cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
88
Views
0
Helpful
2
Replies
Beginner

IOS XE 16.12.1 object-group v6-network does not work

Hello,

 

I'm testing IOS XE 16.12.1 in a WS-C3850-24XS. When I tried to use object-group, it does not accept IPv6 network addresses. IPv4 works as expected:

 

 

object-group network netA-4 
  10.1.0.0 255.255.254.0
  10.1.20.0 255.255.254.0
  host 10.1.10.1  

But if fails to accept IPv6 networks:

 

object-group v6-network netA-6
switch1(config-v6network-group)#fdca:aaaa:aaaa:aaaa::/64
^
% Invalid input detected at '^' marker.

switch1(config-v6network-group)#host fdca:aaaa:aaaa:aaaa::1
switch1(config-v6network-group)#

I can only add hosts to object-group v6-network. I tried both ULA and global addresses, different mask and nothing seems to be accepted.

 

2 REPLIES 2
Highlighted
VIP Expert

Re: IOS XE 16.12.1 object-group v6-network does not work

Hi,

What is your license? For IPv6 features, you usually need IP Services license.

HTH

Beginner

Re: IOS XE 16.12.1 object-group v6-network does not work

I'm using IP Base. However, AFAIK, IP Base lacks stuff like dynamic routing and other enterprise features.

IPv6 seems to be now a "standard feature" and not an "add-on feature", not something to buy as extra.

 

It does not make sense to avoid using object-group IPv6 network but allow the same result using individual ACEs.

object-group only simplifies ACL management, not a final feature. If it were something that we need to "buy", I would expect it to offer IPv6 prefix/network match before it allows individual IPv6 host match, as the later uses more resources.

 

 

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards