describes commands of the Dynamic Host Configuration Protocol (DHCP).

7.2.1

Description

show ip dhcp client stats

With this command, you display the statistical counters of the DHCP client.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip dhcp client stats

Result

The counters are displayed.

7.2.2

Description

show ip dhcp client

With this command, you display the configuration settings of the DHCP client.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

254

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.2 DHCP client show ip dhcp client

Result

The configuration settings are displayed.

7.2.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.2.3.1

Description ip dhcp config-file-request

If the DHCP config file request option is set, the device requests the TFTP address and the name of a configuration file from the DHCP server. If the device is restarted following the completed download, the configuration settings are read from this file.

With this command, you enable the DHCP config file request option.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip dhcp config-file-request

Result

The DHCP config file request option is enabled.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

255

Network protocols

7.2 DHCP client

Further notes

You disable the DHCP config file request option with the no ip dhcp config-filerequest command.

7.2.3.2

Description no ip dhcp config-file-request

With this command, you disable the DHCP config file request option.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip dhcp config-file-request

Result

The DHCP config file request option is disabled.

Further notes

You enable the DHCP config file request option with the ip dhcp config-filerequest command.

7.2.3.3

Description ip dhcp client mode

With this command, you configure the type of identifier with which the DHCP client logs on with its DHCP server.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

256

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Result

Network protocols

7.2 DHCP client

Call up the command with the following parameters: ip dhcp client mode {mac|client-id<client-id>|sysname|pnio-name-ofstation}

The parameters have the following meaning:

Parameters mac client-id client-id sysname pnio-name-ofstation

Description Range of values

The client registers with its MAC address

The client registers with the assigned ID

Name of the assigned ID

The client registers with the assigned system name max. 32 characters the client registers with the PNIO name. The name is assigned with the PST tool.

-

-

-

The registration mode of the DHCP client is configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

257

Network protocols

7.3 DHCP Relay

7.3

DHCP Relay

This section describes commands for the DHCP Relay Agent.

7.3.1

Description

show dhcp server

With this command, you display the IP addresses of the DHCP servers to which the device forwards the frames.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode.

The command prompt is as follows: cli> or cli# or cli(config)#

Syntax

Call the command without parameters: show dhcp server

Result

The IP addresses of the DHCP servers are displayed.

Further notes

With the "ip dhcp server" command, you specify the IP addresses.

7.3.2

show ip dhcp relay information

Description

This command displays the DHCP relay agent settings for all or for a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode.

258

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.3 DHCP Relay

The command prompt is as follows: cli> or cli# or cli(config)#

Syntax

Call up the command with the following parameters: show ip dhcp relay information [vlan <vlan-id>]

The parameter has the following meaning:

Parameters vlan vlan-id

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values

--

1 ... 4094

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The configuration settings are displayed.

7.3.3

Commands in the Global Configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.3.3.1

Description ip dhcp server

With this command, you specify the IP addresses of the DHCP servers to which the DHCP relay agent forwards the frames. You can specify up to four IP addresses for the DHCP relay agent.

Requirement

● The DHCP Relay Agent is activated.

You are in the Global Configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

259

Network protocols

7.3 DHCP Relay

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip dhcp server<ip address>

The parameter has the following meaning:

Parameters ip adress

Description

IP address of the DHCP server

Range of values enter a valid IP address

Result

The IP address is specified.

Further notes

You remove the IP address with the no ip dhcp server command.

You enable the DHCP Relay Agent with the service dhcp-relay command.

You display the IP addresses with the show dhcp server command.

You display the settings with the show ip dhcp relay information command.

7.3.3.2

Description no ip dhcp server

With this command, you delete the IP address of the DHCP server.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip dhcp server <ip address>

The parameter has the following meaning:

260

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameters ip adress

Description

IP address of the DHCP server

Network protocols

7.3 DHCP Relay

Range of values

Enter the IP address to be deleted.

Result

The IP address is removed.

Further notes

You enable the DHCP Relay Agent with the service dhcp-relay command.

You create the IP address with the ip dhcp server command.

You display the IP addresses with the show dhcp server command.

7.3.3.3

Description ip dhcp relay circuit-id option

The Circuit ID is a sub option of the "DHCP Relay Information" option. The Circuit ID contains information about the origin of the DHCP packet.

With this command, you specify the information contained in the Circuit ID.

The Circuit ID is encoded in the DHCP packet if the "DHCP relay information" option is enabled.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip dhcp relay circuit-id option [router-index] [vlanid] [recv-port]

The parameters have the following meaning:

Parameters Description routerindex

The router index is added to the Circuit ID.

vlan-id

The VLAN ID is added to the Circuit ID.

recv-prot

The Circuit ID is added to the receiving port.

-

-

Range of values

Default setting

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

261

Network protocols

7.3 DHCP Relay

Result

The content of the Circuit ID is specified.

Further notes

You enable the DHCP Relay Information option with the ip dhcp relay information option command.

You display the information with the show ip dhcp relay information command.

7.3.3.4

Description ip dhcp relay information option

With this command, you enable the "IP DHCP Relay Information" option. If the option is enabled, prior to forwarding to the DHCP server, information about the origin of the DHCP query is encoded in the packet. If the DHCP server sends a response, the information is removed again before forwarding to the DHCP client.

This information is only encoded in the data packet if the DHCP relay agent is enabled.

Requirement

You are in the Global Configuration mode or in the Interface Configuration mode of VLAN.

The command prompt is as follows: cli(config)# or cli(config-if-$$)#

Syntax

Call the command without parameter assignment: ip dhcp relay information option

Result

The option is enabled.

Further notes

You disable the option with the no ip dhcp relay information option command.

You enable the DHCP Relay Agent with the no service dhcp-relay command.

You configure the content of the information with the ip dhcp relay circuit-id option command.

You can display the status of this option and other information with the show ip dhcp relay information command.

262

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.3.3.5

Description no ip dhcp relay information option

With this command, you disable the "IP DHCP Relay Information" option.

Network protocols

7.3 DHCP Relay

Requirement

You are in the Global Configuration mode or in the Interface Configuration mode of VLAN.

The command prompt is as follows: cli(config)# or cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip dhcp relay information option

Result

The option is disabled.

Further notes

You enable the option with the no ip dhcp relay information option command.

You can display the status of this option and other information with the show ip dhcp relay information command.

7.3.3.6

Description service dhcp-relay

With this command, you enable the DHCP relay agent on the device. The DHCP relay agent forwards the DHCP query to DHCP servers located in a different subnet.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

263

Network protocols

7.3 DHCP Relay service dhcp-relay

Result

The DHCP Relay Agent is activated.

Further notes

You disable the DHCP Relay Agent with the no service dhcp-relay command.

You create the IP addresses of the DHCP server with the ip dhcp server command.

You can display the status of this function and other information with the show ip dhcp relay informationcommand.

7.3.3.7

Description no service dhcp-relay

This command disables the DHCP relay agent.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no service dhcp-relay

Result

The DHCP Relay Agent is disabled.

Further notes

You enable the DHCP Relay Agent with the service dhcp-relay command.

You can display the status of this function and other information with the show ip dhcp relay informationcommand.

264

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.3.4

Network protocols

7.3 DHCP Relay

Commands in the Interface Configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

7.3.4.1

Description ip dhcp relay circuit-id

With this command, you assign a Circuit ID to the interface.

Requirement

● The interface is a router port.

You are in the Interface Configuration mode of VLAN

The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters: ip dhcp relay circuit-id <circuit-id>

The parameter has the following meaning:

Parameters

Circuit ID

Description

Circuit ID

Range of values

1 ... 188

Result

The Circuit ID is assigned.

Further notes

You remove the Circuit ID with the no ip dhcp relay circuit-id command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

265

Network protocols

7.3 DHCP Relay

You configure the interface as a router port with the no switchport command.

You display the IP addresses with the show dhcp server command.

You display the settings with the show ip dhcp relay information command.

7.3.4.2

Description no ip dhcp relay circuit-id

With this command, you remove the Circuit ID.

Requirement

● The interface is a router port.

You are in the Interface Configuration mode of VLAN

The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip dhcp relay circuit id

Result

The Circuit ID is removed.

Further notes

You configure the Circuit ID with the ip dhcp relay circuit-id command.

You configure the interface as a router port with the no switchport command.

You display the IP addresses with the show dhcp server command.

You display the settings with the show ip dhcp relay information command.

7.3.4.3

Description ip dhcp relay remote-id

With this command, you specify the device ID.

266

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.3 DHCP Relay

Requirement

● The interface is a router port.

You are in the Interface Configuration mode of VLAN

The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters: ip dhcp relay remote-id <remote-id name>

The parameter has the following meaning:

Parameters remote-id name

Description

Device ID

Range of values max. 32 characters

Default: XYZ

Result

The device ID is specified.

Further notes

You remove the device ID with the no ip dhcp relay remote-id command.

You configure the interface as a router port with the no switchport command.

You display the IP addresses with the show dhcp server command.

You display the settings with the show ip dhcp relay information command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

267

Network protocols

7.4 SNMP

7.4

SNMP

This section describes commands of the Simple Network Management Protocol (SNMP).

7.4.1

The "show" commands

This section describes commands with which you display various settings.

7.4.1.1

Description show snmp

This command shows the status information of SNMP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp

Result

The status information is displayed.

7.4.1.2

Description show snmp community

This command shows the details of the configured of SNMP communities.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

268

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Result

7.4.1.3

Description

The details of the configured SNMP communities are displayed.

show snmp engineID

This command shows the SNMP identification number of the device.

Requirement

Call the command without parameters: show snmp community

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp engineID

Result

The SNMP identification number of the device is displayed.

7.4.1.4

Description show snmp filter

This command shows the configured SNMP filters.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Network protocols

7.4 SNMP

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

269

Network protocols

7.4 SNMP

Syntax

Call the command without parameters: show snmp filter

Result

The configured SNMP filters are displayed.

7.4.1.5

Description show snmp group

This command shows the configured SNMP groups.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp group

Result

The configured SNMP groups are displayed.

7.4.1.6

Description show snmp group access

This command shows the rights of the configured SNMP groups.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

270

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Result

7.4.1.7

Description

The rights of the configured SNMP groups are displayed.

show snmp inform statistics

This command shows the statistics of the inform messages.

Requirement

Call the command without parameters: show snmp group access

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp inform statistics

Result

The statistics of the inform messages are displayed.

7.4.1.8

Description show snmp notif

With this command, you display the configured SNMP notification types.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Network protocols

7.4 SNMP

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

271

Network protocols

7.4 SNMP

Syntax

Call the command without parameters: show snmp notif

Result

The configured SNMP notification types are displayed.

7.4.1.9

Description show snmp targetaddr

This command shows the configured SNMP target addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp targetaddr

Result

The configured SNMP target addresses are displayed.

7.4.1.10

show snmp targetparam

Description

This command shows the configured SNMP target parameters.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

272

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Call the command without parameters: show snmp targetparam

Result

The configured SNMP target parameters are displayed.

7.4.1.11

show snmp tcp

Description

This command shows the configuration for SNMP via TCP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp tcp

Result

The configuration for SNMP via TCP is displayed.

7.4.1.12

show snmp user

Description

This command shows the settings for the SNMP user.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Network protocols

7.4 SNMP

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

273

Network protocols

7.4 SNMP

Syntax

Call the command without parameters: show snmp user

Result

The settings for the SNMP user are displayed.

7.4.1.13

show snmp viewtree

Description

This command shows the settings for the SNMP tree views.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp viewtree

Result

The settings for the SNMP tree views are displayed.

7.4.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

274

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.4.2.1

Description snmpagent

With this command, you enable the SNMP agent function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: snmpagent

Result

The SNMP agent function is enabled.

Further notes

You disable the SNMP agent function with theno snmpagent command.

7.4.2.2

Description no snmpagent

With this command, you disable the SNMP agent function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no snmpagent

Network protocols

7.4 SNMP

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

275

Network protocols

7.4 SNMP

Result

The SNMP agent function is disabled.

Further notes

You enable the SNMP agent function with the snmpagent command.

7.4.2.3

Description snmp agent version

With this command, you configure whether all SNMP queries or only SNMP V3 queries are processed.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp agent version{v3only|all}

The parameters have the following meaning:

Parameter v3only all

Description only SNMP V3 queries are processed all SNMP queries are processed

Default: all

Result

7.4.2.4

Description

The setting is configured.

snmp access

With this command, you configure the access to an SNMP group.

276

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp access <GroupName>{v1|v2c|v3{auth|noauth|priv}}

[read <ReadView|none>][write <WriteView|none>][notify <NotifyView| none>]

[{volatile|nonvolatile}]

The parameters have the following meaning:

Parameter Description Range of values

-

-

-

GroupName

Name of the group to which access is configured max. 32 characters

Selects the version of the protocol used ● v1

Selects the authentication method:

● v2c

● v3

● auth enables MD5 or SHA as authentication method

● noauth no authentication

● priv enables authentication and encryption read write notify the data can be read

Keyword the data can be read and written

Keyword

Changes can be set as a tag

Keyword specifies whether the settings remain following a restart

● ReadView

● none

● WriteView

● none

● NotifyView

● none

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

The keywords need to be specified.

If optional parameters are not specified when configuring a group, the following defaults apply:

Parameter read write

Default value none none

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

277

Network protocols

7.4 SNMP

Parameter notify

Storage type

Default value none nonvolatile

Result

The settings are configured.

Further notes

You delete the access to an SNMP group with the no snmp access command.

You display the configured SNMP groups with the show snmp group command.

You display the access configurations for SNMP groups with the show snmp group access command.

You display the configured SNMP tree views with the show snmp viewtree command.

7.4.2.5

Description no snmp access

With this command, you delete the access to an SNMP group.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp access <GroupName>{v1|v2c|v3{auth|noauth|priv}}

The parameters have the following meaning:

278

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

-

-

Parameters Description

GroupName

Name of the group to which access is deleted

Selects the version of the protocol used

Selects the authentication method:

Network protocols

7.4 SNMP

Values max. 32 characters

● v1

● v2c

● v3

● auth

● noauth

● priv

Result

The access to an SNMP group is deleted.

Further notes

You configure the setting with the snmp access command.

You display the configured SNMP groups with the show snmp group command.

You display the access configurations for SNMP groups with the show snmp group access command.

You display the configured SNMP tree views with the show snmp viewtree command.

7.4.2.6

Description snmp community index

With this command, you configure the details of an SNMP community.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp community index <CommunityIndex> name <CommunityName>

security <SecurityName> [context <Name>][{volatile|nonvolatile}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

279

Network protocols

7.4 SNMP

Parameter Description Range of values

CommunityIndex

Index of the community name

Keyword for the name of the community max. 32 characters

CommunityName security

Name of the community

Keyword for the security name max. 32 characters

SecurityName context

Name

-

Security name

Keyword for the context name

Context name specifies whether the settings remain following a restart

max. 32 characters max. 32 characters

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

If optional parameters are not specified when configuring a community, the following defaults apply:

Parameter

Storage type

Default values nonvolatile

Result

The settings are configured.

Further notes

You delete the details of an SNMP community with the no snmp community index command.

You show the details of an SNMP community with the show snmp community command.

You show the status information of the SNMP communication with the show snmp command.

7.4.2.7

Description no snmp community index

With this command, you delete the details of an SNMP community.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

280

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

Syntax

Call up the command with the following parameters: no snmp community index <CommunityIndex>

The parameters have the following meaning:

Parameter

CommunityIndex

Description

Name of the community

Range of values max. 32 characters

Result

The details of an SNMP community are deleted.

Further notes

You configure the details of an SNMP community with the snmp community index command.

You show the details of an SNMP community with the show snmp community command.

You show the status information of the SNMP communication with the show snmp command.

7.4.2.8

Description snmp group

With this command, you configure the details of an SNMP group.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp group <GroupName> user <UserName>security-model{v1|v2c|v3}

[{volatile|nonvolatile}]

The parameters have the following meaning:

Parameter

GroupName user

UserName

Description

Name of the group

Keyword for the user name

Name of the user

Range of values max. 32 characters

max. 32 characters

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

281

Network protocols

7.4 SNMP

-

Parameter securitymodel

Description specifies which security settings will be used specifies whether the settings remain following a restart

Range of values

● v1

● v2c

● v3

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

If optional parameters are not specified when configuring a group, the following defaults apply:

Parameter

Storage type

Default value nonvolatile

Result

The details of the group are configured.

Further notes

You delete the details of an SNMP group with the no snmp group command.

You display the created SNMP groups with the show snmp group command.

You display the created SNMP user with the show snmp user command.

7.4.2.9

Description no snmp group

With this command, you delete the details of an SNMP group.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp group <GroupName> user <UserName>security-model{v1|v2c|v3}

The parameters have the following meaning:

282

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

Parameter Description

GroupName user

Name of the group

Keyword for the user name

UserName

Name of the user security-model

Specifies which security settings are used for sending

Range of values

max. 32 characters max. 32 characters

● v1

● v2c

● v3

Result

The details of the group are deleted.

Further notes

You change the details of an SNMP group with the snmp group command.

You display the created SNMP groups with the show snmp group command.

You display the created SNMP user with the show snmp user command.

7.4.2.10

snmp notify

Description

With this command, you configure the details of the SNMP notifications.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp notify <NotifyName> tag <TagName> type {Trap|Inform}

[{volatile|nonvolatile}]]

The parameters have the following meaning:

Parameter Description

NotifyName

Name of the SNMP notification tag

Keyword for a target key

TagName

Name of the target key

Range of values

max. 32 characters max. 32 characters

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

283

Network protocols

7.4 SNMP

-

Parameter

Type

Description

Type of the SNMP notification specifies whether the settings remain following a restart:

Range of values

● Trap generates a trap

● Inform generates a log entry or sends an entry to the log server

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

Result

The details of the SNMP notifications are configured.

Further notes

You delete the details of an SNMP group with the no snmp notify command.

You display the configured SNMP notifications with the show snmp notif command.

You display the configured SNMP target addresses with the show snmp targetaddr command.

7.4.2.11

no snmp notify

Description

With this command, you delete the details of the SNMP notifications.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp notify <NotifyName>

The parameters have the following meaning:

Parameters

NotifyName

Description

Name of the notification

Range of values max. 32 characters

284

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

Result

The details of the SNMP notifications are deleted.

Further notes

You change the details of an SNMP group with the snmp notify command.

You display the configured SNMP notifications with the show snmp notif command.

You display the configured SNMP target addresses with the show snmp targetaddr command.

7.4.2.12

snmp targetaddr

Description

With this command, you configure the SNMP target addresses.

Requirement

● The SNMP target parameters are configured.

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp targetaddr <TargetAddressName> param <ParamName>{ipv4 <ip address> | fqdn-name <FQDN(100)>}

[timeout <Seconds(1-1500)][retries <RetryCount(1-3)]

[taglist <TagIdentifier|none>][{volatile|nonvolatile}]

[port <integer(1-65535)>]

The parameters have the following meaning:

Parameter Description

TargetAddressName

Name of the target address param

Keyword for the parameter name

ParamName ipv4

Name of the parameter

Keyword for an IP address ip address fqdn-name

FQDN(100)

Value for an IPv4 unicast address

Keyword for a domain name

Domain name (Fully Qualified

Domain Name)

Range of values

max. 32 characters

max. 32 characters

-

Enter a valid IPv4 unicast address.

Maximum of 100 characters

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

285

Network protocols

7.4 SNMP

Parameter timeout

Seconds retries

RetryCount taglist volatile nonvolatile port

Description

Keyword for the time the SNMP agent waits for a response before it repeats the inform request message

Time in seconds

Keyword for the maximum number of attempts to obtain a response to an inform request message

Number of attempts

Keyword for

-

-

Range of values

1 ... 1500

Specifies whether the settings remain following a restart:

-

1 ... 3

● TagIdentifier

● none

● volatile:

The default settings are used after a restart.

● nonvolatile:

The saved settings are used after a restart.

Keyword for the port number at which the SNMP manager receives traps and inform messages

Port number 1 ... 65535 integer

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If optional parameters are not specified when configuring, the following defaults apply:

Parameter taglist

Type of storage port

Default value snmp volatile

162

Result

The SNMP target address is configured.

Further notes

You delete the SNMP target address with the no snmp targetaddr command.

You display the SNMP target address with the show snmp targetaddr command.

You configure the SNMP target parameters with the snmp targetparams command.

You display the SNMP target parameters with the show snmp targetparam command.

286

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.4.2.13

no snmp targetaddr

Description

With this command, you delete the SNMP target address.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp targetaddr<TargetAddressName>

The parameters have the following meaning:

Parameters

TargetAddressName

Description

SNMP target address

Range of values max. 32 characters

Network protocols

7.4 SNMP

Result

The SNMP target address is deleted.

Further notes

You change the SNMP target address with the snmp targetaddr command.

You display the SNMP target address with the show snmp targetaddr command.

7.4.2.14

snmp targetparams

Description

With this command, you configure the SNMP target parameters.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

287

Network protocols

7.4 SNMP

Syntax

Call up the command with the following parameters: snmp targetparams <ParamName>

user <UserName>

security-model {v1|v2c|v3{auth|noauth|priv}}

message-processing {v1|v2c|v3}[{volatile|nonvolatile}]

The parameters have the following meaning:

Parameter

ParamName user

UserName security-model messageprocessing

Description

Name of the SNMP parameter

Keyword for the user name

Value for the user name

Specifies whether the security settings are used according to SNMP version 1, 2c or 3

Keyword

Authentication and encryption setting for v3

Range of values

max. 32 characters max. 32 characters

● v1

● v2c

● v3

Specifies whether the processing of the messages is according to SNMP version 1, 2c or 3

Keyword specifies whether the settings remain following a restart:

● auth

● noauth

● priv

● v1

● v2c

● v3

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

Keywords need to be specified.

If optional parameters are not specified when configuring, the following defaults apply:

Parameter

Storage type

Default values nonvolatile

Result

The SNMP target parameters are configured.

Further notes

You delete the SNMP target parameters with the no snmp targetparams command.

You display settings of this function with the show snmp targetparam command.

You configure the user profile with the snmp user command.

You configure a filter with the snmp filterprofile command.

288

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

You display the list of users with the show snmp user command.

7.4.2.15

no snmp targetparams

Description

With this command, you delete the SNMP target parameters.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp targetparams <ParamName>

The parameter has the following meaning:

Parameters

ParamName

Description

Name of the SNMP parameter

Range of values max. 32 characters

Network protocols

7.4 SNMP

Result

The SNMP target parameters are deleted.

Further notes

You change the SNMP target parameters with the snmp targetparams command.

You display settings of this function with the show targetparam command.

7.4.2.16

snmp v1-v2 readonly

Description

With this command, you block write access for SNMP V1 and V2 PDUs.

Requirement

You are in the Global configuration mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

289

Network protocols

7.4 SNMP cli(config)#

Syntax

Call the command without parameters: snmp v1-v2 readonly

Result

Write access for SNMP V1 and V2 PDUs is blocked.

Further notes

You release write access for SNMP V1 and V2 PDUs with the no snmp v1-v2 readonly command.

7.4.2.17

no snmp v1-v2 readonly

Description

With this command, you release write access for SNMP V1 and V2 PDUs.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no snmp v1-v2 readonly

Result

Write access for SNMP V1 and V2 PDUs is released.

Further notes

You block write access for SNMP V1 and V2 PDUs with the snmp v1-v2 readonly command.

290

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

7.4.2.18

snmp user

Description

With this command, you configure the details of an SNMP user.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp user <UserName>[auth{md5|sha} <passwd>[priv DES<passwd>]]

[{volatile|nonvolatile}]

The parameters have the following meaning:

Parameter

UserName auth passwd priv DES passwd

-

Description

Name of the user specifies that authentication takes place and which algorithm is used

Password for authentication specifies that there is encryption

Value for the password of the encryption specifies whether the settings remain following a restart:

Range of values max. 32 characters

● md5 (Message Digest 5)

● sha (Secure Hash Algorithm)

max. 32 characters max. 32 characters

● volatile (volatile):

The default settings are used after a restart

● nonvolatile (non-volatile):

The saved settings are used after a restart

If optional parameters are not specified when configuring an SNMP user, the following defaults apply:

Parameter

Authentication

Encryption

Storage type

Default value

None

None nonvolatile

Result

The details of the SNMP user are configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

291

Network protocols

7.4 SNMP

Further notes

You delete the settings with the no snmp user command.

You display the configured users with the show snmp user command.

7.4.2.19

no snmp user

Description

With this command, you delete the details of an SNMP user.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp user <UserName>

The parameter has the following meaning:

Parameters

UserName

Description

Name of the user

Range of values max. 32 characters

Result

The details of the SNMP user are deleted.

Further notes

You change the settings with the snmp user command.

You display the configured users with the show snmp user command.

7.4.2.20

snmp view

Description

With this command, you configure an SNMP view.

292

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.4 SNMP

Requirement

● An SNMP group has been created

● The access to the group is configured with snmp access

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp view <ViewName><OIDTree>[mask<OIDMask>]{included|excluded}

[{volatile|nonvolatile}]

The parameters have the following meaning:

-

-

Parameter

ViewName

OIDTree mask

OIDMask

Description

Name of the SNMP view

Object ID

Keyword for the OID mask

Mask that filters access to the elements of the MIB tree

Specifies whether the filtered elements are used or excluded specifies whether the settings remain following a restart:

Range of values max. 32 characters

Path information of the MIB tree

-

A series of "0" and "1" separated by dots in keeping with the path information of the

MIB tree

● included

● excluded

● volatile (volatile):

The settings are lost after a restart

● nonvolatile (non-volatile):

The settings are retained after a restart

If optional parameters are not specified when configuring, the following defaults apply:

Parameter

OIDMask

View type

Storage type

Default value

None included nonvolatile

Result

The SNMP view is configured.

Further notes

You delete the view with the no snmp view command.

You display the configured view trees with the show snmp viewtree command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

293

Network protocols

7.4 SNMP

You display the SNMP group access rights with the show snmp group access command.

You configure the SNMP group access rights with the snmp access command.

7.4.2.21

no snmp view

Description

With this command, you delete an SNMP view.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp view <ViewName><OIDTree>

The parameters have the following meaning:

Parameters

ViewName

OIDTree

Description

Name of the view

Object ID

Range of values max. 32 characters

Path information of the MIB tree

Result

The SNMP view is deleted.

Further notes

You configure a view with the snmp view command.

294

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.5

Network protocols

7.5 SMTP client

SMTP client

This section describes commands of the Simple Mail Transfer Protocol (SMTP).

7.5.1

Description

show events smtp-server

This command shows the configured e-mail servers.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events smtp-server

Result

The configured e-mail servers are displayed.

7.5.2

Description

show events sender email

This command shows the configured e-mail sender address.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

295

Network protocols

7.5 SMTP client show events sender email

Result

The configured e-mail sender address is displayed.

7.5.3

Description

show events smtp-port

This command shows the configured SNMP port.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events smtp port

Result

The configured SMTP port is displayed.

7.5.4

Commands in the Events configuration mode

This section describes commands that you can call up in the EVENTS configuration mode.

In the Global configuration mode, enter the events command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

● If you exit the EVENTS configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the EVENTS configuration mode with the end command, you return to the

Privileged EXEC mode.

296

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.5 SMTP client

7.5.4.1

Description smtp-server

With this command, you configure an entry for an SMTP server.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: smtp-server {ipv4 <ucast_addr> | fqdn-name <FQDN(100)>} <receiver mail-address>

The parameters have the following meaning:

Parameter ipv4 ucast_addr fqdn-name

FQDN(100)

Description Range of values

Keyword for an IP address -

Value for an IPv4 unicast address Enter a valid IPv4 unicast address.

Keyword for a domain name

Domain name (Fully Qualified

Domain Name)

Name of the recipient

-

Maximum of 100 characters max. 100 characters receiver mailaddress

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

An entry for the SMTP server is configured.

Further notes

You delete an SMTP server entry with the no smtp-server command.

7.5.4.2

Description no smtp-server

With this command, you delete an SMTP server entry.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

297

Network protocols

7.5 SMTP client

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no smtp-server {ipv4 <ucast_addr> | fqdn-name <FQDN(100)>}

The parameters have the following meaning:

Parameter ipv4 ucast_addr fqdn-name

FQDN(100)

Description Range of values

Keyword for an IP address -

Value for an IPv4 unicast address Enter a valid IPv4 unicast address.

