How to use wide-area Bonjour?

Similar Messages

• How to setup Wide Area Bonjour across multiple Subnets?

  Hi Gents,
  It's been painful trying to get this up and i feel i am almost there, but can seem to complete the last bit
  I have this network i am helping to manage
  OS X Lion Server running
       DNS
       RADIUS
       Open Directory
  So the wifi network is in a seperate subsnet from the LAN on which the Mac Server is connected to which posses the problem of Bonjour not routed between the two subnets. So i decided to enable Wide-Area bonjour browsing and create a Service record for afp share folders. So i have got to the point where it's coming up on devices on the seperate subnet under the network icon, however when i try to connect to the service it just says connection failed. Authentication is occuring because if i use wrong credentials it doesn't attempt to connect.
  I believe it might be the way i am defining TXT. I have little experience here, any assistance would be appreciated
  This is the configruation in DNS Settings on Server Admin
  Service Name: Work\03****\03\you
  Service Type: _afpovertcp._tcp.
  Host: work.damnyou.org.
  Port: 548
  Priority: 1
  Weigth: 0
  TXT: "path=PUBLIC/"
  Anytime i attempt to connect, it just says Connection Failed
  Thanks,
  DeeBeeMac

  DeeBeeMac,
  Did you get things working good for you?  I also have a wired VLAN and a WiFi VLAN that I have a implementation with Aruba network for my WiFi,  they have an option called airgroup and printers seem to come and go.   I really don't want to use the Aerohive solution,  so I was thinking of a Mac mini with an interface on both VLANS.   Do you need to setup anything to get os x to announce services it see's on both networks?   I also tried avahi and turned on reflector, however it seems spotty as well.

• Wide Area Bonjour and making it *NOT* use a NAT

  Does anyone know if there's a way to stop Wide Area Bonjour from using the NAT gateway when it detects it's on a private network? This seems to be the default behavior and I wondered if it was possible to disable it.

  Well for what it's worth, I moved my network onto 192.0.2.X which is a section of IP addresses reserved for testing - so while not strictly private (though they never appear on the Internet) it means that Bonjour doesnt try to use the NAT.
  Can we say hack?

