manualshive.com logo in svg

Siemens SCALANCE XM-400, Configuration Manual

The Siemens SCALANCE XM-400 is a high-performance industrial Ethernet switch. Enhance your network with this reliable device. Easily configure and troubleshoot with the Instructions Manual, available for free download from manualshive.com. Get all the support you need for your Siemens SCALANCE XM-400 at the touch of a button.

Share
Download
background image

Security and authentication 

 

11.4 IP access control list 

 

SCALANCE XM-400/XR-500 Command Line Interface (CLI) 

850

 

Configuration Manual, 06/2016, C79000-G8976-C252-11 

Parameter 

Description 

Range of values / note 

eq

 

Keyword for a specific port number 

(eq:equal). 

range

 

Keyword for a range of port numbers. 

Following this, the first and last port 

number of the range is specified. 

any

 

Blocks all outgoing TCP segments  

host

 

Keyword for a an individual IPv4 ad-

dress 

dest-ip-address 

Destination IPv4 address 

Enter a valid IPv4 address. 

dest-ip-address 

Network destination address 

Enter a valid combination of IPv4 

address and subnet mask. 

mask

 

Corresponding subnet mask 

dscp

 

Keyword for the Differentiated Services 

Codepoint 

value

 

Value for the Differentiated Services 

Codepoint 

0 ... 63 

ack

 

Blocks ACK segments 

rst

 

Blocks RST segments 

For information on names of addresses and interfaces, refer to the section "Interface 

identifiers and addresses (Page 42)". 

Result  

The IP access list for TCP segments has been configured. 
 

 

 

Note 
Subnet mask for individual hosts 
If you create the rule for a single system (one IPv4 address), specify the subnet mask 

"255.255.255.255". As an alternative, you can specify the keyword "host" followed by the 

IPv4 address. 

 

Further notes 

You delete an IP access control list with the 

no ip access-list standard <acl-num>

 

command. 
You display the configuration of the access control list with the 

show access-lists

 command. 

Summary of Contents for SCALANCE XM-400

Page 1: ..._______________ ___________________ ___________________ SIMATIC NET Industrial Ethernet switches SCALANCE XM 400 XR 500 Command Line Interface CLI Configuration Manual 06 2016 C79000 G8976 C252 11 Introduction 1 Description 2 Configuration 3 Functions specific to SCALANCE 4 System time 5 Network structures 6 Network protocols 7 Layer 2 management protocols 8 Layer 3 functions 9 Load control 10 Sec...

Page 2: ...e operated only by personnel qualified for the specific task in accordance with the relevant documentation in particular its warning notices and safety instructions Qualified personnel are those who based on their training and experience are capable of identifying risks and avoiding potential hazards when working with these products systems Proper use of Siemens products Note the following WARNING...

Page 3: ...6 terms 49 2 6 6 Structure of an IPv6 address 51 2 7 General CLI commands 53 2 7 1 clear screen 53 2 7 2 end 53 2 7 3 exit 54 2 7 4 do 54 2 7 5 Help functions and supported input 55 2 7 5 1 help 55 2 7 5 2 The command 56 2 7 5 3 Completion of command entries 56 2 7 5 4 Abbreviated notation of commands 57 2 7 5 5 Reusing the last used commands 57 2 7 5 6 Working through a command sequence 58 2 7 5 ...

Page 4: ...ole timeout 81 3 1 12 2 no cli console timeout 82 3 1 12 3 coordinates height 83 3 1 12 4 coordinates latitude 83 3 1 12 5 coordinates longitude 84 3 1 12 6 ethernetip 85 3 1 12 7 interface 86 3 1 12 8 no interface 87 3 1 12 9 pnio 88 3 1 12 10 system contact 89 3 1 12 11 system location 90 3 1 12 12 system name 90 3 1 12 13 username 91 3 1 13 Commands in the interface configuration mode 92 3 1 13...

Page 5: ...erver 119 3 3 Reset and Defaults 120 3 3 1 restart 120 3 4 Configuration Save Restore 122 3 4 1 write startup config 122 3 4 2 The show commands 123 3 4 2 1 show running config 123 3 4 3 Commands in the global configuration mode 126 3 4 3 1 auto save 126 3 4 3 2 no auto save 127 3 5 PoE 128 3 5 1 The show commands 128 3 5 1 1 show poe status 128 3 5 1 2 show pse status 129 3 5 2 Commands in the gl...

Page 6: ...ession timeout 147 4 2 2 2 no web session timeout 148 4 3 Panel button 148 4 3 1 Commands in the global configuration mode 148 4 3 1 1 panel button control factory defaults 149 4 3 1 2 no panel button control factory defaults 149 4 3 1 3 set panel button control faultmask 150 4 4 Signaling contact 151 4 4 1 The show commands 151 4 4 1 1 show signaling contact 151 4 4 2 Commands in the global confi...

Page 7: ... ptp 174 5 4 2 3 ptp time diff 174 5 4 2 4 ptp transparent clock configuration 175 5 4 3 Commands in the PTP Transparent Clock configuration mode 176 5 4 3 1 delay mechanism 176 5 4 3 2 primary domain 177 6 Network structures 179 6 1 VLAN 179 6 1 1 The show commands 180 6 1 1 1 show mac address table 180 6 1 1 2 show mac address table dynamic multicast 181 6 1 1 3 show mac address table dynamic un...

Page 8: ...rity default 211 6 1 3 16 switchport private vlan host association 212 6 1 3 17 no switchport private vlan host association 213 6 1 3 18 switchport private vlan mapping 213 6 1 3 19 no switchport private vlan mapping 214 6 1 3 20 switchport pvid 215 6 1 3 21 no switchport pvid 216 6 1 3 22 tia interface 217 6 1 4 Commands in the VLAN configuration mode 217 6 1 4 1 name 218 6 1 4 2 no name 218 6 1 ...

Page 9: ...ce id root 250 6 3 4 9 no spanning tree mst instance id root 251 6 3 4 10 spanning tree passive listening compatibility 251 6 3 4 11 no spanning tree passive listening compatibility 252 6 3 4 12 spanning tree priority 253 6 3 4 13 no spanning tree priority 253 6 3 4 14 Time settings for the Spanning Tree protocol 254 6 3 5 Commands in the interface configuration mode 257 6 3 5 1 spanning tree 257 ...

Page 10: ...gateway 286 7 1 1 4 show ip telnet 287 7 1 1 5 show dcp server 287 7 1 1 6 show dcp forwarding 288 7 1 1 7 show ip dns 289 7 1 1 8 show ip dns cache 289 7 1 1 9 show ip dns name server 290 7 1 1 10 show ip dns statistics 290 7 1 2 Commands in the global configuration mode 291 7 1 2 1 dcp server 291 7 1 2 2 no dcp server 292 7 1 2 3 ip echo reply 292 7 1 2 4 no ip echo reply 293 7 1 2 5 ip domain u...

Page 11: ...3 7 2 4 5 no ipv6 address dhcp 324 7 2 4 6 ipv6 address link local 324 7 2 4 7 no ipv6 address link local 325 7 2 4 8 ipv6 enable 326 7 2 4 9 ipv6 interface identifier 327 7 2 4 10 no ipv6 interface identifier 328 7 2 4 11 ipv6 nd ra lifetime 329 7 2 4 12 ipv6 nd suppress ra 329 7 2 4 13 no ipv6 nd suppress ra 330 7 3 DHCPv4 client IPv4 331 7 3 1 The show commands 331 7 3 1 1 show ip dhcp client s...

Page 12: ...etwork 353 7 5 3 3 Option IP address 355 7 5 3 4 option value string 356 7 5 3 5 no option 357 7 5 3 6 pool enable 357 7 5 3 7 no pool enable 358 7 5 3 8 ports 359 7 5 3 9 no ports 360 7 5 3 10 relay information 361 7 5 3 11 no relay information 362 7 5 3 12 set interface 363 7 5 3 13 static lease 364 7 5 3 14 no static lease 365 7 6 DHCPv4 Relay Agent IPv4 366 7 6 1 The show commands 366 7 6 1 1 ...

Page 13: ...ow snmp inform statistics 388 7 8 1 8 show snmp notif 388 7 8 1 9 show snmp targetaddr 389 7 8 1 10 show snmp targetparam 389 7 8 1 11 show snmp tcp 390 7 8 1 12 show snmp user 390 7 8 1 13 show snmp viewtree 391 7 8 2 Commands in the global configuration mode 391 7 8 2 1 snmpagent 392 7 8 2 2 no snmpagent 392 7 8 2 3 snmp agent version 393 7 8 2 4 snmp access 393 7 8 2 5 no snmp access 395 7 8 2 ...

Page 14: ... 7 11 1 The show commands 422 7 11 1 1 show ip http secure server status 422 7 11 1 2 show ssl server cert 423 7 12 ARP 423 7 12 1 The show commands 423 7 12 1 1 show ip arp 423 7 12 2 Commands in the global configuration mode 424 7 12 2 1 arp 424 7 12 2 2 no arp 425 7 12 2 3 arp timeout 426 7 12 2 4 no arp timeout 427 7 13 SSH server 428 7 13 1 The show commands 428 7 13 1 1 show ip ssh 428 7 13 ...

Page 15: ...esponse time 452 8 2 3 15 ip igmp robustness 452 8 2 3 16 no ip igmp robustness 453 8 2 3 17 ip igmp static group 454 8 2 3 18 no ip igmp static group 455 8 2 3 19 ip igmp version 455 8 2 3 20 no ip igmp version 456 8 3 IGMP snooping 457 8 3 1 The show commands 457 8 3 1 1 show ip igmp snooping 457 8 3 1 2 show ip igmp snooping forwarding database 458 8 3 1 3 show ip igmp snooping globals 458 8 3 ...

Page 16: ...no standby connection name 481 8 5 6 4 standby force master 481 8 5 6 5 no standby force master 482 8 5 6 6 standby port 482 8 5 6 7 no standby port 483 8 5 6 8 standby wait for partner 484 8 5 6 9 no standby wait for partner 485 8 6 Unicast 486 8 6 1 The show commands 486 8 6 1 1 show unicast block config 486 8 6 1 2 show mac address table dynamic unicast 487 8 6 1 3 show mac address table static...

Page 17: ...SPFv2 IPv4 512 9 2 1 The show commands 512 9 2 1 1 show ip ospf 512 9 2 1 2 show ip ospf route 513 9 2 1 3 show ip ospf database summary 513 9 2 1 4 show ip ospf database 514 9 2 1 5 show ip ospf border routers 515 9 2 1 6 show ip ospf interface 516 9 2 1 7 show ip ospf neighbor 517 9 2 1 8 show ip ospf request list 518 9 2 1 9 show ip ospf retransmission list 519 9 2 1 10 show ip ospf virtual lin...

Page 18: ... 10 no ip ospf hello interval 559 9 2 4 11 ip ospf message digest key 559 9 2 4 12 no ip ospf message digest key 560 9 2 4 13 ip ospf retransmit interval 561 9 2 4 14 no ip ospf retransmit interval 562 9 2 4 15 ip ospf transmit delay 563 9 2 4 16 no ip ospf transmit delay 563 9 2 4 17 ip ospf priority 564 9 2 4 18 no ip ospf priority 565 9 3 OSPFv3 IPv6 566 9 3 1 The show commands 567 9 3 1 1 show...

Page 19: ...9 3 4 4 no ipv6 ospf dead interval 605 9 3 4 5 ipv6 ospf hello interval 605 9 3 4 6 no ipv6 ospf hello interval 606 9 3 4 7 ipv6 ospf metric 607 9 3 4 8 no ipv6 ospf metric 608 9 3 4 9 ipv6 ospf passive interface 609 9 3 4 10 no ipv6 ospf passive interface 610 9 3 4 11 ipv6 ospf priority 610 9 3 4 12 no ipv6 ospf priority 611 9 3 4 13 ipv6 ospf retransmit interval 612 9 3 4 14 no ipv6 ospf retrans...

Page 20: ...ands 647 9 5 2 1 show vrrp3 647 9 5 2 2 show vrrp3 interface 648 9 5 2 3 show vrrp3 track 648 9 5 3 Commands in the global configuration mode 649 9 5 3 1 router vrrp3 649 9 5 3 2 no router vrrp3 650 9 5 4 Commands in the VRRP3 Router configuration mode 651 9 5 4 1 interface 651 9 5 4 2 no interface 652 9 5 4 3 track interface 653 9 5 4 4 no track interface 654 9 5 4 5 track links 655 9 5 4 6 no tr...

Page 21: ...9 6 4 1 ip rip default route originate 688 9 6 4 2 no ip rip default route originate 688 9 6 4 3 ip rip receive version 689 9 6 4 4 no ip rip receive version 690 9 6 4 5 ip rip send version 690 9 6 4 6 no ip rip send version 691 9 7 RIPng IPv6 692 9 7 1 The show commands 692 9 7 1 1 show ipv6 rip 692 9 7 1 2 show ipv6 rip filter 693 9 7 1 3 show ipv6 rip peer table status 693 9 7 1 4 show ipv6 rip...

Page 22: ...721 9 8 3 11 match next hop ip 722 9 8 3 12 no match next hop ip 723 9 8 3 13 match next hop ipv6 724 9 8 3 14 no match next hop ipv6 725 9 8 3 15 match route type 726 9 8 3 16 no match route type 727 9 8 3 17 match tag 728 9 8 3 18 no match tag 729 9 8 3 19 set metric 730 9 8 3 20 no set metric 731 9 8 3 21 set tag 731 9 8 3 22 no set tag 732 9 9 NAT IPv4 734 9 9 1 The show commands 735 9 9 1 1 s...

Page 23: ...762 9 10 3 3 router pim 763 9 10 3 4 ip pim static rp 763 9 10 3 5 no ip pim static rp 764 9 10 4 Commands in the PIM configuration mode 765 9 10 4 1 rp candidate rp address 765 9 10 4 2 no rp candidate rp address 766 9 10 4 3 rp static rp address 767 9 10 4 4 no rp static rp address 768 9 10 5 Commands in the Interface configuration mode 769 9 10 5 1 ip pim bsr candidate 769 9 10 5 2 no ip pim bs...

Page 24: ...1 10 4 Flow control 792 10 4 1 The show commands 792 10 4 1 1 show flow control 792 10 4 2 Commands in the interface configuration mode 793 10 4 2 1 flowcontrol 793 10 5 Service classes 794 10 5 1 The show commands 794 10 5 1 1 show qos cos map 794 10 5 1 2 show qos dscp map 795 10 5 1 3 show qos trust mode 795 10 5 2 Commands in the Global configuration mode 796 10 5 2 1 qos 796 10 5 3 Commands i...

Page 25: ...1 3 3 Commands in the interface configuration mode 827 11 3 3 1 mac access group 827 11 3 3 2 no mac access group 828 11 3 4 Commands in the MAC ACL configuration mode 829 11 3 4 1 permit 829 11 3 4 2 deny 831 11 4 IP access control list 833 11 4 1 The show commands 833 11 4 1 1 show access lists 833 11 4 1 2 show interface access lists 834 11 4 2 Commands in the Global Configuration mode 834 11 4...

Page 26: ...n the global configuration mode 867 11 7 2 1 dot1x guest vlan 867 11 7 2 2 no dot1x guest vlan 868 11 7 2 3 dot1x mac auth 869 11 7 2 4 no dot1x mac auth 869 11 7 3 Commands in the interface configuration mode 870 11 7 3 1 dot1x guest vlan 870 11 7 3 2 no dot1x guest vlan 871 11 7 3 3 dot1x guest vlan vlan id 871 11 7 3 4 no dot1x guest vlan vlan id 872 11 7 3 5 dot1x guest vlan reset 873 11 7 3 6...

Page 27: ... link 902 12 1 6 11 no link 903 12 2 FMP 905 12 2 1 The show commands 905 12 2 1 1 show fmp limit 905 12 2 1 2 show fmp status 906 12 2 2 Commands in the Interface Configuration mode 907 12 2 2 1 fmp 907 12 2 2 2 no fmp 908 12 2 2 3 fmp power loss 908 12 2 2 4 fmp rx power 909 12 3 Loop detection 911 12 3 1 The show commands 911 12 3 1 1 show loopd 912 12 3 1 2 show loopd interface 912 12 3 2 Comm...

Page 28: ...o monitor session 933 12 5 RMON 934 12 5 1 The show commands 934 12 5 1 1 show rmon 934 12 5 2 Commands in the global configuration mode 935 12 5 2 1 rmon 935 12 5 2 2 no rmon 936 12 5 2 3 rmon alarm 937 12 5 2 4 no rmon alarm 938 12 5 2 5 rmon event 939 12 5 2 6 no rmon event 940 12 5 3 Commands in the interface configuration mode 940 12 5 3 1 rmon collection stats 941 12 5 3 2 no rmon collection...

Page 29: ...an enable the functions with a KEY PLUG SCALANCE XM 400 SCALANCE XM408 4C SCALANCE XM408 8C SCALANCE XM416 4C The devices are available with or without routing functions For the devices without routing functions you can enable the functions with a KEY PLUG This Configuration Manual applies to the following software versions SCALANCE XR 500 firmware as of version 6 0 SCALANCE XM 400 firmware as of ...

Page 30: ... PoE power supply SCALANCE PS9230 PoE SCALANCE PS924 PoE These documents contain information on installing and connecting up and approvals for the products The following documentation is also available from SIMATIC NET on the topic of Industrial Ethernet System manual Industrial Ethernet PROFINET System manual Industrial Ethernet PROFINET Passive network components Note All these documents are ava...

Page 31: ...s of firmware version 6 0 the default user set in the factory user is no longer available when the product ships If you update a device to the firmware V6 0 the default user set in the factory user is initially still available If you reset the device to the factory settings Restore Factory Defaults and Restart the default user set in the factory user is deleted You can create new users with the ro...

Page 32: ...c state of the art industrial security concept Third party products that may be in use should also be considered For more information about industrial security visit http www siemens com industrialsecurity To stay informed about product updates as they occur sign up for a product specific newsletter For more information visit http support automation siemens com License conditions Note Open source ...

Page 33: ...rting the CLI in a Windows console Follow the steps outlined below to start the Command Line Interface in a Windows console 1 Open a Windows console and type in the command telnet followed by the IP address of the device you are configuring C telnet IP address 2 Enter your login and password As an alternative you can also enter the command telnet followed by the IP address of the device you are co...

Page 34: ...the CLI via a serial connection Follow the steps outlined below to start the Command Line Interface via a serial interface 1 Open a serial terminal program of your choice 2 Connect to the serial port of the device baud rate 115200 data parity stop 8N1 3 Enter your login and password Note When you log in via a serial interface you can only log in with a local user account ...

Page 35: ...terface Grouping of the commands in the various modes The commands of the Command Line Interface are grouped according to various modes Apart from a few exceptions help exit commands can only be called up in the mode to which they are assigned This grouping allows different levels of access rights for each individual group of commands The following graphic is an overview of the available modes ...

Page 36: ... Privileged EXEC mode 1 The exit command logs you out the Login Prompt prompt appears 2 The disable command brings you back one level from the Privileged EXEC mode to the User EXEC mode The disable command is not available in the User EXEC mode Global configuration mode In this mode you can make basic configuration settings In addition to this you can also call up modes for the configuration of sp...

Page 37: ...gent information for DHCP 5 DHCP static assignments per DHCP pool 24 Layer 2 Virtual LANs port based including VLAN 1 257 Protocol based VLAN groups 12 Protocol based VLAN groups per port 12 IPv4 subnet based VLANs 150 Private VLAN 1 Primary PVLANs 1 Secondary isolated PVLANs 24 Secondary community PVLANs 256 Multiple Spanning Tree instances 16 Link aggregations or Etherchannels each with a maximu...

Page 38: ...n an autonomous system 8 OSPFv3 neighbors 300 OSPFv3 neighbors per interface 8 OSPFv3 routes 1500 OSPFv2 interfaces authentication keysl 200 40 interfaces each with 5 keys OSPFv2 virtual links authentication keys 40 8 virtual links each with 5 keys PIM components 1 Rendezvous points 3 Candidates for rendezvous points 3 Static rendezvous points 3 Security Roles 29 Users 30 incl user preset in the f...

Page 39: ...mber of rules If you change the following parameters for commands port linked comparators are necessary gt greater than lt less than range Per port you can use 8 comparators for a transmission direction ingress egress The range parameter requires 2 comparators the parameters gt and lt each require one comparator The operator eq equal does not require any comparators ...

Page 40: ...re the placeholder is replaced by the identifier of the Interface You select the Interface by setting suitable parameters for the interface command An identifier when the Trial mode is enabled If you first test changes to the configuration and then want to discard them disable the Auto save function with the no auto save command You are then in Trial mode Changes to the configuration that you have...

Page 41: ...l description of some of these combinations below Character combinations Meaning variable Instead of the expression in parentheses enter a permitted value variable a b Instead of the expression in parentheses enter a value from the range a to b variable 1 variable 2 The parameter pair is optional If you use the parameter assignment you need to enter a permitted value to replace both expressions in...

Page 42: ...le number and the port number separated by a slash You call a Gigabit Ethernet interface on the second port of module 1 with the following command interface gigabitethernet 1 2 Addressing logical interfaces The following notation applies to all commands that address a logical interface Enter the command interface Enter the keyword for the logical interface port channel abbreviation po vlan After a...

Page 43: ...e identifiers with SCALANCE XR 500 Fixed interfaces The interfaces permanently installed in the SCALANCE XR 500 are identified with module 0 cpu0 Out of band interface Interfaces of modules The slots for modules are called module 1 and the following numbers The numbering range depends on the hardware configuration The numbering is fixed and does not depend on the number of modules being used Each ...

Page 44: ...s not only the mode but also the name of this interface The command prompt is as follows cli config if The placeholder is replaced by the following name of the interface Type of interface Command prompt cpu0 cli config if cpu0 vlan cli config if vlan port channel cli config if po gigabitethernet cli config if Gi extreme ethernet cli config if Ex Router Port cli config RPort Gi The placeholders or ...

Page 45: ... 16 Note that there must be a space before and after the MAC addresses In the syntax of the Command Line Interface a MAC address is represented as a sequence of 6 bytes in hexadecimal format in each case separated by a colon The syntax is then for example aa aa aa aa aa aa Multicast addresses Layer 2 multicast addresses as used on this device use the notation of MAC addresses For permitted address...

Page 46: ...tion in the extension header Fragmentation Host and router Only endpoint of the communication Quality of service Type of Service ToS for prioritization The prioritization is specified in the header field Traffic Class Types of frame Broadcast multicast unicast Multicast unicast anycast Identification of DHCP cli ents server Client ID MAC address DUID IAID s exactly one interface of the host DUID D...

Page 47: ...e DHCPv6 servers reply to this 3 REQUEST The DHCPv6 client requests an IPv6 address and the configuration settings from the DHCPv6 server 4 REPLY The DHCPv6 server sends the IPv6 address and the con figuration settings If the client and server support the function Rapid commit the procedure is shortened to two DHCPv6 messages SOLICIT and REPLY Stateless autoconfiguration In stateless DHCPv6 only t...

Page 48: ...f two parts The address of the sub network The address of the node generally also called end node host or network node Subnet mask The subnet mask separates these two addresses It decides which part of the IPv4 address addresses the network and which part of the IPv4 address addresses the node The set bits in the subnet mask decide the network part of the IPv4 address Example IPv4 address 140 80 0...

Page 49: ...0 Note In the bit representation of the subnet mask the ones must be set left justified in other words there must be no zeros between the ones 2 6 5 IPv6 terms Network node A network node is a device that is connected to one or more networks via one or more interfaces Router A network node that forwards IPv6 packets Host A network node that represents an end point for IPv6 communication relations ...

Page 50: ... in the LAN GUA Global Unicast Address Via this address the IPv6 interface can be reached e g via the Internet Interface ID The interface ID is formed with the EUI 64 method or manually EUI 64 Extended Unique Identifier RFC 4291 method for forming the interface ID In Ethernet the interface ID is formed from the MAC address of the interface Divides the MAC address into the manufacturer specific par...

Page 51: ...zeros within a field can be omitted The address fd00 0000 0000 ffff 02d1 7d01 0000 8f21 can also be shortened and written as follows fd00 ffff 2d1 7d01 0000 8f21 Decimal notation with periods The last 2 fields or 4 bytes can be written in the normal decimal notation with periods Example The IPv6 address fd00 ffff 125 1 0 1 is equivalent to fd00 ffff 7d01 1 Structure of the IPv6 address The IPv6 pr...

Page 52: ...he subnet identifier Prefixes and IPv6 addresses are specified in the same way as with the CIDR notation Classless Inter Domain Routing for IPv4 Design IPv6 address prefix length Example IPv6 address 2001 0db8 1234 1111 48 Prefix 2001 0db8 1234 48 Interface ID 1111 Entry and appearance The entry of IPv6 addresses is possible in the notations described above IPv6 addresses are always shown in the h...

Page 53: ... this command you clear the screen The command prompt is displayed Syntax Call the command without parameters clear screen Result The screen is cleared The command prompt is displayed 2 7 2 end Description With this command you exit the configuration mode and are then in the Privileged EXEC mode Requirement You are in a configuration mode Syntax Call the command without parameters end Result You a...

Page 54: ... EXEC Modus mode you will be logged out 2 7 4 do Description With this command you can execute the commands from the Privileged EXEC mode in any configuration mode Syntax Call up the command with the following parameters do command To do this you replace command with the command from the Privileged EXEC mode that you want to execute Example You are in the Interface configuration mode and you want ...

Page 55: ... With this command you display the help entry for a command or the command list Syntax Call up help with the following parameters help command Here you replace command with the command for which you require help If the command for which you require help consists of several words enter these words without spaces Result The syntax of the command is displayed Syntax If you call up help without parame...

Page 56: ...ng the help function a list of all commands that start with the term you have entered is created Note Output in pages With long lists the results are displayed as pages If more appears at the lower edge of the display you can move to the next page with the spacebar If the display is in pages you cannot page back You exit the page display with the q key 2 7 5 3 Completion of command entries Descrip...

Page 57: ... the command or its parts is entered This is only possible if all the parts of the abbreviated input can be assigned to exactly one command or to the parts of the command Example The show event config command can be replaced by the expression sh e c 2 7 5 5 Reusing the last used commands Description The Command Line Interface saves the last 14 commands used in a list assigned to the particular mod...

Page 58: ...lan 1 no ip address dhcp ip address 192 168 1 1 255 255 255 0 end write startup has the same effect as CLI conf t CLI config int vlan 1 CLI config if vlan 1 no ip address dhcp CLI config if vlan 1 ip address 192 168 1 1 255 255 255 0 CLI config if vlan 1 end CLI write startup 2 7 5 7 show history Description This command shows the last 14 commands you entered The commands are listed in the order i...

Page 59: ...sult The list of used commands is displayed 2 7 5 8 clear history Description This command deletes the last commands you entered Requirement You are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call the command without parameters clear history Result The last commands to be input are deleted You display a list of the last 14 commands entered with the show history command...

Page 60: ...Description 2 7 General CLI commands SCALANCE XM 400 XR 500 Command Line Interface CLI 60 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 61: ... Description This command shows the broadcast blocking settings for ports Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show broadcast block config port interface type interface id The parameters have the following meaning Parameter Description Range of values note port K...

Page 62: ...LI console Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show cli console timeout Result The configuration for the timeout is displayed 3 1 1 3 show coordinates Description This command shows the system coordinates Requirement You are in the User EXEC mode or in the Privileged EXEC mod...

Page 63: ...tion Result The information about the device is displayed 3 1 1 5 show environmental temperature Description This command shows the temperature values of internal and external modules of the device The modules are only shown if they make temperature information available If the temperature value falls below or exceeds the displayed threshold values the status changes accordingly With the event con...

Page 64: ...or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ethernetip Result The current EtherNet IP configuration is displayed 3 1 1 7 show hardware Description This command shows the type and number as well as the position of the installed interface cards of the system Requirement You are in the User EXEC mode or in the Privileged E...

Page 65: ...arameters show interface mtu vlan vlan id 1 4094 port channel port channel id 1 8 interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 port channel Keyword for a port channel connection port channel id Number of the addressed port channel 1 8 interface type Typ...

Page 66: ...alues note interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface description Shows the description of the interface stormcontrol Shows the storm control settings flowcontrol Shows the flow control settings status Shows the status of the interface vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 port c...

Page 67: ...ace id vlan vlan id 1 4094 counters The parameters have the following meaning Parameter Description Range of values note interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 For information on identifiers of addresses and interfaces refer to the sectio...

Page 68: ... 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface loopback Keyword for a loopback loopback id Number of the addressed loopback 0 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the configuratio...

Page 69: ... For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the configuration is displayed for all available IPv6 interfaces Result The configuration is displayed Further notes You enable IPv6 on the VLAN interface or on the router port with the ipv6 enable command You configure an...

Page 70: ...e section Interface identifiers and addresses Page 42 If no parameters are specified the settings for all ports are displayed Result The multicast blocking settings for ports are displayed 3 1 1 14 show pnio Description This command shows the current PROFINET configuration Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows Thiscli or cli Synta...

Page 71: ...Parameter Description Range of values note ip The destination is an IPv4 address ipv6 The destination is an IPv6 address Result The route is displayed Further notes You enable the following of the route with the traceroute command 3 1 1 16 show unicast block config Description This command shows the unicast blocking settings for ports Requirement You are in the User EXEC mode or in the Privileged ...

Page 72: ... 1 1 17 show usage Description With this command you display the CPU and RAM usage as a percentage If the usage falls below or exceeds the displayed threshold values the status changes accordingly With the event config command you can configure that you are informed of the status change by a message Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as f...

Page 73: ...e or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show versions Result The version information of the entire system is displayed 3 1 2 clear counters Description With this command you reset the counters of an interface Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli o...

Page 74: ...ounters of the interface are reset Further notes You can display the statistical information of the interfaces with the show interfaces counters command 3 1 3 clear line vty Description With this command you close a console session on the device With the forceful clear option you close a session and that is not reacting Requirement You are in the Privileged EXEC mode The command prompt is as follo...

Page 75: ...u are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call the command without parameters configure terminal Result You are now in the Global configuration mode The command prompt is as follows cli config Further notes You exit the Global configuration mode with the end command 3 1 5 disable With the commands enable and disable you temporarily change the function rights of ...

Page 76: ... as follows cli 3 1 6 enable With the commands enable and disable you temporarily change the function rights of the logged in user the login data remains unchanged Description With this command you change to the Privileged EXEC mode Requirement You are in the User EXEC mode The command prompt is as follows cli Syntax Call the command without parameters enable Result You are prompted to enter the a...

Page 77: ...the command without parameters lock Result The console is locked The system expects the entry of the password Further notes You cancel the lock by entering the Login password 3 1 8 logout Description With this command you exit the Command Line Interface If you are connected to the device via telnet the session is closed Requirement You are in the User EXEC mode or in the Privileged EXEC mode The c...

Page 78: ...mmand with the following parameters ping ip destination address size byte 0 2080 count packet_count 1 10 timeout seconds 1 100 The parameters have the following meaning Parameter Description Range of values note ip Uses an IPv4 address destination address Address of the called node Enter a valid IPv4 address or a valid host name size Keyword for the size of the packets to be transferred byte Keywo...

Page 79: ... or not another node is reachable Requirement IPv6 is enabled You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters ping ipv6 prefix interface repeat count size value anycast source vlan id source_prefix timeout value 1 100 The parameters have the following meaning Parameter Description Rang...

Page 80: ... Number of the addressed VLAN 1 4094 source_prefix Prefix of the sender timeout Response wait time If this time expires the request is reported as timed out value Time until timeout 1 100 s Default 5 Result The messages relating to the response of the called node are displayed 3 1 11 traceroute Description With this command you enable the following of the route via which the packet comes to the re...

Page 81: ... that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 3 1 12 1 cli console t...

Page 82: ... of values note seconds Time in seconds until automatic logout after the last entry 60 600 Default 300 Result The time is configured and automatic logout is enabled Further notes You disable automatic logout with the no cli console timeout command You display the current timeout setting with the show cli console timeout command 3 1 12 2 no cli console timeout Description With this command you disa...

Page 83: ...mand you enter a height coordinate Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters coordinates height meter The parameter has the following meaning Parameter Description Range of values note meter Input box for the height coordinate max 32 characters To use spaces in the entry enter the height...

Page 84: ...owing meaning Parameter Description Range of values note latitude Input box for the latitude coordinate max 32 characters To use spaces in the entry enter the latitude coordinate in quotes coordinates latitude 123 456 Result The latitude coordinate is created 3 1 12 5 coordinates longitude Description With this command you enter a longitude coordinate Requirement You are in the Global Configuratio...

Page 85: ...ther EtherNet IP will be enabled or disabled after the next device restart Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters ethernetip off on The parameters have the following meaning Parameter Description Range of values note off EtherNet IP will be disa bled after the next re start on EtherNe...

Page 86: ...nterface is displayed in the command prompt Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters interface cpu0 vlan vlan id 1 4094 port channel port channel id 1 8 interface type interface id The parameters have the following meaning Parameter Description Range of values note cpu0 The configuratio...

