Blocks Networking and Security FAQ
Here's a brief summary of some frequently asked questions around network requirements, including some security considerations, in relation to Blocks itself as well as other subsystems sometimes used with Blocks.
What kind of network traffic does Blocks cause?
Blocks should generally use wired (Ethernet) network, but can use or wifi if required and of sufficient quality and bandwidth. Blocks uses industry standard protocols such as HTTP, TCP and UDP. Most traffic is of "web browser" type (HTTP/HTTPS).
PIXILAB Player (and possibly other devices, such as some some "smart displays" with built-in players) may use wake-on-lan broadcast message to be powered up. Other optional devices based on ArtNET, or media servers (such as Dataton WATCHOUT), etc, also may use multicast or broadcast. In those cases, broacasts or multicasts must be allowed on the network for those functions to work properly.
Is DHCP and local DNS required for using digital guide features?
Yes, DHCP is recommended to avoid having to hard-code IP addresses for each device. To use bring-your-own devices, a local DNS is useful to avoid having to enter the IP address of the Blocks server in the browser. Alternatively, make your Blocks server accessible from the Internet, and use a regular, external DNS name.
Can DHCP/DNS be handled by existing infrastructure?
Yes, you can use separate DHCP and DNS, if desired. There's nothing special with those included in our Linux server image. Any DHCP and DNS will do, assuming they are properly configured.
Bandwidth requirements?
Bandwidth requirements depend on the maximum number of simultaneous clients to be expected as well as the maximum bitrate of your content. Just multiply those for a ballpark figure for what bandwidth is needed, then factor in some reasonable overhead, such as 2x. If you want to have good headroom, you can run a 10 gigabit trunk from the server to the first switch switch, then gigabit from that switch downstream to sub-switches (if any) and players.
What ports are used?
For basic functionality of our Linux based server, only standard web browser ports are required. For HTTP that means port 80. If you need HTTPS (requires SSL certificate and a domain name), then port 443 will be required. Other functions (such wake-on-LAN) are optional. If you do need this to power up players, smart screens or other devices, the network must allow for wake-on-LAN "magic packets" broadcasts. Network (PXE) booting of PIXILAB Player uses the standard TFTP protocol, requiring use of UDP on port 69 plus additional ephemeral ports. This is an optional feature, which can be avoided by booting from USB or other local storage instead.
Does Blocks support encrypted connections
Yes. Learn more about how to enable and use HTTPS here. Keep in mind that this encryption applies only to client-to-server communication. Some other (optional) protocols supported by Blocks, such as ArtNET and MODBUS, does not support encrypted connections. Hence, to make sure such connections (if used) can not be accessed by unauthorized visitors, you're strongly advised to segment your network into a visitor subnet – used only for encrypted connections – and a control subnet used for such unencrypted data.
Does Blocks support single-sign-on solutions, such as Active Directory?
Is there any support for remote management?
We're including Anydesk, an excellent 3rd party remote management program, on our Linux server image. By default, Anydesk is disabled. It can be enabled on demand or on server start (e.g., for unattended access). If you want to use Anydesk, find its port requirements and other details under "Which ports does AnyDesk use?" here: https://support.anydesk.com/FAQ