SIMATIC NET
Industrial Ethernet switches
SCALANCE XM-400/XR-500 Web
Based Management
Configuration Manual
03/2014
C79000-G8976-C248-06
Introduction
1
Description
2
Assignment of an IP address
3
Technical basics
4
Configuring with Web Based
Management
5
Troubleshooting/FAQ
6
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will be
used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property
damage.
Qualified Personnel
The product/system described in this documentation may be operated only by personnel qualified for the specific
task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified
personnel are those who, based on their training and experience, are capable of identifying risks and avoiding
potential hazards when working with these products/systems.
Proper use of Siemens products
Note the following:
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
documentation. If products and components from other manufacturers are used, these must be recommended or
approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software described.
Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in
this publication is reviewed regularly and any necessary corrections are included in subsequent editions.
Siemens AG
Industry Sector
Postfach 48 48
90026 NÜRNBERG
GERMANY
Order number: C79000-G8976-C248
Ⓟ 03/2014 Subject to change
Copyright © Siemens AG 2011 - 2014.
All rights reserved
Table of contents
1 Introduction...................................................................................................................................................9
1.1 Information on the configuration manual (WBM)...........................................................................9
1.2 Security information.....................................................................................................................11
2 Description..................................................................................................................................................13
2.1 Product characteristics................................................................................................................13
2.2 Requirements for installation and operation................................................................................15
2.3 C-PLUG / KEY-PLUG..................................................................................................................16
2.4 Power over Ethernet (PoE).........................................................................................................18
3 Assignment of an IP address......................................................................................................................21
3.1 Structure of an IP address...........................................................................................................21
3.2 Initial assignment of an IP address.............................................................................................23
3.3 Address assignment with DHCP.................................................................................................24
4 Technical basics.........................................................................................................................................25
4.1 Configuration limits......................................................................................................................25
4.2 VLAN...........................................................................................................................................27
4.3 VLAN tagging..............................................................................................................................28
4.4 SNMP..........................................................................................................................................30
4.5 Routing function..........................................................................................................................32
4.5.1 VRRP..........................................................................................................................................32
4.5.2 OSPFv2.......................................................................................................................................33
4.5.3 RIPv2...........................................................................................................................................37
4.6 Redundancy mechanism.............................................................................................................39
4.6.1 Spanning Tree.............................................................................................................................39
4.6.1.1 RSTP, MSTP, CIST.....................................................................................................................40
4.6.2 HRP.............................................................................................................................................41
4.6.3 MRP............................................................................................................................................42
4.6.3.1 MRP - Media Redundancy Protocol ...........................................................................................42
4.6.3.2 Configuration in WBM.................................................................................................................44
4.6.3.3 Configuration in STEP 7..............................................................................................................44
4.6.4 Standby.......................................................................................................................................48
4.7 Link aggregation..........................................................................................................................50
5 Configuring with Web Based Management................................................................................................51
5.1 Web Based Management............................................................................................................51
5.2 Login............................................................................................................................................53
5.3 The "Information" menu...............................................................................................................55
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 3
5.3.1 Start page....................................................................................................................................55
5.3.2 Versions......................................................................................................................................59
5.3.3 I&M..............................................................................................................................................60
5.3.4 ARP table....................................................................................................................................61
5.3.5 Log table......................................................................................................................................62
5.3.6 Faults...........................................................................................................................................65
5.3.7 Redundancy................................................................................................................................66
5.3.7.1 Spanning Tree.............................................................................................................................66
5.3.7.2 VRRP Statistics...........................................................................................................................69
5.3.7.3 Ring redundancy.........................................................................................................................71
5.3.7.4 Standby redundancy...................................................................................................................73
5.3.8 Ethernet statistics........................................................................................................................75
5.3.8.1 Interface statistics........................................................................................................................75
5.3.8.2 Packet size..................................................................................................................................76
5.3.8.3 Packet type..................................................................................................................................77
5.3.8.4 Packet Error................................................................................................................................78
5.3.8.5 History.........................................................................................................................................80
5.3.9 Unicast........................................................................................................................................81
5.3.10 Multicast......................................................................................................................................82
5.3.11 LLDP...........................................................................................................................................84
5.3.12 Routing........................................................................................................................................85
5.3.12.1 Routing Table..............................................................................................................................85
5.3.12.2 OSPFv2 Interfaces......................................................................................................................86
5.3.12.3 OSPFv2 Neighbors.....................................................................................................................88
5.3.12.4 OSPFv2 Virtual Neighbors..........................................................................................................90
5.3.12.5 OSPFv2 LSDB............................................................................................................................92
5.3.12.6 RIPv2 Statistics...........................................................................................................................93
5.4 The "System" menu.....................................................................................................................95
5.4.1 Configuration...............................................................................................................................95
5.4.2 General........................................................................................................................................98
5.4.2.1 Device.........................................................................................................................................98
5.4.2.2 Coordinates.................................................................................................................................99
5.4.3 Agent IP.....................................................................................................................................100
5.4.4 DNS...........................................................................................................................................100
5.4.5 Restart.......................................................................................................................................102
5.4.6 Load & Save..............................................................................................................................103
5.4.6.1 HTTP.........................................................................................................................................103