• CUPS queues don't work with Wide Area Bonjour

  I'm completely flummoxed!
  My school board is installing new switches in all our schools, and moving from a single flat VLAN to multiple - one for printers, one for server, one for client workstations. Printing queues advertised with Bonjour worked fine on the old network, but multiple VLANs breaks all that since Bonjour is in the unrouteable multicast range (which makes sense, since it's not meant to work outside of the local network). I have old Tiger servers at the schools, running on hardware that doesn't do VLANs (old G4 towers), so advertising queues with Bonjour using the school server can't get me by.
  I've set up BIND (DNS) to show my CUPS IPP print queues from a central Lion workstation (elemprtsrv01.example.com) in the school's subnet (10.159.40.0/22; academic-wrd.scd.example.com) as follows (my domain substituted with example.com for anonymity) - the relevant section snipped from the rest of the zone file:
  $ORIGIN academic-wrd.scd.example.com.
  ; Wide Area Bonjour Browsing
  b._dns-sd._udp                    IN PTR          @
  lb._dns-sd._udp                    IN PTR          @
  db._dns-sd._udp                    IN PTR          @
  ; Wide Area Bonjour Printing
  SCD-234-Q._printer._tcp          IN          SRV          0          0  631          elemprtsrv01.example.com.
  _printer._tcp                                         IN PTR          SCD-234-Q._printer._tcp
  _cups._sub._ipp._tcp                     IN PTR          SCD-234-Q._printer._tcp
  _ipp._tcp                                                   IN PTR          SCD-234-Q._printer._tcp
  _universal._sub._ipp._tcp           IN PTR          SCD-234-Q._printer._tcp
  SCD-234-Q._printer._tcp          IN TXT ( "txtvers=1" "qtotal=1" "rp=printers/SCD234Q" "note=2nd Floor Workroom" "ty=Xerox WorkCentre 5755, EXAMPLE Student 2.2" "product=(EXAMPLE-22STUD-XeroxWC5775)" "printer-state=3" "printer-type=0x80B0F6" "Transparent=T" "Binary=T" "Fax=F" "Punch=T" "Bind=F" "Sort=T" "Scan=F" "Duplex=T" "Staple=T" "Copies=T" "Collate=T" "Color=F" "pdl=application/pdf,application/postscript,application/octet-stream,image/jpeg ,image/png" )
  The relevant section of the /etc/cupsd.conf file on elemprtsrv01 (10.100.1.73) looks like this:
  ServerAlias elemprtsrv01.example.com
  ServerAlias printerserver.academic-wrd.scd.example.com
  MaxLogSize 20m
  MaxCopies 100
  LogLevel debug2
  SystemGroup admin
  SystemGroupAuthKey system.print.admin
  # Allow remote access
  #Port 631
  Listen 10.100.1.73:631
  Listen 127.0.0.1:631
  Browsing On
  BrowseOrder deny,allow
  BrowseRemoteProtocols cups
  BrowseLocalProtocols cups dnssd
  DefaultEncryption Never
  DefaultAuthType Basic
  WebInterface Yes
  BrowseWebIF No
  MaxClients 1000
  RootCertDuration 300
  <Location />
    # Allow remote access...
    Order deny,allow
    Allow all
    AuthType None
  </Location>
  <Location /rss>
    Order deny,allow
    Allow all
  </Location>
  <Location /printers>
    Order deny,allow
    Allow all
    AuthType None
    Encryption Never
  </Location>
  <Location /jobs>
    Order deny,allow
    Allow all
    AuthType None
    Encryption Never
  </Location>
  If I use Bonjour Browser on the print server network and on the school's academic-wrd.scd.example.com subnet, I see identical info to that provided by my DNS records - in other words, Wide Area Bonjour (WAB) appears to be working and providing the necessary details.
  When I try to add a printer on a school workstation, the WAB printer appears...though the PPD ("(EXAMPLE-22STUD-XeroxWC5775)" should match SCD234Q.ppd from the server queue) doesn't get imported from the server and I get a Generic Printer Description instead. When I try to print on the client, I see promising notes about connecting to the print server, but then it always pauses the queue. Here's the relevant section from /etc/cups/ppd/SCD234Q.ppd:
  *Manufacturer: "Xerox"
  *ModelName: "Xerox WorkCentre 5775"
  *ShortNickName: "Xerox WorkCentre 5775"
  *NickName: "Xerox WorkCentre 5755, EXAMPLE Student 2.2"
  *PCFileName: "XRWC5775EXAMPLESTUD22.PPD"
  *Product: "(EXAMPLE-22STUD-XeroxWC5775)"
  *PSVersion: "(3010.106) 3000"
  In the CUPS error log, I get this annoying encryption error, which no else appears to have had, according to the usual search engines:
  d [04/Jan/2012:21:47:41 -0500] cupsdAcceptClient(lis=0x7fc585200470(13)) Clients=0
  D [04/Jan/2012:21:47:41 -0500] cupsdAcceptClient: 20 from 10.159.40.174:631 (IPv4)
  d [04/Jan/2012:21:47:41 -0500] cupsdAddSelect(fd=20, read_cb=0x102d74b81, write_cb=0x0, data=0x7fc584034400)
  d [04/Jan/2012:21:47:41 -0500] cupsdReadClient(con=0x7fc584034400(20)) con->http.error=0 con->http.used=0, con->http.state=0 con->data_encoding=HTTP_ENCODE_LENGTH, con->data_remaining=0, con->file=-1
  d [04/Jan/2012:21:47:41 -0500] cupsdReadClient: Saw first byte 02, auto-negotiating SSL/TLS session...
  d [04/Jan/2012:21:47:41 -0500] encrypt_client(con=0x7fc584034400(20))
  D [04/Jan/2012:21:47:41 -0500] get_cdsa_certificate: Looking for certs for "elemprtsrv01.example.com"...
  E [04/Jan/2012:21:47:51 -0500] Unable to encrypt connection from 10.159.40.174 - unknown error -1=ffffffffffffffff (-1)
  D [04/Jan/2012:21:47:51 -0500] cupsdCloseClient: 20
  D [04/Jan/2012:21:47:51 -0500] cupsdSetBusyState: newbusy="Not busy", busy="Not busy"
  d [04/Jan/2012:21:47:51 -0500] cupsdRemoveSelect(fd=20)
  d [04/Jan/2012:21:47:51 -0500] cupsdCheckJobs: 0 active jobs, sleeping=0, reload=0
  OK, so here's the annoying bit: if I manually configure the queue on a Snow Leopard (or higher) client by going into System Preferences, adding an IP printer with IPP protocol (elemprtsrv01.example.com, queue name /printers/SCD234Q) then it works. With Leopard or Tiger, the PPD doesn't load from the server, and the generic PPD is substituted automatically.
  If I manually add "ServerName elemprtsrv01.example.com" to /etc/cups/client.conf on the client machine, then it shows all the server queues and magically works too - even on Leopard and Tiger.
  The problem is that I DON'T want to have all the server queues appearing on every workstation, since it'll cause mahem when the students discover all the queues and print to other schools for kicks. WAB was supposed to solve that for me by advertising only the queues that were meant to be accessed by that subnet (they'd all be there on the server, but only a real techie would know how to access them, since they weren't advertised).
  Why don't the WAB queues work? Why do I get an encryption error with them?
  How do I get the server's PPD to download automatically to the client? (this is especially useful for printers with customized PPDs set up with the proper settings for that printer...and for the Xerox copiers that are using accounting codes present in the server's PPD)
  Any help would be very much appreciated!

