OS Foundations • 1:03:46
Bonjour gives applications and networked devices the ability to easily advertise and discover each other on the network. Learn how to use Bonjour in your products with programming examples for Mac OS X, Linux, and Windows. We'll also cover how to work with Bonjour using a wide variety of languages, including C, Cocoa, Java, and Ruby. This session is a must for any device with a network interface or application that uses the network.
Speaker: Stuart Cheshire
Unlisted on Apple Developer site
Transcript
This transcript was generated using Whisper, it has known transcription errors. We are working on an improved version.
Good morning, everybody. It's good to see you all here early in the morning on the first full day of the conference. We've got a lot of cool new stuff to show you in Tiger. So the outline of what we're going to talk about today, I'll give a quick recap of the Bonjour technology for the few people in the audience who may not be completely familiar with it.
I'm going to cover what's new, and then we're going to do some hands-on demonstration examples to show you with real code how easy it is to use this. And then my colleague Kiran Sarkar is going to talk about the new wide area Bonjour capabilities that are in Tiger, and he will show you some examples of how you can set up your own wide area Bonjour server using a standard DNS server.
So the recap. This is what was an hour-long talk at the first WWDC presentation on zero configuration networking, and now it's one slide, but I do want to cover it to make sure we're all on the same page.
[Transcript missing]
That happens pretty much today using DHCP. If you show up at a conference like this or you're in a hotel room, using DHCP, you can just plug into the Ethernet or join the wireless network and you get an address automatically. So that aspect of IP is reasonably well handled.
The aspect that isn't handled is when you're not on a big network run by an administrator. It's just your computer and your printer and a cable. And there is no DHCP server. There is no DNS server. And before Bonjour, IP would just fall on its face and not have any idea what to do because there was no server there to tell it. And that's what Bonjour fixed.
The technology that made that work are three things. IPv4 link local addressing gives you an address when there's no DHCP server to hand one out. Multicast DNS gives you name lookup when there's no DNS server to look up names for you. And the third thing is a new step forward from good old-fashioned IP, and that's browsing the network with DNS service discovery to discover what's out there. DNS service discovery works equally well on multicast DNS in the local case and, as you'll see now, using standard unicast DNS in the wide area case.
Since we launched this technology three years ago, it's become very widely available. It's been in several Mac OS releases. It's been in Windows. It's in Linux. It's in many, many software products from Apple. Pretty much anything on the Mac that does networking uses Bonjour because the engineers at Apple clearly see the benefits. Safari uses it. iChat uses it. iTunes uses it, both for peer-to-peer iTunes music networking and also for discovering the Airport Express.
Those of you who've got an Airport Express will know you just plug it in, and it just appears in that pop-up menu at the bottom of the iTunes window. No typing in addresses or any of that nonsense. If there's one there, it shows up. All of that made possible by Bonjour. Network printers have very widely adopted Bonjour, and that's why they just show up in the print dialogue. TiVo is using it. Many, many hardware products are using it.
So what's new since the last time we met? Well, for those of you who haven't heard yet, Rendezvous is now Bonjour. We have a new name, but the same logo, and from now on, you won't be hearing the word Rendezvous anymore. What else is new since the last time we met? All of the specification documents have been updated to reflect what the software now does in Tiger.
We made a lot of improvements in Tiger compared with Panther, and a lot of the third-party device makers were asking for the details of that. And as soon as we got Tiger shipped, we focused on getting all those documents updated. Link Local Addressing After many years of work at the IETF, just last month was published. It's now an official IETF standard RFC. The other drafts are all available at the dns-sd.org website. That's linked off the Apple Bonjour website, so you can find that very easily.
What else is new? Well, big news. We've released Bonjour for Windows. Many of our hardware makers making devices like cameras and printers said to us, "We love this Bonjour on the Mac. We love link local addressing, and it's just absolutely fabulous. You plug things in and they just work. But what about Windows?" We still have to have the manual this thick explaining how to set it up for Windows users.
