d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
843cdbf71cc0551231e511d98cdd67a2932ef9d0
smom-dbis-138/docs/archive/status-reports/phase1/FULL_MESH_PEERING_COMPLETE.md
defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration 
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.
2025-12-12 14:57:48 -08:00

4.9 KiB
Raw Blame History

Full-Mesh VNet Peering Complete

Overview

A full-mesh VNet peering has been created between all 6 VNets, enabling direct communication between any pair of VNets without routing through the proxy.

VNets in Full Mesh

  1. Proxy VNet: az-p-wst-proxy-vnet (West Europe)
  2. Central US: az-p-cus-vm-vnet
  3. East US: az-p-eus-vm-vnet
  4. East US 2: az-p-eus2-vm-vnet
  5. West US: az-p-wus-vm-vnet
  6. West US 2: az-p-wus2-vm-vnet

Peering Topology

Total Peerings

  • VNet Pairs: 15 (C(6,2) = 15)
  • Bidirectional Peerings: 30 (15 pairs × 2 directions)
  • Peerings per VNet: 5 (each VNet peers with the other 5)

Peering Matrix

VNet A VNet B A→B Peering B→A Peering
az-p-wst-proxy-vnet az-p-cus-vm-vnet
az-p-wst-proxy-vnet az-p-eus-vm-vnet
az-p-wst-proxy-vnet az-p-eus2-vm-vnet
az-p-wst-proxy-vnet az-p-wus-vm-vnet
az-p-wst-proxy-vnet az-p-wus2-vm-vnet
az-p-cus-vm-vnet az-p-eus-vm-vnet
az-p-cus-vm-vnet az-p-eus2-vm-vnet
az-p-cus-vm-vnet az-p-wus-vm-vnet
az-p-cus-vm-vnet az-p-wus2-vm-vnet
az-p-eus-vm-vnet az-p-eus2-vm-vnet
az-p-eus-vm-vnet az-p-wus-vm-vnet
az-p-eus-vm-vnet az-p-wus2-vm-vnet
az-p-eus2-vm-vnet az-p-wus-vm-vnet
az-p-eus2-vm-vnet az-p-wus2-vm-vnet
az-p-wus-vm-vnet az-p-wus2-vm-vnet

Peering Configuration

All peerings created with:

  • allowVirtualNetworkAccess = true
  • allowForwardedTraffic = true
  • useRemoteGateways = false
  • Bidirectional (both directions)

Peering Naming Convention

Peerings are named using the pattern:

  • {source-vnet-name}-to-{destination-vnet-name}

Examples:

  • az-p-wst-proxy-vnet-to-az-p-cus-vm-vnet
  • az-p-cus-vm-vnet-to-az-p-wst-proxy-vnet
  • az-p-eus-vm-vnet-to-az-p-wus-vm-vnet

Network Address Spaces

VNet Address Space Subnet
az-p-wst-proxy-vnet 10.10.0.0/16 10.10.1.0/24
az-p-cus-vm-vnet 10.3.0.0/16 10.3.1.0/24
az-p-eus-vm-vnet 10.1.0.0/16 10.1.1.0/24
az-p-eus2-vm-vnet 10.4.0.0/16 10.4.1.0/24
az-p-wus-vm-vnet 10.2.0.0/16 10.2.1.0/24
az-p-wus2-vm-vnet 10.5.0.0/16 10.5.1.0/24

Benefits of Full Mesh

  1. Direct Communication: Any VNet can communicate directly with any other VNet
  2. No Single Point of Failure: Communication doesn't depend on the proxy VNet
  3. Lower Latency: Direct paths reduce network hops
  4. P2P Support: Besu nodes can discover and connect to peers across regions
  5. Consensus Support: Validators can communicate directly for consensus

Verification

Check Peering Status

# List all peerings for a specific VNet
az network vnet peering list \
  --resource-group <RG_NAME> \
  --vnet-name <VNET_NAME> \
  --query "[].{Name:name, State:peeringState, RemoteVNet:remoteVirtualNetwork.id}" \
  -o table

Test Connectivity

From any VM, test connectivity to any other VM:

# From Nginx VM (10.10.1.4) to Besu nodes
for IP in 10.1.1.4 10.2.1.4 10.3.1.4 10.4.1.4 10.5.1.4; do
  curl -s -X POST -H "Content-Type: application/json" \
    --data '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}' \
    http://$IP:8545
done

# Cross-VNet test (from one Besu node to another)
curl -s -X POST -H "Content-Type: application/json" \
  --data '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}' \
  http://10.1.1.4:8545  # From any Besu node to East US

Expected Results

  • All peerings show peeringState: "Connected"
  • Ping tests show 0% packet loss
  • RPC calls return valid JSON-RPC responses
  • Cross-VNet communication works

Next Steps

  1. Full-Mesh Peerings: Created (30 peerings)
  2. Wait for Propagation: Allow 1-2 minutes for all peerings to fully initialize
  3. Test Connectivity: Verify all VNets can reach each other
  4. Test RPC Endpoint: Verify https://rpc.d-bis.org responds correctly
  5. Test P2P Discovery: Verify Besu nodes can discover peers across regions

Troubleshooting

Peering Not Connected

If a peering shows peeringState: "Initiated" instead of "Connected":

  1. Check that the reverse peering exists
  2. Wait 1-2 minutes for Azure to sync
  3. Verify both VNets are in the same subscription

Connectivity Issues

If ping/RPC tests fail:

  1. Verify NSG rules allow traffic
  2. Check that peerings are in "Connected" state
  3. Verify VNet address spaces don't overlap
  4. Check route tables (if custom routes exist)

Status: Full-Mesh VNet Peering Complete

All 30 bidirectional peerings have been created, enabling direct communication between all 6 VNets.

Reference in New Issue View Git Blame Copy Permalink