DNS Service Discovery (DNS-SD)
DNS Service Discovery is a way of using standard DNS programming interfaces, servers, and packet formats to browse the network for services.
If you think the picture below looks a lot like the old Macintosh AppleTalk "Chooser", that's no coincidence. As we move away from AppleTalk to an all-IP world, we don't want to have to give up the convenience and ease of use that made AppleTalk popular, and made AppleTalk continue to be popular long after it should rightfully have been retired.
DNS Service Discovery is compatible with, but not dependent on,
Multicast DNS.
Documents
- Requirements for the Replacement of AppleTalk Name Binding Protocol (draft-cheshire-dnsext-nbp.txt) describes how AppleTalk Name Binding Protocol works, and what is needed in an IP-based replacement.
- DNS-Based Service Discovery (draft-cheshire-dnsext-dns-sd.txt) describes how to perform network browsing and service discovery using only standard DNS packets and record types. DNS-SD is not dependent on Multicast DNS (it works with unicast as well), but DNS-SD and mDNS are complementary technologies that work especially well when used together.
- DNS Long-Lived Queries (draft-sekar-dns-llq.txt) describes a protocol for setting up long-lived DNS queries with change notification, as a more efficient alternative to rapidly polling the server.
- Dynamic DNS Update Leases (draft-sekar-dns-ul.txt) describes a protocol for performing DNS Dynamic Updates with an attached lease time, that are automatically deleted unless renewed before the lease expires, much like a DHCP address lease.
- NAT Port Mapping Protocol (NAT-PMP) (draft-cheshire-nat-pmp.txt) describes a protocol for asking a home NAT gateway for its "public" address, so that a host behind a NAT gateway can create a DNS Dynamic Update using that public address, rather than its less useful private address, and similarly for asking a home NAT gateway to assign a public port number and an inbound port maping, so that a host behind a NAT gateway can create DNS SRV records using that public port number rather than its less useful private internal port number.
Setting up DNS for Zero-Configuration Wide-Area Service Discovery by Clients
One of easiest applications of Wide-Area DNS-SD is simply to add a few records to your DNS server, to automatically advertise selected services to clients, with zero configuration on the client side. When clients get a response packet from the local network's DHCP server, there's a domain in that packet, and clients running Mac OS X 10.4 (Tiger) or Bonjour for Windows automatically query that domain for advertised services. Therefore, as long as you have administrative access to the domain in question, you can easily add the necessary records so the clients will discover web pages, printers, and other network services of your choosing. If you don't have have administrative access to the domain currently being returned by your DHCP server, but you do control the DHCP server, then you can change the DHCP server to return a different domain — one that you do have control over. In many cases people set their home gateway's DHCP server to return their ISP's domain name in the DHCP packet, without giving it much thought. There's really no reason to do this, since you have no control over your ISP's domain. It makes a lot more sense and is a lot more useful to set the domain to be one that you do have control over.
There are two ways to do this. If you have your own name server already set up and running, you can just add the necessary records. If you don't already have your own name server, or you do but don't want to put the records there just yet, then you can also set up a test server to experiment with the technology.
If you're an end user and you don't have access to a DNS server to experiment with, you can still see Wide-Area Bonjour browsing in action just by entering an appropriate DNS search domain.
Setting up DNS to Allow Clients to Advertise their own Wide-Area Services
After advertising static services to clients, the next step you can take, if you choose, is to allow clients to advertise their own wide-area services.
Doing this is not zero configuration on the client side, for a couple of security reasons. One is that users of client machines on your network may not want their services advertised, potentially world-wide, without their knowledge or consent. For this reason, advertising of services into the global DNS is an option that has to be explicitly enabled by the client. In addition the client needs to specify the domain into which they want their services advertised. On the server side there's also a security concern. On the world wide Internet, you can't allow just anyone to update your DNS server. This means that the clients need to have cryptographic security credentials that establish their authority to update the domain in question. This means that clients need three pieces of configuration information:
- Whether or not dynamic update is enabled
- The name of the domain to update
- The security key to authorize those updates
Allowing clients to advertise services is a two-part task:
- You need to enable Dynamic Update on your DNS server.
- You need to configure the clients with the required information.
Further Information
- See the list of DNS SRV (RFC 2782) service types, and learn how to register a service type for your own protocol.
- A Rendezvous with Java, Michael Brewer's article about using DNS Service Discovery from Java code.
- Wikiverse and Wikipedia entries.
- DNS Service Discovery APIs for Ruby by Richard Kilmer and Chad Fowler.
- Thomas Uram's Bonjour interfaces for Python, which is actually a SWIG (Simplified Wrapper and Interface Generator) interface, so it supports a long list of languages.
- Avahi is a fully LGPL framework for Multicast DNS Service Discovery on Linux.
- Bonjour Browser by Kevin Ballard (TildeSoft).
- Zero Configuration Networking: The Definitive Guide
by Daniel Steinberg and Stuart Cheshire, published by O'Reilly Media.
- What’s that Bonjour item in my Safari Collections?
- Why is there a dot at the end of the hostname when I double-click a Bonjour Name in a web browser like Safari?
- How can I find out more about how Sleep Proxy Service operates on the network?
Page maintained by Stuart Cheshire
(Check out my latest construction project:
Swimming pool by Swan Pools)
gipoco.com
is neither affiliated with the authors of this page or responsible
for its contents. This is a safe-cache copy of the original web site.
gipoco.com
is neither affiliated with the authors of this page nor responsible
for its contents. This is a safe-cache copy of the original web site.