Cisco Wireless :: WLC 5508 - Bonjour Snooping
May 5, 2013
Have 7.4 installed and configured for Bonjour Snooping. All is working, but working too well. We have a large campus that house 2 schools and each school is complaining that they can see the other schools Apple TV devices.
I have played around with a few different scenarios to see if I can localize the bonjour traffic. I guess I am looking to create a logical split for bonjour devices among the schools. Apple came to the school and informed us that the I PAD has a limit of 64 devices that can be seen via the bonjour. At some point we will have over 100 Apple TV added.
so we have 3 wlc 5508's with 7.4.100. we have 2 SSIDs that span the whole campus using AP groups to segment the floors in buildings. So the schools are logically split with AP groups.
Here is what I have tried, I created few mDNS profiles and assigned the services for Apple TV - let's call them school1 and school2. I assign the mDNS profiles to the interfaces dedicated each school. Enable snooping on the W LAN with profile of none. The end result is that devices from both schools can be seen.
I tried to create new ssid for apple TVs and a new ssid for 1 schools teachers. I followed the v lan select example [URL]. End result is that devices from both schools can be seen. I have tried the mDNS without multicast enabled just like the video shows to no avail - I assume maybe my AP groups might be more complicated then the example of just 2 v lans. [URL].
I have tried combinations of things, but I must be missing something . In the webinar, Cisco said it will use filtering to restrict which clients can see which services (Apple TV's, etc). What will Cisco use to filter Bonjour requests? According to this article
[URL].
The filtering options are: · Per W LAN/SSID · Per V LAN or AP Group · Per Interface Group (which is a group of V LANs pooled together). A Bonjour service policy can be created and applied on any one of the above criteria. In the future, we will support per-user Bonjour service policies which will come as a RADIUS attribute from the AAA server. Read more: [URL].
View 15 Replies
ADVERTISEMENT
Apr 1, 2013
I have followed the details here as closely as I can:URL
I've upgraded to 7.4. I've enabled IGMP snooping, increased the time out, decreased the query/hello interval, went into Controller> menu and set AP Multicast Mode to Multicast with the Bonjour multicast range of 224.0.0.251.
Went into my WLAN and enabled Multicast VLAN Feature, and enabled my Multicast Interface as the same VLAN as the WLAN range.
The Lantronix Bonjour device is on the same VLAN as the WLAN (13). Accessing the Lantronix device shows it polling printers on our wired VLAN. However, no iDevice that joins the WLAN/SSID can find these printers.
View 6 Replies
View Related
Mar 4, 2013
I am considering upgrading our 5508 WLCs to version 7.4.1 to take advantage of the Bonjour gateway. What I want to do is allow clients on our guest wireless network to access things like the Apple TV in our conference rooms. My intention would be to have the Apple TVs on a separate vlan. Obviously, the Bonjour gateway would allow for access between these 2 networks. The question I have is this. If I have client isolation turned on my guest wireless network, is it still possible for these devices to access Apple TVs on another network?
View 2 Replies
View Related
Oct 22, 2012
A customer of ours has the following access points and wireless lan controllers on site. They want to use the Apple Bonjour service with Apple TV's and iPads. I have enabled multicast feature of the 5508 globally and one the SSID.The Apple TV has an ethernet connection and the iPads connect over the wifi. The Apple tv is on the same subnet as the iPad's - the Bonjour features do work for approx 5/10 minutes then it stops working for some reason. The Access Points plug into a Cisco 2960 Layer 2 switch, the 5508 controllers plug are in LAG mode and plug into a Nortel Layer 3 stack which I have enabled IGMP snooping.I've read that the Apple Bonjour service isnt designed to work on a multi subnet network - but both the Apple TV and iPad are connected on the same subnet. Sounds like some kind of timeout but not too sure.
View 5 Replies
View Related
Mar 24, 2013
I have the attached diagram and I followed the instructions from another posts / forum cases and the Apple TV is still not working.
My questions are:
1.-The WLC controller and AP must be in the same subnet?. This is not my case, the AP 3500 is operating in a remote location and I have a centralized WLC 5508.
2.- I already configured the Controller --- > General --- > Broadcast forwarding (enable) + AP Multicast Mode (Multicast / IP: 239.20.226.197).