  Figured it out...stick with Lion (Client or Server) and use the web interface to add printers and customize the /etc/cups.conf file. If you use either System Preferences or the Print config in Server Admin on earlier versions of Mac OS X Server, you'll bugger up your cups.conf file (top part of which is reproduced here):
  ServerAlias *
  LogLevel debug2
  SystemGroup admin
  SystemGroupAuthKey system.print.admin
  # Allow remote access
  Port 631
  Listen elemprtsrv01.example.com
  Listen /private/var/run/cupsd
  Browsing On
  BrowseOrder allow,deny
  BrowseRemoteProtocols CUPS
  BrowseAddress @LOCAL
  BrowseLocalProtocols CUPS dnssd lpr
  DefaultAuthType Basic
  WebInterface Yes
  <Location />
    # Allow remote access...
    Order allow,deny
    Allow all
  </Location>
  <Location /rss>
    Order allow,deny
    Allow all
  </Location>
  <Location /classes>
    Order allow,deny
    Allow all
  </Location>
  <Location /printers>
    Order allow,deny
    Allow all
  </Location>
  <Location /admin>
  </Location>
  The key is to allow anything as a server name (ServerAlias *) and Allow All for / and /printers (though / by itself should be enough). If you want to listen for LPR (port 515) then I think it needs to be listed in BrowseLocalProtocols - it's not a valid option for BrowseRemoteProtocols.
  On the Wide Area Bonjour front, I created TWO different entries for each printer in my domain, because otherwise the queues would appear and instantly disappear in the Tiger browser - Tiger only shows the LPR queue. The queue name is preceded by "printers/" in the IPP queue, but not with the LPR queue. Here's an example from the top of my BIND student zone file:
  $ORIGIN academic-wrd.scd.example.com.
  ; Wide Area Bonjour Browsing
  b._dns-sd._udp                    IN PTR          @
  lb._dns-sd._udp                    IN PTR          @
  db._dns-sd._udp                    IN PTR          @
  ; Wide Area Bonjour Printing
  SCD-234\0322nd\032Floor\032Copier\032LPR\032Q._printer._tcp          IN          SRV          0          0  515          elemprtsrv01.example.com.
  _printer._tcp                                         IN PTR          SCD-234\0322nd\032Floor\032Copier\032LPR\032Q._printer._tcp
  SCD-234\0322nd\032Floor\032Copier\032LPR\032Q._printer._tcp          IN TXT ( "txtvers=1" "qtotal=1" "rp=SCD234Q" "note=2nd Floor Workroom" "Transparent=T" "Binary=T" "Fax=F" "Punch=3" "Bind=F" "Sort=T" "Scan=F" "Duplex=T" "Staple=T" "Copies=T" "Collate=T" "Color=F" "pdl=application/postscript" )
  SCD-234\0322nd\032Floor\032Copier\032IPP\032Q._ipp._tcp          IN          SRV          0          0  631          elemprtsrv01.example.com.
  _ipp._tcp                                                   IN PTR          SCD-234\0322nd\032Floor\032Copier\032IPP\032Q._ipp._tcp
  _cups._sub._ipp._tcp                     IN PTR          SCD-234\0322nd\032Floor\032Copier\032IPP\032Q._ipp._tcp
  _universal._sub._ipp._tcp           IN PTR          SCD-234\0322nd\032Floor\032Copier\032IPP\032Q._ipp._tcp
  SCD-234\0322nd\032Floor\032Copier\032IPP\032Q._ipp._tcp          IN TXT ( "txtvers=1" "qtotal=1" "rp=printers/SCD234Q" "note=2nd Floor Workroom" "ty=Xerox WorkCentre 5755 Student 2.2" "product=(Xerox WorkCentre 5775 Student22)" "printer-state=3" "printer-type=0x80B0F6" "Transparent=T" "Binary=T" "Fax=F" "Punch=3" "Bind=F" "Sort=T" "Scan=F" "Duplex=T" "Staple=T" "Copies=T" "Collate=T" "Color=F" "pdl=application/pdf,application/postscript,application/octet-stream,image/jpeg ,image/png" "URF=W8,SRGB24,CP1,RS600" )
  ;SCD-236\032Office\032LPR\032Q._printer._tcp          IN          SRV          0          0  515          elemprtsrv01.example.com.
  ;_printer._tcp                                         IN PTR          SCD-236\032Office\032LPR\032Q._printer._tcp
  ;SCD-236\032Office\032LPR\032Q._printer._tcp          IN TXT ( "txtvers=1" "qtotal=1" "rp=SCD236Q" "note=Main Office" "Transparent=F" "Binary=F" "Fax=F" "Punch=0" "Bind=F" "Sort=F" "Scan=F" "Duplex=F" "Staple=F" "Copies=T" "Collate=T" "Color=F" "pdl=application/postscript" )
  ;SCD-236\032Office\032IPP\032Q._ipp._tcp          IN          SRV          0          0  631          elemprtsrv01.example.com.
  ;_ipp._tcp                                                   IN PTR          SCD-236\032Office\032IPP\032Q._ipp._tcp
  ;_cups._sub._ipp._tcp                     IN PTR          SCD-236\032Office\032IPP\032Q._ipp._tcp
  ;_universal._sub._ipp._tcp           IN PTR          SCD-236\032Office\032IPP\032Q._ipp._tcp
  ;SCD-236\032Office\032IPP\032Q._ipp._tcp          IN TXT ( "txtvers=1" "qtotal=1" "rp=printers/SCD236Q" "note=Main Office" "ty=Lexmark T520" "product=(Lexmark T520 SCD)" "printer-state=3" "printer-type=0x8090C6" "Transparent=F" "Binary=F" "Fax=F" "Punch=0" "Bind=F" "Sort=F" "Scan=F" "Duplex=F" "Staple=F" "Copies=T" "Collate=T" "Color=F" "pdl=application/pdf,application/postscript,application/octet-stream,image/jpeg ,image/png" "URF=W8,SRGB24,CP1,RS600" )
  Note that the second queue is commented-out in the student zone file because it's the office queue and I didn't want it to appear in student workstation queue browsers. I customized the PPDs for these printers and thus changed the "product=" part of the TXT record to match the name in the altered PPD's "*PRODUCT:" line so that it wouldn't match with an already-installed PPD.
  The above zone file generates two different queues (IPP and LPR) for each printer on Leopard and higher queue browsers, but only one queue (LPR) on Tiger. We're still supporting Tiger and even the odd Mac OS 9 client (no browsing, but they can do a manual LPR queue). Windows does both or you can manually add the IPP queue (add a new network printer using the URL "http://elemprtsrv01.example.com:631/printers/SCD234Q" and make sure you're using the PostScript driver for the printer, or you'll get garbage). iOS devices browse for _universal._sub._ipp._tcp records and you need to add the URF= field in the TXT record or the queue won't show up...and add a file /usr/share/cups/mime/airprint.types with the single line "image/urf urf (0,UNIRAST<00>)".
  All my users from Mac OS 9 to Mac OS X to Windows can now print using a central print server that magically shows up in the print browser...yay!

