Bonjour Traffic \ AirPlay

  • 0
  • 4
  • Question
  • Updated 5 years ago
  • Answered
We are setting up Apple TV’s in a classroom environment to allow faculty to connect via wireless using Airplay Mirroring and project their screen. In general, I'm interested in how others are handling Bonjour traffic on a routed network and\or how network admins are handling this type solution in a bridged at controller environment.
Photo of Tony Chila

Tony Chila

  • 120 Points 100 badge 2x thumb

Posted 5 years ago

  • 0
  • 4
Photo of Charlie Altherr

Charlie Altherr

  • 400 Points 250 badge 2x thumb
We have setup use of Apple TV via iPads using Airplay in our business conference rooms. We were unable to get this to work in a routed environment do to the mDNS being used. It does work fine if the two devices are on the same L2 subnet. Bridged at the controller should work fine if it all comes back to a single VLAN.

It seems I heard that a future relese of firmware for the HiPath wireless system will enable this to work on routed networks, but cannot confirm or deny that statement.

We also implemented policies, enforced at the access points, to control access to/from the Apple TV and iPads. Be happy to share details if interested.
Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 20,514 Points 20k badge 2x thumb
Tony/Charlie,

Here is a link that explains how Enterasys handles Bonjour. I'm willing to contact you directly to discuss your options based on the equipment you currently have installed.

http://pages.enterasys.com/AppleBonjo...

Regards,

Doug Hyde
Sr Support Engineer
Enterasys Networks
Photo of Charlie Altherr

Charlie Altherr

  • 400 Points 250 badge 2x thumb
Nice article Doug. It confirms what I discovered when implementing this a few months back. I agree you want to contain the Bonjour traffic to a BZone or VLAN. Policy based filtering and placement is the way to go. Of course policy based equipment and a NAC (Mobile IAM) go along way in achiving it.
Photo of Javier Solis

Javier Solis

  • 422 Points 250 badge 2x thumb
I read through the doc you posted, but I don't see technical documentation on how you setup the bonjour traffic policy. We are currently at software version 8.31.03.0011 on our controllers and netsight version 5.0.0.252

Thanks,
Photo of Branden Henner

Branden Henner

  • 406 Points 250 badge 2x thumb
Hi Javier! I would recommend you create a VLAN only for Bonjour traffic and create a rule that will contain the traffic to that VLAN. The poor man's method is just dropping the traffic on the default Bridged at the AP topology. I'm on my phone but if I'll try to post a screenshot example when I get back to my desk.
Photo of Jim Seaman

Jim Seaman

  • 314 Points 250 badge 2x thumb
So, one vlan contains all bonjour traffic then all bonjour devices are visible to anyone anywhere?

You know I'm the difficult one, Branden.
Photo of Javier Solis

Javier Solis

  • 422 Points 250 badge 2x thumb
Branden,

A help guide would be nice. Would you be able to post some directions or screen shots?

Thanks,
Photo of Branden Henner

Branden Henner

  • 406 Points 250 badge 2x thumb
You will need to be running 8.31. I'm assuming you have your different wireless networks broken out into different VLANs which is why the iOS devices cannot talk to each other. I'll assume your wired devices are on VLAN 1. See attached screenshot of how you need to build the Rule in your wireless controller so that the Bonjour traffic on your wireless gets dropped into VLAN 1.
Photo of Branden Henner

Branden Henner

  • 406 Points 250 badge 2x thumb
Correct Jim. See my post above and just change the VLAN to whatever your "Bonjour" VLAN is.
Photo of Jim Seaman

Jim Seaman

  • 314 Points 250 badge 2x thumb
Thanks, Branden.
Photo of Javier Solis

Javier Solis

  • 422 Points 250 badge 2x thumb
Branden,

Will having block MU to MU traffic on each VNS disable the devices from being able to speak to one another through this contain to VLAN bonjour rule?

Thanks,
Photo of Branden Henner

Branden Henner

  • 406 Points 250 badge 2x thumb
Sorry. No. You should not have to enable Multicast traffic on the topology in order for this to work as long as you aren't doing something to block the traffic on your switch infrastructure.
Photo of Jim Seaman

Jim Seaman

  • 314 Points 250 badge 2x thumb
With the new 8.31 code I can isolate bonjour traffic to vlans and assign those to specific buildings. sweet.
Photo of Hartmut Sachse

Hartmut Sachse

  • 2,598 Points 2k badge 2x thumb
If you need more detailed instructions how to implement bonjour enabled networks, ask the EGTAC for the technical reference guide v.1.1 (Sept. 10th, 2012). This paper is available for partners. 

Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 20,514 Points 20k badge 2x thumb
Hartmut, 

Let me check on the status of the whitepaper to see if I can post it. Also if you have any questions on setting it up please let us know by contacting the GTAC directly. We will gladly assist.  


Doug Hyde
Sr Support Engineer
Extreme Networks



Photo of Javier Solis

Javier Solis

  • 422 Points 250 badge 2x thumb
If mu to mu is blocked, then the other ports that are needed for airplay are blocked. The initial airplay find works because the multicast is bridged to AP(switch vlan) and not affected by mu to mu block. However, as soon as I try to click on airplay, nothing happens because client to client communication over other ports is required. If I disable mu to mu blocking, then everything works fine. The only viable workaround I can think of is to disable mu to mu blocking and setup filters on the AP that don't allow src client network to talk to dst of client network and then allow airplay ports before the deny. Any other solutions?