Difference between revisions of "Network Requirements"

From IVS Wiki
Jump to: navigation, search
 
Line 1: Line 1:
__TOC__
+
{{Article - Manual | content =
<div class="grid-container grid-2" style="  display: flex;flex-wrap: wrap;">
+
<h1>Introduction</h1>
<div class="grid-item">
+
{{Manual lvl 2 | title = Architecture and Terms | content =  
==Architecture and Terms==
+
Our software is built on the standard LEMP <em>(Linux, Nginx, MYSQL, and PHP)</em> architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:
<div class="floating_card">Our software is built on the standard LEMP <em>(Linux, Nginx, MYSQL, and PHP)</em> architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:</div>
+
{{hr}}
 +
<dl>
 +
<dt>Application Server:</dt>
 +
<dd>
 +
This makes up the bulk of the application and consists of 3 primary components:
 +
<ol>
 +
<li><strong>PHP</strong> web pages being served up by the Nginx web server</li>
 +
<li><strong>MySQL</strong> Database</li>
 +
<li><strong>NodeJS</strong> messaging and control service</li>
 +
</ol></dd>
  
<div class="section">
+
{{hr - 2}}
'''Application Server:'''  This makes up the bulk of the application and consists of 3 primary components:
 
*PHP web pages being served up by the Nginx web server
 
*MySQL Database
 
*NodeJS messaging and control service
 
  
'''Media Server:''' This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs.  It also handles all the recording and clip creation.
+
<dt>Media Server:</dt>
</div>
+
<dd>This portion of the application handles <u>all the communication with the cameras and video streams</u> being served out to the client PCs.  It also handles all the recording and clip creation.</dd>
 +
</dl>
  
<div class="section">
+
{{Aside - Helpful | content = From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>.}}
From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>. For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added. These servers only run the Media Server portion of the VALT application.
 
</div>
 
</div>
 
  
<div class="grid-item">
+
{{hr - 2}}
  
==Visual Overview==
+
For applications requiring <b>more than 50 cameras</b> or consisting of different departments the software can be broken out and additional Media Servers can be added.
{{img - no click | file = VALT Server Structure.png | width =}}
+
 
</div>
+
<center>{{img - no_click | file = VALT Server Structure.png}}</center>
</div>
+
}}
 +
 
 +
 
 +
{{Top of Page}}
 +
{{hr}}
 +
 
 +
<h1>Basic Configuration</h1>
 +
<table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right">
 +
  <tr>
 +
    <th style="background-color:#282829; font-weight: bold; color: white">Key</th>
 +
  </tr>
 +
  <tr>
 +
    <td>Always Required</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#FFEBE5">&#128275; SSL is Disabled</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#E5FFEB">&#128274; SSL is Enabled</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#e5ecff">&#128295; For Administration</td>
 +
  </tr>
 +
</table>
 +
 
 +
{{Manual lvl 2 | title = Client to Application & Media Server(s) | content =
 +
This table shows the ports that must be opened for client machines to speak to the VALT <b>Application</b> and <b>Media</b> servers. Use the key to understand when certain ports apply.
 +
 
 +
{{hr - 2}}
  
==Basic Configuration==
 
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
  <caption>Client to Application & Media Server(s)</caption>
 
 
     <tr>
 
     <tr>
 
       <th>Port</th>
 
       <th>Port</th>
Line 91: Line 119:
 
</table>
 
</table>
 
}}
 
}}
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
 
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
 
<span style="padding:2px 10px;background-color:#e5ecff;border:1px solid black">&#128295; Required for Administration</span>
 
  
{{Section | width = 1260px | content =  
+
 
 +
{{Top of Page}}
 +
{{hr}}
 +
 
 +
{{Manual lvl 2 | title = Media Server(s) to Video Device(s) | content =  
 +
This table shows the ports that must be opened for the [[VALT_Devices|video devices]] to communicate with VALT. Video devices refers to hardware such as:
 +
*[[VALT_Devices#PTZ_Cameras|Cameras]]
 +
*[[VALT_Devices#Encoders|Encoders]]
 +
 
 +
{{hr - 2}}
 +
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
  <caption>Media Server(s) to Camera(s)</caption>
 
