Member Login
Select Page

NSDA Campus Tech

    NSDA Campus

    If you, as a tournament host or participant, are planning to use NSDA Campus from your school building or another restricted network, please test your network and devices as soon as possible and involve your school’s Information Technology staff to make modifications to network firewalls or content filters, if necessary.

    The vast majority of users, even on restrictive networks, should have no problems connecting to Campus. However, if you have audio/video connection problems, it’s likely that you are on a particularly restrictive network. In that case, the instructions given below should help you resolve any connection issues. Some of the specific instructions are uncommon requests for school IT departments, so please note that they must be followed to the letter if you are encountering connection issues when testing.

    The best way to test is by going to https://campus.speechanddebate.org/ – To test, you should use the same devices and the same network as you will use during competition.

    IT SPECIFICS

    The vast majority of users will not need to make any specific modifications to their network, firewall, or device settings in order to access Campus. As long as your network allows typical web traffic, Campus should work as well.

     However, if you run into issues connecting or issues with your audio/video when in the room, the suggestions below should help. If your school IT will not make the necessary firewall accommodations, we recommend using a hotspot or other mobile device to connect to the internet instead.

    Access is required to the following domains

    The following ports will need to be opened

    The only mandatory ports are the same as for standard web traffic:

    •  80 TCP: HTTP
    •  443 TCP: HTTPS

    If you have audio/video problems, or for optimal performance, we strongly recommend opening:

    •  10000 UDP: Web-RTC

    UDP 10000 needs to be open to all IP addresses. You should also ensure you are not specifically blocking peer-to-peer connections (for Web-RTC).

    IT Frequently Asked Questions

    Please review these FAQs regarding this process and questions IT departments may pose:

    What IP addresses do those ports need to be open to?

    The video servers run on AWS and are dynamically scaled, so do not have fixed hostnames or IP’s. Web traffic on ports 80/443 need to be open to at least Amazon’s IP list for us-east-1, us-east-2, us-west-1, and us-west-2: https://ip-ranges.amazonaws.com/ip-ranges.json

    Audio/video traffic attempts to use UDP port 10000, so that port should be open to all IP addresses. When closed, Campus will attempt to use a TURN relay through TCP port 443. However, this may cause A/V performance degradation, so opening UDP 10000 is still highly recommended.

    Is it risky to open UDP port 10000?

    No. An open port is not ipso facto dangerous. For an open port to represent an exploitable security hole, the device in question has to be running software on that specific port listening to incoming requests, that software needs to have an exploitable security flaw, and that security flaw needs to be substantial enough to cause harm. Then, someone has to be looking at the right place at the right time to exploit it. For Campus to function optimally, the firewall only needs to open a single port during competition hours, and only to the specific devices in use. That represents a very small attack surface.

    We have had hundreds of thousands of users on Campus at hundreds of different schools, and have had no reported security incidents.

    If you are still concerned about the risks, there are a number of steps you can take to further limit the exposure. You can only open the port to the specific devices being used for competition, you can only open it during competition hours, and you can ensure there is no other software running on the devices.