Differences

This shows you the differences between two versions of the page.

--- userdoc:tt_avahi_mdns [2016/06/18 20:42]
abelbeck [mDNS/DNS-SD Example]
+++ userdoc:tt_avahi_mdns [2016/06/19 07:22] (current)
abelbeck [mDNS/Bonjour Printer Discovery Example]
@@ Line 47: / Line 47: @@
 After making changes to the ''avahi-daemon.conf'' configuration file you can restart mDNS/DNS-SD.
-==== mDNS/DNS-SD Example ====
+==== mDNS/Bonjour Printer Discovery Example ====
 !!Courtesy David Kerr!!
-Described below is an example how to use the new avahi Bonjour/mDNS discovery service to make printers available onto a guest network.
+The following is an example how to use the Avahi mDNS/Bonjour discovery service to make printers available onto a guest network.  In this example the guest network is a WiFi network using the Ubiquiti Networks - UniFi product line.
-For example, lets assume your main network is 192.168.xx.0/24 on network interface eth1 and on that network you have a printer 192.168.xx.10 that advertises its services by Bonjour (this is how all Apple iOS devices discover your printer).
+Lets assume your main network is ''192.168.101.0/24'' on network interface ''eth1'' and on that network you have a printer ''192.168.101.10'' that advertises its services by Bonjour (this is how all Apple iOS devices discover a printer).
-Now assume you configure a guest VLAN that is network 192.168.yy.0/24 on network virtual interface eth1.100 and devices connect to that network using UniFi access points.  Using the UniFi controller (which we assume is at 192.168.xx.2) we configure the UniFi guest network to connect to VLAN "100" and enable guest policies with authentication to be done through a UniFi guest portal.
+Now assume you configure a guest VLAN that is network ''192.168.102.0/24'' on network virtual interface ''eth1.100'' and devices connect to that network using UniFi access points.  Using the UniFi controller (which we assume is at ''192.168.101.2'') we configure the UniFi guest network to connect to ''VLAN 100'' and enable guest policies with authentication to be done through a UniFi guest portal.
-With that environment do the following setup...
+With that environment perform the following setup...
-Enable "mDNS/DNS-SD Service Discovery" on the Network tab of user interface.  You will need to reboot before doing next step.
+Select the Network Tab in the web interface.\\
+{{:userdoc:ipv6-tunnel-network-tab.jpg?nolink|Network Tab}}
-Click on "Configure mDMS/DNS-SD" button on Network tab (this only appears after above reboot) to edit the avahi-daemon.conf file.
+Locate the mDNS/DNS-SD entry within **Network Services:**
-In the [server] section of avahi-daemon.conf add/edit this line...
+{{:userdoc:avahi-mdns-disabled-network-tab.jpg?nolink|mDNS/DNS-SD Disabled Config}}
-    allow-interfaces=eth1,eth1.100
+Change to "enabled" and "Save Settings", then restart mDNS/DNS-SD...
+{{:userdoc:avahi-mdns-restart-network-tab.jpg?nolink|mDNS/DNS-SD Enabled Config}}
+A default configuration has been installed, which you can now edit by clicking on "Configure mDNS/DNS-SD"...
+{{:userdoc:avahi-mdns-enabled-network-tab.jpg?nolink|mDNS/DNS-SD Enabled Config}}
+In the ''[server]'' section of avahi-daemon.conf add/edit this line...
+  allow-interfaces=eth1,eth1.100
 This enables avahi on both your main network and guest network.
-In the [reflector] section of the conf file add these lines...
+In the ''[reflector]'' section of the conf file add these lines...
-    enable-reflector=yes
-    reflect-ipv=no
+  enable-reflector=yes
-    reflect-filters=_printer._tcp.local,_ipp._tcp.local,_pdl-datastream._tcp.local
+  reflect-ipv=no
-This tells avahi to only reflect the printing bonjour packets across networks.
+  reflect-filters=_printer._tcp.local,_ipp._tcp.local,_pdl-datastream._tcp.local
+This tells avahi to only reflect the printing mDNS/Bonjour packets across networks.
+Save this file and now go to the Network tab -> Firewall Configuration sub-tab and add the following as "Pass LAN->LAN" rules.
+  Action: Pass LAN->LAN | Protocol: TCP | Source: 192.168.102.0/24 | Destination: 192.168.101.10 | Port: 515,631,9100
+  Action: Pass LAN->LAN | Protocol: TCP | Source: 192.168.102.0/24 | Destination: 192.168.101.2 | Port: 8880,8843
-Save this file and now go to the Firewall settings in the AstLinux Network tab and add the following as "Pass LAN->LAN" rules.
-    Pass 192.168.yy.0/24 to 192.168.xx.10 ports 515,631,9100
-    Pass 192.168.yy.0/24 to 192.168.xx.2 ports 8880,8843
 The first rule corresponds to the printer protocols that we are publishing across the LANs and allows any device on the guest LAN to connect to our printer on our main network.  The second rule enables guest devices to access the UniFi controller on the ports it uses for the guest portal so guests can authenticate.
+!!Tip ->!! The firewall rules above could use ''Source: 0/0'' if you wanted all configured internal LAN networks to reach the printer.
 Restart mDNS/DNS-SD and restart the firewall.
@@ Line 82: / Line 102: @@
 Now any device that connects to your guest network is able to discover and print to your printer on your main network.
-This technique can also be used to make other services you might want to share from your main network to a guest network, e.g. a Apple TV / AirPlay device... add _airplay._tcp.local,_raop._tcp.local to the reflect filter and set appropriate firewall rules to open access to the AirPlay device.
+This technique can also be used to make other services you might want to share from your main network to a guest network, e.g. a Apple TV / AirPlay device... add ''_airplay._tcp.local,_raop._tcp.local'' to the reflect filter and set appropriate firewall rules to open access to the AirPlay device.