Printers - Printopia Pro

!
!
!
!
!
!
!
Printopia® Pro
!
!
Version 1.0.3
ADMINISTRATION
GUIDE
Revision 2 • December 4, 2013
www.printopiapro.com
Legal
Copyright © 2013 Ecamm Network, LLC.
!
Printopia is a registered trademark of Ecamm Network, LLC.
Mac, iPhone, iPad, iPod Touch, iOS, OS X, and AirPrint are trademarks of Apple Inc.
!
Ecamm Network, LLC is not responsible for any loss or damage to you or your property,
including your computer, arising from the use of our software. Any use of this software is at
your own discretion and risk and you will be solely responsible for any damage to your
computer system or loss of data that may result from its use. You agree to defend, indemnify
and hold harmless Ecamm Network, LLC and its employees, from and against all claims and
expenses, including attorney fees, arising out of this software. YOUR USE OF THIS
SOFTWARE IS AT YOUR OWN RISK. THIS SOFTWARE IS PROVIDED ON AN "AS IS" AND "AS
AVAILABLE" BASIS.
!
Revisions
This document is updated frequently. For the latest version of this document, visit
www.printopiapro.com/support.html
!
!
!
!
!
!
Printopia Pro Administrator’s Guide
2
Table of Contents
Introduction .............................................................................................7
What is AirPrint™? .................................................................................................7
The Problem ...........................................................................................................7
The Solution ...........................................................................................................8
Installation ................................................................................................9
System Requirements ...........................................................................................9
Machine Considerations.......................................................................................9
Software Components ..........................................................................................9
Network Considerations .....................................................................................10
Firewall .................................................................................................................10
Licensing ..............................................................................................................11
Installation ............................................................................................................11
Removal ...............................................................................................................11
Administration .......................................................................................12
Adding Remote Servers .....................................................................................12
Server Login .........................................................................................................13
Printers and Groups ............................................................................................14
Software Updates ................................................................................................14
Licensing and Upgrades ....................................................................................15
Groups....................................................................................................17
Access Control ....................................................................................................17
Printopia Pro Administrator’s Guide
3
Network Interfaces ..............................................................................................17
Wide-Area Domains ...........................................................................................17
Printers ...................................................................................................18
Adding Printers ...................................................................................................18
Driver Selection ...................................................................................................18
Printer Settings ....................................................................................................19
Printer Authorization ...........................................................................................20
Compatibility .......................................................................................................21
Advanced Settings ................................................................................22
General Panel ......................................................................................................22
Custom Network Port ....................................................................................22
Service Prefix and Suffix ................................................................................23
Service Name Restrictions ............................................................................23
Allow Sleep ....................................................................................................23
IPv4-Only Mode .............................................................................................24
Restore Defaults ............................................................................................24
Wide-Area Printing Panel ...................................................................................24
Web Folders ..........................................................................................25
Adding Web Folders ..........................................................................................25
Viewing Web Folder Contents ...........................................................................25
Web Folder Authorization ..................................................................................26
Deleting Items from Web Folders .....................................................................26
Network Interfaces ................................................................................27
Printopia Pro Administrator’s Guide
4
Interface Selection ..............................................................................................27
Adding Virtual Interfaces ....................................................................................28
Adding Physical Interfaces .................................................................................29
Wide Area Printing ................................................................................30
How it Works ........................................................................................................30
Configuration.......................................................................................................31
Choose your Domains ........................................................................................32
Enable Wide-Area Printing.................................................................................32
Disable Multicast (optional) ...............................................................................33
Name Server Configuration ...............................................................................34
Windows DNS (Server 2012) .......................................................................34
Windows DNS (Server 2003 and 2008) ......................................................35
BIND named (Linux / BSD / Mac OSX) ........................................................38
Automatic Client Configuration.........................................................................39
Option 1: Single Subdomain (for a small number of printers).................39
Option 2: Multiple Subdomains (for a large number of printers) ............39
Troubleshooting ............................................................................................41
Manual Client Configuration .............................................................................41
iOS Clients .....................................................................................................42
OSX Clients ....................................................................................................42
Troubleshooting ..................................................................................................43
Useful Tools ....................................................................................................43
General Troubleshooting .....................................................................45
Printopia Pro Administrator’s Guide
5
Things to Know ....................................................................................................45
Printopia Pro Administrator’s Guide
6
Introduction
Printopia Pro is print server software that allows you to make any printer available to iOS
devices on your network for printing. In short, Printopia Pro makes any printer AirPrint
compatible.
!
Printopia Pro also adds several enterprise features to AirPrint, including centralized
management, monitoring, access control, directory integration, and support for large
networks.
!
What is AirPrint™?
AirPrint is the wireless printing technology built into Apple’s iPad, iPhone iPod touch and
Macs, that enables printing to compatible printers directly, without the need for any
additional software or configuration. Over 500 printers on the market today support AirPrint
natively, and most iOS apps that support printing do so using AirPrint.
!
The Problem
Before AirPrint, every printer required vendor supplied drivers to be installed on the host
computer. In fact, new Macs still ship with several gigabytes of drivers for the most common
printers on the market, to simplify the user experience when adding a printer. When the
iPhone and iPad were released, Apple had to solve a complex problem. They'd have to
convince printer manufacturers to port hundreds of complex drivers over to the iOS platform,
requiring an enormous effort. Even if vendors agreed, users would then have to download
and install these drivers on their devices, a cumbersome, storage-intensive process.
!
AirPrint leverages the increased processing power available in modern printers, and
effectively moves the driver from the host computer to the printer itself. This greatly simplifies
things for the end user. AirPrint also presents a uniform, simplified user interface for printing,
drastically reducing the number of choices available. While mostly beneficial, some printing
features that would normally be available aren’t accessible through AirPrint.