Keyword for a domain name

Domain name (Fully Qualified

Domain Name)

-

Maximum of 100 characters

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The SMTP server entry is deleted.

Further notes

You configure an SMTP server entry with the smtp-server command.

7.5.4.3

Description sender mail-address

With this command, you configure the e-mail name of the sender.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters:

298

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.5 SMTP client sender mail-address <mail-address>

The parameter has the following meaning:

Parameters mail-address

Description

E-mail name of the sender

Range of values max. 100 characters

Result

The e-mail name of the sender is configured.

Further notes

You reset the e-mail name of the sender with the no sender mail-address.

You display the setting with the show events sender email command.

7.5.4.4

Description no sender mail-address

With this command, you reset the e-mail name of the sender.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: no sender mail-address

Result

The e-mail name of the sender is reset.

Further notes

You configure the e-mail name of the sender with the sender mail-address.

You display the setting with the show events sender email command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

299

Network protocols

7.5 SMTP client

7.5.4.5

send test mail

Description

With this command, you send an e-mail according to the currently configured SMTP settings.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: send test mail

Result

An e-mail according to the currently configured SMTP settings is sent.

Further notes

7.5.4.6

You can display the current SMTP settings with the show events emailserver command.

smtp-port

Description

With this command, you configure an SMTP port.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: smtp-port <smtp-port(1-65535)>

The parameter has the following meaning:

300

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter smtp-port

Description

Value for the SMTP port

Range of values

1 ... 65535

Default: 25

Result

An SMTP port is configured.

Further notes

You can reset the setting to the default with the no smtp-port command.

7.5.4.7

Description no smtp-port

With this command, you reset the SMTP port to the default.

The default value is 25.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: no smtp-port

Result

The SMTP port is reset to the default value.

Further notes

You configure the setting with the smtp-port command.

You display the setting with the show smtp-port command.

Network protocols

7.5 SMTP client

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

301

Network protocols

7.6 HTTP server

7.6

HTTP server

This section describes commands of the Hypertext Transfer Protocol (HTTP).

7.6.1

Description

show ip http server status

This command shows the status of the HTTP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip http server status

Result

The status of the HTTP server is displayed.

7.6.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.6.2.1

Description ip http

With this command, you enable HTTP on the device.

302

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.6 HTTP server

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip http

As default the function is "enabled".

Result

HTTP is enabled on the device.

Further notes

You can display the setting of this function and other information with the show ip http server statuscommand.

You deactivate HTTP on the device with the no ip http command.

7.6.2.2

Description no ip http

With this command, you disable HTTP on the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip http

As default the function is "enabled".

Result

HTTP is disabled on the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

303

Network protocols

7.6 HTTP server

Further notes

You can display the setting of this function and other information with the show ip http server statuscommand.

You enable HTTP with the ip http command.

304

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.7

Network protocols

7.7 HTTPS server

HTTPS server

This section describes commands of the Hypertext Transfer Protocol Secure (HTTPS).

7.7.1

Description

show ip http secure server status

This command shows the status of the HTTP secure server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip http secure server status

Result

The status, cipher suite and version of the HTTP secure server is displayed.

7.7.2

Description

show ssl server-cert

This command shows the SSL server certificate.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

305

Network protocols

7.7 HTTPS server show ssl server-cert

Result

The SSL server certificate is displayed.

306

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

7.8

Network protocols

7.8 ARP

ARP

This section describes commands of the Address Resolution Protocol (ARP).

7.8.1

Description

show ip arp

With this command, you display the IP ARP table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip arp [{Vlan<vlan-id(1-4094)>|<interface-type><interface-id>|

<ip-address>|<mac-address>|summary|information}]

The parameters have the following meaning:

Parameters

Vlan vlan-id interfacetype

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface interfaceid

Slot no. and port no. of the interface ip-address Shows the IP addresses of the entries in the ARP table macaddress

Shows the MAC addresses of the entries in the ARP table summary informatio n

Shows a summary of the entries in the ARP table

Displays information on the ARP configuration -

-

-

-

Range of values

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the IP ARP table is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

307

Network protocols

7.8 ARP

Result

The IP ARP table is displayed.

7.8.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.8.2.1

Description arp

With this command, you generate a static entry in the ARP cache.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: arp <ip address> <hardware address> {Vlan <vlan-id(1-4094)> |

<interface-type> <interface-id> | Cpu0}

The parameters have the following meaning:

Parameters ip address hardware address

Vlan vlan-id

Description

Value for the IP address to be linked to a device

(physical address)

Physical address that will be linked with the IP address

Keyword for a VLAN connection

Number of the VLAN interface-type Type or speed of the interface

Range of values

IP address or IP alias

MAC address of the device

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

308

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.8 ARP

Parameters interface-id

Cpu0

Description

Slot no. and port no. of the interface

The interface is configured as "Out-of-band management interface"

Range of values

-

Enter a valid interface name

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is generated in the ARP cache.

Further notes

You delete a static entry from the ARP cache with the no arp command.

You can display the status of this function and other information with the show ip arpcommand.

You configure the router port with the no switchport command.

7.8.2.2

Description no arp

With this command, you delete an entry from the ARP cache.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no arp <ip address>

The parameter has the following meaning:

Parameters ip address

Description Range of values

Value of the IP address whose entry will be deleted IP address or IP alias

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

309

Network protocols

7.8 ARP

Result

The entry is deleted.

Further notes

You generate a static entry in the ARP cache with the arp command.

You can display the status of this function and other information with the show ip arpcommand.

You configure the router port with the no switchport command.

7.8.2.3

Description arp timeout

With this command, you configure the timeout setting of the ARP cache.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: arp timeout <seconds(30-86400)>

The parameter has the following meaning:

Parameter seconds

Description

Value for the timeout in seconds

Range of values

30 ... 86400

Default: 300

Result

The setting for the timeout setting of the ARP cache is configured.

Further notes

You can reset the timeout setting to the default with the no arp timeout command.

You can display the status of this function and other information with the show ip arp command.

310

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Network protocols

7.8 ARP

7.8.2.4

Description no arp timeout

With this command, you reset the timeout setting of the ARP cache back to the default value.

The default value for the timeout setting is 300 seconds.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no arp timeout

Result

The timeout setting for the ARP cache is reset to the default value.

Further notes

You change the timeout setting with the arp timeout command.

You can display the status of this function and other information with the show ip arpcommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

311

Network protocols

7.9 SSH server

7.9

SSH server

This section describes commands of the Secure Shell (SSH) Server.

7.9.1

Description

show ip ssh

This command shows the settings of the SSH server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip ssh

Result

The settings for the SSH server are displayed.

7.9.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

7.9.2.1

Description ssh-server

With this command, you enable the SSH protocol on the device.

312

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ssh-server

As default the function is "enabled".

Result

The SSH protocol is enabled on the device.

Further notes

You disable the SSH protocol with the no ssh-server command.

7.9.2.2

Description no ssh-server

With this command, you disable the SSH protocol on the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ssh-server

Result

The SSH protocol is disabled on the device.

Network protocols

7.9 SSH server

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

313

Network protocols

7.9 SSH server

Further notes

You enable the SSH protocol with the ssh-server command.

314

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8

In this part, you will find sections relating to the topics GARP, GMRP, GVRP, IGMP snooping and IGMP querying.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

315

Layer 2 management protocols

8.1 GARP

8.1

GARP

This section describes commands of the following protocols:

● GARP - Generic Attribute Registration Protocol

● GMRP - GARP Multicast Registration Protocol

● GVRP - GARP VLAN Registration Protocol

8.1.1

Description

show forward-all

With this command, you display the entries of the GMRP forward all table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show forward-all

Result

The entries of the GMRP forward all table are displayed.

8.1.2

Description

show forward-unregistered

With this command, you display the entries of the GMRP forward unregistered all table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

316

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.1 GARP

Syntax

Call the command without parameters: show forward-unregistered

Result

The entries of the GMRP forward unregistered table are displayed.

8.1.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

8.1.3.1

Description gmrp

With this command, you enable the GMRP function for all interfaces on the device.

Requirement

You are in the Global Configuration mode or

You are in the Interface Configuration mode

The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: gmrp

Result

In the Global Configuration mode: The GMRP function is enabled on the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

317

Layer 2 management protocols

8.1 GARP

In the Interface Configuration mode: The GMRP function is enabled for this interface.

Further notes

You need to enable GMRP globally for this device before you enable GMRP for individual interfaces.

If you want to enable or disable the function for a specific interface on the device, use the no gmrp command in the Interface Configuration mode.

You can display the status of this function and other information with the show vlan device info command.

8.1.3.2

Description no gmrp

With this command, you disable the GMRP function for all interfaces on the device.

Requirement

You are in the Global Configuration mode or

You are in the Interface Configuration mode

The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: no gmrp

Result

In the Global Configuration mode: The GMRP function is disabled on the device.

In the Interface Configuration mode: The GMRP function is disabled for this interface.

Further notes

If you want to enable the function for a specific interface on the device, use the gmrp command.

You can display the status of this function and other information with the show vlan device info command.

318

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.1 GARP

8.1.3.3

Description gvrp

With this command, you enable or disable the GVRP function for all or for individual interfaces on the device.

Requirement

You are in the Global Configuration mode or

You are in the Interface Configuration mode

The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: gvrp

Result

In the Global Configuration mode: The GVRP function is enabled on the device.

In the Interface Configuration mode: The GVRP function is enabled for this interface.

Further notes

If you have enabled the GARP module, you start GVRP explicitly with this command.

If you want to disable the function for a specific interface on the device, use the no gvrp command.

You can display the status of this function and other information with the show vlan device info command.

8.1.3.4

Description no gvrp

With this command, you enable or disable the GVRP function for all or for individual interfaces on the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

319

Layer 2 management protocols

8.1 GARP

Requirement

You are in the Global Configuration mode or

You are in the Interface Configuration mode

The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: no gvrp

Result

In the Global Configuration mode: The GVRP function is disabled on the device.

In the Interface Configuration mode: The GVRP function is disabled for this interface.

Further notes

If you want to enable the function for a specific interface on the device, use the gvrp command.

You can display the status of this function and other information with the show vlan device info command.

320

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

8.2

Layer 2 management protocols

8.2 IGMP snooping

IGMP snooping

This section describes the snooping functionality of the Internet Group Management Protocol.

8.2.1

Description

show ip igmp snooping

This command shows information about IGMP snooping for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode.

The command prompt is as follows: cli> or cli# or cli(config)#

Syntax

Call up the command with the following parameters: show ip igmp snooping [Vlan<vlan id]

The parameters have the following meaning:

Parameters

Vlan vlan id

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values

-

1 ... 4094

Result

The information is displayed.

8.2.2

Description

show ip igmp snooping forwarding-database

This command shows the Multicast forwarding entries for all or a selected VLAN.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

321

Layer 2 management protocols

8.2 IGMP snooping

Requirement

● IGMP snooping is enabled on the device

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip igmp snooping forwarding-database [Vlan<vlan id>]

The parameters have the following meaning:

Parameters

Vlan vlan id

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values

-

1 ... 4094

Result

The multicast forwarding entries are displayed.

8.2.3

Description

show ip igmp snooping statistics

This command shows the statistical information about IGMP snooping for all or a selected

VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip igmp snooping statistics [Vlan<vlan id>]

The parameters have the following meaning:

322

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameters

Vlan vlan id

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Layer 2 management protocols

8.2 IGMP snooping

Range of values

-

1 ... 4094

Result

The information is displayed.

8.2.4

Description

show ip igmp snooping switch-ip

This command shows the IP address of the source for IGMP snooping.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip igmp snooping switch-ip

Result

The IP address is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

323

Layer 2 management protocols

8.2 IGMP snooping

8.2.5

Commands in the global configuration mode

8.2.5.1

Description ip igmp snooping version

This command specifies which version of IGMP the device will use. When shipped, the device uses IGMPv3.

Note

There is no separate show command to display the version of IGMP used by the device. This information is shown when you enter the show ip igmp snooping command in the User

EXEC mode or in the Privileged EXEC mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping version {v1 | v2 | v3}

The parameters have the following meaning:

Parameter v1 v2 v2

Description

IGMPv1

IGMPv2

IGMPv3

Result

The version of IGMP used by the device is specified.

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

324

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.2 IGMP snooping

8.2.5.2

Description ip igmp vlan-snooping

With this command, you enable IGMP snooping for all VLANs.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip igmp vlan-snooping

Result

IGMP snooping is enabled for all VLANs.

Further notes

You disable IGMP snooping with the no ip igmp vlan-snooping command.

8.2.5.3

Description no ip igmp vlan-snooping

With this command, you disable IGMP snooping for all VLANs.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp vlan-snooping

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

325

Layer 2 management protocols

8.2 IGMP snooping

Result

IGMP snooping is disabled for all VLANs.

Further notes

You enable IGMP snooping with the ip igmp vlan-snooping command.

8.2.5.4

Description ip igmp snooping clear counters

With this command, you delete the counters for all or a selected VLAN.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping clear counters [Vlan<vlan id>]

The parameters have the following meaning:

Parameters vlan vlan id

Description

Shows that the number of a VLAN follows

Number of the addressed VLAN

If you do not select a VLAN, the counters of all VLANs will be deleted.

Range of values

-

1 ... 4094

Result

The counters are deleted.

8.2.5.5

Description ip igmp snooping switch-ip

With this command, you configure the IP address of the source for IGMP snooping.

326

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.2 IGMP snooping

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping switch-ip<switch-ipaddr>

The parameter has the following meaning:

Parameters switch-ipaddr

Description

Address of the source

Range of values

Enter a valid IP address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The IP address is configured.

8.2.5.6

Description ip igmp snooping port-purge-interval

The time after which a port is deleted from the list if no IGMP router control packets are received is known as the purge time.

With this command, you configure this purge time for a port for a VLAN in seconds.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping port-purge-interval <(130-1225)seconds>

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

327

Layer 2 management protocols

8.2 IGMP snooping

-

Parameter Description

Value for the purge time in seconds

Range of values

130 ... 1225

Default: 260

Result

The purge time is configured.

Further notes

You can reset the setting to the default with the no ip igmp snooping port-purgeinterval command.

You can display the status of this function and other information with the show ip igmp snooping globals command.

8.2.5.7

Description no ip igmp snooping port-purge-interval

With this command, you reset the setting for the purge time to the default value.

The default value is 260 seconds.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp snooping port-purge-interval

Result

The purge time is reset to the default value.

Further notes

You configure the setting with the ip igmp snooping port-purge-interval command.

You can display the status of this function and other information with the show ip igmp snooping globalscommand.

328

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

8.3

Layer 2 management protocols

8.3 IGMP querier

IGMP querier

This section describes the commands for the query functionality of the Internet Group

Management Protocol (IGMP).

8.3.1

Commands in the Global Configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

8.3.1.1

Description ip igmp snooping querier

With this command, you configure the IGMP snooping switch as querier.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip igmp snooping querier

As default the function is "disabled".

Result

The IGMP snooping switch is configured as querier.

Further notes

You delete the setting with the no ip igmp snooping querier command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

329

Layer 2 management protocols

8.3 IGMP querier

You can display the status of this function and other information with the show ip igmp snooping command.

8.3.1.2

Description no ip igmp snooping querier

With this command, you delete the configuration of an IGMP snooping switch as querier.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp snooping querier

Result

The configuration of the IGMP snooping switch as querier is deleted.

Further notes

You configure the setting with the ip igmp snooping querier command.

You can display the status of this function and other information with the show ip igmp snoopingcommand.

330

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

8.4

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Ring redundancy and standby connection

The ring redundancy function allows several devices to be interconnected in a ring structure.

Since such a topology is not supported in normal network operation, such rings are logically disconnected using the Media Redundancy Protocol (MRP) or the High Speed Redundancy

Protocol (HRP). If one component fails, all other elements of the ring can still be reached.

The device that logically disconnects the ring is known as the Redundancy Manager (RM).

The simple structure of the individual MRP rings allows shorter reaction times if disruptions occur.

Complex network topologies cannot be set up with this function.

This means that two rings can be connected redundantly in each case via two links (master, slave). This function is known as the standby connection.

One link is active on an interface of the master device and the second is inactive on an interface of the slave device.

Note

Position of master and slave device

The master and slave device of a standby connection (link pair between different structures of the ring redundancy) must be located in the same ring.

This section describes commands of the ring redundancy function.

Note

Avoiding bad configurations

When using the commands in this section, you should take particular care because a bad configuration of this function can have serious negative affects on the network.

8.4.1

Description

clear hrp counters

With this command, you reset the HRP counters.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

331

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: clear hrp counters

Result

The counters are reset.

8.4.2

Description

clear standby counter

With this command, you reset the counters of the standby function.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: clear standby counter

Result

The counter is reset.

8.4.3

Description

show hrp counters

This command shows the counters of the ring redundancy function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

332

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: show hrp counters

Result

The counters are displayed.

8.4.4

Description

show ring-redundancy

With this command, you show the current configuration of the ring redundancy function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ring-redundancy

Result

The current Ring redundancy configuration is displayed.

8.4.5

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

333

Layer 2 management protocols

8.4 Ring redundancy and standby connection

8.4.5.1

ring-redundancy configuration

Description

With this command, you change to the Redundancy Configuration mode.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ring-redundancy configuration

Result

You are now in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Further notes

8.4.5.2

You exit the Redundancy Configuration mode with the end or exit command.

ring-redundancy mode

Description

With this command, you enable the ring redundancy function on a device.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

334

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection ring-redundancy mode {ard | mrpauto | mrpclient | hrpclient | hrpmanager}

The parameters have the following meaning:

Parameter Description hrpclient

Enables ring redundancy with the HRP protocol as client hrpmanage r

Enables ring redundancy with the HRP protocol in ring redundancy manager mode mrpclient

Enables ring redundancy with the MRP protocol as client mrpauto ard

Enables the automatic MRP redundancy mode

Enables the automatic redundancy mode (Automatic Redundancy Detection)

Result

The ring redundancy function is enabled and the redundancy mode is selected.

Further notes

8.4.5.3

You disable the ring redundancy function with the no ring-redundancy command.

no ring-redundancy

Description

With this command, you disable the ring redundancy function on a device.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ring-redundancy

Result

The ring redundancy function is disabled.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

335

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Further notes

You enable the ring redundancy function with the ring-redundancy mode { ard | mrpauto | mrpclient | hrpclient | hrpmanager }. command

8.4.5.4

Description ring-redundancy standby

With this command, you enable the standby function.

Requirement

● HRPis activated

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ring-redundancy standby

Result

The standby function is enabled / disabled.

Further notes

You disable the setting with the no ring-redundancy standby command.

You can display the status of this function and other information with the show ringredundancycommand.

8.4.5.5

Description no ring-redundancy standby

With this command, you disable the standby function.

Requirement

● HRPis activated

You are in the Global Configuration mode.

336

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ring-redundancy standby

Result

The standby function is disabled.

Further notes

You enable the setting with the ring-redundancy standby command.

You can display the status of this function and other information with the show ringredundancycommand.

8.4.6

Commands in the redundancy configuration mode

This section describes commands that you can call up in the Redundancy Configuration mode.

In the Global Configuration mode, enter the ring-redundancy configuration command to change to this mode.

● If you exit the Redundancy Configuration mode with the exit command, you return to the

Global Configuration mode.

● If you exit the Redundancy Configuration mode with the end command, you return to the

Privileged EXEC mode.

8.4.6.1

Description ring ports

With this command, you configure the ports of the ring redundancy manager / client on the device.

● Redundancy manager

– In the normal status, the network structure is operated via the first port

The second port is only used for monitoring by the redundancy manager

– If there is a disruption, the two parts of ring structure operate via both ports

● Redundancy client

– The client forwards all frames.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

337

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Requirement

You are in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: ring ports <iftype1><ifnum1><iftype2><ifnum2>

The parameters have the following meaning:

Parameter iftype1 ifnum1 iftype2 ifnum2

Description

Specifies the interface type for the first ring port

Specifies the number of the interface for the first ring port

Specifies the interface type for the second ring port

Specifies the number of the interface for the second ring port

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Note

Differing port addresses

The first and second port must be configured on different interfaces

Result

The ports of the ring redundancy are configured.

8.4.6.2

Description standby connection-name

With this command, you assign a name to the standby connection on the device.

Requirement

You are in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

338

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Syntax

Call up the command with the following parameters: standby connection-name <string(32)>

The parameter has the following meaning:

Parameter

<string(32)>

Description

Name of the connection

Note max. 32 characters

Result

The standby connection is assigned a name.

8.4.6.3

Description no standby connection-name

With this command, you delete the name of a standby connection.

Requirement

You are in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call the command without parameters: no standby connection-name

Result

The name of the standby connection is deleted.

8.4.6.4

Description standby force-master

With this command, you enable the standby force-master function.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

339

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Requirement

● HRPis activated

You are in the Ring Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call the command without parameters: standby force-master

Result

The standby force-master function is enabled.

Further notes

You disable the setting with the no standby force-master command.

You can display the status of this function and other information with the show ringredundancycommand.

8.4.6.5

Description no standby force-master

With this command, you disable the standby force-master function.

Requirement

● HRPis activated

You are in the Ring Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call the command without parameters: no standby force-master

Result

The standby force-master function is disabled.

340

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Further notes

You enable the setting with the standby force-master command.

You can display the status of this function and other information with the show ringredundancycommand.

8.4.6.6

Description standby port

With this command, you configure and enable the port for a standby connection on a device.

Requirement

You are in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: standby port {<iftype> <ifnum>}

The parameters have the following meaning:

Parameter

<iftype>

Description

Type of interface

Range of values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

<ifnum>

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The ports for a standby connection are configured and enabled.

Further notes

You disable the setting with the no standby port {<iftype> <ifnum>} command.

You display the status of this function and other information show ring-redundancy.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

341

Layer 2 management protocols

8.4 Ring redundancy and standby connection

8.4.6.7

no standby port

Description

With this command, disable the port for a standby connection on a device.

Requirement

You are in the Redundancy Configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: no standby port {<iftype> <ifnum>}

The parameters have the following meaning:

Parameter

<iftype>

Description

Type of interface

Range of values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

<ifnum>

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The ports for a standby connection are disabled.

Further notes

You enable the setting with the standby port {<iftype> <ifnum>} command.

You display the status of this function and other information show ring-redundancy.

8.4.6.8

Description standby wait-for-partner

With this command, you enable the "Wait for standby partner" function on the device. A standby connection is enabled only after the standby master and the standby slave as well as their standby partners have established a connection. This ensures that the redundant connection is really available before communication via a standby connection is enabled. As default, this function is enabled.

342

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.4 Ring redundancy and standby connection

Requirement

Syntax

Result

8.4.6.9

Description

The "Wait for standby partner" function is enabled.

no standby wait-for-partner

With this command, you disable the "Wait for standby partner" function on the device. A standby connection is enabled even if the standby master has not yet established a connection to the standby slave.

Requirement

Call the command without parameters: standby wait-for-partner

You are in the Redundancy configuration mode.

The command prompt is as follows: cli(config-red)#

Syntax

You are in the Redundancy configuration mode.

The command prompt is as follows: cli(config-red)#

Call the command without parameters: no standby wait-for-partner

Result

The "Wait for standby partner" function is disabled.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

343

Layer 2 management protocols

8.5 Unicast

8.5

Unicast

The commands in this section configure the procedures for handling Unicast frames.

The commands allow the following:

● Filtering of Unicast frames

● Blocking of ports

● Automatic learning of Unicast

● Blocking unknown Unicast frames.

With the "show" commands, you can display the configuration data.

8.5.1

Description

show unicast-block config

This command shows the unicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show unicast-block config [port<interface-type><interface-id)>]

The parameters have the following meaning:

Parameters port interfacetype

Description

Keyword for a port description

Type or speed of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The unicast blocking settings for ports are displayed.

344

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.5 Unicast

8.5.2

Description

show mac-address-table dynamic unicast

This command shows the MAC addresses of the dynamic unicast configurations.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table dynamic unicast [vlan <vlan-range>] [address

<aa:bb:cc:dd:ee:ff>] [{interface <interface-type> <interface-id>}]

The parameters have the following meaning:

Parameter vlan vlan-range

address interface interfacetype interfaceid

Description

Keyword for a VLAN

Keyword for several VLANs

Keyword for a MAC address

MAC address

Keyword for a an interface description

Type of interface

Slot no. and port no. of the interface

Range of values / note

-

-

1 ... 4094

aa:bb:cc:dd:ee:ff gigabitethernet extreme-ethernet

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The table is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

345

Layer 2 management protocols

8.5 Unicast

8.5.3

show mac-address-table static unicast

Description

This command shows the MAC addresses of the static unicast configurations.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table static unicast [vlan <vlan-range>] [address

<aa:bb:cc:dd:ee:ff>] [{interface <interface-type> <interface-id>}]

The parameters have the following meaning:

Parameter vlan vlan-range

address interface interfacetype interfaceid

Description

Keyword for a VLAN

Keyword for several VLANs

Keyword for a MAC address

MAC address

Keyword for a an interface description

Type of interface

Slot no. and port no. of the interface

Range of values / note

-

-

1 ... 4094

aa:bb:cc:dd:ee:ff gigabitethernet extreme-ethernet

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The table is displayed.

8.5.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

346

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.5 Unicast

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

8.5.4.1

Description no mac-address-table static unicast

With this command, you disable static unicast.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlanid(1-4094)>

The parameters have the following meaning:

Parameter vlan vlan-range

address interface interfacetype interfaceid

Description

Keyword for a VLAN

Range of values of the VLAN

Keyword for a MAC address

MAC address

Keyword for a an interface description

Type or speed of the interface

Slot no. and port no. of the interface

Range of values / note

-

1 ... 4094

aa:aa:aa:aa:aa:aa

gigabitethernet extreme-ethernet

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

347

Layer 2 management protocols

8.5 Unicast

Result

The static unicast function is disabled.

Further notes

You activate the setting with the no mac-address-table static unicast command.

348

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

8.6

Layer 2 management protocols

8.6 Multicast

Multicast

The commands in this section configure the procedures for handling Multicast frames.

The commands allow the following:

● Configuration of groups

● IGMP

● GMRP

● Blocking unknown Multicast frames.

With the "show" commands, you can display the configuration data.

8.6.1

Description

show multicast-block config

This command shows the multicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show multicast-block config[port<interface-type><interface-id)>]

The parameters have the following meaning:

Parameter Description port

Keyword for a port description interface-type

Type of interface interface-id

Slot no. and port no. of the interface

Range of values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If no parameters are specified, the settings for all ports are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

349

Layer 2 management protocols

8.6 Multicast

Result

The multicast blocking settings for ports are displayed.

8.6.2

Description

show mac-address-table dynamic multicast

This command shows the MAC addresses of the dynamic multicast configurations.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table dynamic multicast [vlan <vlan-range>]

[address <aa:bb:cc:dd:ee:ff>] [{interface <interface-type>

<interface-id>}]

The parameters have the following meaning:

Parameter vlan vlan-range

address interface interfacetype interfaceid

Description

Keyword for a VLAN

Keyword for several VLANs

Keyword for a MAC address

MAC address

Keyword for a an interface description

Type of interface

Slot no. and port no. of the interface

Range of values / note

-

-

1 ... 4094

aa:bb:cc:dd:ee:ff gigabitethernet extreme-ethernet

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Auto-Hotspot".

Result

The table is displayed.

350

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.6 Multicast

8.6.3

Description

show mac-address-table static multicast

This command shows the MAC addresses of the static multicast configurations.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table static multicast [vlan <vlan-range>] [address

<aa:bb:cc:dd:ee:ff>] [{interface <interface-type> <interface-id>}]

The parameters have the following meaning:

Parameter vlan vlan-range

address interface interfacetype interfaceid

Description

Keyword for a VLAN

Range of values of the VLAN

Keyword for a MAC address

MAC address

Keyword for a an interface description

Type of interface

Slot no. and port no. of the interface

Range of values / note

-

-

1 ... 4094

aa:bb:cc:dd:ee:ff gigabitethernet extreme-ethernet

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Auto-Hotspot".

Result

The table is displayed.

