Difference between revisions of "Network Requirements"

From IVS Wiki
Jump to: navigation, search
(Server to Repository(For OS Updates))
Line 1: Line 1:
__NOTOC__
+
__TOC__
<div class="floating_card">
+
<div class="grid-container grid-2" style="  display: flex;flex-wrap: wrap;">
Additional information can be found [[VALT Technical Specifications | here]]
+
<div class="grid-item">
 +
==Architecture and Terms==
 +
<div class="floating_card">Our software is built on the standard LAMP <em>(Linux, Apache, MYSQL, and PHP)</em> architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:</div>
 +
 
 +
<div class="section">
 +
'''Application Server:'''  This makes up the bulk of the application and consists of 3 primary components:
 +
*PHP web pages being served up by the Apache web server
 +
*MySQL Database
 +
*NodeJS messaging and control service
 +
 
 +
'''Media Server:''' This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs.  It also handles all the recording and clip creation.
 +
</div>
 +
 
 +
<div class="section">
 +
From a physical or virtual server perspective, the <b>entire server side software stack can be run on a single server</b>. For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added. These servers only run the Media Server portion of the VALT application.
 +
</div>
 +
</div>
 +
 
 +
<div class="grid-item">
 +
==Visual Overview==
 +
{{img | file = VALT Server Structure.png | width =}}
 +
</div>
 +
</div>
 +
 
 +
==Basic Configuration==
 +
<table class="network_ports_table">
 +
  <caption>Client to Application & Media Server(s)</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Service</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5">
 +
      <td>&#128275; TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Web Application</td>
 +
      <td>Client</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#EFDBD5">
 +
      <td>&#128275; TCP 1935</td>
 +
      <td>WS</td>
 +
      <td>Video Streaming</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB">
 +
      <td>&#128274; TCP 443</td>
 +
      <td>HTTPS</td>
 +
      <td>Web Application</td>
 +
      <td>Client</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Enabled" style="background-color:#D5EFDB">
 +
      <td>&#128274; TCP 444</td>
 +
      <td>WSS</td>
 +
      <td>Video Streaming</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 8000</td>
 +
      <td title="Changes with SSL status (Enabled/Disabled).">HTTP/HTTPS*</td>
 +
      <td>Downloads/Wowza webserver</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 20100</td>
 +
      <td>HTTP</td>
 +
      <td>Node.js</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <th colspan=6>For Administration Only</th>
 +
    </tr>
 +
    <tr class="help" title="Required only for Administration" style="background-color:#e5ecff">
 +
      <td>&#128295; TCP 22</td>
 +
      <td>SSH</td>
 +
      <td>SSH</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only for Administration" style="background-color:#d5dcef">
 +
      <td>&#128295; TCP 8088</td>
 +
      <td>HTTP</td>
 +
      <td>Wowza admin</td>
 +
      <td>Client</td>
 +
      <td>Application & Media Server</td>
 +
    </tr>
 +
</table>
 +
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
 +
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
 +
<span style="padding:2px 10px;background-color:#e5ecff;border:1px solid black">&#128295; Required only for Administration</span>
 +
 
 +
 
 +
<table class="network_ports_table">
 +
  <caption>Media Server(s) to Camera(s)</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Service</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Web Application/API</td>
 +
      <td>Media Server</td>
 +
      <td>Camera</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 554</td>
 +
      <td>RTSP</td>
 +
      <td>Video Stream</td>
 +
      <td>Media Server</td>
 +
      <td>Camera</td>
 +
    </tr>
 +
</table>
 +
 
 +
==BEAM (Mobile Application)==
 +
<div class="floating_card">Only required for those who have purchased [[BEAM]] licenses.</div>
 +
 
 +
<div class="section">BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:
 +
*Live streaming to VALT
 +
*Recording sessions
 +
*Uploading sessions
 +
</div>
 +
 
 +
<table class="network_ports_table">
 +
  <caption>BEAM Device(s) to Media Server</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Service</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5">
 +
      <td>&#128275; TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>BEAM API/HTTP Upload</td>
 +
      <td>BEAM Device</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB">
 +
      <td>&#128274; TCP 443</td>
 +
      <td>HTTPS</td>
 +
      <td>BEAM API/HTTPS Upload</td>
 +
      <td>BEAM Device</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 444</td>
 +
      <td>RTMP</td>
 +
      <td>Video Streaming</td>
 +
      <td>BEAM Device</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 1935</td>
 +
      <td>RTMP</td>
 +
      <td>Video Streaming</td>
 +
      <td>BEAM Device</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
</table>
 +
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
 +
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
 +
 
 +
==Online OS Updates==
 +
<div class="floating_card">Valid DNS servers are required to download updates</div>
 +
 
 +
<table class="network_ports_table">
 +
  <caption>Application & Media Server(s) to Repositories</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Application & Media Server</td>
 +
      <td>http://us.archive.ubuntu.com</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Application & Media Server</td>
 +
      <td>http://security.ubuntu.com</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Application & Media Server</td>
 +
      <td>http://ppa.launchpad.net</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Application & Media Server</td>
 +
      <td> https://download.docker.com</td>
 +
    </tr>
 +
</table>
 +
 