• Leopard Wide-Area Bonjour DNS Issue

  Hi, all. Got an issue with Leopard's domain name resolver. A while back, I was experimenting with the "use dynamic global hostname" panel in Sharing. I wasn't able to get it to do anything useful (and I don't want help with that; I know what went wrong, and how to fix it, but haven't gotten to do so yet), but here's the thing - after returning the settings to the defaults (unchecking the "use dynamic global hostname" box), it seems to have left something behind in my system configuration.
  In particular, when I run "scutil --dns", I see the following two entries in addition to my normal DNS server and the "local" Bonjour resolver (domain names censored):
  resolver #3
  domain : bonjour.mydomain.com.
  options : pdns
  timeout : 5
  order : 150000
  resolver #4
  domain : mydomain.com.
  options : pdns
  timeout : 5
  order : 150200
  The type of these is "pdns" - "private DNS", or wide-area Bonjour. They look harmless - but the fact that they're there is somehow preventing my machine from being able to resolve any hostname in "mydomain.com" that is a CNAME.
  I can get rid of them temporarily by running scutil and removing the key "State:/Network/PrivateDNS" from the database... and then name resolution works normally again. But a reboot, or a change in Bonjour settings (such as enabling or disabling "Back to My Mac"), causes them to come back. I can't figure out how to purge them from the actual system configuration database. Any suggestions?

  Here's the fix. Open Keychain Utility in the Utilities folder and choose "System" in the Keychains list in the sidebar. Now you'll probably see two entries of type "DNS Key" with the names "bonjour.mydomain.com" and "mydomain.com". Just delete those Keychain items and you should be back to normal.