See also

Addresses and interface names (Page 32)

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

351

Layer 2 management protocols

8.6 Multicast

8.6.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

8.6.4.1

Description mac-address-table block static multicast

With this command, you configure static multicast addresses that will be blocked.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table block static multicast <aa:bb:cc:dd:ee:ff> vlan

<vlan-id(1-4094)>

The parameters have the following meaning:

Parameter vlan vlan-id

address

Description

Keyword for a VLAN

Number of the VLAN

Keyword for a MAC address

MAC address

Range of values / note

-

-

1 ... 4094 aa:bb:cc:dd:ee:ff

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for static multicast blocking are configured.

352

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 2 management protocols

8.6 Multicast

Further notes

You enable / disable the setting with the no mac-address-table static multicast

<mac address> <vlan-id(1-4094)> command.

8.6.4.2

Description mac-address-table static multicast

With this command, you configure a static multicast address.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table static multicast <aa:bb:cc:dd:ee:ff> vlan <vlanid(1-4094)>

The parameters have the following meaning:

Parameter vlan

address

Description

Keyword for a VLAN

Keyword for a MAC address

MAC address

Range of values / note

-

1 ... 4094 aa:bb:cc:dd:ee:ff

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for static multicast are configured.

Further notes

You disable the setting with the no mac-address static multicast <macaddress><vlan-id(1-4094)> command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

353

Layer 2 management protocols

8.6 Multicast

8.6.4.3

no mac-address-table static multicast

Description

With this command, you delete a static multicast address.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static multicast <aa:bb:cc:dd:ee:ff> vlan <vlanid(1-4094)>

The parameters have the following meaning:

Parameter vlan

address

Description

Keyword for a VLAN

Keyword for a MAC address

MAC address

Range of values / note

-

1 ... 4094 aa:bb:cc:dd:ee:ff

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The static multicast function is disabled.

354

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

This part contains the sections that describe the following:

● OSPF v2

● RIPv2

● VRRP

The layer 3 functions describe the routing properties of the device. These are not normally included in the basic device and if necessary must be enabled or released extra.

9

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

355

Layer 3 functions

9.1 show ip route

9.1

show ip route

Description

This command shows the routing table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip route [{<ip-address> [<mask>] | connected | ospf | rip | static | summary }]

The parameters have the following meaning:

Parameter ip-address mask connected ospf rip static

Description Values

The target address of the route.

The subnet mask of this route.

Shows the network routes with a direct connection. -

Shows the OSPF entries in the routing table. -

Specify a valid IP address.

Enter a valid subnet mask.

Shows the RIP entries in the routing table.

Shows the static routes in the table.

-

-

Result

The routing table is displayed.

356

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

9.2

Layer 3 functions

9.2 OSPFv2

OSPFv2

This section describes the commands relevant for working with routing with OSPF.

9.2.1

Description

show ip ospf

This command shows information about routing with OSPF.

Note

This command is available only with layer 3.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip ospf

Result

The configuration is displayed.

9.2.2

Description

show ip ospf route

This command shows the routes that were generated with OSPF.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

357

Layer 3 functions

9.2 OSPFv2

Syntax

Call the command without parameters: show ip ospf route

Result

The routes are displayed.

9.2.3

Description

show ip ospf - database summary

This command shows a summary of the database.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf

[area-id] database

[{

database-summary|selforiginate|adv-router <ip-address>

}]

The parameters have the following meaning:

Parameters Description Range of values area-id

Area ID database-summary

Number of LSA types per area and the total number of areas self-originate adv-router

Number of LSAs generated by the local router.

Keyword for the router-specific LSA

-

specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area ip-address shows the router-specific LSA for a specific IP address specify a valid IP address.

If no IP address is entered, the specific

LSAs of the local router are displayed.

358

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Result

The summary of the database is displayed.

9.2.4

Description

show ip ospf ... database ...

This command shows information about a specific or all LSA types.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf

[area-id] database

{

asbr-summary|external|network|

nssa-external|router|summary

}

[link-state-id]

[{

adv-router <ip-address>|self-originate

}]

The parameters have the following meaning:

Parameters area-id asbr-summary external network

Description

Area ID only shows information of the LSA type ASPR

(Autonomous System Border Router). (Type

4) only shows information of the LSA type

"External" (Type 5) only shows information of the LSA type

"Network" (Type 2)

-

-

Range of values

specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

359

Layer 3 functions

9.2 OSPFv2

Parameters Description Range of values nssa-external only shows information of the LSA type

"NSSA (Not so stuppy area) External" (Type

7) router summary only shows information of the LSA type

"Router" (Type 1) only shows information of the LSA type

"Summary" (Type 3) link-state-id

ID of the LSA . adv-router ip-address selforiginate

Link State ID depends on the LSA type.

Keyword for the router-specific LSA

-

-

-

-

Link State ID consists of 4 numbers each between 0 and 255 shows the router-specific LSA for a specific

IP address

Number of LSAs generated by the local router specify a valid IP address.

If no IP address is entered, the specific LSAs of the local router are displayed.

Result

The information is displayed.

9.2.5

Description

show ip ospf border-routers

This command shows the routes to the area border routers and to the AS boundary routers.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip ospf border-routers

Result

The routes are displayed.

360

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.6

Description

show ip ospf interface

This command shows the information on the OSPF interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf interface

[{

vlan<vlan-id(1-4094)>|<interface-type><interface-id>

}]

The parameters have the following meaning:

Parameters

Vlan vlan-id interfacetype

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface

Values

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the information is displayed for all available interfaces.

Result

The information of the OSPF interface is displayed.

9.2.7

Description

show ip ospf neighbor

This command shows information about the detected neighboring routers.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

361

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf neighbor

[{

vlan <vlan-id(1-4094)>|<interface-type><interface-id>

}]

[Neighbor ID]

[detail]

The parameters have the following meaning:

Parameters

Vlan vlan-id interfacetype

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface interfaceid

Slot no. and port no. of the interface

Neighbor ID

Router ID of the neighbor

Values

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

The ID consists of 4 numbers each between 0 and 255 and can match the IP address of the router.

detail

OSPF information on the neighbor

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The information is displayed.

9.2.8

Description

show ip ospf request-list

This command shows the request list. This request list contains the information required for the LSAs.

362

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf request-list

[<neighbor-id>]

[{

vlan <vlan-id (1-4094)> |

<interface-type> <interface-id>

}]

The parameters have the following meaning:

Parameter Description neighbor-id

Router ID of the neighbor

Vlan vlan-id interfacetype

Keyword for a VLAN connection

Number of the addressed VLAN

Type of interface

Values

-

Enter the router ID. The router ID consists of 4 numbers each between 0 and 255.

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the request list is displayed for all neighbors.

Result

The request list displayed.

9.2.9

Description

show ip ospf retransmission-list

This command shows which queries are still open in the form of a list.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

363

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf retransmission-list

[<neighbor-id>]

[{

vlan <vlan-id (1-4094)>|<interface-type> <interface-id>

}]

The parameters have the following meaning:

Parameters Description neighbor-id

Router ID of the neighbor

Vlan vlan-id interfacetype

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface

Values

enter the router ID. The router ID consists of 4 numbers each between 0 and 255.

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Vlan

Slot no. and port no. of the interface

Keyword for a VLAN connection -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the list is displayed for all neighbors.

Result

The list is displayed.

9.2.10

show ip ospf virtual-links

Description

This command shows an overview of the virtual connections.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

364

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show ip ospf virtual-links

Result

The overview is displayed.

9.2.11

show ip ospf area-range

Description

This command shows the grouped address ranges.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip ospf {area-range|summary-address }

The parameters have the following meaning:

Parameters area-range

Description

Grouped area range.

The address range is created with the "area-range" command.

summary-address Grouped address range for OSPF.

The address range is created with the "summaryaddress" command.

-

-

Values

Result

The grouped address ranges are displayed.

Layer 3 functions

9.2 OSPFv2

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

365

Layer 3 functions

9.2 OSPFv2

9.2.12

Commands in the Global Configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

9.2.12.1

router ospf

Description

With this command, you enable routing with OSPF and change to the Router Configuration mode.

Note

This command is available only with layer 3.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: router ospf

Result

Routing with OSPF is enabled.

You are now in the Router Configuration mode.

The command prompt is as follows: cli (config-router)#

Further notes

You disable routing with OSPF with the no router ospf command.

366

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.12.2

no router ospf

Description

With this command, you disable routing with OSPF.

Note

This command is available only with layer 3.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no router ospf

Result

Routing with OSPF is disabled.

Further notes

You enable routing with OSPF with the router ospf command.

9.2.13

Commands in the Router Configuration mode

This section describes commands that you can call up in the Router Configuration mode.

In the Global Configuration mode, enter the router ospf command to change to this mode.

Commands relating to other topics that can be called in the Global Configuration mode can be found in the relevant sections.

● If you exit the Router Configuration mode with the exit command, you return to the Global

Configuration mode.

● If you exit the Router Configuration mode with the end command, you return to the

Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

367

Layer 3 functions

9.2 OSPFv2

Requirement

The commands are available if the following requirements are met:

● The device supports the routing function.

● The routing function is enabled

● The interface is a router port

9.2.13.1

ASBR Router

Description

With his command, you specify that the router is an Autonomous System Boundary Router

(ASBR).

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call the command without parameters:

ASBR Router

Result

The autonomous system boundary router is enabled.

Further notes

You disable the autonomous system boundary router with the no ASBR Router command.

You can display the status of this function and other information with the show ip ospf command.

368

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

9.2.13.2

no ASBR Router

Description

With this command, you disable the autonomous system boundary router.

Note

This command is available only with layer 3.

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call the command without parameters: no ASBR Router

Result

The autonomous system boundary router is disabled.

Further notes

You enable the autonomous system boundary router with the ASBR Router command.

You can display the status of this function and other information with the show ip ospf command.

9.2.13.3

area range

Description

With this command, you assign an area ID an address range. The address range is used to group the routes within OSPF.

Note

This command is available only with layer 3.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

369

Layer 3 functions

9.2 OSPFv2

Requirement

● The router is an area border router

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <AreaId> range

<Network>

<Mask>

[{

advertise | notadvertise

}]

The parameters have the following meaning:

Parameter

AreaId

Description

Area ID

Network

Mask

IP address of the address range

Subnet mask of the address range advertise

The address range is advertised to the outside.

A summary LSA of Type 3 is generated.

notadvertise

The address range is not advertised to the outside.

-

Range of values / note

specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area specify the IP address specify the subnet mask.

Result

The address range is configured.

Further notes

You delete the address range with the no area range command.

You can display the status of this function and other information with the show ip ospf - area-range / summary-addresscommand.

370

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.13.4

area range summary

Description

With this command, you assign an area ID an address range. The address range is used to group the routes within OSPF.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <AreaId> range

<Network>

<Mask>

{

summary | Type7

}

[{

advertise | notadvertise

}]

The parameters have the following meaning:

Parameter

AreaId

Description

Area ID

Network

Mask summary

Type7

IP address of the address range

Subnet mask of the address range

Summary LSA

LSA type 7

Range of values / note specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area specify the IP address

-

specify the subnet mask.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

371

Layer 3 functions

9.2 OSPFv2

Parameter Description advertise

The address range is advertised outside the ranges.

If the Area ID is 0.0.0.0, the router generates an

LSA message of Type 5.

If the Area ID is not 0.0.0.0, the router generates an LSA message of Type 7 in an NSSA.

notadvertise

The address range is not advertised to the outside.

-

-

Range of values / note

Result

The address range is configured.

Further notes

You delete the address range with the no area range command.

You can display the status of this function and other information with the show ip ospf - area-range / summary-addresscommand.

9.2.13.5

no area range

Description

With this command, you delete the address range.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <AreaId> range <Network> <Mask>

The parameters have the following meaning:

372

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter

AreaId

Network

Mask

Description

Area ID

IP address of the address range

Subnet mask of the address range

Range of values / note specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area specify the IP address specify the subnet mask.

Layer 3 functions

9.2 OSPFv2

Result

The address range is deleted.

Further notes

You create address ranges with the area range command.

9.2.13.6

area nssa

Description

With this command, you configure areas of the type NSSA (not-so-stubby-area).

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <area-id> nssa

[{

no-summary | default-information-originate

}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

373

Layer 3 functions

9.2 OSPFv2

Parameter area-id no-summary defaultinformationoriginate

Description Range of values / note

Area ID

NSSA does not receive a summary LSA. --

Generating a standard route (LSA type 7) in the NSSA.

-specify a valid ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

Result

The area of the type NSSA is configured.

Further notes

You change the type of the area with the no area command.

9.2.13.7

area stub

Description

With this command, you configure areas of the type Stub.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <area-id> stub [ no-summary ]

The parameters have the following meaning:

374

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter area-id no-summary

Layer 3 functions

9.2 OSPFv2

Description

Area ID

The router does not send or receive a summary LSA

Range of values / note specify a valid ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

--

Result

The area of the type Stub is configured.

Further notes

You change the type of the area with the no area command.

9.2.13.8

no area

Description

With this command, you remove or change an area of the type "Stub" or "NSSA".

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no area <area-id>

[

{ stub | nssa }

]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

375

Layer 3 functions

9.2 OSPFv2

Parameter area-id stub nssa

Description

Area ID

Stub area

NSSA area

Range of values / note

--

-specify a valid ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

Result

The area is removed or changed.

9.2.13.9

area virtual-link

Description

With this command, you create a virtual connection to the backbone area.

Note

This command is available only with layer 3. The router must be an Area Border Router (ABR) or an Autonomous System Boundary Router (ASBR). The router ID must correspond to the

IP address of the interface of the transit area network.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: area <area-id> virtual-link <router-id>

[authentication

{

simple |messagedigest| null

}

]

[hello-interval <value (1-65535)>]

[retransmit-interval <value(0-3600)>]

[transmit-delay <value (0-3600)>]

[dead-interval <value>]

[{

authentication-key <key (8)> | message-digest-key <Key-id (0-255)>

376

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

md5 <key(16)>

}]

The parameters have the following meaning:

Parameter Description Range of values / note area-id

Area ID

specify a valid ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area router-id authentication hello-interval value retransmitinterval

ID of the router. The router ID must correspond to the IP address of the interface of the transit area network.

Keyword for the authentication method of the virtual connection

Keyword for the interval at which Hello packets are sent over the virtual link specifies the length of the interval in seconds.

Keyword for the interval after which packets whose receipt was not confirmed are transferred again.

specifies the length of the interval in seconds.

-

● simple enables authentication using a password

● messagedigest enables authentication using

MD5

-

● none no authentication enter the interval

1-65535 value transmit-delay value

Keyword for the time that a link state update packet requires for transmission over the virtual link.

Specifies the length of the interval in seconds.

-enter the interval

0-3600 dead-interval

Keyword for the interval after which the neighbor router is classified as

"failed" if Hello packets from it are not received.

value authentication-key

Keyword for the unencrypted password key

Specifies the length of the interval in seconds.

Password message-digest-key

Keyword for the ID of the password -

enter the interval

0–0x7fffffff enter the password.

Maximum length: 8 characters key-id ID of the password.

enter the interval

0-3600 specify the ID

0 ... 255

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

377

Layer 3 functions

9.2 OSPFv2

Parameter md5 key

Description

Keyword for the password

Password

Range of values / note

enter the password

Maximum length: 16 characters

Result

The virtual link is created.

Further notes

You delete the virtual link with the no area virtual link command.

You display information about the virtual link with the show ip ospf virtual command.

9.2.13.10 no area virtual-link

Description

With this command, you delete a virtual link.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no area <area-id> virtual-link <router-id>

[authentication]

[hello-interval]

[retransmit-interval]

[transmit-delay]

[dead-interval

[{

authentication-key | message-digest-key <Key-id (0-255)>

}]

The parameters have the following meaning:

378

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Parameter Description Range of values / note area-id router-id authentication

Area ID

ID of the router

Keyword for the authentication method of the virtual connection specify a valid ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

-

● simple enables authentication using a password

● messagedigest enables authentication using

MD5

-

● none no authentication hello-interval value retransmitinterval

Keyword for the interval at which Hello packets are sent over the virtual link specifies the length of the interval in seconds.

Keyword for the interval after which packets whose receipt was not confirmed are transferred again.

specifies the length of the interval in seconds.

enter the interval

1-65535 value transmit-delay value

Keyword for the time that a link state update packet requires for transmission over the virtual link.

Specifies the length of the interval in seconds.

-enter the interval

0-3600 dead-interval

Keyword for the interval after which the neighbor router is classified as

"failed" if Hello packets from it are not received.

value authentication-key

Keyword for the unencrypted password key

Specifies the length of the interval in seconds.

Password message-digest-key

Keyword for the ID of the password -

enter the interval

0–0x7fffffff enter the password.

Maximum length: 8 characters key-id ID of the password.

enter the interval

0-3600 specify the ID

0 ... 255

Result

The virtual link is removed.

Further notes

You create virtual links with the area virtual link command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

379

Layer 3 functions

9.2 OSPFv2

You display information about the virtual link with the show ip ospf virtual command.

9.2.13.11 compatible rfc1583

Description

With this command, you enable compatibility with RFC 1583. Use the command if you still have old OSPFv2 routers in operation that are not compatible with RFC 2328.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call the command without parameters: compatible rfc1583

Result

The compatibility with RFC 1583 is enabled.

Further notes

You disable the compatibility with the no compatible rfc1583 command.

You can display the status of this function and other information with the show ip ospfcommand.

9.2.13.12 no compatible rfc1583

Description

With this command, you disable compatibility with RFC 1583.

Note

This command is available only with layer 3.

380

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call the command without parameters: compatible rfc1583

Result

The compatibility with RFC 1583 is disabled.

Further notes

You enable the compatibility with the compatible rfc1583 command.

You can display the status of this function and other information with the show ip ospfcommand.

9.2.13.13 default-information originate

Description

With this command, you enable the function with which a standard route is generated for external routes into the OSPF routing domain.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: default-information originate [(

[always]

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

381

Layer 3 functions

9.2 OSPFv2

[metric <metric-value (0-0xffffff)>]

[metric-type <type (1-2)>])]

The parameters have the following meaning:

Parameter Description always metric

An external standard route is always generated.

Keyword for the metric of the external standard route.

metric-value

Value of the metric metric-type

Type

Keyword for the type of the external standard route

Type of the external route

Range of values / note

--

0-0xffffff

--

● 1 - type 1

● 2 - type 2

Result

The function is enabled.

Further notes

You disable the function with the no default-information originate command.

9.2.13.14 no default-information originate

Description

With this command, you disable the function with which a standard route is generated for external routes into the OSPF routing domain.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters:

382

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

no default-information originate [(

[always]

[metric <metric-value (0-0xffffff)>]

[metric-type <type (1-2)>])]

The parameters have the following meaning:

Parameter always metric metric-value metric-type

Type

Description

The external standard route is always generated.

Keyword for the metric of the external standard route.

Value of the metric

Keyword for the type of the external standard route

Type of the external route

Range of values / note

--

0-0xffffff

--

● 1 - type 1

● 2 - type 2

Layer 3 functions

9.2 OSPFv2

Result

The function is disabled.

Further notes

You enable the function with the default-information originate command.

9.2.13.15 default-information originate always

Description

With this command, you enable the function with which a standard route is always generated for external routes into the OSPF routing domain.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

383

Layer 3 functions

9.2 OSPFv2

Syntax

Call up the command with the following parameters: default-information originate always

[metric <metric-value (0-0xffffff)>]

[metric-type <type (1-2)>]

The parameters have the following meaning:

Parameter Description metric

Keyword for the metric of the external standard route.

metric-value

Value of the metric metric-type

Type

Keyword for the type of the external standard route

Type of the external route

Range of values / note

--

0-0xffffff

--

● 1 - type 1

● 2 - type 2

Result

The function is enabled.

Further notes

You disable the function with the no default-information originate always command.

9.2.13.16 no default-information originate always

Description

With this command, you disable the function with which a standard route is always generated for external routes into the OSPF routing domain.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

384

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Syntax

Call up the command with the following parameters: no default-information originate always

[metric <metric-value (0-0xffffff)>]

[metric-type <type (1-2)>]

The parameters have the following meaning:

Parameter metric metric-value metric-type

Type

Description

Keyword for the metric of the external standard route.

Value of the metric

Keyword for the type of the external standard route

Type of the external route

Range of values / note

--

0-0xffffff

--

● 1 - type 1

● 2 - type 2

Result

The function is disabled.

Further notes

You enable the function with the default-information originate always command.

9.2.13.17 network area

Description

With this command, you specify an OSPF interface and the Area ID connected to the OSPF interface.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

385

Layer 3 functions

9.2 OSPFv2 network <network number> area <area-id>

The parameters have the following meaning:

Parameter Description network number

IP interface that will be used by

OSPF.

area-id

Area ID

Range of values / note

Enter the IP address of the interface for which OSPF will be enabled.

specify an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

Result

The OSPF interface is configured.

Further notes

You remove the OSPF interface and the area with the no network area command.

You can display the status of this function and other information with the show ip ospf interfacecommand.

9.2.13.18 no network area

Description

With this command, you remove the OSPF interface and the Area ID connected to the OSPF interface.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no network <Network number> area <area-id>

The parameters have the following meaning:

386

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Parameter Description

Network number

Network number area-id

Area ID

Range of values / note

Enter a valid network number enter an ID.

x.x.x.x

x = 0 ... 255

0.0.0.0 = backbone area

Result

The OSPF interface is removed.

Further notes

You create the OSPF interface and the area with the network area command.

You can display the status of this function and other information with the show ip ospf interfacecommand.

9.2.13.19 redist-config

Description

With this command, you configure the information for the route. The routes are further distributed with this information

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: redist-config <Network> <Mask>

[metric-value <metric (1 - 16777215)>]

[metrictype {

asExttype1 | asExttype2

}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

387

Layer 3 functions

9.2 OSPFv2

Parameter Description

Network

Mask

Target address of the route.

Subnet mask of this route metric-value

Keyword for the metric of the route metric

Metric metrictype asExttype1 asExttype2

Keyword for the connection costs

External and internal costs

External costs

Range of values / note

specify the IP address.

specify the subnet mask.

1 - 16777215

--

--

--

Result

The information for the route is specified.

Further notes

You remove the information with the no default-information originate always command.

You distribute the routes with the restribute command.

9.2.13.20 no redist-config

Description

With this command, you delete the information for the new external routes.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no redist-config <Network> <Mask>

The parameters have the following meaning:

388

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter

Network

Mask

Description

Target address of the route.

Subnet mask of this route

Layer 3 functions

9.2 OSPFv2

Range of values / note specify the IP address.

specify the subnet mask.

Result

The information for the route is deleted.

Further notes

You create the information with the redist-config command.

9.2.13.21 redistribute

Description

With this command, you specify which known routes are distributed via OSPF.

Note

This command is available only with layer 3.

Requirement

● The router is an ASBR router.

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: redistribute {static | connected | rip | default | all}

The parameters have the following meaning:

Parameter static connected rip default all

Description static routes connected routes

RIP routes standard routes all routes

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

389

Layer 3 functions

9.2 OSPFv2

Result

Which routes are distributed via OSPF is specified.

Further notes

You enable the ASBR router with the ASBR Router command.

You disable the distribution of the routes with the no redistribute command.

You create the information for the routes with the redist-config command.

You create the information for external the routes with the default-information originate command.

9.2.13.22 no redistribute

Description

With this command, you disable distribution of routes with OSPF.

Note

This command is available only with layer 3.

Requirement

● The router is an ASBR router.

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no redistribute {static | connected | rip | default | all}

The parameters have the following meaning:

Parameter static connected rip default all

Description static routes connected routes

RIP routes standard routes all routes

390

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

Which routes are distributed via OSPF is disabled.

Further notes

You enable the distribution of the routes with the redistribute command.

9.2.13.23 distribute-list route-map

Layer 3 functions

9.2 OSPFv2

Description

This command enables the filtering of the routing information according to a route map for incoming routing information.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: distribute-list route-map <name(1-20)> in

The parameters have the following meaning:

Parameter name in

Description

Name of the routing table.

Incoming routing information is filtered.

Values

-

Maximum of 20 characters.

Result

The filtering is enabled.

9.2.13.24 no distribute-list route-map

Description

This command disables the filtering of the routing information according to a route map for incoming routing information.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

391

Layer 3 functions

9.2 OSPFv2

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no distribute-list route-map <name(1-20)> in

The parameters have the following meaning:

Parameter name in

Description

Name of the routing table.

Incoming routing information is filtered.

Values

-

Maximum of 20 characters.

Result

The filtering is disabled.

9.2.13.25 router id

Description

With this command, you specify the ID of the router.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: router-id <router ip address>

The parameter has the following meaning:

392

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter router ip address

Description

IP address

Layer 3 functions

9.2 OSPFv2

Range of values / note

Enter the IP address of the router or a value in the IP address format.

Result

The ID of the router is specified.

Further notes

You display the router ID and other information with the show ip ospf interface command.

9.2.13.26 summary-address

Description

With this command, you assign an area ID an address range. The address range is used to group the external routes.

Note

This command is available only with layer 3.

Requirement

● The router is an area border router (ABR)

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: summary-address <Network> <Mask> <AreaId>

[{

allowAll | denyAll | advertise |not-advertise

}]

[

Translation

{enabled | disabled}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

393

Layer 3 functions

9.2 OSPFv2

Parameter

Network

Mask

AreaId allowAll denyAll advertise not-advertise

Translation enabled disabled

Description

IP address of the address range

Subnet mask of the address range

Area ID

The backbone area generates an LSA message of Type 5 for the address range.

LSA messages of Type 7 also generated for this address range in the connected

NSSAs.

No LSA is of Type 5 or Type 7 is generated for the address range.

The address range is advertised outside the areas.

In the backbone area, the router generates an LSA message of Type 5.

If the Area ID is not 0.0.0.0, the router generates an LSA message of Type 7 in an

NSSA

No LSA messages of Type 5 are generated in the backbone area. The NSSAs connected to the backbone area generate

LSA messages of Type 7. The other areas do not generate any LSA

Keyword for the P bit. The P bit indicates to the NSSA-ABR whether the LSA message of Type 7 is translated to Type 5.

P bit = 1.

LSA message is translated

P bit = 0.

LSA message is not translated

-

-

-

-

-

-

Range of values / note specify the IP address specify the subnet mask.

specify a valid ID.

x.x.x.x

x = 255

0.0.0.0 = backbone area

Result

The address range is created.

Further notes

You delete the address range with the no summary-address command.

You can display the status of this function and other information with the show ip ospf - area-range / summary-addresscommand

394

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.13.27 no summary-address

Description

With this command, you delete the address range.

Note

This command is available only with layer 3.

Requirement

You are in the OSPF Router configuration mode.

The command prompt is as follows: cli(config-ospf)#

Syntax

Call up the command with the following parameters: no summary-address <Network> <Mask> <AreaId>

The parameters have the following meaning:

Parameter

Network

Mask

AreaId

Description

IP address of the address range

Subnet mask of the address range

Area-ID

Range of values / note specify the IP address specify the subnet mask.

specify a valid ID.

x.x.x.x

x = 255

0.0.0.0 = backbone area

Result

The address range is deleted.

Further notes

You configure the address range with the summary-address command.

9.2.14

Commands in the Interface Configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

395

Layer 3 functions

9.2 OSPFv2

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

9.2.14.1

ip ospf authentication

Description

With this command, you specify the type of authentication. The following methods are possible:

● Authentication using an unencrypted password.

● Authentication using MD5

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

● Authentication using MD5: A password and a key ID are created.

● Authentication using an unencrypted password: A password is created.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf authentication [{message-digest}]

The parameters have the following meaning:

Parameter messagedigest

Description

Authentication using MD5 -

Range of values / note

If you enter the command without parameters, an unencrypted password is used for authentication.

396

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Result

The type of authentication is specified.

Further notes

You remove the type of authentication with the no ip ospf authentication command.

You create the password for MD5 with the ip ospf message-digest-key command.

You create the password with the ip ospf authentication command.

9.2.14.2

no ip ospf authentication

Description

With this command, you reset the type of authentication back to the default value.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: ip ospf authentication

Result

The type of authentication is reset.

Further notes

You enable the authentication with the ip ospf authentication command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

397

Layer 3 functions

9.2 OSPFv2

9.2.14.3

ip ospf authentication-key

Description

With this command, you specify the password.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf authentication-key <password (8)>

The parameter has the following meaning:

Parameter

Password

Description

Password

Range of values / note

Enter a password.