Page 87: ...es VLAN and port channel can be found in the table above You can only call up interfaces that you created with the vlan or channel group command The ranges of values from the physical interfaces depend on the hardware configuration Further notes You exit the Interface configuration mode with the end or exit command You delete a logical interface with the no interface command You display the status...

Page 88: ... 1 8 For information on addresses and interfaces refer to the section Addresses and interface names Page 42 Result The logical interface is deleted Further notes You configure an interface with the interface command You display the status and the configuration of the interfaces with the show interfaces command 3 1 12 9 pnio Description With this command you configure the setting for PROFINET after...

Page 89: ...OFINET is enabled or disabled after the next restart Further notes You display the current PROFINET configuration with the show pnio command You restore the default settings of the PROFINET profile with the restart command 3 1 12 10 system contact Description With this command you enter contact information for the system Requirement You are in the Global Configuration mode The command prompt is as...

Page 90: ... up the command with the following parameters system location location name The parameter has the following meaning Parameter Description Range of values note location name Input box for the location information max 255 characters Result The location information is created in the system 3 1 12 12 system name Description This command you enter a name for the system Requirement You are in the Global...

Page 91: ... mode The command prompt is as follows cli config Syntax Call up the command with the following parameters username admin password passwd The parameters have the following meaning Parameter Description Range of values note admin User name of the default user with read and write access to the con figuration data password Keyword for a password passwd Value for the password Enter the password The st...

Page 92: ...can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you...

Page 93: ... interface max 63 characters Result The interface was assigned a name Further notes You delete the name of the interface with the no alias command 3 1 13 2 no alias Description With this command you delete the name of the interface Requirement You are in the Interface Configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no alias Res...

Page 94: ...s as follows cli config if Syntax Call the command without parameter assignment broadcast block Result Broadcast frames are blocked Further notes You disable the blocking of broadcast frames with the no broadcast block command 3 1 13 4 no broadcast block Description With this command you disable the blocking of broadcast frames on an interface Requirement You are in the Interface configuration mod...

Page 95: ...plex mode since they have a fiber for each transmission direction With this command you configure the duplex mode of an interface The same mode must be set for connected interfaces Requirement Autonegotiation is disabled You are in the Interface configuration mode of an electrical interface The command prompt is as follows cli config if Syntax Call up the command with the following parameters dupl...

Page 96: ...nterface to the default value The default value is full Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no duplex Result The duplex mode of the Interface is reset to the default value Further notes You configure the duplex mode of the interface with the duplex command 3 1 13 7 lldp Description With th...

Page 97: ... Default enabled Note Enabling both options When you call this command you can only select one option If you want to enable both options call up the command again Result Sending or receipt of LLDP packets is enabled Further notes You disable the sending or receipt of LLDP packets with the no lldp command 3 1 13 8 no lldp Description With this command you disable the sending or receipt of LLDP pack...

Page 98: ...e both options call up the command again Result Sending or receipt of LLDP packets is disabled Further notes You enable the sending or receipt of LLDP packets with the lldp command 3 1 13 9 media type Description With this command you configure the mode of a combo port Note This command only influences combo ports If you attempt to configure a different port with this command an error message will...

Page 99: ...o rj45 The rj45 mode is enabled for the combo port In this mode the fixed RJ 45 port is used independent of the SFP trans ceiver port If an SFP transceiver is plugged in it is disabled and the power turned off sfp The sfp mode is enabled for the com bo port In this mode the SFP transceiver port is used independent of the fixed RJ 45 port If an RJ 45 connection is established it is terminated becau...

Page 100: ...s note frame size Size of the MTU in bytes 64 9216 Default 1514 Result The setting for the size of the MTU is configured Further notes You can shut down the interface with the shutdown command You display this setting with the show interface mtu command You display this setting and other information with the show interfaces command 3 1 13 11 multicast block Description With this command you enable...

Page 101: ... are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no multicast block Result The blocking of multicast frames is disabled Further notes You enable the blocking of multicast frames with the mulitcast block command 3 1 13 13 negotiation Description With this command you enable autonegotiation of connection para...

Page 102: ...negotiation Description With this command you disable autonegotiation of connection parameters on an interface Requirement You are in the Interface Configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no negotiation Result The automatic negotiation of connection parameters on an interface is deactivated Further notes You enable the autonegoti...

Page 103: ...ter advertisement block Result The port discards RAs Further notes Can you allow reception of RAs with the no router advertisement block command 3 1 13 16 no router advertisement block Description With this command you allow Router Advertisements RA being received at a port Requirement The interface is an IPv6 interface You are in the Interface configuration mode The command prompt is as follows c...

Page 104: ...if Syntax Call the command without parameters shutdown Result The Interface is shut down A connection continues to be indicated if a switch port is turned off The LED for the port status flashes 3 times cyclically However no data is sent or received Further notes You activate the interface with the no shutdown command You can display the status of this function and other information with the show ...

Page 105: ...u configure the transmission speed of an interface The transmission speed can only be configured for electrical data transfer On optical connections the transmission speed is fixed Requirement Autonegotiation is disabled You are in the Interface configuration mode of an electrical interface The command prompt is as follows cli config if Syntax Call up the command with the following parameters spee...

Page 106: ...if Syntax Call the command without parameters switchport Result The interface is configured as a switch port Activate the interface again Further notes You shut down the interface with the shutdown command You activate the interface with the no shutdown command You configure the interface with the no switchport command You can display the status of this function and other information with the show...

Page 107: ...tivate the interface again with the no shutdown command Further notes You shut down the interface with the shutdown command You activate the interface with the no shutdown command You configure the interface as a switch port with the switchport command You can display the status of this function and other information with the show ip interfacecommand 3 1 13 22 unicast block Description With this c...

Page 108: ...t block config 3 1 13 23 no unicast block Description With this command you disable the blocking of unknown unicast frames on an interface Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no unicast block Result The blocking of unicast frames is disabled Further notes You enable the blocking ...

Page 109: ...k EDS Electronic Data Sheet EDS Electronic data sheets for describing devices in the EtherNet IP mode Firmware The firmware is signed and encrypted This ensures that only firmware created by Siemens can be downloaded to the device GSDML PROFINET information on the device properties HTTPSCert Default HTTPS certificates including key The preset and automatically created HTTPS certificates are self s...

Page 110: ...u created in the WBM You can down load this file and upload it in other devices 3 2 1 The show commands This section describes commands with which you display various settings 3 2 1 1 show loadsave files Description This command shows the current Load Save file information Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Ca...

Page 111: ...encrypted This ensures that only firmware created by Siemens can be downloaded to the device Description With this command you load the files from a TFTP server Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters load tftp ipv4 ucast_addr fqdn name FQDN ipv6 ip6_addr port tcp p...

Page 112: ...d filename Name of the file Maximum of 100 characters filetype Keyword for the file type to be loaded filetype Name of the file type Maximum of 100 characters For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 For information on the file types refer to this list Page 109 Result The file is loaded on the device from the TFTP s...

Page 113: ...ver via which the TFTP connection runs tcpport Number of the port 1 65535 file Keyword for a file name to be assigned filename Name of the file Maximum of 100 characters For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 For information on the file types refer to this list Page 109 Result The file is saved on the TFTP server ...

Page 114: ...AVE configuration mode This section describes commands that you can call up in the LOADSAVE configuration mode In the Global Configuration mode enter the loadsave command to change to this mode You display the valid file types for the commands in the LOADSAVE Configuration mode with the global command show loadsave tftp If you exit the LOADSAVE configuration mode with the exitcommand you return to...

Page 115: ...ange of values note showfiles Shows the available files filetype Keyword for the file type to be deleted filetype Name of the file type max 100 characters Result The files are displayed or the file is deleted Further notes With the show loadsave files command you can display the file types 3 2 5 2 password Description With this command you activate and configure the password for a file Requirement...

Page 116: ...the file is configured and activated Further notes You disable the password with the no password command 3 2 5 3 no password Description With this command you disable the password for a file Requirement You are in the LOADSAVE configuration mode The command prompt is as follows cli config loadsave Syntax Call up the command with the following parameters no password showfiles filetype filetype The ...

Page 117: ... the LOADSAVE configuration mode The command prompt is as follows cli config loadsave Syntax Call up the command with the following parameters tftp filename showfiles filetype filetype name filename The parameters have the following meaning Parameter Description Range of values note showfiles Shows the available files filetype Keyword for a file type to be assigned a name filetype Name of the file...

Page 118: ...les Requirement The name of the file is specified You are in the LOADSAVE configuration mode The command prompt is cli config loadsave Syntax Call up the command with the following parameters tftp load showfiles filetype filetype The parameters have the following meaning Parameter Description Range of values note showfiles Shows the available files filetype Keyword for a file type to be loaded fil...

Page 119: ...mmand with the following parameters tftp save showfiles filetype filetype The parameters have the following meaning Parameter Description Range of values note showfiles Shows the available files filetype Keyword for a file type to be loaded filetype Name of the file type max 100 characters Result The file types are displayed or the file is copied Further notes You configure the name of the file wi...

Page 120: ...icast ad dress port Keyword for the port of the server via which the TFTP connection runs tcp port Number of the port 1 65535 For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The settings for the access to the selected TFTP server are configured 3 3 Reset and Defaults This section describes commands for restarting th...

Page 121: ... the Primary Setup Tool or using DHCP With the appropriate attachment a previously correctly config ured device can cause circulating frames and therefore the failure of the data traffic pnio Restores the default settings of the PROFINET IO profile and restarts the device The profiles provide a preconfiguration for various use cases of the devices When you start a device with the default settings ...

Page 122: ...e use of this command is required in the Trial mode It can also be used in auto save mode Requirement The Trial mode is activated You are in the Privileged EXEC mode The command prompt is cli Syntax Call the command without parameter assignment write startup config Result The changes are saved in the configuration file Use the restart command without parameters to restart the system with this conf...

Page 123: ...port channel port channel id 1 8 interface type interface list vlan vlan id 1 4094 ssh ssl acl ip snmp radius rmon igmp sntp http broadcast blocking multicast blocking locked port auto logout time ntp auto save panel button cos map dscp map output rate limit unicast blocking ospf vrrp loopd events redundancy passive umac nat fmp pim router advertisement blocking all The parameters have the followi...

Page 124: ...of the Internet Protocol snmp Shows the configuration settings of the Simple Network Management Protocol radius shows the configuration settings of the Remote Authentication Dial In User service rmon Shows the configuration settings of the Remote Monitoring function igmp Shows the configuration settings of the Internet Group Management Protocol sntp Shows the configuration settings of the Simple N...

Page 125: ...gs of loop detection events Shows the configuration settings of the events redundancy Shows the configuration settings of the redundancy passive Shows the configuration settings of passive listening umac Shows the configuration settings of the user configuration nat Shows the configuration settings of the Network Address Translation fmp Shows the configuration settings of the Fiber Monitoring prot...

Page 126: ...o test changes made to the configuration so that you can discard them afterwards if necessary you can disable the auto save function You are then in the Trial mode Changes to the configuration that you have not saved are indicated by an asterisk in front of the command prompt cli You save the changes to the configuration with the write startup config command With the auto save command you enable t...

Page 127: ...e Global Configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no auto save Result The auto save function is disabled The Trial mode is activated Further notes You enable the function with the auto save command You can display the status of this function and other information with the show device informationcommand You save changes to the configu...

Page 128: ...The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show poe status interface interface type interface id The parameters have the following meaning Parameter Description Range of values note interface Keyword for a an interface description interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the...

Page 129: ...arameter the entries are displayed for all available PSEs Result The current settings of the PoE power supply of the device are displayed 3 5 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can b...

Page 130: ...value of the class is used If the value used is exceeded the device is turned off Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters poe pse integer 1 4 MaximumPower integer 1 90 The parameters have the following meaning Parameter Description Range of values note integer Number of the PSE 1 4 int...

Page 131: ... value for the parameter Maximum Power with the poe pse MaximumPower command 3 5 2 3 poe pse usage Description With this command you set a value as a percentage for the Usage Threshold parameter This specifies how many percent of the maximum power the connected devices will use As soon as the power being used by the end devices exceeds this percentage an event is triggered An event is also entered...

Page 132: ...efault 80 Result The value for Usage Threshold is configured 3 5 2 4 no poe pse usage Description With this command you reset the parameter Usage Threshold to the default value Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no poe pse integer 1 4 usage The parameter has the following meaning ...

Page 133: ...guration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode Note The interface is a Gigabit Ethernet interface 3 5 3 1 poe active Description With this command you activate PoE for the interfa...

Page 134: ...ows cli config if Syntax Call the command without parameters no poe active Result PoE is deactivated for the corresponding interface 3 5 3 3 poe custom maxpwr Description With this command you set the maximum power that a port makes available to supply a connected device This value is taken into account when the function is enabled with the poe custom maxpwr active command Requirement You are in t...

Page 135: ...he poe custom maxpwr active command You disable the user defined maximum power for the interface with the no poe custom maxpwr active command You delete the user defined maximum power for the interface with the no poe custom maxpwr command 3 5 3 4 no poe custom maxpwr Description With this command you delete the user defined maximum power for a port Requirement You are in the Interface Configurati...

Page 136: ...ith this command you enable use of the user defined maximum power for the interface Requirement You are in the Interface Configuration mode of a PoE interface The command prompt is as follows cli config if Syntax Call the command without parameters poe custom maxpwr active Result The user defined maximum power is enabled for the relevant interface Further notes You configure the user defined maxim...

Page 137: ...r defined maximum power for an interface with the poe custom maxpwr command You enable the use of the user defined maximum power with the poe custom maxpwr active command 3 5 3 7 poe type Description This command specifies a character string that describes a connected device in greater detail Requirement You are in the Interface configuration mode of a PoE interface The command prompt is as follow...

Page 138: ...erface Configuration mode of a PoE interface The command prompt is as follows cli config if Syntax Call the command without parameters no poe type Result The description of the corresponding device is deleted 3 5 3 9 poe prio Description With this command you specify the priority of the power supply for an interface Requirement You are in the Interface configuration mode of a PoE interface The com...

Page 139: ...riority are given preference If the same priority is set for two ports the port with the lower number will be preferred when necessary Result The priority of the corresponding interface has been specified 3 5 3 10 no poe prio Description With this command you set the priority of an interface to the default value low Requirement You are in the Interface configuration mode of a PoE interface The com...

Page 140: ...eactivated Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show nfc active status Result The status of the NFC function is displayed 3 6 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mo...

Page 141: ... Syntax Call the command without parameter assignment nfc active Result NFC is activated Further notes You deactivate NFC with the no nfc active command You display the status i e whether the NFC function is activated or deactivated with the command show nfc active status 3 6 2 2 no nfc active Description With this command you deactivate NFC Requirement You are in the Global Configuration mode The...

Page 142: ...ine Interface CLI 142 Configuration Manual 06 2016 C79000 G8976 C252 11 Result NFC is deactivated Further notes You activate NFC with the nfc active command You display the status i e whether the NFC function is activated or deactivated with the command show nfc active status ...

Page 143: ...addition to the configuration the KEY PLUG also contains a license that enables the use of certain functions This section describes commands relevant for working with the C PLUG or KEY PLUG 4 1 1 The show commands This section describes commands with which you display various settings 4 1 1 1 show plug Description This command shows the current information of the PLUG Requirement You are in the Us...

Page 144: ... be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 4 1 2 1 plug Description With this command you change to the Plug Configuration mode Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call the comma...

Page 145: ... exit the Plug Configuration mode with the end command you return to the Privileged EXEC mode 4 1 3 1 factoryclean Description With this command you delete the device configuration stored on the PLUG Requirement There is a device configuration on the PLUG You are in the Plug Configuration mode The command prompt is cli config plug Syntax Call the command without parameters factoryclean Result The ...

Page 146: ...If no entry is made for a specific time the WBM session is closed This section describes commands relevant for the configuration of this feature 4 2 1 The show commands This section describes commands with which you display various settings 4 2 1 1 show web session timeout Description This command shows the timeout setting for the WBM Requirement You are in the User EXEC mode or in the Privileged ...

Page 147: ...en in the Privileged EXEC mode again 4 2 2 1 web session timeout Description With this command you enable the automatic logoff and you configure the timeout setting for the WBM Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters web session timeout seconds 60 3600 The parameter has the following m...

Page 148: ...off with the web session timeout command You display the current timeout setting with the show web session timeout command 4 3 Panel button This section describes the commands relevant for working with the Panel Button function 4 3 1 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the conf...

Page 149: ...d prompt is as follows cli config Syntax Call the command without parameter assignment panel button control factory defaults Result The function of the SELECT SET button for restarting with factory settings is enabled Further notes You disable this function with the no panel button control factory defaults command 4 3 1 2 no panel button control factory defaults Description With this command you d...

Page 150: ...le the following function of the SELECT SET button If display mode D fault mask is displayed and the button is pressed for 5 12 seconds the fault mask is set This function corresponds to calling the power and link down commands Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters set panel button c...

Page 151: ...e in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show signaling contact Result The current configuration of the signaling contact is displayed 4 4 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter ...

Page 152: ...r Description conventional An error fault is displayed by the fault LED and the signaling contact is opened When the error fault state no longer exists the fault LED goes off and the signaling contact is closed aligned The way the signaling contact works does not depend on the error fault that has occurred The signaling contact can be opened or closed as required by user actions Result The reactio...

Page 153: ...153 Syntax Call up the command with the following parameters signaling contact status open close The parameters have the following meaning Parameter Description open Signaling contact is opened close Signaling contact is closed Result The signaling contact is opened or closed Further notes You display the setting with the show signaling contact command ...

Page 154: ...Functions specific to SCALANCE 4 4 Signaling contact SCALANCE XM 400 XR 500 Command Line Interface CLI 154 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 155: ... commands with which you display various settings 5 1 1 1 show time Description This command shows the settings of the system clock Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show time Result The settings for the system clock are displayed 5 1 1 2 show dst info Description This comm...

Page 156: ...n mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged ...

Page 157: ...stem time is obtained from an SNTP server SINEC The system time is obtained using the SIMATIC time protocol ptp_tc_client The system time is obtained with the Precision Time Protocol PTP from a grandmaster clock The following devices support time of day synchronization using PTP SCALANCE XR528 6M SCALANCE XR552 12M Result The method of obtaining the system time is configured Further notes You disp...

Page 158: ...arameter Description Range of values note hh mm ss Time of day Hour minute second each sepa rated by no link day Day of the month 1 31 Month january february march april may june july august septem ber october november decem ber year Year 2000 2035 Result The system time is set Further notes You display the settings for the system clock with the show time command 5 1 2 3 time dst date Description ...

Page 159: ...ime MMDDhh Time for the start of daylight saving time Time in the format MM Month DD Day hh Hour end Keyword for the end of daylight saving time MMDDhh Time for the end of daylight saving time Time in the format MM Month DD Day hh Hour Result The entry for the start and end of daylight saving time was created Further notes You display the settings for the daylight saving time changeover with the s...

Page 160: ...dar week in a month weekday Weekday monday tuesday wednesday thursday friday saturday sunday month Month january february march april may june july august septem ber october november decem ber hour Hour 0 23 end Keyword for the end of daylight saving time Result The entry for the start and end of daylight saving time was created Further notes You display the settings for the daylight saving time c...

Page 161: ...ing time was were deleted Further notes You display the settings for the daylight saving time changeover with the show dst info command 5 2 NTP Client This section describes commands relevant for configuration of the NTP client 5 2 1 The show commands This section describes commands with which you display various settings 5 2 1 1 show ntp info Description This command shows the current settings fo...

Page 162: ...er topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 5 2 2 1 ntp Description With this command you change to the Network Time Protocol NTP Requirement You are in the Global configuration mode The command prompt is as follows cli config Sy...

Page 163: ...up the command with the following parameters ntp server id integer 1 3 ipv4 ip_addr fqdn name Fully Qualified Domain Name ipv6 ip6_addr port 1025 36564 default poll seconds 64 1024 The parameters have the following meaning Parameter Description Range of values note integer Number of the NTP server 1 3 ipv4 Keyword for an IPv4 address ip_addr Value for the IPv4 address of the time server Enter a va...

Page 164: ...TP client Requirement You are in the NTP configuration mode The command prompt is as follows cli config ntp Syntax Call up the command with the following parameters no ntp server integer 1 3 The parameter has the following meaning Parameter Description Range of values note integer Number of the NTP server 1 3 Result The connection to a server is deleted on the NTP client Further notes You configur...

Page 165: ...TP server time zone Time zones to the east of the NTP server time zone hh Number of hours difference mm Number of minutes difference Enter the number of hours and number of minutes with two digits each Default No time difference Result The time difference between the device and the NTP server is configured 5 3 SNTP Client This section describes commands relevant for configuration of the SNTP clien...

Page 166: ...gs of SNTP are displayed 5 3 1 2 show sntp broadcast mode status Description This command shows the current configuration of the broadcast mode of SNTP Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show sntp broadcast mode status Result The current SNTP broadcast configuration is displ...

Page 167: ... section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode a...

Page 168: ...the Global configuration mode enter the sntp command to change to this mode If you exit the SNTP configuration mode with the exit command you return to the Global configuration mode If you exit the SNTP configuration mode with the end command you return to the Privileged EXEC mode 5 3 3 1 sntp client addressing mode Description With this command you configure the addressing mode of the SNTP client...

Page 169: ...w sntp status command You display the settings for the unicast mode with the show sntp unicast mode status command You display the settings for the broadcast mode with the show sntp broadcast mode status command 5 3 3 2 sntp time diff Description With this command you configure the time difference of the system time relative to the UTC time Requirement The SNTP server must have started up You are ...

Page 170: ...ation with the show sntp statuscommand 5 3 3 3 sntp unicast server Description With this command you configure an SNTP unicast server Requirement The addressing mode of the SNTP client is configured as unicast You are in the SNTP Configuration mode The command prompt is cli config sntp Syntax Call up the command with the following parameters sntp unicast server ipv4 ucast_addr fqdn name FQDN ipv6 ...

Page 171: ...econdary Keyword to store the second SNTP server If you do not specify this parame ter the first SNTP server is stored Result The SNTP unicast server is configured Further notes You can reset the setting to the default with the no sntp unicast server command You display this setting and other information with the show sntp unicast mode status command 5 3 3 4 no sntp unicast server Description With...

Page 172: ...address of the time server Enter a valid IPv6 address Result The SNTP unicast server is reset to the default value Further notes You configure the setting with the sntp unicast server command You display this setting and other information with the show sntp unicast mode status command 5 4 PTP Client The following devices support time of day synchronization using PTP SCALANCE XR528 6M SCALANCE XR55...

Page 173: ...on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The current settings for the Precision Time Protocol PTP are displayed 5 4 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Co...

Page 174: ...s command you disable the Precision Time Protocol for the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ptp Result The Precision Time Protocol is disabled 5 4 2 3 ptp time diff Description With this command you set the time zone for the Precision Time Protocol Requirement You are in the Global c...

Page 175: ...and minutes specified in the format HH MM Result The time zone for the Precision Time Protocol is specified 5 4 2 4 ptp transparent clock configuration Description With this command you change to the PT Transparent Clock configuration mode Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment ptp transp...

Page 176: ...e end command you return to the Privileged EXEC mode 5 4 3 1 delay mechanism Description With this command you specify which correction mechanism the Precision Time Protocol uses Requirement You are in the PTP Transparent Clock configuration mode The command prompt is as follows cli config ptp tc Syntax Call up the command with the following parameters delay mechanism end to end peer to peer The p...

Page 177: ...he primary domain Requirement You are in the PTP Transparent Clock configuration mode The command prompt is as follows cli config ptp tc Syntax Call up the command with the following parameters primary domain domain id 0 255 The parameter has the following meaning Parameter Description Range of values note domain id The identifier of the primary domain 0 255 Result The primary domain is specified ...

Page 178: ...System time 5 4 PTP Client SCALANCE XM 400 XR 500 Command Line Interface CLI 178 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 179: ...y for transfer Security The transition between VLANs can only be controlled by an administrator Aggregation of interfaces or connections between devices to increase the data transmission rate and reliability link aggregation port aggregation Detection and monitoring of parallel connections or loops in an Ethernet network by setting up a tree structure loop detection Improved reliability by adaptin...

Page 180: ...ot communicate with each other via layer 2 Community Secondary PVLAN Devices within a community secondary PVLAN can communicate with each other directly via layer 2 The devices cannot communicate with devices in other communities of the PVLAN via layer 2 6 1 1 The show commands This section describes commands with which you display various settings 6 1 1 1 show mac address table Description This c...

Page 181: ...es and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the entries are displayed for all available interfaces Result The entries of the MAC addresses table are displayed 6 1 1 2 show mac address table dynamic multicast Description This command shows the table with the dynamic multicast MAC addresses assigned by ...

Page 182: ...tifiers and addresses Page 42 If you do not select any parameter from the parameter list the entries are displayed for all available interfaces Result The dynamic multicast MAC addresses are displayed 6 1 1 3 show mac address table dynamic unicast Description This command shows the table with the dynamic unicast MAC addresses assigned by the device Requirement You are in the User EXEC mode or in t...

Page 183: ... unicast MAC addresses are displayed 6 1 1 4 show mac address table static multicast Description This command shows the table with the static multicast MAC addresses Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show mac address table static multicast vlan vlan range addr...

Page 184: ...pt is as follows cli or cli Syntax Call up the command with the following parameters show mac address table static unicast vlan vlan range address aa aa aa aa aa aa interface interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan range Number of the addressed VLAN 1 4094 address Keyword for a MAC addr...

Page 185: ...e command with the following parameters show mac address table count vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 If you do not select any parameter from the parameter list the total number of entries is displayed for all VLANs Result The number of MAC addresse...

Page 186: ...the switch max 32 characters For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list all entries are displayed Result The entries of the subnet VLAN table are displayed 6 1 1 8 show vlan Description This command shows the specific information for all or a selected VLAN Requireme...

Page 187: ...splayed 6 1 1 9 show vlan device info Description This command shows all the global information that is valid for all VLANs Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show vlan device info Result The global information is displayed 6 1 1 10 show vlan learning params Description This...

Page 188: ...isplayed 6 1 1 11 show vlan port config Description This command shows the VLAN specific information for ports Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show vlan port config port interface type interface id The parameters have the following meaning Parameter Descript...

Page 189: ...ws cli or cli Syntax Call up the command with the following parameters show vlan private vlan pvlan type The parameter has the following meaning Parameter Description Range of values note pvlan type Shows brief information about all VLANs primary isolated community If you do not select any parameter from the parameter list the entries of all available types are displayed Result The information for...

Page 190: ...the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 6 1 2 1 interface range Description With this command you can put several interfaces or the interfaces of V...

Page 191: ... you must insert a blank before and after the hyphen for example interface range vlan 5 10 Result The interfaces or interfaces of VLANs were put together to form an interface range The command prompt is as follows cli config if vlan range The configuration commands you enter in a mode apply to all interfaces of this area Further notes With the no interface range command you remove VLANs from this ...

Page 192: ...e range vlan 5 10 Result The VLANs have been removed from the specified interface area Further notes With the interface range command you can put several interfaces or VLANs together to be able to configure them together 6 1 2 3 map protocol Description With this command you assign a protocol to a protocol group Requirement You are in the Global configuration mode The command prompt is as follows ...

Page 193: ...otocol group Group id integer Number of the group decimal 1 100 Result The protocol group is created Further notes You delete the protocol group with the no map protocol command You can display the status of this function and other information with the show vlan protocols group command 6 1 2 4 no map protocol Description With this command you delete a protocol from all protocol groups Requirement ...

Page 194: ... other aa aa IPV6 86 DD LLDP 88 CC PTP IEEE1588 88 F7 EAP 802 1X 88 8E enet v2 Frame structure is Ethernet II Result The protocol is removed from all protocol groups Further notes You create the protocol group with the map protocol command You can display the status of this function and other information with the show vlan protocols group command 6 1 2 5 protocol vlan Description With this command...

Page 195: ...vlan Description With this command you disable the protocol based classification on all interfaces Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no protocol vlan Result The classification is disabled Further notes You enable the setting with the protocol vlan command You can display the status of this fun...

Page 196: ...her notes You disable the setting with the no subnet vlan command You can display the status of this function and other information with the show vlan device info command You configure IPv4 subnet based VLAN with the map subnet command 6 1 2 8 no subnet vlan Description With this command you disable IPv4 subnet based VLAN on all interfaces Requirement You are in the Global Configuration mode The c...

Page 197: ...ommand is used to create user service and backbone VLANs Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters vlan vlan id 1 4094 The parameter has the following meaning Parameter Description Range of values note vlan id Number of the addressed VLAN 1 4094 Do not enter any leading zeros with the nu...

Page 198: ...e following parameter no vlan vlan id 1 4094 Parameter Description Range of values note vlan id Number of the addressed VLAN 1 4094 The VLAN with number 1 cannot be deleted Result The VLAN is deleted Further notes With the vlan command you create a VLAN on the device You can display information about the VLAN with the show vlan command 6 1 2 11 vlan range Description With this command you can sele...

Page 199: ...s you enter with this command prompt apply to all selected VLANs Further notes With the command exit you return to the Global configuration mode 6 1 3 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the i...

Page 200: ...or a VLAN connection vlan id Number of the addressed VLAN 1 4094 mask Subnet mask aaa bbb ccc ddd arp Keyword ARP protocol suppress Suppress the ARP protocol allow Allow the ARP protocol For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameters from the parameter list the default value is used Result Th...

Page 201: ...ter a valid subnet address For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IPv4 subnet was removed Further notes You configure the setting with the map subnet command You can display the status of this function and other information with the show subnet vlan mapping command 6 1 3 3 private vlan mapping Description Wit...

Page 202: ...face of the primary PVLAN can be reached from the selected secondary PVLANs Further notes You delete the link between secondary PVLANs and the IP interface of the primary PVLAN with the command no private vlan mapping You display this setting with the show interfaces command with the private vlan mapping parameter 6 1 3 4 no private vlan mapping Description With this command you delete the link be...

Page 203: ... this command you configure which types of frames are accepted Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters switchport acceptable frame type all tagged The parameters have the following meaning Parameter Description Range of values note all All frames are accepted Note On a ring port ...

Page 204: ... mode The command prompt is as follows cli config if Syntax Call the command without parameters no switchport acceptable frame type Result The setting is reset to the default value Further notes You configure the setting with the switchport acceptable frame type command You can display the status of this function and other information with the show vlan port configcommand 6 1 3 7 switchport access...

Page 205: ...d the corresponding VLAN ID is set Further notes You can reset the setting to the default with the no switchport access vlan command You display the setting and other information with the show vlan port config command 6 1 3 8 no switchport access vlan Description With this command you reset the setting for the port VLAN identifier PVID for an interface to the default value The default value is 1 R...

Page 206: ...configured You are in the Interface configuration mode The command prompt is cli config if Syntax Call up the command with the following parameters switchport map protocols group group id 0 2147483647 vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note group id Number of the group 0 2147483647 vlan Keyword for a VLAN connection vlan id Number of...

Page 207: ...all up the command with the following parameters no switchport map protocols group group id 0 2147483647 The parameter has the following meaning Parameter Description Range of values note group id Number of the group 0 2147483647 Result The assignment is deleted Further notes You assign a protocol group and a VLAN to an interface with the switchport map protocols group command You can display the ...

Page 208: ... automatically en tered at the trunk port With a trunk port the VLAN assignment is dynamic Static configurations can only be created if in addition to the trunk port property the port is also entered statically as a member in the VLANs involved An example of a static configuration is the assignment of the multicast groups in certain VLANs If you execute the acceptable frame type all command at the...

Page 209: ...es You configure the operating mode with the switchport mode command You display this setting and other information with the show vlan port config command You configure the interface as a switch port with the switchport command 6 1 3 13 switchport mode private vlan Description With this command you specify the operating mode for the private VLAN port Requirement The interface is configured as a sw...

Page 210: ...sult The operating mode for the private VLAN port is configured Further notes You display this setting and other information with the show vlan port config command You configure the interface as a switch port with the switchport command You configure a host port with the switchport private vlan host association command You configure a promiscuous port with the switchport private vlan mapping comma...

Page 211: ...n port config command 6 1 3 15 no switchport priority default Description With this command you reset the priority default for the interface to the default value The default value is 0 Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no switchport priority default Result The setting is reset to the def...

Page 212: ... a host port You are in the Interface configuration mode The command prompt is cli config if Syntax Call up the command with the following parameters switchport private vlan host association primary vlanId 1 4094 secondary vlanId 1 4094 The parameters have the following meaning Parameter Description Range of values note primary vlanId VLAN ID of the primary PVLAN 1 4094 secondary vlanId VLAN ID of...

Page 213: ...te vlan host association Result The configuration is deleted Further notes You configure a host port with the switchport private vlan host association command You display this setting and other information with the commands show vlan port config show vlan and show vlan private vlan You configure the interface as a host port with the command 6 1 3 18 switchport private vlan mapping Description With...