We made Bonjour for Windows available, and as of today, you can now license Bonjour for Windows to include with your product. So instead of having a manual that thick and huge tech support costs answering the phone trying to explain to people how to set it up, you just put the installer on the CD in the box, and Windows users get... Not exactly the same ease of use as Mac users, but they get the ability to discover Bonjour devices on the network in Internet Explorer. They get the ability to set up printers without hassle. They get the ability to run other software that you may develop running on Windows using the same APIs as OS X.
Setting up printers is an interesting story. There's a website called iFelix, not affiliated with Apple or Microsoft. I just happened to find it one day. And they have a bunch of how-to instruction files telling people how to set up computers and solve problems. And they had a page on how to do network printing on Windows. And I printed it out. And the paper came to more than six feet, taller than I am, and it stuck up on the wall outside my office. And recently they added a link at the top of that page.
That said, don't do this. Just install Bonjour for Windows. And the new instructions with Bonjour for Windows are four screenshots. And actually the first screenshot is the introduction and the final screenshot is the congratulations, you've finished. So it's only really two screenshots. And I wanted to make it less than that. I actually wanted us to have in the first screen just a button saying I'm feeling lucky. And you click it and the window disappears and you're done. So that's available for Windows, which meets one of the big needs that hardware developers are having. were asking us.
It's available for licensing today. Contact [email protected] and we'll sort out the details of getting that on your CD. It's available for public download to anybody who wants it today at apple.com/bonjour. I picked up a magazine. I just came back from London, and I picked up this magazine in the airport.
What Hi-Fi? Like a lot of Hi-Fi magazines, they're still extolling the virtues of LPs and turntables and vinyl. But they had a review of network music players. Their top-rated music player, well, actually the only one that didn't stink, basically, was the Roku SoundBridge, which I'm sure people who have been here before saw me show in previous years.
Very nice little elegant product. Implements link local addressing and multicast DNS and DNS server discovery, all of the Bonjour conformance test checklist items, and you just plug it in and it works. The other interesting thing was in their annual roundup of products, they created a new category. First time this year, Technology Product of the Year, and that award went to the Airport Express for playing music. And this is really, really gratifying to the Bonjour team. Because those products both singled out in this magazine as being the Hi-Flyers, made possible by Bonjour.
Now, of course, as a technology behind the scenes, you won't see that mentioned in the magazine. They don't know why it works, they just know that it works. And partly that's because while we were in the transition of picking a new name, companies were not putting Rendezvous or Bonjour on their boxes. Well, as of today, you can license the logo and the trademark. But you can't license the logo and the trademark. As well as licensing Bonjour for Windows. And I encourage all of you to do that and start putting that logo on the boxes.
Because somebody described Bonjour as the best kept secret in the networking industry. I heard somebody at this conference asking the question, "When are printer makers going to start adopting it?" Pretty much every printer, every network printer you can buy today from every network printer maker does Bonjour, but they don't say on the box because we're in the process of changing the name.
I'm not saying that these products in these magazines were necessarily the best because they use Bonjour. It's not some magic fairy dust that you sprinkle on a bad product and it magically becomes good. But there is a definite correlation that the kind of developers who care about doing Bonjour are the kind of developers who get all the other details right as well. And it's not a slight difference. It's night and day.
Jim Laudebach wrote a Ziff Davis article about network music players. He reviewed four of them. Three of them he gave up after two hours and couldn't get them to work. The fourth was the Roku. He plugged it in. It worked in 30 seconds. And you want to put the Bonjour logo on your packaging to let people know which of those groups your product falls in.
Last year, we previewed the Java API, and I'm pleased to tell you that that API was polished up and finished. It's in Tiger. It's in Bonjour for Windows. It also went into the 10.3.9 software update, so for those of you making Java apps, you don't need to require Tiger. So that's there from 10.3.9 and later for the Java programmers. And the other big new feature, which Kieran's going to tell you about, is wide area Bonjour.
[Transcript missing]
So now it's time for the demo. We will switch to demo one, please. OK. So what I want to show you right now is how easy it is to Add Bonjour to hardware products, how easy it is to use in software applications in a variety of different languages.
[Transcript missing]
This is a network camera made by a company called Axis. And those of you who were at the developer conference when we first announced Rendezvous as it was then in Mac OS 10.2 will remember I showed some Axis cameras on stage. And we had a demo where the Mac software was real, but all the hardware was being simulated. And the point of the demo was to show how the world could be if these devices adopted Bonjour or Rendezvous.