 +
<div class="grid-container grid-2" style="  display: flex;flex-wrap: wrap;">
 +
<div class="grid-item">
 +
 
 +
==Application Server to Additional Media Server(s)==
 +
<div class="floating_card">Only required for installations where additional servers, acting as Media Servers, are present.</div>
 +
 
 +
<table class="network_ports_table">
 +
  <caption>Application Server to Media Server(s)</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Service</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 8086</td>
 +
      <td>HTTP/HTTPS</td>
 +
      <td>Wowza Streaming Engine</td>
 +
      <td>Application Server</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 8087</td>
 +
      <td>HTTP</td>
 +
      <td>Wowza Streaming Engine</td>
 +
      <td>Application Server</td>
 +
      <td>Media Server</td>
 +
    </tr>
 +
</table>
 +
 
 +
<table class="network_ports_table">
 +
  <caption>Media Server(s) to Application Server</caption>
 +
    <tr>
 +
      <th>Port</th>
 +
      <th>Protocol</th>
 +
      <th>Service</th>
 +
      <th>Source</th>
 +
      <th>Destination</th>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Disabled" style="background-color:#FFEBE5">
 +
      <td>&#128275; TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Wowza Streaming API</td>
 +
      <td>Media Server</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
    <tr class="help" title="Required only when SSL is Enabled" style="background-color:#E5FFEB">
 +
      <td>&#128274; TCP 443</td>
 +
      <td>HTTPS</td>
 +
      <td>Wowza Streaming API</td>
 +
      <td>Media Server</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 8086</td>
 +
      <td>HTTP/HTTPS</td>
 +
      <td>Wowza Streaming Engine</td>
 +
      <td>Media Server</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 8087</td>
 +
      <td>HTTP</td>
 +
      <td>Wowza Streaming Engine</td>
 +
      <td>Media Server</td>
 +
      <td>Application Server</td>
 +
    </tr>
 +
</table>
 +
<span style="padding:2px 10px;background-color:#FFEBE5;border:1px solid black">&#128275; Required when SSL is Disabled</span>
 +
<span style="padding:2px 10px;background-color:#E5FFEB;border:1px solid black">&#128274; Required when SSL is Enabled</span>
 +
</div>
 +
 
 +
<div class="grid-item">
 +
<br><br>
 +
{{img | file = Application Server and Media Servers.png | width =}}
 +
</div>
 
</div>
 
</div>
===Primary Server and Media Server(s) to Camera(s)===
 
    TCP 80 - HTTP
 
    TCP 554 - RTSP video
 
===Primary Server to Media Server(s)===
 
    TCP 8086 – Wowza
 
    TCP 8087 – Wowza 
 
===Media Server(s) to Primary Server===
 
    TCP 8086 – Wowza
 
    TCP 8087 – Wowza
 
    TCP 80 - HTTP
 
    TCP 443 - HTTPS
 
  
===Client to Server (Non SSL)===
+
==Digital Wowza License==
    <b>Required for Application:</b>
+
<div class="floating_card">Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.
    TCP 80 – HTTP
+
 
    TCP 20100 – HTTP nodejs
+
 
    TCP 1935 – WS video
+
<em>This communication is required to verify valid Wowza Streaming licenses.</em>
    TCP 8000 - Downloads/Wowza webserver
+
</div>
    <b>Required for Administration:</b>
 
    TCP 22 – SSH admin
 
    TCP 8088 – Wowza admin
 
===Client to Server and Media Server(s) (SSL + WSS)===
 
    <b>Required for Application:</b>
 
    TCP 443 – HTTPS
 
    TCP 20100 – HTTPS nodejs
 
    TCP 444 – WSS video
 
    TCP 80 - HTTP redirected to HTTPS (443)
 
    TCP 1935 (Only needed if BEAM is utilized)
 
    TCP 8000 - Downloads/Wowza webserver
 
    <b>Required for Administration:</b>
 
    TCP 22 - SSH admin
 
    TCP 8088 – Wowza admin
 
===Server to Repository(For OS Updates)===
 
    TCP 80
 
    http://us.archive.ubuntu.com
 
    http://security.ubuntu.com
 
    http://ppa.launchpad.net
 
    https://download.docker.com
 
   
 
    Note: Valid DNS servers are required to download updates
 
  
===Wowza Media Licensing Servers(Used for Electronic Wowza Keys on VMs)*===
+
<table class="network_ports_table">
    TCP 80
+
  <caption>Media Servers to Wowza Licensing Servers</caption>
    wowzalicense1.wowzamedia.com
+
    <tr>
    wowzalicense2.wowzamedia.com
+
      <th>Port</th>
    wowzalicense3.wowzamedia.com
+
      <th>Protocol</th>
    wowzalicense4.wowzamedia.com
+
      <th>Source</th>
   