• Wide area bonjour for mac

  I know this is not an exclusive forum for "bonjour for macbook" but I could not find any category explicitly catering issues with this so I thought this could be the place to ask my query.
  So here is my problem.
  To enable wide area bonjour on my laptops I have configured my own local dns sever by following details on this document http://www.dns-sd.org/ServerSetup.html and then configured my clients i.e. laptops by following http://www.dns-sd.org/ClientSetup.html page.

  I'm trying to do the same thing and found a couple helpful threads and links.
  http://blog.inig-services.com/wp-content/uploads/2010/03/WAB.pdf
  http://discussions.apple.com/message.jspa?messageID=5959986
  Unfortunately, following the above PDF guide, one key step fails. After enabling bonjour registrations using the serveradmin settings command and restarting DNS, I can see that the dnsextd proxy fails to start:
  dnsextd starting
  main: setrlimit - Invalid argument
  Using default file descriptor resource limit
  startedvialaunchd
  ConnectToServer: connect - Socket is not connected
  ConnectToServer: retrying connection
  I verified via netstat -na that BIND is listening on 5030 and I can use nslookup to run queries against it. There appears to be no good reason why dnsextd can't connect to it @ 127.0.0.1#5030 as far as I can tell.
  Is this feature broken in the latest Snow Leopard Server 10.6 release?

• Wide area bonjour - windows dns

  Hi,
  I have been trying to setup wide area bonjour using ms dns server for serveral days and come up against a dead end.  In most examples on the internet BIND is used as the DNS server and all configuration is shown for BIND (except one PDF "www.grouplogic.com/Knowledge/PDFUpload/.../WanBonjour_1.pdf" which has examples for MS dns but it doesnt work).
  So I have managed to configure the MS dns server as far as advertising available services but when I try to resolve a service it fails.  I think its a problem with the srv record but have tried so many different configurations for this record I have lost count.  config below.
  Has any one set this up? could really do with a good example of it working on windows dns.

  thanks for the quick reply AndrewTJ - I did notice the typo after posting and corrected however the problems remains.  below is the contents of my up.com.dns file - i can see nothing out of place but cannot get a resolution
  ;  Database file up.com.dns for up.com zone.
  ;      Zone version:  22
  @                       IN  SOA dns1.up.com.  hostmaster.up.com. (
                           22           ; serial number
                           900          ; refresh
                           600          ; retry
                           86400        ; expire
                           3600       ) ; default TTL
  ;  Zone NS records
  @                       NS dns1.up.com.
  ;  Zone records
  _http._tcp.up.com.              PTR website._http._tcp.up.com.
  website._http._tcp.up.com.      TXT ( "txt path=/" )
                           SRV 0 0 80 dns1.up.com.
  _services._dns-sd._udp.up.com.  PTR _http._tcp.up.com.
  b._dns-sd._udp.up.com.          PTR @
  lb._dns-sd._udp.up.com.         PTR @
  dns1.up.com.                    A 192.168.1.153
  Any ideas?

• Wide - Area Bonjour / Back to my Mac:  Simple Setup Discussion | Tutorial

  Looking to start a new thread for SIMPLE setup of wide-area bonjour / Back to my Mac setup across multiple geo locations
  Objectives
  1. develop tutorial/instructions for mainstream setup of WAB across multiple greographcal locations
  2. Goal is for complete discovery in Leopard Finder of each computer setup across seperate locations
  3. Ability to file share/browse file structure of each local and remote computer
  4. Ability to use Screen Sharing across geographical locations to control/observe remote computers (alternatively use Apple Remote Desktop app)
  5. Appropriate listing of services in Bonjour Browser (local and global)
  6. (Wide) Access to airport disk
  7. Consistency. Many solution like back to my mac solo sometimes work sometimes does not depending on unidentifiable variables (across reboots with no material change)
  Setup
  1. Multiple LAN (local area networks) in different geographical locations (LAN1, LAN2, LAN3,...)
  2. Dynamic IP setup from ISP in each geographic locations (cable / DSL)
  3. Airport Extreme router in each location (perhaps later we can explore UPNP and other routers which complicate setup)
  Tools
  1. Leopard running on all machines
  2. Use of .mac (dot mac) account allowing for "back to my mac", xxxx.members.mac.com setup
  3. Bonjour preference Pane, with setup of Hostname, Registration and Browsing panes
  http://www.dns-sd.org/ClientSetup.html
  4. Bonjour Browser
  http://www.tildesoft.com/Programs.html
  5. Finder
  To show remote and local LAN computers in SHARED in left browsing pane
  6. Dyn DNS service line zoneedit or dyndns, if necessary
  7. Airport Configuration - Wide area bonjour -> config of Advanced/Bonjour ; Hostname, Domain, Name, Password
  Restrictions
  1. No Leopard Server
  2. no direct configuration of a DNS server. No line edits. Use of third party services (non paying if possible) if necessary but rather avoid detailed editing of server setup and maintenance. The idea is to create a fairly simple setup for individual/family/small business/SOHO across work/family/home environment not IT professional setup

  I have been trying on my own to achieve this, and although I am an advanced user I am not a Programmer/Developer. Sadly I have been utterly unsuccessful. It would be so wonderful if the proposed step-by-step guide would come to fruition...