5.4.6.2 TFTP.........................................................................................................................................106
5.4.7 Events.......................................................................................................................................109
5.4.7.1 Configuration.............................................................................................................................109
5.4.7.2 Severity Filters...........................................................................................................................112
5.4.8 SMTP client...............................................................................................................................113
5.4.9 DHCP client...............................................................................................................................114
5.4.10 SNMP........................................................................................................................................116
5.4.10.1 General......................................................................................................................................116
5.4.10.2 Traps.........................................................................................................................................117
5.4.10.3 Groups.......................................................................................................................................119
5.4.10.4 Users.........................................................................................................................................121
5.4.11 System time...............................................................................................................................123
5.4.11.1 Manual setting...........................................................................................................................123
5.4.11.2 DST Overview...........................................................................................................................124
5.4.11.3 DST Configuration.....................................................................................................................125
Table of contents
SCALANCE XM-400/XR-500 Web Based Management
4Configuration Manual, 03/2014, C79000-G8976-C248-06
5.4.11.4 SNTP client...............................................................................................................................129
5.4.11.5 NTP client..................................................................................................................................132
5.4.11.6 SIMATIC time client...................................................................................................................134
5.4.11.7 PTP Client (SCALANCE XR-500 only)......................................................................................135
5.4.12 Auto logout................................................................................................................................136
5.4.13 Select/Set button configuration.................................................................................................137
5.4.14 Syslog client..............................................................................................................................138
5.4.15 Ports..........................................................................................................................................140
5.4.15.1 Overview...................................................................................................................................140
5.4.15.2 Configuration.............................................................................................................................142
5.4.16 Fault monitoring.........................................................................................................................145
5.4.16.1 Power Supply............................................................................................................................145
5.4.16.2 Link Change..............................................................................................................................146
5.4.16.3 Redundancy..............................................................................................................................148
5.4.17 PNIO..........................................................................................................................................148
5.4.18 PLUG configuration...................................................................................................................149
5.4.19 PLUG license............................................................................................................................152
5.4.20 Ping...........................................................................................................................................155
5.4.21 PoE............................................................................................................................................156
5.4.21.1 General......................................................................................................................................156
5.4.21.2 Port............................................................................................................................................157
5.4.22 Port Diagnostics........................................................................................................................160
5.4.22.1 Cable tester...............................................................................................................................160
5.4.22.2 SFP diagnostics........................................................................................................................162
5.5 The "Layer 2" menu...................................................................................................................164
5.5.1 Configuration.............................................................................................................................164
5.5.2 Qos............................................................................................................................................168
5.5.2.1 CoS queue mapping..................................................................................................................168
5.5.2.2 DSCP mapping..........................................................................................................................169
5.5.3 Rate control...............................................................................................................................170
5.5.4 VLAN.........................................................................................................................................172
5.5.4.1 General......................................................................................................................................172
5.5.4.2 GVRP........................................................................................................................................175
5.5.4.3 Port-based VLAN......................................................................................................................177
5.5.4.4 Protocol Based VLAN Group.....................................................................................................179
5.5.4.5 Protocol Based VLAN Port........................................................................................................180
5.5.4.6 lpv4 Subnet Based VLAN..........................................................................................................181
5.5.5 Mirroring....................................................................................................................................182
5.5.5.1 General......................................................................................................................................183
5.5.5.2 Port............................................................................................................................................185
5.5.5.3 VLAN.........................................................................................................................................186
5.5.5.4 MAC Flow..................................................................................................................................187
5.5.5.5 IP Flow......................................................................................................................................188
5.5.6 Dynamic MAC aging..................................................................................................................189
5.5.7 Ring redundancy.......................................................................................................................190
5.5.7.1 Ring redundancy.......................................................................................................................190
5.5.7.2 Standby.....................................................................................................................................192
5.5.8 Spanning tree............................................................................................................................195
5.5.8.1 General......................................................................................................................................195
5.5.8.2 CIST general.............................................................................................................................196
5.5.8.3 CIST port...................................................................................................................................199
5.5.8.4 MST general..............................................................................................................................203
Table of contents
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 5
5.5.8.5 MST port....................................................................................................................................204
5.5.8.6 Enhanced Passive Listening Compatibility................................................................................207
5.5.9 Loop Detection..........................................................................................................................208
5.5.10 Link aggregation........................................................................................................................210
5.5.11 DCP forwarding.........................................................................................................................213
5.5.12 LLDP.........................................................................................................................................215
5.5.13 Unicast......................................................................................................................................217
5.5.13.1 Filtering......................................................................................................................................217
5.5.13.2 Locked ports..............................................................................................................................219
5.5.13.3 Learning....................................................................................................................................220
5.5.13.4 Unicast blocking........................................................................................................................222
5.5.14 Multicast....................................................................................................................................224
5.5.14.1 Groups.......................................................................................................................................224
5.5.14.2 IGMP.........................................................................................................................................226
