Difference between revisions of "Network Requirements"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) (→Architecture and Terms) |
||
(30 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | __TOC__ | |
+ | <div class="grid-container grid-2" style=" display: flex;flex-wrap: wrap;"> | ||
+ | <div class="grid-item"> | ||
+ | ==Architecture and Terms== | ||
+ | <div class="floating_card">Our software is built on the standard LEMP <em>(Linux, Nginx, MYSQL, and PHP)</em> architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:</div> | ||
+ | |||
+ | <div class="section"> | ||
+ | '''Application Server:''' This makes up the bulk of the application and consists of 3 primary components: | ||
+ | *PHP web pages being served up by the Nginx web server | ||
+ | *MySQL Database | ||
+ | *NodeJS messaging and control service | ||
+ | |||
+ | '''Media Server:''' This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs. It also handles all the recording and clip creation. | ||
+ | </div> | ||
+ | |||
+ | <div class="section"> | ||
+ | From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>. For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added. These servers only run the Media Server portion of the VALT application. | ||
+ | </div> | ||
+ | </div> | ||
+ | |||
+ | <div class="grid-item"> | ||
+ | |||
+ | ==Visual Overview== | ||
+ | {{img - no click | file = VALT Server Structure.png | width =}} | ||
+ | </div> | ||
+ | </div> | ||
+ | |||
+ | ==Basic Configuration== | ||
+ | <table class="network_ports_table"> | ||
+ | <caption>Client to Application & Media Server(s)</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Service</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5"> | ||
+ | <td>🔓 TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Web Application</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#EFDBD5"> | ||
+ | <td>🔓 TCP 1935</td> | ||
+ | <td>WS</td> | ||
+ | <td>Video Streaming</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB"> | ||
+ | <td>🔒 TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Web Application</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#D5EFDB"> | ||
+ | <td>🔒 TCP 444</td> | ||
+ | <td>WSS</td> | ||
+ | <td>Video Streaming</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8000</td> | ||
+ | <td title="Changes with SSL status (Enabled/Disabled).">HTTP/HTTPS*</td> | ||
+ | <td>Downloads/Wowza webserver</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <th colspan=6>For Administration</th> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only for Administration" style="background-color:#e5ecff"> | ||
+ | <td>🔧 TCP 22</td> | ||
+ | <td>SSH</td> | ||
+ | <td>SSH</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only for Administration" style="background-color:#d5dcef"> | ||
+ | <td>🔧 TCP 8088</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Wowza admin</td> | ||
+ | <td>Client</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | <span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">🔓 Required when SSL is Disabled</span> | ||
+ | <span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">🔒 Required when SSL is Enabled</span> | ||
+ | <span style="padding:2px 10px;background-color:#e5ecff;border:1px solid black">🔧 Required only for Administration</span> | ||
+ | |||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>Media Server(s) to Camera(s)</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Service</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Web Application/API</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Camera</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 554</td> | ||
+ | <td>RTSP</td> | ||
+ | <td>Video Stream</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Camera</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | ==BEAM (Mobile Application)== | ||
+ | <div class="floating_card">Only required for those who have purchased [[BEAM]] licenses.</div> | ||
+ | |||
+ | <div class="section">BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features: | ||
+ | *Live streaming to VALT | ||
+ | *Recording sessions | ||
+ | *Uploading sessions | ||
+ | </div> | ||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>BEAM Device(s) to Media Server</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Service</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5"> | ||
+ | <td>🔓 TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>BEAM API/HTTP Upload</td> | ||
+ | <td>BEAM Device</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB"> | ||
+ | <td>🔒 TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>BEAM API/HTTPS Upload</td> | ||
+ | <td>BEAM Device</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 444</td> | ||
+ | <td>RTMP</td> | ||
+ | <td>Video Streaming</td> | ||
+ | <td>BEAM Device</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 1935</td> | ||
+ | <td>RTMP</td> | ||
+ | <td>Video Streaming</td> | ||
+ | <td>BEAM Device</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | <span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">🔓 Required when SSL is Disabled</span> | ||
+ | <span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">🔒 Required when SSL is Enabled</span> | ||
+ | |||
+ | ==Online Updates== | ||
+ | <div class="floating_card">Valid DNS servers are required to download updates</div> | ||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>Application & Media Server(s) to Repositories</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Package</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Ubuntu</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://us.archive.ubuntu.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Ubuntu</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://security.ubuntu.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Ubuntu</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://kazooie.canonical.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Ubuntu</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://banjo.canonical.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>IVS</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://apt.ipivs.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Ondrej Apache/PHP</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>http://ppa.launchpad.net</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Ondrej Apache/PHP</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>https://ppa.launchpadcontent.net</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Ubuntu Changelogs</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>https://changelogs.ubuntu.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Node</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td>https://deb.nodesource.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Docker</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td> https://download.docker.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Docker</td> | ||
