Configuring an mDNS Gateway

Context

The device as the mDNS gateway needs to maintain service lists of all service provisioning devices. A service list records the service name, service type, service VLAN, TTL, host name, and IP address. The TTL is provided by a service provisioning device to the mDNS gateway, and represents the aging time of a service. If the mDNS gateway receives mDNS response packets from a service provisioning device within the aging time, the mDNS gateway updates its service information. If the mDNS gateway does not receive mDNS response packets from a service provisioning device within the aging time, the mDNS gateway deletes its service information.

To improve availability and maintainability, the device as the mDNS gateway also supports the periodic discovery function and mDNS group function.

Periodic discovery function: If the mDNS gateway has been deployed on a network, a service provisioning device will proactively notify the mDNS gateway of service information when connecting to the network. If the service provisioning device exists before the mDNS gateway is connected to the network, the device will not notify the gateway of service information. In this case, you can configure periodical service discovery. After the function is configured, the mDNS gateway sends a service query message at a specified interval, and updates the service information list after receiving a response from the service provisioning device. This ensures real-time update of the service information list on the mDNS gateway.
mDNS group function: By default, the mDNS gateway queries service information lists of all service provisioning devices when receiving an mDNS request packet from a user requesting for a service. The mDNS gateway then replies to the user with a message containing the service provisioning devices that can provide the service. All the service provisioning devices mapping the service are visible to the user; therefore, service resources cannot be isolated. You can configure an mDNS group on the mDNS gateway to implement service resource isolation and refined service management. After receiving an mDNS request packet from a user requesting for a service, the mDNS gateway queries the mDNS group based on the user VLAN. If the user VLAN is added to a certain mDNS group, the gateway queries and replies with the requested service from the service list provided by the service VLAN mapping the mDNS group. If no mDNS group is specified for the user VLAN or no service VLAN is configured in the mDNS group, the gateway queries and replies with the requested service from the service lists provided by all service VLANs.

To improve network security, the device supports the trusted mDNS relay agent function when it functions as the mDNS gateway. The administrator can enable the trusted mDNS relay agent function on the Switch functioning as the mDNS gateway and configure the IP address of the trusted mDNS relay agent. The Switch then only processes unicast packets from the trusted mDNS relay agent, and discards unicast packets from untrusted mDNS relay agents. If bogus mDNS relay agents on the network forge mDNS packets, this function prevents the bogus mDNS relay agents from threatening network security.

Pre-configuration Tasks

Before configuring the mDNS gateway, complete the following tasks:

Ensuring that there is a reachable route between the mDNS gateway and service provisioning device.
Deploying the mDNS relay if the mDNS gateway and service provisioning device are located on different network segments.

Procedure

Run system-view
The system view is displayed.
Run mdns gateway enable
The mDNS gateway is enabled.

By default, the mDNS gateway is disabled.
- The device cannot function as both mDNS relay and gateway. A protection failure will occur if the mdns relay enable and mdns gateway enable commands are both configured on the device.
- Only one mDNS gateway can be configured on an mDNS service sharing network. If more than one mDNS gateway exists on the same network, the mDNS gateways detect each other when querying service provisioning devices and exchange a large number of packets, affecting services.
- It is recommended that the number of VLANs managed by an mDNS gateway do not exceed 32.
(Optional) Run the following commands to configure the mDNS gateway to periodically discover services.

When the device as the mDNS gateway and service provisioning device are located on different network segments, the mDNS relay but not the mDNS gateway needs to be configured to periodically update service lists.

An IP address needs to be configured for the VLANIF interface corresponding to the VLAN to which the mDNS service provisioning device belongs.
1. Run vlan vlan-id
  The VLAN view is displayed.
  
  The VLAN ID indicates the VLAN that the service provisioning device belongs to.
2. Run mdns probe interval interval
  The mDNS gateway is enabled to periodically discover services and the discovery interval is set.
  
  By default, the mDNS gateway is not enabled to periodically discover services and the discovery interval is not set.
3. Run quit
  Return to the system view.
4. (Optional) Run mdns source ip ip-address
  A source IP address for the mDNS gateway to send query or response packets is configured.
  
  By default, no source IP address is configured.
  
  The mDNS gateway encapsulates its source IP address into outgoing mDNS query messages so that it can receive response packets from service provisioning devices.
  
  If an IP address is assigned to the VLANIF interface corresponding to the VLAN where the mDNS gateway periodically discovers services, the mDNS gateway encapsulates the IP address of the VLANIF interface into outgoing mDNS query messages. In this case, skip this step.
(Optional) Configure an mDNS group.
1. Run mdns group group-name
  An mDNS group is created and the mDNS group view is displayed.
  
  By default, no mDNS group is configured.
2. Run user-vlan vlan-id &<1-32>
  The user VLAN is configured for the mDNS group.
  
  By default, no user VLAN is configured for an mDNS group.
3. Run service-vlan vlan-id &<1-32>
  The service VLAN (that the service provisioning devices belong to) is configured to provide services for the users in the mDNS group.
  
  By default, no service VLAN is configured to provide services for the users in an mDNS group.
4. Run quit
  Return to the system view.
- You can create at most 4096 mDNS groups on the device, and add a maximum of 32 user VLANs and 32 service VLANs to an mDNS group.
- A user VLAN can belong to only one mDNS group. A service VLAN can belong to multiple mDNS groups.
- The device supports a maximum of 256 services of the same type.
- If the number of network services managed by an mDNS gateway exceeds 64, it is recommended that you use mDNS groups to divide services into groups and implement fine-grained management.
- When deploying mDNS gateway services, it is recommended that you configure the mDNS group function.
(Optional) Run mdns whitelist source-ip ip-address
The trusted mDNS relay agent function is enabled and the IP address of the trusted mDNS relay agent is configured.

By default, the trusted mDNS relay agent function is disabled.
(Optional) Run mdns permit service-type service-type id id
The service type that can be recorded by the mDNS gateway is configured.

By default, an mDNS gateway can record all service types. After this command is executed, an mDNS gateway can record only the specified service type.

When deploying mDNS gateway services, it is recommended that you configure service types that can be recorded by the mDNS gateway.

Verifying the Configuration

Run the display mdns gateway command to check the mDNS gateway configuration.
Run the display mdns service { all [ verbose ] | name name | vlan vlan-id } command to check the service list of the mDNS gateway.
Run the display mdns group [ name group-name | user-vlan vlan-id ] command to check the mDNS group configuration.