3.-I already configured the Controller --- > Multicast ---- > Enable Global Multicast Mode (selected) + Enable IGMP Snooping (selected) + Enable MLD Snooping (selected). Please see the attachment.
4.-Do I have to configure something in the Mobility Management --- > Multicast Messaging --- > (Enable Multicast Messaging + Local Group Multicast IP Address) ?????
The Apple TV Device and Ipad are authenticated in the ISE using certificates with no issues and both got IP's from the DHCP for the WLAN Vlan assigned to the SSID activated (see pictures attached).
View 11 Replies
View Related
Nov 11, 2011
I have an E2000 router that has an intermittent issue where Bonjour drops out. Suddenly my Apple TV won't see my computers, and my iPad won't see my network printer. This happens whether the Apple TV and computers are connected via wired or wireless interfaces.
Restarting the devices does not solve the issue.
Restarting the router solves the issue (until it happens again...)
My router is version 1.0, with 1.0.04 firmware.
View 3 Replies
View Related
Sep 10, 2009
I read an earlier posting about an issue between SPI on the latest WRT610N Version 1.0 firmware and a user's Apple TV. This pointed me to a "solution" to a perplexing problem I was having.
I have 4 machines, 3 connected via WiFi and 1 on one of the wired ethernet ports. I also have 2 Apple Airport Express units for audio streaming as well as 2 iPhones connected wirelessly.
Now for the symptoms, which are all new since updating to firmware ver.1.00.03.15:
1. The WiFi machines see the Airport Express units and can stream audio to them. However, the iPhone Remote app has trouble staying connected to iTunes running on any of these machines. A router reboot is a temporary fix, but connection is eventually lost again.
2. The wired machine cannot see the Airport Express units, nor can the Remote app pair with iTunes on that machine. It's as though no Bonjour-related functions work. Here, a router reboot also provides a temporary fix, but one that lasts only minutes.
Based on that prior post, I disabled SPI on the router and, lo and behold, the wired machine suddenly sees all Airport Express units and can pair with the iPhone Remote app!
I was going crazy, verifying that I was not having Windows Firewall issues, that there wasn't an incompatibility with Windows 7 (which I'm running on all), that this wasn't a Homegroup incompatibility of some sort, that Bonjour was up to date, etc. Only turning off SPI fixed the problem entirely.
So, Linksys ...Any firmware bug fix in the works for this? Can I safely go back to the prior firmware update without security or function concerns? If so, where can I get my hands on the older firmware file?
WRT610N Version 1.0 running 1.00.03.15
View 9 Replies
View Related
Aug 7, 2012
I am using an Aironet 1142 standalone AP and want to use Apples Bonjour Service between iOS devices e.g. iPad and Apple TV.I have found here some posts that suggest to disable igmp snopping but this didn't worked for me.All devices are in the same vlan/subnet. Do I need to configure something special?
View 3 Replies
View Related
Apr 9, 2013
Q: If i m going to do a Bonjour Gateway deployment, do i still need the vlan select feature on the wism's or is enabling multicast enough?
Details of the Q:
I m working with WISM s and WISM2;s, 1130 and 3602 ap;s. Cores are 6509-E's.
i m going to implement a Bonjour gateway (which is an Aerohive ap, no wifi enabled, its just a Bonjour gateway)
This ap is connected with a trunk port (to a 6509-E) and has the wifi client vlans on the trunk as allowed vlans. It also has an allowed vlan for AppleTV;s which will be wired devices.
The Aerohive gateway gets an ip address in every wifi subnet, so far so good.
I was thinking that if i enable multicast :
- globally on the wisms, with mcast-mcast distribution
- on the SVI's for the wifi client vlans
- on te SVI's of the vlans for cisco aps
- on the SVI for AppleTV
- SVI for wism management
- SVI for the Bonjour gateway
then do i still need vlan select? Maybe a stupid question, but i m not sure how to interpret some things in this document.
View 4 Replies
View Related
Jan 10, 2013
After some time of usage (typically days), I notice that Bonjour networking degrades. That is, the various Apple computers on my network can no longer see each other via Apple's Bonjour protocol. They can still connect directly using IP addresses however. The only solution seems to be a reset of the router. Are there some detailed logs I can look into to determine what the problem may be? The logs shown in the web interface don't seem detailed enough.
