Registration to the StarLeaf platform
Managing StarLeaf platform and traffic routingLast updated February 28, 2020
A StarLeaf endpoint must be registered to the StarLeaf platform to work. All signaling to and from the endpoint is controlled by StarLeaf and routed via a single host on the public Internet. This host has a DNS name like mycompany.call.sl, which resolves to the public IP address of a border controller within the StarLeaf platform. Every endpoint in the customer organization uses the same border controller. The endpoint sends ‘probe’ packets to the border controller, which sends packets back in reply. A regular flow of packets, which is able to encapsulate any type of payload required, ensures that the customer’s firewall NAT pinhole is kept open. This is StarLeaf’s firewall traversal mechanism and is called a tunnel. Because all endpoint signaling is controlled and routed via the StarLeaf platform, it is not possible to call a StarLeaf endpoint by its own IP address. StarLeaf endpoints cannot call third-party endpoints that use private IP addresses, but can call public IP addresses. On point-to-point (two-way) calls within an organization, media (video, audio and content) takes the most direct route possible:
- If the endpoints can route traffic to each other’s private IP addresses, the media will be sent that way
- If the endpoints are on different LANs but can route traffic via each other’s public (NAT) addresses, the media will be sent that way
- If no direct route can be found, the media will be backhauled to the organization’s StarLeaf border controller
- Ensure that the conditions in this article:
Firewall configuration for StarLeaf endpoints are met.
- Ask an affected StarLeaf app user to run problem_report.exe, available from https://dl.starleaf.com/app/StarLeaf-Problem-Reporter.exe . This will upload debugging information to StarLeaf’s development server and allow the StarLeaf technical support team to identify the cause of the failed connection.