Page 214: ... note primary_vlan_id VLAN ID of the primary PVLAN 1 4094 add Adds secondary PVLANs remove Removes secondary PVLANs secondary_vlan_list VLAN ID of the secondary PVLAN 1 4094 Separate the PVLANs with commas if you specify several PVLANs Result The interface is configured Further notes You delete the configuration with the no switchport private vlan mapping command You display this setting and other...

Page 215: ... commands show vlan port config show vlan and show vlan private vlan You configure the interface as a promiscuous port with the switchport mode command 6 1 3 20 switchport pvid Description With this command you assign an interface to a VLAN and configure the port VLAN identifier PVID for it If a received frame has no VLAN tag it has a tag added with the VLAN ID specified here and is sent according...

Page 216: ...witchport pvid Description With this command you reset the setting for the port VLAN identifier PVID for an interface to the default value The default value is 1 Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no switchport pvid Result The setting is reset to the default value Further notes You config...

Page 217: ...vely for the specified VLAN The function was disabled on the other interfaces Further notes Note that only one VLAN interface can become the TIA interface 6 1 4 Commands in the VLAN configuration mode This section describes commands that you can call up in the VLAN Configuration mode In the Global Configuration mode enter the vlan command to change to this mode When doing this you need to replace ...

Page 218: ...Call up the command with the following parameters name vlan name The parameter has the following meaning Parameter Description Range of values note vlan name Name that will be assigned to the VLAN max 32 characters Result The VLAN is assigned a name Further notes You delete name assignment for a VLAN with the no name command 6 1 4 2 no name Description With this command you delete the name assignm...

Page 219: ...terface is added permanently to the list of incoming and outgoing connections Tagged and untagged frames are transferred Untagged Port The interface transfers untagged frames If the VLAN ID PVID is set incoming untagged frames are given a tag with the VLAN ID specified there Received frames with a VLAN ID are forwarded according to the VLAN ID With outgoing frames the tag with the VLAN ID is remov...

Page 220: ...or speed of the interface Enter a valid interface a b 0 c Port no of the interface port channel Keyword for a port channel a b c d Port no of the interface Enter a valid interface name untagged Keyword for interfaces or ports that transfer data packets without VLAN marking all Specifies that all interfaces or ports are set to untagged forbidden Keyword for forbidden interfaces or ports name Keywor...

Page 221: ...cription With this command you remove ports from a VLAN Requirement You are in the VLAN configuration mode The command prompt is as follows cli config vlan Syntax Call up the command with the following parameters no ports interface type 0 a b 0 c interface type 0 a b 0 c port channel a b c d all untagged interface type 0 a b 0 c interface type 0 a b 0 c port channel a b c d all forbidden interface...

Page 222: ...ts name Keyword for the name assignment vlan name Name of the VLAN max 32 characters For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The ports are removed from the VLAN configuration Further notes It is possible to remove individual ports from a VLAN configuration without needing to rewrite the entire configuration in con...

Page 223: ...LAN The secondary PVLAN has a specific VLAN ID community With this type you define a secondary PVLAN The devices in this secondary PVLAN can com municate with each other via layer 2 The second ary PVLAN has a specific VLAN ID Result The PVLAN is defined and the PVLAN type specified Further notes You delete the configuration as a private VLAN with the no private vlan command You display this settin...

Page 224: ...guration mode The command prompt is cli config if Syntax Call up the command with the following parameters private vlan association add remove secondary_Vlan_list The parameters have the following meaning Parameter Description Range of values note add Adds a secondary PVLAN remove Removes a secondary PVLAN second ary_Vlan_list Number of the secondary PVLAN Separate the PVLANs with commas if you sp...

Page 225: ...ociation You display this setting with the command You configure a an interface as a primary PVLAN with the private vlan command 6 1 4 9 transparent vlan Description With this command you change a VLAN to the transparent mode Ports that were assigned to this VLAN as members or untagged members now become transparent ports This means the following The port VLAN ID of the transparent ports is set to...

Page 226: ... vlan Syntax Call the command without parameters transparent vlan Result The VLAN is changed to transparent mode Further notes All ports that were not members or untagged members in the relevant VLAN are automatically set to the Forbidden status after the command executes As long as a VLAN is configured as a transparent VLAN the ports belonging to this VLAN cannot be modified Note that only one VL...

Page 227: ...sparent ports remains set to the ID of this VLAN All other ports remain marked as forbidden in this VLAN Further notes You enable the setting with the transparent vlan command 6 2 Link aggregation This section describes commands that configure or manage the bundling of interfaces or connections between devices 6 2 1 The show commands This section describes commands with which you display various s...

Page 228: ... the settings of a Channel Group protocol Specification of the protocol set for a Channel Group If you do not select any parameters from the parameter list the settings of all channels will be displayed in detail Result The Etherchannel settings are displayed 6 2 1 2 show interfaces etherchannel Description This command shows the interface specific information for a port channel Requirement You ar...

Page 229: ...forwarding are overwritten with the configured values of the link aggregation 6 2 1 3 show lacp Description This command shows the information about the settings and information about the ports involved in the link aggregation The number of sent and received packets is also displayed Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cl...

Page 230: ...n 6 2 2 1 port channel load balance Description With this command you configure the load balancing policy for the interconnected ports of the previously defined port channels Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters port channel load balance mac src dst ip mac src dst port channel index...

Page 231: ...d port channels to the default The default value is src dest mac Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no port channel load balance port channel index 1 8 The parameter has the following meaning Parameter Description Range of values note port channel index Number of the port channel ...

Page 232: ...e end command you return to the Privileged EXEC mode 6 2 3 1 channel group Description With this command you add an interface to an Etherchannel Requirement With the interface po channel group id 1 8 command you have already generated a logical interface for an Etherchannel You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with th...

Page 233: ...ve The negotiation of a connection via LACP is started when an LACP packet arrives from the connection partner Result The Etherchannel is configured 6 2 3 2 no channel group Description With this command you remove the interface from an Etherchannel Requirement You are in the interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no c...

Page 234: ...ould take particular care because a bad configuration of this function can have serious negative affects on the network 6 3 1 The show commands This section describes commands with which you display various settings 6 3 1 1 show spanning tree Description This command shows the settings of the spanning tree function Requirement You are in the User EXEC mode or in the Privileged EXEC mode The comman...

Page 235: ...e detail show spanning tree interface show spanning tree root show spanning tree mst 6 3 1 2 show spanning tree active Description This command shows the settings for the active ports of the spanning tree function Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show spannin...

Page 236: ...e MAC address of the bridge forward time Shows the time that the bridge is in the listening mode when changing from the blocking mode to the learning mode hello time Shows the time after which the bridge sends configuration frames BPDUs id Shows the ID of the bridge max age Shows the maximum age of the data packet after which it is deleted protocol Shows the protocol used priority Shows the priori...

Page 237: ...llowing parameters show spanning tree interface interface type interface id cost priority portfast rootcost restricted role restricted tcn state stats detail The parameters have the following meaning Parameter Description Range of values note interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface cost Shows the port costs used to c...

Page 238: ...escription This command shows the settings of Layer 2 Gateway Port L2GP For example the priority the MAC address and the status of L2GP are displayed Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show spanning tree interface interface type interface id layer2 gateway port...

Page 239: ...ax Call up the command with one of the following parameter assignments show spanning tree mst instance id 1 64 4094 detail The parameters have the following meaning Parameter Description Range of values note instance id Number of the instance or range of instances whose settings are displayed 1 64 4094 detail Shows detailed information about the selected interface Result The settings for the spann...

Page 240: ...e Spanning Tree protocol are displayed Further notes You display the general settings for the Spanning Tree Protocol with the show spanning tree command 6 3 1 9 show spanning tree mst interface Description This command shows port specific settings of a Multiple Spanning Tree configuration Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli ...

Page 241: ...time Shows the intervals at which the root switch sends its Hello message to the other switches detail Shows detailed information about the selected interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The port specific settings are displayed Further notes You display the general settings for the Spanning Tree Protoc...

Page 242: ...aces refer to the section Interface identifiers and addresses Page 42 Result The setting for the Enhanced Passive Listening Compatibility function is displayed Further notes You enable the Enhanced Passive Listening Compatibility function with the spanning tree passive listening compatibility command You disable the Enhanced Passive Listening Compatibility function with the no spanning tree passiv...

Page 243: ...Result The settings of the root bridge for the spanning tree function are displayed 6 3 2 clear spanning tree detected protocols Description With this command you restart the protocol transmission process on a specific or on all interfaces and force renegotiation of the connection settings with the neighboring devices Requirement You are in the Privileged EXEC mode The command prompt is as follows...

Page 244: ...ment You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters clear spanning tree counters Result The spanning tree counters are reset 6 3 4 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the config...

Page 245: ...The command prompt is as follows cli config Syntax Call the command without parameters spanning tree Result The spanning tree function is enabled Further notes As default the function is enabled You disable the spanning tree function with the no spanning tree command You can display the status of this function and other information with the show spanning tree detail command You can display informa...

Page 246: ...ow spanning tree active command 6 3 4 3 spanning tree compatibility Description With this command you configure the compatibility version of the protocol that will be used by the spanning tree function Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters spanning tree compatibility stp rst mst The ...

Page 247: ...with the show spanning tree active command 6 3 4 4 no spanning tree compatibility Description With this command you reset the compatibility version of the protocol of the spanning tree function to the default value The default value is MST Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no spanning tree com...

Page 248: ...e The command prompt is as follows cli config Syntax Call the command without parameters spanning tree mst configuration Result You are now in the MSTP configuration mode The command prompt is as follows cli config mst Further notes You exit the MSTP configuration mode with the end or exit command 6 3 4 6 spanning tree mst max hops Description With this command you configure the maximum number of ...

Page 249: ...ther notes You can reset the setting for the maximum number of nodes to the default with the no spanning tree mst max hops command You display this setting and other information with the show spanning tree mst configuration command 6 3 4 7 no spanning tree mst max hops Description With this command you reset the maximum number of hops that a path in an MST can run through to the default value The ...

Page 250: ...dary The parameters have the following meaning Parameter Description Range of values note instance id Keyword for the instance instance id Number of the instance 1 64 primary The priority of the device is set to a low value so that the device can become the root bridge primary of the Spanning Tree instance The lower the value the higher the priority The priority is set to the value 24576 secondary...

Page 251: ...er Description Range of values note instance id Keyword for the instance instance id Number of the instance 1 64 Result The root bridge function is disabled Further notes You enable the root bridge function with the spanning tree mst instance id root command You display this setting and other information with the commands that start with show spanning tree 6 3 4 10 spanning tree passive listening ...

Page 252: ... with the show spanning tree passive listening compatibilitycommand 6 3 4 11 no spanning tree passive listening compatibility Description With this command you disable the Enhanced Passive Listening Compatibility function Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment no spanning tree passive lis...

Page 253: ...ng tree mst instance id 1 64 priority value 0 61440 The parameters have the following meaning Parameter Description Range of values note mst Keyword for a Multiple Spanning Tree instance instance id Number of the instance 1 64 priority Keyword for the priority value Value for the priority 0 61440 Default 32768 You can only change the value for the priority in the steps of 4096 Result The priority ...

Page 254: ... device is reset to the default value Further notes You configure the setting with the spanning tree priority command You display this setting and other information with the commands that start with show spanning tree 6 3 4 14 Time settings for the Spanning Tree protocol spanning tree time settings Description With this command you configure the various time settings of the spanning tree function ...

Page 255: ... for the time after which a port changes its spanning tree status from Blocking to Forwarding seconds Time after which the changeover takes place 4 30 Default 15 hello time Keyword for the time after which the bridge sends its configuration BPDUs seconds Time after which they are sent 1 2 Default 2 max age Keyword for the time after which the information of the BPDUs becomes invalid seconds Maximu...

Page 256: ...meter you reset the time settings of the spanning tree function to the default values If you call the command without parameters you disable the spanning tree function The configured time settings are retained If you call the restart factory command the system restarts with the factory configuration settings All rime settings are reset The default values are as follows Parameter Default value forw...

Page 257: ...mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 6 3 5 1 spanning tree Description With this command you configure the various properties of the spanning tree function With the cost option you configure the port costs used to calculate the lowest cost path With the disable...

Page 258: ...he lowest cost path 0 200000000 Default if dynamic calculation of the path costs is not enabled 200000 for physical interfaces 199999 for port channels disable disables the interface for spanning tree Default The spanning tree function is enabled on the interface link type Connection status of the following network segment point to point shared Default point to point The connection is configured a...

Page 259: ...rious properties of the spanning tree function to the default value The default values are as follows Parameter Default value cost if dynamic calculation of the path costs is not enabled 200000 for physical interfaces 199999 for port channels disable The spanning tree function is enabled on the interface link type point to point The connection is configured as full duplex shared in all other cases...

Page 260: ...properties call the command several times Result The selected setting was reset to the default value Further notes You configure the setting with the spanning tree command properties You display these settings and other information with the commands that start with show spanning tree 6 3 5 3 spanning tree mst Description With this command you configure the various properties of the Multiple Spanni...

Page 261: ...ority of the interface 0 240 in steps of 16 Default 128 disable disables the interface for multiple spanning tree Default The Multiple Spanning Tree func tion is enabled on the interface Note Configure multiple properties With each call of the command you can configure precisely one property If you want to configure several properties call the command several times Result The selected property is ...

Page 262: ...rity disable The parameters have the following meaning Parameter Description Range of values note instance id Number of the addressed instance 1 64 cost Keyword for the costs of the port for calculating the lowest cost path port priority Keyword for the priority of the interface disable Enables the interface for multiple spanning tree Note Configure multiple properties With each call of the comman...

Page 263: ... if Syntax Call the command without parameters spanning tree auto edge Result The automatic discovery of a bridge on the interface is enabled Further notes The automatic discovery of a bridge on the interface is disabled with the no spanning tree auto edge command 6 3 5 6 no spanning tree auto edge Description With this command you disable automatic discovery of a bridge connected to the interface...

Page 264: ...ansmit status at the port Requirement You are in the Interface Configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters spanning tree bpdu transmit enabled disabled The parameters have the following meaning Parameter Description Range of values note enabled BPDU packets are transmitted at the port Default enabled disabled BPDU packe...

Page 265: ...pdu receive enabled disabled The parameters have the following meaning Parameter Description Range of values note enabled BPDU packets are received at the port Default enabled disabled BPDU packets are ignored at the port Result The BPDU receive status is enabled or disabled Further notes You can display the status of this function and other information with the show spanning tree interface comman...

Page 266: ...d for the port Result The BPDU transmit status is configured 6 3 5 10 spanning tree layer2 gateway port Description With this command you configure a port as a layer 2 gateway port Requirement You are in the Interface Configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters spanning tree layer2 gateway port Result The port is configured as a laye...

Page 267: ... tree layer2 gateway port Result The configuration of the port as a layer 2 gateway port is deleted Further notes You configure a port as a layer 2 gateway port with the commandspanning tree layer2 gateway port You can display other information with the show spanning tree interface command with the detail option 6 3 5 12 spanning tree loop guard Description This function prevents alternative ports...

Page 268: ...tion and other information with the following commands show spanning tree detail show spanning tree active detail show spanning tree interface 6 3 5 13 no spanning tree loop guard Description This function prevents alternative ports or root ports becoming designated ports if there is a disruption of a one way link With this command you disable the function Requirement You are in the Interface conf...

Page 269: ...ith this command you prevent the port adopting the role of root port Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters spanning tree restricted role As default the function is disabled Result The port is prevented from adopting the role of root port Further notes You cancel the lock with the no spanning...

Page 270: ...root port Further notes You prevent the port adopting the role of the root port with the spanning tree restricted role command 6 3 5 16 spanning tree restricted tcn Description With this command you restrict the port for the Topology Change Notification TCN function The port cannot initiate any modifications to the network topology Requirement You are in the Interface configuration mode The comman...

Page 271: ...t You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no spanning tree restricted tcn Result The port is released for the TCN function Further notes You restrict the port for the TCN function with the spanning tree restricted tcn command 6 3 5 18 spanning tree mst hello time Description With this command you configur...

Page 272: ...ther notes You can reset the setting for the hello time to the default with the no spanning tree mst hello time command You display this setting and other information with the commands that start with show spanning tree 6 3 5 19 no spanning tree mst hello time Description With this command you reset the hello time after which the bridge sends its configuration BPDUs to the default value The defaul...

Page 273: ... You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters spanning tree mst instance id pseudoRootId priority value 0 61440 mac address ucast_mac The parameters have the following meaning Parameter Description Range of values note mst Keyword for a spanning tree instance instance id Number of the instance 1 ...

Page 274: ...lows The priority is configured to the priority of the device The MAC address is configured to the MAC address of the device Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters no spanning tree mst instance id 1 64 pseudoRootId The parameters have the following meaning Parameter Description ...

Page 275: ...and you return to the Privileged EXEC mode 6 3 6 1 instance Description With this command you assign a range of VLANs to an MST instance Requirement You are in the MSTP configuration mode The command prompt is as follows cli config mst Syntax Call up the command with the following parameters instance instance id 1 64 vlan vlan range The parameters have the following meaning Parameter Description R...

Page 276: ...llows cli config mst Syntax Call up the command with the following parameters no instance instance id 1 64 vlan vlan range The parameters have the following meaning Parameter Description Range of values note instance id Number of the MST instance 1 64 vlan Keyword for a VLAN connection vlan range Range of VLANs that will be deleted from the instance enter the range limts with a hy phen or blank If...

Page 277: ...on name The parameter has the following meaning Parameter Description Range of values note region name Name of the MST region max 32 characters The default value of the name is the MAC address of the device Result The name is configured Further notes You delete the name of the MST region with the no namecommand You display this setting and other information with the show spanning tree mst configur...

Page 278: ... name of the MST region with the name command You display this setting and other information with the show spanning tree mst configuration command 6 3 6 5 revision Description With this command you assign a revision number to the MST region Requirement You are in the MSTP Configuration mode The command prompt is as follows cli config mst Syntax Call up the command with the following parameters rev...

Page 279: ...ommand 6 3 6 6 no revision Description With this command you reset the revision number of the MST region to the default value The default value is 0 Requirement You are in the MSTP Configuration mode The command prompt is as follows cli config mst Syntax Call the command without parameters no revision Result The revision number of the MST region is reset to the default value Further notes You assi...

Page 280: ...ollows cli or cli Syntax Call up the command with the following parameters show passive listening Result disabled is displayed if passive listening is disabled If passive listening is enabled enabled is displayed 6 4 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal ...

Page 281: ...cli config Syntax Call the command without parameters passive listening bpdu vlan flood As default the function is enabled Result BPDUs for specific VLANs Further notes You disable this function with the no passive listening bpdu vlan flood command You display the status of passive listening with the show passive listening command 6 4 2 2 no passive listening bpdu vlan flood Description With this ...

Page 282: ...with the show passive listening command 6 4 2 3 passive listening Description This command enables passive listening Requirement Note No simultaneous operation with spanning tree Passive listening can only be enabled when spanning tree is disabled You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters passive listening Result...

Page 283: ... disables passive listening Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no passive listening Result The passive listening function is disabled Further notes You enable passive listening with the passive listening command You display the status of passive listening with the show passive listening command...

Page 284: ...Network structures 6 4 Passive Listening SCALANCE XM 400 XR 500 Command Line Interface CLI 284 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 285: ...oute Description This command shows the routes currently being used Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ip route ip address mask connected ospf static summary The parameters have the following meaning Parameter Description Range of values note ip address Th...

Page 286: ...addresses Page 42 Result The IPv4 routing table is displayed 7 1 1 2 show ip static route Description This command shows the routes that were generated statically Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip static route Result The static routes are displayed 7 1 1 3 show ip g...

Page 287: ...uirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip telnet Result The admin status and the port number of the Telnet server are displayed 7 1 1 5 show dcp server Description This command shows whether or not the DCP function is enabled on the device If the DCP function is enabled the re...

Page 288: ...the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show dcp forwarding port interface type interface id The parameters have the following meaning Parameter Description Range of values note port Keyword for a an interface description interface type Type or speed of the interface Enter a valid interfa...

Page 289: ...s cli or cli Syntax Call the command without parameters show ip dns Result Information on the DNS client is displayed 7 1 1 8 show ip dns cache Description This command shows the content of the DNS cache The DNS cache buffers replies of the DNS server for a brief time This allows other queries for the same name to be replied to directly without sending another query to the DNS server Requirement Y...

Page 290: ...ileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip dns name server Result The table with the information about the DNS servers is displayed 7 1 1 10 show ip dns statistics Description This command shows DNS statistics It provides information about the type and number of queries to the DNS server Requirement You are in the User EXEC mode ...

Page 291: ... and are then in the Privileged EXEC mode again 7 1 2 1 dcp server Description With this command you configure the read and write permissions for the DCP server and enable it Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters dcp server read only read write The parameters have the following meani...

Page 292: ...lt The DCP server is disabled Further notes You enable and configure the DCP server with the dcp server command 7 1 2 3 ip echo reply Description To check the availability of a network node packets of the Internet Control Message Protocol ICMP can be sent to it These packets of type 8 request the recipient to send a packet back to the sender echo reply With this command you enable the network node...

Page 293: ...mmand you stop the network node reacting to ping queries Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip echo reply Result ICMP echo reply messages are disabled The network node does not react to ping queries Further notes You change the setting with the ip echo reply command 7 1 2 5 ip domain used se...

Page 294: ...values note learned only The device uses only the DNS servers assigned by DHCP manually only The device uses only the manually con figured DNS servers A maximum of three DNS servers can be configured all The device uses all available DNS serv ers Result The device uses the DNS servers specified in the configuration 7 1 2 6 ip domain lookup Description This command enables the DNS client of the dev...

Page 295: ...ax Call the command without parameters no ip domain lookup Result The DNS client of the device is disabled 7 1 2 8 ip name server Description This command specifies an IP address of a DNS server You can configure up to 3 servers If there is more than one server you can specify the order in which the servers are queried To allow this the optional parameter index is available The server with the low...

Page 296: ... the DNS server 1 3 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP address and if specified the index for a DNS server have been set 7 1 2 9 no ip name server Description With this command you delete required DNS server Requirement You are in the Global Configuration mode The command prompt is as follows cli confi...

Page 297: ...all up the command with the following parameters ip route prefix mask next hop distance 1 255 The parameter has the following meaning Parameter Description Range of values note prefix Specifies the IP address or the address range specify a valid IP address mask Specifies the subnet mask used for prefix Use decimal notation enter a valid subnet mask next hop Specifies the IP address to which the se...

Page 298: ...te prefix mask next hop distance 1 255 The parameter has the following meaning Parameter Description Range of values note prefix Specifies the IP address or the address range specify a valid IP address mask Specifies the subnet mask used for prefix Use decimal notation enter a valid subnet mask next hop specifies the IP address to which the selected addresses were forwarded specify a valid IP addr...

Page 299: ...rface Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters ip routing Result The routing function is enabled Further notes You disable the function with the no ip routing command You display the setting with the show ip route command 7 1 2 13 no ip routing Description With this command you disable IPv4 routing f...

Page 300: ...fig Syntax Call the command without parameters no ip routing Result IPv4 routing is disabled Further notes You enable the function with the ip routing command You display the setting with the show ip route command 7 1 2 14 telnet server Description With this command you enable the Telnet server Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax ...

Page 301: ...t You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no telnet server Result The Telnet server is disabled Further notes You enable the Telnet server with the telnet server command 7 1 3 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode De...

Page 302: ... DHCP was disabled with the no ip address command You are in the Interface configuration mode of VLAN or a router port The command prompt is as follows cli config if vlan or with a router port cli config RPort if Int Syntax Call up the command with the following parameters ip address ip address subnet mask prefix length 0 32 secondary The parameters have the following meaning Parameter Description...

Page 303: ...ess command You display this setting and other information with the show ip interface command 7 1 3 2 ip address dhcp Description With this command the interface obtains the IPv4 address via DHCP Requirement You are in the Interface configuration mode of VLAN or a router port The command prompt is as follows cli config if vlan or with a router port cli config RPort if Int Syntax Call the command w...

Page 304: ...Pv4 address of the interface that will be deleted Enter a valid IPv4 address dhcp Specify this parameter if you want to disable the DHCP function explicitly For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result If DHCP was enabled on this interface DHCP is now disabled Any existing dynamically learned IPv4 address will be autom...

Page 305: ...ng behavior of the interface for DCP frames Note PROFINET configuration Since DCP is a PROFINET protocol the configuration created here is only effective with the VLAN associated with the TIA interface Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters dcp forwarding block forward The param...

Page 306: ... counters to zero Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment clear ipv6 traffic Result The statistics counters have been reset Further notes You display the statistics with the show ipv6 traffic command 7 2 2 The show commands This section describes commands with which you...

Page 307: ...command without parameter assignment show ipv6 neighbors Result The IPv6 neighbors table is displayed Further notes You configure a static entry with the ipv6 neighbor command 7 2 2 2 show ipv6 pmtu Description This command shows the settings for Path MTU Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command wit...

Page 308: ...ommand prompt is as follows cli or cli Syntax Call the command without parameter assignment show ipv6 route Result The IPv6 routing table is displayed Further notes You configure a static entry with the ipv6 route command 7 2 2 4 show ipv6 route summary Description This command shows a summary of the IPv6 routes Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command p...

Page 309: ... interface type interface id hc The parameters have the following meaning Parameter Description Range of values note interface Keyword for the interface via which the statistics are created VLAN Interface vlan Keyword for a VLAN vlan id Keyword for a VLAN connection 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface hc D...

Page 310: ...he command without parameters show ipv6 static route Result The static routes are displayed 7 2 3 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can ...

Page 311: ...dress of the neighbor node Enter a valid IPv6 address vlan Keyword for a VLAN connection id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface MAC ADDRESS Link layer address MAC address of the neighbor node xx xx xx xx xx xx For information on names of addresses and interfaces refer to the se...

Page 312: ... node Enter a valid IPv6 address vlan Keyword for a VLAN connection id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface MAC ADDRESS Link layer address MAC address of the neighbor node xx xx xx xx xx xx For information on names of addresses and interfaces refer to the section Interface ident...

Page 313: ...bytes 0 65535 Default 1500 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The maximum packet size is configured Further notes You display the configuration with the show ipv6 pmtu command You disable the maximum packet size with the no ipv6 path mtu command You enable the PMTU Discovery function with the command ipv6 pat...

Page 314: ... the configuration with the show ipv6 pmtu command You configure the maximum packet size with the ipv6 path mtu command 7 2 3 5 ipv6 path mtu discover Description With this command you enable the PMTU Discovery function The function automatically determines the optimum packet size along the path Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax...

Page 315: ...mmand prompt is as follows cli config Syntax Call the command without parameters no ipv6 path mtu discover Result The PMTU Discovery function is disabled Further notes You enable the PMTU Discovery function with the command ipv6 path mtu discover You display the settings with the show ipv6 pmtu command 7 2 3 7 ipv6 route Description With this command you configure a static entry in the IPv6 routin...

Page 316: ...6 address to which the selected addresses will be forwarded Enter a valid IPv6 address vlan Keyword for a VLAN connection id Number of the addressed VLAN 1 4094 administrative distance Value for the administrative distance 0 65535 Default 1 unicast Addressing mode unicast interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For i...

Page 317: ...fix from left to right 1 128 bits 128 The node host itself NextHop IPv6 address to which the selected addresses will be forwarded Enter a valid IPv6 address vlan Keyword for a VLAN connection id Number of the addressed VLAN 1 4094 administrative distance The value for the administrative distance 0 65535 Default 1 unicast Addressing mode unicast short The value for the administrative distance 0 655...

Page 318: ...t You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment ipv6 unicast routing Result IPv6 routing is enabled Further notes You disable the IPv6 routing with the no ipv6 unicast routing command You display the IPv6 routing table with the show ipv6 route command 7 2 3 10 no ipv6 unicast routing Description With this c...

Page 319: ...us command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode wit...

Page 320: ...stores IPv6 prefix of the DHCPv6 server under this name Enter the prefix name Requirement Prefix delegation is ena bled prefix ipv6prefix IPv6 address Enter a valid IPv6 address prefix Len prefix_length Number of bits belonging to the prefix from left to right 1 128 bits 64 With EUI 64 128 The node host and with link local addresses unicast Addressing mode unicast anycast Addressing mode anycast e...

Page 321: ...You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters no ipv6 address prefix prefix Len unicast anycast eui64 The parameters have the following meaning Parameter Description Range of values note prefix IPv6 address Enter a valid IPv6 address prefix Len Number of bits belonging to the prefix from left to r...

Page 322: ...refix is not used by a PD sub client interface Requirement IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 address dhcp stateful pd PD Name 128 rapid commit The parameters have the following meaning Parameter Description Range of values note st...

Page 323: ...Description With this command you enable DHCPv6 The interface however only obtains the configuration setting via DHCPv6 Requirement IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment ipv6 address dhcp Result The interface only obtains the configuration set...

Page 324: ...ommand prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 address dhcp Result DHCPv6 is disabled Further notes You enable DHCPv6 with the ipv6 address dhcp command You configure the interface as a router port with the no switchport command You show the setting with the show ipv6 dhcp interface command You can display the statistics of the DHCPv6 client ...

Page 325: ...local address Specify a valid link local address fe80 XXXX XXXX XXXX XXXX For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The link local address is assigned to the interface Further notes You delete the link local address with the no ipv6 address link local command You display this setting and other information with the s...

Page 326: ...section Interface identifiers and addresses Page 42 Result The link local address is deleted Further notes You assign a link local address to an interface with the ipv6 address link local command You display this setting and other information with the show ipv6 interface command 7 2 4 8 ipv6 enable Description With this command you enable IPv6 on the interface As default IPv6 is disabled Requireme...

Page 327: ...v6 interface identifier Description With this command you configure the interface ID The interface ID uniquely identifies the IPv6 interface on the link Along with the prefix the interface ID forms the IPv6 address see Structure of an IPv6 address Page 51 Requirement DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command promp...

Page 328: ...and you delete the interface ID Requirement IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters no ipv6 interface identifier prefix The parameter has the following meaning Parameter Description Range of values note prefix Interface ID Enter an interface...

Page 329: ...ode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 nd ra lifetime LifeTime 0 9000 The parameter has the following meaning Parameter Description Range of values note LifeTime Lifetime 0 9000 Default 1800 Result The lifetime is configured Further notes You display this setting and other information with the show ipv6 interface command 7 2...

Page 330: ... distributed Further notes You enable IPv6 routing with the ipv6 unicast routing command You display this setting and other information with the show ipv6 interface command You enable the distribution of IPv6 router advertisement packets with the command no ipv6 nd suppress ra 7 2 4 13 no ipv6 nd suppress ra Description With this command you enable the distribution of IPv6 router advertisement pac...

Page 331: ...th the command ipv6 nd suppress ra 7 3 DHCPv4 client IPv4 This section describes commands of the Dynamic Host Configuration Protocol DHCP 7 3 1 The show commands This section describes commands with which you display various settings 7 3 1 1 show ip dhcp client stats Description With this command you display the statistical counters of the DHCP client Requirement You are in the User EXEC mode or i...

Page 332: ...the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 7 3 2 1 ip dhcp config file request Description...

Page 333: ...ile request option with the no ip dhcp config file request command 7 3 2 2 no ip dhcp config file request Description With this command you disable the DHCP config file request option Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip dhcp config file request Result The DHCP config file request option is...

Page 334: ...ig Syntax Call up the command with the following parameters ip dhcp client mode mac client id client id sysname pnio name of station The parameters have the following meaning Parameter Description Range of values note mac The client registers with its MAC ad dress client id The client registers with the assigned ID client id Name of the assigned ID max 32 characters sysname The client registers wi...

Page 335: ... dhcp Description This command shows the DHCPv6 configuration Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ipv6 dhcp Result The configuration is displayed 7 4 1 2 show ipv6 dhcp interface Description This command shows the DHCPv6 configuration and the DHCPv6 information...

Page 336: ... VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The information is displayed 7 4 1 3 show ipv6 dhcp pd sub client interfaces Description This command shows the configuration of the DHCPv6 ...

Page 337: ... the Interface configuration mode with the end command you return to the Privileged EXEC mode 7 4 2 1 ipv6 dhcp authentication client Description With this command you configure the HMAC MD5 function for authentication of DHCP messages Requirement DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli ...

Page 338: ... setting with the show ipv6 dhcp interface command 7 4 2 2 ipv6 dhcp client information refresh minimum Description With this command you configure the interval after which the DHCP client refreshes the configuration parameters Requirement DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config i...

Page 339: ...3 no ipv6 dhcp client information refresh minimum Description With this command you reset the interval to the default value Requirement DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 dhcp client information refresh minimum R...

Page 340: ... Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 dhcp client option user class string 1 128 vendor class string 1 128 vendor specific string 1 128 The parameters have the following meaning Parameter Description Range of values note user class Keyword for user class string User class Enter the required user cl...

Page 341: ... have the following meaning Parameter Description Range of values note user class User class Enter the required user class vendor class Vendor class Enter the required vendor class vendor specific Name of the vendor specific configuration Enter the required name Result The required setting is removed Further notes You configure the setting with the ipv6 dhcp client option command 7 4 2 6 ipv6 dhcp...