!
AirPrint is evolving, but presently supports only basic printing features. Most printers support
several options that are not normally available through AirPrint, and are only accessible when
using the manufacturer’s native driver. In fact, when adding an AirPrint-compatible printer to a
Mac, users have a choice between using AirPrint or using the native print driver. While AirPrint
offers instant setup and ease of use, the manufacturer's driver enables the full set of features
the printer offers. Printopia Pro bridges this gap by allowing you to configure all of your
printer options, and then use this stored configuration when printing to that printer using
AirPrint.
!
Printopia Pro Administrator’s Guide
7
In its current form, AirPrint excels in home or small office environments. However, Bonjour
(also known as mDNS), the discovery protocol used to locate printers, only operates over a
single network segment, making it difficult to deploy in larger environments with a
segmented network architecture. AirPrint also lacks centralized access control and directory
integration.
!
Finally, only new printers support AirPrint natively.
!
The Solution
Printopia Pro addresses these shortcomings, allowing you to use AirPrint in a large enterprise
or education environment. Printopia Pro does the following:
!
• Enables AirPrint printing for any existing printers that lack native support, allowing you
to keep your existing printers.
• Enables printer features not normally available through AirPrint.
• Provides centralized access controls, to control who can print.
!
!
!
!
• Works across subnets, allowing you to enable AirPrint on your network without
restructuring it to pass Bonjour multicast traffic between network segments.
Printopia Pro Administrator’s Guide
8
Installation
System Requirements
!
• An Apple Mac computer running OS X 10.7 or later, to act as a print server running the
Printopia Pro software. If you don’t already have a Mac on your network, a Mac mini is an
excellent server machine and can support a very large number of printers and clients
simultaneously.
• iPhone, iPad, or iPod touch device running iOS 4.2 or later, or a Mac running OS X 10.7
or later, to be able to print to printers shared using Printopia Pro.
Machine Considerations
Printopia should be installed on a Mac that is powered on at all times. The machine does not
require a display and keyboard be attached, and Printopia is easily administered remotely. A
wired ethernet connection to your network instead of wireless is recommended for best
performance. The Mac may be used for other things, and Printopia Pro does not require a
user be logged in.
!
If you have a large number of users, we recommend a dedicated machine. A Mac mini is
perfect for this, as it can be stowed away in a computer room or networking closet and
administered remotely.
!
NOTE
Printopia does not require OS X's built-in "Printer Sharing" to be enabled in order to
operate. It will not interfere with Printopia, but we recommend that it be disabled if
not being used.
Software Components
Printopia Pro is made up of two components. The first is a “server” process, that runs
continuously in the background and handles print requests from clients. The second is the
Printopia Pro application, the administration utility that gets installed into your Applications
folder when Printopia Pro is installed. The admin app is used to configure Printopia Pro, and
may be copied to another Mac in order to remotely administer the server from this other
machine.
!
Printopia Pro Administrator’s Guide
9
Network Considerations
AirPrint uses the “Bonjour” protocol to discover available network services, and there are two
operating modes for Bonjour. Before you get started, you will need to determine whether
your network supports “standard” Bonjour, which uses multicast, and is limited to a single
Layer-2 network segment. Printopia Pro supports multicast Bonjour on multiple independent
networks via physical network interfaces or VLANs, as long as all nodes on each network are
on the same Layer-2 segment.
!
Many larger networks use a Layer-3 switch to route traffic between networks. Multicast
Bonjour will not travel between networks in this case. To enable Bonjour across subnets even
when a Layer-3 switch is involved, Printopia Pro also supports Bonjour’s unicast mode of
operation. Our implementation of this is called “Wide Area Printing”, and is a unique
implementation that works with all of the most commonly deployed name servers, including
BIND and Windows DNS. For details, see the section on “Wide Area Printing”.
!
Firewall
Printopia Pro requires the following ports be open on the Mac it's running on:
!
!
Port
Protocol
Description
10631 (default)
TCP
This is the IANA-reserved port for Printopia. All printing services, web
services, and administration takes place on this port. The port may be
changed in Printopia Pro’s Advanced Settings.
5353
UDP
Multicast Bonjour (mDNS)
53
UDP, TCP
Unicast/Wide-Area Bonjour (DNS-SD)
DNS-SD may not work reliably if both the TCP and UDP ports are not
both accepting traffic.
In addition to the above, the standard ICMP types 0,3,4,8,11 and 12 must not be blocked.
If you’re using Multicast Bonjour (mDNS), you’ll need to make sure traffic is allowed to pass
through your network for the following addresses:
!
Address
Description
224.0.0.251
mDNS IPv4 Broadcast Address
ff02::fb
mDNS IPv6 Broadcast Address
!
IGMP (IPv4) and MLD (IPv6) must also be properly configured to pass Bonjour packets.
!
Printopia Pro Administrator’s Guide
10
Licensing
The license key file provided upon purchasing will be required in order to install Printopia Pro.
This file will enable the specific features you’ve purchased.
!
Installation
Use the provided "Install Printopia" application to install Printopia Pro on the machine you've
chosen to use as the Printopia server. A valid license is required to complete the installation
process.
!
Once the installation is finished, the installer will launch the "Printopia Pro" application.
!
Removal
To remove Printopia, run the "Install Printopia" application and choose the "Remove
Printopia" option. If you no longer have the installer, download it again from: http://
www.printopiapro.com.
!
Printopia Pro Administrator’s Guide
11
Administration
The "Printopia Pro" application allows you to configure Printopia Pro from any Mac. If you’re
running Printopia Pro on a “headless” Mac mini, for example, the application can be copied to
any other machine allowing Printopia Pro to be securely administered over the network.
