Skip to main content

Private Networking with SGA (Public Cloud)

Customers using public cloud infrastructure can create a Frame account using Frame-managed networking, Private Networking with Streaming Gateway Appliance (SGA) so users can access the Frame workload VMs through the SGA. The Internet-accessible SGA serves as a reverse proxy for Frame sessions between the end users and their Frame workload VMs in the private network. The Frame workload VMs only have private IP addresses. For egress from the workload VMs to the Internet, these workload VMs are configured to communicate directly to the Internet through a NAT gateway in the public cloud infrastructure.

If users must access network resources on-premises or in a private network, a private network connection (e.g., VPN, direct connection, SD-WAN, VPC/VNET peering) with the appropriate routing must be implemented.

note

Customers who choose to create a Frame account in their own managed network where users will access the Frame workload VMs from the Internet through an SGA must follow the networking requirements defined below.

FRP8 Networking (SGA 4)​

FRP8 is a udp-based protocol for all communication between the end user and the Frame workload VMs.

Public IaaS - Private Networking with SGA 4 (FRP8)

Public IaaS - Private Networking with SGA 4 (FRP8)

The following table describes the required protocols and ports for Frame accounts using Private Networking with SGA 4 and FRP8.

Private Networking (Public Cloud) - Streaming Gateway 4

Source to DestinationSource IP addressDestination FQDN(s)Protocol/port
Workload VMs to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • api.use.difr.com
  • assets.use.difr.com
  • logging.use.difr.com
  • downloads.difr.com
  • download.visualstudio.microsoft.com
  • ----[ EU Backplane ]----
  • api.deu.difr.com
  • backend.deu.difr.com
  • hub.deu.difr.com
  • logging.deu.difr.com
  • downloads.difr.com
  • download.visualstudio.microsoft.com
  • ----[ Legacy Backplane ]----
  • gateway-external-api-prod.frame.nutanix.com
  • prod-kds-5683567dcbd60804cb34.s3.us-east-1.amazonaws.com
  • assets.console.nutanix.com
  • downloads.console.nutanix.com
  • logging.console.nutanix.com
  • download.visualstudio.microsoft.com
tcp/443 (HTTPS)
Workload VMs to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • api.use.difr.com
  • hub.use.difr.com
  • ----[ EU Backplane ]----
  • api.deu.difr.com
  • hub.deu.difr.com
  • ----[ Legacy Backplane ]----
  • cch.console.nutanix.com
  • messaging.console.nutanix.com
tcp/443 (HTTPS, WSS)
End user to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • use.difr.com
  • api.use.difr.com
  • img.use.difr.com
  • login.use.difr.com
  • logging.use.difr.com
  • ----[ EU Backplane ]----
  • deu.difr.com
  • api.deu.difr.com
  • assets.difr.com
  • login.deu.difr.com
  • downloads.difr.com
  • ----[ Legacy Backplane ]----
  • console.nutanix.com
  • img.frame.nutanix.com
  • img.console.nutanix.com
  • cpanel-backend.console.nutanix.com
  • terminal-prod.frame.nutanix.com
  • logging.console.nutanix.com
  • login.console.nutanix.com (for Frame IdP, if used)
tcp/443 (HTTPS)
End user to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • api.use.difr.com
  • ----[ EU Backplane ]----
  • api.deu.difr.com
  • ----[ Legacy Backplane ]----
  • messaging.console.nutanix.com
tcp/443 (HTTPS, WSS)
SGA VMs to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • hub.use.difr.com
  • ntp.ubuntu.com
  • api.snapcraft.io
  • ----[ EU Backplane ]----
  • hub.deu.difr.com
  • ntp.ubuntu.com
  • api.snapcraft.io
  • ----[ Legacy Backplane ]----
  • cch.console.nutanix.com
tcp/443 (HTTPS, WSS)
End user to SGA VMPublic IP address
  • SGA VM-specific public IP address
udp/3478 and tcp/3478
SGA VM to End userPublic IP address
  • End user-specific public IP address
udp/49152–65535
SGA VM to Workload VMPrivate IP address
  • Dynamic private IP address within VPC/VNET
udp/4503–4509
Workload VM to SGA VMPrivate IP address
  • SGA VM-specific private IP address
udp/49152–65535