5.5.14.3 GMRP........................................................................................................................................227
5.5.14.4 Multicast blocking......................................................................................................................229
5.5.15 Broadcast..................................................................................................................................230
5.5.16 PTP (SCALANCE XR-500 only)................................................................................................232
5.5.16.1 General......................................................................................................................................232
5.5.16.2 TC General................................................................................................................................233
5.5.16.3 TC Port......................................................................................................................................233
5.5.17 RMON.......................................................................................................................................235
5.5.17.1 Statistics....................................................................................................................................235
5.5.17.2 History.......................................................................................................................................236
5.6 The "Layer 3" menu...................................................................................................................238
5.6.1 Configuration.............................................................................................................................238
5.6.2 Subnets.....................................................................................................................................239
5.6.2.1 Overview...................................................................................................................................239
5.6.2.2 Configuration.............................................................................................................................242
5.6.3 Routes.......................................................................................................................................243
5.6.4 Route Maps...............................................................................................................................245
5.6.4.1 General......................................................................................................................................245
5.6.4.2 Inferface&Value Match..............................................................................................................246
5.6.4.3 Destination Match......................................................................................................................247
5.6.4.4 Next Hop Match.........................................................................................................................248
5.6.4.5 Set Configuration.......................................................................................................................249
5.6.5 DHCP Relay Agent....................................................................................................................250
5.6.5.1 General......................................................................................................................................250
5.6.5.2 Option........................................................................................................................................251
5.6.6 VRRP........................................................................................................................................254
5.6.6.1 Router........................................................................................................................................254
5.6.6.2 Configuration.............................................................................................................................256
5.6.6.3 Addresses Overview.................................................................................................................258
5.6.6.4 Addresses Configuration...........................................................................................................259
5.6.7 OSPFv2.....................................................................................................................................260
5.6.7.1 Configuration.............................................................................................................................260
5.6.7.2 Areas.........................................................................................................................................262
5.6.7.3 Area Range...............................................................................................................................263
5.6.7.4 Interfaces...................................................................................................................................265
5.6.7.5 Interface authentication.............................................................................................................267
5.6.7.6 Virtual Links...............................................................................................................................268
5.6.7.7 Virtual link authentication..........................................................................................................271
Table of contents
SCALANCE XM-400/XR-500 Web Based Management
6Configuration Manual, 03/2014, C79000-G8976-C248-06
5.6.8 RIPv2.........................................................................................................................................272
5.6.8.1 RIPv2 Configuration..................................................................................................................272
5.6.8.2 RIPv2 Interfaces........................................................................................................................273
5.7 The "Security" menu..................................................................................................................276
5.7.1 Passwords.................................................................................................................................276
5.7.2 AAA...........................................................................................................................................277
5.7.2.1 General......................................................................................................................................277
5.7.2.2 Radius client..............................................................................................................................277
5.7.2.3 802.1x authenticator..................................................................................................................280
5.7.3 Port ACL MAC...........................................................................................................................284
5.7.3.1 Rules Configuration...................................................................................................................284
5.7.3.2 Port Ingress Rules.....................................................................................................................285
5.7.3.3 Port Egress Rules.....................................................................................................................287
5.7.4 Port ACL IP...............................................................................................................................288
5.7.4.1 Rules Configuration...................................................................................................................288
5.7.4.2 Protocol Configuration...............................................................................................................290
5.7.4.3 Port Ingress Rules.....................................................................................................................291
5.7.4.4 Port Egress Rules.....................................................................................................................293
5.7.5 Management ACL.....................................................................................................................294
6 Troubleshooting/FAQ...............................................................................................................................299
6.1 Firmware update via WBM or CLI not possible.........................................................................299
Index.........................................................................................................................................................301
Table of contents
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 7
Introduction 1
1.1 Information on the configuration manual (WBM)
Validity of the configuration manual
This Configuration Manual covers the following products:
SCALANCE XR-500
SCALANCE XR552-12M
SCALANCE XR528-6M
The devices are available with or without routing functions. For the devices without routing
functions, the functions can be enabled by a KEY-PLUG.
SCALANCE XM-400
SCALANCE XM408-8C
SCALANCE XM416-4C
The devices are available with or without routing functions. For the devices without routing
functions, the functions can be enabled by a KEY-PLUG.
This Configuration Manual applies to the following software version:
SCALANCE XR-500 firmware as of version 4.0
SCALANCE XM-400 firmware as of version 4.0
Purpose of the Configuration Manual
This Configuration Manual is intended to provide you with the information you require to install,
commission and operate IE switches. It provides you with the information you require to
configure the IE switches.
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 9
Orientation in the documentation
Apart from the configuration manual you are currently reading, the products also have the
following documentation:
Configuration Manual:
SCALANCE XM-400/XR-500 Command Line Interface
This document contains the CLI commands that are supported by the IE switches
SCALANCE XM-400 and SCALANCE X-500.
Operating instructions:
SCALANCE XR-500M
MM900 media modules for SCALANCE XR-500M
Fan unit FAN597-1 for SCALANCE XR-500M
Power supply PS598-1 for SCALANCE XR-500M
SCALANCE XM-400
Extender for SCALANCE XM-400
These documents contain information on installing and connecting up and approvals for
the products.
The following documentation is also available from SIMATIC NET on the topic of Industrial
Ethernet:
System manual "Industrial Ethernet / PROFINET"
System manual "Industrial Ethernet / PROFINET - Passive network components"
All these documents are available in digital form on the SCALANCE X DVD.
SIMATIC NET glossary
Explanations of many of the specialist terms used in this documentation can be found in the
SIMATIC NET glossary.
You will find the SIMATIC NET glossary here:
SIMATIC NET Manual Collection or product DVD
The DVD ships with certain SIMATIC NET products.
On the Internet under the following entry ID:
50305045 (http://support.automation.siemens.com/WW/view/en/50305045)
Introduction
1.1 Information on the configuration manual (WBM)
SCALANCE XM-400/XR-500 Web Based Management
10 Configuration Manual, 03/2014, C79000-G8976-C248-06
1.2 Security information
Siemens provides automation and drive products with industrial security functions that support
the secure operation of plants or machines. They are an important component in a holistic
industrial security concept. With this in mind, our products undergo continuous development.
We therefore recommend that you keep yourself informed with respect to our product updates.
Please find further information and newsletters on this subject at: http://
support.automation.siemens.com.