Page 342: ...parameters ipv6 dhcp client reconfig accept Result The option DHCP reconfig accept is enabled Further notes You disable the option with the no ipv6 dhcp client reconfig accept command 7 4 2 7 no ipv6 dhcp client reconfig accept Description With this command you enable the DHCP reconfig accept option Requirement DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the I...

Page 343: ...nt DHCPv6 Is activated IPv6 is activated The interface is an IP interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 dhcp client request dns server address domain name sntp server address option code 1 100 The parameters have the following meaning Parameter Description Range of values note...

Page 344: ...n mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters no ipv6 dhcp client request dns server address domain name sntp server address option code 1 100 The parameters have the following meaning Parameter Description Range of values note dns server address IPv6 address of the DNS server domain name Domain name sntp server address IPv6 address ...

Page 345: ... if Syntax Call up the command with the following parameters ipv6 dhcp client id type llt en ll The parameters have the following meaning Parameters Description Range of values note llt DUID is based on the link local address and a time stamp en DUID is assigned by the vendor en enterprise number ll DUID is based on the link local address Result The DUID is specified Further notes You enable DHCPv...

Page 346: ...note interface type Type or speed of the interface Enter a valid interface interface id Slot no and port no of the interface For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP interface is assigned Further notes You enable the function DHCPv6 client with the ipv6 address dhcp command You configure the DUID with ...

Page 347: ...ow ip dhcp server bindings Result The information is displayed 7 5 1 2 show ip dhcp server pools Description The command shows the DHCP server configuration of a specific IPv4 address band or all IPv4 address bands Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ip dhc...

Page 348: ... in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 7 5 2 1 ip dhcp server Description With this command you enable the DHCP server on the device Note To avoid conflicts with IPv4 addresses only one device may be configured as a DHCP server in the network Requireme...

Page 349: ...ent no ip dhcp server Result The DHCP server is disabled Further notes You enable the DHCP server with the ip dhcp server command 7 5 2 3 ip dhcp server icmp probe Description With this command you enable the function Probe address with ICMP echo before offer The DHCP server checks whether or not the IPv4 address has already been assigned If no reply is received the DHCP server can assign the IPv4...

Page 350: ...ithout parameter assignment no ip dhcp server icmp probe Result The function is disabled Further notes You enable the function with the ip dhcp server icmp probe command 7 5 2 5 ip dhcp server pool Description With this command you have three options of changing to the DHCPPOOL configuration mode and to assign an interface to the IPv4 address band 1 If you call the command ip dhcp server pool with...

Page 351: ... as follows cli config Syntax Call up the command with the following parameters ip dhcp server pool pool id 1 24 vlan vlan id 1 4094 interface type interface id The parameters have the following meaning Parameter Description Range of values note pool id ID of the addressed IPv4 address band 1 24 vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type of i...

Page 352: ...e following meaning Parameter Description Range of values note pool id ID of the addressed IPv4 address band 1 24 Result The required IPv4 address band is deleted Further notes You create an IPv4 address band with the ip dhcp server poolcommand 7 5 3 Commands in the DHCPPOOL configuration mode This section describes commands that you can call up in the DHCPPOOL Configuration mode In the Global Con...

Page 353: ... a new IPv4 address Requirement You are in the DHCPPOOL configuration mode The command prompt is as follows cli config dhcp pool ID Syntax Call up the command with the following parameters lease time seconds 60 31536000 The parameter has the following meaning Parameter Description Range of values note seconds Time until renewal of the assigned IPv4 address in seconds 60 31536000 Result The time is...

Page 354: ...arameter Description Range of values note lower IP Start of the IPv4 address band Enter a valid IPv4 address upper IP End of the IPv4 address band Enter a valid IPv4 address subnet mask Subnet mask of the corresponding subnet Enter a valid subnet mask prefix length Decimal representation of the mask as a number of 1 bits 1 32 Result The IPv4 address band is configured The DHCP options 1 3 6 66 and...

Page 355: ... parameters have the following meaning Parameter Description Range of values note option code Code of the DHCP option 3 Default gateway 6 DNS server ip adress list IPv4 address or IPv4 address list DHCP option 3 default gateway Enter the DHCP parameter as an IPv4 address e g 192 168 100 2 DHCP option 6 name server Enter the DHCP parameter as an IPv4 address e g 192 168 100 2 You can specify up to ...

Page 356: ... the DHCPPOOL configuration mode The command prompt is as follows cli config dhcp pool ID Syntax Call up the command with the following parameters option option code value string dhcp param The parameters have the following meaning Parameter Description Range of values note option code Code of the DHCP option 12 Host name 66 TFTP server 67 Bootfile name dhcp param Name of the file Enter the name i...

Page 357: ...parameters no option option code The parameter has the following meaning Parameter Description Range of values note option code Code of the DHCP option Enter a valid DHCP option code Result The specified DHCP option is deleted Further notes You configure the DHCP options 12 66 and 67 with the option value string command You configure the DHCP options 3 and 6 with the option command 7 5 3 6 pool en...

Page 358: ... Port Range ports Relay Agent Information relay information Static Leases static lease Further notes You display the setting with the show ip dhcp server pools command You disable the setting with the no pool enable command 7 5 3 7 no pool enable Description With this command you specify that this IPv4 address band will not be used Requirement You are in the DHCPPOOL configuration mode The command...

Page 359: ...ts are not automatically enabled With address assignments via a relay agent you cannot restrict the ports Requirement You are in the DHCPPOOL configuration mode The command prompt is as follows cli config dhcp pool ID Syntax Call up the command with the following parameters ports interface type 0 a b 0 c interface type 0 a b 0 c add The parameters have the following meaning Parameter Description R...

Page 360: ...on mode The command prompt is as follows cli config dhcp pool ID Syntax Call up the command with the following parameters no ports interface type 0 a b 0 c interface type 0 a b 0 c all The parameters have the following meaning Parameter Description Range of values note interface type Type or speed of the interface Enter a valid interface 0 a b 0 c Port no of the interface all All ports will be dis...

Page 361: ...re ignored by the server The extension of the period for an IPv4 address assigned via a relay agent is achieved using a Rebinding message that the client sends automatically as a broadcast To speed up the release of an IPv4 address assigned via a relay agent configure a shorter period of validity with the lease time command Requirement You are in the DHCPPOOL configuration mode The command prompt ...

Page 362: ...nt You are in the DHCPPOOL configuration mode The command prompt is as follows cli config dhcp pool ID Syntax Call up the command with the following parameters no relay information remote id circuit id The parameters have the following meaning Parameter Description Range of values note remote id Remote ID of the device Enter the remote ID of the de vice circuit id Circuit ID of the device Enter th...

Page 363: ...g dhcp pool ID Syntax Call up the command with the following parameters set interface vlan vlan id 1 4094 interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port ...

Page 364: ...dress client id string ip address The parameters have the following meaning Parameter Description Range of values note mac Keyword for a MAC address mac address Unicast MAC address Specify the MAC address aa bb cc dd ee ff client id Keyword for a DHCP client ID string Freely definable DHCP client ID Enter the required designation Maximum of 254 characters ip address Unicast IPv4 address Enter a va...

Page 365: ...ollows cli config dhcp pool ID Syntax Call up the command with the following parameters no static lease mac mac address client id string The parameter has the following meaning Parameter Description Range of values note mac Keyword for a MAC address mac address Unicast MAC address Specify the MAC address aa bb cc dd ee ff client id Keyword for a DHCP client ID string Freely definable DHCP client I...

Page 366: ...s command you display the IP addresses of the DHCP servers to which the device forwards the frames Requirement You are in the User EXEC mode or in the Privileged EXEC mode or in the Global Configuration mode The command prompt is as follows cli or cli Syntax Call the command without parameters show dhcp server Result The IP addresses of the DHCP servers are displayed Further notes With the ip dhcp...

Page 367: ...available interfaces For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The configuration settings are displayed 7 6 2 Commands in the Global Configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this ...

Page 368: ...r a valid IP address For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP address is specified Further notes You remove the IP address with the no ip dhcp server command You enable the DHCP Relay Agent with the service dhcp relay command You display the IP addresses with the show dhcp server command You display the sett...

Page 369: ...You enable the DHCP Relay Agent with the service dhcp relay command You create the IP address with the ip dhcp server command You display the IP addresses with the show dhcp server command 7 6 2 3 ip dhcp relay circuit id option Description The Circuit ID is a sub option of the DHCP Relay Information option The Circuit ID contains information about the origin of the DHCP packet With this command y...

Page 370: ...e information with the show ip dhcp relay information command 7 6 2 4 ip dhcp relay information option Description With this command you enable the IP DHCP Relay Information option If the option is enabled prior to forwarding to the DHCP server information about the origin of the DHCP query is encoded in the packet If the DHCP server sends a response the information is removed again before forward...

Page 371: ...ption Description With this command you disable the IP DHCP Relay Information option Requirement You are in the Global configuration mode or in the Interface configuration mode of VLAN The command prompt is as follows cli config or cli config if Syntax Call the command without parameter assignment no ip dhcp relay information option Result The option is disabled Further notes You enable the option...

Page 372: ...urther notes You disable the DHCP Relay Agent with the no service dhcp relay command You create the IP addresses of the DHCP server with the ip dhcp server command You can display the status of this function and other information with the show ip dhcp relay informationcommand 7 6 2 7 no service dhcp relay Description This command disables the DHCP relay agent Requirement You are in the Global Conf...

Page 373: ...and to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 7 6 3 1 ip dhcp relay circuit ...

Page 374: ...y circuit id Description With this command you remove the Circuit ID Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ip dhcp relay circuit id Result The Circuit ID is removed Further notes You configure the Circuit ID with the ip dhcp relay circuit id co...

Page 375: ...n Range of values note remote id name Device ID max 32 characters Default XYZ Result The device ID is specified Further notes You remove the device ID with the no ip dhcp relay remote id command You display the IP addresses with the show dhcp server command You display the settings with the show ip dhcp relay information command 7 6 3 4 no ip dhcp relay remote id Description With this command you ...

Page 376: ...show commands This section describes commands with which you display various settings 7 7 1 1 show ipv6 dhcp relay statistics Description This command displays the DHCPv6 relay agent settings for all or for a selected interface Requirement The DHCPv6 relay agent is enabled You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the co...

Page 377: ...nfiguration settings are displayed Further notes You enable the DHCPv6 relay agent function with the ipv6 dhcp relay command 7 7 2 clear ipv6 dhcp relay statistics Description With this command you reset the counters Requirement You are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call up the command with the following parameters clear ipv6 dhcp relay statistics interfac...

Page 378: ...global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then...

Page 379: ...ration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC...

Page 380: ... Module no and port no of the interface For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The DHCP Relay Agent is enabled Further notes You disable the DHCPv6 relay agent with the no ipv6 dhcp relay command You configure the interface as a router port with the no switchport command You display the setting with the sho...

Page 381: ...of bits belonging to the prefix from left to right 1 128 bits 128 The node host itself interface Shows that an interface description follows vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on identifiers of addresses and interfaces...

Page 382: ... ipv6 dhcp relay remote id type duid system name mgmt ip userDefined The parameter has the following meaning Parameters Description Range of values note duid Uses the DHCP unique identifier You configure the entry with theipv6 dhcp relay re mote id duid command system name Uses the system name mgmt ip Uses the management IPv6 address userDefined Uses a user defined entry You configure the entry wi...

Page 383: ...rompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 dhcp relay remote id duid duid id string 299 The parameter has the following meaning Parameters Description Range of values note duid id DHCP unique identifier Enter the DUID max 299 characters Result The DUID is specified Further notes You enable the remote ID with the ipv6 dhcp relay remote id command...

Page 384: ...ollows cli config if Syntax Call the command without parameter assignment ipv6 dhcp relay remote id userDefined user specific ascii string 128 The parameter has the following meaning Parameter Description Range of values note user specific ascii Designation of the remote ID max 128 characters Result The designation is specified Further notes You enable the remote ID with the ipv6 dhcp relay remote...

Page 385: ... 8 1 1 show snmp Description This command shows the status information of SNMP Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp Result The status information is displayed 7 8 1 2 show snmp community Description This command shows the details of the configured of SNMP communities...

Page 386: ...s command shows the SNMP identification number of the device Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp engineID Result The SNMP identification number of the device is displayed 7 8 1 4 show snmp filter Description This command shows the configured SNMP filters Requirement...

Page 387: ...ommand shows the configured SNMP groups Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp group Result The configured SNMP groups are displayed 7 8 1 6 show snmp group access Description This command shows the rights of the configured SNMP groups Requirement You are in the User E...

Page 388: ...mand shows the statistics of the Inform Messages Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp inform statistics Result The statistics of the Inform Messages are displayed 7 8 1 8 show snmp notif Description With this command you display the configured SNMP notification types...

Page 389: ...and shows the configured SNMP target addresses Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp targetaddr Result The configured SNMP target addresses are displayed 7 8 1 10 show snmp targetparam Description This command shows the configured SNMP target parameters Requirement Yo...

Page 390: ...on This command shows the configuration for SNMP via TCP Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show snmp tcp Result The configuration for SNMP via TCP is displayed 7 8 1 12 show snmp user Description This command shows the settings for the SNMP user Requirement You are in the U...

Page 391: ...command prompt is as follows cli or cli Syntax Call the command without parameters show snmp viewtree Result The settings for the SNMP tree view are displayed 7 8 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to ot...

Page 392: ... mode The command prompt is as follows cli config Syntax Call the command without parameters snmpagent Result The SNMP agent function is enabled Further notes You disable the SNMP agent function with theno snmpagent command 7 8 2 2 no snmpagent Description With this command you disable the SNMP agent function Requirement You are in the Global configuration mode The command prompt is as follows cli...

Page 393: ...v3 queries are processed Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters snmp agent version v3only all The parameters have the following meaning Parameter Description Range of values note v3only only SNMPv3 queries are processed all all SNMP queries are processed Default all Result The setting...

Page 394: ...ers Version Selects the version of the protocol used v1 v2c v3 Authentication Selects the authentication method auth enables MD5 or SHA as au thentication method noauth no authentication priv enables authentication and encryption read the data can be read Keyword ReadView none write the data can be read and written Keyword WriteView none notify Changes can be set as a tag Keyword NotifyView none S...

Page 395: ...MP tree views with the show snmp viewtree command 7 8 2 5 no snmp access Description With this command you delete the access to an SNMP group Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no snmp access GroupName v1 v2c v3 auth noauth priv The parameters have the following meaning Parameter ...

Page 396: ...yntax Call up the command with the following parameters snmp community index CommunityIndex name CommunityName security SecurityName context Name volatile nonvolatile The parameters have the following meaning Parameter Description Range of values note CommunityIndex Index of the community max 32 characters name Keyword for the name of the communi ty CommunityName Name of the community max 32 chara...

Page 397: ...d you delete the details of an SNMP community Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no snmp community index CommunityIndex The parameter has the following meaning Parameter Description Range of values note CommunityIndex Name of the community max 32 characters Result The details of a...

Page 398: ...The command prompt is as follows cli config Syntax Call the command without parameters snmp engineid migrate Result The SNMPv3 user migration is enabled Further notes You disable the SNMPv3 user migration with the no snmp engineid migrate command 7 8 2 9 no snmp engineid migrate Description With this command you disable the SNMPv3 user migration If the function is disabled a device specific SNMP e...

Page 399: ...h this command you configure the details of an SNMP group Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters snmp group GroupName user UserName security model v1 v2c v3 volatile nonvolatile The parameters have the following meaning Parameter Description Range of values note GroupName Name of the ...

Page 400: ...figured Further notes You delete the details of an SNMP group with the no snmp group command You display the created SNMP groups with the show snmp group command You display the created SNMP user with the show snmp user command 7 8 2 11 no snmp group Description With this command you delete the details of an SNMP group Requirement You are in the Global configuration mode The command prompt is as f...

Page 401: ...roups with the show snmp group command You display the created SNMP user with the show snmp user command 7 8 2 12 snmp notify Description With this command you configure the details of the SNMP notifications Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters snmp notify NotifyName tag TagName typ...

Page 402: ...le The settings are retained after a restart Result The details of the SNMP notifications are configured Further notes You delete the details of an SNMP notification with the no snmp notify command You display the configured SNMP notifications with the show snmp notif command You display the configured SNMP target addresses with the show snmp targetaddr command 7 8 2 13 no snmp notify Description ...

Page 403: ...d 7 8 2 14 snmp targetaddr Description With this command you configure the SNMP target address Requirement The SNMP target parameters are configured You are in the Global configuration mode The command prompt is cli config Syntax Call up the command with the following parameters snmp targetaddr TargetAddressName param ParamName ipv4 IPAddress fqdn name FQDN ipv6 IP6 Address timeout Seconds 1 1500 ...

Page 404: ...er that selects the desti nation address for SNMP Specify the tag identifier none No tag identifier volatile nonvolatile Specifies whether the settings re main following a restart volatile The default settings are used af ter a restart nonvolatile The saved settings are used af ter a restart port Keyword for the port number at which the SNMP manager receives traps and inform messages integer Port ...

Page 405: ...eters no snmp targetaddr TargetAddressName The parameter has the following meaning Parameter Description Range of values note TargetAddressName SNMP target address max 32 characters Result The SNMP target address is deleted Further notes You change the SNMP target address with the snmp targetaddr command You display the SNMP target address with the show snmp targetaddr command 7 8 2 16 snmp target...

Page 406: ...ich SNMP version is used With SNMPv3 a security level authen tication encryption can also be con figured SNMP version v1 v2c v3 Security level for v3 auth Authentication enabled no encryption enabled noauth No authentication enabled no encryption enabled priv Authentication enabled encryption enabled message processing Specifies which SNMP version is used for processing the messages and whether th...

Page 407: ...nd you delete the SNMP target parameters Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no snmp targetparams ParamName The parameter has the following meaning Parameter Description Range of values note ParamName Name of the SNMP parameter max 32 characters Result The SNMP target parameters ar...

Page 408: ...cked Further notes You release write access for SNMPv1 and SNMPv2 PDUs with the no snmp v1 v2 readonly command 7 8 2 19 no snmp v1 v2 readonly Description With this command you enable write access for SNMPv1 and SNMPv2 PDUs Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no snmp v1 v2 readonly Result Write ...

Page 409: ...note UserName Name of the user max 32 characters auth specifies that authentication takes place and which algorithm is used md5 Message Digest 5 sha Secure Hash Algorithm Default No authentication passwd Password for authentication max 32 characters priv DES specifies that there is encryption Default no encryption passwd Value for the password of the encryp tion max 32 characters Storage type spec...

Page 410: ... Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no snmp user UserName The parameter has the following meaning Parameter Description Range of values note UserName Name of the user max 32 characters Result The details of the SNMP user are deleted Further notes You change the settings with the s...

Page 411: ...ask Mask that filters access to the ele ments of the MIB tree A series of 0 and 1 separated by dots in keeping with the path information of the MIB tree View type Specifies whether the filtered elements are used or excluded included Default excluded Storage type specifies whether the settings remain following a restart volatile volatile The settings are lost after a restart nonvolatile non volatil...

Page 412: ...and prompt is as follows cli config Syntax Call up the command with the following parameters no snmp view ViewName OIDTree The parameters have the following meaning Parameter Description Range of values note ViewName Name of the view max 32 characters OIDTree Object ID Path information of the MIB tree Result The SNMP view is deleted Further notes You configure a view with the snmp view command You...

Page 413: ...ow events smtp server Description This command shows the configured e mail servers Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show events smtp server Result The configured e mail servers are displayed 7 9 1 2 show events sender email Description This command shows the configured e m...

Page 414: ... cli Syntax Call the command without parameters show events smtp port Result The configured SMTP port is displayed 7 9 2 Commands in the Events configuration mode This section describes commands that you can call up in the EVENTS configuration mode In the Global configuration mode enter the events command to change to this mode Commands relating to other topics that can be called in the Global con...

Page 415: ...the following meaning Parameter Description Note on the range if values ipv4 Keyword for an IPv4 address ucast_addr IPv4 address of the SMTP server Enter a valid IPv4 unicast ad dress fqdn name Keyword for a domain name FQDN Domain name Fully Qualified Domain Name Maximum of 100 characters ipv6 Keyword for an IPv6 address ip6_addr IPv6 address of the SMTP server Enter a valid IPv6 address receiver...

Page 416: ...rameter Description Note on the range if values ipv4 Keyword for an IPv4 address ucast_addr IPv4 address of the SMTP server Enter a valid IPv4 unicast ad dress fqdn name Keyword for a domain name FQDN Domain name Fully Qualified Domain Name Maximum of 100 characters ipv6 Keyword for an IPv6 address ip6_addr IPv6 address of the SMTP server Enter a valid IPv6 address For information on addresses and...

Page 417: ...Parameter Description Range of values note mail address Email name of the sender max 100 characters Result The e mail name of the sender is configured Further notes You reset the e mail name of the sender with the no sender mail address You display the setting with the show events sender email command 7 9 2 4 no sender mail address Description With this command you reset the e mail name of the sen...

Page 418: ...nd you send an e mail according to the currently configured SMTP settings Requirement You are in the EVENTS configuration mode The command prompt is as follows cli config events Syntax Call the command without parameters send test mail Result An e mail according to the currently configured SMTP settings is sent Further notes You can display the current SMTP settings with the show events smtp serve...

Page 419: ...ed Further notes You can reset the setting to the default with the no smtp port command You display the setting with the show smtp port command 7 9 2 7 no smtp port Description With this command you reset the SMTP port to the default The default value is 25 Requirement You are in the EVENTS configuration mode The command prompt is as follows cli config events Syntax Call the command without parame...

Page 420: ...C mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip http server status Result The status of the HTTP server is displayed 7 10 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to...

Page 421: ...he command without parameters ip http As default the function is enabled Result HTTP is enabled on the device Further notes You can display the setting of this function and other information with the show ip http server statuscommand You deactivate HTTP on the device with the no ip http command 7 10 2 2 no ip http Description With this command you disable HTTP on the device Requirement You are in ...

Page 422: ...rver This section describes commands of the Hypertext Transfer Protocol Secure HTTPS 7 11 1 The show commands This section describes commands with which you display various settings 7 11 1 1 show ip http secure server status Description This command shows the status of the HTTPS server Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or ...

Page 423: ...t is as follows cli or cli Syntax Call the command without parameters show ssl server cert Result The SSL server certificate is displayed 7 12 ARP This section describes commands of the Address Resolution Protocol ARP 7 12 1 The show commands This section describes commands with which you display various settings 7 12 1 1 show ip arp Description With this command you display the IP ARP table Requi...

Page 424: ...able summary Shows a summary of the entries in the ARP table information Displays information on the ARP con figuration For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the IP ARP table is displayed Result The IP ARP table is displayed 7 12 2 Commands in the global config...

Page 425: ... will be linked with the IP address MAC address of the device Vlan Keyword for a VLAN connection vlan id Number of the VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface Cpu0 The interface is configured as Out of band management interface For information on addresses and interfaces refer to the section Addresses and...

Page 426: ...e entry will be deleted IP address or IP alias For information on addresses and interfaces refer to the section Addresses and interface names Page 44 Result The entry is deleted from ARP cache Further notes You generate a static entry in the ARP cache with the arp command You can display the status of this function and other information with the show ip arp command You configure the router port wi...

Page 427: ...he is configured Further notes You can reset the timeout setting to the default with the no arp timeout command You can display the status of this function and other information with the show ip arp command 7 12 2 4 no arp timeout Description With this command you reset the timeout setting of the ARP cache back to the default value The default value for the timeout setting is 300 seconds Requireme...

Page 428: ...mmand shows the settings of the SSH server Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip ssh Result The settings for the SSH server are displayed 7 13 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mo...

Page 429: ...d prompt is as follows cli config Syntax Call the command without parameters ssh server As default the function is enabled Result The SSH protocol is enabled on the device Further notes You disable the SSH protocol with the no ssh server command 7 13 2 2 no ssh server Description With this command you disable the SSH protocol on the device Requirement You are in the Global configuration mode The c...

Page 430: ...erver SCALANCE XM 400 XR 500 Command Line Interface CLI 430 Configuration Manual 06 2016 C79000 G8976 C252 11 Result The SSH protocol is disabled on the device Further notes You enable the SSH protocol with the ssh server command ...

Page 431: ...gistration Protocol GMRP GARP Multicast Registration Protocol GVRP GARP VLAN Registration Protocol 8 1 1 The show commands This section describes commands with which you display various settings 8 1 1 1 show forward all Description With this command you display the entries of the GMRP forward all table Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is a...

Page 432: ...ered Result The entries of the GMRP forward unregistered table are displayed 8 1 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the...

Page 433: ...nction is enabled for this interface Further notes You need to enable GMRP globally for this device before you enable GMRP for individual interfaces If you want to enable or disable the function for a specific interface on the device use the no gmrp command in the Interface configuration mode You can display the status of this function and other information with the show vlan device info command 8...

Page 434: ...ce on the device use the gmrp command You can display the status of this function and other information with the show vlan device info command 8 1 2 3 gvrp Description With this command you enable the GVRP function for all or individual interfaces on the device Requirement You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows cli c...

Page 435: ...s command you disable the GVRP function for all or individual interfaces on the device Requirement You are in the Global configuration mode or You are in the Interface configuration mode The command prompt is as follows cli config cli config if Syntax Call the command without parameters no gvrp Result In the Global configuration mode The GVRP function is disabled on the device In the Interface con...

Page 436: ...ds This section describes commands with which you display various settings 8 2 1 1 show ip igmp global config Description With this command you display the general information on IGMP for the device Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ip igmp global config Resu...

Page 437: ...ed EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ip igmp groups Result The list is displayed 8 2 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to ot...

Page 438: ...as follows cli config Syntax Call the command without parameter assignment ip igmp Result IGMP is enabled Further notes You disable IGMP with the no ip igmp command You display the setting and other information with the show ip igmp global config command 8 2 2 2 no ip igmp Description With this command you disable IGMP globally on the device Requirement You are in the Global configuration mode The...

Page 439: ...iguration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters ip igmp group list integer ip address mask The parameters have the following meaning Parameter Description Range of values note integer Number of the multicast group 1 4294967295 ip address IP address of the multicast group Specify the IP address mask Subnet mask of the multicast gro...

Page 440: ...up list integer The parameter has the following meaning Parameter Description Range of values note integer Number of the multicast group 1 4294967295 Result The multicast group has been deleted Further notes You define a multicast group with the ip igmp group list command You display the configured multicast groups with the show ip igmp group list command 8 2 2 5 ip igmp limit Description With thi...

Page 441: ... device with the no ip igmp limit command You display the configured multicast groups with the show ip igmp global config command 8 2 2 6 no ip igmp limit Description With this command you delete the limit for learnable multicast groups on the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment...

Page 442: ... mode can be found in the relevant sections If you exit the VLAN Configuration mode with the exit command you return to the Global Configuration mode If you exit the VLAN Configuration mode with the end command you return to the Privileged EXEC mode 8 2 3 1 ip igmp Description With this command you enable IGMP on an interface Requirement You are in the Interface Configuration mode of VLAN The comm...

Page 443: ...with the ip igmp command You display the setting and other information with the show ip igmp global config command 8 2 3 3 ip igmp explicit tracking Description With this command you enable die function Explicit Tracking on an interface If the Explicit Tracking function is enabled the multicast router tracks precisely which clients log on to a multicast group Join and log off Leave As soon as the ...

Page 444: ...ace Further notes You configure the IGMP version with the ip igmp version command You disable Explicit Tracking on an interface with the no ip igmp explicit tracking command You display the setting and other information with the show ip igmp global config command 8 2 3 4 no ip igmp explicit tracking Description With this command you disable die function Explicit Tracking on an interface Requiremen...

Page 445: ...on client The multicast router does not query whether a further client wants to receive the multicast Use this function on IGMPv1 and IGMPv2 interfaces with only one client or on IGMPv3 interfaces on which the Explicit Tracking function is enabled With IGMPv1 and IGMPv2 only one client responds with a Join message to a query of the multicast router All other clients that want to receive the same m...

Page 446: ...this command you disable Immediate Leave function on an interface Requirement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call the command without parameter assignment no ip igmp immediate leave Result Die Immediate Leave function is disabled on the interface Further notes You enable the Immediate Leave function on an interface wit...

Page 447: ...fault 10 tenths of seconds Specified in tenths of seconds Result The period of time is specified Further notes You can reset the time to the default with the no ip igmp last member query interval command You display the setting and other information with the show ip igmp global config command 8 2 3 8 no ip igmp last member query interval Description With this command you reset the time during whic...

Page 448: ...r of multicast groups that can be learned using IGMP on an interface You can define an exception for special multicast groups Requirement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call up the command with the following parameters ip igmp limit value 1 4096 except Group List id The parameters have the following meaning Parameter D...

Page 449: ... 10 no ip igmp limit Description With this command you delete the limit for learnable multicast groups on the an interface Requirement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call the command without parameter assignment no ip igmp limit Result The limit is deleted Further notes You define the maximum number of multicast groups...

Page 450: ...lue Length of the interval 1 31744 Default 125 seconds Specified in seconds Result The interval is defined Further notes You reset the interval to the default with the no ip igmp query interval command You display the setting and other information with the show ip igmp global config command 8 2 3 12 no ip igmp query interval Description With this command you reset the time interval at which the mu...

Page 451: ...s to respond to a query Requirement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call up the command with the following parameters ip igmp query max response time value 1 255 tenths of seconds The parameters have the following meaning Parameter Description Range of values note value Value for the time interval 1 255 Default 100 tent...

Page 452: ...VLAN The command prompt is as follows cli config if vlan Syntax Call the command without parameter assignment no ip igmp query max response time Result The period of time is reset Further notes You configure the time with the ip igmp query max response time command You display the setting and other information with the show ip igmp global config command 8 2 3 15 ip igmp robustness Description With...

Page 453: ...r packet loss rate Result The setting for the packet loss rate of a network is specified Further notes You can reset the setting to the default with the no ip igmp robustness command You display the setting and other information with the show ip igmp global config command 8 2 3 16 no ip igmp robustness Description With this command you reset the setting for the packet loss rate of a network to the...

Page 454: ...ement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call up the command with the following parameters ip igmp static group Group Address source Source Address The parameters have the following meaning Parameter Description Range of values note Group Address Address of the multicast group source Keyword for a client Source Address IP ...

Page 455: ...ource Source Address The parameters have the following meaning Parameter Description Range of values note Group Address Address of the multicast group source Keyword for a client Source Address IP address of the client Result The client is deleted from the multicast group Further notes You assign a client to a multicast group with the ip igmp static group command You display the list of configured...

Page 456: ...version to the default with the no ip igmp version command You display the setting and other information with the show ip igmp global config command 8 2 3 20 no ip igmp version Description With this command you reset the IGMP version back to the default value Requirement You are in the Interface Configuration mode of VLAN The command prompt is as follows cli config if vlan Syntax Call the command ...

Page 457: ...IGMP snooping for all or a selected VLAN Requirement You are in the User EXEC mode or in the Privileged EXEC mode or in the Global configuration mode The command prompt is as follows cli or cli or cli config Syntax Call up the command with the following parameters show ip igmp snooping Vlan vlan id The parameters have the following meaning Parameter Description Range of values note Vlan Keyword fo...

Page 458: ...how ip igmp snooping forwarding database Vlan vlan id The parameters have the following meaning Parameter Description Range of values note Vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The multicast forwarding entries are displayed 8 3 1 3 sh...

Page 459: ... as follows cli or cli or cli config Syntax Call up the command with the following parameters show ip igmp snooping groups Vlan vlan id Group Address static dynamic The parameters have the following meaning Parameter Description Range of values note Vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 Group Address static dynamic For information on names of addresses and ...

Page 460: ... detail Specifies that detailed information is displayed Result A list of the active ports is displayed 8 3 1 6 show ip igmp snooping statistics Description This command shows the statistical information about IGMP snooping for all or a selected VLAN Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with ...

Page 461: ...nd prompt is as follows cli or cli Syntax Call the command without parameters show ip igmp snooping switch ip Result The IP address is displayed 8 3 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics tha...

Page 462: ...er the show ip igmp snooping command in the User EXEC mode or in the Privileged EXEC mode Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters ip igmp snooping version v1 v2 v3 The parameters have the following meaning Parameter Description v1 IGMPv1 v2 IGMPv2 v3 IGMPv3 Result The version of IGMP s...

Page 463: ...nooping command 8 3 2 3 no ip igmp vlan snooping Description With this command you disable IGMP snooping for all VLANs Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip igmp vlan snooping Result IGMP snooping is disabled for all VLANs Further notes You enable IGMP snooping with the ip igmp vlan snooping...

Page 464: ...values note Vlan Keyword for a VLAN connection vlanid Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select a VLAN the counters of all VLANs will be deleted Result The counters are deleted 8 3 2 5 ip igmp snooping switch ip Description With this command you configure the IP addr...

