Synergy Network Specifications
Backend Architecture Overview

Hostnames and IPs
We don’t always use dedicated IPs. For some scenarios we know the hostnames, and they are always the same not subject to change like “login.synergyxr.com” and “portal.synergyxr.com” but the IPs may be dynamic like for example is the case with Microsoft Azure Spatial Anchors.
Fundamentals (DNS)
The client will need to be able to make DNS queries to function properly (UDP and TCP port 53).
SynergyXR Backend Hosted by Microsoft Azure
The synergy backend handles secure user authentication via IdentityServer4 which is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core. It also facilitates content management, file indexing and more. User management is done via the synergy portal (https://portal.synergyxr.com/).
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
Hostname/IP |
Protocol |
Port |
Description |
login.synergyxr.com |
TCP |
443 |
HTTPS |
storage.synergyxr.com |
TCP |
443 |
HTTPS |
portal.synergyxr.com |
TCP |
443 |
HTTPS |
Microsoft Azure Blob Storage
The blob storage is where the raw files of the content is stored.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
Hostname/IP |
Protocol |
Port |
Description |
synergysharedstorage.blob.core.windows.net |
TCP |
443 |
HTTPS |
Spatial Anchors
Spatial Anchors is a cloud service which enables users to persist and share anchors in a mixed-reality experience across sessions and devices.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
Hostname/IP |
Protocol |
Port |
Description |
sts.mixedreality.azure.com |
TCP |
443 |
HTTPS |
“Azure Spatial Anchors communicates over TCP port 443 using an encrypted protocol. For authentication, it uses Azure Active Directory, which communicates using HTTPS over port 443.” (see more here: https://docs.microsoft.com/en-us/azure/spatial-anchors/spatial-anchor-faq)
Photon Engine
Photon is the backbone of our real-time multiuser experience.
Outbound traffic needs to be allowed for the following types of network traffic as listed here.
Hostname |
IP |
Protocol |
Port |
Description |
pi_unitystudios-eu-ns.exitgames.com |
52.157.184.50 |
TCP |
4533 |
Client to Nameserver (TCP) |
azeu704-master.exitgames.com |
52.157.78.135 |
TCP |
4530 |
Client to Master Server (TCP) |
azeu704-game.exitgames.com |
52.157.74.166 |
TCP |
4531 |
Client to Game Server (TCP) |
|
52.157.184.42 |
TCP |
4531 |
IP of VM |
(see more here: https://doc.photonengine.com/en-us/realtime/current/connection-and-authentication/tcp-and-udp-port-numbers)
Real-Time Video Chat
Video chat is used mainly to facilitate operate/assist scenarios where the man on the floor using a HoloLens wants to share what he sees with a remote supporter using a PC.
Outbound traffic needs to be allowed for the following types of network traffic as listed here.
Hostname/IP |
Protocol |
Port(s) |
Description |
synergy-turn-server.westeurope.cloudapp.azure.com/104.45.43.105 |
UDP |
5349 |
STUN/TURN server |
synergy-signaling-server.azurewebsites.net |
TCP |
443 |
WebSocket Secure |
See network diagram below:
We are currently looking into exchanging the video streaming service, which will change these requirements. We will update you as soon as we are further in that investigation.
Unity Cloud Diagnostics
Unity Cloud Diagnostics is a service that automatically collects and reports data about errors (known as crashes or exceptions) in an application.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
Hostname/IP |
Protocol |
Port |
Description |
cdp.cloud.unity3d.com |
TCP |
443 |
HTTPS |