To ensure the secure operation of a plant or machine it is also necessary to take suitable
preventive action (e.g. cell protection concept) and to integrate the automation and drive
components into a state-of-the-art holistic industrial security concept for the entire plant or
machine. Any third-party products that may be in use must also be taken into account. Please
find further information at: http://www.siemens.com/industrialsecurity
Introduction
1.2 Security information
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 11
Description 2
2.1 Product characteristics
Properties of the IE switches
The Ethernet interfaces support the following modes:
10 Mbps and 100 Mbps both in full and half duplex
1000 Mbps full duplex
Autocrossing
Autopolarity
Redundancy protocols Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree
Protocol (RSTP) and Spanning Tree Protocol (STP)
This means part of a network can be connected redundantly to a higher-level company
network. The reconfiguration time of the network is in the seconds range and therefore
takes longer than the ring redundancy method.
Virtual networks (VLAN)
To structure Industrial Ethernet networks with a fast growing number of nodes, a physical
network can be divided into several virtual subnets. Port-based, protocol-based and subnet-
based VLANs are available.
Load limitation when using multicast protocols, for example video transmission
By learning the multicast sources and destinations (IGMP snooping, IGMP querier), the IE
switches can filter multicast data traffic and limit the load in the network. Multicast and
broadcast data traffic can be limited.
Time-of-day synchronization
Diagnostics messages (log table entries, e-mails) are given a time stamp. The local time
is uniform throughout the network thanks to synchronization with a SICLOCK time
transmitter or SNTP/NTP server and therefore makes the identification of diagnostics
messages of several devices easier.
Link aggregation (IEEE 802.1AX) for bundling data streams
Quality of Service for classification of the network traffic is according to COS (Class of
Service - IEEE 802.11Q) and DSCP (Differentiated Services Code Point - RFC 2474)
Layer 3 functions
The following functions are only available on devices with routing functions:
Static routing
OSPF
VRRP
RIP
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 13
The following devices have routing functions:
Device Order number
SCALANCE XM-400 XM408-8C 6GK5 408-8GR00-2AM2
XM416-4C 6GK5 416-4GR00-2AM2
SCALANCE XR-500 XR552-12M 6GK5 552-0AR00-2AR2
6GK5 552-0AR00-2HR2
XR528-6M 6GK5 528-0AR00-2AR2
6GK5 528-0AR00-2HR2
On the devices that only support layer 2, the routing functions can be enabled by a KEY-PLUG.
Description
2.1 Product characteristics
SCALANCE XM-400/XR-500 Web Based Management
14 Configuration Manual, 03/2014, C79000-G8976-C248-06
2.2 Requirements for installation and operation
Requirements for installation and operation of the IE switches
A PG/PC with a network connection must be available in order to configure the IE switches. If
no DHCP server is available, a PG/PC on which the Primary Setup Tool (PST) is installed is
necessary for the initial assignment of an IP address to the IE switches. For the other
configuration settings, a PG/PC with Telnet or an Internet browser is necessary.
Serial interface
The IE switches have a serial interface. An IP address is unnecessary to be able to access
the device via the serial interface. A serial cable ships with the products.
Set the following parameters for the connection:
Bits per second: 115200
Data bits: 8
Parity: None
Stop bits: 1
Flow control: None
Description
2.2 Requirements for installation and operation
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 15
2.3 C-PLUG / KEY-PLUG
Configuration information on the C-PLUG / KEY-PLUG
The C-PLUG / KEY-PLUG is used to transfer the configuration of the old device to the new
device when a device is replaced.
NOTICE
Do not remove or insert a C-PLUG / KEY-PLUG during operation!
A C-PLUG / KEY-PLUG may only be removed or inserted when the device is turned off.
The device regularly checks whether or not a KEY-PLUG is present. If it is detected that the
KEY-PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted in the device,
the device changes to a defined error state following the restart.
When the new device starts up with the C-PLUG / KEY-PLUG, it then continues automatically
with exactly the same configuration as the old device. One exception to this can be the IP
configuration if it is set over DHCP and the DHCP server has not been reconfigured accordingly.
A reconfiguration is necessary if you use functions based on MAC addresses.
Note
In terms of the C-PLUG / KEY-PLUG, the SCALANCE devices work in two modes:
Without C-PLUG / KEY-PLUG
The device stores the configuration in internal memory. This mode is active when no C-
PLUG / KEY-PLUG is inserted.
With C-PLUG / KEY-PLUG
The configuration stored on the C-PLUG / KEY-PLUG is displayed over the user
interfaces. If changes are made to the configuration, the device stores the configuration
directly on the C-PLUG / KEY-PLUG and in the internal memory. This mode is active as
soon as a C-PLUG / KEY-PLUG is inserted. When the device is started with a C-PLUG /
KEY-PLUG inserted, the device starts up with the configuration data on the C-PLUG /
KEY-PLUG.
Note
Incompatibility with previous versions with C-PLUG / KEY-PLUG inserted
During the installation of a previous version of the firmware, the configuration data can be
lost. In this case, the device starts up with the factory settings after the firmware has been
installed. In this situation, if a C-PLUG / KEY-PLUG is inserted in the device, following the
restart, this has the status "Not Accepted" since the C-PLUG / KEY-PLUG still has the
configuration data of the previous more up-to-date firmware. This allows you to return to the
previous, more up-to-date firmware without any loss of configuration data. If the original
configuration on the C-PLUG / KEY-PLUG is no longer required, the C-PLUG / KEY-PLUG
can be deleted or rewritten manually.
Description
2.3 C-PLUG / KEY-PLUG
SCALANCE XM-400/XR-500 Web Based Management
16 Configuration Manual, 03/2014, C79000-G8976-C248-06
License information on the KEY-PLUG
In addition to the configuration, the KEY-PLUG also contains a license that allows the use of
layer 3 functions.
