Good morning, everybody. It's good to see you all here early in the morning on the first full day of the conference. We've got a lot of cool new stuff to show you in Tiger. So the outline of what we're going to talk about today, I'll give a quick recap of the Bonjour technology for the few people in the audience who may not be completely familiar with it. I'm going to cover what's new. And then we're going to do some hands-on demonstration examples to show you with real code how easy it is to use this.

And then my colleague, Kiran Sarkar, is going to talk about the new wide-area Bonjour capabilities that are in Tiger, and he will show you some examples of how you can set up your own wide-area Bonjour server using a standard DNS server. Thank you. So the recap. This is what was an hour-long talk at the first WWDC presentation on zero configuration networking. And now it's one slide. But I do want to cover it to make sure we're all on the same page.

What Bonjour is all about is TCPIP made easy. AppleTalk was easy, but AppleTalk was limited to small network sizes. TCPIP clearly wins because it scales to the whole planet, but it was never easy to use, and there was no good reason why it had to be that way. There was no magic that AppleTalk had that TCP couldn't, so that was what we wanted to fix. We wanted to make it so you can just take a TCPIP device and plug it in and have it work with no fuss, like the old laser-ighted printers on AppleTalk used to be.

And this is a common desire. USB works this way. FireWire works this way. Bluetooth works this way. People want to be able to just plug things in and have them work. And the question is, why not TCPIP, too? Because clearly TCPIP offers a whole lot of benefits over other technologies. Using Ethernet, you can go at gigabit speeds. You can go on over much longer cable lengths and have much more devices than you can on USB. With USB, everything is tethered to a single computer to be the master, and all the other devices are slaves. So it's a much more limited topology. If we could actually get the full ease of use of USB, but do it using TCP/IP, wouldn't that be much better? So that's what Bonjour is all about. Now, when I say just plug things in and have them work, That happens pretty much today using DHCP. If you show up at a conference like this, or you're in a hotel room, using DHCP, you can just plug into the ethernet or join the wireless network, and you get an address automatically.

So that aspect of IP is reasonably well handled. The aspect that isn't handled is when you're not on a big network run by an administrator. It's just your computer and your printer and a cable. And there is no DHCP server. There is no DNS server. And before Bonjour, IP would just fall on its face and not have any idea what to do because there was no server there to tell it. And that's what Bonjour fixed.

The technology that made that work are three things. IPv4 link local addressing gives you an address when there's no DHCP server to hand one out. Multicast DNS gives you name lookup when there's no DNS server to look up names for you. And the third thing is a new step forward from good old-fashioned IP, and that's browsing the network with DNS service discovery to discover what's out there. And DNS service discovery works equally well on multicast DNS in the local case, and as you'll see now, using standard unicast DNS in the wide area case.

Since we launched this technology three years ago, it's become very widely available. It's been in several Mac OS releases. It's been in Windows. It's in Linux. It's in many, many software products from Apple. Pretty much anything on the Mac that does networking uses Bonjour because the engineers at Apple clearly see the benefits.

Safari uses it. iChat uses it. iTunes uses it, both for peer-to-peer iTunes music networking and also for discovering the Airport Express, Those of you who've got an Airport Express will know you just plug it in, and it just appears in that pop-up menu at the bottom of the iTunes window. No typing addresses or any of that nonsense. If there's one there, it shows up. All of that made possible by Bonjour. All right. Network printers have very widely adopted Bonjour, and that's why they just show up in the print dialogue. TiVo is using it. Many, many hardware products are using it.

So what's new since the last time we met? Well, for those of you who haven't heard yet, Rendezvous is now Bonjour. We have a new name, but the same logo. And from now on, you won't be hearing the word Rendezvous anymore. What else is new since the last time we met? All of the specification documents have been updated to reflect what the software now does in Tiger. We made a lot of improvements in Tiger compared with Panther, and a lot of the third-party device makers were asking for the details of that. And as soon as we got Tiger shipped, we focused on getting all those documents updated. Link local addressing, after many years of work at the IETF, just last month was published. It's now an official IETF standard RFC. The other drafts are all available at the dns-sd.org website. That's linked off the Apple Bonjour website, so you can find that very easily.

What else is new? Well, big news. We've released Bonjour for Windows. Many of our hardware makers making devices like cameras and printers said to us, "We love this Bonjour on the Mac, we love Link Local Addressing and it's just absolutely fabulous. You plug things in and they just work.

