Skip Links

Apple's Bonjour protocol tamed, managed for enterprise Wi-Fi

Aruba's AirGroup controls MDNS discovery traffic

By , Network World
March 22, 2012 03:03 PM ET

Network World - How can iPads and iPhones discover and use projectors, Apple TVs, printers and the like without flooding the enterprise Wi-Fi network with multicast discovery messages? Aruba Networks says it has a way.

The wireless LAN vendor announced Thursday an update to its WLAN controller software that lets multicast domain name services, like Apple's Bonjour protocol, work simply and securely but without creating a drag on the network. The new feature is called AirGroup, a reference to Apple's nomenclature for capabilities like the mobile printing service AirPrint and AirPlay.

BOOB TUBE: Ready for Apple HDTV?

AirGroup is being demonstrated this week at Aruba's annual Airheads User Conference in Las Vegas. AirGroup is a new feature of the controller's Aruba OS and of the Aruba ClearPass Policy Manager, announced in February. ClearPass offers a set of modules that let enterprise IT groups streamline provisioning, inventory, security and management for personally owned devices used for work purposes, a trend often dubbed "bring your own device" or BYOD.

Bonjour is a discovery service designed for flat Wi-Fi networks, which are typical for homes but not for corporate sites, according to Robert Fenstermacher, director of product marketing for Aruba, of Sunnyvale, Calif. AirGroup is intended to make this class of protocols "enterprise-friendly," he says.

Aruba isn't only company attacking this problem. Rival Aerohive recently enabled its "controller-less" access points to act as Bonjour gateways, as our Nearpoints blogger Craig Mathias explains. He notes that Bonjour and similar discovery protocols run at Layer 2 and are therefore not routable. "Only one AP is required, although the cooperative nature of Aerohive's architecture means that all users need to do is specify what Bonjour services should be mapped, and the underlying software does the rest," Mathias writes.

These are multicast protocols, and devices using them, such as iPhones, and iPads, "are always looking for peers," says Chuck Lukaszewski, Aruba's senior director of professional services, and head of the company's elite Aruba Customer Engineering (ACE) group. iPads, for example, may be looking for printers running Apple's AirPrint, or for an Apple TV to display screens on a conference room flat-panel TV.

There are two problems for the network, Lukaszewski says. First, these devices simply generate a lot of broadcast traffic, because the protocols are "chatty," and the traffic spills across the entire WLAN. Aruba says that some of its higher-education customers report that this broadcast traffic can reach 90% of their WLAN. Second, this traffic is transmitted at much slower rates than regular data traffic. "The volume [and speed] of this traffic ends up slowing down the whole network," he says. "It's like getting stuck behind a slow-moving car with no way to pass it."

Initially, Aruba deployment engineers would create and install a series of Access Control Lists on the Aruba controller's firewall, to filter out this traffic. But customers, especially colleges and universities, realized they wanted this traffic so that users with mobile devices could make use of the discovery protocols to connect to peripherals. What was needed was some way to manage it.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News