+
      <th>Destination</th>
    Note: Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.
+
    </tr>
    [https://www.wowza.com/docs/how-to-configure-wowza-media-server-to-use-proxy-server-to-communicate-with-license-server A proxy server can be used to validate the Wowza license.]
+
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Media Server</td>
 +
      <td>wowzalicense1.wowzamedia.com</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Media Server</td>
 +
      <td>wowzalicense2.wowzamedia.com</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Media Server</td>
 +
      <td>wowzalicense3.wowzamedia.com</td>
 +
    </tr>
 +
    <tr>
 +
      <td>TCP 80</td>
 +
      <td>HTTP</td>
 +
      <td>Media Server</td>
 +
      <td>wowzalicense4.wowzamedia.com</td>
 +
    </tr>
 +
</table>

Revision as of 15:36, 1 May 2023

Architecture and Terms

Our software is built on the standard LAMP (Linux, Apache, MYSQL, and PHP) architecture. The software has been designed to work on the latest LTS version of Ubuntu Linux. For networking purposes, there are 2 main components to the software application:

Application Server: This makes up the bulk of the application and consists of 3 primary components:

  • PHP web pages being served up by the Apache web server
  • MySQL Database
  • NodeJS messaging and control service

Media Server: This portion of the application handles all the communication with the cameras and video streams being served out to the client PCs. It also handles all the recording and clip creation.

From a physical or virtual server perspective, the entire server side software stack can be run on a single server. For applications requiring more than 50 cameras or consisting of different departments the software can be broken out and additional Media Servers can be added. These servers only run the Media Server portion of the VALT application.

Visual Overview

VALT Server Structure.png

Basic Configuration

Client to Application & Media Server(s)
Port Protocol Service Source Destination
🔓 TCP 80 HTTP Web Application Client Application Server
🔓 TCP 1935 WS Video Streaming Client Application & Media Server
🔒 TCP 443 HTTPS Web Application Client Application Server
🔒 TCP 444 WSS Video Streaming Client Application & Media Server
TCP 8000 HTTP/HTTPS* Downloads/Wowza webserver Client Application & Media Server
TCP 20100 HTTP Node.js Client Application & Media Server
For Administration Only
🔧 TCP 22 SSH SSH Client Application & Media Server
🔧 TCP 8088 HTTP Wowza admin Client Application & Media Server

🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled 🔧 Required only for Administration


Media Server(s) to Camera(s)
Port Protocol Service Source Destination
TCP 80 HTTP Web Application/API Media Server Camera
TCP 554 RTSP Video Stream Media Server Camera

BEAM (Mobile Application)

Only required for those who have purchased BEAM licenses.
BEAM is an application that allows users to leverage devices, such as iPads and iPhones, as a mobile video endpoint. This includes the following features:
  • Live streaming to VALT
  • Recording sessions
  • Uploading sessions
BEAM Device(s) to Media Server
Port Protocol Service Source Destination
🔓 TCP 80 HTTP BEAM API/HTTP Upload BEAM Device Media Server
🔒 TCP 443 HTTPS BEAM API/HTTPS Upload BEAM Device Media Server
TCP 444 RTMP Video Streaming BEAM Device Media Server
TCP 1935 RTMP Video Streaming BEAM Device Media Server

🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled

Online OS Updates

Valid DNS servers are required to download updates
Application & Media Server(s) to Repositories
Port Protocol Source Destination
TCP 80 HTTP Application & Media Server http://us.archive.ubuntu.com
TCP 80 HTTP Application & Media Server http://security.ubuntu.com
TCP 80 HTTP Application & Media Server http://ppa.launchpad.net
TCP 80 HTTP Application & Media Server https://download.docker.com

Application Server to Additional Media Server(s)

Only required for installations where additional servers, acting as Media Servers, are present.
Application Server to Media Server(s)
Port Protocol Service Source Destination
TCP 8086 HTTP/HTTPS Wowza Streaming Engine Application Server Media Server
TCP 8087 HTTP Wowza Streaming Engine Application Server Media Server
Media Server(s) to Application Server
Port Protocol Service Source Destination
🔓 TCP 80 HTTP Wowza Streaming API Media Server Application Server
🔒 TCP 443 HTTPS Wowza Streaming API Media Server Application Server
TCP 8086 HTTP/HTTPS Wowza Streaming Engine Media Server Application Server
TCP 8087 HTTP Wowza Streaming Engine Media Server Application Server

🔓 Required when SSL is Disabled 🔒 Required when SSL is Enabled



Application Server and Media Servers.png

Digital Wowza License

Only required for servers utilizing an electronic Wowza key. Servers with a physical Wowza key do not need access to the licensing servers.


This communication is required to verify valid Wowza Streaming licenses.

Media Servers to Wowza Licensing Servers
Port Protocol Source Destination
TCP 80 HTTP Media Server wowzalicense1.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense2.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense3.wowzamedia.com
TCP 80 HTTP Media Server wowzalicense4.wowzamedia.com
Retrieved from "https://ipivs.info/wiki/index.php?title=Network_Requirements&oldid=11445"