Configuring Access Guardian Bring Your Own Devices (BYOD) Overview
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-135
• Airprint1 will advertise its service information through mDNS service advertisement packets.
• Edge switch Sw2 will flood these packets in VLAN20 to the gateway.
• Mac2 laptop in VLAN 20 will receive this advertisement directly from the Edge switch sw2.
• On receiving this mDNS advertisement, the gateway replicates them in each VLAN configured in the
VLAN sharing lists (VLAN 10, 20, and 30). So, these advertisements will reach all Apple devices
except the guest iPad in VLAN40.
– Guest iPad will get the service advertisement from Airprint2.
– All other devices will be able get the print service in Airprint2.
• The mDNS query packet flows are processed in a similar manner.
• Once an Apple device learns the service to IP address mapping, the actual unicast data will be switched
or routed depending upon on the VLANs they are in.
The following prerequisites apply to this solution:
• All the VLANs that have mDNS clients, SSDP clients, and services must be extended up to the
gateway node.
• An IP interface must be configured on the gateway for each of the VLANs.
Standard Mode
Standard mode is configured on the edge switch if the network has an OmniSwtich as the controller. All
the edge switches must be mDNS and SSDP enabled. The edge switches must be configured with the
L2GRE tunnel with the remote tunnel endpoint IP address of the OmniSwitch controller configured as the
responder.
The mDNS and SSDP traffic entering the edge switch is tunneled to the OmniSwitch controller. The
mDNS and SSDP traffic received from the controller on the L2GRE tunnel is verified. If the packet is
unicast, it is forwarded based on the destination. If the packet is multicast, the packet is flooded to the
configured access VLAN list.
Responder Mode
In this mode, Responder is running on an OmniSwitch core switch. The core switch and the edge switches
must be mDNS and SSDP enabled. The edge switches must be configured with type standard with the
L2GRE tunnel with the remote tunnel endpoint IP address of the OmniSwitch controller configured as the
responder.
In this mode, the server policy and client policies are created independently and linked by the service rule.
Service sharing rules define the criteria by which the Responder will decide which services can be shared
with which client requests. The server and client policy must be configured with at least one of the
following attributes: VLAN, Role, Location, Username, or MACaddress. If there are no service rules
configured, the Responder learns all the services, but will not process any query which comes from an
mDNS or SSDP client.
The following diagram represents a sample Responder mode setup:
Note. The SSDP service sharing also works similarly.
To Next Page
Loading...
