Flow Gateway V3 Networking Specifications

Owned by Paul Mumby
Last updated: 19 Mar, 2024 by Scott Nightingale
2 min read

Flow Gateway V3 Networking Specifications

The Flow Gateway V3 device is a hardware IoT Gateway device which provides a means to collect sensor data from the Espresso Machine’s Flow Sensors.

The V3 device requires a very minimal networking footprint to operate successfully.

Note: Because the Flow Cloud Platform is build on serverless cloud native technology, and utilizes global CDNs and Web Application Firewalls, the resulting IP addresses of our endpoints are potentially dynamic. The only reliable way to identify our endpoints is via FQDN.

A quick note about Guest/Public networks and Captive Portal networks:

Flow Gateway is not compatible with networks requiring a captive portal login. You will know that your network has a captive portal if you are required to interact with a web page to gain access to the network when you connect. See here for more information: What is a captive portal? – TechTarget Definition

Additionally, networks such as Guest Networks or Publicly accessible Wifi networks tend to have additional constraints on them which limit traffic, or affect the quality of the connection to ensure wider accessibility. These measures, coupled with the higher utilization from many users can adversely affect the performance of the Flow Gateway, so we do not recommend that the Flow Gateway be provisioned on this type of network.

Currently the Flow Gateway V3 only utilizes the following traffic flows:

Direction of Connection (from flow gateway)

Remote Endpoint FQDN

Protocol

Port

Purpose/Notes

Direction of Connection (from flow gateway)

Remote Endpoint FQDN

Protocol

Port

Purpose/Notes

Outbound

http-ota.iot.flowcoffee.co.nz

HTTPS (HTTP+TLS via TCP)

443

Firmware Updates to Device (device makes a request to this endpoint, to download a firmware binary from the Flow Servers (the specific file URI to download is sent to the device via MQTT control stream over an authenticated and encrypted channel, and will change with each version)

Outbound

mqtt.iot.flowcoffee.co.nz

MQTT+TLS via TCP

8883

Bi-directional MQTT stream between the device and the Flow Cloud Platform. This is established as an outbound connection, and is authenticated and encrypted, allowing bi-directional communication including:

  • Command & Control

  • Firmware Updates

  • Monitoring/Device Health Checks

  • Transmission of Coffee Extraction data to the cloud for processing.

Outbound

pool.ntp.org (though eventually will support local DHCP configured ntp server)

SNTP via UDP

123

The device synchronizes it’s internal clock to an NTP source. Currently in the prototype firmware this is using the public ntp pool servers, however in the final mass production firmware it will pull the NTP configuration via DHCP if it exists, and use the configured NTP Server address provided. If none is provided, it will fall back to using the public pool server.

NTP is crucial to allow the device consistant and accurate timekeeping in order to appropriately attribute sensor readings in transmission back to the cloud.

Outbound

diagnostics.iot.flowcoffee.co.nz

HTTPS

443

Network diagnostic endpoint to allow the Flow Gateway to discover its public IP address