Jiminny uses a technology called WebRTC to power real-time media services. It is supported natively in most modern Web browsers.
As a web application, Jiminny does not normally require any network configuration changes (STUN and TURN technologies help mediate restricted networks).
However, some firewalls can block traffic and interfere with web conferences or calls and require additional configuration.
If the router includes SIP Application Level Gateway (ALG) function or Stateful Packet Inspection (SPI), both of these functions should be disabled for the below IP address ranges. Failure to do so may introduce high latency.
IP Addresses
Jiminny needs to communicate with external servers to send signaling and media traffic. Global Low Latency routing is used to select the datacenter with the lowest-latency (usually closest to the user).
Whitelist (and preferably add QoS) rules should be setup using all of the following server IP addresses and ports.
All packets coming in and out of Jiminny carry a DSCP tag with the value 46 (EF 101110) which can then be used when configuring the QoS to give priority to voice packets over general traffic.
There is currently a known issue on Windows regarding DSCP. We expect this to be solved in a future version of Chrome.
Region | Range | CIDR Notation | Port(s) | Protocol(s) | Purpose |
Australia | 54.252.254.64 - 54.252.254.127 | 54.252.254.64/26 | 10000 - 60000* 443, 3478 5349 | UDP/SRTP/SRTCP TCP/UDP TCP | Media Transport Media Signalling |
13.210.2.128 - 13.210.2.159 | 13.210.2.128/27 |
|
|
|
|
3.104.90.0 - 3.104.90.255 | 3.104.90.0/24 |
|
|
|
|
3.25.42.128 - 3.25.42.255** | 3.25.42.128/25 |
|
|
|
|
Brazil | 18.231.105.32 - 18.231.105.63 | 18.231.105.32/27 |
|
|
|
177.71.206.192 - 177.71.206.255 | 177.71.206.192/26 |
|
|
|
|
18.228.249.0 - 18.228.249.255 | 18.228.249.0/24 |
|
|
|
|
18.230.125.0 - 18.230.125.127** | 18.230.125.0/25 |
|
|
|
|
Germany | 18.195.48.224 - 18.195.48.255 | 18.195.48.224/27 |
|
|
|
18.156.18.128 - 18.156.18.255 | 18.156.18.128/25 |
|
|
|
|
35.156.191.128 - 35.156.191.255 | 35.156.191.128/25 |
|
|
|
|
52.59.186.0 - 52.59.186.31 | 52.59.186.0/27 |
|
|
|
|
3.122.181.0 - 3.122.181.255 | 3.122.181.0/24 |
|
|
|
|
Ireland | 54.171.127.192 - 54.171.127.255 | 54.171.127.192/26 |
|
|
|
52.215.127.0 - 52.215.127.255 | 52.215.127.0/24 |
|
|
|
|
52.215.253.0 - 52.215.253.63 | 52.215.253.0/26 |
|
|
|
|
3.249.63.128 - 3.249.63.255** | 3.249.63.128/25 |
|
|
|
|
India | 52.66.193.96 - 52.66.193.127 | 52.66.193.96/27 |
|
|
|
52.66.194.0 - 52.66.194.63 | 52.66.194.0/26 |
|
|
|
|
3.7.35.128 - 3.7.35.255** | 3.7.35.128/25 |
|
|
|
|
Japan | 54.65.63.192 - 54.65.63.255 | 54.65.63.192/26 |
|
|
|
13.115.244.0 - 13.115.244.31 | 13.115.244.0/27 |
|
|
|
|
3.112.80.0 - 3.112.80.255 | 3.112.80.0/24 |
|
|
|
|
18.180.220.128 - 18.180.220.255** | 18.180.220.128/25 |
|
|
|
|
Singapore | 54.169.127.128 - 54.169.127.191 | 54.169.127.128/26 |
|
|
|
13.229.255.0 - 13.229.255.31 | 13.229.255.0/27 |
|
|
|
|
3.1.77.0 - 3.1.77.255 | 3.1.77.0/24 |
|
|
|
|
18.141.157.128 - 18.141.157.255** | 18.141.157.128/25 |
|
|
|
|
USA | 34.216.110.128 - 34.216.110.159 | 34.216.110.128/27 |
|
|
|
34.203.254.0 - 34.203.254.255 | 34.203.254.0/24 |
|
|
|
|
54.244.51.0 - 54.244.51.255 | 54.244.51.0/24 |
|
|
|
|
34.203.250.0 - 34.203.251.255 | 34.203.250.0/23 | 10000 - 60000 443, 3478 5349 443 | UDP/SRTP/SRTCP TCP/UDP TCP WSS | Media Transport Media Signalling |
|
3.235.111.128 - 3.235.111.255** | 3.235.111.128/25 |
|
|
|
|
44.234.69.0 - 44.234.69.127** | 44.234.69.0/25 |
|
|
|
|
54.172.60.0 - 54.172.61.255 | 54.172.60.0/23 |
|
|
|
|
*if the client is not using video conferencing features, only the 10,000 - 20,000 range is used.
Additional Host Connectivity
Devices should also be able to connect to these hostnames. These hosts should be excluded from inspection/policing on the ports wherever possible, and allow return traffic.
The services are hosted on Amazon Web Services. You can find Amazon’s current public ranges by checking here. Amazon changes these ranges often, and services could originate from any address in these ranges.
Host | Client Port | Server Port | Protocol(s) | Purpose |
global.vss.twilio.com | Any†
| 443
| WSS
| Video Media Signalling |
au1.vss.twilio.com |
|
|
|
|
br1.vss.twilio.com |
|
|
|
|
de1.vss.twilio.com |
|
|
|
|
ie1.vss.twilio.com |
|
|
|
|
in1.vss.twilio.com |
|
|
|
|
jp1.vss.twilio.com |
|
|
|
|
sg1.vss.twilio.com |
|
|
|
|
us1.vss.twilio.com |
|
|
|
|
us2.vss.twilio.com |
|
|
|
|
sdkgw.us1.twilio.com |
|
|
|
|
endpoint.twilio.com | 443 | HTTPS | Media Gateway |
|
ecs.us1.twilio.com | 443 | HTTPS | Authentication |
|
chunderw-gll.twilio.com | 443 | TCP | Voice Media Signalling (GLL) |
|
chunderw-vpc-gll.twilio.com | Voice Media Signalling (Global) |
|
|
|
chunderw-vpc-gll-au1.twilio.com |
|
|
|
|
chunderw-vpc-gll-br1.twilio.com |
|
|
|
|
chunderw-vpc-gll-de1.twilio.com |
|
|
|
|
chunderw-vpc-gll-ie1.twilio.com |
|
|
|
|
chunderw-vpc-gll-jp1.twilio.com |
|
|
|
|
chunderw-vpc-gll-sg1.twilio.com |
|
|
|
|
chunderw-vpc-gll-us1.twilio.com |
|
|
|
|
eventgw.twilio.com | Voice Client Insights |
|
|
|
app.jiminny.com | 443 | HTTPS | Web Conference |
|
media.app.jiminny.com | Media Playback |
|
|
|
ext.jiminny.com | Dialer Application |
|
|
|
cdn.jiminny.com | Conference Assets |
|
|
|
ws.pusherapp.com | 433 | WSS | Conference Signalling |
|
† The client-side will select any available port from the ephemeral range. On most devices, this means the port range 1,024 to 65,535.
VPNs
We highly discourage the use of a VPN because it will affect audio quality for voice services. If you do need to use a VPN, you can exclude the voice traffic using the IP address ranges listed above.