Running Apple's Lion Server (10.7.3). I am trying to get VPN clients (clients on another subnet) to see the server's Apple File share. I know that Bonjour doesn't route over a VPN or subnet, so I am adding static DNS entries.
AFP shares work, as I can connect directly to the share using afp://servername.example.com. But, Finder and CLI tools are unable to discover the share.
From my research it sounds like I can use DNS to add SRV entries to make the services discoverable. I have added PTR and SRV entries:
_afpovertcp._tcp.example.co. 10800 IN PTR servername._afpovertcp._tcp.example.com. servername._afpovertcp._tcp.example.com. 10800 IN SRV 0 0 548 servername.example.com.
There is an A record for servername.example.com.
This helps Finder discover the AFP share, but connecting using this link fails.
Using dig I can confirm the PTR and SRV entries.
dig SRV servername._afpovertcp._tcp.example.com
This finds the record, and:
host -t PTR _afpovertcp._tcp.example.com
points back to the server name.
Using dns-sd I see the first signs of problems.
dns-sd -F # successfully finds the example.com group
dns-sd -B _afpovertcp._tcp # correctly shows servername as an afp share
dns-sd -L servername _afpovertcp._tcp example.com # fails to locate anything
The dns-sd commands and dig/host behave the same locally on the server as they do through the VPN. So, am I going down the wrong path trying to add SRV records to DNS? It's showing progress, but I'm just having a hard time getting the servername to point to a physical IP address.
Have you got a TXT record named
servername._afpovertcp._tcp.example.com? As a service is made up of both an SRV record and a TXT record I think you'll find you need both for a service to be resolved successfully.