But what about Windows?" We still have to have the manual this thick explaining how to set it up for Windows users. So, We made Bonjour for Windows available, and as of today, you can now license Bonjour for Windows to include with your product. So instead of having a manual that thick and huge tech support costs answering the phone trying to explain to people how to set it up, you just put the installer on the CD in the box, and Windows users get... Not exactly the same ease of use as Mac users, but they get the ability to discover Bonjour devices on the network in Internet Explorer. They get the ability to set up printers without hassle. They get the ability to run other software that you may develop running on Windows using the same APIs as OS X. Setting up printers is an interesting story. There's a website called iFelix, not affiliated with Apple or Microsoft. I just happened to find it one day. And they have a bunch of how-to instruction files telling people how to set up computers and solve problems. And they had a page on how to do network printing on Windows. And I printed it out. And the paper came to more than six feet, taller than I am. And it stuck up on the wall outside my office. And recently they added a link at the top of that page that said, don't do this. Just install Bonjour for Windows. And the new instructions with Bonjour for Windows are four screenshots. And actually, the first screenshot is the introduction, and the final screenshot is the congratulations, you've finished. So it's only really two screenshots. And I wanted to make it less than that. I actually wanted us to have in the first screen just a button saying, I'm feeling lucky. And you click it, and the window disappears, and you're done. So that's available for Windows, which meets one of the big needs that hardware developers were asking us.

It's available for licensing today. Contact [email protected], and we'll sort out the details of getting that on your CD. It's available for public download to anybody who wants it today at apple.com/bonjour. I picked up a magazine. I just came back from London, and I picked up this magazine in the airport.

and what Hi-Fi? And like a lot of Hi-Fi magazines, they're still extolling the virtues of LPs and turntables and vinyl. But they had a review of network music players. And their top-rated music player, well, actually the only one that didn't stink, basically, was the Roku SoundBridge, which I'm sure people who have been here before saw me show in previous years. A very nice little elegant product. Implements link local addressing, and multicast DNS and DNS service discovery, all of the Bonjour conformance test checklist items, and you just plug it in and it works. The other interesting thing was in their annual roundup of products, they created a new category. First time this year, technology product of the year, and that award went to the Airport Express for playing music. And this is really, really gratifying to the Bonjour team because those products both singled out in this magazine as being the high flyers made possible by Bonjour. Now, of course, as a technology behind the scenes, you won't see that mentioned in the magazine. They don't know why it works. They just know that it works. And partly that's because while we were in the transition of picking a new name, companies were not putting Rendezvous or Bonjour on their boxes. Well, as of today, you can license the logo and the trademark as well as licensing Bonjour for Windows, and I encourage all of you to do that and start putting that logo on the boxes because somebody described Bonjour as the best kept secret in the networking industry. I heard somebody at this conference asking the question, "When are printer makers going to start adopting it?"

Pretty much every printer, every network printer you can buy today from every network printer maker does Bonjour. But they don't say on the box because we're in the process of changing the name. So... I'm not saying that these products in these magazines were necessarily the best because they use Bonjour. It's not some magic fairy dust that you sprinkle on a bad product and it magically becomes good. But there is a definite correlation that the kind of developers who care about doing Bonjour are the kind of developers who get all the other details right as well. And it's not a slight difference. It's night and day. Jim Laudebach wrote a Ziff Davis article about network music players. He reviewed four of them. Three of them he gave up after two hours and couldn't get them to work. The fourth was the Roku. He plugged it in. It worked in 30 seconds. And you want to put the Bonjour logo on your packaging to let people know which of those groups your product falls in.

Last year, we previewed the Java API. And I'm pleased to tell you that that API was polished up and finished. It's in Tiger. It's in Bonjour for Windows. It also went into the 10.3.9 software update. So for those of you making Java apps, you don't need to require Tiger. So that's there from 10.3.9 and later for the Java programmers. And the other big new feature, which Kieran's going to tell you about, is Wide Area Bonjour.

