Difference between revisions of "Network Setup"

From Engineered Arts Wiki
Jump to navigation Jump to search
m (Overview)
 
(19 intermediate revisions by 2 users not shown)
Line 6: Line 6:
 
[[Category:SociBot Troubleshooting]]
 
[[Category:SociBot Troubleshooting]]
 
=Overview=
 
=Overview=
''This page describes the network setup for EA (Engineered Arts) Robots''
+
* ''This page describes the network setup for EA (Engineered Arts) Robots running [[Tritium 2]]''
 +
* For robots running '''Tritium 3''', please see the [https://tritiumrobot.cloud/docs/network/ Tritium 3 documentation here] (if you do not have a login, please email us)
 +
* Normally no setup is required beyond connecting your robot to a wired network connection with internet access.
 +
* By default most routers and firewalls allow outgoing connections.
 +
* However, if you are experiencing problems or want details of the robot connections please read on.
 +
* Important note for customer support - In order to provide timely cost effective support to our customers EA need to be able to access the robot easily and reliably, if access is not possible, we cannot provide support.
  
Normally no setup is required beyond connecting your robot to a wired network connection with internet access.
+
=Robot connections summary=
 +
If possible please use domain names in your network setup / firewall rules. The ''IP addresses'' are as at the date below - it is possible these will change in future.  Please check this page if you have to use IP addresses in your setup and you have any issues
  
By default most routers and firewalls allow outgoing connections.
+
Last updated '''13 April 2022''' IPs last changed '''04 July 2019'''
  
However, if you are experiencing problems or want details of the robot connections please read on.
+
Robots need to make the following connections:
 
+
* '''OUT''', '''TCP''', to '''update.robot-thespian.co.uk''' ''(62.3.104.54)'' on '''PORT 2022''' - command line level access required for EA to be able to support
=Robot connections summary=
+
* '''OUT''', '''TCP''', to '''robots.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 22''' - web based remote admin interface for customers and EA
Robots need to make following connections:
+
* '''OUT''', '''TCP''', to/from '''virtual.robothespian.co.uk''' ''(162.13.44.246)'' on '''PORT 443''' - content creation and transfer to RoboThespian
* '''OUT''' to '''telepresence.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 443''' (standard encrypted HTTPS port) - telepresence
+
** Port '''80''' may be required for robots more than 5 years old.
* '''OUT''' to '''robots.engineeredarts.co.uk''' ''(162.13.119.185)'' (on '''PORT 22''' - web based remote admin interface for customers and EA
 
* '''OUT''' to '''update.robot-thespian.co.uk ''' ''(88.96.238.246)'' on '''PORT 2022''' - command line level access required for EA to be able to support
 
* '''IN''' and '''OUT''' to/from '''virtual.robothespian.co.uk''' ''(95.138.176.93)'' on '''PORT 80''' - content creation and transfer to RoboThespian
 
  
 
If your firewall blocks outgoing connections please can you allow the above.
 
If your firewall blocks outgoing connections please can you allow the above.
  
If possible please use domain names in your network setup / firewall rules. The ''IP addresses'' are as at 07/12/2018 - it is possible these will change in future, so please check if you have to use IP addresses in your setup.
+
==Telepresence specific connections==
 
+
For telepresence some extra ports may be necessary, these are standard STUN, TURN and websocket protocol ports.<br>
For telepresence some extra ports may be necessary, these are standard STUN/TURN protocol ports:
+
Telepresence operators will need the same access:
 
+
* '''OUT''', '''TCP''', to '''robots.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 443''' (standard encrypted HTTPS port) - Single Sign on to services including telepresence
* '''IN''' and '''OUT''' to/from '''stun.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 3478''' - Telepresence connection negotiation
+
* '''OUT''', '''TCP''', to '''telepresence.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 443''' (standard encrypted HTTPS port) - telepresence
* '''IN''' and '''OUT''' to/from '''turn.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 3478 and 5349''' - Telepresence connection proxying
+
* '''IN''' and '''OUT''', '''UDP''' and '''TCP''', to/from '''stun.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 3478''' - Telepresence connection negotiation
 +
* '''IN''' and '''OUT''', '''UDP''' and '''TCP''', to/from '''turn.engineeredarts.co.uk''' ''(162.13.119.185)'' on '''PORT 3478 and 5349''' - Telepresence connection proxying
  
 
=In depth information=
 
=In depth information=
Line 42: Line 46:
  
 
Current servers that the robot connects to:
 
Current servers that the robot connects to:
# Our main server is at update.robot-thespian.co.uk  (88.96.238.246)
+
# Our main SSH server is at update.robot-thespian.co.uk  (see [[#Robot connections summary]] for current IP if required)
# The robot contacts the virtual robothespian website for generating animations and accessing animations (text files wrapped in .gz) and audio files (.ogg) http://virtual.robothespian.co.uk/
+
# The robot contacts the https://virtual.robothespian.co.uk/ website for generating animations and accessing animations (text files wrapped in .gz) and audio files (.ogg)
# The robot contacts robots.engineeredarts.co.uk for web based remote admin by yourselves and support by us.
+
# The robot contacts https://robots.engineeredarts.co.uk for web based remote admin by yourselves and support by us.
  
 
==Important note for customer support==
 
==Important note for customer support==
Line 52: Line 56:
 
The higher the bandwidth the robot has access to the better. With faster internet speeds remote management, transfers from virtual robot and telepresence will be quicker to use and run better.
 