Description
2.3 C-PLUG / KEY-PLUG
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 17
2.4 Power over Ethernet (PoE)
General
"Power over Ethernet" (PoE) is a power supply technique for network components according
to IEEE 802.3af or IEEE 802.3at. The power is supplied over the Ethernet cables that connect
the individual network components together. This makes an additional power cable
unnecessary. PoE can be used with all PoE-compliant network components that require a
power of max. 25.50 W.
Cable used for the power supply
Variant 1 (redundant wires)
In Fast Ethernet, the wire pairs 1, 2 and 3, 6 are used to transfer data. Pairs 4, 5 and 7, 8
are then used to supply power. If there are only four wires available, the voltage is
modulated onto the wires 1, 2 and 3, 6 (see variant 2). This alternative is suitable for a data
transmission rate of 10/100 Mbps. This type of power supply is not suitable for 1 Gbps since
with gigabit all eight wires are used for data transfer.
Variant 2 (phantom power)
With phantom power, the power is supplied over the pairs that are used for data transfer,
in other words, all eight (1 Gbps) or four (10/100 Mbps) wires are used both for the data
transfer and the power supply.
A PoE-compliant end device must support both variant 1 and variant 2 over redundant wires.
A switch with PoE capability can supply the end device either using
Variant 1 or
Variant 2 or
Variant 1 and variant 2.
Endspan
With endspan, the power is supplied via a switch that can reach a device over an Ethernet
cable. The switch must be capable of PoE, for example a SCALANCE X108PoE, SCALANCE
X308-2M PoE, all SCALANCE XM-400 switches with PE408PoE, SCALANCE XR552‑12M.
Midspan
Midspan is used when the switch is not PoE-compliant. The power is supplied by an additional
device between the switch and end device. In this case, only data rates of 10/100 Mbps can
be achieved because the power is supplied on redundant wires.
Description
2.4 Power over Ethernet (PoE)
SCALANCE XM-400/XR-500 Web Based Management
18 Configuration Manual, 03/2014, C79000-G8976-C248-06
A Siemens power insert can also be used as the interface for the power input. Since a power
insert supports a power supply of 24 VDC, it does not conform with 802.3af or IEEE 802.3at.
The following restrictions relating to the use of power inserts should be noted:
WARNING
Operate the power insert only when the following conditions apply:
with extra low voltages SELV, PELV complying with IEC 60364-4-41
in USA/CAN with power supplies complying with NEC class 2
in USA/CAN, the cabling must meet the requirements of NEC/CEC
Current load maximum 0.5 A
Cable lengths
Table 2-1 Permitted cable lengths (copper cable - Fast Ethernet)
Cable type Accessory (plug, outlet, TP cord) Permitted cable length
IE TP torsion cable with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 45 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180 0 to 55 m
IE FC TP Marine Cable
IE FC TP Trailing Cable
IE FC TP Flexible Cable
with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 75 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180 0 to 85 m
IE FC TP standard cable with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 90 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180 0 to 100 m
Table 2-2 Permitted cable lengths (copper cable - gigabit Ethernet)
Cable type Accessory (plug, outlet, TP cord) Permitted cable length
IE FC standard cable, 4×2, 24
AWG
IE FC flexible cable, 4×2, 24
AWG
with IE FC RJ-45 Plug 180,
4x2
0 to 90 m
IE FC standard cable, 4×2, 22
AWG
with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 60 m
+ 10 m TP cord
IE FC flexible cable, 4×2, 22
AWG
with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 90 m
+ 10 m TP cord
Table 2-3 Fitting connectors
PIN IE FC outlet RJ-45 IE FC RJ-45 modular
outlet
Use
1000BaseT 10BaseT, 100BaseTX
1 Yellow Green/white D1+ Tx+
2 Orange Green D1- Rx+
3 White Orange/white D2+ Tx-
6 Blue Orange D2- Rx-
Description
2.4 Power over Ethernet (PoE)
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 19
PIN IE FC outlet RJ-45 IE FC RJ-45 modular
outlet
Use
1000BaseT 10BaseT, 100BaseTX
4 - Blue D3- -
5 - Blue/white D3+ -
7 - Brown/white D4- -
8 - Brown D4+ -
Description
2.4 Power over Ethernet (PoE)
SCALANCE XM-400/XR-500 Web Based Management
20 Configuration Manual, 03/2014, C79000-G8976-C248-06
Assignment of an IP address 3
3.1 Structure of an IP address
Address classes
IP address range Max. number of networks Max. number of hosts/
network
Class CIDR
1.x.x.x through 126.x.x.x 126 16777214 A /8
128.0.x.x through 191.255.x.x 16383 65534 B /16
192.0.0.x through 223.255.255.x 2097151 254 C /24
224.0.0.0 - 239.255.255.255 Multicast applications D
240.0.0.0 - 255.255.255.255 Reserved for future applications E
An IP address consists of 4 bytes. Each byte is represented in decimal, with a dot separating
it from the previous one. This results in the following structure, where XXX stands for a number
between 0 and 255:
XXX.XXX.XXX.XXX
The IP address is made up of two parts, the network ID and the host ID. This allows different
subnets to be created. Depending on the bytes of the IP address used as the network ID and
those used for the host ID, the IP address can be assigned to a specific address class.
Subnet mask
The bits of the host ID can be used to create subnets. The leading bits represent the address
of the subnet and the remaining bits the address of the host in the subnet.
A subnet is defined by the subnet mask. The structure of the subnet mask corresponds to that
of an IP address. If a "1" is used at a bit position in the subnet mask, the bit belongs to the
corresponding position in the IP address of the subnet address, otherwise to the address of
the computer.
Example of a class B network:
The standard subnet address for class B networks is 255.255.0.0; in other words, the last two
bytes are available for defining a subnet. If 16 subnets must be defined, the third byte of the
subnet address must be set to 11110000 (binary notation). In this case, this results in the
subnet mask 255.255.240.0.
