Overview
There are certain network configurations requirements to be met to be able to use Sococo. This is especially important if a customer is behind a company firewall with high restrictions on network traffic. To communicate with Sococo and Amazon Chime servers, certain IP subnets and domains need to be whitelisted (allowed).
Information
Sococo uses the industry-standard WebRTC and tries first to send video over UDP, then automatically switches to TCP when UDP traffic is blocked. Having said that, TCP is a less desirable protocol for streaming video because of the overhead incurred for error checking. Applications that stream live video, like Sococo, perform better over UDP because its speed is desirable and the error correction guaranteed by TCP isn't necessary. Unblocking UDP, and confirming proxy and firewall settings, will assure higher quality and more consistent Sococo user experience.
Description
Firewall and Proxy Settings
For the highest level of quality, Sococo clients require access to our services via all routes in the following table. Connections are initiated from the client-side, meaning that in most network environments, the application will work without requiring the network team to modify the configuration. Keep in mind, however, that in some environments which are more restrictive outbound, this information may be needed to control and to perform changes that allow the service to work.
Optimal Configuration
Subnets |
Ports |
|
35.227.128.0/24 |
35.190.112.0/27 |
443 TCP/UDP
50000-53000 UDP
60000-61000 UDP
|
35.234.176.0/25 |
35.230.240.0/26 |
|
35.227.0.0/26 |
35.234.224.0/27 |
|
35.192.192.0/25 |
35.234.208.0/28 |
|
35.234.240.0/26 |
35.235.0.0/28 |
|
35.203.232.0/27 |
206.191.153.81/32 |
|
35.235.48.0/27 |
35.235.32.0/26 |
|
35.234.160.0/26 |
35.157.45.253/32 |
|
35.235.32.0/26 |
35.234.160.0/26 |
|
35.234.192.0/26 |
35.203.232.0/27 |
|
206.191.153.80/32 |
35.243.0.64/26 |
|
35.243.8.0/26 |
|
|
Additional Subnets |
Ports |
|
146.20.192.0/25 |
|
443 TCP/UDP 10000-20000 TCP/UDP
|
148.62.40.128/25 |
|
|
3.226.246.0/25 |
|
Additional Considerations
- For the best media experience, outgoing traffic should be direct and not sent through a proxy. Proxy servers add unpredictable latency and negatively impact media quality.
- Similarly, full-tunnel VPNs can introduce significant and unpredictable latency. Consider excluding Sococo traffic from the tunnel.
- If a security proxy or web gateway is in place, WebRTC and WebSockets traffic to the following must be whitelisted:
*.sococo.com
*.sococo.net
- AWS IP address ranges for Amazon Chime
- Some firewalls may misclassify the media traffic and apply a UDP default timeout. In these cases, calls will always drop at exactly the same time. To avoid call timeouts, change the default (0:02:00 – 2 minutes) to a time that is longer than the longest potential call.
Why Enable UDP for Sococo?
At the Transport layer of the IP network stack, UDP (User Datagram Protocol) is the preferred method for the delivery of live video streams. UDP offers reduced latency over the reliability that TCP (Transmission Control Protocol) provides. It is a faster protocol than TCP and where time-sensitive applications are involved (i.e. live video or VoIP), it is better to live with a video glitch caused by a dropped packet than to wait for the retransmission which TCP guarantees (which is not very practical where live video is concerned).
Bandwidth Requirements
The following table provides resolution, codec, and bitrate information for individual media streams in Sococo.
Stream | Codec | Resolution | Bit-rate (kbps) |
Audio | Opus | - | 64 |
Video | VP8 | 480p | 768 (1500)* |
Screen Share | VP8 | 1080p | 1000 (3000)* |
* average (maximum) values
Round-Trip / Latency Requirements
In order to maintain a high-quality experience with audio and video communication, network round trip time between a Sococo client and our media servers should be < 150 ms. Rounds trips of > 400ms will have a significant impact on quality.