Manuals+
Configure mDNS on Catalyst 9800 Wireless Controller

Configure mDNS on Catalyst 9800 Wireless Controller

Introduction

This document describes how to configure and verify/troubleshoot the multicast Domain Name Services (mDNS) Gateway feature on Catalyst 9800 Wireless Controllers. It also explains how this special multicast traffic known as mDNS (or Bonjour) is handled by C9800 controllers.

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

  • mDNS Bonjour Protocol
  • Catalyst 9800 Wireless Controller

Components Used

The information in this document is based on these software and hardware versions:

  • C9800-CL-K9 version 16.12.1s
  • WS-C3560CX-12PC-S
  • C9117AXI-A
  • Chromecast NC2-6A5-D
  • MacbookPro 10.14.5

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

Background Information

mDNS Bridging

In C9800 Architecture, mDNS (Bonjour Protocol) Bridging refers to same L2 broadcast domain Bonjour TTL=1 protocol packet forwarding. The dataplane enables mDNS bridging functionality for packets received on the wired ports and wireless interfaces for each WLAN by default. This is the default behavior without specific configuration required, as not even Global mDNS needs to be enabled to allow mDNS Bridging to work. However, you can disable it per WLAN if needed by just changing the mDNS mode at WLAN settings. If Access Point (AP) Control and Provisioning of Wireless Access Points (CAPWAP) Multicast-Multicast mode is enabled, C9800 bridges each mDNS packet to the AP multicast group configured on the controller so wireless clients can receive it. Otherwise, it will create a copy of each mDNS packet received, which is then bridged individually to every single AP via CAPWAP unicast tunnel. Both scenarios, C9800 also bridges the mDNS packets into the wired at the VLAN of the client that originated the mDNS packet.

Therefore, mDNS will work in C9800 without special configuration as long as the devices involved in mDNS handshake (like client and Chromecast for example) are on the same subnet. Ideally, it is better to filter mDNS traffic with the use of mDNS Gateway as explained in the next section.

mDNS Gateway

The mDNS Gateway feature introduced on AireOS Wireless Controllers is also supported on Catalyst 9800 Wireless Controllers from 16.11.1. This feature is disabled by default and you can enable/disable it per WLAN after you enable it globally.

The mDNS Gateway feature works the same way like in previous AireOS Wireless Controller. The C9800 listens for Bonjour services (mDNS advertisements and queries) on wired and wireless interfaces, caches these Bonjour services (AirPlay, AirPrint, Googlecast, etc.) advertised from each source/host in an internal database and is able to bridge those mDNS packets between different broadcast domains while filtering unneeded services and avoiding their multicast flow in the network. This way you can have the sources and clients of such services in different subnets, and also control mDNS traffic in your network.

The C9800 that acts as mDNS Gateway replies to mDNS queries from clients (for cached services) sourcing these mDNS responses with the use of its IP address for the VLAN assigned to the client asking for the service. This is why all VLANs on the C9800 controller where there are clients that require mDNS/Bonjour services must have a valid IP address configured at the Switched Virtual Interface (SVI).

For more information about the Bonjour/mDNS Gateway feature, refer to AireOS Wireless LAN Controller Bonjour Phase III Deployment Guide.

Configure

Network Diagram

This is the diagram of the example setup. The purpose is to allow wireless clients to use mDNS services from a different subnet, which requires mDNS Gateway as shown in the image. The diagram depicts a Cisco Catalyst 9800-CL Wireless Controller (9800-CL-K9) with management IP 172.16.8.20, connected via a CAPWAP tunnel to a cloud/network. This network connects to an Access Switch (C3560CX) and a Wireless Access Point (C9117AXI). Wireless devices such as a Chromecast (VLAN 2610), Phone (VLAN 2609), and Android device are shown connecting to the C9117AXI, illustrating a scenario where mDNS services are accessed across different subnets.

Configure mDNS Gateway via Graphical User Interface

  1. In order to enable mDNS Gateway globally, navigate to Configuration > Services > mDNS. Under Global, switch to Enable mDNS Gateway and select Apply as shown in the image.
  2. (Optional) Configure a custom mDNS Service List for a custom Service Policy. If you want to use default mDNS Service List and Service Policy, move to Step 5. Under Configuration > Services > mDNS, in the Service Policy tab, configure new Service Lists as required. C9800 has predefined common services used by most wireless devices. If you don't need a special (not available) service, you can create a List with predefined available Services, but if needed, you can also add new services (with Service Definition). You need both, a Service List for Incoming (IN) direction and a Service List for Outgoing (OUT) direction (so required services are filtered when coming into the C9800 and when going out from it; hence, both lists are supposed to have the same services).
  3. Define a Service List Name for IN services.
  4. Select IN direction.
  5. Select Add Services.
  6. Available Services drop-down list is displayed, select the desired Service and Message Type any.
  7. Repeat steps to add more services as required.
  8. Select Apply to Device as shown in the image.
  9. Define a Service List Name for OUT services.
  10. Select OUT direction.
  11. Move Available Services into the Assigned Services list.
  12. Repeat steps to add more services as required.
  13. Select Apply to Device as shown in the image.