Access is one of the companies that's been shipping Bonjour-enabled products for about a year, but most people don't know that unless you happen to notice it show up in Safari. Starting now, they'll be making a fuss about that in their marketing and putting the logo on the box.
The other thing I love about this Access camera is this does power over Ethernet, and that really addresses one of the last criticisms of IP-based networking. The advantage of USB and FireWire is you don't need a power brick because you get power on the cable. And power over Ethernet was invented a few years ago by companies like Cisco to power their IP phones on the desktop and to power wireless base stations that you put into the ceiling space. and it was too expensive.
If you want to put wireless base stations down the corridor in your company, and you have to hire an electrician to crawl through the ceiling space and put the power outlets to power them, he's going to charge you about $100 an outlet. So Cisco said, OK, we'll charge you about $100 a port on the Ethernet hub. So a 24-port Ethernet switch would cost you $2,500. And that kind of put it out of reach as a practical technology for home consumers. I'm very excited that Netgear has started shipping a $100 hub that provides power over Ethernet. And we plug this in.
This runs Linux, so it's powered over the cable. Some of you may remember some of the products I've shown in previous years. This is the SCH Intercom print server. I think this was the first Bonjour-capable print server. You plug it in the parallel port and you connect the Ethernet.
You'll see the power brick is about as big as the print server itself. Stuart Cheshire This is the Site Player Telnet. It connects to the serial port so you can telnet over the Ethernet to a serial device. Power brick bigger than the device. This is a beautiful little IO gear thing.
This is a print server. USB in this side, Ethernet out this side. Power brick. These things are all crying out for power over Ethernet. So for the hardware makers in the room, definitely I urge you to consider looking at power over Ethernet now the price is coming down. It can save all of this spaghetti wiring.
So you'll see the Axis camera showing up in Safari. I can double click it and it connects. So we discovered it, but Viewing video in a web page is kind of cumbersome. Modern video streaming is done using RTP, and QuickTime can play RTP streams. So I thought it wouldn't be much better if we could actually just discover the RTP streaming service this camera offers, rather than just a generic web page. So let's go to setup.
Now, this runs Linux, so you can just get the Darwin code and compile the responder. Fortunately, I didn't have to because Access has already done that. What I did with this camera was I went into the little scripting editor that they've got built in to the camera and in the configuration directory, this is their services file that describes the services on the camera. It was already advertising HTTP, and it was advertising Access Video.
I added this section here to add RTSP, reboot the camera, and now when we look in QuickTime Player, This is in QuickTime Player 7 on Panther and on Tiger. In the Open URL panel, you pull down this menu and it will discover Bonjour advertised RTP streams on the network. You select it and we have Bonjour.
We have networked video. So that was a quick prototype. That was about half an hour's work. What I want to show you now is how we added that to QuickTime Player. One of the tools here, if you've not seen Bonjour Browser, it's a great tool for developers. It will just browse the network and tell you what's there. Now, this can be hard on the network. You don't want to leave it running all the time.
[Transcript missing]
The dns-sd command is really an internal testing tool, but we ship it with Tiger because it is such a useful testing tool, both in the development process and in troubleshooting networks. So I will do a-b, browse for HTTP TCP service, and... We can see that the camera is advertising HTTP. So this was the first thing we did.
When I wanted to confirm that I'd made the camera advertise RTSP, before I embarked on a big programming project on QuickTime Player, the first thing to do is browse on the command line. And there we've successfully confirmed that the camera is advertising. Stuart Cheshire So the second step was I went to the QuickTime team and I asked for a copy of the sources for QuickTime, which I have on an encrypted disk image in case I lose my laptop. Stuart Cheshire QuickTime Player is just an Xcode project.
And if I build and run that, you'll see QuickTime Player as it was when I got it. It has the open URL menu up here. It has the menu of recent items, but that's all. So we thought this is a good place for us to add Bonjour browsing on. So let's go back to the source code here. We only had to change two files, and this was literally an afternoon's work. So first we will change the header file.
