ROS Resources: Documentation | Support | Discussion Forum | Service Status | Q&A answers.ros.org

ROS2 behind a firewall

Hey,
which ports/services do I have to allow if I want to operate ROS2 on a system with an active firewall?

Lennart

The canonical explanation is deeply buried in the RTPS spec (aka “DDS
Interoperability Protocol”), section 9.6.1:
http://www.omg.org/spec/DDSI-RTPS/2.2/PDF/

Four UDP ports are needed. The port numbers are a function of the DDS/RTPS
domain ID, which in ROS 2 is populated with the ROS_DOMAIN_ID environment
variable and defaults to zero.

The expressions and magic numbers are on pages 190-191 of the PDF (document
page numbers 178-179).

Best regards,
Morgan

2 Likes

I’ve seen this page by RTI which might be useful: https://community.rti.com/content/forum-topic/statically-configure-firewall-let-omg-dds-traffic-through

It has a spreadsheet for calculating the ports used by RTI Connext (one of the supported ROS 2 middleware implementations) which might also apply to other vendors. I haven’t used it myself.

Morgan mentioned the domain ID - note that the participant ID that’s used in these equations isn’t currently exposed/set by ROS 2, but it may be set by vendor-specific config files.