Manuals+

User Manual for SIEMENS models including: XF-200BA, XB-200, XC-200, XP-200, XR-300WG, Industrial Ethernet Switches

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

C79000-G8976-C361-12; 10/2021

"C79000-G8976-C361-12;, 10/2021"

Siemens AG

PDF SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command...

4.2.3 load tftp. 4.2.4 save filetype. 4.2.5 Commands in the global configuration mode.

[PDF] XF-200BA/XP-200/XR-300WG Command Line - Support

Legal information. Warning notice system. This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent.


File Info : application/pdf, 716 Pages, 2.53MB

PDF preview unavailable. Download the PDF instead.

PH SCALANCE-XB-200-XC-200-XF-200BA-XP-200-XR-300WG-CLI 76 
SIMATIC NET
Industrial Ethernet Switches SCALANCE XB-200/XC-200/ XF-200BA/XP-200/XR-300WG Command Line Interface
Configuration Manual

Introduction

1

General information

2

General CLI commands

3

Configuration

4

Functions specific to SCALANCE

5

System time

6

Network structures

7

Network protocols

8

Layer 2 management protocols

9

Layer 3 functions

10

Load control

11

Security and authentication

12

Diagnostics

13

10/2021
C79000-G8976-C361-12

Legal information
Warning notice system This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.
DANGER indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION indicates that minor personal injury can result if proper precautions are not taken.
NOTICE indicates that property damage can result if proper precautions are not taken. If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.
Qualified Personnel The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems.
Proper use of Siemens products Note the following:
WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.

Siemens AG Division Process Industries and Drives Postfach 48 48 90026 NÜRNBERG GERMANY

C79000-G8976-C361-12  10/2021 Subject to change

Copyright © Siemens AG 2015 - 2021. All rights reserved

Table of contents

1 Introduction.................................................................................................................................................23

2 General information ....................................................................................................................................29

2.1

System functions hardware equipment ..................................................................................29

2.2

Configuration limits.................................................................................................................32

2.3

Features not supported ..........................................................................................................35

2.4

Initial assignment of an IP address ........................................................................................36

2.5

Working with the Command Line Interface (CLI) ...................................................................38

2.6

Protection from brute force attacks ........................................................................................41

2.7

Structure of the Command Line Interface ..............................................................................42

2.8

The CLI command prompt .....................................................................................................44

2.9

Symbols of the CLI commands ..............................................................................................45

2.10 2.10.1 2.10.2

Addresses and interface names.............................................................................................46 Naming interfaces ..................................................................................................................46 Address types, address ranges and address masks .............................................................48

3 General CLI commands..............................................................................................................................49

3.1

clear screen............................................................................................................................50

3.2

do ...........................................................................................................................................51

3.3

end .........................................................................................................................................52

3.4

exit..........................................................................................................................................53

3.5 3.5.1 3.5.2 3.5.3 3.5.4 3.5.5 3.5.6 3.5.7 3.5.7.1 3.5.8

Help functions and supported input........................................................................................54 help ........................................................................................................................................54 The command "?"...................................................................................................................55 Completion of command entries ............................................................................................56 Abbreviated notation of commands........................................................................................56 Reusing the last used commands ..........................................................................................57 Working through a command sequence ................................................................................57 The "show" commands ..........................................................................................................58 show history ...........................................................................................................................58 clear history............................................................................................................................58

4 Configuration ..............................................................................................................................................61

4.1 4.1.1 4.1.1.1 4.1.1.2 4.1.1.3 4.1.1.4 4.1.1.5

System ...................................................................................................................................62 The "show" commands ..........................................................................................................62 show cli-console-timeout........................................................................................................62 show coordinates ...................................................................................................................62 show device information.........................................................................................................63 show environmental temperature...........................................................................................63 show ethernetip......................................................................................................................64

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

3

Table of contents

4.1.1.6 4.1.1.7 4.1.1.8 4.1.1.9 4.1.1.10 4.1.1.11 4.1.1.12 4.1.1.13 4.1.1.14 4.1.1.15 4.1.1.16 4.1.1.17 4.1.1.18 4.1.2 4.1.3 4.1.4 4.1.5 4.1.6 4.1.7 4.1.8 4.1.9 4.1.9.1 4.1.9.2 4.1.9.3 4.1.9.4 4.1.9.5 4.1.9.6 4.1.9.7 4.1.9.8 4.1.9.9 4.1.9.10 4.1.9.11 4.1.9.12 4.1.9.13 4.1.10 4.1.10.1 4.1.10.2 4.1.10.3 4.1.10.4 4.1.10.5 4.1.10.6 4.1.10.7 4.1.10.8 4.1.10.9 4.1.10.10 4.1.10.11 4.1.10.12 4.1.10.13 4.1.10.14 4.1.10.15 4.1.10.16 4.1.10.17

show hardware.......................................................................................................................64 show im ..................................................................................................................................65 show interfaces ......................................................................................................................66 show interfaces ... counters ...................................................................................................67 show ip interface ....................................................................................................................68 show pnio ...............................................................................................................................68 show lldp neighbors ...............................................................................................................69 show lldp status......................................................................................................................70 show broadcast-block config..................................................................................................70 show unicast-block config ......................................................................................................71 show multicast-block config ...................................................................................................72 show noa config .....................................................................................................................72 show versions ........................................................................................................................73 clear counters.........................................................................................................................74 clear line vty ...........................................................................................................................74 configure terminal...................................................................................................................75 disable .................................................................................................................................... 76 enable ....................................................................................................................................76 logout .....................................................................................................................................77 ping ........................................................................................................................................78 Commands in the global configuration mode.........................................................................79 interface .................................................................................................................................79 no interface ............................................................................................................................81 cli-console-timeout .................................................................................................................82 no cli-console-timeout ............................................................................................................83 coordinates height..................................................................................................................83 coordinates latitude ................................................................................................................84 coordinates longitude .............................................................................................................85 ethernetip ...............................................................................................................................86 pnio ........................................................................................................................................87 system contact .......................................................................................................................87 system location ......................................................................................................................88 system name..........................................................................................................................89 username ...............................................................................................................................90 Commands in the interface configuration mode.....................................................................91 alias ........................................................................................................................................ 92 no alias...................................................................................................................................93 broadcast-block ...................................................................................................................... 93 no broadcast-block.................................................................................................................94 duplex.....................................................................................................................................94 no duplex................................................................................................................................95 lldp..........................................................................................................................................96 no lldp.....................................................................................................................................97 media type..............................................................................................................................98 multicast-block .......................................................................................................................99 no multicast-block ................................................................................................................100 noa port config .....................................................................................................................101 negotiation............................................................................................................................101 no negotiation.......................................................................................................................102 shutdown .............................................................................................................................. 103 no shutdown.........................................................................................................................104 power ...................................................................................................................................104

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

4

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

4.1.10.18 4.1.10.19 4.1.10.20 4.1.10.21
4.2 4.2.1 4.2.2 4.2.2.1 4.2.2.2 4.2.3 4.2.4 4.2.5 4.2.5.1 4.2.6 4.2.6.1 4.2.6.2 4.2.6.3 4.2.6.4 4.2.6.5 4.2.6.6 4.2.6.7 4.2.6.8 4.2.6.9 4.2.6.10 4.2.6.11
4.3 4.3.1 4.3.2 4.3.2.1 4.3.2.2 4.3.2.3
4.4 4.4.1 4.4.1.1 4.4.2 4.4.3 4.4.3.1 4.4.3.2
4.5 4.5.1 4.5.1.1 4.5.2 4.5.2.1 4.5.2.2 4.5.2.3 4.5.2.4 4.5.2.5
4.6 4.6.1 4.6.1.1

speed ...................................................................................................................................105 unicast-block ........................................................................................................................106 no unicast-block ...................................................................................................................106 unicast-mac flush .................................................................................................................107
Load and Save .....................................................................................................................109 File list ..................................................................................................................................109 The "show" commands ........................................................................................................110 show loadsave files ..............................................................................................................110 show loadsave tftp ...............................................................................................................111 load tftp ................................................................................................................................111 save filetype .........................................................................................................................112 Commands in the global configuration mode.......................................................................113 loadsave ............................................................................................................................... 114 Commands in the LOADSAVE configuration mode .............................................................114 delete ...................................................................................................................................115 password .............................................................................................................................. 116 no password.........................................................................................................................117 tftp filename..........................................................................................................................117 tftp load ................................................................................................................................118 tftp save................................................................................................................................119 tftp server .............................................................................................................................120 sftp filename.........................................................................................................................121 sftp load................................................................................................................................121 sftp save...............................................................................................................................122 sftp server ............................................................................................................................123
Reset and Defaults...............................................................................................................125 restart ...................................................................................................................................125 Commands in global configuration mode.............................................................................126 Introductory sentence for the global configuration mode .....................................................126 schedule restart-timer ..........................................................................................................126 cancel restart-time................................................................................................................127
Configuration Save & Restore..............................................................................................128 The "show" commands ........................................................................................................128 show running-config .............................................................................................................128 write startup-config...............................................................................................................131 Commands in the global configuration mode.......................................................................132 auto-save .............................................................................................................................132 no auto-save ........................................................................................................................133
DCP Discovery and Set (DaS) .............................................................................................135 The "show" commands ........................................................................................................135 show das info .......................................................................................................................135 Commands in the global configuration mode.......................................................................136 das discover interface ..........................................................................................................136 das mac name......................................................................................................................137 das mac ip............................................................................................................................138 das mac blink .......................................................................................................................139 das delete.............................................................................................................................140
PoE ......................................................................................................................................141 The "show" commands ........................................................................................................141 show poe status ...................................................................................................................141

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

5

Table of contents

4.6.1.2 4.6.2 4.6.2.1 4.6.2.2 4.6.3 4.6.3.1 4.6.3.2 4.6.3.3 4.6.3.4 4.6.3.5 4.6.3.6 4.6.3.7 4.6.3.8 4.6.3.9 4.6.3.10

show pse status ...................................................................................................................142 Commands in the global configuration mode.......................................................................142 poe pse usage......................................................................................................................143 no poe pse usage.................................................................................................................143 Commands in the Interface Configuration mode..................................................................144 poe active.............................................................................................................................144 no poe active........................................................................................................................145 poe custom maxpwr .............................................................................................................145 no poe custom maxpwr ........................................................................................................146 poe custom maxpwr active...................................................................................................147 no poe custom maxpwr active..............................................................................................148 poe type ...............................................................................................................................148 no poe type ..........................................................................................................................149 poe prio ................................................................................................................................149 no poe prio ...........................................................................................................................150

4.7 4.7.1 4.7.1.1 4.7.2 4.7.2.1 4.7.2.2

SINEMA ...............................................................................................................................151 The "show" commands ........................................................................................................151 show sinema ........................................................................................................................151 Commands in the global configuration mode.......................................................................151 sinema..................................................................................................................................152 no sinema.............................................................................................................................152

5 Functions specific to SCALANCE.............................................................................................................155

5.1 5.1.1 5.1.1.1 5.1.2 5.1.2.1 5.1.3 5.1.3.1 5.1.3.2 5.1.3.3 5.1.3.4

PLUG ...................................................................................................................................156 The "show" commands ........................................................................................................156 show plug .............................................................................................................................156 Commands in the global configuration mode.......................................................................156 plug ......................................................................................................................................157 Commands in the Plug configuration mode .........................................................................157 factoryclean .......................................................................................................................... 158 firmware-on-plug ..................................................................................................................158 no firmware on plug..............................................................................................................159 write......................................................................................................................................159

5.2 5.2.1 5.2.1.1 5.2.2 5.2.2.1 5.2.2.2

WBM ....................................................................................................................................161 The "show" commands ........................................................................................................161 show web-session-timeout...................................................................................................161 Commands in the global configuration mode.......................................................................161 web-session-timeout ............................................................................................................162 no web-session-timeout .......................................................................................................162

5.3 5.3.1 5.3.1.1 5.3.1.2 5.3.1.3 5.3.1.4

Panel button .........................................................................................................................164 Commands in the global configuration mode.......................................................................164 panel-button control-factory-defaults....................................................................................164 no panel-button control-factory-defaults...............................................................................165 panel-button control-faultmask.............................................................................................166 no panel-button control-faultmask........................................................................................166

5.4 5.4.1 5.4.1.1 5.4.2 5.4.2.1

Signaling contact..................................................................................................................168 The "show" commands ........................................................................................................168 show signaling contact .........................................................................................................168 Commands in the global configuration mode.......................................................................168 signaling contact mode ........................................................................................................169

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

6

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

5.4.2.2

signaling-contact status........................................................................................................169

6 System time..............................................................................................................................................171

6.1 6.1.1 6.1.1.1 6.1.1.2 6.1.2 6.1.2.1 6.1.2.2 6.1.2.3 6.1.2.4 6.1.2.5

System time setting..............................................................................................................171 The "show" commands ........................................................................................................171 show dst info ........................................................................................................................171 show time .............................................................................................................................171 Commands in the global configuration mode.......................................................................172 time ......................................................................................................................................172 time set.................................................................................................................................173 time dst date.........................................................................................................................174 time dst recurring .................................................................................................................175 no time dst............................................................................................................................176

6.2 6.2.1 6.2.1.1 6.2.2 6.2.2.1 6.2.3 6.2.3.1 6.2.3.2 6.2.3.3 6.2.3.4 6.2.3.5 6.2.3.6

NTP client.............................................................................................................................177 The "show" commands ........................................................................................................177 show ntp info ........................................................................................................................177 Commands in the global configuration mode.......................................................................177 ntp ........................................................................................................................................178 Commands in the NTP configuration mode .........................................................................178 ntp server id .........................................................................................................................179 no ntp server id ....................................................................................................................180 ntp server id secure..............................................................................................................180 ntp secure ............................................................................................................................181 no ntp secure .......................................................................................................................182 ntp time diff...........................................................................................................................182

6.3 6.3.1 6.3.1.1 6.3.1.2 6.3.1.3 6.3.2 6.3.2.1 6.3.3 6.3.3.1 6.3.3.2 6.3.3.3 6.3.3.4

SNTP client ..........................................................................................................................184 The "show" commands ........................................................................................................184 show sntp broadcast-mode status .......................................................................................184 show sntp unicast-mode status............................................................................................184 show sntp status ..................................................................................................................185 Commands in the global configuration mode.......................................................................185 sntp ......................................................................................................................................186 Commands in the SNTP configuration mode.......................................................................186 sntp client addressing-mode ................................................................................................187 sntp time diff.........................................................................................................................188 sntp unicast-server ipv4 .......................................................................................................189 no sntp unicast-server ipv4 .................................................................................................190

6.4 6.4.1 6.4.1.1 6.4.2 6.4.2.1 6.4.2.2 6.4.2.3 6.4.2.4 6.4.3 6.4.3.1 6.4.3.2 6.4.4 6.4.4.1 6.4.4.2

PTP Client ............................................................................................................................191 The "show" commands ........................................................................................................191 show ptp info ........................................................................................................................191 Commands in global configuration mode.............................................................................192 ptp ........................................................................................................................................192 no ptp ...................................................................................................................................193 ptp time diff...........................................................................................................................193 ptp transparent-clock configuration ......................................................................................194 Commands in the PTP Transparent Clock configuration mode ...........................................195 delay-mechanism .................................................................................................................195 primary-domain ....................................................................................................................196 Commands in interface configuration mode.........................................................................196 ptp ........................................................................................................................................197 no ptp ...................................................................................................................................197

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

7

Table of contents

6.4.4.3

ptp transparent-clock transport-mechanism.........................................................................198

7 Network structures....................................................................................................................................201

7.1 7.1.1 7.1.1.1 7.1.1.2 7.1.1.3 7.1.1.4 7.1.1.5 7.1.1.6 7.1.1.7 7.1.1.8 7.1.1.9 7.1.1.10 7.1.1.11 7.1.2 7.1.2.1 7.1.2.2 7.1.2.3 7.1.2.4 7.1.2.5 7.1.2.6 7.1.2.7 7.1.2.8 7.1.2.9 7.1.3 7.1.3.1 7.1.3.2 7.1.3.3 7.1.3.4 7.1.3.5 7.1.3.6 7.1.3.7 7.1.3.8 7.1.3.9 7.1.3.10 7.1.3.11 7.1.3.12 7.1.3.13 7.1.3.14 7.1.3.15 7.1.3.16 7.1.3.17 7.1.3.18 7.1.3.19 7.1.3.20 7.1.4 7.1.4.1 7.1.4.2 7.1.4.3 7.1.4.4

VLAN .................................................................................................................................... 202 The "show" commands VLAN bridge) ..................................................................................203 show mac-address-table ......................................................................................................203 show mac-address-table count ............................................................................................204 show mac-address-table dynamic multicast ........................................................................205 show mac-address-table dynamic unicast ...........................................................................206 show mac-address-table static multicast .............................................................................207 show mac-address-table static unicast ................................................................................208 show vlan .............................................................................................................................208 show vlan device info ...........................................................................................................209 show vlan learning params ..................................................................................................210 show vlan port config ...........................................................................................................210 show vlan private-vlan..........................................................................................................211 Commands in the global configuration mode (VLAN bridge) ...............................................212 base bridge-mode ...............................................................................................................213 bridge-mode .........................................................................................................................214 interface range .....................................................................................................................215 no interface range ................................................................................................................216 mgmt vlan ............................................................................................................................217 vlan.......................................................................................................................................218 no vlan..................................................................................................................................219 vlan range ............................................................................................................................220 vlan tag-priority override.......................................................................................................220 Commands in the Interface configuration mode (VLAN Bridge) ..........................................221 private-vlan mapping............................................................................................................222 no private-vlan mapping.......................................................................................................222 switchport acceptable-frame-type ........................................................................................223 no switchport acceptable-frame-type ...................................................................................224 switchport access vlan .........................................................................................................225 no switchport access vlan ....................................................................................................226 switchport mode ...................................................................................................................226 no switchport mode ..............................................................................................................228 switchport mode private vlan................................................................................................228 switchport mode dot1q-tunnel ..............................................................................................229 no switchport mode dot1q-tunnel .........................................................................................230 switchport priority default .....................................................................................................231 no switchport priority default ................................................................................................231 switchport private-vlan host-association ..............................................................................232 no switchport private-vlan host-association .........................................................................233 switchport private-vlan mapping...........................................................................................234 no switchport private-vlan mapping......................................................................................235 switchport pvid .....................................................................................................................235 no switchport pvid ................................................................................................................236 tia interface...........................................................................................................................237 Commands in the VLAN configuration mode (VLAN Bridge)...............................................237 name ....................................................................................................................................238 no name ...............................................................................................................................239 ports .....................................................................................................................................239 no ports ................................................................................................................................241

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

8

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

7.1.4.5 7.1.4.6 7.1.4.7 7.1.4.8 7.1.4.9 7.1.4.10 7.1.4.11 7.1.4.12 7.1.5 7.1.5.1 7.1.5.2 7.1.5.3 7.1.5.4 7.1.6 7.1.6.1 7.1.6.2
7.2 7.2.1 7.2.1.1 7.2.1.2 7.2.1.3 7.2.2 7.2.2.1 7.2.2.2 7.2.2.3 7.2.2.4
7.3 7.3.1 7.3.1.1 7.3.1.2 7.3.1.3 7.3.1.4 7.3.1.5 7.3.1.6 7.3.1.7 7.3.1.8 7.3.1.9 7.3.1.10 7.3.1.11 7.3.2 7.3.3 7.3.4 7.3.4.1 7.3.4.2 7.3.4.3 7.3.4.4 7.3.4.5 7.3.4.6 7.3.4.7 7.3.4.8 7.3.4.9

priority ..................................................................................................................................243 no priority .............................................................................................................................244 priority-enable ......................................................................................................................244 no priority-enable .................................................................................................................245 private-vlan...........................................................................................................................246 no private-vlan......................................................................................................................246 private-vlan association........................................................................................................247 no private-vlan association...................................................................................................248 The "show" commands (Transparent Bridge) ......................................................................249 show dot1d mac-address-table ............................................................................................249 show dot1d mac-address-table static multicast ...................................................................250 show dot1d mac-address-table static unicast ......................................................................250 show vlan device info ...........................................................................................................251 Commands in the global configuration mode (Transparent Bridge).....................................252 base bridge-mode ...............................................................................................................252 vlan.......................................................................................................................................254
Link aggregation...................................................................................................................255 The "show" commands ........................................................................................................255 show etherchannel ...............................................................................................................255 show interfaces etherchannel ..............................................................................................256 show lacp .............................................................................................................................257 Commands in the interface configuration mode...................................................................257 channel-group ......................................................................................................................258 no channel-group .................................................................................................................259 lacp timeout..........................................................................................................................259 no lacp timeout.....................................................................................................................260
Spanning Tree......................................................................................................................261 The "show" commands ........................................................................................................261 show spanning-tree..............................................................................................................261 show spanning-tree active ...................................................................................................262 show spanning-tree bridge...................................................................................................263 show spanning-tree detail ....................................................................................................263 show spanning-tree interface ...............................................................................................264 show spanning-tree interface layer2-gateway-port ..............................................................265 show spanning-tree mst .......................................................................................................266 show spanning-tree mst configuration .................................................................................266 show spanning-tree mst interface ........................................................................................267 show spanning-tree passive-listening-compatibility .............................................................268 show spanning-tree root.......................................................................................................269 clear spanning-tree detected protocols ................................................................................270 clear spanning-tree counters................................................................................................270 Commands in the global configuration mode.......................................................................271 spanning-tree .......................................................................................................................271 no spanning-tree ..................................................................................................................272 spanning-tree compatibility ..................................................................................................273 no spanning-tree compatibility .............................................................................................274 spanning-tree mst configuration...........................................................................................274 spanning-tree mst instance-id root.......................................................................................275 no spanning-tree mst instance-id root..................................................................................276 spanning-tree mst max-hops................................................................................................277 no spanning-tree mst max-hops...........................................................................................278

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

9

Table of contents

7.3.4.10 7.3.4.11 7.3.4.12 7.3.4.13 7.3.4.14 7.3.4.15 7.3.4.16 7.3.4.17 7.3.5 7.3.5.1 7.3.5.2 7.3.5.3 7.3.5.4 7.3.5.5 7.3.5.6 7.3.5.7 7.3.5.8 7.3.5.9 7.3.5.10 7.3.5.11 7.3.5.12 7.3.5.13 7.3.5.14 7.3.5.15 7.3.5.16 7.3.5.17 7.3.5.18 7.3.5.19 7.3.5.20 7.3.5.21 7.3.5.22 7.3.5.23 7.3.6 7.3.6.1 7.3.6.2 7.3.6.3 7.3.6.4 7.3.6.5 7.3.6.6

spanning-tree priority ...........................................................................................................278 no spanning-tree priority ......................................................................................................279 spanning-tree passive-listening-compatibility.......................................................................280 no spanning-tree passive-listening-compatibility..................................................................281 spanning-tree rstp-plus ........................................................................................................281 no spanning-tree rstp-plus ...................................................................................................282 spanning-tree rstp-plus mrp-intercon-domain-id ..................................................................283 Time settings for the Spanning Tree protocol ......................................................................284 Commands in the interface configuration mode...................................................................286 spanning-tree .......................................................................................................................287 no spanning-tree ..................................................................................................................288 spanning-tree auto-edge ......................................................................................................290 no spanning-tree auto-edge .................................................................................................290 spanning-tree bpdu-transmit ................................................................................................291 spanning-tree bpdu-receive .................................................................................................292 spanning-tree bpdufilter .......................................................................................................292 spanning-tree layer2-gateway-port ......................................................................................293 no spanning-tree layer2-gateway-port .................................................................................294 spanning-tree loop-guard .....................................................................................................294 no spanning-tree loop-guard ................................................................................................295 spanning-tree mst ................................................................................................................296 no spanning-tree mst ...........................................................................................................297 spanning-tree mst hello-time................................................................................................298 no spanning-tree mst hello-time...........................................................................................299 spanning-tree mst PseudoRootId.........................................................................................300 no spanning-tree mst PseudoRootId....................................................................................301 spanning-tree restricted-role ................................................................................................302 no spanning-tree restricted-role ...........................................................................................302 spanning-tree restricted-tcn .................................................................................................303 no spanning-tree restricted-tcn ............................................................................................303 spanning-tree limited-tcn......................................................................................................304 no spanning-tree limited-tcn.................................................................................................305 Commands in the MSTP configuration mode ......................................................................305 instance ................................................................................................................................ 306 no instance...........................................................................................................................307 name ....................................................................................................................................308 no name ...............................................................................................................................308 revision ................................................................................................................................. 309 no revision............................................................................................................................310

7.4 7.4.1 7.4.1.1 7.4.2 7.4.2.1 7.4.2.2 7.4.2.3 7.4.2.4

Passive Listening .................................................................................................................311 The "show" commands ........................................................................................................311 show passive-listening .........................................................................................................311 Commands in the global configuration mode.......................................................................311 passive-listening bpdu-vlan-flood.........................................................................................312 no passive-listening bpdu-vlan-flood....................................................................................312 passive-listening...................................................................................................................313 no passive-listening..............................................................................................................314

8 Network protocols.....................................................................................................................................315

8.1 8.1.1 8.1.1.1

IPv4 protocol ........................................................................................................................316 The "show" commands ........................................................................................................316 show ip gateway...................................................................................................................316

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

10

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

8.1.1.2 8.1.1.3 8.1.1.4 8.1.2 8.1.2.1 8.1.2.2 8.1.2.3 8.1.2.4 8.1.2.5 8.1.2.6 8.1.2.7 8.1.2.8 8.1.2.9 8.1.2.10 8.1.3 8.1.3.1 8.1.3.2 8.1.3.3 8.1.3.4
8.2 8.2.1 8.2.1.1 8.2.1.2 8.2.2 8.2.2.1 8.2.2.2 8.2.2.3 8.2.3 8.2.3.1 8.2.3.2
8.3 8.3.1 8.3.1.1 8.3.1.2 8.3.2 8.3.2.1 8.3.2.2 8.3.2.3 8.3.2.4 8.3.2.5 8.3.2.6 8.3.3 8.3.3.1 8.3.3.2 8.3.3.3 8.3.3.4 8.3.3.5 8.3.3.6 8.3.3.7 8.3.3.8 8.3.3.9

show ip telnet .......................................................................................................................316 show dcp server ...................................................................................................................317 show dcp forwarding ............................................................................................................317 Commands in the global configuration mode.......................................................................318 ip gateway ............................................................................................................................319 no ip gateway .......................................................................................................................319 ip echo-reply.........................................................................................................................320 no ip echo-reply....................................................................................................................321 telnet-server .........................................................................................................................321 no telnet-server ....................................................................................................................322 telnet-server port ..................................................................................................................322 no telnet-server port .............................................................................................................323 dcp server ............................................................................................................................324 no dcp server .......................................................................................................................324 Commands in the interface configuration mode...................................................................325 dcp forwarding......................................................................................................................326 ip address.............................................................................................................................326 no ip address........................................................................................................................327 ip address dhcp....................................................................................................................328
DHCP client..........................................................................................................................330 The "show" commands ........................................................................................................330 show ip dhcp client stats ......................................................................................................330 show ip dhcp client ..............................................................................................................330 Commands in the global configuration mode.......................................................................331 ip dhcp config-file-request ....................................................................................................331 no ip dhcp config-file-request ...............................................................................................332 ip dhcp client mode ..............................................................................................................333 Commands in the Interface configuration mode ..................................................................333 ip address dhcp....................................................................................................................334 no ip address........................................................................................................................334
DHCP server ........................................................................................................................336 The "show" commands ........................................................................................................336 show ip dhcp-server bindings...............................................................................................336 show ip dhcp-server pools ...................................................................................................337 Commands in the global configuration mode.......................................................................337 ip dhcp-server ......................................................................................................................338 no ip dhcp-server .................................................................................................................338 ip dhcp-server icmp-probe ...................................................................................................339 no ip dhcp-server icmp-probe ..............................................................................................340 ip dhcp-server pool...............................................................................................................341 no ip dhcp-server pool..........................................................................................................342 Commands in the DHCPPOOL configuration mode ............................................................342 lease-time.............................................................................................................................343 network.................................................................................................................................344 Option (IP address) ..............................................................................................................345 option value-string................................................................................................................346 no option ..............................................................................................................................347 pool-enable ..........................................................................................................................348 no pool-enable .....................................................................................................................349 ports .....................................................................................................................................349 no ports ................................................................................................................................350

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

11

Table of contents

8.3.3.10 8.3.3.11 8.3.3.12 8.3.3.13 8.3.3.14 8.3.3.15 8.3.3.16
8.4 8.4.1 8.4.1.1 8.4.1.2 8.4.2 8.4.2.1 8.4.2.2 8.4.2.3 8.4.2.4 8.4.2.5 8.4.2.6 8.4.2.7 8.4.2.8 8.4.2.9 8.4.2.10 8.4.2.11 8.4.3 8.4.3.1 8.4.3.2 8.4.3.3 8.4.3.4
8.5 8.5.1 8.5.1.1 8.5.1.2 8.5.1.3 8.5.1.4 8.5.1.5 8.5.1.6 8.5.1.7 8.5.1.8 8.5.1.9 8.5.1.10 8.5.1.11 8.5.1.12 8.5.1.13 8.5.2 8.5.2.1 8.5.2.2 8.5.2.3 8.5.2.4 8.5.2.5 8.5.2.6 8.5.2.7

relay-information ..................................................................................................................351 no relay-information .............................................................................................................352 set-interface .........................................................................................................................353 static-lease ...........................................................................................................................354 no static-lease ......................................................................................................................355 host ......................................................................................................................................356 no host .................................................................................................................................357
DHCP Relay.........................................................................................................................359 The "show" commands ........................................................................................................359 show dhcp server .................................................................................................................359 show ip dhcp relay information.............................................................................................360 Commands in the Global Configuration mode .....................................................................360 ip dhcp server.......................................................................................................................361 no ip dhcp server..................................................................................................................361 ip dhcp relay circuit-id option................................................................................................362 ip dhcp relay information option ...........................................................................................363 no ip dhcp relay information option ......................................................................................364 ip dhcp relay common-agent-address..................................................................................364 no ip dhcp relay common-agent-address.............................................................................365 ip dhcp relay common-agent-address-interface...................................................................366 no ip dhcp relay common-agent-address-interface..............................................................367 service dhcp-relay ................................................................................................................367 no service dhcp-relay ...........................................................................................................368 Commands in the Interface Configuration mode..................................................................369 ip dhcp relay circuit-id .........................................................................................................369 no ip dhcp relay circuit-id ....................................................................................................370 ip dhcp relay remote-id ........................................................................................................371 no ip dhcp relay remote-id ...................................................................................................371
SNMP ................................................................................................................................... 373 The "show" commands ........................................................................................................374 show snmp ...........................................................................................................................374 show snmp community.........................................................................................................374 show snmp engineID............................................................................................................375 show snmp filter ...................................................................................................................375 show snmp group.................................................................................................................376 show snmp group access.....................................................................................................376 show snmp inform statistics .................................................................................................377 show snmp notif ...................................................................................................................377 show snmp targetaddr..........................................................................................................378 show snmp targetparam.......................................................................................................378 show snmp tcp .....................................................................................................................379 show snmp user ...................................................................................................................379 show snmp viewtree.............................................................................................................380 Commands in the global configuration mode.......................................................................380 snmpagent ...........................................................................................................................381 no snmpagent ......................................................................................................................381 snmpagent port ....................................................................................................................382 no snmpagent port ...............................................................................................................382 snmp agent version..............................................................................................................383 snmp access ........................................................................................................................384 no snmp access ...................................................................................................................385

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

12

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

8.5.2.8 8.5.2.9 8.5.2.10 8.5.2.11 8.5.2.12 8.5.2.13 8.5.2.14 8.5.2.15 8.5.2.16 8.5.2.17 8.5.2.18 8.5.2.19 8.5.2.20 8.5.2.21 8.5.2.22 8.5.2.23 8.5.2.24 8.5.2.25
8.6 8.6.1 8.6.1.1 8.6.1.2 8.6.1.3 8.6.2 8.6.2.1 8.6.2.2 8.6.2.3 8.6.2.4 8.6.2.5 8.6.3 8.6.3.1 8.6.3.2 8.6.3.3 8.6.3.4 8.6.3.5 8.6.3.6 8.6.3.7 8.6.3.8 8.6.3.9 8.6.3.10 8.6.3.11 8.6.3.12 8.6.3.13
8.7 8.7.1 8.7.1.1 8.7.2 8.7.2.1 8.7.2.2 8.7.2.3 8.7.2.4

snmp community index ........................................................................................................386 no snmp community index ...................................................................................................387 snmp engineid migrate.........................................................................................................388 no snmp engineid migrate....................................................................................................389 snmp group ..........................................................................................................................390 no snmp group .....................................................................................................................391 snmp notify...........................................................................................................................391 no snmp notify......................................................................................................................392 snmp targetaddr ...................................................................................................................393 no snmp targetaddr ..............................................................................................................395 snmp targetparams ..............................................................................................................396 no snmp targetparams .........................................................................................................398 snmp v1-v2 readonly............................................................................................................398 no snmp v1-v2 readonly.......................................................................................................399 snmp user ............................................................................................................................400 no snmp user .......................................................................................................................401 snmp view ............................................................................................................................401 no snmp view .......................................................................................................................403
SMTP client..........................................................................................................................404 The "show" commands ........................................................................................................404 show events smtp-server .....................................................................................................404 show events sender email....................................................................................................404 show events smtp-port .........................................................................................................405 Commands in the Events configuration mode .....................................................................405 smtp-server ..........................................................................................................................406 no smtp-server .....................................................................................................................407 sender mail-address.............................................................................................................407 no sender mail-address........................................................................................................408 send test mail .......................................................................................................................409 Commands in SMTP server configuration mode .................................................................409 Introductory sentence for the SMTP server configuration mode..........................................409 auth username .....................................................................................................................409 no auth username ................................................................................................................410 port .......................................................................................................................................411 no port ..................................................................................................................................412 sender address ....................................................................................................................412 no sender address ...............................................................................................................413 receiver-address .................................................................................................................414 no receiver-address ............................................................................................................414 security ................................................................................................................................. 415 no security............................................................................................................................416 smtp-server-enable ..............................................................................................................417 no smtp-server-enable .........................................................................................................417
HTTP server.........................................................................................................................419 The "show" commands ........................................................................................................419 show ip http server status ....................................................................................................419 Commands in the global configuration mode.......................................................................419 ip http ...................................................................................................................................420 no ip http ..............................................................................................................................420 ip http port ............................................................................................................................421 no ip http port .......................................................................................................................422

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

13

Table of contents

8.8 8.8.1 8.8.1.1 8.8.1.2 8.8.2 8.8.2.1 8.8.2.2 8.8.2.3 8.8.2.4

HTTPS server ......................................................................................................................423 The "show" commands ........................................................................................................423 show ip http secure server status.........................................................................................423 show ssl server-cert .............................................................................................................423 Commands in global configuration mode.............................................................................424 ip http secure........................................................................................................................424 no ip http secure...................................................................................................................425 ip http secure port ................................................................................................................425 no ip http secure port ...........................................................................................................426

8.9 8.9.1 8.9.1.1 8.9.2 8.9.2.1 8.9.2.2

ARP ...................................................................................................................................... 427 The "show" commands ........................................................................................................427 show ip arp...........................................................................................................................427 Commands in the global configuration mode.......................................................................428 arp timeout ...........................................................................................................................428 no arp timeout ......................................................................................................................429

8.10 8.10.1 8.10.1.1 8.10.1.2 8.10.2 8.10.2.1 8.10.2.2 8.10.2.3 8.10.2.4

SSH server...........................................................................................................................430 The "show" commands ........................................................................................................430 show ip ssh ..........................................................................................................................430 show ssh-fingerprint .............................................................................................................430 Commands in the global configuration mode.......................................................................431 ssh-server ............................................................................................................................431 no ssh-server .......................................................................................................................432 ssh-server port ....................................................................................................................432 no ssh-server port ...............................................................................................................433

9 Layer 2 management protocols ................................................................................................................435

9.1 9.1.1 9.1.1.1 9.1.1.2 9.1.2 9.1.2.1 9.1.2.2 9.1.2.3 9.1.2.4

GARP ...................................................................................................................................436 The "show" commands ........................................................................................................436 show forward-all ...................................................................................................................436 show forward-unregistered...................................................................................................437 Commands in the global configuration mode.......................................................................437 gmrp .....................................................................................................................................438 no gmrp ................................................................................................................................438 gvrp ......................................................................................................................................439 no gvrp .................................................................................................................................440

9.2 9.2.1 9.2.1.1 9.2.1.2 9.2.1.3 9.2.1.4 9.2.1.5 9.2.1.6 9.2.1.7 9.2.2 9.2.2.1 9.2.2.2 9.2.2.3 9.2.2.4 9.2.2.5

IGMP snooping ....................................................................................................................442 The "show" commands ........................................................................................................442 show ip igmp snooping.........................................................................................................442 show ip igmp snooping forwarding-database.......................................................................443 show ip igmp snooping globals ............................................................................................443 show ip igmp snooping groups.............................................................................................444 show ip igmp snooping mrouter ...........................................................................................445 show ip igmp snooping statistics..........................................................................................445 show ip igmp snooping switch-ip..........................................................................................446 Commands in the global configuration mode.......................................................................446 ip igmp snooping version .....................................................................................................447 ip igmp vlan-snooping ..........................................................................................................448 no ip igmp vlan-snooping .....................................................................................................448 ip igmp snooping clear counters ..........................................................................................449 ip igmp snooping switch-ip ...................................................................................................449

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

14

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

9.2.2.6 9.2.2.7 9.2.2.8
9.3 9.3.1 9.3.1.1 9.3.1.2 9.3.2 9.3.2.1 9.3.2.2 9.3.2.3
9.4 9.4.1 9.4.2 9.4.3 9.4.4 9.4.4.1 9.4.4.2 9.4.4.3 9.4.4.4 9.4.5 9.4.5.1 9.4.5.2 9.4.5.3 9.4.5.4 9.4.5.5 9.4.5.6 9.4.5.7 9.4.5.8 9.4.5.9 9.4.6 9.4.6.1 9.4.6.2 9.4.6.3 9.4.6.4 9.4.6.5 9.4.6.6 9.4.6.7 9.4.6.8 9.4.6.9 9.4.6.10 9.4.6.11 9.4.6.12 9.4.6.13 9.4.7 9.4.7.1 9.4.7.2 9.4.7.3 9.4.7.4 9.4.7.5 9.4.7.6

snooping report-process config-level ...................................................................................450 ip igmp snooping port-purge-interval....................................................................................451 no ip igmp snooping port-purge-interval...............................................................................452
IGMP querier........................................................................................................................453 Commands in the Global Configuration mode .....................................................................453 ip igmp snooping querier......................................................................................................453 no ip igmp snooping querier.................................................................................................454 Commands in VLAN configuration mode .............................................................................454 Introductory sentence for the VLAN configuration mode .....................................................454 ip igmp snooping querier......................................................................................................455 no ip igmp snooping querier.................................................................................................456
Ring redundancy and standby connection ...........................................................................457 clear hrp counters ................................................................................................................458 clear ring-redundancy manager counters ............................................................................458 clear standby counter...........................................................................................................459 The "show" commands ........................................................................................................460 show hrp counters................................................................................................................460 show linkcheck .....................................................................................................................461 show ring-redundancy..........................................................................................................461 show ring-redundancy manager counters............................................................................462 Commands in the global configuration mode.......................................................................462 ring-redundancy configuration..............................................................................................463 ring-redundancy hrpobserver ...............................................................................................463 no ring-redundancy hrpobserver ..........................................................................................464 ring-redundancy mode .........................................................................................................465 no ring-redundancy ..............................................................................................................466 ring-redundancy dna-redundancy ........................................................................................467 no ring-redundancy dna-redundancy ...................................................................................467 ring-redundancy standby......................................................................................................468 no ring-redundancy standby.................................................................................................469 Commands in the redundancy configuration mode..............................................................469 linkcheck ..............................................................................................................................470 no linkcheck .........................................................................................................................471 ring ports ..............................................................................................................................472 standby connection-name ....................................................................................................474 no standby connection-name ...............................................................................................474 standby force-master ...........................................................................................................475 no standby force-master ......................................................................................................475 standby port .........................................................................................................................476 no standby port ....................................................................................................................477 standby wait-for-partner .......................................................................................................478 no standby wait-for-partner ..................................................................................................478 mrpinterconnection...............................................................................................................479 no mrpinterconnection..........................................................................................................480 Commands in MRP Interconnection configuration mode.....................................................480 domain-id .............................................................................................................................481 domain-name .......................................................................................................................481 Interface ...............................................................................................................................482 role .......................................................................................................................................483 client-position .......................................................................................................................484 wait-manager .......................................................................................................................485

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

15

Table of contents

9.4.7.7 9.4.7.8

no wait-manager ..................................................................................................................486 Interconnection.....................................................................................................................486

9.5 9.5.1 9.5.1.1 9.5.1.2 9.5.1.3 9.5.1.4 9.5.1.5 9.5.2 9.5.2.1 9.5.2.2 9.5.3 9.5.3.1 9.5.3.2 9.5.3.3 9.5.3.4 9.5.4 9.5.4.1 9.5.4.2

Unicast .................................................................................................................................488 The "show" commands VLAN bridge) ..................................................................................488 show mac-address-table ......................................................................................................488 show mac-address-table dynamic unicast ...........................................................................489 show mac-address-table static unicast ................................................................................490 show unicast-block config ....................................................................................................491 show unicast-mac flush config .............................................................................................492 Commands in the global configuration mode (VLAN bridge) ...............................................492 mac-address-table static unicast..........................................................................................493 no mac-address-table static unicast.....................................................................................494 The "show" commands (Transparent Bridge) ......................................................................495 show dot1d mac-address-table ............................................................................................495 show dot1d mac-address-table static unicast ......................................................................496 show unicast-block config ....................................................................................................496 show unicast-mac flush config .............................................................................................497 Commands in the global configuration mode (Transparent Bridge).....................................498 mac-address-table static unicast..........................................................................................498 no mac-address-table static unicast.....................................................................................499

9.6 9.6.1 9.6.1.1 9.6.1.2 9.6.1.3 9.6.1.4 9.6.2 9.6.2.1 9.6.2.2 9.6.3 9.6.3.1 9.6.3.2 9.6.3.3 9.6.4 9.6.4.1 9.6.4.2

Multicast ...............................................................................................................................501 The "show" commands VLAN bridge) ..................................................................................501 show mac-address-table ......................................................................................................501 show mac-address-table dynamic multicast ........................................................................502 show mac-address-table static multicast .............................................................................503 show multicast-block config .................................................................................................504 Commands in the global configuration mode (VLAN bridge) ...............................................505 mac-address-table static multicast.......................................................................................505 no mac-address-table static multicast..................................................................................506 The "show" commands (Transparent Bridge) ......................................................................507 show dot1d mac-address-table ............................................................................................507 show dot1d mac-address-table static multicast ...................................................................508 show multicast-block config .................................................................................................509 Commands in the global configuration mode (Transparent Bridge).....................................509 mac-address-table static multicast.......................................................................................510 no mac-address-table static multicast..................................................................................511

10 Layer 3 functions ......................................................................................................................................513

10.1 10.1.1 10.1.1.1 10.1.1.2 10.1.1.3 10.1.1.4 10.1.1.5 10.1.2 10.1.2.1 10.1.2.2 10.1.2.3 10.1.2.4 10.1.3

NAT ......................................................................................................................................513 The "show" commands ........................................................................................................514 show ip nat config ................................................................................................................514 show ip nat service...............................................................................................................515 show ip nat service portrange ..............................................................................................516 show ip nat summary ...........................................................................................................516 show ip nat ...........................................................................................................................517 Commands in the global configuration mode.......................................................................518 ip nat ....................................................................................................................................518 no ip nat ...............................................................................................................................519 ip nat timeout........................................................................................................................519 no ip nat timeout...................................................................................................................520 Commands in the Interface configuration mode ..................................................................521

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

16

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

10.1.3.1 10.1.3.2 10.1.3.3 10.1.3.4 10.1.3.5 10.1.3.6 10.1.3.7 10.1.3.8 10.1.3.9 10.1.3.10 10.1.3.11 10.1.3.12

ip nat ....................................................................................................................................521 no ip nat ...............................................................................................................................522 ip nat napt ............................................................................................................................523 no ip nat napt .......................................................................................................................523 ip nat pool.............................................................................................................................524 no ip nat pool........................................................................................................................525 ip nat service ........................................................................................................................525 no ip nat service ...................................................................................................................527 ip nat service portrange........................................................................................................528 no ip nat service portrange...................................................................................................529 ip nat static ...........................................................................................................................530 no ip nat static ......................................................................................................................530

10.2 10.2.1 10.2.1.1 10.2.1.2

Single-Hop Inter-VLAN-Routing ...........................................................................................532 Commands in the global configuration mode.......................................................................532 ip single-hop inter-vlan-routing.............................................................................................532 no ip single-hop inter-vlan-routing........................................................................................533

11 Load control..............................................................................................................................................535

11.1 11.1.1 11.1.1.1 11.1.2 11.1.2.1 11.1.2.2 11.1.2.3 11.1.2.4 11.1.2.5 11.1.2.6

Rate control..........................................................................................................................536 The "show" commands ........................................................................................................536 show rate-limit output ...........................................................................................................536 Commands in the interface configuration mode...................................................................537 rate-limit output ....................................................................................................................537 no rate-limit output ...............................................................................................................538 storm-control ........................................................................................................................539 no storm-control ...................................................................................................................540 storm-control level................................................................................................................541 no storm-control level...........................................................................................................541

11.2 11.2.1 11.2.2 11.2.2.1 11.2.2.2 11.2.2.3 11.2.2.4 11.2.3 11.2.3.1 11.2.3.2 11.2.3.3 11.2.3.4 11.2.4 11.2.4.1 11.2.4.2

Static MAC filtering...............................................................................................................543 network-filtering .................................................................................................................... 543 Commands in the global configuration mode (VLAN bridge) ...............................................544 mac-address-table static multicast.......................................................................................544 no mac-address-table static multicast..................................................................................545 mac-address-table static unicast..........................................................................................546 no mac-address-table static unicast.....................................................................................547 Commands in the global configuration mode (Transparent Bridge).....................................548 mac-address-table static multicast.......................................................................................548 no mac-address-table static multicast..................................................................................549 mac-address-table static unicast..........................................................................................550 no mac-address-table static unicast.....................................................................................551 Commands in the interface configuration mode...................................................................552 switchport ingress-filter ........................................................................................................552 no switchport ingress-filter ...................................................................................................553

11.3 11.3.1 11.3.1.1 11.3.1.2 11.3.2 11.3.2.1 11.3.2.2 11.3.2.3

Dynamic MAC aging ............................................................................................................555 The "show" commands ........................................................................................................555 show mac-address-table aging-time ....................................................................................555 show mac-address-table aging-status .................................................................................555 Commands in the global configuration mode.......................................................................556 mac-address-table aging-time..............................................................................................556 no mac-address-table aging-time.........................................................................................557 mac-address-table aging......................................................................................................558

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

17

Table of contents

11.3.2.4 no mac-address-table aging.................................................................................................558

11.4 11.4.1 11.4.1.1 11.4.2 11.4.2.1

Flow control..........................................................................................................................560 The "show" commands ........................................................................................................560 show flow-control .................................................................................................................560 Commands in the interface configuration mode...................................................................561 flowcontrol ............................................................................................................................561

11.5 11.5.1 11.5.1.1 11.5.1.2 11.5.1.3 11.5.1.4 11.5.1.5 11.5.1.6 11.5.1.7 11.5.2 11.5.2.1 11.5.3 11.5.3.1 11.5.3.2 11.5.3.3 11.5.3.4 11.5.3.5 11.5.3.6 11.5.3.7 11.5.3.8 11.5.3.9 11.5.3.10 11.5.3.11 11.5.3.12

Service classes ....................................................................................................................563 The "show" commands ........................................................................................................563 show qos agent-priority ........................................................................................................563 show qos broadcast-priority .................................................................................................563 show qos cos-map ...............................................................................................................564 show qos cos-remap ............................................................................................................565 show qos dscp-map .............................................................................................................565 show qos scheduling mode..................................................................................................566 show qos-trust-mode............................................................................................................566 Commands in the Global configuration mode ......................................................................567 qos .......................................................................................................................................567 Commands in the QOS configuration mode ........................................................................568 agent-priority ........................................................................................................................569 no agent-priority ...................................................................................................................569 broadcast-priority .................................................................................................................570 no broadcast-priority ............................................................................................................571 cos-map ...............................................................................................................................572 cos-remap ............................................................................................................................573 no cos-remap .......................................................................................................................574 cos-remap-enable ................................................................................................................574 no cos-remap-enable ...........................................................................................................575 dscp-map .............................................................................................................................576 qos-trust-mode .....................................................................................................................577 scheduling mode ..................................................................................................................578

12 Security and authentication ......................................................................................................................581

12.1 12.1.1 12.1.1.1 12.1.1.2 12.1.1.3 12.1.2 12.1.3 12.1.4 12.1.4.1 12.1.4.2 12.1.4.3 12.1.4.4 12.1.4.5 12.1.4.6 12.1.4.7 12.1.4.8 12.1.4.9 12.1.4.10

User management................................................................................................................582 The "show" commands ........................................................................................................582 show password-policy ..........................................................................................................582 show users ...........................................................................................................................582 show user-accounts .............................................................................................................583 change password .................................................................................................................583 whoami ................................................................................................................................. 584 Commands in the global configuration mode.......................................................................585 password-policy ...................................................................................................................585 user-account ........................................................................................................................586 no user-account ...................................................................................................................588 user-account-ext ..................................................................................................................589 no user-account-ext .............................................................................................................590 role .......................................................................................................................................591 no role ..................................................................................................................................592 user-group ............................................................................................................................ 593 no user-group.......................................................................................................................595 username .............................................................................................................................595

12.2

RADIUS client ......................................................................................................................598

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

18

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

12.2.1 12.2.1.1 12.2.1.2 12.2.2 12.2.2.1 12.2.2.2 12.2.2.3 12.2.2.4 12.2.2.5 12.2.2.6 12.2.2.7
12.3 12.3.1 12.3.1.1 12.3.2 12.3.2.1 12.3.2.2 12.3.2.3 12.3.2.4
12.4 12.4.1 12.4.1.1 12.4.2 12.4.2.1 12.4.2.2 12.4.3 12.4.3.1 12.4.3.2 12.4.4 12.4.4.1 12.4.4.2
12.5 12.5.1 12.5.1.1 12.5.1.2 12.5.1.3 12.5.2 12.5.2.1 12.5.2.2 12.5.2.3 12.5.2.4 12.5.3 12.5.3.1 12.5.3.2 12.5.3.3 12.5.3.4 12.5.3.5 12.5.3.6 12.5.3.7 12.5.3.8 12.5.3.9

The "show" commands ........................................................................................................598 show radius statistics ...........................................................................................................598 show radius server ...............................................................................................................598 Commands in the global configuration mode.......................................................................599 login authentication ..............................................................................................................599 no login authentication .........................................................................................................600 radius authorization-mode....................................................................................................601 radius disconnect-packet .....................................................................................................602 no radius disconnect-packet ................................................................................................603 radius-server ........................................................................................................................603 no radius-server ...................................................................................................................605
Management Access Control List ........................................................................................607 The "show" commands ........................................................................................................607 show authorized-managers..................................................................................................607 Commands in the Global configuration mode ......................................................................608 authorized-manager .............................................................................................................608 no authorized-manager ........................................................................................................608 authorized-manager ip-source .............................................................................................609 no authorized-manager ip-source ........................................................................................611
Port Access Control List Locked Ports.................................................................................613 The "show" commands ........................................................................................................613 show lock port ......................................................................................................................613 Commands in the Global configuration mode ......................................................................614 clear-all-static-unicast ..........................................................................................................614 auto-learn .............................................................................................................................615 Commands in the interface configuration mode...................................................................615 switchport lock......................................................................................................................616 no switchport lock.................................................................................................................616 Commands in the AUTOLEARN mode ................................................................................617 start ......................................................................................................................................617 stop ......................................................................................................................................618
Port Based Network Access Control ....................................................................................619 The "show" commands ........................................................................................................619 show dot1x ...........................................................................................................................619 show dot1x guest-vlan mac-info...........................................................................................620 show dot1x mac-auth mac-info ............................................................................................620 Commands in the global configuration mode.......................................................................621 dot1x guest-vlan...................................................................................................................621 no dot1x guest-vlan..............................................................................................................622 dot1x mac-auth ....................................................................................................................622 no dot1x mac-auth ...............................................................................................................623 Commands in the interface configuration mode...................................................................624 dot1x guest-vlan...................................................................................................................624 no dot1x guest-vlan..............................................................................................................625 dot1x guest-vlan vlan-id .......................................................................................................625 no dot1x guest-vlan vlan-id ..................................................................................................626 dot1x guest-vlan reset..........................................................................................................627 set dot1x guest-vlan mac-addr count ...................................................................................627 dot1x mac-auth ....................................................................................................................628 no dot1x mac-auth ...............................................................................................................629 dot1x mac-auth port reset ....................................................................................................630

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

19

Table of contents

12.5.3.10 12.5.3.11 12.5.3.12 12.5.3.13 12.5.3.14 12.5.3.15 12.5.3.16

dot1x mac-auth vlan-assign .................................................................................................630 no dot1x mac-auth vlan-assign ............................................................................................631 set dot1x mac-auth mac-addr count.....................................................................................632 dot1x port-control .................................................................................................................633 no dot1x port-control ............................................................................................................634 dot1x reauthentication..........................................................................................................634 no dot1x reauthentication.....................................................................................................635

13 Diagnostics ...............................................................................................................................................637

13.1 13.1.1 13.1.2 13.1.3 13.1.3.1 13.1.3.2 13.1.3.3 13.1.3.4 13.1.3.5 13.1.3.6 13.1.3.7 13.1.3.8 13.1.3.9 13.1.3.10 13.1.4 13.1.5 13.1.6 13.1.7 13.1.7.1 13.1.7.2 13.1.8 13.1.8.1 13.1.8.2 13.1.8.3 13.1.8.4 13.1.8.5 13.1.8.6 13.1.8.7 13.1.8.8 13.1.8.9 13.1.8.10 13.1.8.11 13.1.8.12 13.1.8.13 13.1.8.14 13.1.8.15

Event and fault handling.......................................................................................................638 logging console ....................................................................................................................638 no logging console ...............................................................................................................638 The "show" commands ........................................................................................................639 show events config...............................................................................................................639 show events severity............................................................................................................640 show events faults config .....................................................................................................640 show events faults status .....................................................................................................641 show startup-information......................................................................................................642 show logbook .......................................................................................................................642 show fault counter ................................................................................................................643 show cabletest interface.......................................................................................................643 show interface transceiver details ........................................................................................644 show power-line-state ..........................................................................................................645 clear logbook........................................................................................................................645 clear fault counter.................................................................................................................646 fault report ack .....................................................................................................................646 Commands in the global configuration mode.......................................................................647 events...................................................................................................................................647 cabletest interface ................................................................................................................648 Commands in the Events configuration mode .....................................................................649 add log .................................................................................................................................649 client config ..........................................................................................................................650 no client config .....................................................................................................................651 event config..........................................................................................................................652 no event config.....................................................................................................................655 severity ................................................................................................................................. 656 no severity............................................................................................................................657 power ...................................................................................................................................658 no power ..............................................................................................................................659 link ........................................................................................................................................ 660 no link...................................................................................................................................661 syslogserver .........................................................................................................................662 no syslogserver ....................................................................................................................663 hrp-redundancy-loss ............................................................................................................663 no hrp-redundancy-loss .......................................................................................................664

13.2 13.2.1 13.2.1.1 13.2.1.2 13.2.2 13.2.2.1 13.2.2.2

FMP......................................................................................................................................665 The "show" commands ........................................................................................................665 show fmp limit ......................................................................................................................665 show fmp status ...................................................................................................................666 Commands in the Interface Configuration mode..................................................................667 fmp .......................................................................................................................................667 no fmp ..................................................................................................................................668

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

20

Configuration Manual, 10/2021, C79000-G8976-C361-12

Table of contents

13.2.2.3 13.2.2.4
13.3 13.3.1 13.3.1.1 13.3.2 13.3.2.1 13.3.2.2
13.4 13.4.1 13.4.1.1 13.4.2 13.4.2.1 13.4.2.2 13.4.2.3 13.4.2.4 13.4.2.5 13.4.2.6 13.4.3 13.4.3.1 13.4.3.2 13.4.3.3 13.4.3.4
13.5 13.5.1 13.5.1.1 13.5.1.2 13.5.1.3 13.5.2 13.5.2.1 13.5.2.2 13.5.2.3 13.5.2.4 13.5.2.5 13.5.2.6 13.5.2.7 13.5.2.8 13.5.2.9
13.6 13.6.1 13.6.1.1 13.6.1.2 13.6.2 13.6.2.1 13.6.2.2 13.6.2.3 13.6.2.4 13.6.3 13.6.3.1 13.6.3.2

fmp power-loss.....................................................................................................................669 fmp rx-power ........................................................................................................................670
Syslog client .........................................................................................................................671 The "show" commands ........................................................................................................671 show events syslogserver ....................................................................................................671 Commands in the Events configuration mode .....................................................................671 syslogserver .........................................................................................................................672 no syslogserver ....................................................................................................................673
RMON ..................................................................................................................................674 The "show" commands ........................................................................................................674 show rmon............................................................................................................................674 Commands in the global configuration mode.......................................................................675 rmon .....................................................................................................................................676 no rmon ................................................................................................................................676 rmon alarm ...........................................................................................................................677 no rmon alarm ......................................................................................................................679 rmon event ...........................................................................................................................679 no rmon event ......................................................................................................................680 Commands in the interface configuration mode...................................................................681 rmon collection stats ............................................................................................................681 no rmon collection stats .......................................................................................................682 rmon collection history .........................................................................................................683 no rmon collection history ....................................................................................................684
Port Mirroring ......................................................................................................................685 The "show" commands ........................................................................................................685 show monitor........................................................................................................................685 show monitor barrier ............................................................................................................686 show monitor session...........................................................................................................686 Commands in the global configuration mode.......................................................................687 monitor .................................................................................................................................687 no monitor ............................................................................................................................688 monitor barrier enabled ........................................................................................................689 no monitor barrier enabled ...................................................................................................690 monitor session destination..................................................................................................690 no monitor session destination.............................................................................................691 monitor session source ........................................................................................................692 no monitor session source ...................................................................................................693 no monitor session ...............................................................................................................694
Loop detection......................................................................................................................696 The "show" commands ........................................................................................................696 show loopd ...........................................................................................................................696 show loopd interface ............................................................................................................697 Commands in the global configuration mode.......................................................................698 loopd ....................................................................................................................................698 no loopd ...............................................................................................................................699 loopd vlan mode...................................................................................................................700 no loopd vlan mode..............................................................................................................700 Commands in the Interface Configuration mode..................................................................701 loopd {blocked | forwarder | sender}.....................................................................................701 loopd {tx-interval | detect-threshold | reaction-timeout} ........................................................702

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

21

Table of contents

13.6.3.3 13.6.3.4 13.6.3.5 13.6.3.6 13.6.3.7 13.6.3.8

loopd port reset ....................................................................................................................703 no loopd port reset ...............................................................................................................704 loopd reaction local ..............................................................................................................705 no loopd reaction local .........................................................................................................705 loopd reaction remote ..........................................................................................................706 no loopd reaction remote .....................................................................................................707

Index ......................................................................................................................................................... 709

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

22

Configuration Manual, 10/2021, C79000-G8976-C361-12

Introduction

1

Validity of this configuration manual This Configuration Manual covers the following products:  SCALANCE XB-200  SCALANCE XC-200  SCALANCE XF-200BA  SCALANCE XP-200  SCALANCE XR-300WG Below, the products are also called IE switch, device or network component. There are two variants of some devices with different article numbers. The two variants differ only in their factory settings. All other properties are identical. This Configuration Manual applies to the following software versions:  SCALANCE XB-200 firmware as of version 4.2  SCALANCE XC-200 firmware as of version 4.2  SCALANCE XF-200BA firmware as of version 4.2  SCALANCE XP-200 firmware as of version 4.2  SCALANCE XR-300WG firmware as of version 4.2
Factory settings
PROFINET variants  Industrial Ethernet protocol: PROFINET  Base Bridge Mode: 802.1D transparent bridge  Redundancy mechanism: Ring redundancy  Trust mode: Trust CoS  IGMP Snooping/IGMP Querier: Off  IPv4 Address Collision Detection: Never give up
EtherNet/IP variants  Industrial Ethernet protocol: EtherNet/IP  Base Bridge Mode: 802.1Q VLAN Bridge  Redundancy mechanism: RSTP  Trust mode: Trust CoS-DSCP

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

23

Introduction
 IGMP Snooping/IGMP Querier: On  IPv4 Address Collision Detection: Attempt to defend
Industrial Ethernet profile  Industrial Ethernet protocol: PROFINET  Base Bridge Mode: 802.1Q VLAN Bridge  Redundancy mechanism: RSTP  Trust mode: Trust CoS-DSCP  IGMP Snooping/IGMP Querier: Off  IPv4 Address Collision Detection: Never give up
Purpose of the Configuration Manual This Configuration Manual is intended to provide you with the information you require to install, commission and operate IE switches. It provides you with the information you require to configure the IE switches.
Orientation in the documentation Apart from the configuration manual you are currently reading, the products also have the following documentation:  Configuration manual "SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Web Based Management"" This document is intended to provide you with the information you require to commission and configure IE switches using the Web Based Management.  Operating Instructions "SCALANCE XB-200", "SCALANCE XC-200", "SCALANCE XF-200BA", "SCALANCE XP-200" and "SCALANCE XR-300WG" These documents contain information on installing, connecting up and approvals for the products. You will find the documentation here:  On the data medium that ships with some products: ­ Product CD / product DVD ­ SIMATIC NET Manual Collection  On the Internet pages of Siemens Industry Online Support at. ­ SCALANCE XB-200 (https://support.industry.siemens.com/cs/ww/en/ps/15291/man) ­ SCALANCE XC-200 (https://support.industry.siemens.com/cs/ww/en/ps/24185/man) ­ SCALANCE XF-200BA (https://support.industry.siemens.com/cs/ww/en/ps/15287/ man) ­ SCALANCE XP-200 (https://support.industry.siemens.com/cs/ww/en/ps/21869/man) ­ SCALANCE XR-300WG (https://support.industry.siemens.com/cs/ww/en/ps/15296/ man)

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

24

Configuration Manual, 10/2021, C79000-G8976-C361-12

Introduction
Further documentation In the system manuals "Industrial Ethernet / PROFINET Industrial Ethernet" and "Industrial Ethernet / PROFINET passive network components", you will find information on other SIMATIC NET products that you can operate along with the devices of this product line in an Industrial Ethernet network. There, you will find among other things optical performance data of the communications partner that you require for the installation. You will find the system manuals here:  On the data medium that ships with some products: ­ Product CD / product DVD ­ SIMATIC NET Manual Collection  On the Internet pages of Siemens Industry Online Support: ­ Industrial Ethernet / PROFINET Industrial Ethernet System Manual (https:// support.industry.siemens.com/cs/ww/en/view/27069465) ­ Industrial Ethernet / PROFINET Passive Network Components System Manual (https:// support.industry.siemens.com/cs/ww/en/view/84922825)
SIMATIC NET manuals You will find the SIMATIC NET manuals here:  On the data medium that ships with some products: ­ Product CD / product DVD ­ SIMATIC NET Manual Collection  On the Internet pages of Siemens Industry Online Support (https:// support.industry.siemens.com/cs/ww/en/ps/15247).
What's new as of version 4.2? Below, you will find an overview of the most important function expansions:  Configurable port number for HTTP (Page 421), SSH (Page 432) and TELNET (Page 322)  Additional options for shutting down a port: Power down (Page 104)  Redundant Y topologies are possible with two devices of the type SCALANCE XF204-2BA DNA.  MRP Interconnection (Page 480) for the SCALANCE XC-200, SCALANCE XF-200BA and SCALANCE XP-200 device groups  Autocrossing also with permanently set transmission speed  NOA (NAMUR Open Architecture) for the SCALANCE XC-200G EEC (Page 101) device group  AES128 as privacy protocol for SNMPv3 users (Page 400)  Extension of the SMTP client (security) (Page 415)

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

25

Introduction
 PTP (Page 191) for the SCALANCE XC-200G device group  Restart the device at a specified time (Page 126)  Support of additional MIB blocks  Customizable login text (Page 109) (LoginWelcomeMessage)  Possibility to configure the PVID for ring ports (Page 235)
SIMATIC NET glossary Explanations of many of the specialist terms used in this documentation can be found in the SIMATIC NET glossary. You will find the SIMATIC NET glossary on the Internet at the following address: 50305045 (https://support.industry.siemens.com/cs/ww/en/view/50305045)
Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement ­ and continuously maintain ­ a holistic, state-of-the-art industrial security concept. Siemens' products and solutions constitute one element of such a concept. Customers are responsible for preventing unauthorized access to their plants, systems, machines and networks. Such systems, machines and components should only be connected to an enterprise network or the internet if and to the extent such a connection is necessary and only when appropriate security measures (e.g. firewalls and/or network segmentation) are in place. For additional information on industrial security measures that may be implemented, please visit https://www.siemens.com/industrialsecurity (https://www.siemens.com/industrialsecurity) Siemens' products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer supported, and failure to apply the latest updates may increase customers' exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under https://www.siemens.com/industrialsecurity (https://www.siemens.com/industrialsecurity)
License conditions
Note Open source software Read the license conditions for open source software carefully before using the product.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

26

Configuration Manual, 10/2021, C79000-G8976-C361-12

Introduction

You can download the license conditions in the WBM on the "System > Load&Save > Copyright" page.

Trademarks

The following and possibly other names not identified by the registered trademark sign ® are registered trademarks of Siemens AG:
SIMATIC NET, SCALANCE, C-PLUG, OLM

Firmware

The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

27

Introduction

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

28

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information

2

2.1

System functions hardware equipment

Availability of the system functions
The following table shows the availability of the system functions on the IE switches. Note that all functions are described in this configuration manual and in the online help. Depending on your IE switch, some functions are not available.
We reserve the right to make technical changes.

