Network Whitelisting

Since our tools are used for managing your networks there is a need to allow specific traffic depending on what features of Syntropy Stack you are using.

Communication with our services

Platform agents need to have access to our controller at:
[<https://controller-prod-platform-agents.syntropystack.com:443>](https://controller-prod-platform-agents.syntropystack.com:443```)

Considering we use Cloudflare services you will need to whitelist Cloudflare IP range to access the controller:
<https://www.cloudflare.com/ips/>

Platform agent needs to know public IP so it has to be able to communicate with at least some of STUN servers listed here:

https://github.com/SyntropyNet/syntropy-agent/blob/main/pkg/pubip/stunip/servers.go#L3

when all STUN servers fail agent fallbacks to
[<https://ip.syntropystack.com:443>](https://ip.syntropystack.com:443```)

Communication between your nodes

We are using WireGuard protocol for connecting your infrastructure

You have two options:

  • If you are using default agent settings you will need to enable UDP traffic on a port range from 1024 to 65535
  • If you specify your own using SYNTROPY_PORT_RANGE environment variable you will need to enable UDP traffic for a specified range

Communication with our SDN network

In order to get optimizations for your network - the platform agent will ping our SDN network using ICMP Ping
Platform agents need to be able to ping the following list of dynamic servers:
<https://api.syntropystack.com/v1/network/sdn-agents/ips>