Difference between revisions of "Network Requirements"
IVSWikiBlue (talk | contribs) |
IVSWikiBlue (talk | contribs) |
||
Line 1: | Line 1: | ||
− | + | {{Article - Manual | content = | |
− | < | + | <h1>Introduction</h1> |
− | < | + | {{Manual lvl 2 | title = Architecture and Terms | content = |
− | + | Our software is built on the standard LEMP <em>(Linux, Nginx, MYSQL, and PHP)</em> architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application: | |
− | + | {{hr}} | |
+ | <dl> | ||
+ | <dt>Application Server:</dt> | ||
+ | <dd> | ||
+ | This makes up the bulk of the application and consists of 3 primary components: | ||
+ | <ol> | ||
+ | <li><strong>PHP</strong> web pages being served up by the Nginx web server</li> | ||
+ | <li><strong>MySQL</strong> Database</li> | ||
+ | <li><strong>NodeJS</strong> messaging and control service</li> | ||
+ | </ol></dd> | ||
− | + | {{hr - 2}} | |
− | |||
− | |||
− | |||
− | |||
− | + | <dt>Media Server:</dt> | |
− | </ | + | <dd>This portion of the application handles <u>all the communication with the cameras and video streams</u> being served out to the client PCs. It also handles all the recording and clip creation.</dd> |
+ | </dl> | ||
− | + | {{Aside - Helpful | content = From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>.}} | |
− | From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>. | ||
− | |||
− | |||
− | + | {{hr - 2}} | |
− | + | For applications requiring <b>more than 50 cameras</b> or consisting of different departments the software can be broken out and additional Media Servers can be added. | |
− | {{img - | + | |
− | </ | + | <center>{{img - no_click | file = VALT Server Structure.png}}</center> |
− | </ | + | }} |
+ | |||
+ | |||
+ | {{Top of Page}} | ||
+ | {{hr}} | ||
+ | |||
+ | <h1>Basic Configuration</h1> | ||
+ | <table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right"> | ||
+ | <tr> | ||
+ | <th style="background-color:#282829; font-weight: bold; color: white">Key</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>Always Required</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#FFEBE5">🔓 SSL is Disabled</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#E5FFEB">🔒 SSL is Enabled</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#e5ecff">🔧 For Administration</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | |||
+ | {{Manual lvl 2 | title = Client to Application & Media Server(s) | content = | ||
+ | This table shows the ports that must be opened for client machines to speak to the VALT <b>Application</b> and <b>Media</b> servers. Use the key to understand when certain ports apply. | ||
+ | |||
+ | {{hr - 2}} | ||
− | |||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
− | |||
<tr> | <tr> | ||
<th>Port</th> | <th>Port</th> | ||
Line 91: | Line 119: | ||
</table> | </table> | ||
}} | }} | ||
− | |||
− | |||
− | |||
− | {{ | + | |
+ | {{Top of Page}} | ||
+ | {{hr}} | ||
+ | |||
+ | {{Manual lvl 2 | title = Media Server(s) to Video Device(s) | content = | ||
+ | This table shows the ports that must be opened for the [[VALT_Devices|video devices]] to communicate with VALT. Video devices refers to hardware such as: | ||
+ | *[[VALT_Devices#PTZ_Cameras|Cameras]] | ||
+ | *[[VALT_Devices#Encoders|Encoders]] | ||
+ | |||
+ | {{hr - 2}} | ||
+ | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
− | |||
<tr> | <tr> | ||
<th>Port</th> | <th>Port</th> | ||
Line 122: | Line 156: | ||
}} | }} | ||
− | |||
− | |||
− | < | + | {{Top of Page}} |