Informa- tion
System

SCALANCE XB-200

ARP table



Log table



Ethernet Statistics



Diagnostics (tempera-

-

ture)

SMTP client



DHCP client



DHCP server

 1)

SNMP



Manual time setting



DST



SNTP



NTP



SIMATIC Time Client



Auto logout



Syslog Client



NOA switch functionality

-

Fault monitoring



PROFINET



EtherNet/IP



Cable tester



SFP Diagnostics

-

SCALANCE XR-300WG
   
   1)             

SCALANCE XC-200
   
            4)     

SCALANCE XP-200
   
               -

SCALANCE XF-200BA
   
              2)  -

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

29

General information 2.1 System functions hardware equipment

Layer 2

SCALANCE XB-200

Sending priorities

-

CoS Map



DSCP Mapping



QoS prioritization



CoS port reassignment

-

Load control



GVRP

-

Port-based VLAN



Private VLAN

-

Provider bridge

-

Switch Port VLAN Trunk

-

Port-based mirroring



Dynamic MAC aging



Ring redundancy



H-Sync support

-

S2 devices

-

CiR/H-CiR support

-

Ring with RSTP



Standby (HRP)



Observer (HRP)

-

Link Check



MRP Interconnection

-

Spanning Tree



RSTP



RSTP+



MSTP

-

Enhanced Passive Lis-



tening Compatibility

Loop detection



Link aggregation

-

DCP forwarding



LLDP



Fiber monitoring

-

Unicast filter



Locked ports



Unicast learning



Unicast blocking



Multicast groups



IGMP



GMRP

-

Multicast blocking



Broadcast blocking



SCALANCE XR-300WG
              
          

SCALANCE XC-200
                          
             

SCALANCE XP-200
                         
            

SCALANCE XF-200BA
        2)  2)               
            

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

30

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.1 System functions hardware equipment

Layer 3 Security

SCALANCE XB-200

PTP

-

RMON



RMON history



Single-Hop Inter-VLAN-

-

Routing

DHCP relay agent



Common agent address

-

NAT/NAPT

-

Users



Passwords



RADIUS authentication



MAC authentication

-

Guest VLAN

-

802.1X reauthentication



Management ACL



1) Restricted 2) Not with DNA devices 3) Only SCALANCE XC-200G 4) Only SCALANCE XC-200G EEC

SCALANCE XR-300WG
  -
      

SCALANCE XC-200
 3)   
         

SCALANCE XP-200
  
         

SCALANCE XF-200BA
  -
       

Availability of hardware The following table shows the hardware of the IE switches. We reserve the right to make technical changes.

C-PLUG support SELECT/SET button RESET button SET button Signaling contact Serial interface Display modes Pluggable transceiver slots Combo ports Bus adapter slots Power over Ethernet
1) "PoE" identifier in device name Function of the buttons: 2) Restore Factory Defaults 3) Set Fault Mask

SCALANCE XB-200
 2)  -

SCALANCE XR-300WG
 2)    1)

SCALANCE XC-200
  2) 3)       1)

SCALANCE XP-200
  3)  2)     1)

SCALANCE XF-200BA 
-
 2)   -

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

31

General information 2.2 Configuration limits

2.2

Configuration limits

Configuration limits of the device
The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device.
Depending on your IE switch, some functions are not available.

Sys- tem

Configurable function

Maximum number

SCALANCE SCALANCE SCALANCE SCALANCE

XB-200

XR-300WG

XC-200

XP-200

Maximum frame size (ingress)

1632 bytes

2048 bytes

1632/2048 bytes 7)

1632 bytes

Syslog server

3

E-mail server

3

DHCP pools

16 1)

28 1)

24

IPv4 addresses per DHCP pool

1

24

IPv4 addresses managed by the

16 1)

28 1)

576

DHCP server (dynamic + static)

DHCP static assignments per DHCP

-

24

pool

SNMPv1 trap recipient

10

SNTP server

1

NTP server

-

1 8)

Agent/TIA interfaces 2)

1

Devices displayed via DCP Discovery

100

SCALANCE XF-200BA
1632 bytes

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

32

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.2 Configuration limits

Configurable function

Maximum number

SCALANCE SCALANCE SCALANCE SCALANCE SCALANCE

XB-200

XR-300WG

XC-200

XP-200

XF-200BA

Layer QoS priority queues

4

2

Virtual LANs (port-based, including

VLAN 1)

4/8 6)

4

257 3) 9)

Private VLAN

-

1

-

Primary PVLANs

-

1

-

Secondary isolated PVLANs

-

24

-

Secondary community PVLANs

-

256

-

Mirroring sessions

1

Standby ports

1

Configured MRP Interconnection con-

-

64

nections

Enabled MRP Interconnection con-

-

1

nections

Multiple Spanning Tree instances

-

4

-

Link aggregations

-

4/8 5)

Ports in a link aggregation

-

8

4

Static unicast addresses

128

Static multicast addresses without ac-

256

tivated GMRP

Static multicast addresses with activa-

-

50

ted GMRP

Addresses learned using IGMP

512

snooping

Layer VLAN IP interfaces

1

3

DHCP Relay Agent interfaces

1

24

1

24

1

DHCP Relay Agent server

4

NAT interfaces

-

1

-

Dynamic NAT configurations (pools)

100

Static NAT configurations

-

100

-

Secur- Users ity

30 (incl. user preset in the factory "admin")

Roles

29

Groups

32

IP addresses from RADIUS servers

4

Simultaneous MAC authentications (authenticated and blocked) per de- vice 4)

4000

Simultaneous MAC authentications

100

(authenticated and blocked) per port

(configurable) 4)

Management ACLs (access rules for

10

management)

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

33

General information
2.2 Configuration limits
1) With the SCALANCE XB-200 and SCALANCE XR-300WG, the number of DHCP pools and manageable IPv4 addresses depends on the number of ports. The number of ports corresponds to the maximum number of DHCP pools and manageable IPv4 addresses.
2) This is an IP interface. 3) Devices with Y functionality do not support VLANs 4) If the maximum number of MAC authentications per device is exceeded, all MAC authentications of the port at which the
value was exceeded are reset. If the maximum number of MAC authentications per port is exceeded, all MAC authentications of the port are reset 5) The following applies to devices of the SCALANCE XC-200 and SCALANCE XP-200 product groups: Because a link aggregation consists of at least 2 ports, the maximum number of link aggregations depends on the number of ports. A maximum of 4 link aggregations is possible in devices with up to 8 ports and a maximum of 8 link aggregations is possible in devices with more than 8 ports. 6) The devices of the SCALANCE XC-200G product group support 8 queues. All other XC-200 devices support 4 queues. 7) With the following devices, the maximum frame size (ingress) is 2048 bytes:
- Gigabit variants (suffix "G" in type designation) - Devices with combo ports (suffix "C" in type designation) - PoE variants (suffix "PoE" in type designation) With all other XC-200 devices, it is 1632 bytes. 8) Maximum number of NTP/SNTP servers that can be configured for a SCALANCE X-200.
9) To avoid possible network interference, configure a maximum of 25 VLANs on ring nodes (MRP ring, HRP ring, redundant coupling). Note that this is a recommendation. There is no automatic limitation in the configuration.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

34

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.3 Features not supported

2.3

Features not supported

The following features are not supported by the IE switches with firmware version 4.2:

 FQDN

 IPv6

 Layer 3 routing

 Loopback

 PIM

Even if these features are listed as parameters in the documentation and are displayed by the help functions help and ? you cannot execute them with a SCALANCE XB-200, SCALANCE XC-200, SCALANCE XF-200BA, SCALANCE XP-200 and SCALANCE XR-300WG.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

35

General information 2.4 Initial assignment of an IP address

2.4

Initial assignment of an IP address

Configuration options
An initial IP address for an IE switch cannot be assigned using Web Based Management (WBM) because this configuration tool can only be used if an IP address already exists.
The following options are available to assign an IP address to an unconfigured device:
 DHCP (factory setting)
 Primary Setup Tool (PST)
­ To be able to assign an IP address to the IE switch with the PST, it must be possible to reach the IE switch via Ethernet.
­ You will find the PST on the Internet pages of Siemens Industry Online Support under the entry ID 19440762 (https://support.industry.siemens.com/cs/ww/en/view/19440762).
­ For further information about assigning the IP address with the PST, refer to the documentation "Primary Setup Tool (PST)".
 STEP 7 In STEP 7, you can configure the topology, the device name and the IP address. If you connect an unconfigured IE switch to the controller, the controller assigns the configured device name and the IP address to the IE switch automatically.
­ STEP 7 SCALANCE XB-200: V5.5.4 and higher SCALANCE XP-200: As of V5.5.4 HF9 SCALANCE XC-200: V5.5.4 HF11 and higher SCALANCE XR-300WG: As of V5.6 SCALANCE XF-200BA: As of V5.6 HF3 SCALANCE XC-200G: As of V5.6 HSP11 For further information on the assignment of the IP address using STEP 7 refer to the documentation "Configuring Hardware and Communication Connections STEP 7", in the section "Steps For Configuring a PROFINET IO System".
­ STEP 7 Basic or Professional SCALANCE XB-200: V13 SP1 and higher SCALANCE XC-200: V14 and higher SCALANCE XP-200: V14 and higher SCALANCE XR-300WG: As of V15 SCALANCE XF-200BA: As of V15 SCALANCE XC-200G, devices with 8 ports: As of V15 SCALANCE XC-200G, devices with more than 8 ports: As of V16 For further information on assigning the IP address using STEP 7, refer to the online help "Information system", section "Addressing PROFINET devices".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

36

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.4 Initial assignment of an IP address
 CLI via the serial interface For additional information on assigning the IP address via the serial interface, refer to the operating instructions for the relevant device. See also section "Introduction", paragraph "Orientation in the documentation".
 NCM PC For further information on assigning the IP address using NCM PC, refer to the documentation "Commissioning PC stations - Manual and Quick Start", in the section "Creating a PROFINET IO system".
Note
When the product ships and after factory settings are restored, DHCP is enabled. If a DHCP server is available in the local area network, and this responds to the DHCP request of an IE switch, the IP address, subnet mask and gateway are assigned automatically when the device first starts up.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

37

General information 2.5 Working with the Command Line Interface (CLI)

2.5

Working with the Command Line Interface (CLI)

Introduction

The CLI (Command Line Interface) offers advanced configuration options. Nevertheless, you should read the detailed explanations of the parameters in the relevant configuration manual "Web Based Management".
The CLI allows remote configuration over Telnet.
Note Use with Windows 7
If you want to access the Command Line Interface in Windows 7, make sure that the functions required for this are enabled in Windows 7.

Starting the CLI in a Windows console
Note Requirement for use of the CLI You should only use the command line interface if you are an experienced user. Even commands that bring about fundamental changes to the configuration are executed without a prompt for confirmation. Errors in the configuration can mean that no further operation is possible in the entire network.
Note Command sets depend on the logged-on user. Changing configuration data is possible only with the "admin" role.
Follow the steps outlined below to start the Command Line Interface in a Windows console: 1. Open a Windows console and type in the command "telnet" followed by the IP address of
the device you are configuring: C:\>telnet <IP address> 2. Log in. As an alternative, you can also enter the command "telnet" followed by the IP address of the device you are configuring in the Start > Run menu.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

38

Configuration Manual, 10/2021, C79000-G8976-C361-12

Logging in

General information 2.5 Working with the Command Line Interface (CLI)
Log in to a device with factory settings When you log in for the first time or after restoring the factory settings, follow these steps:
1. Start a Windows console and execute the following command: telnet <IP-Adresse> The command prompt is: "Login:".
2. Enter the default user name "admin" preset at the factory and confirm with "Enter". The command prompt is: "Password:". With this user account, you can change the settings of the device (read and write access to the configuration data).
3. Enter the password of the user "admin" preset at the factory: "admin" and confirm with "Enter". The command prompt is: "Default admin user to be changed (y/n)?". You can rename the user preset in the factory "admin" once. Afterwards, renaming "admin" is no longer possible.
­ To rename the user preset in the factory "admin", enter "y" and confirm with "Enter". The command prompt is: "Enter a new non-default admin username:". Continue to the next step.
­ If you do not wish to change the name of the user, enter "n" and confirm with "Enter". The command prompt is: "Enter a new non-default admin password:". Skip the next two steps.
4. Enter a new user name and confirm with "Enter". The new user name has at least 8 and maximum 250 characters. The command prompt is: "Confirm new non-default admin username:".
5. Enter the new user name again and confirm with "Enter". The command prompt is: "Enter a new non-default admin username:".
6. Enter a new password and confirm with "Enter". The new password must meet the following password policies:
­ Password length: at least 8 characters, maximum 32 characters
­ At least 1 uppercase letter
­ At least 1 special character
­ At least 1 number
The command prompt is: "Confirm new non-default admin password:".
7. Enter the new password again and confirm with "Enter". Once you have logged in successfully, the command prompt is: "CLI#".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

39

General information 2.5 Working with the Command Line Interface (CLI)
Log in to a configured device 1. Start a Windows console and execute the following command:
telnet <IP-Adresse> The command prompt is "Login:". 2. Enter the user name and confirm with "Enter". The command prompt is "Password:". 3. Enter the password of the user and confirm with "Enter". Once you have logged in successfully, the command prompt is: "CLI#".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

40

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.6 Protection from brute force attacks

2.6

Protection from brute force attacks

To protect against brute force attacks, login to the device is denied for a user or for the IP address of a user after 11 failed login attempts.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

41

General information 2.7 Structure of the Command Line Interface

2.7

Structure of the Command Line Interface

Grouping of the commands in the various modes
The commands of the Command Line Interface are grouped according to various modes. Apart from a few exceptions (help, exit), commands can only be called up in the mode to which they are assigned. This grouping allows different levels of access rights for each individual group of commands. The following graphic is an overview of the available modes.

User EXEC Mode

Privileged EXEC Mode

Global Configuration Mode

Interface Configuration VLAN QOS NTP SNTP

AUTOLEARN Events LOADSAVE Redundancy

User EXEC mode
This mode is active after you log in with the role "user" in a console window. In this mode, you can use show commands to display the current values of configuration parameters. It is not possible to modify parameters in this mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

42

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.7 Structure of the Command Line Interface
To be able to modify configuration parameters, you need to change to the Privileged EXEC mode.
Note Default user "user" set in the factory As of firmware version 2.1 the default user set in the factory "user" is no longer available when the product ships. If you update a device to the firmware V2.1 the default user set in the factory "user" is initially still available. If you reset the device to the factory settings ("Restore Factory Defaults and Restart") the default user set in the factory "user" is deleted. You can create new users with the role "user".
Privileged EXEC mode You change to this mode if you log in with the name "admin" or enter the command enable in User EXEC mode. There are two ways of exiting the Privileged EXEC mode: 1. The exit command logs you out; the Login Prompt prompt appears. 2. The disable command brings you back one level from the Privileged EXEC mode to the User EXEC mode. (The disable command is not available in the User EXEC mode.)
Global configuration mode In this mode, you can make basic configuration settings. In addition to this, you can also call up modes for the configuration of special interfaces or functions, for example to configure a VLAN. You change to this mode by entering configure terminal in the Privileged EXEC mode. To exit this mode, enter end.
Other configuration modes From the Global configuration mode, you can change to other configuration modes for special tasks. These are either general configuration modes (for example line configuration, interface configuration) or protocol-specific configuration modes (SNTP, NTP).

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

43

General information 2.8 The CLI command prompt

2.8

The CLI command prompt

Overview

The Command Line Interface prompt shows the following information:
 The mode in which the CLI is currently operating. Most commands can only be called in a particular mode. You should therefore check the CLI mode based on the command prompt.
­ User Exec mode: CLI>
­ Privileged Exec mode and configuration modes: CLI(...)#
Note Changing the system name
When you change the system name, the command prompt also changes. The corresponding system name is then displayed instead of "CLI".
 The selected interface when the CLI is in an Interface Configuration mode. In the Interface Configuration mode, the parameters are configured for one specific interface. The command prompt is displayed in the form CLI(config-if-$$$)# where the placeholder $$$ is replaced by the identifier of the Interface. You select the Interface by setting suitable parameters for the interface command.
 An identifier when the Trial mode is enabled. If you first test changes to the configuration and then want to discard them, disable the Auto save function with the no auto-save command. You are then in Trial mode. Changes to the configuration that you have not saved are indicated by an asterisk in front of the command prompt: *CLI(...)#. You save the changes to the configuration with the command write startup-config. With the auto-save command, you enable the Auto save function again.
Note Upper and lower case
The Command Line Interface does not distinguish between upper case and lower case letters.
Make sure, however, that names used by the operating system or other programs are correctly written. Blank
To use blanks in a text, enter the text in quotes, for example "H e l l o"

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

44

Configuration Manual, 10/2021, C79000-G8976-C361-12

2.9

Symbols of the CLI commands

General information 2.9 Symbols of the CLI commands

Symbols for representing CLI commands When setting parameters for CLI commands, the following characters are used:

Charac- ter
< ... > [ ... ] ( ... ) ( ... - ... ) { ... } { ... | ... }

Meaning
mandatory parameter optional parameter Value or range of values Range of values Selection list exclusive selection

Instead of the expression in parenthesis, you must enter a value Instead of the expression in parenthesis, you can enter a value Enter a value to replace the expression in parenthesis Enter a value from this range Select one more elements from the list Select exactly one element from this list

These characters are used in combinations to describe mandatory and optional entries.

There is a general description of some of these combinations below:

Character combinations < variable > < variable (a - b) > [< variable 1 >< variable 2 >]
[ keyword < variable (a - b)>]
[ keyword < variable (a - b) unit >]
[keyword { A | B | C }] keyword { [A] [B] [C] }

Meaning
Instead of the expression in parentheses<>, enter a permitted value
Instead of the expression in parentheses <>, enter a value from the range "a" to "b"
The parameter pair is optional.
If you use the parameter assignment, you need to en- ter a permitted value to replace both expressions in parenthesis <>
The parameter assignment is optional.
If you use the keyword, you need to enter a value from the range "a" to "b" to replace the expression in paren- thesis <>
The parameter assignment is optional.
If you use the keyword, you need to enter a value from the range "a" to "b" to replace the expression in paren- thesis <>.
"Unit" is one of the variables and is also replaced by the entry.
The parameter assignment is optional.
If you use the keyword, you need to specify exactly one of the values "A", "B" or "C"
After the keyword, enter one or more of the values "A", "B" or "C"

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

45

General information 2.10 Addresses and interface names

2.10

Addresses and interface names

2.10.1

Naming interfaces

Addressing interfaces The devices have several types of interface that are addressed in different ways. Addressing physical interfaces The following notation applies to all commands that address a physical interface:  Enter the command "interface".  Specify the interface type <interface-type>.  After a space, enter the interface identifier, <interface-id>. The interface identifier is made up of the module number and the port number separated by a slash. You call a Fast Ethernet interface on the second port of module 0 with the following command: interface fa 0/2
Addressing logical interfaces The following notation applies to all commands that address a logical interface:  Enter the command "interface".  Enter the keyword for the logical interface.
­ port-channel (abbreviation: po) ­ vlan  After a space, enter the number of the interface you assigned when you created it. ­ <port-channel-id(1-8)> ­ <vlan-id(1-4094)> You call port channels as follows: interface po 2 You call VLAN ports as follows: interface vlan 1

Available physical interfaces Available interface types

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

46

Configuration Manual, 10/2021, C79000-G8976-C361-12

General information 2.10 Addresses and interface names

The devices support the following interface types:

interface-type fastethernet
gigabitethernet

Abbreviation/acronym fa
gi

Devices
SCALANCE XB-200 SCALANCE XC-200 SCALANCE XF-200BA SCALANCE XP-200 SCALANCE XR-300WG SCALANCE XC206-2SFP (depending on the pluggable transceivers) SCALANCE XC-200G SCALANCE XP-200 SCALANCE XR-300WG

Available interface identifiers

All physical interfaces of the devices are called module 0.

Available logical interfaces
 VLAN To be able to use a VLAN, create it with the vlan command.
 Link aggregation Multiple ports or connections between two devices are logically bundled together (aggregated) to achieve a higher data transmission rate and a lower failure risk. To add an interface to a link aggregation, use the channel-group command.

Identification of the interfaces in the command prompt of the Interface configuration mode To configure the interface use the command interface in the global configuration mode. Since you configure precisely one of the existing interfaces in the Interface configuration mode, the command prompt shows not only the mode but also the name of this interface. The command prompt is as follows: cli(config-if-$$$)#
The placeholder $$$ is replaced by the following name of the interface:

Type of interface fastethernet gigabitethernet vlan port-channel

Command prompt cli(config-if-Fa0-$) # cli(config-if-Gi0-$)# cli(config-if-vlan-$)# cli(config-if-po-$)#

The placeholders $ or $-$ denote the numbering of the interface.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

47

General information 2.10 Addresses and interface names

2.10.2

Address types, address ranges and address masks

Overview

Since the various types of addresses can be represented by different notations, the notations used in the Command Line Interface are shown below:
 IPv4 addresses Addresses for the Internet Protocol version 4 are written in the decimal notation of four numbers from the range 0 to 255, separated by a period.
Note
With leading zeros, the numbers are interpreted as octal numbers, e.g.: 192.168.070.071  192.168.56.57.
 Network masks A network mask is a series of bits that describes the network part of an IP address. The notation is normally decimal in keeping with the IP address.
 Alternative notation for network masks In contrast to the notation described above, network masks can also be represented as a number of 1 bits. The mask of the decimal representation 255.255.0.0 is then written as /16. The syntax is then for example: <ipaddress> / 16 Note that there must be a space before and after the "/".
 MAC addresses In the syntax of the Command Line Interface, a MAC address is represented as a sequence of 6 bytes in hexadecimal format, in each case separated by a colon. The syntax is then, for example aa:aa:aa:aa:aa:aa
 Multicast addresses Layer 2 multicast addresses as used on this device use the notation of MAC addresses. For permitted address ranges, check the rules or ask your network administrator.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

48

Configuration Manual, 10/2021, C79000-G8976-C361-12

General CLI commands
This section describes commands that you can call up in any mode.

3

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

49

General CLI commands 3.1 clear screen

3.1

clear screen

Description

With this command, you clear the screen. The command prompt is displayed.

Syntax

Call the command without parameters: clear screen

Result

The screen is cleared. The command prompt is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

50

Configuration Manual, 10/2021, C79000-G8976-C361-12

3.2

do

General CLI commands 3.2 do

Description

With this command, you can execute the commands from the Privileged EXEC mode in any configuration mode.

Syntax

Call up the command with the following parameters:
do [command ]
To do this, you replace [command ] with the command from the Privileged EXEC mode that you want to execute.
Example
You are in the Interface configuration mode and you want to execute the write startupconfig command from the Privileged EXEC mode.
cli(config-if-$$)# do write startup-config

Result

The command from the Privileged EXEC mode will be executed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

51

General CLI commands 3.3 end

3.3

end

Description

With this command, you exit the configuration mode and are then in the Privileged EXEC mode.

Requirement

You are in a configuration mode.

Syntax

Call the command without parameters: end

Result

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

52

Configuration Manual, 10/2021, C79000-G8976-C361-12

3.4

exit

General CLI commands 3.4 exit

Description

With this command, you close the current mode.

Syntax

Call the command without parameters: exit

Result

The current mode was exited. You are then at the next higher level. If you are in Privileged EXEC Modus or in User EXEC Modus mode, you will be logged out.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

53

General CLI commands 3.5 Help functions and supported input

3.5

Help functions and supported input

The Command Line Interface provides various functions that are helpful when making entries in the command line:  help ?  Command completion with the tab key  Automatic completion of incomplete commands  Paging in the list of most recently used commands  Display of the list of most recently used commands (show history)

3.5.1

help

Description

With this command, you display the help entry for a command or the command list.

Syntax

Call up help with the following parameters: help [command]
Here, you replace [command] with the command for which you require help. If the command for which you require help consists of several words, enter these words without spaces.

Result

The syntax of the command is displayed.

Syntax

If you call up help without parameters, you will obtain a list of all permitted commands in the current mode:
help

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

54

Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

General CLI commands 3.5 Help functions and supported input
The mode-specific as well as the global commands are displayed. Note Incomplete command names If you have specified an incomplete command when calling help, a list of all commands that start with the term you have entered is created.

3.5.2

The command "?"

Description

With this command, you call up the command list.

Syntax

Enter a question mark to obtain a list of all permitted commands in the current mode:
?
For this command, you do not need to press the enter key. The command executes immediately after you type the character.

Result

The mode-specific as well as the global commands are displayed.
Note Incomplete command name If you have specified an incomplete command when calling the help function, a list of all commands that start with the term you have entered is created.
Note Output in pages With long lists, the results are displayed as pages. If -- more -- appears at the lower edge of the display, you can move to the next page with the spacebar. If the display is in pages, you cannot page back. You exit the page display with the q key.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

55

General CLI commands 3.5 Help functions and supported input

3.5.3

Completion of command entries

Description

The command interpreter of the Command Line Interface supports you when you enter commands.
As soon as the first characters of the command have been entered in the input line, the system can complete the entry as long as the character string is unambiguous.
This can be repeated after entering further characters.

Procedure

Enter the first characters of the command. Press the tab key.

Result

The command interpreter completes the input as long as the command is unambiguous. If you enter a character string that cannot be completed to form a command, an error message is displayed.  The command is not unique: % Ambiguous Command  The command is unknown: % Invalid Command  The command is incomplete: % Incomplete command If the entry is not yet complete, enter further characters. With ?, you obtain a list of the possible commands. Repeat this if necessary until the command is complete and can execute.

3.5.4

Abbreviated notation of commands

Description

The command interpreter of the Command Line Interface also detects commands if only the first character of the command or its parts is entered.
This is only possible if all the parts of the abbreviated input can be assigned to exactly one command or to the parts of the command.

Example

The show event config command can be replaced by the expression sh e c.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

56

Configuration Manual, 10/2021, C79000-G8976-C361-12

3.5.5

Reusing the last used commands

General CLI commands 3.5 Help functions and supported input

Description

The Command Line Interface saves the last 14 commands used in a list assigned to the particular mode. This can then only be called up in the relevant mode.
Example: In the Global Configuration mode, all entered commands are saved. If you entered commands earlier in the Interface Configuration mode, these commands are not included in the list of the Global Configuration mode. You can only call up and reuse these commands in the Interface Configuration mode.

Procedure

You can page through the list of the commands most recently used using the arrow up and arrow down keys.
If the command you are looking for is displayed, you can edit the command line as required and execute the command with the enter key.

Further notes

You display the list of commands last used with the show history command. This function is available in every mode.

3.5.6

Working through a command sequence

Separators for multiple commands in one line You can call up several commands one after the other in one line in the CLI. Separate the commands with a semicolon (;). After completing your input, start the processing of this command sequence with the enter key.

Example

The command sequence CLI#conf t; int vlan 1; no ip address dhcp; ip address 192.168.1.1 255.255.255.0; end; write startup
has the same effect as: CLI#conf t CLI(config)#int vlan 1 CLI(config-if-vlan-1)#no ip address dhcp CLI(config-if-vlan-1)#ip address 192.168.1.1 255.255.255.0 CLI(config-if-vlan-1)#end CLI#write startup

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

57

General CLI commands 3.5 Help functions and supported input

3.5.7

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

3.5.7.1

show history

Description

This command shows the last 14 commands you entered.
The commands are listed in the order in which they were called up. The show history command is listed as the last command to be entered.
The list depends on the mode. In the Global configuration mode, the last 14 commands entered in this mode are displayed. These commands are not included in the list of the Interface configuration mode.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show history

Result

The list of used commands is displayed.

3.5.8

clear history

Description

This command deletes the last commands you entered.

Requirement

You are in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

58

Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli#

General CLI commands 3.5 Help functions and supported input

Syntax

Call the command without parameters: clear history

Result

The last commands to be input are deleted.

Further notes

You display a list of the last 14 commands entered with the show history command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

59

General CLI commands 3.5 Help functions and supported input

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

60

Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration
The following is described in this section:  System settings  Saving and loading configurations and firmware  Restart of the device and restoring the factory defaults  Saving and restoring configuration backups

4

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

61

Configuration 4.1 System

4.1

System

This section describes commands with which general system properties can be displayed and configured.

4.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

4.1.1.1

show cli-console-timeout

Description

This command shows the timeout setting of the CLI session.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show cli-console-timeout

Result

The timeout setting of the CLI session is displayed.

4.1.1.2

show coordinates

Description

This command shows the geographical coordinates.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

62

Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

Configuration 4.1 System

Syntax

Call the command without parameters: show coordinates

Result

The geographical coordinates are displayed.

4.1.1.3

show device information

Description

This command shows information about the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show device information

Result

The information about the device is displayed.

4.1.1.4

show environmental temperature

Description

This command shows the temperature values of internal and external modules of the device. The modules are only shown if they make temperature information available.
If the temperature value falls below or exceeds the displayed threshold values, the status changes accordingly. With the event config command, you can configure that you are informed of the status change by a message.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

63

Configuration 4.1 System

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: show environmental temperature

Result

The temperature values are displayed.

4.1.1.5

show ethernetip

Description

This command shows the current EtherNet/IP configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ethernetip

Result

The current EtherNet/IP configuration is displayed.

4.1.1.6

show hardware

Description

This command shows the type and number as well as the position of the installed interface cards of the system.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

64

Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Configuration 4.1 System

Syntax

Call the command without parameters: show hardware

Result

The table of interface cards is displayed. The slot ID, the status and the type or name of the card is listed.
Note With SCALANCE XB-200, SCALANCE XC-200, SCALANCE XP-200 and SCALANCE XR-300WG the slot ID is always 0. The table therefore always shows precisely one row.

4.1.1.7

show im

Description

This command shows information on device-specific vendor and maintenance data such as the article number, serial number, version numbers etc.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show im

Result

The information is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

65

Configuration 4.1 System

4.1.1.8

show interfaces

Description

This command shows the status and the configuration of one, several or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show interfaces [{ [<interface-type><interface-id>] [{description|storm-control|flowcontrol|status}] | {vlan<vlan-id(1-4094)>} | port-channel<port-channel-id(1-8)>} | private-vlan mapping ]
The parameters have the following meaning:

Parameter interface-type interface-id description storm-control flowcontrol status vlan vlan-id port-channel port-channel-id private-vlan mapping

Description

Range of values/note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Shows the description of the interface -

Shows the storm control settings

-

Shows the flow control settings

-

Shows the status of the interface.

-

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a port channel connection -

Number of the addressed port channel 1 ... 8

Shows from which secondary PVLANs the IP interface of the primary PVLAN is reachable.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

66

Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.1 System
If you do not select any parameters from the parameter list, the status and configuration of all available interfaces will be displayed.

Result

The status and the configuration of the selected interfaces are displayed.

4.1.1.9

show interfaces ... counters

Description

This command shows the counters of one, several or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show interfaces [{ <interface-type> <interface-id> | vlan <vlanid(1-4094)> }] counters
The parameters have the following meaning:

Parameter interface-type interface-id vlan vlan-id

Description

Range of values/note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available counters.

Result

The counters of the selected interfaces are displayed.

Further notes

The counters are reset on restart or with the clear counters command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

67

Configuration 4.1 System

4.1.1.10

show ip interface

show ip interface

Description

This command shows the configuration of one, several or all IP interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show ip interface [{vlan <vlan-id(1-4094)> | <interface-type> <interface-id> }]
The parameters have the following meaning:

Parameter
vlan vlan-id interfacetype interfaceid

Description Keyword for a VLAN connection Number of the addressed VLAN Type or speed of the interface
Module no. and port no. of the interface

Range of values/note 1 ... 4094 Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the configuration is displayed for all available IP interfaces.

Result

The configuration of the selected IP interface is displayed.

4.1.1.11

show pnio

Description

This command shows the current PROFINET configuration.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

68

Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: Thiscli> or cli#

Configuration 4.1 System

Syntax

Call the command without parameters: show pnio

Result

The current PROFINET configuration is displayed.

4.1.1.12

show lldp neighbors

Description

This command shows the current content of the neighborhood table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show lldp neighbors [{brief | detail}] The parameters have the following meaning:

Parameter brief
detail

Description

Value range / note

The following parameters are displayed in tabular form:

 System Name

 Device ID

 interface

The information is displayed in list form. -

Result

The neighborhood table is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

69

Configuration 4.1 System

4.1.1.13

show lldp status

Description

This command shows per port whether LLDP frames are sent or received.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command with the following parameters: show lldp status [port {<interface-type> <interface-id>}] The parameters have the following meaning:

Parameter port interface-type interface-id

Description Keyword for a port description. Type or speed of the interface Module no. and port no. of the interface

Range of values/note Specify a valid interface.

For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

Result

The information is displayed.

4.1.1.14

show broadcast-block config

Description

This command shows the broadcast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

70

Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Configuration 4.1 System

Call up the command with the following parameters: show broadcast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The broadcast blocking settings for ports are displayed.

4.1.1.15

show unicast-block config

Description

This command shows the unicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show unicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

71

Configuration 4.1 System
Result

The unicast blocking settings for ports are displayed.

4.1.1.16

show multicast-block config

Description

This command shows the multicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show multicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, the settings for all ports are displayed.

Result

The multicast blocking settings for ports are displayed.

4.1.1.17

show noa config

Description

This command shows the NOA configuration of the ports or the specified port.

Requirement

You are in User EXEC mode or in Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

72

Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

Configuration 4.1 System

Syntax

Call up the command with the following parameters: show noa config [port <interface-type> <interface-id>]

Parameter port interface-type interface-id

Description

Range of values/note

Keyword for an interface.

-

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

Result

The NOA configuration of the ports or of the specified port is displayed.

4.1.1.18

show versions

Description

This command shows the version information of the entire system.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show versions

Result

The version information of the entire system is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

73

Configuration 4.1 System

4.1.2

clear counters

Description

With this command, you reset the counters of an interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: clear counters [ <interface-type> <interface-id> ] The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values/note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, the counters for all interfaces are reset.

Result

The counters of the interface are reset.

Further notes

You can display the statistical information of the interfaces with the show interfaces ... counters command.

4.1.3

clear line vty

Description

With this command, you close a console session on the device. With the forceful-clear option, you close a session and that is not reacting.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

74

Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Configuration 4.1 System

Syntax

Call up the command with the following parameters: clear line vty {<line-number(2-9)> | all} [forceful-clear] The parameters have the following meaning:

Parameter line-number
all forceful-clear

Description
Number of the connection that will be terminated terminates all connections closes a session that is not reacting

Range of values / note 2 ... 9
-

Result

The console session is closed.

Further notes

You show the logged-on users with the show users command.

4.1.4

configure terminal

Description

With this command, you change to the Global configuration mode.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: configure terminal

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

75

Configuration 4.1 System
Result

You are now in the Global configuration mode. The command prompt is as follows: cli(config)#

Further notes

You exit the Global configuration mode with the end command.

4.1.5

disable
With the commands enable and disable you temporarily change the function rights of the logged in user, the login data remains unchanged.

Description

With this command, you close the Privileged EXEC mode. You are then in the User EXEC mode.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: disable

Result

You are in the User EXEC mode. The command prompt is as follows: cli>

4.1.6

enable
With the commands enable and disable you temporarily change the function rights of the logged in user, the login data remains unchanged.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

76

Configuration Manual, 10/2021, C79000-G8976-C361-12

Description

With this command, you change to the Privileged EXEC mode.

Configuration 4.1 System

Requirement

You are in the User EXEC mode. The command prompt is as follows: cli>

Syntax

Call the command without parameters: enable

Result

You are prompted to enter a password. Enter the password of the factory-set user "admin". The password is changed on the first login and the name can also be changed.
After logging in successfully, you are in the Privileged EXEC mode. The command prompt is as follows:
cli#

4.1.7

logout

Description

With this command, you exit the Command Line Interface. If you are connected to the device via telnet, the session is closed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: logout

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

77

Configuration 4.1 System
Result

The CLI session is ended and the Windows Login prompt is displayed.

4.1.8

ping

Description

With this command, you request a response from a device in the network. This allows you to check whether or not another node is reachable.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
ping <destination-address> [size<byte(0-2080)>] [count<packet_count(1-10)>] [timeout<seconds(1-100)>]
The parameters have the following meaning:

Parameter destinationaddress size byte
count packet_count
timeout
seconds

Description

Range of values/note

Address of the device whose availability you Enter a valid IPv4 address or a valid

want to check

host name.

Keyword for the size of the packets to be transferred

Keyword for the size of the packets in bytes 0 ... 2080

Default: 32

Keyword for the number of packets to be re- quested

Number of packets

1 ... 10

Default: 3

Response wait time

-

If this time expires, the request is reported as "timed out".

Time to the timeout in seconds

1 ... 100

Default: 1

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

78

Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Configuration 4.1 System
If you do not select any parameters from the parameter list, the default values are used.
The messages relating to the response of the called node are displayed.

4.1.9

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

4.1.9.1

interface

Description

With this command, you change to the Interface configuration mode.
There you can edit the settings for one interface. You select the interface with the parameters of this command. If you specify a logical interface that does not exist, it will be created. The name of the selected interface is displayed in the command prompt.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
interface {vlan <vlan-id (1-4094)> | port-channel <port-channel-id (1-8)> | <interface-type> <interface-id> }

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

79

Configuration 4.1 System

The parameters have the following meaning:

Parameter vlan vlan-id port-channel port-channel-id interface-type interface-id

Description Keyword for a VLAN connection Number of the addressed VLAN Keyword for a port channel connection Number of the addressed port channel Type or speed of the interface Module no. and port no. of the interface

Values 1 ... 4094 1 ... 8 Specify a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# The placeholder $$$ is replaced by the following name of the interface:

Type of interface port-channel vlan fastethernet gigabitethernet

Command prompt cli(config-if-po-$)# cli(config-if-vlan-$)# cli(config-if-Fa$-$)# cli(config-if-Gi$-$)#

The placeholders $ or $-$ denote the numbering of the interface.

The ranges of values for the logical interface VLAN and port channel can be found in the table above. You can only call up interfaces that you created with the vlan or channel-group command.

The ranges of values from the physical interfaces depend on the hardware configuration.

Additional notes You exit the Interface configuration mode with the end or exit command.
You delete a logical interface with the no interface command.
You display the status and the configuration of the interfaces with the show interfaces command.

See also

Features not supported (Page 35)

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

80

Configuration Manual, 10/2021, C79000-G8976-C361-12

4.1.9.2

no interface

Configuration 4.1 System

Description

With this command, you delete a logical interface.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no interface { vlan <vlan-id (1-4094)> | port-channel <port-channelid(1-8)> }
The parameters have the following meaning:

Parameter vlan vlan-id port-channel port-channel-id

Description Keyword for a VLAN connection Number of the addressed VLAN Keyword for a port channel connection Number of the addressed port channel

Range of values/note 1 ... 4094 1 ... 8

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The logical interface is deleted.

Further notes

You configure an interface with the interface command.
You display the status and the configuration of the interfaces with the show interfaces command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

81

Configuration 4.1 System

4.1.9.3

cli-console-timeout

Description

With this command, you activate the automatic logout and you configure the timeout setting for the CLI session.
Note No automatic logout from the CLI
If the connection is not terminated after the set time, check the "Keep alive" setting on the Telnet client.
If the interval is shorter than the configured time, the connection is kept alive although no user data is transferred. You have set, for example, 300 seconds for the automatic logoff and the "Keep alive" function is set to 120 seconds. In this case, a packet is sent every 120 seconds that keeps the connection up.  Turn off the "Keep alive" function. (Interval time=0)
or  Set the interval high enough so that the underlying connection is terminated when there is
inactivity.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: cli-console-timeout [<seconds(60-600)>] The parameters have the following meaning:

Parameter seconds

Description
Time in seconds until automatic logout after the last entry

Range of values / note 60 ... 600 Default: 300

Result

The time is configured and automatic logout is enabled.

Further notes

You disable automatic logout with the no cli-console-timeout command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

82

Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.1 System
You display the current timeout setting with the show cli-console-timeout command.

4.1.9.4

no cli-console-timeout

Description

With this command, you disable the automatic logout.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no cli-console-timeout

Result

Automatic logout is disabled.

Further notes

You enable automatic logout with the cli-console-timeout command. You display the current timeout setting with the show cli-console-timeout command.

4.1.9.5

coordinates height

Description

With this command, you enter the geographical height.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

83

Configuration 4.1 System

coordinates height <meter> The parameter has the following meaning:

Parameter meter

Description Geographical height

Range of values/note
Max. 32 characters
Enter the value for the geographi- cal height over or under zero (sea level) in meters. To use spaces in the input, enter the height with quotation marks: coordinates height "123 456"

Result

The geographical height has been created.

Further notes

You display the coordinates with the show coordinatea command.

4.1.9.6

coordinates latitude

Description

With this command, you enter the latitude.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: coordinates latitude <latitude>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

84

Configuration Manual, 10/2021, C79000-G8976-C361-12

The parameter has the following meaning:

Parameter latitude

Description Latitude

Configuration 4.1 System
Range of values/note Max. 32 characters Enter the value for north or south latitude. To use spaces in the entry, enter the latitude in quotes: coordinates latitude "123 456"

Result

The latitude has been created.

Further notes

You display the coordinates with the show coordinatea command.

4.1.9.7

coordinates longitude

Description

With this command, you enter the longitude.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: coordinates longitude <longitude> The parameter has the following meaning:

Parameter longitude

Description Longitude

Range of values/note
Max. 32 characters
Enter the value for east or west longitude.
To use spaces in the entry, enter the longitude in quotes: coordinates longitude "123 456"

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

85

Configuration 4.1 System
Result

The longitude has been created.

Further notes

You display the coordinates with the show coordinatea command.

4.1.9.8

ethernetip

Description

With this command, you set whether EtherNet/IP will be enabled or disabled after the next device restart.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ethernetip {off|on} The parameters have the following meaning:

Parameter off
on

Description

Range of values / note

EtherNet/IP will be disa- bled after the next restart.

EtherNet/IP will be ena-  When EtherNet/IP is turned on, PROFINET is turned off. bled after the next restart. The switchover from EtherNet/IP and PROFINET has no
effect on DCP.

 If a PROFINET connection is established; in other words the PROFINET AR status is "Online", you cannot enable EtherNet/IP.

Result

EtherNet/IP is enabled or disabled after the next restart.

Further notes

You can display the current EtherNet/IP configuration with the show ethernetip command. You restore the default settings of the EtherNet/IP profile with the restart command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

86

Configuration Manual, 10/2021, C79000-G8976-C361-12

4.1.9.9

pnio

Configuration 4.1 System

Description

With this command, you configure the setting for PROFINET after the next restart of the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: pnio {off|on} The parameters have the following meaning:

Parameter off

Description PROFINET is disabled.

on

PROFINET is activated.

Range of values / note
If a PROFINET connection is established; in other words the PROFINET AR status is "On- line", you cannot disable PROFINET.
When PROFINET is turned on, EtherNet/IP is turned off. The switchover from PROFINET and EtherNet/IP has no effect on DCP.

Result

PROFINET is enabled or disabled after the next restart.

Further notes

You display the current PROFINET configuration with the show pnio command. You restore the default settings of the PROFINET profile with the restart command.

4.1.9.10

system contact

Description

With this command, you enter contact information for the system.

Requirement

You are in global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

87

Configuration 4.1 System
The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: system contact <contact info> The parameter has the following meaning:

Parameter contact info

Description Input box for contact information

Range of values/note max. 255 characters

Result

The contact information is created in the system.

Further notes

You display the general device information with the show device information command.

4.1.9.11

system location

Description

With this command, you enter the location information for the system.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: system location <location name> The parameter has the following meaning:

Parameter location name

Description Input box for the location information

Range of values/note max. 255 characters

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

88

Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The location information is created in the system.

Configuration 4.1 System

Further notes

You display the general device information with the show device information command.

4.1.9.12

system name

Description

This command, you enter a name for the system.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: system name <system name> The parameter has the following meaning:

Parameter system name

Description Input box for the name

Range of values/note max. 255 characters

Result

The name is created in the system. The corresponding system name is displayed instead of "cli" in the command prompt: system name(config)#

Further notes

You display the general device information with the show device information command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

89

Configuration 4.1 System

4.1.9.13

username

Note
User "user" preset in the factory
As of firmware version 2.1, the default user set in the factory "user" is no longer available when the product ships.
If you update a device to firmware V2.1, the user "user" is initially still available. If you reset the device to the factory settings ("Restore Factory Defaults and Restart"), the user "user" is deleted.
You can create users with the role "user".

Description

With this command, you change the password for users with the user name "user" or "admin".

Requirement

 The user is logged in with the "admin" role.
 You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: username {user|admin} password <passwd> The parameters have the following meaning:

Parameter user
admin

Description User with the "user" user name.
User with the "admin" user name.

Range of values/note
If you have created a user with the user name "user", you can change the pass- word for this user with this command.
If you have not renamed the "admin" user preset in the factory, you can change the password for this user with this command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

90

Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Parameter password passwd

Description Keyword for a password Value for the password

Configuration 4.1 System
Range of values/note Enter the password. The password must meet the following conditions:  It must be unique.  The following characters must not be
included: | § ? " ; :  It must not include Extended ASCII Co-
des (characters > 0x7F).  When the password contains spaces,
the entire character string must be set in quotation marks. The strength of the password depends on the set password policy:  low: Password length: at least 6 char- acters  high: The password must meet the following conditions: ­ Password length: at least 8 charac-
ters ­ at least 1 uppercase letter ­ at least 1 special character ­ at least 1 number

The password is changed.
Note Changing the password in Trial mode Even if you change the password in Trial mode, this change is saved immediately.

Further notes

You show the created users with the show user-accounts command. You can also change the passwords with the user-account command. You display the currently valid password policy with the show password-policy command.

4.1.10

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

91

Configuration 4.1 System
In global configuration mode, enter the interface command to change to this mode. Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.  If you exit the Interface configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the Interface configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode. To do this, you replace [command] with the command that you want to execute.

4.1.10.1

alias

Description

With this command, you assign a name to an interface. The name only provides information and has no effect on the configuration.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: alias <interface-name> The parameter has the following meaning:

Parameter interface-name

Description Name of the interface

Range of values / note max. 63 characters

Result

The interface was assigned a name.

Further notes

You delete the name of the interface with the no alias command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

92

Configuration Manual, 10/2021, C79000-G8976-C361-12

4.1.10.2

no alias

Configuration 4.1 System

Description

With this command, you delete the name of the interface.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no alias

Result

The name of the interface is removed.

Further notes

You configure the name of the interface with the alias command.

4.1.10.3

broadcast-block

Description

With this command, you enable the blocking of broadcast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: broadcast-block

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

93

Configuration 4.1 System
Result

Broadcast frames are blocked.

Further notes

You disable the blocking of broadcast frames with the no broadcast-block command.

4.1.10.4

no broadcast-block

Description

With this command, you disable the blocking of broadcast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no broadcast-block

Result

The blocking of broadcast frames is disabled.

Further notes

You enable the blocking of broadcast frames with the broadcast-block command.

4.1.10.5

duplex

Description

Electrical interfaces can be operated in full duplex mode or half duplex mode. The options here depend on the connected device.
Optical connections are always operated in full duplex mode since they have a fiber for each transmission direction.
With this command, you configure the duplex mode of an interface. The same mode must be set for connected interfaces.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

94

Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

 Autonegotiation is disabled.
 You are in the Interface configuration mode of an electrical interface. The command prompt is as follows: cli(config-if-$$$)#

Configuration 4.1 System

Syntax

Call up the command with the following parameters: duplex {full|half} The parameters have the following meaning:

Parameter full
half

Description

Range of values / note

The Interface will be operated in full du- Default: full plex mode.

The Interface will be operated in half du- plex mode

Result

The duplex mode of the interface is configured.

Further notes

You can reset the duplex mode of the Interface to the default value with the no duplex command.
You disable autonegotiation with the no negotiation command.

4.1.10.6

no duplex

Description

With this command, you reset the duplex mode of an interface to the default value. The default value is full.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

95

Configuration 4.1 System
no duplex

Result

The duplex mode of the Interface is reset to the default value.

Further notes

You configure the duplex mode of the interface with the duplex command.

4.1.10.7

lldp

Description

With this command, you enable the sending and receipt of LLDP packets on the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: lldp{transmit|receive} The parameters have the following meaning:

Parameter transmit
receive

Description

Range of values / note

The sending of LLDP packets is ena- bled.

Default: enabled

The receipt of LLDP packets is enabled. Default: enabled

Note Enabling both options When you call this command, you can only select one option. If you want to enable both options, call up the command again.

Result

Sending or receipt of LLDP packets is enabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

96

Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.1 System

Further notes

You disable the sending or receipt of LLDP packets with the no lldp command.

4.1.10.8

no lldp

Description

With this command, you disable the sending or receipt of LLDP packets on the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no lldp{transmit|receive} The parameters have the following meaning:

Parameter transmit receive

Description the sending of LLDP packets is disabled the receipt of LLDP packets is disabled

Note Disabling both options When you call this command, you can only select one option. If you want to disable both options, call up the command again.

Result

Sending or receipt of LLDP packets is disabled.

Further notes

You enable the sending or receipt of LLDP packets with the lldp command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

97

Configuration 4.1 System

4.1.10.9

media type

Description

With this command, you configure the mode of a combo port.
Note This command only influences combo ports. If you attempt to configure a different port with this command, an error message will be displayed.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: media-type {auto|rj45|sfp}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

98

Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.1 System

The parameters have the following meaning:

Parameter auto
rj45
sfp

Description

Range of values/note

The auto mode is enabled for the com- Default: auto bo port.

In this mode, the SFP transceiver port has priority. As soon as a pluggable transceiver is plugged in, an existing connection at the fixed RJ-45 port is ter- minated. If no pluggable transceiver is plugged in, a connection can be estab- lished via the built-in RJ-45 port.

The rj45 mode is enabled for the com- bo port.

In this mode, the fixed RJ-45 port is used independent of the SFP transceiv- er port.

If a pluggable transceiver is plugged in, it is disabled and the power turned off.

The sfp mode is enabled for the combo port.

In this mode, the SFP transceiver port is used independent of the fixed RJ-45 port.

If an RJ-45 connection is established, it is terminated because the power of the RJ-45 port is turned off.

Result

The mode of the combo port is configured.

Further notes

You display the mode of a combo port with the command show interface and the parameter status.

4.1.10.10 multicast-block

Description

With this command, you enable the blocking of multicast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface

Configuration Manual, 10/2021, C79000-G8976-C361-12

99

Configuration 4.1 System
Syntax

Call the command without parameter assignment: multicast-block

Result

Multicast frames are blocked.

Further notes

You disable the blocking of multicast frames with the no multicast-block command.

4.1.10.11 no multicast-block

Description

With this command, you disable the blocking of multicast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no multicast-block

Result

The blocking of multicast frames is disabled.

Further notes

You enable the blocking of multicast frames with the mulitcast-block command.

100

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.1.10.12 noa port config

Configuration 4.1 System

Description

NOA (NAMUR Open Architecture) is a concept for data exchange in the process industry with the purpose of transferring data from the field level to a cloud. A SCALANCE XC-200 can take on the function of a NOA IT/OT switch and separate pure IT networks from pure OT networks. Communication to both networks is also possible. The switch separates the networks based on ports, i.e. a port either belongs to the IT network or to the OT network or to both networks. You use the command noa port config to determine which network the port belongs to.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: noa port config {otPort | itPort | itotPort} The parameters have the following meaning:

Parameter otPort itPort itotPort

Description

Range of values/note

The port belongs to the OT network. -

The port belongs to the IT network.

-

The port belongs to the OT network and Default the IT network.

Result

The NOA functionality of the port is configured.

Additional notes It shows the NOA configuration of the ports with the show noa config command.

4.1.10.13 negotiation

Description

With this command, you enable autonegotiation of connection parameters on an interface. Autonegotiation must be set for every interface of connected interfaces.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

101

Configuration 4.1 System

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: negotiation

Result

The automatic negotiation of connection parameters on an interface is activated.

Further notes

You disable the autonegotiation of connection parameters with the no negotiation command.

4.1.10.14 no negotiation

Description

With this command, you disable autonegotiation of connection parameters on an interface.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no negotiation

Result

The automatic negotiation of connection parameters on an interface is deactivated.

Further notes

You enable the autonegotiation of connection parameters with the negotiation command.

102

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.1.10.15 shutdown

Configuration 4.1 System

Description

With this command, you shut down the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: shutdown [complete] The parameter has the following meaning:

Parameter

Description

Range of values / note

without parame- The interface is disabled but the connection remains. ters

complete

The interface is disabled and the connection to the part- For every optical port that

ner device is terminated.

you disable with

the shutdown

complete command, the

current consumtion of the

device is reduced by 30

mA.

Result

The Interface is shut down.
If you execute this command without parameters, a connection remains displayed. The LED for the port status flashes. However no data is sent or received.

Further notes

You activate the interface with the no shutdown command.
You can display the status of this function and other information with the show interfacescommand.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

103

Configuration 4.1 System
4.1.10.16 no shutdown

Description

With this command, you shut down an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no shutdown

Result

The Interface is activated.

Further notes

You deactivate the interface with the shutdown command.
You can display the status of this function and other information with the show interfacescommand.

4.1.10.17 power

Description

With this command, you enable or disable the interface.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command with the following parameters: power {down | up}

104

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The parameters have the following meaning:

Parameter down up

Description The interface is switched off. The interface is switched on.

Configuration 4.1 System
Range of values/note -

Result

The Interface is switched off or switched on.

Additional notes
You can display information about the status of the interfaces with the show interfaces status command.

4.1.10.18 speed

Description

With this command, you configure the transmission speed of an interface.
The transmission speed can only be configured for electrical data transfer. On optical connections, the transmission speed is fixed.

Requirement

 Autonegotiation is disabled.
 You are in the Interface configuration mode of an electrical interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command with the following parameters: speed {10 | 100 | 1000 | 10000} The parameters have the following meaning:

Parameter 10 100 1000 10000

Description Transmission speed 10 Mbps Transmission speed 100 Mbps Transmission speed 1000 Mbps Transmission speed 10000 Mbps

Result

The transmission speed of the interface is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

105

Configuration 4.1 System
Additional notes You disable autonegotiation with the no negotiation command.

4.1.10.19 unicast-block

Description

With this command, you enable the blocking of unknown unicast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: unicast-block

Result

Unicast frames are blocked.

Further notes

You disable the blocking of unicast frames with the no unicast-block command. You display the status of this function with show unicast-block config.

4.1.10.20 no unicast-block

Description

With this command, you disable the blocking of unknown unicast frames on an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

106

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameter assignment: no unicast-block

Configuration 4.1 System

Result

The blocking of unicast frames is disabled.

Further notes

You enable the blocking of unicast frames with the unicast-block command. You display the status of this function with show unicast-block config.

4.1.10.21 unicast-mac flush

Description

With the command, you configure which addresses are deleted from the FDB (Forward Database) when a link-down occurs on a port.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: unicast-mac flush {disabled | port | full} The parameters have the following meaning:

Parameter disabled port
full

Description

Range of values/note

In the event of a link-down for a port, the FDB remains unchanged.

In the event of a link-down for a port, only the FDB entries belonging to the corresponding port are deleted.

In the event of a link-down for a port, all Default entries in the FDB are deleted.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

107

Configuration 4.1 System
Result

In the event of a link-down for a port, the FDB is changed according to the configuration carried out.

108

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.2 Load and Save

4.2

Load and Save

This section describes commands for displaying, copying, saving and downloading files for the device.

Note
Note that during the installation of a previous version, the configuration data can be lost. In this case, the device starts up with the factory configuration settings after the firmware has been installed.

4.2.1

File list

Overview of the file types

File type Config
ConfigPack Debug
DebugExt
EDS Firmware GSDML HTTPSCert
LogFile LoginWelcomeMes- sage MIB

Description
This file contains the start configuration. Among other things, this device contains the definitions of the users. The pass- words are stored the file "Users".
Detailed configuration information. for example, start configuration, users, cer- tificates and WBM favorites.
This file contains information for Siemens Support. It is encrypted and can be sent by e-mail to Siemens Support without any security risk.
This file contains detailed information for Siemens Support. It is encrypted and can be sent by e-mail to Siemens Support without any security risk. Saving the file may take some time.
Electronic Data Sheet (EDS) Electronic data sheet for describing devices in the EtherNet/IP mode
The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.
PROFINET information on the device properties
Default HTTPS certificates including key The preset and automatically created HTTPS certificates are self-signed. We strongly recommend that you create your own HTTPS certificates and make them available. We recommend that you use HTTPS certificates signed either by a reliable external or by an internal certification authority. The HTTPS certificate checks the identity of the device and controls the encrypted data exchange. Certificates with a different format cannot be copied in.
File with entries from the event log table
File with a text for the login page. The content of the file can consist only of a maximum of 50 lines with a maximum of 255 ASCII characters.
Private MSPS MIB file

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

109

Configuration 4.2 Load and Save

File type RunningCLI
RunningSINEMA- Config
Script SINEMAConfig
StartupInfo Users WBMFav

Description
Text file with CLI commands
This file contains an overview of the current configuration in the form of CLI commands. You can download the text file. The file is not intended to be uploa- ded again unchanged.
You save the current device configuration in this file type for transfer to STEP 7 Basic/Professional. The file can be imported in STEP 7 Basic/Professional and installed on a device with the same article number and firmware version.
Before you can save a file, you must assign a password for the "RunningSINE- MAConfig" in the WBM under "System > Load&Save > Passwords". You also need this password to import the file into STEP 7 Basic/Professional.
See also "SINEMAConfig"
Text file with CLI commands
You can upload a script file into a device. The CLI commands it contains are executed appropriately.
You load configuration data that was exported via STEP 7 Basic/Professional for transfer to the WBM with this file type.
To load a file, you must assign a password for the "SINEMAConfig" under "Sys- tem > Load&Save > Passwords". You also need this password to export the file from STEP 7 Basic/Professional.
See also "RunningSINEMAConfig"
Startup log file
This file contains the messages that were entered in the log during the last start- up.
This file contains the assignment of the user names to the corresponding pass- words.
WBM favorites
This file contains the favorites that you created in the WBM. You can download this file and upload it to other devices.

4.2.2

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

4.2.2.1

show loadsave files

Description

This command shows the current Load&Save file information.

110

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Configuration 4.2 Load and Save

Syntax

Call the command without parameters: show loadsave files

Result

The current Load&Save file information is displayed.

4.2.2.2

show loadsave tftp

Description

This command shows the current configuration of the TFTP server for Load&Save.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show loadsave tftp

Result

The current configuration of the TFTP server for Load&Save is displayed.

4.2.3

load tftp

Firmware

The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

111

Configuration 4.2 Load and Save

Description

With this command, you load the files from a TFTP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
load tftp ipv4 <ipv4-address> [port <tcp port (1-65535)>] file <filename> filetype <filetype>
The parameters have the following meaning:

Parameter ipv4 ipv4-address port
tcp port
file filename filetype filetype

Description

Range of values / note

Keyword for an IPv4 address

-

Value for an IPv4 unicast address

Enter a valid IPv4 unicast address.

Keyword for the port of the server via which the TFTP connection runs

Number of the port

1 ... 65535

Default: 69

Keyword for a file name to be assigned -

Name of the file

max. 100 characters

Keyword for the file type to be loaded -

Name of the file type

max. 100 characters

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The file is loaded on the device from the TFTP server.

Further notes

With the "show loadsave files" command, you can display the file types.

4.2.4

save filetype

Description

With this command, you save files on a TFTP server.

112

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Configuration 4.2 Load and Save

Syntax

Call up the command with the following parameters:
save filetype <filetype> tftp ipv4 <ipv4-address> [port <tcp port (1-65535)>] file <filename>
The parameters have the following meaning:

Parameter filetype filetype tftp ipv4 ipv4-address port
tcp port
file filename

Description

Range of values / note

Keyword for a file type to be loaded

-

Name of the file type

max. 100 characters

Keyword for a TFTP server

-

Keyword for an IPv4 address

-

Value for an IPv4 unicast address

Enter a valid IPv4 unicast address.

Keyword for the port of the server via which the TFTP connection runs

Number of the port

1 ... 65535

Default: 69

Keyword for a file name to be assigned -

Name of the file

max. 100 characters

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The file is saved on the TFTP server.

Further notes

With the "show loadsave files" command, you can display the file types.

4.2.5

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

113

Configuration 4.2 Load and Save
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

4.2.5.1

loadsave

Description

With this command, you change to the LOADSAVE configuration mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: loadsave

Result

You are now in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Further notes

You exit the LOADSAVE configuration mode with the exit command.

4.2.6

Commands in the LOADSAVE configuration mode
This section describes commands that you can call up in the LOADSAVE configuration mode. In global configuration mode, enter the loadsave command to change to this mode.

114

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.2 Load and Save
You display the valid file types for the commands in the LOADSAVE Configuration mode with the global command show loadsave tftp.  If you exit the LOADSAVE configuration mode with the exit command, you return to the
Global Configuration mode.  If you exit the LOADSAVE configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in LOADSAVE configuration mode. To do this, you replace [command] with the command that you want to execute. For information on the file types , refer to this list (Page 109).

4.2.6.1

delete

Description

With this command, you call up the possible files or delete a specific file.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: delete { showfiles | filetype <filetype> } The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Keyword for the file type to be deleted Name of the file type

Range of values/note max. 100 characters

Result

The files are displayed or the file is deleted.

Further notes

With the "show loadsave files" command, you can display the file types.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

115

Configuration 4.2 Load and Save

4.2.6.2

password

Description

With this command, you activate and configure the password for a file.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: password { showfiles | filetype <filetype> [pw <password>] } The parameters have the following meaning:

Parameter showfiles
filetype filetype pw password

Description

Values

Shows the available files. The status is displayed in addi- tion for the HTTPSCert file type. The available options are as follows:

 Invalid The password does not match the certificate. The de- fault certificate is used after a restart.

 Valid The password matches the certificate. The downloa- ded certificate is used after a restart.

No password was assigned. The default certificate is used after a restart.

Keyword for the file type.

-

Name of the file type

max. 100 characters

Keyword for the password

-

Password

Enter the password for the file.

Result

The password for the file is configured and activated.

Additional notes You disable the password with the no password command.

116

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.2.6.3

no password

Configuration 4.2 Load and Save

Description

With this command, you disable the password for a file.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: no password { showfiles | filetype <filetype>} The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Shows that the file type follows that will be loaded Name of the file type

Values max. 100 characters

Result

The password for the file is disabled.

Further notes

You enable the password for the user certificate with the password command.

4.2.6.4

tftp filename

Description

With this command, you assign a name to a file type.
The file type decides the type that is affected by the tftp load or tftp save action. The name decides the file to be copied to or from the TFTP server.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

117

Configuration 4.2 Load and Save
cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp filename {showfiles | filetype <filetype> name <filename>} The parameters have the following meaning:

Parameter showfiles filetype
filetype name
filename

Description
Shows the available files Keyword for a file type to be assigned a name Name of the file type Keyword for a file name to be assigned to the file type Name of the file

Range of values/note -
max. 100 characters -
max. 100 characters

Result

The file types are displayed or the file type is assigned a name.

Further notes

With the "show loadsave files" command, you can display the file types.

4.2.6.5

tftp load

Firmware

The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.

Description

With this command, you load a file from a TFTP server into the file system of the device. The TFTP protocol is used for the transfer. You can also display a list of available files.

Requirement

 The name of the file is specified
 You are in the LOADSAVE configuration mode. The command prompt is: cli(config-loadsave)#

118

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Configuration 4.2 Load and Save

Call up the command with the following parameters: tftp load { showfiles | filetype <filetype> } The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Keyword for a file type to be loaded Name of the file type

Range of values/note max. 100 characters

Result

The file types are displayed or the file is downloaded to the device.

Further notes

You configure the name of the file with the tftp filename command. With the "show loadsave files" command, you can display the file types.

4.2.6.6

tftp save

Description

With this command, you copy a file from the file system of the device to a TFTP server. The TFTP protocol is used for the transfer. You can also display a list of available files.

Requirement

 The name of the file is specified
 You are in the LOADSAVE configuration mode. The command prompt is: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp save { showfiles | filetype <filetype> } The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Keyword for a file type to be loaded Name of the file type

Range of values/note max. 100 characters

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

119

Configuration 4.2 Load and Save

Result

The file types are displayed or the file is copied.

Further notes

You configure the name of the file with the tftp filename command. With the "show loadsave files" command, you can display the file types.

4.2.6.7

tftp server

Description

With this command, you configure the access to a TFTP server.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: tftp server ipv4 <ipv4-address> [port <tcp port (1-65535)>] The parameters have the following meaning:

Parameter ipv4 ipv4-address port
tcp port

Description
Keyword for an IPv4 address Value for an IPv4 unicast address Keyword for the port of the server via which the TFTP connection runs Number of the port

Range of values/note Enter a valid IPv4 unicast address. -
1 ... 65535

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The settings for the access to the selected TFTP server are configured.

120

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.2.6.8

sftp filename

Configuration 4.2 Load and Save

Description

With this command, you assign a name to a file type.
The file type decides the type that is affected by the sftp load or sftp save action. The name decides the file to be copied to or from the SFTP server.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: sftp filename {showfiles | filetype <filetype> name <filename>} The parameters have the following meaning:

Parameter showfiles filetype
filetype name
filename

Description
Shows the available files Keyword for a file type to be assigned a name Name of the file type Keyword for a file name to be assigned to the file type Name of the file

Range of values/note -
max. 100 characters -
max. 100 characters

Result

The file types are displayed or the file type is assigned a name.

Further notes

With the "show loadsave files" command, you can display the file types.

4.2.6.9

sftp load

Description

With this command, you load a file from an SFTP server into the file system of the device. You can also display a list of available files.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

121

Configuration 4.2 Load and Save

Requirement

 The name of the file is specified
 You are in the LOADSAVE configuration mode. The command prompt is: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: sftp load { showfiles | filetype <filetype> } The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Keyword for a file type to be loaded Name of the file type

Range of values/note max. 100 characters

Result

The file types are displayed or the file is downloaded to the device.

Further notes

You configure the name of the file with the sftp filename command. With the "show loadsave files" command, you can display the file types.

4.2.6.10

sftp save

Description

With this command, you copy a file from the file system of the device to an SFTP server. The SFTP protocol is used for the transfer. You can also display a list of available files.

Requirement

 The name of the file is specified
 You are in the LOADSAVE configuration mode. The command prompt is: cli(config-loadsave)#

Syntax

Call up the command with the following parameters: sftp save { showfiles | filetype <filetype> }

122

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.2 Load and Save

The parameters have the following meaning:

Parameter showfiles filetype filetype

Description Shows the available files Keyword for a file type to be loaded Name of the file type

Range of values/note max. 100 characters

Result

The file types are displayed or the file is copied.

Further notes

You configure the name of the file with the sftp filename command. With the "show loadsave files" command, you can display the file types.

4.2.6.11

sftp server

Description

With this command, you configure the access to an SFTP server.

Requirement

You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)#

Syntax

Call up the command with the following parameters:
sftp server ipv4 <ucast_addr> [port <tcp port (1-65535)>] [user <username>] [password <password>]
The parameters have the following meaning:

Parameter ipv4 ucast_addr port
tcp port user

Description
Keyword for an IPv4 address Value for an IPv4 unicast address Keyword for the port of the server via which the SFTP connection runs Number of the port Keyword for user

Range of values/note Enter a valid IPv4 unicast address. -
1 ... 65535 -

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

123

Configuration 4.2 Load and Save

Parameter username
password password

Description

Range of values/note

User name for access to the SFTP serv- Enter a valid user name.

er

This parameter can only be used

when a user with the correspond-

ing rights has been created on the

SFTP server.