View 7 Replies
View Related
Feb 20, 2012
what Linksys routers, e.g. WAG120N, are compatible with Airplay and Bonjour?
View 9 Replies
View Related
Nov 13, 2011
My problem is this: Randomly, the DIR-825 will prohibit streaming to my AirPort Express via AirTunes. It'll also disappear from Bonjour Browser and AirPort Utility. I can connect directly to it, if I enter the IP into the AirPort utility directly.The only way to get it to come back is to either reboot the DIR-825, reboot the AE, or unplug the ethernet to the AE.
View 3 Replies
View Related
Jul 10, 2011
Can the WRT110 forward Bonjour packets? I have one WRT110 running my home wifi network with firmware version 1.0.07. I've spent hours trying to get my iPad to print to a wireless printer (HP D110a). I can print and scan from several wireless PC's on the same network but cannot see the HP printer. I started with the WEP 128-bit and then switched to WPA for a while but no luck so I switched back to WEP. I've read that other's have had similar problems with this and other Linksys routers.
From the iPad point of view I have iOS version 4.3.3. When I try to Airprint, for example through the Safari web browser, I see no printers available. I've tried many apps all with the same problem.
View 3 Replies
View Related
Jul 20, 2011
Is the E4200 able to deal with IGMP snooping (v2/v3)?I would like to replace a motorola/netopia vdsl-router which handles internet tv-traffic.
View 4 Replies
View Related
Jan 22, 2013
I have a small network of about 12 Mac's running OS X, about 20 or so iOS devices and a OS X Server. Currently i have a Cisco SRP547W which works fine when we're all wired in, however we have connection issues when trying to access the server over Wi-Fi. I'm lead to believe that this could be a result of the lack of support for Bonjour within the router. What might be a solid alternative?
View 1 Replies
View Related
Jan 2, 2013
I just purchased an Apple TV 2 and am trying to use it with Airplay at my business. We have a WLC526 controller and three 521 access points.
We have a guest VLAN on our network which spans both the wired and wireless networks. The guest VLAN is VLAN # 100 and the numbering is 172.16.1.0/24. On this network, 172.16.1.1 is an interface on our ASA which clients on the guest VLAN use as a default gateway. On the wireless side, there is an SSID configured in the controller called LPGA-Guest which is bound to VLAN # 100. Clients that connect to this VLAN get addresses in 172.16.1.0/24 and can access the Internet through the ASA without any trouble. This has all been set up and working for quite some time.
What I have done is attached both the Apple TV and an iPhone 5 to the LPGA-Guest wireless network. I verified that they both have IP addresses in the same subnet, but when I try to bring up a list of airplay devices on the iPhone, nothing shows up. From what I gather, this is because multicast traffic is not being handled properly.
The following two threads have some info that I was looking at:
URL
URL
This is how I have the multicast options configured in my controller. I don't see an option to enable IGMP snooping.
View 12 Replies
View Related
Jan 10, 2011
I have a brand new DIR-655 Rev B, Firmware 2.0NA.I just realized that none of my Apple device can discover each other using Bonjour, which is very essential for local connectivity for gaming and remote control and iTunes music streaming.
View 11 Replies
View Related
Oct 27, 2011
I am trying to use the apple finder/application to view all my apple mac-mini computers. I do have two asdm-5505 connected via a vpn tunnel.At this point I can view only the computers on the local subnets. I called AppleCare and they gave some possible ports that can be opened in the firewall to allow the Bonjour protocol to pass through the ASDM:ports 5297/tcp, 5298/tcp-udp, 5353/udp, and 5354/tcp.Bonjour is the equivalent of Microsoft Netbeui used in Windows to browse the local subnet computers using Network Place desktop icon.
View 2 Replies
View Related
Oct 26, 2011
I am trying to use the apple finder/application to view all my apple mac-mini computers. I do have two asdm-5505 connected via a vpn tunnel.