Many of you will have noticed, I think, if you look in Safari, if you look in the bookmarks under Bonjour, you will see some pages showing up. WWDC attendee page, ADC developer connection. These are not showing up because they're running on a laptop somewhere in this room. They're showing up with wide area browsing. And that little thing is something that I'm very excited about because it was one of the motivations for starting Bonjour all those years ago. Making little devices without screens and keyboards work well, that was a big motivation. But one of the other motivations was being able to communicate with network users because with airports and hotels and conferences like this providing wireless network access, the big missing gap is how the people running the network communicate with the people using the network. You open the laptop, you join the network, you get a DHCP address. and then you can browse the web and send mail and go to Google. But information that's location specific is hard to get to you and that's why at all conferences like this we hand out little bits of paper. In the hotel lobby they have the sheet with the instructions how to set up your computer and how to print on the hotel printer and whatever services they offer. And now with Wide Area Bonjour in Tiger and in Windows, just by putting a few records in your DNS server, no new software, just add a few lines to the DNS server, you can advertise those pages, and they'll show up in Safari. If the hotel wants to offer printing service to its guests, they add a couple of lines, and printers show up in the print menu.

So you can now advertise services to your customers. Companies can advertise pages. So at Apple, we have a new employee page with all the information for new employees. Now, we had that website for a long time, but the only way you'd find it is if somebody told you. Now an employee just has to open their laptop, and they discover it on the network. So that's an exciting thing, and Kieran is going to show you how you can just add a few lines to your own DNS server to make that start happening. So now it's time for the demo. We will switch to demo one, please. OK.

So what I want to show you right now is how easy it is to Add Bonjour to Hardware Products, how easy it is to use in software applications in a variety of different languages. years. So I'm going to start off with this device. This is a network camera made by a company called Axis. And those of you who were at the developer conference when we first announced Rendezvous as it was then in Mac OS 10.2, will remember I showed some Axis cameras on stage, and we had a demo where the Mac software was real, but all the hardware was being simulated. And the point of the demo was to show how the world could be if these devices adopted Bonjour or Rendezvous as it was then. And the Axis guys saw that and thought, that's absolutely wonderful, so let's adopt that. and Axis is one of the companies that's been shipping Bonjour-enabled products for about a year, but most people don't know that unless you happen to notice it show up in Safari. Starting now, they'll be making a fuss about that in their marketing and putting the logo on the box. The other thing I love about this Axis camera is this does power over Ethernet, and that really addresses one of the last criticisms of IP-based networking. The advantage of USB and FireWire is you don't need a power brick because you get power on the cable. And power over ethernet was invented a few years ago by companies like Cisco to power their IP phones on the desktop and to power wireless base stations that you put into the ceiling space. And it was too expensive.

If you want to put wireless base stations down the corridor in your company, and you have to hire an electrician to crawl through the ceiling space and put the power outlets to power them, he's going to charge you about $100 an outlet. So Cisco said, okay, we'll charge you about $100 a port on the Ethernet hub. So a 24-port Ethernet switch would cost you $2,500. And that kind of put it out of reach as a practical technology for home consumers. I'm very excited that Netgear has started shipping a $100 hub. that provides power over Ethernet. And we plug this in.

and this runs Linux, so it's powered over the cable. And some of you may remember some of the products I've shown in previous years. This is the SCH Intercom print server. I think this was the first Bonjour-capable print server. You plug it in the parallel port, and you connect the Ethernet. And you'll see the power brick is about as big as the print server itself. This is the Site Player Telnet. Connects to the serial port so you can telnet over the ethernet to a serial device. Power brick bigger than the device. This is a beautiful little IO gear thing.

This is a print server. USB in this side, Ethernet out this side. Power brick. These things are all crying out for power over Ethernet. So for the hardware makers in the room, definitely I urge you to consider looking at power over Ethernet now the price is coming down. It can save all of this spaghetti wiring.

So you'll see the Axis camera showing up in Safari. I can double click it and it connects. So we discovered it, but viewing video in a web page is is kind of cumbersome modern video streaming is done using RTP and QuickTime can play RTP streams so I thought one to be much better if we could actually just discover the RTP streaming service this camera offers rather than just a generic web page so let's go to setup Now this runs Linux, so you can just get the Darwin code and compile the responder. Fortunately I didn't have to because Axis has already done that. What I did with this camera was I went in to the little scripting editor that they've got built in to the camera.

and in the configuration directory, this is their services file that describes the services on the camera. It was already advertising HTTP, and it was advertising Access Video. I added this section here to add RTSP, reboot the camera, and now when we look in QuickTime Player, And this is in QuickTime Player 7 on Panther and on Tiger. In the OpenURL panel, you pull down this menu, and it will discover Bonjour advertised RTP streams on the network. And you select it, and we have... we have network video. So that was a quick prototype. That was about half an hour's work. And... What I want to show you now is how we added that to QuickTime Player.