So the first thing I changed was we added two NSNetServiceBrowser objects. So we could browse for RTSP and QTTP. And the Bonjour service type QTTP semantically means QuickTime movie file served over HTTP. The reason it's not HTTP is because it doesn't make sense for QuickTime player to discover every web page on the network. It specifically wants to discover movie files. The transport protocol happens to be HTTP, but that's an implementation detail.
So we added the two extra objects, and we added a new method to set the URL text field to simulate as if the user had typed something in, the software will now automate it. So that was all we had to change in the header file. Let me... I'm going to actually apply those changes. So let's... So I've changed that file. Now, the only other file we had to change was the OpenURL panel.
We added one header file for the struct SOC adder type. This is the implementation of the routine that takes in a host name and a port and a text record expressed as an NSDictionary. And from that, it extracts the path key, and it forms a URL, either a form RTSP colon slash slash or HTTP. If there's a username there, then it will put username, colon, password, at, and then password.
If the port number is the default, we don't put it in just for cosmetic reasons. If the port number is different, then we have colon port number, slash, and then the path. So that builds a URL, and then we call set string value to put that string into the text field.
Looking a bit further on, I'll actually jump down here. When the window is opened, we make an NSNetService browser, and we browse for QTTP, and we make another one browsing for RTSP. And there you'll see the close routine that stops the operation when the window is closed. So let's apply some of these changes to the file. We will put the header file in, we'll put the initialization in, and we'll put the disposing at the end.
We now have-- so now that we've started the browse, in your code, you would need to implement-- A Cocoa method called DidFindService, which is called when a new service is found on the network. And in this code here, you'll see we are making a menu item. We are checking if we need to add a separator item if this is the first thing we're adding to the menu, and we are adding the item and enabling the button if this is the first thing we're adding. We have a corresponding remove method if a service goes away, because this is one of the things that's very important about Bonjour browsing.
services are live. You don't have a refresh button. When services come along, they get added to the list. When they go away, they disappear from the list, and it's always live. So the did remove service tells you it's gone away. We reverse what we did before. We remove it, and if there are no more things in the menu, then we disable the button. So let's apply that to our file.
When the user picks one of the things from the menu, we do a resolve with timeout to go from that named service to look up its host name, port number, and the other details. So we'll apply that. And then the last change is what we started looking at before.
Which is when the resolution completes, the did resolve address is called. We extract the text record dictionary, the address, the port. Depending on whether it's a V6 or IPv4, we get the port number out of the SOC adder. And then we call this setTextFilledWithType method that I showed you earlier. This is the real source code for QuickTime Player. And you just saw me make the changes. So we will now go back to Xcode. We'll build and run that.
Okay, that's linking. It's running. And now we see in the menu, it's discovered the camera. So it was literally that easy for us to add Bonjour browsing to QuickTime Player. We took those diffs back to the QuickTime team, and they said, that's pretty cool, and now it's in the product.
We then showed that to the Access people, and they said, that's pretty cool, and now it's in the product. This is their new model of the camera, which is shipping sometime this month. It's not out yet, but very soon. And this now ships with Bonjour advertising. So this now... I have to wait for it to boot. This is booting up.
and they will be shipping this. There we go, Access 207. So now, and this has really, really nice low-light performance. For a consumer-level camera, this is amazingly good in a dim light. I can see you more clearly on the screen here than I can standing here myself. So now we have a shipping product from Apple which browses using Bonjour for RTSP. We have a shipping product from Access that browses with Bonjour. There's a company nearby called Wizchip that makes reference design boards and they have all these little modules that you can add on to this for prototyping.
That little camera module. And they saw this and thought that was exciting. And in one afternoon, they got the sources from Darwin, they typed to make it, compiled, they added the services.txt file, they checked it into their CVS server. So now all of the products that license the WishChip design are advertising with Bonjour. And because they're a group of people who use Linux, they were very excited about that. And they're adding Bonjour to VLC, Video Landcast. So now we've got multiple clients browsing. We've got multiple hardware products advertising services. And that's critical mass.