Within the application, the left-hand side of the window lists the Printopia Pro servers you’ve
connected to in the past:
You may administer as many Printopia Servers as you’d like. If your Printopia server is running
locally on your Mac, it will be listed in the "THIS MAC" section. Any remote servers will be
listed in the "REMOTE" section. Remote servers must be added explicitly using the “+” button,
described below.
!
Adding Remote Servers
To add a remote server, click the "+" button in the bottom left-hand corner of the application:
Printopia Pro Administrator’s Guide
12
A menu will appear, listing any servers detected on your network. The “Add Server...” option
allows you to add a server by it’s IP address or host name if it is not automatically discovered,
as may be the case if it’s being administered through a VPN connection.
!
Server Login
Once you’ve added a remote server, you’ll need to login. Enter the username and password
for a user that has administrator privileges on the remote machine:
!
If you select the “Remember this password in my keychain” option, you will not be asked to
log in again.
!
Printopia Pro Administrator’s Guide
13
Printers and Groups
The “Printers” tab displays the list of printers configured on this server. When first installed, all
printers will be placed within the default “Shared Printers” group.
!
Groups allow you to organize your printers. Access control and certain other attributes are
assigned at the group level, making it easier to work with a large number of printers.
Software Updates
When a new version of Printopia Pro is available, you will be prompted automatically. You may
check for updates manually at any time using the “Check for Updates...” menu item. When an
update is available, you’ll see this:
!
Printopia Pro Administrator’s Guide
14
The software update process occurs in two steps, primarily because Printopia Pro is designed
to be administered remotely as easily as it can be administered locally.
!
After updating the admin application, you will then need to update the server. You will be
prompted to do so automatically if you are on the same machine the server is running on,
otherwise you’ll need to choose “Update Server...” from the “Server” menu:
!
!
The server process will then download and install the update.
!
Licensing and Upgrades
To view the server license, you may choose “Server License...” from the “Server” menu:
!
Printopia Pro Administrator’s Guide
15
!
This will display a panel along with the details of the currently installed license:
!
!
If you would like to modify or upgrade the license for this server, you may choose “Change
License...” and select the new license file you’d like to use. Or, you may simply double click
the license file and you will be prompted to choose which server you’d like to install the
license on.
Printopia Pro Administrator’s Guide
16
Groups
Printer access control and network settings are applied using printer Groups. Add groups
using the + button at the bottom of the printer list. Move a printer between groups by
dragging it to the group’s heading in the printer list. Settings defined at the group level apply
to all of the printers within that group.
!
Access Control
Control who is able to print to the printer group using the Access Control panel. Select users
from your Mac's directory service list, or create new username and password combinations:
!
!
The access controls apply to all printers within the group with one exception. Some printers
define their own access control policy, typically when the printer is hosted on another print
server. To handle this situation, Printopia supports "passthrough" authentication. When passthrough access is enabled, the printer's own authorization takes precedence over that
defined here in the group settings. For more detail, see the Printers section.
!
Network Interfaces
Choose which network interfaces will publish the printer group using multicast. See the
Network Interfaces section of this guide for details.
!
Wide-Area Domains
Choose which “Wide Area Printing” domains will see this printer group. See the Wide-Area
Printing section of this guide for more on this feature. This option will show up if supported
by the the current license, and only when Wide-Area Printing is enabled in Printopia Pro’s
Advanced Settings.
Printopia Pro Administrator’s Guide
17
Printers
Adding Printers
By default, Printopia will share all of the Mac's print queues. To add additional printers, click
the "+" button below the printer list in the "Printers" tab. This launches the standard Add
Printer window used by OS X to add print queues. (This is the same window used to add
printers in the "Print & Scan" section of System Preferences.)
!
Printopia will work with network print servers, however for best results we recommend adding
the printers directly when possible. Adding the printer directly simplifies the configuration
and can increase throughput.
!
NOTE
The Add Printer window will list all printers on your network- including those being
published by Printopia, and those already added to your Mac. You may choose to
use Advanced Settings to add a sharing prefix to the printer names Printopia shares.
This will help disambiguate which names in this list are Printopia printers.
Driver Selection
If your printer supports AirPrint, you have two options when adding the printer. You may use
the AirPrint driver, or the manufacturer-supplied driver. To be able to use and configure all of
your printers features, it is important to select the manufacturer-supplied driver. Make sure
not to choose "AirPrint", the default option, as shown below:
!
Printopia Pro Administrator’s Guide
18
Printer Settings
Printopia allows you to configure the full range of vendor-specific printer settings that would
otherwise be inaccessible when using AirPrint. To access a printer's settings, double-click on
the printer in the printer list:
Printopia Pro Administrator’s Guide
19
!
!
NOTE
The vendor-supplied printer settings panel is only accessible when administering
Printopia locally. When administering Printopia remotely, you'll be prompted to
connect using Screen Sharing to access these settings. If the server has screen
sharing enabled (either the Remote Management or Screen Sharing box have been
checked under the “Sharing” tab in System Preferences), a "Share Screen..." button
will appear. This will allow you to control the remote machine. This is the only setting
that cannot be used remotely, because it requires the printer driver software that is
only present on the remote machine.
Printer Authorization
If a printer provides its own access control policy (typically, if the printer is hosted on a remote
print server), then a padlock appears to the right of the printer name, and an additional
"Authorization" panel will be available:
!
Printopia Pro Administrator’s Guide
20
!
The "Pass Through" option directs Printopia to request a username and password from the
iOS device and pass it to the printer for authentication. However, in some cases it may be
convenient to store the printer's username and password within Printopia, so that the printer
may be either shared without a password, or shared with the username/password defined
within the printer's Group settings.
