reports/VMID2400_CONFIGURATION_FIXES.md

# VMID 2400 Configuration Fixes - Peer Connection Issues

**Date**: 2026-01-02  
**Issue**: VMID 2400 was not connecting to peers (0 peers, unable to sync)  
**Root Cause**: Two critical configuration differences compared to working VMID 2500

---

## Problems Identified

### 1. Incorrect `p2p-host` Configuration

**VMID 2500 (Working):**
```toml
p2p-host="192.168.11.250"
```
→ Generates enode: `enode://...@192.168.11.250:30303` ✅

**VMID 2400 (Broken):**
```toml
p2p-host="0.0.0.0"
```
→ Generated enode: `enode://...@0.0.0.0:30303` ❌ (invalid for peer connections)

**Fix Applied:**
```toml
p2p-host="192.168.11.240"
```

### 2. Missing from Permissions Allowlist

**VMID 2500 (Working):**
- Enode is listed in `permissions-nodes.toml` on all nodes
- Other nodes can accept connections from VMID 2500
- VMID 2500 can connect to other nodes

**VMID 2400 (Broken):**
- Enode was **NOT** in `permissions-nodes.toml` on any nodes
- Permissioning is enabled (`permissions-nodes-config-file-enabled=true`)
- Without being in the allowlist, VMID 2400 cannot connect to other nodes
- Other nodes will reject connections from VMID 2400

**Fix Applied:**
Added VMID 2400's enode to `permissions-nodes.toml`:
```
"enode://38e138ea5a4b0b244e4484b5c327631b5d3c849dcb188ff3d9ff0a8b6ad7edb738303a1a948888c269aa7555e5ff47d75b7b63dbd579d05580b5442b3fa0ebfc@192.168.11.240:30303",
```

---

## Fixes Applied

### 1. Updated Configuration File

**File**: `/etc/besu/config-rpc-thirdweb.toml` on VMID 2400

**Change**:
```toml
# Before:
p2p-host="0.0.0.0"

# After:
p2p-host="192.168.11.240"
```

### 2. Updated Permissions File

**File**: `/permissions/permissions-nodes.toml`

**Action**: Added VMID 2400's enode to the allowlist on all nodes:
- VMIDs 1000-1004 (Validators)
- VMIDs 1500-1503 (Sentries)
- VMIDs 2500-2502 (Other RPC nodes)
- VMID 2400 (itself)

**Enode Added**:
```
"enode://38e138ea5a4b0b244e4484b5c327631b5d3c849dcb188ff3d9ff0a8b6ad7edb738303a1a948888c269aa7555e5ff47d75b7b63dbd579d05580b5442b3fa0ebfc@192.168.11.240:30303",
```

### 3. Service Restart

Restarted `besu-rpc.service` on VMID 2400 to apply the `p2p-host` change.

---

## Verification

### Configuration Fixed ✅
- `p2p-host` now correctly set to `192.168.11.240`
- Enode URL now shows: `@192.168.11.240:30303` (instead of `@0.0.0.0:30303`)
- Node record shows correct IP addresses (udpAddress and tcpAddress both show `192.168.11.240:30303`)

### Permissions Updated ✅
- VMID 2400's enode added to `permissions-nodes.toml` on all 12 nodes
- Verified on VMID 2500 that the enode is present

### Network Connectivity ✅
- VMID 2400 can ping VMID 2500
- VMID 2400 can connect to VMID 2500's port 30303

---

## Next Steps for VMIDs 2401 and 2402

When setting up VMIDs 2401 and 2402, ensure:

1. **p2p-host Configuration**:
   ```toml
   p2p-host="192.168.11.241"  # For VMID 2401
   p2p-host="192.168.11.242"  # For VMID 2402
   ```

2. **Add Enodes to Permissions**:
   - Extract the enode URL after Besu starts (check logs: `journalctl -u besu-rpc | grep "Enode URL"`)
   - Add the enode to `/permissions/permissions-nodes.toml` on all nodes
   - Format: `"enode://<node-id>@192.168.11.241:30303",` (for VMID 2401)