At this point I can view only the computers on the local subnets. I called AppleCare and they gave some possible ports that can be opened in the firewall to allow the Bonjour protocol to pass through the ASDM:ports 5297/tcp, 5298/tcp-udp, 5353/udp, and 5354/tcp
View 1 Replies
View Related
Jan 16, 2013
We are in the process of rolling out iPads to our offices. As part of this implementation, we need to print from the iPads to our network printers. Our network printers are mostly HP and Xerox and do not have native Apple AirPrint capabilities. As such, we have been using the FingerPrint software to share out the network printers as Apple AirPrint printers. We have a mixture of switches at our offices. Most offices utilize a 3550 PoE switch. In these offices the AirPrint traffic is being transferred successfully and everything works great. In the offices which are using 3560 PoE switches, the traffic is never seen at the iPads. We are using EnGenius EAP300 access points connected into the Cisco switches to provide wireless access to the iPads. Both 3550 and 3560 switches are running iOS 12.2(25). What might be stopping/blocking the AirPrint traffic on the 3560 switches?
View 3 Replies
View Related
Oct 21, 2010
Running Firmware v. 1.00.19 here, which I reckon is the most recent version.
My network consists of two Macbooks, an iMac and two iPhones. It utilizes WAP2 encryption and all devices are well within range, the environment being free of interferences from any other WiFi signals (this is a rural area).
My problem: Bonjour networking stops working after a few minutes or hours. When the problem appears, WIRED devices can see all other peers in the network (both wired and wireless), but WIRELESS devices cannot see any other peers whatsoever (wired or wireless).
I have heard that this could be because of a faulty implementation of uPNP by Linksys, and in particular a problem with multicast filtering (and unfortunately the modem/router's firmware does not provide any relevant settings). But I am not sure.
I purchased this thing with the express purpose to use it on a Mac-only network, and I am thoroughly disappointed to see that it does not work, especially since UPNP is supposed to be supported.
View 1 Replies
View Related
Oct 10, 2012
What image i would need for my 2950 to enable DHCP snooping and DAI features (just for lab purpose)?
or are these features just available on the bigger modular switches (4500 and 6500)?
>sh ver
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA8a, RELEASE SOFTWARE (fc1)
[Code].....
View 4 Replies
View Related
Sep 25, 2011
I have to deploy a full IP-TV solution and the IGMP snooping must be supported on the switch.
I know the the ESW 520 support this protocol but the full IP-TV solution will manage uo to 200 set up boxes, does this switch support all this traffic?
I also have another question, what exactly mean "Combo SFP slots include one 10/100/1000BASE-T Ethernet port and 1 SFP-based Gigabit Ethernet slot for fiber, 1 port active at a time." ? Is when I use 1 port with LX sfp transcever the 3 other uplink ports will be inactive and I can't add another or trunk it with another switch?
View 2 Replies
View Related
Apr 29, 2011
an attacker have configured his PC with an static IP address but there is no such entry configured statically in switch, neither in DHCP snooping database.now when he want to generate traffic will switch block him? because there is no entry of his PC in the switch database.
View 2 Replies
View Related
Oct 3, 2011
i want to setup IGMP Snooping on the Managed Switch SG 300-10. I do it over the webinterface. Enable Bride Multicast Filtering, Forwarding Method IP Group Address and enable IGMP Snooping v3. In the local Network i stream up to 4 Multicast streams 239.1.1.1-239.1.1.4. The client vor the Multicast are IP setupboxes. If i connect PRTG Network Monitor over SNMP to see the Traffic on the ports i see that all Multicast streams are at every port. What is the false i do? I thought only the multicast stream that is shoosen at the client are forwarding and not all multicast streams. The IP STBs have only a 100Mbit network adapter and i have to muticast over 10 Streams (10Mbit per stream) over the local VLAN. So i think IGMP Snooping is the solution for me. Or need i also a Multicast router?
View 1 Replies
View Related
Nov 21, 2011
I useing Cisco861 : C861-universalk9-mz.124-24.T3.bin on my Cisco861 the command "ip pim dense-mode","ip igmp static-group "command does not exist,
router(config)# ip p?
port-map prefix-list
router(config)#
[Code]....
View 4 Replies
View Related
Jul 24, 2012
I have an issue with SRW2024P-K9-BR (SG300). Datasheet and configuration guide show me that is possible configure DHCP snooping in this switches, but web interface and console don't appear related menus/commands.
I'm using firmware version 1.1.2.0 and didn't found anything about this here.