− | *Live streaming to VALT | + | {{hr}} |
− | *Recording sessions | + | |
− | *Uploading | + | <h1>Other Configurations</h1> |
− | </ | + | {{Manual lvl 2 | title = BEAM (Mobile Application) | content = |
+ | {{Aside | content = Only required for those who have purchased [[BEAM Main Page|BEAM]] licenses.}} | ||
+ | |||
+ | BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features: | ||
+ | <table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right"> | ||
+ | <tr> | ||
+ | <th style="background-color:#282829; font-weight: bold; color: white">Key</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#FFEBE5">🔓 SSL is Disabled</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#E5FFEB">🔒 SSL is Enabled</td> | ||
+ | </tr> | ||
+ | </table> | ||
+ | *<strong>Live streaming</strong> to VALT | ||
+ | *<strong>Recording</strong> sessions | ||
+ | *<strong>Uploading</strong> sessions | ||
+ | |||
+ | {{hr - 2}} | ||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
− | |||
<tr> | <tr> | ||
<th>Port</th> | <th>Port</th> | ||
Line 145: | Line 194: | ||
<td>HTTP</td> | <td>HTTP</td> | ||
<td>BEAM API/HTTP Upload</td> | <td>BEAM API/HTTP Upload</td> | ||
+ | <td>BEAM Device</td> | ||
+ | <td>Media Server</td> | ||
+ | </tr> | ||
+ | <tr class="help" title="Required only when SSL is Disabled" style="background-color:#EFDBD5"> | ||
+ | <td>🔓 TCP 1935</td> | ||
+ | <td>RTMP</td> | ||
+ | <td>Video Streaming</td> | ||
<td>BEAM Device</td> | <td>BEAM Device</td> | ||
<td>Media Server</td> | <td>Media Server</td> | ||
Line 155: | Line 211: | ||
<td>Media Server</td> | <td>Media Server</td> | ||
</tr> | </tr> | ||
− | + | <tr class="help" title="Required only when SSL is Enabled" style="background-color:#D5EFDB"> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | <tr class="help" title="Required only when SSL is Enabled" style="background-color:# | ||
<td>🔒 TCP 444</td> | <td>🔒 TCP 444</td> | ||
<td>RTMP</td> | <td>RTMP</td> | ||
Line 171: | Line 220: | ||
</table> | </table> | ||
}} | }} | ||
− | |||
− | |||
− | |||
− | |||
− | {{ | + | {{Top of Page}} |
+ | {{hr}} | ||
+ | |||
+ | {{Manual lvl 2 | title = Online Updates | content = | ||
+ | <div style="float:right;margin-left: 20px; width: 305px;">{{Aside | content = Valid DNS servers are required to download updates.}}</div> | ||
+ | <div>This table outlines the required ports and repositories that must be accessible for VALT servers to download and install the <b>latest packages and updates</b>.</div> | ||
+ | |||
+ | {{hr - 2}} | ||
+ | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
− | |||
<tr> | <tr> | ||
<th>Port</th> | <th>Port</th> | ||
Line 232: | Line 284: | ||
}} | }} | ||
− | |||
− | |||
− | {{img - no click | file = Application Server and Media Servers.png | width =}} | + | {{Top of Page}} |
+ | {{hr}} | ||
+ | |||
+ | {{Manual lvl 2 | title = Multiple Server Configurations | content = }} | ||
+ | {{Grid 2 | left = {{img - no click | file = Application Server and Media Servers.png | width = 230px}} | ||
+ | | right_width = 434px | right = | ||
+ | <div style="width:435px">{{Aside | content = Only required for installations where additional servers, acting as Media Servers, are present.}}</div> | ||
+ | <table style="border-collapse: collapse;border: 1px solid black; margin-bottom: 20px; text-align: center; width: 200px; float: right"> | ||
+ | <tr> | ||