3. **Verify Connectivity**:
   - Check that the enode shows the correct IP address (not `0.0.0.0`)
   - Monitor logs for peer connections
   - Use `net_peerCount` RPC call to verify peer count increases

---

## Comparison Summary

| Configuration | VMID 2500 (Working) | VMID 2400 (Before Fix) | VMID 2400 (After Fix) |
|--------------|---------------------|------------------------|-----------------------|
| `p2p-host` | `192.168.11.250` | `0.0.0.0` ❌ | `192.168.11.240` ✅ |
| Enode URL | `@192.168.11.250:30303` ✅ | `@0.0.0.0:30303` ❌ | `@192.168.11.240:30303` ✅ |
| In permissions-nodes.toml | Yes ✅ | No ❌ | Yes ✅ |
| Peer Connections | 5 peers ✅ | 0 peers ❌ | Pending (fixes applied) |

---

## Current Status

- ✅ Configuration file updated
- ✅ Permissions file updated on all nodes
- ✅ Service restarted with new configuration
- ✅ Enode URL now shows correct IP address
- ⏳ Waiting for peer connections to establish (may take a few minutes)

The fixes have been applied. VMID 2400 should now be able to connect to peers once Besu establishes connections with the other nodes. Monitor the logs with:
```bash
ssh root@192.168.11.10 "pct exec 2400 -- journalctl -u besu-rpc -f"
```

Look for messages like:
- "Connected to peer"
- "Peer count: X"
- "Importing block #X" (once synced)
Complete markdown files cleanup and organization - Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards. 2026-01-06 01:46:25 -08:00			`# VMID 2400 Configuration Fixes - Peer Connection Issues`

			`Date: 2026-01-02`
			`Issue: VMID 2400 was not connecting to peers (0 peers, unable to sync)`
			`Root Cause: Two critical configuration differences compared to working VMID 2500`

			`---`

			`## Problems Identified`

			### 1. Incorrect `p2p-host` Configuration

			`VMID 2500 (Working):`
			```toml
			`p2p-host="192.168.11.250"`
			```
			→ Generates enode: `enode://...@192.168.11.250:30303` ✅

			`VMID 2400 (Broken):`
			```toml
			`p2p-host="0.0.0.0"`
			```
			→ Generated enode: `enode://...@0.0.0.0:30303` ❌ (invalid for peer connections)

			`Fix Applied:`
			```toml
			`p2p-host="192.168.11.240"`
			```

			`### 2. Missing from Permissions Allowlist`

			`VMID 2500 (Working):`
			- Enode is listed in `permissions-nodes.toml` on all nodes
			`- Other nodes can accept connections from VMID 2500`
			`- VMID 2500 can connect to other nodes`

			`VMID 2400 (Broken):`
			- Enode was NOT in `permissions-nodes.toml` on any nodes
			- Permissioning is enabled (`permissions-nodes-config-file-enabled=true`)
			`- Without being in the allowlist, VMID 2400 cannot connect to other nodes`
			`- Other nodes will reject connections from VMID 2400`

			`Fix Applied:`
			Added VMID 2400's enode to `permissions-nodes.toml`:
			```
			`"enode://38e138ea5a4b0b244e4484b5c327631b5d3c849dcb188ff3d9ff0a8b6ad7edb738303a1a948888c269aa7555e5ff47d75b7b63dbd579d05580b5442b3fa0ebfc@192.168.11.240:30303",`
			```

			`---`

			`## Fixes Applied`

			`### 1. Updated Configuration File`

			File: `/etc/besu/config-rpc-thirdweb.toml` on VMID 2400

			`Change:`
			```toml
			`# Before:`
			`p2p-host="0.0.0.0"`

			`# After:`
			`p2p-host="192.168.11.240"`
			```