!
If you choose to store the printer's credentials within Printopia, the username and password
will be stored securely within the System Keychain and used to authenticate jobs sent to that
printer.
!
Compatibility
Printopia works with any printer that's compatible with the Mac it's running on. This includes
USB and networked printers.
!
!
!
Printopia Pro Administrator’s Guide
21
Advanced Settings
The Advanced Settings panel can be found in the “Server” menu. These settings apply to the
currently selected server.
!
!
!
General Panel
The “General” panel allows you to configure how printers are published on the network.
!
!
Custom Network Port
Use this setting to change Printopia's network port. The default port, 10631, is IANA-assigned
to Printopia. The custom port may be between 1024 and 65535. Note that Printopia coexists
with CUPS, the printing system on the Mac, which is why its services don't use the standard
IPP port 631.
!
Printopia Pro Administrator’s Guide
22
Service Prefix and Suffix
The service prefix and suffix options are provided so you may control how printer names
appear on the network, and in turn, how they appear to client devices. Since some printers
being shared by Printopia Pro may already be network-enabled, the sharing name Printopia
Pro uses needs to be unique to avoid a conflict.
!
For example, you may want to prefix printer names with the word "AirPrint" to help
distinguish between AirPrint and non-AirPrint printers for clients other than iOS devices.
(Other Mac, Unix, or Windows clients will see all IPP and AirPrint-IPP services as equals. This
can create confusion.)
!
By default, Printopia adds the "@ Printopia Pro" suffix to the end of published printer names.
While this suffix is part of the published service name, it is not displayed on iOS devices, but
will be visible to other Mac, Windows, or Unix clients. If you’d like to publish printers using the
more conventional “Printer @ Computer Name” format, you may set this string to “@ {host}” to
have the computer name added in automatically.
!
Service Name Restrictions
The maximum length of a published printer name on a network is 63 bytes. If conflicts are
occurring on your network, take a look at the prefix and suffix length to ensure that printer
names do not exceed this length limit.
!
Allow Sleep
When enabled, Printopia will allow the machine to sleep as long as it is configured to wake
automatically when a client needs to print. This feature has several dependencies as
described below. When disabled, Printopia will keep the machine awake at all times. We've
provided this option to allow you to conserve energy in an environment where printing
services aren't used often.
!
NOTE
In order for Allow Sleep to work, “Wake for network access” must be enabled in
Energy Saver preferences, and you must have a Bonjour Sleep Proxy running on
your network. Apple TV, Time Capsule, and AirPort Extreme devices provide sleep
proxy services. This feature is unavailable if you are using the “Wide Area Printing”
feature.
Printopia Pro Administrator’s Guide
23
IPv4-Only Mode
This option is enabled by default. When enabled, Printopia will only publish IPv4 addresses
for the services it shares over the network. We’ve provided this feature to prevent problems
that arise when a network provides incomplete support for IPv6 and its associated multicast
control protocols.
!
Restore Defaults
This button restores all server settings to the default state. This will remove any printer
customizations and remove all groups and network settings. Use of this option is analogous
to a "factory reset" on a network device.
!
Wide-Area Printing Panel
This panel allows you to enable and configure the wide-area printing feature, which allows
AirPrint to work across multiple subnets using DNS-SD, the unicast variant of Bonjour. See the
section on Wide Area Printing for more information.
!
Printopia Pro Administrator’s Guide
24
Web Folders
Web Folders are virtual printers. They show up just like printers on all AirPrint client devices.
Print jobs are saved to the Printopia Pro server as PDF files or image files. These files can then
be viewed, downloaded and managed using a web browser.
!
Adding Web Folders
Add Web Folders by clicking the "+" button below the printer list in the "Printers" tab and
choosing "Add Web Folder...". Enter a name for the web folder and press OK.
!
Viewing Web Folder Contents
To access a Web Folder's content in your web browser, you must first determine the web
folder’s URL. To do this, select the web folder in the "Printers" tab, and then click the "Show
Web Page" button in the details pane:
!
Each Web Folder has its own web page with a URL based on its name. The URL will change if
the Web Folder's name changes. Note that this web page is not on the public internet. It is
being served by the Printopia Pro server on Printopia'a network port, and is only available to
the local network.
!
The URL will be of the form “http://servername.local:10631/web/foldername”. The “:10631”
portion is required, as web folders use the Printopia network port of 10631 (by default,
configurable in the settings), instead of the default port 80:
Printopia Pro Administrator’s Guide
25
If you have Wide Area Printing enabled, you may also access the web folders at one of the
wide area domains configured for the printer. For example, if your web folder is shared to
“airprint.mydomain.com”, you may also access it using the URL “http://
airprint.mydomain.com:10631/web/foldername”.
Web Folder Authorization
!
Permission to print to web folders is controlled by the owning group. Access to the Web
Folder’s web page is controlled independently. By default, a Web Folder's web page is open
to all visitors. To add access control, double-click the Web Folder in the printer list to access
its settings. Add users using the "+" button and then press OK.
!
Once authorization is turned on, SSL will be required to access the web content. A self-signed
certificate will by used by default. You may wish to access Web Folder content using a domain
name and an SSL certificate signed by a certificate authority to avoid a warning message from
the web browser.
!
Deleting Items from Web Folders
To delete items from a Web Folder, use the checkbox beside the desired items. Then click the
"Delete Selected" button.
!
!
Printopia Pro Administrator’s Guide
26
Network Interfaces
Printopia Pro allows you to control which network interfaces are used to share printers with
mDNS (multicast) Bonjour, allowing you to control which printers are visible to specific
subnets. This includes virtual interfaces that make use of IEEE 802.1q VLAN tagging, allowing
you to serve multiple VLANs using a single physical Ethernet cable.
