0

If there is a VOLTTRON central deployment on ZMQ, would I need to have network ports on a firewall opened up if the actual VOLTTRON central instance is behind a firewall?

Basically I am looking at deploying an edge device in a building to collect some BACnet data (temporary research deployment) and hoping to aim this edge device instance to our central VOLTTRON instance that runs a SQL historian that is behind a firewall.

Does ZMQ run on port 5555? And I would I need to have our firewall opened up or port forwarding on this port to handle the bi-directional ZMQ bus?

bbartling
  • 3,288
  • 9
  • 43
  • 88

1 Answers1

0

VOLTTRON itself by default is on port 22916 (this is the zmq port volttron uses). This is configured independently from the web port. When initializing a web instance there are some more dependencies that are required than just the initial bootstrap.py so you will want to use bootstrap.py --web to make sure those are added.

If the edge devices will have a web server on them, then there must be an inbound connection from browser or code to reach that end device. In order for a volttron central agent to connect to an edge device, the edge device instance must have the vip-address of the central instance in its $VOLTTRON_HOME/config file or within the platform agent's config file. Edge devices should have the volttroncentralplatform agent installed on it for this scenario.

ZMQ could run on whatever port you configure it to. To configure volttron to use it specify the vip-address in the ~/.volttron/config file to whatever port you would like i.e. vip-address=tcp://127.0.0.1:22916 (only bound to 127.0.0.1 ip address).

Craig
  • 949
  • 1
  • 5
  • 13
  • Hi Craig, no web agent on the edge device, I think will be just BACnet, and forwarding agent. That makes sense I need to have the IP address of the central VOLTTRON instance. And if the central VOLTTRON instance is behind a firewall, I need to ask our IT dept for a public IP address of our central instance so I can configure that on the edge device. Basically I just need some help on what I need to ask our IT department to do (firewall/port forwarding ,etc) for us to use the forwarding agent on an edge device to get data into our central instance behind the firewall. – bbartling Aug 31 '21 at 14:03
  • Is there any documentation on the apache reverse proxy server that can help with this scenario of making the VOLTTRON central more secure? I can present that info too, thanks – bbartling Aug 31 '21 at 14:04
  • @HenryHub https://volttron.readthedocs.io/en/main/deploying-volttron/proxy_web_server.html – Craig Sep 10 '21 at 16:59