Maximum length: 8 characters

Result

The password is specified.

Further notes

You delete the password with the no ip ospf authentication-key command.

398

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.14.4

no ip ospf authentication-key

Description

With this command, you delete the password.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf authentication-key

Result

The password is deleted.

Further notes

You configure the password with the ip ospf authentication-key command.

9.2.14.5

ip ospf cost

Description

With this command, you specify the costs for the OSPF interface.

Note

This command is available only with layer 3.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

399

Layer 3 functions

9.2 OSPFv2

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf cost <cost (1-65535)>

The parameter has the following meaning:

Parameter cost

Description

Costs for the OSPF interface

Range of values / note

1 ... 65535

Result

The costs are specified.

Further notes

You delete the costs with the no ip ospf cost command.

You show the configuration of the OSPF interface with the show ip ospf interface command.

9.2.14.6

no ip ospf cost

Description

With this command, you delete the costs.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

400

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Syntax

Call the command without parameter assignment: no ip ospf cost

Result

The costs are deleted.

Further notes

You create the costs with the ip ospf cost command.

You show the configuration of the OSPF interface with the show ip ospf interface command.

9.2.14.7

ip ospf dead-interval

Description

With this command, you specify the time that can elapse before the neighbor router is assumed to have "failed". This means that no more Hello packets were received from it during this time.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf dead-interval <seconds (0-0x7fffffff)>

The parameter has the following meaning:

Parameter seconds

Description

Interval in seconds

Range of values / note

0 ... 0x7fffffff

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

401

Layer 3 functions

9.2 OSPFv2

Result

The interval is specified.

Further notes

You delete the interval with the no ip dead-interval command.

You show the configuration of the OSPF interface with the show ip ospf interface command.

9.2.14.8

no ip ospf dead-interval

Description

With this command, you delete the interval.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf dead-interval

Result

The interval is deleted.

Further notes

You specify the interval with the ip dead-interval command.

You show the configuration of the OSPF interface with the show ip ospf interface command.

You configure the router port with the no switchport command.

402

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

9.2.14.9

ip ospf hello-interval

Description

With his command, you specify the interval between two Hello packets.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf hello-interval <seconds (1 - 65535)>

The parameter has the following meaning:

Parameter seconds

Description

Interval in seconds

Range of values / note

0 ... 65535

Result

The interval is specified.

Further notes

You delete the interval with the no ip hello-interval command.

You show the configuration of the OSPF interface with the show ip ospf interface command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

403

Layer 3 functions

9.2 OSPFv2

9.2.14.10 no ip ospf hello-interval

Description

With this command, you delete the interval.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf hello-interval

Result

The interval is deleted.

Further notes

You configure the interval with the ip hello-interval command.

9.2.14.11 ip ospf message-digest-key

Description

With this command, you specify the password and the ID for authentication with MD5.

Note

This command is available only with layer 3.

404

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf message-digest-key <Key-ID (0-255)> md5 <md5-Key (16)>

The parameters have the following meaning:

Parameter

Key-ID md5 md5-Key

Description

ID of the password

Keyword for the password

Password for authentication

Range of values / note

-

0 ... 255 enter a password

Maximum length: 16 characters

Result

The password and the ID are specified.

Further notes

You delete the password with the no ip ospf message-digest-key command.

9.2.14.12 no ip ospf message-digest-key

Description

With this command, you delete the required password.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

405

Layer 3 functions

9.2 OSPFv2

Syntax

Call up the command with the following parameters: no ip ospf message-digest-key <Key-ID (0-255)>

The parameter has the following meaning:

Parameter

Key-ID

Description

ID of the password

Range of values / note

Enter a valid ID.

Result

The password is deleted.

Further notes

You specify the password with the ip ospf message-digest-key command.

9.2.14.13 ip ospf retransmit-interval

Description

With this command, you specify the time after which an LSA message is transferred again if no confirmation has been received.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip ospf retransmit-interval <seconds (0 - 3600)>

The parameter has the following meaning:

Parameter seconds

Description

Interval in seconds

Range of values / note

0 - 3600

406

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

The interval is specified.

Further notes

You delete the interval with the no ip retransmit-interval command.

9.2.14.14 no ip ospf retransmit-interval

Layer 3 functions

9.2 OSPFv2

Description

With this command, you delete the interval.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf retransmit-interval

Result

The interval is deleted.

Further notes

You configure the interval with the ip retransmit-interval command.

You configure the router port with the no switchport command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

407

Layer 3 functions

9.2 OSPFv2

9.2.14.15 ip ospf transmit-delay

Description

With this command, you delete the interval.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf transmit-delay

Result

The interval is deleted.

Further notes

You create the interval with the ip transmit-delay command.

9.2.14.16 no ip ospf transmit-delay

Description

With this command, you delete the interval.

Note

This command is available only with layer 3.

408

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

● The interface is a layer 3 interface.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no ip ospf transmit-delay

Result

The interval is deleted.

Further notes

You configure the interval with the ip ospf transmit-delay command.

9.2.14.17 ip ospf priority

Layer 3 functions

9.2 OSPFv2

Description

With this command, you specify the router priority. The designated router is identified based on the priority.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

● You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if)#

Syntax

Call up the command with the following parameters: ip ospf priority <value (0 - 255)>

The parameter has the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

409

Layer 3 functions

9.2 OSPFv2

Parameter

Value

Description

Priority

Range of values / note

0 ... 255; Default: 100

Result

The priority is specified.

Further notes

You delete the priority with the no ip ospf priority command.

You display the router ID and other information with the show ip ospf interface command.

9.2.14.18 no ip ospf priority

Description

With this command, you delete the router priority.

Note

This command is available only with layer 3.

Requirement

● The interface is a layer 3 interface.

● You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if)#

Syntax

Call the command without parameter assignment: no ip ospf priority

Result

The priority is deleted.

Further notes

You configure the priority with the ip ospf priority command.

410

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.2 OSPFv2

You display the router ID and other information with the show ip ospf interface command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

411

Layer 3 functions

9.3 RIPv2

9.3

RIPv2

9.3.1

Description

show ip rip

This command shows the RIP information.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip rip {database [<ip-address> <mask>] | statistic }

The parameters have the following meaning:

Parameter database ip-address mask statistic

Description Values

The information of the RIP database is displayed. -

The destination address of the route for which information is displayed.

Specify a valid IP address.

The subnet mask of this route.

Statistical information is displayed, for example the number of updates.

-

Enter a valid subnet mask.

Result

The database or statistical information is displayed.

9.3.2

412

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

9.3.2.1

Description router rip

With this command, you enable the RIP protocol and change to the Router configuration mode.

Note

This command is available only in the layer 3 firmware.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: router rip

Result

Routing with RIP is enabled.

You are now in the Router configuration mode.

The command prompt is as follows: cli (config-rip)#

Further notes

9.3.2.2

You disable the RIP protocol with the no router rip command. no router rip

Description

With this command, you disable the RIP protocol.

Note

This command is available only in the layer 3 firmware.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

413

Layer 3 functions

9.3 RIPv2

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no router rip

Result

Routing with RIP is disabled.

Further notes

You enable the RIP protocol with the router rip command.

9.3.3

Commands in the RIPv2 Router configuration mode

This section describes commands that you can call up in the RIPv2 Router configuration mode.

In the Global configuration mode, enter the router rip command to change to this mode.

● If you exit the RIPv2 Router configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the RIPv2 Router configuration mode with the end command, you return to the

Privileged EXEC mode.

9.3.3.1

Description auto-summary

This command automatically summarizes routing information according to IP classes. When possible, subnets are summarized according to classes (A, B or C) and entered as single routes. As default, this function is enabled.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

414

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

Syntax

Result

9.3.3.2

Description

Subnets are entered in the routing table summarized as class A, B or C networks.

no auto-summary

This command disables the automatic summarizing of routing information.

Requirement

Call the command without parameter assignment: auto-summary

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call the command without parameter assignment: no auto-summary

Result

Subnets are not summarized according to classes.

9.3.3.3

Description distance

With this command, you specify the administrative distance for the RIP protocol. This value is taken into account if routing information is learned by several routers.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

415

Layer 3 functions

9.3 RIPv2

Syntax

Call up the command with the following parameters: distance dist<1-255> [route-map <name(1-20)>]

The parameters have the following meaning:

Parameter dist route-map name

Description

The value for the administrative distance.

Keyword for a route map

Name of the route map

Values

-

1 ... 255

Maximum of 20 characters.

Result

The value for the administrative distance is set.

9.3.3.4

Description no distance

This command resets the administrative distance to the default (120).

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: no distance [route-map <name(1-20)>]

The parameters have the following meaning:

Parameter route-map name

Description

Keyword for a route map

Name of the route map

Values

-

Maximum of 20 characters.

Result

The administrative distance has the default value 120.

416

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

9.3.3.5

Description distibute-list route-map

This command enables the filtering of the routing information according to a route map for incoming or outgoing routing information.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: distibute-list route-map <name(1-20)> {in | out}

The parameters have the following meaning:

Parameter name in out

Description

Name of the routing table.

Incoming routing information is filtered.

Outgoing routing information is filtered.

Values

-

-

Maximum of 20 characters.

Result

The filtering is enabled.

9.3.3.6

Description no distibute-list route-map

This command disables the filtering of the routing information according to a route map for incoming or outgoing routing information.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

417

Layer 3 functions

9.3 RIPv2

Syntax

Call up the command with the following parameters: no distibute-list route-map <name(1-20)> {in | out}

The parameters have the following meaning:

Parameter name in out

Description

Name of the routing table.

The filtering for incoming routing information is disabled.

The filtering for outgoing routing information is disabled.

-

Values

-

Maximum of 20 characters.

Result

The filtering is disabled.

9.3.3.7

Description network

This command enables the RIP protocol for an IP interface.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: network <ip-address>

The parameter has the following meaning:

Parameter ip-address

Description

The IP address for which RIP will be enabled.

Values

Specify a valid IP address.

Result

RIP is enabled for the specified IP interface.

418

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

9.3.3.8

Description no network

This command disables the RIP protocol for an IP interface.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: no network <ip-address>

The parameter has the following meaning:

Parameter ip-address

Description

The IP address for which RIP will be disabled.

Values

Specify a valid IP address.

Result

RIP is disabled for the specified IP interface.

9.3.3.9

Description redistribute

This command specifies which route information is forwarded by RIP.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: redistribute {all | default | connected | ospf | static} [route-map

<name(1-20)>]

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

419

Layer 3 functions

9.3 RIPv2

The parameters have the following meaning:

Parameter all default connected ospf static route-map name

Description

All available route information is distributed.

Default routes are distributed.

Routing information of local subnets (IP interfaces) is distributed for which RIP is not configured.

Routes learned by OSPF are distributed.

Static routes are distributed.

Keyword for a route map.

Name of the route map.

-

-

-

Values

-

-

-

Maximum of 20 characters

Result

The information forwarded by RIP has been specified.

9.3.3.10

no redistribute

Description

This command specifies which route information is not forwarded by RIP.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: no redistribute {all | default | connected | ospf | static} [routemap <name(1-20)>]

The parameters have the following meaning:

Parameter all default connected ospf static

Description

The forwarding of route information is disabled for all protocols.

Default routes are not forwarded.

Route information of local subnets is not forwarded.

No routes learned by OSPF are distributed.

No static routes are forwarded.

-

-

-

-

-

Values

420

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter route-map name

Description

Keyword for a route map.

Name of the route map.

Result

In certain cases, forwarding of routing information is disabled.

9.3.3.11

version

Description

With this command, you specify which version of incoming RIP packets is evaluated.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: version <1 | 2| 12 | none>

The parameters have the following meaning:

Parameter

1

2

12 none

Description

Only routing information corresponding to RIPv1

(RFC 1058) is evaluated.

Only routing information corresponding to RIPv2

(RFC 2453) is evaluated.

Only routing information corresponding to RIPv1 and RIPv2 is evaluated.

There is no processing of routing information using

RIP.

-

-

-

-

Values

Result

Layer 3 functions

9.3 RIPv2

Values

-

Maximum of 20 characters

It has been specified which RIP packets will be processed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

421

Layer 3 functions

9.3 RIPv2

9.3.3.12

no version

Description

The updating of route information is according to RIPv1 or RIPv2 (default for this parameter)

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call the command without parameter assignment: no version

Result

Both RIPv1 and RIPv2 packets are processed.

9.3.3.13

output-delay

Description

With this command, you configure the delayed forwarding of RIP updates.

Requirement

You are in the RIP Router configuration mode.

The command prompt is as follows: cli(config-rip)#

Syntax

Call up the command with the following parameters: output-delay <milli-seconds(8-50)>

The parameter has the following meaning:

Parameter milliseconds

Description

Delay in milliseconds.

Values

8 ... 50

422

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

Result

RIP updates are forwarded only after the set delay.

9.3.4

Commands in the VLAN configuration mode for an interface

This section describes commands that you can call up in the VLAN configuration mode for an interface or in the configuration mode for a router port.

In the Global configuration mode, enter the interface vlan $$$ command, to change to the VLAN configuration mode for an interface ($$$ indicates the numbering of the interface).

To change to the configuration mode for a router port, the following entries are necessary:

● In the Global configuration mode, enter the interface <itype> $$$ command, where

<itype> is the interface type and $$$ the numbering of the interface.

● If the interface is a router port, the command prompt is displayed as follows:

CLI(config-if-RPort-...)

● If the interface is not a router port, the following command prompt appears:

CLI(config-if-...)

You can then make this report a router port with the following command sequence:

CLI(config-if-...) shutdown; no switchport; no shutdown

The command prompt takes the form

CLI(config-if-RPort-...)

If you exit the RIPv2 Router configuration mode with the exit command, you return to the

Global configuration mode.

If you exit the RIPv2 Router configuration mode with the end command, you return to the

Privileged EXEC mode.

9.3.4.1

Description ip rip default route originate

This command enables the forwarding of a default route.

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

423

Layer 3 functions

9.3 RIPv2

Syntax

Call up the command with the following parameters: ip rip default route originate <metric(1-15)>

The parameter has the following meaning:

Parameter metric

Description

Value for the metric information.

Values

1 ... 15

Result

The default route is forwarded.

9.3.4.2

Description no ip rip default route originate

This command disables the distribution of the default routes.

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

Syntax

Call the command without parameters: no ip rip default route originate

Result

No default route is forwarded.

424

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

9.3.4.3

Description ip rip receive version

This command specifies the RIP version for incoming routing information.

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

Syntax

Call up the command with the following parameters: ip rip receive version (1 | 2 | 12 | none)

The parameters have the following meaning:

Parameter

1

2

12 none

Description

Only RIPv1 updates are received.

Only updates to RIPv2 are received.

Updates that correspond to RIPv1 or RIPv2 are received.

No RIP updates are received.

-

-

-

-

Values

Result

It has been specified which RIP version incoming updates need to have.

9.3.4.4

Description no ip rip receive version

This command specifies that there is no restriction relating to the version of received RIP updates. Updates according to RIPv1 and RIPv2 are received.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

425

Layer 3 functions

9.3 RIPv2

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

Syntax

Call the command without parameters: no ip rip receive version

Result

All RIP updates are received.

9.3.4.5

Description ip rip send version

This command specifies the RIP version for outgoing routing information.

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

Syntax

Call up the command with the following parameters: ip rip send [demand] version (1 | 2 | 12 | none)

The parameters have the following meaning:

426

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.3 RIPv2

Parameter demand

1

2

12 none

Description

Updates are sent only when requested.

Only RIPv1 updates are sent.

Only RIPv2 updates are sent.

RIPv1 and RIPv2 updates are sent.

No RIP updates are sent.

-

-

-

-

-

Values

Result

It has been specified which RIP version outgoing updates need to have.

9.3.4.6

Description no ip rip send version

This command specifies that there is no restriction relating to the version of outgoing RIP updates. Updates according to RIPv1 and RIPv2 are sent.

Requirement

You are in the VLAN configuration mode of the VLAN interface with the ID $$$ or in the configuration mode for a router port.

The command prompt is as follows: cli(config-if-vlan-$$$)# or cli(config-if-RPort-%%$$$)# where %% is a short name for the interface type and $$$ is the numbering of the interface.

Syntax

Call the command without parameters: no ip rip send version

Result

All RIP updates are sent.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

427

Layer 3 functions

9.4 VRRP

9.4

VRRP

This section describes the commands relevant for working with routing with VRRP.

Enable routing to be able to use VRRP.

Note

Enabling VRRP

You can only use VRRP in connection with VLAN interfaces. Router ports are not supported.

9.4.1

Description

show vrrp interface

This command shows the settings of VRRP for the interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vrrp

[

interface

{

vlan <VlanId(1-4094)>| <interface-type><interface-id>

}

]

[{

brief|detail |statistics

}]

The parameters have the following meaning:

Parameters vlan

VlanId

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values

-

1 ... 4094

428

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

Parameters interface-type interface-id brief detail statistics

Description Range of values

Type or speed of the interface ● gigabitethernet

● extreme-ethernet

Slot no. and port no. of the interface Enter a valid interface name shows brief information on VRRP shows detailed information on

VRRP.

shows the statistics of the VRRP protocol

-

-

-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for the interface are displayed.

9.4.2

Description

show vrrp interface - vrid

This command shows the settings of a virtual router.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vrrp

[

interface

{

vlan <VlanId(1-4094)>| <interface-type><interface-id>

}

<VrId(1-255)>

]

[{

brief|detail |statistics

}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

429

Layer 3 functions

9.4 VRRP

Parameters vlan

VlanId interface-type interface-id vrID brief detail statistics

Description Range of values

Keyword for a VLAN connection

Number of the addressed VLAN

-

1 ... 4094

Type or speed of the interface ● gigabitethernet

● extreme-ethernet

Slot no. and port no. of the interface. Enter a valid interface name

ID of the virtual router shows brief information on VRRP

-

-

1 ... 255 shows detailed information on

VRRP.

shows the statistics of the VRRP protocol

-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings of the virtual router are displayed.

9.4.3

Commands in the Global Configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

9.4.3.1

Description router vrrp

With this command, you enable routing with VRRP and change to the VRRP Router

Configuration mode.

Note

This command is available only with layer 3.

430

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: router vrrp

Result

Routing with VRRP is enabled.

You are now in the VRRP Router Configuration mode.

The command prompt is as follows: cli (config-vrrp)#

Further notes

9.4.3.2

You disable routing with VRRP with the no router vrrp command. no router vrrp

Description

With this command, you disable routing with VRRP.

Note

This command is available only with layer 3.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no router vrrp

Layer 3 functions

9.4 VRRP

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

431

Layer 3 functions

9.4 VRRP

Result

Routing with VRRP is disabled.

Further notes

You enable routing with VRRP with the router vrrp command.

9.4.4

Commands in the VRRP Router Configuration mode

This section describes commands that you can call up in the VRRP Router Configuration mode.

In the Global Configuration mode, enter the router vrrp command to change to this mode.

● If you exit the VRRP Router Configuration mode with the exit command, you return to the

Global Configuration mode.

● If you exit the VRRP Router Configuration mode with the end command, you return to the

Privileged EXEC mode.

9.4.4.1

Description interface

With this command, you decide the interface for which you want to assign parameters in the

VRRP Configuration mode.

There you can edit the settings for a VRRP interface. You select the VRRP interface with the parameters of this command.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Router Configuration mode.

The command prompt is as follows: cli(config-vrrp)#

Syntax

Call up the command with the following parameters: interface{vlan<vlan-id(1-4094)

<interface-type><interface-id>}

432

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

The parameters have the following meaning:

Parameter vlan vlan-id interface-type

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface

Values

-

1 … 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interface-id

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Further notes

9.4.4.2

You exit the Interface Configuration mode with the end or exit command.

You delete a VRRP interface with the no interface command.

You display the status and the configuration of the VRRP interfaces with the show vrrp interface show vrrp interface - vridcommand.

no interface

Description

With this command, you delete a VRRP interface.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Router Configuration mode.

The command prompt is as follows: cli(config-vrrp)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

433

Layer 3 functions

9.4 VRRP

Syntax

Call up the command with the following parameters: no interface{vlan <vlan-id(1-4094)

<interface-type><interface-id>}

The parameters have the following meaning:

Parameter vlan vlan-id interface-type

Description

Keyword for a VLAN connection

Number of the addressed VLAN

Type or speed of the interface

Values

-

1 … 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interface-id

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The logical interface is deleted.

Further notes

You configure a VRRP interface with the interface command.

You display the status and the configuration of the VRRP interface with the show vrrp interface show vrrp interface - vridcommand.

9.4.4.3

Description vrrp virtual-ping

With this command, you enable pings to virtual addresses.

Requirement

● The Router Configuration mode is activated.

You are in the Router vrrp Configuration mode.

The command prompt is as follows: cli(config-vrrp)#

Syntax

Call the command without parameters: vrrp virtual-ping

434

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

Result

The function for pings to virtual addresses is enabled.

Further notes

You disable the setting with the no vrrp virtual-ping command.

You can display the status of this function and other information in Exec mode with the show vrrpcommand.

9.4.4.4

Description no vrrp virtual-ping

With this command, you disable pings to virtual addresses.

Requirement

● The Router Configuration mode is activated.

You are in the Router vrrp Configuration mode.

The command prompt is as follows: cli(config-vrrp)#

Syntax

Call the command without parameters: no vrrp virtual-ping

Result

The function for pings to virtual addresses is disabled.

Further notes

You enable the setting with the vrrp virtual-ping command.

You can display the status of this function and other information in Exec mode with the show vrrpcommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

435

Layer 3 functions

9.4 VRRP

9.4.5

Commands in the Interface Configuration mode

This section describes commands that you can call up in the Interface Configuration mode.

Note

The commands are only available with layer 3 and when the interface is a VLAN interface.

In the Interface Configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the Interface Configuration mode can be found in the relevant sections.

● If you exit the Interface Configuration mode with the exit command, you return to the

Interface Configuration mode.

● If you exit the Interface Configuration mode with the end command, you return to the

Privileged EXEC mode.

9.4.5.1

Description vrrp associated-ip

With this command, you specify which IP addresses the virtual router monitors.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> associated-ip <ip_addr>

The parameters have the following meaning:

Parameter vrid ip_addr

Description

ID of the virtual router

Value for an IP address

Range of values

1 ... 255 specify a valid IP address

436

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

Result

The IP addresses are specified.

Further notes

9.4.5.2

You can create a maximum of 52 virtual IP addresses.

You configure a VRRP interface with the interface command.

You remove an IP address with the no vrrp associated-ip command.

You remove all IP addresses with the vrrp group shutdown command.

You display the IP addresses with the show vrrp interface - vrid command. no vrrp associated-ip

Description

With this command, you remove an IP address from the virtual router.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> associated-ip <ip_addr>

The parameters have the following meaning:

Parameter vrid ip_addr

Description

ID of the virtual router

Value for an IP address

Range of values

1 ... 255 specify a valid IP address

Result

The IP address is removed from the virtual router.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

437

Layer 3 functions

9.4 VRRP

Further notes

You configure a VRRP interface with the interface command.

You display the IP addresses with the show vrrp interface - vrid command.

9.4.5.3

Description vrrp group shutdown

With this command, you remove all assigned IP addresses from the virtual router.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> group shutdown

The parameter has the following meaning:

Parameter vrid

Description

ID of the virtual router

Range of values

1 ... 255

Result

All IP addresses of the group are removed.

Further notes

You configure a VRRP interface with the interface command.

You display the IP addresses with the show vrrp interface - vrid command.

438

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

9.4.5.4

Description vrrp preempt

With this command, you specify that a virtual router with higher priority can interrupt a virtual router with lower priority, for example a backup router can interrupt a Master router.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> preempt [delay minimum <value(0-30)>]

The parameters have the following meaning:

Parameter vrid delay minimum

Description

ID of the virtual router

Time after which the new Master router sends its

VRRP packet.

Range of values

1 ... 255

0 ... 30

Result

The function is enabled.

Further notes

You enable routing with VRRP with the router vrrp command.

You disable the function with the no vrrp preempt command.

You can display the status of the function with the show vrrp interface - vrid or with the show vrrp interface command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

439

Layer 3 functions

9.4 VRRP

9.4.5.5

no vrrp preempt

Description

With this command, you specify that a virtual router with higher priority cannot interrupt a virtual router with lower priority.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> preempt

The parameter has the following meaning:

Parameter vrid

Description

ID of the virtual router

Range of values

1 ... 255

Result

The function is disabled.

Further notes

You configure a VRRP interface with the interface command.

You assign IP addresses to a virtual router with the vrrp associated -ip command.

You enable the function with the vrrp preempt command.

You can display the status of the function with the show vrrp interface - vrid or with the show vrrp interface command.

440

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

9.4.5.6

Description vrrp primary-ip

With this command, you specify the primary IP address specified with the VRRP packets as the source address.

Note

This command is available only with layer 3.

Requirement

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> primary-ip <ip_addr>

The parameters have the following meaning:

Parameter vrid ip_addr

Description

ID of the virtual router

Value for an IP address

Range of values

1 ... 255 specify a valid IP address

Result

The primary IP address is specified.

Further notes

You configure a VRRP interface with the interface command.

You remove the primary IP address with the no vrrp pirmary-ip command.

You show the configuration of the virtual router with the show vrrp interface - vrid command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

441

Layer 3 functions

9.4 VRRP

9.4.5.7

no vrrp primary-ip

Description

With this command, you remove an IP address from the virtual router.

Note

This command is available only with layer 3.

Requirement

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli (config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> ipv4 <ucast_addr > [secondary]}]

The parameters have the following meaning:

Parameter vrid ucast_addr secondary

Description Range of values

ID of the virtual router 1 ... 255

Value for an IPv4 unicast address Enter a valid IPv4 unicast address

Secondary IP addresses

Result

The IP address is removed from the virtual router.

Further notes

You configure a VRRP interface with the interface command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

You display the IP addresses with the show vrrp interface - vrid command.

442

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

9.4.5.8

Description vrrp priority

With this command, you specify the priority of the virtual router. The current master router is automatically given 255. All other priorities can be distributed freely among the VRRP routers.

The higher the priority, the earlier the VRRP router becomes "Master".

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> priority <priority(1-254)>

The parameters have the following meaning:

Parameter vrid priority

Description

ID of the virtual router

Priority of the virtual router

Range of values

1 ... 255

1 ...254

Result

The priority of the virtual router is specified.

Further notes

You configure a VRRP interface with the interface command.

You remove the priority with the no vrrp priority command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

You display the priority with the show vrrp interface - vrid command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

443

Layer 3 functions

9.4 VRRP

9.4.5.9

no vrrp priority

Description

With this command, you remove the priority of the virtual router.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> priority

The parameters have the following meaning:

Parameter vrid

Description

ID of the virtual router

Range of values

1 ... 255

Result

The IP addresses are removed from the virtual router.

Further notes

You configure a VRRP interface with the interface command.

You create the priority with the vrrp priority command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

444

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

9.4.5.10

vrrp text-authentication

Description

With this command, you specify that VRRP packets are authenticated using an unencrypted password. If an incoming VRRP packet contains an invalid password, it is discarded.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> text-authentication <password>

The parameters have the following meaning:

Parameter vrid password

Description

ID of the virtual router

Password

Range of values

1 ... 255 enter a password.

Maximum length: 8 characters

Result

The authentication is enabled.

Further notes

You configure a VRRP interface with the interface command.

You disable the authentication with the no vrrp text-authentication command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

445

Layer 3 functions

9.4 VRRP

9.4.5.11

no vrrp text-authentication

Description

Was this command, you specify that VRRP packets are not authenticated.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> text-authentication

The parameter has the following meaning:

Parameter vrid

Description

ID of the virtual router

Range of values

1 ... 255

Result

The authentication is disabled.

Further notes

You configure a VRRP interface with the interface command.

You enable the authentication with the vrrp text-authentication command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

446

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Layer 3 functions

9.4 VRRP

9.4.5.12

vrrp timer

Description

With this command, you specify the time interval after which a virtual router with the "Master" status sends an advertisement packet again.

Note

This command is available only with layer 3.

Requirement

● An IP address is assigned to the virtual router.

● You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli(config-vrrp-if)#

Syntax

Call up the command with the following parameters: vrrp <vrid(1-255)> timer <interval(1-255)secs>

The parameters have the following meaning:

Parameter vrid interval

Description

ID of the virtual router

Time interval in seconds

Range of values

1 ... 255

1 ... 255

Result

The time interval is specified

Further notes

You configure a VRRP interface with the interface command.