One of the tools here, if you've not seen Bonjour Browser, it's a great tool for developers. It will just browse the network and tell you what's there. Now, this can be hard on the network. You don't want to leave it running all the time. But this is a good way of just discovering the capabilities of a device. And here we see in the local domain, these are the services that we're finding on the network. You can also do this on the command line. Okay.

The DNS-SD command is really an internal testing tool, but we ship it with Tiger because it is such a useful testing tool, both in the development process and in troubleshooting networks. So I will do A-B, browse for HTTP TCP service. we can see that the camera is advertising HTTP. So this was the first thing we did.

When I wanted to confirm that I'd made the camera advertise RTSP, before I embarked on a big programming project on QuickTime Player, the first thing to do is browse on the command line. And there we've successfully confirmed that the camera is advertising. So the second step was I went to the QuickTime team and I asked for a copy of the sources for QuickTime. time, which I have on an encrypted disk image in case I lose my laptop. QuickTime player is just an Xcode project.

And if I build and run that, you'll see QuickTime Player as it was when I got it. It has the open URL menu up here. It has the menu of recent items, but that's all. So we thought this is a good place for us to add Bonjour browsing on. So let's go back to the source code here. We only had to change two files, and this was literally an afternoon's work. So first we will change the header file.

So the first thing I changed was we added two NSNetService browser objects. so we could browse for RTSP and QTTP. And the Bonjour service type QTTP semantically means QuickTime movie file served over HTTP. The reason it's not HTTP is because it doesn't make sense for QuickTime Player to discover every web page on the network. It specifically wants to discover movie files. The transport protocol happens to be HTTP, but that's an implementation detail.

So we added the two extra objects, and we added a new method to set the URL text field to simulate as if the user had typed something in, the software will now automate it. So that was all we had to change in the header file. I'm going to actually apply those changes. So I've changed that file. Now, the only other file we had to change was the open URL panel.

We added one header file for the struct SOC adder type. This is the implementation of the routine that takes in a host name and a port and a text record expressed as an NSDictionary, and from that, it extracts the path key, and it forms a URL, either a form RTSP colon slash slash or HTTP. of GDP.

If there's a username there, then it will put username:password@, If the port number is the default, we don't put it in just for cosmetic reasons. If the port number is different, then we have colon port number, slash, and then the path. So that builds a URL, and then we call set string value to put that string into the text field. - Looking a bit further on, I'll actually jump down here. When the window is opened, we make an NSNetService browser, and we browse for QTTP, and we make another one browsing for RTSP. And there you'll see the close routine that stops the operation when the window is closed. So let's apply some of these changes to the file. We will put the header file in. We'll put the initialization in. and we'll put the disposing at the end.

We now have-- so now that we've started the browse, in your code, you would need to implement a Cocoa method called didFindService, which is called when a new service is found on the network. And in this code here, you'll see we are making a menu item. We are checking if we need to add a separator item, if this is the first thing we're adding to the menu. And we are adding the item and enabling the button, if this is the first thing we're adding. We have a corresponding remove method if a service goes away. Because this is one of the things that's very important about Bonjour Browsing. Okay.

Services are live. You don't have a refresh button. When services come along, they get added to the list. When they go away, they disappear from the list, and it's always live. So the did remove service tells you it's gone away. we reverse what we did before. We remove it. And if there are no more things in the menu, then we disable the button. So let's apply that to our file.

When the user picks one of the things from the menu, we do a resolve with timeout to go from that named service to look up its host name, port number, and the other details. So we'll apply that. And then the last change is what we started looking at before.

which is when the resolution completes, the didResolveAddress is called. We extract the text record dictionary, the address, the port. Depending on whether it's a V6 or IPv4, we get the port number out of the struct SOC adder, and then we call this setTextFilledWithType method that I showed you earlier. And... This is the real source code for QuickTime Player. And you just saw me make the changes. So we will now go back to Xcode. We'll build and run that.

Okay, that's linking. It's running. And now we see in the menu it's discovered the camera. So it was literally that easy for us to add. Vonger Browsing is a QuickTime player. We took those diffs back to the QuickTime team, and they said, that's pretty cool, and now it's in the product.

We then showed that to the access people, and they said, that's pretty cool, and This is their new model of the camera, which is shipping sometime this month. It's not out yet, but very soon. And this now ships with Bonjour Advertising. So this now-- I have to wait for it to boot. This is booting up.