Page 465: ...e list if no IGMP router control packets are received is known as the purge time With this command you configure this purge time for a port for a VLAN in seconds Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters ip igmp snooping port purge interval 130 1225 seconds The parameters have the follow...

Page 466: ...setting with the ip igmp snooping port purge interval command You can display the status of this function and other information with the show ip igmp snooping globalscommand 8 3 3 Commands in the VLAN configuration mode This section describes commands that you can call up in the VLAN Configuration mode In the Global Configuration mode enter the vlan command to change to this mode When doing this y...

Page 467: ...arameter has the following meaning Parameter Description Range of values note static group Keyword for a static entry mcast_addr Value for a multicast address Enter a valid multicast address ports Keyword for a an interface description interface type Type or speed of the interface Enter a valid interface iface_list Module no and port no of the interface Result The static IGMP entry has been create...

Page 468: ...IGMP querier This section describes the commands for the query functionality of the Internet Group Management Protocol IGMP 8 4 1 Commands in the Global Configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in th...

Page 469: ...unction and other information with the show ip igmp snooping command 8 4 1 2 no ip igmp snooping querier Description With this command you delete the configuration of an IGMP snooping switch as querier Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip igmp snooping querier Result The configuration of th...

Page 470: ...ns occur Complex network topologies cannot be set up with this function This means that two rings can be connected redundantly in each case via two links master slave This function is known as the standby connection One link is active on an interface of the master device and the second is inactive on an interface of the slave device Note Position of master and slave device The master and slave dev...

Page 471: ...ers How often the device as redundancy manager switched to the active status i e closed the ring The maximum delay time of the test frames of the redundancy manager Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters clear ring redundancy manager counters Result The counters are reset 8 5 3 ...

Page 472: ...rious settings 8 5 4 1 show hrp counters Description With this command you display the following information How often the device as redundancy manager switched to the active status i e closed the ring The maximum delay time of the test frames of the redundancy manager How often the IE switch has changed the standby status from Passive to Active Requirement You are in the User EXEC mode or in the ...

Page 473: ...is as follows cli or cli Syntax Call the command without parameters show ring redundancy Result The current configurations are displayed 8 5 4 3 show ring redundancy manager counters Description With this command you display the following information How often the device as redundancy manager switched to the active status i e closed the ring The maximum delay time of the test frames of the redunda...

Page 474: ... be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 8 5 5 1 ring redundancy configuration Description With this command you change to the Redundancy Configuration mode Requirement You are in the Global Configuration mode The command prompt is as follows c...

Page 475: ...n quick succession the observer no longer enables its port automatically The ring port remains permanently in the blocking status This is signaled by the error LED and a message text After the errors have been eliminated you can enable the port again with this command and the parameter restart Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax C...

Page 476: ... parameter assignment no ring redundancy hrpobserver Result The observer is disabled Further notes You enable the observer with the ring redundancy hrpobserver command You can display the status of this function and other information with the show ring redundancy command 8 5 5 4 ring redundancy mode Description With this command you enable the ring redundancy function on a device Requirement You a...

Page 477: ...s client hrpmanager Enables ring redundancy with the HRP protocol in ring redundancy manag er mode Result The ring redundancy function is enabled and the redundancy mode is selected Further notes You disable the ring redundancy function with the no ring redundancy command 8 5 5 5 no ring redundancy Description With this command you disable the ring redundancy function on a device Requirement You a...

Page 478: ...config Syntax Call the command without parameters ring redundancy standby Result The standby function is enabled Further notes You disable the setting with the no ring redundancy standby command You can display the status of this function and other information with the show ring redundancycommand 8 5 5 7 no ring redundancy standby Description With this command you disable the standby function Requ...

Page 479: ...dancy configuration command to change to this mode If you exit the Redundancy Configuration mode with the exit command you return to the Global Configuration mode If you exit the Redundancy Configuration mode with the end command you return to the Privileged EXEC mode 8 5 6 1 ring ports Description With this command you configure the ports of the ring redundancy manager or ring redundancy client o...

Page 480: ...id Specifies the number of the interface for the second ring port For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Note Differing port addresses The first and second port must be configured on different interfaces Result The ports of the ring redundancy are configured 8 5 6 2 standby connection name Description With this command ...

Page 481: ...andby connection Requirement You are in the Redundancy Configuration mode The command prompt is as follows cli config red Syntax Call the command without parameters no standby connection name Result The name of the standby connection is deleted 8 5 6 4 standby force master Description With this command you enable the standby force master function Requirement HRPis enabed You are in the Redundancy ...

Page 482: ...standby force master Description With this command you disable the standby force master function Requirement HRPis enabed You are in the Redundancy configuration mode The command prompt is cli config red Syntax Call the command without parameters no standby force master Result The standby force master function is disabled Further notes You enable the setting with the standby force master command Y...

Page 483: ...ace interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The ports for a standby connection are configured and enabled Further notes You disable the setting with the no standby port command You can display the status of this function and other information with the show ring r...

Page 484: ... with the standby port command You can display the status of this function and other information with the show ring redundancy command 8 5 6 8 standby wait for partner Description With this command you enable the Wait for standby partner function on the device A standby connection is enabled only after the standby master and the standby slave as well as their standby partners have established a co...

Page 485: ...you disable the Wait for standby partner function on the device A standby connection is enabled even if the standby master has not yet established a connection to the standby slave Requirement You are in the Redundancy configuration mode The command prompt is as follows cli config red Syntax Call the command without parameters no standby wait for partner Result The Wait for standby partner functio...

Page 486: ...lay various settings 8 6 1 1 show unicast block config Description This command shows the unicast blocking settings for ports Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show unicast block config port interface type interface id The parameters have the following meaning...

Page 487: ... vlan vlan range address aa aa aa aa aa aa interface interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan range Number of the addressed VLAN 1 4094 address Keyword for a MAC address aa aa aa aa aa aa MAC address interface Keyword for a an interface description interface type Type or speed of the int...

Page 488: ...AC address aa aa aa aa aa aa MAC address interface Keyword for a an interface description interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the entries...

Page 489: ...ning Parameter Description Range of values note aa aa aa aa aa aa MAC address of the interface vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface Keyword for a an interface description interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface port channel Keyword for a port channel connection Ente...

Page 490: ...ress table static unicast aa aa aa aa aa aa vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note aa aa aa aa aa aa MAC address Specify a valid MAC address vlan Keyword for a VLAN connection vlan id Range of values of the VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page ...

Page 491: ...k config Description This command shows the multicast blocking settings for ports Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show multicast block config port interface type interface id The parameters have the following meaning Parameter Description Range of values not...

Page 492: ...e command with the following parameters show mac address table dynamic multicast vlan vlan range address aa aa aa aa aa aa interface interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan range Number of the addressed VLAN 1 4094 address Keyword for a MAC address aa aa aa aa aa aa MAC address interfac...

Page 493: ...range address aa aa aa aa aa aa interface interface type interface id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan range Number of the addressed VLAN 1 4094 address Keyword for a MAC address aa aa aa aa aa aa MAC address interface Keyword for a an interface description interface type Type or speed of the interface Ente...

Page 494: ...lock static multicast Description With this command you configure static multicast addresses that will be blocked Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters mac address table block static multicast aa aa aa aa aa aa vlan vlan id 1 4094 The parameters have the following meaning Parameter D...

Page 495: ...Syntax Call up the command with the following parameters mac address table static multicast aa aa aa aa aa aa vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note MAC address of the interface aa aa aa aa aa aa vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer ...

Page 496: ...command with the following parameters no mac address table static multicast aa aa aa aa aa aa vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note aa aa aa aa a a aa MAC address of the interface vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section ...

Page 497: ...ing Description This command shows the information about MLD snooping for all or a selected VLAN Requirement MLD snooping is enabled You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ipv6 mld snooping Vlan vlan id The parameters have the following meaning Parameter Description Range...

Page 498: ...rompt is as follows cli or cli Syntax Call up the command with the following parameters show ipv6 mld snooping forwarding database Vlan vlan id The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 If you specify VLAN the configuration of all VLANs is displayed Result The multicast forward...

Page 499: ... of values note Vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 Group Keyword for an MLD snooping group Address Address of the MLD snooping group Enter a valid address If you do not select any parameter from the parameter list the configuration is displayed for all interfaces Result The information on the MLD snooping group is displayed Further notes You enable MLD s...

Page 500: ...rement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli Syntax Call up the command with the following parameters show ipv6 mld snooping mrouter Vlan vlan index detail The parameters have the following meaning Parameters Description Range of values Vlan Keyword for a VLAN or VLAN range vlan index Number of the addressed VLAN or VLAN range 1 4094 deta...

Page 501: ...ion of all VLANs is displayed Result The statistics are displayed Further notes You enable MLD snooping with the ipv6 mld snooping command You reset the counters to zero with the ipv6 mld snooping clear counters command 8 8 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure te...

Page 502: ...f values note value Number of Join messages 100 1000 Default 0 Result The maximum number is defined Further notes You delete das limit for Join messages on the device with the no ipv6 mld join ratelimit command You can display the status of this function and other information with the show ipv6 mld snooping globals command 8 8 2 2 no ipv6 mld join ratelimit Description With this command you delete...

Page 503: ... function globally and in the VLANs In the Global configuration mode enable MLD snooping on the device or globally To enable MLD snooping on the required VLAN execute the command in the VLAN configuration mode Requirement GMRP is disabled You are in the Global configuration mode or in the VLAN configuration mode The command prompt is in the Global configuration mode is cli config or in the VLAN co...

Page 504: ... configuration mode is cli config or in the VLAN configuration mode cli config vlan Syntax Call the command without parameter assignment no ipv6 mld snooping Result MLD snooping is disabled Further notes You enable MLD snooping with the ipv6 mld snooping command 8 8 2 5 ipv6 mld snooping clear counters Description With this command you reset the counters of the MLD snooping statistics to zero Requ...

Page 505: ...e time With this command you configure this purge time for a port or for a VLAN in seconds Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters ipv6 mld snooping port purge interval 130 1225 seconds The parameters have the following meaning Parameter Description Range of values note Value for the p...

Page 506: ...e ipv6 mld snooping port purge interval command You can display the status of this function and other information with the show ipv6 mld snooping globals command 8 8 3 Commands in the VLAN configuration mode This section describes commands that you can call up in the VLAN Configuration mode In the Global Configuration mode enter the vlan command to change to this mode When doing this you need to r...

Page 507: ...AN configuration mode Requirement GMRP is disabled You are in the Global configuration mode or in the VLAN configuration mode The command prompt is in the Global configuration mode is cli config or in the VLAN configuration mode cli config vlan Syntax Call the command without parameter assignment ipv6 mld snooping Result MLD snooping is enabled Further notes You disable GMRP with the no grmp comma...

Page 508: ...tax Call the command without parameter assignment no ipv6 mld snooping Result MLD snooping is disabled Further notes You enable MLD snooping with the ipv6 mld snooping command 8 8 3 3 ipv6 mld snooping querier Description With this command you configure the MLD snooping on the device as querier for a specific VLAN Requirement The VLANs on the device are enabled You are in the VLAN configuration mo...

Page 509: ...d 8 8 3 4 ipv6 mld snooping version Description This command specifies which version of MLD the device will use in this VLAN Requirement You are in the VLAN configuration mode The command prompt is as follows cli config vlan Syntax Call up the command with the following parameters ipv6 mld snooping version v1 v2 The parameters have the following meaning Parameter Description v1 MLDv1 v2 MLDv2 Defa...

Page 510: ...Layer 2 management protocols 8 8 MLD Snooping IPv6 SCALANCE XM 400 XR 500 Command Line Interface CLI 510 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 511: ... describe the routing properties of the device These are not normally included in the basic device and if necessary must be enabled or released extra 9 1 The show commands This section describes commands with which you display various settings 9 1 1 show ip protocol Description This command shows the current settings of the activated routing protocols Note This command is available only with layer...

Page 512: ...s the commands relevant for working with routing with OSPF 9 2 1 The show commands This section describes commands with which you display various settings 9 2 1 1 show ip ospf Description This command shows information about routing with OSPF Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cl...

Page 513: ... EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ip ospf route Result The routes are displayed 9 2 1 3 show ip ospf database summary Description This command shows a summary of the database Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the fol...

Page 514: ...or a specific IP address specify a valid IP address If no IP address is entered the specific LSAs of the local router are displayed For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The summary of the database is displayed 9 2 1 4 show ip ospf database Description This command shows information about a specific or all LSA t...

Page 515: ...ws information of the LSA type Summary Type 3 link state id ID of the LSA Link State ID depends on the LSA type Link State ID consists of 4 num bers each between 0 and 255 adv router Keyword for the router specific LSA ip address shows the router specific LSA for a specific IP address specify a valid IP address If no IP address is entered the specific LSAs of the local router are displayed self or...

Page 516: ...and with the following parameters show ip ospf interface vlan vlan id 1 4094 interface type interface id The parameters have the following meaning Parameter Description Range of values note Vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For infor...

Page 517: ...type interface id Neighbor ID detail The parameters have the following meaning Parameter Description Range of values note Vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface Neighbor ID Router ID of the neighbor The ID consists of 4 numbers each betwe...

Page 518: ... vlan vlan id 1 4094 interface type interface id The parameters have the following meaning Parameter Description Range of values note neighbor id Router ID of the neighbor Enter the router ID The router ID consists of 4 numbers each be tween 0 and 255 vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type of interface Enter a valid interface interface id...

Page 519: ...s have the following meaning Parameter Description Range of values note neighbor id Router ID of the neighbor Enter the router ID The router ID consists of 4 numbers each be tween 0 and 255 vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For infor...

Page 520: ... area range Description This command shows the grouped address ranges Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ip ospf area range summary address The parameters have the following meaning Parameter Description area range Grouped area range The address range is c...

Page 521: ...ion mode with the end or exit command and are then in the Privileged EXEC mode again 9 2 2 1 router ospf Description With this command you enable routing with OSPF and change to the OSPF Router configuration mode Note This command is available only with layer 3 Requirement IPv4 routing is activated You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the...

Page 522: ...g with OSPF is disabled Further notes You enable routing with OSPF with the router ospf command 9 2 3 Commands in the Router Configuration mode This section describes commands that you can call up in the Router configuration mode In the Global configuration mode enter the router ospf command to change to this mode Commands relating to other topics that can be called in the Global configuration mod...

Page 523: ...and you specify that the router is an Autonomous System Boundary Router ASBR Note This command is available only with layer 3 Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call the command without parameters ASBR Router Result The autonomous system boundary router is enabled Further notes You disable the autonomous system boundary...

Page 524: ...e The command prompt is as follows cli config ospf Syntax Call the command without parameters no ASBR Router Result The autonomous system boundary router is disabled Further notes You enable the autonomous system boundary router with the ASBR Router command You can display the status of this function and other information with the show ip ospf command 9 2 3 3 area range Description With this comma...

Page 525: ...cify an ID x x x x x 0 255 0 0 0 0 backbone area Network IP address of the address range specify the IP address Mask Subnet mask of the address range specify the subnet mask advertise The address range is advertised to the outside A summary LSA of Type 3 is generated notadvertise The address range is not advertised to the outside For information on names of addresses and interfaces refer to the se...

Page 526: ...x Call up the command with the following parameters area AreaId range Network Mask summary Type7 advertise notadvertise The parameters have the following meaning Parameter Description Range of values note AreaId Area ID specify an ID x x x x x 0 255 0 0 0 0 backbone area Network IP address of the address range specify the IP address Mask Subnet mask of the address range specify the subnet mask sum...

Page 527: ...2 Result The address range is configured Further notes You delete the address range with the no area range command You can display the status of this function and other information with the show ip ospf area range summary address command 9 2 3 5 no area range Description With this command you delete the address range Note This command is available only with layer 3 Requirement You are in the OSPF ...

Page 528: ...bnet mask For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The address range is deleted Further notes You create address ranges with the area range command 9 2 3 6 area nssa Description With this command you configure areas of the type NSSA not so stubby area Note This command is available only with layer 3 Requirement You...

Page 529: ...mmary LSA default information originate Generating a standard route LSA type 7 in the NSSA Result The area of the type NSSA is configured Further notes You change the type of the area with the no area command 9 2 3 7 area stub Description With this command you configure areas of the type Stub Note This command is available only with layer 3 Requirement You are in the OSPF Router configuration mode...

Page 530: ... The router does not send or receive a summary LSA Result The area of the type Stub is configured Further notes You change the type of the area with the no area command 9 2 3 8 no area Description With this command you remove or change an area of the type Stub or NSSA Note This command is available only with layer 3 Requirement You are in the OSPF Router configuration mode The command prompt is as...

Page 531: ... With this command you create a virtual connection to the backbone area Note This command is available only with layer 3 The router must be an Area Border Router ABR or an Autonomous System Boundary Router ASBR The router ID must correspond to the IP address of the interface of the transit area network Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli c...

Page 532: ...e sent over the virtual link value specifies the length of the interval in seconds enter the interval 1 65535 retransmit interval Keyword for the interval after which packets whose receipt was not con firmed are transferred again value specifies the length of the interval in seconds enter the interval 0 3600 transmit delay Keyword for the time that a link state update packet requires for transmis ...

Page 533: ...tual link command You display information about the virtual link with the show ip ospf virtual command 9 2 3 10 no area virtual link Description With this command you delete a virtual link Note This command is available only with layer 3 Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call up the command with the following parameter...

Page 534: ...Hello packets are sent over the virtual link retransmit interval Keyword for the interval after which packets whose receipt was not con firmed are transferred again transmit delay Keyword for the time that a link state update packet requires for transmis sion over the virtual link dead interval Keyword for the interval after which the neighbor router is classified as failed if Hello packets from i...

Page 535: ...ble only with layer 3 Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call the command without parameters compatible rfc1583 Result The compatibility with RFC 1583 is enabled Further notes You disable the compatibility with the no compatible rfc1583 command You can display the status of this function and other information with the s...

Page 536: ...he compatible rfc1583 command You can display the status of this function and other information with the show ip ospfcommand 9 2 3 13 default information originate Description With this command you enable the function with which a standard route is generated for external routes into the OSPF routing domain Note This command is available only with layer 3 Requirement You are in the OSPF Router conf...

Page 537: ...d for the type of the external standard route type Type of the external route 1 type 1 External and internal costs 2 type 2 External costs Result The function is enabled Further notes You disable the function with the no default information originate command 9 2 3 14 no default information originate Description With this command you disable the function with which a standard route is generated for...

Page 538: ...ard route metric value Value of the metric 0 0xffffff metric type Keyword for the type of the external standard route type Type of the external route 1 type 1 External and internal costs 2 type 2 External costs Result The function is disabled Further notes You enable the function with the default information originate command 9 2 3 15 default information originate always Description With this comm...

Page 539: ...metric 0 0xffffff metric type Keyword for the type of the external standard route type Type of the external route 1 type 1 External and internal costs 2 type 2 External costs Result The function is enabled Further notes You disable the function with the no default information originate always command 9 2 3 16 no default information originate always Description With this command you disable the fun...

Page 540: ...ndard route metric value Value of the metric 0 0xffffff metric type Keyword for the type of the external standard route type Type of the external route 1 type 1 External and internal costs 2 type 2 External costs Result The function is disabled Further notes You enable the function with the default information originate always command 9 2 3 17 network area Description With this command you specify...

Page 541: ... x x x 0 255 0 0 0 0 backbone area For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The OSPF interface is configured Further notes You remove the OSPF interface and the area with the no network area command You can display the status of this function and other information with the show ip ospf interfacecommand 9 2 3 18 no ...

Page 542: ... ID enter an ID x x x x x 0 255 0 0 0 0 backbone area Result The OSPF interface is removed Further notes You create the OSPF interface and the area with the network area command You can display the status of this function and other information with the show ip ospf interfacecommand 9 2 3 19 redist config Description With this command you configure the information for the route The routes are furth...

Page 543: ...specify the subnet mask metric value Keyword for the metric of the route metric Metric 1 16777215 metrictype Keyword for the connection costs asExttype1 External and internal costs asExttype2 External costs For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The information for the route is specified Further notes You remove ...

Page 544: ... Target address of the route specify the IP address Mask Subnet mask of this route specify the subnet mask For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The information for the route is deleted Further notes You create the information with the redist config command 9 2 3 21 redistribute Description With this command you...

Page 545: ...are distributed via OSPF is specified Further notes You enable the ASBR router with the ASBR Router command You disable the distribution of the routes with the no redistribute command You create the information for the routes with the redist config command You create the information for external the routes with the default information originate command 9 2 3 22 no redistribute Description With thi...

Page 546: ...F is disabled Further notes You enable the distribution of the routes with the redistribute command 9 2 3 23 distribute list route map Description This command enables the filtering of the routing information according to a route map for incoming routing information Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call up the command...

Page 547: ...ement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call up the command with the following parameters no distribute list route map name 1 20 in The parameters have the following meaning Parameter Description Range of values note name Name of the routing table Maximum of 20 characters in Incoming routing information is filtered Result The filt...

Page 548: ...P address of the router or a value in the IP address for mat For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The ID of the router is specified Further notes You display the router ID and other information with the show ip ospf interface command 9 2 3 26 summary address Description With this command you assign an area ID a...

Page 549: ...ype 7 also gener ated for this address range in the con nected NSSAs denyAll No LSA is of Type 5 or Type 7 is gen erated for the address range advertise The address range is advertised out side the areas In the backbone area the router gen erates an LSA message of Type 5 If the Area ID is not 0 0 0 0 the router generates an LSA message of Type 7 in an NSSA not advertise No LSA messages of Type 5 a...

Page 550: ... range Note This command is available only with layer 3 Requirement You are in the OSPF Router configuration mode The command prompt is as follows cli config ospf Syntax Call up the command with the following parameters no summary address Network Mask AreaId The parameters have the following meaning Parameter Description Range of values note Network IP address of the address range specify the IP a...

Page 551: ... the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 9 2 4 1 ip ospf authentication Description With this command you specify the type of authentication The followin...

Page 552: ...ult The type of authentication is specified Further notes You remove the type of authentication with the no ip ospf authentication command You create the password for MD5 with the ip ospf message digest key command You create the password with the ip ospf authentication command 9 2 4 2 no ip ospf authentication Description With this command you reset the type of authentication back to the default ...

Page 553: ...e password Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call up the command with the following parameters ip ospf authentication key password 8 The parameter has the following meaning Parameter Description Range of values note Password Password Enter a password ...

Page 554: ...er 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no ip ospf authentication key Result The password is deleted Further notes You configure the password with the ip ospf authentication key command 9 2 4 5 ip ospf cost Description With this command you specify the co...

Page 555: ...ameter has the following meaning Parameter Description Range of values note cost Costs for the OSPF interface 1 65535 Result The costs are specified Further notes You delete the costs with the no ip ospf cost command You show the configuration of the OSPF interface with the show ip ospf interface command 9 2 4 6 no ip ospf cost Description With this command you delete the costs Note This command i...

Page 556: ...ead interval Description With this command you specify the time that can elapse before the neighbor router is assumed to have failed This means that no more Hello packets were received from it during this time Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call up...

Page 557: ...val Description With this command you delete the interval Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no ip ospf dead interval Result The interval is deleted Further notes You specify the interval with the ip ospf d...

Page 558: ...ace is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call up the command with the following parameters ip ospf hello interval seconds 1 65535 The parameter has the following meaning Parameter Description Range of values note seconds Interval in seconds 0 65535 Result The interval is specified Further notes You delete the interval with the ...

Page 559: ... in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no ip ospf hello interval Result The interval is deleted Further notes You configure the interval with the ip ospf hello interval command You show the configuration of the OSPF interface with the show ip ospf interface command 9 2 4 11 ip ospf message digest key Description...

Page 560: ...owing meaning Parameter Description Range of values note Key ID ID of the password 0 255 md5 Keyword for the password md5 Key Password for authentication enter a password Maximum length 16 characters Result The password and the ID are specified Further notes You delete the password with the no ip ospf message digest key command 9 2 4 12 no ip ospf message digest key Description With this command y...

Page 561: ...the password with the ip ospf message digest key command 9 2 4 13 ip ospf retransmit interval Description With this command you specify the time after which an LSA message is transferred again if no confirmation has been received Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli conf...

Page 562: ...val Description With this command you delete the interval Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no ip ospf retransmit interval Result The interval is deleted Further notes You configure the interval with the i...

Page 563: ...rface You are in the Interface configuration mode The command prompt is cli config if Syntax Call up the command with the following parameters ip ospf transmit delay seconds 0 3600 The parameter has the following meaning Parameter Description Range of values note seconds Interval in seconds 0 3600 Result The interval is specified Further notes You delete the interval with the no ip ospf transmit d...

Page 564: ...ansmit delay Result The interval is deleted Further notes You configure the interval with the ip ospf transmit delay command 9 2 4 17 ip ospf priority Description With this command you specify the router priority The designated router is identified based on the priority Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configur...

Page 565: ... with the show ip ospf interface command 9 2 4 18 no ip ospf priority Description With this command you reset the value for the priority to the default value Note This command is available only with layer 3 Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no ip ospf pr...

Page 566: ...uter types Internal Router IR Area Border Router ABR Backbone Router BR Autonomous System Area Border Router ASBR Designated Router DR The router ID the area ID and the ID of the LSA are entered in the IPv4 address format x x x x What has changed Terms The terms network or subnet are replaced by link Authentication The authentication was removed Instead OSPFv3 uses IPsec that is implemented in IPv...

Page 567: ...in OSPFv2 simply renamed 7 NSSA Exter nal LSA 0x2007 Type 7 LSA NSSA ASBR NSSA Same function as in OSPFv2 simply renamed 0x2008 Link LSA every router Link The LSA is sent by the router to every router linked to it The LSA contains the link local address of the router and a list with IPv6 prefixes configured on the link 0x2009 Intra area prefix LSA every router Area The LSA is sent only within an a...

Page 568: ...pv6 ospf database Description This command shows information about a specific LSA type or all LSA types Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ipv6 ospf area AreaID database router network as external inter pref...

Page 569: ...ix type 2003 inter router only shows information of the LSA type inter area router type 2004 intra prefix only shows information of the LSA type intra area prefix l type 2009 link only shows information of the LSA type link type 2008 nssa only shows information of the LSA type type 7 LSA type 2007 detail shows Information in detail HEX shows Information in hexadecimal format If you do not select a...

Page 570: ...n This command shows the OSPFv3 routes to the area border routers and to the AS boundary routers Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ipv6 ospf border routers Result The OSPFv3 routers are shown 9 3 1 5 show ipv6 ospf host ...

Page 571: ... without parameter assignment show ipv6 ospf host Result The host table is shown 9 3 1 6 show ipv6 ospf interface Description This command shows the information on the OSPFv3 interface Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following par...

Page 572: ...ter from the parameter list the information is displayed for all available interfaces Result The Information of the OSPFv3 interface is displayed 9 3 1 7 show ipv6 ospf neighbor Description This command shows information about the detected neighboring routers Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt...

Page 573: ...s command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ipv6 ospf redist config Result The information is displayed 9 3 1 9 show ipv6 ospf redundancy Description This command shows OSPFv3 redundancy Note This command is available only with ...

Page 574: ...his command shows the routes that were generated with OSPFv3 Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show ipv6 ospf route Result The routes are displayed 9 3 1 11 show ipv6 ospf virtual links Description This command shows an overv...

Page 575: ...a range Description This command shows the grouped address ranges Note This command is available only with layer 3 Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ipv6 ospf area range summary prefix The parameters have the following meaning Parameters Description Value...

Page 576: ...mand prompt is as follows cli or cli Syntax Call up the command with the following parameters show ipv6 ospf request list retrans list Neighbor RouterID The parameters have the following meaning Parameter Description Range of values note request list Request list for which LSA information is re quired retrans list List with LSAs from which information was sent but the acknowledgement of the recipi...

Page 577: ...he end or exit command and are then in the Privileged EXEC mode again 9 3 2 1 ipv6 router ospf Description With this command you enable routing with OSPFv3 and change to the Router configuration mode Note This command is available only with layer 3 Requirement IPv6 routing is activated You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call the command with...

Page 578: ... with OSPFv3 is disabled Further notes You enable routing with OSPFv3 with the ipv6 router ospf command 9 3 3 Commands in the Router configuration mode This section describes commands that you can call up in the Router Configuration mode In the global configuration mode enter the ipv6 router ospf command to change to this mode Commands relating to other topics that can be called in the Global Conf...

Page 579: ...ll up the command with the following parameters area area id stub nssa no summary The parameters have the following meaning Parameter Description Range of values note area id Area ID Specify the ID in the IPv4 address format x x x x 0 255 0 0 0 0 backbone area stub Stub area The LSA types router network inter area prefix intra area prefix and link are stored in the database nssa NSSA Stub area tha...

Page 580: ...ea To remove an area there must be no IPv6 interface connected to it Note This command is available only with layer 3 Requirement You are in the OSPFv3 router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call up the command with the following parameters no area area id stub nssa virtual link router id default metric range summary Type7 summary prefix IPv6 Prefix Pre...

Page 581: ...Enter a valid IPv6 address Prefix Length Number of bits belonging to the prefix from left to right 1 128 bits 128 The node host itself For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The area is removed or changed 9 3 3 3 area range ipv6prefix prefix_length Description With this command you assign an area ID an addr...

Page 582: ...efix from left to right 1 128 bits 128 The node host itself advertise The address range is advertised outside the ranges A summary LSA of type 3 is generated not advertise The address range is not advertised to the outside tag Keyword for tag value Value that is assigned to the aggregated routes 1 65535 cost Keyword for the costs value Costs for the OSPF interface 1 65535 For information on identi...

Page 583: ...tax Call up the command with the following parameters area Area ID range IPv6 Prefix Prefix Length advertise not advertise summary Type7 tag tag value The parameters have the following meaning Parameter Description Range of values note Area ID Area ID Specify the ID in the IPv4 address format x x x x 0 255 0 0 0 0 backbone area IPv6 Prefix IPv6 address Enter a valid IPv6 address Prefix Length Numb...

Page 584: ... on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The address range is configured Further notes You delete the address range with the no area range command You configure the area with the area command You can display the status of this function and other information with the show ipv6 ospf area range command 9 3 3 5 no area range De...

Page 585: ...ddress Prefix Length Number of bits belonging to the prefix from left to right 1 128 bits 128 The node host itself advertise The address range is advertised outside the rang es not advertise The address range is not advertised to the outside cost Keyword for the costs value Costs for the OSPF interface 1 65535 For information on identifiers of addresses and interfaces refer to the section Interfac...

Page 586: ...reaID summary prefix IPv6 Prefix Prefix Length allowAll denyAll advertise not advertise Translation enabled disabled The parameters have the following meaning Parameter Description Range of values note AreaID Area ID Specify the ID in the IPv4 address format x x x x 0 255 0 0 0 0 backbone area IPv6 Prefix IPv6 address enter a valid IPv6 address Prefix Length Number of bits belonging to the prefix ...

Page 587: ...P bit indicates to the NSSA ABR whether the LSA message of type 7 is translated to type 5 enabled P bit 1 LSA message is translated disabled P bit 0 LSA message is not translated For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The address range is configured Further notes You delete the address range with the no are...

Page 588: ... parameters have the following meaning Parameter Description Range of values note area id Area ID Specify the ID in the IPv4 address format x x x xx 0 255 0 0 0 0 backbone area router id Router ID of the virtual router in the transit area Specify the ID in the IPv4 address format x x x xx 0 255 hello interval Keyword for the interval at which Hello packets are sent over the virtual link seconds Le...

Page 589: ...ello interval The routers located on the same link must have the same interval Result The virtual link is created Further notes You delete the virtual link with the no area command You display information about the virtual links with the show ipv6 ospf virtual link command 9 3 3 8 ASBR Router Description With his command you specify that the router is an Autonomous System Boundary Router ASBR Note...

Page 590: ...y the status of this function and other information with the show ipv6 ospf command 9 3 3 9 no ASBR Router Description With this command you disable the autonomous system boundary router Note This command is available only with layer 3 Requirement You are in the OSPFv3 router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call the command without parameters no ASBR Ro...

Page 591: ...n the OSPFv3 router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call up the command with the following parameters distribute list route map name 20 in The parameters have the following meaning Parameter Description Range of values note route map Keyword for a route map name Name of the route map Maximum of 20 characters in Incoming routing information is fil tered ...

Page 592: ... in the OSPFv3 router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call up the command with the following parameters no distribute list route map name 20 in The parameters have the following meaning Parameter Description Range of values note route map Keyword for a route map name Name of the route map Maximum of 20 characters in Incoming routing information is fil t...

Page 593: ...all up the command with the following parameters host IPv6 Address metric cost area id AreaID The parameters have the following meaning Parameter Description Range of values note IPv6 Address IPv6 address prefix of the host Enter a valid IPv6 address metric Keyword for the metric of the external standard route cost Value of the metric area id Keyword for the area ID AreaID Area ID Specify the ID i...

Page 594: ...nt You are in the OSPFv3 router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call up the command with the following parameters no host IPv6 Address The parameter has the following meaning Parameter Description Range of values note IPv6 Address IPv6 address of the host Enter a valid IPv6 address For information on identifiers of addresses and interfaces refer to the ...

