Newbie Network (DNS, Bonjour) Setup Questions

For information on Bonjour see:

Bonjour;
Bonjour - Software;
Bonjour Networking.

The IP address referred to in the PDF is the one assigned by your ISP. This is a REAL IP address as opposed to the those used locally by your system's NAT. Most ISPs, however, do not provide static IPs unless you pay for it. The IPs you usually get are assigned via DHCP and may change frequently (or not at all.) So unless you purchase a static IP address you may need to use a service that provides software to monitor your real IP address and if it changes the software assures that any IP services are pointed to the valid IP address even if it changes. One such service is called DynDNS.

You can and likely should ignore Bonjour here.

[Bonjour/mDNS/Zeroconf|http://developer.apple.com/networking/bonjour/index.html] is a way to have a simple DNS without having administration overhead. You can typically safely ignore Bonjour when configuring a Mac OS X Server box. You have to go out of your way to make it not work. If you're interested in details of Bonjour, follow that link mentioned earlier along to Stuart Cheshire's TechTalk on Google Video.

If you are planning to have your server(s) externally accessible, you want one or more public static IP addresses from your ISP, and you will want a firewall or equivalent and (if you don't have enough static IP addresses for your firewall/router (AEBS or better) and your server(s) you'll want to use NAT and a firewall/router that does port forwarding. You'll typically also want your ISP to serve DNS forward and reverse for your public static IP addresses, though you can (with NAT and a firewall/router) also choose to have your own private static IP addresses and your own local DNS for your private static LAN configuration.

To share your display (if you're not serving public information), you can choose to use a public non-static (dynamic) IP with a firewall/router, and port forwarding. Or with VPN capabilities. This allows you to use Server Admin and Screen Sharing and such to access your server, once authorized through your firewall/router. Your firewall/router can here operate in conjunction with DynDNS or another service; various mid-grade firewall/router devices can.

If you are serving information out, then you can also access inward via VPN or such, though using your public static IP address and your public DNS.

Key here is your firewall/router (AEBS has basic capabilities here), your public (static or dynamic) DNS and (static or dynamic) IP address, and your local network configuration. With what you want to do.

Bonjour does not particularly enter into this discussion. And for right now, you probably don't want to be running a public DNS server.

No, I'm not familiar but it isn't an Apple company or service. From the description it sounds a bit like a Bonjour form of DynDNS, but I'm guessing.

Bonjour is not analogous to the DynDNS DNS service.

DynDNS is a company that provides public DNS mapping into dynamic IP addresses; DynDNS used as a way to get cheap/free public DNS names for what are usually dynamic IP addresses.

That's not what Bonjour provides.

I think you need to look at the poster's link, then reconsider what I wrote. I did not say Boujour was the same as DynDNS. I linked to the DynDNS web site so don't you suppose I already know it's a company and what it does? I never stated that was what Bonjour provided. I'd appreciate a little reasoned thought before making such critical statements. It's a bit rude and inconsiderate.

Kappy, please check who I replied to back there. (That wasn't intended to be a reply to your posting, but to one of the OP's replies.)

My apologies, you're absolutely correct. I was out of line.

I'm the person behind http://globalhostname.com/. Bonjour (Zero Configuration Networking) can be a confusing topic as it's a label for multiple technologies, specifically:
* *IP address auto-configuration:* allocating a 169.x.x.x address when a DHCP client finds no server available
* mDNS: multicast DNS for providing a DNS service without a central DNS server (limited to the local network)
* DNS-SD: DNS Service Discovery is a method for discovering network services based on a system of DNS record lookups

The above technologies are what allows OS X to create and use network services on a network with little to no infrastructure (that is, dedicated servers). Wide-Area Bonjour is a set of extensions to traditional (unicast) DNS that allow for functionality similar to mDNS and DNS-SD but over the internet.

I'll try not to bore you with the detail but at the client-side it differs from traditional Dynamic DNS in that the Bonjour software (mDNSResponder) will if needed create port-mappings for you using NAT-PMP or uPNP to make services accessible. At the server-side it differs in that records expire so that if you are disconnected unexpectedly your services are not advertised perennially. As well, DNS queries are not one-shot but are long-lived so that if the answer to a given DNS query changes, the server will send another answer to let the client know what's changed.

These changes mean that as long as you have a public IP or are behind a NAT-PMP/uPNP enabled router you can for the most part share services over the internet just as easily as over a local network. Note though that some software, notably iTunes, will not register services over WAB.

Hope that clears up what WAB is — feel free to contact me (contact@globalhostname.com) if you have any questions.

I'm not at all familiar with OS X server but a few things come to mind that might make it difficult to use your on-site server as a WAB server. The first hurdle to overcome is that if you want clients that are on the same network as the WAB server to register with the WAB server, they'll have to connect to it via the external IP. This may not be possible with your network configuration - can you do this on your network?