And they will be shipping this. There we go, access 207. so now and this has really really nice low-light performance for for a consumer level camera uh... this is amazingly good in a dim paint i can see you more clearly on the screen here tonight can standing in myself so So now we have a shipping product from Apple, which browses using Bonjour for RTSP. We have a shipping product from Access that browses with Bonjour. There's a company nearby called Wizchip that makes reference design boards. And they have all these little modules that you can add onto this for prototyping.

that little camera module, and they saw this and thought that was exciting, and in one afternoon, they got the sources from Darwin, they typed to make it, compiled, they added the services.txt file, they checked it into their CVS server. So now all of the products that license the WISH chip design are advertising with Bonjour, and because they're a group of people who use Linux, they were very excited about that, and they're adding Bonjour to VLC, Video Land Client for Linux. So now we've got multiple clients browsing. We've got multiple hardware products advertising services, and that's critical mass. At this point, every camera vendor, if they want to show up in QuickTime and VLC, will advertise with Bonjour. Anybody making software that can view cameras will want to browse for Bonjour because that's how you find cameras. And that is how you go from nothing to a de facto industry standard in the space of a couple of months instead of a few years. So with that, I'd like to ask Kieran to come up on stage. and tell you about what every bunch or can we go back to the podium machine place Thank you, Stuart. My name is Kiran Sikar, and for Tiger, I was working on extending Bonjour's functionality beyond the local network.

This morning, I'd like to take a few minutes and give an overview of exactly what Wide Area Bonjour is and how it's going to impact your products and the way we work with our machines. Then I want to dive in and take a look at some of the technology that goes into bringing out this new functionality and the steps we need to take to make the most out of this new technology. Then we're going to wrap up by doing some live demos, seeing how you can set this up on your own networks.

Wide Area Bonjour brings us two new pieces of key functionality. The first one's a dynamic DNS host name. Now, this is analogous to the.local name that we have in Local Area Bonjour. But unlike a.local name, this name is globally unique. That means that when I name my machine or device, that name refers to my machine and only my machine, no matter where you are on the Internet. Now, in addition to this name being unique, it's also persistent. That means that as I move about, say, from my office to my home to an internet cafe, or as my IP address changes for any reason, my name stays the same and stays up to date so that people can be able to reach me no matter where I am.

Now, of course, Bonjour is about more than just naming. It's also about being able to discover services on the Internet. With Wide Area Bonjour, we can advertise our services so that people outside of our local network can discover us, and we, in turn, can discover these services outside of the LAN.

But just as important as what's new with wide area Bonjour is what stayed the same. First of all, the protocol semantics are the same. We use the same DNS resource records to convey information about our services. But more importantly for all of you, the APIs are unchanged. These APIs were written from day one to scale from the local network to the wide area networks. And we figured you guys probably have enough of a transition to think about right now. So you likely won't have to change a single line of code to use wide area Bonjour in your applications.

Now, it's great that the protocol is the same. It's great that the APIs are the same. But these are really secondary to the user experience. By taking the Bonjour user experience from the local network that's made the technology and all of your products that leverage it so successful and easy to use and extending it, we complete the Bonjour experience, which is bringing zero configuration networking everywhere, from the local networks where it started, to manage networks with multiple subnets and even across the Internet. And in doing this, we bring reachability to everyone. You know, traditionally, to be reachable, you either had to be on a managed network or have a static IP address and know how to set that up.

With wide area Bonjour, you don't need those things. And by removing that restriction, we bring reachability within the grasp of a much wider audience. Now, even if you have been reachable in the past, chances are once you went mobile, your reachability went out the door. With Wide Area Bonjour, we have mobility and reachability with ease of use, bringing about new possibilities for mobile collaboration.

If you already use Bonjour in your application on the local network, wide area Bonjour makes your applications even more powerful, while still maintaining their ease of use. On the other hand, if you manage a network, you might have found yourself wishing that you had the Bonjour ease of use, but not being confined to a single subnet. With Wide Area Bonjour, you get just that. You end up with a network that's both easy for you to administer and flexible and easy for your users to interact with.

Now, if you have a hardware product, like the one that Stuart's just showed, and you already use Bonjour on the local network, you know how Bonjour makes your products easier to use, giving you more satisfied customers and even lowering your support cost. Wide area Bonjour can take that competitive advantage even further and might even bring about new types of devices that were previously impossible. Now, before this becomes a marketing talk, I want to take a look at some of the technology that goes behind this new functionality.