 
     <tr>
 
     <tr>
 
       <th>Port</th>
 
       <th>Port</th>
Line 122: Line 156:
 
}}
 
}}
  
==BEAM (Mobile Application)==
 
<div class="floating_card">Only required for those who have purchased [[BEAM Main Page|BEAM]] licenses.</div>
 
  
<div class="section">BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:
+
{{Top of Page}}
*Live streaming to VALT
+
{{hr}}
*Recording sessions
+
 
*Uploading sessions
+
<h1>Other Configurations</h1>
</div>
+
{{Manual lvl 2 | title = BEAM (Mobile Application) | content =  
 +
{{Aside | content = Only required for those who have purchased [[BEAM Main Page|BEAM]] licenses.}}
 +
 
 +
BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:
 +
<table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right">
 +
  <tr>
 +
    <th style="background-color:#282829; font-weight: bold; color: white">Key</th>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#FFEBE5">&#128275; SSL is Disabled</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#E5FFEB">&#128274; SSL is Enabled</td>
 +
  </tr>
 +
</table>
 +
*<strong>Live streaming</strong> to VALT
 +
*<strong>Recording</strong> sessions
 +
*<strong>Uploading</strong> sessions
 +
 
 +
{{hr - 2}}
  
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
  <caption>BEAM Device(s) to Media Server</caption>
 
 
     <tr>
 
     <tr>
 
       <th>Port</th>
 
       <th>Port</th>
Line 145: Line 194:
 
       <td>HTTP</td>
 
       <td>HTTP</td>
 
       <td>BEAM API/HTTP Upload</td>
 
       <td>BEAM API/HTTP Upload</td>
 +
      <td>BEAM Device</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#EFDBD5">
 +
      <td>&#128275; TCP 1935</td>
 +
      <td>RTMP</td>
 +
      <td>Video Streaming</td>
 
       <td>BEAM Device</td>
 
       <td>BEAM Device</td>
 
       <td>Media Server</td>
 
       <td>Media Server</td>
Line 155: Line 211:
 
       <td>Media Server</td>
 
       <td>Media Server</td>
 
     </tr>
 
     </tr>
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5">
+
     <tr class="help" title="Required only when SSL is Enabled" style="background-color:#D5EFDB">
      <td>&#128275; TCP 1935</td>
 
      <td>RTMP</td>
 
      <td>Video Streaming</td>
 
      <td>BEAM Device</td>
 
      <td>Media Server</td>
 
    </tr>
 
     <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB">
 
 
       <td>&#128274; TCP 444</td>
 
       <td>&#128274; TCP 444</td>
 
       <td>RTMP</td>
 
       <td>RTMP</td>
Line 171: Line 220:
 
</table>
 
</table>
 
}}
 
}}
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
 
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
 
  
==Online Updates==
 
<div class="floating_card">Valid DNS servers are required to download updates</div>
 
  
{{Section | width = 1260px | content =  
+
{{Top of Page}}
 +
{{hr}}
 +
 
 +
{{Manual lvl 2 | title = Online Updates | content =
 +
<div style="float:right;margin-left: 20px; width: 305px;">{{Aside | content = Valid DNS servers are required to download updates.}}</div>
 +
<div>This table outlines the required ports and repositories that must be accessible for VALT servers to download and install the <b>latest packages and updates</b>.</div>
 +
 
 +
{{hr - 2}}
 +
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
  <caption>Application & Media Server(s) to Repositories</caption>
 
 
     <tr>
 
     <tr>
 
       <th>Port</th>
 
       <th>Port</th>
Line 232: Line 284:
 
}}
 
}}
  
==Application Server to Additional Media Server(s)==
 
<div class="floating_card">Only required for installations where additional servers, acting as Media Servers, are present.</div>
 
  
{{img - no click | file = Application Server and Media Servers.png | width =}}
+
{{Top of Page}}
 +
{{hr}}
 +
 