!
Many configurations are possible with this feature, including:
• Bridge wired and wireless networks that exist on different network segments.
• Serve multiple departments, each on their own network segment, using a single server.
• Isolate printers on their own VLAN, so that all printer access is controlled by Printopia.
!
NOTE
Since Bonjour (mDNS) uses multicast UDP packets, the networks served must all be
flat, Layer-2 networks. Multicast mDNS packets have a TTL of zero, so they will not be
routed even if Layer-3 switch is configured to route Bonjour packets between
subnets. For AirPrint support across multiple network segments, see the section on
Wide-Area Printing.
Interface Selection
Printopia will share printers to all available network interfaces by default. To change this, open
the settings panel for a printer group and navigate to the "Network Interfaces" panel:
!
Printopia Pro Administrator’s Guide
27
!
In the example above, printers in the “Shared Printers” group will be shared to the
"Engineering" network only, on interface en0.100 (meaning VLAN tag 100, with parent
interface en0).
!
Once configured, the printers will be discoverable using Bonjour on the selected networks
only. The printers themselves may be on any network, as long as that network is accessible
from the machine running Printopia Pro.
!
Wireless Interface
While supported, we do not recommend using the Mac's Wifi interface for printer sharing.
We strongly recommend connecting to your wireless network using an Ethernet port. If you
do choose to connect via Wifi, keep in mind the impact multicast traffic has on a wireless
network. Also, many wireless access points filter traffic and may prevent communication
between individual wireless clients without additional configuration.
!
Adding Virtual Interfaces
Macs support VLAN tagging over the built-in Ethernet network interface. To add additional
VLAN interfaces, open System Preferences, click the Network icon, and click the button with
the “gear” icon below the list of network interfaces. Choose "Manage Virtual Interfaces...".
Here, you'll see a list of current virtual interfaces. To define a new VLAN, click the "+" button,
and choose "New VLAN...". Select the tag for the new interface, the parent interface, and the
interface will be created:
!
!
Depending on your network architecture, you'll either receive a DHCP address automatically
on the new interface, or you'll need to assign one manually. Once completed, the interface
will be available to Printopia Pro for sharing.
NOTE
Use of VLANs requires your network also be configured to pass the desired VLANs
to/from the Mac server, and may require your network administrator to make
changes to your network.
Printopia Pro Administrator’s Guide
28
!
Adding Physical Interfaces
Macs support additional network interfaces by adding USB or Thunderbolt Ethernet adapters.
!
If you choose to make use of additional physical network interfaces instead of VLANs, be
mindful of the bandwidth limitations imposed by USB and the additional packet processing
overhead.
!
NOTE
We recommend only using network adapters that are compatible with the drivers
Apple ships with OSX. These include the following Ethernet adapters we’ve tested
for reliable operation:
!
• Cisco-Linksys USB300M 10/100 USB Ethernet Adapter (AX88772A chipset)
• Apple 10/100/1000 Thunderbolt Ethernet Adapter
!
!
Printopia Pro Administrator’s Guide
29
Wide Area Printing
Wide Area Printing allows you to make printing services available to iOS and Mac devices
anywhere on your network, even if your network is structured in a way that prevents the
normal “multicast” mode of Bonjour from working properly. Wide Area Printing allows
Bonjour to work across subnets or through VPN tunnels, allowing devices on your network to
be able to automatically discover and use printers from anywhere, as if they were on the same
network segment.
!
Wide-Area Printing requires minimal configuration on both the client and server end, and has
the following benefits:
• Reduced multicast traffic, and its associated impact on wireless networks
• Enables the use of AirPrint across layer-3 routed network segments
• Enables the use of AirPrint over a VPN connection
• Enables the use of AirPrint over the open internet
!
How it Works
Wide Area Printing leverages the DNS-SD protocol, a second mode of operation built into the
Bonjour software embedded in all Apple devices that uses the standard “unicast” name
resolution mechanism instead of multicast. Unicast name resolution packets aren’t limited to
the same network segment as multicast packets are.
!
Apple calls the DNS-SD protocol “Wide Area Bonjour”, though our unique implementation
differs slightly in order to make it easier to integrate with the name servers commonly found
in large corporate networks. While conventional “Wide Area Bonjour” relies on your
organization’s name server being configured to accept dynamic updates from clients, our
approach instead has you forward specific subdomains to the Printopia Pro server for
resolution. This approach works with a wider range of name servers and avoids the need to
enable dynamic updates on your servers.
!
For more information on the DNS-SD protocol, it is described in detail in RFC 6763: DNSBased Service Discovery.
!
Our implementation is illustrated below. For illustration, say our company’s root domain is
“mycompany.com”. We’d create a new subdomain to use for printing services,
"airprint.mydomain.com.". Requests for this subdomain would be delegated (or forwarded)
to the Printopia Pro DNS server:
Printopia Pro Administrator’s Guide
30
Name Server(s)
10.0.0.5
mydomain.com
Printopia Pro Server
10.0.0.10
airprint.mydomain.com
Client Devices
DNS Server: 10.0.0.5
Search Domains: airprint.mydomain.com,
mydomain.com
Once configured, client devices will automatically discover printers under the
“airprint.mydomain.com” domain, just as they’re able to automatically discover printers and
other services in Bonjour’s multicast “.local” domain.
!
Configuration
Initial configuration of Wide Area Printing consists of the following steps:
!
1. Define the domain(s) you will need based on the how your printers should be grouped
logically. A small company may only need a single subdomain for all of their printers,
while a larger company may want one subdomain for each building, so that clients in each
building only see the printers within that same building.