With Local Bonjour, we use multicast DNS to query for and advertise services on the local network. With Wide Area Bonjour, we use those same resource records, but instead of multicasting them on the local network, we communicate directly with a central server using unicast DNS. To discover services, we simply issue a query to the server and get a response. And to register our services, we use a kind of DNS known as dynamic DNS update. This is a standard part of DNS that, when enabled, allows a client to actually publish its resource records into the server so that they can be discovered by others. Now, these two things, unicast queries and dynamic update, provide the basis for wide area Bonjour. But we went ahead and actually extended the DNS protocol using DNS's native extension mechanism to further enhance the user experience.

Take dynamic updates. With a traditional dynamic update, we update the server, and that record stays in the server until we actively delete it. Now, that's fine for some applications, but consider a laptop. I plug in my laptop, register my name, register my services, and then unplug the ethernet cable and walk away. Well, those records are going to stay on the server indefinitely, giving people who discover them stale information. So we extended dynamic updates to contain a lease life, allowing the server to garbage collect these orphaned records and keeping people's browse lists up to date.

Likewise, on the discovery side, traditional DNS queries are one-shot queries. We ask a question and get an answer that represents what's on the server at that point in time. But with Bonjour, we want to do live browses, to learn as new services become available, and to find out when services that we previously discovered go away.

We don't want to have a refresh button, and we want something that's more scalable and more responsive than just polling the server every few minutes or every few hours. So we created a new kind of query called a long-lived query, where we ask the server for the set of answers and also to tell the server to continue to let us know with notifications as new services become available or as services that we've previously been told about disappear. It's a little-known fact that that notification mechanism is actually what drives.max syncing when you get live notifications as your sync data changes.

Now, unfortunately, I don't have time to go into the details of how those protocols are implemented today, but if you're curious, they're all open specifications, and they're documented on the developer web page. God bless you. Now, a few things need to happen on the client for a client to fully take advantage of all of those technologies.

First, we've got the discovery side. Now, discovery is a truly zero configuration experience. As Stuart pointed out, if you open up Safari on your laptop and click the rendezvous icon-- pardon me, the bonjour icon-- old habits are hard to break-- you will see wide area websites that are advertised in the apple.com domain. That's because we've set the network up here at Moscone to tell clients to browse in apple.com, and any services in apple.com's domain will be picked up automatically by your clients.

Now, we can also configure other domains. For example, if you wanted to continue browsing in apple.com after you leave the conference from your hotel room, per se, But we do get a truly zero configuration mobile experience as you move between, say, an airport that advertises local pages, perhaps describing some of the services or restaurants it offers, or a hotel that describes services containing some of the concessions and services that it offers.

The advertisement side is a little bit different. Because we're using a globally unique host name, we can't just make one up. You know, if I try to name my laptop Google.com, that's clearly not going to work. So we need a unique host name that's given to us by the person who's running our Bonjour server.

Additionally, for registration domains, we have one domain where we want to register. We don't want to just register wherever the network tells us as we move about, because the whole point is that you register in one well-known place, and as you move about between networks, other people still know where to find you.

And lastly, if you're using Wide Area Bonjour behind a firewall on a small network with a trusted group of people, you might be happy having a completely open name server where anyone can publish records into it. But if you're on a bigger network or you're using this on the open Internet, you clearly need some kind of security system so that not anyone can publish into your server. So we use DNSSEC for this. And if DNSSEC is being used on your wide area server, you'll need to add that to the client as well.

Now, keep in mind that once these things are set up, we do have a truly zero configuration experience. Names and services are registered automatically, automatically deregistered. They stay up to date as your location changes, and the browsers stay live. Now, if you've been exploring in Tiger, you might be wondering, where's the UI to set this up on the client? Well, the truth is we're still working on getting the UI up to Apple's specifications.

That being said, on the path to bringing Wide Area Bonjour to all of our users, we're actually in a great place. Most importantly, all of the mechanisms for Wide Area Bonjour are in Tiger and exposed in Tiger's APIs. In addition, we've got the Wide Area Discovery, which happens without any configuration at all, as you can see today on your laptops.