Configure mDNS Gateway via Command Line Interface

Step 1. Enable mDNS globally

C9800#conf t
Enter configuration commands, one per line. End with CNTL/Z.
C9800 (config)#mdns-sd gateway
C9800(config-mdns-sd)#transport both
C9800(config-mdns-sd)#active-query timer 30
C9800(config-mdns-sd)#exit
C9800 (config)#

Step 2. Configure a custom Service List for IN services

Add the different services required from the available list:

C9800(config)#mdns-sd service-list my-mdns-list IN
C9800 (config-mdns-sl-in)#match ?
airplay
airserver
airtunes
amazon-fire-tv
apple-airprint
apple-continuity
apple-file-share
apple-homekit
apple-itunes-library
apple-itunes-music
apple-itunes-photo
apple-keynote
apple-rdp
apple-remote-events
apple-remote-login
apple-screen-share
apple-timecapsule
apple-timecapsule-mgmt
apple-windows-fileshare
fax
google-chromecast
homesharing
itune-wireless-devicesharing2
multifunction-printer
phillips-hue-lights
printer-ipp
printer-ipps
printer-lpd
printer-socket
roku
scanner
spotify
web-server
workstation
C9800(config-mdns-sl-in)#match airtunes message-type any
C9800 (config-mdns-sl-in)#exit

Configure a custom Service List for OUT services

Add the different services required from the available list:

C9800(config)#mdns-sd service-list my-mdns-list-out OUT
C9800 (config-mdns-sl-out)#match ?
airplay airplay
airserver airserver
airtunes airtunes
amazon-fire-tv amazon-fire-tv
apple-airprint apple-airprint
apple-continuity apple-continuity
apple-file-share apple-file-share
apple-homekit apple-homekit
apple-itunes-library apple-itunes-library
apple-itunes-music apple-itunes-music
apple-itunes-photo apple-itunes-photo
apple-keynote apple-keynote
apple-rdp apple-rdp
apple-remote-events apple-remote-events
apple-remote-login apple-remote-login
apple-screen-share apple-screen-share
apple-timecapsule apple-timecapsule
apple-timecapsule-mgmt apple-timecapsule-mgmt
apple-windows-fileshare apple-windows-fileshare
fax fax
google-chromecast google-chromecast
homesharing homesharing
itune-wireless-devicesharing2 itune-wireless-devicesharing2
multifunction-printer multifunction-printer
phillips-hue-lights phillips-hue-lights
printer-ipp printer-ipp
printer-ipps printer-ipps
printer-lpd printer-lpd
printer-socket printer-socket
roku roku
scanner scanner
spotify spotify
web-server web-server
workstation workstation
C9800 (config-mdns-sl-out)#match airplay
C9800 (config-mdns-sl-out)#exit

Step 3. Create a mDNS Service Policy

C9800(config)#mdns-sd service-policy mdns-policy1
C9800 (config-mdns-ser-pol)#location site-tag
C9800(config-mdns-ser-pol)#service-list my-mdns-list IN
C9800 (config-mdns-ser-pol)#service-list my-mdns-list-out OUT
C9800(config-mdns-ser-pol)#exit C9800(config)#

Step 4. Add the mDNS Service Policy to the Policy Profile

C9800(config)#wireless profile policy my-policy-profile
C9800(config-wireless-policy)#mdns-sd service-policy mdns-policy1
Warning! Ensure mDNS service policy is configured globally.
C9800(config-wireless-policy)#exit

Step 5. Enable mDNS Gateway in the WLAN

C9800(config)#wlan 9800-mdns
C9800(config-wlan)#shut
C9800(config-wlan)#mdns-sd gateway
Warning! Ensure global mDNS gateway is configured.
C9800(config-wlan)#no shut
C9800(config-wlan)#exit

Anchor-Foreign Scenario

When you implement the mDNS Gateway feature in a mobility Anchor WLAN, where both the Foreign and Anchor WLCs are C9800 and the wireless clients obtain their IP address from VLAN(s) in the Anchor controller, this is the behavior and the required setup:

  • The Anchor controller is the one that acts as the mDNS Gateway, caching the services from all the devices connected to that Anchor WLAN and the respective VLAN, and responds for queries to those services cached.
  • When it responds to queries, the C9800 Anchor controller will source responses using its SVI IP address of the VLAN assigned to the client asking for the service. Hence, all client VLANs requiring mDNS Services must have an IP address at the SVI in the Anchor.
  • mDNS Gateway must be globally enabled on both the Foreign and Anchor WLCs.
  • Both the Foreign and Anchor controllers should use the same mDNS Service Policy with same services (default or custom), which should be assigned to the Policy Profile linked to this Anchor WLAN. All these configuration settings are the same steps already covered above in this document.
  • The only configuration difference for a mobility Anchor WLAN setup is this; navigate to WLAN > Advanced settings, the “mDNS Mode” in the Foreign C9800 must be Bridging and in the Anchor C9800 it must be Gateway.