2. Enable Wide Area Printing in Printopia Pro and share your printers to the domains you’ve
created.
3. Configure your DNS server(s) to forward or delegate, depending on the type of server
you have, the subdomain(s) you’ve created to Printopia Pro.
4. Tell clients on your network about your domains. This can be done one of several ways,
depending on your network configuration.
5. Optionally disable multicast sharing for your printers, if you don’t intend on using the
standard multicast service discovery mechanism.
!
Printopia Pro Administrator’s Guide
31
Choose your Domains
If you’ll only ever use a handful of printers with Printopia Pro, and it makes sense for them all
to be visible from every device on your network, you’ll only need a single domain. For larger
networks, if you’d like to split your printers up by building, floor, department, or some other
logical grouping, then you’ll need more than one.
!
Enable Wide-Area Printing
Wide-Area Printing support can be enabled under "Advanced Settings...". Click the "+"
button to create a new domain:
!
!
Each domain must be bound to a specific network interface. This network interface defines
the IP address(es) that clients within that zone will use to connect with the Printopia server.
!
The custom name server port option is provided to allow Printopia Pro to coexist with a DNS
server running on the same machine. In this case, the name server would forward requests to
Printopia using this port instead of the standard DNS port 53.
!
If you're using Windows DNS as your name server, you may need to enable the "Use
lowercase names" option. We've found Windows DNS, in some configurations, alters the case
of name records which will interfere with proper AirPrint service discovery.
!
After Wide-Area Printing has been enabled, the "Enterprise Domains" option will appear
when you configure a group of printers. Here you choose which zone(s) the printers within
this group will be published to.
!
Printopia Pro Administrator’s Guide
32
!
Disable Multicast (optional)
You may choose to disable multicast publishing to the "local." domain. This can be done
under "Network Interfaces":
!
!
!
Printopia Pro Administrator’s Guide
33
Name Server Configuration
You organization's primary name server(s) must forward (or delegate) requests for the new
subdomain(s) to the Printopia Server. Printopia will answer queries for the printers shared to
these subdomains.
!
Before you begin, make sure Printopia is configured first. If the "Wide-Area Printing" feature is
not enabled and your subdomains have not been defined, the following steps may fail.
!
Windows DNS (Server 2012)
On Windows, you'll want to configure a "Conditional Forwarder" for each subdomain you'd
like to delegate to Printopia. The domain you specify here must not be defined anywhere else
on this server or any parent servers. This can be done using the DNS Manager as illustrated
below:
!
!
Enter the subdomain you've chosen, and then enter the IP address (or host name) of the Mac
running Printopia Pro (we've used 10.0.0.10 in this example):
!
Printopia Pro Administrator’s Guide
34
!
Windows will attempt to validate the server. If successful, a green check mark will appear and
the OK button will be enabled. Windows DNS should now be forwarding requests for this
new subdomain to the Printopia server.
!
Windows DNS (Server 2003 and 2008)
Windows Server 2008 and earlier require a different approach. Unfortunately, if you try to
forward a subdomain to another server, you’ll receive this error message:
!
!
The only known workaround is to use a different root domain for your printing services
shared through Printopia. We’ve reserved the domain “ap.printopiapro.com” for this purpose.
If needed, you may create additional subdomains under this root as necessary, of the form
“zone1.ap.printopiapro.com”, “zone2.ap.printopiapro.com”, etc.
!
To add a forwarder to steer one of these to your Printopia Pro server, create a new conditional
forwarder as shown below:
!
Printopia Pro Administrator’s Guide
35
This will instruct the Windows DNS server to forward queries within the “ap.printopiapro.com”
subdomain to your Printopia Pro server.
!
Adding a Bonjour browsing record to steer all of your clients to this subdomain:
!
If you’d like to steer all of your network clients to the same subdomain for printing, you may
do so by adding a single record to your root domain.
!
A single PTR record added to your root domain will instruct Bonjour clients to browse the
domain specified in that record for printing services. For example, to make all clients look for
printers in the new “ap.printopiapro.com” subdomain above, you would add this record to
your domain:
!
Printopia Pro Administrator’s Guide
36
To do this, right-click on the root domain (“mydomain.com”, above), and select “New
Domain...” under the root domain. Create the record “b._dns-sd._udp.” under your root
domain as follows:
!
!
Then, create a PTR record under this domain:
!
Printopia Pro Administrator’s Guide
37
!
Leave the “Host IP Address” field blank, as there is no IP address associated with a PTR record.
Set the host name to the subdomain you have chosen for printing. Finally, make sure to use a
short TTL, 10 seconds is recommended as shown above. A short TTL allows clients to pick up
changes to your Bonjour records quickly, and can avoid frustrating issues during setup
caused by cacheing.
!
!
BIND named (Linux / BSD / Mac OSX)
An example configuration for the BIND nameserver is shown below:
!
!
options {!
forwarders { your-primary-dns-server };!
forward first;!
allow-query { any; };!
minimal-responses yes; # recommended to reduce packet size!
};!
!
zone "accounting-printers.mydomain.com" {!
type forward; forward only; forwarders { printopia-pro-server-ip; };!
};!
!
zone "sales-printers.mydomain.com" {!
Printopia Pro Administrator’s Guide
38
type forward; forward only; forwarders { printopia-pro-server-ip; };!
};!
zone "engineering-printers.mydomain.com" {!
type forward; forward only; forwarders { printopia-pro-server-ip; };!
};!
!
!
In this configuration, we've created three subdomains, each representing the printers
belonging to a group within the company. For each zone, the nameserver will forward
incoming requests to the Printopia Server to be resolved.