• Wide-Area Bonjour error in the logs

  I took a look at the logs, and noticed the following line repeated MANY times:
  Apr 11 11:59:53 Severity:3 Wide-Area Bonjour error for "TC.mymobilemename.members.mac.com." (-65537).
  futher down, I see this:
  Apr 11 12:00:01 Severity:3 Wide-Area Bonjour error for "Wireless\032Capsule.smb.tcp.mymobilemename.members.mac.com." (-65537).
  Apr 11 12:00:01 Severity:3 Wide-Area Bonjour error for "Wireless\032Capsule.adisk.tcp.mymobilemename.members.mac.com." (-65537).
  Apr 11 12:00:01 Severity:3 Wide-Area Bonjour error for "Wireless\032Capsule.afpovertcp.tcp.mymobilemename.members.mac.com." (-65537).
  I removed my real mobile me name and replaced it with mymobilemename.
  What is this error? Yes, I have entered my Mobile Me credentials into the Time Capsule, and obviously this is related to that.
  I can't ever seem to hit my TC when I am outside my home network, so clearly it's related.
  I am running the latest updates of the Airport Utility and the latest firmware on the device.
  How to do fix this?
  thanks.

  I have same error and don't know what to do.
  Thanks

• VPN + DNS-Enabler + Wide Area Bonjour = no success

  Hi,
  what I am trying to do is broadcast the bonjour services of my home network such as file sharing, iTunes home-sharing and the like through my VPN connection. Since I am not too savvy with networking related topics I bought "DNS Enabler Snow" since it advertises to provide wide area bonjour with a minimum of setup hassle.
  Now I am only getting so far that I can see my machine at home through VPN under "Network" in OS X. But I cannot connect. It always says "Connection Failed". Neither can I see my home iTunes library.
  In the "Domains" section of DNS Enabler I entered:
  Domain Name: <my DynDNS Domain>
  Primary DNS Server: <my DynDNS Domain>
  Host Name: <my DynDNS Domain>
  IP address: <the local IP address of the machine running DNS Enabler>
  In the bonjour section of DNS Enabler I entered:
  Service Type: afpovertcp.tcp
  Service Name: File Sharing
  Host: <my DynDNS Domain>
  Port: 584
  TXT: path=/
  Can anyone hint me at what might be wrong with this configuration?
  Thank you!
  Florian

  I think the problem with the current setup is the use of the DynDNS hostname for the AFP service's hostname. When you're connected via the VPN you are effectively on the same network and so connection's attempted to the external-IP recorded by the DynDNS hostname will fail as it's not possible to loop back (for want of a better description) through the router. If you add a new A-record to the zone that points to the machines internal IP address and then change the service to point to the new record it should work via the VPN.
  iTunes sharing won't work via this method as iTunes will only register and browse for services in the ".local" domain. The ".local" domain (a top-level domain like ".com") is only available via multicast-DNS. Multicast traffic as a general rule is not carried over a VPN (or the internet for that matter) as due to it's broadcast nature it can quickly clog up and cripple a network.
  Hamachi unlike most VPN solutions presents itself as a virtual network interface that can carry multicast traffic which is why iTunes sharing works over a Hamachi connection. A cursory Google search tells me that multicast traffic can be carried over a OpenVPN connection with some additional configuration - your mileage might vary though.
  Wide-Area Bonjour works by adding an additional domain to the system that software can then use for registering and browsing services. Unlike regular Bonjour, Wide-Area Bonjour works over the internet as it's based on traditional unicast DNS with a few extensions for updating records in realtime and NAT-PMP or uPNP (one or the other is in pretty much every router) for automatically setting up port-forwarding. If NAT-PMP or uPNP is not available, services can still be browsed but can not be registered (only services that can accessed via the internet are advertised); it's for this reason that Wide-Area Bonjour won't work properly in concert with a VPN. Whilst most OS X software is written to just register and browse in whatever domains are available there are some like iTunes that only register in the ".local" domain.
  You can find out more detailed information about these topics at http://multicastdns.org/ and http://dns-sd.org/. I'm happy to answer any further questions you might have either here or via email. If my Wide-Area Bonjour service sounds like a good fit for you, please drop me a note and I'll let you know when I open-up the service to new users again (slated for mid-March).