+ | <td>Application & Media Server</td> | ||
+ | <td> https://docker.ipivs.com</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | <div class="grid-container grid-2" style=" display: flex;flex-wrap: wrap;"> | ||
+ | <div class="grid-item"> | ||
+ | |||
+ | ==Application Server to Additional Media Server(s)== | ||
+ | <div class="floating_card">Only required for installations where additional servers, acting as Media Servers, are present.</div> | ||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>Application Server to Media Server(s)</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Service</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 22</td> | ||
+ | <td>SSH</td> | ||
+ | <td>OS</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB"> | ||
+ | <td>🔒 TCP 444</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5"> | ||
+ | <td>🔓 TCP 1935</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8000</td> | ||
+ | <td>HTTP/HTTPS</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8086</td> | ||
+ | <td>HTTP/HTTPS</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8087</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Application Server</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>Media Server(s) to Application Server</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Service</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 22</td> | ||
+ | <td>SSH</td> | ||
+ | <td>OS</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5"> | ||
+ | <td>🔓 TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Wowza Streaming API</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB"> | ||
+ | <td>🔒 TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>Wowza Streaming API</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8086</td> | ||
+ | <td>HTTP/HTTPS</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 8087</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Wowza Streaming Engine</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>Application Server</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | <span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">🔓 Required when SSL is Disabled</span> | ||
+ | <span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">🔒 Required when SSL is Enabled</span> | ||
+ | </div> | ||
+ | |||
+ | <div class="grid-item"> | ||
+ | <br><br> | ||
+ | {{img - no click | file = Application Server and Media Servers.png | width =}} | ||
+ | </div> | ||
+ | </div> | ||
+ | |||
+ | ==Digital Wowza License== | ||
+ | <div class="floating_card">Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers. | ||
+ | |||
+ | |||
+ | <em>This communication is required to verify valid Wowza Streaming licenses.</em> | ||
+ | </div> | ||
+ | |||
+ | <table class="network_ports_table"> | ||
+ | <caption>Media Servers to Wowza Licensing Servers</caption> | ||
+ | <tr> | ||
+ | <th>Port</th> | ||
+ | <th>Protocol</th> | ||
+ | <th>Source</th> | ||
+ | <th>Destination</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>wowzalicense-all.wowzamedia.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>wowzalicense1.wowzamedia.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>wowzalicense2.wowzamedia.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>wowzalicense3.wowzamedia.com</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 80</td> | ||
+ | <td>HTTP</td> | ||
+ | <td>Media Server</td> | ||
+ | <td>wowzalicense4.wowzamedia.com</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | ==VALT Cloud== | ||
<div class="floating_card"> | <div class="floating_card"> | ||
− | + | VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server. | |
+ | |||
+ | The cloud server is the Application Server. This hosts the website where users will access the application. | ||
+ | |||
+ | The on-premise server is a Media Server. This hosts the camera streams and recordings. | ||
+ | |||
+ | |||
+ | The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports: | ||
</div> | </div> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | = | + | <table class="network_ports_table"> |
− | + | <caption>On-Premise Media Server to Cloud Application Server</caption> | |
− | + | <tr> | |
− | + | <th>Port</th> | |
− | + | <th>Source</th> | |
− | + | <th>Destination</th> | |
− | + | </tr> | |
− | + | <tr> | |
− | + | <td>UDP 500</td> | |
− | + | <td>On-Premise Media Server</td> | |
− | + | <td>Cloud Application Server</td> | |
− | + | </tr> | |
− | + | <tr> | |
− | + | <td>UDP 4500</td> | |
− | + | <td>On-Premise Media Server</td> | |
− | + | <td>Cloud Application Server</td> | |
− | + | </tr> | |
− | + | <tr> | |
− | + | <td>GRE</td> | |
− | + | <td>On-Premise Media Server</td> | |
− | = | + | <td>Cloud Application Server</td> |
− | + | </tr> | |
− | + | </table> | |
− | + | <div class="floating_card"> | |
− | + | VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate: | |
− | + | </div> | |
− | + | <table class="network_ports_table"> | |
− | + | <caption>Let's Encrypt</caption> | |
− | + | <tr> | |
− | + | <th>Port</th> | |
− | + | <th>Protocol</th> | |
− | + | <th>Source</th> | |
− | + | <th>Destination</th> | |
− | + | </tr> | |
− | + | <tr> | |
− | + | <td>TCP 443</td> | |
+ | <td>HTTPS</td> | ||
+ | <td>On Premise Media Server</td> | ||
+ | <td>https://acme-v02.api.letsencrypt.org</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>TCP 443</td> | ||
+ | <td>HTTPS</td> | ||
+ | <td>On Premise Media Server</td> | ||
+ | <td>https://route53.amazonaws.com</td> | ||
+ | </tr> | ||
+ | </table> |
Latest revision as of 10:59, 31 October 2024
Contents
Architecture and Terms
Application Server: This makes up the bulk of the application and consists of 3 primary components:
- PHP web pages being served up by the Nginx web server
- MySQL Database
- NodeJS messaging and control service
Media Server: This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs. It also handles all the recording and clip creation.