Page 595: ...router configuration mode The command prompt is as follows cli config ospfv3 Syntax Call the command without parameter assignment passive interface Result The configuration is active Further notes You disable the configuration with the no passive interface command You can display the status of this function and other information with the show ipv6 ospf interface command 9 3 3 15 no passive interfa...

Page 596: ...uration is active Further notes You enable the configuration with the passive interface command You can display the status of this function and other information with the show ipv6 ospf interface command 9 3 3 16 redist config Description With this command you configure the information for external routes The routes are further distributed with this information Note This command is available only ...

Page 597: ... value Keyword for the metric of the route metric Metric 1 16777215 metrictype Keyword for the connection costs asExttype1 External and internal costs asExttype2 External costs tag Keyword for tag tag value Value that is assigned to the aggregated routes 1 65535 For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The in...

Page 598: ...h the following parameters no redist config IPv6 Prefix Prefix Length The parameters have the following meaning Parameter Description Range of values note IPv6 Prefix IPv6 address Enter a valid IPv6 address Prefix Length Number of bits belonging to the prefix from left to right 1 128 bits 128 The node host itself For information on identifiers of addresses and interfaces refer to the section Inter...

Page 599: ...ribute static connected ripng bgp The parameters have the following meaning Parameter Description Range of values note static static routes connected connected routes ripng RIPv3 routes bgp BGP routes For information on identifiers of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The routes are specified that are distributed via OSPFv3 Further not...

Page 600: ...e command prompt is as follows cli config ospfv3 Syntax Call up the command with the following parameters no redistribute static connected ripng bgp The parameters have the following meaning Parameter Description Range of values note static static routes connected connected routes ripng RIPng routes bgp BGP routes Result The routes are specified that are not distributed via OSPFv3 Further notes Yo...

Page 601: ...eters router id IPv4 Address The parameter has the following meaning Parameter Description Range of values note IPv4 Address Router ID Specify the ID in the IPv4 address format x x x x x 0 255 Result The ID of the router is specified Further notes You display the router ID and other information with the show ipv6 ospf interface command 9 3 4 Commands in the Interface configuration mode This sectio...

Page 602: ...scription With this command you enable OSPFv3 on the interface The interface is assigned to an area Note This command is available only with layer 3 Requirement The interface is an IPv6 interface The router ID is configured OSPFv3 routing is activated You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ...

Page 603: ...you enable OSPFv3 on the interface Note This command is available only with layer 3 Requirement The interface is an IPv6 interface The router ID is configured OSPFv3 routing is activated You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 ospf Result The interface is removed from the area Further no...

Page 604: ...the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 ospf dead interval interval The parameter has the following meaning Parameter Description Range of values note interval Interval in seconds 1 65535 Default 40 The value must be four times the hello interval The routers located on the same link must have the ...

Page 605: ...nterface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 ospf dead interval Result The interval is reset Further notes You enable OSPFv3 routing with the ipv6 router ospf command You configure the interval with the no ipv6 ospf dead interval command You display the configuration with the show ip ospf interface command 9...

Page 606: ...llowing meaning Parameter Description Range of values note interval Interval in seconds 1 65535 Default 10 The routers located on the same link must have the same interval Result The interval is specified Further notes You enable OSPFv3 routing with the ipv6 router ospf command You reset the interval to the default with the no ipv6 ospf hello interval command You display the configuration with the...

Page 607: ...s reset Further notes You enable OSPFv3 routing with the ipv6 router ospf command You configure the interval with the ipv6 ospf hello interval command You display the configuration with the show ipv6 ospf interface command 9 3 4 7 ipv6 ospf metric Description With this command you specify the metric for OSPFv3 Note This command is available only with layer 3 Requirement The interface is an IPv6 in...

Page 608: ...ter ospf command You can reset the metric to the default with the no ipv6 ospf metric command You display the configuration with the show ipv6 ospf interface command 9 3 4 8 no ipv6 ospf metric Description With this command you reset the metric back to the default value Note This command is available only with layer 3 Requirement The interface is an IPv6 interface You are in the Interface configur...

Page 609: ... The router then does not send any hello packets on this interface and can also not establish a link via this interface Note This command is available only with layer 3 Requirement The interface is an IPv6 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment ipv6 ospf passive interface Result The O...

Page 610: ...mmand prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 ospf passive interface Result The OSPFv3 interface is enabled Further notes You enable OSPFv3 routing with the ipv6 router ospf command You deactivate the OSPFv3 interface with the ipv6 ospf passive interface command You display the configuration with the show ipv6 ospf interface command 9 3 4 11 ...

Page 611: ...ty priority The parameter has the following meaning Parameter Description Range of values note priority Priority 0 255 Default 1 Result The priority is specified Further notes You enable OSPFv3 routing with the ipv6 router ospf command You reset the priority to the default with the no ipv6 ospf priority command You display the configuration with the show ipv6 ospf interface command 9 3 4 12 no ipv...

Page 612: ...y is reset Further notes You enable OSPFv3 routing with the ipv6 router ospf command You configure the priority with the ipv6 ospf priority command You display the configuration with the show ipv6 ospf interface command 9 3 4 13 ipv6 ospf retransmit interval Description With this command you specify the time after which packets whose receipt was not confirmed are transferred again Note This comman...

Page 613: ... You enable OSPFv3 routing with the ipv6 router ospf command You reset the interval to the default with the no ipv6 ospf retransmit interval command You display the configuration with the show ipv6 ospf interface command 9 3 4 14 no ipv6 ospf retransmit interval Description With this command you reset the interval to the default value Note This command is available only with layer 3 Requirement Th...

Page 614: ...how ipv6 ospf interface command 9 3 4 15 ipv6 ospf transmit delay Description With this command you specify the time that a link state update packet requires for transmission Note This command is available only with layer 3 Requirement The interface is an IPv6 interface You are in the Interface configuration mode The command prompt is as follows cli config if Requirement The interface is an IPv6 i...

Page 615: ...e of values note Interval in seconds 1 1800 Default 1 Result The interval is specified Further notes You enable OSPFv3 routing with the ipv6 router ospf command You reset the interval to the default with the no ipv6 ospf transmit interval command You display the configuration with the show ipv6 ospf interface command 9 3 4 16 no ipv6 ospf transmit delay Description With this command you reset the ...

Page 616: ...G8976 C252 11 Syntax Call the command without parameter assignment no ipv6 ospf transmit delay Result The interval is reset Further notes You enable OSPFv3 routing with the ipv6 router ospf command You configure the interval with the ipv6 ospf transmit delay command You enable OSPFv3 routing with the ipv6 router ospf command ...

Page 617: ...perate a DHCP server on the devices of a VRRP group the DHCP server must be configured on the master router Backup routers do not react to DHCP queries Make sure that the master router is statically configured and that after a failure becomes the master of the VRRP group again 9 4 1 The show commands This section describes commands with which you display various settings 9 4 1 1 show vrrp Descript...

Page 618: ...he settings of the virtual router are displayed 9 4 1 2 show vrrp interface Description This command shows the settings of VRRP for the interface Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show vrrp interface vlan vlan id 1 4094 brief detail statistics The parameters h...

Page 619: ...ows cli or cli Syntax Call the command without parameter assignment show vrrp track Result The configured interface tracking is displayed 9 4 2 Commands in the Global Configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can b...

Page 620: ...yer 3 Requirement You are in the Global Configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment router vrrp Result Routing with VRRP is enabled You are now in the VRRP Router Configuration mode The command prompt is as follows cli config vrrp Further notes You disable routing with VRRP with the no router vrrp command 9 4 2 2 no router vrr...

Page 621: ...ommands that you can call up in the VRRP Router Configuration mode In the Global Configuration mode enter the router vrrp command to change to this mode If you exit the VRRP Router Configuration mode with the exit command you return to the Global Configuration mode If you exit the VRRP Router Configuration mode with the end command you return to the Privileged EXEC mode 9 4 3 1 interface Descripti...

Page 622: ...id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result You are in the VRRP Interface configuration mode The command prompt is as follows cli config vrrp if Further notes You exit the VRRP Interface configuration mode with the end or exit command You delete a VRRP interface with the no inter...

Page 623: ...nter a valid interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The VRRP interface is deleted Further notes You configure a VRRP interface with the interface command You display the status and the configuration of the VRRP interface with the show vrrp or show vrrp interface command 9 4 3 3 track interface Descripti...

Page 624: ...rface type Type of interface Specify a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The selected interface is monitored Further notes You delete an interface tracking with the no interface interface command You display the configured interface tracking...

Page 625: ...lan vlan id 1 4094 interface type interface id The parameters have the following meaning Parameter Description Range of values note group index ID of the interface tracking vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 interface type Type of interface Specify a valid interface interface id Module no and port no of the interface For information on names of addresses...

Page 626: ...ration mode The command prompt is as follows cli config vrrp Syntax Call up the command with the following parameters track group index links links to track 1 255 The parameters have the following meaning Parameter Description Range of values note group index ID of the interface tracking links to track Number of interfaces 1 255 Result The number of tracked interfaces is defined Further notes You ...

Page 627: ...pt is as follows cli config vrrp Syntax Call up the command with the following parameters no track group index links The parameter has the following meaning Parameter Description Range of values note group index ID of the interface tracking Result The number of tracked interfaces is deleted Further notes You configure the number of tracked interfaces with the track links command You display the co...

Page 628: ...ual addresses is enabled Further notes You disable the setting with the no vrrp virtual ping command You display the status of this function and other information in Privileged EXEC mode with the show vrrp command 9 4 3 8 no vrrp virtual ping Description With this command you disable pings to virtual addresses Requirement The Router configuration mode is enabed You are in the VRRP Router configura...

Page 629: ...faces of a VRID are monitored When the link of an interface changes from up to down the priority of all VRRP interfaces with the same VRID is reduced to the value 0 Note This command is available only with layer 3 Requirement You are in the VRRP Router configuration mode The command prompt is as follows cli config vrrp Syntax Call the command without parameter assignment vrrp vrid track Result VRI...

Page 630: ...parameter assignment no vrrp vrid track Result VRID tracking is disabled Further notes You enable VRID tracking with the vrrp vrid track command You display configured VRID trackings with the command show vrrp interface or show vrrp interface vrid with the parameter detail 9 4 4 Commands in the Interface Configuration mode This section describes commands that you can call up in the Interface confi...

Page 631: ... exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 9 4 4 1 vrrp associated ip Description With this command you specify which IPv4 addresses the virtual router monitors Note This command is available only with layer 3 Requirement You are in the VRRP Interface configuration mode The command prompt is as follows cli config vrrp if Syntax Call up the co...

Page 632: ... vrrp associated ip Description With this command you remove an IPv4 address from the virtual router Note This command is available only with layer 3 Requirement You are in the VRRP Interface configuration mode The command prompt is as follows cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 associated ip ip_addr The parameters have the following meani...

Page 633: ...m the virtual router Note This command is available only with layer 3 Requirement You are in the VRRP Interface configuration mode The command prompt is as follows cli config vrrp if Syntax Call up the command with the following parameters vrrp vrid 1 255 group shutdown The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result All...

Page 634: ... The command prompt is cli config vrrp if Syntax Call up the command with the following parameters vrrp vrid 1 255 preempt delay minimum value 0 30 The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 delay minimum Keyword for a period of time value Time after which the new Master router sends its VRRP packet 0 30 Result The funct...

Page 635: ... router You are in the VRRP Interface configuration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 preempt The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The function is disabled Further notes You configure a VRRP interface with the interface com...

Page 636: ...up the command with the following parameters vrrp vrid 1 255 primary ip ip_addr The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ip_addr Value for an IPv4 address Enter a valid IPv4 address For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The primary I...

Page 637: ...vrid 1 255 ipv4 ucast_addr secondary The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ucast_addr Value for an IPv4 unicast address Enter a valid IPv4 unicast ad dress secondary Secondary IP addresses For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The...

Page 638: ...irtual router You are in the VRRP Interface configuration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters vrrp vrid 1 255 priority priority 1 254 The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 priority Priority of the virtual router 1 254 Default 1 Result The priority of...

Page 639: ... Interface configuration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 priority The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The priority is reset Further notes You configure a VRRP interface with the interface command You create the priorit...

Page 640: ...ual router You are in the VRRP Interface configuration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters vrrp vrid 1 255 text authentication password The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 password Password Enter a password Maximum length 8 characters Result The au...

Page 641: ...You are in the VRRP Interface configuration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 text authentication The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The authentication is disabled Further notes You configure a VRRP interface with the int...

Page 642: ...mpt is cli config vrrp if Syntax Call up the command with the following parameters vrrp vrid 1 255 timer interval 1 255 secs The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 interval Time interval in seconds 1 255 Default 1 s Result The time interval is specified Further notes You configure a VRRP interface with the interface ...

Page 643: ...nfiguration mode The command prompt is cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 timer The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The time interval is reset Further notes You configure a VRRP interface with the interface command You enable routing with VRRP with t...

Page 644: ... parameters vrrp vrid 1 255 track group index decrement integer 1 254 The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 group index ID of the interface tracking integer Value by which priority of the VRRP inter face will be reduced 1 254 Result A VRRP interface is assigned to interface tracking The value by which the priority w...

Page 645: ...d prompt is as follows cli config vrrp if Syntax Call up the command with the following parameters no vrrp vrid 1 255 track The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The assignment and the value by which the priority will be reduced is defined are deleted Further notes You assign a VRRP interface to an interface tr...

Page 646: ...t possible VRRPv3 supports IPv4 and IPv6 Both can be configured and operated at the same time with VRRP3 VRRP and DHCP server If you want to operate a DHCP server on the devices of a VRRP group the DHCP server must be configured on the master router Backup routers do not react to DHCP queries Make sure that the master router is statically configured and that after a failure becomes the master of t...

Page 647: ...XEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show vrrp3 interface vlan vlan id 1 4094 VrId 1 255 brief detail statistics The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 VrId ID of the virtual router 1 255 brief shows br...

Page 648: ...The parameters have the following meaning Parameter Description Range of values note vlan Keyword for a VLAN connection VlanId Number of the addressed VLAN 1 4094 brief shows brief information on VRRP detail shows detailed information on VRRP statistics shows the statistics of the VRRP pro tocol For information on names of addresses and interfaces refer to the section Interface identifiers and add...

Page 649: ...terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 9 5 3 1 router vrrp3 Description With this command you enable routing with VRRPv3 and change to the VRRP3 Router configur...

Page 650: ...and You enable IPv6 routing with the ipv6 unicast routing command You configure an IPv6 address for the interface with the ipv6 address command 9 5 3 2 no router vrrp3 Description With this command you disable routing with VRRPv3 Note This command is available only with layer 3 Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command ...

Page 651: ... 5 4 1 interface Description With this command you decide the interface for which you want to assign parameters in the VRRP3 Router configuration mode There you can edit the settings for a VRRP3 interface You select the VRRP3 interface with the parameters of this command Note This command is available only with layer 3 Requirement You are in the VRRP3 Router configuration mode The command prompt i...

Page 652: ...erfaces with the show vrrp3 or show vrrp3 interface command 9 5 4 2 no interface Description With this command you delete a VRRP3 interface Note This command is available only with layer 3 Requirement You are in the VRRP3 Router configuration mode The command prompt is as follows cli config vrrp v3 Syntax Call up the command with the following parameters no interface vlan vlan id 1 4094 The parame...

Page 653: ...e interface changes back from down to up the original priority of the VRRP interface is restored Note This command is available only with layer 3 Requirement You are in the VRRP Router configuration mode The command prompt is as follows cli config vrrp v3 Syntax Call up the command with the following parameters track group index interface vlan vlan id 1 4094 interface type interface id The paramet...

Page 654: ...decrement With the track links command you configure how many of the monitored interfaces need to change their status before the priority of the assigned VRRP interface is changed 9 5 4 4 no track interface Description With this command you delete the tracking of interfaces Note This command is available only with layer 3 Requirement You are in the VRRP Router configuration mode The command prompt...

Page 655: ...e tracking with the track interface command You display the configured interface tracking with the show vrrp track command 9 5 4 5 track links Description With this command you define how many tracked interfaces need to change to the down status before the priority of the assigned VRRP interface is changed Note This command is available only with layer 3 Requirement You are in the VRRP Router conf...

Page 656: ...on With this command you delete the the number of tracked interfaces Note This command is available only with layer 3 Requirement You are in the VRRP Router configuration mode The command prompt is as follows cli config vrrp v3 Syntax Call up the command with the following parameters no track group index links The parameter has the following meaning Parameter Description Range of values note group...

Page 657: ...t parameter assignment vrrp virtual ping Result The ping function to virtual IPv4 addresses is enabled Further notes You disable the ping function for virtual IPv4 addresses with the no vrrp virtual ping command You display the status and the configuration of the VRRP3 interfaces with the show vrrp3 command 9 5 4 8 no vrrp virtual ping Description With this command you disable pings to virtual IPv...

Page 658: ...nd you enable VRID tracking When enabled all interfaces of a VRID are monitored When the link of an interface changes from up to down the priority of all VRRP interfaces with the same VRID is reduced to the value 0 Note This command is available only with layer 3 Requirement You are in the VRRP Router configuration mode The command prompt is as follows cli config vrrp v3 Syntax Call the command wi...

Page 659: ...t parameter assignment no vrrp vrid track Result VRID tracking is disabled Further notes You enable VRID tracking with the vrrp vrid track command You display configured VRID trackings with the command show vrrp3 or show vrrp3 interface with the parameter detail 9 5 5 Commands in the Interface Configuration mode This section describes commands that you can call up in the Interface configuration mo...

Page 660: ...dresses on the VRRP3 interface Note This command is available only with layer 3 Requirement An IP address is assigned to the virtual router You are in the VRRP3 Interface configuration mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters vrrp vrid 1 255 accept mode The parameter has the following meaning Parameter Description Range of...

Page 661: ...mpt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 accept mode The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The ping function to virtual IPv6 addresses is disabled Further notes You configure a VRRP3 interface with the interface command You assign IP add...

Page 662: ...ipv4 ip_addr ipv6 ip6_addr The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ipv4 Keyword for IPv4 address ip_addr IPv4 address Enter a valid IPv4 address ipv6 Keyword for IPv6 address ip6_addr IPv6 address Enter a valid IPv6 address For information on names of addresses and interfaces refer to the section Interface identifiers...

Page 663: ...lowing parameters no vrrp vrid 1 255 associated ip ipv4 ip_addr ipv6 ip6_addr The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ipv4 Keyword for IPv4 address ip_addr IPv4 address Enter a valid IPv4 address ipv6 Keyword for IPv6 address ip6_addr IPv6 address Enter a valid IPv6 address For information on names of addresses and in...

Page 664: ...ed to the virtual router You are in the VRRP3 Interface configuration mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters vrrp vrid 1 255 compatible mode The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The compatibility is enabled Further notes You enable r...

Page 665: ...ommand prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 compatible mode The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The compatibility is disabled Further notes You configure a VRRP3 interface with the interface command You assign IPv4 IPv6 addresse...

Page 666: ...tion mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters vrrp vrid 1 255 preempt The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 delay minimum Keyword for a period of time Result The function is enabled Further notes You assign IP addresses to a virtual router w...

Page 667: ...ual router You are in the VRRP3 Interface configuration mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 preempt The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The function is disabled Further notes You configure a VRRP3 interface wit...

Page 668: ...vrrp vrid 1 255 primary ip ipv4 ip_addr ipv6 ip6_addr The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ipv4 Keyword for IPv4 address ip_addr IPv4 address Enter a valid IPv4 address ipv6 Keyword for IPv6 address ip6_addr IPv6 address Enter a valid IPv6 address For information on names of addresses and interfaces refer to the se...

Page 669: ...y ip ipv4 ip_addr ipv6 ip6_addr The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 ipv4 Keyword for IPv4 address ip_addr IPv4 address Enter a valid IPv4 address ipv6 Keyword for IPv6 address ip6_addr IPv6 address Enter a valid IPv6 address For information on names of addresses and interfaces refer to the section Interface identi...

Page 670: ... virtual router You are in the VRRP3 Interface configuration mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters vrrp vrid 1 255 priority priority 1 254 The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 priority Priority of the virtual router 1 254 Default 1 Resul...

Page 671: ...RP3 Interface configuration mode The command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 priority The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The priority is reset Further notes You configure a VRRP3 interface with the interface command You ...

Page 672: ...llows cli config vrrp v3 if Syntax Call up the command with the following parameters vrrp vrid 1 255 timer interval 10 4095 centiseconds The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 interval Time interval in hundredths of seconds 10 4095 Default 10 Result The time interval is specified Further notes You configure a VRRP3 i...

Page 673: ...ws cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 timer interval 50 4095 centiseconds The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 interval Time interval in hundredths of seconds 50 4095 Result The time interval is reset Further notes You configure a VRRP3 interface with t...

Page 674: ...e following parameters vrrp vrid 1 255 track group index decrement integer 1 254 The parameters have the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 group index ID of the interface tracking integer Value by which priority of the VRRP inter face will be reduced 1 254 Result A VRRP interface is assigned to interface tracking The value by which the...

Page 675: ...e command prompt is as follows cli config vrrp v3 if Syntax Call up the command with the following parameters no vrrp vrid 1 255 track The parameter has the following meaning Parameter Description Range of values note vrid ID of the virtual router 1 255 Result The assignment and the value by which the priority will be reduced is defined are deleted Further notes You assign a VRRP interface to an i...

Page 676: ... The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ip rip database ip address mask statistic The parameters have the following meaning Parameter Description Range of values note database The information of the RIP database is displayed ip address The destination address of the route for which information is displayed Specify a valid IP addres...

Page 677: ...evant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again Note These commands are available only with layer 3 9 6 2 1 router rip Description With this command you enable the RIP protocol and change to the Router configuration mode Requirement You are in the Global configuration mode The command prompt is as follows cli config ...

Page 678: ...o router rip Result Routing with RIP is disabled Further notes You enable the RIP protocol with the router rip command 9 6 3 Commands in the RIPv2 Router configuration mode This section describes commands that you can call up in the RIPv2 Router configuration mode In the Global configuration mode enter the router rip command to change to this mode If you exit the RIPv2 Router configuration mode wi...

Page 679: ...rement You are in the RIPv2 Router configuration mode The command prompt is as follows cli config rip Syntax Call the command without parameter assignment auto summary Result Subnets are entered in the routing table summarized as class A B or C networks 9 6 3 2 no auto summary Description This command disables the automatic summarizing of routing information Requirement You are in the RIPv2 Router...

Page 680: ...it is not learnt by the neighbor routers Requirement You are in the RIPv2 Router configuration mode The command prompt is as follows cli config rip Syntax Call up the command with the following parameters distance dist 1 255 route map name 20 The parameters have the following meaning Parameter Description Range of values note dist The value for the administrative dis tance 1 255 Default 120 route ...

Page 681: ... note route map Keyword for a route map name Name of the route map Maximum of 20 characters Result The value for the administrative distance is reset Further notes You specify the administrative distance with the distance command 9 6 3 5 distribute list route map Description This command enables the filtering of the routing information according to a route map for incoming or outgoing routing info...

Page 682: ...ion This command disables the filtering of the routing information according to a route map for incoming or outgoing routing information Requirement You are in the RIPv2 Router configuration mode The command prompt is as follows cli config rip Syntax Call up the command with the following parameters no distribute list route map name 20 in out The parameters have the following meaning Parameter Des...

Page 683: ...lowing parameters network ip address The parameter has the following meaning Parameter Description Range of values note ip address The IP address for which RIP will be enabled Specify a valid IP address For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result RIP is enabled for the specified IP interface 9 6 3 8 no network Descrip...

Page 684: ...stribute Description This command specifies which route information is forwarded by RIP Requirement You are in the RIPv2 Router configuration mode The command prompt is as follows cli config rip Syntax Call up the command with the following parameters redistribute all default connected ospf static route map name 20 The parameters have the following meaning Parameter Description Range of values not...

Page 685: ...all default connected ospf static route map name 20 The parameters have the following meaning Parameter Description Range of values note all The forwarding of route information is disabled for all protocols default Default routes are not forwarded connected Route information of local subnets is not forwarded ospf No routes learned by OSPF are dis tributed static No static routes are forwarded rout...

Page 686: ...routing information corresponding to RIPv2 RFC 2453 is evaluated and sent Routing information is only dis tributed and received using mul ticasts 224 0 0 9 12 Only routing information corresponding to RIPv1 and RIPv2 is evaluated and sent Routing information is distributed and received using broadcasts and multicasts 224 0 0 9 Default setting none There is no processing of routing in formation usi...

Page 687: ...ge of values note milli seconds Delay in milliseconds 8 50 Result RIP updates are forwarded only after the set delay 9 6 4 Commands in the Interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change t...

Page 688: ... The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ip rip default route originate metric 1 15 The parameter has the following meaning Parameter Description Range of values note metric Value for the metric information 1 15 Result The default route is forwarded 9 6 4 2...

Page 689: ...9 6 4 3 ip rip receive version Description This command specifies the RIP version for incoming routing information Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ip rip receive version 1 2 12 none The parameters have the following meaning Parameter Des...

Page 690: ...P updates Updates according to RIPv1 and RIPv2 are received Requirement The interface is an IPv4 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no ip rip receive version Result All RIP updates are received 9 6 4 5 ip rip send version Description This command specifies the RIP version for outgoing routi...

Page 691: ... Only RIPv2 updates are sent 12 RIPv1 and RIPv2 updates are sent none No RIP updates are sent Result It has been specified which RIP version outgoing updates need to have 9 6 4 6 no ip rip send version Description This command specifies that there is no restriction relating to the version of outgoing RIP updates Updates according to RIPv1 and RIPv2 are sent Requirement The interface is an IPv4 int...

Page 692: ... not on the entire device RIPng uses the UDP port 521 and RIP the UDP port 520 9 7 1 The show commands This section describes commands with which you display various settings 9 7 1 1 show ipv6 rip Description This command shows the information of the RIP database Requirement Routing with RIPng is enabled You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows ...

Page 693: ... the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ipv6 rip filter Result The configured SNMP filters are displayed 9 7 1 3 show ipv6 rip peer table status Description This command shows the peer status information Requirement Routing with RIPng is enabled You are in the User EXEC mode or in the P...

Page 694: ...EC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ipv6 rip peer trig update interval Result The information is displayed 9 7 1 5 show ipv6 rip stats Description This command shows statistical information e g the number of updates Requirement Routing with RIPng is enabled You are in the User EXEC mode or in t...

Page 695: ...onfiguration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 9 7 2 1 ipv6 router rip Description With this command you enable RIPng routing on the device change to the Router configuration mode Note This command is available only with layer 3 IPv6 Requirement You are in the Global configur...

Page 696: ...lable only with layer 3 IPv6 Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment no ipv6 router rip Result Routing with RIPng is disabled Further notes You enable routing with RIP with the ipv6 router rip command You display the setting and other information with the show ipv6 rip command 9 7 3 Comman...

Page 697: ...n IPv6 and IPv6 routing is activated Note These commands are available only with layer 3 9 7 3 1 distance Description With this command you specify the administrative distance for the RIP protocol This value is taken into account if routing information is learned from different routing protocols The lowest value for the administrative distance 1 means the highest reliability of the routing informa...

Page 698: ...urther notes You reset the administrative distance to the default with the no distance command 9 7 3 2 no distance Description With this command you reset the administrative distance back to the default value Requirement You are in the RIPng router configuration mode The command prompt is as follows cli config ripng Syntax Call up the command with the following parameters no distance route map nam...

Page 699: ... available only with layer 3 Requirement You are in the RIPng router configuration mode The command prompt is as follows cli config ripng Syntax Call up the command with the following parameters distribute prefix ip6_addr in out The parameters have the following meaning Parameter Description Values ip6_addr IPv6 address enter a valid IPv6 address in Incoming routing information is filtered out Out...

Page 700: ... RIPng router configuration mode The command prompt is as follows cli config ripng Syntax Call up the command with the following parameters no distribute prefix ip6_add in out The parameters have the following meaning Parameter Description Values ip6_add IPv6 address Enter a valid IPv6 address in The filtering for incoming routing information is disabled out The filtering for outgoing routing info...

Page 701: ...up the command with the following parameters distribute list route map name 20 in out The parameters have the following meaning Parameter Description Range of values note name Name of the routing table Maximum of 20 characters in Incoming routing information is filtered out Outgoing routing information is filtered Result The filtering is enabled 9 7 3 6 no distribute list route map Description Thi...

Page 702: ... infor mation is disabled Result The filtering is disabled 9 7 3 7 redistribute Description With this command you specify which route information is forwarded by RIP Note This command is available only with layer 3 Requirement You are in the RIP router configuration mode The command prompt is as follows cli config ripng Syntax Call up the command with the following parameters redistribute static c...

Page 703: ...name Name of the route map Maximum of 20 characters Result The information forwarded by RIP has been specified Further notes You disable the forwarding with the no redistribute command You display the setting and other information with the show ipv6 rip command 9 7 3 8 no redistribute Description This command specifies which route information is not forwarded by RIP Note This command is available ...

Page 704: ...with the no redistribute metric command You display the setting and other information with the show ipv6 rip command 9 7 4 Commands in the Interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change t...

Page 705: ... an IPv6 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment ipv6 rip default information originate Result The function is enabled Further notes You disable the function with the no ipv6 rip default information originate command You display the IPv6 routing table with the show ipv6 route command 9...

Page 706: ...gnment no ipv6 rip default information Result The function is disabled Further notes You enable IPv6 with the ipv6 enable command You enable the function with the ipv6 rip default information originate command 9 7 4 3 ipv6 rip Description This command enables RIPng routing on the interface Requirement The interface is an IPv6 interface You are in the Interface configuration mode The command prompt...

Page 707: ...ce You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ipv6 rip Result RIPng routing is enabled Further notes You display this setting and other information with the show ipv6 rip command You enable RIP routing with the ipv6 rip command 9 7 4 5 ipv6 rip metric offset Description As default the metric inc...

Page 708: ... is an IPv6 interface You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ipv6 rip metric offset integer 1 15 The parameter has the following meaning Parameter Description Range of values note integer Metric offset 1 15 Default 1 Result The metric offset is configured ...

Page 709: ...omparison is continued until the filters of a route map match the properties of an item of information The information is then processed according to the route map settings The routing information is discarded The properties of the routing information are changed 9 8 1 show route map Description This command shows the configured route maps Requirement You are in the User EXEC mode or in the Privil...

Page 710: ... can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 9 8 2 1 route map Description With this command you create a route map and change to the Route maps configuration mode Note This command is available only with layer 3 Requirement You are in the Global configuration mode The command prompt is as ...

Page 711: ...has been created You are now in the Route maps configuration mode The command prompt is as follows cli config rmap Further notes You delete a route map with the no route map command You display the setting and other information with the show route map command 9 8 2 2 no route map Description With this command you delete a route map Note This command is available only with layer 3 Requirement You a...

Page 712: ...Route maps configuration mode This section describes commands that you can call up in the Route maps configuration mode In the global configuration mode enter the route map command to change to this mode If you exit the Route maps configuration mode with the exit command you return to the global configuration mode If you exit the Route maps Configuration mode with the end command you return to the...

Page 713: ...ich the filter ing is based Result The filter for the destination IPv4 address is created Further notes You delete the filter for the destination IPv4 address with the no match destination ip command You create a filter for the destination IPv6 address with the match destination ipv6 command You change to the Route maps configuration mode with the command route map You display the setting and othe...

Page 714: ... Result The filter for the destination IPv4 address is deleted Further notes You create a filter for the destination IPv4 address with the match destination ip command You create a filter for the destination IPv6 address with the match destination ipv6 command You change to the Route maps configuration mode with the command route map You display the setting and other information with the show rout...

Page 715: ...stination on which the filtering is based Result The filter for the destination IPv6 address is created Further notes You delete the filter for the destination IPv6 address with the no match destination ipv6 command You create a filter for the destination IPv4 address with the match destination ip command You change to the Route maps configuration mode with the command route map You display the se...

Page 716: ... which the filtering is based Result The filter for the destination IPv6 address is deleted Further notes You create a filter for the destination IPv6 address with the match destination ipv6 command You create a filter for the destination IPv4 address with the match destination ip command You change to the Route maps configuration mode with the command route map You display the setting and other i...

Page 717: ...odule no and port no of the interface Result The filter for the interface is created Further notes You delete the filter for the interface with the no match interface command You change to the Route maps configuration mode with the command route map You display the setting and other information with the show route map command 9 8 3 6 no match interface Description With this command you delete the ...

Page 718: ...e is deleted Further notes You create a filter for an interface with the match interface command You change to the Route maps configuration mode with the command route map You display the setting and other information with the show route map command 9 8 3 7 match metric Description With this command you specify whether or not the routing information for a route map is filtered based on the value o...

Page 719: ...ou change to the Route maps configuration mode with the command route map You display the setting and other information with the show route map command 9 8 3 8 no match metric Description With this command you delete the filter for the value of the metric Note This command is available only with layer 3 Requirement You are now in the Route maps configuration mode The command prompt is as follows c...

