Synergy Network Specifications
Backend Architecture Overview
Hostnames and IPs
We don’t always use dedicated IPs. For some scenarios we know the hostnames, and they are always the same not subject to change like “login.synergyxr.com” and “portal.synergyxr.com” but the IPs may be dynamic like for example is the case with Microsoft Azure Spatial Anchors.
Fundamentals (DNS)
The client will need to be able to make DNS queries to function properly (UDP and TCP port 53).
SynergyXR Backend Hosted by Microsoft Azure
The synergy backend handles secure user authentication via IdentityServer4 which is an OpenID Connect and OAuth 2.0 framework for ASP.NET Core. It also facilitates content management, file indexing and more. User management is done via the synergy portal (https://portal.synergyxr.com/).
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
|
Hostname/IP |
Protocol |
Port |
Description |
|
login.synergyxr.com |
TCP |
443 |
HTTPS |
|
storage.synergyxr.com |
TCP |
443 |
HTTPS |
|
portal.synergyxr.com |
TCP |
443 |
HTTPS |
CDN and Azure Blob Storage
The blob storage and the associated CDN is where the raw files of the content is stored.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy
| Hostname/IP | Protocol | Port | Description |
| cdne-sxr-synergysharedstorage.azureedge.net | 443 | HTTPS | |
| synergysharedstorage.blob.core.windows.net | TCP | 443 | HTTPS |
Spatial Anchors
Spatial Anchors is a cloud service which enables users to persist and share anchors in a mixed-reality experience across sessions and devices.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
|
Hostname/IP |
Protocol |
Port |
Description |
|
sts.mixedreality.azure.com |
TCP |
443 |
HTTPS |
“Azure Spatial Anchors communicates over TCP port 443 using an encrypted protocol. For authentication, it uses Azure Active Directory, which communicates using HTTPS over port 443.” (see more here: https://docs.microsoft.com/en-us/azure/spatial-anchors/spatial-anchor-faq)
Photon Engine
Photon is the backbone of our real-time multiuser experience.
Outbound traffic needs to be allowed for the following types of network traffic as listed here.
|
Hostname |
IP |
Protocol |
Port |
Description |
|
pi_unitystudios-eu-ns.exitgames.com |
52.157.184.50 |
TCP |
4533 |
Client to Nameserver (TCP) |
|
azeu704-master.exitgames.com |
52.157.78.135 |
TCP |
4530 |
Client to Master Server (TCP) |
|
azeu704-game.exitgames.com |
52.157.74.166 |
TCP |
4531 |
Client to Game Server (TCP) |
|
|
52.157.184.42 |
TCP |
4531 |
IP of VM |
(see more here: https://doc.photonengine.com/en-us/realtime/current/connection-and-authentication/tcp-and-udp-port-numbers)
Agora Real-Time Video Streaming
Agora is global leader in Real-Time Engagement, providing developers with simple, flexible, and powerful APIs, to embed real-time voice, video, interactive streaming, chat, and artificial intelligence capabilities into their applications.
SynergyXR makes use of their video streaming capabilities to ensure all users see the exact same view of the SynergyXR web browser.
Agora maintains a document describing the firewall requirements: https://docs.agora.io/en/video-calling/reference/firewall?platform=unity. All communication happens over port 443 using TCP, so this rarely causes any issues.
Unity Cloud Diagnostics
Unity Cloud Diagnostics is a service that automatically collects and reports data about errors (known as crashes or exceptions) in an application.
Outbound traffic needs to be allowed for the following types of network traffic as listed here. As this is regular HTTPS traffic it should be possible to do this via proxy.
|
Hostname/IP |
Protocol |
Port |
Description |
|
cdp.cloud.unity3d.com |
TCP |
443 |
HTTPS |