Keyword for a password

-

Password of the user

Enter the password for the user.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The settings for the access to the selected SFTP server are configured.

124

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.3 Reset and Defaults

4.3

Reset and Defaults

This section describes commands for restarting the device and for restoring the original configuration.

4.3.1

restart

Description

With this command, you restart the device. Select one of the following configuration settings:  Device restart with the current configuration  Device restart with the factory configuration settings.  Device restart with the default settings of the PROFINET IO profile.  Device restart with the default settings of the EtherNet/IP profile.  Device restart with the default settings of the Industrial Ethernet profile.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters: restart [{factory | pnio | ethernetip | ie}] The parameters have the following meaning:

Parameter without parame- ters
factory

Description The system restarts with the current configuration
Restores the factory settings of the device and restarts the device. The factory settings depend on the device.

Range of values/note
 You can only restart the device with administrator privileges.
 A device should only be restarted by this CLI command or the corresponding buttons in the WBM and not by a poer cycle on the device.
 By resetting all the settings to the factory settings, the IP address and the passwords are also lost. Following this, the device can only be accessed via the serial interface, using the Primary Set- up Tool or using DHCP.

 With the appropriate attachment, a previously correctly config- ured device can cause circulating frames and therefore the fail- ure of the data traffic.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

125

Configuration 4.3 Reset and Defaults

Parameter pnio
ethernetip
ie

Description
Restores the default settings of the PROFINET IO profile and restarts the device.
Restores the default settings of the EtherNet/IP profile and restarts the device.
Restores the default settings of the Industrial Ethernet profile and re- starts the device.

Range of values/note
 The profiles provide a preconfiguration for various use cases of the devices.
 When you start a device with the default settings of a profile, the settings are reset to the factory settings and some parameters are set so that they are designed for a use case.
 In contrast to resetting to the factory settings. the users and passwords are retained after the restart. The configured IP ad- dress is lost so that device can then only be accessed via the serial interface, using the Primary Setup Tool or using DHCP.
 With the appropriate attachment, a previously correctly config- ured device can cause circulating frames and therefore the fail- ure of the data traffic.

Result

The device is restarted with the selected settings.

4.3.2

Commands in global configuration mode

4.3.2.1

Introductory sentence for the global configuration mode
This section describes commands that you can call up in the Global configuration mode.
In Privileged EXEC mode, enter the configure terminal command to change to this mode.
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode.
To do this, you replace [command] with the command that you want to execute.

4.3.2.2

schedule restart-timer

Description

With this command, you specify the time after which the device restarts.

Requirement

You are in global configuration mode. The command prompt is as follows:

126

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Configuration 4.3 Reset and Defaults

Syntax

Call up the command with the following parameters: schedule restart-timer <seconds(300-86400)>

Parameter seconds

Description Value for the time in seconds

Range of values/note 300 ... 86400 (24 h)

Result

When "Automatic Save" configuration mode is active, an additional message is displayed. You can specify whether the device should save the current configuration and switch to "Trial" mode. In any case, the device restarts after the specified time.

Additional notes You disable the scheduled restart of the device with the cancel restart-time command.

4.3.2.3

cancel restart-time

Description

With this command, you disable the timer.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: cancel restart-time

Result

The timer for the scheduled restart is disabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

127

Configuration 4.4 Configuration Save & Restore

4.4

Configuration Save & Restore

This section describes commands for displaying, saving and restoring configuration settings.

4.4.1 4.4.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.
show running-config
Note Depending on the device type, the IE switch does not support all described parameters; see section "Features not supported (Page 35)".

Description

This command shows configuration settings of the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show running-config [{ syslog | dhcp | qos | stp | la | dot1x | vlan [ <vlan-id (1-4094)>] | interface { port-channel <port-channel-id (1-8)> | <interface-type> <interface-list> | vlan <vlan-id(1-4094)> } | ssh | ssl | acl | ip | snmp | radius | rmon | igmp | sntp | http | broadcast-blocking | multicast-blocking | locked-port | auto-logout | time | ntp | auto-save | panel-button | cos-map | dscp-map | output-rate-limit | unicast-blocking | ospf | vrrp |

128

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.4 Configuration Save & Restore

loopd | events | redundancy | passive | umac | nat | fmp | pim | msdp | router-advertisement-blocking | mac-learning | mac-flush-type}] [all] The parameters have the following meaning:

Parameter syslog
dhcp
qos
stp
la
dot1x
vlan vlan-id interface port-channel port-channel-id interface-type interface-list ssh
ssl
acl
ip
snmp
radius
rmon
igmp
sntp
http

Description

Range of values/note

Shows the configuration settings of the Syslog function

shows the configuration settings of the Dynamic Host Configuration Protocol

shows the configuration settings of QoS (Quality of Service)

Shows the configuration settings of the Spanning Tree protocol

Shows the configuration settings of the Link Aggregation function

shows the configuration settings of the port-based network access control

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a an interface description -

Keyword for a port channel connection -

Number of the addressed port channel 1 ... 8

Type of interface

Enter a valid interface.

Module no. and port no. of the interface

Shows the configuration settings of the Secure Shell protocol

Shows the configuration settings of the Secure Sockets Layer protocol

Shows the configuration settings of the access control lists

Shows the configuration settings of the Internet Protocol

Shows the configuration settings of the Simple Network Management Protocol

shows the configuration settings of the Remote Authentication Dial-In User service

Shows the configuration settings of the Remote Monitoring function

Shows the configuration settings of the Internet Group Management Protocol

Shows the configuration settings of the Simple Network Time Protocol

Shows the configuration settings of the Hypertext Transfer Protocol

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

129

Configuration 4.4 Configuration Save & Restore

Parameter broadcastblocking multicastblocking locked-port auto-logout time ntp auto-save panel-button cos-map dscp-map output-rate-limit unicast-blocking ospf vrrp loopd events redundancy passive umac nat fmp pim msdp

Description

Range of values/note

Shows the configuration settings of the broadcast blocking

Shows the configuration settings of the multicast blocking

Shows the configuration settings of the locked port function

Shows the configuration settings of the auto logout function

Shows the configuration settings of the system time

Shows the configuration settings of the Network Time Protocol

Shows the configuration settings of the auto save function

Shows the configuration settings of the Panel Button function

Shows the configuration settings of the COS function

Shows the configuration settings of the DSCP map function

Shows the configuration settings of the output rate limit function

Shows the configuration settings of the unicast blocking

Shows the configuration settings of the Open Shortest Path First

Shows the configuration settings of the Virtual Router Redundancy Protocol

Shows the configuration settings of loop detection

Shows the configuration settings of the events

Shows the configuration settings of the redundancy

Shows the configuration settings of pas- sive listening

Shows the configuration settings of the user configuration

Shows the configuration settings of the Network Address Translation

Shows the configuration settings of the Fiber Monitoring protocol

Shows the configuration settings of the Independent Multicast protocol

Shows the configuration settings of the Multicast Source Discovery protocol

130

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Configuration 4.4 Configuration Save & Restore

Parameter routeradvertisementblocking mac-learning mac-flush-type
all

Description
Shows the configuration settings of the router advertisement blocking.

Range of values/note -

-
Shows the configuration settings of the "unicast-mac flush" command
shows all configuration settings and all default parameters. Some parameters cannot be changed.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

The selected configuration settings of the device are displayed. Passwords are masked as follows: [PASSWORD] In other "show" commands, passwords are masked as follows: ******

4.4.2

write startup-config

Description

With this command, you save the changes to the configuration in the configuration file. The use of this command is required in the Trial mode. It can also be used in "auto save mode".

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: *cli# or cli#

Syntax

Call the command without parameter assignment: write startup-config

Result

The changes are saved in the configuration file.
When you restart the device without parameter assignment with the restart command, this configuration is used.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

131

Configuration 4.4 Configuration Save & Restore

Further notes

You enable the auto save function or disable the Trial mode with the auto-save command. You disable the auto save function or enable the Trial mode with the no auto-save command.

4.4.3

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

4.4.3.1

auto-save

Description

The CLI can save changes to the configuration automatically. If you first want to test changes made to the configuration so that you can discard them afterwards if necessary, you can disable the auto save function. You are then in the Trial mode.
Note PROFINET IO functionality of the device is switched off when the "Auto save function" is disabled ("Trial mode"). The device then no longer responds to PROFINET requests. Consequently, a controller does not receive any PROFINET information from the device. SINEC NMS or SINEMA Server cannot monitor the device with the PROFINET protocol when the "Auto save function" is disabled.
Changes to the configuration that you have not saved are indicated by an asterisk in front of the command prompt: *cli(...)#. You save the changes to the configuration with the write startup-config command. With the auto-save command, you enable the auto save function.

Requirement

You are in global configuration mode. The command prompt is as follows:

132

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Configuration 4.4 Configuration Save & Restore

Syntax

Call the command without parameters: auto-save As default the function is "enabled".

Result

The auto save function is enabled.

Additional notes
You save changes to the configuration in trial mode with the write startup-config command.
You disable the function with the no auto-save command.
You can display the status of this function and other information with the show device information command.

4.4.3.2

no auto-save

Description

With this command, you disable the auto save function.
Note
PROFINET IO functionality of the device is switched off when the "Auto save function" is disabled ("Trial mode"). The device then no longer responds to PROFINET requests. Consequently, a controller does not receive any PROFINET information from the device.
SINEC NMS or SINEMA Server cannot monitor the device with the PROFINET protocol when the "Auto save function" is disabled.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

133

Configuration 4.4 Configuration Save & Restore
no auto-save

Result

The auto save function is disabled. The Trial mode is activated.

Additional notes
You enable the function with the auto-save command.
You can display the status of this function and other information with the show device information command.
You save changes to the configuration in trial mode with the write startup-config command.

134

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.5 DCP Discovery and Set (DaS)

4.5

DCP Discovery and Set (DaS)

This section describes commands for displaying and setting network parameters.

4.5.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

4.5.1.1

show das info

Description

This command shows the devices that can be reached via the interface and support DCP. DCP Discovery only searches for devices located in the same subnet as the interface.
The result of the search is not saved permanently. Perform the search again after a restart.

Requirement

 The command das discover interface is executed.
 You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters: show das info [detail] The parameter has the following meaning:

Parameter detail

Description

Value range / note

The information is displayed in list form. -

Result

The available devices and their network parameters are displayed in the tabular or list form.

Further notes

You start the search for available devices with the das discover interface command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

135

Configuration 4.5 DCP Discovery and Set (DaS)
You configure the network parameters of the reachable device with the das mac ip command. You delete the content of the table with the das delete command. You configure the PROFINET device name of the reachable device with the das mac name command.

4.5.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

4.5.2.1

das discover interface

Description

With this command, you start the search for devices reachable via the selected interface. The function is only available with the VLAN associated with the TIA interface.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
das discover interface { <interface-type> <interface-id> | vlan <vlan-id(1-4094)> | port-channel <port-channel-id (1-8)}
The parameters have the following meaning:

Parameter interface-type interface-id

Description Type or speed of the interface Module no. and port no. of the interface

Range of values/note Enter a valid interface.

136

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.5 DCP Discovery and Set (DaS)

Parameter vlan vlan-id port-channel port-channel-id

Description Keyword for a VLAN connection Number of the addressed VLAN Keyword for a link aggregation Number of the addressed link aggregation

Range of values/note 1 ... 4094 1 ... 8

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The reachable devices are searched for. On completion of the search the reachable devices are saved in a table. You display the table with the show das info command.

4.5.2.2

das mac name

Description

With this command, you configure the PROFINET device name of the selected device.

Requirement

 The command das discover interface is executed.
 You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: das mac <aa:aa:aa:aa:aa:aa> name <name(127)> The parameters have the following meaning:

Parameter name

Description MAC address of the reachable device PROFINET device name

Range of values/note
aa:aa:aa:aa:aa:aa
Maximum of 127 characters The device name must be DNS-compliant.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The PROFINET device name of the selected device is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

137

Configuration 4.5 DCP Discovery and Set (DaS)
To ensure that the property was applied correctly, run the das discover interface command again.

Further notes

You display the configured PROFINET device name with the show das info command.

4.5.2.3

das mac ip

Description

With this command, you configure the network parameters of the selected device.

Requirement

 The command das discover interface is executed.
 You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
das mac <aa:aa:aa:aa:aa:aa> ip <ip address> {<subnet-mask> | / <prefix-length(1-32)>} [gateway <ip address>]
The parameters have the following meaning:

Parameter ip ip address subnet-mask prefix-length
gateway ip address

Description

Range of values/note

MAC address of the reachable device

aa:aa:aa:aa:aa:aa

Keyword for IPv4 address

IPv4 address of the device

Enter a valid IPv4 address.

Subnet mask

Decimal representation of the mask as a number 1 ... 32 of "1" bits

Keyword for gateway

-

IPv4 address of the gateway

Enter a valid IPv4 address.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The network parameters of the selected device are configured.
To ensure that the property was applied correctly, run the das discover interface command again.

138

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.5 DCP Discovery and Set (DaS)

Further notes

You display the network parameters with the show das info command.

4.5.2.4

das mac blink

Description

With this command, you make the port LEDs of the selected device or your own device flash.

Requirement

 The command das discover interface is executed.
 You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command with the following parameters: das mac {<aa:aa:aa:aa:aa:aa>|own} blink [timeout <seconds(5-60)>] The parameters have the following meaning:

Parameter mac
timeout seconds

Description The port LEDs of the selected device flash.
Keyword for the blink duration Blink duration in seconds

Range of values/note
 aa:aa:aa:aa:aa:aa Specify the desired MAC address.
 own The port LEDs of your own device flash.
5 ... 60 Default: 5 seconds

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The port LEDs of the selected device flash. When the time (timeout) elapses, flashing stops.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

139

Configuration 4.5 DCP Discovery and Set (DaS)

4.5.2.5

das delete

Description

With this command, you delete the content of the table in which the reachable devices are saved.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: das delete {mac <aa:aa:aa:aa:aa:aa> | all } The parameters have the following meaning:

Parameter mac all

Description Deletes the selected device in the table. Deletes the content of the entire table.

Range of values/note aa:aa:aa:aa:aa:aa -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The selected device or the entire content of the table has been removed from the table.

140

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.6

PoE

Configuration 4.6 PoE

4.6.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

4.6.1.1

show poe status

Description

This command shows specific information for all or for a selected PoE interface (PoE: Power over Ethernet).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show poe status [interface <interface-type> <interface-id>] The parameters have the following meaning:

Parameter interface interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

If you use the command without setting parameters, information about all PoE interfaces is displayed.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The information for the selected PoE interface is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

141

Configuration 4.6 PoE

4.6.1.2

show pse status

Description

This command shows the current settings of the PoE power supply of the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show pse status [<integer>] The parameter has the following meaning:

Parameter integer

Description Number of the PSE

Range of values / note -

If you do not select any parameter, the entries are displayed for all available PSEs.

Result

The current settings of the PoE power supply of the device are displayed.

4.6.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

142

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

4.6.2.1

poe pse usage

Configuration 4.6 PoE

Description

With this command, you set a value (as a percentage) for the "Usage Threshold" parameter. This specifies how many percent of the maximum power the connected devices will use. As soon as the power being used by the end devices exceeds this percentage, an event is triggered. An event is also entered in the log. You display the entries of the log with the command show logbook. You will find more information on this command in the section "show logbook (Page 642)".

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: poe pse <integer(1-4)> usage <integer(1-100)> The parameters have the following meaning:

Parameter integer integer

Description
Number of the PSE Value for "Usage Threshold" as a per- centage

Range of values/note 1 ... 4 1 ... 100 Default: 80%

Result

The value for "Usage Threshold" is configured.

4.6.2.2

no poe pse usage

Description

With this command, you reset the "Usage Threshold" parameter to the default value.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

143

Configuration 4.6 PoE
Syntax

Call up the command with the following parameters: no poe pse <integer(1-4)> usage The parameter has the following meaning:

Parameter integer

Description Number of the PSE

Range of values/note 1 ... 4

Result

The "Usage Threshold" parameter is reset to the default value.

4.6.3

Commands in the Interface Configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

4.6.3.1

poe active

Description

With this command, you activate PoE for the interface in whose interface configuration mode you are currently working.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

144

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: poe active

Configuration 4.6 PoE

Result

PoE is activated for the corresponding interface.

4.6.3.2

no poe active

Description

With this command, you deactivate PoE for the interface in whose interface configuration mode you are currently working.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no poe active

Result

PoE is deactivated for the corresponding interface.

4.6.3.3

poe custom maxpwr

Description

With this command you set the maximum power that a port makes available to supply a connected device.
This value is taken into account when the function is enabled with the poe custom maxpwr active command.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

145

Configuration 4.6 PoE
cli(config-if-$$$)#

Syntax

Call up the command with the following parameter: poe custom maxpwr <integer(0-30)> The parameter has the following meaning:

Parameter integer

Description

Range of values / note

Value for the user-defined maximum pow- 0 ... 30 er in watts

Result

The maximum power is set.

Further notes

You enable the user-defined maximum power for the interface with the poe custom maxpwr active command.
You disable the user-defined maximum power for the interface with the no poe custom maxpwr active command.
You delete the user-defined maximum power for the interface with the no poe custom maxpwr command.

4.6.3.4

no poe custom maxpwr

Description

With this command, you delete the user-defined maximum power for a port.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no poe custom maxpwr

146

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The user-defined maximum power is deleted.

Configuration 4.6 PoE

Further notes

You configure the user-defined maximum power for the interface with the poe custom maxpwr command.
You enable the user-defined maximum power for the interface with the poe custom maxpwr active command.
You disable the user-defined maximum power for the interface with the no poe custom maxpwr active command.

4.6.3.5

poe custom maxpwr active

Description

With this command, you enable use of the user-defined maximum power for the interface.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: poe custom maxpwr active

Result

The user-defined maximum power is enabled for the relevant interface.

Further notes

You configure the user-defined maximum power for an interface with the poe custom maxpwr command.
You disable the use of the user-defined maximum power with the no poe custom maxpwr active command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

147

Configuration 4.6 PoE

4.6.3.6

no poe custom maxpwr active

Description

With this command, you disable use of the user-defined maximum power for the interface.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no poe custom maxpwr active

Result

The user-defined maximum power is disabled for the relevant interface.

Further notes

You configure the user-defined maximum power for an interface with the poe custom maxpwr command.
You enable the use of the user-defined maximum power with the poe custom maxpwr active command.

4.6.3.7

poe type

Description

This command specifies a character string that describes a connected device in greater detail.

Requirement

You are in the Interface configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:

148

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

poe type <string> The parameters have the following meaning:

Parameter string

Description Description of a connected device

Configuration 4.6 PoE
Range of values / note max. 255 characters

Result

The description of the connected device has been specified.

4.6.3.8

no poe type

Description

With this command, you delete the description for a connected device.

Requirement

You are in the Interface Configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no poe type

Result

The description of the corresponding device is deleted.

4.6.3.9

poe prio

Description

With this command, you specify the priority of the power supply for an interface.

Requirement

You are in the Interface configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

149

Configuration 4.6 PoE
Syntax

Call up the command with the following parameters: poe prio {low|high|critical} The parameters have the following meaning:

Parameter low high critical

Description low priority high priority highest priority

If the power of the connected power supply is inadequate to supply all connected devices, devices with a higher priority are given preference.

If the same priority is set for two ports, the port with the lower number will be preferred when necessary.

Result

The priority of the corresponding interface has been specified.

4.6.3.10

no poe prio

Description

With this command, you set the priority of an interface to the default value "low".

Requirement

You are in the Interface configuration mode of a PoE interface. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no poe prio

Result

The priority of the corresponding interface has been set to "low".

150

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Configuration 4.7 SINEMA

4.7

SINEMA

If the SINEMA configuration interface is enabled, you can download configurations to the IE switch via STEP7 Basic/Professional.

4.7.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

4.7.1.1

show sinema

Description

This command shows whether the SINEMA configuration interface is enabled or disabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show sinema

Result

The setting of the SINEMA configuration interface is displayed.

4.7.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

151

Configuration 4.7 SINEMA
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

4.7.2.1

sinema

Description

With this command, you enable the SINEMA configuration interface.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: sinema

Result

The SINEMA configuration interface is enabled.

Further notes

You disable the SINEMA configuration interface with the no sinema command.
You display the setting whether the SINEMA configuration interface is enabled or disabled with the command show sinema.

4.7.2.2

no sinema

Description

With this command, you disable the SINEMA configuration interface.

Requirement

You are in the Global Configuration mode. The command prompt is as follows:

152

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Configuration 4.7 SINEMA

Syntax

Call the command without parameter assignment: no sinema

Result

The SINEMA configuration interface is disabled.

Further notes

You enable the SINEMA configuration interface with the sinema command.
You display the setting whether the SINEMA configuration interface is enabled or disabled with the command show sinema.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

153

Configuration 4.7 SINEMA

154

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Functions specific to SCALANCE

5

This part contains the sections that describe functions specific to SCALANCE.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

155

Functions specific to SCALANCE 5.1 PLUG

5.1

PLUG

The C-PLUG stores the configuration of a device and can therefore transfer the configuration of the old device to the new device when a device is replaced.
This section describes the commands relevant for working with the C-PLUG.

5.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

5.1.1.1

show plug

Description

This command shows the current information of the PLUG.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show plug

Result

The current information of the PLUG is diplayed.

5.1.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

156

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Functions specific to SCALANCE 5.1 PLUG
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

5.1.2.1

plug

Description

With this command, you change to the Plug Configuration mode.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: plug

Result

You are now in the Plug Configuration mode. The command prompt is as follows: cli(config-plug)#

Further notes

You exit the Plug Configuration mode with the end or exit command.

5.1.3

Commands in the Plug configuration mode
This section describes commands that you can call up in the Plug Configuration mode. In global configuration mode, enter the plug command to change to this mode.  If you exit the Plug Configuration mode with the exit command, you return to the Global
Configuration mode.  If you exit the Plug Configuration mode with the end command, you return to the Privileged
EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

157

Functions specific to SCALANCE 5.1 PLUG
You can run commands from Privileged EXEC Modus with the do [command] in Plug configuration mode. To do this, you replace [command] with the command that you want to execute.

5.1.3.1

factoryclean

Description

With this command, you delete the device configuration stored on the PLUG.

Requirement

 There is a device configuration on the PLUG.
 You are in the Plug Configuration mode. The command prompt is: cli(config-plug)#

Syntax

Call the command without parameters: factoryclean

Result

The device configuration on the PLUG is deleted.

5.1.3.2

firmware-on-plug

Description

With this command, you specify that the firmware is stored on the PLUG.

Requirement

 There is a device configuration on the PLUG.
 You are in the Plug Configuration mode. The command prompt is: cli(config-plug)#

Syntax

Call the command without parameters: firmware-on-plug

158

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Functions specific to SCALANCE 5.1 PLUG
The firmware is stored on the PLUG. When the device starts up there is a check whether the version on the PLUG is valid and whether this version matches the version on the device. If this is not the case, the firmware is installed on the device and it is restarted. This means that automatic firmware updates/ downgrades can be made with the PLUG.

Further notes

You disable this setting with the no firmware-on-plug command.

5.1.3.3

no firmware on plug

Description

With this command, you disable the function. The firmware is removed from the PLUG.

Requirement

 There is a device configuration on the PLUG.
 You are in the Plug Configuration mode. The command prompt is: cli(config-plug)#

Syntax

Call the command without parameters: no firmware-on-plug

Result

The firmware is removed from the PLUG.

5.1.3.4

write

Description

With this command, you format the PLUG and copy the current device configuration to it.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

159

Functions specific to SCALANCE 5.1 PLUG

Requirement

 The PLUG is formatted.
 You are in the Plug Configuration mode. The command prompt is: cli(config-plug)#

Syntax

Call the command without parameter assignment: write

Result

The current device configuration has been copied to the formatted PLUG.

160

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Functions specific to SCALANCE 5.2 WBM

5.2

WBM

On the device, you can limit the time available for access with Web Based Management. If no entry is made for a specific time, the WBM session is closed.
This section describes commands relevant for the configuration of this feature.

5.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

5.2.1.1

show web-session-timeout

Description

This command shows the timeout setting for the WBM.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show web-session-timeout

Result

The timeout setting for the WBM is displayed.

5.2.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

161

Functions specific to SCALANCE 5.2 WBM
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

5.2.2.1

web-session-timeout

Description

With this command, you enable the automatic logoff and you configure the timeout setting for the WBM.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: web-session-timeout [<seconds(60-3600)>] The parameter has the following meaning:

Parameter seconds

Description
Time in seconds until automatic logout after the last entry

Range of values / note 60 ... 3600 Default: 900

Result

The time is configured and automatic logout is enabled.

Further notes

You disable automatic logoff with the no web-session-timeout command. You display the current timeout setting with the show web-session-timeout command.

5.2.2.2

no web-session-timeout

Description

With this command, you disable the automatic logoff.

162

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Functions specific to SCALANCE 5.2 WBM

Syntax

Call the command without parameters: no web-session-timeout

Result

Automatic logoff is disabled.

Further notes

You enable automatic logoff with the web-session-timeout command. You display the current timeout setting with the show web-session-timeout command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

163

Functions specific to SCALANCE 5.3 Panel button

5.3

Panel button

This section describes the commands relevant for working with the button.
You will find a detailed description of the function available using the button in the device operating instructions.

Availability of the buttons
Depending on your IE switch, different buttons and functions are available, see section "System functions hardware equipment (Page 29)".

5.3.1

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

5.3.1.1

panel-button control-factory-defaults

Description

With this command, you enable the following function of the button:
 When the button is pressed for more than 12 seconds in display mode A, there is a restart with the factory settings. This function corresponds to calling the restart command with the parameter factory.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: panel-button control-factory-defaults

164

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Functions specific to SCALANCE 5.3 Panel button
The function of the button for restarting with factory settings is enabled.

Further notes

You disable this function with the no panel-button control-factory-defaults command.

5.3.1.2

no panel-button control-factory-defaults

Description

With this command, you disable the following function of the button:
 When the button is pressed for more than 12 seconds in display mode A, there is a restart with the factory settings.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no panel-button control-factory-defaults

Result

The function of the button for restarting with factory settings is enabled or disabled.

Further notes

You enable this function with the panel-button control-factory-defaults command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

165

Functions specific to SCALANCE 5.3 Panel button

5.3.1.3

panel-button control-faultmask

Description

With this command, you enable the following function of the button:
 If display mode D "Fault Mask" is displayed and the button is pressed for 5 - 12 seconds, the fault mask is set. This function corresponds to calling the following commands in EVENTS Configuration Mode:
­ power
­ link with the parameter down

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: panel-button control-faultmask

Result

The function of the button for setting the fault mask is enabled.

Further notes

You disable this function with the no panel-button control-faultmask command.

5.3.1.4

no panel-button control-faultmask

Description

With this command, you disable the following function of the button:
 If display mode D "Fault Mask" is displayed and the button is pressed for 5 - 12 seconds, the fault mask is set.

Requirement

You are in global configuration mode. The command prompt is as follows:

166

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Functions specific to SCALANCE 5.3 Panel button

Syntax

Call the command without parameter assignment: no panel-button control-faultmask

Result

The function of the button for setting the fault mask is disabled.

Further notes

You enable this function with the panel-button control-faultmask command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

167

Functions specific to SCALANCE 5.4 Signaling contact

5.4

Signaling contact

This section describes the commands relevant for working with the signaling contact.

5.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

5.4.1.1

show signaling contact

Description

This command shows the current configuration of the signaling contact.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show signaling-contact

Result

The current configuration of the signaling contact is displayed.

5.4.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.

168

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Functions specific to SCALANCE 5.4 Signaling contact
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

5.4.2.1

signaling contact mode

Description

With this command, you specify the reaction of the signaling contact.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: signaling-contact mode {conventional | aligned} The parameters have the following meaning:

Parameter conventional
aligned

Description
An error/fault is displayed by the fault LED and the signaling contact is opened. When the error/fault state no longer exists, the fault LED goes off and the signaling contact is closed.
The way the signaling contact works does not depend on the error/fault that has occurred. The signaling contact can be opened or closed as required by user actions.

Result

The reaction of the signaling contact is specified.

Further notes

You display the setting with the show signaling contact command.

5.4.2.2

signaling-contact status

Description

With this command, you close or open the signaling contact.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

169

Functions specific to SCALANCE 5.4 Signaling contact

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: signaling-contact status {open|close} The parameters have the following meaning:

Parameter open close

Description Signaling contact is opened. Signaling contact is closed.

Result

The signaling contact is opened or closed.

Further notes

You display the setting with the show signaling contact command.

170

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time

6

6.1

System time setting

This section describes commands relevant for the configuration of the system time.

6.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

6.1.1.1

show dst info

Description

This command shows all the entries for daylight saving time stored on the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dst info

Result

The entries for daylight saving time are displayed.

6.1.1.2

show time

Description

This command shows the settings of the system clock.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

171

System time 6.1 System time setting

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show time

Result

The settings for the system clock are displayed.

6.1.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

6.1.2.1

time

Description

With this command, you configure the way in which the system time is obtained.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

172

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.1 System time setting

time { manual | ntp | sntp | sinec } The parameters have the following meaning:

Parameter manual ntp sntp sinec

Description The system time is entered by the user. The system time is obtained from the NTP server. The system time is obtained from the SNTP server. The system time is obtained using the SIMATIC Time Client .

Result

The method of obtaining the system time is configured.

Further notes

You display the settings for the system clock with the show time command. You create the system time with the time set command.

6.1.2.2

time set

Description

With this command, you set the system time.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
time set hh:mm:ss <day (1-31)> {january|february|march|april|may| june|july|august|september|october|november|december} <year (2000 - 2035)>
The parameters have the following meaning:

Parameter hh:mm:ss day -
year

Description Time of day Day of the month Month
Year

Range of values/note
Hour, minute, second each separated by ":" 1 ... 31 january, february, march, april, may, june, july, au- gust, september, october, november, december 2000 ... 2035

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

173

System time 6.1 System time setting

Result

The system time is set.

Further notes

You display the settings for the system clock with the show time command.

6.1.2.3

time dst date

Description

With this command, you configure the start and end of daylight saving time.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
time dst date <name(16)> <year (1900-2099)> begin <MMDDhh> end <MMDDhh>
The parameters have the following meaning:

Parameter name year begin MMDDhh
end MMDDhh

Description

Range of values / note

Name of the entry

maximum 16 characters

Year

1900 ... 2099

Keyword for the start of daylight saving time.

Time for the start of daylight saving time. Time in the format

MM Month

DD Day

hh Hour

Keyword for the end of daylight saving time.

Time for the end of daylight saving time. Time in the format

MM Month

DD Day

hh Hour

174

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

System time 6.1 System time setting
The entry for the start and end of daylight saving time was created.

Further notes

You display the settings for the daylight saving time changeover with the show dst info command.

6.1.2.4

time dst recurring

Description

With this command, you configure the start and end of daylight saving time with a generic description.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
time dst recurring <name(16)> begin {<week(1-5)> | last} <weekday> <month> <hour> end {<week(1-5)> | last} <weekday> <month> <hour>
The parameters have the following meaning:

Parameter name begin
week last
weekday
month
hour end

Description Name of the entry Keyword for the start of daylight saving time. Calendar week in a month Keyword for the last calendar week in a month Weekday
Month
Hour Keyword for the end of daylight saving time.

Range of values / note maximum 16 characters -
1 ... 5 -
monday, tuesday, wednesday, thursday, friday, saturday, sunday january, february, march, april, may, june, july, au- gust, september, october, november, december 0 ... 23 -

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

175

System time 6.1 System time setting

Result

The entry for the start and end of daylight saving time was created.

Further notes

You display the settings for the daylight saving time changeover with the show dst info command.

6.1.2.5

no time dst

Description

With this command you delete the entry for the start and end of daylight saving time with the specified name. If you do not specify a name as the parameter, all entries are deleted.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no time dst [<name(16)>] The parameter has the following meaning:

Parameter name

Description Name of the entry

Range of values / note maximum 16 characters

Result

One entry or the entries for the start and end of daylight saving time was/were deleted.

Additional notes
You display the settings for the daylight saving time changeover with the show dst info command.

176

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.2 NTP client

6.2

NTP client

This section describes commands for configuration of the NTP server and the NTP client.

6.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

6.2.1.1

show ntp info

Description

This command shows the current settings for the Network Time Protocol (NTP).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ntp info

Result

The current NTP settings are displayed.

6.2.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

177

System time 6.2 NTP client
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

6.2.2.1

ntp

Description

With this command, you change to the Network Time Protocol (NTP).

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ntp

Result

You are now in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

Further notes

You exit the NTP configuration mode with the end or exit command.

6.2.3
178

Commands in the NTP configuration mode
This section describes commands that you can call up in the NTP configuration mode. In global configuration mode, enter the ntp command to change to this mode.  If you exit the NTP configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the NTP configuration mode with the end command, you return to the Privileged
EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in NTP configuration mode.
SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.2 NTP client
To do this, you replace [command] with the command that you want to execute.

6.2.3.1

ntp server id

Description

With this command, you configure the connection to a server on the NTP client.

Requirement

You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

Syntax

Call up the command with the following parameters:
ntp server id <1-4> ipv4 <ip_addr> [port { <1025-36564> | default}] [poll <seconds(64-1024)>]
The parameters have the following meaning:

Parameter id
ipv4 ip_addr port default poll seconds

Description Number of the NTP server.
Keyword for an IPv4 address Value for the IPv4 address of the time server UDP port of the time server Default value for the UDP port Keyword for the time after which the time of day is requested again Value for the time in seconds

Range of values/note
1 ... 4 The NTP servers are queried in the order of the NTP Server Index. The time of the server that is found first is applied. If time frames of an NTP server with a smaller stratum value are received, this time is ap- plied. The switchover to the time with the smaller stratum takes about 30 minutes. Enter a valid IPv4 address.
1025 ... 36564 123 -
64 ... 1024

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The connection to a server is configured on the NTP client.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

179

System time 6.2 NTP client
Additional notes You delete the connection to a server with the no ntp server id command.

6.2.3.2

no ntp server id

Description

With this command, you delete the connection to a server on the NTP client.

Requirement

You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

Syntax

Call up the command with the following parameters: no ntp server id <1-4> The parameter has the following meaning:

Parameter id

Description Number of the NTP server.

Range of values/note 1 ... 4

Result

The connection to a server is deleted on the NTP client.

Further notes

You configure the connection to a server with the ntp server id command.

6.2.3.3

ntp server id secure

Description

With this command, you configure the parameters for authentication.

Requirement

You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

180

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

System time 6.2 NTP client

Call up the command with the following parameters:
ntp server id <1-4> secure [ntpkeyid <1-65534>] [hashalg {des-cbc| md5|sha1}] [ntp-key <secret-key-string(1-128)>]
The parameter has the following meaning:

Parameter id secure keyid

Description NTP server index to which the parameters relate Key for the authentication Authentication key ID

hashalg Authentication key format

ntp-key
secretkeystring

Keyword for the authentication key Authentication key

Range of values/note
1 ... 4 The entry must exist on the NTP server. 1 ... 65534 des-cbc md5 sha1 The key can only contain printable ASCII characters. The entry must match the key stored on the NTP server.

Result

The parameters are configured.

Further notes

You display the settings and other information with the show ntp server command.

6.2.3.4

ntp secure

Description

With this command, you enable the "Secure NTP Client only" function. The device receives the system time from a secure NTP server.

Requirement

 You are in NTP configuration mode. The command prompt is as follows: cli(config-ntp)#
 The parameters for authentication (key ID, hash algorithm, key) are configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

181

System time 6.2 NTP client

Syntax

Call up the command with the following parameters: ntp secure

Result

The function is enabled.

Additional notes You disable the function with the no ntp secure command. You configure the parameters for authentication with the ntp server id command.

6.2.3.5

no ntp secure

Description

With this command, you disable the "Secure NTP Client only" function.

Requirement

You are in NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

Syntax

Call up the command with the following parameters: no ntp secure

Result

The function is disabled.

Additional notes You enable the function with the ntp secure command.

6.2.3.6

ntp time diff

Description

With this command, you configure the time difference between the device and the NTP server.

182

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)#

System time 6.2 NTP client

Syntax

Call up the command with the following parameters: ntp time diff <(+/-hh:mm)> The parameter has the following meaning:

Parameter + hh mm

Description Time zones to the west of the NTP server time zone Time zones to the east of the NTP server time zone Number of hours difference Number of minutes difference

Enter the number of hours and number of minutes with two digits each.

Default: No time difference.

Result

The time difference between the device and the NTP server is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

183

System time 6.3 SNTP client

6.3

SNTP client

This section describes commands relevant for configuration of the SNTP client.

6.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

6.3.1.1

show sntp broadcast-mode status

Description

This command shows the current configuration of the broadcast mode of SNTP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show sntp broadcast-mode status

Result

The current SNTP broadcast configuration is displayed.

6.3.1.2

show sntp unicast-mode status

Description

This command shows the current configuration of the unicast mode of SNTP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

184

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

System time 6.3 SNTP client

Syntax

Call the command without parameters: show sntp unicast-mode status

Result

The current SNTP unicast configuration is displayed.

6.3.1.3

show sntp status

Description

This command shows the settings of the Simple Network Time Protocol.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show sntp status

Result

The settings of SNTP are displayed.

6.3.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

185

System time 6.3 SNTP client
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

6.3.2.1

sntp

Description

With this command, you change to the SNTP configuration mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: sntp

Result

You are now in the SNTP configuration mode. The command prompt is as follows: cli(config-sntp)#

Further notes

You exit the SNTP configuration modewith the end or exit command.

6.3.3
186

Commands in the SNTP configuration mode
This section describes commands that you can call up in the SNTP configuration mode. In global configuration mode, enter the sntp command to change to this mode.  If you exit the SNTP configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the SNTP configuration mode with the end command, you return to the Privileged
EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in SNTP configuration mode.
SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.3 SNTP client
To do this, you replace [command] with the command that you want to execute.

6.3.3.1

sntp client addressing-mode

Description

With this command, you configure the addressing mode of the SNTP client as unicast or broadcast.

Requirement

 The SNTP client is activated.
 You are in the SNTP Configuration mode. The command prompt is: cli(config-sntp)#

Syntax

Call up the command with the following parameters: sntp client addressing-mode{unicast|broadcast} The parameters have the following meaning:

Parameter unicast
broadcast

Description

Range of values / note

configures the SNTP client in unicast mode

Default: unicast enabled

configures the SNTP client in broadcast Supports only IPv4 addresses mode

Result

The addressing mode of the SNTP client is configured.

Further notes

You display this setting and other information with the show sntp status command.
You display the settings for the unicast mode with the show sntp unicast-mode status command.
You display the settings for the broadcast mode with the show sntp broadcast-mode status command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

187

System time 6.3 SNTP client

6.3.3.2

sntp time diff

Description

With this command, you configure the time difference of the system time relative to the UTC time.

Requirement

 You are in the SNTP Configuration mode. The command prompt is: cli(config-sntp)#

Syntax

Call up the command with the following parameters: sntp time diff <(+/-hh:mm)> The parameter has the following meaning:

Parameter + hh mm

Description Time zones to the west of the SNTP server time zone Time zones to the east of the SNTP server time zone Number of hours difference Number of minutes difference

Enter the time difference as follows:

 with sign

 without spaces

 Hours and minutes both two digits (with leading zero)

Default: no time difference

Result

The time zone of the system time is configured.

Further notes

You can display the settings of this function and other information with the show sntp status command.

188

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

6.3.3.3

sntp unicast-server ipv4

System time 6.3 SNTP client

Description

With this command, you configure an SNTP unicast server.
Note To avoid time jumps, make sure that there is only one time server in the network.

Requirement

 The addressing mode of the SNTP client is configured as "unicast".
 You are in the SNTP configuration mode. The command prompt is: cli(config-sntp)#

Syntax

Call up the command with the following parameters:
sntp unicast-server ipv4 <ucast_addr> [port<1025-36564>] [poll<seconds(16-16284)>]
The parameters have the following meaning:

Parameter ipv4 ucast_addr port
poll
seconds

Description Keyword for an IP address Value for an IPv4 unicast address UDP port of the time server
Keyword for the time after which the time of day is requested again Value for the time in seconds

Range of values / note Enter a valid IPv4 unicast address. 1025 ... 36564 Default: 123 -
16 ... 16284

Result

The SNTP unicast server is configured.

Further notes

You can reset the setting to the default with the no sntp unicast-server ipv4 command.
You display this setting and other information with the show sntp unicast­mode status command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

189

System time 6.3 SNTP client

6.3.3.4

no sntp unicast-server ipv4

Description

With this command, you delete the attributes for an SNTP unicast server and reset the address.

Requirement

You are in the SNTP configuration mode. The command prompt is as follows: cli(config-sntp)#

Syntax

Call up the command with the following parameters: no sntp unicast-server ipv4<ucast_addr> The parameters have the following meaning:

Parameter Description ucast_addr Value for an IPv4 unicast address

Range of values Enter a valid IPv4 unicast address.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The SNTP unicast server is reset to the default value.

Further notes

You configure the setting with the sntp unicast-server ipv4 command.
You display this setting and other information with the show sntp unicast­mode status command.

190

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.4 PTP Client

6.4

PTP Client

The following devices support time-of-day synchronization with PTP:  SCALANCE XC-200G

6.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

6.4.1.1

show ptp info

Description

This command shows the current settings for the Precision Time Protocol (PTP).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command with the following parameters: show ptp info [ interfaces [<interface-type> <interface-id>] ] The parameters have the following meaning:

Parameter interfaces interfacetype interface-id

Description Keyword for a an interface name. Type or speed of the interface.
Slot no. and port no. of the interface.

Range of values / note Enter a valid interface name.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The current settings for the Precision Time Protocol (PTP) are displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

191

System time 6.4 PTP Client

6.4.2

Commands in global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

6.4.2.1

ptp

Description

With this command, you enable the PTP Transparent Clock :function on the device.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ptp

Result

The PTP Transparent Clock function is enabled.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.
You disable the PTP Transparent Clock function on the device with the no ptp command.

192

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

6.4.2.2

no ptp

System time 6.4 PTP Client

Description

With this command, you disable the PTP Transparent Clock :function on the device.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ptp

Result

The PTP Transparent Clock function is disabled.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.
You enable the PTP Transparent Clock function on the device with the ptp command.

6.4.2.3

ptp time diff

Description

With this command, you set the time zone for the Precision Time Protocol.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command with the following parameters: ptp time diff <(+/-hh:mm)>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

193

System time 6.4 PTP Client

The parameter has the following meaning:

Parameter +/-hh:mm

Description The value for the time difference.

Range of values / note
Hours and minutes specified in the format +/-hh:mm

Result

The time zone for the Precision Time Protocol is specified.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.

6.4.2.4

ptp transparent-clock configuration

Description

With this command you change to the PT Transparent Clock configuration mode.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: ptp transparent-clock configuration

Result

You are in the PTP Transparent Clock configuration mode. The command prompt is as follows: cli(config-ptp-tc)#

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.

194

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

6.4.3

System time 6.4 PTP Client
Commands in the PTP Transparent Clock configuration mode
This section describes commands that you can call up in the PTP Transparent Clock configuration mode. In the Global configuration mode, enter the ptp transparent-clock configuration command to change to this mode.  If you exit the PTP Transparent Clock configuration mode with the exit command, you
return to the Global configuration mode.  If you exit the PTP Transparent Clock configuration mode with the end command, you
return to the Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in PTP Transparent Clock configuration mode. To do this, you replace [command] with the command that you want to execute.

6.4.3.1

delay-mechanism

Description

With this command, you specify which correction mechanism the Precision Time Protocol uses.

Requirement

You are in the PTP Transparent Clock configuration mode. The command prompt is as follows: cli(config-ptp-tc)#

Syntax

Call up the command with the following parameters: delay-mechanism { end-to-end | peer-to-peer } The parameter has the following meaning:

Parameter end-to-end
peer-to-peer

Description

Range of values / note

The device operates as an end-to-end transpar- With end-to-end synchroniza-

ent clock.

tion with more than 2 slaves,

freak values > 100 ns can occur

in the offset.

The device operates as a peer-to-peer transpar- ent clock.

Result

The correction mechanism for the Precision Time Protocol is specified.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

195

System time 6.4 PTP Client
Additional notes You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command. You specify the primary domain with the primary-domain command.

6.4.3.2

primary-domain

Description

With this command, you specify the primary domain.

Requirement

You are in the PTP Transparent Clock configuration mode. The command prompt is as follows: cli(config-ptp-tc)#

Syntax

Call up the command with the following parameters: primary-domain <domain-id(0-255)>} The parameter has the following meaning:

Parameter domain-id

Description The identifier of the primary domain.

Range of values / note 0 ... 255

Result

The primary domain is specified.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.
You define the correction mechanism for the Precision Time Protocol with the delaymechanism command

6.4.4
196

Commands in interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available. In global configuration mode, enter the interface command to change to this mode.
SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

System time 6.4 PTP Client
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.  If you exit the Interface configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the Interface configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode. To do this, you replace [command] with the command that you want to execute.

6.4.4.1

ptp

Description

With this command, you enable the PTP Transparent Clock function for an interface.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: ptp

Result

The PTP Transparent Clock function is enabled.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.
You disable the PTP Transparent Clock function for an interface with the no ptp command.

6.4.4.2

no ptp

Description

With this command, you disable the PTP Transparent Clock function for an interface.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

197

System time 6.4 PTP Client

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no ptp

Result

The PTP Transparent Clock function is disabled.

Additional notes
You show the current settings for the Precision Time Protocol (PTP) with the show ptp info command.
You enable the PTP Transparent Clock function for an interface with the ptp command.

6.4.4.3

ptp transparent-clock transport-mechanism

Description

With this command you choose how this port will handle PTP message data traffic. You can make different settings for the ports of a device, however, the relevant communications partner must support the selected transport mechanism.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: ptp transparent-clock transport-mechanism { udp-ip-v4 | ethernet }

198

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

System time 6.4 PTP Client

The parameter has the following meaning:

Parameter udp-ip-v4
ethernet

Description

Range of values / note

The device uses UDP as the transport mecha- Factory setting nism.

The device uses Ethernet as the transport mech- anism.

The transport mechanism is specified.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

199

System time 6.4 PTP Client

200

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures

7

This part contains the sections that describe the commands for configuring and managing various network structures.
The following technologies are available:
 The establishment of independent structures even across the boundaries of subnets using virtual networks (VLANs) This can result in the following advantages:
­ Administration: Devices can be grouped together to form a logical units regardless of their physical location
­ Performance: By prioritizing, time-critical data (process data, streams) can be given priority for transfer
­ Security: The transition between VLANs can only be controlled by an administrator
 Bundling of interfaces or connections between devices to increase the data transmission rate and reliability (link aggregation)
 Improved reliability by adapting the tree structure if transmission is disrupted (Spanning Tree)

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

201

Network structures 7.1 VLAN

7.1

VLAN

This section describes commands for configuring and managing virtual networks (VLANs).
With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1.
You change the mode with the base bridge-mode command.
Commands for configuring and managing private VLANs are also described.
With a private VLAN (PVLAN) you can divide up the layer 2 broadcast domains of a VLAN.
A private VLAN consists of the following units:
 A primary private VLAN (primary PVLAN) The VLAN that is divided up is called primary private VLAN.
 Secondary private VLANs (secondary PVLAN) Secondary PVLANs exist only within a primary PVLAN. Every secondary PVLAN has a specific VLAN ID and is connected to the primary PVLAN. Secondary PVLANs are divided into the following types:
­ Isolated Secondary PVLAN Devices within an Isolated Secondary PVLAN cannot communicate with each other via layer 2.
­ Community Secondary PVLAN Devices within a Community Secondary PVLAN can communicate with each other directly via layer 2. The devices cannot communicate with devices in other communities of the PVLAN via layer 2.
In addition, commands are described for configuring the VLAN tunnel.
With the Q-in-Q VLAN tunnel function it is possible to forward the data traffic from various customer networks with a VLAN tunnel via a provider network. Each customer network can have the total number VLANs available.

202

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN
A VLAN tunnel is established between provider switches configured on the boundaries of a provider network. A provider switch has the following types of port:
 Access port The provider switch is connected to a customer network via an access port.
­ Incoming data traffic
The incoming data traffic at an access port is treated as if it were untagged . All incoming frames are expanded by a tag with the port VID of the access port . With
frames that are already tagged this means that they are expanded by a second 802.1Q
tag , the outer VLAN tag.



­ Outgoing data traffic With outgoing data traffic at an access port the outer VLAN tag is removed again.
 Core port The provider switch is connected to a provider network via a core port. Core ports are members in the port VLAN of the access port or are configured with the port type "Switch-Port VLAN Trunk".
When the frames reach the relevant access port, they are expanded by a tag with the port VID of the access port and tunneled through the provider network. As soon as the frames leave the provider network, the outer VLAN tag (PVID) is removed again. The frames are forwarded in their original form. The priority of the frame is retained.

7.1.1

The "show" commands VLAN bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

7.1.1.1

show mac-address-table

Description

This command shows the table with the static and dynamic unicast MAC addresses and multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

203

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters:
show mac-address-table [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id>]
The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:a a interface interface-type interface-id

Description Keyword for a VLAN or VLAN range Number of the addressed VLAN or VLAN range
Keyword for a MAC address MAC address
Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note 1 ... 4094 Enter the range limits with a hy- phen or a space. -
Specify a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries of the MAC addresses table are displayed.

7.1.1.2

show mac-address-table count

Description

With this command, you show the number of MAC addresses for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show mac-address-table count [vlan <vlan-id(1-4094)>]

204

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN

The parameters have the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values / note 1 ... 4094

If you do not select any parameter from the parameter list, the total number of entries is displayed for all VLANs.

Result

The number of MAC addresses for the selected VLAN is displayed.

7.1.1.3

show mac-address-table dynamic multicast

Description

This command shows the table with the dynamic multicast MAC addresses assigned by the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table dynamic multicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>] [{interface<interface-type><interface-id>}]
The parameters have the following meaning:

Parameter vlan vlan-range address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type of interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

205

Network structures 7.1 VLAN
If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The dynamic multicast MAC addresses are displayed.

7.1.1.4

show mac-address-table dynamic unicast

Description

This command shows the table with the dynamic unicast MAC addresses assigned by the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table dynamic unicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Enter the range limits with a hy- phen without spaces.

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

206

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The dynamic unicast MAC addresses are displayed.

Network structures 7.1 VLAN

7.1.1.5

show mac-address-table static multicast

Description

This command shows the table with the static multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table static multicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type><interface-
id>}]
The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Enter the range limits with a hy- phen without spaces.

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static multicast MAC addresses are displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

207

Network structures 7.1 VLAN

7.1.1.6

show mac-address-table static unicast

Description

This command shows the table with the static unicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table static unicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type><interface-
id>}]
The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description Keyword for a VLAN connection Number of the addressed VLAN
Keyword for a MAC address MAC address Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values / note
1 ... 4094 Enter the range limits with a hy- phen without spaces. Enter a valid interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static unicast MAC addresses are displayed.

7.1.1.7

show vlan

Description

This command shows the specific information for all or a selected VLAN.

208

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters: show vlan [brief | id <vlan-range> | summary] The parameters have the following meaning:

Parameter brief id vlan-range
summary

Description

Range of values / note

Shows brief information about all VLANs -

Keyword for a VLAN or VLAN range -

Number of the addressed VLAN or VLAN range

1 ... 4094
Enter the range limits with a hy- phen or a space.

Shows a summary of the VLANs

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The information for the selected VLAN is displayed.

7.1.1.8

show vlan device info

Description

This command shows all the global information that is valid for all VLANs.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show vlan device info

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

209

Network structures 7.1 VLAN

Result

The global information is displayed.

7.1.1.9

show vlan learning params

Description

This command shows the parameters for the automatic learning of addresses for selected or all VLANs (active and inactive VLANs).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vlan learning params [vlan <vlan-range>] The parameters have the following meaning:

Parameter vlan vlan-range

Description
Keyword for a VLAN or VLAN range Number of the addressed VLAN or VLAN range

Range of values / note
1 ... 4094 Enter the range limits with a hy- phen or a space.

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The settings for the automatic learning of addresses are displayed.

7.1.1.10

show vlan port config

Description

This command shows the VLAN-specific information for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

210

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters: show vlan port config [{port <interface-type> <interface-id>}] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port

-

Type of interface

Enter a valid interface.

Module no. and port no. of the interface

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed.

Result

The information about the ports is displayed.

7.1.1.11

show vlan private-vlan

Description

This command shows the specific information for all or for a selected private VLAN type.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show vlan private-vlan [{primary|isolated|community}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

211

Network structures 7.1 VLAN

The parameter has the following meaning:

Parameter pvlan-type primary isolated community

Description
Displays information on all PVLAN types.
Displays information on the Primary PVLAN.
Displays information on the Isolated Secondary PVLANs.
Displays information on the Community Secondary PVLANs.

Range of values / note -

If you do not select any parameter from the parameter list, the entries of all available types are displayed.

Result

The information for the selected private VLAN type is displayed.

Further notes

You define a private VLAN type private-vlan command.

7.1.2

Commands in the global configuration mode (VLAN bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

212

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.1.2.1

base bridge-mode

Network structures 7.1 VLAN

Description

With this command, you configure whether or not the device forwards frames with VLAN tags transparently (IEEE 802.1D/Transparent Bridge) or takes VLAN information into account (IEEE 802.1Q/VLAN Bridge).
Note Changing base bridge mode
Note the section "Changing base bridge mode". This section describes how a change affects the existing configuration. Before device mode is switched, a security prompt takes place.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: base bridge-mode {dot1d-bridge|dot1q-vlan} [force] The parameters have the following meaning:

Parameter dot1d-bridge
dot1q-vlan force

Description

Range of values / notes

Sets the mode "Transparent Bridge" for the de- Default setting with PROFI-

vice.

NET variants

VLAN tags are not taken into account or changed but are forwarded transparently. In this mode, you cannot create any VLANs. Only a management VLAN is available: VLAN 1.

Sets the mode "VLAN Bridge" for the device. VLAN information is taken into account.

Default setting with Ether- Net/IP variants

When this parameter is executed, there is no security prompt when you switch device mode. This enables you to integrate the command in a script.

Take note of the effects on the existing configuration described in the section "Changing base bridge mode".

Result

The device mode is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

213

Network structures 7.1 VLAN
Changing base bridge mode 802.1D Transparent Bridge  802.1Q VLAN Bridge If you change the Base bridge mode from Transparent Bridge to VLAN Bridge, this has the following effects  All static and dynamic unicast entries are deleted.  All static and dynamic multicast entries are deleted.  With spanning tree you can set the following protocol compatibility: STP, RSTP and MSTP 802.1Q VLAN Bridge  802.1D Transparent Bridge If you change the Base bridge mode from VLAN Bridge to Transparent Bridge, this has the following effects  All VLAN configurations are deleted.  A management VLAN is created: VLAN 1.  All static and dynamic unicast entries are deleted.  All static and dynamic multicast entries are deleted.  With spanning tree you can set the following protocol compatibility: STP and RSTP  You cannot use GVRP.  You cannot use guest VLAN.  The VLAN assignment cannot be adopted from the RADIUS server.  You cannot configure the port type.  Defined access rules must be valid for all VLANs: authorized-manager ip-source

Further notes

You can display the status of this function and other VLAN information with the show vlan device info command.

7.1.2.2

bridge-mode

Description

With this command you assign the device a role therefore specifying whether or not the device can manage outer VLAN tags.
If you change the role, the layer 2 port settings (VLAN, spanning tree) are reset to the factory settings and the device is restarted.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

214

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network structures 7.1 VLAN

Call up the command with the following parameters: bridge-mode {customer | provider } The parameters have the following meaning:

Parameter customer
provider

Description

Range of values/note

The device behaves like a standard IE switch.

In addition to the properties of the role The "Provider" role has the follow-

"Customer" the device also has the pos- ing effects on the VLAN tag: All da-

sibility of managing outer VLAN tags. In ta packets that are not sent from

this role, you can use the function Q-in- an access port receive a VLAN

Q VLAN tunnel.

tag. If the VLAN configuration of

the other devices is not adapted

accordingly, network loops can oc-

cur or network segments may no

longer be reachable.

Result

The role of the device is specified.

Further notes

You display the role of the device with the show vlan device info command.

7.1.2.3

interface range

Description

With this command, you can put several interfaces or the interfaces of VLANs together and configure them together. The configurations are valid for all interfaces of the specified range.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
interface range (
{<interface-type> <0/a-b,0/c,...>}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

215

Network structures 7.1 VLAN

{vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>} )
The parameters have the following meaning:

Parameter interface-type 0/a-b, 0/c,... vlan vlan-id vlan-id

Description

Range of values / note

Keyword for an interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Number of the addressed VLAN

2 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you want to address several VLANs with this command, you must insert a blank before and after the hyphen, for example interface range vlan 5 - 10.

Result

The interfaces or interfaces of VLANs were put together to form an interface range. The command prompt is as follows: cli(config-if-vlan-range)# The configuration commands you enter in a mode apply to all interfaces of this area.

Further notes

With the no interface range command, you remove VLANs from this range or break it up.

7.1.2.4

no interface range

Description

With this command, you remove the interfaces or interfaces of VLANs from the interface range or break it up if you first remove all previously added interfaces.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no interface range vlan <vlan-id(1-4094)> - <vlan-id(2-4094)>

216

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN

The parameters have the following meaning:

Parameter vlan vlan-id vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN Number of the addressed VLAN

Range of values / note 1 ... 4094 2 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you address several VLANs, you must insert a blank before and after the hyphen, for example no interface range vlan 5 - 10.

Result

The VLANs have been removed from the specified interface area.

Further notes

With the interface range command, you can put several interfaces or VLANs together to be able to configure them together.

7.1.2.5

mgmt vlan

Description

With this command, you change the agent VLAN ID. You can only use VLANs that have already been configured.
Note Changing the agent VLAN ID If the configuration PC is connected directly to the device via Ethernet and you change the agent VLAN ID, the device is no longer reachable via Ethernet following the change.
Note The mgmt vlan command is only available with the following devices:  SCALANCE XR-300  SCALANCE XB-200

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

217

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters: mgmt vlan <vlan-id(1-4094)> The parameter has the following meaning:

Parameter vlan-id

Description Number of the addressed VLAN

Range of values 1 ... 4094

Result

The Agent VLAN ID has been changed.

Additional notes You show the configuration of the IP interfaces with the show ip interface command.

7.1.2.6

vlan

Description

With this command, you create a VLAN on the device and change to the VLAN configuration mode.
In the provider backbone bridge mode, this command is used to create user, service and backbone VLANs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: vlan <vlan-id(1-4094)> The parameter has the following meaning:

Parameter vlan-id

Description Number of the addressed VLAN

Range of values / note 1 ... 4094

Do not enter any leading zeros with the number of the VLAN.

218

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The VLAN is created. You are now in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Network structures 7.1 VLAN

Further notes

You delete the VLAN with the no vlan command. You can display information about the VLAN with the show vlan command.

7.1.2.7

no vlan

Description

With this command, you delete a VLAN on the device.

Requirement

 The VLAN must not be assigned to a physical port.
 You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameter: no vlan <vlan-id(1-4094)>

Parameter vlan-id

Description Number of the addressed VLAN

The VLAN with number 1 cannot be deleted.

Range of values / note 1 ... 4094

Result

The VLAN is deleted

Further notes

With the vlan command, you create a VLAN on the device. You can display information about the VLAN with the show vlan command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

219

Network structures 7.1 VLAN

7.1.2.8

vlan range

Description

With this command, you can select several VLANs and configure them together. The configurations are valid for all selected VLANs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: vlan range <vlan-id(1-4094)> - <vlan-id(2-4094)> The parameters have the following meaning:

Parameter vlan-id vlan-id

Description Number of the addressed VLAN Number of the addressed VLAN

Range of values / note 1 ... 4094 2 ... 4094

Enter a space before and after the hyphen, e.g. vlan range 5 - 10.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The command prompt is as follows: CLI(config-vlan-range)# Configuration commands you enter with this command prompt apply to all selected VLANs.

Further notes

With the command exit, you return to the Global configuration mode.

7.1.2.9

vlan tag-priority override

Description

With this command, you specify whether the priority of an incoming frame is overwritten by the priority configured for a VLAN.

220

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters: vlan tag-priority override {enable | disable} The parameters have the following meaning:

Parameter enable
disable

Description

Range of values/note

The priority configured for a VLAN re- places the priority existing in the VLAN tag of the frame.

The VLAN tag of the frame remains un- changed.

Result

Overwriting of the VLAN tag is enabled or disabled.

Additional notes You configure the priority of a VLAN with the priority command. You reset the priority of a VLAN to the default value with the no priority command.

7.1.3

Commands in the Interface configuration mode (VLAN Bridge)
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

221

Network structures 7.1 VLAN

7.1.3.1

private-vlan mapping

Description

With this command you specify from which secondary PVLANs the IP interface of the primary PVLAN will be reachable.

Requirement

 The interface is configured as an IP interface.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: private-vlan mapping [{add | remove}] <vlan-list> The parameters have the following meaning:

Parameter add remove vlan-list

Description Adds secondary PVLANs. Removes secondary PVLANs. VLAN ID of the secondary PVLAN

Range of values / note
Separate the PVLANs with commas if you specify several PVLANs.

Result

The IP interface of the primary PVLAN can be reached from the selected secondary PVLANs.

Further notes

You delete the link between secondary PVLANs and the IP interface of the primary PVLAN with the command no private-vlan mapping.
You display this setting with the show interfaces command with the private-vlan mapping parameter.

7.1.3.2

no private-vlan mapping

Description

With this command you delete the link between secondary PVLANs and the IP interface of the primary PVLAN with the command .

222

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

 The interface is configured as an IP interface.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Network structures 7.1 VLAN

Syntax

Call the command without parameter assignment: no private-vlan mapping

Result

The IP interface of the primary PVLAN cannot be reached from the selected secondary PVLANs.

Further notes

You configure a link between secondary PVLANs and the IP interface of the primary PVLAN with the command private-vlan mapping.
You display this setting with the show interfaces command with the private-vlan mapping parameter.

7.1.3.3

switchport acceptable-frame-type

Description

With this command, you configure which types of frames are accepted.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
switchport acceptable-frame-type{all|tagged| untaggedAndPrioritytagged}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

223

Network structures 7.1 VLAN

The parameters have the following meaning:

Parameter all
tagged
untaggedAndPriori tytagged

Description All frames are accepted.
The device discards all untagged frames. The device forwards all tagged frames. The device discards all tagged frames. The device forwards all untagged frames and frames with a priority.

Range of values / note Default On a ring port only the parameter "all" is supported. -
-

Result

The setting is enabled.

Further notes

You can reset the setting to the default with the no switchport acceptable-frametype command.
You can display the status of this function and other information with the show vlan port config command.

7.1.3.4

no switchport acceptable-frame-type

Description

With this command, you reset the setting for the types of frames accepted by the interface to the default value.
The default value is all.
The interface accepts tagged and untagged frames.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport acceptable-frame-type

224

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The setting is reset to the default value.

Network structures 7.1 VLAN

Further notes

You configure the setting with the switchport acceptable-frame-type command.
You can display the status of this function and other information with the show vlan port configcommand.

7.1.3.5

switchport access vlan

Description

With this command, you assign an VLAN to an interface and configure the port VLAN identifier (PVID) for it.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport access vlan <vlan-id(1-4094)> The parameter has the following meaning:

Parameter vlan-id

Description Number of the addressed VLAN

Range of values / note 1 ... 4094

Result

The Interface is added to the VLAN as an untagged port and the corresponding VLAN ID is set.

Further notes

You can reset the setting to the default with the no switchport access vlan command. You display the setting and other information with the show vlan port config command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

225

Network structures 7.1 VLAN

7.1.3.6

no switchport access vlan

Description

With this command, you reset the setting for the port VLAN identifier (PVID) for an interface to the default value.
The default value is 1.

Requirement

You are in the interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport access vlan

Result

The setting is reset to the default value.

Further notes

You configure the setting with the switchport access vlan command.
You can display the status of this function and other information with the show vlan port configcommand.

7.1.3.7

switchport mode

Description

With this command, you specify the operating mode for the switch port.

Requirement

 The interface is configured as a switch port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

226

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network structures 7.1 VLAN

Call up the command with the following parameters: switchport mode { access | trunk | hybrid } The parameters have the following meaning:

Parameter access trunk
hybrid

Description

Range of values / note

Configures the port as an access port.
Access ports belong to a provider switch that supports the function Q-in-Q VLAN-Tunnel. Connect a customer network to access ports.

GVRP must be disa- bled on the port.
On the port for the acceptableframe-type the val- ue untaggedAndPrior itytagged must be set.

Configures the port as a trunk port that only forwards tagged frames. The port can then only be configured as the trunk port if the port is not entered in any VLAN that exchanges untagged frames.

For the trunk port to forward tagged frames, all VLAN IDs to which the trunk port forwards frames must be stored.

If a new VLAN is created, the VLAN ID is automatically entered at the trunk port.

With a trunk port, the VLAN assignment is dynamic. Static configurations can only be created if, in addition to the trunk port property, the port is also entered statically as a member in the VLANs involved. An example of a static configuration is the assignment of the multicast groups in certain VLANs.

If you execute the "acceptable frame-type all" com- mand at the trunk port, the port also receives untagged frames.

Configures the port as a hybrid port that accepts tagged and Default: hybrid untagged frames.

Result

The operating mode is configured.

Further notes

You reset the operating mode to the default with the no switchport mode command. You display this setting and other information with the show vlan port config command. You configure the interface as a switch port with the switchport command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

227

Network structures 7.1 VLAN

7.1.3.8

no switchport mode

Description

With this command, you reset the operating mode for the switch port to the default. The default value is Hybrid.

Requirement

 The interface is configured as a switch port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport mode

Result

The setting is reset to the default value.

Further notes

You configure the operating mode with the switchport mode command. You display this setting and other information with the show vlan port config command. You configure the interface as a switch port with the switchport command.

7.1.3.9

switchport mode private vlan

Description

With this command, you specify the operating mode for the private VLAN port.

Requirement

 The interface is configured as a switch port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

228

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network structures 7.1 VLAN

Call up the command with the following parameters: switchport mode private-vlan {promiscuous | host} The parameters have the following meaning:

Parameter Description

promiscuou Configures the port as a promiscuous port.

s

Promiscuous ports belong to a primary PVLAN. Connect de-

vices to promiscuous ports that are intended to communicate

with all other devices of the PVLAN.

host

Configures the port as a host port.

Host ports belong to a secondary PVLAN. Connect devices to host ports that are only intended to communicate with certain devices of the PVLAN.

Range of values / note
GVRP must be disa- bled on the port.

Result

The operating mode for the private VLAN port is configured.

