Airprint in the Enterprise across subnets [Solution]
This is a message to help folks figure out how to setup
Airprint across wired/wireless subnets. Hopefully it will help a few people.
Airprint was designed to work with Bonjour on a local subnet/broadcast domain.
To print in the enterprise where we have wired/wireless infrastructure,
we need to use a DNS server to find the printer resources
Assumptions:
Our internal domain is: foocompany.com
We create a new subdomain: bonjour.foocompany.com
Creating a new subdomain allows up to apply DNS views so we can show print/bonjour services in
close proximity of the user.
You have a CUPS printer server (linux/apple) running at printserver.bonjour.foocompany.com
1. Setup a DNS server
If you setting up a test domain server, you can setup forwarding to your primary production server.
This way all DNS queries continue to work
In your named.conf file setup forwarding
options {
forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; };
forward first;
allow-query-cache { any; }; // Allow client queries from other subnet to query from cache
};
Create a new zone, "bonjour.foocompany.com"
zone "bonjour.foocompany.com." { type master; file "/etc/bind/db.home"; };
zone "foocompany.com" { type forward; forward only; forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; }; };
Create the following entries to support bonjour browsing
#=======DNS====Begin======
lb. dns-sd.udp IN PTR @
b. dns-sd.udp IN PTR @
dr. dns-sd.udp IN PTR @
db. dns-sd.udp IN PTR @
cf. dns-sd.udp IN PTR @
printserver IN A 10.47.203.188
# For every printer queue defined at the printer server you need to create a TXT and SRV entry
# The visual printer name that show up in the iOS listbox will be the part before . ipp.tcp, example "hpv8a", "hpv8acolor"
#
# _ipp and _printer seem to be equivalents, either seem to work on iOS.
# Printer 1
cups._sub._ipp.tcp IN PTR hpv8a. ipp.tcp
universal._sub._ipp.tcp IN PTR hpv8a. ipp.tcp
#Printer 2
cups._sub._ipp.tcp IN PTR hpv8acolor. printer.tcp
universal._sub._ipp.tcp IN PTR hpv8acolor. printer.tcp
hpv8a. ipp.tcp IN SRV 0 0 631 printserver
hpv8acolor. printer.tcp IN SRV 0 0 631 printserver
# The "adminurl" points to the printer queue url on the CUPS server
# The "rp" key points to the queue name as well
hpv8a. ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A 08A246LJ" "adminurl=http://printserver:631/printers/V8A_08A24
6_LJ" "ty=HP Laserjet V8A" "product=(HP LaserJet 4200)" "transparent=t" "copies=t" "duplex=t" "color=f" "pdl=application/octet-stream,
application/pdf,application/postscript,image/jpeg,image/png,image/urf" "URF=W8,SRGB24,CP1,RS600" )
hpv8acolor. printer.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A 08A246_ColorLJ" "adminurl=http://printserver:
631/printers/V8A 08A246_ColorLJ" "ty=HP Laserjet V8A Color" "product=(HP color LaserJet 4650)" "transparent=t" "copies=t" "duplex=t" "
color=t" "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf" "printer-type=0x801046" "URF=
W8,SRGB24,CP1,RS600" )
####Printer TEMPLATE
# cups._sub._ipp.tcp IN PTR NAMEX. printer.tcp
# universal._sub._ipp.tcp IN PTR NAMEX. printer.tcp
#NAMEX. ipp.tcp IN SRV 0 0 631 PRINTSERVERDNSNAME
#NAMEX. ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/QUEUENAME"
# "adminurl=http://PRINTSERVERDNSNAME:631/printers/QUEUENAME"
# "ty=Printer name"
# "product=(Printer PPD model line)" "transparent=t" "copies=t" "duplex=t" "color=f"
# "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf"
# "URF=W8,SRGB24,CP1,RS600" )
#=======DNS====End======
2. Setup CUPS
Add printers to the CUPS server.
Enable access to the printer queue from remote machines,
GUI: "System->Admin->Printing->Server->Server Setting: Allow printing from the internet"
Also make sure the following lines are present in /etc/cups/cupsd.conf
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
AccessLog syslog
AccessLogLevel all
LogLevel debug
MaxLogSize 0
SystemGroup lpadmin
# Enable printer sharing and shared printers.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseRemoteProtocols CUPS
BrowseAddress @LOCAL
BrowseLocalProtocols CUPS dnssd
BrowseProtocols all
DefaultAuthType Basic
3. Change iPAD configs
Add your DNS server as the first DNS server in the network settting page.
Add "bonjour.foocompany.com" to the DNS domains to search
4. Test printing
Open up Photos application.
Select a picture
Select "Send To->Print"
Select "Printer", now a list of printer names should show up as defined in the DNS server
Select a printer and hit "Print"
Fast task switch to Print Center to verify print job is being sent
Thanks
Ashish Desai
Security Architect
Fidelity Investments
email: ashish.desai@fidelity.com
Airprint across wired/wireless subnets. Hopefully it will help a few people.
Airprint was designed to work with Bonjour on a local subnet/broadcast domain.