Page 720: ...a route map is filtered based on the type of the metric Note This command is available only with layer 3 Requirement You are now in the Route maps configuration mode The command prompt is as follows cli config rmap Syntax Call up the command with the following parameters match metric type inter area intra area type 1 external type 2 external The parameters have the following meaning Parameter Desc...

Page 721: ...rompt is as follows cli config rmap Syntax Call up the command with the following parameters no match metric type inter area intra area type 1 external type 2 external The parameters have the following meaning Parameter Description Range of values note inter area Routes learnt from different areas intra area Routes that originate from the same area type 1 external Routes whose path costs metric ar...

Page 722: ...fig rmap Syntax Call up the command with the following parameters match next hop ip next hop Ip address The parameter has the following meaning Parameter Description Range of values note next hop Ip address IPv4 address Enter the IPv4 address of the router to which the routing infor mation will be sent next Result The filter for the next router IPv4 is created Further notes You delete the filter f...

Page 723: ...he following parameters no match next hop ip next hop Ip address The parameter has the following meaning Parameter Description Range of values note next hop Ip address IPv4 address Enter the IPv4 address of the router to which the routing infor mation will be sent next Result The filter for the next router IPv4 is deleted Further notes You create a filter for the next router IPv4 with the match ne...

Page 724: ...g rmap Syntax Call up the command with the following parameters match next hop ipv6 next hop IPv6 address The parameter has the following meaning Parameter Description Range of values note next hop Ipv6 ad dress IPv6 address Enter the IPv6 address of the router to which the routing infor mation will be sent next Result The filter for the next router IPv6 is created Further notes You delete the fil...

Page 725: ... following parameters no match next hop ipv6 next hop IPv6 address The parameter has the following meaning Parameter Description Range of values note next hop Ipv6 ad dress IPv6 address Enter the IPv6 address of the router to which the routing infor mation will be sent next Result The filter for the next router IPv6 is deleted Further notes You create a filter for the next router IPv6 with the mat...

Page 726: ... The command prompt is as follows cli config rmap Syntax Call up the command with the following parameters match route type local remote The parameters have the following meaning Parameter Description Range of values note local Directly connected routes local interfaces remote Learnt or statically configured routes Result The filter for the type of the route is created Further notes You delete the...

Page 727: ...llows cli config rmap Syntax Call up the command with the following parameters no match route type local remote The parameters have the following meaning Parameter Description Range of values note local Directly connected routes local interfaces remote Learnt or statically configured routes Result The filter for the type of the route is deleted Further notes You create a filter for the type of the...

Page 728: ...nfiguration mode The command prompt is as follows cli config rmap Syntax Call up the command with the following parameters match tag value 1 0xffffff The parameter has the following meaning Parameter Description Range of values note value Value of the tag 1 0xffffff You can enter the value in decimal or hexadecimal Result The filter for a tag is created Further notes You delete the filter for a ta...

Page 729: ...prompt is as follows cli config rmap Syntax Call up the command with the following parameters no match tag value 1 0xffffff The parameter has the following meaning Parameter Description Range of values note value Value of the tag 1 0xffffff You can enter the value in decimal or hexadecimal Result The filter for a tag is deleted Further notes You create the filter for a tag with the match tag comma...

Page 730: ...and with the following parameters set metric value 0 0xffffff The parameter has the following meaning Parameter Description Range of values note value Value of the metric 0 0xffffff Enter the new value for the metric with which the routing information will be forwarded You can enter the value in decimal or hexadecimal Result The routing information is forwarded with a changed metric Further notes ...

Page 731: ...mpt is as follows cli config rmap Syntax Call the command without parameter assignment no set metric Result The metric of the routing information is not changed Further notes You define the setting that the metric of the routing information is changed with the set metric command You change to the Route maps configuration mode with the command route map You display the setting and other information...

Page 732: ... routing infor mation will be forwarded You can enter the value in decimal or hexadecimal Result The routing information is forwarded with a changed tag Further notes You delete the setting that the tag of the routing information is changed with the no set tag command You change to the Route maps configuration mode with the command route map You display the setting and other information with the s...

Page 733: ...with the following parameters no set tag Result The tag of the routing information is not changed Further notes You define the setting that the tag of the routing information is changed with the set tag command You change to the Route maps configuration mode with the command route map You display the setting and other information with the show route map command ...

Page 734: ...always adapted Depending on the perspective the IP address of the communications node is identified as Local or Global Perspective Local Global Position Inside An actual IP address that is as signed to a device in the internal network This address cannot be reached from the external net work An IP address at which an internal device can be reached from the external network Outside An actual IP add...

Page 735: ...internal device is also stored in the translation list of the NAT device and translated for the external address If several internal devices send a query to the same external destination IP address via the NAT device the NAT device enters its own external source IP address in the header of these forwarded frames Since the forwarded frames have the same external source IP address the NAT device ass...

Page 736: ...ation mode You delete the periods of time with the ip nat timeout command You can reset the time periods to the default with the ip nat timeout command 9 9 1 2 show ip nat service Description This command shows static port translations NAPT for an interface with a service Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Cal...

Page 737: ...rameter assignment show ip nat service portrange Result The selected service start and end port of an interface are displayed Further notes You configure static port translations for an interface with a port range with the ip nat service portrange command You delete a configuration with the no ip nat service portrange command 9 9 1 4 show ip nat summary Description This command shows the NAT NAPT ...

Page 738: ...d IP interface with the no ip nat napt command in the Interface configuration mode 9 9 1 5 show ip nat Description This command shows address translations or active connections depending on the selected parameter Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show ip nat i...

Page 739: ...ivileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 9 9 2 1 ip nat Description With this command you enable NAT NAPT for the entire de...

Page 740: ...ws cli config Syntax Call the command without parameters no ip nat Result NAT NAPT is disabled globally for the entire device Further notes You enable NAT NAPT for the entire device with the ip nat command You display the current configuration with the command 9 9 2 3 ip nat timeout Description With this command you define periods of time after which existing connections are deleted if there is no...

Page 741: ...e time in seconds For the parameter idle 60 86400 For the parameter udp 300 86400 tcp Keyword for the time after which a TCP connection is deleted udp Keyword for the time after which a UDP connection is deleted Result The time periods are defined Further notes You can reset the time periods to the default with the ip nat timeout command You display the current configuration with the command 9 9 2...

Page 742: ...and You display the current configuration with the command 9 9 3 Commands in the Interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be ...

Page 743: ...d IP interface with the no ip nat command You display the current configuration with the show ip nat summary command 9 9 3 2 no ip nat Description With this command you disable NAT for the selected IP interface Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ip nat Result NAT is deactivat...

Page 744: ... the command without parameter assignment ip nat napt Result NAPT is activated for the selected IP interface Further notes You disable NAPT for the selected IP interface with the no ip nat napt command You display the current configuration with the show ip nat summary command 9 9 3 4 no ip nat napt Description With this command you disable NAPT for the selected IP interface Requirement You are in ...

Page 745: ...d to it dynamically Using this inside global address the device can be reached from the external network until the timer of the connection elapses Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters ip nat pool inside global ip mask The parameters have the following meaning Parameter Descrip...

Page 746: ...e parameter has the following meaning Parameter Description Range of values note inside global ip Start address for the dynamic assign ment of addresses at which devices are reachable from external Enter a valid IPv4 address Result A pool is deleted Further notes You configure a dynamic address translation with the ip nat pool command You display the current configuration with the show ip nat comm...

Page 747: ...l port number Port that will be assigned to the inside local address If you do not specify any ports the port that you assign for the inside global port number parameter will be en tered Service Service for which the port transla tion is valid auth dns ftp pop3 pptp smtp telnet http nntp snmp other inside global port number Port that will be assigned to the inside global address If you have select...

Page 748: ...s no ip nat service inside local ip inside local port number tcp udp any all The parameters have the following meaning Parameter Description Range of values note inside local ip Actual address of the device that is reachable from external Enter a valid IPv4 address inside local port number Port that is assigned to the inside local address Protocol Protocol for which the port trans lation is valid ...

Page 749: ...address of the device that should be reachable from external Enter a valid IPv4 address Protocol Protocol for which the port translation is valid tcp udp any inside local start port no Start port that will be assigned to the inside local address The port range you define will also be used for the port of the inside global address A port range can only be translated to the same port range inside lo...

Page 750: ...lowing meaning Parameter Description Range of values note inside local ip Actual address of the device that is reachable from external Enter a valid IPv4 address Protocol Protocol for which the port translation is valid tcp udp any inside local start port no Start port that is assigned to the inside local address inside local end port no End port that is assigned to the inside local address Result...

Page 751: ... command prompt is as follows cli config if Syntax Call up the command with the following parameters ip nat static inside local ip inside global ip The parameters have the following meaning Parameter Description Range of values note inside local ip Actual address of the device that should be reachable from external Enter a valid IPv4 address inside global ip Address at which the device will be rea...

Page 752: ...ast PIM allows the dynamic routing of multicast packets regardless of the routing protocol such as OSPFv2 or static routing IPv4 PIM expands the routing information of the unicast routing protocol active on the router with additional information for multicast operation Requirements for PIM IGMP is enabled on all routers of the routing topology PIM is enabled on all routers of the routing topology ...

Page 753: ... multicast to the connected router The router sends this information to the rendezvous point The recipient sends an IGPM Join to its IGMP querier and designated router The DR forwards the request to the RP Based on the routing table the shortest path is selected for the multicast 9 10 1 The show commands This section describes commands with which you display various settings 9 10 1 1 show ip pim r...

Page 754: ...mask Subnet mask that restricts the multicast band If no parameters are specified the RPs of all multicast groups are displayed Result The current rendezvous point of the multicast group is displayed Further notes You define interfaces as candidates for rendezvous points with the command rp candidate rp address You configure a device as a static rendezvous point with the ip pim static rp command Y...

Page 755: ...o parameters are specified the settings for all interfaces are displayed Result Detailed settings for PIM are displayed Further notes You enable PIM globally on the device with the ip pim routing command You assign an interface to PIM with the ip pim command 9 10 1 3 show ip pim neighbor Description With this command you display the PIM neighborhood table Requirement You are in the User EXEC mode ...

Page 756: ...ing command 9 10 1 4 show ip pim rp candidate Description With this command you display the interfaces of the device that are candidates for rendezvous points Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ip pim rp candidate Result The interfaces of the device that are c...

Page 757: ...The multicast groups with rendezvous points belonging to them are displayed Further notes You define interfaces as candidates for rendezvous points with the command rp candidate rp address You configure a device as a static rendezvous point with the ip pim static rp command You specify the interfaces for static rendezvous points with the rp static rp address command 9 10 1 6 show ip pim bsr Descri...

Page 758: ...nts of the device Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show ip pim rp static Result The static rendezvous points of the device are displayed Further notes You specify the interfaces for static rendezvous points with the rp static rp address command 9 10 1 8 show ip p...

Page 759: ...ace RPF checks whether the shortest path to the multicast source is via this interface If this condition is met the router forwards the packet to all multicast nodes If the condition is not met it discards the packet With this command you display the RPF settings for a multicast packet Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or ...

Page 760: ... ip pim mroute proxy group address source address summary The parameters have the following meaning Parameter Description Range of values note proxy Shows the proxy table group address Address of the multicast group source address Source IP address of the multicast packet Enter a valid IPv4 multicast ad dress summary Shows a summary of the entries Result The current PIM routing table is displayed ...

Page 761: ... parameters are specified the settings for all interfaces are displayed Result The counters of the interface are reset 9 10 3 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Gl...

Page 762: ... detailed settings for PIM with the show ip pim interface detail command 9 10 3 2 no ip pim routing Description With this command you disable PIM globally on the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip pim routing Result PIM is disabled on all interfaces of the device Further notes You ...

Page 763: ...config Syntax Call the command without parameter assignment router pim Result You are now in the PIM configuration mode The command prompt is as follows cli router pim Further notes You enable PIM globally on the device with the ip pim routing command 9 10 3 4 ip pim static rp Description With this command you configure the device as a static rendezvous point Requirement You are in the Global conf...

Page 764: ...tatic command 9 10 3 5 no ip pim static rp Description With this command you delete the configuration of the device as a static rendezvous point Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no ip pim static rp Result The device is not a static rendezvous point Further notes You configure the device as a ...

Page 765: ...onfiguration mode If you exit the PIM configuration mode with the end command you return to the Privileged EXEC mode Requirement The commands are available if the following requirements are met The device supports the routing function The routing function is enabled 9 10 4 1 rp candidate rp address Description With this command you specify which interfaces will be candidates for the rendezvous poi...

Page 766: ...come RP Priority Priority of the interface 0 255 Default 192 Result The interface is a candidate for the rendezvous point Further notes You delete RP candidates with the no rp candidate rp address command You display the interface candidates for rendezvous points with the show ip pim rp candidate command 9 10 4 2 no rp candidate rp address Description With this command you delete RP candidates Req...

Page 767: ...s point Further notes You define interface candidates for the rendezvous point RP with the rp candidate rp address command You display the interface candidates for rendezvous points with the show ip pim rp candidate command 9 10 4 3 rp static rp address Description With this command you specify which interfaces will become static rendezvous points Configure the static RP on all devices of the PIM ...

Page 768: ...vous point Further notes You delete the static RPs with the no rp static rp address command You display the static rendezvous points with the show ip pim rp static command 9 10 4 4 no rp static rp address Description With this command you delete static rendezvous points Requirement You are in the PIM configuration mode The command prompt is as follows cli router pim Syntax Call up the command with...

Page 769: ...onfiguration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privilege...

Page 770: ...didate for the bootstrap router Further notes You delete BSR candidates with the no ip pim bsr candidate command You can display information about the selected bootstrap router with the show ip pim bsr command 9 10 5 2 no ip pim bsr candidate Description With this command you delete BSR candidates Requirement The interface is not a router port You are in the Interface configuration mode The comman...

Page 771: ...ith the show ip pim bsr command 9 10 5 3 ip pim Description With this command you assign an interface to PIM Requirement The interface is not a router port You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment ip pim Result The interface is assigned to PIM Further notes You delete the assignment with the no i...

Page 772: ...of the interface to PIM is deleted Further notes You assign an interface to PIM with the ip pim command 9 10 5 5 ip pim dr priority Description With this command you specify which interfaces will be candidates for the designated router DR The DR forwards the IGMP Joins to the rendezvous point Requirement The interface is not a router port The DR is also the IGMP querier You are in the Interface co...

Page 773: ...idates with the no ip pim dr priority command You display with the show ip pim interface command 9 10 5 6 no ip pim dr priority Description With this command you delete DR candidates Requirement The interface is not a router port You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameter assignment no ip pim dr priority Resu...

Page 774: ...Layer 3 functions 9 10 PIM IPv4 SCALANCE XM 400 XR 500 Command Line Interface CLI 774 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 775: ...tings 10 1 1 1 show rate limit output Description This command shows the packet rate for limiting the outgoing data stream of one or all interfaces Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show rate limit output interface interface type interface id The parameters ha...

Page 776: ... sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end ...

Page 777: ...imitation of the outgoing data stream of the interface with the data rate is enabled Further notes You disable the function with the no rate limit output command 10 1 2 2 no rate limit output Description With this command you disable the data rate for limiting the outgoing data stream of the interface Requirement You are in the Interface configuration mode The command prompt is as follows cli conf...

Page 778: ...s cli config if Syntax Call up the command with the following parameters storm control broadcast multicast dlf The parameters have the following meaning Parameter Description broadcast Limits broadcast packets multicast Limits multicast packets dlf Limits unicast packets with unresolvable addresses dfl destination lookup fail As default the function is disabled for all transfer types Note Configur...

Page 779: ... or unknown unicast packets Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters no storm control broadcast multicast dlf The parameters have the following meaning Parameter Description broadcast Disables broadcast storm control multicast Disables multicast storm control dlf Disables unknown ...

Page 780: ...cription Range of values note rate value Value for the in data rate in Kbps The value range depends on the port speed The entry is rounded down to the next valid value If small values are entered the value is rounded up to the next valid value Default The data rate is set to 0 The incoming data stream is not lim ited Result The value for the storm control function is configured Further notes You c...

Page 781: ...ds for filtering data packet on an interface 10 2 1 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the...

Page 782: ... vlan Keyword for a VLAN connection vlan id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The static multicast MAC address is configured Further notes You delete the static multicast MAC address with the no mac address table static multicast command 10 2 1 2 mac address table static m...

Page 783: ...interface description interface type Type of interface Enter a valid interface 0 a b 0 c Module no and port no of the interface port channel Specifies the name of a port channel 1 8 forbidden ports Keyword for the interface description of the blocked ports For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The entry in the f...

Page 784: ...tion vlan id Number of the addressed VLAN 1 4094 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The entry is deleted from the forwarding database Further notes With the show mac address table static multicast command you display the list of configured entries With the mac address table static multicast command you create...

Page 785: ...speed of the interface Enter a valid interface interface id Module no and port no of the interface port channel Keyword for a port channel connection Enter a valid port channel connec tion interface list Number of the addressed port channel For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The entry in the forwarding databa...

Page 786: ... the mac address table static unicast command you create an entry 10 2 2 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that...

Page 787: ...gress filter is activated Further notes You disable the filter with the no switchport ingress filter command You can display the status of the ingress filter and other settings with the show vlan port config command 10 2 2 2 no switchport ingress filter Description With this command you disable the ingress filter Requirement You are in the Interface configuration mode The command prompt is as foll...

Page 788: ...ries is configured in a MAC address list 10 3 1 The show commands This section describes commands with which you display various settings 10 3 1 1 show mac address table aging time Description To ensure that the address entries are up to date MAC addresses are only kept in the address table for a specified time This command shows the time after which the MAC addresses are removed from the address ...

Page 789: ... 3 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit...

Page 790: ...red Further notes You can reset the setting to the default with the no mac address table aging time command You display the setting with the show mac address table aging time command 10 3 2 2 no mac address table aging time Description With this command you reset the value for the aging of a dynamically learned entry in the MAC address list to the default value The default value is 40 s Requiremen...

Page 791: ...the MAC address list that was learned dynamically is deleted again after a certain time Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters mac address table aging Result The Aging function is enabled Further notes You configure the time with the mac address table aging time command You disable the Aging functi...

Page 792: ...flow it sends a signal to the connection partner If the flow control function receives a signal at the sending end it stops the data transmission to avoid loss of data This section describes commands of the flow control function 10 4 1 The show commands This section describes commands with which you display various settings 10 4 1 1 show flow control Description This command shows the settings of ...

Page 793: ...e interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Gl...

Page 794: ...can display the status of this function with the show flow control command 10 5 Service classes This section describes commands for configuring the assignment tables for service classes and the Differentiated Services Code Point DSCP 10 5 1 The show commands This section describes commands with which you display various settings 10 5 1 1 show qos cos map Description This command shows the assignme...

Page 795: ...ues Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show qos dscp map Result The assignment table of DSCP priorities to queues is displayed Further notes You configure the assignment of the DSCP priority to a queue with the dscp map command 10 5 1 3 show qos trust mode Description This c...

Page 796: ...EC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 10 5 2 1 qos Description With this command you change to the QOS configuration mode Requireme...

Page 797: ...e Privileged EXEC mode 10 5 3 1 cos map Description In a network each data stream is assigned a service class that decides its priority In special situations it may be necessary to change this priority This change is made using a table in which the service classes are assigned to another queue With this command you configure the assignment table for service classes With queues 1 6 frames with a lo...

Page 798: ...ent table for service classes is configured 10 5 3 2 dscp map Description In a network each IP packet is assigned a DSCP code that decides its priority In special situations it may be necessary to change this priority This change is made using a table in which the DSCP codes are assigned to another queue With this command you configure the assignment table for DSCP codes With queues 1 6 frames wit...

Page 799: ...ues as follows DSCP codes 0 7 Queue 2 DSCP codes 8 15 Queue 1 DSCP codes 16 23 Queue 3 DSCP codes 24 31 Queue 4 DSCP codes 32 39 Queue 5 DSCP codes 40 47 Queue 6 DSCP codes 48 55 Queue 7 DSCP codes 56 63 Queue 8 Result The assignment table for DSCP codes is configured 10 5 3 3 qos trust mode Description With this command you can set the method according to which packets to be forwarded are priorit...

Page 800: ...s not contain a VLAN tag it is forwarded with the prioritiza tion of the receiving port dscp If an incoming packet contains a DSCP prioritization it is forwarded with this prioritization If there is a VLAN tag this is ignored If the packet does not contain DSCP prioritization it is forwarded with the prioritization of the receiving port cos dscp With an incoming packet there is a sequential check ...

Page 801: ... configuration of a device to TIA the configured users roles and groups are not transferred 11 1 1 The show commands This section describes commands with which you display various settings 11 1 1 1 show password policy Description This command shows which password policy is currently being used Requirement You are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call the com...

Page 802: ... The command prompt is as follows cli Syntax Call the command without parameters show roles Result The created roles are shown Further notes You create a role with the role command You delete a role with the no role command 11 1 1 3 show user accounts Description This command shows the created users Requirement You are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call up...

Page 803: ...e External User Accounts with the user account command You link a user created on an external server with a role on the device in the table External User Accounts with the user account ext command You delete a local user and the corresponding entry in the table External User Accounts with the no user account command You delete a link in the table External User Accounts with the no user account ext...

Page 804: ... shows the logged in CLI users Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show users Result The logged in CLI users are displayed 11 1 2 change password Description With this command you change the password of the logged in user Requirement You are logged into the device with a loca...

Page 805: ...hows which password policy is currently being used Result The password is changed Note Changing the password in Trial mode Even if you change the password in Trial mode this change is saved immediately Further notes You create a user with the user account command You delete a user with the no user account command You show the created users with the show user accounts command You configure the pass...

Page 806: ...ion mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 11 1 4 1 password policy Description With this command you specify which password policy will be used when assigning new passwords Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Cal...

Page 807: ...rompt is as follows cli config Syntax Call up the command with the following parameters role role name function rights function rights value 1 15 description role description The parameters have the following meaning Parameter Description Range of values note role name Role name Enter a name for the role The name must meet the following conditions It must be unique It must be between 1 and 64 char...

Page 808: ...reating a role the name of the role can no longer be changed If a name of a role needs to be changed the role must be deleted and a new role created Note Function rights changeable with restrictions You can only change the function rights of a role when the role is no longer linked to a user Further notes You delete a role with the no role command You show the created roles with the show roles com...

Page 809: ...tes You create a role with the role command You show the created roles with the show roles command 11 1 4 4 user account Description With this command you specify a new user You can also change the password role description of an already created user When you create a local user an entry is generated automatically in the table External User Accounts Requirement You are in the Global configuration ...

Page 810: ... characters at least 1 uppercase letter at least 1 special character at least 1 number role Keyword for a role user role Role Enter a role You can choose between system defined and self defined roles description Keyword for the description user description Content of the description Enter a description for the user account The description text can be up to 100 characters long Result The user has b...

Page 811: ...ing Parameter Description Range of values note user name User name Enter a valid user name Result The user has been deleted Further notes You create a user with the user account command You show the created users with the show user accounts command 11 1 4 6 user account ext Description With this command you link a user with a role in the table External User Accounts The user is defined on RADIUS s...

Page 812: ...e user account ext Keyword for a user in the table External User Accounts user name ext User name Enter the name for the user The name must meet the following conditions It must be unique It must be between 1 and 250 charac ters long role Keyword for the role name user role ext Role name Enter a role You can choose between system defined and self defined roles description Keyword for the descripti...

Page 813: ...ment You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no user account ext user name ext The parameter has the following meaning Parameter Description Range of values note user name ext User name Enter the name of a user Result The link in the table External User Accounts has been deleted Further notes You ...

Page 814: ...roup The name must match the group on the RADIUS server The name must meet the following condi tions It must be unique It must be between 1 and 64 charac ters long role Keyword for the role name role name Role name Enter a role name Users who are author ized with the linked group on the RADIUS server receive the rights of this role local ly on the device You can choose between system defined and s...

Page 815: ...command with the following parameters no user group user group name The parameter has the following meaning Parameter Description Range of values note user group name Group name Enter the name of a group Result The link is deleted Further notes You link a group with a role with the user group command You show the created links with the show user groups command 11 1 4 10 username Description With t...

Page 816: ...ord Enter the password The strength of the password depends on the set password policy low Password length at least 6 characters high The password must meet the following conditions Password length at least 8 char acters at least 1 uppercase letter at least 1 special character at least 1 number Result The password is changed Note Changing the password in Trial mode Even if you change the password ...

Page 817: ...or the configuration of this service 11 2 1 The show commands This section describes commands with which you display various settings 11 2 1 1 show radius statistics Description This command shows the connection statistics from the RADIUS client to the RADIUS server Requirement You are in the Privileged EXEC mode The command prompt is as follows cli Syntax Call the command without parameters show ...

Page 818: ...are displayed Result The RADIUS server configuration is displayed 11 2 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant ...

Page 819: ...sent radius fallback local The authentication must be handled via a RADIUS server A local authentication is performed only when the RADIUS server cannot be reached in the network Result The authentication is made according to the selected parameter Further notes You disable the authentication via a RADIUS server with the no login authentication command You can display the status of this function a...

Page 820: ...tication Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters radius authorization mode standard vendor specific The parameters have the following meaning Parameter Description Range of values note standard In this mode the user is logged in with administrator rights if the server returns the value...

Page 821: ...in dot1x login dot1x test The parameters have the following meaning Parameter Description Range of values note ipv4 Keyword for an IPv4 address ipv4 address IPv4 address of the RADIUS server Enter a valid IPv4 address fqdn name Keyword for a domain name FQDN Domain name Fully Qualified Domain Name Maximum of 100 characters ipv6 Keyword for an IPv6 address ipv6 address IPv6 address of the RADIUS se...

Page 822: ...n procedures Default setting test Tests whether or not the specified RADIUS server is available At the same time you can create a new RADIUS server and run the test For information on addresses and interfaces refer to the section Addresses and interface names Page 42 If optional parameters are not specified when configuring the default values apply Note Primary server In a network only one RADIUS ...

Page 823: ...y Qualified Domain Name Maximum of 100 characters ipv6 Keyword for an IPv6 address ipv6 address IPv6 address of the RADIUS server Enter a valid IPv6 address primary Identifies the RADIUS server as prima ry server For information on addresses and interfaces refer to the section Addresses and interface names Page 42 Result The entry for a connection between the RADIUS client and a server or the iden...

Page 824: ...ts Access Control List Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show access lists ip mac access list number 1 128 The parameters have the following meaning Parameter Description Range of values note ip Selects IP based access lists IP ACL mac Selects MAC based access...

Page 825: ...nter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the configuration is displayed for all available interfaces Result The access control list of the selected IP interface is displayed 11 3 2 Commands...

Page 826: ...xtended access list number 1 128 The parameter has the following meaning Parameter Description Range of values note access list number Number of the access control list 1 128 Result A MAC access control list has been generated You are now in the MAC ACL configuration mode The command prompt is as follows cli config ext macl Further notes You delete the MAC access control list with the no mac acces...

Page 827: ...nfiguration of the access control list with the show access lists command 11 3 3 Commands in the interface configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other top...

Page 828: ...Description Range of values note access list number Number of the access control list 1 128 in Specifies that incoming packets are filtered out Specifies that outgoing packets are filtered Result The packets are filtered according to the access control list ACL Further notes You disable the setting with the no mac access group command You display the statistical data of the access control list wit...

Page 829: ... Further notes You enable the setting with the mac access group command You display the configuration of the access control list with the show access lists command 11 3 4 Commands in the MAC ACL configuration mode This section describes commands that you can call up in the MAC ACL configuration mode In the Global configuration mode enter the mac access list extended command to change to this mode ...

Page 830: ...d with the following parameters permit any host src mac address any host dest mac address The parameters have the following meaning Parameter Description Range of values note any Keyword for all host Keyword for the MAC address of an incoming connection that is permitted src mac address MAC address of the permitted incom ing connection Specify a valid MAC address any Keyword for all host Keyword f...

Page 831: ...ic is locked The access control list contains only one entry If you want to lock or permit further addresses create a new access control list Note Processing order of the lists The access control lists are processed on the interface in the order in which they were created The index number of the access control list is not used for this Requirement You are in the MAC ACL configuration mode The comm...

Page 832: ... MAC address For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Note MAC address input Use any if the rule is to apply to all src and or dest MAC addresses This corresponds to the MAC address 00 00 00 00 00 00 Result The MAC access control list is configured Further notes You exit the MAC ACL configuration mode with the exit comman...

Page 833: ...gs 11 4 1 1 show access lists Description This command shows the configuration of the access control lists Access Control List Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show access lists ip mac access list number 1 128 The parameters have the following meaning Paramet...

Page 834: ...Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameter from the parameter list the configuration is displayed for all available interfaces Result The access control list of the selected IP interf...

Page 835: ...128 The parameters have the following meaning Parameter Description Range of values note standard Specifies that a standard access con trol list is generated access list number Number of the standard access control list 1 128 Result The access control list has been generated You are in the ACL Standard configuration mode The command prompt is cli config std nacl Further notes You delete the IP acc...

Page 836: ...deleted Further notes You generate an IP access control list with the ip access list command You display the configuration of the access control list with the show access lists command 11 4 3 Commands in the Interface Configuration mode This section describes commands that you can call up in the interface configuration mode Depending on the Interface selected various command sets are available In ...

Page 837: ...itch port a router port or a VLAN The command prompt is as follows With a switch port cli config if Gi cli config if Ex With a router port cli config RPort Gi With a VLAN cli config if vlan Syntax Call up the command with the following parameters ip access group access list number 1 128 in out The parameters have the following meaning Parameter Description Range of values note access list number N...

Page 838: ... interface Requirement You are in the Interface Configuration mode of a switch port a router port or a VLAN The command prompt is as follows With a switch port cli config if Gi cli config if Ex With a router port cli config RPort Gi With a VLAN cli config if vlan Syntax Call up the command with the following parameters no ip access group access list number 1 128 in out The parameters have the foll...

Page 839: ...CL with the specified number does not exist an ACL with the corresponding number is created Note You can display existing access control lists with the show access lists command If you exit the ACL standard configuration mode with the exit command you return to the Global configuration mode If you exit the ACL standard configuration mode with the end command you return to the Privileged EXEC mode ...

Page 840: ...ask dscp value 0 63 or permit any host src ip network src ip mask any host dest ip network dest ip mask The parameters have the following meaning Parameter Description Range of values note any Allows all protocols ospf Forwarding of OSPF frames vrrp Forwarding of VRRP frames protocol type Keyword for the protocol type type Protocol type 1 255 any Allows all incoming frames host Keyword for a singl...

Page 841: ...ubnet mask 255 255 255 255 As an alternative you can specify the keyword host followed by the IP address Further notes You delete an IP access control list with the no ip access list standard acl num command You display the configuration of the access control list with the show access lists command 11 4 4 2 deny Description With this command you configure an IP access control list The IP ACL conta...

Page 842: ...sk dscp value 0 63 or deny any host src ip network src ip mask any host dest ip network dest ip mask The parameters have the following meaning Parameter Description Range of values note any Blocks all protocols ospf Blocks OSPF frames vrrp Blocks VRRP frames protocol type Keyword for the protocol type type Protocol type 1 255 any Blocks all incoming frames host Keyword for a single IP address src ...

Page 843: ...255 255 As an alternative you can specify the keyword host followed by the IP address Further notes You delete an IP access control list with the no ip access list standard acl num command You display the configuration of the access control list with the show access lists command 11 4 4 3 permit icmp Description With this command you configure an IP access control list for ICMP messages You have t...

Page 844: ...dress Enter a valid IPv4 address src ip address Network source address Enter a valid combination of IPv4 address and subnet mask src mask Corresponding subnet mask any Allows all outgoing frames host Keyword for a an individual IPv4 ad dress dest ip address Destination IPv4 address Enter a valid IPv4 address dest ip address Network destination address Enter a valid combination of IPv4 address and ...

Page 845: ...ecific host are not forwarded Incoming and or outgoing ICMP messages of hosts of a specific subnet are not forwarded Note Processing order of the lists The access control lists are processed on the interface in the order in which they were created The index number of the access control list is not used for this Requirement You are in the ACL standard configuration mode The command prompt is as fol...

Page 846: ...pe 0 255 message code Keyword for the ICMP message code code ICMP message code 0 255 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP access list for ICMP messages has been configured Note Subnet mask for individual hosts If you create the rule for a single system one IPv4 address specify the subnet mask 255 255 255...

Page 847: ...k gt src port number 1 65535 lt src port number 1 65535 eq src port number 1 65535 range src port number 1 65535 src port number 1 65535 any host dest ip address dest ip address dest mask gt port number 1 65535 lt port number 1 65535 eq port number 1 65535 range port number 1 65535 port number 1 65535 dscp value 0 63 ack rst The parameters have the following meaning Parameter Description Range of ...

Page 848: ...tiated Services Codepoint value Value for the Differentiated Services Codepoint 0 63 ack Forwards ACK segments rst Forwards RST segments For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP access list for TCP segments has been configured Note Subnet mask for individual hosts If you create the rule for a single system o...