From a physical or virtual server perspective, the entire server side software stack can be run on a single server. For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added. These servers only run the Media Server portion of the VALT application.
Visual Overview
Basic Configuration
Port | Protocol | Service | Source | Destination | |
---|---|---|---|---|---|
🔓 TCP 80 | HTTP | Web Application | Client | Application Server | |
🔓 TCP 1935 | WS | Video Streaming | Client | Application & Media Server | |
🔒 TCP 443 | HTTPS | Web Application | Client | Application Server | |
🔒 TCP 444 | WSS | Video Streaming | Client | Application & Media Server | |
TCP 8000 | HTTP/HTTPS* | Downloads/Wowza webserver | Client | Application & Media Server | |
For Administration | |||||
🔧 TCP 22 | SSH | SSH | Client | Application & Media Server | |
🔧 TCP 8088 | HTTP | Wowza admin | Client | Application & Media Server |
🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled 🔧 Required only for Administration
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 80 | HTTP | Web Application/API | Media Server | Camera |
TCP 554 | RTSP | Video Stream | Media Server | Camera |
BEAM (Mobile Application)
- Live streaming to VALT
- Recording sessions
- Uploading sessions
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
🔓 TCP 80 | HTTP | BEAM API/HTTP Upload | BEAM Device | Media Server |
🔒 TCP 443 | HTTPS | BEAM API/HTTPS Upload | BEAM Device | Media Server |
TCP 444 | RTMP | Video Streaming | BEAM Device | Media Server |
TCP 1935 | RTMP | Video Streaming | BEAM Device | Media Server |
🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled
Online Updates
Port | Protocol | Package | Source | Destination |
---|---|---|---|---|
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://us.archive.ubuntu.com |
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://security.ubuntu.com |
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://kazooie.canonical.com |
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://banjo.canonical.com |
TCP 80 | HTTP | IVS | Application & Media Server | http://apt.ipivs.com |
TCP 80 | HTTP | Ondrej Apache/PHP | Application & Media Server | http://ppa.launchpad.net |
TCP 443 | HTTPS | Ondrej Apache/PHP | Application & Media Server | https://ppa.launchpadcontent.net |
TCP 443 | HTTPS | Ubuntu Changelogs | Application & Media Server | https://changelogs.ubuntu.com |
TCP 443 | HTTPS | Node | Application & Media Server | https://deb.nodesource.com |
TCP 443 | HTTPS | Docker | Application & Media Server | https://download.docker.com |
TCP 443 | HTTPS | Docker | Application & Media Server | https://docker.ipivs.com |
Application Server to Additional Media Server(s)
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 22 | SSH | OS | Application Server | Media Server |
🔒 TCP 444 | HTTPS | Wowza Streaming Engine | Application Server | Media Server |
🔓 TCP 1935 | HTTP | Wowza Streaming Engine | Application Server | Media Server |
TCP 8000 | HTTP/HTTPS | Wowza Streaming Engine | Application Server | Media Server |
TCP 8086 | HTTP/HTTPS | Wowza Streaming Engine | Application Server | Media Server |
TCP 8087 | HTTP | Wowza Streaming Engine | Application Server | Media Server |
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 22 | SSH | OS | Media Server | Application Server |
🔓 TCP 80 | HTTP | Wowza Streaming API | Media Server | Application Server |
🔒 TCP 443 | HTTPS | Wowza Streaming API | Media Server | Application Server |
TCP 8086 | HTTP/HTTPS | Wowza Streaming Engine | Media Server | Application Server |
TCP 8087 | HTTP | Wowza Streaming Engine | Media Server | Application Server |
🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled
Digital Wowza License
This communication is required to verify valid Wowza Streaming licenses.
Port | Protocol | Source | Destination |
---|---|---|---|
TCP 80 | HTTP | Media Server | wowzalicense-all.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense1.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense2.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense3.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense4.wowzamedia.com |
VALT Cloud
VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server.
The cloud server is the Application Server. This hosts the website where users will access the application.
The on-premise server is a Media Server. This hosts the camera streams and recordings.
The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports:
Port | Source | Destination |
---|---|---|
UDP 500 | On-Premise Media Server | Cloud Application Server |
UDP 4500 | On-Premise Media Server | Cloud Application Server |
GRE | On-Premise Media Server | Cloud Application Server |
VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate:
Port | Protocol | Source | Destination |
---|---|---|---|
TCP 443 | HTTPS | On Premise Media Server | https://acme-v02.api.letsencrypt.org |
TCP 443 | HTTPS | On Premise Media Server | https://route53.amazonaws.com |