To print in the enterprise where we have wired/wireless infrastructure,
we need to use a DNS server to find the printer resources
Assumptions:
Our internal domain is: foocompany.com
We create a new subdomain: bonjour.foocompany.com
Creating a new subdomain allows up to apply DNS views so we can show print/bonjour services in
close proximity of the user.
You have a CUPS printer server (linux/apple) running at printserver.bonjour.foocompany.com
1. Setup a DNS server
If you setting up a test domain server, you can setup forwarding to your primary production server.
This way all DNS queries continue to work
In your named.conf file setup forwarding
options {
forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; };
forward first;
allow-query-cache { any; }; // Allow client queries from other subnet to query from cache
};
Create a new zone, "bonjour.foocompany.com"
zone "bonjour.foocompany.com." { type master; file "/etc/bind/db.home"; };
zone "foocompany.com" { type forward; forward only; forwarders { YOURTOPNAMESERVER_IPADDR; YOURTOPNAMESERVER_IPADDR2; }; };
Create the following entries to support bonjour browsing
#=======DNS====Begin======
lb. dns-sd.udp IN PTR @
b. dns-sd.udp IN PTR @
dr. dns-sd.udp IN PTR @
db. dns-sd.udp IN PTR @
cf. dns-sd.udp IN PTR @
printserver IN A 10.47.203.188
# For every printer queue defined at the printer server you need to create a TXT and SRV entry
# The visual printer name that show up in the iOS listbox will be the part before . ipp.tcp, example "hpv8a", "hpv8acolor"
#
# _ipp and _printer seem to be equivalents, either seem to work on iOS.
# Printer 1
cups._sub._ipp.tcp IN PTR hpv8a. ipp.tcp
universal._sub._ipp.tcp IN PTR hpv8a. ipp.tcp
#Printer 2
cups._sub._ipp.tcp IN PTR hpv8acolor. printer.tcp
universal._sub._ipp.tcp IN PTR hpv8acolor. printer.tcp
hpv8a. ipp.tcp IN SRV 0 0 631 printserver
hpv8acolor. printer.tcp IN SRV 0 0 631 printserver
# The "adminurl" points to the printer queue url on the CUPS server
# The "rp" key points to the queue name as well
hpv8a. ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A 08A246LJ" "adminurl=http://printserver:631/printers/V8A_08A24
6_LJ" "ty=HP Laserjet V8A" "product=(HP LaserJet 4200)" "transparent=t" "copies=t" "duplex=t" "color=f" "pdl=application/octet-stream,
application/pdf,application/postscript,image/jpeg,image/png,image/urf" "URF=W8,SRGB24,CP1,RS600" )
hpv8acolor. printer.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/V8A 08A246_ColorLJ" "adminurl=http://printserver:
631/printers/V8A 08A246_ColorLJ" "ty=HP Laserjet V8A Color" "product=(HP color LaserJet 4650)" "transparent=t" "copies=t" "duplex=t" "
color=t" "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf" "printer-type=0x801046" "URF=
W8,SRGB24,CP1,RS600" )
####Printer TEMPLATE
# cups._sub._ipp.tcp IN PTR NAMEX. printer.tcp
# universal._sub._ipp.tcp IN PTR NAMEX. printer.tcp
#NAMEX. ipp.tcp IN SRV 0 0 631 PRINTSERVERDNSNAME
#NAMEX. ipp.tcp IN TXT ( "txtvers=1" "qtotl=1" "rp=printers/QUEUENAME"
# "adminurl=http://PRINTSERVERDNSNAME:631/printers/QUEUENAME"
# "ty=Printer name"
# "product=(Printer PPD model line)" "transparent=t" "copies=t" "duplex=t" "color=f"
# "pdl=application/octet-stream,application/pdf,application/postscript,image/jpeg ,image/png,image/urf"
# "URF=W8,SRGB24,CP1,RS600" )
#=======DNS====End======
2. Setup CUPS
Add printers to the CUPS server.
Enable access to the printer queue from remote machines,
GUI: "System->Admin->Printing->Server->Server Setting: Allow printing from the internet"
Also make sure the following lines are present in /etc/cups/cupsd.conf
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
AccessLog syslog
AccessLogLevel all
LogLevel debug
MaxLogSize 0
SystemGroup lpadmin
# Enable printer sharing and shared printers.
Browsing On
BrowseOrder allow,deny
BrowseAllow all
BrowseRemoteProtocols CUPS
BrowseAddress @LOCAL
BrowseLocalProtocols CUPS dnssd
BrowseProtocols all
DefaultAuthType Basic
3. Change iPAD configs
Add your DNS server as the first DNS server in the network settting page.
Add "bonjour.foocompany.com" to the DNS domains to search
4. Test printing
Open up Photos application.
Select a picture
Select "Send To->Print"
Select "Printer", now a list of printer names should show up as defined in the DNS server
Select a printer and hit "Print"
Fast task switch to Print Center to verify print job is being sent
Thanks
Ashish Desai
Security Architect
Fidelity Investments
email: ashish.desai@fidelity.com
Intel, iOS 4, airprint