Requirements
This section gives an overview of the requirements to use SDA's connectivity v2 service.
Required firewall settings
The following firewall settings need to be implemented for the gateway device. Please contact SDA to get your <tenant_id>.
| Type | UDP/TCP | Port | Domain |
|---|---|---|---|
Outbound | TCP | 443 | api.softwaredefinedautomation.io |
Outbound | TCP | 443 | sdagateway.softwaredefinedautomation.io |
Outbound | TCP | 443 | iot.softwaredefinedautomation.io |
Outbound | TCP (Websocket) | 443 | <tenant_id>.softwaredefinedautomation.io (Only if communication mode TCP is selected/wanted for a gateway) |
Outbound | UDP | 20000-60000 | <tenant_id>.softwaredefinedautomation.io (Only if communication mode UDP is selected/wanted for a gateway) |
Outbound | TCP | 443, 80 | Domains listed under
|
The connectivity service will soon work via TCP ports only
In case you firewall has issues with using/resolving the FQDNs (fully qualified domain names), there is an alternative firewall based on AWS IP Ranges mentioned below
During installation, access to domains for installing or updating OS packages is needed. In Debian-based linux, the corresponding domains can be found via executing
cat /etc/apt/sources.list
in the command line. For Debian those domains will typically be
deb.debian.org
security.debian.org
For Ubuntu it is
ports.ubuntu.com
Access to those domains is needed for TCP port 443 and 80.
Alternative Firewall configuration
In case you firewall has issues with using/resolving the FQDNs (fully qualified domain names), you can use the IP Ranges published by AWS (see https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html)
The SDA Connectivity Service needs access to the following AWS services:
Cloudfront (Region GLOBAL) (TCP on port 443)
EC2 (Region EU-WEST-1) (TCP on port 443 and UDP on port 20000-60000)
These IP ranges cover the domains api.softwaredefinedautomation.io, iot.softwaredefinedautomation.io and sdagateway.softwaredefinedautomation.io mentioned above. Note that some firewall vendors (e.g., Palo Alto Networks) offer these AWS IP Ranges as preconfigured aliases in the firewall configuration.
In addition, for initial installation you will need access to the OS-specific domains listed /etc/apt/sources.list (see note above).
Required hardware/software
The following requirements need to be fulfilled by the device or VM on which the local connectivity client is installed:
x86_64 or ARM64 architecture CPU
Minimum of 1 GHz Dual-Core CPU and 512 MB of RAM
Debian-based Operating System
We currently maintain Ubuntu Focal and Debian Bullseye, both x86_64 and ARM64
More Debian versions are available upon request (other Linux distributions coming soon)
Linux Kernel Version 5.6 or newer
Python 3.8 or newer
If you have a device w/ different requirements, please get in touch with us
Last updated