			`### 2. Updated Permissions File`

			File: `/permissions/permissions-nodes.toml`

			`Action: Added VMID 2400's enode to the allowlist on all nodes:`
			`- VMIDs 1000-1004 (Validators)`
			`- VMIDs 1500-1503 (Sentries)`
			`- VMIDs 2500-2502 (Other RPC nodes)`
			`- VMID 2400 (itself)`

			`Enode Added:`
			```
			`"enode://38e138ea5a4b0b244e4484b5c327631b5d3c849dcb188ff3d9ff0a8b6ad7edb738303a1a948888c269aa7555e5ff47d75b7b63dbd579d05580b5442b3fa0ebfc@192.168.11.240:30303",`
			```

			`### 3. Service Restart`

			Restarted `besu-rpc.service` on VMID 2400 to apply the `p2p-host` change.

			`---`

			`## Verification`

			`### Configuration Fixed ✅`
			- `p2p-host` now correctly set to `192.168.11.240`
			- Enode URL now shows: `@192.168.11.240:30303` (instead of `@0.0.0.0:30303`)
			- Node record shows correct IP addresses (udpAddress and tcpAddress both show `192.168.11.240:30303`)

			`### Permissions Updated ✅`
			- VMID 2400's enode added to `permissions-nodes.toml` on all 12 nodes
			`- Verified on VMID 2500 that the enode is present`

			`### Network Connectivity ✅`
			`- VMID 2400 can ping VMID 2500`
			`- VMID 2400 can connect to VMID 2500's port 30303`

			`---`

			`## Next Steps for VMIDs 2401 and 2402`

			`When setting up VMIDs 2401 and 2402, ensure:`

			`1. p2p-host Configuration:`
			```toml
			`p2p-host="192.168.11.241" # For VMID 2401`
			`p2p-host="192.168.11.242" # For VMID 2402`
			```

			`2. Add Enodes to Permissions:`
			- Extract the enode URL after Besu starts (check logs: `journalctl -u besu-rpc \| grep "Enode URL"`)
			- Add the enode to `/permissions/permissions-nodes.toml` on all nodes
			- Format: `"enode://<node-id>@192.168.11.241:30303",` (for VMID 2401)

			`3. Verify Connectivity:`
			- Check that the enode shows the correct IP address (not `0.0.0.0`)
			`- Monitor logs for peer connections`
			- Use `net_peerCount` RPC call to verify peer count increases

			`---`

			`## Comparison Summary`

			`\| Configuration \| VMID 2500 (Working) \| VMID 2400 (Before Fix) \| VMID 2400 (After Fix) \|`
			`\|--------------\|---------------------\|------------------------\|-----------------------\|`
			\| `p2p-host` \| `192.168.11.250` \| `0.0.0.0` ❌ \| `192.168.11.240` ✅ \|
			\| Enode URL \| `@192.168.11.250:30303` ✅ \| `@0.0.0.0:30303` ❌ \| `@192.168.11.240:30303` ✅ \|
			`\| In permissions-nodes.toml \| Yes ✅ \| No ❌ \| Yes ✅ \|`
			`\| Peer Connections \| 5 peers ✅ \| 0 peers ❌ \| Pending (fixes applied) \|`

			`---`

			`## Current Status`

			`- ✅ Configuration file updated`
			`- ✅ Permissions file updated on all nodes`
			`- ✅ Service restarted with new configuration`
			`- ✅ Enode URL now shows correct IP address`
			`- ⏳ Waiting for peer connections to establish (may take a few minutes)`

			`The fixes have been applied. VMID 2400 should now be able to connect to peers once Besu establishes connections with the other nodes. Monitor the logs with:`
			```bash
			`ssh root@192.168.11.10 "pct exec 2400 -- journalctl -u besu-rpc -f"`
			```

			`Look for messages like:`
			`- "Connected to peer"`
			`- "Peer count: X"`
			`- "Importing block #X" (once synced)`