 +
{{Manual lvl 2 | title = Multiple Server Configurations | content = }}
 +
{{Grid 2 | left = {{img - no click | file = Application Server and Media Servers.png | width = 230px}}
 +
| right_width = 434px | right =
 +
<div style="width:435px">{{Aside | content = Only required for installations where additional servers, acting as Media Servers, are present.}}</div>
 +
<table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right">
 +
  <tr>
 +
    <th style="background-color:#282829; font-weight: bold; color: white">Key</th>
 +
  </tr>
 +
  <tr>
 +
    <td>Always Required</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#FFEBE5">&#128275; SSL is Disabled</td>
 +
  </tr>
 +
  <tr>
 +
    <td style="background-color:#E5FFEB">&#128274; SSL is Enabled</td>
 +
  </tr>
 +
</table> }}
 +
 
 +
{{hr - 2}}
  
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
  <caption>Application Server to Media Server(s)</caption>
+
<caption>Application Server to Media Server(s)</caption>
 
     <tr>
 
     <tr>
 
       <th>Port</th>
 
       <th>Port</th>
Line 290: Line 361:
 
     </tr>
 
     </tr>
 
</table>
 
</table>
}}
 
  
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
 
   <caption>Media Server(s) to Application Server</caption>
 
   <caption>Media Server(s) to Application Server</caption>
Line 338: Line 407:
 
     </tr>
 
     </tr>
 
</table>
 
</table>
}}
 
  
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
+
 
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
+
{{Top of Page}}
<br><br>
+
{{hr}}
  
 
==Digital Wowza License==
 
==Digital Wowza License==
<div class="floating_card">Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.
+
This communication is required to verify valid Wowza Streaming licenses.
  
 +
{{Aside | content = Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.}}
  
<em>This communication is required to verify valid Wowza Streaming licenses.</em>
 
</div>
 
 
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
 
   <caption>Media Servers to Wowza Licensing Servers</caption>
 
   <caption>Media Servers to Wowza Licensing Servers</caption>
Line 391: Line 456:
 
     </tr>
 
     </tr>
 
</table>
 
</table>
}}
+
 
 +
 
 +
{{Top of Page}}
 +
{{hr}}
  
 
==VALT Cloud==
 
==VALT Cloud==
<div class="floating_card">
 
 
VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server.
 
VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server.
  
Line 403: Line 470:
  
 
The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports:
 
The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports:
</div>
 
  
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
 
   <caption>On-Premise Media Server to Cloud Application Server</caption>
 
   <caption>On-Premise Media Server to Cloud Application Server</caption>
Line 429: Line 494:
 
     </tr>
 
     </tr>
 
</table>
 
</table>
}}
 
  
<div class="floating_card">
+
 
 +
{{Top of Page}}
 +
{{hr}}
 +
 
 
VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate:
 
VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate:
</div>
+
 
{{Section | width = 1260px | content =
 
 
<table class="network_ports_table">
 
<table class="network_ports_table">
 
   <caption>Let's Encrypt</caption>
 
   <caption>Let's Encrypt</caption>
Line 456: Line 522:
 
     </tr>
 
     </tr>
 
</table>
 
</table>
 +
 +
 +
{{Top of Page}}
 
}}
 
}}
 
 
[[Category:VALT]]
 
[[Category:VALT]]

Latest revision as of 15:34, 15 July 2025

Introduction

Architecture and Terms

Our software is built on the standard LEMP (Linux, Nginx, MYSQL, and PHP) architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:


Application Server:
This makes up the bulk of the application and consists of 3 primary components:
  1. PHP web pages being served up by the Nginx web server
  2. MySQL Database
  3. NodeJS messaging and control service

Media Server:
This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs. It also handles all the recording and clip creation.

🕮
From a physical or virtual server perspective, the entire server side software stack can be run on a single server.

For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added.

VALT Server Structure.png


⇧ Back to Top


Basic Configuration

Key
Always Required
🔓 SSL is Disabled
🔒 SSL is Enabled
🔧 For Administration

Client to Application & Media Server(s)

This table shows the ports that must be opened for client machines to speak to the VALT Application and Media servers. Use the key to understand when certain ports apply.


