For full cloud-connected operation, Markforged printers and sintering furnaces need to be allowed to communicate with the following public-cloud-hosted applications:
- Eiger, Markforged’s cloud-based printing platform
- Logentries, our logging and event-reporting service
- Amazon S3, the Amazon Web Services secure object-store service used for print files and part geometry
Additionally, our services depend on SSL encryption, which requires NTP time synchronization.
Eiger is hosted in Amazon AWS’s us-east-1 region (northern Virginia, USA). The architecture of Eiger relies on a set of redundant resources spread across different geographic and network locations, allowing Eiger to be available in the event of a localized power, network, or hardware problem in one of the AWS data centers ("availability zones"). The set of IP addresses can also change as Eiger scales to support more users (and scales back during idle periods). The Amazon AWS infrastructure automatically updates DNS records to reflect the current set of service IP addresses, but these addresses could come from a large pool of AWS-allocated CIDR ranges. We’ve provided the CIDR ranges for the possible IP addresses here: eiger-ip-ranges-ec2-2020.txt. The only necessary port for these addresses is 443/TCP (HTTPS).
Logentries uses a set of specific IP addresses in Amazon AWS’s eu-west-1 region (Ireland, EU). These IP’s are published by Logentries here, or in list form at eIger-ip-ranges-logentries-2020.txt. Again, the only necessary port is 443/TCP.
Finally, print files are stored in Amazon AWS’s S3, in the us-east-1 region. This is the same region as Eiger, but S3 uses different sets of IP addresses, from the CIDRs listed in eiger-ip-ranges-s3-2020.txt. The only port used by S3 is 443/TCP.
Additional Considerations: NTP Provision
In addition to Markforged cloud applications, devices will also need a source for time synchronization, primarily for validating the SSL certificates of the aforementioned cloud services. Markforged devices can use two different types of NTP servers, both using port 123/UDP:
- Internal to the customer’s environment, with the NTP server IP addresses distributed by DHCP
- External to the customer’s environment, using DNS to resolve publicly available NTP servers on the Internet