Further notes

You display this setting and other information with the show vlan port config command.
You configure the interface as a switch port with the switchport command.
You configure a host port with the switchport private-vlan host-association command.
You configure a promiscuous port with the switchport private-vlan mapping command.

7.1.3.10

switchport mode dot1q-tunnel

Description

With this command, you enable the Q-in-Q VLAN tunnel function. Frames received at the port are expanded with an outer VLAN tag, the PVID of the port.

Requirement

 The port is configured as an access port.
 Spanning tree is disabled on the port.
 GMRP is disabled on the port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

229

Network structures 7.1 VLAN

Syntax

Call the command without parameter assignment: switchport mode dot1q-tunnel

Result

The Q-in-Q VLAN tunnel function is enabled.

Further notes

You disable the function with the no switchport mode dot1q-tunnel command. You display this setting and other information with the show vlan port config command. You configure the PVID with the switchport pvid command. You configure the operating mode of a port with the switchport mode command. You disable the spanning tree function with the no spanning tree command. If you want to enable or disable the GMRP function for a specific interface on the device, use the no gmrp command in the Interface configuration mode.

7.1.3.11

no switchport mode dot1q-tunnel

Description

With this command, you disable the Q-in-Q VLAN tunnel function.

Requirement

You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no switchport mode dot1q-tunnel

Result

The Q-in-Q VLAN tunnel function is disabled.

Further notes

You enable the function with the switchport mode dot1q-tunnel command. You display this setting and other information with the show vlan port config command.

230

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.1.3.12

switchport priority default

Network structures 7.1 VLAN

Description

With this command, you configure the priority default for the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport priority default <(0-7)> The parameter has the following meaning:

Parameter -

Description Value for the priority default

Range of values / note 0 ... 7 Default: 0

Result

The setting for the default priority of the interface is configured.

Further notes

You reset the priority default to the original default with the no switchport priority default command.
You display this setting and other information with the show vlan port config command.

7.1.3.13

no switchport priority default

Description

With this command, you reset the priority default for the interface to the default value. The default value is 0.

Requirement

You are in the Interface configuration mode. The command prompt is as follows:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

231

Network structures 7.1 VLAN
cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport priority default

Result

The setting is reset to the default value.

Further notes

You configure the priority default with the switchport priority default command. You display this setting and other information with the show vlan port config command.

7.1.3.14

switchport private-vlan host-association

Description

With this command, you configure a host port. The following settings are made:  The interface becomes an untagged member of the primary PVLAN and its secondary
PVLANs.  With incoming untagged frames, the port VLAN-ID of the secondary VLAN is set.  Ingress filtering is enabled.

Requirement

 The interface is configured as a host port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
switchport private-vlan host-association <primary-vlan-id (1-4094)> <secondary-vlan-id (1-4094)>

232

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The parameters have the following meaning:

Parameter primary-vlan-id secondary-vlan-id

Description VLAN ID of the primary PVLAN VLAN ID of the secondary PVLAN

Network structures 7.1 VLAN
Range of values/note 1 ... 4094 1 ... 4094

Result

The interface is configured.

Further notes

You delete the configuration with the no switchport private-vlan hostassociation command.
You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan.
You configure the interface as a host port with the switchport mode command.

7.1.3.15

no switchport private-vlan host-association

Description

With this command, you delete the configuration of a host port.

Requirement

 The interface is configured as a host port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no switchport private-vlan host-association

Result

The configuration is deleted.

Further notes

You configure a host port with the switchport private-vlan host-association command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

233

Network structures 7.1 VLAN
You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan. You configure the interface as a host port with the command.

7.1.3.16

switchport private-vlan mapping

Description

With this command, you configure a promiscuous port. The following settings are made:  The interface becomes an untagged member of the primary PVLAN and all secondary
PVLANs.  With incoming untagged frames, the port VLAN-ID of the primary VLAN is set.  Ingress filtering is enabled.

Requirement

 The interface is configured as a promiscuous port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
switchport private-vlan mapping <primary-vlan-id (1-4094)> [{add | remove}] [<secondary_vlan_list>]
The parameters have the following meaning:

Parameter primary-vlan-id add remove secondary_vlan_li st

Description VLAN ID of the primary PVLAN Adds secondary PVLANs. Removes secondary PVLANs. VLAN ID of the secondary PVLAN

Range of values/note
1 ... 4094 1 ... 4094 Separate the PVLANs with commas if you specify sev- eral PVLANs.

Result

The interface is configured.

234

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN

Further notes

You delete the configuration with the no switchport private-vlan mapping command.
You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan.
You configure the interface as a promiscuous port with the switchport mode command.

7.1.3.17

no switchport private-vlan mapping

Description

With this command, you delete the configuration of a promiscuous port.

Requirement

 The interface is configured as a promiscuous port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no switchport private-vlan mapping

Result

The configuration is deleted.

Further notes

You configure a promiscuous port with the switchport private-vlan mapping command.
You display this setting and other information with the commands show vlan port config, show vlan and show vlan private-vlan.
You configure the interface as a promiscuous port with the switchport mode command.

7.1.3.18

switchport pvid

Description

With this command, you assign an interface to a VLAN and configure the port VLAN identifier (PVID) for it. If a received frame has no VLAN tag, it has a tag added with the VLAN ID specified here and is sent according to the switch rules for the port.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

235

Network structures 7.1 VLAN

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: switchport pvid <vlan-id(1-4094)> The parameter has the following meaning:

Parameter vlan-id

Description Number of the addressed VLAN

Range of values / note 1 ... 4094

Result

The PVID is configured

Further notes

You can reset the setting to the default with the no switchport pvid command. You configure the VLAN ID with the switchport access vlan command. You display the setting and other information with the show vlan port config command.

7.1.3.19

no switchport pvid

Description

With this command, you reset the setting for the port VLAN identifier (PVID) for an interface to the default value.
The default value is 1.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport pvid

236

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The setting is reset to the default value.

Network structures 7.1 VLAN

Further notes

You configure the setting with the switchport pvid command.
You configure the VLAN ID with the switchport access vlan command.
You can display the status of this function and other information with the show vlan port config command.

7.1.3.20

tia interface

Description

With this command, you enable or disable the property TIA interface. The TIA interface defines the VLAN on which the PROFINET functionalities are available. This mainly affects the device search with or via DCP.

Requirement

 The interface is enabled.
 You are in the Interface configuration mode of the VLAN interface. The command prompt is: cli (config-if-vlan-$$$) # $$$ stands for the numbering of the interface.

Syntax

Call the command without parameters: tia-interface

Result

The TIA interface property is enabled exclusively for the specified VLAN. The function was disabled on the other interfaces.

Further notes

Note that only one VLAN interface can become the TIA interface.

7.1.4

Commands in the VLAN configuration mode (VLAN Bridge)
This section describes commands that you can call up in the VLAN Configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

237

Network structures 7.1 VLAN
In global configuration mode, enter the vlan $$$ command to change to this mode. When doing this, you need to replace the $$$ placeholders with the relevant VLAN ID.
Commands relating to other topics that can be called in the VLAN Configuration mode can be found in the relevant sections.
 If you exit the VLAN Configuration mode with the exit command, you return to the Global Configuration mode.
 If you exit the VLAN Configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in VLAN configuration mode.
To do this, you replace [command] with the command that you want to execute.

7.1.4.1

name

Description

With this command, you assign a name to the VLAN.

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters: name <vlan-name> The parameter has the following meaning:

Parameter vlan-name

Description

Range of values / note

Name that will be assigned to the VLAN max. 32 characters

Result

The VLAN is assigned a name.

Further notes

You delete name assignment for a VLAN with the no name command.

238

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.1.4.2

no name

Description

With this command, you delete the name assignment for a VLAN.

Requirement

You are in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameters: no name

Result

The name of the VLAN is deleted.

Further notes

You assign the VLAN a name with the command name.

7.1.4.3

ports

Network structures 7.1 VLAN

Description

With this command, you generate a list that specifies the behavior of the interfaces and replaces the existing VLAN configuration.
 Member Port (tagged port) The interface is added permanently to the list of incoming and outgoing connections. Tagged and untagged frames are transferred.
 Untagged Port The interface transfers untagged frames. If the VLAN ID (PVID) is set, incoming untagged frames are given a tag with the VLAN ID specified there. Received frames with a VLAN ID are forwarded according to the VLAN ID. With outgoing frames, the tag with the VLAN ID is removed.
 Forbidden Ports This interface is not used for communication in a VLAN.
The "tagged port" and "untagged port" you specify with this command are used for outgoing data traffic.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

239

Network structures 7.1 VLAN

Requirement

You are in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters:
ports ( [<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>] [port-channel<a,b,c-d>] ) [ untagged<interface-type> <0/a-b,0/c,...> ( [<interface-type><0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all] ) ] [ forbidden<interface-type><0/a-b,0/c,...> [<interface-type><0/a-b,0/c,...>] [portchannel<a,b,c-d>] ] [name<vlan-name>]
The parameters have the following meaning:

Parameter interface-type /a-b,0/c,... port-channel a,b,c-d untagged
all
forbidden
name vlan-name

Description
Type or speed of the interface
Port no. of the interface
Keyword for a port channel
Port no. of the interface
Keyword for interfaces or ports that transfer data packets without VLAN marking
Specifies that all interfaces or ports are set to "untagged"
Keyword for forbidden interfaces or ports
Keyword for the name assignment
Name of the VLAN

Range of values / note Enter a valid interface.
Enter a valid interface name -
-
-
max. 32 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

240

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Network structures 7.1 VLAN
The existing VLAN configuration is replaced. To add individual interfaces, you need to recreate the full list.

Further notes

You display details of the function with the show vlan command. You reset the settings with the no ports command.

7.1.4.4

no ports

Description

With this command you remove all ports i.e. Member Ports (M), Untagged Member Ports (U) and Forbidden Ports (F) from a VLAN.

Requirement

You are in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters:
no ports ( [<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>] [port-channel<a,b,c-d>] [all] ) [ untagged<interface-type> <0/a-b,0/c,...> ( [<interface-type><0/a-b,0/c,...>] [port-channel <a,b,c-d>] [all] ) ] [ ( forbidden<interface-type><0/a-b,0/c,...> [<interface-type><0/a-b,0/c,...>] [portchannel<a,b,c-d>] [all]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

241

Network structures 7.1 VLAN

) ] [name<vlan-name>]
The parameters have the following meaning:

Parameter interface-type /a-b,0/c,... port-channel a,b,c-d untagged all
forbidden name vlan-name

Description

Range of values / note

Type of interface

Enter a valid interface.

Port no. of the interface

Keyword for a port channel

-

Port no. of the interface

Enter a valid interface.

Keyword for interfaces or ports that transfer data packets without VLAN marking

This parameter appears at several points in the command.

-

 no ports all This command removes all Member Ports (Tagged Member - M) from the VLAN.

 no ports untagged all This command removes all Untagged Member Ports (U) from the VLAN. Afterwards the ports are Tagged Members (M) in the VLAN.

 no ports forbidden all This command removes all Forbidden Ports (F) from the VLAN.

Keyword for forbidden interfaces or ports

-

Keyword for the name assignment

-

Name of the VLAN

max. 32 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The ports are removed from the VLAN configuration.

Further notes

It is possible to remove individual ports from a VLAN configuration without needing to rewrite the entire configuration.
You display details of the function with the show vlan command.
You configure the setting with the ports command.

242

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.1.4.5

priority

Network structures 7.1 VLAN

Description

With this command, you specify which Class of Service (COS) is assigned to the package on transmission. This does not change the Tag Control Information (TCI) of the package, however. If you want to overwrite the COS information in the package, you need to specify the updatetag-priority parameter.

Requirement

You are in VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters: priority <prio (0-7)> [update-tag-priority] The parameter has the following meaning:

Parameter prio
update-tagpriority

Description

Range of values/note

Value of the priority

0 ... 7

Default: 0

Keyword for overwriting class of service information in the package.

Result

The VLAN has been assigned a priority.

Additional notes You reset the priority to the default value with the no priority command. You enable the priority with the priority-enable command. You disable the priority with the no priority-enable command. You display the current priority with the show vlan command. You configure the assignment of the priority to a queue with the cos-map command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

243

Network structures 7.1 VLAN

7.1.4.6

no priority

Description

With this command, you reset the priority of the VLAN back to the default value.

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameter assignment: no priority

Result

The priority of the VLAN is reset to the default value.

Further notes

You change the priority with the prioritycommand. You enable the priority with the priority-enable command. You disable the priority with the no priority-enable command. You display the current priority with the show vlan command. You configure the assignment of the priority to a queue with the cos-map command.

7.1.4.7

priority-enable

Description

With this command, you enable the priority of a VLAN.

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

244

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameter assignment: priority-enable

Network structures 7.1 VLAN

Result

The priority of the VLAN is enabled.

Further notes

You disable the priority with the no priority-enable command. You change the priority with the prioritycommand. You reset the priority to the default value with the no priority command. You display the current priority with the show vlan command.

7.1.4.8

no priority-enable

Description

With this command, you disable the priority of a VLAN.

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameter assignment: no priority-enable

Result

The priority of the VLAN is disabled.

Further notes

You enable the priority with the priority-enable command. You change the priority with the prioritycommand. You reset the priority to the default value with the no priority command. You display the current priority with the show vlan command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

245

Network structures 7.1 VLAN

7.1.4.9

private-vlan

Description

With this command you define a VLAN as a private VLAN and specify the PVLAN type.

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call up the command with the following parameters: private-vlan { primary | isolated | community } The parameters have the following meaning:

Parameter primary isolated
community

Description

Range of values/note

With this type, you define a primary PVLAN.

-

The primary PVLAN uses the VLAN ID of the VLAN.

With this type, you define a secondary PVLAN.

-

Devices within an Isolated Secondary PVLAN can- not communicate with each other via layer 2. The secondary PVLAN has a specific VLAN ID.

With this type, you define a secondary PVLAN.

-

The devices in this secondary PVLAN can commu- nicate with each other via layer 2. The secondary PVLAN has a specific VLAN ID.

Result

The PVLAN is defined and the PVLAN type specified.

Additional notes You delete the configuration as a private VLAN with the no private-vlan command. You display this setting with the show vlan private-vlan command.

7.1.4.10

no private-vlan

Description

With this command, you delete the configuration as a private VLAN.

246

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the VLAN Configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Network structures 7.1 VLAN

Syntax

Call the command without parameter assignment: no private-vlan

Result

The VLAN is not a private VLAN.

Further notes

You define a VLAN as a private VLAN and specify the PVLAN type with the command private-vlan.
You display this setting with the show vlan private-vlan command.

7.1.4.11

private-vlan association

Description

With this command, you assign secondary PVLANs to a primary PVLAN.

Requirement

 The interface is configured as a primary PVLAN.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: private-vlan association [{add|remove}] <secondary_Vlan_list>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

247

Network structures 7.1 VLAN

The parameters have the following meaning:

Parameter add remove secondary_Vla n_list

Description Adds a secondary PVLAN.. Removes a secondary PVLAN.. Number of the secondary PVLAN

Range of values / note
Separate the PVLANs with commas if you specify several PVLANs.

Result

The secondary PVLANs are assigned to the primary PVLAN.

Further notes

You delete the link between secondary PVLANs and a primary PVLAN with the command no private-vlan association.
You display this setting with the show interfaces command.
You configure a an interface as a primary PVLAN with the private-vlan command.

7.1.4.12

no private-vlan association

Description

With this command you delete the link between secondary PVLANs and a primary PVLAN.

Requirement

 The interface is configured as a primary PVLAN.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no private-vlan association

Result

The secondary PVLANs are not assigned to the primary PVLAN.

Further notes

You assign secondary PVLANs to a primary PVLAN with the command private-vlan association.

248

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN
You display this setting with the command. You configure a an interface as a primary PVLAN with the private-vlan command.

7.1.5

The "show" commands (Transparent Bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

7.1.5.1

show dot1d mac-address-table

Description

This command shows the table with the static and dynamic unicast entries and the dynamic multicast entries.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa

Description Keyword for a MAC address MAC address

interface interface-type interface-id

Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note
Specify a valid MAC ad- dress. Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

249

Network structures 7.1 VLAN

Result

The entries are displayed.

7.1.5.2

show dot1d mac-address-table static multicast

Description

This command shows the table with the static multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table static multicast [address <aa:aa:aa:aa:aa:aa>]
[{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static multicast MAC addresses are displayed.

7.1.5.3

show dot1d mac-address-table static unicast

Description

This command shows the table with the static unicast MAC addresses.

250

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Network structures 7.1 VLAN

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table static unicast [address <aa:aa:aa:aa:aa:aa>]
[{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description Keyword for a MAC address MAC address Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values / note Enter a valid interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static unicast MAC addresses are displayed.

7.1.5.4

show vlan device info

Description

This command shows all the global information that is valid for all VLANs.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

251

Network structures 7.1 VLAN
show vlan device info

Result

The global information is displayed.

7.1.6

Commands in the global configuration mode (Transparent Bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

7.1.6.1

base bridge-mode

Description

With this command, you configure whether or not the device forwards frames with VLAN tags transparently (IEEE 802.1D/Transparent Bridge) or takes VLAN information into account (IEEE 802.1Q/VLAN Bridge).
Note Changing base bridge mode
Note the section "Changing base bridge mode". This section describes how a change affects the existing configuration. Before device mode is switched, a security prompt takes place.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: base bridge-mode {dot1d-bridge|dot1q-vlan} [force]

252

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.1 VLAN

The parameters have the following meaning:

Parameter dot1d-bridge
dot1q-vlan force

Description

Range of values / notes

Sets the mode "Transparent Bridge" for the de- Default setting with PROFI-

vice.

NET variants

VLAN tags are not taken into account or changed but are forwarded transparently. In this mode, you cannot create any VLANs. Only a management VLAN is available: VLAN 1.

Sets the mode "VLAN Bridge" for the device. VLAN information is taken into account.

Default setting with Ether- Net/IP variants

When this parameter is executed, there is no security prompt when you switch device mode. This enables you to integrate the command in a script.

Take note of the effects on the existing configuration described in the section "Changing base bridge mode".

Result

The device mode is configured.

Changing base bridge mode 802.1D Transparent Bridge  802.1Q VLAN Bridge If you change the Base bridge mode from Transparent Bridge to VLAN Bridge, this has the following effects  All static and dynamic unicast entries are deleted.  All static and dynamic multicast entries are deleted.  With spanning tree you can set the following protocol compatibility: STP, RSTP and MSTP 802.1Q VLAN Bridge  802.1D Transparent Bridge If you change the Base bridge mode from VLAN Bridge to Transparent Bridge, this has the following effects  All VLAN configurations are deleted.  A management VLAN is created: VLAN 1.  All static and dynamic unicast entries are deleted.  All static and dynamic multicast entries are deleted.  With spanning tree you can set the following protocol compatibility: STP and RSTP  You cannot use GVRP.  You cannot use guest VLAN.  The VLAN assignment cannot be adopted from the RADIUS server.  You cannot configure the port type.  Defined access rules must be valid for all VLANs: authorized-manager ip-source

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

253

Network structures 7.1 VLAN

Further notes

You can display the status of this function and other VLAN information with the show vlan device info command.

7.1.6.2

vlan

Description

With this command, you change to the VLAN configuration mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: vlan <vlan-id(1-4094)> The parameter has the following meaning:

Parameter vlan-id

Description Number of the addressed VLAN

Range of values / note
1 ... 4094 In the transparent bridge mode on- ly VLAN 1 is available.

Do not enter any leading zeros with the number of the VLAN.

Result

You are now in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-1)#

Further notes

You can display information about the VLAN with the show vlan device info command.

254

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.2 Link aggregation

7.2

Link aggregation

This section describes commands that configure or manage the bundling of interfaces or connections between devices.

7.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

7.2.1.1

show etherchannel

Description

This command shows the settings of link aggregations.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show etherchannel [[channel-group-number] {detail|load-balance|port|port-channel|summary|protocol}]
The parameters have the following meaning:

Parameter channel-groupnumber detail load-balance port port-channel summary protocol

Description Number of the link aggregation
Detailed display of the settings Shows which load balancing method is enabled Information on the port of the link aggregation Information on the link aggregation Brief overview of the settings of a link aggregation Specification of the protocol set for a link aggregation

If you do not select any parameters from the parameter list, the settings of all channels will be displayed in detail.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

255

Network structures 7.2 Link aggregation

Result

The settings of the link aggregation are displayed.

7.2.1.2

show interfaces etherchannel

Description

This command shows the interface-specific information for a link aggregation.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show interfaces[<interface-type><interface-id>]etherchannel The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values/note

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select an interface, information for all interfaces is displayed.

Result

The interface-specific information for a link aggregation is displayed.
Note When a port is assigned to a link aggregation but is not active (e.g. link down), the values displayed may differ from the values configured for the link aggregation. If the port in the link aggregation becomes active, individual port configurations such as DCP forwarding are overwritten with the configured values of the link aggregation.

256

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.2.1.3

show lacp

Network structures 7.2 Link aggregation

Description

This command shows the information about the settings and information about the ports involved in the link aggregation. The number of sent and received packets is also displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show lacp [<port-channel(1-8)>]{counters|neighbor[detail]} The parameters have the following meaning:

Parameter port-channel counters neighbor detail

Description

Range of values/note

Number of the link aggregation

1 ... 8

Shows the values of the counters.

-

Displays information on neighbor ports. -

Displays detailed information on neigh- bor ports.

If you do not select a link aggregation, information for all available interfaces is displayed.

Result

The information is displayed.

7.2.2

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

257

Network structures 7.2 Link aggregation
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode. To do this, you replace [command] with the command that you want to execute.

7.2.2.1

channel-group

Description

With this command, you add an interface to a link aggregation.

Requirement

 With the interface po <channel-group-id(1-8)> command, you have already generated a logical interface for a link aggregation.
 You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: channel-group <channel-group-number(1-8)> mode{on|active|passive} The parameters have the following meaning:

Parameter channel-groupnumber on
active passive

Description Number of the link aggregation

Range of values/note 1 ... 8

Adds the interface without LACP to a link aggregation. This corresponds to manual bundling.
The negotiation of a connection via LACP is started unconditionally. The negotiation of a connection via LACP is started when an LACP packet arrives from the connection partner.

If you add a configured port to a link aggregation, the port adopts the configuration of the link aggre- gation. If you take the port out of the link aggregation, the settings of the port are reset to the factory settings.
-
-

Result

The link aggregation is configured.

258

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.2.2.2

no channel-group

Network structures 7.2 Link aggregation

Description

With this command, you remove the interface from a link aggregation.

Requirement

You are in the interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no channel-group

Result

The interface is deleted from the link aggregation.

7.2.2.3

lacp timeout

Description

With this command, you configure the length of the LACP timeout.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: lacp timeout {long|short}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

259

Network structures 7.2 Link aggregation

The parameters have the following meaning:

Parameter long
short

Description
The length of the LACP timeout is set to 90 seconds.
The length of the LACP timeout is set to 3 seconds.

Range of values/note Default
-

Result

The length of the LACP timeout is specified.

7.2.2.4

no lacp timeout

Description

With this command, you set the LACP timeout to the default value (90 seconds).

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no lacp timeout

Result

The length of the LACP timeout is 90 seconds.

260

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree

7.3

Spanning Tree

The Spanning Tree Protocol is used to monitor a LAN for redundant connections. These are blocked and reactivated when necessary if there are changes to the network topology.
This section describes the commands of the Spanning Tree Protocol (STP), the Rapid Spanning Tree Protocol (RSTP) and the Multiple Spanning Tree Protocol (MSTP).

Note Avoiding bad configurations
When using the commands in this section, you should take particular care because a bad configuration of this function can have serious negative affects on the network.

7.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

7.3.1.1

show spanning-tree

Description

This command shows the settings of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree [{ summary | blockedports | pathcost method }] The parameters have the following meaning:

Parameter summary blockedports pathcost method

Description Shows a summary Shows the blocked ports Shows whether 16-bit (short) or 32 bit (long) values are used in the calculation

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

261

Network structures 7.3 Spanning Tree

Result

The settings for the spanning tree function are displayed.

Further notes

You can show further settings for special aspects of the Spanning Tree Protocol with the following commands:  show spanning-tree active  show spanning-tree bridge  show spanning-tree detail  show spanning-tree interface  show spanning-tree root  show spanning-tree mst

7.3.1.2

show spanning-tree active

Description

This command shows the settings for the active ports of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show spanning-tree active [detail] The parameter has the following meaning:

Parameter detail

Description Shows settings in detail

Result

The settings for the active ports of the spanning tree function are displayed.

262

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.3.1.3

show spanning-tree bridge

Network structures 7.3 Spanning Tree

Description

This command shows the settings of the spanning tree function of the bridge.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show spanning-tree bridge [{ address | forward-time | hello-time | id | max-age | protocol |
priority | detail }]
The parameters have the following meaning:

Parameter address forward-time
hello-time id max-age protocol priority detail

Description
Shows the MAC address of the bridge Shows the time that the bridge is in the listening mode when changing from the blocking mode to the learning mode Shows the time after which the bridge sends configuration frames (BPDUs) Shows the ID of the bridge Shows the maximum age of the data packet after which it is deleted Shows the protocol used Shows the priority of the bridge Shows detailed information about the Spanning Tree settings of the bridge

Result

The settings for the spanning tree function of the bridge are displayed.

7.3.1.4

show spanning-tree detail

Description

This command shows the detailed settings of the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

263

Network structures 7.3 Spanning Tree
The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show spanning-tree detail

Result

The detailed settings for the spanning tree function are displayed.

7.3.1.5

show spanning-tree interface

Description

This command shows the settings of the ports for the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show spanning-tree interface <interface-type> <interface-id> [{ cost | priority | portfast | rootcost | restricted-role | restricted-tcn | state | stats | detail }]
The parameters have the following meaning:

Parameter interface-type interface-id cost
priority portfast
rootcost
restricted-role

Description

Range of values / note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Shows the port costs used to calculate the lowest-cost path.

Shows the priority of the port.

-

Shows whether spanning-tree

-

portfast is enabled.

Shows the costs of the path to the root bridge.

Shows whether spanning-tree

-

restricted-role is enabled.

264

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree

Parameter restricted-tcn
state stats
detail

Description
Shows whether spanning-tree restricted-tcn is enabled.
Shows the status of the interface.
Shows the counters of the various BPDU transmissions.
Shows detailed information about the spanning tree settings of the interface.

Range of values / note -
-
-

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The settings of the ports for the spanning tree function are displayed.

7.3.1.6

show spanning-tree interface layer2-gateway-port

Description

This command shows the settings of Layer 2 Gateway Port (L2GP). For example the priority, the MAC address and the status of L2GP are displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show spanning-tree interface [<interface-type><interface-id>] layer2-gateway-port
The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values / note

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

265

Network structures 7.3 Spanning Tree

Result

The settings for Layer 2 Gateway Port (L2GP) are displayed.

7.3.1.7

show spanning-tree mst

Description

This command shows various settings of the spanning tree configuration specific to a Common Internal Spanning Tree (CIST) instance or a selected instance of the Multiple Spanning Tree Protocol.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with one of the following parameter assignments: show spanning-tree mst[<instance-id(1-64|4094)>][detail] The parameters have the following meaning:

Parameter instance-id
detail

Description
Number of the instance or range of in- stances whose settings are displayed
Shows detailed information about the selected interface

Range of values / note  1 ... 64  4094 -

Result

The settings for the spanning tree configuration are displayed.

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

7.3.1.8

show spanning-tree mst configuration

Description

This command shows various settings for an instance of the Multiple Spanning Tree Protocol.

266

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Network structures 7.3 Spanning Tree

Syntax

Call the command without parameters: show spanning-tree mst configuration

Result

The settings of an instance of the Multiple Spanning Tree protocol are displayed.

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

7.3.1.9

show spanning-tree mst interface

Description

This command shows port-specific settings of a Multiple Spanning Tree configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with one of the following parameter assignments:
show spanning-tree mst [<instance-id(1-64|4094)>] interface <interface-type><interface-
id> [{stats|hello-time|detail}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

267

Network structures 7.3 Spanning Tree

The parameters have the following meaning:

Parameter instance-id
interface-type interface-id stats
hello-time
detail

Description

Range of values / note

Number of the instance or range of in-  1 ... 64 stances whose settings are displayed  4094

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

Shows the number of incoming and out- going packets for each path of the inter- face

Shows the intervals at which the root switch sends its "Hello" message to the other switches

Shows detailed information about the selected interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The port-specific settings are displayed.

Further notes

You display the general settings for the Spanning Tree Protocol with the show spanningtree command.

7.3.1.10

show spanning-tree passive-listening-compatibility

Description

This command shows whether or not the "Enhanced Passive Listening Compatibility" function is enabled or disabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show spanning-tree passive-listening-compatibility

268

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Network structures 7.3 Spanning Tree
The setting for the "Enhanced Passive Listening Compatibility" function is displayed.

Further notes

You enable the "Enhanced Passive Listening Compatibility" function with the spanningtree passive-listening-compatibility command.
You disable the "Enhanced Passive Listening Compatibility" function with the no spanningtree passive-listening-compatibility command.

7.3.1.11

show spanning-tree root

Description

This command shows the settings of the root bridge for the spanning tree function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show spanning-tree root [{address|cost|forward-time|id|max-age|port|priority|detail}]
The parameters have the following meaning:

Parameter address cost forward-time
id max-age port priority detail

Description
Shows the MAC address of the root bridge Shows the costs of the connection to the root bridge. Shows the time that the bridge is in the listening mode when changing from the blocking mode to the learning mode Shows the ID of the root bridge Shows the maximum age of the data packet after which it is deleted Shows the interface via which the spanning tree is set up Shows the priority of the bridge Shows detailed information about the root bridge

Result

The settings of the root bridge for the spanning tree function are displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

269

Network structures 7.3 Spanning Tree

7.3.2

clear spanning-tree detected protocols

Description

With this command, you restart the protocol transmission process on a specific or on all interfaces and force renegotiation of the connection settings with the neighboring devices.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters:
clear spanning-tree detected protocols [{interface<interface-type><interface-id>}]
The parameters have the following meaning:

Parameter interface interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the process is restarted for all interfaces.

Result

The connection settings for spanning tree are renegotiated.

7.3.3

clear spanning-tree counters

Description

With this command, you reset all the statistical counters of the spanning tree function at the device and port level.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

270

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

The command prompt is as follows: cli> or cli#
Call the command without parameters: clear spanning-tree counters
The spanning tree counters are reset.

Network structures 7.3 Spanning Tree

7.3.4

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

7.3.4.1

spanning-tree

Description

The Spanning Tree Protocol is used to monitor a LAN for redundant connections. These are blocked and reactivated when necessary if there are changes to the network topology.
With this command, you enable the spanning tree function.

Requirement

 The ring redundancy is disabled.
 You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

271

Network structures 7.3 Spanning Tree
spanning-tree

Result

The spanning tree function is enabled. If you enable Spanning Tree, passive listening is disabled.

Further notes

The default setting of the function with PROFINET variants is "disabled".
The default setting of the function with EtherNet/IP variants is "enabled".
You disable the ring redundancy function with the no ring-redundancy command.
You disable the spanning tree function with the no spanning-tree command.
You can display the status of this function and other information with the show spanningtree detailcommand.
You can display information about active ports with the show spanning-tree active command.

7.3.4.2

no spanning-tree

Description

With this command, you disable the spanning tree function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree

Result

The spanning tree function is disabled.

Further notes

You enable the spanning tree function with the spanning-tree command.

272

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree
You can display the status of this function and other information with the show spanningtree detailcommand. You can display information about active ports with the show spanning-tree active command.

7.3.4.3

spanning-tree compatibility

Description

With this command, you configure the compatibility version of the protocol that will be used by the spanning tree function.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: spanning-tree compatibility {stp|rst|mst} The parameters have the following meaning:

Parameter stp
rst
mst

Description

Range of values / note

The version is compatible with the Span- ning Tree protocol

The version is compatible with the Rap- Default: enabled ic Spanning Tree protocol

The version is compatible with the Mul- tiple Spanning Tree protocol

Result

The compatibility version of the protocol is selected.

Further notes

With the no spanning-tree compatibility command, you can reset the setting to the default value rst.
You can display the status of this function and other information with the show spanning tree detail command.
You can display information about active ports with the show spanning tree active command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

273

Network structures 7.3 Spanning Tree

7.3.4.4

no spanning-tree compatibility

Description

With this command, you reset the compatibility version of the protocol of the spanning tree function to the default value.
The default value is RST.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree compatibility

Result

The compatibility version is reset to the default value.

Further notes

You configure the setting with the spanning-tree compatibility command.
You can display the status of this function and other information with the show spanning tree detail command.

7.3.4.5

spanning-tree mst configuration

Description

With this command, you change to the MSTP configuration mode.

Requirement

 MSTP is enabled  Compatibility mode: MSTP You are in the Global configuration mode. The command prompt is as follows: cli(config)#

274

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: spanning-tree mst configuration

Network structures 7.3 Spanning Tree

Result

You are now in the MSTP configuration mode. The command prompt is as follows: cli(config-mst)#

Further notes

You exit the MSTP configuration mode with the end or exit command.

7.3.4.6

spanning-tree mst instance-id root

Description

With this command you specify whether the device is a root bridge (primary) or a substitute root bridge (secondary).

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
spanning-tree mst{instance-id<instance-id(1-64)>}root{primary| secondary}
The parameters have the following meaning:

Parameter
instanceid
instanceid

Description Keyword for the instance
Number of the instance

Range of values / note -
1 ... 64

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

275

Network structures 7.3 Spanning Tree

Parameter primary
secondary

Description

Range of values / note

The priority of the device is set to a low value so that the The priority is set to the val- device can become the root bridge (primary) of the Span- ue 24576. ning Tree instance. The lower the value, the higher the priority.

The priority of the device is set to a low value so that the device becomes the substitute root bridge (secondary) of the Spanning Tree instance. If the root bridge (primary) fails, the substitute root bridge (secondary) takes over the task of the root bridge without delay.

The priority is set to the val- ue 28672.

Result

The function of the device is specified.

Additional notes
You disable the root bridge with the no spanning-tree mst instance-id root command.
You display this setting and other information with the commands that start with show spanning-tree ....

7.3.4.7

no spanning-tree mst instance-id root

Description

With this command, you disable the "root bridge" function on the device.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no spanning-tree mst{instance-id<instance-id(1-64)>}root The parameters have the following meaning:

Parameter instance-id instance-id

Description Keyword for the instance Number of the instance

Range of values / note 1 ... 64

276

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The "root bridge" function is disabled.

Network structures 7.3 Spanning Tree

Further notes

You enable the root bridge function with the spanning-tree mst instance-id root command.
You display this setting and other information with the commands that start with show spanning tree ....

7.3.4.8

spanning-tree mst max-hops

Description

With this command, you configure the maximum number of nodes (hops) that a path can run through in an MST.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: spanning-tree mst max-hops <value(6-40)> The parameter has the following meaning:

Parameter value

Description
Maximum number of hops that a path can run through in an MST

Range of values/note 6 ... 40 Default: 20

Result

The setting for the maximum number of hops is configured.

Further notes

You can reset the setting for the maximum number of nodes to the default with the no spanning-tree mst max-hops command.
You display this setting and other information with the show spanning-tree mst command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

277

Network structures 7.3 Spanning Tree

7.3.4.9

no spanning-tree mst max-hops

Description

With this command, you reset the maximum number of hops that a path in an MST can run through to the default value.
The default value is 20.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree mst max-hops

Result

The setting for the maximum number of nodes is reset to the default value.

Further notes

You can configure the setting for the maximum number of nodes with the spanning-tree mst max-hops command.
You display this setting and other information with the show spanning-tree mst command.

7.3.4.10

spanning-tree priority

Description

With this command, you configure the priority of the device. Which device becomes the root bridge is decided based on the priority. The bridge with the highest priority becomes the root bridge. The lower the value, the higher the priority.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

278

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network structures 7.3 Spanning Tree

Call up the command with the following parameters: spanning-tree[mst <instance-id(1-64)>] priority <value(0-61440)> The parameters have the following meaning:

Parameter mst
instance-id priority value

Description
Keyword for a Multiple Spanning Tree instance Number of the instance Keyword for the priority Value for the priority

Range of values / note -
1 ... 64 0 ... 61440 Default: 32768

You can only change the value for the priority in the steps of 4096.

Result

The priority of the device is configured.

Further notes

You can reset the setting to the default with the no spanning-tree priority command.
You display this setting and other information with the commands that start with show spanning-tree ....

7.3.4.11

no spanning-tree priority

Description

With this command, you reset the priority of the device back to the default value. The default value is 32768.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no spanning-tree[mst <instance-id(1-64)>]priority

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

279

Network structures 7.3 Spanning Tree

The parameters have the following meaning:

Parameter mst
instance-id

Description
Keyword for a Multiple Spanning Tree instance Number of the instance

Range of values / note -
1 ... 64

Result

The priority of the device is reset to the default value.

Further notes

You configure the setting with the spanning-tree priority command.
You display this setting and other information with the commands that start with show spanning-tree ....

7.3.4.12

spanning-tree passive-listening-compatibility

Description

With this command you enable the "Enhanced Passive Listening Compatibility" function.
If you enable the "Enhanced Passive Listening Compatibility" function, the IE switch sends topology change frames via the (R)STP edge port that caused the topology change.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: spanning-tree passive-listening-compatibility

Result

The "Enhanced Passive Listening Compatibility" function is enabled.

Further notes

You disable the function with the no spanning-tree passive-listeningcompatibility command.

280

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree
You can display the status of this function with the show spanning-tree passivelistening-compatibilitycommand.

7.3.4.13

no spanning-tree passive-listening-compatibility

Description

With this command you disable the "Enhanced Passive Listening Compatibility" function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no spanning-tree passive-listening-compatibility

Result

The "Enhanced Passive Listening Compatibility" function is disabled.

Further notes

You enable the function with the spanning-tree passive-listening-compatibility command.
You can display the status of this function with the show spanning-tree passivelistening-compatibilitycommand.

7.3.4.14

spanning-tree rstp-plus

Description

With this command, you enable RSTP+.
RSTP+ enables the linking of a network segment in which Spanning Tree is activated with an MRP ring. Make sure that the following requirements have been met before executing this command:
 MRP must be activated as redundancy method.
 If ring redundancy is activated, you need to disable the ring ports for Spanning Tree.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

281

Network structures 7.3 Spanning Tree

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: spanning-tree rstp-plus

Result

RSTP+ is enabled.

Additional notes
You can display the status of this function and other information with the show spanningtree command.

7.3.4.15

no spanning-tree rstp-plus

Description

With this command, you disable RSTP+.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no spanning-tree rstp-plus

Result

RSTP+ is disabled.

Additional notes
You can display the status of this function and other information with the show spanningtree command.

282

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.3.4.16

spanning-tree rstp-plus mrp-intercon-domain-id

Network structures 7.3 Spanning Tree

Description

With this command, you configure the MRP Interconnection Domain ID for RSTP+.
The RSTP+ MRP Interconnection Domain ID must be unique throughout the network and must differ from any MRP Interconnection Domain ID that may need to be configured. Different IDs are necessary to distinguish TCNs (Topology Change Notifications) of the RSTP network from TCNs of the MRP ring. This assignment makes it possible to only delete those FDB entries (Forwarding Database entries) that are affected by the topology change.
Each device checks whether different values were configured for these two parameters. If the IDs are identical, the device outputs an error message. The network administrator is responsible for making sure that these IDs are also unique throughout the network. An individual device cannot make such a check.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
spanning-tree rstp-plus mrp-intercon-domain-id <mrp-intercon-domainid (1-65535)>
The parameter has the following meaning:

Parameter
mrp-intercondomain-id

Description

Range of values/note

The MRP Interconnection Domain ID 1 ... 65535 for RSTP+. This value must not match the MRP Interconnection Domain ID configured for the active MRP Intercon- nection connection.

Result

The MRP Interconnection Domain ID for RSTP+ is configured.

Additional notes
You can display the status of this function and other information with the show spanningtree detail command.
You can display information about active ports with the show spanning-tree active command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

283

Network structures 7.3 Spanning Tree

7.3.4.17

Time settings for the Spanning Tree protocol

spanning-tree (time settings)

Description

With this command, you configure the various time settings of the spanning tree function:
 With the forward-time option, you configure the time after which a port changes its spanning tree status from "Blocking" to "Forwarding".
 With the hello-time option, you configure the time after which the bridge sends its configuration frames (BPDUs).
 With the max-age option, you configure the time after which the information of the BPDUs becomes invalid.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
spanning-tree{forward-time<seconds(4-30)>|hello-time<seconds(1-2)>| max-age<seconds(6-40)>}
The parameters have the following meaning:

Parameter forward-time
seconds hello-time seconds max-age seconds

Description

Range of values / note

Keyword for the time after which a port changes its spanning tree status from "Blocking" to "Forwarding"

Time after which the changeover takes 4 ... 30

place

Default: 15

Keyword for the time after which the bridge sends its configuration BPDUs

Time after which they are sent

1 ... 2

Default: 2

Keyword for the time after which the in- formation of the BPDUs becomes invalid

Maximum age of the BPDUs in seconds 6 ... 40

Default: 20

284

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree
Note Dependencies when setting the timing If you specify the time settings for spanning tree, you need to keep to the following two rules:  2 * (forward-time - 1)  max-age  max-age  2 * (hello-time + 1)

Result

The selected setting for the time is configured.

Further notes

You reset the time settings to the default values with the no spanning-tree forwardtime, no spanning-tree hello-time or no spanning-tree max-age.
If you call the no spanning-tree command without parameters, you disable the spanning tree function. The configured time settings are retained.
If you call the restart factory command, the system restarts with the factory configuration settings All rime settings are reset.
You display these settings and other information with the commands that start with show spanning-tree ....

no spanning-tree (time settings)

Description

With this command in conjunction with the relevant parameter you reset the time settings of the spanning tree function to the default values.
If you call the command without parameters, you disable the spanning tree function. The configured time settings are retained.
If you call the restart factory command, the system restarts with the factory configuration settings All rime settings are reset.
The default values are as follows:

Parameter forward-time hello-time max-age

Default value 15 seconds 2 seconds 20 seconds

Requirement

You are in the Global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

285

Network structures 7.3 Spanning Tree
The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no spanning-tree{forward-time|hello-time|max-age} The parameters have the following meaning:

Parameter forward-time
hello-time max-age

Description
Time after which a port changes its spanning tree status from "Blocking" to "Forwarding" Time after which the bridge sends its configuration frames (BPDUs) Time after which the information of the BPDUs becomes invalid

Result

The selected setting for the time is reset to the default value.

Further notes

You configure the time with the spanning-tree command (time settings).
You display these settings and other information with the commands that start with show spanning-tree ....

7.3.5

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

286

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

7.3.5.1

spanning-tree

Network structures 7.3 Spanning Tree

Description

With this command, you configure the various properties of the spanning tree function:
 With the cost option, you configure the port costs used to calculate the lowest-cost path.
 With the disable option, you disable the interface for the spanning tree function.
 With the link-type option, you configure the connection status of the following network segment. The following settings are possible:
­ point-to-point ­ the interface communicates with precisely one network component
­ shared - the interface is connected to more than one network component
 With the portfast option, you enable the PortFast function on the interface. The interface is connected to an end device and can therefore ignore the waiting time before changing to Forwarding mode.
 With the port-priority option, you configure the priority of the interface for negotiating a spanning tree configuration.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
spanning-tree {cost <0-200000000>|disable| link-type{point-to-point|shared}|portfast| port-priority<0-240>}
The parameters have the following meaning:

Parameter cost
disable

Description

Range of values/note

Keyword

0 ... 200000000

Describes the costs of the port for cal- culating the lowest cost path.

Default:
if dynamic calculation of the path costs is not enabled:

 200000 for physical interfaces

 199999 for port channels

disables the interface for spanning tree -

Default:

The spanning tree function is ena- bled on the interface

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

287

Network structures 7.3 Spanning Tree

Parameter link-type
portfast port-priority

Description Connection status of the following net- work segment
Enables the PortFast function Priority of the interface

Range of values/note
 point-to-point  shared Default:  point-to-point
The connection is configured as full-duplex  shared in all other cases Default: disabled 0 ... 240 in increments of 16 Default: 128

Note Configure multiple properties
With each call of the command, you can configure precisely one property. If you want to configure several properties, call the command several times.

Result

The selected property is configured.

Further notes

You can reset the setting to the default with the no spanning-tree (properties) command.
You display these settings and other information with the commands that start with show spanning-tree ....

7.3.5.2

no spanning-tree

Description

With this command, you reset the various properties of the spanning tree function to the default value:
The default values are as follows:

Parameter cost
disable

Default value if dynamic calculation of the path costs is not enabled:  200000 for physical interfaces  199999 for port channels The spanning tree function is enabled on the interface

288

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Parameter link-type
portfast port-priority

Network structures 7.3 Spanning Tree
Default value  point-to-point
The connection is configured as full-duplex  shared
in all other cases disabled 128

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree {cost|disable|link-type|portfast|port-priority} The parameters have the following meaning:

Parameter cost disable link-type portfast port-priority

Description Keyword for the costs of the port for calculating the lowest-cost path. Enables the interface for spanning tree. Connection status of the following network segment Disables the PortFast function. Keyword for the priority of the interface

Note Configure multiple properties
With each call of the command, you can configure precisely one property. If you want to configure several properties, call the command several times.

Result

The selected setting was reset to the default value.

Further notes

You configure the setting with the spanning-tree command (properties).
You display these settings and other information with the commands that start with show spanning-tree ....

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

289

Network structures 7.3 Spanning Tree

7.3.5.3

spanning-tree auto-edge

Description

With this command, you enable automatic discovery of a bridge connected to the interface.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree auto-edge

Result

The automatic discovery of a bridge on the interface is enabled.

Further notes

The automatic discovery of a bridge on the interface is disabled with the no spanning-tree auto-edge command.

7.3.5.4

no spanning-tree auto-edge

Description

With this command, you disable automatic discovery of a bridge connected to the interface.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree auto-edge

290

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The automatic discovery of a bridge on the interface is disabled.

Network structures 7.3 Spanning Tree

Further notes

The automatic discovery of a bridge on the interface is enabled with the spanning-tree auto-edge command.

7.3.5.5

spanning-tree bpdu-transmit

Description

With this command, you enable or disable the BPDU transmit status at the port.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree bpdu-transmit{enabled|disabled} The parameters have the following meaning:

Parameter enabled
disabled

Description
BPDU packets are transmitted at the port
BPDU packets are not transmitted at the port

Range of values / note Default: enabled
-

Result

The BPDU transmit status has switched over.

Further notes

You can display the status of this function and other information with the show spanningtree interface command with the detail option.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

291

Network structures 7.3 Spanning Tree

7.3.5.6

spanning-tree bpdu-receive

Description

With this command, you enable or disable the BPDU receive status at the port.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree bpdu-receive{enabled|disabled} The parameters have the following meaning:

Parameter enabled disabled

Description BPDU packets are received at the port BPDU packets are ignored at the port

Range of values / note Default: enabled -

Result

The BPDU receive status is enabled or disabled.

Further notes

You can display the status of this function and other information with the show spanningtree interface command with the detail option.

7.3.5.7

spanning-tree bpdufilter

Description

With this command, you configure the BPDU transmit status for a port.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

292

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network structures 7.3 Spanning Tree

Call up the command with the following parameters: spanning-tree bpdufilter{disable|enable} The parameters have the following meaning:

Parameter disable
enable

Description
The transfer of BPDU packets is disa- bled for the port
The transfer of BPDU packets is ena- bled for the port

Range of values / note Default: disabled
-

Result

The BPDU transmit status is configured.

7.3.5.8

spanning-tree layer2-gateway-port

Description

With this command, you configure a port as a layer 2 gateway port.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree layer2-gateway-port

Result

The port is configured as a layer 2 gateway port.

Further notes

You delete the configuration of a port as a layer 2 gateway port with the commandno spanning-tree layer2-gateway-port.
You can display other information with the show spanning-tree interface command with the detail option.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

293

Network structures 7.3 Spanning Tree

7.3.5.9

no spanning-tree layer2-gateway-port

Description

With this command, you delete the configuration of the port as a layer 2 gateway port.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree layer2-gateway-port

Result

The configuration of the port as a layer 2 gateway port is deleted.

Further notes

You configure a port as a layer 2 gateway port with the commandspanning-tree layer2gateway-port.
You can display other information with the show spanning-tree interface command with the detail option.

7.3.5.10

spanning-tree loop-guard

Description

This function prevents alternative ports or root ports becoming designated ports if there is a disruption of a one-way link.
With this command, you enable the function.

Requirement

 Spanning tree is enabled.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

294

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: spanning-tree loop-guard

Network structures 7.3 Spanning Tree

Result

The "Spanning Tree Loop Guard" function is enabled.

Further notes

You disable the setting with the no spanning-tree loop-guard command. You can display the status of this function and other information with the following commands:  show spanning-tree detail  show spanning-tree active detail  show spanning-tree interface

7.3.5.11

no spanning-tree loop-guard

Description

This function prevents alternative ports or root ports becoming designated ports if there is a disruption of a one-way link.
With this command, you disable the function.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree loop-guard

Result

The "Spanning Tree Loop Guard" function is disabled.

Further notes

You enable the setting with the spanning-tree loop-guard command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

295

Network structures 7.3 Spanning Tree
You can display the status of this function and other information with the following commands:  show spanning-tree detail  show spanning-tree active detail  show spanning-tree interface

7.3.5.12

spanning-tree mst

Description

With this command, you configure the various properties of the Multiple Spanning Tree function:
 With the cost option, you configure the port costs used to calculate the lowest-cost path.
 With the port-priority option, you configure the priority of the interface for negotiating a Multiple Spanning Tree configuration.
 With the disable option, you disable the interface for the Multiple Spanning Tree function.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
spanning-tree mst<instance-id(1-64)> {cost(0-200000000)|port-priority (0-240)|disable}
The parameters have the following meaning:

Parameter instance-id cost
port-priority disable

Description

Range of values / note

Number of the addressed instance

1 ... 64

Costs of the port for calculating the low- 0 ... 200000000

est cost path.

Default:

 200000 for physical interfaces

 199999 for port channels

Priority of the interface

0 ... 240 in steps of 16

Default: 128

Disables the interface for multiple span- Default: MST is disabled, RST is

ning tree

enabled

296

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree
Note Configure multiple properties With each call of the command, you can configure precisely one property. If you want to configure several properties, call the command several times.

Result

The selected property is configured.

Further notes

You can reset the setting to the default with the no spanning-tree mst (properties) command.
You display these settings and other information with the commands that start with show spanning tree ....

7.3.5.13

no spanning-tree mst

Description

With this command, you reset the various properties of the Multiple Spanning Tree function to the default value.
The default values are as follows:

Parameter cost
port-priority disable

Default value  200000 for physical interfaces  199999 for port channels 128 MST is disabled, RST is enabled

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree mst<instance-id(1-64)>{cost|port-priority|disable}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

297

Network structures 7.3 Spanning Tree

The parameters have the following meaning:

Parameter instance-id cost
port-priority disable

Description

Range of values/note

Number of the addressed instance

1 ... 64

Keyword for the costs of the port for cal- culating the lowest-cost path.

Keyword for the priority of the interface -

Enables the interface for multiple span- ning tree.

Note Configure multiple properties
With each call of the command, you can configure precisely one property. If you want to configure several properties, call the command several times.

Result

The selected setting is reset to the default value.

Additional notes
You configure the setting with the spanning-tree mst command (properties).
You display these settings and other information with the commands that start with show spanning tree ....

7.3.5.14

spanning-tree mst hello-time

Description

With this command, you configure the Hello time after which the bridge sends its configuration frames (BPDUs).
A change to this value applies to all MST instances active on this interface.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: spanning-tree mst hello-time <seconds(1-2)>

298

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree

The parameter has the following meaning:

Parameter seconds

Description
Time after which the bridge sends its configuration frames (BPDUs)

Range of values/note 1 ... 2 Default: 2

Result

The setting for the hello time is configured.

Further notes

You can reset the setting for the hello time to the default with the no spanning-tree mst hello-time command.
You display this setting and other information with the commands that start with show spanning-tree ....

7.3.5.15

no spanning-tree mst hello-time

Description

With this command, you reset the hello time after which the bridge sends its configuration BPDUs to the default value.
The default value is 2 seconds.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree mst hello-time

Result

The setting for the hello time is reset to the default value.

Further notes

You can configure the setting for the hello time with the spanning-tree mst hello-time command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

299

Network structures 7.3 Spanning Tree
You display this setting and other information with the commands that start with show spanning-tree ....

7.3.5.16

spanning-tree mst PseudoRootId

Description

With this command, you configure a pseudoroot MAC address and the priority for a spanning tree configuration. The command is used in conjunction with the layer 2 gateway port.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
spanning-tree[mst<instance-id>]pseudoRootId priority<value(0-61440)>mac-address<ucast_mac>
The parameters have the following meaning:

Parameter mst instance-id priority value
mac-address
ucast_mac

Description Keyword for a spanning tree instance Number of the instance Keyword for the priority Value for the priority
Keyword for the pseudoroot unicast MAC address MAC address of the interface

Range of values / note 1 ... 64 0 ... 61440 Default: Priority of the device -
aa:aa:aa:aa:aa:aa Default: MAC address of the device

You can only change the value for the priority in the steps of 4096.

Result

The pseudoroot MAC address and the priority are configured.

300

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree

Further notes

You can reset the settings to the default values with the no spanning-tree mst pseudoRootIdcommand.
You display this setting and other information with the commands that start with show spanning tree ....

7.3.5.17

no spanning-tree mst PseudoRootId

Description

With this command, you reset a pseudoroot MAC address and the priority of the spanning tree configuration to the default values.
The default values are as follows:
 The priority is configured to the priority of the device.
 The MAC address is configured to the MAC address of the device.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no spanning-tree[mst<instance-id(1-64)>]pseudoRootId The parameters have the following meaning:

Parameter mst instance-id

Description Keyword for a spanning tree instance Number of the instance

Range of values / note 1 ... 64

Result

The pseudoroot MAC address and the priority are rest to the defaults.

Further notes

You configure the settings with the spanning-tree mst pseudoRootId command.
You display this setting and other information with the commands that start with show spanning tree ....

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

301

Network structures 7.3 Spanning Tree

7.3.5.18

spanning-tree restricted-role

Description

With this command, you prevent the port adopting the role of root port.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree restricted-role As default the function is "disabled".

Result

The port is prevented from adopting the role of root port.

Further notes

You cancel the lock with the no spanning-tree restricted-role command.
You can display the status of this function and other information with the show spanningtree detailcommand.

7.3.5.19

no spanning-tree restricted-role

Description

With this command, you release the port for the role as root port.

Requirement

You are in the interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters:

302

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

no spanning-tree restricted-role

Network structures 7.3 Spanning Tree

Result

The port is released for the role of root port.

Further notes

You prevent the port adopting the role of the root port with the spanning-tree restricted-role command.

7.3.5.20

spanning-tree restricted-tcn

Description

With this command, you restrict the port for the Topology Change Notification (TCN) function. The port cannot initiate any modifications to the network topology.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree restricted-tcn

Result

The port is prevented from using the TCN function.

Further notes

You cancel the lock with the no spanning-tree restricted-tcn command.
You can display the status of this function and other information with the show spanningtree detailcommand.

7.3.5.21

no spanning-tree restricted-tcn

Description

With this command, you release the port for the TCN function.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

303

Network structures 7.3 Spanning Tree

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree restricted-tcn

Result

The port is released for the TCN function.

Further notes

You restrict the port for the TCN function with the spanning-tree restricted-tcn command.

7.3.5.22

spanning-tree limited-tcn

Description

With this command, you specify that the port accepts received and detected topology changes but does not forward them to other ports. This command only takes effect when the following requirements are met:
 RSTP+ must be enabled.
 The port cannot be blocked for Topology Change Notifications. You release a port blocked for TCN with the command no spanning-tree restricted-tcn.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: spanning-tree limited-tcn

304

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Network structures 7.3 Spanning Tree
The port accepts topology changes but does not forward them to other ports.

Additional notes
You cancel the block with the no spanning-tree limited-tcn command.
You can display the status of this function and other information with the show spanningtree detail command.

7.3.5.23

no spanning-tree limited-tcn

Description

With this command, you specify that the port accepts received and detected topology changes and forwards them to other ports.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no spanning-tree limited-tcn

Result

The port forwards TCN to other ports.

Additional notes
You block the forwarding of Topology Change Notifications with the command spanningtree limited-tcn. However, the port accepts received and detected topology changes.
You can display the status of this function and other information with the show spanningtree detail command.

7.3.6

Commands in the MSTP configuration mode
This section describes commands that you can call up in the MSTP configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

305

Network structures 7.3 Spanning Tree
In global configuration mode, enter the spanning-tree mst configuration command to change to this mode.  If you exit the MSTP configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the MSTP configuration mode with the end command, you return to the Privileged
EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in MSTP configuration mode. To do this, you replace [command] with the command that you want to execute.

7.3.6.1

instance

Description

With this command, you assign a range of VLANs to an MST instance.

Requirement

You are in the MSTP configuration mode. The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: instance <instance-id(1-64)> vlan <vlan-range> The parameters have the following meaning:

Parameter instance-id
vlan vlan-range

Description Number of the instance
Keyword for a VLAN connection Range of VLANs assigned to an in- stance

Range of values / note
1 ... 64 You can define up to 16 MSTP in- stances. Default: The VLANs 1 ... 4094 are assigned to instance "0"
-
1 ... 4094 Enter the range limits with a hy- phen without a space.

Result

The range of VLANs is assigned to the MST instance.

306

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.3 Spanning Tree

Further notes

You cancel the assignment of the VLAN to an MST instance with the no instance command.
You delete the MST instance with the no instance command.
You display this setting and other information with the show spanning-tree mst configuration command.

7.3.6.2

no instance

Description

With this command, you cancel the assignment of a VLAN to an MST instance or delete the MST instance.

Requirement

You are in the MSTP Configuration mode. The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: no instance <instance-id (1-64)> [vlan <vlan-range>] The parameters have the following meaning:

Parameter instance-id vlan vlan-range

Description
Number of the MST instance Keyword for a VLAN connection Range of VLANs that will be deleted from the instance

Range of values / note
1 ... 64 1 ... 4094 Enter the range limits with a hy- phen or a space.

If you specify a VLAN or a VLAN range, the assignment to an MST instance is canceled.

If you do not specify a VLAN, the MST instance is deleted.

Result

The assignment of a VLAN to an MST instance is canceled or the MST instance is deleted.

Further notes

You assign a VLAN to an MST instance with the instance command.
You display this setting and other information with the show spanning-tree mst configuration command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

307

Network structures 7.3 Spanning Tree

7.3.6.3

name

Description

With this command, you configure a name for the MST region.

Requirement

You are in the MSTP Configuration mode. The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: name <region-name> The parameter has the following meaning:

Parameter region-name

Description Name of the MST region

Range of values/note Max. 32 characters

The default value of the name is the MAC address of the device.

Result

The name is configured.

Further notes

You delete the name of the MST region with the no name command.
You display this setting and other information with the show spanning-tree mst configuration command.

7.3.6.4

no name

Description

With this command, you reset the name for the MST region to the default value. The default value is:  The MAC address of the device is configured as name.

Requirement

You are in the MSTP Configuration mode.

308

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli(config-mst)#

Network structures 7.3 Spanning Tree

Syntax

Call the command without parameters: no name

Result

The name is reset to the default value.

Further notes

You configure the name of the MST region with the name command.
You display this setting and other information with the show spanning-tree mst configuration command.

7.3.6.5

revision

Description

With this command, you assign a revision number to the MST region.

Requirement

You are in the MSTP Configuration mode. The command prompt is as follows: cli(config-mst)#

Syntax

Call up the command with the following parameters: revision <revision-no(0-65535)> The parameters have the following meaning:

Parameter revision-no

Description Value of the revision number

Range of values/note 0 ... 65535 Default: 0

Result

The MST region is assigned a revision number.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

309

Network structures 7.3 Spanning Tree

Further notes

You delete a revision number with the no revision command.
You display this setting and other information with the show spanning-tree mst configuration command.

7.3.6.6

no revision

Description

With this command, you reset the revision number of the MST region to the default value. The default value is 0.

Requirement

You are in the MSTP Configuration mode. The command prompt is as follows: cli(config-mst)#

Syntax

Call the command without parameters: no revision

Result

The revision number of the MST region is reset to the default value.

Further notes

You assign a revision number to the MST region with the revision command.
You display this setting and other information with the show spanning-tree mst configuration command.

310

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network structures 7.4 Passive Listening

7.4

Passive Listening

This section describes commands of the passive listening function.
If you enable passive listening, the IE switch forwards (R)STP configuration frames (BPDUs) transparently even when (R)STP is disabled for it. The IE switch also reacts to topology change frames. When the IE switch receives a TC frame, it deletes the MAC address table.

7.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

7.4.1.1

show passive-listening

Description

This command shows whether or not "passive listening" is enabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show passive-listening

Result

disabled is displayed if "passive listening" is disabled. If "passive listening" is enabled, enabled is displayed.

7.4.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

311

Network structures 7.4 Passive Listening
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

7.4.2.1

passive-listening bpdu-vlan-flood

Description

With this command you enable forwarding of BPDUs for specific VLANs; in other words to all ports that are members of a VLAN.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: passive-listening bpdu-vlan-flood As default the function is "enabled".

Result

BPDUs for specific VLANs.

Further notes

You disable this function with the no passive-listening bpdu-vlan-flood command. You display the status of "passive listening" with the show passive-listening command.

7.4.2.2

no passive-listening bpdu-vlan-flood

Description

With this command you enable the flooding of BPDUs to all available ports of the device regardless of the configured VLANs.

312

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Network structures 7.4 Passive Listening

Syntax

Call the command without parameters: no passive-listening bpdu-vlan-flood

Result

BPDUs are flooded to all available ports.

Further notes

You enable this function with the passive-listening bpdu-vlan-flood command. You display the status of "passive listening" with the show passive-listening command.

7.4.2.3

passive-listening

Description

This command enables "passive listening".

Requirement

Note No simultaneous operation with spanning tree
"Passive listening" can only be enabled when spanning tree is disabled.

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: passive-listening

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

313

Network structures 7.4 Passive Listening

Result

The "passive listening" function is enabled.

Further notes

You disable "passive listening" with the no passive-listening command. You display the status of "passive listening" with the show passive-listening command.

7.4.2.4

no passive-listening

Description

This command disables "passive listening".

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no passive-listening

Result

The "passive listening" function is disabled.

Further notes

You enable "passive listening" with the passive-listening command. You display the status of "passive listening" with the show passive-listening command.

314

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols

8

This part contains the sections that describe the commands for working with the various network protocols.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

315

Network protocols 8.1 IPv4 protocol

8.1

IPv4 protocol

This section describes commands of the Internet Protocol (IP) version 4.

8.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.1.1.1

show ip gateway

Description

This command shows the default gateway configured for the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip gateway

Result

The default gateway is displayed.

8.1.1.2

show ip telnet

Description

This command shows the admin status and the port number of the Telnet server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

316

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

Network protocols 8.1 IPv4 protocol

Syntax

Call the command without parameters: show ip telnet

Result

The admin status and the port number of the Telnet server are displayed.

8.1.1.3

show dcp server

Description

This command shows whether or not the DCP function is enabled on the device. If the DCP function is enabled, the read and write permissions are displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dcp server

Result

The overview of the status of the DCP function and access rights is displayed.

8.1.1.4

show dcp forwarding

Description

This command shows an overview of the DCP forwarding behavior on one or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

317

Network protocols 8.1 IPv4 protocol
The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show dcp forwarding [port <interface-type> <interface-id>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The overview of the DCP forwarding behavior is displayed.

8.1.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

318

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.1.2.1

ip gateway

Network protocols 8.1 IPv4 protocol

Description

With this command, you configure the default gateway.
Note If you configure a static IP address for the default gateway, DHCP is automatically disabled for the TIA interface. This prevents the gateway address from being overwritten by DHCP. If necessary, you can enable DHCP again subsequently.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip gateway <gateway> The parameter has the following meaning:

Parameter Description gateway Specifies the IP address of the gateway

Range of values enter a valid IP address

Result

The entry is configured.

Additional notes You delete the default gateway with the no ip gateway command. You show the default gateway with the show ip gateway command.

8.1.2.2

no ip gateway

Description

With this command, you delete the default gateway.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

319

Network protocols 8.1 IPv4 protocol

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip gateway <gateway> The parameter has the following meaning:

Parameter gateway

Description Specifies the IP address of the gateway.

Range of values Specify a valid IP address.

Result

The entry is deleted.

Further notes

You configure the default gateway with the ip gateway command. You show the default gateway with the show ip gateway command.

8.1.2.3

ip echo-reply

Description

To check the availability of a network node, packets of the Internet Control Message Protocol (ICMP) can be sent to it. These packets of type 8 request the recipient to send a packet back to the sender (echo reply).
With this command you enable the network node to react to ping queries.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip echo-reply

320

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Network protocols 8.1 IPv4 protocol
"ICMP echo reply messages" are enabled. The network node reacts to ping queries.

Further notes

You disable the setting with the no ip echo-reply command.

8.1.2.4

no ip echo-reply

Description

With this command you stop the network node reacting to ping queries.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip echo-reply

Result

"ICMP echo reply messages" are disabled. The network node does not react to ping queries.

Further notes

You change the setting with the ip echo-reply command.

8.1.2.5

telnet-server

Description

With this command, you enable the Telnet server.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

321

Network protocols 8.1 IPv4 protocol

Syntax

Call the command without parameters: telnet-server As default the function is "enabled".

Result

The Telnet server is enabled.

Further notes

You disable the Telnet server with the no telnet-server command.

8.1.2.6

no telnet-server

Description

With this command, you disable the Telnet server.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no telnet-server

Result

The Telnet server is disabled.

Further notes

You enable the Telnet server with the telnet-server command.

8.1.2.7

telnet-server port

Description

With this command you specify the port for Telnet access to the CLI.

322

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.1 IPv4 protocol

Syntax

Call up the command with the following parameters: telnet-server port <port-number(49500-65535)> The parameter has the following meaning:

Parameter port-number

Description Port number

Range of values / note 49500 ... 65535 Default: 23 (standard port)

Result

The port for Telnet access has been changed. Access the CLI with the changed port.

Additional notes You reset the port to the standard port with the no telnet-server port command.

8.1.2.8

no telnet-server port

Description

With this command, you reset the port to the standard port.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no telnet-server port

Result

The port is reset to the standard port 23.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

323

Network protocols 8.1 IPv4 protocol
Additional notes You configure the port for Telnet access with the telnet-server port. command

8.1.2.9

dcp server

Description

With this command, you configure the read and write permissions for the DCP server and enable it.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: dcp server {read-only|read-write} The parameters have the following meaning:

Parameter read-only
read-write

Description
only reading is permitted on the DCP server
reading and writing is permitted on the DPC server

Range of values / note -
Default: read-write

Result

The read and write permissions for the DPC server are configured. The DCP server is enabled.

