object-group ip address

Syntax

Syntax to create an IPv4 address object group and enter its context:

object-group ip address <OBJECT-GROUP-NAME>

no object-group ip address <OBJECT-GROUP-NAME>

Syntax (within the address object-group context) for creating or removing IPv4 address entries:

  [<SEQUENCE-NUMBER>]  <IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]

  no <SEQUENCE-NUMBER>

Description

Creates an IPv4 address object group comprised of one or more address entries. Address groups are used solely as a shorthand way of specifying groups of addresses in the ACEs that make up ACLs. IPv4 address groups can be used only in the access-list ip command. Entering object-group ip address with an existing address group name, enables you to modify an existing address group.

The no form of this command deletes the entire address group or deletes a particular address group entry identified by sequence number.

Command context

config

The object-group ip address command takes you into the named address group context (with prompt switch(config-addrgroup-ip)#) where you enter the addresses.

Parameters

<OBJECT-GROUP-NAME>

Specifies the address object group name.

<SEQUENCE-NUMBER>

Specifies a sequence number for the address entry. Range: 1 to 4294967295. When omitted, a sequence number 10 larger than the current highest sequence number is auto-assigned. Default auto-assigned sequence numbers are 10, 20, 30, and so on.

<IP-ADDRESS>[/{<PREFIX-LENGTH>|<SUBNET-MASK>}]
Specifies the IPv4 address.
  • <IP-ADDRESS> - specifies the IPv4 host address.

    • <PREFIX-LENGTH> - specifies the address bits to mask (CIDR subnet mask notation). Range: 1 to 32.

    • <SUBNET-MASK> - specifies the address bits to mask (dotted decimal notation).

Authority

Administrators or local user group members with execution rights for this command.

Examples

Creating an IPv4 address group with two entries:

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# 10 192.168.0.1
switch(config-addrgroup-ip)# 20 192.168.0.2
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        20 192.168.0.2

Adding an entry to an existing IPv4 address group:

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# 30 192.168.0.3
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        20 192.168.0.2
        30 192.168.0.3

Removing an entry (20) from an existing IPv4 address group:

switch(config)# object-group ip address my_ipv4_addr_group
switch(config-addrgroup-ip)# no 20
switch(config-addrgroup-ip)# exit
switch(config)# show object-group
Type       Name
  Sequence L4 Port(s)/IP Address
-------------------------------------------------------------------------------
IPv4       my_ipv4_addr_group
        10 192.168.0.1
        30 192.168.0.3

Removing an IPv4 address group:

switch(config)# no object-group ip address my_ipv4_addr_group
switch(config)# show object-group
No object group found.