1 introduction to am function, 2 am function configuration task list, Ntroduction to – PLANET XGS3-24040 User Manual
Page 488: Unction, Onfiguration

Chapter 49 Operational Configuration of AM Function
49-1
Chapter 49 Operational Configuration of AM
Function
49.1 Introduction to AM Function
AM (Access Management) means that when a switch receives an IP or ARP message, it will compare the
information extracted from the message (such as source IP address or source MAC-IP address) with the
configured hardware address pool. If there is an entry in the address pool matching the information (source IP
address or source MAC-IP address), the message will be forwarded, otherwise, dumped. The reason why
source-IP-based AM should be supplemented by source-MAC-IP-based AM is that IP address of a host might
change. Only with a bound IP, can users change the IP of the host into forwarding IP, and hence enable the
messages from the host to be forwarded by the switch. Given the fact that MAC-IP can be exclusively bound
with a host, it is necessary to make MAC-IP bound with a host for the purpose of preventing users from
maliciously modifying host IP to forward the messages from their hosts via the switch.
With the interface-bound attribute of AM, network mangers can bind the IP (MAC-IP) address of a legal user
to a specified interface. After that, only the messages sending by users with specified IP (MAC-IP) addresses
can be forwarded via the interface, and thus strengthen the monitoring of the network security.
49.2 AM Function Configuration Task List
1. Enable AM function
2. Enable AM function on an interface
3. Configure the forwarding IP
4. Configure the forwarding MAC-IP
5. Delete all of the configured IP or MAC-IP or both
6. Display relative configuration information of AM
1. Enable AM function
Command
Explanation
Global Mode
am enable
no am enable
Globally enable or disable AM function.
2. Enable AM function on an interface
Command
Explanation
Port Mode