Page 849: ...yntax Call up the command with the following parameters deny tcp any host src ip address src ip address src mask gt src port number 1 65535 lt src port number 1 65535 eq src port number 1 65535 range src port number 1 65535 src port number 1 65535 any host dest ip address dest ip address dest mask gt port number 1 65535 lt port number 1 65535 eq port number 1 65535 range port number 1 65535 port n...

Page 850: ... and subnet mask mask Corresponding subnet mask dscp Keyword for the Differentiated Services Codepoint value Value for the Differentiated Services Codepoint 0 63 ack Blocks ACK segments rst Blocks RST segments For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP access list for TCP segments has been configured Note Subn...

Page 851: ...of the access control list is not used for this Requirement You are in the ACL standard configuration mode The command prompt is as follows cli config std nacl Syntax Call up the command with the following parameters permit udp any host src ip address src ip address src mask gt port number 1 65535 lt port number 1 65535 eq port number 1 65535 range port number 1 65535 port number 1 65535 any host ...

Page 852: ...s Destination IPv4 address Enter a valid IPv4 address dest ip address Network destination address Enter a valid combination of IPv4 address and subnet mask dest mask Corresponding subnet mask dscp Keyword for the Differentiated Services Codepoint value Value for the Differentiated Services Codepoint 0 63 For information on names of addresses and interfaces refer to the section Interface identifier...

Page 853: ...used for this Requirement You are in the ACL standard configuration mode The command prompt is as follows cli config std nacl Syntax Call up the command with the following parameters deny udp any host src ip address src ip address src mask gt src port number 1 65535 lt src port number 1 65535 eq src port number 1 65535 range src port number 1 65535 src port number 1 65535 any host dest ip address ...

Page 854: ...4 address dest ip address Network destination address Enter a valid combination of IPv4 address and subnet mask dest mask Corresponding subnet mask dscp Keyword for the Differentiated Services Codepoint value Value for the Differentiated Services Codepoint 0 63 For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The IP access...

Page 855: ...he show commands This section describes commands with which you display various settings 11 5 1 1 show lock port Description This command shows whether or not the learning of MAC entries is enabled or locked on an interface Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters sh...

Page 856: ...elevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 11 5 2 1 clear all static unicast Description With this command you delete all static unicast MAC address entries from the MAC address table Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command withou...

Page 857: ...ious command sets are available In the Global configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode w...

Page 858: ...e configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no switchport lock Result The learning of MAC addresses is enabled Further notes You block the learning of MAC addresses with the switchport lock command You display the configuration with the show lock port command 11 5 4 Commands in the AUTOLEARN mode This section describes commands tha...

Page 859: ...prompt is as follows cli config auto learn Syntax Call the command without parameters start Result The learned MAC addresses are entered in the port database with the aging time 0 The entries are NOT deleted when the MAC Address Aging Time expires Further notes You stop automatic learning with the stop command 11 5 4 2 stop Description With this command you stop automatic learning and convert all ...

Page 860: ...ds with which you display various settings 11 6 1 1 show authorized managers Description This command shows the information about the configuration of the authorized managers Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show authorized managers ip source ip address The p...

Page 861: ... other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 11 6 2 1 authorized manager Description With this command you enable the authorized manager Requirement You are in the Global configuration mode The command prompt is as follows cli...

Page 862: ...r notes You enable the function with the authorized manager command 11 6 2 3 authorized manager ip source Description With this command you configure the interfaces and protocols via which an authorized manager is allowed to access the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters aut...

Page 863: ...a b or a b or a b c d Number of a VLAN or VLAN range Enter a valid VLAN or VLAN range cpu0 the Out of Band interface is configured as a management Interface service Specifies the services for which the manager is authorized You can select several options snmp telnet http https ssh For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 ...

Page 864: ...anager ip source Description With this command you delete an interface via which an authorized manager is allowed to access the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no authorized manager ip source ip address subnet mask prefix length 0 32 The parameters have the following mea...

Page 865: ...zed managers with the show authorized manager command 11 7 Port based Network Access Control Dot1X This section describes commands for working with port based network access control PNAC 11 7 1 The show commands This section describes commands with which you display various settings 11 7 1 1 show dot1x Description This command shows information about port based network access control PNAC Requirem...

Page 866: ...e dot1x Authenticator for an interface interface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The dot1x information is displayed 11 7 1 2 show dot1x guest vlan mac info Description This command displays which...

Page 867: ...A list of the MAC addresses is displayed 11 7 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Glo...

Page 868: ...and in the Interface configuration mode You disable the function with the no dot1x guest vlan command You display this setting and other information with the show dot1x command 11 7 2 2 no dot1x guest vlan Description With this command you disable the guest VLAN function for the device Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the ...

Page 869: ...esult MAC authentication is enabled for the device Further notes You also still need to enable MAC authentication for every port intended to use this function You do this with the dot1x mac auth command in the Interface configuration mode You disable the function with the no dot1x mac auth command You display this setting and other information with the show dot1x command 11 7 2 4 no dot1x mac auth...

Page 870: ...obal configuration mode enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Pri...

Page 871: ...t1x guest vlan Description With this command you disable the guest VLAN function for a port Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no dot1x guest vlan Result The guest VLAN function is disabled for the device Further notes You enable the function with the dot1x guest vlan command You display ...

Page 872: ...ning Parameter Description Range of values note vlan id Keyword for the VLAN ID VLAN ID 1 4096 Result The guest VLAN ID is assigned to the port Further notes You reset the guest VLAN ID to the default value with the no dot1x guest vlan vlan idcommand You display this setting and other information with the show dot1x command 11 7 3 4 no dot1x guest vlan vlan id Description With this command the gue...

Page 873: ...om the guest VLAN If you specify a MAC address only this MAC address is removed from the guest VLAN If you use this command without parameters all MAC addresses are removed from the guest VLAN Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters dot1x guest vlan reset mac aa aa aa aa aa aa Th...

Page 874: ...lows cli config if Syntax Call up the command with the following parameters set dot1x guest vlan mac addr count num of addresses 1 100 The parameter has the following meaning Parameter Description Range of values note num of addresses Maximum number of devices 1 100 Result The maximum number of devices for the port has been specified Further notes You display this setting and other information wit...

Page 875: ...obal configuration mode You disable the function with the no dot1x mac auth command You display this setting and other information with the show dot1x command 11 7 3 8 no dot1x mac auth Description With this command you disable MAC authentication for a port Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without paramet...

Page 876: ...t1x mac auth port mac aa aa aa aa aa aa reset The parameters have the following meaning Parameter Description Range of values note mac Keyword for a MAC address aa aa aa aa aa aa MAC address of the interface aa aa aa aa aa aa Result MAC authentication is reset for the port 11 7 3 10 dot1x mac auth vlan assign Description With this command you enable the assignment of the VLAN ID for a MAC address ...

Page 877: ...setting and other information with the show dot1x command 11 7 3 11 no dot1x mac auth vlan assign Description With this command you disable the assignment of the VLAN ID for a MAC address by the RADIUS server Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no dot1x mac auth vlan assign Result The VLAN...

Page 878: ...ce unauthorized The parameters have the following meaning Parameter Description Range of values note auto Authentication according to IEEE 802 1x is enabled for the interface The data traffic via the interface is permitted or blocked depending on the authentication result force authorized data traffic via the interface is permitted without restrictions Default force authorized ena bled force unaut...

Page 879: ...guration mode The command prompt is as follows cli config if Syntax Call the command without parameters no dot1x port control Result The port control parameter of the authenticator is reset to the default value Further notes You configure the port control parameter with the dot1x port control command You can display the status of this function and other information with the show dot1xcommand 11 7 ...

Page 880: ...ult The maximum number of devices for the port has been specified Further notes You display this setting and other information with the show dot1x command 11 7 3 15 dot1x reauthentication Description With this command you enable the 802 1x Re Authentication function for the selected interface When the function is enabled the authenticator repeats authentication of the client periodically Requireme...

Page 881: ...1 7 3 16 no dot1x reauthentication Description With this command you disable the function that repeats the authentication of the client by the authenticator periodically Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call the command without parameters no dot1x reauthentication Result Periodic authentication is disabled Further notes Y...

Page 882: ......

Page 883: ...imit values and messages are generated if they do These messages are collected and can be distributed in the following ways Entry in the local log Sending as SNMP trap Transfer to the Syslog server Transfer to a network management station using SNMP Port mirroring Mirroring of ports to analyze the data stream without disturbing operation Loop detection Detection and elimination of damaging loops L...

Page 884: ...ompt is as follows cli or cli Syntax Call the command without parameters logging console Result The logging function is enabled on the console Further notes You disable the setting with the no logging console command As default the function is disabled 12 1 2 no logging console Description With this command you disable the logging of inputs and outputs to the console Requirement You are in the Use...

Page 885: ...how events config Description This command shows the current configuration for forwarding the messages of the various event types Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show events config Result The current configuration of the events display is displayed 12 1 3 2 show events se...

Page 886: ... show events faults config Description This command shows the current configuration of the following error monitoring functions Monitoring of the power supply for power outage Monitoring of the network connections for a change in the connection status Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with...

Page 887: ...network connections Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show events faults status Result A table with the status messages of the error monitoring functions is displayed 12 1 3 5 show startup information Description This command shows the startup information Requirement You ar...

Page 888: ...as follows cli or cli Syntax Call the command without parameters show logbook or Call up the command with the following parameters show logbook info warning critical The parameters have the following meaning Parameter Description info All log entries of the categories Information Warning and Critical are displayed warning All log entries of the categories Warning and Critical are displayed critica...

Page 889: ... type interface id The parameters have the following meaning Parameter Description Range of values note interface type Type of interface Enter a valid interface interface id Interface identifier For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result The result is displayed Further notes You enable the cable test function with th...

Page 890: ... well as the transmit and receive power for SFP port are displayed 12 1 3 9 show power line state Description This command shows the status of the power supply Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameters show power line state Result The status of the power supply is displayed 12 1 4 ...

Page 891: ...gure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections You exit the Global configuration mode with the end or exit command and are then in the Privileged EXEC mode again 12 1 5 1 events Description With this command you change to the EVENTS configuration mode Requirement You are in the...

Page 892: ...Requirement The interface has no active data traffic You are in the Global configuration mode The command prompt is cli config Syntax Call up the command without parameters or with the following parameter assignment cabletest interface interface type interface id force The parameters have the following meaning Parameter Description Range of values note interface type Type of interface Enter a vali...

Page 893: ...be called in the Global configuration mode can be found in the relevant sections If you exit the EVENTS configuration mode with the exit command you return to the Global configuration mode If you exit the EVENTS configuration mode with the end command you return to the Privileged EXEC mode 12 1 6 1 add log Description With this command you create an entry in the log Requirement You are in the EVEN...

Page 894: ...You are in the EVENTS Configuration mode The command prompt is as follows cli config events Syntax Call up the command with the following parameters client config syslog trap email all The parameters have the following meaning Parameter Description syslog Enables the client that sends the messages to the Syslog server trap Enables the client that sends the SNMP traps email Enables the client that ...

Page 895: ...meter Description syslog Disables the client that sends the messages to the Syslog server trap Disables the client that sends the SNMP traps email Disables the client that sends the e mails all Disables all clients at once Result The client selected for the transfer is disabled Further notes You display the status of the events and the clients with the show events config command You enable the fun...

Page 896: ...essage to the Syslog server Sending an e mail Sending an SNMP trap Requirement You are in the EVENTS configuration mode The command prompt is as follows cli config events Syntax Call up the command with the following parameters event config cold warmstart linkchange authentication failure rmon alarm power change rm state change standby state change faultstate change stp change vrrp state change lo...

Page 897: ...r email Client that sends the e mails trap Client that sends the SNMP traps faults Error LED lights up The setting is possible only for a cold or warm restart env data change Message when there is a status change in the diagnostics data all All clients at once Result The setting deciding which message of the device is stored or forwarded is configured Further notes You display the status of the ev...

Page 898: ...hange Message when there is a status change in the power supply rm state change Message when there is a status change in the redundancy manager standby state change Message when there is a status change on a standby connection faultstate change Message when there is a status change in the error monitoring stp change Message when there is a change in the spanning tree vrrp state change Message on s...

Page 899: ...vent notifications Requirement You are in the EVENTS Configuration mode The command prompt is as follows cli config events Syntax Call up the command with the following parameters severity mail log syslog info warning critical The parameters have the following meaning Parameter Description Range of values note mail Specifies the threshold value for send ing system event messages by e mail log Spec...

Page 900: ...fications Requirement You are in the EVENTS Configuration mode The command prompt is as follows cli config events Syntax Call up the command with the following parameters no severity mail log syslog The parameters have the following meaning Parameter Description Range of values note mail The setting of the threshold value for sending system event messages by e mail is disabled log The setting of t...

Page 901: ...e The command prompt is as follows cli config events Syntax Call up the command with the following parameters power L1 L2 The parameters have the following meaning Parameter Description L1 Monitoring of power supply 1 L2 Monitoring of power supply 2 If you do not select any parameters from the parameter list the default value L1 and L2 is used Result The setting for monitoring the power supplies i...

Page 902: ...ply 1 L2 No monitoring of power supply 2 If you do not select any parameters from the parameter list the default value L1 and L2 is used Result The setting for monitoring the power supplies is configured Further notes You can display the current setting with the show events faults config command You enable the function with the power command 12 1 6 10 link Description With this command you configu...

Page 903: ... on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select an interface the function is enabled for all available interfaces Result The settings for monitoring the physical network connections have been configured Further notes You display the setting with the show events faults config command You disable the function with the no lin...

Page 904: ...rface type Type or speed of the interface Enter a valid interface interface id Module no and port no of the interface For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select an interface the function is disabled for all available interfaces Result The settings for monitoring the physical network connections have bee...

Page 905: ...r of the port to the device The device compares the value it has received for the transmit power with the actually received power The difference between the received power and the transmit power represents the power loss on the link The calculated power loss is also monitored for the set limit values If the value of the received power or the power loss falls below or exceeds the set limit values a...

Page 906: ...d 12 2 1 2 show fmp status Description This command shows the current status and the current values of the optical ports or connections that you monitor with fiber monitoring Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call up the command with the following parameters show fmp status interface interface type interface ...

Page 907: ... can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 12 2 2 1 fmp Description With this command you enable fiber monitoring Requirement To be able to use the fiber monitoring function enable LLDP Th...

Page 908: ...is command you disable fiber monitoring Requirement You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameter assignment no fmp Default enabled Result Fiber monitoring is disabled Further notes You enable this function with the fmp command You display the status of this function and other information with the show fmp stauts and show ...

Page 909: ...ult 50 dB dem Specify the value at which you are informed of the power loss of the connection by a message of the severity level Critical 0 55 dB Default 55 dB Result The limits for monitoring the power loss are defined Further notes You enable this function with the fmp command You disable this function with the no fmp command You display the status of this function and other information with the...

Page 910: ...0 dB The default value depends on the rele vant pluggable transceiver dem Specify the value at which you are informed of the deterioration of the received power by a message of the severity level Critical 0 40 dB The default value depends on the rele vant pluggable transceiver Result The limits for monitoring the received power are defined Further notes You enable this function with the fmp comman...

Page 911: ...liminated The loop detection can help to find the errors more quickly but does not eliminate them Note Note that loop detection is only possible at ports that were not configured as ring ports or standby ports Note Changing the configured port status with loop detection The configuration of the port status can be changed with the Loop Detection function If for example the administrator has disable...

Page 912: ...ll the command without parameters show loopd For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 Result Information on loop detection is displayed 12 3 1 2 show loopd interface Description Displays information on the loop interface Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as foll...

Page 913: ...arameters from the parameter list the default value is used Result The loop interface is displayed Further notes You can display the status of this function and other information with the show loopd command 12 3 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal comma...

Page 914: ...he status of this function and other information with the show loopd command 12 3 2 2 no loopd Description With this command you disable the loop detection function Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no loopd Result The loop detection function is disabled Further notes You enable the function w...

Page 915: ...x Call the command without parameters loopd vlan mode Result The loop detection function is enabled for VLAN Further notes You disable the function with the no loopd vlan mode command You can display the status of this function and other information with the show loopd command 12 3 2 4 no loopd vlan mode Description With this command you disable the loop detection function for VLAN Requirement Loo...

Page 916: ...de enter the interface command to change to this mode Commands relating to other topics that can be called in the interface configuration mode can be found in the relevant sections If you exit the Interface configuration mode with the exit command you return to the Global configuration mode If you exit the Interface configuration mode with the end command you return to the Privileged EXEC mode 12 ...

Page 917: ...tion frames Further notes You can display the status of this function and other information with the show loopd command 12 3 3 2 loopd tx interval detect threshold reaction timeout Description With this command you configure the send interval threshold value and reaction time for loop detection Requirement Loop detection is enabled You are in the Interface configuration mode The command prompt is ...

Page 918: ...n which it was before the loop 0 86400 Default 0 If you set the value 0 you need to enable the port manually again following a loop using the com mand loopd port reset If you do not select any parameters from the parameter list the default value is used The default values apply only to a port enabled earlier with loopd sender Result The settings are suitably configured Further notes You can displa...

Page 919: ...this command you activate the disable reaction for a local loop If a local loop is detected the port is blocked Requirement Loop detection is enabled You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameters loopd reaction local Result disable is activated for the loopd reaction local function disable is the default after enabling lo...

Page 920: ...Call the command without parameters no loopd reaction local Result no action is activated for the loopd reaction local function disable is the default after enabling loop detection Further notes You enable the disable reaction with the loopd reaction local command You can display the status of this function and other information with the show loopd command 12 3 3 6 loopd reaction remote Descriptio...

Page 921: ...with the show loopd command 12 3 3 7 no loopd reaction remote Description With this command you enable the no action reaction for a remote loop If a remote loop is detected this has no effect on the port Requirement loopd is enabled You are in the Interface configuration mode The command prompt is cli config if Syntax Call the command without parameters no loopd reaction remote Result no action is...

Page 922: ...ta rate of the mirrored port is higher than that of the monitor port data may be lost and the monitor port no longer reflects the data traffic at the mirrored port Several ports can be mirrored to one monitor port at the same time Several source ports from the same VLAN If in a VLAN you select more than one source port for the port based egress mirroring unknown unicast and multicast frames as wel...

Page 923: ...shows the status of the communication via the monitor port If you enable this option management of the switch via the monitor port is no longer reachable Requirement You are in the User EXEC mode or in the Privileged EXEC mode The command prompt is as follows cli or cli Syntax Call the command without parameter assignment show monitor barrier Result The settings are displayed 12 4 1 3 show monitor...

Page 924: ... the session 1 7 Result The settings for mirroring ports are displayed 12 4 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configure terminal command to change to this mode Commands relating to other topics that can be called in the Global configuration mode can be found in the rele...

Page 925: ...is function with the show monitorcommand You disable the function with the no monitor command 12 4 2 2 no monitor Description With this command you disable the port mirroring function Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameters no monitor Result The port mirroring function is disabled Further notes You ...

Page 926: ...y need to be reconfigured You can reconfigure these functions manually even if monitor barrier is turned on The data traffic on the monitor port is also allowed again If you do not require this make sure that only the data traffic you want to monitor is forwarded to the interface If mirroring is disabled the listed port specific functions are reset to the default values This reset takes place rega...

Page 927: ...rier enabled Result Communication via the monitor port is enabled Further notes You disable the communication with the monitor barrier enabled command You display the configuration settings with the show monitor barrier command 12 4 2 5 monitor session destination Description With this command you configure the destination for mirroring a port Requirement You are in the Global configuration mode T...

Page 928: ...ce remote vlan Keyword for a RSPAN session With RSPAN Remote Switched Port Analyzer you can forward the data traffic of a mirroring session to the monitor port via a VLAN On the RSPAN VLAN the mirrored data traffic is not disturbed by other data Frames addressed directly to the mirroring source cannot be mirrored on the RSPAN destination port vlan id Number of the VLAN for the RSPAN session 1 4094...

Page 929: ...erface interface type interface id remote vlan vlan id 1 4094 The parameters have the following meaning Parameter Description Range of values note session id Number of the session 7 parallel sessions are possible only with port based mirroring and their ports must not overlap 1 7 interface Keyword for a an interface descrip tion interface type Type or speed of the interface Enter a valid interface...

Page 930: ...nfiguration mode The command prompt is cli config Syntax Call up the command for the port to be monitored with the following parameter assignment monitor session session id 1 7 source interface interface type interface id port channel port channel id 1 8 rx tx both or Call up the command for the VLAN to be monitored with the following parameter assignment monitor session session id 1 1 source vlan...

Page 931: ...LAN mirroring disable the relevant functions on the de vice before a recording vlan id Number of the VLAN 1 4094 mac acl Keyword for a MAC access control list ip acl Keyword for an IP access control list acl id Number of the Access Control List For information on names of addresses and interfaces refer to the section Interface identifiers and addresses Page 42 If you do not select any parameters f...

Page 932: ...ent no monitor session session id 1 1 source vlan vlan id mac acl acl id ip acl acl id The parameters have the following meaning Parameter Description Range of values note session id Number of the session 7 parallel sessions are possible only with port based mirroring and their ports must not overlap 1 7 interface Keyword for a an interface description interface type Type or speed of the interface...

Page 933: ...urther notes You configure the source for mirroring a port with the monitor session source command You end and delete a session with the no monitor session command You display the configuration settings with the show monitor session command 12 4 2 9 no monitor session Description With this command you delete the monitor session Requirement You are in the Global configuration mode The command promp...

Page 934: ...ion of limit values and to store or forward these events in the following ways Entry in the local log Sending as SNMP trap Transfer to the Syslog server Transfer to a network management station using SNMP 12 5 1 The show commands This section describes commands with which you display various settings 12 5 1 1 show rmon Description This command shows the settings of the remote monitoring function R...

Page 935: ...d you can display several parameters with one call If you do not select any parameters from the parameter list only the enabled or disabled status is shown Result The settings of the remote monitoring function are displayed 12 5 2 Commands in the global configuration mode This section describes commands that you can call up in the Global configuration mode In Privileged EXEC mode enter the configu...

Page 936: ...atus of this function and other information with the show rmon command 12 5 2 2 no rmon Description With this command you disable the Remote Monitoring function Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call the command without parameter assignment no rmon Default disabled Result The Remote Monitoring function is disabled Further notes ...

Page 937: ...d value 0 2147483647 fallingevent number 1 65535 owner ownername 127 The parameters have the following meaning Parameter Description Range of values note alarm number Number of the alarm 1 250 mib object id Name of the MIB variable max 255 characters sample interval time Interval for the check s 1 65535 absolute The current absolute value of the moni tored MIB is evaluated delta The difference bet...

Page 938: ...iable values should be less than the threshold value for rising or high variable values Note Conditions for working with alarms The events assigned to the alarms are configured The Remote monitoring function is started with the rmon command Result The alarm for monitoring a MIB variable is configured Further notes You delete an alarm with the no rmon alarm command You display the list of configure...

Page 939: ...rap is generated Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters rmon event number 1 500 description event description 127 owner ownername 127 trap notify 127 The parameters have the following meaning Parameter Description Range of values note number Number of the event 1 500 description Title...

Page 940: ... Requirement You are in the Global configuration mode The command prompt is as follows cli config Syntax Call up the command with the following parameters no rmon event number 1 500 The parameter has the following meaning Parameter Description Range of values note number Number of the event entry to be delet ed 1 500 Result The entry is deleted from the RMON event table 12 5 3 Commands in the inte...

Page 941: ...he recording of statistical data of an interface Requirement You are in the Interface configuration mode The command prompt is as follows cli config if Syntax Call up the command with the following parameters rmon collection stats index 1 52 owner ownername 127 The parameters have the following meaning Parameter Description Range of values note index Number of the recording 1 52 owner User to whic...

Page 942: ...n Range of values note index Number of the recording 1 52 Result The recording of statistical data is ended 12 5 3 3 rmon collection history Description With this command you configure the collection of statistical data of the interface in a selectable number of recording intervals Buckets with a specified period Requirement You are in the Interface configuration mode The command prompt is as foll...

Page 943: ...ault 1800 owner User to which the event is assigned ownername User name of the user max 127 characters Default monitor If you do not select any parameter from the parameter list the default values are used Result The data is recorded Further notes You can display the content of a recording with the show rmon history command 12 5 3 4 no rmon collection history Description With this command you end ...

Page 944: ...he messages to the Syslog server Local buffering and storage of messages Receipt and forwarding of messages from other devices relay mode 12 6 1 The show commands This section describes commands with which you display various settings 12 6 1 1 show events syslogserver Description This command shows the entries of the configured Syslog server Requirement You are in the User EXEC mode or in the Priv...

Page 945: ...re the Syslog server Requirement You are in the EVENTS configuration mode The command prompt is as follows cli config events Syntax Call up the command with the following parameters syslogserver ipv4 ucast_addr fqdn name FQDN ipv6 ip6_addr port 1 65535 The parameters have the following meaning Parameter Description Range of values note ipv4 Keyword for an IPv4 address ucast_addr IPv4 unicast addre...

Page 946: ...lows cli config events Syntax Call up the command with the following parameters no syslogserver ipv4 ucast_addr fqdn name FQDN ipv6 ip6_addr The parameters have the following meaning Parameter Description Range of values note ipv4 Keyword for an IPv4 address ucast_addr IPv4 unicast address of the Syslog server Enter a valid IPv4 address fqdn name Keyword for a domain name FQDN Domain name Fully Qu...

Page 947: ...l VRRP 3810 Multicast Listener Discovery Version 2 MLDv2 for IPv6 4007 IPv6 Scoped Address Architecture 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers 4250 The Secure Shell SSH Protocol Assigned Numbers 4251 The Secure Shell SSH Protocol Architecture 4252 The Secure Shell SSH Authentication Protocol 4253 The Secure Shell SSH Transport Layer Protocol 4254 The Secure Shell SSH Connectio...

Page 948: ...Appendix A A 1 Supported RFCs SCALANCE XM 400 XR 500 Command Line Interface CLI 948 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Page 949: ... learn 856 auto save 126 no auto save 127 auto summary IPv4 679 no auto summary 679 B broadcast block 94 C change password 804 channel group 232 no channel group 233 clear counters 73 clear history 59 clear hrp counters 470 clear ipv6 dhcp relay statistics 377 clear ipv6 traffic 306 clear line vty 74 clear logbook 890 clear ring redundancy manager counters 471 clear screen 53 clear spanning tree c...

Page 950: ...80 no dot1x reauthentication 881 dscp map 798 duplex 95 no duplex 96 E enable 76 ethernetip 85 event config 895 no event config 897 events 891 exit 54 F factoryclean 145 flowcontrol 793 fmp 907 fmp power loss 908 fmp rx power 909 G Glossary 31 H help 55 host 593 I instance 275 no instance 276 interface 86 no interface 87 622 interface vrrp 621 interface VRRP 621 623 625 629 630 653 654 658 659 no ...

Page 951: ...9 ip ospf priority 564 no ip ospf priority 565 ip ospf retransmit interval 561 ip ospf transmit delay 563 no ip ospf transmit delay 563 ip pim 771 ip pim bsr candidate 769 ip pim clear counters 760 ip pim dr priority 772 ip pim routing 761 ip pim static rp 763 ip retransmit interval no ip retransmit interval 562 ip rip default route originate IPv4 688 no ip rip default route originate 688 ip rip r...

Page 952: ...router ospf 577 no ipv6 router ospf 578 ipv6 router rip IPv6 no ipv6 router rip 696 ipv6 router rip IPv6 695 ipv6 unicast routing 299 318 no ipv6 unicast routing 318 L lease time 353 link 902 no link 903 lldp 96 no lldp 97 load tftp 111 loadsave 113 lock 77 login authentication 818 logout 77 loopd 916 917 M mac access group 827 no mac access group 828 mac access list extended 826 no mac access lis...

Page 953: ...no match interface 717 no match metric 719 no match metric type 721 no match next hop ip 723 no match next hop ip IPv4 723 no match next hop ip IPv6 725 no match next hop ipv6 725 no match route type 727 no match tag 729 no monitor session destination 929 no multicast block 101 no nfc active 141 no panel button control factory defaults 149 no passive listening 283 no passive listening bpdu vlan fl...

Page 954: ...ute 545 redistribute IPv4 684 no redistribute 685 redistribute IPv6 702 no redistribute 703 redistribute OSPFv3 599 no redistribute 600 redundancy 474 relay information 361 restart 120 revision 278 no revision 279 ring ports 479 ring redundancy 476 no ring redundancy 477 ring redundancy hrpobserver 475 rmon 935 rmon alarm 937 no rmon alarm 938 rmon collection history 942 no rmon collection history...

Page 955: ... show ip dhcp server pools 347 show ip dhcp server bindings 347 show ip dns 289 show ip dns cache 289 show ip dns name server 290 show ip dns statistics 290 show ip gateway 286 show ip http secure server status 422 show ip http server status 420 show ip igmp global config 436 show ip igmp group list 436 show ip igmp groups 437 show ip igmp snooping 457 459 show ip igmp snooping forwarding database...

Page 956: ...tatic unicast 184 488 show monitor 923 show monitor barrier 923 show monitor status 922 show multicast block config 69 491 show nfc active status 140 show ntp info 161 show passive listening 280 show password policy 801 show plug 143 show pnio 70 show power line state 890 show ptp info 172 show qos cos map 794 show qos dscp map 795 show qos trust mode 795 show radius server 817 show radius statist...

Page 957: ... spanning tree 259 spanning tree time settings 254 no spanning tree 256 spanning tree auto edge 263 no spanning tree auto edge 263 spanning tree bpdufilter 265 spanning tree bpdu receive 265 spanning tree bpdu transmit 264 spanning tree compatibility 246 no spanning tree compatibility 247 spanning tree layer2 gateway port 266 no spanning tree layer2 gateway port 267 spanning tree loop guard 267 no...

Page 958: ...0 time dst recurring 159 time set 157 traceroute 80 track interface 623 653 track links 626 655 U unicast block 107 user account 809 no user account 811 user account ext 811 user group 813 username 91 815 V version IPv4 685 version IPv4 no version 686 vlan 197 no vlan 198 vlan range 198 vrrp accept mode VRRP3 660 no vrrp accept mode 661 vrrp associated ip VRRP 631 no vrrp associated ip 632 vrrp as...

Page 959: ...ex SCALANCE XM 400 XR 500 Command Line Interface CLI Configuration Manual 06 2016 C79000 G8976 C252 11 959 W web session timeout 147 no web session timeout 148 whoami 805 write 145 write startup config 122 ...

Page 960: ...Index SCALANCE XM 400 XR 500 Command Line Interface CLI 960 Configuration Manual 06 2016 C79000 G8976 C252 11 ...

Reviews:

No comments

Related manuals for SCALANCE XM-400

D-Link DES-3526 - Switch - Stackable Manual preview
DES-3526 - Switch - Stackable
Brand: D-Link Pages: 258
IBM E12 Quick Reference Manual preview
E12
Brand: IBM Pages: 4
H3C SR6600 Series Faq preview
SR6600 Series
Brand: H3C Pages: 22
H3C S5800-60C-PWR Ordering Manual preview
S5800-60C-PWR
Brand: H3C Pages: 3
Lantronix SISPM1040-582-LRT Quick Start Manual preview
SISPM1040-582-LRT
Brand: Lantronix Pages: 2
Lantronix SDS1101 Quick Start Manual preview
SDS1101
Brand: Lantronix Pages: 7
Lantronix Maestro E220 Series Quick Start Manual preview
Maestro E220 Series
Brand: Lantronix Pages: 25
Intellinet 523318 Instructions preview
523318
Brand: Intellinet Pages: 2
TP-Link TD-8816 Quick Installation Manual preview
TD-8816
Brand: TP-Link Pages: 2
Lutron Electronics Smart Bridge Quick Start Manual preview
Smart Bridge
Brand: Lutron Electronics Pages: 4
Sierra Wireless AirCard 750 Installation preview
AirCard 750
Brand: Sierra Wireless Pages: 2
3Com Fast EtherLink XL PCI 10/100BASE-TXNetwork Interface... Quick Manual preview
Fast EtherLink XL PCI 10/100BASE-TXNetwork Interface...
Brand: 3Com Pages: 12
l-com HA72170-NF Installation Manual preview
HA72170-NF
Brand: l-com Pages: 2
Lindy Modular Fast Fiber Switch Converter MT-RJ Specifications preview
Modular Fast Fiber Switch Converter MT-RJ
Brand: Lindy Pages: 3
Lanpro LP-SW811 User Manual preview
LP-SW811
Brand: Lanpro Pages: 6
ratiotec CONNECT Box Pro Instruction Manual preview
CONNECT Box Pro
Brand: ratiotec Pages: 12
Johnson Controls ZFR1831 Pro Series Installation Manual preview
ZFR1831 Pro Series
Brand: Johnson Controls Pages: 12
Craftsman 720.25251 Owner'S Manual preview
720.25251
Brand: Craftsman Pages: 18

Brands by name

Popular brands

Load more brands