• Wide-Area Bonjour / Dynamic Global Hostname

  Hello everyone
  I have a very specific problem, My AEBS is not sending UPDATE requests to my own DNS server when my DSL IP address changes over time.
  I have my own DNS server and run a dynamic zone with TSIG aututhentication.
  If I configure the "Dynamic global hostname" on my Macs behind my AEBS acting as a NAT gateway, they will register themselves withe the correctly natted address.
  In fact, this is amazing and works very well:
  sftp-ssh.tcp.dyn.secret.domain domain name pointer MacPro.sftp-ssh.tcp.dyn.secret.domain.
  smb.tcp.dyn.secret.domain domain name pointer MacPro.smb.tcp.dyn.secret.domain.
  ssh.tcp.dyn.secret.domain domain name pointer MacPro.ssh.tcp.dyn.secret.domain.
  macpro.dyn.secret.domain has address xx.yy.169.96
  But my AEBS itelf has an older address:
  airport.tcp.dyn.secret.domain domain name pointer Airport.airport.tcp.dyn.secret.domain.
  smb.tcp.dyn.secret.domain domain name pointer Airport.smb.tcp.dyn.secret.domain.
  airport.dyn.secret.domain has address xx.yy.177.175
  I can force the update by restarting my AEBS, but this is not a good workaround.
  Has anyone else experience running a wide-area bonjour DNS server?
  Thanks

  Hi Patrick,
  I suggest you bring this up on the bonjour-dev[1] mailing list. You're much more likely to reach people with the right knowledge there.
  Andrew
  [1] http://lists.apple.com/mailman/listinfo/bonjour-dev

• Need Help Setting Up Wide Area Bonjour

  The subject says it all.
  Please assume I am a newbie.
  I need step by step procedure.
  Do I need a registered domain?
  Is there a web page with simple instructions.
  I want to be able to share files with family across the web - so they can download full resolution photos etc. I want to host these locally as there are many photos and it is not practical to put them on a server.
  I have tried setting up ftp on my computer and cannot access it from outside my LAN - previous question on this has not come up with any answers.
  Please help

  I don't think there is an all encompassing single source or information for you to go to. There are too many variables and choices for any one solution.
  Unless you have a static IP number from your ISP, your IP address will change on occasion. Your guests won't be able to find your machine without knowing what your IP number is. I get around this by using the service at dyndns.com. The service is free and you can get a domain name that doesn't change. You run a program on your machine that updates the ip number for your server automatically (there are a couple of consumer level routers that provide for this kind of service and you don't have to run a program on your computer).
  You will need to have an FTP server program running. You can probably do it with the OS, but I never bothered to figure out how. I just use a program named Crushftp which is a standalone FTP server with a fairly simple setup and full controls over users and groups. Ben at CrushFTP has pretty good support and keeps his software up to date.
  In addition, you will need to setup port forwarding in your router. Almost every router used in the home environment has a NAT firewall that blocks incoming connections on most ports. FTP uses port 21 TCP and the service or port must be forwarded to the Lan IP number of the machine that's hosting the FTP server.
  There are several skills you will need to learn to make this all come together and work right. You will need to install a couple of programs, learn to setup your router, create user accounts and passwords on your FTP server, and then teach your users how to use an FTP client program like YummyFTP. The machine that runs the FTP server will need to be running 24/7 so that it can answer users when required.
  Or, just use a hosting service for this kind of activity, like .Mac - give them the $100 a year, unload your pictures, build a couple of web pages that are based on their fairly simple templates, and get on with using your Mac. Using a solution like this means you only have to learn how to use one service, and you don't have to dedicate a machine for the task. You will still have to read their help menu's and understand the system, but you don't have to setup, maintain, and backup the server.

• Problem with dnsextd when creating Wide-Area-Bonjour

  Hello,
  I've been struggling for some time trying to create a WAB test environment but without success and would appreciate some help.
  Im using a mac mini (later 2014) running Yosemite to run bind (9.10) and ISC for a testing zone with DDNS enabled. This setup is running perfectly with or without TSIG (both ways run perfectly).
  When I try to include dnsextd in this setup for LLQ is where the problem start. No more DDNS updates. When I run dnsextd in debug mode, it shows the following message:
  "Rejecting Update Request with 2 additions but no lease".
  The dhcp logs report RCODE 5 (from dnsextd), which means REFUSED.
  Any ideias?
  I see a lot of website (including DNS-SD.org) with very simple cookbooks explaining how to create the WAB environment, but I cant make it work. Even if I configure the zone keys in dnsextd, it wont work. The error change to a new one (dnsextd responds without TSIG, which is not accepted by the DHCP server) and it wont work also.
  Any idea of fix would be appreciated.