You enable routing with VRRP with the router vrrp command.

You remove the interval with the no vrrp timer command.

You assign IP addresses to a virtual router with the vrrp associated-ip command.

You show the interval with the show vrrp interface - vrid command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

447

Layer 3 functions

9.4 VRRP

9.4.5.13

no vrrp timer

Description

With this command, you remove the time interval.

Note

This command is available only with layer 3.

Requirement

● Routing with VRRP is enabled.

● An IP address is assigned to the virtual router.

You are in the VRRP Interface Configuration mode.

The command prompt is as follows: cli (config-vrrp-if)#

Syntax

Call up the command with the following parameters: no vrrp <vrid(1-255)> timer

The parameter has the following meaning:

Parameter vrid

Description

ID of the virtual router

Range of values

1 ... 255

Result

The time interval is removed.

Further notes

You configure a VRRP interface with the interface command.

You enable routing with VRRP with the router vrrp command.

You configure the interval with the vrrp timer command.

You assign IP addresses to a virtual router with the vrrp ipv4 command.

You show the interval with the show vrrp interface - vrid command.

448

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10

This part contains the sections describing the functions for controlling and balancing network load.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

449

Load control

10.1 Rate control

10.1

Rate control

This section describes commands for controlling and restricting the data transmission rate of an interface.

10.1.1

show rate-limit output

Description

This command shows the packet rate for limiting the outgoing data stream of one or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show rate-limit output[interface<interface-type><interface-id>]

The parameters have the following meaning:

Parameters interface interface-type interface-id

Description

Keyword for a an interface description

Type or speed of the interface

Slot no. and port no. of the interface

Values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries are displayed.

450

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.1 Rate control

10.1.2

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

10.1.2.1

rate-limit output

Description

With this command, you configure and enable the packet rate for limiting the outgoing data stream of the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: rate-limit output [rate-value<Mbps(1-80000000)>]

The parameters have the following meaning:

Parameter rate-value

Mbps

Description

Keyword for the value of the packet rate

Value for the packet rate in packets/second

Range of values

-

1 ... 80000000

Default:

The packet rate is set to

0.

The outgoing data stream is not limited.

If you do not select any parameters from the parameter list, the default value is used.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

451

Load control

10.1 Rate control

Result

The limitation of the outgoing data stream of the interface with the packet rate is enabled.

Further notes

You disable the function with the no rate-limit output command.

10.1.2.2

no rate-limit output

Description

With this command, you disable the packet rate for limiting the outgoing data stream of the interface.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no rate-limit-output

Result

The limitation of the outgoing data stream of the interface with the packet rate is disabled.

Further notes

You enable the function with the rate-limit-output command.

10.1.2.3

storm-control

Description

If several packets are sent to some or all nodes in a network at the same time, processing bottlenecks may occur. To prevent this, the sending of these packets can be delayed until the network load has fallen below a threshold.

This function is known as storm control.

With this command, you enable the storm control function for broadcast, multicast or unknown unicast packets of an interface.

452

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

Load control

10.1 Rate control

You configure the threshold value for the storm control function with the storm-control level command.

Note

Applications

Storm control is only supported on physical interfaces.

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: storm-control{broadcast|multicast|dlf}

The parameters have the following meaning:

Parameter broadcast multicast dlf

Description

Limits broadcast packets

Limits multicast packets

Limits unicast packets with unresolvable addresses

(dfl = destination lookup fail)

As default the function is "disabled" for all transfer types.

Note

Configuration of the threshold value

The default value for the storm control level is 0 packets per second.

The packets are sent without any delay even when there is high network load.

To have the sending of the packets delayed when necessary, configure the threshold value with the storm-control level command.

Result

The storm control function is enabled.

Further notes

You enable the function with the no storm-controlcommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

453

Load control

10.1 Rate control

You configure the threshold value for the storm control function with the storm-control level command.

10.1.2.4

no storm-control

Description

With this command, you disable the storm control function for broadcast, multicast or unknown unicast packets.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no storm-control{broadcast|multicast|dlf}

The parameters have the following meaning:

Parameters broadcast multicast dlf

Description

Disables broadcast storm control

Disables multicast storm control

Disables unknown unicast storm control if you call up the function without parameters, it is disabled for all types of transmission.

Result

The storm control function is disabled.

Further notes

You enable the function with the storm-control command.

10.1.2.5

storm-control level

Description

With this command, you configure the value for the storm control function.

454

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.1 Rate control

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: storm-control level <rate-value>

The parameters have the following meaning:

Parameter Description ratevalue

Value for the storm control level in packets per second

Range of values

The value range depends on the port speed. The entry is rounded down to the next valid value. If small values are entered, the value is rounded up to the next valid value.

Default:

The value for the storm control level is configured to 0 packets per second. The packets are sent without any delay even when there is high network load.

Result

The value for the storm control function is configured.

Further notes

You can reset the setting to the default with the no storm-control level command.

10.1.2.6

no storm-control level

Description

With this command, you reset the value for the storm control function to the default value.

The default value for the storm control level is 0 packets per second.

The packets are sent without any delay even when there is high network load.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

455

Load control

10.1 Rate control

Syntax

Call the command without parameters: no storm-control level

Result

The value for the storm control function is reset to the default.

Further notes

You configure the value for the storm control function with the storm-control level command.

456

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

10.2

Load control

10.2 Static MAC filtering

Static MAC filtering

This section describes commands for filtering data packet on an interface.

10.2.1

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

10.2.1.1

mac-address-table block static multicast

Description

With this command, you configure a static multicast MAC address without outgoing ports.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table block static multicast<aa:aa:aa:aa:aa:aa>vlan<vlan-id(1-4094)>

The parameters have the following meaning:

Parameters

vlan vlan-id

Description

MAC address of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Range of values aa:aa:aa:aa:aa:aa

-

1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

457

Load control

10.2 Static MAC filtering

Result

The static multicast MAC address is configured.

Further notes

You delete the static multicast MAC address with the no mac-address-table static multicast command.

10.2.1.2

mac-address-table static multicast

Description

With this command, you generate a static multicast MAC address entry in the forwarding database.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table static multicast<aa:bb:cc:dd:ee:ff>

vlan<vlan-id(1-4094)>

interface([<interface-type><0/a-b,0/c,...>]

[<interface-type><0/a-b,0/c,...>]

[port-channel<1-8>]])

[forbidden-ports([<interface-type><0/a-b,0/c,...>]

[<interface-type><0/ab,0/c, ...>]

[port-channel <1-8>]])

The parameters have the following meaning:

-

Parameter vlan vlan-id interface interfacetype

0/a-b, 0/ c,...

Description

MAC address of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Keyword for a an interface description

Type of interface

Slot no. and port no. of the interface

Values or range of values

aa:bb:cc:dd:ee:ff

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

458

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.2 Static MAC filtering

Parameter portchannel forbiddenports

Description

Specifies the name of a port channel

Keyword for the interface description of the blocked ports

-

Values or range of values

1-8

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is generated.

Further notes

With the show mac-address-table static multicast command, you display the list of configured entries.

With the no mac-address-table static multicast command, you delete an entry.

10.2.1.3

no mac-address-table static multicast

Description

With this command, you delete a static multicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static multicast<aa:aa:aa:aa:aa:aa>

vlan<vlan-id(1-4094)>

The parameters have the following meaning:

-

Parameters Description vlan vlan-id

MAC address of the interface

Keyword for the number of a VLAN connection

Number of the addressed VLAN

Values or range of values

aa:aa:aa:aa:aa:aa

1 ... 4094

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

459

Load control

10.2 Static MAC filtering

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is deleted.

Further notes

With the show mac-address-table static multicast command, you display the list of configured entries.

With the mac-address-table static multicast command, you create an entry.

10.2.1.4

mac-address-table static unicast

Description

With this command, you generate a static unicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table static unicast<aa:aa:aa:aa:aa:aa>

vlan<vlan-id(1-4094)>

interface([<interface-type><0/a-b, 0/c,...>]

[<interface-type><0/a-b, 0/c,...>]

[port-channel<a,b,c-d>])

The parameters have the following meaning:

-

Parameters vlan vlan-id interface interfacetype

Description

MAC address of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Keyword for a an interface description

Type or speed of the interface

Values or range of values

aa:aa:aa:aa:aa:aa

-

1 ... 4094

● gigabitethernet

● extreme-ethernet

460

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.2 Static MAC filtering

Parameters

0/a-b, 0/ c,...

port-channel

Description

Slot no. and port no. of the interface

Values or range of values

Enter a valid interface name a,b,c-d Specifies the name of a port channel

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is generated.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.

With the no mac-address-table static unicast command, you delete an entry.

10.2.1.5

no mac-address-table static unicast

Description

With this command, you delete a static unicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static unicast <aa:aa:aa:aa:aa:aa>

vlan<vlan-id(1-4094)>

The parameters have the following meaning:

-

Parameters vlan vlan-id

Description

MAC address of the interface

Keyword for a VLAN connection

Number of the addressed VLAN

Values aa:aa:aa:aa:aa:aa

-

1 ... 4094

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

461

Load control

10.2 Static MAC filtering

Result

The entry is deleted.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.

With the mac-address-table static unicast command, you create an entry.

10.2.2

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

10.2.2.1

switchport ingress-filter

Description

With incoming packets, the ingress filter checks whether the port on which the packet was received belongs to the sending VLAN. If this is not the case, the packet is not processed.

With this command, you enable the ingress filter.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: switchport ingress-filter

462

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.2 Static MAC filtering

Result

The ingress filter is activated.

Further notes

You disable the filter with the no switchport ingress-filter command.

You can display the status of the ingress filter and other settings with the show vlan port config command.

10.2.2.2

no switchport ingress-filter

Description

With this command, you disable the ingress filter.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport ingress-filter

Result

The ingress filter is deactivated.

Further notes

You enable the filter with the switchport ingress-filter command.

You can display the status of the ingress filter and other settings with the show vlan port config command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

463

Load control

10.3 Dynamic MAC aging

10.3

Dynamic MAC aging

The section describes commands with which the aging of dynamically learned entries is configured in a MAC address list.

10.3.1

show mac-address-table aging-time

Description

To ensure that the address entries are up-to-date, MAC addresses are only kept in the address table for a specified time.

This command shows the time after which the MAC addresses are removed from the address table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show mac-address-table aging-time

Result

The time is displayed.

10.3.2

show mac-address-table aging-status

Description

This command shows whether or not MAC aging is enabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

464

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.3 Dynamic MAC aging

Syntax

Call the command without parameters: show mac-address-table aging-status

Result

The status of the MAC aging is displayed.

10.3.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

10.3.3.1

mac-address-table aging-time

Description

With this command, you configure the aging of a dynamically learned entry in the MAC address list.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac-address-table aging-time <seconds(10-630)>

The parameter has the following meaning:

Parameter seconds

Description

Life of the entry in seconds

Range of values

10 ... 630

Default: 40

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

465

Load control

10.3 Dynamic MAC aging

Result

The value of the aging of a dynamically learned entry is configured.

Further notes

You can reset the setting to the default with the no mac-address-table aging-time command.

You display the setting with the show mac-address-table aging-time command.

10.3.3.2

no mac-address-table aging-time

Description

With this command, you reset the value for the aging of a dynamically learned entry in the

MAC address list to the default value.

The default value is 40 s.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no mac-address-table aging-time

Result

The value of the aging of a dynamically learned entry is reset to the default value.

Further notes

You configure the setting with the mac-address-table aging-time command.

You display the setting with the show mac-address-table aging-time command.

466

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.3 Dynamic MAC aging

10.3.3.3

mac-address-table aging

Description

With this command, you enable the "Aging" function. The "Aging" function ensures that an entry in the MAC address list that was learned dynamically is deleted again after a certain time.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: mac-address-table aging

Result

The "Aging" function is enabled.

Further notes

You configure the time with the mac-address-table aging-time command.

You disable the "Aging" function with the no mac-address-table aging command.

10.3.3.4

no mac-address-table aging

Description

With this command, you disable the "Aging" function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

467

Load control

10.3 Dynamic MAC aging no mac-address-table aging

Result

The "Aging" function is disabled.

Further notes

You enable the "Aging" function with the mac-address-table aging command.

468

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

10.4

Load control

10.4 Flow control

Flow control

The flow control function monitors the incoming data traffic of a port. If there is overload

("Congestion", "Overflow") it sends a signal to the connection partner. If the flow control function receives a signal at the sending end, it stops the data transmission to avoid loss of data.

This section describes commands of the flow control function.

10.4.1

show flow-control

Description

This command shows the settings of the flow control function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show flow-control [interface <interface-type><interface-id>]

The parameters have the following meaning:

Parameters Description interface

Keyword for a an interface description interfacetype

Type or speed of the interface interfaceid

Slot no. and port no. of the interface

Values

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the information for the router will be displayed.

Result

The settings of the flow control function are displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

469

Load control

10.4 Flow control

10.4.2

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

10.4.2.1

flowcontrol

Description

The flow control function monitors a connection at the receiving end to make sure that not more data is received than can be processed. If flow control detects a threat of data overflow, the partner at the sending end is sent a signal to stop transmitting.

With this command, you configure the flow control function for an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: flowcontrol {on|off}

The parameters have the following meaning:

Parameters on off

Description

Enables the function

Disables the function

Result

The settings are configured.

470

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.4 Flow control

Further notes

You can display the status of this function with the show flow-control command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

471

Load control

10.5 Service classes

10.5

Service classes

This section describes commands for configuring the assignment tables for service classes and the Differentiated Services Code Point (DSCP).

10.5.1

show qos cos-map

Description

This command shows assignment table for service classes.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos cos-map

Result

The assignment table for service classes is displayed.

10.5.2

show qos dscp-map

Description

This command shows assignment table for DSCP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

472

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.5 Service classes show qos dscp-map

Result

The assignment table for DSCP is displayed.

10.5.3

Commands in the Global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

10.5.3.1

qos

Description

With this command, you change to the QOS configuration mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: qos

Result

You are now in the QOS configuration mode.

The command prompt is as follows: cli(config-qos)#

Further notes

You exit the QOS configuration modewith the command end or exit.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

473

Load control

10.5 Service classes

10.5.4

Commands in the QOS configuration mode

This section describes commands that you can call up in the QOS configuration mode.

In the Global configuration mode, enter the qos command to change to this mode.

● If you exit the QOS configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the QOS configuration mode with the end command, you return to the Privileged

EXEC mode.

10.5.4.1

cos-map

Description

In a network, each data stream is assigned a service class that decides its priority. In special situations, it may be necessary to change this priority.

This change is made using a table in which the service classes are assigned to another queue.

With this command, you configure the assignment table for service classes.

Requirement

You are in the QOS Configuration mode.

The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters: cos-map <cos(0-7)> queue <queue(1-8)>

The parameters have the following meaning:

Parameter cos queue

Description

Service class

Queue that it is assigned to this service class

For the following default service classes, the rule applies accordingly.

Range of values

0 … 7

Default: 1

1 … 8

Default: 2

Result

The assignment table for service classes is configured.

474

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Load control

10.5 Service classes

10.5.4.2

dscp-map

Description

In a network, each IP packet is assigned a DSCP code that decides its priority. In special situations, it may be necessary to change this priority.

This change is made using a table in which the DSCP codes are assigned to another queue.

With this command, you configure the assignment table for DSCP codes.

Requirement

You are in the QOS Configuration mode.

The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters: dscp-map < dscp (0-63)> queue <queue(1-8)>

The parameters have the following meaning:

Parameter dscp queue

Description

DSCP code

Queue that is assigned to this DSCP code

The default settings are as follows:

● The DSCP codes 0 to 7 are assigned to queue 1.

● The DSCP codes 8 to 15 are assigned to queue 2.

The rules apply accordingly to the DSCP codes following.

Range of values

0 … 63

1 … 8

Result

The assignment table for DSCP codes is configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

475

Security and authentication

11

This part contains the sections that describe the access rights and authentication methods.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

477

Security and authentication

11.1 User rights management

11.1

User rights management

This section describes commands for access as administrator and the configuration of the authentication methods.

11.1.1

show users

Description

This command shows the logged-in CLI users.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: show users

Result

The logged-in CLI users are displayed.

11.1.2

whoami

Description

This command shows the user name of the logged in user.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

478

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result whoami

The user name of the logged in user is displayed.

Security and authentication

11.1 User rights management

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

479

Security and authentication

11.2 Radius client

11.2

Radius client

RADIUS (Remote Authentication Dial-In User Service) is a client/server protocol that allows the centralized authentication of users logging on in a physical or virtual network. This makes central administration of user data possible.

This section describes commands relevant for the configuration of this service.

11.2.1

show radius statistics

Description

This command shows the connection statistics from the RADIUS client to the RADIUS server.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: show radius statistics

Result

The connection statistics are displayed.

11.2.2

show radius server

Description

This command shows the RADIUS server configuration.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

480

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.2 Radius client

Syntax

Call up the command with the following parameters: show radius server [{ucast_addr}]

The parameters have the following meaning:

Parameters Description ucast_addr Value for an IPv4 unicast address

Range of values

Enter a valid unicast address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If no parameters are specified, all configured RADIUS servers are displayed.

Result

The RADIUS server configuration is displayed.

11.2.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.2.3.1

radius-server

Description

With this command, you configure a RADIUS server entry on the RADIUS client.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

481

Security and authentication

11.2 Radius client radius-server {ipv4 <ip address> | fqdn-name <FQDN(100)>} [auth-port

<number(1-65535)>] [retransmit <rtm(1-254)>][key<secret-key-string>]

[primary]

The parameters have the following meaning:

Parameter Description ipv4

Keyword for an IP address ip address

IPv4 Internet address of the Syslog server fqdn-name

FQDN(100)

Keyword for a domain name

Domain name (Fully Qualified Domain Name) auth-port

Keyword for the UDP port number for authentication number

Number of the port retransmit

Keyword for the number of connection retries rtm key secret-keystring

Maximum number of connection retries

Keyword for communication between the authenticator and the server

Value for the key primary

Identifies the RADIUS server as primary server -

Range of values

-

Format: 0.0.0.0

-

-

Maximum of 100 characters

-

1 … 65535

-

1 ... 254

46 characters

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If optional parameters are not specified when configuring, the following defaults apply:

Parameter auth-port retransmit secret-key-string

Default value

1812

3 empty string

Note

Primary server

In a network, only one RADIUS server can be selected as the primary server.

If you select a RADIUS server as the primary server, this replaces the server that previously had the role of primary server.

11.2.3.2

no radius-server

Description

With this command, you delete a RADIUS server entry on the RADIUS client.

482

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.2 Radius client

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no radius-server {ipv4 <ip address> | fqdn-name <FQDN(100)>}

[primary]

The parameters have the following meaning:

Parameter Description ipv4

Keyword for an IP address ip address

IPv4 Internet address of the Syslog server fqdn-name

FQDN(100)

Keyword for a domain name

Domain name (Fully Qualified Domain Name) primary

Identifies the RADIUS server as primary server

Range of values

-

Format: 0.0.0.0

-

-

Maximum of 100 characters

For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If optional parameters are not specified when configuring, the following defaults apply:

Result

The entry for a connection between the RADIUS client and a server or the identification as primary server is deleted.

Further notes

You configure the connection of a RADIUS client to a server with the radius-server command.

You show the configuration of a RADIUS server on the client with the show radius server command.

You show the statistical information of this function with the show radius statistics command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

483

Security and authentication

11.3 MAC access control list

11.3

MAC access control list

This section describes commands for working with MAC access control lists.

11.3.1

show access-lists

Description

This command shows the configuration of the access control lists (Access Control List).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show access-lists [ [{ip | mac}] <access-list-number (1-128)> ]

The parameters have the following meaning:

Parameters Description ip mac

Selects IP-based access lists (IP ACL)

Selects MAC-based access lists (MAC

ACL) access-list-number

Number of the access control list

-

-

Range of values

1 … 128

If you do not select any parameters from the parameter list, the configuration of all access control lists will be displayed.

Result

The configuration of the access control lists is displayed.

11.3.2

show interface access lists

Description

This command shows the access control list of one or all interfaces.

484

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Security and authentication

11.3 MAC access control list

Syntax

Call up the command with the following parameters: show interface access-lists<interface-type><interface-id>]

The parameters have the following meaning:

Parameters interfacetype

Description

Type or speed of the interface

Values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interfaceid

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameter from the parameter list, the configuration is displayed for all available IP interfaces.

Result

The access control list of the selected IP interface is displayed.

11.3.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.3.3.1

mac access-list extended

Description

With this command, you generate a MAC access control list and change to the MAC ACL configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

485

Security and authentication

11.3 MAC access control list

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: mac access-list extended<access-list-number(1-128)>

The parameter has the following meaning:

Parameters access-list-number

Description

Number of the access control list

Range of values

1 ... 128

Result

A MAC access control list has been generated.

You are now in the MAC ACL configuration mode.

The command prompt is as follows: cli(config-ext-macl)#

Further notes

You delete the MAC access control list with the no mac access-list extended command.

You exit the MAC ACL configuration mode with the exit command.

You display the configuration of the access control list with the show access-lists command.

11.3.3.2

no mac access-list extended

Description

With this command, you delete a MAC access control list.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

486

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.3 MAC access control list

Syntax

Call up the command with the following parameters: no mac access-list extended<short(1-128)>

The parameter has the following meaning:

Parameters short

Description

Number of the access control list

Range of values

1 ... 128

Result

The MAC access control list is deleted.

Further notes

You generate a MAC ACL with the mac access-list extended command.

You display the configuration of the access control list with the show access-lists command.

11.3.4

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

11.3.4.1

mac access-group

Description

With this command, you enable the access control of the packets of an interface.

Requirement

● A MAC access control list has been created.

You are in the Interface Configuration mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

487

Security and authentication

11.3 MAC access control list

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: mac access-group <access-list-number(1-128)>{in|out}

The parameters have the following meaning:

Parameters access-listnumber in out

Description

Number of the access control list

Specifies that incoming packets are filtered

Specifies that outgoing packets are filtered -

-

Values

1 ... 128

Result

The packets are filtered according to the access control list (ACL).

Further notes

You disable the setting with the no mac access-group command.

You display the statistical data of the access control list with the show access-lists command.

11.3.4.2

no mac access-group

Description

With this command, you disable the access control of the packets of an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no mac access-group <access-list-number(1-128)>{in|out}

The parameters have the following meaning:

488

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameters access-listnumber in out

Description

Number of the access control list

Specifies that incoming packets are filtered

Specifies that outgoing packets are filtered

Security and authentication

11.3 MAC access control list

-

-

Values

1 ... 128

Result

The packet filtering according to the access control list (ACL) is canceled.

Further notes

You enable the setting with the mac access-group command.

You display the configuration of the access control list with the show access-lists command.

11.3.5

Commands in the MAC ACL configuration mode

This section describes commands that you can call up in the MAC ACL configuration mode.

In the Global configuration mode, enter the mac access-list extended command to change to this mode.

● If you exit the MAC ACL configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the MAC ACL configuration mode with the end command, you return to the

Privileged EXEC mode.

11.3.5.1

permit

Description

With this command, you configure a MAC address control list that describes the MAC addresses for which incoming and/or outgoing data traffic is permitted.

The access control list contains only one entry. If you want to lock or permit further addresses, create a new access control list.

Note

Processing order of the lists

The access control lists are processed on he interface in the order in which they were created.

The index number of the access control list is not used for this.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

489

Security and authentication

11.3 MAC access control list

Requirement

You are in the MAC ACL Configuration mode.

The command prompt is as follows: cli(config-ext-macl)#

Syntax

Call up the command with the following parameters: permit {any|host<src-mac-address>}{any|host<dest-mac-address>}

The parameters have the following meaning:

Parameter Description Values any host

Keyword for "all"

Keyword for the MAC address of an incoming connection that is permitted

-

src-mac-address MAC address of the permitted incoming connection

Enter a valid MAC address any

Keyword for "all" host dest-macaddress

Keyword for the MAC address of an outgoing connection that is permitted

-

MAC address of the permitted outgoing connection Enter a valid MAC address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Note

MAC address input

Use "any", if the rule is to apply to all src and/or dest MAC addresses. This corresponds to the MAC address "00:00:00:00:00:00".

Result

The MAC access control list is configured.

Further notes

You exit the MAC ACL Configuration mode with the exit command.

You delete the MAC access control list with the no mac access-list extended command.

You display the configuration of the access control list with the show access-lists command.

490

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.3 MAC access control list

11.3.5.2

deny

Description

With this command, you configure a MAC address control list that describes the MAC addresses for which incoming and/or outgoing data traffic is locked.

The access control list contains only one entry. If you want to lock or permit further addresses, create a new access control list.

Note

Processing order of the lists

The access control lists are processed on he interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the MAC ACL Configuration mode.

The command prompt is as follows: cli(config-ext-macl)#

Syntax

Call up the command with the following parameters: deny {any|host<src-mac-address>}{any|host<dest-mac-address>}

The parameters have the following meaning:

Parameter any host

Description

Keyword for "all"

Keyword for the MAC address of an incoming connection that is locked src-mac-address MAC address of the locked incoming connection any host

Keyword for "all"

Keyword for the MAC address of an outgoing connection that is locked

MAC address of the locked outgoing connection

-

-

Values

-

-

Enter a valid MAC address dest-macaddress

Enter a valid MAC address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

491

Security and authentication

11.3 MAC access control list

Note

MAC address input

Use "any", if the rule is to apply to all src and/or dest MAC addresses. This corresponds to the MAC address "00:00:00:00:00:00".

Result

The MAC access control list is configured.

Further notes

You exit the MAC ACL Configuration mode with the exit command.

You delete the MAC access control list with the no mac access-list extended command.

You display the configuration of the access control list with the show access-lists command.

492

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

11.4

Security and authentication

11.4 IP access control list

IP access control list

This section describes commands for working with IP access control lists.

11.4.1

Commands in the Global Configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.4.1.1

ip access-list

Description

With this command, you generate a MAC access control list and change to the ACL standard configuration mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip access-list standard<access-list-number(1-1000)>

The parameters have the following meaning:

Parameter standard access-list-number

Description

Specifies that a standard access control list is generated

Number of the standard access control list

-

Range of values

1 ... 1000

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

493

Security and authentication

11.4 IP access control list

Result

The access control list has been generated.

You are now in the ACL Standard Access Control List configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Further notes

You delete the IP access control list with the no ip access-list command.

You exit the ACL Standard Access List configuration mode with the exit command.

You display the configuration of the access control list with the show access-lists command.

11.4.1.2

no ip access-list

Description

With this command, you delete an IP access control list.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip access-list standard<access-list-number(1-1000)

The parameters have the following meaning:

Parameters standard access-listnumber

Description

Specifies that a standard access control list is generated

Number of the standard access control list

Range of values

-

1 ... 1000

Result

The access control list is deleted.

494

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

Further notes

You generate an IP access control list with the ip access-list command.

You display the configuration of the access control list with the show access-lists command.

11.4.2

Commands in the Interface Configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

11.4.2.1

ip access-group

Description

With this command, you enable the access control of the packets of an interface.

Requirement

● An IP access list has been created.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ip access-group <access-list-number(1-65535)>{in|out}

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

495

Security and authentication

11.4 IP access control list

Parameters access-list-number in out

Description

Number of the access control list

Specifies that incoming packets are filtered

Specifies that outgoing packets are filtered

Values

-

-

1 ... 65535

Note

Restrictions when filtering layer 2 interfaces

The filtering of outgoing packets is not supported on layer 2 interfaces

Filtering on a layer 2 interface using an IP access control list is only effective for IP packets.

To filter packets with other data formats, use an expanded MAC access control list.

Result

The packets are filtered according to the access control list (ACL).

Further notes

You disable the setting with the no ip access-group command.

You show the configuration of the access control list with the show access-lists command.

11.4.2.2

no ip access-group

Description

With this command, you disable the access control of the packets of an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no ip access-group [<access-list-number(1-65535)>]{in|out}

The parameters have the following meaning:

496

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

Parameters access-list-number in out

Description

Number of the access control list

Specifies that incoming packets are filtered

Specifies that outgoing packets are filtered

Values

-

-

1 ... 65535

If you do not specify a number of for an access control list, all lists are deleted.

