configure access-list network-zone
Description
Adds or removes IP and MAC addresses to and from the network-zone.
Syntax Description
| network-zone | Logical group of remote devices. |
| zone_name | Specifies the network-zone name. |
| add | Adds a logical group of entities to the network-zone. |
| delete | Deletes a logical group of entities to the network-zone. |
| mac-address | MAC address. |
| macaddress | Specifies the MAC address to be added/removed to/from the network-zone. |
| macmask | Specifies the MAC Mask. Example FF:FF:FF:00:00:00. |
| ipaddress | Specifies IPv4 address. |
| ipaddress | Specifies the IP address. |
| netmask | Specifies IP netmask. |
| ipNetmask | Specifies the IP address/Netmask. |
| ipv6_address_mask | Specifies IPv6 address/IPv6 prefix length. |
Default
N/A.
Usage Guidelines
Use this command to to add or remove IP/MAC addresses to/from the network-zone.
Example
The following command adds an IPv6 IP address to network-zone “zone1”:
Switch# configure access-list network-zone zone1 add ipaddress 11.1.1.1/32
If you try to add the same IP/MAC with the same or narrow mask, the configuration is rejected, with the following error message.
Switch #configure access-list network-zone "zone1" add ipaddress 11.1.1.1/24 Error: Network Zone "zone1" - Zone already has the same entity value with same or wider mask.
If you try to add more than eight attributes to a network-zone, the following error message is printed.
Switch #configure access-list network-zone "zone1" add ipaddress 11.1.1.1/24 Error: Network Zone "zone1" - Reached maximum number of attributes. Unable to add more.
History
This command was first available in ExtremeXOS 15.2.
Platform Availability
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.