At this point, every camera vendor, if they want to show up in QuickTime and VLC will advertise with Bonjour, anybody making software that can view cameras will want to browse for Bonjour because that's how you find cameras. And that is how you go from nothing to a de facto industry standard in the sense that you can't find cameras. So you have to have a space of a couple of months instead of a few years.
So with that, I'd like to ask Kieran to come up on stage. and tell you about Wadari Bonjour. Can we go back to the podium machine, please? Thank you, Stuart. My name is Kiran Sikar, and for Tiger, I was working on extending Bonjour's functionality beyond the local network.
This morning I'd like to take a few minutes and give an overview of exactly what wide area Bonjour is and how it's going to impact your products and the way we work with our machines. Then I want to dive in and take a look at some of the technology that goes into bringing out this new functionality and the steps we need to take to make the most out of this new technology. Then we're going to wrap up by doing some live demos, seeing how you can set this up on your own networks.
White area Bonjour brings us two new pieces of key functionality. The first one's a dynamic DNS host name. Now, this is analogous to the .local name that we have in local area Bonjour. But unlike a .local name, this name is globally unique. That means that when I name my machine or device, that name refers to my machine and only my machine, no matter where you are on the internet.
Now, in addition to this name being unique, it's also persistent. That means that as I move about, say, from my office to my home to an internet cafe, or as my IP address changes for any reason, my name stays the same and stays up to date so that people can be able to reach me no matter where I am.
Now, of course, Bonjour is about more than just naming. It's also about being able to discover services on the internet. With Wide Area Bonjour, we can advertise our services so that people outside of our local network can discover us, and we in turn can discover these services outside of the LAN.
But just as important as what's new with wide area Bonjour is what stayed the same. First of all, the protocol semantics are the same. We use the same DNS resource records to convey information about our services. But more importantly for all of you, the APIs are unchanged. These APIs were written from day one to scale from the local network to the wide area networks. And we figured you guys probably have enough of a transition to think about right now. So you likely won't have to change a single line of code to use wide area Bonjour in your applications.
Now, it's great that the protocol is the same. It's great that the APIs are the same. But these are really secondary to the user experience. By taking the Bonjour user experience from the local network that's made the technology in all of your products that leverage it so successful and easy to use and extending it, we complete the Bonjour experience, which is bringing zero configuration networking everywhere.
From the local networks where it started, is the founder of Bonjour, a mobile app that is designed to manage networks with multiple subnets and even across the internet. And in doing this, we bring reachability to everyone. Traditionally, to be reachable, you either had to be on a managed network or have a static IP address and know how to set that up.
With wide area Bonjour, you don't need those things. And by removing that restriction, we bring reachability within the grasp of a much wider audience. Now, even if you have been reachable in the past, chances are once you went mobile, your reachability went out the door. With Wide Area Bonjour, we have mobility and reachability with ease of use, bringing about new possibilities for mobile collaboration.
If you already use Bonjour in your application on the local network, wide area Bonjour makes your applications even more powerful while still maintaining their ease of use. On the other hand, if you manage a network, you might have found yourself wishing that you had the Bonjour ease of use, but not being confined to a single subnet. With Wide Area Bonjour, you get just that. You end up with a network that's both easy for you to administer and flexible and easy for your users to interact with.
Now, if you have a hardware product, like the one that Stuart's just showed, and you already use Bonjour on the local network, you know how Bonjour makes your products easier to use, giving you more satisfied customers, and even lowering your support cost. But wide area Bonjour can take that competitive advantage even further, and might even bring about new types of devices that were previously impossible. Now, before this becomes a marketing talk, I want to take a look at some of the technology that goes behind this new functionality.
With local Bonjour, we use multicast DNS to query for and advertise services on the local network. With wide-area Bonjour, we use those same resource records, but instead of multicasting them on the local network, we communicate directly with a central server using unicast DNS. To discover services, we simply issue a query to the server and get a response.
And to register our services, we use a kind of DNS known as dynamic DNS update. This is a standard part of DNS that, when enabled, allows a client to actually publish its resource records into the server so that they can be discovered by others. Now, these two things, unicast queries and dynamic update, provide the basis for wide area Bonjour. But we went ahead and actually extended the DNS protocol using DNS's native extension mechanism to further enhance the user experience.
