configure access-list network-zone
configure access-list network-zone zone_name [add | delete] [mac-address macaddress {macmask} | ipaddress [ipaddress {netmask} | ipNetmask | ipv6_address_mask]]
Description
Adds or removes IP and MAC addresses to and from the network-zone.
Syntax Description
network-zone | Logical group of remote devices. |
zone_name | Specifies the network-zone name. |
add | Adds a logical group of entities to the network-zone. |
delete | Deletes a logical group of entities to the network-zone. |
mac-address | MAC address. |
macaddress | Specifies the MAC address to be added/removed to/from the network-zone. |
macmask | Specifies the MAC Mask. Example FF:FF:FF:00:00:00. |
ipaddress | Specifies IPv4 address. |
ipaddress | Specifies the IP address. |
netmask | Specifies IP netmask. |
ipNetmask | Specifies the IP address/Netmask. |
ipv6_address_mask | Specifies IPv6 address/IPv6 prefix length. |
Default
N/A.
Usage Guidelines
Use this command to to add or remove IP/MAC addresses to/from the network-zone.
Example
The following command adds an IPv6 IP address to network-zone “zone1”:
Switch# configure access-list network-zone zone1 add ipaddress 11.1.1.1/32
If you try to add the same IP/MAC with the same or narrow mask, the configuration is rejected, with the following error message.
Switch #configure access-list network-zone "zone1" add ipaddress 11.1.1.1/24 Error: Network Zone "zone1" - Zone already has the same entity value with same or wider mask.
If you try to add more than eight attributes to a network-zone, the following error message is printed.
Switch #configure access-list network-zone "zone1" add ipaddress 11.1.1.1/24 Error: Network Zone "zone1" - Reached maximum number of attributes. Unable to add more.
History
This command was first available in ExtremeXOS 15.2.
Platform Availability
This command is available on all platforms.