• You must understand the mDNS service segmentation capabilities to implement, manage, and troubleshoot the proxy service in Local Area Bonjour domain.

• Ensure that the Cisco Nexus 9300 Series switch is configured in SDG-Agent mode. VRF-Aware Local Area Bonjour service is supported on first-hop IP gateway of switches configured in SDG-Agent mode in Wired networks.

• Ensure that the software version installed on the Cisco Nexus 9300 Series switch is 10.2(3)F or higher.

• Ensure that all required IP VRF with IPv4 or IPv6 address-family configurations is completed. These configurations are required to activate VRF on the switch configured in SDG-Agent mode.

• Ensure that the IP VRF configured to a local SVI interface supports IP gateway so that the mDNS Wired and Wireless endpoint can be attached directly or remotely.

• To activate mDNS gateway in Multicast mode for a VLAN, ensure that the mDNS gateway and service policy is configured after enabling the VLAN using the vlan configuration id command.

• Ensure that all configurations for IPv4 or IPv6-based data routing and forwarding both within the same VRF or different VRFs are complete including network requirements such as stateful firewall configuration, route-leaking configuration and so on.

• Ensure that all the prerequisites described in Configuring Local Area Bonjour in Unicast Mode for LAN Networks module are completed.

• VRF-Aware Local Area Bonjour services are configured to provide mDNS service discovery information between Layer 3 segments within the same or different IP VRF, or share services from non-VRF enabled networks only. Any additional IP routing and data forwarding configurations are beyond the scope of this implementation.

The Cisco DNA Service for Bonjour solution provides end-to-end service-routing for enterprise and data center networks. The enterprise and data center networks build secure and segmented networks that protect IT-managed infrastructure and shares services and resources among trusted and untrusted user group. The physical infrastructure can be logically virtualized into a private networking space that supports secure communication services within closed user groups and conditionally extends boundary services based on business and technical demands.

VRF-Aware Local Area Bonjour gateway services allow to dynamically discover and distribute mDNS services on the same VRF segmented Layer 3 overlay networks based on policy. The Layer 3 VRF segmented networks can also be configured to route in overlay using Cisco BGP EVPN VXLAN overlay networks.

Figure illustrates the Cisco DNA Service for Bonjour solution configured with VRF-Aware services for enterprise and data center networks.

The VRF-Aware service discovery and distribution can be implemented across multiple switches in SDG-Agent mode on an IP, or VXLAN-enabled network with Wide Area Bonjour. The Cisco DNA-Center Wide Area Bonjour application supports granular and policy-based routing services that allow discovery and distribution of mDNS services dynamically over overlay networks. You can build a global policy combining one or more source and receiver SDG-Agents that allow distributing or advertising services from a specific IPv4 or even an IPv6 network mapped to the VRF.

The network wide and distributed switches in SDG-Agent mode transport locally discovered or requested mDNS service information over lightweight unicast routing services to a centralized Cisco DNA-Center controller in an underlay IPv4 network. These switches must be configured with a unified service-export policy for local networks mapped to one or more VRFs.

Figure illustrates VRF-Aware Wide Area Bonjour services for IP, or VXLAN enabled overlay networks.

The Configuring Wide Area Bonjour module lists the configuration procedures in detail.

Intra-Virtual Network (Intra-VN) Proxy Service is a policy-based VRF-Aware service discovery and distribution implemented on the IP VRF of a switch in SDG-Agent mode connected to multiple IP networks.

Beginning from Cisco NX-OS Release 10.2(3)F, the Cisco Nexus 9300 Series switches support mDNS gateway service as the default on each VRF. You must build a mDNS service policy that implicitly allows required mDNS service types and mapping services to endpoint facing VLANs. The Cisco Nexus 9300 Series switch can automatically discover VRF associations to a VLAN interface without additional configurations.

The Cisco Nexus 9300 Series switch in SDG-Agent mode dynamically discovers mDNS services from a local network and automatically builds VRF-aware service information. To enable Layer 3 segmented proxy service by default, the SDG-Agent provides limited mDNS service proxy response to endpoints in other VLANs mapped with the same VRF.

Figure illustrates VRF-Aware enabled on an Intra-VN proxy service.

Inter-VN Proxy Service is a policy-based VRF-Aware service discovery and distribution implemented on multiple IP VRFs or on a global IP routing domain of a switch in SDG-Agent mode connected to multiple IP networks.

Beginning from Cisco NX-OS Release 10.2(3)F, the Cisco Nexus 9300 Series switches support mDNS service discovery and distribution between IP VRFs or on a global routing domain. Although configuring inter-VN provides Extranet mDNS proxy services between Wired and Wireless networks, additional methods such as stateful firewall, route-leaking and so on must also be configured to handle the data transfer between Inter-VN or VRF to global IP routing.

Figure shows Inter-VN proxy service for Extranet network.