Cisco Cisco 5520 Wireless Controller 기술 참조
5
Cisco Wireless LAN Controller Bonjour Phase III Deployment Guide, Release 8.0
OL-xxxxx-xx <required for IOS documentation>
Introduction to Bonjour Policies and New Requirements
A service instance or a set of service instances discovered and cached by the WLC can be associated
with an access policy filter, which acts like a lens that determines which clients and what kind of client
context (role or user-id) can see and access the service instance.
with an access policy filter, which acts like a lens that determines which clients and what kind of client
context (role or user-id) can see and access the service instance.
Note
Service instances that are not configured with any access policy will be mapped to the default access
policy, which allows only the administrator user role, by default, to receive the service instances.
Additional users can be configured and added in the default policy.
policy, which allows only the administrator user role, by default, to receive the service instances.
Additional users can be configured and added in the default policy.
•
Bonjour access policy filters can be configured for specific service instances identified by the MAC
address of the devices publishing the services.
address of the devices publishing the services.
•
Bonjour access policy is associated with a service group name that contains one or more MAC
addresses of the devices publishing the Bonjour services.
addresses of the devices publishing the Bonjour services.
•
The service group name is then attached to the service instance when it is discovered and cached at
the WLC.
the WLC.
•
While traversing the list of service instances in response to a client query, each instance will be
evaluated to verify if the querying client location, role, or user-id are allowed access to the service
instance before including the same in the response.
evaluated to verify if the querying client location, role, or user-id are allowed access to the service
instance before including the same in the response.
If the same MAC address is configured in multiple service groups, it means the service instance will be
associated with all the service group names that are configured with this MAC address, and all the access
policies associated with the MAC addressee’s service group names will be evaluated until the verdict is
to include the service instance. Currently, a maximum of five service groups are supported for a single
MAC address. Service group configurations can be done even when mDNS snooping is disabled or
offline, and the access-policy comes into effect when the services are discovered. It can also be done
dynamically when snooping is already enabled.
associated with all the service group names that are configured with this MAC address, and all the access
policies associated with the MAC addressee’s service group names will be evaluated until the verdict is
to include the service instance. Currently, a maximum of five service groups are supported for a single
MAC address. Service group configurations can be done even when mDNS snooping is disabled or
offline, and the access-policy comes into effect when the services are discovered. It can also be done
dynamically when snooping is already enabled.
353292
AirPlay
AirPrint
Policy Components
Bonjour Instance Services
Student
Admin
John
Teacher
Identity
Location
Device Type
Apple TV