Verify

Use this section in order to confirm that your configuration works properly.

Use commands:

C9800#show mdns-sd summary
MDNS Gateway: Enabled
Active Query: Enabled
Periodicity (in minutes): 30
Transport Type: Both IPv4 and IPv6

Review if WLC is actually caching mDNS services and which ones (in a mobility Anchor WLAN, this cache should be checked on the Anchor controller), by listing the mDNS cached services with this command, where you can see the source MAC address of the device that offers the service and even its IP address, along with other mDNS details:

C9800#show mdns-sd cache

-------------------------------------------------------------
RECORD-NAME
DATA

_googlecast._tcp.local
Chromecast-Ultra-687f65f66d478b2c787eac8bc7c9efad.

-------------------------------------------------------------
RECORD-NAME
DATA

Chromecast-Ultra-687f65f66d478b2c787eac8bc7c9
687f65f6-6d47-8b2c-787e-ac8bc7c9efad.loca

-------------------------------------------------------------
RECORD-NAME
DATA

687f65f6-6d47-8b2c-787e-ac8bc7c9efad.local

-------------------------------------------------------------
RECORD-NAME
DATA

Chromecast-Ultra-687f65f66d478b2c787eac8bc7c9
[172]'id=687f65f66d478b2c787eac8bc7c9efad''cd=9A10
C9800#

 PTR Records 
TTL
TYPE ID
4500
WLAN 2

 SRV Records 
TTL
TYPE ID
4500
WLAN 2

 A/AAAA Records 
TTL
TYPE ID
4500
WLAN 2

 TXT Records 
TTL
TYPE ID
4500
WLAN 2
CLIENT-MAC
48d6.d50c.a620

CLIENT-MAC
48d6.d50c.a620

CLIENT-MAC
48d6.d50c.a620

CLIENT-MAC
48d6.d50c.a620
RR-RECORD-
Chromecast-

RR-RECORD-
0 0 8009

RR-RECORD-
172.16.9.11

RR-RECORD-

Troubleshoot

This section provides information you can use in order to troubleshoot your configuration.

If you need to check more details about all the exchanges happening on the C9800, queries, caching behavior, responses, drops, errors, and more, gather these traces at the C9800 while you recreate the issue (connect the device that offers the service and the client asks for the service, let them try to discover the services required):

  1. Run this command at C9800: set platform software trace wncd <0-7> chassis active R0 mdns debug
  2. Reproduce the issue.
  3. Finally, run this command to gather the traces enabled: show platform software trace message wncd <0-7> chassis active R0

Related Information

PDF preview unavailable. Download the PDF instead.

215352-configure-and-troubleshoot-mdns-on-catal iText 5.5.12 ©2000-2017 iText Group NV (AGPL-version)

Related Documents

Preview Cisco FlexConnect Bonjour Deployment Guide for Cisco DNA Service
A comprehensive guide detailing the deployment of Cisco DNA Service for Bonjour with Cisco FlexConnect wireless networks, enabling seamless service discovery and distribution across wired and wireless environments.
Preview Cisco Catalyst 9800 Series Wireless Controller Release Notes - Cisco IOS XE Bengaluru 17.5.x
This document provides release notes for the Cisco Catalyst 9800 Series Wireless Controllers running Cisco IOS XE Bengaluru 17.5.x, detailing new features, bug fixes, and known issues.
Preview User Defined Network Configuration and Management
This document provides a comprehensive guide to User Defined Networks (UDN), explaining their functionality, configuration steps, and verification methods. Learn how to create secure, private network segments for devices in shared environments.
Preview Cisco Wireless Mobility and Roaming Configuration Guide
A comprehensive guide to understanding and configuring mobility features, including intracontroller, intercontroller, and SDA roaming, on Cisco wireless controllers.
Preview Cisco AireOS Virtual Wireless Controller End-of-Sale and End-of-Life Announcement
Official announcement from Cisco detailing the end-of-sale and end-of-life dates for the Cisco AireOS Virtual Wireless controller. Includes key milestones, affected part numbers, and migration options.
Preview Cisco 17.15.1EFT4 Software Interim/Beta Release Notes
Release notes for Cisco 17.15.1EFT4 Interim/Beta software, detailing supported platforms, MD5 checksums, and a comprehensive list of resolved caveats for Cisco Catalyst 9800 series wireless controllers.
Preview Provision Wireless Devices: A Comprehensive Guide
This guide provides detailed instructions on provisioning Cisco wireless devices, including controllers and access points. Learn about country code configurations, visibility and control features, and the step-by-step process for setting up Cisco AireOS and Catalyst 9800 Series controllers, including high availability configurations.
Preview Cisco Catalyst 9800 Series Wireless Controllers High Availability SSO Deployment Guide
This guide details the deployment of High Availability Stateful Switchover (SSO) for Cisco Catalyst 9800 Series Wireless Controllers running Cisco IOS XE Amsterdam 17.2. It covers configuration, connectivity, and operational aspects for ensuring network resilience and minimizing downtime.