Network Port Configuration
Warning
Ouster Gemini Detect is not designed to be put on the public internet. It is strongly advised to only expose computers running Detect on private networks.
Ouster Gemini Detect requires the following firewall rules be open for operation. All other ports/protocol combinations can be blocked for incoming connections.
Detect needs to make an HTTPS request to activate a license from an Entitlement ID (EID). An HTTPS request operates over TCP on port 443. The endpoint of the request is ouster.prod.sentinelcloud.com. If you need to restrict outgoing connections, an exception needs to be made for this endpoint. If a specific IP address is required, please contact support@ouster.io.
Four of the rules below make reference to the ouster0 interface. This is a docker bridge interface created when installing Detect. This interface will not be present until Detect is installed.
Each Ouster lidar’s need a UDP port for both the lidar and IMU data (2 ports per lidar). The port ranges 9000-9050 and 9500-9550 are used for this purpose allowing data for 50 lidars. These port ranges correspond with the environment variables in /opt/ouster/.env. If you need to change the lidar or IMU ports, the appropriate changes need to be made in both the .env file and in the firewall rules.
Note
When using Using Your Own Edge Processor user will need all these ports accessible on their host.
To |
Action |
From |
|---|---|---|
22/tcp (OpenSSH) |
ALLOW IN |
Anywhere |
22/tcp |
LIMIT IN |
Anywhere |
443/tcp |
ALLOW IN |
Anywhere |
3302/tcp |
ALLOW IN |
Anywhere |
3303/tcp |
ALLOW IN |
Anywhere |
9000:9007/udp |
ALLOW IN |
Anywhere |
9500:9507/udp |
ALLOW IN |
Anywhere |
Anywhere on ouster0 |
ALLOW IN |
Anywhere |
Anywhere on ouster0 |
ALLOW OUT |
Anywhere |
22/tcp (OpenSSH (v6)) |
ALLOW IN |
Anywhere (v6) |
22/tcp (v6) |
LIMIT IN |
Anywhere (v6) |
443/tcp (v6) |
ALLOW IN |
Anywhere (v6) |
3302/tcp (v6) |
ALLOW IN |
Anywhere (v6) |
3303/tcp (v6) |
ALLOW IN |
Anywhere (v6) |
9000:9050/udp (v6) |
ALLOW IN |
Anywhere (v6) |
9500:9550/udp (v6) |
ALLOW IN |
Anywhere (v6) |
Anywhere (v6) on docker0 |
ALLOW IN |
Anywhere (v6) |
Anywhere (v6) on docker0 |
ALLOW OUT |
Anywhere (v6) |