Result

The packet filtering according to the access control list (ACL) is canceled.

Further notes

You enable the setting with the ip access-group command.

You show the configuration of the access control list with the show access-lists command.

11.4.3

Commands in the ACL standard configuration mode

This section describes commands that you can call up in the ACL standard configuration mode.

In the Global configuration mode, enter the ip access-list standard <acl-num> command, to change to the configuration mode for this ACL. If an ACL with the specified number does not exist, an ACL with the corresponding number is created.

Note

You can display existing access control lists with the show access-lists command.

● If you exit the ACL standard configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the ACL standard configuration mode with the end command, you return to the

Privileged EXEC mode.

11.4.3.1

permit

Description

With this command, you configure an IP access control list. The IP ACL contains a description of the IP addresses for which the incoming and outgoing frames will be forwarded.

You have the following options:

● All incoming and/or outgoing frames are forwarded.

● Incoming and/or outgoing frames of a specific host are forwarded.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

497

Security and authentication

11.4 IP access control list

● Incoming and/or outgoing frames of hosts of a specific subnet are forwarded.

● Incoming and/or outgoing frames of a specific protocol are forwarded.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters: permit {any | host <src-ip> | <network-src-ip> <mask>} [{any | host

<dest-ip> | <network-dest-ip> <mask>}] or permit {any | ospf | vrrp | <protocol-type type(1-255)>} {any | host

<src-ip> | <network-src-ip> <mask>} {any | host <dest-ip> | <dest-ip>

<mask>} [dscp <value(0-63)>]

The parameters have the following meaning:

Parameter Description any ospf vrrp protocol-type mask any host dest-ip

Allows all protocols.

Forwarding of OSPF frames.

Forwarding of VRRP frames.

Keyword for the protocol type type any

Protocol type

Allows all incoming frames host src-ip

Keyword for a 32 bit long subnet mask.

Source IP address network-src-ip

Network source address

Corresponding subnet mask

Allows all outgoing frames

Keyword for a 32 bit long subnet mask.

Destination IP address network-dest-ip Network destination address mask

Corresponding subnet mask

Values

-

-

-

-

-

1 ... 255

-

Enter a valid IP address.

Enter a valid combination of

IP address and subnet mask.

-

-

Enter a valid IP address.

Enter a valid combination of

IP address and subnet mask.

498

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter dscp value

Security and authentication

11.4 IP access control list

Description Values

Keyword for the Differentiated Services

Codepoint

-

Value for the Differentiated Services Codepoint 0 ... 63

Result

The IP access list has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a host (one IP address), you will need to specify a 32-bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.2

deny

Description

With this command, you configure an IP access control list. The IP ACL contains a description of the IP addresses for which the incoming and outgoing frames will not be forwarded.

You have the following options:

● All incoming and/or outgoing frames are not forwarded.

● Incoming and/or outgoing frames of a specific host are not forwarded.

● Incoming and/or outgoing frames of hosts of a specific subnet are not forwarded.

● Incoming and/or outgoing frames of a specific protocol are not forwarded.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

499

Security and authentication

11.4 IP access control list

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters: deny {any | host <src-ip> | <network-src-ip> <mask>} [ { any | host

<dest-ip> | <network-dest-ip> <mask>}] or deny {any | ospf | vrrp | <protocol-type type(1-255)>} {any | host

<src-ip> | <network-src-ip> <mask>} {any | host <dest-ip> | <dest-ip>

<mask>} [dscp <value(0-63)>]

The parameters have the following meaning:

Parameter Description Values any ospf vrrp protocol-type

Blocks all protocols.

Blocks OSPF frames.

Blocks VRRP frames.

Keyword for the protocol type type any host

Protocol type

Blocks all incoming frames

Keyword for a 32 bit long subnet mask.

Source IP address src-ip network-src-ip

Network source address mask

Corresponding subnet mask

-

-

-

-

-

-

1 ... 255 enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

any host

Blocks all outgoing frames

Keyword for a 32 bit long subnet mask.

-

dest-ip mask value dscp value

Destination IP address network-dest-ip Network destination address enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

Corresponding subnet mask

Value

-

0 ... 63

Keyword for the Differentiated Services

Codepoint

Value for the Differentiated Services Codepoint 0 ... 63

Result

The IP access list has been configured.

500

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.3

permit icmp

Description

With this command, you configure an IP access control list for ICMP messages.

You have the following options:

● All incoming and/or outgoing ICMP messages are forwarded.

● Incoming and/or outgoing ICMP messages of a specific host are forwarded.

● Incoming and/or outgoing ICMP messages of hosts of a specific subnet are forwarded.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

501

Security and authentication

11.4 IP access control list permit icmp {any | host <src-ip> | <network-src-ip> <mask>} [{any | host <dest-ip> | <network-dest-ip> <mask>}] [<message-type type(0-255)>] [<message-code code(0-255)>]

The parameters have the following meaning:

Parameter Description any host

Allows all incoming frames

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask any host dest-ip

Corresponding subnet mask

Allows all outgoing frames

Keyword for a 32 bit long subnet mask.

Destination IP address network-dest-ip Network destination address mask

Corresponding subnet mask message-type type message-code code

Keyword for the ICMP message type

ICMP message type

Keyword for the ICMP message code

ICMP message code

Values

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

-

0 ... 255

-

0 ... 255

Result

The IP access list for ICMP messages has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

502

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

11.4.3.4

deny icmp

Description

With this command, you configure an IP access control list for ICMP messages.

You have the following options:

● All incoming and/or outgoing ICMP messages are not forwarded.

● Incoming and/or outgoing ICMP messages of a specific host are not forwarded.

● Incoming and/or outgoing ICMP messages of hosts of a specific subnet are not forwarded.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters: deny icmp {any | host <src-ip> | <network-src-ip> <mask>} [{any | host <dest-ip> | <network-dest-ip> <mask>}] [<message-type type(0-255)>] [<message-code code(0-255)>]

The parameters have the following meaning:

Parameter Description any host

Blocks all incoming frames

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask any host dest-ip

Corresponding subnet mask

Blocks all outgoing frames

Keyword for a 32 bit long subnet mask.

Destination IP address network-dest-ip Network destination address mask

Corresponding subnet mask

Values

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

503

Security and authentication

11.4 IP access control list

Parameter message-type type message-code code

Description

Keyword for the ICMP message type

ICMP message type

Keyword for the ICMP message code

ICMP message code

Result

Values

-

0 ... 255

-

0 ... 255

The IP access list for ICMP messages has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.5

permit tcp

Description

With this command, you configure an IP access control list for the TCP protocol.

You have the following options:

● All incoming and/or outgoing TCP segments are forwarded.

● Incoming and/or outgoing TCP segments of a specific host are forwarded.

● Incoming and/or outgoing TCP segments of hosts of a specific subnet are forwarded.

● Incoming and/or outgoing TCP segments are forwarded to specific ports.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

504

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters: permit tcp {any | host <src-ip> | <network-src-ip> <mask>}

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [{any | host <dest-ip> | <network-dest-ip> <mask>}]

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [dscp<value(0-63)>] [{ack | rst}]

The parameters have the following meaning:

Parameter Description Values any host

Forwards all incoming TCP segments.

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask port-number gt lt

Corresponding subnet mask

Port number

Keyword for port numbers higher than the specified number (gt: greater than).

Keyword for port numbers lower than the specified number (lt: less than).

-

-

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

1 ... 65535 eq range any

Keyword for a specific port number (eq:equal). -

Keyword for a range of port numbers. Following this, the first and last port number of the range is specified.

-

Forwards all outgoing TCP segments.

Keyword for a 32 bit long subnet mask.

-

host dest-ip mask dscp value

Destination IP address network-dest-ip Network destination address enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

Corresponding subnet mask

Keyword for the Differentiated Services

Codepoint

-

Value for the Differentiated Services Codepoint 0 ... 63 ack rst

Forwards ACK segments.

Forwards RST segments.

-

-

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

505

Security and authentication

11.4 IP access control list

Result

The IP access list for TCP segments has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.6

deny tcp

Description

With this command, you configure an IP access control list for the TCP protocol.

You have the following options:

● All incoming and/or outgoing TCP segments are not forwarded.

● Incoming and/or outgoing TCP segments of a specific host are not forwarded.

● Incoming and/or outgoing TCP segments of hosts of a specific subnet are not forwarded.

● Incoming and/or outgoing TCP segments are not forwarded to specific ports.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

506

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Syntax

Result

Security and authentication

11.4 IP access control list

Call up the command with the following parameters: deny tcp {any | host <src-ip> | <network-src-ip> <mask>} [{ gt <portnumber(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [{any | host <dest-ip> | <network-dest-ip> <mask>}]

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [dscp<value(0-63)>] [{ack | rst}]

The parameters have the following meaning:

Parameter Description Values any host

Blocks all incoming TCP segments

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask port-number gt lt

Corresponding subnet mask

Port number

Keyword for port numbers higher than the specified number (gt: greater than).

Keyword for port numbers lower than the specified number (lt: less than).

-

-

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

1 ... 65535 eq range any

Keyword for a specific port number (eq:equal). -

Keyword for a range of port numbers. Following this, the first and last port number of the range is specified.

-

Blocks all outgoing TCP segments

Keyword for a 32 bit long subnet mask.

-

host dest-ip mask dscp value

Destination IP address network-dest-ip Network destination address enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

Corresponding subnet mask

Keyword for the Differentiated Services

Codepoint

-

Value for the Differentiated Services Codepoint 0 ... 63 ack rst

Blocks ACK segments

Blocks RST segments -

-

The IP access list for TCP segments has been configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

507

Security and authentication

11.4 IP access control list

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.7

permit udp

Description

With this command, you configure an IP access control list for the UDP protocol.

You have the following options:

● All incoming and/or outgoing UDP datagrams are forwarded.

● Incoming and/or outgoing UDP datagrams of a specific host are forwarded.

● Incoming and/or outgoing UDP datagrams of hosts of a specific subnet are forwarded.

● Incoming and/or outgoing UDP datagrams are forwarded to specific ports.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

508

Call up the command with the following parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list permit udp {any | host <src-ip> | <network-src-ip> <mask>}

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [{any | host <dest-ip> | <network-dest-ip> <mask>}]

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [dscp<value(0-63)>]

The parameters have the following meaning:

Parameter Description Values any host

Forwards all incoming TCP segments.

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask port-number gt lt

Corresponding subnet mask

Port number

Keyword for port numbers higher than the specified number (gt: greater than).

Keyword for port numbers lower than the specified number (lt: less than).

-

-

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

1 ... 65535 eq range any

Keyword for a specific port number (eq:equal). -

Keyword for a range of port numbers. Following this, the first and last port number of the range is specified.

-

Forwards all outgoing TCP segments.

Keyword for a 32 bit long subnet mask.

-

host dest-ip mask dscp value

Destination IP address network-dest-ip Network destination address enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

Corresponding subnet mask

Keyword for the Differentiated Services

Codepoint

-

Value for the Differentiated Services Codepoint 0 ... 63

Result

The IP access list for UDP datagrams has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

509

Security and authentication

11.4 IP access control list

Further notes

You delete an IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

11.4.3.8

deny udp

Description

With this command, you configure an IP access control list for the UDP protocol.

You have the following options:

● All incoming and/or outgoing UDP datagrams are not forwarded.

● Incoming and/or outgoing UDP datagrams of a specific host are not forwarded.

● Incoming and/or outgoing UDP datagrams of hosts of a specific subnet are not forwarded.

● Incoming and/or outgoing UDP datagrams are not forwarded to specific ports.

Note

Processing order of the lists

The access control lists are processed on the interface in the order in which they were created.

The index number of the access control list is not used for this.

Requirement

You are in the ACL standard configuration mode.

The command prompt is as follows: cli(config-std-nacl)#

Syntax

Call up the command with the following parameters: deny udp {any | host <src-ip> | <network-src-ip> <mask>} [{ gt <portnumber(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [{any | host <dest-ip> | <network-dest-ip> <mask>}]

[{ gt <port-number(1-65535)> | lt <port-number(1-65535)> | eq <portnumber(1-65535)> | range <port-number (1-65535)> <port-number

(1-65535)>}] [dscp<value(0-63)>]

The parameters have the following meaning:

510

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.4 IP access control list

Parameter Description Values any host

Blocks all incoming TCP segments

Keyword for a 32 bit long subnet mask.

src-ip

Source IP address network-src-ip

Network source address mask port-number gt lt

Corresponding subnet mask

Port number

Keyword for port numbers higher than the specified number (gt: greater than).

Keyword for port numbers lower than the specified number (lt: less than).

-

-

-

enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

1 ... 65535 eq range any

Keyword for a specific port number (eq:equal). -

Keyword for a range of port numbers. Following this, the first and last port number of the range is specified.

-

Blocks all outgoing TCP segments

Keyword for a 32 bit long subnet mask.

-

host dest-ip mask dscp value

Destination IP address network-dest-ip Network destination address enter a valid IP address.

enter a valid combination of

IP address and subnet mask.

Corresponding subnet mask

Keyword for the Differentiated Services

Codepoint

-

Value for the Differentiated Services Codepoint 0 ... 63

Result

The IP access list for UDP datagrams has been configured.

Note

Subnet mask for individual hosts

If you create the rule for a single system (one IP address), you will need to specify a 32-Bit long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the keyword "host" followed by the IP address.

Further notes

You delete the IP access control list with the no ip access-list standard <aclnum> command.

You display the configuration of the access control list with the show access-lists command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

511

Security and authentication

11.5 Port Access Control List Locked Ports

11.5

Port Access Control List Locked Ports

With the Port Access Control List Locked Ports, MAC addresses that do not age are collected on a port after the start command. With the stop command, these addresses are converted to static entries in the address list and the aging is reactivated for all the addresses that follow.

If the learning of addresses on this port is then disabled, data packets are only forwarded to the static addresses entered in the table.

This section describes commands relevant for the configuration of this function.

11.5.1

show lock port

Description

This command shows whether or not the learning of MAC entries is enabled or locked on an interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show lock port [< ifXtype >< ifnum >]

The parameters have the following meaning:

Parameters ifXtype ifnum

Description

Type or speed of the interface

Slot no. and port no. of the interface

Range of values

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select an interface, the configuration of all interfaces is displayed.

Result

The configuration of the interface for the learning of MAC entries is displayed.

512

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.5 Port Access Control List Locked Ports

11.5.2

Commands in the Global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.5.2.1

clear-all-static-unicast

Description

With this command, you delete all static unicast MAC address entries from the MAC address table.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: clear-all-static-unicast

Result

The static unicast MAC address entries are deleted from the MAC address table.

11.5.2.2

auto-learn

Description

With this command, you change to the AUTOLEARN mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

513

Security and authentication

11.5 Port Access Control List Locked Ports

Syntax

Call the command without parameters: auto-learn

Result

You are now in the AUTOLEARN mode.

The command prompt is as follows: cli(config-auto-learn)#

Further notes

You exit the AUTOLEARN configuration modewith the command end or exit.

11.5.3

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

11.5.3.1

switchport lock

Description

With this command, you block the learning of MAC entries. Only the static address entries of the MAC address list are used on the port.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

514

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.5 Port Access Control List Locked Ports

Syntax

Call the command without parameters: switchport lock

Result

The learning of MAC addresses is blocked.

Further notes

You permit the learning of MAC addresses with the no switchport lock command.

11.5.3.2

no switchport lock

Description

With this command, you enable the learning of MAC addresses.

Requirement

You are in the interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport lock

Result

The learning of MAC addresses is enabled.

Further notes

You block the learning of MAC addresses with the switchport lock command.

11.5.4

Commands in the AUTOLEARN mode

This section describes commands that you can call up in the AUTOLEARN mode.

In the Global configuration mode, enter the auto-learn command to change to this mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

515

Security and authentication

11.5 Port Access Control List Locked Ports

● If you exit the AUTOLEARN mode with the exit command, you return to the Global configuration mode.

● If you exit the AUTOLEARN mode with the end command, you return to the Privileged

EXEC mode.

11.5.4.1

start

Description

With this command, you start automatic learning. During automatic learning, the aging time is disabled for all learned addresses.

Requirement

You are in the AUTOLEARN mode.

The command prompt is as follows: cli(config-auto-learn)#

Syntax

Call the command without parameters: start

Result

The learned MAC addresses are entered in the port database with the aging time 0 (the entries are NOT deleted when the mac address aging time expires).

Further notes

You stop automatic learning with the stop command.

11.5.4.2

stop

Description

With this command, you stop automatic learning and convert all learned MAC addresses to static entries.

Requirement

You are in the AUTOLEARN mode.

The command prompt is as follows:

516

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.5 Port Access Control List Locked Ports cli(config-auto-learn)#

Syntax

Call the command without parameters: stop

Result

Automatic learning is stopped and all learned entries are converted to static entries.

Further notes

You start automatic learning with the start command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

517

Security and authentication

11.6 Management Access Control List

11.6

Management Access Control List

This section describes the commands relevant for working with the management access control list.

11.6.1

show authorized-managers

Description

This command shows the information about the configuration of the authorized managers.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show authorized-managers[ip-source<ip-address>]

The parameters have the following meaning:

Parameters Description Range of values ip-source

Keyword for the network or host address ip-address Value for an IP address

Enter a valid IP address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The information about the configuration of the authorized managers is displayed.

11.6.2

Commands in the Global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

518

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.6 Management Access Control List

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.6.2.1

authorized-manager

Description

With this command, you enable the authorized manager.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: authorized-manager

Result

The function is enabled.

Further notes

You disable the function with the no authorized-manager command.

11.6.2.2

no authorized-manager

Description

With this command, you disable the authorized manager.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

519

Security and authentication

11.6 Management Access Control List no authorized-manager

Result

The function is disabled.

Further notes

You enable the function with the authorized-manager command.

11.6.2.3

authorized-manager ip-source

Description

With this command, you configure the interfaces and protocols via which an authorized manager is allowed to access the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: authorized-manager ip-source <ip-address>

[{<subnet-mask>|/<prefixlength(1-32)>}]

[interface[<interface-type<0/a-b,0/c,...>]

[<interface-type<0/a-b,0/c,...>]]

[vlan<a,b or a-b or a,b,c-d>]

[cpu0]

[service[snmp][telnet][http][https][ssh]]

The parameters have the following meaning:

Parameter Description ip-address interfacetype

Specifies the network or the IP address for which the IP manager is authorized subnet-mask

Subnet mask that restricts the authorization prefixlength

Decimal representation of the mask as a number of "1" bits interface

Keyword for a an interface description

Type of interface

Range of values

Enter a valid IP address or a network

Enter a valid mask

1 ... 32

-

● gigabitethernet

● extreme-ethernet

520

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.6 Management Access Control List

Parameter

0/a-b,0/ c,...

vlan a,b or a-b or a,b,c-d cpu0

Description

Slot no. and port no. of the interface

Keyword for a VLAN connection

Number of a VLAN or VLAN range

Range of values

Enter a valid interface name

-

enter a valid VLAN or VLAN range service the Out of Band interface is configured as a management Interface

Specifies the services for which the manager is authorized.

You can select several options.

● snmp

● telnet

● http

● https

● ssh

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

The IP address 0.0.0.0 means "any manager"

If optional parameters are not specified when configuring, the following defaults apply:

● The manager is authorized for all services.

Note

Configuration of the first entry

As long as the list of authorized managers is empty, access to the system is not restricted.

As soon as the list contains an entry and the "authorized-manager" command is executed, access to the system is blocked for all others.

You should therefore configure the interface via which you access the system first because your access is otherwise blocked.

Result

The interfaces and protocols via which an authorized manager is allowed to access the device are configured.

Note

No restrictions for console port

The restrictions do not apply to the serial console (console port).

Further notes

You delete an interface for access of an authorized manager with the no authorizedmanager ip-source command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

521

Security and authentication

11.6 Management Access Control List

You show the information about the configuration of the authorized managers with the show authorized-manager command.

11.6.2.4

no authorized-manager ip-source

Description

With this command, you delete an interface via which an authorized manager is allowed to access the device.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: authorized-manager ip-source <ip-address>

[{<subnet-mask>|/<prefixlength(1-32)>}]

The parameters have the following meaning:

Parameters Description ip-address

Specifies the network or the IP address for which the

IP manager is authorized subnet-mask

Subnet mask that restricts the authorization prefixlength

Decimal representation of the mask as a number of

"1" bits

Range of values

Enter a valid IP address or a network

Enter a valid mask

1 ... 32

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

An authorized manager is deleted from the list.

Further notes

You configure the interfaces and protocols via which an authorized manager is allowed to access the device with the authorized-manager ip-source command.

You show the information about the configuration of the authorized managers with the show authorized-manager command.

522

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

11.7

Security and authentication

11.7 Port Based Network Access Control

Port Based Network Access Control

This section describes commands for working with port-based network access control (PNAC).

11.7.1

show dot1x

Description

This command shows information about port-based network access control (PNAC).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show dot1x[{interface<interface-type><interface-id>|

statistics interface<interface-type><interface-id>}]

The parameters have the following meaning:

Parameters interface interface-type interface-id statistics interface

Description

Keyword for a an interface description

Type or speed of the interface

Slot no. and port no. of the interface

Keyword for the display of the statistical data of the dot1x Authenticator for an interface

Type or speed of the interface

Values

-

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interface-type

● gigabitethernet

● extreme-ethernet

Enter a valid interface name interface-id

Slot no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The dot1x information is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

523

Security and authentication

11.7 Port Based Network Access Control

11.7.2

show dot1x guest-vlan mac-info

Description

This command displays which MAC address and which port are assigned to a guest VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dot1x guest-vlan mac-info

Result

A list with guest VLAN, MAC address and port is displayed.

11.7.3

show dot1x mac-auth mac-info

Description

This command shows the MAC addresses for which MAC authentication is enabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dot1x mac-auth mac-info

Result

A list of the MAC addresses is displayed.

524

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control

11.7.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

11.7.4.1

dot1x guest-vlan

Description

With this command, you enable the guest VLAN function for the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: dot1x guest-vlan

Result

The guest VLAN function is enabled for the device.

Further notes

You also still need to enable the guest VLAN function for every port intended to use this function. You do this with the dot1x guest-vlan command in the Interface configuration mode.

You disable the function with the no dot1x guest-vlan command

11.7.4.2

no dot1x guest-vlan

Description

With this command, you disable the guest VLAN function for the device.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

525

Security and authentication

11.7 Port Based Network Access Control

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no dot1x guest-vlan

Result

The guest VLAN function is disabled for the device.

11.7.4.3

dot1x mac-auth

Description

With this command, you enable MAC authentication for the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: dot1x mac-auth

Result

MAC authentication is enabled for the device.

Further notes

You also still need to enable MAC authentication for every port intended to use this function.

You do this with the dot1x mac-auth command in the Interface configuration mode.

You disable the function with the no dot1x mac-auth command

526

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control

11.7.4.4

no dot1x mac-auth

Description

With this command, you disable MAC authentication for the device.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no dot1x mac-auth

Result

MAC authentication is disabled for the device.

11.7.5

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

11.7.5.1

dot1x guest-vlan

Description

With this command, you enable the guest VLAN function for a port.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

527

Security and authentication

11.7 Port Based Network Access Control

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x guest-vlan

Result

The guest VLAN function is enabled for the device.

Further notes

You also need to enable the guest VLAN function for the device. You do this with the dot1x guest-vlan command in the Global configuration mode.

You disable the function with the no dot1x guest-vlan command

11.7.5.2

no dot1x guest-vlan

Description

With this command, you disable the guest VLAN function for a port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x guest-vlan

Result

The guest VLAN function is disabled for the device.

528

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control

11.7.5.3

dot1x guest-vlan vlan-id

Description

With this command, you configure a guest VLAN for a port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x guest-vlan vlan-id <vlan-id (1 - 4096)

The parameters have the following meaning:

Parameter

vlan

Description

Keyword for the VLAN ID

VLAN ID

Range of values

-

1 - 4096

Result

The guest VLAN ID is assigned to the port.

11.7.5.4

no dot1x guest-vlan vlan-id

Description

With this command, the guest VLAN ID is reset to the default value 1.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x guest-vlan vlan-id

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

529

Security and authentication

11.7 Port Based Network Access Control

Result

The ID of the guest VLAN has the value 1.

11.7.5.5

dot1x guest-vlan reset

Description

This command removes MAC addresses from the guest VLAN. If you specify a MAC address, only this MAC address is removed from the guest VLAN. If you use this command without parameters, all MAC addresses are removed from the guest VLAN.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x guest-vlan reset [mac <aa:aa:aa:aa:aa:aa>]

The parameter has the following meaning:

Parameter mac aa:aa:aa:aa:aa:aa

Description

Keyword for the MAC address

MAC address to be removed from the guest VLAN.

-

-

Range of values

Result

The specified MAC address or all MAC addresses are no longer assigned to the guest VLAN.

11.7.5.6

set dot1x guest-vlan mac-addr count

Description

With this command, you specify how many end devices are allowed to be connected to the port at the same time.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows:

530

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: set dot1x guest-vlan mac-addr count <num-of-addresses (1-100)>

The parameter has the following meaning:

Parameter num-of-addresses

Description

Maximum number of devices

Range of values

1 ... 100

Result

The maximum number of devices for the port has been specified.

11.7.5.7

dot1x mac-auth

Description

With this command, you enable MAC authentication for a port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x mac-auth

Result

MAC authentication is enabled for a port.

Further notes

You also still need to enable MAC authentication for the device. You do this with the dot1x mac-auth command in the Global configuration mode.

You disable the function with the no dot1x mac-auth command

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

531

Security and authentication

11.7 Port Based Network Access Control

11.7.5.8

no dot1x mac-auth

Description

With this command, you disable MAC authentication for a port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x mac-auth

Result

MAC authentication is disabled for a port.

11.7.5.9

dot1x mac-auth port reset

Description

With this command, you reset MAC authentication for a port.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x mac-auth port [mac <aa:aa:aa:aa:aa:aa>] reset

The parameters have the following meaning:

532

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Parameter mac aa:aa:aa:aa:aa:aa

Security and authentication

11.7 Port Based Network Access Control

Description

Keyword for a MAC address

MAC address of the interface

Range of values

aa:aa:aa:aa:a a:aa

Result

MAC authentication is reset for the port.

11.7.5.10 dot1x mac-auth vlan-assign

Description

With this command you enable the assignment of the VLAN ID for a MAC address by the

RADIUS server.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x mac-auth vlan-assign

Result

The VLAN ID for a MAC address is assigned by the RADIUS server.

11.7.5.11 no dot1x mac-auth vlan-assign

Description

With this command you disable the assignment of the VLAN ID for a MAC address by the

RADIUS server.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

533

Security and authentication

11.7 Port Based Network Access Control cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x mac-auth vlan-assign

Result

The VLAN ID for a MAC address is no longer assigned by the RADIUS server.

11.7.5.12 dot1x port-control

Description

With this command, you configure port control parameter of the authenicator.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x port-control {auto|force-authorized|force-unauthorized}

The parameters have the following meaning:

Parameter auto forceauthorized

Description

Authentication according to IEEE 802.1x is enabled for the interface.

The data traffic via the interface is permitted or blocked depending on the authentication result.

data traffic via the interface is permitted without restrictions

Default: force-authorized enabled data traffic via the interface is blocked forceunauthorized

The default value of the function is "force-authorized".

Result

The port control parameter is configured.

534

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control

Further notes

You can reset the port control parameter to the default with the no dot1x port-control command.

You can display the status of this function and other information with the show dot1xcommand.

11.7.5.13 no dot1x port-control

Description

With this command, you reset the port control parameter of the authenicator to the default value.

The default value is force-authorized.

With this, data traffic is permitted without restrictions.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x port-control

Result

The port control parameter of the authenicator is reset to the default value.

Further notes

You configure the port control parameter with the dot1x port-control command.

You can display the status of this function and other information with the show dot1xcommand.

11.7.5.14 set dot1x mac-auth mac-addr count

Description

With this command, you specify how many end devices are allowed to be connected to the port at the same time.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

535

Security and authentication

11.7 Port Based Network Access Control

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: set dot1x mac-auth mac-addr count <num-of-addresses (1-100)>

The parameter has the following meaning:

Parameter num-of-addresses

Description

Maximum number of devices

Range of values

1 ... 100

Result

The maximum number of devices for the port has been specified.