To find out whether two IP addresses belong to the same subnet, the two IP addresses and
the subnet mask are ANDed bit by bit. If both logic operations have the save result, both IP
addresses belong to the same subnet, for example, 141.120.246.210 and 141.120.252.108.
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 21
Outside the local area network, the distinction between network ID and host ID is of no
significance, in this case packets are delivered based on the entire IP address.
Note
In the bit representation of the subnet mask, the "ones" must be set left-justified; in other
words, there must be no "zeros" between the "ones".
Assignment of an IP address
3.1 Structure of an IP address
SCALANCE XM-400/XR-500 Web Based Management
22 Configuration Manual, 03/2014, C79000-G8976-C248-06
3.2 Initial assignment of an IP address
Configuration options
An initial IP address for an IE switch cannot be assigned using Web Based Management
(WBM) because this configuration tool can only be used if an IP address already exists.
The following options are available to assign an IP address to an unconfigured device:
DHCP (default)
Primary Setup Tool (PST)
To be able to assign an IP address to the IE switch with the PST, it must be possible to
reach the IE switch via Ethernet.
You will find the PST at Siemens Industry Automation and Drives Service & Support on
the Internet under the entry ID 19440762 (http://support.automation.siemens.com/WW/
view/en/19440762).
For further information about assigning the IP address with the PST, refer to the
documentation "Primary Setup Tool (PST)".
STEP 7 Classic
In STEP 7, you can configure the topology, the device name and the IP address. If you
connect an unconfigured IE switch to the controller, the controller assigns the configured
device name and the IP address to the IE switch automatically.
For further information on the assignment of the IP address using STEP 7 (…) refer to
the documentation "Configuring Hardware and Communication Connections STEP 7",
in the section "Steps For Configuring a PROFINET IO System".
STEP 7 as of V12 SP1
For further information on assigning the IP address using STEP 7 (as of V12 SP1), refer
to the online help "Information system", section "Addressing PROFINET devices".
CLI via the serial interface
For further information on assigning the IP address using the CLI, refer to the
documentation "SCALANCE XM-400/XR-500 Command Line Interface".
NCM PC
For further information on assigning the IP address using NCM PC, refer to the
documentation "Commissioning PC stations - Manual and Quick Start", in the section
"Creating a PROFINET IO system".
Note
When the product ships and following "Restore Factory Defaults and Restart", DHCP is
enabled. If a DHCP server is available in the local area network, and this responds to the
DHCP request of an IE switch, the IP address, subnet mask and gateway are assigned
automatically when the device first starts up.
Assignment of an IP address
3.2 Initial assignment of an IP address
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 23
3.3 Address assignment with DHCP
Properties of DHCP
DHCP (Dynamic Host Configuration Protocol) is a method for automatic assignment of IP
addresses. It has the following characteristics:
DHCP can be used both when starting up a device and during ongoing operation.
The assigned IP address remains valid only for a limited time known as the lease time.
Once this period has elapsed, the client must either request a new IP address or extend
the lease time of the existing IP address.
There is normally no fixed address assignment; in other words, when a client requests an
IP address again, it normally receives a different address from the previous address. It is
possible to configure the DHCP server so that the DHCP client always receives the same
fixed address in response to its request. The parameter with which the DHCP client is
identified for the fixed address assignment is set on the DHCP client. The address can be
assigned via the MAC address, the DHCP client ID or the system name. You configure the
parameter in "System > DHCP Client".
the DHCP options 66, 67 are supported
DHCP option 66: Assignment of a dynamic TFTP server name
DHCP option 67: Assignment of a dynamic boot file name
Note
DHCP uses a mechanism with which the IP address is assigned for only a short time
(lease time). If the device does not reach the DHCP server with a new request on expiry
of the lease time, the assigned IP address, the subnet mask and the gateway continue
to be used.
The device therefore remains accessible under the last assigned IP address even
without a DHCP server. This is not the standard behavior of office devices but is
necessary for problem-free operation of the plant.
Assignment of an IP address
3.3 Address assignment with DHCP
SCALANCE XM-400/XR-500 Web Based Management
24 Configuration Manual, 03/2014, C79000-G8976-C248-06
Technical basics 4
4.1 Configuration limits
Configuration limits of the device
The following table lists the configuration limits for Web Based Management and the Command
Line Interpreter of the device.
The usability of various functions depends on the device type you are using and whether or
not a KEY-PLUG is inserted.
Configurable function Maximum number
System Syslog server 3
E-mail server 3
SNMPv1 trap recipient 10
Layer 2 Virtual LANs (port-based; including VLAN 1) 257
Protocol-based VLAN groups per port 12
IPv4 subnet-based VLANs 150
Multiple Spanning Tree instances 16
Link aggregations or Etherchannels each with a maximum of 8
ports per aggregation
8
Ports in a link aggregation 8
Static MAC addresses in the forward database (FDB) 256
Multicast addresses without active GMRP 512
Multicast addresses with active GMRP 50
VLANs whose data traffic can be mirrored to a monitor port 255
Security IP addresses from a RADIUS server 3
Management ACLs (access rules for management) 10
Rules for port ACL MAC 128
Ingress and egress rules for port ACL MAC 256
Rules for port ACL IP 128
Ingress and egress rules for port ACL IP 256
Layer 3 Layer 3 interfaces 127
Entries in the hardware routing table 4096
Static routes 100
Possible routes to the same destination 8
DHCP Relay Agent interfaces 127
DHCP Relay Agent servers 4
VRRP router interfaces (VLAN interfaces only) 52
OSPF areas per device 5
OSPF area range entries per OSPF area (intra-area summary) 3
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 25
Configurable function Maximum number
OSPF interfaces 40
OSPF interfaces per OSPF area 40
OSPF virtual links (within an autonomous system) 8
OSPF interface authentication key 200
(40 interfaces each with 5
keys)
OSPF virtual link authentication key 40
(8 virtual links each with 5
keys)
Technical basics
4.1 Configuration limits
SCALANCE XM-400/XR-500 Web Based Management
26 Configuration Manual, 03/2014, C79000-G8976-C248-06
4.2 VLAN
Network definition regardless of the spatial location of the nodes
VLAN (Virtual Local Area Network) divides a physical network into several logical networks
that are shielded from each other. Here, devices are grouped together to form logical groups.