View 3 Replies
View Related
Sep 12, 2012
I have a network which is based upon a 4507 Core/Dist switch, with 1G fibre to a bunch of radially connected 2960 Access switches. It all works fine and as expected for data and telephony.I have been tasked with setting up one of the VLANs to support multicast, so a bunch of video streams will be injected at the 4507, and will be delivered to client PCs connected to the 2960 switches.The 4507 is running with SVIs to some VLANs, but the VLAN that will have the Multicast on it is isolated, with no SVI.I could change this if required,I need to run IGMP snooping, and probably deploy CGMP to take advantage of the Cisco-proprietary functionaity.
View 4 Replies
View Related
Jan 7, 2012
I am running DHCP snooping for VLAN 1 on below switch
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA4a, RELEASE SOFTWARE (fc1)
Model number: WS-C2950-24
Looks like below IOS does not support snooping.
Model number: WS-C2950-24
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(14)EA1a, RELEASE SOFTWARE (fc1)
View 3 Replies
View Related
Apr 3, 2012
I have some problems with IGMP snooping feature on the SG300 switch. I want to filter multicast dinamycally with IGMP snooping. To configure our switch I use the web page: - In Multicast I first enable: Bridge Multicast Filtering Status Thzn I enable IGMP snooping ,Then I enable IGMP Snooping on my VLAN During my tests I stream a video (UDP multicast). This stream is present on all the ports of my VLAN with IGMP snooping normally configured. Also, I can't see any entry in the IGMP/MLD IP Multicast Group Table where I should normally see my multicast address.
View 4 Replies
View Related
Sep 27, 2012
I have a problem at a place where 5 ME3400 switches are connected in a straight line. I can't do much about the topology of that place, but the problem is they are all DHCP Snooping, but uni cast replies from the dhcp server further up the hierarchy gets eaten by the first switch! I can't really see why it not only inspects in and whines about it not being for itself - it then drops the message.
What have we done wrong (apart from the actual layout of that place, which I can't really change)?
Sep 28 13:49:29: DHCP_SNOOPING: received new DHCP packet from input interface (GigabitEthernet0/1)
Sep 28 13:49:29: DHCP_SNOOPING: process new DHCP packet, message type: DHCPOFFER, input interface: Gi0/1, MAC da: 7444.012d.debd, MAC sa: 0013.1a4a.65c7, IP da: XX.YY.186.7, IP sa: XX.YY.186.1, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: XX.YY.186.7, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr: 7444.012d.debd
Sep 28 13:49:29: DHCP_SNOOPING: binary dump of option 82, length: 20 data:
[Code] ......
It really should just send it on, as with any uni cast not on the switch itself - it should go out Gi0/2 really. Why isn't it?
[core] -- [sw1] -- [sw2] -- [sw3] -- [sw4] -- [sw5]
All the trunks are trusted, DAI is on (I've tried shutting it off, as well), port-security is used but it's actually not dying on the switch having the client computer, but the first one in the chain with dhcp snooping.
View 6 Replies
View Related
Nov 28, 2012
how to configure igmp snooping on a 3560.
I have a pure L2 switching network and 2 hosts on the same vlan that want to communicate a protocol between each other using multicast packets.
I wanted to configure ip snooping only on this vlan and create a multicast group limited to only these 2 host ir order to make sure that the multicast traffic is only between both of them.
Since both are sender and receiver I´m not quite sure on how to configure this. In theory I also need to set an IP Multicast Address on the switch to where the hosts will send their multicast packets.
This is basically the network:
HOST_A---|SWITCH_A|==|SWITCH_B|---HOST_B
View 11 Replies
View Related
Oct 10, 2012
In the following topology
R1(f0/0)------------(f0/1)SW1(f0/2)------------R2
R1 is configured as host (no ip routing) with ip igmp join 239.10.10.10 on fa0/0 and R2 with ip pim sparse-mode on f0/0. SW1 is a Catalyst 3560 running IOS 12.2(25)SEE4 working at Layer 2 only in this topology (VLAN 1).
I configured SW1 for igmp snooping:
ip igmp snooping
ip igmp snooping vlan 1
Basically, I can see 'snooped' muticast group (via IGMP reports sent by R1)
SW1#sh ip igmp snooping group
Vlan Group Type Version Port List
----------------------------------------------------------------
1 224.0.1.40 igmp v2 Fa0/2
1 239.10.10.10 igmp v2 Fa0/1, Fa0/2
SW1#
SW1#
SW1#
[code]....
View 4 Replies
View Related
