Cisco Cisco 5508 Wireless Controller Referencia técnica
3
Cisco Wireless LAN Controller Bonjour Phase III Deployment Guide, Release 8.0
OL-xxxxx-xx <required for IOS documentation>
Introduction to Bonjour Policies and New Requirements
Introduction to Bonjour Policies and New Requirements
Enterprise credentials of Bonjour are poor and hence the advent of Bonjour gateway. Bonjour gateway
snoops and caches Bonjour services across VLANs and periodically refreshes the same. WLC acts as a
proxy for all Bonjour services published by wireless and wired devices. Bonjour gateway as of release
prior to 8.0 had inadequate capabilities to filter cached wired / wireless service instances based on the
credentials of the querying client and its location.
snoops and caches Bonjour services across VLANs and periodically refreshes the same. WLC acts as a
proxy for all Bonjour services published by wireless and wired devices. Bonjour gateway as of release
prior to 8.0 had inadequate capabilities to filter cached wired / wireless service instances based on the
credentials of the querying client and its location.
With introduction of the Bonjour policies in the release 8.0, the administrator can configure to identify
who uses the Bonjour service instances and in what location (all this applies to the same WLAN). With
introduction of the Bonjour policies, the administrator does not need to create multiple WLANs to select
which services are allowed or should be used on specific WLAN. Based on user 802.1x authentication,
the AAA server or ISE can be configured to return USER-ROLE or BONJOUR-PROFILE in the form
of the “CISCO-AV-PAIR”. This value gets plumbed into the policy created on the wireless controller.
Based on the user authentication, a configured policy and profile are applied to a specific user on the
same WLAN.
who uses the Bonjour service instances and in what location (all this applies to the same WLAN). With
introduction of the Bonjour policies, the administrator does not need to create multiple WLANs to select
which services are allowed or should be used on specific WLAN. Based on user 802.1x authentication,
the AAA server or ISE can be configured to return USER-ROLE or BONJOUR-PROFILE in the form
of the “CISCO-AV-PAIR”. This value gets plumbed into the policy created on the wireless controller.
Based on the user authentication, a configured policy and profile are applied to a specific user on the
same WLAN.
Table 1
Summary of Services in Phase 1, 2, and 3
Bonjour - 7.4 (Phase 1)
Bonjour - 7.5 (Phase 2)
Bonjour - 8.0 (Phase 3)
•
Bonjour service with mDNS
gateway for wired and
wireless services
gateway for wired and
wireless services
•
Bonjour service policy
applied per interface or per
WLAN
applied per interface or per
WLAN
•
mDNS services cached on
the controller
the controller
•
Bonjour services available
on all controller seen L2
domains
on all controller seen L2
domains
•
Bonjour services supported
on the Anchor controller
on the Anchor controller
•
Bonjour services supported
with L2 and L3 roaming
with L2 and L3 roaming
•
100 services and 64 service
providers per service type
providers per service type
•
Support of Flex Connect
APs in central and local
mode
APs in central and local
mode
•
Support of mDNS services
across L3 domains
across L3 domains
•
Introduction of mDNS AP
for Bonjour service
snooping on 10 wired
VLANs
for Bonjour service
snooping on 10 wired
VLANs
•
LSS – Location Specific
Services
Services
•
Priority MAC of Bonjour
service
service
•
Origin based service
discovery
discovery
•
6400 services and service
providers per service type
providers per service type
•
Bonjour GW with access
policy controlled service
discovery
policy controlled service
discovery
•
Device service mapping to
access policy
access policy
•
Bonjour group and single
access policy management
access policy management
•
Bonjour profile control by
local policy
local policy
•
Introduction of Bonjour
administrator to manage
specific Bonjour services
from Cisco Prime
administrator to manage
specific Bonjour services
from Cisco Prime