Dataflows
Terminology
Endpoint
The combination of a host, a port and a transport protocol, e.g. UDP@10.0.0.1:53.
Devices
Summary
- No port-forwarding or NAT needed
- Outbound traffic only
- Standard protocols: HTTPS, STUN, WebRTC, NTP
- Proprietary protocols: AXIS O3Cv2
Details
Devices managed and utilized through YourSixOS needs to reach the YourSix cloud on the following endpoints:
| Transport | Port | Host |
|---|---|---|
| TCP | 443 | archiver.cloud.yoursix.com |
| TCP | 443 | evbridge.cloud.yoursix.com |
| TCP | 443 | oneclick-[1-36].cloud.yoursix.com |
In addition to reaching the cloud, the devices need to reach the following endpoints for WebRTC connectivity:
| Transport | Port | Host |
|---|---|---|
| UDP | 3478 | stun.cloudflare.com |
| UDP | 30000-40000 | 0.0.0.0/0 |
To be enrolled, devices need to reach the AXIS O3C Dispatcher on at least one (two recommended) of the following endpoints:
| Transport | Port | Host |
|---|---|---|
| TCP | 443 | dispatchse1-st.axis.com |
| TCP | 443 | dispatchse2-st.axis.com |
| TCP | 443 | dispatchus1-st.axis.com |
| TCP | 443 | dispatchjp1-st.axis.com |
To maintain accurate system time and prevent drift, devices will be configured to synchronize time using NTP with the following endpoints:
| Transport | Port | Host |
|---|---|---|
| UDP | 123 | time.aws.com |
INFO
If NTP is announced by DHCP on the local network, DHCP announced NTP server will take precedence.
In addition to the above, devices assume a sane network setup, providing IP addressing and DNS configuration via DHCP. If deploying a separate VLAN/subnet for the devices, make sure WebRTC UDP traffic is allowed between the subnets in order for streaming to work.
Applications
YourSix does not commit to any set of endpoints used by web- and mobile applications, however, we do commit to a set of trusted paths, see below:
| Application | Trusted path |
|---|---|
| Authenticate | https://auth.platform.yoursix.com |
| Login | https://login.platform.yoursix.com |
| End-customer | https://platform.yoursix.com |
| Tunneling | https://accessdevice.cloud.yoursix.com |
| Central station | https://inspect.cloud.yoursix.com |
We only operate on the yoursix.com domain.
Email
Emails from YourSixOS are sent from the following addresses:
invite@platform.yoursix.comnotifications@platform.yoursix.com
YourSixOS utilizes AWS SES for email sending, and all of our emails are SPF and DKIM signed for the domain platform.yoursix.com to comply with DMARC.
Webhooks
Webhooks from YourSixOS are sent from IPs pointed out by the IPv4 A record at: webhook.cloud.yoursix.com. All webhooks are sent using the user-agent y6-platform.