Further notes

You disable the DCP server with the no dcp server command.

8.1.2.10

no dcp server

Description

With this command, you disable the DCP server.

324

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.1 IPv4 protocol

Syntax

Call the command without parameters: no dcp server

Result

The DCP server is disabled.

Further notes

You enable and configure the DCP server with the dcp server command.

8.1.3

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

325

Network protocols 8.1 IPv4 protocol

8.1.3.1

dcp forwarding

Description

With this command, you configure the forwarding behavior of the interface for DCP frames.
Note PROFINET configuration Since DCP is a PROFINET protocol, the configuration created here is only effective with the VLAN associated with the TIA interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dcp forwarding {block|forward} The parameters have the following meaning:

Parameter block forward

Description DCP frames are discarded DCP frames are forwarded

Range of values / note Default: forward

Result

The forwarding behavior of the interface for DCP frames is configured.

8.1.3.2

ip address

Description

With this command, you assign an IP address.

Requirement

You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)#

326

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

Network protocols 8.1 IPv4 protocol

Call up the command with the following parameters: ip address <ip-address> {<subnet-mask>| / <prefix-length(0-32)>} The parameter has the following meaning:

Parameter ip-address subnet-mask prefix-length

Description
IP address Subnet mask Decimal representation of the mask as a number of "1" bits

Range of values / note Specify a valid IP address. Enter a valid subnet mask. 0 ... 32

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

The IP address is assigned.
Note Effectiveness of the command The command is effective immediately. If you configure the interface via which you access the device, the connection will be lost!

Further notes

You delete the setting with the no ip address command.

8.1.3.3

no ip address

Description

With this command, you delete the assignment of an IP address and disable DHCP.

Requirement

You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)#

Syntax

Call up the command with the following parameters: no ip address [{ <ucast_addr> | dhcp }]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

327

Network protocols 8.1 IPv4 protocol

The parameter has the following meaning:

Parameter ucast-addr dhcp

Description
Value for an IPv4 unicast address Specify this parameter if you want to disable the DHCP function explicitly.

Range of values / note Enter a valid IPv4 unicast address. -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

If DHCP was enabled on this interface, DHCP is now disabled. Any existing dynamically learned IP address will be automatically converted to a static IP address. If static IP addresses were configured and if no explicit IP address was transferred as a parameter, all static IP addresses will be deleted from this interface. If a static IP address was specified explicitly, this address is deleted from this interface.
Note Effectiveness of the command The command is effective immediately. If you configure the interface via which you access the device, you can lose the connection!

Further notes

You assign an IP address with the ip address or ip address dhcp command.

8.1.3.4

ip address dhcp

Description

With this command, the VLAN interface obtains the IPv4 address via DHCP.

Requirement

You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)#

Syntax

Call the command without parameters: ip address dhcp

328

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The DHCP assigns the IP address to the VLAN interface.

Network protocols 8.1 IPv4 protocol

Further notes

You delete the settings with the no ip address command. You display this setting and other information with the show ip interface command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

329

Network protocols 8.2 DHCP client

8.2

DHCP client

This section describes commands of the Dynamic Host Configuration Protocol (DHCP).

8.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.2.1.1

show ip dhcp client stats

Description

With this command, you display the statistical counters of the DHCP client.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip dhcp client stats

Result

The counters are displayed.

8.2.1.2

show ip dhcp client

Description

With this command, you display the configuration settings of the DHCP client.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

330

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

The command prompt is as follows: cli> or cli#
Call the command without parameters: show ip dhcp client
The configuration settings of the DHCP client are displayed.

Network protocols 8.2 DHCP client

8.2.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

8.2.2.1

ip dhcp config-file-request

Description

If the DHCP config file request option is set, the device requests the TFTP address and the name of a configuration file from the DHCP server. If the device is restarted following the completed download, the configuration settings are read from this file.
With this command, you enable the DHCP config file request option.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

331

Network protocols 8.2 DHCP client

Syntax

Call the command without parameters: ip dhcp config-file-request

Result

The DHCP config file request option is enabled.

Further notes

You disable the DHCP config file request option with the no ip dhcp config-filerequest command.

8.2.2.2

no ip dhcp config-file-request

Description

With this command, you disable the DHCP config file request option.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip dhcp config-file-request

Result

The DHCP config file request option is disabled.

Further notes

You enable the DHCP config file request option with the ip dhcp config-file-request command.

332

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.2.2.3

ip dhcp client mode

Network protocols 8.2 DHCP client

Description

With this command, you configure the type of identifier with which the DHCP client logs on with its DHCP server.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
ip dhcp client mode {mac | client-id <client-id> | sysname name-of-station}
The parameters have the following meaning:

|pnio-

Parameter mac
client-id client-id sysname
pnio-name-ofstation

Description
Keyword for logon with the MAC ad- dress.
Keyword for logon with the Client ID.
The ID of the DHCP client.
Keyword for logon with the system name.
Keyword for logon with the PROFINET name. The name is assigned with the PST tool.

Range of values/note -
Max. 254 characters -
-

Result

The registration mode of the DHCP client is configured.

8.2.3

Commands in the Interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available. In global configuration mode, enter the interface command to change to this mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

333

Network protocols 8.2 DHCP client
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.  If you exit the Interface configuration mode with the exit command, you return to the Global
configuration mode.  If you exit the Interface configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode. To do this, you replace [command] with the command that you want to execute.

8.2.3.1

ip address dhcp

Description

With this command, you assign an IP address using DHCP.

Requirement

You are in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameter assignment: ip address dhcp

Result

The IP address is assigned using DHCP.

Further notes

You delete the setting with the no ip address command.

8.2.3.2

no ip address

Description

With this command, you delete the assignment of an IP address and disable DHCP.

334

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)#

Network protocols 8.2 DHCP client

Syntax

Call up the command with the following parameters: no ip address [{ <ucast_addr> | dhcp }] The parameter has the following meaning:

Parameter ucast-addr dhcp

Description
Value for an IPv4 unicast address Specify this parameter if you want to disable the DHCP function explicitly.

Range of values / note Enter a valid IPv4 unicast address. -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

If DHCP was enabled on this interface, DHCP is now disabled. Any existing dynamically learned IP address will be automatically converted to a static IP address. If static IP addresses were configured and if no explicit IP address was transferred as a parameter, all static IP addresses will be deleted from this interface. If a static IP address was specified explicitly, this address is deleted from this interface.
Note Effectiveness of the command The command is effective immediately. If you configure the interface via which you access the device, you can lose the connection!

Further notes

You assign an IP address with the ip address or ip address dhcp command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

335

Network protocols 8.3 DHCP server

8.3

DHCP server

You can operate the device as a DHCP server. This allows IP addresses to be assigned automatically to the connected devices. The IP addresses are either distributed dynamically from an address band (pool) you have specified or a specific IP address is assigned to a particular device.
Both with the dynamic and static assignment a pool is selected based on the following criteria:
1. With the DHCP query option 82 is enabled. The DHCP server checks whether there is a pool with option 82. You configure this criterion with the relay-information command.
2. The DHCP query was received via a relay agent. The DHCP server checks whether the relay agent is located in the subnet of a pool.
3. The port via which the DHCP query was received is enabled in the Port Range. The DHCP server checks whether the IP interface of the port is located in the subnet of a pool. You configure this criterion with the ip address command.
This section describes commands relevant for configuring the DHCP server.

Requirement
The connected devices are configured so that they obtain the IPv4 address from a DHCP server.

8.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.3.1.1

show ip dhcp-server bindings

Description

This command shows the current assignments of IPv4 addresses of the DHCP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

336

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameter assignment: show ip dhcp-server bindings

Network protocols 8.3 DHCP server

Result

The information is displayed.

8.3.1.2

show ip dhcp-server pools

Description

The command shows the DHCP server configuration of a specific IPv4 address band or all IPv4 address bands.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip dhcp-server pools [pool-id (1-24)] The parameter has the following meaning:

Parameter pool-id

Description
ID of the addressed IPv4 address band

Range of values / note 1 ... 24

If no parameters are specified, the settings for all address bands are displayed.

Result

The configuration of the DHCP server is displayed.

8.3.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

337

Network protocols 8.3 DHCP server
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

8.3.2.1

ip dhcp-server

Description

With this command, you enable the DHCP server on the device.
Note To avoid conflicts with IPv4 addresses, only one device may be configured as a DHCP server in the network.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: ip dhcp-server

Result

The DHCP server is enabled.

Further notes

You disable the DHCP server with the no ip dhcp-server command.

8.3.2.2

no ip dhcp-server

Description

With this command, you disable the DHCP server on the device.

338

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.3 DHCP server

Syntax

Call the command without parameter assignment: no ip dhcp-server

Result

The DHCP server is disabled.

Further notes

You enable the DHCP server with the ip dhcp-server command.

8.3.2.3

ip dhcp-server icmp-probe

Description

With this command you enable the function "Probe address with ICMP echo before offer". The DHCP server checks whether or not the IPv4 address has already been assigned. If no reply is received, the DHCP server can assign the IPv4 address.
Note With static assignments, this check is not made.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: ip dhcp-server icmp-probe

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

339

Network protocols 8.3 DHCP server

Result

The function is enabled.

Further notes

You disable the function with the no ip dhcp-server icmp-probe command.

8.3.2.4

no ip dhcp-server icmp-probe

Description

With this command you disable the function "Probe address with ICMP echo before offer".

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no ip dhcp-server icmp-probe

Result

The function is disabled.

Further notes

You enable the function with the ip dhcp-server icmp-probe command.

340

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.3.2.5

ip dhcp-server pool

Network protocols 8.3 DHCP server

Description

With this command, you have three options of changing to the DHCPPOOL configuration mode and to assign an interface to the IPv4 address band.
1. If you call the command ip dhcp-server pool with the parameter pool-id (1-24), you change to the corresponding DHCPPOOL configuration mode. The corresponding pool ID must have already been created.
2. If you call the ip dhcp-server pool command with the parameter vlan or interfacetype/interface-id, an IPv4 address band with the next free pool ID is created and the specified interface assigned directly to it. This is followed by a change to the DHCPPOOL configuration mode. You then configure the other settings in the DHCPPOOL configuration mode.
3. If you call the ip dhcp-server pool command without parameters, and IPv4 address band with the next free pool ID is created and you change directly to the corresponding DHCPPOOL configuration mode. You then configure the interface and the other settings in the DHCPPOOL configuration mode.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command with the following parameters:
ip dhcp-server pool [{ <pool-id (1-24)> | [{ vlan <vlan-id (1-4094)> | <interface-type> <interface-id> }]}]
The parameters have the following meaning:

Parameter pool-id vlan vlan-id interface-type interface-id

Description ID of the addressed IPv4 address band Keyword for a VLAN connection Number of the addressed VLAN Type of interface Module no. and port no. of the interface

Range of values / note 1 ... 24 1 ... 4094 Specify a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The ID of the addressed IPv4 address band is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

341

Network protocols 8.3 DHCP server
You are now in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Additional notes You exit the DHCPPOOL configuration mode with the exit command. You delete the entry with the no ip dhcp-server pool command.

8.3.2.6

no ip dhcp-server pool

Description

With this command, you delete the required IPv4 address band.

Requirement

 The IPv4 address band is not enabled.
 You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip dhcp-server pool <pool-id (1-24)> The parameter has the following meaning:

Parameter pool-id

Description ID of the addressed IPv4 address band

Range of values / note 1 ... 24

Result

The required IPv4 address band is deleted.

Further notes

You create an IPv4 address band with the ip dhcp-server poolcommand.

8.3.3

Commands in the DHCPPOOL configuration mode
This section describes commands that you can call up in the DHCPPOOL Configuration mode.

342

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.3 DHCP server
In global configuration mode, enter the ip dhcp-server pool command to change to this mode.  If you exit the DHCPPOOL Configuration mode with the exit command, you return to the
Global Configuration mode.  If you exit the DHCPPOOL Configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in DHCPPOOL configuration mode. To do this, you replace [command] with the command that you want to execute.

8.3.3.1

lease-time

Description

With this command, you specify how long the assigned IPv4 address remains valid. When half the period of validity has elapsed. the DHCP client can extend the period of the assigned IPv4 address. When the entire time has elapsed, the DHCP client needs to request a new IPv4 address.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters: lease-time <seconds (60-31536000)> The parameter has the following meaning:

Parameter seconds

Description
Time until renewal of the assigned IPv4 address in seconds

Range of values / note 60 ... 31536000

Result

The time is configured.

Further notes

You display the setting with the show ip dhcp-server pools command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

343

Network protocols 8.3 DHCP server

8.3.3.2

network

Description

With this command you configure the IPv4 address band from which the DHCP client receives any IPv4 address.
Note Assignment of IP addresses
When assigning IP addresses from a local address band, the IPv4 address of the interface must be located within the IPv4 address band. If this is not the case, the interface does not assign any IPv4 addresses.
The IP address does not need to be within the IPv4 address band if relay agent information is configured for the address band.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters:
network <lower-IP> <upper-IP> { <subnet-mask> | / <prefix-length (1-32)> }
The parameters have the following meaning:

Parameter lower-IP upper-IP subnet-mask
prefix-length

Description
Start of the IPv4 address band
End of the IPv4 address band
Subnet mask of the corresponding subnet
Decimal representation of the mask as a number of "1" bits

Range of values / note Enter a valid IPv4 address. Enter a valid IPv4 address. Enter a valid subnet mask.
1 ... 32

Result

The IPv4 address band is configured. The DHCP options 1, 3, 6, 66 and 67 are created automatically. With the exception of option 1, the options can be deleted.

Further notes

You display the setting with the show ip dhcp-server pools command.

344

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.3 DHCP server
You assign an IP address to an interface with the set interface command. You configure the DHCP option 67 with the option value-string command. You configure the DHCP options 3, 6 and 66 with the option command. You delete the DHCP option with the no option command.

8.3.3.3

Option (IP address)

Description

With this command you configure the DHCP options 3 and 6 that contain an IPv4 address as DHCP parameter. The DHCP options 3 and 6 are created automatically when the IPv4 address band is created.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command with the following parameters: option <option-code> { <ip-address-list> | int-ip } The parameters have the following meaning:

Parameter optioncode ip-adresslist
int-ip

Description Code of the DHCP option IPv4 address or IPv4 address list
Uses IPv4 address of the interface that is assigned to the IPv4 address band.

Range of values/note
 3 - Default gateway
 6 - DNS server
 66 - TFTP server
 DHCP option 3 (default gateway): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2.
 DHCP option 6 (name server): Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2. You can specify up to three IPv4 addresses separated by commas.
 DHCP option 66 (TFTP server) Enter the DHCP parameter as an IPv4 address, e.g. 192.168.100.2.
Only with DHCP option 3

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

345

Network protocols 8.3 DHCP server

Result

The DHCP option is created.

Additional notes You display the setting with the show ip dhcp-server pools command. You disable the IPv4 address band with the no pool-enable command. You delete the DHCP option with the no option command. You configure the DHCP options 12, 66 and 67 with the option value-string command. You configure the interface with the set interface command.

8.3.3.4

option value-string

Description

With this command you configure DHCP options 12, 66 and 67 that contain a string as DHCP parameter. The DHCP options 66 and 67 are created automatically when the IPv4 address band is created.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command with the following parameters: option <option-code> value-string <dhcp-param> The parameters have the following meaning:

Parameter
optioncode

Description Code of the DHCP option

dhcp-param Parameter value of the DHCP option

Range of values/note
 12 (host name)
 15 (domain name)
 43 (vendor-specific information)
 67 (bootfile name)
Enter the parameter value in String format.

346

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The DHCP option is configured.

Network protocols 8.3 DHCP server

Additional notes You display the setting with the show ip dhcp-server pools command. You delete the DHCP option with the no option command. You configure the DHCP options 3 and 6 with the option (IP address) command. You disable the IPv4 address band with the no pool-enable command.

8.3.3.5

no option

Description

With this command, you delete the DHCP option with the specified number.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command with the following parameters: no option <option-code> The parameter has the following meaning:

Parameter option-code

Description Code of the DHCP option

Range of values/note Enter a valid DHCP option code.

Result

The specified DHCP option is deleted.

Additional notes
You configure the DHCP options 3, 6 and 66 with the option command.
You configure the DHCP options 12, 15, 43, and 67 with the option value-string command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

347

Network protocols 8.3 DHCP server

8.3.3.6

pool-enable

Description

With this command you specify that this IPv4 address band will be used.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command without parameter assignment: pool-enable

Result

The setting is enabled.
Note If the IPv4 address band is enabled, the following parameters can no longer be edited:  DHCP options (option ...)  Port Range (ports)  Relay Agent Information (relay-information)  Static Leases (static-lease)

Further notes

You display the setting with the show ip dhcp-server pools command. You disable the setting with the no pool-enable command.

348

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.3.3.7

no pool-enable

Network protocols 8.3 DHCP server

Description

With this command you specify that this IPv4 address band will not be used.
Note Deleting DHCP server bindings If you disable or delete an IPv4 address band or you switch the DHCP server off and on again, the DHCP server bindings are deleted. You display the DHCP server bindings with the show ip dhcp-server bindings command.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command without parameter assignment: no pool-enable

Result

The setting is disabled.

Further notes

You display the setting with the show ip dhcp-server pools command. You enable the setting with the pool-enable command.

8.3.3.8

ports

Description

With this command you enable the ports via which the IPv4 addresses of an address band in the local subnet are assigned.
After you have created an IPv4 address band, all ports are selected that are currently located in the corresponding VLAN. If you add ports to the VLAN later, these ports are not automatically enabled.
With address assignments via a relay agent, you cannot restrict the ports.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

349

Network protocols 8.3 DHCP server

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters:
ports [<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/a-b, 0/c, ...>]
The parameters have the following meaning:

Parameter interface-type 0/a-b,0/c,...

Description Type or speed of the interface Port no. of the interface

Range of values / note Enter a valid interface

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The selected ports will be enabled. Before the IPv4 address band can be used, it still needs to be activated.

Further notes

You disable the ports with the no ports command. You display the setting with the show ip dhcp-server pools command. You enable the IPv4 address band with the pool-enable command.

8.3.3.9

no ports

Description

With this command you disable the ports via which the IPv4 addresses of an address band in the local subnet are assigned.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

350

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Network protocols 8.3 DHCP server

Call the command with the following parameters:
no ports [<interface-type> <0/a-b, 0/c, ...>] [<interface-type> <0/ab, 0/c, ...>] [all]
The parameters have the following meaning:

Parameter interface-type 0/a-b,0/c,... all

Description Type or speed of the interface Port no. of the interface All ports will be disabled.

Range of values/note Enter a valid interface
-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The selected ports will be disabled.

Additional notes You enable the ports with the ports command. You display the setting with the show ip dhcp-server pools command. You enable the IPv4 address band with the pool-enable command.

8.3.3.10

relay-information

Description

With this command you define that devices with a certain remote ID and circuit ID are assigned the IPv4 addresses from a specific address band.
If you create such an entry for an address band, address pool only reacts to DHCP queries via a DHCP relay agent (option 82). You can create further address bands for the same IP interfaces so that the pools react to different requests.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters: relay-information <remote-id> <circuit-id>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

351

Network protocols 8.3 DHCP server

The parameters have the following meaning:

Parameter remote-id

Description Remote ID of the device

circuit-id

Circuit ID of the device.

Range of values / note
Enter the remote ID of the de- vice. Enter the circuit ID of the device.

Result

Devices with a certain remote ID and circuit ID are assigned the IPv4 addresses from a specific address band. Before the IPv4 address band can be used, it still needs to be activated.

Further notes

You cancel the assignment with the no relay-information command. You display the setting with the show ip dhcp relay information command. You enable the IPv4 address band with the pool-enable command.

8.3.3.11

no relay-information

Description

With this command you cancel the assignment of devices with a certain remote ID and circuit ID to IPv4 addresses from a specific address band.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters: no relay-information <remote-id> <circuit-id> The parameters have the following meaning:

Parameter remote-id
circuit-id

Description Remote ID of the device
Circuit ID of the device.

Range of values / note
Enter the remote ID of the de- vice. Enter the circuit ID of the device.

352

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The assignment is canceled.

Network protocols 8.3 DHCP server

Further notes

With the relay-information command, you assign devices with a certain remote ID and circuit IPv4 addresses from a specific address band.
You display the setting with the show ip dhcp relay information command.
You enable the IPv4 address band with the pool-enable command.

8.3.3.12

set-interface

Description

With this command, you specify the interface via which the IPv4 addresses are dynamically assigned.
Note Assignment of IP addresses
When assigning IP addresses from a local address band, the IPv4 address of the interface must be located within the IPv4 address band. If this is not the case, the interface does not assign any IPv4 addresses.
The IP address does not need to be within the IPv4 address band if relay agent information is configured for the address band.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call the command with the following parameters:
set-interface {vlan <vlan-id (1-4094)> | <interface-type> <interfaceid> }
The parameters have the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values/note 1 ... 4094

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

353

Network protocols 8.3 DHCP server

Parameter interface-type interface-id

Description Type or speed of the interface Module no. and port no. of the interface

Range of values/note Enter a valid interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The interface is assigned. Before the IPv4 address band can be used, it still needs to be activated.

Additional notes You display the setting with the show ip dhcp-server pools command. You enable the IPv4 address band with the pool-enable command.

8.3.3.13

static-lease

Description

With this command you specify that devices with a certain MAC address or client ID are assigned to the preset IPv4 address.

Requirement

 The assignment has not yet been created.
 You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters: static-lease {mac <mac-address> | client-id <string>} <ip-address> The parameters have the following meaning:

Parameter mac mac-address
client-id

Description Keyword for a MAC address Unicast MAC address
Keyword for a DHCP client ID

Range of values / note Specify the MAC address. aa:bb:cc:dd:ee:ff -

354

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Parameter string
ip-address

Description Freely definable DHCP client ID
Unicast IPv4 address

Network protocols 8.3 DHCP server
Range of values / note Enter the required designation. Maximum of 254 characters Enter a valid IPv4 address. The IPv4 address must match the subnet of the IPv4 address band.

Result

The assignment is specified.

Further notes

You display the setting with the show ip dhcp dhcp-server bindings command. You disable the IPv4 address band with the no pool-enable command. You delete the assignment with the no static-lease command.

8.3.3.14

no static-lease

Description

With this command, you delete the assignment of an IPv4 address to a MAC address.

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters: no static-lease { mac <mac-address> | client-id <string> } The parameter has the following meaning:

Parameter mac
mac-address

Description

Range of values / note

Keyword for a MAC address

Unicast MAC address Specify the MAC address. aa:bb:cc:dd:ee:ff

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

355

Network protocols 8.3 DHCP server
Parameter client-id
string

Description
Keyword for a DHCP client ID
Freely definable DHCP client ID

Range of values / note -
Enter the required designation.

Result

The assignment is deleted.

Further notes

You configure the assignment with the static-lease command.

8.3.3.15

host

Description

With this command, you configure a DHCP option for a statically assigned IP address.
Note This command is not available with the following devices:  SCALANCE XB-200  SCALANCE XR-300WG

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters:
host { mac <mac-address> | client-id <string> | client-id-duid <hex_str> } option <code (1-2147483647)> { value-string <dhcp-param> | ip <address>}

356

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.3 DHCP server

The parameters have the following meaning:

Parameter mac mac-address
client-id string
client-id-duid
hex_str
option code value-string
dhcp-param ip address

Description

Range of values/note

Keyword for the MAC address. -

The MAC address of the device Specify a valid MAC address. for which a DHCP option is to be set.

Keyword for the client ID

-

The DHCP client ID

String, maximum of 254 charac- ters

Keyword for the DUID (DHCP Unique Identifier) of the device for which a DHCP option is to be specified.

The DHCP Unique Identifier of Depending on the type of the

the device

DUID

Keyword for the DHCP option -

The number of the DHCP option 1 ... 2147483647

Keyword for a parameter in

-

string format

Value of the parameter

String

Keyword for an IP address

-

The IP address that is used for Specify a valid IP address. the DHCP option.

Result

The DHCP option is configured.

Additional notes You display the setting with the show ip dhcp-server pools command. You disable a DHCP option for a static IP address with the no host command.

8.3.3.16

no host

Description

With this command, you disable a DHCP option for a statically assigned IP address.
Note This command is not available with the following devices:  SCALANCE XB-200  SCALANCE XR-300WG

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

357

Network protocols 8.3 DHCP server

Requirement

You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)#

Syntax

Call up the command with the following parameters:
no host { mac <mac-address> | client-id <string> | client-id-duid <hex_str> } option <code (1-2147483647)>
The parameters have the following meaning:

Parameter mac mac-address
client-id string client-id-duid
hex_str option code

Description

Range of values/note

Keyword for the MAC address -

The MAC address of the device Specify a valid MAC address. for which a DHCP option is to be specified.

Keyword for the client ID

-

The DHCP client ID

String, maximum of 254 charac- ters

Keyword for the DUID (DHCP Unique Identifier) of the device for which a DHCP option is to be specified.

The DHCP Unique Identifier of Depending on the type of the

the device

DUID

Keyword for the DHCP option -

The number of the DHCP option 1 ... 2147483647

Result

The specified DHCP option is disabled.

Additional notes You display the setting with the show ip dhcp-server pools command. You configure a DHCP option for a static IP address with the host command.

358

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.4

DHCP Relay

This section describes commands for the DHCP Relay Agent.

Network protocols 8.4 DHCP Relay

8.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.4.1.1

show dhcp server

Description

With this command, you display the IP addresses of the DHCP servers to which the device forwards the frames.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode.
The command prompt is as follows:
cli> or cli#

Syntax

Call the command without parameters: show dhcp server

Result

The IP addresses of the DHCP servers are displayed.

Further notes

With the "ip dhcp server" command, you specify the IP addresses.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

359

Network protocols 8.4 DHCP Relay

8.4.1.2

show ip dhcp relay information

Description

This command displays the DHCP relay agent settings for all or for a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode.
The command prompt is as follows:
cli> or cli#

Syntax

Call up the command with the following parameters: show ip dhcp relay information [vlan <vlan-id>] The parameter has the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values / note 1 ... 4094

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The configuration settings are displayed.

8.4.2
360

Commands in the Global Configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.
SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.4.2.1

ip dhcp server

Network protocols 8.4 DHCP Relay

Description

With this command, you specify the IP addresses of the DHCP servers to which the DHCP relay agent forwards the frames. You can specify up to four IP addresses for the DHCP relay agent.

Requirement

 You are in global configuration mode. The command prompt is: cli(config)#

Syntax

Call up the command with the following parameters: ip dhcp server <ip address> The parameter has the following meaning:

Parameter ip address

Description IPv4 address of the DHCP server

Range of values/note Enter a valid IP address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The IP address is specified.

Additional notes You remove the IP address with the no ip dhcp server command. You enable the DHCP Relay Agent with the service dhcp-relay command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command.

8.4.2.2

no ip dhcp server

Description

With this command, you delete the IP address of the DHCP server.

Requirement

You are in the Global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

361

Network protocols 8.4 DHCP Relay
The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip dhcp server <ip address> The parameter has the following meaning:

Parameter ip address

Description IP address of the DHCP server

Range of values / note Enter the IP address to be deleted.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The IP address is removed.

Further notes

You enable the DHCP Relay Agent with the service dhcp-relay command. You create the IP address with the ip dhcp server command. You display the IP addresses with the show dhcp server command.

8.4.2.3

ip dhcp relay circuit-id option

Description

The Circuit ID is a sub option of the "DHCP Relay Information" option. The Circuit ID contains information about the origin of the DHCP packet.
With this command, you specify the information contained in the Circuit ID.
The Circuit ID is encoded in the DHCP packet if the "DHCP relay information" option is enabled.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

362

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.4 DHCP Relay

ip dhcp relay circuit-id option [router-index] [vlanid] [recv-port] The parameters have the following meaning:

Parameter router-index
vlanid recv-prot

Description

Range of values/note

The router index is added to the Circuit Default setting ID.

The VLAN ID is added to the Circuit ID. -

The Circuit ID is added to the receiving port.

Result

The content of the Circuit ID is specified.

Additional notes
You enable the DHCP Relay Information option with the ip dhcp relay information option command.
You display the information with the show ip dhcp relay information command.

8.4.2.4

ip dhcp relay information option

Description

With this command, you enable the DHCP option 82. If the option is enabled, prior to forwarding to the DHCP server, information about the origin of the DHCP query is encoded in the packet. If the DHCP server sends a response, the information is removed again before forwarding to the DHCP client.
This information is only encoded in the data packet if the DHCP relay agent is enabled.

Requirement

You are in the Global configuration mode or in the Interface configuration mode of VLAN. The command prompt is as follows: cli(config)# or cli(config-if-$$)#

Syntax

Call the command without parameter assignment: ip dhcp relay information option

Result

The option is enabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

363

Network protocols 8.4 DHCP Relay

Further notes

You disable the option with the no ip dhcp relay information option command.
You enable the DHCP Relay Agent with the service dhcp-relay command.
You configure the content of the information with the ip dhcp relay circuit-id option command.
You can display the status of this option and other information with the show ip dhcp relay information command.

8.4.2.5

no ip dhcp relay information option

Description

With this command, you disable the DHCP option 82.

Requirement

You are in the Global configuration mode or in the Interface configuration mode of VLAN. The command prompt is as follows: cli(config)# or cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip dhcp relay information option

Result

The option is disabled.

Further notes

You enable the option with the ip dhcp relay information option command.
You can display the status of this option and other information with the show ip dhcp relay information command.

8.4.2.6

ip dhcp relay common-agent-address

Description

With this command, you enable the use of a common agent address. When the function is enabled, in the DHCP request the relay agent replaces the address of the receiving port with the address of the interface that you define with the ip dhcp relay common-agentaddress-interface command or the default value.

364

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.4 DHCP Relay

Syntax

Call the command without parameter assignment: ip dhcp relay common-agent-address

Result

The relay agent uses a common agent address in DHCP requests.

Further notes

You disable the use of a common agent address with the no ip dhcp relay commonagent-address command.
You define a common agent address with the ip dhcp relay common-agent-addressinterface command.
You reset the common agent address to the default value with the no ip dhcp relay common-agent-address-interface command.

8.4.2.7

no ip dhcp relay common-agent-address

Description

With this command, you disable the use of a common agent address. When the function is disabled, the relay uses the address of the receiving port in DHCP requests.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no ip dhcp relay common-agent-address

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

365

Network protocols 8.4 DHCP Relay

Result

The relay agent uses the address of the receiving port in DHCP requests.

Further notes

You enable the use of a common agent address with the ip dhcp relay common-agentaddress command.
You define a common agent address with the ip dhcp relay common-agent-addressinterface command.
You reset the common agent address to the default value with the no ip dhcp relay common-agent-address-interface command.

8.4.2.8

ip dhcp relay common-agent-address-interface

Description

With this command you define the interface whose IP address the relay agent uses as the source address (giaddr) in DHCP requests.

Requirement

You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call up the command with the following parameters:
ip dhcp relay common-agent-address-interface { vlan <vlan-id (1-4094)> | <interface-type> <interface-id> }
The parameter has the following meaning:

Parameter vlan vlan-id
interface-type interface-id

Description Keyword for a VLAN connection Number of the addressed VLAN
Type or speed of the interface Slot no. and port no. of the interface

Range of values / note 1 ... 4094 Default: vlan1 Enter a valid interface name.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The IP address of the interface is used as a common agent address.

366

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.4 DHCP Relay

Further notes

You reset the common agent address to the default value with the no ip dhcp relay common-agent-address-interface command.
You enable the use of a common agent address with the ip dhcp relay common-agentaddress command.
You disable the use of a common agent address with the no ip dhcp relay commonagent-address command.

8.4.2.9

no ip dhcp relay common-agent-address-interface

Description

With this command you reset the common agent address to the default value.

Requirement

You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call the command without parameter assignment: no ip dhcp relay common-agent-address-interface

Result

The default value for the common agent address is used.

Further notes

You define a common agent address with the ip dhcp relay common-agent-addressinterface command.
You enable the use of a common agent address with the ip dhcp relay common-agentaddress command.
You disable the use of a common agent address with the no ip dhcp relay commonagent-address command.

8.4.2.10

service dhcp-relay

Description

With this command, you enable the DHCP relay agent on the device. The DHCP relay agent forwards DHCP queries to DHCP servers located in a different subnet.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

367

Network protocols 8.4 DHCP Relay

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: service dhcp-relay

Result

The DHCP Relay Agent is activated.

Further notes

You disable the DHCP Relay Agent with the no service dhcp-relay command.
You create the IP addresses of the DHCP server with the ip dhcp server command.
You can display the status of this function and other information with the show ip dhcp relay informationcommand.

8.4.2.11

no service dhcp-relay

Description

This command disables the DHCP relay agent.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no service dhcp-relay

Result

The DHCP Relay Agent is disabled.

368

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.4 DHCP Relay

Further notes

You enable the DHCP Relay Agent with the service dhcp-relay command.
You can display the status of this function and other information with the show ip dhcp relay informationcommand.

8.4.3

Commands in the Interface Configuration mode
This section describes commands that you can call up in the Interface Configuration mode of VLAN.
In global configuration mode, enter the interface vlan $$$ command to change to this mode. When doing this, you need to replace the $$$ placeholders with the relevant VLAN ID.
Commands relating to other topics that can be called in the Interface Configuration mode of VLAN can be found in the relevant sections.
 If you exit the Interface Configuration mode of VLAN with the exit command, you return to the Interface Configuration mode.
 If you exit the Interface Configuration mode of VLAN with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode of VLAN.
To do this, you replace [command] with the command that you want to execute.

8.4.3.1

ip dhcp relay circuit-id

Description

With this command, you assign a Circuit ID to the interface.

Requirement

 The interface is an IP interface.
 You are in the Interface configuration mode of VLAN The command prompt is as follows: cli(config-if-vlan-$$)#

Syntax

Call up the command with the following parameters: ip dhcp relay circuit-id <circuit-id>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

369

Network protocols 8.4 DHCP Relay

The parameter has the following meaning:

Parameter circuit-id

Description Circuit ID

Range of values / note 1 ... 188

Result

The Circuit ID is assigned.

Further notes

You remove the Circuit ID with the no ip dhcp relay circuit-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command.

8.4.3.2

no ip dhcp relay circuit-id

Description

With this command, you remove the Circuit ID.

Requirement

 The interface is an IP interface.  You are in the Interface Configuration mode of VLAN. The command prompt is as follows:
cli(config-if-vlan-$$)#

Syntax

Call the command without parameter assignment: no ip dhcp relay circuit-id

Result

The Circuit ID is removed.

Further notes

You configure the Circuit ID with the ip dhcp relay circuit-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command.

370

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.4.3.3

ip dhcp relay remote-id

Network protocols 8.4 DHCP Relay

Description

With this command, you specify the device ID.

Requirement

 The interface is an IP interface.  You are in the Interface Configuration mode of VLAN. The command prompt is as follows:
cli(config-if-vlan-$$)#

Syntax

Call up the command with the following parameters: ip dhcp relay remote-id <remote-id name> The parameter has the following meaning:

Parameter remote-id name

Description Device ID

Range of values / note
max. 32 characters Default: XYZ

Result

The device ID is specified.

Further notes

You remove the device ID with the no ip dhcp relay remote-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command.

8.4.3.4

no ip dhcp relay remote-id

Description

With this command, you remove the device identifier.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

371

Network protocols 8.4 DHCP Relay

Requirement

 The interface is an IPv4 interface.
 You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip dhcp relay remote-id

Result

The device ID is removed.

Further notes

You configure the device ID with the ip dhcp relay remote-id command. You display the IP addresses with the show dhcp server command. You display the settings with the show ip dhcp relay information command.

372

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.5 SNMP

8.5

SNMP

This section describes commands of the Simple Network Management Protocol (SNMP).

Example of a configuration
IP configuration Define the IP address of the device that is suitable for the SNMP trap receiver used. Execute the following commands: configure terminal int vlan 1 no ip address ip address 192.168.1.1 255.255.255.0 end
Trap configuration forr SNMPv2c notifications To configure the sending of SNMP traps, an SBMP community is required. This community is used along with other SNMP parameters to send traps to a trap recipient. The selection of the traps recipient is made using tags that are set when SNMP notifications are called. Execute the following commands: configure terminal snmp community index v2trapindex name public security v2secname snmp targetaddr trapringer param pav2c ipv4 192.168.1.254 taglist publictrapv2tag snmp targetparams pav2c user v2secname security-model v2c messageprocessing v2c snmp notify testnotify tag publictrapv2tag type trap end
Event configuration Enable the sending of traps. Execute the following commands: configure terminal events client config trap end For system messages all configured SNMP notification are always called.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

373

Network protocols 8.5 SNMP
With RMOB events. the SNMP notifications to be called must be configured explicitly, see section "RMON (Page 674)".

8.5.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.5.1.1

show snmp

Description

This command shows the status information of SNMP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp

Result

The status information is displayed.

8.5.1.2

show snmp community

Description

This command shows the details of the configured of SNMP communities.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows:

374

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli> or cli#

Network protocols 8.5 SNMP

Syntax

Call the command without parameters: show snmp community

Result

The details of the configured SNMP communities are displayed.

8.5.1.3

show snmp engineID

Description

This command shows the SNMP identification number of the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp engineID

Result

The SNMP identification number of the device is displayed.

8.5.1.4

show snmp filter

Description

This command shows the configured SNMP filters.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

375

Network protocols 8.5 SNMP

Syntax

Call the command without parameters: show snmp filter

Result

The configured SNMP filters are displayed.

8.5.1.5

show snmp group

Description

This command shows the configured SNMP groups.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp group

Result

The configured SNMP groups are displayed.

8.5.1.6

show snmp group access

Description

This command shows the rights of the configured SNMP groups.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

376

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: show snmp group access

Network protocols 8.5 SNMP

Result

The rights of the configured SNMP groups are displayed.

8.5.1.7

show snmp inform statistics

Description

This command shows the statistics of the Inform Messages.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp inform statistics

Result

The statistics of the Inform Messages are displayed.

8.5.1.8

show snmp notif

Description

With this command, you display the configured SNMP notification types.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

377

Network protocols 8.5 SNMP

Syntax

Call the command without parameters: show snmp notif

Result

The configured SNMP notification types are displayed.

8.5.1.9

show snmp targetaddr

Description

This command shows the configured SNMP target addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp targetaddr

Result

The configured SNMP target addresses are displayed.

8.5.1.10

show snmp targetparam

Description

This command shows the configured SNMP target parameters.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

378

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: show snmp targetparam

Result

The configured SNMP target parameters are displayed.

8.5.1.11

show snmp tcp

Description

This command shows the configuration for SNMP via TCP.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp tcp

Result

The configuration for SNMP via TCP is displayed.

8.5.1.12

show snmp user

Description

This command shows the settings for the SNMP users.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Network protocols 8.5 SNMP

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

379

Network protocols 8.5 SNMP

Syntax

Call the command without parameters: show snmp user

Result

The settings for the SNMP users are displayed.

8.5.1.13

show snmp viewtree

Description

This command shows the settings for the SNMP tree view.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show snmp viewtree

Result

The settings for the SNMP tree view are displayed.

8.5.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

380

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.5.2.1

snmpagent

Network protocols 8.5 SNMP

Description

With this command, you enable the SNMP agent function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: snmpagent

Result

The SNMP agent function is enabled.

Further notes

You disable the SNMP agent function with theno snmpagent command.

8.5.2.2

no snmpagent

Description

With this command, you disable the SNMP agent function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no snmpagent

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

381

Network protocols 8.5 SNMP

Result

The SNMP agent function is disabled.

Further notes

You enable the SNMP agent function with the snmpagent command.

8.5.2.3

snmpagent port

Description

With this command, you specify the port at which the SNMP agent waits for the SNMP queries.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmpagent port <port-number(49500-65535)> The parameter has the following meaning:

Parameter port-number

Description Port number

Range of values / note 49500 ... 65535 Default: 161 (standard port)

Result

The port is defined.

Additional notes You reset the port to the standard port with the no snmpagent port command.

8.5.2.4

no snmpagent port

Description

With this command, you reset the port to the standard port.

382

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.5 SNMP

Syntax

Call the command without parameters: no snmpagent port

Result

The port is reset to the standard port 161.

Additional notes You configure the port with the snmpagent port command.

8.5.2.5

snmp agent version

Description

With this command, you configure whether all SNMP queries or only SNMPv3 queries are processed.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp agent version {v3only | all} The parameters have the following meaning:

Parameter v3only all

Description Only SNMPv3 queries are processed All SNMP queries are processed

Range of values / note Default: all

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

383

Network protocols 8.5 SNMP

Result

The setting is configured.

8.5.2.6

snmp access

Description

With this command, you configure the access to an SNMP group.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp access <GroupName> {v1 | v2c | v3 {auth | noauth | priv}}
[read <ReadView | none>] [write <WriteView | none>] [notify <NotifyView | none>]
[{volatile | nonvolatile}] The parameters have the following meaning:

Parameter GroupName Version Authentication
read write

Description

Range of values / note

Name of the group to which access is max. 32 characters configured

Selects the version of the protocol used  v1

 v2c

 v3

Selects the authentication method.

 auth Enables MD5 or SHA as au- thentication method

 noauth No authentication

 priv Enables authentication and en- cryption

The data can be read. Keyword

 ReadView  none

The data can be read and written Keyword

 WriteView  none

384

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.5 SNMP

Parameter notify
Storage Type

Description
Changes can be sent as a tag. Keyword
Specifies whether the settings remain following a restart.

Range of values / note
 NotifyView
 none
 volatile : The settings are lost after a re- start
 nonvolatile : The settings are retained after a restart

The keywords need to be specified. If optional parameters are not specified when configuring a group, the default value will be used.

Result

The settings for access to an SNMP group are configured.

Additional notes You delete the access to an SNMP group with the no snmp access command. You display the configured SNMP groups with the show snmp group command. You display the access configurations for SNMP groups with the show snmp group access command. You display the configured SNMP tree views with the show snmp viewtree command.

8.5.2.7

no snmp access

Description

With this command, you delete the access to an SNMP group.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp access <GroupName> {v1 | v2c | v3 {auth | noauth | priv}}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

385

Network protocols 8.5 SNMP

The parameters have the following meaning:

Parameter GroupName Version
Authentication

Description

Range of values / note

Name of the group to which access is max. 32 characters deleted

Selects the version of the protocol used  v1

 v2c

 v3

Selects the authentication method.

 auth

 noauth

 priv

Result

The access to an SNMP group is deleted.

Additional notes You configure the setting with the snmp access command. You display the configured SNMP groups with the show snmp group command. You display the access configurations for SNMP groups with the show snmp group access command. You display the configured SNMP tree views with the show snmp viewtree command.

8.5.2.8

snmp community index

Description

With this command, you configure the details of an SNMP community.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
snmp community index <CommunityIndex> name <CommunityName> security <SecurityName> [context <name>] [{volatile |
nonvolatile}]

386

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.5 SNMP

The parameters have the following meaning:

Parameter CommunityIndex name CommunityName security SecurityName context name Storage type

Description

Range of values/note

Index of the community

Max. 256 characters

Keyword for the name of the community -

Name of the community

Max. 256 characters

Keyword for the security name

-

Security name

Max. 32 characters

Keyword for the context name

-

Context name

Max. 32 characters

Specifies whether the settings remain following a restart.

: The settings are lost after a re- start

: The settings are retained after a restart

If optional parameters are not specified when configuring a community, the default values apply.

Note Community string
For security reasons, do not use the standard values "public" or "private". Change the community strings following the initial installation.
The recommended minimum length for community strings is 6 characters.

Result

The settings are configured.

Additional notes You delete the details of an SNMP community with the no snmp community index command.
You show the details of an SNMP community with the show snmp community command.
You show the status information of the SNMP communication with the show snmp command.

8.5.2.9

no snmp community index

Description

With this command, you delete the details of an SNMP community.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

387

Network protocols 8.5 SNMP

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp community index <CommunityIndex> The parameter has the following meaning:

Parameter CommunityIndex

Description Name of the community

Range of values / note max. 32 characters

Result

The details of an SNMP community are deleted.

Further notes

You configure the details of an SNMP community with the snmp community index command.
You show the details of an SNMP community with the show snmp community command.
You show the status information of the SNMP communication with the show snmp command.

8.5.2.10

snmp engineid migrate

Description

With this command, you enable the SNMPv3 user migration.
If the function is enabled, an SNMP engine ID is generated that can be migrated. You can transfer configured SNMPv3 users to a different device. If you enable this function and load the configuration of the device on another device, configured SNMPv3 users are retained.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters:

388

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

snmp engineid migrate

Network protocols 8.5 SNMP

Result

The SNMPv3 user migration is enabled.

Further notes

You disable the SNMPv3 user migration with the no snmp engineid migrate command.

8.5.2.11

no snmp engineid migrate

Description

With this command, you disable the SNMPv3 user migration.
If the function is disabled, a device-specific SNMP engine ID is generated. To generate the ID, the agent MAC address of the device is used. You cannot transfer this SNMP user configuration to other devices.
If you load the configuration of the device on another device, all configured SNMPv3 users are deleted.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no snmp engineid migrate

Result

The SNMPv3 user migration is disabled.

Further notes

You enable the SNMPv3 user migration with the snmp engineid migrate command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

389

Network protocols 8.5 SNMP

8.5.2.12

snmp group

Description

With this command, you configure the details of an SNMP group.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
snmp group <GroupName> user <UserName> security-model {v1|v2c|v3} [{volatile|nonvolatile}]
The parameters have the following meaning:

Parameter GroupName user UserName security-model
Storage type

Description Name of the group Keyword for the user name Name of the user Specifies which security settings will be used.
Specifies whether the settings remain following a restart.

Range of values / note
max. 32 characters max. 32 characters  v1
 v2c
 v3
 volatile : The settings are lost after a re- start
 nonvolatile : The settings are retained after a restart.

If optional parameters are not specified when configuring a group, the default values apply.

Result

The details of the group are configured.

Further notes

You delete the details of an SNMP group with the no snmp group command. You display the created SNMP groups with the show snmp group command. You display the created SNMP users with the show snmp user command.

390

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.5.2.13

no snmp group

Network protocols 8.5 SNMP

Description

With this command, you delete the details of an SNMP group.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp group <GroupName> user <UserName> security-model {v1|v2c|v3} The parameters have the following meaning:

Parameter GroupName user UserName security-model

Description
Name of the group Keyword for the user name Name of the user Specifies which security settings are used for sending.

Range of values / note max. 32 characters max. 32 characters  v1  v2c  v3

Result

The details of the group are deleted.

Further notes

You change the details of an SNMP group with the snmp group command. You display the created SNMP groups with the show snmp group command. You display the created SNMP users with the show snmp user command.

8.5.2.14

snmp notify

Description

With this command, you configure the details of the SNMP notifications.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

391

Network protocols 8.5 SNMP

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
snmp notify <NotifyName> tag <TagName> type {Trap|Inform} [{volatile|nonvolatile}]
The parameters have the following meaning:

Parameter NotifyName tag TagName Type
Storage type

Description Name of the SNMP notification Keyword for a target key Name of the target key Type of the SNMP notification
Specifies whether the settings remain following a restart.

Range of values / note
max. 32 characters max. 32 characters
 Trap Generates a trap.
 Inform Generates a log entry or sends an entry to the log server.
: The settings are lost after a re- start
: The settings are retained after a restart

Result

The details of the SNMP notifications are configured.

Further notes

You delete the details of an SNMP notification with the no snmp notify command.
You display the configured SNMP notifications with the show snmp notif command.
You display the configured SNMP target addresses with the show snmp targetaddr command.

8.5.2.15

no snmp notify

Description

With this command, you delete the details of the SNMP notifications.

392

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Network protocols 8.5 SNMP

Syntax

Call up the command with the following parameters: no snmp notify <NotifyName> The parameter has the following meaning:

Parameter NotifyName

Description Name of the notification

Range of values / note max. 32 characters

Result

The details of the SNMP notifications are deleted.

Further notes

You change the details of an SNMP group with the snmp notify command.
You display the configured SNMP notifications with the show snmp notif command.
You display the configured SNMP target addresses with the show snmp targetaddr command.

8.5.2.16

snmp targetaddr

Description

With this command, you configure the SNMP target address.

Requirement

The SNMP target parameters are configured. You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

393

Network protocols 8.5 SNMP

snmp targetaddr <TargetAddressName> param <ParamName> {ipv4<IPAddress>}
[timeout <Seconds(1-1500)] [retries <RetryCount(1-3)] [taglist <TagIdentifier | none>] [{volatile | nonvolatile}] [port <integer (1-65535)>]
The parameters have the following meaning:

Parameter TargetAddressName param ParamName
ipv4 IPAddress timeout
Seconds retries
RetryCount taglist TagIdentifier none Storage Type
port
integer

Description

Range of values

Name of the target address

max. 32 characters

Keyword for the parameter name

-

Name of the destination address or the designation of the parameter name

max. 32 characters

Keyword for an IPv4 address

-

Value for an IPv4 unicast address Enter a valid IPv4 unicast address.

Keyword for the time the SNMP agent waits for a response before it repeats the inform request message

Time in seconds

1 ... 1500

Keyword for the maximum number of attempts to obtain a response to an inform request message

Number of attempts

1 ... 3

Keyword for tag list

-

Tag identifier that selects the target Specify the tag identifier. address for SNMP.

No tag identifier

-

Specifies whether the settings re- main following a restart.

 volatile: The default settings are used af- ter a restart.

 nonvolatile: The saved settings are used after a restart.

Keyword for the port number at which the SNMP manager receives traps and inform messages

Port number

1 ... 65535

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If optional parameters are not specified when configuring, the following defaults apply:

Parameter taglist Storage Type port

Default value snmp volatile 162

394

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The SNMP target address is configured.

Network protocols 8.5 SNMP

Further notes

You delete the SNMP target address with the no snmp targetaddr command. You display the SNMP target address with the show snmp targetaddr command. You configure the SNMP target parameters with the snmp targetparams command. You display the SNMP target parameters with the show snmp targetparam command.

8.5.2.17

no snmp targetaddr

Description

With this command, you delete the SNMP target address.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp targetaddr <TargetAddressName> The parameter has the following meaning:

Parameter

Description

TargetAddressName SNMP target address

Range of values / note max. 32 characters

Result

The SNMP target address is deleted.

Further notes

You change the SNMP target address with the snmp targetaddr command. You display the SNMP target address with the show snmp targetaddr command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

395

Network protocols 8.5 SNMP

8.5.2.18

snmp targetparams

Description

With this command, you configure the SNMP target parameters.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snmp targetparams <ParamName> user <UserName> security-model {v1 | v2c | v3 {auth | noauth | priv}}
message-processing {v1 | v2c | v3} [{volatile | nonvolatile}]
The parameters have the following meaning:

Parameter ParamName user UserName

Description Name of the SNMP parameter Keyword for the user name Value for the user name

Range of values / note max. 32 characters max. 32 characters

396

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.5 SNMP

Parameter security-model
messageprocessing

Description

Range of values / note

Specifies which SNMP version is used.  SNMP version

With SNMPv3 a security level (authen- tication, encryption) can also be config- ured.

­ v1 ­ v2c ­ v3

 Security level for v3

­ auth Authentication enabled / no encryption enabled

­ noauth No authentication enabled, no encryption enabled

­ priv Authentication enabled / encryption enabled

Specifies which SNMP version is used  SNMP version

for processing the messages and whether the settings remain following a restart.

­ v1 ­ v2c

­ v3

 Settings after the restart

­ volatile: The settings are lost after a restart.

­ nonvolatile: The settings are retained after a restart.

If optional parameters are not specified when configuring, the default values apply.

Result

The SNMP target parameters are configured.

Additional notes You delete the SNMP target parameters with the no snmp targetparams command. You display settings of this function with the show snmp targetparam command. You configure the user profile with the snmp user command. You display the list of users with the show snmp user command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

397

Network protocols 8.5 SNMP

8.5.2.19

no snmp targetparams

Description

With this command, you delete the SNMP target parameters.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp targetparams <ParamName> The parameter has the following meaning:

Parameter ParamName

Description Name of the SNMP parameter

Range of values / note max. 32 characters

Result

The SNMP target parameters are deleted.

Further notes

You change the SNMP target parameters with the snmp targetparams command. You display settings of this function with the show targetparam command.

8.5.2.20

snmp v1-v2 readonly

Description

With this command, you block write access for SNMPv1 and SNMPv2 PDUs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

398

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: snmp v1-v2 readonly

Network protocols 8.5 SNMP

Result

Write access for SNMPv1 and SNMPv2 PDUs is blocked.

Further notes

You release write access for SNMPv1 and SNMPv2 PDUs with the no snmp v1-v2 readonly command.

8.5.2.21

no snmp v1-v2 readonly

Description

With this command, you enable write access for SNMPv1 and SNMPv2 PDUs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no snmp v1-v2 readonly

Result

Write access for SNMPv1 and SNMPv2 PDUs is enabled.

Further notes

You block write access for SNMPv1 and SNMPv2 PDUs with the snmp v1-v2 readonly command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

399

Network protocols 8.5 SNMP

8.5.2.22

snmp user

Description

With this command, you configure the details of an SNMP user.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
snmp user <UserName> [auth {md5 | sha} <passwd> [priv {DES | AES128} <passwd>]] [{volatile | nonvolatile}]
The parameters have the following meaning:

Parameter UserName auth md5
sha
passwd priv DES AES128
passwd volatile
nonvolatile

Description

Range of values/note

Name of the user

max. 32 characters

Keyword for the authentication

Default: No authentication

MD5 (Message Digest 5) is used as hash function.

SHA (Secure Hash Algorithm) is used as hash function.

Password for authentication

max. 32 characters

Specifies that there is encryption.

Default: No encryption

DES is used as encryption algorithm. -

AES128 is used as encryption algo- rithm.

Value for the password of the encryption max. 32 characters

The default settings are used after a re- start.

The saved settings are used after a re- start.

If optional parameters are not specified when configuring an SNMP user, the default values apply.

Result

The details of an SNMP user are configured.

400

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.5 SNMP
Additional notes You delete the settings with the no snmp user command. You display the configured users with the show snmp user command.

8.5.2.23

no snmp user

Description

With this command, you delete the details of an SNMP user.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp user <UserName> The parameter has the following meaning:

Parameter UserName

Description Name of the user

Range of values / note max. 32 characters

Result

The details of an SNMP user are deleted.

Further notes

You change the settings with the snmp user command. You display the configured users with the show snmp usercommand.

8.5.2.24

snmp view

Description

With this command, you configure an SNMP view.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

401

Network protocols 8.5 SNMP

Requirement

 An SNMP group has been created
 The access to the group is configured with snmp access
 You are in the Global Configuration mode. The command prompt is: cli(config)#

Syntax

Call up the command with the following parameters:
snmp view <ViewName> <OIDTree> [mask <OIDMask>] {included | excluded} [{volatile | nonvolatile}]
The parameters have the following meaning:

Parameter ViewName OIDTree mask OIDMask
View type
Storage type

Description Name of the SNMP view Object ID Keyword for the OID mask Mask that filters access to the elements of the MIB tree
Specifies whether the filtered elements are used or excluded.
Specifies whether the settings remain following a restart.

Range of values / note
max. 32 characters Path information of the MIB tree A series of "0" and "1" separated by dots in keeping with the path in- formation of the MIB tree
 included (Default)
 excluded
 volatile: The settings are lost after a re- start
 nonvolatile: The settings are retained after a restart (default).

If optional parameters are not specified when configuring, the default values apply.

Result

The SNMP view is configured.

Additional notes You delete the view with the no snmp view command. You display the configured SNMP tree views with the show snmp viewtree command. You display the access rights of the SNMP groups with the show snmp group access command. You configure the access rights of the SNMP groups with the snmp accesscommand.

402

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.5.2.25

no snmp view

Network protocols 8.5 SNMP

Description

With this command, you delete an SNMP view.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no snmp view <ViewName> <OIDTree> The parameters have the following meaning:

Parameter ViewName OIDTree

Description Name of the view Object ID

Range of values / note max. 32 characters Path information of the MIB tree

Result

The SNMP view is deleted.

Further notes

You configure a view with the snmp view command. You display the configured SNMP tree views with the show snmp viewtree command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

403

Network protocols 8.6 SMTP client

8.6

SMTP client

This section describes commands of the Simple Mail Transfer Protocol (SMTP).

8.6.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.6.1.1

show events smtp-server

Description

This command shows the configured e-mail servers.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events smtp-server

Result

The configured e-mail servers are displayed.

8.6.1.2

show events sender email

Description

This command shows the configured e-mail sender address.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

404

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events sender email

Result

The configured e-mail sender address is displayed.

8.6.1.3

show events smtp-port

Description

This command shows the configured SNMP port.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events smtp-port

Result

The configured SMTP port is displayed.

Network protocols 8.6 SMTP client

8.6.2

Commands in the Events configuration mode
This section describes commands that you can call up in the EVENTS configuration mode. In global configuration mode, enter the events command to change to this mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

405

Network protocols 8.6 SMTP client
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.  If you exit the EVENTS configuration mode with the exit command, you return to the
Global configuration mode.  If you exit the EVENTS configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in EVENTS configuration mode. To do this, you replace [command] with the command that you want to execute.

8.6.2.1

smtp-server

Description

With this command, you configure an entry for an SMTP server.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: smtp-server {ipv4 <ucast_addr>} <receiver mail-address> The parameters have the following meaning:

Parameter ipv4 ucast_addr receiver mailaddress

Description Keyword for an IPv4 address Value for an IPv4 unicast address Name of the recipient

Range of values Enter a valid IPv4 unicast address. max. 100 characters

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

An entry for the SMTP server is configured.

Further notes

You delete an SMTP server entry with the no smtp-server command.

406

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.6.2.2

no smtp-server

Network protocols 8.6 SMTP client

Description

With this command, you delete an SMTP server entry.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no smtp-server ipv4 <ucast_addr> The parameter has the following meaning:

Parameter ipv4 ucast_addr

Description Keyword for an IPv4 address Value for an IPv4 address

Range of values Enter a valid IPv4 address.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The SMTP server entry is deleted.

Further notes

You configure an e-mail server entry with the smtp-server command.

8.6.2.3

sender mail-address

Description

With this command, you configure the e-mail name of the sender.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

407

Network protocols 8.6 SMTP client

Syntax

Call up the command with the following parameters: sender mail-address <mail-address> The parameter has the following meaning:

Parameter mail-address

Description Email name of the sender

Range of values / note max. 100 characters

Result

The e-mail name of the sender is configured.

Further notes

You reset the e-mail name of the sender with the no sender mail-address. You display the setting with the show events sender email command.

8.6.2.4

no sender mail-address

Description

With this command, you reset the e-mail name of the sender.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: no sender mail-address

Result

The e-mail name of the sender is reset.

Further notes

You configure the e-mail name of the sender with the sender mail-address. You display the setting with the show events sender email command.

408

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.6.2.5

send test mail

Network protocols 8.6 SMTP client

Description

With this command, you send an e-mail according to the currently configured SMTP settings.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: send test mail

Result

An e-mail according to the currently configured SMTP settings is sent.

Further notes

You can display the current SMTP settings with the show events smtp-server command.

8.6.3

Commands in SMTP server configuration mode

8.6.3.1

Introductory sentence for the SMTP server configuration mode
This section describes commands that you can call up in the SMTP server configuration mode.
In the Events configuration mode, enter the smtp-server command to change to this mode.
 If you exit the SMTP server configuration mode with the exit command, you return to the events configuration mode.
 If you exit the SMTP server configuration mode with the end command, you return to the Privileged EXEC mode.

8.6.3.2

auth username

Description

With this command, you configure the user data (user name and password) used for authentication on the SMTP server.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

409

Network protocols 8.6 SMTP client

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call up the command with the following parameters: auth username <username> password <password> The parameter has the following meaning:

Parameter username username
password password

Description Keyword for a user name User name
Keyword for a password Password

Range of values / note
Enter the user name used for au- thentication on the SMTP server. Maximum length: 64 characters Enter the password used for au- thentication on the SMTP server. Maximum length: 64 characters

Result

The user data is configured.

Further notes

You delete the user data with the no auth username command. You display this setting with the show events smtp-server command.

8.6.3.3

no auth username

Description

With this command, you delete the user data.

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

410

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: no auth username

Network protocols 8.6 SMTP client

Result

The SMTP port is reset to the default value.

Further notes

You configure the user data with the auth username command. You display this setting with the show events smtp-server command.

8.6.3.4

port

Description

With this command, you configure the port via which the SMTP server can be reached.

Requirement

You are in SMTP server configuration mode The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call up the command with the following parameters: port <smtp-port(1-65535)> The parameter has the following meaning:

Parameter smtp-port

Description Value for the SMTP port

Range of values / note 1 ... 65535 Default:  25 (no security)  465 (security)

Result

The SMTP port is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

411

Network protocols 8.6 SMTP client
Additional notes You display this setting with the show events smtp-server command. You reset the setting to the default with the no port command.

8.6.3.5

no port

Description

With this command, you reset the SMTP port to the default.

Requirement

You are in SMTP server configuration mode The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call the command without parameters: no port

Result

The SMTP port is reset to the default value.  25 (no security)  465 (security)

Additional notes You configure the setting with the port command. You display this setting with the show events smtp-server command.

8.6.3.6

sender address

Description

With this command, you configure the sender specified in the e-mail.

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows:

412

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

cli(events-smtp-server)#

Network protocols 8.6 SMTP client

Call up the command with the following parameters: sender-address <mail-address> The parameter has the following meaning:

Parameter mail-address

Description Sender Email Address

Range of values / note Max. 100 characters

Result

The e-mail address of the sender is configured.

Further notes

You display this setting with the show events smtp-server command. You delete the sender with the no sender-address command.

8.6.3.7

no sender address

Description

You delete the sender with this command.

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call the command without parameters: no sender-address

Result

The e-mail name of the sender is deleted.

Further notes

You configure a sender with the sender-address command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

413

Network protocols 8.6 SMTP client
You display this setting with the show events smtp-server command.

8.6.3.8

receiver-address

Description

With this command, you specify who receives an e-mail when an event occurs.

Requirement

 "email" is activated for the event in question.
 You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call up the command with the following parameters: receiver-address <mail-address> [shutdown] The parameters have the following meaning:

Parameter mail-address shutdown

Description

Range of values / note

Receiver Email Address

Max. 100 characters

Disables sending of the e-mail. This re- cipient will not receive an e-mail when an event occurs.

Result

A recipient is configured.

Further notes

You delete the recipient with the no receiver-address command. You display this setting with the show events smtp-server command. You configure the setting "email" with the event config command.

8.6.3.9

no receiver-address

Description

With this command, you delete a recipient.

414

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Network protocols 8.6 SMTP client

Syntax

Call up the command with the following parameters: no receiver-address <mail-address> The parameter has the following meaning:

Parameter mail-address

Description Receiver Email Address

Range of values / note Max. 100 characters

Result

The recipient is deleted.

Further notes

You create a recipient with the receiver-address command. You display this setting with the show events smtp-server command.

8.6.3.10

security

Description

With this command, you configure the method for encrypted transfer of the e-mail from the device to the SMTP server.

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call up the command with the following parameters: security {ssltls | starttls}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

415

Network protocols 8.6 SMTP client

The parameters have the following meaning:

Parameter ssltls starttls

Description Uses SSL/TLS Uses STARTTLS

Range of values / note -

Result

The method for the transfer is configured.

Further notes

You disable the setting with the no security command. You display this setting with the show events smtp-server command.

8.6.3.11

no security

Description

With this command, you specify that the e-mail is transferred unencrypted.

Requirement

You are in the SMTP server configuration mode. The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call the command without parameters: no security

Result

Transfer of the e-mail from the device to the SMTP server is unencrypted.

Further notes

You configure the setting with the security command. You display this setting with the show events smtp-server command.

416

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.6.3.12

smtp-server-enable

Network protocols 8.6 SMTP client

Description

With this command, you enable the SMTP server.

Requirement

You are in SMTP server configuration mode The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call the command without parameters: smtp-server-enable

Result

The SMTP server is enabled.

Additional notes You disable the SMTP server with the no smtp-server-enable command.

8.6.3.13

no smtp-server-enable

Description

You disable the SMTP server with this command.

Requirement

You are in SMTP server configuration mode The command prompt is as follows: cli(events-smtp-server)#

Syntax

Call the command without parameters: no smtp-server-enable

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

417

Network protocols 8.6 SMTP client

Result

The SMTP server is disabled.

Additional notes You activate the SMTP server with the smtp-server-enable command.

418

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.7 HTTP server

8.7

HTTP server

This section describes commands of the Hypertext Transfer Protocol (HTTP).

8.7.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.7.1.1

show ip http server status

Description

This command shows the status of the HTTP server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip http server status

Result

The status of the HTTP server is displayed.

8.7.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

419

Network protocols 8.7 HTTP server
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

8.7.2.1

ip http

Description

With this command, you enable HTTP access to the WBM.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip http As default the function is "enabled".

Result

HTTP access is enabled.

Additional notes
You can display the setting of this function and other information with the show ip http server statuscommand.
You disable HTTP access with the no ip http command.

8.7.2.2

no ip http

Description

With this command, you disable HTTP access.

Requirement

You are in global configuration mode. The command prompt is as follows:

420

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Network protocols 8.7 HTTP server

Syntax

Call the command without parameters: no ip http

Result

Access to the WBM is now only possible with HTTPS.

Additional notes
You can display the setting of this function and other information with the show ip http server statuscommand.
You enable HTTP access with the ip http command.

8.7.2.3

ip http port

Description

With this command you specify the port for HTTP access to the WBM.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip http port <port-number(49500-65535)> The parameter has the following meaning:

Parameter port-number

Description Port number

Range of values / note 49500 ... 65535 Default: 80 (standard port)

Result

The port for HTTP access has been changed. Access the WBM with the changed port.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

421

Network protocols 8.7 HTTP server

Further notes

You reset the port to the standard port with the no ip http port command.

8.7.2.4

no ip http port

Description

With this command, you reset the port to the standard port.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip http port

Result

The port is reset to the standard port 80.

Further notes

You configure the port for HTTP access with the ip http port command

422

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.8 HTTPS server

8.8

HTTPS server

This section describes commands of the Hypertext Transfer Protocol Secure (HTTPS).

8.8.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.8.1.1

show ip http secure server status

Description

This command shows the status of the HTTPS server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip http secure server status

Result

The status, cipher suite and version of the HTTPS server are displayed.

8.8.1.2

show ssl server-cert

Description

This command shows the SSL server certificate.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

423

Network protocols 8.8 HTTPS server
The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ssl server-cert

Result

The SSL server certificate is displayed.

8.8.2

Commands in global configuration mode

8.8.2.1

ip http secure

Description

With this command, you enable HTTPS access to the WBM.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip http secure

Result

HTTP is enabled on the device.

