object-group ip address

Syntax

Syntax to create an IPv4 address object group and enter its context: 

object-group ip address <OBJECT-GROUP-NAME>

no object-group ip address <OBJECT-GROUP-NAME>

Syntax (within the address object-group context) for creating or removing IPv4 address entries: 

  [<SEQUENCE-NUMBER>]  { any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}] }

  no <SEQUENCE-NUMBER>

Description

Creates an IPv4 address object group comprised of one or more address entries. Address groups are used solely as a shorthand way of specifying groups of addresses in the ACEs that make up ACLs. IPv4 address groups can be used only in the access-list ip command. Entering object-group ip address with an existing address group name, enables you to modify an existing address group.

The no form of this command deletes the entire address group or deletes a particular address group entry identified by sequence number.

Command context

config

The object-group ip address command takes you into the named address group context (with prompt switch(config-addrgroup-ip)#) where you enter the addresses.

Parameters

<OBJECT-GROUP-NAME>

Specifies the address object group name.

<SEQUENCE-NUMBER>

Specifies a sequence number for the address entry. Range: 1 to 4294967295. When omitted, a sequence number 10 larger than the current highest sequence number is auto-assigned. Default auto-assigned sequence numbers are 10, 20, 30, and so on.

{ any|<SRC-IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}] }
Specifies the source IPv4 address.

  • any - specifies any source IPv4 address.

  • <SRC-IP-ADDRESS> - specifies the source IPv4 host address.

    • <PREFIX-LENGTH> - specifies the address bits to mask (CIDR subnet mask notation). Range: 1 to 32.

    • <SUBNET-MASK> - specifies the address bits to mask (dotted decimal notation).

Authority

Administrators

Examples

Creating an IPv4 address group with two entries: 

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# 10 192.168.0.1
switch(config-addrgroup-ip)# 20 192.168.0.2
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        20 192.168.0.2

Adding an entry to an existing IPv4 address group: 

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# 30 192.168.0.3
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        20 192.168.0.2
        30 192.168.0.3

Removing an entry (20) from an existing IPv4 address group: 

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# no 20
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        30 192.168.0.3

Removing an IPv4 address group: 

switch(config)# no object-group ip address my_ipv4_addr_group
switch(config)# show object-group
No object group found.