!
Right now, Printopia can only be configured as a forwarding server, not a zone master for the
zones above.
!
Automatic Client Configuration
Option 1: Single Subdomain (for a small number of printers)
If you only need a single subdomain, you can instruct all iOS devices on your network to
browse for printers in this single domain by adding the following records to your DNS server:
!
!
PTR b._dns-sd._udp.mydomain.com airprint.mydomain.com!
PTR lb._dns-sd._udp.mydomain.com airprint.mydomain.com!
In the example above, replace “mydomain.com” with your organization’s root domain, and
“airprint.mydomain.com” with the Wide Area Printing domain you’ve created for your
printers.
!
Option 2: Multiple Subdomains (for a large number of printers)
If using multiple subdomains, you will need to direct clients on different networks to browse
for printers in the applicable subdomains. To do this, instead of adding the two DNS records
shown above, you’ll need to add “airprint.mydomain.com” to the list of search domains on
each of your clients. This may be done manually, or automatically using your organization’s
DHCP server(s).
!
If you’d like to automatically provide the search domains above to DHCP clients, you may
enable DHCP “search domains” option 119 as defined in RFC3397 (http://www.ietf.org/rfc/
rfc3397.txt) to do so. The DHCP search domains option provides a list of DNS search domains
to clients that request this. Mac OSX and iOS clients request this option from DHCP servers
and will set the list of search domains accordingly, while Windows clients will ignore it,
leaving them unaffected by the change.
!
Windows Server
!
Printopia Pro Administrator’s Guide
39
DHCP option 119 is not directly supported by Windows Server. Please contact technical
support for a workaround.
!
BIND dhcpd (Linux / BSD / Mac OSX)
!
If you’re using CentOS or RedHat, you may determine the currently running version by using:
!
!
!
!
#dhcpd --version!
isc-dhcpd-4.2.5-P1!
NOTE
If you’re using a version of the BIND DHCP package earlier than 4.2.5-P1, DHCP
option 119 may not function properly. The release notes state the issue we found
was fixed in version 3.1.1 of BIND, but we’ve only tested and qualified 4.2.5-P1. We
suggest you download the latest version of the software from:
http://www.isc.org/software/dhcp
Sample config file:
!
!
# cat /etc/dhcpd.conf!
#!
# DHCP Server Configuration file.!
#
see /usr/share/doc/dhcp*/dhcpd.conf.sample
#!
!
!
!
!
ddns-update-style interim;!
ignore client-updates;!
subnet 172.16.10.0 netmask 255.255.255.0 {!
# --- default gateway!
! option routers!
!
! option subnet-mask! !
!
172.16.10.5;!
255.255.255.0;!
!
!
!
option nis-domain! !
"mydomain.com";!
option domain-name! !
"mydomain.com";!
option domain-name-servers!10.0.0.5;!
!
!
option time-offset! !
option ntp-servers! !
!
option domain-search "airprint.mydomain.com";!
!
!
!
range dynamic-bootp 172.16.10.128 172.16.10.254;!
default-lease-time 21600;!
max-lease-time 43200;!
!
!
!
!
-18000;!
10.0.0.5;!
Printopia Pro Administrator’s Guide
# Eastern Standard Time!
40
!
!
!
!
}!
!
host arcadia {!
!
hardware ethernet a8:20:66:4a:d7:5e;!
!
fixed-address 172.16.10.10;!
}!
!
Troubleshooting
On a Mac, you may verify that DHCP option 119 is working correctly using ipconfig. Type
“ipconfig getpacket en0”, where en0 is the network interface you’re using to connect to the
network served by your DHCP server:
!
!
$ ipconfig getpacket en0!
op = BOOTREPLY!
htype = 1!
flags = 0!
hlen = 6!
hops = 0!
xid = 3048224941!
secs = 0!
ciaddr = 0.0.0.0!
yiaddr = 172.16.10.251!
siaddr = 0.0.0.0!
giaddr = 0.0.0.0!
chaddr = 28:37:37:19:3f:d2!
sname = !
file = !
options:!
Options count is 9!
dhcp_message_type (uint8): ACK 0x5!
server_identifier (ip): 172.16.10.5!
lease_time (uint32): 0xa8c0!
subnet_mask (ip): 255.255.255.0!
router (ip_mult): {172.16.10.5}!
domain_name_server (ip_mult): {10.0.0.5}!
domain_name (string): mydomain.com!
domain_search (dns_namelist): {airprint.mydomain.com}!
end (none): !
!
!
In the example above, you can see the “domain_search” DHCP option was successfully
received from the server.
!
Manual Client Configuration
On the client side, you just need to add one of the new zones to your DNS search domains,
and make sure the client is using your organizations name server. You may configure each
client device manually, or your DHCP server could automatically assign the desired search
domains to clients.
!
Printopia Pro Administrator’s Guide
41
iOS Clients
Add the new subdomain(s) you've created to iOS clients by opening the "Settings" app,
tapping "Wi-Fi", and then tapping the blue arrow to the right of the current Wi-Fi network
(which must be your organization's Wi-Fi network). Enter the search domains here.
!
OSX Clients
The Mac search domains can be found by opening System Preferences, clicking on
"Network", then "Advanced". Under the "DNS" tab, enter the search domain(s) you've
configured.
!
!
!
Printopia Pro Administrator’s Guide
42
Troubleshooting
Useful Tools
We highly recommend the free Discovery Bonjour Browser app by Tildesoft to help
troubleshoot Bonjour on your network. There is also an equally indispensible Mac version
available from the author's website, www.tildesoft.com. Both versions of the app allow you to
view both local (multicast) and wide-area (unicast) Bonjour domains.
!