Additional notes You disable HTTPS access with the no ip http secure command.

424

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

8.8.2.2

no ip http secure

Network protocols 8.8 HTTPS server

Description

With this command, you disable HTTPS access to the WBM.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip http secure

Result

Access to the WBM is now only possible with HTTP.

Additional notes You enable HTTPS access with the ip http secure command.

8.8.2.3

ip http secure port

Description

With this command you specify the port for HTTPS access to the WBM.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip http secure port <port-number(49500-65535)>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

425

Network protocols 8.8 HTTPS server

The parameter has the following meaning:

Parameter port-number

Description Value for the HTTPS port

Range of values / note 49500 ... 65535 Default: 443 (standard port)

Result

The port for HTTPS access has been changed. Access the WBM with the changed port.

Further notes

You reset the port to the standard port with the no ip http port command.

8.8.2.4

no ip http secure port

Description

With this command, you reset the HTTPS port to the standard port.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip http secure port

Result

The port is reset to the standard port 443.

Further notes

You configure the port for HTTPS access with the ip http secure port command

426

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Network protocols 8.9 ARP

8.9

ARP

This section describes commands of the Address Resolution Protocol (ARP).

8.9.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.9.1.1

show ip arp

Description

With this command, you display the ARP table. The ARP table contains the clear assignment of MAC address to IPv4 address.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show ip arp [{vlan <vlan-id (1-4094)> | <interface-type> <interfaceid> | <ip-address> | <mac-address> | summary | information}]
The parameters have the following meaning:

Parameter vlan vlan-id interface-type interface-id ip-address
mac-address

Description

Range of values/note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Shows the IPv4 addresses of the en- tries in the ARP table

Shows the MAC addresses of the en- tries in the ARP table

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

427

Network protocols 8.9 ARP

Parameter summary
information

Description

Range of values/note

Shows a summary of the entries in the ARP table

Displays information on the ARP config- uration

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, all parameters of the ARP table are displayed.

Result

The ARP table is displayed.

8.9.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

8.9.2.1

arp timeout

Description

With this command, you configure the timeout setting of the ARP cache.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

428

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

arp timeout <seconds(30-86400)> The parameter has the following meaning:

Parameter seconds

Description Value for the timeout in seconds

Network protocols 8.9 ARP
Range of values / note 30 ... 86400 Default: 300

Result

The setting for the timeout setting of the ARP cache is configured.

Further notes

You can reset the timeout setting to the default with the no arp timeout command.
You can display the status of this function and other information with the show ip arp command.

8.9.2.2

no arp timeout

Description

With this command, you reset the timeout setting of the ARP cache back to the default value. The default value for the timeout setting is 300 seconds.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no arp timeout

Result

The timeout setting for the ARP cache is reset to the default value.

Further notes

You change the timeout setting with the arp timeout command.
You can display the status of this function and other information with the show ip arp command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

429

Network protocols 8.10 SSH server

8.10

SSH server
This section describes commands of the Secure Shell (SSH) Server.

8.10.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

8.10.1.1

show ip ssh

Description

This command shows the settings of the SSH server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip ssh

Result

The settings for the SSH server are displayed.

8.10.1.2

show ssh-fingerprint

Description

This command shows the SSH fingerprint.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

430

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

The command prompt is as follows: cli> or cli#
Call the command without parameters: show ssh-fingerprint
The SSH fingerprint is displayed.

Network protocols 8.10 SSH server

8.10.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

8.10.2.1

ssh-server

Description

With this command, you enable the SSH protocol on the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ssh-server As default the function is "enabled".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

431

Network protocols 8.10 SSH server

Result

The SSH protocol is enabled on the device.

Further notes

You disable the SSH protocol with the no ssh-server command.

8.10.2.2

no ssh-server

Description

With this command, you disable the SSH protocol on the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ssh-server

Result

The SSH protocol is disabled on the device.

Further notes

You enable the SSH protocol with the ssh-server command.

8.10.2.3

ssh-server port

Description

With this command, you specify the port for SSH access to the CLI.

Requirement

You are in global configuration mode. The command prompt is as follows:

432

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Network protocols 8.10 SSH server

Syntax

Call up the command with the following parameters: ssh-server port <port-number(49500-65535)> The parameter has the following meaning:

Parameter port-number

Description Value for SSH port

Range of values / note 49500 ... 65535 Default: 22 (standard port)

Result

The port for SSH access has been changed. Access the CLI with the changed port.

Additional notes You reset the port to the standard port with the no ssh-server port command.

8.10.2.4

no ssh-server port

Description

With this command, you reset the port to the standard port.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ssh-server port

Result

The port is reset to the standard port 22.

Additional notes You configure the port for SSH access with the ssh-server port. command

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

433

Network protocols 8.10 SSH server

434

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols
This part contains the sections that cover the following topics:  GARP  IGMP Snooping and IGMP Querying  Redundancy
­ Ring redundancy ­ Standby redundancy ­ Link Check ­ MRP Interconnection

9

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

435

Layer 2 management protocols 9.1 GARP

9.1

GARP

This section describes commands of the following protocols:  GARP - Generic Attribute Registration Protocol  GMRP - GARP Multicast Registration Protocol  GVRP - GARP VLAN Registration Protocol

Timer
The following timers are set in the protocols mentioned above. The timer values are not configurable.

Timer Join-time Leave-time
Leave-all-time

Description

Factory setting

Time in milliseconds that passes between the transfer of two PDUs (Protocol Data Unit)

200 ms

Time period of the timer in milliseconds before the device changes its GARP status

600 ms

The timer starts and runs backwards with the defined time as soon as the device sends or receives a "Leave-all-time" message.

The timer is stopped when the device receives a Join message.

Time period of the timer in milliseconds before all devices change 10000 ms their GARP status

In devices connected via Layer 2, the same values must be set for the GARP/GMRP timer. If different values are set with the GARP/GMRP timers, GARP applications such as GMRP and GVRP cannot be executed successfully.

9.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.1.1.1

show forward-all

Description

With this command, you display the entries of the GMRP forward all table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

436

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: show forward-all

Layer 2 management protocols 9.1 GARP

Result

The entries of the GMRP forward all table are displayed.

9.1.1.2

show forward-unregistered

Description

With this command, you display the entries of the GMRP forward unregistered table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show forward-unregistered

Result

The entries of the GMRP forward unregistered table are displayed.

9.1.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

437

Layer 2 management protocols 9.1 GARP

9.1.2.1

gmrp

Description

With this command, you enable the GMRP function for all or individual interfaces on the device.

Requirement

You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: gmrp

Result

In the Global configuration mode: The GMRP function is enabled on the device. In the Interface configuration mode: The GMRP function is enabled for this interface.

Further notes

You need to enable GMRP globally for this device before you enable GMRP for individual interfaces.
If you want to enable or disable the function for a specific interface on the device, use the no gmrp command in the Interface configuration mode.
You can display the status of this function and other information with the show vlan device info command.

9.1.2.2

no gmrp

Description

With this command, you disable the GMRP function for all or individual interfaces on the device.

438

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Layer 2 management protocols 9.1 GARP

Syntax

Call the command without parameters: no gmrp

Result

In the Global configuration mode: The GMRP function is disabled on the device. In the Interface configuration mode: The GMRP function is disabled for this interface.

Further notes

If you want to enable the function for a specific interface on the device, use the gmrp command.
You can display the status of this function and other information with the show vlan device info command.

9.1.2.3

gvrp

Description

With this command, you enable the GVRP function for all or individual interfaces on the device.

Requirement

You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows: cli(config)# cli (config-if-$$$) #

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

439

Layer 2 management protocols 9.1 GARP

Syntax

Call the command without parameters: gvrp

Result

In the Global configuration mode: The GVRP function is enabled on the device. In the Interface configuration mode: The GVRP function is enabled for this interface.

Further notes

If you have enabled the GARP module, you start GVRP explicitly with this command.
If you want to disable the function for a specific interface on the device, use the no gvrp command.
You can display the status of this function and other information with the show vlan device info command.

9.1.2.4

no gvrp

Description

With this command, you disable the GVRP function for all or individual interfaces on the device.

Requirement

You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows: cli(config)# cli (config-if-$$$) #

Syntax

Call the command without parameters: no gvrp

Result

In the Global configuration mode: The GVRP function is disabled on the device. In the Interface configuration mode: The GVRP function is disabled for this interface.

440

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.1 GARP

Further notes

If you want to enable the function for a specific interface on the device, use the gvrp command.
You can display the status of this function and other information with the show vlan device info command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

441

Layer 2 management protocols 9.2 IGMP snooping

9.2

IGMP snooping

This section describes the snooping functionality of the Internet Group Management Protocol.

9.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.2.1.1

show ip igmp snooping

Description

This command shows information about IGMP snooping for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode.
The command prompt is as follows:
cli> or cli# or cli(config)#

Syntax

Call up the command with the following parameters: show ip igmp snooping [vlan <vlan-id (1-4094)>] The parameters have the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values/note 1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The information about IGMP snooping is displayed.

442

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.2.1.2

show ip igmp snooping forwarding-database

Layer 2 management protocols 9.2 IGMP snooping

Description

This command shows the multicast forwarding entries for all or a selected VLAN. Optionally, only statically configured or dynamically learned multicast groups can be displayed.

Requirement

 IGMP snooping is enabled on the device
 You are in the User EXEC mode or Privileged EXEC mode. The command prompt is: cli> or cli#

Syntax

Call up the command with the following parameters:
show ip igmp snooping forwarding-database [vlan <vlan-id (1-4094)>] [{static | dynamic}]
The parameters have the following meaning:

Parameter vlan vlan-id static
dynamic

Description
Keyword for a VLAN connection
Number of the addressed VLAN
Only the statically configured multicast groups are displayed.
Only the groups learned dynamically over the IGMP configuration are dis- played.

Range of values/note 1 ... 4094 -
-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The multicast forwarding entries are displayed.

9.2.1.3

show ip igmp snooping globals

Description

This command shows an overview of the settings of IGMP snooping.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

443

Layer 2 management protocols 9.2 IGMP snooping
The command prompt is as follows: cli#

Syntax

Call the command without parameter assignment: show ip igmp snooping globals

Result

The settings are displayed.

9.2.1.4

show ip igmp snooping groups

Description

This command shows information about IGMP snooping for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode.
The command prompt is as follows:
cli> or cli# or cli(config)#

Syntax

Call up the command with the following parameters:
show ip igmp snooping groups [vlan <vlan-id (1-4094)> [Group <Address>]] [{static | dynamic}]
The parameters have the following meaning:

Parameter vlan vlan-id Group Address -

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values/note 1 ... 4094

 static  dynamic

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

444

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The information about IGMP snooping is displayed.

Layer 2 management protocols 9.2 IGMP snooping

9.2.1.5

show ip igmp snooping mrouter

Description

This command shows the ports at which IGMP queriers are connected for all or a selected VLAN..

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters: show ip igmp snooping mrouter [vlan <vlan-id (1-4094)>] [detail] The parameters have the following meaning:

Parameters vlan vlan-id detail

Description Keyword for a VLAN or VLAN range Number of the addressed VLAN or VLAN range Specifies that detailed information is displayed.

Range of values 1 ... 4094 -

Result

A list of the active ports is displayed.

9.2.1.6

show ip igmp snooping statistics

Description

This command shows the statistical information about IGMP snooping for all or a selected VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

445

Layer 2 management protocols 9.2 IGMP snooping

Syntax

Call up the command with the following parameters: show ip igmp snooping statistics [vlan <vlan-id (1-4094)>] The parameters have the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values/note 1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The statistical information is displayed.

9.2.1.7

show ip igmp snooping switch-ip

Description

This command shows the IP address of the source for IGMP snooping.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ip igmp snooping switch-ip

Result

The IP address is displayed.

9.2.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.

446

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.2 IGMP snooping
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

9.2.2.1

ip igmp snooping version

Description

This command specifies which version of IGMP snooping the device will use. When shipped, the device uses IGMPv3.
Note
There is no separate show command to display the version of IGMP used by the device. This information is shown when you enter the show ip igmp snooping command in the User EXEC mode or in the Privileged EXEC mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping version {v1 | v2 | v3} The parameters have the following meaning:

Parameter v1 v2 v3

Description IGMPv1 IGMPv2 IGMPv3

Result

The version of IGMP snooping used by the device is specified.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

447

Layer 2 management protocols 9.2 IGMP snooping

9.2.2.2

ip igmp vlan-snooping

Description

With this command, you enable IGMP snooping for all VLANs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip igmp vlan-snooping

Result

IGMP snooping is enabled for all VLANs.

Further notes

You disable IGMP snooping with the no ip igmp vlan-snooping command.

9.2.2.3

no ip igmp vlan-snooping

Description

With this command, you disable IGMP snooping for all VLANs.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp vlan-snooping

448

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

IGMP snooping is disabled for all VLANs.

Layer 2 management protocols 9.2 IGMP snooping

Further notes

You enable IGMP snooping with the ip igmp vlan-snooping command.

9.2.2.4

ip igmp snooping clear counters

Description

With this command, you delete the counters for all or a selected VLAN.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping clear counters [vlan <vlan-id (1-4094)>] The parameters have the following meaning:

Parameter vlan vlan-id

Description Keyword for a VLAN connection Number of the addressed VLAN

Range of values/note 1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select a VLAN, the counters of all VLANs will be deleted.

Result

The counters are deleted.

9.2.2.5

ip igmp snooping switch-ip

Description

With this command, you configure the IP address of the source for IGMP snooping queries.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

449

Layer 2 management protocols 9.2 IGMP snooping

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping switch-ip<switch-ipaddr> The parameter has the following meaning:

Parameter switch-ipaddr

Description Address of the source

Range of values / note Specify a valid IP address. Default: 10.0.0.1

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The IP address is configured.

9.2.2.6

snooping report-process config-level

Description

With this command, you configure which IGMP reports the device processes.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: snooping report-process config-level {non-router-ports | all-ports}

450

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.2 IGMP snooping

The parameters have the following meaning:

Parameter non-router-ports
all-ports

Description

Range of values/note

The device only processes IGMP re- ports that were received by non-multi- cast router ports.

Default

The device processes all IGMP reports. -

Result

The processing of IGMP reports is configured.

Additional notes
You display the status of this function and other information with the show ip igmp snooping globals command.

9.2.2.7

ip igmp snooping port-purge-interval

Description

The time after which a port is deleted from the list if no IGMP router control packets are received is known as the purge time.
With this command, you configure this purge time for a port for a VLAN in seconds.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ip igmp snooping port-purge-interval <(130-1225)seconds> The parameters have the following meaning:

Parameter -

Description Value for the purge time in seconds

Range of values / note 130 ... 1225 Default: 300

Result

The purge time is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

451

Layer 2 management protocols 9.2 IGMP snooping

Further notes

You can reset the setting to the default with the no ip igmp snooping port-purgeinterval command.
You can display the status of this function and other information with the show ip igmp snooping globals command.

9.2.2.8

no ip igmp snooping port-purge-interval

Description

With this command, you reset the setting for the purge time to the default value.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp snooping port-purge-interval

Result

The purge time is reset to the default value.

Further notes

You configure the setting with the ip igmp snooping port-purge-interval command.
You can display the status of this function and other information with the show ip igmp snooping globalscommand.

452

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.3 IGMP querier

9.3

IGMP querier

This section describes the commands for the query functionality of the Internet Group Management Protocol (IGMP).

9.3.1

Commands in the Global Configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

9.3.1.1

ip igmp snooping querier

Description

With this command, you configure the IGMP snooping switch as querier.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip igmp snooping querier As default the function is "disabled".

Result

The IGMP snooping switch is configured as querier.

Further notes

You delete the setting with the no ip igmp snooping querier command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

453

Layer 2 management protocols 9.3 IGMP querier
You can display the status of this function and other information with the show ip igmp snooping command.

9.3.1.2

no ip igmp snooping querier

Description

With this command, you delete the configuration of an IGMP snooping switch as querier.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip igmp snooping querier

Result

The configuration of the IGMP snooping switch as querier is deleted.

Further notes

You configure the setting with the ip igmp snooping querier command.
You can display the status of this function and other information with the show ip igmp snooping command.

9.3.2 9.3.2.1

Commands in VLAN configuration mode
Introductory sentence for the VLAN configuration mode This section describes commands that you can call up in the VLAN Configuration mode. In global configuration mode, enter the vlan $$$ command to change to this mode. When doing this, you need to replace the $$$ placeholders with the relevant VLAN ID.

454

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.3 IGMP querier
Commands relating to other topics that can be called in the VLAN Configuration mode can be found in the relevant sections.  If you exit the VLAN Configuration mode with the exit command, you return to the Global
Configuration mode.  If you exit the VLAN Configuration mode with the end command, you return to the Privileged
EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in VLAN configuration mode. To do this, you replace [command] with the command that you want to execute.

9.3.2.2

ip igmp snooping querier

Description

With this command, you enable the function IGMP Snooping Querier for a VLAN.

Requirement

You are in VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameters: ip igmp snooping querier As default the function is "disabled".

Result

The IGMP Snooping Querier function is enabled for the specified VLAN.

Additional notes
You disable the function IGMP Snooping Querier for a VLAN with the no ip igmp snooping querier command.
You display the status of this function and other information with the show ip igmp snooping command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

455

Layer 2 management protocols 9.3 IGMP querier

9.3.2.3

no ip igmp snooping querier

Description

With this command, you disable the function IGMP Snooping Querier for a VLAN.

Requirement

You are in VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)#

Syntax

Call the command without parameters: no ip igmp snooping querier

Result

The IGMP Snooping Querier function is disabled for the specified VLAN.

Additional notes
You enable the function IGMP Snooping Querier for a VLAN with the ip igmp snooping querier command.
You display the status of this function and other information with the show ip igmp snooping command.

456

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4

Ring redundancy and standby connection

Note Avoiding bad configurations
When using the commands in this section, you should take particular care because a bad configuration of this function can have serious negative affects on the network.

Ring redundancy The ring redundancy function allows several devices to be interconnected in a ring structure. Since such a topology is not supported in normal network operation, such rings are logically disconnected using the Media Redundancy Protocol (MRP) or the High Speed Redundancy Protocol (HRP). If one component fails, all other elements of the ring can still be reached. The device that logically disconnects the ring is known as the redundancy manager (RM). The simple structure of the individual rings allows shorter reaction times if disruptions occur:  MRP approx. 200 ms  HRP approx. 300 ms Complex network topologies cannot be set up with this function.
Standby (HRP) Two network segments can be connected redundantly in each case via two links (master, slave). This function is known as the standby connection. With it, the links of the interfaces of the master device are active and the links of the interfaces of the slave device are inactive.
Note Position of master and slave device The master and slave device of a standby connection (link pair between different structures of the ring redundancy) must be located in the same ring.
Note Restriction in redundant linking of multiple HRP network segments When linking multiple network segments over standby redundancy, make sure that the standby master and standby slave are located in a closed network segment, a HRP ring. Otherwise, in the event of an error, there may be circulating frames that cause a failure in the network.

Link Check
With the Link Check function, you can monitor the transmission quality of optical sections within an HRP or MRP ring, identify disturbed connections and under certain conditions turn them off.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

457

Layer 2 management protocols 9.4 Ring redundancy and standby connection
When the disturbed section is turned off, the redundancy manager can close the ring and restore communication.
NOTICE Make sure that the frames used by Link Check for monitoring the optical connections are not supplanted by an overload of high-priority frames in the network. An overload of high priority frames can be caused by the following, for example:  Network loops that can cause duplication of the high-priority frames  Changing the priorities for forwarding frames

9.4.1

clear hrp counters

Description

With this command, you reset the HRP counters.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: clear hrp counters

Result

The HRP counters have been reset.

9.4.2

clear ring-redundancy manager counters
Note This command can only be executed when the ring redundancy mode "HRP Manager" is configured.

458

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Description

Layer 2 management protocols 9.4 Ring redundancy and standby connection
With this command, you reset the following counters:  How often the device as redundancy manager switched to the active status. With this status
change, the redundancy manager opens its blocked port because it no longer receives its sent RM frames.  The maximum delay time of the test frames of the redundancy manager.

Requirement

You are in User EXEC mode or in Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: clear ring-redundancy manager counters

Result

The counters are reset.

9.4.3

clear standby counter

Description

With this command, you reset the counters of the standby function.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: clear standby counter

Result

The standby counter is reset.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

459

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4.4

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.4.4.1

show hrp counters

Description

With this command, you display the following information:
 How often the device as redundancy manager switched to the active status, i.e. opened its blocked port because it no longer receives its sent RM frames.
 The maximum delay time of the test frames of the redundancy manager.
 How often the IE switch has changed the standby status from "Passive" to "Active".

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show hrp counters

Result

The counters are displayed.

460

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.4.4.2

show linkcheck

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Description

With this command you show the following information on the link check:  The ring ports on which you can enable Link Check  The current status  The statistics of sent and received Link Check frames of the monitored connections.
Note If you use Link Check together with a redundancy protocol (e.g. HRP), the values for the sent and received Link Check frames can be different.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show linkcheck

Result

The current information is displayed.

9.4.4.3

show ring-redundancy

Description

With this command, you show the current configuration of the ring redundancy and standby functions.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

461

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: show ring-redundancy

Result

The current configurations are displayed.

9.4.4.4

show ring-redundancy manager counters

Description

With this command, you display the following information:
 How often the device as redundancy manager switched to the active status, i.e. opened its blocked port because it no longer receives its sent RM frames.
 The maximum delay time of the test frames of the redundancy manager.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show ring-redundancy manager counters

Result

The counters are displayed.

9.4.5

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.

462

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

9.4.5.1

ring-redundancy configuration

Description

With this command, you change to the Redundancy Configuration mode.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ring-redundancy configuration

Result

You are now in the Redundancy Configuration mode. The command prompt is as follows: cli(config-red)#

Further notes

You exit the Redundancy Configuration mode with the end or exit command.

9.4.5.2

ring-redundancy hrpobserver

Description

With this command, you enable the observer or restart it.
The "observer" function is only available in HRP rings. The observer monitors malfunctions of the redundancy manager or incorrect configurations of an HRP ring.
If the observer is enabled, it can interrupt the connected ring if errors are detected. To do this, the observer switches a ring port to the "blocking" status. When the error is resolved, the observer enables the port again.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

463

Layer 2 management protocols 9.4 Ring redundancy and standby connection
If numerous errors occur in quick succession, the observer no longer enables its port automatically. The ring port remains permanently in the "blocking" status. This is signaled by the error LED and a message text. After the errors have been eliminated, you can enable the port again with this command and the parameter restart.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: ring-redundancy hrpobserver [restart] The parameters have the following meaning:

Parameter restart

Description Restarts the observer.

If you do not specify the optional parameter, the observer is enabled.

Result

The observer is enabled or restarted.

Further notes

You disable the observer with the no ring-redundancy hrpobserver command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.5.3

no ring-redundancy hrpobserver

Description

With this command, you disable the observer.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

464

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Layer 2 management protocols 9.4 Ring redundancy and standby connection
Call the command without parameter assignment: no ring-redundancy hrpobserver

Result

The observer is disabled.

Further notes

You enable the observer with the ring-redundancy hrpobserver command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.5.4

ring-redundancy mode

Description

With this command, you enable the ring redundancy function on a device.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command with the following parameters:
ring-redundancy mode {ard | mrpauto | mrpclient | mrpmanager | hrpclient | hrpmanager}
The parameters have the following meaning:

Parameter ard
mrpauto mrpclient

Description

Range of values / note

Enables the automatic redundancy mode  Default setting with PROFINET

(Automatic Redundancy Detection).

variants: enabled

 Default setting with EtherNet/IP variants: disabled

 Default setting with Industrial Ethernet variants: disabled

Enables the automatic MRP manager.

-

Enables ring redundancy with the MRP pro- tocol as client.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

465

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Parameter mrpmanager
hrpclient
hrpmanager

Description

Range of values / note

Enables ring redundancy with the MRP pro- Only available with DNA devices. tocol as manager.

Enables ring redundancy with the HRP pro- tocol as client.

Enables ring redundancy with the HRP pro- tocol in redundancy manager mode.

Result

The ring redundancy function is enabled and the redundancy mode is selected.

Additional notes You disable the ring redundancy function with the no ring-redundancy command.

9.4.5.5

no ring-redundancy

Description

With this command, you disable the ring redundancy function on a device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ring-redundancy

Result

The ring redundancy function is disabled.

Further notes

You enable the ring redundancy function with the ring-redundancy mode command.

466

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.4.5.6

ring-redundancy dna-redundancy

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Description

With this command, you enable Dual Network Access redundancy (DNA redundancy) on the device.

Requirements

 You are in global configuration mode. The command prompt is: cli(config)#
 The device must be configured as MRP manager or MRP client. DNA redundancy is only possible with MRP.

Syntax

Call the command without parameters: ring-redundancy dna-redundancy

Result

DNA Redundancy is enabled.

Additional notes
You disable DNA Redundancy with the no ring-redundancy dna-redundancy command.
You display the current configuration of the ring redundancy with the show ringredundancy command.

9.4.5.7

no ring-redundancy dna-redundancy

Description

With this command, you disable Dual Network Access redundancy (DNA redundancy) on the device.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

467

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: no ring-redundancy dna-redundancy

Result

DNA Redundancy is disabled.

Additional notes
You enable DNA Redundancy with the ring-redundancy dna-redundancy command.
You display the current configuration of the ring redundancy with the show ringredundancy command.

9.4.5.8

ring-redundancy standby

Description

With this command, you enable the standby function.

Requirement

 HRP is enabled
 You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call the command without parameters: ring-redundancy standby

Result

The standby function is enabled.

Further notes

You disable the setting with the no ring-redundancy standby command.
You can display the status of this function and other information with the show ringredundancycommand.

468

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.4.5.9

no ring-redundancy standby

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Description

With this command, you disable the standby function.

Requirement

 HRP is enabled
 You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call the command without parameters: no ring-redundancy standby

Result

The standby function is disabled.

Further notes

You enable the setting with the ring-redundancy standby command.
You can display the status of this function and other information with the show ringredundancycommand.

9.4.6

Commands in the redundancy configuration mode
This section describes commands that you can call up in the Redundancy Configuration mode.
In global configuration mode, enter the ring-redundancy configuration command to change to this mode.
 If you exit the Redundancy Configuration mode with the exit command, you return to the Global Configuration mode.
 If you exit the Redundancy Configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in redundancy configuration mode.
To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

469

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4.6.1

linkcheck

Description

With this command, you enable the Link Check function on a ring port and you can reset the function.
Note Enable Link Check on only one of two connection partners. This can lead to incorrect behavior.
Note If Link Check is enabled on all devices of a ring at the same time, and several connections within the ring have problems, this leads to fragmentation of the ring. 1. During commissioning enable the Link Check function for one connection section after the
other by enabling Link Check for the two connection partners connected to a line. 2. To ensure an error-free connection, wait 1 min. before you enable Link Check for the next
connection section.

Requirement

 You can only enable the Link Check function with optical ring ports of an HRP or MRP ring.
 Link Check must be enabled on two neighboring devices (connection partners) within an HRP or MRP ring.
 The ring ports on which you enable Link Check must be connected together.
 You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call the command with the following parameters: linkcheck {<interface-type> <interface-id>} [reset]

470

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection

The parameters have the following meaning:

Parameter interface-type interface-id reset

Description

Range of values/note

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

After resetting Link Check, the function When you use the reset param-

is restarted on the port and the statistics eter, loops can form temporarily

are reset.

resulting in a loss of data traffic.

If you use the reset parameter, the re- The loop is automatically cleared set must be performed on both connec- again.

tion partners within 30 s.

If this is not acceptable for your ap-

plication, reset Link Check by pull-

ing the connecting cable and plug-

ging it in again.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

Link Check is activated on the port.

Additional notes
You disable the function with the no linkcheck command.
You can display the status of this function and other information with the show linkcheck command.
With the event config command, you can configure so that you are informed of a status change by a message.

9.4.6.2

no linkcheck

Description

With this command, you disable the Link Check function on a port.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: no linkcheck {<interface-type> <interface-id>}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

471

Layer 2 management protocols 9.4 Ring redundancy and standby connection

The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values / note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

Link Check is deactivated on the port.

Further notes

You enable the function and reset the count with the linkcheck command.
You can display the status of this function and other information with the show linkcheck command.

9.4.6.3

ring ports

Description

With this command, you configure the ports of the ring redundancy manager or ring redundancy client on a device.
 Redundancy manager
­ In the normal status, the network structure is operated via port. The other port is only used by the ring redundancy manager for checking.
­ If there is a disruption, the two parts of the ring operate via both ports.
 Redundancy client
­ The client forwards all frames of the redundancy manager to the ring ports.

Requirement

 The ports are disabled in spanning tree.
 You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call the command with the following parameters:
ring ports {<interface-type> <interface-id>} {<interface-type> <interface-id>}

472

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

H-Sync Result

Layer 2 management protocols 9.4 Ring redundancy and standby connection

The parameters have the following meaning:

Parameter interface-type interface-id interface-type interface-id

Description Specifies the interface type for the first ring port. Specifies the number of the interface for the first ring port. Specifies the interface type for the second ring port. Specifies the number of the interface for the second ring port.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Note Differing port addresses
The first and second port must be configured on different interfaces.

H-Sync is a Layer 2 protocol with which process data is synchronized via PROFINET in systems with redundant control.
The two controllers are connected redundantly via an MRP ring. The controllers must be directly connected with one another on a path. Both controllers are configured as "MRP AutoManager", so one of the controllers becomes MRP manager. All other devices in the ring are MRP clients. The two controllers send H-Sync frames in both directions of the ring (Provider). H-Sync frames that they receive are not forwarded (Consumer). All other devices in the ring only forward the H-Sync frames between their ring ports in both directions (Forwarder). The HSync frames are filtered on all other ports.
H-Sync is a transparent protocol for the IE switches. For information on which IE switches can be used as H-Sync forwarder, refer to the section "System functions and hardware equipment".
You only configure H-Sync via STEP 7 Basic or Professional. However, note that settings deviating from the following rules can result in complications in configuration:
 Redundancy mode: MRP client
 Ring ports: - Use the ring ports preset in the factory. - Use the first two optical interfaces. - Use the first two gigabit interfaces. - Use Port 1 and Port 2.

The ports of the ring redundancy are configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

473

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4.6.4

standby connection-name

Description

With this command, you assign a name to the standby connection on the device.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: standby connection-name <string(32)> The parameter has the following meaning:

Parameter <string(32)>

Description Name of the connection

Range of values / note max. 32 characters

Result

The standby connection is assigned a name.

9.4.6.5

no standby connection-name

Description

With this command, you delete the name of a standby connection.

Requirement

You are in the Redundancy Configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call the command without parameters: no standby connection-name

474

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Layer 2 management protocols 9.4 Ring redundancy and standby connection
The name of the standby connection is deleted.

9.4.6.6

standby force-master

Description

With this command, you assign the role of standby master to the device, if the standby partner has not already been configured as master.

Requirement

 HRPis enabed
 You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call the command without parameters: standby force-master

Result

The standby force-master function is enabled.

Additional notes
You disable the setting with the no standby force-master command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.6.7

no standby force-master

Description

With this command, you disable the standby force-master function.

Requirement

 HRPis enabed
 You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

475

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: no standby force-master

Result

The standby force-master function is disabled.

Additional notes
You enable the setting with the standby force-master command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.6.8

standby port

Description

With this command, you configure and enable the port for a standby connection on a device.

Requirement

 The ports are disabled in spanning tree.
 You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: standby port {<interface-type> <interface-id>} The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values / note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The port for a standby connection is configured and enabled.

476

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Further notes

You disable the setting with the no standby port command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.6.9

no standby port

Description

With this command, disable the port for a standby connection on a device.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: no standby port {<interface-type><interface-id>} The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values / note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The ports for a standby connection are disabled.

Further notes

You enable the setting with the standby port command.
You can display the status of this function and other information with the show ringredundancy command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

477

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4.6.10

standby wait-for-partner

Description

With this command, you enable the "Wait for standby partner" function on the device. A standby connection is enabled only after the standby master and the standby slave as well as their standby partners have established a connection. This ensures that the redundant connection is really available before communication via a standby connection is enabled. As default, this function is enabled.
With an optional parameter, you can also define a specific period for the timeout. In this case, the standby connection is only enabled after the defined wait time.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: standby wait-for-partner [timeout <milliseconds(1-60000)>] The parameters have the following meaning:

Parameter timeout milliseconds

Description Keyword for the timeout Duration of the timeout in milliseconds

Range of values/note 1 ... 60000

Result

The "Wait for standby partner" function is enabled.

9.4.6.11

no standby wait-for-partner

Description

With this command, you disable the "Wait for standby partner" function on the device. A standby connection is enabled even if the standby master has not yet established a connection to the standby slave.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows:

478

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config-red)#

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Syntax

Call the command without parameters: no standby wait-for-partner

Result

The "Wait for standby partner" function is disabled.

9.4.6.12

mrpinterconnection

Description

With this command, you create or change an MRP Interconnection connection. At the same time, you switch to MRP Interconnection configuration mode.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: mrpinterconnection <table entry index (1-64)> The parameter has the following meaning:

Parameter table entry index

Description
Index of an existing connection or one that has to be newly created in the MRP Interconnection table.

Range of values/note 1 ... 64

Result

A new MRP Interconnection connection was created if a connection with the specified index did not exist yet. You are in the MRP Interconnection configuration mode. The command prompt is as follows:
cli(config-red-mrpin-<idx>)#
The placeholder <idx> stands for the index of the table entry, for example, the command prompt for the index 2 is cli(config-red-mrpin-2)#.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

479

Layer 2 management protocols 9.4 Ring redundancy and standby connection

9.4.6.13

no mrpinterconnection

Description

With this command, you delete an MRP Interconnection connection.

Requirement

You are in the Redundancy configuration mode. The command prompt is as follows: cli(config-red)#

Syntax

Call up the command with the following parameters: no mrpinterconnection <table entry index (1-64)> The parameter has the following meaning:

Parameter table entry index

Description
Index of an existing connection in the MRP Interconnection table.

Range of values/note 1 ... 64

Result

The MRP Interconnection connection with the specified index was deleted.

9.4.7

Commands in MRP Interconnection configuration mode
This section describes commands that you can call up in the MRP Interconnection configuration mode.
In redundancy configuration mode, enter the mrpinterconnection <table entry index (1-64)> command to change to this mode. The parameter table entry index (1-64) stands for the index of an existing connection or one that has to be newly created in the MRP Interconnection table.
 If you exit the MRP Interconnection configuration mode with the exit command, you return to the Redundancy configuration mode.
 If you exit the Redundancy configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in MRP Interconnection configuration mode.
To do this, you replace [command] with the command that you want to execute.

480

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.4.7.1

domain-id

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Description

With this command, you configure the ID of an MRP Interconnection connection. When specifying the ID, observe the following rules:
 The Interconnection domain ID cannot be 0.
 You need to configure the same Interconnection Domain ID for all four devices used for linking the rings.

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: domain-id <interconnection-id (1-65535)> The parameter has the following meaning:

Parameter
interconnectionid

Description

Range of values/note

The ID of an MRP Interconnection con- 1 ... 65535 nection.

Result

The MRP Interconnection connection was assigned the specified ID.

Additional notes
You can display the status of this function and other information with the show ringredundancy command.

9.4.7.2

domain-name

Description

With this command, you configure the name of an MRP Interconnection connection. You can specify any name. The names of the devices used for linking the rings can also be different.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

481

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: domain-name <interconnection-domain-name (240)> The parameter has the following meaning:

Parameter
interconnectiondomain-name

Description
The name of an MRP Interconnection connection.

Range of values/note Permitted characters:  'A' ... 'Z'  'a' ... 'z'  '0' ... '9'  The character '-', but not as first
or last character. Length: 1 to 240 characters

Result

The MRP Interconnection connection was assigned the specified name.

Additional notes
You can display the status of this function and other information with the show ringredundancy command.

9.4.7.3

Interface

Description

With this command, you configure the port for the MRP Interconnection connection. Be aware of the following restrictions:
 The port cannot be disabled or blocked. The "Unicast Blocking" function cannot be enabled for the port.
 The port cannot be used for a link aggregation.
 The port cannot be a monitor port of the "Mirroring" function.
 The port cannot be a Spanning Tree port.
 The port cannot be a ring port.

482

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection
 The port cannot be a router port.  The port must be a member of the VLAN with the Agent VLAN ID.  The port cannot be an 802.1X Authenticator Port.  The port cannot be an 802.1X Supplicant Port.

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: interface {<interface-type> <interface-id>} The parameters have the following meaning:

Parameters interface-type interface-id

Description

Range of values/note

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The MRP Interconnection connection was assigned the specified interface.

Additional notes
You display the status of this function and other information with the show ringredundancy command.

9.4.7.4

role

Description

With this command, you configure whether the device has the role of the client or the manager for an MRP Interconnection connection.

Requirement

You are in the MRP Interconnection configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

483

Layer 2 management protocols 9.4 Ring redundancy and standby connection
The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: role {manager | client} The parameters have the following meaning:

Parameter manager client

Description Keyword for the "Manager" role Keyword for the "Client" role

Range of values/note -

Result

The MRP Interconnection connection was assigned the specified role.

Additional notes
You can display the status of this function and other information with the show ringredundancy command.

9.4.7.5

client-position

Description

With this command, you configure the client position of an MRP Interconnection connection.

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: client-position {primary | secondary}

484

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection

The parameters have the following meaning:

Parameter primary
secondary

Description

Range of values/note

Keyword for the "Primary" client position In each ring, there is a client in the "Primary" position. The primary MRP Interconnection connection is established between these two clients.

Keyword for the "Secondary" client po- sition

A device in the "Secondary" posi- tion is connected via an MRP In- terconnection connection to the MRP Interconnection Manager.

Result

The MRP Interconnection connection was assigned the specified client position.

Additional notes
You can display the status of this function and other information with the show ringredundancy command.

9.4.7.6

wait-manager

Description

With this command, you specify that the MRP Interconnection Manager waits with data transfer until the primary client for MRP Interconnection is ready.

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call the command without parameters: wait-manager

Result

The waiting time for completion of the configuration is enabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

485

Layer 2 management protocols 9.4 Ring redundancy and standby connection
Additional notes You disable the waiting time for completion of the configuration with the no wait-manager command. You can display the status of this function and other information with the show ringredundancy command.

9.4.7.7

no wait-manager

Description

With this command, you specify that the MRP Interconnection interface is put into the "Forwarding" state after 200 milliseconds regardless of the operating state of the primary client.

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call the command without parameters: no wait-manager

Result

The waiting time for completion of the configuration is disabled.

Additional notes
You enable the waiting time for completion of the configuration with the no wait-forcompletion command.
You can display the status of this function and other information with the show ringredundancy command.

9.4.7.8

Interconnection

Description

With this command, you enable or disable the MRP Interconnection connection.

486

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.4 Ring redundancy and standby connection

Requirement

You are in the MRP Interconnection configuration mode. The command prompt is as follows: cli(config-red-mrpin-<idx>)# The placeholder <idx> stands for the index of a connection in the MRP Interconnection table.

Syntax

Call up the command with the following parameters: interconnection {enable | disable} The parameters have the following meaning:

Parameters enable
disable

Description

Range of values/note

Enables the MRP Interconnection con- nection.

Disables the MRP Interconnection con- nection.

Result

The MRP Interconnection connection was enabled or disabled.

Additional notes
You can display the status of this function and other information with the show ringredundancy command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

487

Layer 2 management protocols 9.5 Unicast

9.5

Unicast

The commands in this section configure the procedures for handling Unicast frames. The commands allow the following:  Filtering of Unicast frames  Blocking of ports  Automatic learning of Unicast  Blocking unknown Unicast frames. With the "show" commands, you can display the configuration data. With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1. You change the mode with the base bridge-mode command.

9.5.1

The "show" commands VLAN bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.5.1.1

show mac-address-table

Description

This command shows the table with the static and dynamic unicast MAC addresses and multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id>]

488

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.5 Unicast

The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:a a interface interface-type interface-id

Description Keyword for a VLAN or VLAN range Number of the addressed VLAN or VLAN range
Keyword for a MAC address MAC address
Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note 1 ... 4094 Enter the range limits with a hy- phen or a space. -
Specify a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries of the MAC addresses table are displayed.

9.5.1.2

show mac-address-table dynamic unicast

Description

This command shows the table with the dynamic unicast MAC addresses assigned by the device.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table dynamic unicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type> <interface-id>}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

489

Layer 2 management protocols 9.5 Unicast

The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Enter the range limits with a hy- phen without spaces.

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The dynamic unicast MAC addresses are displayed.

9.5.1.3

show mac-address-table static unicast

Description

This command shows the table with the static unicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table static unicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type><interface-
id>}]

490

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.5 Unicast

The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description Keyword for a VLAN connection Number of the addressed VLAN
Keyword for a MAC address MAC address Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values / note
1 ... 4094 Enter the range limits with a hy- phen without spaces. Enter a valid interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static unicast MAC addresses are displayed.

9.5.1.4

show unicast-block config

Description

This command shows the unicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show unicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

491

Layer 2 management protocols 9.5 Unicast
For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

Result

The unicast blocking settings for ports are displayed.

9.5.1.5

show unicast-mac flush config

Description

This command shows whether automatic deletion of the MAC address table in the event of a link-down is configured for a port. If you do not specify any interface name as parameter, the settings for all ports are displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command with the following parameters: show unicast-mac flush config [port <interface-type> <interface-id>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values/note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

Result

The settings of the ports for deleting the MAC address table are displayed.

9.5.2

Commands in the global configuration mode (VLAN bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode.

492

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

9.5.2.1

Layer 2 management protocols 9.5 Unicast
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.
mac-address-table static unicast

Description

With this command, you generate a static unicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> interface ([<interface-type> <interface-id>] [<interface-type> <0/a-b, 0/c,...>] [port-channel <interface-list>])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id interface interface-type interface-id port-channel interface-list

Description

Range of values / note

MAC address of the interface

-

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection Enter a valid port channel connec- Number of the addressed port channel tion.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

493

Layer 2 management protocols 9.5 Unicast

Result

The entry in the forwarding database is generated.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.
With the no mac-address-table static unicast command, you delete an entry.

9.5.2.2

no mac-address-table static unicast

Description

With this command, you delete a static unicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan<vlan-id(1-4094)>
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id

Description MAC address of the interface Keyword for a VLAN connection Number of the addressed VLAN

Range of values / note 1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry is deleted from the forwarding database.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.

494

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.5 Unicast
With the mac-address-table static unicast command, you create an entry.

9.5.3

The "show" commands (Transparent Bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.5.3.1

show dot1d mac-address-table

Description

This command shows the table with the static and dynamic unicast entries and the dynamic multicast entries.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa

Description Keyword for a MAC address MAC address

interface interface-type interface-id

Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note
Specify a valid MAC ad- dress. Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

495

Layer 2 management protocols 9.5 Unicast

Result

The entries are displayed.

9.5.3.2

show dot1d mac-address-table static unicast

Description

This command shows the table with the static unicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table static unicast [address <aa:aa:aa:aa:aa:aa>]
[{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description Keyword for a MAC address MAC address Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values / note Enter a valid interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static unicast MAC addresses are displayed.

9.5.3.3

show unicast-block config

Description

This command shows the unicast blocking settings for ports.

496

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.5 Unicast

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show unicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

Result

The unicast blocking settings for ports are displayed.

9.5.3.4

show unicast-mac flush config

Description

This command shows whether automatic deletion of the MAC address table in the event of a link-down is configured for a port. If you do not specify any interface name as parameter, the settings for all ports are displayed.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command with the following parameters: show unicast-mac flush config [port <interface-type> <interface-id>]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

497

Layer 2 management protocols 9.5 Unicast

The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values/note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of interfaces and addresses, refer to the section "Addresses and interface names (Page 46)".

Result

The settings of the ports for deleting the MAC address table are displayed.

9.5.4 9.5.4.1

Commands in the global configuration mode (Transparent Bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.
mac-address-table static unicast

Description

With this command, you generate a static unicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

498

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.5 Unicast

mac-address-table static unicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <0/a-b, 0/c,...>] [port-channel <interface-list>])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa interface interface-type interface-id port-channel interface-list

Description

Range of values / note

MAC address of the interface

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection Enter a valid port channel connec- Number of the addressed port channel tion.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry in the forwarding database is generated.

Further notes

With the show dot1d mac-address-table static unicast command, you display the list of configured entries.
With the no mac-address-table static unicast command, you delete an entry.

9.5.4.2

no mac-address-table static unicast

Description

With this command, you delete a static unicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static unicast <aa:aa:aa:aa:aa:aa>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

499

Layer 2 management protocols 9.5 Unicast

The parameters have the following meaning:

Parameter

Description

aa:aa:aa:aa:aa:aa MAC address of the interface

Range of values / note -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry is deleted from the forwarding database.

Further notes

With the show dot1d mac-address-table static unicast command, you display the list of configured entries.
With the mac-address-table static unicast command, you create an entry.

500

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.6 Multicast

9.6

Multicast

The commands in this section configure the procedures for handling Multicast frames. The commands allow the following:  Configuration of groups  IGMP  Blocking unknown Multicast frames. With the "show" commands, you can display the configuration data. With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1. You change the mode with the base bridge-mode command.

9.6.1

The "show" commands VLAN bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.6.1.1

show mac-address-table

Description

This command shows the table with the static and dynamic unicast MAC addresses and multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table [vlan <vlan-range>] [address <aa:aa:aa:aa:aa:aa>] [interface <interface-type> <interface-id>]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

501

Layer 2 management protocols 9.6 Multicast

The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:a a interface interface-type interface-id

Description Keyword for a VLAN or VLAN range Number of the addressed VLAN or VLAN range
Keyword for a MAC address MAC address
Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note 1 ... 4094 Enter the range limits with a hy- phen or a space. -
Specify a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries of the MAC addresses table are displayed.

9.6.1.2

show mac-address-table dynamic multicast

Description

This command shows the table with the dynamic multicast MAC addresses assigned by the device.
Note The device does not learn any reserved multicast addresses, see also RFC 5771.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:

502

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.6 Multicast

show mac-address-table dynamic multicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>] [{interface<interface-type><interface-id>}]
The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Enter the range limits with a hy- phen without spaces.

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The dynamic multicast MAC addresses are displayed.

9.6.1.3

show mac-address-table static multicast

Description

This command shows the table with the static multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show mac-address-table static multicast[vlan<vlan-range>] [address<aa:aa:aa:aa:aa:aa>][{interface<interface-type><interface-
id>}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

503

Layer 2 management protocols 9.6 Multicast

The parameters have the following meaning:

Parameter vlan vlan-range
address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Enter the range limits with a hy- phen without spaces.

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static multicast MAC addresses are displayed.

9.6.1.4

show multicast-block config

Description

This command shows the multicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show multicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

504

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Layer 2 management protocols 9.6 Multicast
For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)". If no parameters are specified, the settings for all ports are displayed.
The multicast blocking settings for ports are displayed.

9.6.2 9.6.2.1

Commands in the global configuration mode (VLAN bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.
mac-address-table static multicast

Description

With this command, you generate a static multicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan<vlan-id(1-4094)> interface([<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>] [port-channel<1-8>]])
[forbidden-ports([<interface-type><0/a-b,0/c,...>]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

505

Layer 2 management protocols 9.6 Multicast

[<interface-type><0/ab,0/c, ...>] [port-channel <1-8>]])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id interface interface-type 0/a-b, 0/c,... port-channel forbidden-ports

Description

Range of values / note

MAC address of the interface

-

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Specifies the name of a port channel 1-8

Keyword for the interface description of the blocked ports

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry in the forwarding database is generated.

Further notes

With the show mac-address-table static multicast command, you display the list of configured entries.
With the no mac-address-table static multicast command, you delete an entry.

9.6.2.2

no mac-address-table static multicast

Description

With this command, you delete a static multicast address.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan <vlanid(1-4094)>

506

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Layer 2 management protocols 9.6 Multicast

The parameters have the following meaning:

Parameter aa:aa:aa:aa :aa:aa vlan vlan-id

Description MAC address of the interface
Keyword for a VLAN connection Number of the addressed VLAN

Range of values / note -
1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

The "static multicast" function is disabled.

9.6.3

The "show" commands (Transparent Bridge)
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

9.6.3.1

show dot1d mac-address-table

Description

This command shows the table with the static and dynamic unicast entries and the dynamic multicast entries.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table [address <aa:aa:aa:aa:aa:aa>] [{interface <interface-type> <interface-id>}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

507

Layer 2 management protocols 9.6 Multicast

The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa

Description Keyword for a MAC address MAC address

interface interface-type interface-id

Keyword for a an interface description Type or speed of the interface Module no. and port no. of the interface

Range of values/note
Specify a valid MAC ad- dress. Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The entries are displayed.

9.6.3.2

show dot1d mac-address-table static multicast

Description

This command shows the table with the static multicast MAC addresses.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show dot1d mac-address-table static multicast [address <aa:aa:aa:aa:aa:aa>]
[{interface <interface-type> <interface-id>}]
The parameters have the following meaning:

Parameter address aa:aa:aa:aa:aa:aa interface interface-type interface-id

Description

Range of values / note

Keyword for a MAC address

-

MAC address

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

508

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.6 Multicast
For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)". If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

Result

The static multicast MAC addresses are displayed.

9.6.3.3

show multicast-block config

Description

This command shows the multicast blocking settings for ports.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show multicast-block config [port <interface-type> <interface-id)>] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a port description

-

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, the settings for all ports are displayed.

Result

The multicast blocking settings for ports are displayed.

9.6.4

Commands in the global configuration mode (Transparent Bridge)
This section describes commands that you can call up in the Global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

509

Layer 2 management protocols 9.6 Multicast
In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

9.6.4.1

mac-address-table static multicast

Description

With this command, you generate a static multicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]])
[forbidden-ports ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa :aa interface interface-type interface-id port-channel forbiddenports

Description MAC address of the interface
Keyword for a an interface description Type of interface Module no. and port no. of the interface Specifies the name of a port channel Keyword for the interface description of the blocked ports

Range of values / note -
Specify a valid interface.
1-8 -

510

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 2 management protocols 9.6 Multicast
For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)". If you do not select any parameters from the parameter list, the default value is used.

Result

The entry in the forwarding database is generated.

Further notes

With the show dot1d mac-address-table static multicast command, you display the list of configured entries.
With the no mac-address-table static multicast command, you delete an entry.

9.6.4.2

no mac-address-table static multicast

Description

With this command, you delete a static multicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> The parameter has the following meaning:

Parameter

Description

aa:aa:aa:aa:aa: MAC address of the interface aa

Range of values / note -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".
If you do not select any parameters from the parameter list, the default value is used.

Result

The entry is deleted from the forwarding database.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

511

Layer 2 management protocols 9.6 Multicast

Further notes

With the show dot1d mac-address-table static multicast command, you display the list of configured entries.
With the mac-address-table static multicast command, you create an entry.

512

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 3 functions

10

10.1

NAT

Note NAT/NATP is a layer 3 function and can only be used with IPv4. When using the ISO protocol that operates at layer 2, it is not possible to use NAT.

With Network Address Translation (NAT), IP subnets are divided into "Inside" and "Outside". The division is from the perspective of a NAT interface. All networks that can be reached via the NAT interface itself count as being "Outside" for this interface. All networks that csn be reached via IP interfaces of the same device count as being "Inside" for the NAT interface.
if there is routing via a NAT interface, the source or destination IP addresses of the transferred data packets are changed at the transition between "Inside" and "Outside". Whether the source or destination IP address is changed depends on the communication direction. The address of the communications node located "Inside" is always adapted. Depending on the perspective the IP address of the communications node is identified as "Local" or "Global".

Position

Inside Outside

Local

Perspective Global

An actual IP address that is as- An IP address at which an internal signed to a device in the internal device can be reached from the network. This address cannot be external network. reached from the external network.

An actual IP address that is assigned to a device in the external network.
Since only "inside" addresses are implemented, there is no distinction between made between outside local and outside global.

Computing capacity
Due to the load limitation of the CPU packet receipt of the device is limited to 300 packets a second. This corresponds to a maximum data through of 1.7 Mbps. This load limitation does not apply per interface but generally for all packets going the CPU.
The entire NAT communication runs via the CPU and therefore represents competition for IP communication going to the CPU, e.g. WBM and Telnet.
Note that a large part of the computing capacity is occupied if you use NAT.

NAT

With Network Address Translation (NAT), the IP address in a data packet is replaced by another. NAT is normally used on a gateway between an internal network ("Inside") and an external network ("Outside").

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

513

Layer 3 functions 10.1 NAT
With source NAT, the inside local source address of an IP packet from a device in the internal network is rewritten to an inside global address by a NAT device at the network transition. With destination NAT, the inside global destination address of an IP packet from a device in the external network is rewritten by a NAT device to an inside local address at the gateway. To translate the internal into the external IP address and back, the NAT device maintains a translation list. The address assignment can be dynamic or static.

NAPT

In Network Address Port Translation (NAPT), several internal IP addresses are translated into the same external IP address. To identify the individual nodes, the port of the internal device is also stored in the translation list of the NAT device and translated for the external address.
If several internal devices send a query to the same external destination IP address via the NAT device, the NAT device enters its own external source IP address in the header of these forwarded frames. Since the forwarded frames have the same external source IP address, the NAT device assigns the frames to the devices using a different port number.
If a device from the external network wants to use a service in the internal network, the translation list for the static address assignment needs to be configured.

NAT/NAPT and IP routing
You can enable NAT/NAPT and IP routing at the same time. In this case, you need to regulate the reachability of internal addresses from external networks with IP access lists (ACL).

10.1.1

The "show" commands

10.1.1.1

show ip nat config

Description

This command shows the global NAT/NAPT configuration.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show ip nat config

514

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The global NAT configuration is displayed.

Layer 3 functions 10.1 NAT

Further notes

You enable NAT/NAPT for the entire device with the ip nat command in the Global configuration mode.
You disable NAT/NAPT for the entire device with the no ip nat command in the Global configuration mode.
You delete the periods of time with the ip nat timeout command.
You can reset the time periods to the default with the ip nat timeout command.

10.1.1.2

show ip nat service

Description

This command shows static port translations (NAPT) for an interface with a service.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show ip nat service

Result

The information is displayed.

Further notes

You configure static port translations for an interface with the ip nat service command. You delete a configuration with the no ip nat service command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

515

Layer 3 functions 10.1 NAT

10.1.1.3

show ip nat service portrange

Description

This command shows static port translations (NAPT) for an interface with a port range.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show ip nat service portrange

Result

The selected service, start and end port of an interface are displayed.

Further notes

You configure static port translations for an interface with a port range with the ip nat service portrange command.
You delete a configuration with the no ip nat service portrange command.

10.1.1.4

show ip nat summary

Description

This command shows the NAT/NAPT configuration of the interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show ip nat summary

516

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Layer 3 functions 10.1 NAT
The current NAT/NAPT configuration of the interfaces is displayed.

Further notes

You enable NAT for the selected IP interface with the ip nat command in the Interface configuration mode.
You disable NAT for the selected IP interface with the no ip nat command in the Interface configuration mode.
You enable NAPT for the selected IP interface with the ip nat napt command in the Interface configuration mode.
You disable NAPT for the selected IP interface with the no ip nat napt command in the Interface configuration mode.

10.1.1.5

show ip nat

Description

This command shows address translations or active connections depending on the selected parameter.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show ip nat { interface | static | translations} The parameters have the following meaning:

Parameter interface
static
translations

Description
Shows the configuration of the dynamic address translations.
Shows the configuration of the static 1:1 address translations.
Displays the active NAT connections.

Range of values / note -
-
-

Result

The configured address translations or active connections are displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

517

Layer 3 functions 10.1 NAT

Further notes

You configure a static address translation with the ip nat static command. You delete a static address translation with the no ip nat static command. You configure a dynamic address translation with the ip nat pool command. You delete a dynamic address translation with the no ip nat pool command.

10.1.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

10.1.2.1

ip nat

Description

With this command you enable NAT/NAPT for the entire device.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: ip nat

Result

NAT/NAPT is enabled globally for the entire device. The device operates as a NAT router.

518

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 3 functions 10.1 NAT

Further notes

You disable NAT/NAPT for the entire device with the no ip nat command. You display the current configuration with the command.

10.1.2.2

no ip nat

Description

With this command you disable NAT/NAPT for the entire device.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip nat

Result

NAT/NAPT is disabled globally for the entire device.

Further notes

You enable NAT/NAPT for the entire device with the ip nat command. You display the current configuration with the command.

10.1.2.3

ip nat timeout

Description

With this command you define periods of time after which existing connections are deleted if there is no data exchange.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

519

Layer 3 functions 10.1 NAT

Syntax

Call up the command with the following parameters:
ip nat {idle timeout <seconds (60-86400)> | {tcp | udp } timeout <seconds (300-86400)>}
The parameters have the following meaning:

Parameter idle timeout seconds
tcp udp

Description

Range of values / note

Keyword for the time after which a xxxx con- nection is deleted

Value for the time in seconds

For the parameter idle:

 60 ... 86400

For the parameter udp:

 300 ... 86400

Keyword for the time after which a TCP con- nection is deleted

Keyword for the time after which a UDP con- nection is deleted

Result

The time periods are defined.

Further notes

You can reset the time periods to the default with the ip nat timeout command. You display the current configuration with the command.

10.1.2.4

no ip nat timeout

Description

With this command you reset periods of time after which existing connections are deleted back to the default value.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no ip nat {idle | {tcp | udp } timeout

520

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Layer 3 functions 10.1 NAT

The parameters have the following meaning:

Parameter idle
tcp
udp

Description
Keyword for the time period of a xxxx con- nection
Keyword for the time period of a TCP con- nection
Keyword for the time period of a UDP con- nection

Range of values / note -
-
-

Result

The time periods are reset.

Further notes

You delete the periods of time with the ip nat timeout command. You display the current configuration with the command.

10.1.3

Commands in the Interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

10.1.3.1

ip nat

Description

With this command, you enable NAT for the IP interface.

Requirement

You are in the Interface configuration mode

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

521

Layer 3 functions 10.1 NAT
The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: ip nat

Result

NAT is activated for the IP interface.

Further notes

You disable NAT for the selected IP interface with the no ip nat command. You display the current configuration with the show ip nat summary command.

10.1.3.2

no ip nat

Description

With this command, you disable NAT for the selected IP interface.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip nat

Result

NAT is deactivated for the selected IP interface.

Further notes

You enable NAT for the selected IP interface with the ip nat command. You display the current configuration with the show ip nat summary command.

522

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

10.1.3.3

ip nat napt

Layer 3 functions 10.1 NAT

Description

With this command, you enable NAPT for the selected IP interface.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: ip nat napt

Result

NAPT is activated for the selected IP interface.

Further notes

You disable NAPT for the selected IP interface with the no ip nat napt command. You display the current configuration with the show ip nat summary command.

10.1.3.4

no ip nat napt

Description

With this command, you disable NAPT for the selected IP interface.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call the command without parameter assignment: no ip nat napt

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

523

Layer 3 functions 10.1 NAT

Result

NAPT is deactivated for the selected IP interface.

Further notes

You enable NAPT for the selected IP interface with the ip nat napt command. You display the current configuration with the show ip nat summary command.

10.1.3.5

ip nat pool

Description

With this command, you configure a pool for dynamic address translations.
As default, the device cannot be reached from an external network. If the device wants to communicate in an external network, an inside global address is assigned to it dynamically. Using this inside global address, the device can be reached from the external network until the timer of the connection elapses.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters: ip nat pool <inside global ip> <mask> The parameters have the following meaning:

Parameter inside global ip
mask

Description
Start address for the dynamic assign- ment of addresses at which devices will be reachable from external.
Address mask of the external subnet

Range of values / note Enter a valid IPv4 address.
Enter a valid subnet mask.

Result

A pool is defined.

Further notes

You delete a dynamic address translation with the no ip nat pool command. You display the current configuration with the show ip nat command.

524

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

10.1.3.6

no ip nat pool

Layer 3 functions 10.1 NAT

Description

With this command, you delete a pool for dynamic address translations.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters: no ip nat pool <inside global ip> The parameter has the following meaning:

Parameter inside global ip

Description

Range of values / note

Start address for the dynamic assign- Enter a valid IPv4 address. ment of addresses at which devices are reachable from external.

Result

A pool is deleted.

Further notes

You configure a dynamic address translation with the ip nat pool command. You display the current configuration with the show ip nat command.

10.1.3.7

ip nat service

Description

With this command you configure static port translations (NAPT) for an interface with a service.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

525

Layer 3 functions 10.1 NAT

Syntax

Call up the command with the following parameters:
ip nat service <inside local ip> [<inside local port number>] { auth | dns | ftp | pop3 | pptp | smtp | telnet | http | nntp |
snmp | other [<inside global port number>]} [{ tcp | udp | any }] [<description>]
The parameters have the following meaning:

Parameter inside local ip inside local port number Service
inside global port number Protocol description

Description

Range of values / note

Actual address of the device that Enter a valid IPv4 address. should be reachable from external.

Port that will be assigned to the in- If you do not specify any ports, the port

side local address.

that you assign for the inside

global port number parameter will

be entered.

Service for which the port transla-  auth

tion is valid.

 dns

 ftp

 pop3

 pptp

 smtp

 telnet

 http

 nntp

 snmp

 other

Port that will be assigned to the in- If you have selected the other service,

side global address.

you can enter a port.

If you have selected another service, a port will be specified.

Protocol for which the port transla-  tcp

tion is valid.

 udp

 any

Description for the port translation -

Result

The static port translation with a service is configured.

Further notes

You delete a configuration with the no ip nat service command.
You configure static port translations for an interface with a port range with the ip nat service portrange command.
You display the current configuration with the show ip nat service command.

526

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

10.1.3.8

no ip nat service

Layer 3 functions 10.1 NAT

Description

With this command you delete static port translations (NAPT) for an interface with a service.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters:
no ip nat service {{<inside local ip> <inside local port number> [{ tcp | udp | any }]} | all}
The parameters have the following meaning:

Parameter inside local ip
inside local port number Protocol
all

Description

Range of values / note

Actual address of the device that is Enter a valid IPv4 address. reachable from external.

Port that is assigned to the inside local address.

Protocol for which the port transla-  tcp

tion is valid.

 udp

 any

Deletes all port translations

-

Result

The static port translation with a service is deleted.

Further notes

You configure static port translations with a service for an interface with the ip nat service command.
You configure static port translations for an interface with a port range with the ip nat service portrange command.
You display the current configuration with the show ip nat service command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

527

Layer 3 functions 10.1 NAT

10.1.3.9

ip nat service portrange

Description

With this command you configure static port translations (NAPT) for an interface with a port range.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters:
ip nat service portrange <inside local ip> {tcp|udp|any} <inside local start port no> <inside local end port no> [<description>]
The parameters have the following meaning:

Parameter inside local ip
Protocol
inside local start port no inside local end port no description

Description

Range of values / note

Actual address of the device that should Enter a valid IPv4 address. be reachable from external.

Protocol for which the port translation is  tcp

valid.

 udp

 any

Start port that will be assigned to the in- The port range you define will also

side local address.

be used for the port of the inside

End port that will be assigned to the in- global address. A port range can

side local address.

only be translated to the same port

range.

Description for the port translation

-

Result

The static port translation with a port range is configured.

Further notes

You delete a configuration with the no ip nat service portrange command.
You configure static port translations with a service for an interface with the ip nat service command.
You display the current configuration with the show ip nat service portrange command.

528

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

10.1.3.10 no ip nat service portrange

Layer 3 functions 10.1 NAT

Description

With this command you delete static port translations (NAPT) for an interface with a port range.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters:
no ip nat service portrange <inside local ip> {tcp|udp|any} <inside local start port no> <inside local end port no>
The parameters have the following meaning:

Parameter inside local ip
Protocol
inside local start port no inside local end port no

Description Actual address of the device that is reachable from external. Protocol for which the port translation is valid.
Start port that is assigned to the inside local address. End port that is assigned to the inside local address.

Range of values / note Enter a valid IPv4 address.
 tcp  udp  any -
-

Result

The static port translation with a port range is deleted.

Further notes

You configure static port translations for an interface with a port range with the ip nat service portrange command.
You configure static port translations with a service for an interface with the ip nat service command.
You display the current configuration with the show ip nat service portrange command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

529

Layer 3 functions 10.1 NAT
10.1.3.11 ip nat static

Description

With this command, you configure static 1:1 address translations.
You specify which inside global address the inside local address of a device will be converted to and vice versa. This variant allows connection establishment in both directions. The device in the internal network can be reached from the external network.

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Syntax

Call up the command with the following parameters: ip nat static <inside local ip> <inside global ip> The parameters have the following meaning:

Parameter inside local ip
inside global ip

Description

Range of values / note

Actual address of the device that should Enter a valid IPv4 address. be reachable from external.

Address at which the device will be reachable from external

Enter a valid IPv4 address.

Result

A static address translation is defined.

Further notes

You delete a static address translation with the no ip nat static command. You display the current configuration with the show ip nat command.

10.1.3.12 no ip nat static

Description

With this command, you delete static 1:1 address translations.

530

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Interface configuration mode The command prompt is as follows: cli(config-if-$$)#

Layer 3 functions 10.1 NAT

Syntax

Call up the command with the following parameters: no ip nat static <inside local ip> The parameter has the following meaning:

Parameter inside local ip

Description
Actual address of the device that is reachable from external.

Range of values / note Enter a valid IPv4 address.

Result

A static address translation is deleted.

Further notes

You configure a static address translation with the ip nat static command. You display the current configuration with the show ip nat command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

531

Layer 3 functions 10.2 Single-Hop Inter-VLAN-Routing

10.2

Single-Hop Inter-VLAN-Routing
Introduction A physical network is divided into broadcast domains and subnets by VLANs. Devices (hosts) within a VLAN can communicate with each other directly via layer 2. The frames are forwarded to the relevant device based on the MAC address. Devices from different VLANs cannot communicate with each other directly via layer 2. The data traffic must be routed based on the IP address. With the Single-Hop Inter-VLAN-Routing function it is possible that devices from different VLANs communicate with each other without a router being necessary.
Requirements  The IE switch can manage several IP interfaces.  The switch is a member in the VLANs to be routed.  With the hosts, the IP address of the VLAN is entered as default gateway.
Single-Hop Inter-VLAN-Routing The IE switch receives a frame and recognizes that it is addressed to a device in another VLAN. It forwards the frame to the corresponding port in the VLAN. The IE switch only knows VLANs with which it is directly connected (Connected). With SingleHop Inter-VLAN-Routing it is therefore only possible to route between two local IP interfaces.

10.2.1

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

10.2.1.1

ip single-hop inter-vlan-routing

Description

With this command, you enable the Single-Hop Inter-VLAN-Routing function.

