Networking and TCP/IP Ports#
Overview#
For optimal operation of Omniverse applications, specific TCP/IP ports must be opened between components and/or servers. Review the list below to ensure proper communication is permitted. If network changes are required, please consult your IT or Information Security Team for proper advisement.
Warning
Many of the listed ports can be customized, however some must remain as specified. For additional information, review the related interface or configuration files (.env) for the Omniverse service being configured.
Nucleus Workstation#
These ports are used with Nucleus Workstation:
Purpose
|
TCP Port
|
---|---|
Nucleus Core and Discovery API Ports
|
3001, 3009, 3333
|
Prometheus Metrics Port
|
3010
|
Nucleus Tagging Service Port
|
3020
|
Nucleus System Monitor Ports
|
3080, 3085
|
Authentication Service Port
|
3100
|
Authentication Web Port
|
3180
|
Search Service Port
|
3400
|
Cache Services Port
|
8891
|
Cache API Port
|
8892
|
Nucleus Navigator Port (within Launcher)
|
34080
|
Omniverse Drive Progress Interface Port
|
59624
|
Warning
Locally installed firewall software (e.g., Windows Defender, ufw, firewalld) may impact/block communication to these ports and configuration changes may be required.
Enterprise Nucleus Server#
These ports are required for Clients and services to connect to an Enterprise Nucleus Server:
Purpose
|
TCP Port
|
---|---|
Web Port*
|
8080
|
API Ports
|
3009, 3019
|
Prometheus Metrics Port
|
3010
|
Tagging Service Port
|
3020
|
Large File Transfer Service Port
|
3030
|
Authentication Service Ports
|
3100, 3180
|
Discovery Port
|
3333
|
Search Service Port
|
3400
|
Service API Port**
|
3006
|
Meta Dump Port**
|
5555
|
Note
If your Enterprise Nucleus Server is using NGINX or a similar ingress router/gateway, TCP 443 inbound to the gateway is required and the gateway will then need to communicate with the Enterprise Nucleus Server on the above ports.
* By default, the Web Port is set to 8080 for easier SSL/TLS configuration. If SSL/TLS is not needed, change this port to 80.
** These ports are required for Nucleus Tools backup only and are disabled by default.
Omniverse Cloud PaaS#
These ports are required for proper operation of Omniverse Cloud PaaS:
Purpose
|
TCP Port
|
---|---|
API & Web Portal Ports
|
80, 443, 3000, 48322
|
Purpose
|
UDP Port
|
---|---|
Nucleus Bridge Port *
|
60000
|
WebRTC Ports
|
10500-20000
|
Note
* The Nucleus Bridge port is only required if using the Nucleus Bridge to connect an Enterprise Nucleus Server to Omniverse Cloud PaaS.
Enterprise Cache#
These ports are required for Clients and services to connect to an Enterprise Cache: (This includes both Clients and chained Enterprise Caches.)
Purpose
|
TCP Port
|
---|---|
Cache Service Port
|
8891
|
Prometheus Metrics Port
|
9500
|
Omniverse Farm#
These ports are required for the proper operation of an Omniverse Farm:
Purpose
|
TCP Port
|
---|---|
Management Services Port
|
8222
|
Controller/Agent Services Port
|
8223
|
Connectivity Testing#
Connectivity scripts are provided to test and troubleshoot connectivity between a workstation running Microsoft Windows or Linux to an Enterprise Nucleus Server. Click here for additional information.
Outbound Connectivity Requirements#
For Docker Compose and Kubernetes Enterprise deployments, TCP 443 is required to access the repository endpoints for pulling containers. These repositories are:
nvcr.io
andngc.download.nvidia.com
To access NVIDIA sample assets, connectors, extensions, and other files across Client applications (e.g., USD Composer, Nucleus Navigator, etc.), TCP 80 and 443 access is required to these endpoints:
omniverse-content-production.s3.us-west-2.amazonaws.com
omniverse-content-production.s3-us-west-2.amazonaws.com
twinbru.s3.eu-west-1.amazonaws.com
d1aiacozzchaiq.cloudfront.net
dw290v42wisod.cloudfront.net
dcb18d6mfegct.cloudfront.net
kit-extensions.ov.nvidia.com
ovextensionsprod.blob.core.windows.net
content-production.omniverse.nvidia.com
For Omniverse to function correctly, the following endpoints need to be accessible over TCP 80 and 443:
login.nvidia.com
api.launcher.omniverse.nvidia.com
data.launcher.omniverse.nvidia.com
gdpr.launcher.omniverse.nvidia.com
install.launcher.omniverse.nvidia.com
messages.launcher.omniverse.nvidia.com
index.launcher.omniverse.nvidia.com
Administrators can choose to either allow these entries individually, or if possible, by using a wildcard entry that includes them all. (
*.nvidia.com
)