Show 94 – Aerohive and Bonjour Gateway – Sponsored

Aerohive Logo

Aerohive has recently announced Bonjour support for networking. If you aren’t familiar with Bonjour it’s the zero configuration protocol that used by Apple for all their devices to discover services on the network such as printers, AppleTVs, File Shares and more. Apple technologies such as Airplay (for music/media sharing), AirDrop (for file sharing) and Print Servers to get access to resources. And with companies adopting Apple products on a large scale it’s time for the network to have some control and management of services.

At the networking level, the Bonjour protocol was designed for local access only and uses mulitcast and broadcast protocols to announce available services. For example this is a snap of services on a simple networks:

Bonjour Browser Screenshot

Aerohive has placed Bonjour forwarding agents into their hardware that allows control over Bonjour and sponsored this podcast to talk about these features.

Side note from greg: Although I learned a lot about Bonjour/ZeroConf in this podcast it’s important to realise that you can control Bonjour traffic on LANs in addition to wireless networks.

  • What is Apple’s Bonjour protocol?
  • How does it work?
  • What are the problems with it?
  • What has Aerohive introduced to solve these issues?
  • Why did Aerohive build this feature?
  • What types of companies are in need of this type of solution?
  • Were you the first to address this problem?

Show Notes

About Mathew Gast

Matthew Gast is the Director of Product Management at Aerohive Networks, where he leads development of the core software technologies in Aerohive’s fully distributed Wi-Fi network system. He currently serves as chair of both the Wi-Fi Alliance’s security task groups, and is the past chair of the IEEE 802.11–2012 revision.

Matthew is also the author of 802.11 Wireless Networks: The Definitive Guide (O’Reilly), which is now in its second edition and has been translated into six languages.

His second book on wireless networking, 802.11n: A Survival Guide (O’Reilly) is expected in March of this year.

[OReilly 802.11 book](

[Oreilly 802.11n book](

Greg Ferro
Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count. He is a host on the Packet Pushers Podcast, blogger at and on Twitter @etherealmind and Google Plus.
Greg Ferro
Greg Ferro
Greg Ferro
Greg Ferro

Latest posts by Greg Ferro (see all)

  • Andrew Gallo

    Interesting podcast. 
    Thank you for doing this.

    The Bonjour gateway is an interesting solution to a vexing
    problem, but, respectfully, this is ultimately a hack to get a residential
    protocol to work in an enterprise network. 
    Still, it’s better than anything your competitors have done, and I
    appreciate the work in this area.

    Here is the concern I have with this approach: there is no
    security.  Filtering based on name is
    easily defeated.  While this gateway is a
    great solution to making a link-local protocol work in a routed environment, we’re
    still left with how do we expose the right services to the right people in the
    right location.

    Imagine a campus environment of over 150 buildings with a
    wireless network over of 10,000 concurrent users.  I need to allow different constituencies’
    access to different services in their current location.  If I have a professor walking into a
    classroom and wants to use AirPlay, he wants to see just the TV in the classroom.  We also don’t want to allow students to be
    able to see (and of course use) the AirPlay in this setting.  So, I’ve got to combine authorization,
    location, and filtered service advertisements.

    Again, I think this is a great first step that Aerohive
    should be proud of.  But Zeroconf has a
    long way to go to be fully enterprise ready.