Take dynamic updates. With a traditional dynamic update, we update the server and that record stays in the server until we actively delete it. Now that's fine for some applications, but consider a laptop. I plug in my laptop, register my name, register my services, and then unplug the Ethernet cable and walk away. Well, those records are going to stay on the server indefinitely, giving people who discover them stale information. So we extended dynamic updates to contain a lease life, allowing the server to garbage collect these orphaned records and keeping people's browse lists up to date.
Likewise, on the discovery side, traditional DNS queries are one-shot queries. We ask a question and get an answer that represents what's on the server at that point in time. But with Bonjour, we want to do live browses to learn as new services become available and to find out when services that we've previously discovered go away.
We don't want to have a refresh button, and we want something that's more scalable and more responsive than just polling the server every few minutes or every few hours. So we created a new kind of query called a long-lived query, where we ask the server for the set of answers, and also to tell the server to continue to let us know with notifications as new services become available or as services that we've previously been told about disappear. It's a little-known fact that that notification mechanism is actually what drives .Mac syncing when you get live notifications as your sync data changes.
Now, unfortunately, I don't have time to go into the details of how those protocols are implemented today, but if you're curious, they're all open specifications, and they're documented on the developer web page. Now, a few things need to happen on the client for a client to fully take advantage of all those technologies.
First, we've got the discovery side. Now, discovery is a truly zero configuration experience. As Stuart pointed out, if you open up Safari on your laptop and click the Rendezvous icon, pardon me, the Bonjour icon, old habits are hard to break, you will see wide area websites that are advertised in the apple.com domain. That's because we've set the network up here at Moscone to tell clients to browse in apple.com, and any services in apple.com's domain will be picked up automatically by your clients.
Now, we can also configure other domains. For example, if you wanted to continue browsing in apple.com after you leave the conference from your hotel room, per se, We do get a truly zero configuration mobile experience as you move between, say, an airport that advertises local pages, perhaps describing some of the services or restaurants it offers, or a hotel that describes services containing some of the concessions and services that it offers.
The advertisement side is a little bit different. Because we're using a globally unique host name, we can't just make one up. You know, if I try to name my laptop Google.com, that's clearly not going to work. So we need a unique host name that's given to us by the person who's running our Bonjour server.
Additionally, for registration domains, we have one domain where we want to register. We don't want to just register wherever the network tells us as we move about, because the whole point is that you register in one well-known place, and as you move about between networks, other people still know where to find you.
And lastly, if you're using Wide Area Bonjour behind a firewall on a small network with a trusted group of people, you might be happy having a completely open name server where anyone can publish records into it. But if you're on a bigger network or you're using this on the open internet, you clearly need some kind of security system so that not anyone can publish into your server. So we use DNSSEC for this. And if DNSSEC is being used on your wide area server, you'll need to add that to the client as well.
Now, keep in mind that once these things are set up, we do have a truly zero configuration experience. Names and services are registered automatically, automatically deregistered. They stay up to date as your location changes, and the browsers stay live. Now, if you've been exploring in Tiger, you might be wondering, where's the UI to set this up on the client? Well, the truth is we're still working on getting the UI up to Apple's specifications.
That being said, on the path to bringing Wide Area Bonjour to all of our users, we're actually in a great place. Most importantly, all of the mechanisms for Wide Area Bonjour are in Tiger and exposed in Tiger's APIs. In addition, we've got the Wide Area Discovery, which happens without any configuration at all, as you can see today on your laptops.
We've also got a fully featured UI test tool. Now, this is a test tool, and it favors flexibility over simplicity. And it might not be pretty, but it gets the job done. And I'm going to walk you through how to set it up today. And what I'd love to have happen is for all of you guys to download it, take it back to your networks, set up a Bonjour server, get your colleagues using this UI tool, and getting used to the wide area Bonjour experience and really understanding the value that it adds to your products. That way, when we do integrate a UI into the system, you guys are ready to hit the ground running.
Now, if you really can't wait that long, you can actually embed pieces of the UI directly into the application. One of our Apple applications that does distributed video rendering did just this. Now, admittedly, this is a short-term solution, because we don't want separate controls in every single application. But if you do have special needs, I urge you to go ahead and contact us, and we can work with you to do that in a way that's going to be as maintainable as possible.