532

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Layer 3 functions 10.2 Single-Hop Inter-VLAN-Routing

Syntax

Call the command without parameters: ip single-hop inter-vlan-routing

Result

The function is enabled. The device can route between two local IP interfaces.

Further notes

You disable the Single-Hop Inter-VLAN-Routing function with the no ip single-hop inter-vlan-routing command.

10.2.1.2

no ip single-hop inter-vlan-routing

Description

With this command, you enable the Single-Hop Inter-VLAN-Routing function.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no ip single-hop inter-vlan-routing

Result

The function is disabled.

Further notes

You enable the Single-Hop Inter-VLAN-Routing function with the ip single-hop intervlan-routing command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

533

Layer 3 functions 10.2 Single-Hop Inter-VLAN-Routing

534

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Load control

11

This part contains the sections describing the functions for controlling and balancing network load.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

535

Load control 11.1 Rate control

11.1

Rate control
This section describes commands for controlling and restricting the data transmission rate of an interface.

11.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

11.1.1.1

show rate-limit output

Description

This command shows the packet rate for limiting the outgoing data stream of one or all interfaces.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show rate-limit output[interface<interface-type><interface-id>] The parameters have the following meaning:

Parameter interface interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameter from the parameter list, the entries are displayed for all available interfaces.

536

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The entries are displayed.

Load control 11.1 Rate control

11.1.2

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

11.1.2.1

rate-limit output

Description

With this command, you configure and enable the data rate in Kbps for limiting the outgoing data stream of the interface.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: rate-limit output <rate-value> The parameters have the following meaning:

Parameter rate-value

Description Value for the data rate in Kbps

Range of values/note
Default: The data rate is set to 0. The out- going data stream is not limited.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

537

Load control 11.1 Rate control
If you do not select any parameters from the parameter list, the default value is used.

Result

The limitation of the outgoing data stream of the interface with the data rate is enabled.

Additional notes You disable the function with the no rate-limit output command.

11.1.2.2

no rate-limit output

Description

With this command, you disable the data rate for limiting the outgoing data stream of the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no rate-limit output

Result

The limitation of the outgoing data stream of the interface with the data rate is disabled.

Further notes

You enable the function with the rate-limit output command.

538

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.1.2.3

storm-control

Load control 11.1 Rate control

Description

With this command, you enable data rate for limiting the incoming data stream of the interface for broadcast, multicast or unknown unicast packets.
Note Applications Storm control is only supported on physical interfaces.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: storm-control{broadcast | multicast | dlf | unicast} The parameters have the following meaning:

Parameter broadcast multicast dlf
unicast

Description
Limits broadcast packets Limits multicast packets Limits unicast packets with unresolvable addresses (dfl = destination lookup fail) Limits unicast packets with resolvable addresses

As default the function is "disabled" for all transfer types.

Note Configuration of the threshold value
The default value for the storm control level is 0 Kbps. The incoming data stream is not limited.
To have the incoming data stream limited, configure the threshold value with the stormcontrol level command.

Result

The storm control function is enabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

539

Load control 11.1 Rate control
Additional notes You disable the function with the no storm-control command. You configure the threshold value for the storm control function with the storm-control level command.

11.1.2.4

no storm-control

Description

With this command, you disable the storm control function for broadcast, multicast or unknown unicast packets.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no storm-control{broadcast | multicast | dlf | unicast} The parameters have the following meaning:

Parameter broadcast multicast dlf unicast

Description Disables broadcast storm control Disables multicast storm control Disables unknown unicast storm control Disables unicast storm control

if you call up the function without parameters, it is disabled for all types of transmission.

Result

The storm control function is disabled.

Additional notes You enable the function with the storm-control command.

540

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.1.2.5

storm-control level

Load control 11.1 Rate control

Description

With this command, you configure the value for the storm control function in Kbps.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: storm-control level <rate-value> The parameters have the following meaning:

Parameter rate-value

Description Value for the data rate in Kbps

Range of values/note
The value range depends on the port speed. The entry is rounded down to the next valid value. If small values are entered, the val- ue is rounded up to the next valid value.
Default:
The data rate is set to 0. The in- coming data stream is not limited.

Result

The value for the storm control function is configured.

Additional notes You can reset the setting to the default with the no storm-control level command.

11.1.2.6

no storm-control level

Description

With this command, you reset the value for the storm control function to the default value. The default value for the storm control level is 0 Kbps. The incoming data stream is not limited.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

541

Load control 11.1 Rate control

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no storm-control level

Result

The value for the storm control function is reset to the default.

Additional notes
You configure the value for the storm control function with the storm-control level command.

542

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.2

Static MAC filtering

Load control 11.2 Static MAC filtering

11.2.1

network-filtering

Description

With this command, you block frames from devices (MAC address) that could lead to an overload of the switch CPU in the PROFINET environment. Processing and forwarding of these frames is blocked for a maximum of 1 second. The aim is to have enough resources available for AR maintenance.
Note
This command is available only with the following devices:  SCALANCE XR-300 WG  Devices without gigabit ports  Devices without combo ports
Only enable this function when AR failures lead to an overload of the switch CPU in the PROFINET environment.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: network-filtering {enabled | disabled} The parameters have the following meaning:

Parameter enabled
disabled

Description

Range of values / note

Overload protection for the switch CPU is enabled. In the event of an overload, data traffic from specific MAC addresses is blocked.

Overload protection is disabled. The data traffic is not limited.

Result

The function for limiting data traffic is configured.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

543

Load control 11.2 Static MAC filtering

11.2.2

Commands in the global configuration mode (VLAN bridge)
With the following commands, note which "Base bridge mode" you are in. If you are in the "Transparent Bridge" mode, all settings relate to the management VLAN: VLAN 1.
You change the mode with the base bridge-mode command.
This section describes commands that you can call up in the Global configuration mode.
In Privileged EXEC mode, enter the configure terminal command to change to this mode.
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.
You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again.
You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode.
To do this, you replace [command] with the command that you want to execute.

11.2.2.1

mac-address-table static multicast

Description

With this command, you generate a static multicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> vlan<vlan-id(1-4094)> interface([<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>] [port-channel<1-8>]])
[forbidden-ports([<interface-type><0/a-b,0/c,...>] [<interface-type><0/ab,0/c, ...>] [port-channel <1-8>]])

544

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Load control 11.2 Static MAC filtering

The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id interface interface-type 0/a-b, 0/c,... port-channel forbidden-ports

Description

Range of values / note

MAC address of the interface

-

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Specifies the name of a port channel 1-8

Keyword for the interface description of the blocked ports

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry in the forwarding database is generated.

Further notes

With the show mac-address-table static multicast command, you display the list of configured entries.
With the no mac-address-table static multicast command, you delete an entry.

11.2.2.2

no mac-address-table static multicast

Description

With this command, you delete a static multicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no mac-address-table static multicast<aa:aa:aa:aa:aa:aa> vlan<vlan-id(1-4094)>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

545

Load control 11.2 Static MAC filtering

The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan
vlan-id

Description

Range of values / note

MAC address of the interface

-

Keyword for the number of a VLAN con- nection

Number of the addressed VLAN

1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry is deleted from the forwarding database.

Further notes

With the show mac-address-table static multicast command, you display the list of configured entries.
With the mac-address-table static multicast command, you create an entry.

11.2.2.3

mac-address-table static unicast

Description

With this command, you generate a static unicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan <vlan-id(1-4094)> interface ([<interface-type> <interface-id>] [<interface-type> <0/a-b, 0/c,...>] [port-channel <interface-list>])

546

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Load control 11.2 Static MAC filtering

The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id interface interface-type interface-id port-channel interface-list

Description

Range of values / note

MAC address of the interface

-

Keyword for a VLAN connection

-

Number of the addressed VLAN

1 ... 4094

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection Enter a valid port channel connec- Number of the addressed port channel tion.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry in the forwarding database is generated.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.
With the no mac-address-table static unicast command, you delete an entry.

11.2.2.4

no mac-address-table static unicast

Description

With this command, you delete a static unicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> vlan<vlan-id(1-4094)>

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

547

Load control 11.2 Static MAC filtering

The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa vlan vlan-id

Description MAC address of the interface Keyword for a VLAN connection Number of the addressed VLAN

Range of values / note 1 ... 4094

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry is deleted from the forwarding database.

Further notes

With the show mac-address-table static unicast command, you display the list of configured entries.
With the mac-address-table static unicast command, you create an entry.

11.2.3 11.2.3.1

Commands in the global configuration mode (Transparent Bridge)
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.
mac-address-table static multicast

Description

With this command, you generate a static multicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows:

548

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config)#

Load control 11.2 Static MAC filtering

Syntax

Call up the command with the following parameters:
mac-address-table static multicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]])
[forbidden-ports ([<interface-type> <interface-id>] [<interface-type> <interface-id>] [port-channel <1-8>]])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa :aa interface interface-type interface-id port-channel forbiddenports

Description MAC address of the interface
Keyword for a an interface description Type of interface Module no. and port no. of the interface Specifies the name of a port channel Keyword for the interface description of the blocked ports

Range of values / note -
Specify a valid interface.
1-8 -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

Result

The entry in the forwarding database is generated.

Further notes

With the show dot1d mac-address-table static multicast command, you display the list of configured entries.
With the no mac-address-table static multicast command, you delete an entry.

11.2.3.2

no mac-address-table static multicast

Description

With this command, you delete a static multicast MAC address entry from the forwarding database.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

549

Load control 11.2 Static MAC filtering

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no mac-address-table static multicast <aa:aa:aa:aa:aa:aa> The parameter has the following meaning:

Parameter

Description

aa:aa:aa:aa:aa: MAC address of the interface aa

Range of values / note -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

Result

The entry is deleted from the forwarding database.

Further notes

With the show dot1d mac-address-table static multicast command, you display the list of configured entries.
With the mac-address-table static multicast command, you create an entry.

11.2.3.3

mac-address-table static unicast

Description

With this command, you generate a static unicast MAC address entry in the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

550

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Load control 11.2 Static MAC filtering

Call up the command with the following parameters:
mac-address-table static unicast <aa:aa:aa:aa:aa:aa> interface ([<interface-type> <interface-id>] [<interface-type> <0/a-b, 0/c,...>] [port-channel <interface-list>])
The parameters have the following meaning:

Parameter aa:aa:aa:aa:aa:aa interface interface-type interface-id port-channel interface-list

Description

Range of values / note

MAC address of the interface

-

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection Enter a valid port channel connec- Number of the addressed port channel tion.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry in the forwarding database is generated.

Further notes

With the show dot1d mac-address-table static unicast command, you display the list of configured entries.
With the no mac-address-table static unicast command, you delete an entry.

11.2.3.4

no mac-address-table static unicast

Description

With this command, you delete a static unicast MAC address entry from the forwarding database.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

551

Load control 11.2 Static MAC filtering

no mac-address-table static unicast <aa:aa:aa:aa:aa:aa> The parameters have the following meaning:

Parameter

Description

aa:aa:aa:aa:aa:aa MAC address of the interface

Range of values / note -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry is deleted from the forwarding database.

Further notes

With the show dot1d mac-address-table static unicast command, you display the list of configured entries.
With the mac-address-table static unicast command, you create an entry.

11.2.4

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

11.2.4.1

switchport ingress-filter

Description

With incoming packets, the ingress filter checks whether the port on which the packet was received belongs to the sending VLAN. If this is not the case, the packet is not processed.
With this command, you enable the ingress filter.

552

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Load control 11.2 Static MAC filtering

Syntax

Call the command without parameters: switchport ingress-filter

Result

The ingress filter is activated.

Further notes

You disable the filter with the no switchport ingress-filter command.
You can display the status of the ingress filter and other settings with the show vlan port config command.

11.2.4.2

no switchport ingress-filter

Description

With this command, you disable the ingress filter.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport ingress-filter

Result

The ingress filter is deactivated.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

553

Load control 11.2 Static MAC filtering

Further notes

You enable the filter with the switchport ingress-filter command.
You can display the status of the ingress filter and other settings with the show vlan port config command.

554

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.3

Load control 11.3 Dynamic MAC aging
Dynamic MAC aging
The section describes commands with which the aging of dynamically learned entries is configured in a MAC address list.

11.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

11.3.1.1

show mac-address-table aging-time

Description

To ensure that the address entries are up-to-date, MAC addresses are only kept in the address table for a specified time.
This command shows the time after which the MAC addresses are removed from the address table.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show mac-address-table aging-time

Result

The time is displayed.

11.3.1.2

show mac-address-table aging-status

Description

This command shows whether or not MAC aging is enabled.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

555

Load control 11.3 Dynamic MAC aging

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show mac-address-table aging-status

Result

The status of the MAC aging is displayed.

11.3.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

11.3.2.1

mac-address-table aging-time

Description

With this command, you configure the aging of a dynamically learned entry in the MAC address list.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

556

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Load control 11.3 Dynamic MAC aging

Call up the command with the following parameters: mac-address-table aging-time <seconds(15-630)> The parameter has the following meaning:

Parameter seconds

Description Life of the entry in seconds

Range of values / note
15 ... 630
Default: 300
Enter the period of time in seconds in steps of 15.
When you input the Aging Time, note that the WBM rounds to cor- rect values. If you enter a value that cannot be divided by 15, the value is automatically rounded down.

Result

The value of the aging of a dynamically learned entry is configured.

Further notes

You can reset the setting to the default with the no mac-address-table aging-time command.
You display the setting with the show mac-address-table aging-time command.

11.3.2.2

no mac-address-table aging-time

Description

With this command, you reset the value for the aging of a dynamically learned entry in the MAC address list to the default value.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no mac-address-table aging-time

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

557

Load control 11.3 Dynamic MAC aging

Result

The value of the aging of a dynamically learned entry is reset to the default value.

Further notes

You configure the setting with the mac-address-table aging-time command. You display the setting with the show mac-address-table aging-time command.

11.3.2.3

mac-address-table aging

Description

With this command, you enable the "Aging" function. The "Aging" function ensures that an entry in the MAC address list that was learned dynamically is deleted again after a certain time.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: mac-address-table aging

Result

The "Aging" function is enabled.

Further notes

You configure the time with the mac-address-table aging-time command. You disable the "Aging" function with the no mac-address-table aging command.

11.3.2.4

no mac-address-table aging

Description

With this command, you disable the "Aging" function.

558

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Load control 11.3 Dynamic MAC aging

Syntax

Call the command without parameters: no mac-address-table aging

Result

The "Aging" function is disabled.

Further notes

You enable the "Aging" function with the mac-address-table aging command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

559

Load control 11.4 Flow control

11.4

Flow control
The flow control function monitors the incoming data traffic of a port. If there is overload ("Congestion", "Overflow") it sends a signal to the connection partner. If the flow control function receives a signal at the sending end, it stops the data transmission to avoid loss of data.
This section describes commands of the flow control function.

11.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

11.4.1.1

show flow-control

Description

This command shows the settings of the flow control function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show flow-control [interface <interface-type><interface-id>] The parameters have the following meaning:

Parameter interface interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the information for the router will be displayed.

560

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The settings of the flow control function are displayed.

Load control 11.4 Flow control

11.4.2

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

11.4.2.1

flowcontrol

Description

The flow control function monitors a connection at the receiving end to make sure that not more data is received than can be processed. If flow control detects a threat of data overflow, the partner at the sending end is sent a signal to stop transmitting.
With this command, you configure the flow control function for an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: flowcontrol {on|off}

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

561

Load control 11.4 Flow control

The parameters have the following meaning:

Parameter on

Description Enables the function

off

Disables the function

Range of values / note
You can only enable or disable flow control when the "Auto negotiation" function is turned off. Afterwards you can enable "Auto negotiation" again.
To use the flow control function, enable flow control at the appropriate input and output ports.
If a packet is sent from an input port with flow control enabled to an output port with flow control enabled, the packet is not discarded if there is overflow. If flow control is enabled only on the input port, the packet can be discarded if there is overload.
-

Result

The settings for the flow control function are configured.

Further notes

You can display the status of this function with the show flow-control command. You disable "Auto negotiation" with the no negotiation command. You enable "Auto negotiation" with the negotiation command.

562

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.5

Load control 11.5 Service classes
Service classes
This section describes commands for configuring the assignment tables for service classes and the Differentiated Services Code Point (DSCP).

11.5.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

11.5.1.1

show qos agent-priority

Description

This command shows the current priority of agent frames.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos agent-priority

Result

The current priority of the agent frames is displayed.

Further notes

You configure the priority of agent frames with the agent-priority command.

11.5.1.2

show qos broadcast-priority

Description

This command shows the current priority of broadcast frames.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

563

Load control 11.5 Service classes

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos broadcast-priority

Result

The current priority of the broadcast frames is displayed.

Further notes

You configure the priority of broadcast frames with the broadcast-priority command.

11.5.1.3

show qos cos-map

Description

This command shows the assignment table of CoS priorities to queues.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos cos-map

Result

The assignment table of CoS priorities to queues is displayed.

Further notes

You configure the assignment of the CoS priority to a queue with the cos-map command.

564

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

11.5.1.4

show qos cos-remap

Load control 11.5 Service classes

Description

For individual ports, this command shows the priority with which frames are sent.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos cos-remap

Result

The assignment table for send priority is displayed.

Further notes

You enable the the Cos reassignment with the cos-remap-enable command. You change the priority with which frames are sent cos-remapcommand.

11.5.1.5

show qos dscp-map

Description

This command shows the assignment table of DSCP priorities to queues.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos dscp-map

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

565

Load control 11.5 Service classes

Result

The assignment table of DSCP priorities to queues is displayed.

Further notes

You configure the assignment of the DSCP priority to a queue with the dscp-map command.

11.5.1.6

show qos scheduling mode

Description

This command shows the method with which the processing order of the frames is decided.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show qos scheduling mode

Result

The method with which the frames are processed is displayed.

Further notes

You configure the method for deciding the processing order with the scheduling mode command.

11.5.1.7

show qos-trust-mode

Description

This command shows port by port the method according to which packets to be forwarded are prioritized.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode.

566

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

The command prompt is as follows: cli> or cli#

Load control 11.5 Service classes

Call the command without parameters: show qos-trust-mode

The list for all ports with the corresponding Trust mode is displayed.

11.5.2

Commands in the Global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

11.5.2.1

qos

Description

With this command, you change to the QOS configuration mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: qos

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

567

Load control 11.5 Service classes

Result

You are now in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Further notes

You exit the QOS configuration modewith the command end or exit.

11.5.3

Commands in the QOS configuration mode

Quality of Service (QoS)
Quality of Service (QoS) is a method to allow efficient use of the existing bandwidth in a network.
QoS is implemented by prioritization of the data traffic. Incoming frames are sorted into a Queue according to a certain prioritization and further processed. This gives certain frames priority.
The different QoS methods influence each other and are therefore taken into account in the following order:
1. The switch first checks whether the incoming frame is a broadcast or agent frame.  When the first condition is met, the switch takes into account the set priority with the agent-priority or broadcast-priority command.. The switch sorts the frame into a queue according to the the cos-map command.
2. If the first condition is not met the switch checks whether the frame contains a VLAN tag.  If the second condition is met, the switch checks whether the priority is enabled (priority-enable). If priority is enabled, the switch sorts the frame into a queue according to the the cos-map command.
3. If the second condition is also not met the frames are further processed according to the Trust mode. You configure the trust mode with the qos-trust-mode command.
Commands in this section
This section describes commands that you can call up in the QOS configuration mode.
In global configuration mode, enter the qos command to change to this mode.
 If you exit the QOS configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the QOS configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in QOS configuration mode.

568

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Load control 11.5 Service classes
To do this, you replace [command] with the command that you want to execute.

11.5.3.1

agent-priority

Description

With this command you specify the priority of agent frames. The switch sorts incoming frames into a queue according to this prioritization .

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters: agent-priority <integer (0-7)> The parameter has the following meaning:

Parameter integer

Description Value of the priority

Range of values / note 0 ... 7

Result

The priority of agent frames is configured.

Further notes

You reset the priority of agent frames to the default value with the no agent-priority command.
You display the current priority of agent frames with the show qos agent-priority command.
You configure the assignment of the CoS priority to a queue with the cos-map command.

11.5.3.2

no agent-priority

Description

With this command, you reset the priority of agent frames back to the default value.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

569

Load control 11.5 Service classes

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call the command without parameters: no agent-priority

Result

The priority of agent frames has been reset to the default value.

Further notes

You change the priority of agent frames with the agent-priority command.
You display the current priority of agent frames with the show qos agent-priority command.
You configure the assignment of the CoS priority to a queue with the cos-map command.

11.5.3.3

broadcast-priority

Description

With this command you specify the priority of broadcast frames. The switch sorts incoming frames into a queue according to this prioritization .

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters: broadcast-priority <integer (0-7)> The parameter has the following meaning:

Parameter integer

Description Value of the priority

Range of values / note 0 ... 7

570

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The priority of broadcast frames is configured.

Load control 11.5 Service classes

Further notes

You reset the priority of broadcast frames to the default value with the no broadcastpriority command.
You display the current priority of broadcast frames with the show qos broadcastpriority command.
You configure the assignment of the CoS priority to a queue with the cos-map command.

11.5.3.4

no broadcast-priority

Description

With this command, you reset the priority of broadcast frames back to the default value.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call the command without parameters: broadcast-priority

Result

The priority of broadcast frames has been reset to the default value.

Further notes

You change the priority of broadcast frames with the broadcast-priority command.
You display the current priority of broadcast frames with the show qos broadcastpriority command.
You configure the assignment of the CoS priority to a queue with the cos-map command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

571

Load control 11.5 Service classes

11.5.3.5

cos-map

Description

With this command, you configure the assignment of CoS priorities to queues.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters: cos-map <cos(0-7)> queue <queue(1-4)> The parameters have the following meaning:

Parameter cos
queue queue

Description

Range of values/note

Priority

0 ... 7

Default: 1

Keyword for a queue

-

Queue to which this priority is assigned 1 ... 4/8 *)

Default: 2

*) Depending on the device.

The CoS priorities are assigned to the queues as follows in the default setting:

COS 0 1 2 3 4 5 6 7

Devices with 4 queues Queue 2 Queue 1 Queue 1 Queue 2 Queue 3 Queue 3 Queue 4 Queue 4

Devices with 8 queues Queue 2 Queue 1 Queue 3 Queue 4 Queue 5 Queue 6 Queue 7 Queue 8

Result

The assignment table for service classes is configured.

572

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Load control 11.5 Service classes

Further notes

You display the current assignment table of CoS priorities to queues with the show qos cosmap command.

11.5.3.6

cos-remap

Description

With this command depending on the priority when receiving a frame, you can change the priority with which it is sent.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters:
cos-remap interface <interface-type><interface-id> <prio (0-7)> <remapped prio (0-7)>
The parameters have the following meaning:

Parameter interface interface-type interface-id prio remapped prio

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface

Module no. and port no. of the interface

Priority with which a frame is received. 0 ... 7

Priority with which a frame will be sent 0 ... 7

Result

The send priority has been changed.

Further notes

You reset the send priority to the default value with the no cos-remap command.
You enable the CoS reassignment with the cos-remap-enable command.
You disable the the CoS reassignment with the no cos-remap-enable command.
You display the assignment table for the send priority with the show qos cos-remap command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

573

Load control 11.5 Service classes

11.5.3.7

no cos-remap

Description

With this command, you reset the send priority back to the default value.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call the command without parameters: no cos-remap

Result

The send priorities are reset to the default value.

Further notes

You change the send priority depending on the priority when receiving a frame with the cosremap command.
You enable the the CoS reassignment with the cos-remap-enable command.
You disable the the CoS reassignment with the no cos-remap-enable command.
You display the assignment table for the send priority with the show qos cos-remap command.

11.5.3.8

cos-remap-enable

Description

With this command, you enable the CoS reassignment function. Depending on the priority when receiving a frame, you can change the priority with which it is sent.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

574

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: cos-remap-enable

Load control 11.5 Service classes

Result

The CoS reassignment function is enabled.

Further notes

You disable the function with the no cos-remap-enable command.
You change the priority with which frames are sent with the cos-remap command.
You reset the send priority to the default value with the no cos-remap command.
You display the assignment table for the send priority with the show qos cos-remap command.

11.5.3.9

no cos-remap-enable

Description

With this command, you disable the CoS reassignment function.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call the command without parameters: no cos-remap-enable

Result

The CoS reassignment function is disabled.

Further notes

You enable the function with the cos-remap-enable command. You change the priority with which frames are sent with the cos-remap command. You reset the send priority to the default value with the no cos-remap command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

575

Load control 11.5 Service classes
You display the assignment table for the send priority with the show qos cos-remap command.

11.5.3.10 dscp-map

Description

With this command, you configure the assignment of DSCP priorities to queues.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters:
dscp-map {<dscp (0-63)> | range <dscp (0-63)> - <dscp (0-63)>} queue <queue(1-8)>
The parameters have the following meaning:

Parameter dscp range queue queue

Description

Range of values/note

Priority

0 ... 63

Keyword for a range of DSCP codes -

Keyword for a queue

-

Queue to which this priority is assigned 1 ... 4/8 *)

*) Depending on the device.

The DSCP priorities are assigned to the queues as follows in the default setting:

DSCP codes 0 - 15 16 - 31 32 - 47 48 - 63

Devices with 4 queues Queue 1 Queue 2 Queue 3 Queue 4

DSCP codes 0 - 7 8 - 15 16 - 23 24 - 31 32 - 39

Devices with 8 queues Queue 2 Queue 1 Queue 3 Queue 4 Queue 5

576

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

DSCP codes 40 - 47 48 - 55 56 - 63

Devices with 8 queues Queue 6 Queue 7 Queue 8

Load control 11.5 Service classes

Result

The assignment table for DSCP codes is configured.

Further notes

You display the current assignment table of DSCP priorities to queues with the show qos dscp-map command.

11.5.3.11 qos-trust-mode

Description

With this command you can set the method according to which frames to be forwarded are prioritized port by port.

Requirement

You are in the QOS configuration mode. The command prompt is as follows: cli(config-qos)#

Syntax

Call up the command with the following parameters:
qos-trust-mode interface {<interface-type> <interface-id > | range <interface-type> <interface-id > - <interface-type> <interface-id >} {untrust | cos | dscp | cos-dscp}
The parameters have the following meaning:

Parameter interface interface-type interface-id range untrust

Description

Range of values/note

Keyword for a an interface description

-

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a range of interfaces

-

The switch sorts the incoming frames into a queue according to the priori- tization of the receiving port.

If there is a DSCP value in the IP header, this is ignored. If a VLAN tag exists, it is replaced by the priority value of the receiving port.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

577

Load control 11.5 Service classes

Parameter cos
dscp
cos-dscp

Description
If an incoming frame contains a VLAN tag, the switch sorts it into a queue according to this prioritization.
If the frame does not contain a VLAN tag, the switch sorts the frame into a queue according to the prioritization of the receiving port.
If there is a DSCP value in the IP header, this is ignored.
If an incoming frame contains a DSCP prioritization, the switch sorts it into a queue according to this prioritization.
If the frame does not contain a DSCP prioritization, the switch sorts the frame into a queue according to the prioritization of the receiving port.
If the frame contains a VLAN tag, this is ignored.
With an incoming frame, there is a sequential check of which prioritization it contains. If it contains a DSCP prioritization, it is handled as in the "Trust DSCP" mode. If it contains no DSCP prioritization, the switch checks whether it contains a VLAN tag. If it contains a VLAN tag, the switch sorts it into a queue according to this prioritization. If the frame contains neither a DSCP prioritization nor a VLAN tag, the switch sorts the frame into a queue according to the prioritization of the receiving port.

Range of values/note Default setting with PROFINET variants
Default setting with EtherNet/IP variants
-

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The prioritization for forwarding frames is configured.

Further notes

You configure the assignment of the CoS priority to a queue with the cos-map command.
You configure the assignment of the DSCP priority to a queue with the dscp-map command.
You configure the prioritization of the receiving port with the switchport priority default command.

11.5.3.12 scheduling mode

Description

With this command, you can specify the order in which the frames in the forwarding queues are sent. The higher the queue number, the higher the send priority.

Requirement

You are in the QOS configuration mode. The command prompt is as follows:

578

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

cli(config-qos)#

Load control 11.5 Service classes

Syntax

Call up the command with the following parameters: scheduling mode <strict | weighted> The parameters have the following meaning:

Parameter strict
weighted

Description
As long as there are frames with high priority in the queue, only these high-priority frames are pro- cessed.
Even if there are frames with high priority in the queue, frames with a lower priority will be pro- cessed occasionally.

Range of values / note -
-

Result

The method for the processing order of the frames is specified.

Further notes

You display the method for the processing order of the frames with the show qos scheduling mode command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

579

Load control 11.5 Service classes

580

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication

12

This part contains the sections that describe the access rights and authentication methods.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

581

Security and authentication 12.1 User management

12.1

User management
This section describes commands for access as administrator and the configuration of the authentication methods.

12.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

12.1.1.1

show password-policy

Description

This command shows which password policy is currently being used.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: show password-policy

Result

The currently valid password policy is displayed.

Further notes

You configure the password policy with the password-policy command.

12.1.1.2

show users

Description

This command shows the logged-in CLI users.

582

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.1 User management

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show users

Result

The logged-in CLI users are displayed.

12.1.1.3

show user-accounts

Description

This command shows the created users.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: show user-accounts

Result

The created users are shown.

12.1.2

change password

Description

With this command, you change the password of the logged in user.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

583

Security and authentication 12.1 User management

Requirement

 You are logged into the device with a local user account
 You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: change password <passwd> The parameter has the following meaning:

Parameter passwd

Description Value for the password

Range of values / note
Enter the password.
The entry depends on the password policy.
The show password-policy com- mand shows which password policy is cur- rently being used.

Result

The password is changed.
Note Changing the password in Trial mode Even if you change the password in Trial mode, this change is saved immediately.

Further notes

You create a user with the user-account command. You delete a user with the no user-account command. You show the created users with the show user-accounts command. You configure the password policy with the password-policy command.

12.1.3

whoami

Description

This command shows the user name of the logged in user.

584

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.1 User management

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: whoami

Result

The user name of the logged in user is displayed.

12.1.4

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

12.1.4.1

password-policy

Description

With this command, you specify which password policy will be used when assigning new passwords.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

585

Security and authentication 12.1 User management

Syntax

Call up the command with the following parameters: password-policy < low | high > The parameters have the following meaning:

Parameter low high

Description Password policy: Low Password policy: High

Range of values/note Password length: at least 6 characters Password length: at least 8 characters: At least 1 uppercase letter At least 1 special character At least 1 number

Result

The password policy is specified:

Further notes

You assign a new password with the user-account command. You display the setting with the show password-policy command.

12.1.4.2

user-account

Description

With this command, you specify a new user. You can also change the password and the role of an already created user.

Requirement

The user is logged in with the "admin" role. You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
user-account <user-name> password <user-password> role {user-role} [description <user-description>]

586

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Security and authentication 12.1 User management

The parameters have the following meaning:

Parameter user-name

Description User name

password user-password

Keyword for a password Value for the password

role user-role

Keyword for the role of the user The user role

description
userdescription

Keyword for information on the user.
Information on the user.

Range of values/note
Enter a user name. The name must meet the following conditions:  It must be unique.  It must be between 1 and 32 charac-
ters long.  The following characters must not be
included: § ? " ; : < = Enter the password. The strength of the password depends on the set password policy:  low: Password length: at least 6 char-
acters, maximum 32 characters  high: The password must meet the
following conditions: ­ Password length: at least 8 charac-
ters, maximum 32 characters ­ At least 1 uppercase letter ­ At least 1 special character ­ At least 1 number The following user roles exist:  user The user only has read rights.  admin The user can create, edit or delete en- tries. -
Maximum of 100 characters.

The new user has been created or the password/role has been changed.
Note Changes in "Trial" mode Even if the device is in "Trial" mode, changes that you carry out with this command are saved immediately.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

587

Security and authentication 12.1 User management
Note User name cannot be changed After creating a user, the user name can no longer be modified because the user name is used for encryption of the password. If a user name needs to be changed, the user must be deleted and a new user created.

Additional notes You delete a user with the no user-account command. You show the created users with the show user-accounts command.

12.1.4.3

no user-account

Description

With this command, you delete a user.
Note Default users "admin" as well as logged in users cannot be deleted.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no user-account <user-name> The parameter has the following meaning:

Parameter user-name

Description User name

Range of values / note Enter a valid user name.

Result

The user has been deleted.

588

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.1 User management

Further notes

You create a user with the user-account command. You show the created users with the show user-accounts command.

12.1.4.4

user-account-ext

Description

With this command you link a user with a role in the table "External User Accounts". The user is defined on RADIUS server. The roll is defined locally on the device.
When a RADIUS server authenticates a user, the corresponding group however is unknown or does not exist, the device checks whether or not there is an entry for the user in the table "External User Accounts". If an entry exists, the user is logged in with the rights of the associated role. If the corresponding group is known on the device, both tables are evaluated. The user is assigned the role with the higher rights.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
user-account-ext <user-name-ext> role <user-role-ext> [description <user-ext-description>]
The parameters have the following meaning:

Parameter user-accountext user-name-ext
role user-role-ext

Description

Range of values / note

Keyword for a user in the table "Ex- ternal User Accounts"

User name

Enter the name for the user. The name must meet the following conditions:

 It must be unique.

 It must be between 1 and 250 charac- ters long.

Keyword for the role name

-

Role name

Enter a role.

You can choose between system-defined and self-defined roles.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

589

Security and authentication 12.1 User management
Parameter description user-extdescription

Description Keyword for the description Content of the description

Range of values / note
-
Enter a description for the user in the table "External User Accounts". The description text can be up to 100 characters long.

Result

A link in the table "External User Accounts" has been created.
Note User name cannot be changed After creating a user, the user name can no longer be modified. If a user name needs to be changed, the user must be deleted and a new user created.

Further notes

You delete a link with the no user-account-ext command.
You show the links in the table "External User Accounts" with the show user-accounts external command.

12.1.4.5

no user-account-ext

Description

With this command, you delete the link between a user and a role in the table "External User Accounts".

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no user-account-ext <user-name-ext> The parameter has the following meaning:

Parameter user-name-ext

Description User name

Range of values / note Enter the name of a user.

590

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Security and authentication 12.1 User management
The link in the table "External User Accounts" has been deleted.

Further notes

You link a user with a role in the table "External User Accounts" with the user-account-ext command.
You show the links in the table "External User Accounts" with the show user-accounts external command.

12.1.4.6

role

Description

With this command, you create roles that are valid locally on the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
role <role-name> function-rights <function-rights-value(1-15)> [description <role-description>]
The parameters have the following meaning:

Parameter role-name

Description Role name

function-rights Keyword for the function rights

Range of values / note
Enter a name for the role. The name must meet the following conditions:  It must be unique.
 It must be between 1 and 64 charac- ters long.
 The following characters must not be included: § ? " ;
-

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

591

Security and authentication 12.1 User management

Parameter
functionrights-value

Description Value of the function rights

description
roledescription

Keyword for the description Content of the description

Range of values / note
Select the function rights of the role.
1 Users with this role can read device parameters but cannot change them.
 15 Users with this role can both read and change device parameters.
-
Enter a description for the role. The de- scription text can be up to 100 characters long.

Result

The role is created.
Note Role name cannot be changed After creating a role, the name of the role can no longer be changed. If a name of a role needs to be changed, the role must be deleted and a new role created.
Note Function rights changeable with restrictions You can only change the function rights of a role when the role is no longer linked to a user.

Further notes

You delete a role with the no role command. You show the created roles with the show roles command.

12.1.4.7

no role

Description

With this command, you delete a role.
Note You can only delete a role when the role is not linked to a user.

592

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Security and authentication 12.1 User management

Syntax

Call up the command with the following parameters: no role <role-name> The parameter has the following meaning:

Parameter role-name

Description Role name

Range of values / note Enter the name of a role.

Result

The role is deleted.

Further notes

You create a role with the role command. You show the created roles with the show roles command.

12.1.4.8

user-group

Description

With this command you link a group with a role.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

593

Security and authentication 12.1 User management

user-group <user-group-name> role <role-name> [description <usergroup-description>]
Note
The character strings for user-group-name, role-name and user-group-description must meet the following conditions:  The character string must be unique.  The character string must not include the following characters: | § ? " ; :  The character string must not include Extended ASCII Codes (characters > 0x7F).  When the character string contains spaces, the entire characters string must be set in
quotation marks.

The parameters have the following meaning:

Parameter

Description

user-group

Keyword for a group name

user-group-name Group name

role role-name

Keyword for the role name Role name

description
user-groupdescription

Keyword for the description Content of the description

Range of values / note
-
Enter the name of the group. The name must match the group on the RADIUS server.
The name must meet the following condi- tions:
 It must be unique.
 It must be between 1 and 64 charac- ters long.
-
Enter a role name. Users who are author- ized with the linked group on the RADIUS server receive the rights of this role locally on the device.
You can choose between system-defined and self-defined roles.
-
Enter a description for the link. The de- scription text can be up to 100 characters long.

Result

The group is linked to a role.

Further notes

You delete a link with the no user-group command. You show the created links with the show user-groups command.

594

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.1.4.9

no user-group

Security and authentication 12.1 User management

Description

With this command, you delete the link between a group and a role.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no user-group <user-group-name> The parameter has the following meaning:

Parameter

Description

user-group-name Group name

Range of values / note Enter the name of a group.

Result

The link is deleted.

Further notes

You link a group with a role with the user-group command. You show the created links with the show user-groups command.

12.1.4.10 username

Description

With this command, you change the password for users with the user name "user" or "admin".

Requirement

 The user is logged in with the "admin" role.
 You are in global configuration mode. The command prompt is as follows: cli(config)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

595

Security and authentication 12.1 User management

Syntax

Call up the command with the following parameters: username {user|admin} password <passwd> The parameters have the following meaning:

Parameter user
admin
password passwd

Description User with the "user" user name.
User with the "admin" user name.
Keyword for a password Value for the password

Range of values/note
If you have created a user with the user name "user", you can change the pass- word for this user with this command.
If you have not renamed the "admin" user preset in the factory, you can change the password for this user with this command.
-
Enter the password. The password must meet the following conditions:
 It must be unique.
 The following characters must not be included: | § ? " ; :
 It must not include Extended ASCII Co- des (characters > 0x7F).
 When the password contains spaces, the entire character string must be set in quotation marks.
The strength of the password depends on the set password policy:
 low: Password length: at least 6 char- acters
 high: The password must meet the following conditions:
­ Password length: at least 8 charac- ters
­ at least 1 uppercase letter
­ at least 1 special character
­ at least 1 number

Result

The password is changed.
Note Changing the password in Trial mode Even if you change the password in Trial mode, this change is saved immediately.

596

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.1 User management

Further notes

You show the created users with the show user-accounts command. You can also change the passwords with the user-account command. You display the currently valid password policy with the show password-policy command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

597

Security and authentication 12.2 RADIUS client

12.2

RADIUS client
RADIUS (Remote Authentication Dial-In User Service) is a client/server protocol that allows the centralized login of users logging in in a physical or virtual network. This makes central administration of user data possible.
This section describes commands relevant for the configuration of this service.

12.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

12.2.1.1

show radius statistics

Description

This command shows the connection statistics from the RADIUS client to the RADIUS server.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: show radius statistics

Result

The connection statistics are displayed.

12.2.1.2

show radius server

Description

This command shows the RADIUS server configuration.

598

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Security and authentication 12.2 RADIUS client

Syntax

Call up the command with the following parameters: show radius server [<ucast_addr>] The parameters have the following meaning:

Parameter ucast_addr

Description Value for an IPv4 unicast address

Range of values/note Enter a valid unicast address

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, all configured RADIUS servers are displayed.

Result

The RADIUS server configuration is displayed.

12.2.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

12.2.2.1

login authentication

Description

With this command, you enable authentication via a RADIUS server.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

599

Security and authentication 12.2 RADIUS client

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
login authentication {radius | local-and-radius | radius-fallbacklocal}
The parameters have the following meaning:

Parameter radius local-and-radius
radius-fallbacklocal

Description

Range of values / note

The login is via a RADIUS server.

-

The login is possible both with the users The local users have priority.

that exist in the firmware (user name The user is first searched for in the

and password) and via a RADIUS serv- local database. If the user does not

er.

exist there, a RADIUS query is sent.

The authentication must be handled via A local authentication is performed

a RADIUS server.

only when the RADIUS server can-

not be reached in the network.

Result

The authentication is made according to the selected parameter.

Further notes

You disable the authentication via a RADIUS server with the no login authentication command.
You can display the status of this function and other information with the show device information command.

12.2.2.2

no login authentication

Description

With this command, you disable authentication via a RADIUS server.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

600

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

Call the command without parameter assignment: no login authentication

Security and authentication 12.2 RADIUS client

The RADIUS authentication is deactivated.
Note The login is possible only with a local user name and password. If the local logon fails, there is no authentication via a RADIUS server.

Further notes

You enable the authentication via a RADIUS server with the login authentication command.

12.2.2.3

radius authorization-mode

Description

With this command you specify for the login authentication how the rights are assigned to the user with a successful authentication.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: radius authorization-mode { standard | vendor-specific }

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

601

Security and authentication 12.2 RADIUS client

The parameters have the following meaning:

Parameter standard
vendorspecific

Description

Range of values/note

In this mode the user is logged in with administrator rights if the server returns the value "Administrative User" to the device for the attribute "Service Type". In all other cases the user is logged in with read rights.

Default

In this mode, the assignment of rights depends on

-

whether and which group the server returns for the user

and whether or not there is an entry for the user in the

table "External User Accounts".

Result

The assignment of rights during the login authentication is defined.

Further notes

You can display the status of this function and other information with the show device information command.

12.2.2.4

radius disconnect-packet

Description

With this command, you enable the evaluation of Disconnect messages of the RADIUS server.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: radius disconnect-packet

Result

The device evaluates the Disconnect messages of the RADIUS server.

Additional notes
You show the configuration of a RADIUS server on the client with the show radius server command.

602

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.2.2.5

no radius disconnect-packet

Security and authentication 12.2 RADIUS client

Description

With this command, you disable the evaluation of Disconnect messages of the RADIUS server.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no radius disconnect-packet

Result

The device does not evaluate Disconnect messages of the RADIUS server.

Additional notes
You show the configuration of a RADIUS server on the client with the show radius server command.

12.2.2.6

radius-server

Description

With this command, you configure a RADIUS server entry on the RADIUS client.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
radius-server ipv4 <ipv4-address> [auth-port <portno(1-65535)>] [retransmit <1-254>][key <secret-key-string>][primary] [{login | dot1x | login-dot1x}] [test]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

603

Security and authentication 12.2 RADIUS client

The parameters have the following meaning:

Parameter ipv4 ipv4-address auth-port portno retransmit <1-254> key
secret-key-string primary login dot1x login-dot1x test

Description

Range of values/note

Keyword for an IPv4 address.

-

Value for the IPv4 address of the RADI- Enter a valid IPv4 address. US server

Keyword for the UDP port number for authentication

Number of the port

1 ... 65535

Default: 1812

Keyword for the number of connection retries

Maximum number of connection retries 1 ... 254

Default: 3

Keyword for the key for communication between the authenticator and the serv- er

Value for the key

46 characters

Default: empty string

Identifies the RADIUS server as primary server

The server is used only for the login au- thentication.

The server is used only for the 802.1X authentication.

The server is used for both authentica- Default setting tion procedures.

Tests whether or not the specified RA- DIUS server is available. At the same time you can create a new RADIUS server and run the test.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If optional parameters are not specified when configuring, the default values apply.

Note Primary server
In a network, only one RADIUS server can be selected as the primary server.
If you select a RADIUS server as the primary server, this replaces the server that previously had the role of primary server.

Result

The entry for a connection between the RADIUS client and a server or the identification as primary server is configured.

604

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.2 RADIUS client

Further notes

You delete a RADIUS server entry with the no radius-server command.
You show the configuration of a RADIUS server on the client with the show radius server command.
You show the statistical information of this function with the show radius statistics command.

12.2.2.7

no radius-server

Description

With this command, you delete a RADIUS server entry on the client.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no radius-server ipv4 <ipv4-address> [primary] The parameters have the following meaning:

Parameter ipv4 ipv4-address
primary

Description

Range of values/note

Keyword for an IPv4 address.

-

Value for the IPv4 address of the RADI- Enter a valid IPv4 address. US server

Identifies the RADIUS server as primary server

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The entry for a connection between the RADIUS client and a server or the identification as primary server is deleted.

Further notes

You configure the connection of a RADIUS client to a server with the radius-server command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

605

Security and authentication 12.2 RADIUS client
You show the configuration of a RADIUS server on the client with the show radius server command. You show the statistical information of this function with the show radius statistics command.

606

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.3

Security and authentication 12.3 Management Access Control List
Management Access Control List
This section describes the commands relevant for working with the management access control list.

12.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

12.3.1.1

show authorized-managers

Description

This command shows the information about the configuration of the authorized managers.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show authorized-managers[ip-source<ip-address>] The parameters have the following meaning:

Parameter ip-source ip-address

Description

Range of values / note

Keyword for the network or host address -

Value for an IP address

specify a valid IP address

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The information about the configuration of the authorized managers is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

607

Security and authentication 12.3 Management Access Control List

12.3.2

Commands in the Global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

12.3.2.1

authorized-manager

Description

With this command, the Management ACL is enabled.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: authorized-manager

Result

The Management ACL is enabled.

Additional notes You disable the function with the no authorized-manager command.

12.3.2.2

no authorized-manager

Description

With this command, the Management ACL is disabled.

608

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Security and authentication 12.3 Management Access Control List

Syntax

Call the command without parameter assignment: no authorized-manager

Result

The Management ACL is disabled.

Additional notes You enable the function with the authorized-manager command.

12.3.2.3

authorized-manager ip-source

Description

With this command, you configure the interfaces and protocols via which an authorized manager is allowed to access the device.

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
authorized-manager ip-source <ip-address> [{<subnet-mask>|/<prefix-length(0-32)>}] [interface[<interface-type><0/a-b,0/c,...>] [<interface-type><0/a-b,0/c,...>]] [vlan<a,b or a-b or a,b,c-d>] [service[snmp][telnet][http][https][ssh]]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

609

Security and authentication 12.3 Management Access Control List

The parameters have the following meaning:

Parameter ip-address subnet-mask prefix-length interface interface-type 0/a-b,0/c,... vlan a,b or a-b or a,b,c-d
service

Description

Range of values/note

Specifies the network or the IP address Enter a valid IPv4 address or a for which the IP manager is authorized network.

Subnet mask that restricts the authori- Enter a valid mask. zation

Decimal representation of the mask as 0 ... 32 a number of "1" bits

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a VLAN connection Number of a VLAN or VLAN range

 In the "VLAN Bridge" mode Enter a valid VLAN or VLAN range.

 In the "Transparent Bridge" mode: The configurations relating to VLANs are ignored. The rules apply to all VLANs. If you have defined certain VLANs with a firmware version < 1.2, the configuration of the VLANs will be replaced during a firmware update with the de- fault value "1-4094".

Specifies the services for which the manager is authorized.
You can select several options.

 snmp  telnet  http

 https

 ssh

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

The IP address 0.0.0.0 means "any manager".

If optional parameters are not specified when configuring, the manager is authorized for all services.

Note Configuration of the first entry
As long as the list of authorized managers is empty, access to the system is not restricted.
As soon as the list contains an entry and the "authorized-manager" command is executed, access to the system is blocked for all others.
You should therefore configure the interface via which you access the system first because your access is otherwise blocked.

610

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Security and authentication 12.3 Management Access Control List
The interfaces and protocols via which an authorized manager is allowed to access the device are configured. Note No restrictions for console port The restrictions do not apply to the serial console (console port).

Further notes

You delete an interface for access of an authorized manager with the no authorizedmanager ip-source command.
You show the information about the configuration of the authorized managers with the show authorized-manager command.
You change the mode with the base bridge-mode command.

12.3.2.4

no authorized-manager ip-source

Description

With this command, you delete an interface via which an authorized manager is allowed to access the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
no authorized-manager ip-source <ip-address> [{<subnet-mask>|/<prefix-length(0-32)>}]
The parameters have the following meaning:

Parameter ip-address
subnet-mask
prefix-length

Description
Specifies the network or the IP address for which the IP manager is authorized
Subnet mask that restricts the authori- zation
Decimal representation of the mask as a number of "1" bits

Range of values / note Enter a valid IP address or a net- work Enter a valid mask
0 ... 32

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

611

Security and authentication 12.3 Management Access Control List
For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

An authorized manager is deleted from the list.

Further notes

You configure the interfaces and protocols via which an authorized manager is allowed to access the device with the authorized-manager ip-source command.
You show the information about the configuration of the authorized managers with the show authorized-manager command.

612

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.4

Security and authentication 12.4 Port Access Control List Locked Ports
Port Access Control List Locked Ports
With the Port Access Control List Locked Ports functionality, MAC addresses that do not age are collected on a port after the start command. With the stop command, these addresses are converted to static entries in the address list and the aging is reactivated for all the addresses that follow. If the learning of addresses on this port is then disabled, data packets are only forwarded to the static addresses entered in the table. This section describes commands relevant for the configuration of this function.

12.4.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

12.4.1.1

show lock port

Description

This command shows whether or not the learning of MAC entries is enabled or locked on an interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show lock port [<interface-type><interface-id>] The parameters have the following meaning:

Parameter interface-type interface-id

Description

Range of values / note

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select an interface, the configuration of all interfaces is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

613

Security and authentication 12.4 Port Access Control List Locked Ports

Result

The configuration of the interface for the learning of MAC entries is displayed.

12.4.2

Commands in the Global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

12.4.2.1

clear-all-static-unicast

Description

With this command, you delete all static unicast MAC address entries from the MAC address table.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: clear-all-static-unicast

Result

The static unicast MAC address entries are deleted from the MAC address table.

614

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.4.2.2

auto-learn

Security and authentication 12.4 Port Access Control List Locked Ports

Description

With this command, you change to the AUTOLEARN mode.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: auto-learn

Result

You are now in the AUTOLEARN mode. The command prompt is as follows: cli(config-auto-learn)#

Further notes

You exit the AUTOLEARN configuration modewith the command end or exit.

12.4.3

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

615

Security and authentication 12.4 Port Access Control List Locked Ports

12.4.3.1

switchport lock

Description

With this command, you block the learning of MAC entries. Only the static address entries of the MAC address list are used on the port.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: switchport lock

Result

The learning of MAC addresses is blocked.

Further notes

You enable the learning of MAC addresses with the no switchport lock command. You display the configuration with the show lock port command.

12.4.3.2

no switchport lock

Description

With this command, you enable the learning of MAC addresses.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no switchport lock

616

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Security and authentication 12.4 Port Access Control List Locked Ports
The learning of MAC addresses is enabled.

Further notes

You block the learning of MAC addresses with the switchport lock command. You display the configuration with the show lock port command.

12.4.4

Commands in the AUTOLEARN mode
This section describes commands that you can call up in the AUTOLEARN mode. In global configuration mode, enter the auto-learn command to change to this mode.  If you exit the AUTOLEARN mode with the exit command, you return to the Global
configuration mode.  If you exit the AUTOLEARN mode with the end command, you return to the Privileged
EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in AUTOLEARN mode. To do this, you replace [command] with the command that you want to execute.

12.4.4.1

start

Description

With this command, you start automatic learning. During automatic learning, the aging timer is disabled for all learned addresses.

Requirement

You are in the AUTOLEARN mode. The command prompt is as follows: cli(config-auto-learn)#

Syntax

Call the command without parameters: start

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

617

Security and authentication 12.4 Port Access Control List Locked Ports

Result

The learned MAC addresses are entered in the "port database" with the aging time 0. (The entries are NOT deleted when the "MAC Address Aging Time" expires).

Further notes

You stop automatic learning with the stop command.

12.4.4.2

stop

Description

With this command, you stop automatic learning and convert all learned MAC addresses to static entries.

Requirement

You are in the AUTOLEARN mode. The command prompt is as follows: cli(config-auto-learn)#

Syntax

Call the command without parameters: stop

Result

Automatic learning is stopped and all learned entries are converted to static entries.

Further notes

You start automatic learning with the start command.

618

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

12.5

Security and authentication 12.5 Port Based Network Access Control
Port Based Network Access Control
This section describes commands for working with port-based network access control (PNAC).

12.5.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

12.5.1.1

show dot1x

Description

This command shows information about port-based network access control (PNAC).

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters:
show dot1x[{interface<interface-type><interface-id>| statistics interface<interface-type><interface-id>}]
The parameters have the following meaning:

Parameter interface interface-type interface-id statistics interface
interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for the display of the statistical data of the dot1x Authenticator for an interface

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

619

Security and authentication 12.5 Port Based Network Access Control

Result

The dot1x information is displayed.

12.5.1.2

show dot1x guest-vlan mac-info

Description

This command displays which MAC address and which port are assigned to a guest VLAN.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dot1x guest-vlan mac-info

Result

A list with guest VLAN, MAC address and port is displayed.

12.5.1.3

show dot1x mac-auth mac-info

Description

This command shows the MAC addresses for which MAC authentication is enabled.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show dot1x mac-auth mac-info

620

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

A list of the MAC addresses is displayed.

Security and authentication 12.5 Port Based Network Access Control

12.5.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

12.5.2.1

dot1x guest-vlan

Description

With this command, you enable the guest VLAN function for the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: dot1x guest-vlan

Result

The guest VLAN function is enabled for the device.

Further notes

You also still need to enable the guest VLAN function for every port intended to use this function. You do this with the dot1x guest-vlan command in the Interface configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

621

Security and authentication 12.5 Port Based Network Access Control
You disable the function with the no dot1x guest-vlan. command You display this setting and other information with the show dot1x command.

12.5.2.2

no dot1x guest-vlan

Description

With this command, you disable the guest VLAN function for the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no dot1x guest-vlan

Result

The guest VLAN function is disabled for the device.

Further notes

You enable the function with the dot1x guest-vlan. command You display this setting and other information with the show dot1x command.

12.5.2.3

dot1x mac-auth

Description

With this command, you enable MAC authentication for the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

622

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: dot1x mac-auth

Security and authentication 12.5 Port Based Network Access Control

Result

MAC authentication is enabled for the device.

Further notes

You also still need to enable MAC authentication for every port intended to use this function. You do this with the dot1x mac-auth command in the Interface configuration mode.
You disable the function with the no dot1x mac-auth command.
You display this setting and other information with the show dot1x command.

12.5.2.4

no dot1x mac-auth

Description

With this command, you disable MAC authentication for the device.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no dot1x mac-auth

Result

MAC authentication is disabled for the device.

Further notes

You enable the function with the dot1x mac-auth command. You display this setting and other information with the show dot1x command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

623

Security and authentication 12.5 Port Based Network Access Control

12.5.3

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

12.5.3.1

dot1x guest-vlan

Description

With this command, you enable the guest VLAN function for a port. This function is also known as "Authentication failed VLAN".

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x guest-vlan

Result

The guest VLAN function is enabled for a port.

Further notes

You also need to enable the guest VLAN function for the device. You do this with the dot1x guest-vlan command in the Global configuration mode.
You disable the function with the no dot1x guest-vlan command.

624

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.5 Port Based Network Access Control
You display this setting and other information with the show dot1x command.

12.5.3.2

no dot1x guest-vlan

Description

With this command, you disable the guest VLAN function for a port.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x guest-vlan

Result

The guest VLAN function is disabled for a port.

Further notes

You enable the function with the dot1x guest-vlan command. You display this setting and other information with the show dot1x command.

12.5.3.3

dot1x guest-vlan vlan-id

Description

With this command, you configure a guest VLAN for a port.
The port can only be assigned to the VLAN, if the VLAN has been created on the device. Otherwise Authentication is rejected.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

625

Security and authentication 12.5 Port Based Network Access Control

Syntax

Call up the command with the following parameters: dot1x guest-vlan vlan-id <vlan-id (1 - 4096)> The parameters have the following meaning:

Parameter vlan-id -

Description Keyword for the VLAN ID VLAN ID

Range of values / note 1 - 4096

Result

The guest VLAN ID is assigned to the port.

Further notes

You reset the guest VLAN ID to the default value with the no dot1x guest-vlan vlanidcommand.
You display this setting and other information with the show dot1x command.

12.5.3.4

no dot1x guest-vlan vlan-id

Description

With this command, the guest VLAN ID is reset to the default value 1.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x guest-vlan vlan-id

Result

The ID of the guest VLAN has the value 1.

Further notes

You configure the guest VLAN ID with the dot1x guest-vlan vlan-id command.

626

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.5 Port Based Network Access Control
You display this setting and other information with the show dot1x command.

12.5.3.5

dot1x guest-vlan reset

Description

This command removes MAC addresses from the guest VLAN. If you specify a MAC address, only this MAC address is removed from the guest VLAN. If you use this command without parameters, all MAC addresses are removed from the guest VLAN.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x guest-vlan reset [mac <aa:aa:aa:aa:aa:aa>] The parameter has the following meaning:

Parameter mac

Description
Keyword for the MAC address MAC address to be removed from the guest VLAN.

Range of values / note aa:aa:aa:aa:aa:aa

Result

The specified MAC address or all MAC addresses are no longer assigned to the guest VLAN.

12.5.3.6

set dot1x guest-vlan mac-addr count

Description

With this command, you specify how many MAC addresses can be authenticated on the port at the same time.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

627

Security and authentication 12.5 Port Based Network Access Control

Syntax

Call up the command with the following parameters: set dot1x guest-vlan mac-addr count <num-of-addresses (1-100)> The parameter has the following meaning:

Parameter num-of-addresses

Description Maximum number of MAC addresses

Range of values / note 1 ... 100

Result

The maximum number of MAC addresses for the port has been specified.

Further notes

You display this setting and other information with the show dot1x command.

12.5.3.7

dot1x mac-auth

Description

With this command, you enable MAC authentication for a port.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x mac-auth [timeout] The parameter has the following meaning:

Parameter timeout

Description
Keyword for the 802.1X timeout with which the conditions for the MAC authentication are de- fined.
When you specify this keyword, MAC authenti- cation is only possible after a 802.1X timeout, but not after a failed 802.1X authentication.
If you call the command without parameters, MAC authentication is possible both after a 802.1X timeout and after a failed 802.1X au- thentication.

Range of values/note -

628

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

MAC authentication is enabled for a port.

Security and authentication 12.5 Port Based Network Access Control

Further notes

You also still need to enable MAC authentication for the device. You do this with the dot1x mac-auth command in the Global configuration mode.
You disable the function with the no dot1x mac-auth command.
You display this setting and other information with the show dot1x command.

12.5.3.8

no dot1x mac-auth

Description

With this command, you disable MAC authentication for a port. You can also define the conditions for a MAC authentication with a parameter.

Requirement

You are in interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no dot1x mac-auth [timeout] The parameter has the following meaning:

Parameter timeout

Description
Keyword for the 802.1X timeout with which the conditions for the MAC authentication are de- fined.
When you specify this keyword, MAC authenti- cation is also possible after a failed 802.1X au- thentication.
If you call the command without the timeout parameters, you disable the MAC authentica- tion for a port.

Range of values/note -

Result

MAC authentication is disabled for a port or the conditions for MAC authentication are defined.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

629

Security and authentication 12.5 Port Based Network Access Control

Further notes

You enable the function with the dot1x mac-auth command. You display this setting and other information with the show dot1x command.

12.5.3.9

dot1x mac-auth port reset

Description

With this command, you reset MAC authentication for a port.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x mac-auth port [mac <aa:aa:aa:aa:aa:aa>] reset The parameters have the following meaning:

Parameter mac aa:aa:aa:aa:aa:aa

Description Keyword for a MAC address MAC address of the interface

Range of values / note aa:aa:aa:aa:aa:aa

Result

MAC authentication is reset for the port.

12.5.3.10 dot1x mac-auth vlan-assign

Description

With this command you enable the assignment of the VLAN ID for a MAC address by the RADIUS server.
The port can only be assigned to the VLAN, if the VLAN has been created on the device. Otherwise Authentication is rejected.

630

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.5 Port Based Network Access Control
If during authentication a port is assigned to a VLAN dynamically using this function, assignment using the VLAN ID or the VLAN name is possible. Configure the following values on the RADIUS server:  Tunnel-Type = VLAN  Tunnel-Medium-Type = IEEE-802  Tunnel-Private-Group-Id = VLAN ID or VLAN name The IE switch distinguishes as follows:  VLAN ID: The RADIUS server transfers a numeric string for the parameter "Tunnel-Private-
Group-Id".  VLAN name: The RADIUS server transfers an alphanumeric string for the parameter
"Tunnel-Private-Group-Id".

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: dot1x mac-auth vlan-assign

Result

The VLAN ID for a MAC address is assigned by the RADIUS server.

Additional notes
You disable the assignment of the VLAN ID for a MAC address by the RADIUS server with the no dot1x mac-auth vlan-assign command.
You display this setting and other information with the show dot1x command.

12.5.3.11 no dot1x mac-auth vlan-assign

Description

With this command you disable the assignment of the VLAN ID for a MAC address by the RADIUS server.

Requirement

You are in the Interface configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

631

Security and authentication 12.5 Port Based Network Access Control
The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x mac-auth vlan-assign

Result

The VLAN ID for a MAC address is no longer assigned by the RADIUS server.

Further notes

You enable the assignment of the VLAN ID for a MAC address by the RADIUS server with the dot1x mac-auth vlan-assign command.
You display this setting and other information with the show dot1x command.

12.5.3.12 set dot1x mac-auth mac-addr count

Description

With this command, you specify how many MAC addresses can be authenticated on the port at the same time.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: set dot1x mac-auth mac-addr count <num-of-addresses (1-100)> The parameter has the following meaning:

Parameter num-of-addresses

Description Maximum number of devices

Range of values / note 1 ... 100

Result

The maximum number of devices for the port has been specified.

632

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Security and authentication 12.5 Port Based Network Access Control

Further notes

You display this setting and other information with the show dot1x command.

12.5.3.13 dot1x port-control

Description

With this command, you configure port control parameter of the authenticator.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: dot1x port-control {auto|force-authorized|force-unauthorized} The parameters have the following meaning:

Parameter auto
force-authorized forceunauthorized

Description

Range of values / note

Authentication according to IEEE

-

802.1x is enabled for the interface.

The data traffic via the interface is per- mitted or blocked depending on the au- thentication result.

data traffic via the interface is permitted Default: force-authorized en-

without restrictions

abled

data traffic via the interface is blocked -

Result

The port control parameter is configured.

Further notes

You can reset the port control parameter to the default with the no dot1x port-control command.
You can display the status of this function and other information with the show dot1xcommand.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

633

Security and authentication 12.5 Port Based Network Access Control
12.5.3.14 no dot1x port-control

Description

With this command, you reset the port control parameter of the authenticator to the default value.
The default value is force-authorized.
With this, data traffic is permitted without restrictions.

Requirement

You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x port-control

Result

The port control parameter of the authenticator is reset to the default value.

Further notes

You configure the port control parameter with the dot1x port-control command.
You can display the status of this function and other information with the show dot1xcommand.

12.5.3.15 dot1x reauthentication

Description

With this command, you enable the 802.1X Re-Authentication function for the selected interface. When the function is enabled, the authenticator repeats authentication of the client periodically,

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

634

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameters: dot1x reauthentication

Security and authentication 12.5 Port Based Network Access Control

Result

Periodic authentication is enabled for the selected interface.

Further notes

You disable the function with the no dot1x reauthentication command.
You can display the status of this function and other information with the show dot1xcommand.

12.5.3.16 no dot1x reauthentication

Description

With this command, you disable the function that repeats the authentication of the client by the authenticator periodically.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call the command without parameters: no dot1x reauthentication

Result

Periodic authentication is disabled.

Further notes

You enable the function with the dot1x reauthentication command.
You can display the status of this function and other information with the show dot1xcommand.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

635

Security and authentication 12.5 Port Based Network Access Control

636

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics

13

The monitoring of the system and error diagnostics are handled in different ways:
 Events and faults handling: Predefined events generate a message. These messages can be distributed in different ways:
­ Entry in the local log
­ Transfer to the Syslog server
­ Sending as e-mail
­ Sending as SNMP trap
 Syslog: Configures the transfer to the Syslog server
 Remote Monitoring (RMON): Variables of the Management Information Base are monitored for the violation of limit values and messages are generated if they do. These messages are collected and can be distributed in the following ways:
­ Entry in the local log
­ Sending as SNMP trap
­ Transfer to the Syslog server
­ Transfer to a network management station using SNMP
 Port mirroring: Mirroring of ports to analyze the data stream without disturbing operation
 Loop Detection: Detection and monitoring of parallel connections or loops in an Ethernet network. Loops in the network can cause total failure of the transfer and must be detected and eliminated.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

637

Diagnostics 13.1 Event and fault handling

13.1

Event and fault handling
In events and faults handling, you set the events whose messages will be distributed in one of the available ways.
You configure the monitoring of certain system events and power supply and physical interfaces in the Events configuration mode.

13.1.1

logging console

Description

With this command, you display the log messages in the console. The function can only be active on one connection at a time.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: logging console

Result

The output of the log messages in the console is activated.

Further notes

You disable the function with the no logging console command. As default the function is "disabled".

13.1.2

no logging console

Description

With this command, you disable the output of log messages in the console.

638

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: no logging console

Result

The function is disabled.

Further notes

You enable the function with the logging console command. As default the function is "disabled".

13.1.3

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

13.1.3.1

show events config

Description

This command shows the current configuration for forwarding the messages of the various event types.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

639

Diagnostics 13.1 Event and fault handling

Syntax

Call the command without parameters: show events config

Result

The current configuration of the events display is displayed.

13.1.3.2

show events severity

Description

This command shows the degree of severity of an event ("Info", "Warning" or "Critical") starting at which a notification (sending of an e-mail, entry in the Syslog table, entry in the Syslog file) is generated.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events severity

Result

The corresponding degree of severity is shown for each type of notification.

Further notes

You configure the assignment of the degree of severity of an event and the type of notification with the severity command.

13.1.3.3

show events faults config

Description

This command shows the current configuration of the following error monitoring functions:  Monitoring of the power supply for power outage  Monitoring of the network connections for a change in the connection status

640

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show events faults config [{power|link}] The parameters have the following meaning:

Parameter power link

Description Monitoring of the power supply for power outage Monitoring of the network connections for a change in the connection status

If no parameters are specified, the settings for both error monitoring functions are displayed.

Result

The current configuration of the selected error monitoring function is displayed.

13.1.3.4

show events faults status

Description

This command shows the status messages of fault monitoring of the power supply and network connections.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events faults status

Result

A table with the status messages of the error monitoring functions is displayed.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

641

Diagnostics 13.1 Event and fault handling

13.1.3.5

show startup-information

Description

This command shows the startup information.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli>orcli#

Syntax

Call the command without parameters: show startup-information

Result

Startup information is shown.

