====== Apple Content Caches ======

===== Clients and Peering =====

The color of the cache indicates the color of the client being served.

<uml>
@startuml
nwdiag {
  Apple-Cache-08151 [ color = "#00FFFF" ]
  Apple-Cache-08152 [ color = "#FFFF00" ]
  Apple-Cache-08153 [ color = "#FFCC00" ]
  Apple-Cache-08154 [ color = "#FF00FF" ]

  group {
    color = "#CCFFFF";
    description = "Peers"

    Apple-Cache-08151;
    Apple-Cache-08152;
    Apple-Cache-08153;
    Apple-Cache-08154;
  }

 network charter {
    address = "71.86.47.96/29" 
    color = "#FF0000";
    FortiGate;
  }
  network morenet {
    address = "204.184.43.0/24"
    color = "#FF0000";
    FortiGate;
  }
  network high_school {
    color = "#FFCC00"
    address = "10.100.0.0/16"
    Apple-Cache-08153;
    FortiGate;
  }
  network  middle_school {
    color = "#FF00FF" 
    address = "10.101.0.0/16"
    Apple-Cache-08154;
    FortiGate;
  }
  network  upper_elementary {
    color = "#FFFF00"
    address = "10.102.0.0/16"
    Apple-Cache-08152;
    FortiGate;
  }
  network heritage_elementary {
    color = "#00FFFF"
    address = "10.103.0.0/16"
    Apple-Cache-08151;
    FortiGate;
  }
  network vip {
    color = "#FFFF00"
    address = "x/16"
    FortiGate;
  }
  network guest {
    color = "#FF00FF"
    address = "x/16"
    FortiGate;
  }
}
@enduml
</uml>


===== macOS Setup =====
Content caches should be excluded from enrolling into MDM. 

macOS Setup Screens:
  * Country/Region: United States
  * Accessibility: Not Now
  * Connect to a WiFi network: connect an ethernet cable.
  * User Account: 
    * Name: SOTO Admin
    * Username: sotoadmin
    * Password: Generate a password and store it in the password database.
  * Transfer information: Not now
  * Sign in with your Apple ID: Not now
  * Screen Time: Not Now
  * Enable Siri: Not Now
  * Choose your look: Continue

Check for updates: Settings > General > Software Updates
===== Configuration =====
Settings > General > About
  * Name : "Apple Cache <AssetTag>"
Settings > General > Sharing
  * Remote Login: Enable
  * Remote Management: Enable
    * Options > Only these users:
      * SOTO Admin; Enable All Access Options
  * Remote Apple Events: Enable
  * Content Caching: Enable
    * Share: Internet Connection: Enable
    * Hold Alt and Click  Advanced Options
      * Clients
        * Cache content for: devices using the custom local networks
          * IP range to be served. Example for High School subnet 10.100.0.0-10.100.255.255.
        * My local networks: use custom public IP addresses
          * 71.86.47.96 - 71.86.47.103
          * 204.184.43.0 - 204.184.43.255
      * Peers
        * Share content with: content caches using custom local networks
        * 10.0.0.0 - 10.255.255.255
  * Displays > Advanced
    * Prevent automatic sleeping when the display is off: Enable
  * Energy Saver
    * Start up automatically after power failure true

===== DNS Zone Configuration =====
For clients to locate content caches; A DNS record needs to be placed within one of their search domains. Search domains are configured in their DHCP scope or manually in the clients network configuration.
<code>_applcache._tcp.<search domain zone> TXT "prs=71.86.47.96-71.86.47.96,204.184.43.0-204.184.43.255"</code>

===== Switch Configuration =====
Native VLAN: VLAN primarily be targeted for service.

===== CLI Tools =====
AssetCacheLocatorUtil - run this from client devices to see what caches are available. 

AssetCacheManagerUtil - run this from content caches to monitor and manage the caching service.