Port Protocol Service Source Destination
🔓 TCP 80 HTTP Web Application Client Application Server
🔓 TCP 1935 WS Video Streaming Client Application & Media Server
🔒 TCP 443 HTTPS Web Application Client Application Server
🔒 TCP 444 WSS Video Streaming Client Application & Media Server
TCP 8000 HTTP/HTTPS* Downloads/Wowza webserver Client Application & Media Server
For Administration
🔧 TCP 22 SSH SSH Client Application & Media Server
🔧 TCP 8088 HTTP Wowza admin Client Application & Media Server


⇧ Back to Top


Media Server(s) to Video Device(s)

This table shows the ports that must be opened for the video devices to communicate with VALT. Video devices refers to hardware such as:


Port Protocol Service Source Destination
TCP 80 HTTP Web Application/API Media Server Camera
TCP 554 RTSP Video Stream Media Server Camera


⇧ Back to Top


Other Configurations

BEAM (Mobile Application)

Only required for those who have purchased BEAM licenses.

BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:

Key
🔓 SSL is Disabled
🔒 SSL is Enabled
  • Live streaming to VALT
  • Recording sessions
  • Uploading sessions

Port Protocol Service Source Destination
🔓 TCP 80 HTTP BEAM API/HTTP Upload BEAM Device Media Server
🔓 TCP 1935 RTMP Video Streaming BEAM Device Media Server
🔒 TCP 443 HTTPS BEAM API/HTTPS Upload BEAM Device Media Server
🔒 TCP 444 RTMP Video Streaming BEAM Device Media Server


⇧ Back to Top


Online Updates

Valid DNS servers are required to download updates.
This table outlines the required ports and repositories that must be accessible for VALT servers to download and install the latest packages and updates.

Port Protocol Package Source Destination
TCP 80 HTTP Ubuntu Application & Media Server http://us.archive.ubuntu.com
TCP 80 HTTP Ubuntu Application & Media Server http://security.ubuntu.com
TCP 443 HTTPS IVS Application & Media Server https://apt.ipivs.com
TCP 443 HTTPS Ubuntu Changelogs Application & Media Server https://changelogs.ubuntu.com
TCP 443 HTTPS Docker Application & Media Server https://download.docker.com
TCP 443 HTTPS Docker Application & Media Server https://docker.ipivs.com


⇧ Back to Top


Multiple Server Configurations

Application Server and Media Servers.png

Only required for installations where additional servers, acting as Media Servers, are present.
Key
Always Required
🔓 SSL is Disabled
🔒 SSL is Enabled

Application Server to Media Server(s)
Port Protocol Service Source Destination
TCP 22 SSH OS Application Server Media Server
🔒 TCP 444 HTTPS Wowza Streaming Engine Application Server Media Server
🔓 TCP 1935 HTTP Wowza Streaming Engine Application Server Media Server
TCP 8000 HTTP/HTTPS Wowza Streaming Engine Application Server Media Server
TCP 8086 HTTP/HTTPS Wowza Streaming Engine Application Server Media Server
TCP 8087 HTTP Wowza Streaming Engine Application Server Media Server
Media Server(s) to Application Server
Port Protocol Service Source Destination
TCP 22 SSH OS Media Server Application Server
🔓 TCP 80 HTTP Wowza Streaming API Media Server Application Server
🔒 TCP 443 HTTPS Wowza Streaming API Media Server Application Server
TCP 8086 HTTP/HTTPS Wowza Streaming Engine Media Server Application Server
TCP 8087 HTTP Wowza Streaming Engine Media Server Application Server


⇧ Back to Top


Digital Wowza License

This communication is required to verify valid Wowza Streaming licenses.

Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.
Media Servers to Wowza Licensing Servers
Port Protocol Source Destination
TCP 80 HTTP Media Server wowzalicense-all.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense1.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense2.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense3.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense4.wowzamedia.com


⇧ Back to Top


VALT Cloud

VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server.

The cloud server is the Application Server. This hosts the website where users will access the application.

The on-premise server is a Media Server. This hosts the camera streams and recordings.


The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports:

On-Premise Media Server to Cloud Application Server
Port Source Destination
UDP 500 On-Premise Media Server Cloud Application Server
UDP 4500 On-Premise Media Server Cloud Application Server
GRE On-Premise Media Server Cloud Application Server


⇧ Back to Top


VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate:

Let's Encrypt
Port Protocol Source Destination
TCP 443 HTTPS On Premise Media Server https://acme-v02.api.letsencrypt.org
TCP 443 HTTPS On Premise Media Server https://route53.amazonaws.com


⇧ Back to Top