11.7.5.15 dot1x reauthentication

Description

With this command, you enable the function that repeats the authentication of the client by the authenticator periodically on all interfaces.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x reauthentication

Result

Periodic authentication is enabled for all interfaces.

536

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Security and authentication

11.7 Port Based Network Access Control

Further notes

You disable the function with the no dot1x reauthentication command.

You can display the status of this function and other information with the show dot1xcommand.

11.7.5.16 no dot1x reauthentication

Description

With this command, you disable the function that repeats the authentication of the client by the authenticator periodically.

Requirement

You are in the Interface configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x reauthentication

Result

Periodic authentication is disabled.

Further notes

You enable the function with the dot1x reauthentication command.

You can display the status of this function and other information with the show dot1xcommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

537

Diagnostics

12

The monitoring of the system and error diagnostics are handled in different ways:

● Events and faults handling:

Predefined events generate a message. These messages can be distributed in different ways:

– Entry in the local log

– Transfer to the Syslog server

– Sending as e-mail

– Sending as SNMP trap

● Syslog:

Configures the transfer to the Syslog server

● Remote Monitoring (RMON):

Variables of the Management Information Base are monitored for the violation of limit values and messages are generated if they do. These messages are collected and can be distributed in the following ways:

– Entry in the local log

– Sending as SNMP trap

● Port mirroring:

Mirroring of ports to analyze the data stream without disturbing operation

● Loop detection

Detection and elimination of damaging loops. Loops in the network can cause total failure of the transfer and must be detected and eliminated.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

539

Diagnostics

12.1 Event and fault handling

12.1

Event and fault handling

In events and faults handling, you set the events whose messages will be distributed in one of the available ways.

You configure the monitoring of certain system events and power supply and physical interfaces in the Events configuration mode.

12.1.1

logging console

Description

With this command, you enable the logging of inputs and outputs to the console.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: logging console

Result

The logging function is enabled on the console.

Further notes

You disable the setting with the no logging console command.

As default the function is "disabled".

12.1.2

no logging console

Description

With this command, you disable the logging of inputs and outputs to the console.

540

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: no logging console

Result

The logging function is disabled on the console.

Further notes

You enable the setting with the logging console command.

As default the function is "disabled".

Diagnostics

12.1 Event and fault handling

12.1.3

show events config

Description

This command shows the current configuration for forwarding the messages of the various event types.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events config

Result

The current configuration of the events display is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

541

Diagnostics

12.1 Event and fault handling

12.1.4

show events severity

Description

This command shows the degree of severity of an event ("Info", "Warning" or "Critical") starting at which a notification (sending of an e-mail, entry in the log table, entry in the Syslog file) is generated.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events severity

Result

The corresponding degree of severity is shown for each type of notification.

Further notes

You configure the assignment of the degree of severity of an event and the type of notification with the severity command.

12.1.5

show events faults config

Description

This command shows the current configuration of the following error monitoring functions:

● Monitoring of the power supply for power outage

● Monitoring of the network connections for a change in the connection status

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

542

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Syntax

Call up the command with the following parameters: show events faults config [{power|link}]

The parameters have the following meaning:

Parameter s power link

Description

Monitoring of the power supply for power outage

Monitoring of the network connections for a change in the connection status

If no parameters are specified, the settings for both error monitoring functions are displayed.

Result

The current configuration of the selected error monitoring function is displayed.

12.1.6

show events faults status

Description

This command shows the status messages of fault monitoring of the power supply and network connections.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events faults status

Result

A table with the status messages of the error monitoring functions is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

543

Diagnostics

12.1 Event and fault handling

12.1.7

show startup-information

Description

This command shows the startup information.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli>orcli#

Syntax

Call the command without parameters: show startup-information

Result

Startup information is shown.

12.1.8

show logbook

Description

With this command, you display the content of the logbook.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show logbook or

Call up the command with the following parameters: show logbook { info | warning | critical }

544

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Parameter

The parameters have the following meaning:

Parameter info warning critical

Description

Information

Warning

Critical

-

-

-

Range of values / note

Result

The content of the logbook is displayed.

12.1.9

clear logbook

Description

With this command, you delete the content of the logbook.

Requirement

You are in the Privileged EXEC mode.

The command prompt is as follows: cli#

Syntax

Call the command without parameters: clear logbook

Result

The content of the logbook is deleted.

12.1.10

show cabletest interface

Description

You can display the status of this function and other information with the show cabletest interface command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

545

Diagnostics

12.1 Event and fault handling

Requirement

● The interface has no active data traffic

● The cabletest interface function was used on the specified interface in the Global

Configuration mode.

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show cabletest interface <iftype> <if-id>

The parameters have the following meaning:

Parameter iftype if-id

Description

Type of interface

Interface identifier

Range of values / note

For information on names of addresses and interfaces, refer to the section "Auto-Hotspot".

Result

The result of the cable test of the interface is displayed.

Further notes

You enable the setting with the cabletest interface command in the Global

Configuration mode.

See also

Addresses and interface names (Page 32)

12.1.11

show interface transceiver details

Description

This command runs error diagnostics for an SFP port.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

546

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show interface transceiver details <if-id>

The parameter has the following meaning:

Parameter if-id

Description

Interface identifier

Range of values / note

Result

Hardware information (model, serial number) and operating parameters (data transmission rate, voltage and current consumption as well as the transmit and receive power) for SFP port are displayed.

12.1.12

show power-line-state

Description

This command shows the status of the power supply.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show power-line-state

Result

The status of the power supply is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

547

Diagnostics

12.1 Event and fault handling

12.1.13

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

12.1.13.1 events

Description

With this command, you change to the EVENTS configuration mode.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: events

Result

You are now in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Further notes

You exit the EVENTS configuration mode with the command end or exit.

12.1.13.2 cabletest interface

Description

With this command, you enable the cable test for the specified interface.

548

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Requirement

● The interface has no active data traffic

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command without parameters / with the following parameter assignment: cabletest interface <iftype> <if-id> [force]

The parameters have the following meaning:

Parameter iftype if-id force

Description

Type of interface

Interface identifier

Forces a link down during the test

Range of values / note

Necessary parameter if there is a link up on the interface.

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

Following the test phase, the result is displayed.

12.1.14

Commands in the Events configuration mode

This section describes commands that you can call up in the EVENTS configuration mode.

In the Global configuration mode, enter the events command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

● If you exit the EVENTS configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the EVENTS configuration mode with the end command, you return to the

Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

549

Diagnostics

12.1 Event and fault handling

12.1.14.1 add log

Description

With this command, you make an entry in the logbook.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: add log <log entry>

The parameter has the following meaning:

Parameters log entry

Description

Entry in the logbook

Note max. 150 characters

Result

The entry has been made in the logbook.

12.1.14.2 client config

Description

With this command, you enable one of the clients that processes or forwards the messages of the device.

The following clients are available:

● syslog: sends the messages to the central log server

● trap: sends the messages as SNMP trap to a configured recipient

● email: sends the messages as e-mail

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

550

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Syntax

Call up the command with the following parameters: client config {syslog|trap|email|all}

The parameters have the following meaning:

Parameter syslog trap email all

Description

Enables the client that sends the messages to the log server

Enables the client that sends the SNMP traps

Enables the client that sends the e-mails

Enables all clients at once

Result

The function of the client selected for the transfer is enabled.

Further notes

You display the status of the events and the clients with the show events config command.

You disable a client with the no client config command.

12.1.14.3 no client config

Description

With this command, you disable one of the clients that processes or forwards the messages of the device.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no client config {syslog|trap|email|all}

The parameters have the following meaning:

Parameter syslog trap

Description

Disables the client that sends the messages to the log server

Disables the client that sends the SNMP traps

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

551

Diagnostics

12.1 Event and fault handling

Parameter email all

Description

Disables the client that sends the e-mails

Disables all clients at once

Result

The client selected for the transfer is disabled.

Further notes

You display the status of the events and the clients with the show events config command.

You enable the function with the client config command.

12.1.14.4 event config

Description

With this command, you configure which of the various message types of the device will be stored or forwarded.

The following events or message types are available:

● Message if there is cold or warm restart

● Message when there is a status change on a physical interface

● Message if there is an incorrect login

● Message when there is aRemote Monitoring (RMON) alarm

● Message when there is a status change in the power supply

● Message when there is a status change in the redundancy manager (RM)

● Message when there is a status change on a standby connection

● Message when there is a status change in the error monitoring

● Message when there is a change in the spanning tree

● Message on status change of the VRRP routers

● Message if there is a status change in the detection of network loops

● Message on status change of OSPF routers

These messages can be processed by the clients in different ways:

● Entry in the logbook of the device

● Sending the message to the log server of the system

● Sending an e-mail

● Sending an SNMP trap

552

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: event config

{cold-warmstart|linkchange|authentication-failure|

rmon-alarm|power-change|rm-state-change|standby-state-change| faultstate-change|

stp-change|vrrp-state-change|loopd-state-change|ospf-statechange|all}

{logtable|syslog|email|trap|faults|all}

The parameters have the following meaning:

Parameter Description cold-warmstart linkchange

Message if there is cold or warm restart

Message when there is a status change on a physical interface

Message if there is an incorrect login authenticationfailure rmon-alarm power-change

Message when there is a RMONalarm

Message when there is a status change in the power supply rm-state-change standby-statechange

Message when there is a status change in the redundancy manager

Message when there is a status change on a standby connection faultstate-change

Message when there is a status change in the error monitoring stp-change

Message when there is a change in the spanning tree vrrp-state-change

Message on status change of VRRP routers loopd-state-change Message if there is a status change in the detection of network loops ospf-state-change

Message on status change of OSPF routers all logtable syslog email

All messages

Client that processes the logbook entries

Client that sends the messages to the log server

Client that sends the e-mails trap faults all

Client that sends the SNMP traps

Error LED lights up. The setting is possible only for a cold or warm restart.

All clients at once

Result

The setting deciding which message of the device is stored or forwarded is configured.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

553

Diagnostics

12.1 Event and fault handling

Further notes

You display the status of the events and the clients with the show events config command.

You delete the settings with the no event config command.

With this command, the clients are not enabled.

To enable the clients, use the client config command.

Note

Changing several message types or clients

With each command call, you can only select one message type and one client.

If you want to process several message types or clients, it may be more efficient to first select the all option and then disable individual elements.

12.1.14.5 no event config

Description

With this command, you configure which of the various message types of the device will no longer be stored or forwarded.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no event config

{cold-warmstart|linkchange|authentication-failure|

rmon-alarm|power-change|rm-state-change|standby-state-change|

faultstate-change|stp-change|vrrp-state-change|all}

{logtable|syslog|email|trap|faults|all}

The parameters have the following meaning:

Parameters cold-warmstart linkchange authenticationfailure rmon-alarm

Description

Message if there is cold or warm restart

Message when there is a status change on a physical interface

Message if there is an incorrect login

Message when there is a RMON alarm

554

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Parameters power-change rm-state-change standby-statechange faultstate-change stp-change vrrp-state-change all logtable syslog email trap faults all

Description

Message when there is a status change in the power supply

Message when there is a status change in the redundancy manager

Message when there is a status change on a standby connection

Message when there is a status change in the error monitoring

Message when there is a change in the spanning tree

Message on status change of VRRP routers

All messages

Client that processes the logbook entries

Client that sends the messages to the log server

Client that sends the e-mails

Client that sends the SNMP traps

Error LED lights up. The setting is possible only for a cold or warm restart.

All clients at once

Result

The setting deciding which messages of the device are not stored or forwarded is configured.

Further notes

You display the status of the events and the clients with the show events config command.

You configure which of the various message types of the device will be stored or forwarded with the event config command.

12.1.14.6 eventgroup

Description

With this command, you configure the message level for alarm message groups.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events)#

Syntax

Call up the command with the following parameters: eventgroup <string> {info | warning | critical }

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

555

Diagnostics

12.1 Event and fault handling

Parameter string info warning critical

Description

Name of the event group

Message level information

Message level warning

Message level critical

Range of values / note

-

-

max. 32 characters

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings of the event grouping are configured.

Further notes

You disable the setting with the no eventgroup command.

You can display the status of this function and other information with the show events configcommand.

12.1.14.7 no event

Description

With this command, you disable eventgroup.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events)#

Syntax

Call up the command without parameters / with the following parameter assignment: no eventgroup <string>

The parameters have the following meaning:

Parameter string

Description

Name of the event group

Range of values / note max. 32 characters

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings of the EVENTS grouping are disabled.

556

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Further notes

You enable the setting with the eventgroup command.

You can display the status of this function and other information with the show events configcommand.

12.1.14.8 severity

Description

With this command, you enable the sending of events.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: severity {mail | log | syslog } {info | warning | critical }

The parameters have the following meaning:

Example

Parameter mail log syslog info warning critical

Description

Specifies that messages are sent by e-mail.

Specifies that messages are sent to the log file.

Specifies that messages are sent to the Syslog server.

Message level information

Message level warning

Message level critical

-

-

-

Range of values / note

-

-

Default

If you do not select any of the parameters from the parameter list, the default value is used.

If you do not select any of the info | warning | critical parameters, messages of all three levels are sent.

Result

The settings are configured.

The severity function is enabled.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

557

Diagnostics

12.1 Event and fault handling

Further notes

You disable the setting with the no severity command.

You display the status of this function and other information show events config

12.1.14.9 no severity

Description

With this command, you disable the sending of events.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: no severity {mail | log | syslog }

The parameters have the following meaning:

Parameter mail log syslog

Description

Specifies that messages are no longer sent by email.

Specifies that messages are no longer sent to the log file.

Specifies that messages are no longer sent to the

Syslog server.

-

-

Range of values / note

Default

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings for sending event messages are configured.

Further notes

You enable the setting with the severity command.

You display the status of this function and other information show events config.

558

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

12.1.14.1

0 power

Description

With this command, you configure and activate the monitoring of the power supplies.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: power [{L1|L2}]

The parameters have the following meaning:

Parameters

L1

L2

Description

Monitoring of power supply 1

Monitoring of power supply 2

If you do not select any parameters from the parameter list, the default value "L1 and L2" is used.

Result

The setting for monitoring the power supplies is configured.

Further notes

You can display the current setting with the show events faults config command.

You disable the function with the no power command.

12.1.14.1

1 no power

Description

With this command, you disable the monitoring of the power supplies.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

559

Diagnostics

12.1 Event and fault handling

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no power [{L1|L2}}

The parameters have the following meaning:

Parameters

L1

L2

Description

No monitoring of power supply 1

No monitoring of power supply 2

If you do not select any parameters from the parameter list, the default value "L1 and L2" is used.

Result

The setting for monitoring the power supplies is configured.

Further notes

You can display the current setting with the show events faults config command.

You enable the function with the power command.

12.1.14.1

2 link

Description

With this command, you configure and enable the monitoring of the physical network connections for cable breaks or for pulling of the connector.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

560

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Syntax

Result

The settings for monitoring the physical network connections have been configured.

Further notes

12.1.14.1

3 no link

Description

You display the setting with the show events faults config command.

You disable the function with the no link command.

With this command, you disable the monitoring of the physical network connections for cable breaks or for pulling of the connector.

Requirement

You are in the EVENTS Configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: link {up|down}[{<ifXtype><iface_list>}]The parameters have the following meaning:

Parameters up down ifXtyp

Description

Only the establishment of a connection is signaled

Only a break on a connection is signaled

Type or speed of the interface iface_list

Slot no. and port no. of the interface

Range of values

-

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select an interface, the function is enabled for all available interfaces.

Call up the command with the following parameters: no {up|down}[{<ifXtype><iface_list>}]

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

561

Diagnostics

12.1 Event and fault handling

The parameters have the following meaning:

Parameters up down ifXtype iface_list

Description Range of values

The message when establishing a connection is disabled

-

The message when a connection is down is disabled -

Type or speed of the interface ● gigabitethernet

● extreme-ethernet

Slot no. and port no. of the interface Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select an interface, the function is disabled for all available interfaces.

Result

The settings for monitoring the physical network connections have been configured.

Further notes

You can display the current setting with the show events faults config command.

You enable the function with the link command.

12.1.14.1

4 syslogserver

Description

With this command, you configure the Syslog server address.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ip address> | fqdn-name <FQDN(100)>}

[<port(1-65535)>]

The parameters have the following meaning:

562

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.1 Event and fault handling

Parameter ipv4 ip address fqdn-name

FQDN(100) port

Description Range of values / note

Keyword for an IP address

IPv4 Internet address of the Syslog server

-

Format: 0.0.0.0

Keyword for a domain name -

Domain name (Fully Qualified Domain Name) Maximum of 100 characters

Serverport 1 .. 65535

Default: 514

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for the Syslog server are configured.

Further notes

You disable the setting with the no syslogserver command.

You can display the status of this function and other information with the show events configcommand.

12.1.14.1

5 no syslogserver

Description

With this command, you configure the Syslog server address.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ip address> | fqdn-name <FQDN(100)>}

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

563

Diagnostics

12.1 Event and fault handling

Parameter ipv4 ip address fqdn-name

FQDN(100)

Description Range of values / note

Keyword for an IP address

IPv4 Internet address of the Syslog server

-

Format: 0.0.0.0

Keyword for a domain name -

Domain name (Fully Qualified Domain Name) Maximum of 100 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for the Syslog server are disabled.

Further notes

You enable the setting with the syslogserver command.

You can display the status of this function and other information with the show events configcommand.

564

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

12.2

Syslog client

With the commands in this section, the following settings are configured:

● Transfer of the messages to the log server

● Local buffering and storage of messages

● Receipt and forwarding of messages from other devices (relay mode)

Diagnostics

12.2 Syslog client

12.2.1

show events syslogserver

Description

This command shows the entries of the configured log server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events syslogserver

Result

The entries of the configured log server are displayed.

12.2.2

Commands in the Events configuration mode

This section describes commands that you can call up in the EVENTS configuration mode.

In the Global configuration mode, enter the events command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

● If you exit the EVENTS configuration mode with the exit command, you return to the

Global configuration mode.

● If you exit the EVENTS configuration mode with the end command, you return to the

Privileged EXEC mode.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

565

Diagnostics

12.2 Syslog client

12.2.2.1

syslogserver

Description

With this command, you configure the Syslog server.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: syslogserver {ipv4 address}[port]{info | warning | critical}

The parameters have the following meaning:

Parameter Description ipv4 address IP v4 address port

Port of the Syslog server on which the messages are received info warning critical

Information

Warning

Critical

Range of values

-

-

-

Enter a valid IPv4 address

0 … 65535

Default: 514

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings for the Syslog server are configured. The Syslog server was entered in the table

Further notes

You delete the entry with the no syslogserver command.

You can display the status of this function and other information with the show events configcommand.

566

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.2 Syslog client

12.2.2.2

no syslogserver

Description

With this command, you delete an entry from the table.

Requirement

You are in the EVENTS configuration mode.

The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no syslogserver {ipv4 address}

The parameter has the following meaning:

Parameter Description ipv4 address

IP v4 address

Range of values

Enter a valid IPv4 address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The entry is deleted from the table.

Further notes

You add an entry with the syslogserver command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

567

Diagnostics

12.3 RMON

12.3

RMON

The RMON function provides commands with which variables of the Management Information

Base (MIB) can be monitored for violation of limit values and to store or forward these events in the following ways:

● Entry in the local log

● Sending as SNMP trap

12.3.1

show rmon

Description

This command shows the settings of the remote monitoring function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode.

The command prompt is as follows: cli> or cli# or cli(config)#

The parameters have the following meaning:

Parameters Description Range of values statistics

Shows counts for various packet characteristics and sizes stats-index Index number for the statistical values alarms events

Shows the threshold values and event assignments for alarms

Shows the status and the actions that are triggered history historyindex

-

-

-

1 ... 65535

Shows the stored statistical values for earlier transmission periods -

Index number for the previous statistical values 1 ... 65535 overview

Displays an overview -

With this command, you can display several parameters with one call.

568

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.3 RMON

If you do not select any parameters from the parameter list, only the enabled/disabled status is shown.

Result

The settings of the remote monitoring function are displayed.

12.3.2

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

12.3.2.1

rmon alarm

Description

With this command, you configure an alarm for monitoring a MIB variable. The variable is checked at specific intervals to determine whether or not it has exceeded or fallen below threshold values. Events are assigned to these occurrences.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: rmon alarm <alarm-number><mib-object-id(255)>

<sample-interval-time(1-65535)>

{absolute|delta}

rising-threshold<value(0-2147483647)>[risingeventnumber(1-65535)]

falling-threshold<value(0-2147483647)>[fallingeventnumber(1-65535)]

[owner<ownername(127)>]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

569

Diagnostics

12.3 RMON

Result

Parameters Description Range of values alarm-number mib-object-id

Number of the alarm

Name of the MIB variable

Interval for the check [s] sample-intervaltime absolute

The current absolute value of the monitored MIB is evaluated delta

The difference between the current and the previous value of the monitored MIB is evaluated rising-threshold

Threshold value for rising or high variable values risingeventnumber

Event number for this

-

-

1 ... 52 max. 255 characters

1 ... 65535

1 ... 2147483647

1 ... 65535 falling-threshold Threshold value for falling or low variable values fallingeventnumber

Event number for this value owner ownername

1 ... 2147483647

1 ... 65535

Relevant threshold value 1 ... 2147483647

User to which the alarm is assigned -

User name of the user max. 127 characters

If you do not select a parameter from the parameter list, the events for high and low threshold values are assigned the lowest event number available in the event table.

Note

MIB variables that can be monitored

With the RMON function, only MIB variables of the Ethernet interfaces can be monitored.

Note

Magnitude of the threshold values

The threshold value for falling or low variable values should be less than the threshold value for rising or high variable values.

Note

Conditions for working with alarms

The events assigned to the alarms are configured.

The remote monitoring function is started with the set rmon command.

The alarm for monitoring a MIB variable is configured.

570

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.3 RMON

Further notes

You delete an alarm with the no rmon alarm command.

You display the list of configured RMON alarms with the show rmon alarms command.

12.3.2.2

no rmon alarm

Description

With this command, you delete an alarm for monitoring a MIB variable.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no rmon alarm <index (1-52)>

The parameter has the following meaning:

Parameters Description index

Number of the alarm to be deleted

Range of values

1 ... 52

Result

The entry is deleted.

12.3.2.3

rmon event

Description

With this command, you configure an event in the RMON Event Table.

You specify its name and the owner and whether or not a logbook entry is made or an SNMP trap is generated.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

571

Diagnostics

12.3 RMON cli(config)#

Syntax

Call up the command with the following parameters: rmon event <number(1-52)>[description<event-description(127)>]

[log][owner<ownername(127)>][trap<community(127)>]

The parameters have the following meaning:

Parameters number description eventdescription log owner ownername trap community

Description

Number of the event

Title of the event

Description of the event

Range of values

-

1 ... 52 max. 127 characters

Specifies whether or not an entry will be made in the logbook of the device

User to which the event is assigned

User name of the user

Specifies whether an SNMP trap should be sent

Name of the community to which the SNMP trap will be sent

-

max. 127 characters

max. 127 characters

Result

The event is configured.

Further notes

You delete an entry with the no rmon event command.

You display the RMON Event Table with the show rmon events command.

You show the details of the SNMP community with the show snmp community command.

12.3.2.4

no rmon event

Description

With this command, you delete an entry from the RMON event table.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

572

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.3 RMON

Syntax

Call up the command with the following parameters: no rmon event <index (1-52)>

The parameter has the following meaning:

Parameters index

Description

Number of the event entry to be deleted

Range of values

1 ... 52

Result

The entry is deleted.

12.3.2.5

set rmon

Description

With this command, you enable / disable the remote monitoring function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: set rmon {enable|disable}

The parameters have the following meaning:

Parameter enable disable

Description

Enables the remote monitoring function

Disables the remote monitoring function

Default: disabled

Result

The remote monitoring function is enabled or disabled.

Further notes

You can display the status of this function and other information with the show rmoncommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

573

Diagnostics

12.3 RMON

12.3.3

Commands in the interface configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

12.3.3.1

rmon collection stats

Description

With this command, you start the recording of statistical data of an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: rmon collection stats <index (1-52)>[owner<ownername(127)>]

The parameters have the following meaning:

Parameters index owner ownername

Description

Number of the recording

User to which the event is assigned

User name of the user

Range of values

1 ... 52

max. 127 characters

Result

The recording of statistical data is started.

Further notes

You can display the content of a recording with the show rmon statistics command.

574

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.3 RMON

12.3.3.2

no rmon collection stats

Description

With this command, you end the recording of statistical data of an interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no rmon collection stats <index (1-52)>

The parameter has the following meaning:

Parameters index

Description

Number of the recording

Range of values

1 ... 52

Result

The recording of statistical data is ended.

12.3.3.3

rmon collection history

Description

With this command, you configure the collection of statistical data of the interface in a selectable number of recording intervals ("Buckets ") with a specified period.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: rmon collection history<index(1-52)>

[buckets<bucket-number(1-65535)>]

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

575

Diagnostics

12.3 RMON

[interval<seconds(1-3600)>]

[owner<ownername(127)>]

The parameters have the following meaning:

Parameter index buckets bucketnumber interval seconds owner ownername

Description

Number of the recording

Maximum number of recording intervals

Number of recording intervals

Duration of an individual recording interval

Time in seconds

User to which the event is assigned

User name of the user

Range of values

-

1 ... 65535

-

1 ... 65535

Default: 50

-

1 ... 3600

Default: 1800 max. 127 characters

Default: monitor

If you do not select any parameter from the parameter list, the default values are used.

Result

The data is recorded.

Further notes

You can display the content of a recording with the show rmon history command.

12.3.3.4

no rmon collection history

Description

With this command, you end the recording of statistical data of the interface.

Requirement

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no rmon collection history <index(1-52)>

The parameter has the following meaning:

576

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Result

Parameters index

Description

Number of the recording

The data recording is ended.

Range of values

1 ... 52

Diagnostics

12.3 RMON

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

577

Diagnostics

12.4 Port Mirroring

12.4

Port Mirroring

With the port mirroring function, you copy the data stream of one or more ports to another interface to be able to analyze this data stream without disturbing operation.

Note

If the maximum data rate of the mirrored port is higher than that of the monitor port, data may be lost and the monitor port no longer reflects the data traffic at the mirrored port. Several ports can be mirrored to one monitor port at the same time.

Mirroring a port does not work beyond switch core boundaries.

Disable port mirroring if you want to connect a normal end device to the monitor port.

12.4.1

show monitor

Description

This command shows the settings of the port mirroring function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show monitor status

Result

The status of the port mirroring function is displayed.

12.4.2

show monitor barrier

Description

This command shows the status of the communication via the mirror port.

578

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.4 Port Mirroring

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show monitor barrier[{session<session-id(1)>|all}]

The parameters have the following meaning:

Parameters session session-id all

Description

Keyword for a session whose settings are displayed

Number of the session

Shows the settings of all sessions

Range of values

-

-

1

Result

The settings are displayed.

12.4.3

show monitor session

Description

This command shows the settings used for mirroring ports.

You obtain information about the ports from which incoming and/or outgoing data traffic is mirrored and the port at which the mirrored data is output.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show monitor[{session<session-id(1)>|all}]

The parameters have the following meaning:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

579

Diagnostics

12.4 Port Mirroring

Parameters session session-id all

Description

Keyword for a session whose settings are displayed

Number of the session

Shows the settings of all sessions

Result

The settings for mirroring ports are displayed.

Range of values

-

-

1

12.4.4

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

12.4.4.1

monitor

Description

With this command, you enable the port mirroring function.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: monitor

As default the function is "disabled".

Result

The port mirroring function is enabled.

580

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.4 Port Mirroring

Further notes

You can display the status of this function with the show monitorcommand.

You disable the function with the no monitor command.

12.4.4.2

no monitor

Description

With this command, you disable the port mirroring function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no monitor

Result

The port mirroring function is disabled.

Further notes

You can display the status of this function with the show monitorcommand.

You enable the function with the monitor command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

581

Diagnostics

12.4 Port Mirroring

12.4.4.3

monitor barrier enabled

Description

With this command, you disable the communication via the monitor port.

Note

Effects of monitor barrier enabled

If you enable this option, management of the switch via the monitor port is no longer reachable. The following port-specific functions are changed:

● DCP forwarding is turned off

● LLDP is turned off

● Unicast, multicast and broadcast blocking is turned on

The previous statuses of these functions are no longer restored after disabling monitor barrier again. They are reset to the default values and may need to be reconfigured.