The higher the bandwidth the robot has access to the better. With faster internet speeds remote management, transfers from virtual robot and telepresence will be quicker to use and run better.
  
The telepresence feature of the robot allows you to remote operate the robot from anywhere in the world in a very entertaining way.  It is the most bandwidth intensive feauture.
+
The telepresence feature of the robot allows you to remote operate the robot from anywhere in the world in a very entertaining way.  It is the most bandwidth intensive feature.
  
 
Telepresence uses webRTC to  
 
Telepresence uses webRTC to  

Latest revision as of 15:35, 1 August 2023

Overview

  • This page describes the network setup for EA (Engineered Arts) Robots running Tritium 2
  • For robots running Tritium 3, please see the Tritium 3 documentation here (if you do not have a login, please email us)
  • Normally no setup is required beyond connecting your robot to a wired network connection with internet access.
  • By default most routers and firewalls allow outgoing connections.
  • However, if you are experiencing problems or want details of the robot connections please read on.
  • Important note for customer support - In order to provide timely cost effective support to our customers EA need to be able to access the robot easily and reliably, if access is not possible, we cannot provide support.

Robot connections summary

If possible please use domain names in your network setup / firewall rules. The IP addresses are as at the date below - it is possible these will change in future. Please check this page if you have to use IP addresses in your setup and you have any issues

Last updated 13 April 2022 IPs last changed 04 July 2019

Robots need to make the following connections:

  • OUT, TCP, to update.robot-thespian.co.uk (62.3.104.54) on PORT 2022 - command line level access required for EA to be able to support
  • OUT, TCP, to robots.engineeredarts.co.uk (162.13.119.185) on PORT 22 - web based remote admin interface for customers and EA
  • OUT, TCP, to/from virtual.robothespian.co.uk (162.13.44.246) on PORT 443 - content creation and transfer to RoboThespian
    • Port 80 may be required for robots more than 5 years old.

If your firewall blocks outgoing connections please can you allow the above.

Telepresence specific connections

For telepresence some extra ports may be necessary, these are standard STUN, TURN and websocket protocol ports.
Telepresence operators will need the same access:

  • OUT, TCP, to robots.engineeredarts.co.uk (162.13.119.185) on PORT 443 (standard encrypted HTTPS port) - Single Sign on to services including telepresence
  • OUT, TCP, to telepresence.engineeredarts.co.uk (162.13.119.185) on PORT 443 (standard encrypted HTTPS port) - telepresence
  • IN and OUT, UDP and TCP, to/from stun.engineeredarts.co.uk (162.13.119.185) on PORT 3478 - Telepresence connection negotiation
  • IN and OUT, UDP and TCP, to/from turn.engineeredarts.co.uk (162.13.119.185) on PORT 3478 and 5349 - Telepresence connection proxying

In depth information

Information for network administrators and/or customers who wish to know the details of the connections and what they are used for

The robot opens and maintains two outgoing connections to EA's servers through which EA can connect back to perform any administration tasks that could be performed as if EA were in front of the robot using a mouse and keyboard. Most of the time although the connection is open, it remains idle, with only data relevant to maintaining ssh service being exchanged.

The connection is encrypted and authentication handled using the exchange of private/public key pairs. For more details regarding ssh see http://en.wikipedia.org/wiki/Secure_Shell.

When EA are logged in (which we only do when requested to do something by our customers) there may be further outgoing connections, for example http get requests to download some new content from virtual.robothespian.co.uk. Whilst we could provide a log of data packets, you could sniff these yourselves using many available network analysis tools, but at the same time they would be of little use as they are encrypted. The unencrypted content of these packets would typically consist of the input of shell commands and the output of results, (all clear text), audio and sequence files (text file of robot axes movements)

EA can also manage the robot's content, perform diagnostics etc. A mix of xml based and standard http protocols are used for this (most our software is browser based), however these connections are always carried within the encrypted outgoing connection.

Current servers that the robot connects to:

  1. Our main SSH server is at update.robot-thespian.co.uk (see #Robot connections summary for current IP if required)
  2. The robot contacts the https://virtual.robothespian.co.uk/ website for generating animations and accessing animations (text files wrapped in .gz) and audio files (.ogg)
  3. The robot contacts https://robots.engineeredarts.co.uk for web based remote admin by yourselves and support by us.

Important note for customer support

In order to provide timely cost effective support to our customers EA need to be able to access the robot easily and reliably, if access is not possible, we cannot provide support.

Bandwidth requirements

The higher the bandwidth the robot has access to the better. With faster internet speeds remote management, transfers from virtual robot and telepresence will be quicker to use and run better.

The telepresence feature of the robot allows you to remote operate the robot from anywhere in the world in a very entertaining way. It is the most bandwidth intensive feature.

Telepresence uses webRTC to

  • stream audio both ways between robot and remote operator
  • stream video from robot to operator
  • stream commands from operator to robot

Testing at our offices (16/05/2017) suggests minimum bandwidth requirements for usable telepresence of 4Mbit/s down, 8Mbit/s up. Faster would of course be better.

LAN setup

For the robot IP - if you will be assigning IP by DHCP could you bind the IP to the robot's MAC address - giving it the same IP each time for your convenience.

Even better, if you are able to run local DNS then you can connect to the robot on your network via the robot's hostname e.g. for RoboThespian with serial 0103 simply use rt-0103 or for a SociBot with serial 21, simply sb-0021 - see Remote Connection