Network Whitelisting
Since our tools are used for managing your networks there is a need to allow specific traffic depending on what features of Syntropy Stack you are using.
Communication with our services
Platform agents need to have access to our controller at:
[<https://controller-prod-platform-agents.syntropystack.com:443
>](https://controller-prod-platform-agents.syntropystack.com:443```)
Considering we use Cloudflare services you will need to whitelist Cloudflare IP range to access the controller:
<https://www.cloudflare.com/ips/
>
Platform agent needs to know public IP so it has to be able to communicate with at least some of STUN servers listed here:
https://github.com/SyntropyNet/syntropy-agent/blob/main/pkg/pubip/stunip/servers.go#L3
when all STUN servers fail agent fallbacks to
[<https://ip.syntropystack.com:443
>](https://ip.syntropystack.com:443```)
Communication between your nodes
We are using WireGuard protocol for connecting your infrastructure
You have two options:
- If you are using default agent settings you will need to enable UDP traffic on a port range from
1024
to65535
- If you specify your own using
SYNTROPY_PORT_RANGE
environment variable you will need to enable UDP traffic for a specified range
Communication with our SDN network
In order to get optimizations for your network - the platform agent will ping our SDN network using ICMP Ping
Platform agents need to be able to ping the following list of dynamic servers:
<https://api.syntropystack.com/v1/network/sdn-agents/ips
>
Updated 10 months ago