You can reconfigure these functions manually even if monitor barrier is turned on. The data traffic on the monitor port is also allowed again. If you do not require this, make sure that only the data traffic you want to monitor is forwarded to the interface.

If mirroring is disabled, the listed port-specific functions are reset to the default values. This reset takes place regardless of whether the functions were configured manually or automatically by enabling monitor barrier.

Requirement

You are in the Global configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: monitor barrier enabled

Result

Communication via the monitor port is disabled.

Further notes

You enable the communication with the no monitor barrier enabled command.

You display the configuration settings with the show monitor barrier command.

582

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

12.4.4.4

no monitor barrier enabled

Description

With this command, you enable the communication via the monitor port.

Diagnostics

12.4 Port Mirroring

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no monitor barrier enabled

Result

Communication via the monitor port is enabled.

Further notes

You disable the communication with the monitor barrier enabled command.

You display the configuration settings with the show monitor barrier command.

12.4.4.5

monitor session destination

Description

With this command, you configure the destination for mirroring a port.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: monitor session <session-id(1)> destination

{interface <interface-type><interface-id>}

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

583

Diagnostics

12.4 Port Mirroring

The parameters have the following meaning:

Parameter session-id interface interfacetype

Description

Number of the session

7 parallel sessions are possible only with portbased mirroring and their ports must not overlap.

Keyword for a an interface description

Type or speed of the interface interface-id

Slot no. and port no. of the interface

Values

1 .. 7

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Note

Selecting the destination port

A port that is part of a port channel cannot be configured as the destination port for a monitor session.

VLAN / ACL mirroring

Tx mirroring is not supported with VLAN or ACL monitoring.

Result

As soon as you have configured the settings for the port to be monitored and the destination port, the session is complete and active.

Further notes

You delete the destination for mirroring a port with the no monitor session ... destination command.

You end and delete a session with the no monitor session command.

You display the configuration settings with the show monitor session command.

12.4.4.6

no monitor session destination

Description

With this command, you delete the destination for mirroring a port.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows:

584

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.4 Port Mirroring cli(config)#

Syntax

Call up the command with the following parameters: no monitor session <session-id(1)> destination

{interface <interface-type><interface-id>}

The parameters have the following meaning:

Parameter Description session-id

Number of the session

7 parallel sessions are possible only with port-based mirroring and their ports must not overlap.

interface

Keyword for a an interface description interfacetype

Type or speed of the interface interfaceid

Slot no. and port no. of the interface

Values

1 .. 7

-

● gigabitethernet

● extreme-ethernet

Enter a valid interface name

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The destination for the mirroring of a port is deleted.

Further notes

You configure the destination for mirroring a port with the monitor session ... destination command.

You end and delete a session with the no monitor session command.

You display the configuration settings with the show monitor session command.

12.4.4.7

monitor session source

Description

With this command, you configure the source for mirroring a port or a VLAN.

Requirement

● You are in the Global Configuration mode.

● Monitoring is enabled

The command prompt is as follows:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

585

Diagnostics

12.4 Port Mirroring cli(config)#

Syntax

Call up the command for the port to be monitored with the following parameter assignment: monitor session<session-id(1-7)>{source

{interface<interface-type><interface-id>[{rx|tx|both}]}} or

Call up the command for the VLAN to be monitored with the following parameter assignment: monitor session <session-id (1-1)> {source

{vlan <vlan-id> | mac-acl <acl-id>}

The parameters have the following meaning:

Parameter Description Values session-id interface

Number of the session

7 parallel sessions are possible only with port-based mirroring and their ports must not overlap.

Keyword for a an interface description -

1..7

interfacetype

Type or speed of the interface interface-id Slot no. and port no. of the interface rx tx

Received data traffic will be mirrored (received)

Transmitted data traffic will be mirrored (transmitted) -

-

● fastethernet

● gigabitethernet

Enter a valid interface name both vlan-id acl-id

Received and sent data traffic will be mirrored

Number of the VLAN

Number of the Access Control List

-

1 .. 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the default value (both) is used.

Note

VLAN / ACL mirroring

Tx mirroring is not supported with VLAN or ACL monitoring.

Result

As soon as you have configured the settings for the port to be monitored and the destination port, the session is complete and active.

586

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.4 Port Mirroring

Further notes

You delete the source for mirroring a port with the no monitor session ... source command.

You end and delete a session with the no monitor session command.

You display the configuration settings with the show monitor session command.

12.4.4.8

no monitor session source

Description

With this command, you delete the source for mirroring a port or a VLAN.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command for the port to be monitored with the following parameter assignment: no monitor session<session-id(1-7)>{source

{interface<interface-type><interface-id>[{rx|tx|both}]} or

Call up the command for the VLAN to be monitored with the following parameter assignment: no monitor session <session-id (1-1)> {source

{vlan <vlan-id> | mac-acl <acl-id>}

The parameters have the following meaning:

Parameter Description Values session-id interface

Number of the session

7 parallel sessions are possible only with port-based mirroring and their ports must not overlap.

Keyword for a an interface description -

1 .. 7 interfacetype

Type or speed of the interface interface-id Slot no. and port no. of the interface rx tx

Received data traffic will be mirrored (received)

Transmitted data traffic will be mirrored (transmitted) -

-

● fastethernet

● gigabitethernet

Enter a valid interface name both vlan-id acl-id

Received and sent data traffic will be mirrored

Number of the VLAN

Number of the Access Control List

-

1 .. 4094

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

587

Diagnostics

12.4 Port Mirroring

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

If you do not select any parameters from the parameter list, the default value (both) is used.

Result

The source for the mirroring of a port is deleted.

Further notes

You configure the source for mirroring a port with the monitor session ... source command.

You end and delete a session with the no monitor session command.

You display the configuration settings with the show monitor session command.

12.4.4.9

no monitor session

Description

With this command, you delete the monitor session.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no monitor session<session-id(1)>

The parameter has the following meaning:

Parameter session-id

Description

Number of the session

7 parallel sessions are possible only with port-based mirroring and their ports must not overlap.

Range of values

1 .. 7

Result

The monitor session is deleted.

588

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.4 Port Mirroring

Further notes

You display the configuration settings with the show monitor session command.

You configure and start mirroring of a port with the monitor session command.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

589

Diagnostics

12.5 Loop detection

12.5

Loop detection

With the "Loop detection" function, you specify the ports for which loop detection will be activated. The ports involved send special test frames - the loop detection frames. If these frames are sent back to the device, there is a loop.

A "Local loop" involving this device means that the frames are received again at a different port of the same device. If the sent frames are received again at the same port, there is a

"remote loop" involving other network components.

Note

A loop is an error in the network structure that needs to be eliminated. The loop detection can help to find the errors more quickly but does not eliminate them.

Note

Note that loop detection is only possible at ports that were not configured as ring ports or standby ports.

With the commands in this section, you start loop detection and decide which actions will be used on the ports affected if loops are detected.

12.5.1

show loopd

Description

With this command, you display the information on loop detection.

Detected loops are shown.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show loopd

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

590

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.5 Loop detection

Result

Information on loop detection is displayed.

12.5.2

show loopd interface

Description

Displays information on the loop interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

The command prompt is as follows: cli> or cli#

Syntax

Call up the command without parameters / with the following parameter assignment: show loopd interface [{<interface-type> <interface-id> | portchannel <port-channel-id (1-8)>}]

The parameters have the following meaning:

Parameter interface interfacetype interfaceid

Description

Keyword for a an interface description

Type or speed of the interface

Slot no. and port no. of the interface

Range of values / note

gigabitethernet extreme-ethernet

-

# digit /digit#

Slot: 0 ... 6 or 12

Port: 1 ... 4 portchannel portchannel-id

Keyword for a port channel connection

Number of the addressed port channel 1 ... 8

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The loop interface is displayed.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

591

Diagnostics

12.5 Loop detection

Further notes

You can display the status of this function and other information with the show loopdcommand.

12.5.3

Commands in the global configuration mode

This section describes commands that you can call up in the Global configuration mode.

In Privileged EXEC mode, enter the configure terminal command to change to this mode.

Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

You exit the Global configuration mode with the end or exit command and are then in the

Privileged EXEC mode again.

12.5.3.1

loopd

Description

With this command, you enable the loop detection function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: loopd

Result

The loop detection function is enabled

Further notes

You disable the function with the no loopd command.

You can display the status of this function and other information with the show loopdcommand.

592

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.5 Loop detection

12.5.3.2

no loopd

Description

With this command, you enable the loop detection function.

Requirement

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no loopd

Result

The loop detection function is disabled

Further notes

You enable the function with the loopd command.

You can display the status of this function and other information with the show loopdcommand.

12.5.3.3

loopd vlan mode

Description

With this command, you enable the loop detection function for VLAN.

Requirement

● Loopd is activated

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

593

Diagnostics

12.5 Loop detection loopd vlan mode

Result

The loop detection function is enabled for VLAN.

Further notes

You disable the function with the no loopd vlan mode command.

You can display the status of this function and other information with the "show loopd" command

12.5.3.4

no loopd vlan mode

Description

With this command, you disable the loop detection function for VLAN.

Requirement

● Loopd is activated

You are in the Global Configuration mode.

The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no loopd vlan mode

Result

The loop detection function is disabled for VLAN.

Further notes

You enable the function with the loopd vlan mode command.

You can display the status of this function and other information with the "show loopd" command

594

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.5 Loop detection

12.5.4

Commands in the Interface Configuration mode

This section describes commands that you can call up in the interface configuration mode.

Depending on the Interface selected, various command sets are available.

In the Global configuration mode, enter the interface command to change to this mode.

Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.

● If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.

● If you exit the Interface configuration mode with the end command, you return to the

Privileged EXEC mode.

12.5.4.1

loopd

Description

With this command, you configure loop detection.

Requirement

● Loop detection is enabled

● The port is not part of a spanning tree if the port will be or is enabled as sender.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: loopd {blocked | forwarder | sender} or loopd {tx-interval <mSec(500-5000)> | detect-threshold

<integer(1-500)> | reaction-timeout <seconds(0-86400)>}

The parameters have the following meaning:

Parameter blocked forwarder sender

Description

Blocked

Forwards

Sends

Range of values / note

-

-

Default after enabling loop detection.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

595

Diagnostics

12.5 Loop detection

Parameter tx-interval

Description

Transmit interval detect-threshold Threshold reaction-timeout Time to the end of the reaction time

Range of values / note

500 .. 5000 [ms]

Default: 1000 [ms]

1 .. 500

Default: 2

0 .. 86400 [seconds]

Default: 0 [sec]

If you do not select any parameters from the parameter list, the default value is used. The default values apply only to a port enabled earlier with loopd sender .

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The settings for loopd are configured.

Further notes

You can reset the setting to the default with the no loopd command.

You can display the status of this function and other information with the show loopdcommand.

12.5.4.2

loopd port reset

Description

With this command, you enable the port reset for loop detection.

Requirement

● Loop detection is enabled

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: loopd port reset

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

596

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.5 Loop detection

Result

The port reset function is enabled.

Further notes

You disable the setting with the no loopd port reset command.

You can display the status of this function and other information with the show loopdcommand.

12.5.4.3

no loopd port reset

Description

With this command, you disable the port reset for loop detection.

Requirement

● Loop detection is enabled

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no loopd port reset

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

The port reset function is disabled.

Further notes

You enable the setting with the loopd port reset command.

You can display the status of this function and other information with the show loopdcommand.

12.5.4.4

loopd reaction local

Description

With this command, you activate "disable" for loopd reaction local.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

597

Diagnostics

12.5 Loop detection

Requirement

● Loop detection is enabled.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: loopd reaction local

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

"disable" is activated for the "loopd reaction local" function.

"disable" is the default after enabling loop detection.

Further notes

You enable the "no action" setting with the no loopd reaction local command.

You can display the status of this function and other information with the show loopdcommand.

12.5.4.5

no loopd reaction local

Description

With this command, you enable "no action" for loopd reaction local.

Requirement

● Loop detection is enabled.

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no loopd reaction local

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

598

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Diagnostics

12.5 Loop detection

Result

"no action" is activated for the "loopd reaction local" function.

"disable" is the default after enabling loop detection.

Further notes

You enable the "disable" setting with the loopd reaction local command.

You can display the status of this function and other information with the show loopdcommand.

12.5.4.6

loopd reaction remote

Description

With this command, you activate "disable" for loopd reaction remote.

Requirement

● loopd is enabled

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: loopd reaction remote

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

"disable" is activated for the loopd reaction remote function.

"disable" is the default after enabling loop detection.

Further notes

You enable the "no action" setting with the no loopd reaction remote command.

You can display the status of this function and other information with the show loopdcommand.

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

599

Diagnostics

12.5 Loop detection

12.5.4.7

no loopd reaction remote

Description

With this command, you activate "no action" for loopd reaction remote.

Requirement

● loopd is enabled

You are in the Interface Configuration mode.

The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no loopd reaction remote

If you do not select any parameters from the parameter list, the default value is used.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 32)".

Result

"no action" is activated for the loopd reaction remote function.

"disable" is the default after enabling loop detection.

Further notes

You enable the "disable" setting with the loopd reaction remote command.

You can display the status of this function and other information with the show loopdcommand.

600

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Index

show vrrp interface, 428

show vrrp interface - vrid, 429

A

add log, 550

alias, 68

area nssa, 373

no area, 375

area range, 369

no area range, 372

area range summary, 371

no area range, 372

area stub, 374

no area, 375

area virtual links

no area virtual links, 378

area virtual-link, 376

arp, 308

no arp , 309

arp timeout, 310

no arp timeout , 311

ASBR Router, 368

no ASBR Router, 369

authorized-manager, 519 no authorized-manager, 519

authorized-manager ip-source, 520

no authorized-manager ip-source, 522

auto summary, 414

no auto summary, 415

auto-learn, 513

auto-save, 93

no auto-save, 94

C

channel-group, 183

no channel-group , 184

clear counters, 53

clear hrp counters, 331

clear line vty, 58

clear logbook, 545

clear screen, 36

clear spanning-tree counters, 195

clear spanning-tree detected protocols, 194

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

clear standby counter, 332

clear-all-static-unicast, 513

CLI commands

Symbolic representation, 31

cli-console-timeout, 62

no cli-console-timeout, 63

Combo port, 33

compatible rfc1583, 380 no compatible rfc1583, 380

configure terminal, 54

coordinates height, 63

coordinates latitude, 64 coordinates longitude, 64

cos-map, 474

D

dcp forwarding, 252

dcp server, 246 no dcp server, 246

default-information originate, 381

no default-information originate, 382

default-information originate always, 383

no default-information originate always, 384

delay mechanism, 139

delete, 85

deny, 491, 499

deny icmp, 503

deny tcp, 506

deny udp, 510

disable, 55

distance, 415

no distance, 416

distribute list route map, 391, 417

no distribute list route map, 391, 417

dot1x guest-vlan, 525, 527

no dot1x guest-vlan, 525, 528

dot1x guest-vlan reset, 530

dot1x guest-vlan vlan-id, 529 no dot1x guest-vlan vlan-id, 529

dot1x mac-auth, 526, 531

no dot1x mac-auth, 532 dot1x mac-auth port reset, 532

dot1x mac-auth vlan-assign, 533 no dot1x mac-auth vlan-assign, 533

dot1x port-control, 534

no dot1x port-control, 535

dot1x reauthentication, 536

no dot1x reauthentication, 537

601

Index

dscp-map, 475

duplex, 69

no duplex, 70

E

enable, 55

end, 36

event config, 552

no event config , 554

eventgroup, 555

no eventgroup, 556

events, 548

exit, 37

F

factoryclean, 107

flowcontrol, 470

G

Glossary, 22

H

help, 37

I

instance, 225

no instance, 226

interface, 59

no interface, 61, 433

interface (vrrp), 432

interface range, 151

no interface range, 152

ip address, 250

no ip address , 251

ip dhcp client mode, 256

ip dhcp config-file-request, 255

no ip dhcp config-file-request, 256

ip dhcp relay circuit-id, 265

no ip dhcp relay circuit-id, 266

ip dhcp relay circuit-id option, 261

ip dhcp relay information option, 262

no ip dhcp relay information option, 263

ip dhcp relay remote-id, 266

ip dhcp server, 259

no ip dhcp server, 260

602

ip domain lookup, 247 no ip domain lookup, 247

ip echo-reply, 243

no ip echo-reply , 244

ip http, 302

no ip http, 303

ip igmp snooping clear counters, 326

ip igmp snooping port-purge-interval, 327

no ip igmp snooping port-purge-interval, 328

ip igmp snooping querier, 329

no ip igmp snooping querier , 330

ip igmp snooping switch-ip, 326

ip igmp snooping version, 324

ip igmp vlan-snooping, 325 no ip igmp vlan-snooping, 325

ip name server, 248

no ip name server, 249

ip ospf authentication, 396

ip ospf authentication-key, 398

no ip ospf authentication-key, 399 ip ospf cost, 399

ip ospf dead-interval, 401

ip ospf hello-interval, 403

ip ospf message-digest-key

no ip ospf message-digest-key, 405

ip ospf message-digest-key , 404

ip ospf priority, 409

no ip ospf priority, 410

ip ospf retransmit-interval, 406

ip ospf transmit-delay, 408 no ip ospf transmit-delay, 408

ip retransmit-interval

no ip retransmit-interval, 407

ip rip default route originate, 423

no ip rip default route originate, 424

ip rip receive version, 425 no ip rip receive version, 425

ip rip send version, 426

no ip rip send version, 427

ip route, 240

no ip route, 241

ip routing, 242 no ip routing, 242

L

link, 560

no link , 561

lldp, 77

no lldp, 78

load tftp, 82

loadsave, 84

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Index

lock, 56

logout, 57

M

mac access-group, 487

no mac access-group, 488

mac access-list extended, 485

no mac access-list extended , 486

mac-address-table aging, 467 no mac-address-table aging, 467

mac-address-table aging-time, 465

no mac-address-table aging-time , 466

mac-address-table block static multicast, 457

mac-address-table static multicast, 458

no mac-address-table static multicast , 459

mac-address-table static unicast, 460

no mac-address-table static unicast , 461

map protocol, 153

no map protocol, 154

media type, 79

monitor, 580

no monitor, 581

monitor barrier enabled, 582

no monitor barrier enabled, 583

monitor session

destination, 583

no ... destination, 584

no ... source, 587

no monitor session, 588

source, 585

mtu, 70

N

name, 174, 227

no name, 175, 227

negotiation, 71

no negotiation, 72

network, 418

no network, 419

network area, 385

NFC, 102, 103

nfc active, 103

no dot1x mac-auth, 527

no nfc active, 103

no passive listening, 231

no vrrp timer, 448

ntp, 123

ntp server, 124

no ntp server, 125

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

ntp time diff, 126

O

output delay, 422

P

passive listening, 230

permit, 489, 497

permit icmp, 501

permit tcp, 504

permit udp, 508

ping, 57

plug, 107

port-channel load-balance, 181

no port-channel load-balance , 182

ports, 171

no ports, 173

power, 559

no power, 559

primary domain, 139

protocol-vlan, 155

no protocol-vlan, 156

ptp, 137 no ptp, 137

ptp time diff, 138

Q

qos, 473

R

radius server, 481

no radius-server, 482

rate-limit-output, 451

no rate-limit-output , 452

redist-config

no redist-config, 388

redistribute, 389, 419

no redistribute, 390, 420

redundancy, 334

restart, 89

revision, 228

no revision, 229

ring ports, 337

ring redundancy, 334

no ring redundancy, 335

rmon alarm, 569

603

Index

no rmon alarm , 571

rmon collection history, 575

no rmon collection history , 576

rmon collection stats, 574

no rmon collection stats , 575

rmon event, 571

no rmon event , 572

router id, 392

router ospf, 366

no router ospf, 367

router rip, 413

no router rip, 413

router vrrp, 430

no router vrrp, 431

S

save filetype, 83

Scope of the manual, 21

send test mail, 300

sender mail-address, 298

no sender mail-address, 299

service dhcp-relay, 263

no service dhcp-relay, 264

set broadcast-block, 72

set dot1x guest-vlan mac-addr count, 530

set dot1x mac-auth mac-addr count, 535

set gmrp, 317, 318

set gvrp, 319

set multicast-block, 73

set panel-button control-factory-defaults, 112

set panel-button control-faultmask, 113

set rmon, 573

set signaling contact mode, 114

set signaling contact status, 115

set sntp unicast-poll-interval, 132

severity, 557

no severity, 558

show access-lists, 484

show authorized-managers, 518

show broadcast-block config, 51

show cli-console-timeout, 44 show coordinates, 44

show counters, 332

show dcp forwarding, 237

show dcp server, 236

show device information, 45

show dhcp server, 258

show dot1x, 523

show dot1x guest-vlan mac-info, 524 show dot1x mac-auth mac-info, 524

show dst info, 117

604

show env temperature, 45

show etherchannel, 179

show events config, 541

show events faults config, 542

show events faults status, 543

show events sender email, 295

show events severity, 542

show events smtp-port, 296

show events smtp-server, 295

show events syslogserver, 565

show flow-control, 469

show forward-all, 316 show forward-unregistered, 316

show hardware, 46

show history, 41

show interface access lists, 484

show interface mtu, 46

show interfaces, 47

show interfaces ... counters, 48

show interfaces etherchannel, 180

show ip arp, 307

show ip dhcp client, 254 show ip dhcp client stats, 254

show ip dhcp relay information, 258

show ip dns, 237

show ip dns cache, 238 show ip dns name server, 238

show ip dns statistics, 239

show ip gateway, 235

show ip http secure server status, 305

show ip http server status, 302

show ip igmp snooping, 321 show ip igmp snooping forwarding-database, 321

show ip igmp snooping statistics, 322

show ip igmp snooping switch-ip, 323

show ip interface, 49

show ip ospf, 357

show ip ospf - database summary, 358

show ip ospf area-range / summary-address, 365

show ip ospf border-routers, 360

show ip ospf interface, 361 show ip ospf neighbor, 361

show ip ospf request-list, 362

show ip ospf retransmission-list, 363

show ip ospf route, 357

show ip ospf virtual links, 364

show ip ospf...database..., 359

show ip rip, 412

show ip route, 234, 356

show ip ssh, 312

show ip static route, 234

show ip telnet, 235

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

show lacp, 180

show loadsave files, 81 show loadsave tftp, 81

show lock port, 512

show logbook, 544

show mac-address-table, 142

show mac-address-table aging-status, 464 show mac-address-table aging-time, 464

show mac-address-table count, 146

show mac-address-table dynamic multicast, 143

show mac-address-table dynamic unicast, 144

show mac-address-table static multicast, 145 show mac-address-table static unicast, 145

show monitor, 579

show monitor barrier, 578 show monitor status , 578

show multicast-block config, 52, 349

show nfc active status, 102

show ntp info, 123

show passive-listening, 230

show plug, 106

show pnio, 50

show power-line-state, 547

show ptp info, 136

show qos cos-map, 472 show qos dscp-map, 472

show radius server, 480 show radius statistics, 480

show rate-limit output, 450

show redundancy, 333

show rmon, 568

show running-config, 90

show signaling contact, 114

show snmp, 268 show snmp community, 268

show snmp engineID, 269 show snmp filter, 269

show snmp group, 270 show snmp group access, 270

show snmp inform statistics, 271 show snmp notif, 271

show snmp targetaddr, 272 show snmp targetparam, 272

show snmp tcp, 273 show snmp user, 273

show snmp viewtree, 274

show sntp broadcast-mode status, 128

show sntp status, 129

show sntp unicast-mode status, 128

show spanning-tree, 186

show spanning-tree active, 188 show spanning-tree bridge, 188

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

Index

show spanning-tree detail, 189

show spanning-tree interface, 190

show spanning-tree interface layer2-gateway-port,

191

show spanning-tree mst, 187

show spanning-tree mst configuration, 192

show spanning-tree mst interface, 193

show spanning-tree root, 191

show ssl server-cert, 305

show time, 117

show unicast-block config, 51, 344

show users, 478

show versions, 53

show vlan, 148 show vlan device info, 148

show vlan learning params, 149

show vlan port config, 150 show vlan protocols-group, 150

show web-session-timeout, 109

shutdown, 73

no shutdown, 74

SIMATIC NET glossary, 22

smtp-port, 300

no smtp-port, 301

smtp-server, 297 no smtp-server, 297

snmp

client config, 550

no client config, 551

snmp access, 276

no snmp access , 278

snmp agent version, 276

snmp community index, 279

no snmp community index , 280

snmp group, 281

no snmp group , 282

snmp notify, 283

no snmp notify , 284

snmp targetaddr, 285

no snmp targetaddr , 287 snmp targetparams, 287

no snmp targetparams, 289

snmp user, 291

no snmp user , 292

snmp v1-v2 readonly, 289

no snmp v1-v2 readonly , 290

snmp view, 292

no snmp view , 294

snmpagent, 275 no snmpagent, 275

sntp, 130

sntp client addressing-mode, 131

605

Index

sntp time diff, 131

sntp unicast-server, 133

no sntp unicast-server, 134

spanning-tree, 195

no spanning-tree, 196

spanning-tree (properties), 207

no spanning-tree, 209

spanning-tree (time settings), 204

no spanning-tree, 206

spanning-tree auto-edge, 213 no spanning-tree auto-edge, 213

spanning-tree bpdufilter , 215 spanning-tree bpdu-receive, 215

spanning-tree bpdu-transmit, 214

spanning-tree compatibility, 197

no spanning-tree compatibility, 198

spanning-tree layer2-gateway-port, 216

no spanning-tree layer2-gateway-port, 217 spanning-tree loop-guard, 217

no spanning-tree loop-guard, 218

spanning-tree mst (properties), 210

no spanning-tree mst, 211

spanning-tree mst configuration, 200

spanning-tree mst hello-time, 221

no spanning-tree mst hello-time, 222

spanning-tree mst instance-id root, 202

no spanning-tree mst instance-id root, 203

spanning-tree mst max-hops, 201

no spanning-tree mst max-hops, 202

spanning-tree mst pseudoRootId, 223

no spanning-tree mst pseudoRootId, 224

spanning-tree priority, 198

no spanning-tree priority, 199

spanning-tree restricted-role, 219 no spanning-tree restricted-role , 219

spanning-tree restricted-tcn, 220

no spanning-tree restricted-tcn, 221

speed, 75

ssh-server, 312

no ssh-server, 313

standby connection name, 338, 339

standby ports, 341, 342 standby wait-for-partner, 342

no standby wait-for-partner, 343

start, 516 stop, 516

storm-control, 452

no storm-control, 454 storm-control level, 454

no storm-control level, 455

subnet-vlan, 157 no subnet-vlan, 157

606

summary-address, 393

no summary-address, 395

switchport, 75

no switchport, 76

switchport acceptable-frame-type, 162 no switchport acceptable-frame-type , 162

switchport access vlan, 163

no switchport access vlan , 164

switchport ingress-filter, 462

no switchport ingress-filter , 463

switchport lock, 514

no switchport lock, 515

switchport mode, 166

no switchport mode, 167

switchport priority default, 168

no switchport priority default , 169 switchport pvid, 169

no switchport pvid , 170

syslogserver, 562, 566

no syslogserver, 563

no syslogserver , 567

system contact, 65

system location, 66 system name, 66

T

telnet-server, 244

no telnet-server, 245

tftp filename, 85

tftp load, 86

tftp save, 87

tftp server, 88

Downloading, 82

Saving, 83

time, 118

time dst date, 120

no time dst, 122

time dst recurring, 121

time set, 119

U

username, 67

V

version

no version, 422

vlan, 158

no vlan , 159

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

vrrp associated-ip, 436

no vrrp associated-ip, 437

vrrp group shutdown, 438

vrrp ipv4

no vrrp ipv4, 442

vrrp preempt, 439

no vrrp preempt, 440

vrrp primary-ip, 441

vrrp priority, 443

no vrrp priority, 444

vrrp text-authentication, 445

no vrrp text-authentication, 446

vrrp timer, 447

W

web-session-timeout, 110 no web-session-timeout, 110

whoami, 478

write, 108

write startup-config, 92

Index

SCALANCE XM-400/XR-500 Command Line Interface

Configuration Manual, 03/2014, C79000-G8976-C252-06

607

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project