On Jun 18, 2016, at 6:05 PM, Michael Keuter <li...@mksolutions.info> wrote:
> Hi David, > > nicely documented. Very helpful if needed. > Why don't you put this (e.g. on an "example" subpage) into our Wiki as well? > > Thanks > > Michael > > http://www.mksolutions.info Added to our Documentation WiKi ... mDNS/Bonjour Printer Discovery Example https://doc.astlinux.org/userdoc:tt_avahi_mdns#mdns_bonjour_printer_discovery_example Lonnie > Am 19.06.2016 um 00:20 schrieb David Kerr <da...@kerr.net>: > >> A few weeks ago Lonnie documented how to use the new avahi Bonjour/mDNS >> discovery service coming in AstLinux 1.2.7 to enable connecting to a printer >> with AstLinux. This service can also be used to make printers available >> onto a guest network. >> >> For example, lets assume your main network is 192.168.xx.0/24 on network >> interface eth1 and on that network you have a printer 192.168.xx.10 that >> advertises its services by Bonjour (this is how all Apple iOS devices >> discover your printer). >> >> Now assume you configure a guest VLAN that is network 192.168.yy.0/24 on >> network virtual interface eth1.100 and devices connect to that network using >> UniFi access points. Using the UniFi controller (which we assume is at >> 192.168.xx.2) we configure the UniFi guest network to connect to VLAN "100" >> and enable guest policies with authentication to be done through a UniFi >> guest portal. >> >> With that environment do the following setup... >> >> Enable "mDNS/DNS-SD Service Discovery" on the Network tab of user interface. >> You will need to reboot before doing next step. >> >> Click on "Configure mDMS/DNS-SD" button on Network tab (this only appears >> after above reboot) to edit the avahi-daemon.conf file. >> >> In the [server] section of avahi-daemon.conf add/edit this line... >> allow-interfaces=eth1,eth1.100 >> This enables avahi on both your main network and guest network. >> >> In the [reflector] section of the conf file add these lines... >> enable-reflector=yes >> reflect-ipv=no >> >> reflect-filters=_printer._tcp.local,_ipp._tcp.local,_pdl-datastream._tcp.local >> This tells avahi to only reflect the printing bonjour packets across >> networks. >> >> Save this file and now go to the Firewall settings in the AstLinux Network >> tab and add the following as "Pass LAN->LAN" rules. >> Pass 192.168.yy.0/24 to 192.168.xx.10 ports 515,631,9100 >> Pass 192.168.yy.0/24 to 192.168.xx.2 ports 8880,8843 >> The first rule corresponds to the printer protocols that we are publishing >> across the LANs and allows any device on the guest LAN to connect to our >> printer on our main network. The second rule enables guest devices to >> access the UniFi controller on the ports it uses for the guest portal so >> guests can authenticate. >> >> Restart mDNS/DNS-SD and restart the firewall. >> >> Now any device that connects to your guest network is able to discover and >> print to your printer on your main network. >> >> This technique can also be used to make other services you might want to >> share from your main network to a guest network, e.g. a Apple TV / AirPlay >> device... add _airplay._tcp.local,_raop._tcp.local to the reflect filter and >> set appropriate firewall rules to open access to the AirPlay device. >> >> David ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohomanageengine _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