Step 1: Verify the Printopia Server is responding to both UDP and TCP requests
!
A firewall or other name server software running on the Printopia Pro machine could be
interfering with its operation. To test the Printopia Server, issue the following UDP and TCP
requests which will list the printers being published. Both servers should return the same
results if forwarding is configured properly.
!
Check UDP Queries:
!
dig @dns-server-ip _ipp._tcp.airprint.mydomain.com ptr!
Check TCP Queries:
dig @dns-server-ip +vc _ipp._tcp.airprint.mydomain.com ptr!
!
A successful response looks like this:
!
server:~ admin$ dig @10.0.0.10 +vc _ipp._tcp.airprint.mydomain.com ptr!
; <<>> DiG 9.8.3-P1 <<>> @10.0.0.10 +vc _ipp._tcp.airprint.mydomain.com ptr!
; (1 server found)!
;; global options: +cmd!
;; Got answer:!
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49835!
;; flags: qr aa; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0!
;; QUESTION SECTION:!
;_ipp._tcp.airprint.mydomain.com. IN!PTR!
;; ANSWER SECTION:!
_ipp._tcp.airprint.mydomain.com. 10 IN!
PTR!
Web\032Folder
\0322._ipp._tcp.airprint.mydomain.com.!
_ipp._tcp.airprint.mydomain.com. 10 IN!
PTR!
Epson\032Stylus
\032NX420._ipp._tcp.airprint.mydomain.com.!
_ipp._tcp.airprint.mydomain.com. 10 IN!
PTR!
Web
\032Folder._ipp._tcp.airprint.mydomain.com.!
_ipp._tcp.airprint.mydomain.com. 10 IN!
PTR!
Eng._ipp._tcp.airprint.mydomain.com.!
;; Query time: 2 msec!
;; SERVER: 10.0.0.10#53(10.0.0.10)!
;; WHEN: Tue Mar 26 19:25:27 2013!
;; MSG SIZE rcvd: 409!
!
Step 2: Verify the primary name server(s) are responding to both UDP and TCP requests
!
Printopia Pro Administrator’s Guide
43
Use the same command above, pointed at your primary name server to verify its operation. If
forwarding is configured properly, you'll receive the same responses shown above.
!
Step 3: Check the client configuration
!
Clients must be:
!
!
1. Pointed at your primary name server
2. Be using the subdomains you've configured as the DNS search domains
3. Both the primary name server and published printers must be reachable from the
client
On a Mac OSX client, you can use the dns-sd command line utility to verify the search
domains and name server are properly configured on the client:
!
!
server:~ admin$ dns-sd -B _ipp._tcp airprint.mydomain.com!
Browsing for _ipp._tcp.airprint.mydomain.com!
DATE: ---Tue 26 Mar 2013---!
19:11:42.884 ...STARTING...!
Timestamp A/R Flags if Domain Service Type Instance Name!
19:11:42.886 Add 3 0 airprint.mydomain.com. _ipp._tcp. Eng!
19:11:42.886 Add 3 0 airprint.mydomain.com. _ipp._tcp. Web Folder!
19:11:42.886 Add 3 0 airprint.mydomain.com. _ipp._tcp. Web Folder 2!
19:11:42.886 Add 2 0 airprint.mydomain.com. _ipp._tcp. Epson Stylus NX420!
Printopia Pro Administrator’s Guide
44
General Troubleshooting
!
Things to Know
The iOS print queue is strictly serial, and an issue with one job will prevent any other job from
printing until it is resolved. As a result, if you're having trouble printing, check the print queue
first to see what state it's in.
!
AirPrint will not work over your device's cellular data connection. You must be connected to
your organization's Wifi network to be able to print.
!
If you don't see any printers in your iPhone or iPad's printer list:
!
• Ensure that the device is on the same network as the Mac running Printopia.
• Ensure that the Mac is turned on and awake.
• Check to make sure Printopia is running and printers are shown as shared.
!
Some routers may require a setting to be changed. Refer to your router's user manual if
you're not sure how to access its settings. Ensure that Broadcast and Multicast settings are
turned on if available. If your router has RIP settings, ensure that the RIP direction is set to
"Both" and the RIP version is set to "RIP-1".
!
If you see printers, but nothing is printing:
!
Check your iPhone or iPad's Print Center. To do this, double-press the device's home button
to reveal the task tray. If you see a "Print Center" icon, this means there is an item in the print
queue that has not yet printed. Tap print jobs to view their status, and cancel any jobs that
may be stuck in the queue. (If you don't see a Print Center icon, it just means that there's
nothing in the queue.)
!
Check your printer's print queue on your Mac for status updates. To see all print jobs, choose
"Show Completed Jobs" and "Show Everyone's Jobs" from the "Jobs" menu.
!
Check your Mac's firewall settings. (System Preferences-> Security-> Firewall). If your Firewall
is turned on, click "Advanced", and ensure that "Printopia Server" is listed as allowing
incoming connections. Also make sure that the "Block all incoming connections" checkbox is
not checked. Alternatively, you may wish to temporarily turn off your firewall for
troubleshooting purposes.
!
If you are using Intego's firewall software, ensure that "Client, local server" is selected rather
than "Client only" mode.
Printopia Pro Administrator’s Guide
45
!
If you see printers, but the device reports an error:
!
Try rebooting the iPhone or iPad. This may clear out cached information about printers which
may have become invalid.
!
Try creating and printing to a "Web Folder" printer. If this works, but your real printer does not
work, this means it's likely a printer-specific issue and not an issue with your network.
!
Be sure to clear the iPhone or iPad print queue before testing again.
Printopia Pro Administrator’s Guide
46
Open as PDF
Similar pages