Need help with Bonjour Gateway Setup

  • 1
  • Question
  • Updated 2 years ago

Hello,

i need some help with a Bonjour Gateway Setup.

:::Environment:::
I have two Sites. Site A and Site B. Both are connected over a VPN Tunnel. My ZoneDirector 1200 is in Site A.
On my HP ProCurve Switches i have on both Sites VLAN 1 (DEFAULT VLAN), 11, 12 and 13 configured.
VLAN 1 is where my cabled Devices (Clients/Server/Printer) are located.
VLAN 13 is the Management Network for my ZD and APs.
VLAN 11 is for my wireless Devices.
VLAN 12 is my wireless Guest Network.
Ruckus APs and ZD are untagged within VLAN 13. VLAN 11 and 12 ist tagged on my Switch Ports connected with an AP.
Apple Printer connected with VLAN 1
Mac Books Air connected with VLAN 11

:::Problem/Goal:::
If i connect my Mac Book Air over Ethernet i am able to see all my Printer.
If i connect to wireless i don't see anything. I want to get this work over wireless, too.

:::What i have tried:::
I enabled "Bonjour Gateway" on AP Site (not ZD Site, because Printer and Clients are located on Site B). I created a Policy with Service "AirPrint" with "from VLAN" 1 and "to VLAN" 11. After that i reconfigured one of my APs on Site B to use this Bonjour Gateway Policy and added VLAN 1 tagged the the Switch Port where my AP is connected.

Unfortunatelly this did not solve my issue.
Do i missed something?

Thanks!

Kind Regards
Marco


Photo of Marco Eichstetter

Marco Eichstetter

  • 148 Posts
  • 7 Reply Likes

Posted 2 years ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 2116 Posts
  • 297 Reply Likes
Hello Marco,

    The Bonjour Gateway service bridge works best when source and target VLANs
are both tagged, and NOT using VLAN 1 (due to an inherent way VLAN 1 is treated
as untagged internally by Ruckus equipment).  [ even *if* VLAN 1 is tagged in your
network, and you're using VLAN 13 as the untagged ZD/AP VLAN. ]  It might work
correctly if you can move source/targets from VLAN 1 to any other tagged VLAN
(except 13 to be safe).
Photo of Marco Eichstetter

Marco Eichstetter

  • 148 Posts
  • 7 Reply Likes
Hi Michael,

so even if i reconfigure my Access Points and set the Management VLAN ID to 13 and change the VLAN 13 on the Switch Port from untagged to tagged it still wont be working because the Bonjour Printer are still in VLAN 1?

Correct?

Thanks.
Photo of Michael Brado

Michael Brado, Official Rep

  • 2116 Posts
  • 297 Reply Likes
Hi Marco,

    Your local SE/VAR might be best to discuss this with if you're still in planning
stages. I've never recommended clients/servers/printers on/from VLAN 1, even
if its a tagged VLAN. I don't know that ZDs will always recognize and redirect the
packets.
     In your environment described above, would it be possible to switch VLANs 1
and 13?  If your ZD/APs were on VLAN 1 and make it untagged, with all client
WLANs and wired devices on tagged VLANs 11/12/13, the setup of your Bonjour
bridge services would be clearer, and sure to work, the MacBooks could see the
Apple printer.
    The big consideration/concern with a converson is if/how HP switch ports are
configured, and the ZD's Configure::System - Access VLAN; and Configure::AP
Policies - Management VLAN? 
    If VLAN 13 to ZD/APs is untagged in your HP switches today, you would now
have left these two fields at a VLAN 1 (untagged to us) on the ZD access VLAN
and AP policies mgt VLAN fields, right?

Switch(es):
    If your wired VLAN 1 resources don't care what VLAN they're on, and you can
move them to be VLAN 13, you would need to specify that VLAN 1 is untagged and
not VLAN 13 for their switch ports, and conversely re-configure the ZD/AP switch
ports to tag VLAN 13 and make VLAN 1 untagged.  Do you follow?

ZoneDirector:
    If you have left VLAN 1 (untagged) on the Configure System/Access VLAN, and
AP policies/mgt VLAN, no changes are needed on these pages.  However, you now
need to update any WLANs that might have pointed to VLAN 1, and redirect them
to VLAN 13 (under Advanced Options) with these changes.

   I hope this is helpful.
(Edited)
Photo of Marco Eichstetter

Marco Eichstetter

  • 148 Posts
  • 7 Reply Likes
Hi,

thanks for your answer.
I follow you.

Changing alle my wired Clients/Server/Printers from VLAN 1 to VLAN 13 will be a huge Change within my network environment. Not the way i want to go.

Other Idea:
I dont't need this VLAN 13 for my ZD and my 20 APs. I just created this VLAN because i think its "Best Practices" to place the Ruckus Hardware within a own VLAN.
Can my Bonjour Gateway Setup work if i simply shoot my VLAN 13 to the moon and place my ZD and APs in VLAN 1?
Photo of Ahamed A

Ahamed A

  • 10 Posts
  • 0 Reply Likes
Hello Marco,

I would recommend you the same setup mentioned by Michael Brado. Bonjour gateway really works well when you have both sides on tagged vlan. If you put your AP, ZD on VLAN 1 and the clients on tagged vlans (11, 12 and 13) inlcuding air printer, they will see the air printer in a much better way. The query and response for the service from air printer in response to your MBA (mac book air) will be efficient.

Hope this helps. 
Ahamed.
Photo of Marco Eichstetter

Marco Eichstetter

  • 148 Posts
  • 7 Reply Likes
Hi,

thanks for your feedback Ahamed.
You wrote the query and response will be more efficient if i only work with tagged vlan.
Like i wrote it is a huge change and effort to change all my Clients on both Sites from VLAN 1 to 13.

So my main question is still if my setup can work if i put all my APs and ZD to VLAN 1 and create following Bonjour Gateway Rule:


If this works but maybe less efficient i will give it a try.
Thanks!
Photo of Marco Eichstetter

Marco Eichstetter

  • 148 Posts
  • 7 Reply Likes
Hi,

can someone give me a Feedback please if changing ZD and AP to VLAN 1 will
- work
- not work
- maybe work?

Thanks.

Kind Regards
Marco
Photo of Michael Brado

Michael Brado, Official Rep

  • 2104 Posts
  • 297 Reply Likes
No Marco, it is recommended to put your Apple servers and printers on any Tagged VLAN, that is *not* VLAN 1.
Photo of Ahamed A

Ahamed A

  • 10 Posts
  • 0 Reply Likes
Hi Marco,

Suggestion is to be on tagged vlan. Put your Apple server on VLAN 11 or 12 and then check if the clients sees them in ease. The reason for clients to find the server on wired laptop easily was the same vlan1. May be you can create a new tagged vlan (eg.,15) and connect your clients without disturbing your current network.

Regards,
Ahamed.