Only nodes of the same VLAN can address each other. Since multicast and broadcast frames
are only forwarded within the particular VLAN, they are also known as broadcast domains.
The particular advantage of VLANs is the reduced network load for the nodes and network
segments of other VLANs.
To identify which packet belongs to which VLAN, the frame is expanded by 4 bytes (VLAN
tagging (Page 28)). This expansion includes not only the VLAN ID but also priority information.
Options for the VLAN assignment
There are various options for the assignment to VLANs:
Port-based VLAN
Each port of a device is assigned a VLAN ID. You configure port-based VLAN in "Layer 2
> VLAN > Port-based VLAN (Page 177)".
Protocol-based VLAN
Each port of a device is assigned a protocol group. You can configure protocol-based VLAN
in "Layer 2 > VLAN > Protocol Based VLAN Port (Page 180)"
Subnet-based VLAN
The IP address of the device is assigned a VLAN ID. You configure subnet-based VLAN
in "Layer 2 > VLAN > lPv4 Subnet Based VLAN (Page 181)".
processing the VLAN assignment
If more than one VLAN assignment is created on the device, the assignments are processed
in the following order:
1. Subnet-based VLAN
2. Protocol-based VLAN
3. Port-based VLAN
The frame is first examined for the IP address. If a rule on the "lPv4 Subnet Based VLAN" tab
applies, the frame is sent to the corresponding VLAN. If no rule applies, the protocol type of
the frame is examined. If a rule on the "Protocol Based VLAN Port" tab applies, the frame is
sent to the corresponding VLAN. If no rule applies, the frame is sent via the port-based VLAN.
The rules for the port-based VLAN are specified on the "Port Based VLAN" tab.
Technical basics
4.2 VLAN
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 27
4.3 VLAN tagging
Expansion of the Ethernet frames by four bytes
For CoS (Class of Service, frame priority) and VLAN (virtual network), the IEEE 802.1 Q
standard defined the expansion of Ethernet frames by adding the VLAN tag.
Note
The VLAN tag increases the permitted total length of the frame from 1518 to 1522 bytes. With
the IE switches, the standard MTU size is 1536 bytes. The MTU size can be changed to
values from 64 to 9216 bytes.
The end nodes on the networks must be checked to find out whether they can process this
length / this frame type. If this is not the case, only frames of the standard length may be sent
to these nodes.
The additional 4 bytes are located in the header of the Ethernet frame between the source
address and the Ethernet type / length field:
Figure 4-1 Structure of the expanded Ethernet frame
The additional bytes contain the tag protocol identifier (TPID) and the tag control information
(TCI).
Tag protocol identifier (TPID)
The first 2 bytes form the Tag Protocol Identifier (TPID) and always have the value 0x8100.
This value specifies that the data packet contains VLAN information or priority information.
Tag Control Information (TCI)
The 2 bytes of the Tag Control Information (TCI) contain the following information:
CoS prioritization
Technical basics
4.3 VLAN tagging
SCALANCE XM-400/XR-500 Web Based Management
28 Configuration Manual, 03/2014, C79000-G8976-C248-06
The tagged frame has 3 bits for the priority that is also known as Class of Service (CoS). The
priority according to IEEE 802.1p is as follows:
CoS bits Type of data
000 Non time-critical data traffic (less then best effort [basic setting])
001 Normal data traffic (best effort [background])
010 Reserved (standard)
011 Reserved ( excellent effort )
100 Data transfer with max. 100 ms delay
101 Guaranteed service, interactive multimedia
110 Guaranteed service, interactive voice transmission
111 Reserved
The prioritization of the data packets is possible only if there is a queue in the components in
which they can buffer data packets with lower priority.
The device has eight parallel queues in which the frames with different priorities can be
processed. First, the frames with the highest priority ("Strict Priority" method) are processed.
This method ensures that the frames with the highest priority are sent even if there is heavy
data traffic.
Canonical Format Identifier (CFI)
The CFI is required for compatibility between Ethernet and the token Ring.
The values have the following meaning:
Value Meaning
0 The format of the MAC address is canonical. In the canonical representation of the MAC
address, the least significant bit is transferred first. Standard-setting for Ethernet switches.
1 The format of the MAC address is not canonical.
VLAN ID
In the 12-bit data field, up to 4096 VLAN IDs can be formed. The following conventions apply:
VLAN ID Meaning
0 The frame contains only priority information (priority tagged frames) and no valid
VLAN identifier.
1 - 4094 Valid VLAN identifier, the frame is assigned to a VLAN and can also include priority
information.
4095 Reserved
Technical basics
4.3 VLAN tagging
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 29
4.4 SNMP
Introduction
With the aid of the Simple Network Management Protocol (SNMP), you monitor and control
network elements from a central station, for example routers or switches. SNMP controls the
communication between the monitored devices and the monitoring station.
