Connection

Network/Firewall Information

Required Services

The below services should not be routed through a proxy or VPN, this will add undue latency and may affect the quality of services provided by hurdle.

Purpose	Hostname	IP Address	Ports	Description
Session Join Page	start.hurdle.live	3.9.8.134 3.9.88.82 18.169.2.200 35.177.84.69	80/TCP, 443/TCP	Join page course attendees open to start a session and download our application
hurdle main API	api.hurdle.live		80/TCP, 443/TCP	Primary API to authenticate and retrieve functional information
Conference Manager	conference.hurdle.live		80/TCP, 443/TCP 30300-30399/UDP	Conference server, all audio/video/chat gets managed here If UDP ports 30300 – 30399 are closed traffic will be routed through TURN server. This can reduce hurdle session performance due to additional latency and processing. WebSockets are required and must be allowed through
VM Secure Tunnel	tunnel.hurdle.live		80/TCP, 443/TCP	Tunnel to securely authenticate against our Virtual Machines WebSockets are required and must be allowed through
App deployment storage	releases.hurdle.live	AWS CloudFront CDN. Published AWS IP list (Json format) – d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips	80/TCP, 443/TCP	Location the hurdle application is deployed to end user from when they load the download page to join a session. Specific Path: releases.hurdle.live/Hurdle.LIVE-Desktop
TURN Server	0.relay.hurdle.live	18.170.33.120	80/TCP/UDP, 443/TCP/UDP	STUN, TURN and TURNS protocol server for managing socket connections to the conference

Optional Services

The services listed below do not have to be unblocked, but it may give a better experience to use hurdle, please read the description carefully for each service to determine if you need to unblock it.

Purpose	Hostname	IP Address	Ports	Description
Connectivity Check	stun.l.google.com stun1.l.google.com stun2.l.google.com stun3.l.google.com stun4.l.google.com	(Non-deterministic, use hostname)	19302/UDP	Used for direct connectivity check, typically for restrictive networks where theres potential we can communicate directly with hurdle infrastructure, if this is blocked the TURN server above MUST be unblocked
Logging	sentry.hurdle.live	(Non-deterministic, use hostname)	80/TCP, 443/TCP	Real-time event logging for diagnosing issues
Performance	datadoghq.eu	(Non-deterministic, use hostname)	80/TCP, 443/TCP	Real-time event logging for capturing performance problems

Purpose

Hostname

IP Address

Ports

Description

Connectivity Check

stun.l.google.com

stun1.l.google.com

stun2.l.google.com

stun3.l.google.com

stun4.l.google.com

(Non-deterministic, use hostname)

19302/UDP

Used for direct connectivity check, typically for restrictive networks where theres potential we can communicate directly with hurdle infrastructure, if this is blocked the TURN server above MUST be unblocked

Logging

sentry.hurdle.live

(Non-deterministic, use hostname)

80/TCP, 443/TCP

Real-time event logging for diagnosing issues

Performance

datadoghq.eu

(Non-deterministic, use hostname)

80/TCP, 443/TCP

Real-time event logging for capturing performance problems