ROS Resources: Documentation | Support | Discussion Forum | Index | Service Status | ros @ Robotics Stack Exchange |
1 | initial version |
We don't have any networking guides for ROS 2 yet.
However, ROS 2 uses DDS by default, so you could draw on those resources to get help configuring your network to allow DDS traffic. For both ROS 1 and ROS 2, communication over the internet has two challenges, discovery and peer-to-peer communication.
tl;dr I'd use VPN between the remote computers, and set it up to forward multicast UDP as well.
But, for the case you specifically laid out, it will be difficult. DDS does discovery over UDP multicast and UDP unicast. So doing discovery across the internet is not going to work that way. This is because UDP multicast will not work over the internet as far as I know.
In ROS 1 you could solve this by making the ROS master publicly accessible on the internet, and pointing the nodes on the remote machine to the public IP and port for the machine running the ROS master. However, the nodes still communicate peer-to-peer.
In ROS 2, I don't know of a generic solution, but individual DDS implementations may have tools for relaying discovery information across the internet. Though I don't think that will be very easy to use with ROS 2 because there isn't a portable way to do it that of which I am aware.
After connecting discovery, you still need individual nodes to be able to communicate with each other.
In ROS 1 this is very hard because nodes let the OS pick ports randomly, so you don't know how to NAT or open your firewall to let them talk.
In ROS 2, the ports that are used are deterministic according to an algorithm, for example see:
https://eprosima-fast-rtps.readthedocs.io/en/latest/pubsub.html#id4
So you could open the right range of ports for peer-to-peer in ROS 2 if you wanted.
So in summary, it's possible to do discovery over the internet with ROS 1, but not realistic to do discovery with ROS 2 over the internet. For peer-to-peer, it's impossible to predict the ports ROS 1 will use, but you can predict and therefore open up ports for ROS 2.
But for both ROS 1 and ROS 2, I wouldn't suggest exposing either publicly to the internet for security reasons.
So in conclusion, I would recommend using VPN for either ROS 1 or ROS 2, for both simplicity and security.