Call a Specialist Today! 844-294-0775

Bonjour Gateway
Technology Behind the Solution

Aerohive has introduced native Bonjour awareness and control into our Cooperative Control architecture to support Apple's "Zero-Configuration Networking" for products in the enterprise and educational institutions. To make networks service-aware and make Bring Your Own Device (BYOD) with Apple devices a native part of every network, Aerohive has built a Bonjour Gateway to manage and control Apple service availability (such as AirPrintTM, AirPlay, file sharing, collaboration applications, etc.) across an entire enterprise network. This patent-pending functionality is a native part of Aerohive's HiveOS network operating system, and even non-Aerohive legacy networks can manage their Bonjour services by attaching a single Aerohive device, via a trunk port, to the network – the gateway functionality works out-of-band.

Bonjour underlies many services that are widely used on Apple-centric networks. By monitoring Bonjour advertisements, clients can learn the location (IP address and port) of any service, and then connect to it as with any other service. Bonjour transforms the manual process of configuring IP addresses and port numbers into a “plug-and-play” experience where users reference services by type and a human-readable name. Two notable examples are AirPrint and AirPlay, which advertise themselves through Bonjour to enable clients to print and display screens, respectively. AirPlay is especially valuable in many contexts for remote display from iOS devices and will be available for display from OSX with Mountain Lion.

Managing Apple services across an enterprise network is now extraordinarily simple: Aerohive Bonjour Gateway allows service advertisements to bridge network boundaries and makes sure they’re filtered based on identity, location, and time. By developing the industry’s first intelligent edge architecture built to control the shift in smart mobile devices as the primary access device, Aerohive has once again shown that cloud-enabled networks with distributed intelligence provide inherent network-based mobile device management, corral the “iEverything” BYOD explosion, and simplify the very complex enterprise network problem of how to deal with high-speed mobile smart devices.

Enterprise-level “Zero-Configuration Networking” for Apple Devices

Bring Your Own Device (BYOD) and the consumerization of IT may be overused as market terms but they are unquestionably a trend that is changing network architectures in almost every enterprise. In a recent survey by Dimensional Research of 750 front-line IT professionals, managers, and executives, 87% say that today their employees already use personal devices for work-related activities. These results are verified by more and more surveys across different verticals every day. These devices, 80% of which are identified as smart mobile devices, are simplified for ease of use and therefore enhance employee productivity. However, for the IT department, it means a shift in network intelligence and capability out of the device and puts more onus onto the network infrastructure.

Aerohive has developed the industry’s most intelligent edge architecture and built it from the ground up for the shift to smart mobile devices (smart phones, tablets, and mobile laptops) as the primary access device and the consumerization of IT (corporate-owned consumer devices). Cloud-enabled networks with distributed intelligence provide inherent network-based mobile device management, corral the “iEverything” BYOD explosion, and simplify the very complex enterprise network problem of how to deal with high-speed mobile smart devices.

There are many challenges with the BYOD trend but one of the key attributes that makes a network purpose-built for mobility and operationally simple for BYOD and the consumerization of IT is the ability to create “Zero-Configuration Networking” available to large organizations and enterprises so that consumer devices work on the enterprise network with no end user expertise. In order to fully realize this concept the network infrastructure must become “service-aware” and simply provide service availability seamlessly across the network and control access to those services based on a users’ context – identity, location, application, and device in use. In a service-aware network, an authorized user should instantly see services available to them such as printers, video projection, and collaboration applications, without configuring their smart mobile device. This is the ultimate achievement in the attempt to make BYOD not just manageable as an IT initiative, but desirable as it makes the BYOD user both less expensive from a capital expenditure (as the employee has purchased the device) and from an operational expense as policy and service availability is set by user context and automatically connected to the end device.

Aerohive has a history of defining the future of networking and is once again paving the way with the introduction of the first service aware infrastructure technology. 72% of the devices brought into the enterprise by users are Apple devices, according to Dynamic Research, and as such Aerohive has introduced native Bonjour awareness and control into our Cooperative Control architecture to support Apple’s “Zero-Configuration Networking” for products in the enterprise and larger educational institutions. To make networks service-aware and make BYOD with Apple devices a native part of every network, Aerohive has built a Bonjour Gateway to manage and control Apple service availability (such as AirPrint™, AirPlay®, file sharing, collaboration applications, etc.) across an entire enterprise network. This patent-pending functionality is a native part of Aerohive’s HiveOS network operating system and as such even non-Aerohive legacy networks can manage their services by attaching a single Aerohive device, via a trunk port, to the network – the gateway functionality works out-of-band. Managing Apple services across an enterprise network is now extraordinarily simple: If a service, such as a printer, announces itself, Aerohive can ensure that the printer advertisement is made available across the entire network or, if necessary, make sure it’s available only to the networks allowed to view the service (i.e. control the service advertisements).

Enterprise-level “Zero-Configuration Networking” for Apple Devices

Bonjour Gateway and Apple’s Bonjour Protocol

Bonjour underlies many services that are widely used on Apple-centric networks. By monitoring Bonjour advertisements, clients can learn the location (IP address and port) of any service, and then connect to it as with any other service. Bonjour transforms the manual process of configuring IP addresses and port numbers into a “plug-and-play” experience where users reference services by type and a human-readable name. Two notable examples are AirPrint and AirPlay. Both advertise themselves through Bonjour to enable clients to print and display screens, respectively. AirPlay is especially valuable in many contexts for remote display from iOS devices, and the recent announcement that AirPlay will be available in the next version of Mac OS (code-named Mountain Lion) only makes it more compelling.

The capabilities that Bonjour enables are very attractive to enterprises and educational institutions for their ease of use and ability to help make BYOD initiatives more productive (where IT doesn’t have to install all the services on every device – even the ones it doesn’t own). The problem comes in when one tries to scale Bonjour from home applications to broad, multi-vendor, multi-segment networks. Because Bonjour relies on an underlying multicast DNS advertisement, it is restricted to the scope that that advertisement travels across the network. As an example, on a network that lacks the Aerohive Bonjour Gateway, AirPlay will only function when both the Apple TV and the display source are both attached to the same broadcast link. Client devices cannot use AirPlay unless they are attached to the same VLAN as the Apple TV. In many enterprise and education networks, this restriction is unattractive.

One of the key building blocks that Bonjour is built on is multicast DNS. Services send advertisements to a link-local IP address, and clients build a list of available services by listening to those advertisements. On networks that consist of a single broadcast domain, the use of link-local IP addressing is acceptable. Once a network is built with segmented broadcast domains for scalability, however, multicast DNS advertisements no longer reach all devices on the network. While many services will be local to the immediate network link, not all will be.

As an example, consider the network in Figure 1. VLAN 100 on the left side of the provides multiple services. A printer advertises AirPrint capabilities through Bonjour, the Apple TV advertises AirPlay service, and the server provides file sharing. When the tablet is attached to the VLAN 100 Network SSID on the left-hand AP, it is able to use any services on that network. If it moves across the router by attaching to the VLAN 200 Network SSID, it will no longer receive multicast DNS advertisements for any of those services.

Example Multi-Subnet Network
Example Multi-Subnet Network