+ | <th style="background-color:#282829; font-weight: bold; color: white">Key</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>Always Required</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#FFEBE5">🔓 SSL is Disabled</td> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td style="background-color:#E5FFEB">🔒 SSL is Enabled</td> | ||
+ | </tr> | ||
+ | </table> }} | ||
+ | |||
+ | {{hr - 2}} | ||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
− | + | <caption>Application Server to Media Server(s)</caption> | |
<tr> | <tr> | ||
<th>Port</th> | <th>Port</th> | ||
Line 290: | Line 361: | ||
</tr> | </tr> | ||
</table> | </table> | ||
− | |||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
<caption>Media Server(s) to Application Server</caption> | <caption>Media Server(s) to Application Server</caption> | ||
Line 338: | Line 407: | ||
</tr> | </tr> | ||
</table> | </table> | ||
− | |||
− | + | ||
− | + | {{Top of Page}} | |
− | + | {{hr}} | |
==Digital Wowza License== | ==Digital Wowza License== | ||
− | + | This communication is required to verify valid Wowza Streaming licenses. | |
+ | {{Aside | content = Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.}} | ||
− | |||
− | |||
− | |||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
<caption>Media Servers to Wowza Licensing Servers</caption> | <caption>Media Servers to Wowza Licensing Servers</caption> | ||
Line 391: | Line 456: | ||
</tr> | </tr> | ||
</table> | </table> | ||
− | }} | + | |
+ | |||
+ | {{Top of Page}} | ||
+ | {{hr}} | ||
==VALT Cloud== | ==VALT Cloud== | ||
− | |||
VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server. | VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server. | ||
Line 403: | Line 470: | ||
The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports: | The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports: | ||
− | |||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
<caption>On-Premise Media Server to Cloud Application Server</caption> | <caption>On-Premise Media Server to Cloud Application Server</caption> | ||
Line 429: | Line 494: | ||
</tr> | </tr> | ||
</table> | </table> | ||
− | |||
− | + | ||
+ | {{Top of Page}} | ||
+ | {{hr}} | ||
+ | |||
VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate: | VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate: | ||
− | + | ||
− | |||
<table class="network_ports_table"> | <table class="network_ports_table"> | ||
<caption>Let's Encrypt</caption> | <caption>Let's Encrypt</caption> | ||
Line 456: | Line 522: | ||
</tr> | </tr> | ||
</table> | </table> | ||
+ | |||
+ | |||
+ | {{Top of Page}} | ||
}} | }} | ||
− | |||
[[Category:VALT]] | [[Category:VALT]] |
Latest revision as of 15:34, 15 July 2025
Contents
Introduction
Architecture and Terms
Our software is built on the standard LEMP (Linux, Nginx, MYSQL, and PHP) architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:
- Application Server:
-
This makes up the bulk of the application and consists of 3 primary components:
- PHP web pages being served up by the Nginx web server
- MySQL Database
- NodeJS messaging and control service
- Media Server:
- This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs. It also handles all the recording and clip creation.
For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added.

Basic Configuration
Key |
---|
Always Required |
🔓 SSL is Disabled |
🔒 SSL is Enabled |
🔧 For Administration |
Client to Application & Media Server(s)
This table shows the ports that must be opened for client machines to speak to the VALT Application and Media servers. Use the key to understand when certain ports apply.