We've also got a fully featured UI test tool. Now, this is a test tool, and it favors flexibility over simplicity, and it might not be pretty, but it gets the job done. And I'm going to walk you through how to set it up today. And what I'd love to have happen is for all of you guys to download it, take it back to your networks, set up a Bonjour server, get your colleagues using this UI tool and getting used to the wide area Bonjour experience and really understanding the value that it adds to your products. That way, when we do integrate a UI into the system, you guys are ready to hit the ground running.

Now, if you really can't wait that long, you can actually embed pieces of the UI directly into the application. One of our Apple applications that does distributed video rendering did just this. Now, admittedly, this is a short-term solution, 'cause we don't want separate controls in every single application. But if you do have special needs, I urge you to go ahead and contact us, and we can work with you to do that in a way that's gonna be as maintainable as possible.

On the server side, the configuration is actually quite easy. We've got a web page up on dnssd.org. that gives step-by-step instructions on how you can set up a name server from scratch and configure it to be a wide-area Bonjour server. Now, if you've ever looked at-- if you've ever looked at DNS configuration files, they're kind of yucky, but this website is set up so that you can really just copy it and paste it and change just a few pieces, as I'm gonna show, and, uh, and you'll be ready to hit the ground running.

The two main pieces we need to set up are a zone file, which describes the namespace where we'll be registering and indicates its capabilities as a Bonjour domain, and a configuration file that tells the name server to accept dynamic updates and possibly configure some security credentials. Now, not all name servers right now support our DNS extensions for the long-lived queries and the update leases. So with Tiger, we ship a daemon that implements those two extensions and runs alongside your standard name server. And of course, this is available on Darwin to use with other name servers as well.

So now that we've got the server set up and the client configured, what do applications need to do to use Wide Area Bonjour? For most of you, nothing. From day one, we suggested that when you use our APIs, when you have to specify a domain parameter for either registration or browsing, you don't specify a particular domain and instead pass the empty string, allowing the system to choose domains on your behalf. Now, up until now, that's just been the local domain. But with Wide Area Bonjour, the system can register and browse in the local network as well as whatever wide area domains are appropriate for that environment.

Now, the one area of this that could use a little polish is that you're discovering services from potentially a variety of domains, and they're being displayed in one flat list. And that gets the job done, and it's a great way for unmodified applications to benefit from this technology. But you might run into cases where, for example, you see one service on the local network and another service on a wide area domain, and they have the same name, and they show up next to each other in the list, and the user doesn't know which is which until the user actually selects the service.

If you want to refine this experience, you can do what we call multi-domain browsing. And the finder does this today in Tiger. To do this, you need to use our domain enumeration APIs, which have been part of the API from day one. These return a list of domains, which you can then display in a hierarchy. You then only need to browse when the user actually selects an individual domain, and then you then show the results just for that domain.

Now that we've covered the basics of clients, servers, and how the applications interact with them, I want to turn over to some demos and look at setting up a server with some static services as well as configuring secure dynamic update. And as well, I'd like to look at how we can use our preference pane, which is the test tool to configure the client, to interact with that server. So if we could switch over to the demo machine, please.

So this is the web page which describes how to set up a server. It's not too long, and most of it is actually description. And unfortunately, we're running a bit short on time, so I don't have time to go through it step by step. But I will go ahead and set it up anyway, and what I'd like you to take away from this is how easy it is and how it's mostly a matter of copying and pasting and changing just a few things. Here we've got our configuration file. Now this configuration file is just copied and pasted from the setup page. Make this a little bigger for you.

So let's just go ahead and look at the changes I had to make to use this with my server. This is the copy that the name server will actually read its configuration from. And this is the sample. The first change we had to make here is the forwarders.

That's better. So when a machine's running as a wide area Bonjour server, it answers queries for records within its name space. Right now I'm setting up a server for the domain bonjour.kiren.com. Now, if this server gets a query for something else, say www.amazon.com, it needs to know the address of another to send that off to. So I go ahead and add my normal DNS server here. And the web page even shows you how you can find the address of your server on your OS X system.

After that, it's really a matter of searching and replacing bonjour.example.com with bonjour.kiren.com. The last thing we do is this is the shared secret for secure dynamic updates. Clients need to have this secret and use it to sign their updates in order for my secure server to accept them. The web page shows how with a single Unix command, we can generate a random secret, and we then just go ahead and copy and paste that in here.