On the server side, the configuration is actually quite easy. We've got a web page up on dnssd.org. is the founder of Bonjour, a web service that gives step-by-step instructions on how you can set up a name server from scratch and configure it to be a wide area Bonjour server.
Now, if you've ever looked at DNS configuration files, they're kind of yucky. But this website is set up so that you can really just copy it and paste it and change just a few pieces, as I'm going to show, and you'll be ready to hit the ground running.
The two main pieces we need to set up are a zone file, which describes the namespace where we'll be registering and indicates its capabilities as a Bonjour domain, and a configuration file that tells the name server to accept dynamic updates and possibly configure some security credentials. Now, not all name servers right now support our DNS extensions for the long-lived queries and the update leases. So with Tiger, we ship a daemon that implements those two extensions and runs alongside your standard name server. And of course, this is available on Darwin to use with other name servers as well.
So now that we've got the server set up and the client configured, what do applications need to do to use wide area Bonjour? For most of you, nothing. From day one, we suggested that when you use our APIs, when you have to specify a domain parameter for either registration or browsing, you don't specify a particular domain and instead pass the empty string, allowing the system to choose domains on your behalf. Now, up until now, that's just been the local domain. But with wide area Bonjour, the system can register and browse in the local network as well as whatever wide area domains are appropriate for that environment.
Now, the one area of this that could use a little polish is that you're discovering services from potentially a variety of domains, and they're being displayed in one flat list. And that gets the job done, and it's a great way for unmodified applications to benefit from this technology.
But you might run into cases where, for example, you see one service on the local network and another service on a wide area domain, and they have the same name, and they show up next to each other in the list, and the user doesn't know which is which until the user actually selects the service.
If you want to refine this experience, you can do what we call multi-domain browsing. And the Finder does this today in Tiger. To do this, you need to use our domain enumeration APIs, which have been part of the API from day one. These return a list of domains, which you can then display in a hierarchy. You then only need to browse when the user actually selects an individual domain, and then you then show the results just for that domain.
Now that we've covered the basics of clients, servers, and how the applications interact with them, I want to turn over to some demos and look at setting up a server with some static services, as well as configuring secure dynamic update. And as well, I'd like to look at how we can use our preference pane, which is the test tool to configure the client, to interact with that server. So if we could switch over to the demo machine, please.
So this is the web page which describes how to set up a server. It's not too long, and most of it is actually description. And unfortunately, we're running a bit short on time, so I don't have time to go through it step by step. But I will go ahead and set it up anyway, and what I'd like you to take away from this is how easy it is and how it's mostly a matter of copying and pasting and changing just a few things. Here we've got our configuration file. Now this configuration file is just copied and pasted from the setup page. Let me make this a little bigger for you.
So let's just go ahead and look at the changes I had to make to use this with my server. This is the copy that the name server will actually read its configuration from. And this is the sample. The first change we had to make here is the forwarders.
That's better. So when a machine's running as a wide area Bonjour server, it answers queries for records within its name space. Right now I'm setting up a server for the domain Bonjour.kiren.com. Now, if this server gets a query for something else, say www.amazon.com, it needs to know the address of another server to send that off to. So I go ahead and add my normal DNS server here. And the web page even shows you how you can find the address of your server on your OS X system.
After that, it's really a matter of searching and replacing Bonjour.example.com with Bonjour.kiren.com. The last thing we do is this is the shared secret for secure dynamic updates. Clients need to have this secret and use it to sign their updates in order for my secure server to accept them. The web page shows how, with a single Unix command, we can generate a random secret, and we then just go ahead and copy and paste that in here.
Now, that takes care of the configuration file. Now let's look at the zone file. The zone file describes the zone. It gives information like the time to live and also has the resource records within that zone. Now, if you're curious about DNS and how this all works, I encourage you to either read online or buy one of the DNS books, such as the Cricut book, which are very good and very detailed.
But if you just want to get this up and working, again, what you need to do is just copy and paste the boilerplate from the web page and change a few pieces where indicated. So here's my finished zone file. And here's the example that was copied and pasted.