  thanks for the quick reply AndrewTJ - I did notice the typo after posting and corrected however the problems remains.  below is the contents of my up.com.dns file - i can see nothing out of place but cannot get a resolution
  ;  Database file up.com.dns for up.com zone.
  ;      Zone version:  22
  @                       IN  SOA dns1.up.com.  hostmaster.up.com. (
                           22           ; serial number
                           900          ; refresh
                           600          ; retry
                           86400        ; expire
                           3600       ) ; default TTL
  ;  Zone NS records
  @                       NS dns1.up.com.
  ;  Zone records
  _http._tcp.up.com.              PTR website._http._tcp.up.com.
  website._http._tcp.up.com.      TXT ( "txt path=/" )
                           SRV 0 0 80 dns1.up.com.
  _services._dns-sd._udp.up.com.  PTR _http._tcp.up.com.
  b._dns-sd._udp.up.com.          PTR @
  lb._dns-sd._udp.up.com.         PTR @
  dns1.up.com.                    A 192.168.1.153
  Any ideas?

• How do i get my bonjour to work?

  I have bonjour enabled and have gotten it to work before. Somewhere during the last 2 OS updates I stopped being able to see others on my network through bonjour (ichat). I have a desktop wired to an airport. Others on the network can see me, but I cannot see them. I have already tried repairing disc permissions to no avail.
  As a side note, laptops have become unable to print from the shared printer (wired directly to desktop computer).
  How do I get it to work again?

  Bonjour is designed to stay on the local LAN and not go across routers, with VLANs you have split your network up and Bonjour normally will not cross the splits even if you enable TCP/IP routing between VLANs.
  There are various schemes aimed more for site-to-site situations to force Bonjour across links but in your case you might want to look at some newer devices specifically made to 'manage' Bonjour traffic.
  Note: Bonjour is the same thing as mDNS i.e. multicast DNS.
  See
  http://www.cisco.com/c/en/us/td/docs/wireless/technology/bonjour/7-5/Bonjour_Gat eway_Phase-2_WLC_software_release_7-5.html
  http://www.aerohive.com/products/software-management/bonjour-gateway
  http://www.xirrus.com/Products/Network-Management/Network-Services/Bonjour-Direc tor
  http://www.merunetworks.com/products/technology/bonjour/index.html
  Apple's AirPort Extreme can also do 'Wide Area' Bonjour between two or more sites but I don't feel it is suited to your case.

• How-to: Using Bonjour Browser as a troubleshooting tool

  AirPort Extreme uses Bonjour (http://www.apple.com/macosx/features/bonjour/) to facilitate features like disk sharing and printing. You can use a Bonjour browser to see what features are active on your network.
  How does this help?
  Many questons on the forum are similar to 'Where's my shared disk/iTunes/printer/airport?' A Bonjour browser can tell you if your disk/iTunes/printer/airport is present in your network. If the feature is not present focus on the device/feature. If the feature is present focus on your client computer.
  1) Download a Bonjour browser, e.g. I use this browser: 'Bonjour Browser' (http://www.tildesoft.com/Programs.html)
  2) Install and run Bonjour Browser
  3) You should see a hierarchy of features under 'local'. There maybe other domains in addition to local.
  Here's some examples of Bonjour-advertised features:
  Shared disks appear under 'adisk.tcp.' Under this heading you can see all your AirPorts with the disks you nominated for sharing, with IP addresses.
  The base station itself is under 'airport.tcp.' Under this entry are all the base stations you have (b/g and n, AirPort Express etc ...)
  The 'AirTunes' entry tells you which IP address is your AirTunes/AirPort Express device.
  You can also see any file sharing, SSH, iTunes music sharing etc .. that may be offered by your client computers. I see my IP printer under 'Printer PDL Data Stream).
  Hope this helps your troubleshooting.
  iMac Core Duo2   Mac OS X (10.4.9)   AirPort Extreme + AirTunes. 802.11n and 802.11b/g

  Hi gino,
  Select -
  where text CP 'Manufacturer' is right answer. If you get error on that statment, you would probably check the field that is used in where clause.
  or  try the following statement. Hope this will helps.
  select -
  where text = '%manufacturer%'.
  I think it will then become a performance issue. Explain it clearly that what exactly you want and where is this being used.
  Do you want some thing like search help? Example: customer number search from any customer field. If so try to create a search help and add the same to your custom field.