S9706 ACU2 V2R5SPC600 Bonjour Gateway Implementation Guide

Publication Date:  2015-02-23 Views:  248 Downloads:  0
Issue Description

Backgrounds:

Hong Kong Kellett British International School deployed and utilized the Apple Devices all over the school campus. Not only the Apple Mac Printing Server and Apple TV were set up in the classroom, the students are also equipped with Macbooks for teaching purposes. As a result, Kellett School are requesting to set up Bonjour Gateway as a Bring Your Own Device Solution (BYOD) in order to sharing of resources among these Apple’s smart devices. Airplay and Air Print are two applications used to evaluate its performance of Bonjour Gateway.

 

Hong Kong Kellett British International School is the first project to implement the Apple Bonjour Gateway across Vlans .



Objective:

To setup the Bonjour Gateway so as to achieve the following functions

         i. To allow Airplay Sharing functions between Specific SSIDs as a wireless access between Apple Devices.

                             ii.     Bonjour Service establishment in the Same Vlan

                         iii.Bonjour Gateway Service establishment in different Vlans

                           iv. Bonjour Gateway Control across different Vlans

                                v. To allow Air Print functions between internal MAC Print Server in the wired network and wireless access user.


 

Device Software Version:

Version /Patch Name:

Description:

Comment:

ACU2V200R005C00SPC600.cc

To allow ACU2 Control board to perform the Bonjour Gateway Feature.

ACU2V200R005C00SPC600.cc

ACU2V200R005C00SPC300T only does not support HSB service.

 

 

To make compatible with ACU2 ACU2V200R005C00SPC300T

Upgrade AP5030DN in order to restore the Password encryption authentication and remediate Roaming problem.

 

 

Huawei R & D had set-up internal testing environment to prove the upgrade of the V2R5SPC700 can improve the situation, including 

 (1) Access user Normal online,

(2) Access Network behavior,

 (3) Roaming Performance  under

WPA2-Encryption policy

S5700- V200R001SPH015

Poe Power supply

 

Solution

Pre-configuration of ACU2 with S97 (Internal Connectivity Establishment)

 

Objective:

To establish and activate Internal link from ACU2 board to connect with S97

To achieve Internal link redundancy by LACP

To maximize the Internal link bandwidth 


Procedures:

ACU2 is connected with Switch_1 internally using port XGE1/0/1. To increase link bandwidth and redundancy, the XGE ports are all configured with LACP using ETH-Trunk.

 

 

Configuration of ACU2:

System-view

Vlan vlan-id

Load-distribution mode slot slot-id enhanced // to allow ACU2 boards can achieve max.forwarding rate

 

Interface Eth-Trunk trunk-id

Port link-type trunk

Port trunk allowed-pass vlan vlan-id

 

Interface XGigabitethernet 1/0/1

Eth-trunk trunk-id                  // Apply Eth-trunk to physical Interfaces

Interface XGigabitethernet 1/0/2

Eth-trunk trunk-id                  // Apply Eth-trunk to physical Interfaces



Configuration of Bonjour Gateway:

WLAN view:

 

mdns gateway enable

vlan 1301

 mdns probe interval 60   // Specify the automatic scanning and discovery period of apple services

vlan 1302

 mdns probe interval 60

vlan 1303

 mdns probe interval 60

vlan 1304

 mdns probe interval 60

vlan 1306

 mdns probe interval 60

vlan 1801

 description < SVI for Server Farm (Public) >

vlan 1808

 mdns probe interval 60

vlan 1809

     mdns probe interval 1809

 

  #

mdns group 1301     // Create a multicast MDNS group

 user-vlan 1301      // Specify the Initiating devices within User-Vlan

 service-vlan 1808   // Specify the Service-Vlan of Bonjour Gateway

#

mdns group 1302

 user-vlan 1302

 service-vlan 1808

#

mdns group 1303

 user-vlan 1303

 service-vlan 1808

#

mdns group 1304

 user-vlan 1304

 service-vlan 1808

#

mdns group 1306

 user-vlan 1306

 service-vlan 1808

#

mdns group 1809 // MDNS group between Wired Network and Wireless Network

 user-vlan 1809  // Mobile device in Wireless Network to transfer files to wired network

 service-vlan 1808    // Server in Wired Network









Explanations of Terminology and Usage:

 

User-Vlan: Specify the device Vlans that the devices want to initiate Apple Airplay services

 


   Service-Vlan: Specify the Vlans that start Bonjour Gateway services

 

 

Comparison with the Objective:  

 

To allow Airplay Sharing functions between Specific SSIDs as a wireless access between Apple Devices.

            i.              Bonjour Service establishment in the Same Vlan.

Within same Layer 2 Broadcast, Bonjour can automatically discover services.

         ii.             Bonjour Gateway Service establishment in different Vlans

Bonjour Gateway Service can be established through creation of Mdns group.

     iii.            Bonjour Gateway Control across different Vlans

Bonjour Gateway Control can be done by defining User-Vlan and Service-Vlan

Attention:

 

There are maximum of 4096 mdns group for configuration. For each mdns group, a maximum of 32 User-Vlan and 32 Service-Vlan can be created and involved.

 

For each User-Vlan, it can only belongs to and match with one single MDNS group. If the user does not create any mdns group, it assumes to match with all mdns gateway group by default.

 

For each Service-Vlan, it can involve into more than one with different mdns groups. If no Service-Vlan is created accordingly, the vlan should not be controlled through mdns group by default.

 

Strategies:

Bonjour Gateway is controlled though User-Vlan. Within one MDNS group, specify the User-Vlan and Service-Vlan can achieve device traffic control bidirectional from User-Vlan to Service- Vlan.

 

In order to achieve Unit-directionality (authorization) of Bonjour Gateway Application, that is, device in User-Vlan A can connect with device in Service-Vlan BUT NOT VICE VERSA; we can create 2 Mdns group with specific User-Vlan such that the device in User-vlan matches with Mdns group.    

 

Authorization through User-Vlan configuration in Mdns Group:

mdns group 1301     // Create a multicast MDNS group

 user-vlan 1301      // Specify the Initiating devices within User-Vlan

 service-vlan 1302 1303 1304  // Specify the Service-Vlan of Bonjour Gateway

#

mdns group 1302

 user-vlan 1302

 service-vlan 1808

#

 

Client 1 in User-Vlan 1301 can push content through Airplay Application to Server in Service-Vlan 1302 but not Vice Versa.

END