And here we only have two differences. First, we need the address of the machine itself that's running as the name server. Here we have WAB for wideareabonjour.example.com. And I changed that over to myserver.bonjour.curing.com. This is typically the name that's already been assigned to your machine that's acting as the server. And again, we make that change in one more place.
And that pretty much takes care of it. The one thing that I would like to add are some static service records. Now, these are not for dynamic Bonjour registrations, such as cameras or services advertised by a laptop. But these are things like the web pages that you're discovering in Safari that are in a fixed place that we want our clients to discover. So I have a few examples here that I'm just going to copy and paste into the zone file.
Here, we're advertising a printer. Again, don't worry too much about the details, because this is documented on the web page. But the service type is printer.tcp, and it's pointing to our WWDC public printer. Now, notice here that the name of the printer that we're pointing to isn't even in my domain, bonjour.kieran.com. Nonetheless, I'm still able to advertise it so that people on my network or who are browsing in my domain can discover it and connect to it.
We have a second one here for our speaker printer. And we've got an example web page. This is the same type of record as we have on the Apple.com server that allows you guys to discover these Bonjour services. in case you haven't seen, they're right here. And if you open up your Bonjour bookmark bar in Safari, you'll see them yourself. So now we have our files all set. I'll make sure I've saved it.
What's left is to run the name server and... Our daemon that implements the DNS extensions. The name server doesn't even take any arguments. Just run it, and we're good. The daemon takes a couple arguments. The first one is the name of the zone. And then because we're using authentication, we use -k, indicating that we need a secure key, followed by the name of the key, which here is the same as the name of the zone, and the shared secret. Launch those.
Just to make sure we didn't have any typos, we'll check the system log. And the errors that you saw there are actually benign, and those are listed on the web page as well. Now... let's see if this stuff is working. Here we've got the Bonjour preference pane. We see three tabs-- Host Name, Registration, and Browsing.
The host name is our unique host name that identifies our machine, that points to an address that can change as we move about. And since I myself am the administrator of this zone, I can pick my host name and know it's unique. So I'll name this machine Demo.Demo. Bonjour.kiren.kiren.com as well as the shared secret, I can just copy and paste from my configuration file, if I can find it.
We click Apply. See that the light turns green? That means that our name was successfully registered. This name can now be used for anything that you'd use a host name for. You can ping it, you can use it in finders, connect to server. And that right there gives us a lot in terms of reachability. But as I mentioned, Bonjour is about more than just naming. We want to be able to register and discover services as well. So in the registration tab, I click the checkbox and enter my zone.
And again, enter my DNSSEC authentication and click Apply. Now, let's see if this is working. Here we're just doing our standard browse. The Safari, like many of your applications, does these empty string browses where the system picks domains for it. Now, let's see if I can advertise a web page with wide area Bonjour and have it be discovered. Click Personal Web Sharing. It takes a few seconds for Apache to fire up.
And there we have it. I double click on it. Oh, it decided to use my dot local. Because we're using the same machine as both the client and server, we ended up using my .local name. But just to show you that I'm not using smoke and mirrors, Well, let's try to print this page.
Here you can see we've discovered the printer with the wide area registration. And now, all of these services that use Bonjour will register and browse in wide area. So we're actually running short on time, and I don't want to take up all of our Q&A time. So let's go back to the slides just to wrap up here.
So for some more information, go to the Developer page. We've got documentation. We've got specs. We've got links to the dns-sd.org page, where you can find information to set up the clients and the server, as I just showed. And we've got a few other sessions that are directly related to Bonjour. Later this afternoon, we've got a lab where you can work with the Bonjour team on integrating Bonjour into your products.
We've got the Cocoa session, which covers a variety of networking topics, including Bonjour. And along with the beer bash at Apple Campus, we've got the Apple Developer Connection Plugfest, which is a great opportunity for you to bring your products in, show them to us as well as the other developers, and to work with the Bonjour team on those products. And for more information, you can contact Craig Keithley, who's our I/O evangelist and also does evangelism for Bonjour. He's also moderating our Q&A, so if I could have Craig come up as well as the rest of the Bonjour team.