Tasks of SNMP:
Monitoring of network components
Remote control and remote parameter assignment of network components
Error detection and error notification
In versions v1 and v2c, SNMP has no security mechanisms. Each user in the network can
access data and also change parameter assignments using suitable software.
For the simple control of access rights without security aspects, community strings are used.
The community string is transferred along with the query. If the community string is correct,
the SNMP agent responds and sends the requested data. If the community string is not correct,
the SNMP agent discards the query. Define different community strings for read and write
permissions. The community strings are transferred in plain text.
Standard values of the community strings:
public
has only read permissions
private
has read and write permissions
Note
Because the SNMP community strings are used for access protection, do not use the
standard values "public" or "private". Change these values following the initial
commissioning.
Further simple protection mechanisms at the device level:
Allowed Host
The IP addresses of the monitoring systems are known to the monitored system.
Read Only
If you assign "Read Only" to a monitored device, monitoring stations can only read out data
but cannot modify it.
SNMP data packets are not encrypted and can easily be read by others.
The central station is also known as the management station. An SNMP agent is installed on
the devices to be monitored with which the management station exchanges data.
The management station sends data packets of the following type:
Technical basics
4.4 SNMP
SCALANCE XM-400/XR-500 Web Based Management
30 Configuration Manual, 03/2014, C79000-G8976-C248-06
GET
Request for a data record from the agent
GETNEXT
Calls up the next data record.
GETBULK (available as of SNMPv2)
Requests multiple data records at one time, for example several rows of a table.
SET
Contains parameter assignment data for the relevant device.
The SNMP agent sends data packets of the following type:
RESPONSE
The agent returns the data requested by the manager.
TRAP
If a certain event occurs, the SNMP agent itself sends traps.
SNMPv1 and SNMPv2 and SNMPv3 use UDP (User Datagram Protocol). The data is
described in a Management Information Base (MIB).
SNMPv3
Compared with the previous versions SNMPv1 and SNMPv2. SNMPv3 introduces an
extensive security concept.
SNMPv3 supports:
Fully encrypted user authentication
Encryption of the entire data traffic
Access control of the MIB objects at the user/group level
Technical basics
4.4 SNMP
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 31
4.5 Routing function
Introduction
The term routing describes the specification of routes for communication between different
networks; in other words, how does a data packet from subnet A get to subnet B.
SCALANCE X supports the following routing functions:
Static routing
With static routing, the routes are entered manually in the routing table.
Router redundancy
With standardized VRRP (Virtual Router Redundancy Protocol), the availability of important
gateways is increased by redundant routers.
Dynamic routing
The entries in the routing table are dynamic and are updated continuously. The entries are
created with one of the following dynamic routing protocols:
OSPFv2
RIPv2
Static routing
The route is entered manually in the routing table. Enter the route in the routing table on the
"Layer 3 > Routes (Page 243)" page.
See also
VRRP (Page 254)
4.5.1 VRRP
Router redundancy with VRRP
With the Virtual Router Redundancy Protocol (VRRP), the failure of a router in a network can
be countered.
VRRP can only be used with virtual IP interfaces (VLAN interfaces) and not with router ports.
Several VRRP routers in a network segment are put together as a logical group representing
a virtual router (VR). The group is defined using the virtual ID (VRID). Within the group, the
VRID must be the same. The VRID can no longer be used for other groups.
The virtual router is assigned a virtual IP address and a virtual MAC address. One of the VRRP
routers within the group is specified as the master router. The master router has priority 255.
The other VRRP routers are backup routers. The master router assigns the virtual IP address
and the virtual MAC address to its network interface. The master router sends VRRP packets
Technical basics
4.5 Routing function
SCALANCE XM-400/XR-500 Web Based Management
32 Configuration Manual, 03/2014, C79000-G8976-C248-06
(advertisements) to the backup routers at specific intervals. With the VRRP packets, the master
router signals that it is still functioning. The master router also replies to the ARP queries.
If the virtual master router fails, a backup router takes over the role of the master router. The
backup router with the highest priority becomes the master router. If the priority of the backup
routers is the same, the higher MAC address decides. The backup router becomes the new
virtual master router.
The new virtual master router adopts the virtual MAC and IP address. This means that no
routing tables or ARP tables need to be updated. The consequences of a device failure are
therefore minimized.
You configure VRRP in "Layer 3 > VRRP".
4.5.2 OSPFv2
Dynamic routing with OSPFv2
OSPF (Open Shortest Path First) is a cost-based routing protocol. To calculate the shortest
and most cost-effective route, the Short Path First algorithm by Dijkstra is used. OSPF was
developed by the IETF (Internet Engineering Task Force).
You configure OSPFv2 in "Layer 3 > OSPFv2 (Page 260)".
OSPFv2 divides an autonomous system (AS) into different areas.
Areas in OSPF
The following areas exist:
Backbone
The backbone area is area 0.0.0.0. All other areas are connected to this area. The backbone
area is connected either directly or via virtual connections with other areas.
All routing information is available in the backbone area. As a result, the backbone area is
responsible for forwarding information between different areas.
Stub Area
This area contains the routes within its area within the autonomous system and the standard
route out of the autonomous system. The destinations outside this autonomous system are
assigned to the standard route.
Totally Stubby Area
This area knows only the routes within its area and the standard route out of the area.
Not So Stubby Area (NSSA)
This area can forward (redistribute) packets from other autonomous systems into the areas
of its own autonomous system. The packets are further distributed by the NSSA router.
Technical basics
4.5 Routing function
SCALANCE XM-400/XR-500 Web Based Management
Configuration Manual, 03/2014, C79000-G8976-C248-06 33