Port | Protocol | Service | Source | Destination | |
---|---|---|---|---|---|
🔓 TCP 80 | HTTP | Web Application | Client | Application Server | |
🔓 TCP 1935 | WS | Video Streaming | Client | Application & Media Server | |
🔒 TCP 443 | HTTPS | Web Application | Client | Application Server | |
🔒 TCP 444 | WSS | Video Streaming | Client | Application & Media Server | |
TCP 8000 | HTTP/HTTPS* | Downloads/Wowza webserver | Client | Application & Media Server | |
For Administration | |||||
🔧 TCP 22 | SSH | SSH | Client | Application & Media Server | |
🔧 TCP 8088 | HTTP | Wowza admin | Client | Application & Media Server |
Media Server(s) to Video Device(s)
This table shows the ports that must be opened for the video devices to communicate with VALT. Video devices refers to hardware such as:
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 80 | HTTP | Web Application/API | Media Server | Camera |
TCP 554 | RTSP | Video Stream | Media Server | Camera |
Other Configurations
BEAM (Mobile Application)
BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:
Key |
---|
🔓 SSL is Disabled |
🔒 SSL is Enabled |
- Live streaming to VALT
- Recording sessions
- Uploading sessions
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
🔓 TCP 80 | HTTP | BEAM API/HTTP Upload | BEAM Device | Media Server |
🔓 TCP 1935 | RTMP | Video Streaming | BEAM Device | Media Server |
🔒 TCP 443 | HTTPS | BEAM API/HTTPS Upload | BEAM Device | Media Server |
🔒 TCP 444 | RTMP | Video Streaming | BEAM Device | Media Server |
Online Updates
Port | Protocol | Package | Source | Destination |
---|---|---|---|---|
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://us.archive.ubuntu.com |
TCP 80 | HTTP | Ubuntu | Application & Media Server | http://security.ubuntu.com |
TCP 443 | HTTPS | IVS | Application & Media Server | https://apt.ipivs.com |
TCP 443 | HTTPS | Ubuntu Changelogs | Application & Media Server | https://changelogs.ubuntu.com |
TCP 443 | HTTPS | Docker | Application & Media Server | https://download.docker.com |
TCP 443 | HTTPS | Docker | Application & Media Server | https://docker.ipivs.com |
Multiple Server Configurations
Key |
---|
Always Required |
🔓 SSL is Disabled |
🔒 SSL is Enabled |
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 22 | SSH | OS | Application Server | Media Server |
🔒 TCP 444 | HTTPS | Wowza Streaming Engine | Application Server | Media Server |
🔓 TCP 1935 | HTTP | Wowza Streaming Engine | Application Server | Media Server |
TCP 8000 | HTTP/HTTPS | Wowza Streaming Engine | Application Server | Media Server |
TCP 8086 | HTTP/HTTPS | Wowza Streaming Engine | Application Server | Media Server |
TCP 8087 | HTTP | Wowza Streaming Engine | Application Server | Media Server |
Port | Protocol | Service | Source | Destination |
---|---|---|---|---|
TCP 22 | SSH | OS | Media Server | Application Server |
🔓 TCP 80 | HTTP | Wowza Streaming API | Media Server | Application Server |
🔒 TCP 443 | HTTPS | Wowza Streaming API | Media Server | Application Server |
TCP 8086 | HTTP/HTTPS | Wowza Streaming Engine | Media Server | Application Server |
TCP 8087 | HTTP | Wowza Streaming Engine | Media Server | Application Server |
Digital Wowza License
This communication is required to verify valid Wowza Streaming licenses.
Port | Protocol | Source | Destination |
---|---|---|---|
TCP 80 | HTTP | Media Server | wowzalicense-all.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense1.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense2.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense3.wowzamedia.com |
TCP 80 | HTTP | Media Server | wowzalicense4.wowzamedia.com |
VALT Cloud
VALT Cloud is a hybrid solution that requires an on-premise server and a cloud server.
The cloud server is the Application Server. This hosts the website where users will access the application.
The on-premise server is a Media Server. This hosts the camera streams and recordings.
The on premise media server will establish a connection to the VALT AWS Private Cloud. All traffic will flow through this connection. This connection requires the following ports:
Port | Source | Destination |
---|---|---|
UDP 500 | On-Premise Media Server | Cloud Application Server |
UDP 4500 | On-Premise Media Server | Cloud Application Server |
GRE | On-Premise Media Server | Cloud Application Server |
VALT Cloud utilizes Let's Encrypt to provide SSL certificates. The On-Premise Media Server must be able to communicate with the following websites to request the certificate:
Port | Protocol | Source | Destination |
---|---|---|---|
TCP 443 | HTTPS | On Premise Media Server | https://acme-v02.api.letsencrypt.org |
TCP 443 | HTTPS | On Premise Media Server | https://route53.amazonaws.com |