Network Requirements

RetailNext operates two separate services: a global service based in the United States (denoted as Global Cloud Service) and a separate service operated entirely within China (denoted as China Cloud Service). This page details the comprehensive network requirements for these services.

For a quick reference guide to the Basic Network Requirements, click here.

Store Network



RetailNext Cloud Service

Store Network



RetailNext Cloud Service

Admin Access

Initial setup (HTTP): TCP 80 →

Discovery (mDNS): UDP 5353 → 

Discovery (UPnP): TCP 1900 →

IP Cameras

Video (RTP/RTSP): TCP 554 ←, UDP →

Video (HTTP): TCP 80 ←

Store Appliance



Cloud Service

Management: TCP 8278 →

Required Hosts (Global): 

104.154.145.235

China: Static IP addresses are not used. Connections will be made to hosts with the retailnextchina.net domain. 

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80 →

Discovery (mDNS): UDP 5353 → 

Discovery (UPnP): TCP 1900 →



Power

IEEE 802.3af PoE at 15.4W

Aurora

Cloud Service

Management: TCP 8278 →

Required Hosts (Global): 

104.154.145.235

China: Static IP addresses are not used. Connections will be made to hosts with the retailnextchina.net domain. 

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80/443 →

Stereo Sensors

Cloud Service

Data delivery (HTTPS): TCP 443 

Required Hosts (Global): 

35.244.170.41 (*.camera.ops.retailnext.net)

NTP: UDP 123 →
Xovis mgmt.: TCP 80/443 → 34.102.240.84
Audit video (SFTP): TCP 22 → transfers.retailnext.net
Brickstream mgmt.: TCP 2375 → 35.239.184.87
Audit video (FTP) TCP 21 → transfers.retailnext.net

China: these devices are not used

Note: all devices require access to public DNS (TCP/UDP 53 →)

Admin Access

Initial setup (HTTP): TCP 80/443 →

Open-Mesh Switches

Cloud Service

Management: TCP 80/443 

Required Hosts (Global): 

cloud-switch.cloudtrax.com
connkeeper.cloudtrax.com
files.cloudtrax.com
dev.cloudtrax.com
54.245.115.10
35.163.125.115
If allowed, wildcard *.cloudtrax.com is preferred

China: these devices are not used

Note: all devices require access to public DNS (TCP/UDP 53 →)


Aurora & Store Appliances

Outbound Access

During normal operation, Aurora sensors and RetailNext Store Appliances only require outbound network access from the store network to the cloud service on TCP port 8278. This connection can go through a NAT gateway. Access to public DNS is also required.

Refer to the diagram above for a list of IP addresses required by different in-store devices. Ensure that firewall rules based on source addresses apply to the entire DHCP scope.

On the store network, RetailNext Store Appliances also need to communicate with IP video cameras and encoders. Those devices are normally on the same IP network as the server, and the protocol required to retrieve video and other information varies from one device to another. RetailNext generally requires access from the Store Appliance to those devices using RTSP on TCP port 554 or HTTP on port 80. Older video devices may require the store appliance to accept RTP/UDP data on any port.

In the future, RetailNext may use other protocols to try to discover IP cameras.

Bandwidth Requirements

Aurora or a store appliance processing a single monocular video stream generates approximately this amount of average network activity to deliver track data to the cloud service:

Transmit: 15 kbit/s
Receive: 2 kbit/s

Inbound Access

During typical operation, no inbound network access is required to Aurora or Store Appliances.

However, both products offer an administrative web user interface that can be used for initial setup or to diagnose connectivity problems. Refer to the diagram above for the ports required to access this interface. RetailNext also offers autodiscovery capabilities using mDNS and UPnP.

RetailNext also offers the capability of streaming recorded video directly from the store appliance, which is implemented with WebRTC data channels. This allows users in the store to play back videos over the local network instead of the WAN connection.

As mentioned above, some older IP video devices may also require the store appliance to accept RTP/UDP data on any port.

Aurora & Store Appliance Network Summary

Service

Protocol

Port

Direction

Destination

Notes

Service

Protocol

Port

Direction

Destination

Notes

Sensor control and data delivery

Proprietary

TCP 8278

Outbound

RetailNext cloud service

Requires public DNS

Administrative interface

HTTP/HTTPS

TCP 80/443

Inbound

-



Video retrieval over RTSP

RTSP

TCP 554

Outbound

IP video cameras/encoders

Ports may vary by product

Video retrieval over HTTP

HTTP

TCP 80

Outbound

IP video cameras/encoders

Ports may vary by product

Legacy video retrieval

RTP

UDP high ports

Inbound

-



Discovery

UPnP

UDP 1900

Inbound

-



Discovery

mDNS

UDP 5353

Inbound

-



User Access & Data Integration

All connections for the China Cloud Service will be made to hosts with the retailnextchina.net domain. 

End User Access

Protocol

Port

Direction

Destination (Global)

Notes

End User Access

Protocol

Port

Direction

Destination (Global)

Notes

Browser-based UI

HTTPS

TCP 443

👤 → ☁

*.cloud.retailnext.net

For load balancing, capacity expansion,
and high availability, we do not have a static
list of the IP addresses for these services.

Customers will need to allow Internet access
on 443.

Video playback

WS

TCP 443

👤 → ☁

*.cloud.retailnext.net

In-store video playback

WS over WebRTC Data Channel

-

👤 → Store network

Store Appliance

Configuration details are coming soon

Email

Email

-

☁ → 👤

-

Reports, notifications, and user account management

Customers will need to allow mail from retailnext.net delivered via mg.retailnext.net.

Data Integration

Protocol

Port

Direction

Destination

Notes

Query API

HTTPS

TCP 443

→ ☁

*.api.retailnext.net

For load balancing, capacity expansion, 
and high availability, we do not have a static 
list of the IP addresses for this service. 

POS, staffing, store hours, and other file uploads

HTTPS
SFTP

TCP 443
TCP 2022

→ ☁

*.upload.ops.retailnext.net
sftp.ops.retailnext.net

HTTPS uploads are preferred over SFTP

HTTPS: 35.244.192.136, 35.244.228.205
SFTP: 34.68.22.227, 35.244.228.100

Security events



TCP 443

→ ☁

*.security-events.ops.retailnext.net

35.244.170.41

Health monitoring alerts

Email

-

☁ →

-

Customers will need to allow mail from retailnext.net delivered via mg.retailnext.net.

POS Integration

Protocol

Port

Direction

Destination

Notes

Lightspeed, Vend, Shopify, Square

API

-

☁ → ☁

-

Requires OAuth setup