Now, that takes care of the configuration file. Now let's look at the zone file. The zone file describes the zone. It gives information like the time to live and also has the resource records within that zone. Now, if you're curious about DNS and how this all works, I encourage you to either read online or buy one of the DNS books, such as the Cricut book, which are very good and very detailed. But if you just want to get this up and working, again, what you need to do is just copy and paste the boilerplate from the web page and change a few pieces where indicated. So here's my finished zone file. And here's the example that was copied and pasted.

And here we only have two differences. First, we need the address of the machine itself that's running as the name server. Here we have wab for wideareabonjour.example.com. And I change that over to myserver.bonjour.curing.com. This is typically the name that's already been assigned to your machine that's acting as a server. And again, we make that change in one more place.

And that pretty much takes care of it. The one thing that I would like to add are some static service records. Now, these are not for dynamic Bonjour registrations, such as cameras or services advertised by a laptop. But these are things like the web pages that you're discovering in Safari that are in a fixed place that we want our clients to discover. So I have a few examples here that I'm just going to copy and paste into the zone file.

Here, we're advertising a printer. Again, don't worry too much about the details, because this is documented on the web page. But the service type is printer.tcp, and it's pointing to our WWDC public printer. Now, notice here that the name of the printer that we're pointing to isn't even in my domain, bonjour.kieran.com. Nonetheless, I'm still able to advertise it so that people on my network or who are browsing in my domain can discover it and connect to it.

We have a second one here for our speaker printer. And we've got an example web page. This is the same type of record as we have on the apple.com server that allows you guys to discover these Bonjour services. in case you haven't seen, they're right here. And if you open up your Bonjour Bookmark Bar and Safari, you'll see them yourself. So now we have our files all set. I'll make sure I've saved it.

All that's left is to run the name server and... our daemon that implements the DNS extensions. The name server doesn't even take any arguments. Just run it, and we're good. The daemon takes a couple arguments. The first one is the name of the zone. And then because we're using authentication, we use -k, indicating that we need a secure key, followed by the name of the key, which here is the same as the name of the zone, and the shared secret. Launch those.

And just to make sure we didn't have any typos, we'll check the system log. And the errors that you saw there are actually benign, and those are listed on the web page as well. Now let's see if this stuff is working. Here we've got the Bonjour preference pane. We see three tabs-- Host Name, Registration, and Browsing.

The host name is our unique host name that identifies our machine, that points to an address that can change as we move about. And since I myself am the administrator of this zone, I can pick my host name and know it's unique. So I'll name this machine Demo.Demo. Bonjour.kiren.kiren.com as well as the shared secret, which I can just copy and paste from my configuration file if I can find it.

We click "Apply." See that the light turns green? That means that our name was successfully registered. This name can now be used for anything that you'd use a host name for. You can ping it, you can use it in finders, connect to server. And that right there gives us a lot in terms of reachability. But as I mentioned, Bonetour is about more than just naming. We want to be able to register and discover services as well. So in the registration tab, I click the checkbox and enter my zone.

And again, enter my DNSSEC authentication and click Apply. Now, let's see if this is working. Here we're just doing our standard browse. The Safari, like many of your applications, does these empty string browses where the system picks domains for it. Now let's see if I can advertise a web page with "White Area Bonjour" and have it be discovered. Click "Personal Web Sharing." It takes a few seconds for Apache to fire up.

And there we have it. I double click on it. Oh, it decided to use my dot local. Because we're using the same machine as both the client and server, we ended up using my.local name. But just to show you that I'm not using smoke and mirrors, That's what I get for tempting fate. Well, let's try to print this page.

Here you can see we discovered the printer with the wide area registration. And now all of these services that use Bonjour will register and browse in wide area. So we're actually running short on time, and I don't want to take up all of our Q&A time. So let's go back to the slides just to wrap up here.

So for some more information, go to the Developer page. We've got documentation. We've got specs. We've got links to the dns-sd.org page, where you can find information to set up the clients and the server, as I just showed. And we've got a few other sessions that are directly related to Bonjour. Later this afternoon, we've got a lab where you can work with the Bonjour team on integrating Bonjour into your products.

We've got the Cocoa session, which covers a variety of networking topics, including Bonjour. And along with the beer bash at Apple Campus, we've got the Apple Developer Connection Plugfest, which is a great opportunity for you to bring your products in, show them to us as well as the other developers, and to work with the Bonjour team on those products. And for more information, you can contact Craig Keithley, who's our I.O. evangelist and also does evangelism for Bonjour. Sure. He's also moderating our Q&A, so if I could have Craig come up as well as the rest of the Bonjour team.