13.1.3.6

show logbook

Description

With this command, you display the content of the logbook. The log entries are categorized differently.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show logbook or Call up the command with the following parameters: show logbook [{ info | warning | critical }]

642

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling

The parameters have the following meaning:

Parameter info
warning critical

Description
All log entries of the categories "Information", "Warning" and "Critical" are displayed. All log entries of the categories "Warning" and "Critical" are displayed. All log entries of the category "Critical" are displayed.

Result

The content of the logbook is displayed.

13.1.3.7

show fault counter

Description

This command shows the number of errors since the last startup.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show fault counter

Result

The number of faults is displayed.

Further notes

You reset the counter for the errors with the clear fault counter command.

13.1.3.8

show cabletest interface

Description

This command shows the result of the cable test of the interface.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

643

Diagnostics 13.1 Event and fault handling

Requirement

 The interface has no active data traffic.
 The cabletest interface function was used on the specified interface in the Global configuration mode.
 You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is: cli> or cli#

Syntax

Call up the command with the following parameters: show cabletest interface <interface-type> <interface-id> The parameters have the following meaning:

Parameter interface-type interface-id

Description Type of interface Interface identifier

Range of values / note Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The result is displayed.

Further notes

You enable the cable test function with the cabletest interface command in the Global configuration mode.

13.1.3.9

show interface transceiver details

Description

This command runs error diagnostics for an SFP port.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

644

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Call the command without parameter assignment: show interface transceiver details

Diagnostics 13.1 Event and fault handling

Result

Hardware information (model, serial number) and operating parameters (data transmission rate, voltage and current consumption as well as the transmit and receive power) for SFP port are displayed.

13.1.3.10 show power-line-state

Description

This command shows the status of the power supply.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show power-line-state

Result

The status of the power supply is displayed.

13.1.4

clear logbook

Description

With this command, you delete the content of the logbook.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

645

Diagnostics 13.1 Event and fault handling

Syntax

Call the command without parameters: clear logbook

Result

The content of the logbook is deleted.

13.1.5

clear fault counter

Description

With this command you reset the counter that shows the number of faults since the last startup.

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Syntax

Call the command without parameters: clear fault counter

Result

The counter is set to "0".

Further notes

You shows the number of faults since the last startup with the show fault counter command.

13.1.6

fault report ack

Description

Some errors can be acknowledged and thus removed from the error list, e.g. an error of the event "Cold/warm restart".
With this command, you can acknowledge these errors or remove them from the error list.

646

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Privileged EXEC mode. The command prompt is as follows: cli#

Diagnostics 13.1 Event and fault handling

Syntax

Call up the command with the following parameter: fault report ack <fault-state-id> The parameter has the following meaning:

Parameters fault-state-id

Description Error ID

Range of values/note
Enter the ID of the error. You determine the ID with the "show events faults status" command.

Result

The error is acknowledged and removed from the error list.

13.1.7

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

13.1.7.1

events

Description

With this command, you change to the EVENTS configuration mode.

Requirement

You are in the Global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

647

Diagnostics 13.1 Event and fault handling
The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: events

Result

You are now in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Further notes

You exit the EVENTS configuration mode with the command end or exit.

13.1.7.2

cabletest interface

Description

With this command, you enable the cable test for the specified interface.
Note Wire pairs Wire pairs 4-5 and 7-8 of 10/100 Mbps network cables are not used. The wire pair assignment - pin assignment is as follows (DIN 50173): Pair 1 = pin 1-2 Pair 2 = pin 3-6 Pair 3 = pin 4-5 Pair 4 = pin 7-8

Requirement

 The interface has no active data traffic.
 You are in the Global configuration mode. The command prompt is: cli(config)#

648

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

Diagnostics 13.1 Event and fault handling

Call up the command without parameters or with the following parameter assignment: cabletest interface <interface-type> <interface-id> [force] The parameters have the following meaning:

Parameter interface-type interface-id force

Description Type of interface Interface identifier Forces a link down during the test

Range of values / note Enter a valid interface.
Necessary parameter if there is a link up on the interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

Following the test phase, the result is displayed. The value for the distance has a tolerance of +/- 1 m.

13.1.8

Commands in the Events configuration mode
This section describes commands that you can call up in the EVENTS configuration mode.
In global configuration mode, enter the events command to change to this mode.
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.
 If you exit the EVENTS configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the EVENTS configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in EVENTS configuration mode.
To do this, you replace [command] with the command that you want to execute.

13.1.8.1

add log

Description

With this command, you create an entry in the log.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

649

Diagnostics 13.1 Event and fault handling

Requirement

You are in the EVENTS Configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameters: add log <log-entry> The parameter has the following meaning:

Parameter log-entry

Description Entry in the logbook

Range of values / note max. 150 characters

Result

The entry has been made in the logbook.

13.1.8.2

client config

Description

With this command, you enable one of the clients that processes or forwards the messages of the device. The following clients are available:  syslog: sends the messages to the Syslog server  trap: sends the messages as SNMP trap to a configured recipient  email: sends the messages as e-mails

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: client config {syslog | trap | email | all}

650

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling

The parameters have the following meaning:

Parameter syslog trap email all

Description Enables the client that sends the messages to the Syslog server Enables the client that sends the SNMP traps Enables the client that sends the e-mails Enables all clients at once

Result

The client selected for the transmission is enabled.

Additional notes You display the status of the events and the clients with the show events config command. You disable a client with the no client config command.

13.1.8.3

no client config

Description

With this command, you disable one of the clients that processes or forwards the messages of the device.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no client config {syslog | trap | email | all} The parameters have the following meaning:

Parameter syslog trap email all

Description Disables the client that sends the messages to the Syslog server Disables the client that sends the SNMP traps Disables the client that sends the e-mails Disables all clients at once

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

651

Diagnostics 13.1 Event and fault handling

Result

The client selected for the transmission is disabled.

Additional notes You display the status of the events and the clients with the show events config command. You enable the function with the client config command.

13.1.8.4

event config
Note Depending on the device type, the IE switch does not support all described parameters; see section "Features not supported (Page 35)".

Description

With this command, you configure which of the various message types of the device will be stored or forwarded. The following events or message types are available:  Message if there is cold or warm restart  Message when there is a status change on a physical interface  Message if there is an incorrect login  Message when there is a Remote Monitoring alarm (RMON alarm)  Message when there is a status change in the power supply  Message when there is a status change in the redundancy manager (RM)  Message when there is a status change on a standby connection  Message when there is a status change in the error monitoring  Message when there is a change in the spanning tree  Message when there is a status change of the VRRP routers  Message if there is a status change in the detection of network loops  Message on status change of OSPF  Message when there is a status change in the 802.1X authentication  Message on status change of PoE  Message on status change of FMP  Message when there is a status change in the diagnostics data  Message on status change of Link Check  Message when an error was detected in the CLI script file

652

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling
 Message on error in connection with secure NTP  Message on persistent saving of configuration  Message on non-configurable entry in the log table These messages can be processed by the clients in different ways:  Entry in the logbook of the device  Sending the message to the Syslog server  Sending an e-mail  Sending an SNMP trap

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: event config
{cold-warmstart | linkchange | authentication-failure | rmon-alarm | power-change | rm-state-change | standby-state-change | faultstatechange | stp-change | vrrp-state-change | loopd-state-change | ospfstate-change | dot1x-port-auth-state-change | poe-state-change | fmpstate-change | env-data-change | linkcheck-change | cli-script-filestatus | secure-ntp | config-change | service-information | all} {logtable | syslog | email | trap | faults | all}
The parameters have the following meaning:

Parameter cold-warmstart linkchange authenticationfailure rmon-alarm power-change rm-state-change standby-statechange faultstate-change stp-change vrrp-state-change loopd-statechange ospf-state-change

Description Message if there is cold or warm restart Message when there is a status change on a physical interface Message if there is an incorrect login
Message when there is a RMON alarm Message when there is a status change in the power supply Message when there is a status change in the redundancy manager Message when there is a status change on a standby connection
Message when there is a status change in the error monitoring Message when there is a change in the spanning tree Message on status change of VRRP routers Message if there is a status change in the detection of network loops
Message on status change of OSPF

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

653

Diagnostics 13.1 Event and fault handling

Parameter dot1x-port-authstate-change poe-state-change fmp-state-change env-data-change linkcheck-change cli-script-filestatus secure-ntp config-change serviceinformation all logtable syslog email trap faults all

Description Message when there is a status change in the 802.1X authentication
Message on status change of PoE Message on status change of FMP Message when there is a status change in the diagnostics data Message on status change of Link Check Message when an error was detected in the CLI script file
Message on error in connection with secure NTP Message on persistent saving of configuration Message on non-configurable entry in the log table
All messages Client that processes the logbook entries Client that sends the messages to the Syslog server Client that sends the e-mails Client that sends the SNMP traps Error LED lights up. The setting is possible only for a cold or warm restart. All clients at once

Result

The setting deciding which message of the device is stored or forwarded is configured.

Additional notes You display the status of the events and the clients with the show events config command. You delete the settings with the no event config command. With this command, the clients are not enabled. To enable the clients, use the client config command.
Note Changing several message types or clients With each command call, you can only select one message type and one client. If you want to process several message types or clients, it may be more efficient to first select the all option and then disable individual elements.

654

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.1.8.5

Diagnostics 13.1 Event and fault handling
no event config
Note Depending on the device type, the IE switch does not support all described parameters; see section "Features not supported (Page 35)".

Description

With this command, you configure which of the various message types of the device will no longer be stored or forwarded.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no event config
{cold-warmstart | linkchange | authentication-failure | rmon-alarm | power-change | rm-state-change | standby-state-change | faultstatechange | stp-change | vrrp-state-change | loopd-state-change | ospfstate-change | dot1x-port-auth-state-change | poe-state-change | fmpstate-change | env-data-change | linkcheck-change | cli-script-filestatus | secure-ntp | config-change | service-information | all} {logtable | syslog | email | trap | faults | all}
The parameters have the following meaning:

Parameter cold-warmstart linkchange authenticationfailure rmon-alarm power-change rm-state-change standby-statechange faultstate-change stp-change vrrp-state-change loopd-statechange

Description Message if there is cold or warm restart Message when there is a status change on a physical interface Message if there is an incorrect login
Message when there is a RMON alarm Message when there is a status change in the power supply Message when there is a status change in the redundancy manager Message when there is a status change on a standby connection
Message when there is a status change in the error monitoring Message when there is a change in the spanning tree Message on status change of VRRP routers Message if there is a status change in the detection of network loops

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

655

Diagnostics 13.1 Event and fault handling

Parameter ospf-state-change dot1x-port-authstate-change poe-state-change fmp-state-change env-data-change linkcheck-change cli-script-filestatus secure-ntp config-change serviceinformation all logtable syslog email trap faults all

Description Message on status change of OSPF Message when there is a status change in the 802.1X authentication
Message on status change of PoE Message on status change of FMP Message when there is a status change in the diagnostics data Message on status change of Link Check Message when an error was detected in the CLI script file
Message on error in connection with secure NTP Message on persistent saving of configuration Message on non-configurable entry in the log table
All messages Client that processes the logbook entries Client that sends the messages to the Syslog server Client that sends the e-mails Client that sends the SNMP traps Error LED lights up. The setting is possible only for a cold or warm restart. All clients at once

Result

The setting deciding which messages of the device are not stored or forwarded is configured.

Additional notes
You display the status of the events and the clients with the show events config command.
You configure which of the various message types of the device will be stored or forwarded with the event config command.

13.1.8.6

severity

Description

With this command, you configure the threshold values for the sending of system event notifications.

Requirement

You are in the EVENTS Configuration mode. The command prompt is as follows: cli (config-events) #

656

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax

Diagnostics 13.1 Event and fault handling

Call up the command with the following parameters: severity { mail | log | syslog } { info | warning | critical } The parameters have the following meaning:

Parameter mail log
syslog
info warning critical

Description
Specifies the threshold value for send- ing system event messages by e-mail.
Specifies the threshold value for enter- ing system event messages in the log table.
Specifies the threshold value for enter- ing system event messages in the Sy- slog file.
System events are processed as of the severity level "Information".
System events are processed as of the severity level "Warning".
System events are processed as of the severity level "Critical".

Range of values / note -
-
-

Result

The settings for sending system event messages are configured. The "severity" function is enabled.

Further notes

You disable the setting with the no severity command. You display the status of this function and other information show events severity

13.1.8.7

no severity

Description

With this command, you disable the setting for the threshold values for the sending of system event notifications.

Requirement

You are in the EVENTS Configuration mode. The command prompt is as follows: cli (config-events) #

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

657

Diagnostics 13.1 Event and fault handling

Syntax

Call up the command with the following parameters: no severity { mail | log | syslog } The parameters have the following meaning:

Parameter mail
log
syslog

Description
The setting of the threshold value for sending system event messages by email is disabled.
The setting of the threshold value for entering system event messages in the log table disabled.
The setting of the threshold value the entering event messages in the Syslog file is disabled.

Range of values / note -
-
-

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings for sending system event messages are configured.

Further notes

You enable the setting with the severity command. You display the status of this function and other information show events severity.

13.1.8.8

power

Description

With this command, you configure and activate the monitoring of the power supplies.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: power [{L1|L2}]

658

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling

The parameters have the following meaning:

Parameter L1 L2

Description Monitoring of power supply 1 Monitoring of power supply 2

If you do not select any parameters from the parameter list, the default value "L1 and L2" is used.

Result

The setting for monitoring the power supplies is configured.

Further notes

You can display the current setting with the show events faults config command. You disable the function with the no power command.

13.1.8.9

no power

Description

With this command, you disable the monitoring of the power supplies.

Requirement

You are in the EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no power [{L1|L2}} The parameters have the following meaning:

Parameter L1 L2

Description No monitoring of power supply 1 No monitoring of power supply 2

If you do not select any parameters from the parameter list, the default value "L1 and L2" is used.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

659

Diagnostics 13.1 Event and fault handling

Result

The setting for monitoring the power supplies is configured.

Further notes

You can display the current setting with the show events faults config command. You enable the function with the power command.

13.1.8.10 link

Description

With this command, you configure and enable the monitoring of the physical network connections for cable breaks or for pulling of the connector.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: link {up | down}[{<interface-type><interface-id>}] The parameters have the following meaning:

Parameter up
down
interface-type interface-id

Description

Range of values / note

Only the establishment of a connection is signaled

Only the termination of a connection is signaled

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select an interface, the function is enabled for all available interfaces.

Result

The settings for monitoring the physical network connections have been configured.

660

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.1 Event and fault handling
Additional notes You display the setting with the show events faults config command. You display the current error state with the show events faults status command. You disable the function with the no link command.

13.1.8.11 no link

Description

With this command, you disable the monitoring of the physical network connections for cable breaks or for pulling of the connector.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call up the command with the following parameters: no link {up | down}[{<interface-type><interface-id>}] The parameters have the following meaning:

Parameter up
down
interface-type interface-id

Description

Range of values / note

The message when establishing a con- nection is disabled

The message when a connection is

-

down is disabled

Type or speed of the interface

Specify a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select an interface, the function is disabled for all available interfaces.

Result

The settings for monitoring the physical network connections have been configured.

Additional notes
You display this setting and other information with the show events faults config command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

661

Diagnostics 13.1 Event and fault handling
You display the current error state with the show events faults status command. You enable the function with the link command.

13.1.8.12 syslogserver

Description

With this command, you configure the Syslog server address.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ucast_addr>} [<port(1-65535)>] [tls] The parameters have the following meaning:

Parameter ipv4 ucast_addr port
tls

Description Keyword for an IP address Syslog server IPv4 address Serverport
Communication with the Syslog server is encrypted.

Range of values/note Enter a valid IPv4 address. 1 .. 65535 Default: 514 -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings for the Syslog server are configured.

Additional notes
You disable the setting with the no syslogserver command.
You display the status of this function and other information with the show events syslogserver command.

662

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.1.8.13 no syslogserver

Diagnostics 13.1 Event and fault handling

Description

With this command, you delete a Syslog server.

Requirement

You are in the EVENTS Configuration mode. The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ucast_addr>} The parameters have the following meaning:

Parameter ipv4 ucast_addr

Description Keyword for an IP address Syslog server IPv4 Address

Range of values / note Enter a valid IPv4 address.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The Syslog server is deleted.

Further notes

You add a Syslog server syslogserver.

13.1.8.14 hrp-redundancy-loss

Description

With this command, you activate the monitoring of HRP and MRP redundancy.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

663

Diagnostics 13.1 Event and fault handling

Syntax

Call the command without parameter assignment: hrp-redundancy-loss

Result

Redundancy monitoring is enabled.

Additional notes You can display the current setting with the show events faults config command. You disable the function with the no hrp-redundancy-loss command.

13.1.8.15 no hrp-redundancy-loss

Description

With this command, you disable the monitoring of HRP and MRP redundancy.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli(config-events)#

Syntax

Call the command without parameter assignment: no hrp-redundancy-loss

Result

Redundancy monitoring is disabled.

Additional notes You can display the current setting with the show events faults config command. You enable the function with the hrp-redundancy-loss command.

664

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.2

Diagnostics 13.2 FMP
FMP
With Fiber Monitoring, you can monitor the received power and the loss of power on optical links between two switches.
If you enable fiber monitoring on an optical port, the device sends the current transmit power of the port to its connection partner using LLDP packets. In addition to sending, the device also checks whether corresponding information is received from the connection partner.
Regardless of whether the IE switch receives diagnostics information from its connection partner, it monitors the received power measured at the optical port for the set limit values.
If fiber monitoring is enabled on the connection partner, the connection partner transfers the current value for the transmit power of the port to the device. The device compares the value it has received for the transmit power with the actually received power. The difference between the received power and the transmit power represents the power loss on the link. The calculated power loss is also monitored for the set limit values.
If the value of the received power or the power loss falls below or exceeds the set limit values, an event is triggered. You can set limit values in two stages for messages with the severity levels "Warning" and "Critical".

13.2.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

13.2.1.1

show fmp limit

Description

This command shows the limit values for the received power and the power loss that you set for monitoring optical ports or connections with fiber monitoring.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show fmp limit [{port <interface-type> <interface-id>}]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

665

Diagnostics 13.2 FMP

The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, the settings for all interfaces are displayed.

Result

The limits set for the received power and the power loss are displayed.

13.2.1.2

show fmp status

Description

This command shows the current status and the current values of the optical ports or connections that you monitor with fiber monitoring.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command with the following parameters: show fmp status [{port <interface-type> <interface-id>}] The parameters have the following meaning:

Parameter port interface-type interface-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on identifiers of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If no parameters are specified, the settings for all interfaces are displayed.

666

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The status of the optical ports is displayed.

Diagnostics 13.2 FMP

13.2.2

Commands in the Interface Configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

13.2.2.1

fmp

Description

With this command, you enable fiber monitoring.

Requirement

 To be able to use the fiber monitoring function, enable LLDP. The fiber monitoring information is appended to the LLDP packets.
 You can only use fiber monitoring with transceivers capable of diagnostics. Note the documentation of the devices.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: fmp Default: Disabled

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

667

Diagnostics 13.2 FMP
Result

Fiber monitoring is enabled.

Additional notes You disable this function with the no fmp command.
You display the status of this function and other information with the show fmp status and show fmp limit commands.
You define the limit values with the fmp power-loss and fmp rx-power commands.

13.2.2.2

no fmp

Description

With this command, you disable fiber monitoring.

Requirement

You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameter assignment: no fmp Default: enabled

Result

Fiber monitoring is disabled.

Further notes

You enable this function with the fmp command.
You display the status of this function and other information with the and show fmp limit commands.
You define the limit values with the fmp power-loss and fmp rx-power commands.

668

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.2.2.3

fmp power-loss

Diagnostics 13.2 FMP

Description

With this command, you specify the limit values for monitoring the power loss per port.

Requirement

You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax
Parameter req dem

Call up the command with the following parameters:
fmp power-loss [req { <integer(0-0)> | - <integer(1-55)>}] [dem { <integer(0-0)> | - <integer(1-55)>}]
The parameters have the following meaning:

Description

Range of values / note

Specify the value at which you are informed of the pow- 0 ... -55 dB

er loss of the connection by a message of the severity Default: -50 dB

level "Warning"

If you enter the value "0", the power loss is

not monitored.

Specify the value at which you are informed of the pow- 0 ... -55 dB

er loss of the connection by a message of the severity Default: -55 dB

level "Critical"

If you enter the value "0", the power loss is

not monitored.

Result

The limits for monitoring the power loss are defined.

Further notes

You enable this function with the fmp command.
You disable this function with the no fmp command.
You display the status of this function and other information with the and show fmp limit commands.
You define the limit values for the received power with the command fmp rx-power.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

669

Diagnostics 13.2 FMP

13.2.2.4

fmp rx-power

Description

With this command, you specify the limit values for monitoring the received power per port.

Requirement

You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax
Parameter req dem

Call up the command with the following parameters:
fmp rx-power [req { <integer(0-0)> | - <integer(1-40)>}] [dem { <integer(0-0)> | - <integer(1-40)>}]
The parameters have the following meaning:

Description

Range of values/note

Specify the value at which you are informed of the de- 0 ... -40 dBm

terioration of the received power by a message of the The default value depends on the relevant

severity level "Warning"

pluggable transceiver.

If you enter the value "0", the received power is not monitored.

Specify the value at which you are informed of the de- 0 ... -40 dBm

terioration of the received power by a message of the The default value depends on the relevant

severity level "Critical"

pluggable transceiver.

If you enter the value "0", the received power is not monitored.

Result

The limits for monitoring the received power are defined.

Additional notes You enable this function with the fmp command. You disable this function with the no fmp command. You display the status of this function and other information with the and show fmp limit commands. You define the limit values for the power loss with the command fmp power-loss.

670

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.3

Diagnostics 13.3 Syslog client
Syslog client
With the commands in this section, the following settings are configured:  Transfer of the messages to the Syslog server  Local buffering and storage of messages  Receipt and forwarding of messages from other devices (relay mode)

13.3.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

13.3.1.1

show events syslogserver

Description

This command shows the entries of the configured Syslog server.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameters: show events syslogserver

Result

The entries of the configured Syslog server are displayed.

13.3.2

Commands in the Events configuration mode
This section describes commands that you can call up in the EVENTS configuration mode. In global configuration mode, enter the events command to change to this mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

671

Diagnostics 13.3 Syslog client
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections.  If you exit the EVENTS configuration mode with the exit command, you return to the
Global configuration mode.  If you exit the EVENTS configuration mode with the end command, you return to the
Privileged EXEC mode. You can run commands from Privileged EXEC Modus with the do [command] in EVENTS configuration mode. To do this, you replace [command] with the command that you want to execute.

13.3.2.1

syslogserver

Description

With this command, you configure the Syslog server address.

Requirement

You are in EVENTS configuration mode. The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ucast_addr>} [<port(1-65535)>] [tls] The parameters have the following meaning:

Parameter ipv4 ucast_addr port
tls

Description Keyword for an IP address Syslog server IPv4 address Serverport
Communication with the Syslog server is encrypted.

Range of values/note Enter a valid IPv4 address. 1 .. 65535 Default: 514 -

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value is used.

Result

The settings for the Syslog server are configured.

672

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.3 Syslog client
Additional notes You disable the setting with the no syslogserver command. You display the status of this function and other information with the show events syslogserver command.

13.3.2.2

no syslogserver

Description

With this command, you delete a Syslog server.

Requirement

You are in the EVENTS Configuration mode. The command prompt is as follows: cli (config-events) #

Syntax

Call up the command with the following parameters: syslogserver {ipv4 <ucast_addr>} The parameters have the following meaning:

Parameter ipv4 ucast_addr

Description Keyword for an IP address Syslog server IPv4 Address

Range of values / note Enter a valid IPv4 address.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The Syslog server is deleted.

Further notes

You add a Syslog server syslogserver.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

673

Diagnostics 13.4 RMON

13.4

RMON
The RMON function provides commands with which variables of the Management Information Base (MIB) can be monitored for violation of limit values and to store or forward these events in the following ways:  Entry in the local log  Sending as SNMP trap  Transfer to the Syslog server  Transfer to a network management station using SNMP

Example of a configuration Calls the SNMP notification configured in the section "SNMP (Page 373)" ("testnotify") for sending SNMP traps. As soon as the threshold of 10 entries is exceeded in the log table, event 1 is triggered. As soon as the threshold of 9 entries is exceeded in the log table, event 2 is triggered. Execute the following commands: configure terminal rmon event 1 description "More than 10 log entries" trap testnotify rmon event 2 description "Less than 9 log entries" trap testnotify rmon alarm 1 1.3.6.1.4.1.4329.20.1.1.1.1.31.2.0 1 absolute risingthreshold 10 1 falling-threshold 9 2 end

13.4.1 13.4.1.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.
show rmon

Description

This command shows the settings of the remote monitoring function.

Requirement

You are in User EXEC mode or in Privileged EXEC mode.

674

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Syntax Result

The command prompt is as follows: cli> or cli#

Diagnostics 13.4 RMON

Call up the command with the following parameters:
show rmon [statistics [<stats-index (1-65535)>]] [alarms] [events] [history [history-index (1-65535)] [overview]]
The parameters have the following meaning:

Parameter statistics stats-index alarms events history history-index overview

Description

Range of values/note

Shows counts for various packet char- acteristics and sizes.

Index number of the port for which stat- 1 ... maximum number of ports of

istical information is displayed.

the device

Shows the threshold values and event assignments for alarms.

Shows the status and the actions that are triggered.

Shows the stored statistical values for earlier transmission periods.

Index number of the port for which ear- 1 ... maximum number of ports of lier statistical information is displayed. the device

Displays an overview.

-

With this command, you can display several parameters with one call.

If you do not select any parameters from the parameter list, only the enabled or disabled status is shown.

The settings of the remote monitoring function are displayed.

13.4.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

675

Diagnostics 13.4 RMON

13.4.2.1

rmon

Description

With this command, you enable the Remote Monitoring function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: rmon Default: disabled

Result

The Remote Monitoring function is enabled.

Further notes

You disable this function with the no rmon command. You can display the status of this function and other information with the show rmon command.

13.4.2.2

no rmon

Description

With this command, you disable the Remote Monitoring function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameter assignment: no rmon

676

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Default: disabled

Diagnostics 13.4 RMON

Result

The Remote Monitoring function is disabled.

Further notes

You enable this function with the rmon command. You can display the status of this function and other information with the show rmon command.

13.4.2.3

rmon alarm

Description

With this command, you configure an alarm for monitoring a MIB variable. The variable is checked at specific intervals to determine whether or not it has exceeded or fallen below threshold values. Events are assigned to these occurrences.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
rmon alarm <alarm-number><mib-object-id(255)> <sample-interval-time(1-65535)> {absolute|delta} rising-threshold<value(0-2147483647)>[risingevent-
number(1-65535)] falling-threshold<value(0-2147483647)>[fallingevent-
number(1-65535)] [owner<ownername(127)>]
The parameters have the following meaning:

Parameter alarm-number mib-object-id sample-intervaltime absolute

Description Number of the alarm OID of the MIB tag to be monitored Interval for the check [s]

Range of values / note 1 ... 250 max. 255 characters 1 ... 65535

The current absolute value of the moni- tored MIB is evaluated

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

677

Diagnostics 13.4 RMON

Parameter delta
rising-threshold
value risingeventnumber falling-threshold
value fallingeventnumber owner ownername

Description The difference between the current and the previous value of the monitored MIB is evaluated Keyword for threshold value for rising or high variable values Relevant threshold value Event number for this
Keyword for threshold value for falling or low variable values Relevant threshold value Event number for this
User to which the alarm is assigned User name of the user

Range of values / note -
-
0 ... 2147483647 1 ... 65535
-
0 ... 2147483647 1 ... 65535
max. 127 characters

If you do not select a parameter from the parameter list, the events for high and low threshold values are assigned the lowest event number available in the event table.

Note MIB variables that can be monitored
With the RMON function, only MIB variables of the Ethernet interfaces can be monitored.

Note Magnitude of the threshold values
The threshold value for falling or low variable values should be less than the threshold value for rising or high variable values.

Note Conditions for working with alarms The events assigned to the alarms are configured. The Remote monitoring function is started with the rmon command.

Result

The alarm for monitoring a MIB variable is configured.

Further notes

You delete an alarm with the no rmon alarm command. You display the list of configured RMON alarms with the show rmon alarms command.

678

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.4.2.4

no rmon alarm

Diagnostics 13.4 RMON

Description

With this command, you delete an alarm for monitoring a MIB variable.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters: no rmon alarm <number (1-250)> The parameter has the following meaning:

Parameter number

Description Number of the alarm to be deleted

Range of values / note 1 ... 250

Result

The entry for monitoring a MIB variable is deleted.

13.4.2.5

rmon event

Description

With this command, you configure an event in the RMON Event Table.
You specify a description and the person responsible and specify which SNMP notification is generated. You can configure the sending of traps globally with the command snmp notify.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

679

Diagnostics 13.4 RMON

rmon event <number(1-500)>[description<event-description(127)>] [owner<ownername(127)>][trap<notify(127)>]
The parameters have the following meaning:

Parameter number description event-description
owner ownername trap
notify

Description
Number of the event Keyword for a description Description of the event that is output in the message. Keyword for the person responsible Name of the person responsible Keyword for selecting an SNMP notifi- cation Name of the SNMP notification to be triggered.

Range of values / note 1 ... 500 max. 127 characters
max. 127 characters -
The only valid entry allowed is "SNMPv1Traps". You can configure the sending of traps globally with the command snmp notify.

Result

The event is configured.

Further notes

You delete an entry with the no rmon event command. You display the RMON Event Table with the show rmon events command. You show the details of the SNMP community with the show snmp community command.

13.4.2.6

no rmon event

Description

With this command, you delete an entry from the RMON event table.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:

680

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

Diagnostics 13.4 RMON

no rmon event <number (1-500)> The parameter has the following meaning:

Parameter number

Description

Range of values / note

Number of the event entry to be deleted 1 ... 500

The entry is deleted from the RMON event table.

13.4.3

Commands in the interface configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

13.4.3.1

rmon collection stats

Description

With this command, you start the recording of statistical data of an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: rmon collection stats <index (1-52)>[owner<ownername(127)>]

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

681

Diagnostics 13.4 RMON

The parameters have the following meaning:

Parameter index owner ownername

Description Number of the recording User to which the event is assigned User name of the user

Range of values / note 1 ... 52 max. 127 characters

Result

The recording of statistical data is started.

Further notes

You can display the content of a recording with the show rmon statistics command.

13.4.3.2

no rmon collection stats

Description

With this command, you end the recording of statistical data of an interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no rmon collection stats <index (1-52)> The parameter has the following meaning:

Parameter index

Description Number of the recording

Range of values / note 1 ... 52

Result

The recording of statistical data is ended.

682

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.4.3.3

rmon collection history

Diagnostics 13.4 RMON

Description

With this command you configure whether or not samples of the statistics are saved for a port. You can specify how many entries ("Buckets") should be saved and at which intervals samples should be taken.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
rmon collection history<index(1-52)> [buckets<bucket-number(1-65535)>] [interval<seconds(1-3600)>] [owner<ownername(127)>]
The parameters have the following meaning:

Parameter index buckets bucket-number
interval seconds
owner ownername

Description Number of the recording Keyword for entries Maximum number of entries (record- ings)
Keyword for recording intervals Duration of the recording intervals in seconds User to which the event is assigned User name of the user

Range of values / note
1 ... 65535 1 ... 65535 The maximum number of entries can be restricted by the capacity of the device. Default: 50 1 ... 3600 Default: 1800 max. 127 characters Default: monitor

If you do not select any parameter from the parameter list, the default values are used.

Result

The data is recorded.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

683

Diagnostics 13.4 RMON

Further notes

You can display the content of a recording with the show rmon history command.

13.4.3.4

no rmon collection history

Description

With this command, you end the recording of statistical data of the interface.

Requirement

You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters: no rmon collection history <index(1-52)> The parameter has the following meaning:

Parameter index

Description Number of the recording

Range of values / note 1 ... 52

Result

The data recording is ended.

684

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.5

Diagnostics 13.5 Port Mirroring
Port Mirroring
Note It cannot be guaranteed when mirroring the data traffic that all packets are mirrored.
With the port mirroring function, you copy the data stream of one or more ports to another interface to be able to analyze this data stream without disturbing operation.
Note You need to disable port mirroring if you want to connect a normal end device to the monitor port.

Note the data rate If the maximum data rate of the mirrored port is higher than that of the monitor port, data may be lost and the monitor port no longer reflects the data traffic at the mirrored port. Several ports can be mirrored to one monitor port at the same time.
Several source ports from the same VLAN If in a VLAN you select more than one source port for the port-based egress mirroring, unknown unicast and multicast frames as well as broadcast frames are forwarded only once to the destination port.

13.5.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

13.5.1.1

show monitor

Description

This command shows the status of the port mirroring function.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

685

Diagnostics 13.5 Port Mirroring
cli> or cli#

Syntax

Call the command without parameters: show monitor

Result

The status of the port mirroring function is displayed.

13.5.1.2

show monitor barrier

Description

This command shows the status of the communication via the monitor port. If you enable this option, management of the switch via the monitor port is no longer reachable.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call the command without parameter assignment: show monitor barrier

Result

The settings are displayed.

13.5.1.3

show monitor session

Description

This command shows the settings used for mirroring ports.
You obtain information about the ports from which incoming and/or outgoing data traffic is mirrored and the port at which the mirrored data is output.

686

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Diagnostics 13.5 Port Mirroring

Syntax

Call up the command with the following parameters: show monitor {session <session-id(1-1)>} The parameters have the following meaning:

Parameter session
session-id

Description
Keyword for a session whose settings are displayed Number of the session

Range of values / note -
1

Result

The settings for mirroring ports are displayed.

13.5.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

13.5.2.1

monitor

Description

With this command, you enable the port mirroring function.

Requirement

You are in the Global configuration mode.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

687

Diagnostics 13.5 Port Mirroring
The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: monitor As default the function is "disabled".

Result

The port mirroring function is enabled.

Further notes

You can display the status of this function with the show monitorcommand. You disable the function with the no monitor command.

13.5.2.2

no monitor

Description

With this command, you disable the port mirroring function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no monitor

Result

The port mirroring function is disabled.

Further notes

You can display the status of this function with the show monitorcommand. You enable the function with the monitor command.

688

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.5.2.3

monitor barrier enabled

Diagnostics 13.5 Port Mirroring

Description

With this command, you disable the communication via the monitor port.
Note Effects of monitor barrier enabled
If you enable this option, management of the switch via the monitor port is no longer reachable. The following port-specific functions are changed:  DCP forwarding is turned off  LLDP is turned off  Unicast, multicast and broadcast blocking is turned on
The previous statuses of these functions are no longer restored after disabling monitor barrier again. They are reset to the default values and may need to be reconfigured.
You can reconfigure these functions manually even if monitor barrier is turned on. The data traffic on the monitor port is, however, also allowed again. If you do not require this, make sure that only the data traffic you want to monitor is forwarded to the interface.
If mirroring is disabled, the listed port-specific functions are reset to the default values. This reset takes place regardless of whether the functions were configured manually or automatically by enabling "Monitor Barrier".

Requirement

You are in global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: monitor barrier enabled

Result

Communication via the monitor port is disabled.

Additional notes You enable the communication with the no monitor barrier enabled command. You display the configuration settings with the show monitor barrier command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

689

Diagnostics 13.5 Port Mirroring

13.5.2.4

no monitor barrier enabled

Description

With this command, you enable the communication via the monitor port.

Requirement

You are in the Global Configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no monitor barrier enabled

Result

Communication via the monitor port is enabled.

Further notes

You disable the communication with the monitor barrier enabled command. You display the configuration settings with the show monitor barrier command.

13.5.2.5

monitor session destination

Description

With this command, you configure the destination for mirroring a port.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command with the following parameters:
monitor session <session-id(1-1)> destination {interface <interface-type><interface-id>}

690

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.5 Port Mirroring

The parameters have the following meaning:

Parameter session-id interface interfacetype interface-id

Description Number of the session Keyword for a an interface description Type or speed of the interface
Module no. and port no. of the interface

Values 1 Enter a valid interface.

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Note Selecting the destination port
A port that is part of a port channel cannot be configured as the destination port for a monitor session.

Result

As soon as you have configured the settings for the port to be monitored and the destination port, the session is complete and active.
Note If you change the settings for an existing session, all previous configurations of this session are lost.

Further notes

You delete the destination for mirroring a port with the no monitor session ... destination command.
You end and delete a session with the no monitor session command.
You display the configuration settings with the show monitor session command.

13.5.2.6

no monitor session destination

Description

With this command, you delete the destination for mirroring a port.

Requirement

You are in the Global configuration mode. The command prompt is as follows:

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

691

Diagnostics 13.5 Port Mirroring
cli(config)#

Syntax

Call up the command with the following parameters:
no monitor session <session-id(1-1)> destination {interface <interface-type><interface-id>}
The parameters have the following meaning:

Parameter session-id interface interface-type interface-id

Description

Range of values / note

Number of the session

1

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

The destination for the mirroring of a port is deleted.

Further notes

You configure the destination for mirroring a port with the monitor session ... destination command.
You end and delete a session with the no monitor session command.
You display the configuration settings with the show monitor session command.

13.5.2.7

monitor session source

Description

With this command, you configure the source for mirroring a port.

Requirement

 Monitoring is enabled.
 You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call up the command for the port to be monitored with the following parameter assignment:

692

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.5 Port Mirroring

monitor session <session-id(1-1)> source {interface {<interface-type> <interface-id> | port-channel <port-
channel-id (1-8)>} [{rx|tx|both}]}
The parameters have the following meaning:

Parameter session-id interface interface-type interface-id port-channel port-channel-id rx
tx
both

Description

Range of values / note

Number of the session

1

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection -

Number of the addressed port channel 1 ... 8

Received data traffic will be mirrored (received)
Transmitted data traffic will be mirrored (transmitted)

If you enable the mirroring function for a ring port, the ring port sends test frames even in the "link down" status.

Received and transmitted data traffic will be mirrored

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value (both) is used.

Result

As soon as you have configured the settings for the port to be monitored and the destination port, the session is complete and active.

Further notes

You delete the source for mirroring a port with the no monitor session ... source command.
You end and delete a session with the no monitor session command.
You display the configuration settings with the show monitor session command.

See also

Features not supported (Page 35)

13.5.2.8

no monitor session source

Description

With this command, you delete the source for mirroring a port or a VLAN.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

693

Diagnostics 13.5 Port Mirroring

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call up the command for the port to be monitored with the following parameter assignment:
no monitor session <session-id(1-1)> source {interface <interface-type><interface-id>} [{rx|tx|both}]}
The parameters have the following meaning:

Parameter session-id interface interface-type interface-id rx
tx
both

Description

Range of values / note

Number of the session

1

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Received data traffic will be mirrored (received)

Transmitted data traffic will be mirrored (transmitted)

Received and transmitted data traffic will be mirrored

For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

If you do not select any parameters from the parameter list, the default value (both) is used.

Result

The source for the mirroring of a port is deleted.

Further notes

You configure the source for mirroring a port with the monitor session ... source command.
You end and delete a session with the no monitor session command.
You display the configuration settings with the show monitor session command.

13.5.2.9

no monitor session

Description

With this command, you delete the monitor session.

694

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Diagnostics 13.5 Port Mirroring

Syntax

Call up the command with the following parameters: no monitor session<session-id(1-1)> The parameter has the following meaning:

Parameter session-id

Description Number of the session

Range of values / note 1

Result

The monitor session is deleted.

Further notes

You display the configuration settings with the show monitor session command. You configure and start mirroring of a port with the monitor session command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

695

Diagnostics 13.6 Loop detection

13.6

Loop detection
With the "Loop detection" function, you specify the ports for which loop detection will be activated. The ports involved send special test frames - the loop detection frames. If these frames are sent back to the device, there is a loop.
A "Local loop" involving this device means that the frames are received again at a different port of the same device. If the sent frames are received again at the same port, there is a "remote loop" involving other network components.
With the commands in this section, you start loop detection and decide which actions will be used on the ports affected if loops are detected.
Note
A loop is an error in the network structure that needs to be eliminated. The loop detection can help to find the errors more quickly but does not eliminate them.

Note
Note that loop detection is only possible at ports that were not configured as ring ports or standby ports.
Note Changing the configured port status with loop detection
The configuration of the port status can be changed with the "Loop Detection" function. If, for example, the administrator has disabled a port, the port can be enabled again after a device restart by "Loop Detection". The port status "link down" is not changed by "Loop Detection".

13.6.1

The "show" commands
This section describes commands with which you display various settings. With the do [command], you can execute the commands from the Privileged EXEC mode in any configuration mode. To do this, you replace [command] with the command that you want to execute.

13.6.1.1

show loopd

Description

With this command, you display the information on loop detection. Detected loops are shown.

696

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Diagnostics 13.6 Loop detection

Syntax

Call the command without parameters:
show loopd
For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)".

Result

Information on loop detection is displayed.

13.6.1.2

show loopd interface

Description

Displays information on the loop interface.

Requirement

You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> or cli#

Syntax

Call up the command without parameters or with the following parameter assignment:
show loopd interface [{<interface-type> <interface-id> | portchannel <port-channel-id (1-8)>}]
The parameters have the following meaning:

Parameter interface interface-type interface-id port-channel port-channel-id

Description

Range of values / note

Keyword for a an interface description -

Type or speed of the interface

Enter a valid interface.

Module no. and port no. of the interface

Keyword for a port channel connection -

Number of the addressed port channel 1 ... 8

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

697

Diagnostics 13.6 Loop detection
For information on names of addresses and interfaces, refer to the section "Addresses and interface names (Page 46)". If you do not select any parameters from the parameter list, the default value is used.

Result

The loop interface is displayed.

Further notes

You can display the status of this function and other information with the show loopd command.

13.6.2

Commands in the global configuration mode
This section describes commands that you can call up in the Global configuration mode. In Privileged EXEC mode, enter the configure terminal command to change to this mode. Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again. You can run commands from Privileged EXEC Modus with the do [command] in global configuration mode. To do this, you replace [command] with the command that you want to execute.

13.6.2.1

loopd

Description

With this command, you enable the loop detection function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: loopd

698

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Result

The loop detection function is enabled

Diagnostics 13.6 Loop detection

Further notes

You disable the function with the no loopd command.
You can display the status of this function and other information with the show loopd command.

13.6.2.2

no loopd

Description

With this command, you disable the loop detection function.

Requirement

You are in the Global configuration mode. The command prompt is as follows: cli(config)#

Syntax

Call the command without parameters: no loopd

Result

The loop detection function is disabled

Further notes

You enable the function with the loopd command.
You can display the status of this function and other information with the show loopd command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

699

Diagnostics 13.6 Loop detection

13.6.2.3

loopd vlan mode

Description

With this command, you enable the loop detection function for VLAN.

Requirement

 Loopd is activated
 You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call the command without parameters: loopd vlan mode

Result

The loop detection function is enabled for VLAN.

Further notes

You disable the function with the no loopd vlan mode command.
You can display the status of this function and other information with the show loopd command

13.6.2.4

no loopd vlan mode

Description

With this command, you disable the loop detection function for VLAN.

Requirement

 Loopd is activated
 You are in the Global configuration mode. The command prompt is: cli(config)#

Syntax

Call the command without parameters:

700

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

no loopd vlan mode

Diagnostics 13.6 Loop detection

Result

The loop detection function is disabled for VLAN.

Further notes

You enable the function with the loopd vlan mode command.
You can display the status of this function and other information with the show loopd command

13.6.3

Commands in the Interface Configuration mode
This section describes commands that you can call up in the interface configuration mode. Depending on the Interface selected, various command sets are available.
In global configuration mode, enter the interface command to change to this mode.
Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections.
 If you exit the Interface configuration mode with the exit command, you return to the Global configuration mode.
 If you exit the Interface configuration mode with the end command, you return to the Privileged EXEC mode.
You can run commands from Privileged EXEC Modus with the do [command] in interface configuration mode.
To do this, you replace [command] with the command that you want to execute.

13.6.3.1

loopd {blocked | forwarder | sender}

Description

With this command you specify how the port handles loop detection frames.

Requirement

 Loop detection is enabled
 A Spanning Tree port, ring port or standby port cannot be the sender port.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

701

Diagnostics 13.6 Loop detection

Syntax

Call up the command with the following parameters: loopd {blocked | forwarder | sender} The parameters have the following meaning:

Parameter blocked
forwarder
sender

Description
The forwarding of loop detection frames is blocked.
Loop detection frames from other devi- ces are forwarded.
Loop detection frames are sent out and forwarded.

Range of values / note -
Default after enabling loop detec- tion. -

If you do not select any parameters from the parameter list, the default value is used.

Result

It has been configured how the port handles loop detection frames.

Further notes

You can display the status of this function and other information with the show loopd command.

13.6.3.2

loopd {tx-interval | detect-threshold | reaction-timeout}

Description

With this command you configure the send interval, threshold value and reaction time for loop detection.

Requirement

 Loop detection is enabled
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call up the command with the following parameters:
loopd {tx-interval <mSec(500-5000)> | detect-threshold <integer(1-500)> | reaction-timeout <seconds(0-86400)>}

702

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Diagnostics 13.6 Loop detection

The parameters have the following meaning:

Parameter tx-interval mSec
detect-threshold integer
reaction-timeout seconds

Description

Range of values / note

Keyword for the send interval

-

Specifies the send interval for loop de- 500 ... 5000

tection frames in milliseconds.

Default: 1000

Keyword for the threshold value

-

Specifies the threshold value after how many received loop detection frames, a loop is assumed and the device reacts according to the setting.

1 ... 500 Default: 2

Keyword for the time to the end of the reaction time

Specifies the number of seconds after which the device automatically changes to the status in which it was before the loop.

0 ... 86400
Default: 0
If you set the value "0", you need to enable the port manually again fol- lowing a loop using the command loopd port reset.

If you do not select any parameters from the parameter list, the default value is used. The default values apply only to a port enabled earlier with loopd sender.

Result

The settings are suitably configured.

Further notes

You can display the status of this function and other information with the show loopd command.

13.6.3.3

loopd port reset

Description

With this command, you enable a port that was blocked by loop detection.

Requirement

 Loop detection is enabled
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

703

Diagnostics 13.6 Loop detection

Syntax

Call the command without parameters: loopd port reset

Result

The blocked port is enabled again.

Further notes

You disable the setting with the no loopd port reset command.
You can display the status of this function and other information with the show loopd command.

13.6.3.4

no loopd port reset

Description

With this command, you disable the port reset for loop detection.

Requirement

 Loop detection is enabled
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameters: no loopd port reset

Result

The port reset function is disabled.

Further notes

You enable the setting with the loopd port reset command.
You can display the status of this function and other information with the show loopd command.

704

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.6.3.5

loopd reaction local

Diagnostics 13.6 Loop detection

Description

With this command, you activate the "disable" reaction for a local loop. If a local loop is detected, the port is blocked.

Requirement

 Loop detection is enabled.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameters: loopd reaction local

Result

"disable" is activated for the loopd reaction local function. "disable" is the default after enabling loop detection.

Further notes

You enable the "no action" reaction with the no loopd reaction local command.
You can display the status of this function and other information with the show loopd command.

13.6.3.6

no loopd reaction local

Description

With this command, you enable the "no action" reaction for a local loop. If a local loop is detected, this has no effect on the port.

Requirement

 Loop detection is enabled.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

705

Diagnostics 13.6 Loop detection

Syntax

Call the command without parameters: no loopd reaction local

Result

"no action" is activated for the loopd reaction local function. "disable" is the default after enabling loop detection.

Further notes

You enable the "disable" reaction with the loopd reaction local command. You can display the status of this function and other information with the show loopd command.

13.6.3.7

loopd reaction remote

Description

With this command, you enable the "disable" reaction for a remote loop. If a remote loop is detected, the port is blocked.

Requirement

 Loop detection is enabled.
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameters: loopd reaction remote

Result

"disable" is activated for the loopd reaction remote function. "disable" is the default after enabling loop detection.

Further notes

You enable the "no action" reaction with the no loopd reaction remote command.
You can display the status of this function and other information with the show loopd command.

706

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

13.6.3.8

no loopd reaction remote

Diagnostics 13.6 Loop detection

Description

With this command, you enable the "no action" reaction for a remote loop. If a remote loop is detected, this has no effect on the port.

Requirement

 loopd is enabled
 You are in the Interface configuration mode. The command prompt is: cli(config-if-$$$)#

Syntax

Call the command without parameters: no loopd reaction remote

Result

"no action" is activated for the loop reaction remote function. "disable" is the default after enabling loop detection.

Further notes

You enable the "disable" setting with the loopd reaction remote command.
You can display the status of this function and other information with the show loopd command.

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

707

Diagnostics 13.6 Loop detection

708

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Index
A
add log, 649 agent-priority, 569 alias, 92
no alias, 93 arp timeout, 428
no arp timeout, 429 auth username
no auth username, 410 auth usernamet, 409 authorized-manager, 608
no authorized-manager, 608 authorized-manager ip-source, 609
no authorized-manager ip-source, 611 auto-learn, 615 auto-save, 132
no auto-save, 133 Available system functions, 29
B
base bridge mode, 213, 252 bridge-mode, 214 broadcast-block, 93 broadcast-priority, 570
C
cancel restart-time, 127 change password, 583 channel-group, 258
no channel-group, 259 clear counters, 74 clear fault counter, 646 clear history, 58 clear hrp counters, 458 clear line vty, 74 clear logbook, 645 clear ring-redundancy manager counters, 459 clear screen, 50 clear spanning-tree counters, 270 clear spanning-tree detected protocols, 270 clear standby counter, 459 clear-all-static-unicast, 614 CLI commands
Symbolic representation, 45

cli-console-timeout, 82 no cli-console-timeout, 83
client-position, 484 configure terminal, 75 coordinates height, 83 coordinates latitude, 84 coordinates longitude, 85 cos-map, 572 cos-remap, 573 cos-remap enable, 574
D
das delete, 140 das discover interface, 136 das mac blink, 139 das mac ip, 138 das mac name, 137 dcp forwarding, 326 dcp server, 324
no dcp server, 324 delay mechanism, 195 delete, 115 disable, 76 do, 51 domain-id, 481 domain-name, 481 dot1x guest-vlan, 621, 624
no dot1x guest-vlan, 622, 625 dot1x guest-vlan reset, 627 dot1x guest-vlan vlan-id, 625
no dot1x guest-vlan vlan-id, 626 dot1x mac-auth, 622, 628
no dot1x mac-auth, 629 dot1x mac-auth port reset, 630 dot1x mac-auth vlan-assign, 630
no dot1x mac-auth vlan-assign, 631 dot1x port-control, 633
no dot1x port-control, 634 dot1x reauthentication, 634
no dot1x reauthentication, 635 dscp-map, 576 duplex, 94
no duplex, 95
E
enable, 77

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

709

Index

ethernetip, 86 event config, 652
no event config, 655 events, 647 exit, 53
F
factoryclean, 158 fault report ack, 646 firmware-on-plug, 158
no firmware-on-plug, 159 flowcontrol, 561 fmp, 667 fmp power-loss, 669 fmp rx-power, 670
G
Glossary, 26
H
help, 54 host, 356 hrp-redundancy-loss, 663
no hrp-redundancy-loss, 664
I
instance, 306 no instance, 307
Interconnection, 486 interface, 79
no interface, 81 Interface, 482 interface range, 215
no interface range, 216 ip address, 326, 328 ip address dhcp, 334 ip dhcp client mode, 333 ip dhcp config-file-request, 331
no ip dhcp config-file-request, 332 ip dhcp relay circuit-id, 369
no ip dhcp relay circuit-id, 370 ip dhcp relay circuit-id option, 362 ip dhcp relay common-agent-address, 364 ip dhcp relay common-agent-address-interface, 366 ip dhcp relay information option, 363
no ip dhcp relay information option, 364

ip dhcp relay remote-id, 371 ip dhcp server, 361
no ip dhcp server, 361 ip dhcp-server, 338
no ip dhcp-server, 338 ip dhcp-server icmp-probe, 339
no ip dhcp-server icmp-probe, 340 ip dhcp-server pool, 341
no ip dhcp-server pool, 342 ip echo-reply, 320
no ip echo-reply, 321 ip gateway, 319
no ip gateway, 319 ip http, 420
no ip http, 420 ip http port, 421
no ip http port, 422 ip http secure, 424
no ip http secure, 425 ip http secure port, 425
no ip http secure port, 426 ip igmp snooping clear counters, 449 ip igmp snooping port-purge-interval, 451
no ip igmp snooping port-purge-interval, 452 ip igmp snooping querier, 453, 455
no ip igmp snooping querier, 454, 456 ip igmp snooping switch-ip, 449 ip igmp snooping version, 447 ip igmp vlan-snooping, 448
no ip igmp vlan-snooping, 448 ip nat, 518, 521 ip nat napt, 523 ip nat pool, 524 ip nat service, 525 ip nat service portrange, 528 ip nat static, 530 ip nat timeout, 519, 520 ip single-hop inter-vlan-routing, 532
L
lacp timeout, 259 no lacp timeout, 260
lease time, 343 link, 660
no link, 661 linkcheck, 470 lldp, 96
no lldp, 97 load tftp, 112 loadsave, 114 login authentication, 599

710

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Index

logout, 77 loopd, 701, 702
M
mac-address-table aging, 558 no mac-address-table aging, 558
mac-address-table aging-time, 556 no mac-address-table aging-time, 557
mac-address-table static multicast, 505, 544 no mac-address-table static multicast, 545
mac-address-table static multicast (VLANunaware), 510, 549 mac-address-table static unicast, 493, 546
no mac-address-table static unicast, 494, 547 mac-address-table static unicast (VLANunaware), 498, 550
no mac-address-table static unicast (VLANunaware), 499, 551 media type, 98 mgmt vlan, 217 monitor, 687 no monitor, 688 monitor barrier enabled, 689 no monitor barrier enabled, 690 monitor session destination, 690 no ... destination, 691 no ... source, 693 no monitor session, 694 source, 692 mrpinterconnection, 479 multicast-block, 99
N
name, 238, 308 no name, 239, 308
negotiation, 101 no negotiation, 102
network, 344 no agent-priority, 569 no broadcast-block, 94 no broadcast-priority, 571 no cos-remap, 574 no cos-remap enable, 575 no dot1x mac-auth, 623 no fmp, 668 no host, 357 no ip address, 327, 334 no ip dhcp relay common-agent-address, 365

no ip dhcp relay common-agent-addressinterface, 367 no ip dhcp relay remote-id, 371 no ip nat, 519, 522 no ip nat napt, 523 no ip nat pool, 525 no ip nat service, 527 no ip nat service portrange, 529 no ip nat static, 530 no ip single-hop inter-vlan-routing, 533 no linkcheck, 471 no login authentication, 600 no mac-address-table static multicast (VLANunaware), 511, 550 no mrpinterconnection, 480 no multicast-block, 100 no panel-button control-factory-defaults, 165 no panel-button control-faultmask, 166 no passive listening, 314 no passive-listening bpdu-vlan-flood, 312 no ports, 350 no priority, 244 no priority enable, 245 no private-vlan, 246 no private-vlan association, 248 no private-vlan mapping, 222 no radius-server, 605 no relay-information, 352 no ring-redundancy hrpobserver, 464 no rmon, 676 no role, 592 no sinema, 152 no smtp-server-enable, 417 no snmp engineid migrate, 389 no spanning-tree passive-listening-compatibility, 281 no spanning-tree rstp-plus, 282 no switchport mode dot1q-tunnel, 230 no switchport private-vlan host-association, 233 no switchport private-vlan mapping, 235 no unicast-block, 106 no user-account-ext, 590 no user-group, 595 no wait-for-completion, 486 noa port config, 101 ntp, 178 ntp secure, 181
no ntp secure, 182 ntp server id, 179
no ntp server id, 180 ntp server secure, 180 ntp time diff, 182

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

711

Index

O
option, 345 no option, 347
option value-string, 346 no option, 347
P
panel-button control-factory-defaults, 164 panel-button control-faultmask, 166 passive listening, 313 passive-listening bpdu-vlan-flood, 312 password, 116
no password, 117 password policy, 585 ping, 78 plug, 157 pnio, 87 pool-enable, 348
no pool-enable, 349 port, 411
no port, 412 ports, 239, 349
no ports, 241 power, 658
no power, 659 primary domain, 196 priority, 243 priority enable, 244 private-vlan, 246 private-vlan association, 247 private-vlan mapping, 222 ptp, 192, 197
no ptp, 193, 197 ptp time diff, 193 ptp transparent-clock configuration, 194 ptp transparent-clock transport-mechanism, 198
Q
qos, 567 qos-trust-mode, 577
R
radius authorization-mode, 601 radius disconnect-packet, 602
no radius disconnect-packet, 603

radius server, 603 rate-limit-output, 537
no rate-limit-output, 538 receiver-address, 414
no receiver-address, 414 redundancy, 463 relay information, 351 restart, 125 revision, 309
no revision, 310 ring ports, 472 ring redundancy, 465
no ring redundancy, 466 ring-redundancy dna-redundancy, 467
no ring-redundancy dna-redundancy, 467 ring-redundancy hrpobserver, 464 rmon, 676 rmon alarm, 677
no rmon alarm, 679 rmon collection history, 683
no rmon collection history, 684 rmon collection stats, 681
no rmon collection stats, 682 rmon event, 679
no rmon event, 680 role, 483, 591
S
save filetype, 112 schedule restart-timer, 126 scheduling mode, 578 Scope of the manual, 23 security, 415
no security, 416 send test mail, 409 sender mail-address, 407
no sender mail-address, 408 sender-address, 412
no sender address, 413 service dhcp-relay, 367
no service dhcp-relay, 368 set dot1x guest-vlan mac-addr count, 627 set dot1x mac-auth mac-addr count, 632 set gmrp, 438 set gvrp, 439, 440 set-interface, 353 severity, 656
no severity, 657 sftp filename, 121 sftp load, 121 sftp save, 122

712

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Index

sftp server, 123 show authorized-managers, 607 show broadcast-block config, 70 show cli-console-timeout, 62 show coordinates, 62 show das info, 135 show dcp forwarding, 317 show dcp server, 317 show device information, 63 show dhcp server, 359 show dot1d mac-address-table, 249, 495, 507 show dot1d mac-address-table static multicast, 250, 508 show dot1d mac-address-table static unicast mode, 250, 496 show dot1x, 619 show dot1x guest-vlan mac-info, 620 show dot1x mac-auth mac-info, 620 show dst info, 171 show environmental temperature, 63 show etherchannel, 255 show ethernetip, 64 show events config, 639 show events faults config, 640 show events faults status, 641 show events sender email, 404 show events severity, 640 show events smtp-port, 405 show events smtp-server, 404 show events syslogserver, 671 show fault counter, 643 show flow-control, 560 show fmp limit, 665 show fmp status, 666 show forward-all, 436 show forward-unregistered, 437 show hardware, 64 show history, 58 show hrp counters, 460 show in, 65 show interface transceiver details, 644 show interfaces, 66 show interfaces ... counters, 67 show interfaces etherchannel, 256 show ip arp, 427 show ip dhcp client, 330 show ip dhcp client stats, 330 show ip dhcp relay information, 360 show ip dhcp server pools, 337 show ip dhcp-server bindings, 336 show ip gateway, 316 show ip http secure server status, 423

show ip http server status, 419 show ip igmp snooping, 442 show ip igmp snooping forwarding-database, 443 show ip igmp snooping groups, 444 show ip igmp snooping mrouter, 445 show ip igmp snooping statistics, 445 show ip igmp snooping switch-ip, 446 show ip interface, 68 show ip nat, 517 show ip nat config, 514 show ip nat service, 515 show ip nat service portrange, 516 show ip nat summary, 516 show ip ssh, 430 show ip telnet, 316 show lacp, 257 show linkcheck, 461 show lldp neighbors, 69 show lldp status, 70 show loadsave files, 110 show loadsave tftp, 111 show lock port, 613 show logbook, 642 show mac-address-table, 203, 488, 501 show mac-address-table aging-status, 555 show mac-address-table aging-time, 555 show mac-address-table count, 204 show mac-address-table dynamic multicast, 205, 502 show mac-address-table dynamic unicast, 206, 489 show mac-address-table static multicast, 207, 503 show mac-address-table static unicast, 208, 490 show monitor, 686 show monitor barrier, 686 show monitor status, 685 show multicast-block config, 72, 504, 509 show noa config, 72 show ntp info, 177 show passive-listening, 311 show password-policy, 582 show plug, 156 show pnio, 68 show power-line-state, 645 show ptp info, 191 show qos agent-priority, 563 show qos broadcast-priority, 563 show qos cos-map, 564 show qos cos-remap, 565 show qos dscp-map, 565 show qos scheduling mode, 566 show qos-trust-mode, 566 show radius server, 598

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

713

Index

show radius statistics, 598 show rate-limit output, 536 show ring-redundancy, 461 show ring-redundancy manager counters, 462 show rmon, 674 show running-config, 128 show signaling contact, 168 show sinema, 151 show snmp, 374 show snmp community, 374 show snmp engineID, 375 show snmp filter, 375 show snmp group, 376 show snmp group access, 376 show snmp inform statistics, 377 show snmp notif, 377 show snmp targetaddr, 378 show snmp targetparam, 378 show snmp tcp, 379 show snmp user, 379 show snmp viewtree, 380 show sntp broadcast-mode status, 184 show sntp status, 185 show sntp unicast-mode status, 184 show spanning-tree, 261 show spanning-tree active, 262 show spanning-tree bridge, 263 show spanning-tree detail, 263 show spanning-tree interface, 264 show spanning-tree interface layer2-gatewayport, 265 show spanning-tree mst, 266 show spanning-tree mst configuration, 266 show spanning-tree mst interface, 267 show spanning-tree passive-listeningcompatibility, 268 show spanning-tree root, 269 show ssh-fingerprint, 430 show ssl server-cert, 423 show time, 171 show unicast-block config, 71, 491, 496 show unicast-mac flush config, 492, 497 show user-accounts, 583 show users, 582 show versions, 73 show vlan, 208 show vlan device info, 209, 251 show vlan learning params, 210 show vlan port config, 210 show vlan private-vlan, 211 show web-session-timeout, 161

shutdown, 103 no shutdown, 104
shutdown complete, 103 signaling contact mode, 169 signaling-contact status, 169 SIMATIC NET glossary, 26 SIMATIC NET manual, 25 sinema, 152 SMTP
no smtp-server, 407 smtp-server, 406 smtp-server-enable, 417 snmp client config, 650 no client config, 651 snmp access, 384 no snmp access, 385 snmp agent version, 383 snmp community index, 386 no snmp community index, 387 snmp engineid migrate, 388 snmp group, 390 no snmp group, 391 snmp notify, 391 no snmp notify, 392 snmp targetaddr, 393 no snmp targetaddr, 395 snmp targetparams, 396 no snmp targetparams, 398 snmp user, 400 no snmp user, 401 snmp v1-v2 readonly, 398 no snmp v1-v2 readonly, 399 snmp view, 401 no snmp view, 403 snmpagent, 381 no snmpagent, 381 snmpagent port, 382 no snmpagent port, 382 snooping report-process config-level, 450 sntp, 186 sntp client addressing-mode, 187 sntp time diff, 188 sntp unicast-server, 189 sntp unicast-server ipv4 no sntp unicast-server ipv4, 190 spanning-tree, 271 no spanning-tree, 272 spanning-tree (properties), 287 no spanning-tree, 288 spanning-tree (time settings), 284 no spanning-tree, 285

714

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

Index

spanning-tree auto-edge, 290 no spanning-tree auto-edge, 290
spanning-tree bpdufilter, 292 spanning-tree bpdu-receive, 292 spanning-tree bpdu-transmit, 291 spanning-tree compatibility, 273
no spanning-tree compatibility, 274 spanning-tree layer2-gateway-port, 293
no spanning-tree layer2-gateway-port, 294 spanning-tree limited-tcn, 304
no spanning-tree limited-tcn, 305 spanning-tree loop-guard, 294
no spanning-tree loop-guard, 295 spanning-tree mst (properties), 296
no spanning-tree mst, 297 spanning-tree mst configuration, 274 spanning-tree mst hello-time, 298
no spanning-tree mst hello-time, 299 spanning-tree mst instance-id root, 275
no spanning-tree mst instance-id root, 276 spanning-tree mst max-hops, 277
no spanning-tree mst max-hops, 278 spanning-tree mst pseudoRootId, 300
no spanning-tree mst pseudoRootId, 301 spanning-tree passive-listening-compatibility, 280 spanning-tree priority, 278
no spanning-tree priority, 279 spanning-tree restricted-role, 302
no spanning-tree restricted-role, 302 spanning-tree restricted-tcn, 303
no spanning-tree restricted-tcn, 303 spanning-tree rstp-plus, 281 spanning-tree rstp-plus mrp-intercon-domain-id, 283 speed, 105 ssh-server, 431
no ssh-server, 432 ssh-server port, 432
no ssh-server port, 433 standby connection name, 474 standby ports, 476, 477 standby wait-for-partner, 478
no standby wait-for-partner, 478 start, 617 static-lease, 354
no static-lease, 355 stop, 618 storm-control, 539
no storm-control, 540 storm-control level, 541
no storm-control level, 541 switchport acceptable-frame-type, 223
no switchport acceptable-frame-type, 224

switchport access vlan, 225 no switchport access vlan, 226
switchport ingress-filter, 552 no switchport ingress-filter, 553
switchport lock, 616 no switchport lock, 616
switchport mode, 226 no switchport mode, 228
switchport mode dot1q-tunnel, 229 switchport mode private vlan, 228 switchport priority default, 231
no switchport priority default, 231 switchport private-vlan host-association, 232 switchport private-vlan mapping, 234 switchport pvid, 235
no switchport pvid, 236 syslogserver, 662, 672
no syslogserver, 663, 673 system contact, 87 system location, 88 System manual, 25 system name, 89
T
telnet-server, 321 no telnet-server, 322
telnet-server port, 322 no telnet-server port, 323
tftp filename, 117 tftp load, 118 tftp save, 119 tftp server, 120
Downloading, 112 Saving, 112 time, 172 time dst date, 174 no time dst, 176 time dst recurring, 175 time set, 173
U
unicast-block, 106 unicast-mac flush, 107 user-account, 586
no user-account, 588 user-account-ext, 589 user-group, 593 username, 90, 595

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12

715

Index
V
vlan, 218, 254 no vlan, 219
vlan range, 220 vlan tag-priority override, 220
W
wait-for-completion, 485 web-session-timeout, 162
no web-session-timeout, 162 whoami, 584 write, 159 write startup-config, 131

716

SCALANCE XB-200/XC-200/XF-200BA/XP-200/XR-300WG Command Line Interface Configuration Manual, 10/2021, C79000-G8976-C361-12
Siemens AG Antenna House PDF Output Library 6.6.1317 (Windows (x64)); modified using iTextSharp 5.0.2 (c) 1T3XT BVBA