# CCIP Deployment Specification - ChainID 138

**Last Updated:** 2026-01-31  
**Document Version:** 1.0  
**Status:** Active Documentation

---

**Status**: Deployment-ready, fully enabled CCIP lane  
**Total Nodes**: 41 (minimum) or 43 (with 7 RMN nodes)  
**VMID Range**: 5400-5599 (200 VMIDs available)

---

## Overview

This specification defines the deployment of a **fully enabled CCIP lane** for ChainID 138, including all required components for operational readiness:

## CCIP Fleet Architecture Diagram

```mermaid
graph TB
    Internet[Internet]
    ER605[ER605 Router]
    
    subgraph CCIPNetwork[CCIP Network]
        subgraph CommitDON[Commit DON - VLAN 132]
            Commit1[CCIP-COMMIT-01<br/>VMID 5410]
            Commit2[CCIP-COMMIT-02<br/>VMID 5411]
            Commit16[CCIP-COMMIT-16<br/>VMID 5425]
        end
        
        subgraph ExecDON[Execute DON - VLAN 133]
            Exec1[CCIP-EXEC-01<br/>VMID 5440]
            Exec2[CCIP-EXEC-02<br/>VMID 5441]
            Exec16[CCIP-EXEC-16<br/>VMID 5455]
        end
        
        subgraph RMN[RMN - VLAN 134]
            RMN1[CCIP-RMN-01<br/>VMID 5470]
            RMN2[CCIP-RMN-02<br/>VMID 5471]
            RMN7[CCIP-RMN-07<br/>VMID 5476]
        end
        
        subgraph Ops[Ops/Admin - VLAN 130]
            Ops1[CCIP-OPS-01<br/>VMID 5400]
            Ops2[CCIP-OPS-02<br/>VMID 5401]
        end
    end
    
    Internet --> ER605
    ER605 --> CommitDON
    ER605 --> ExecDON
    ER605 --> RMN
    ER605 --> Ops
    
    CommitDON -->|NAT Pool Block #2| Internet
    ExecDON -->|NAT Pool Block #3| Internet
    RMN -->|NAT Pool Block #4| Internet
```

---

1. **Transactional Oracle Nodes** (32 nodes)
   - Commit-role nodes (16)
   - Execute-role nodes (16)

2. **Risk Management Network (RMN)** (5-7 nodes)

3. **Operational Control Plane** (4 nodes)
   - Admin/Ops nodes (2)
   - Monitoring/Telemetry nodes (2)

---

## Node Allocation

### A) CCIP Transactional Oracle Nodes (32 nodes)

#### 1. Commit-Role Chainlink Nodes (16 nodes)

**VMIDs**: 5410-5425  
**Hostnames**: CCIP-COMMIT-01 through CCIP-COMMIT-16

**Purpose**: Observe finalized source-chain events, build Merkle roots, and submit commit reports (request RMN "blessings" when applicable).

**Responsibilities**:
- Monitor source chain (ChainID 138) for finalized events
- Build Merkle roots from observed events
- Submit commit reports to the commit DON
- Request RMN validation for security-sensitive operations

| VMID | Hostname | Role | Function |
|------|----------|------|----------|
| 5410 | CCIP-COMMIT-01 | Commit Oracle | Commit-role Chainlink node |
| 5411 | CCIP-COMMIT-02 | Commit Oracle | Commit-role Chainlink node |
| 5412 | CCIP-COMMIT-03 | Commit Oracle | Commit-role Chainlink node |
| 5413 | CCIP-COMMIT-04 | Commit Oracle | Commit-role Chainlink node |
| 5414 | CCIP-COMMIT-05 | Commit Oracle | Commit-role Chainlink node |
| 5415 | CCIP-COMMIT-06 | Commit Oracle | Commit-role Chainlink node |
| 5416 | CCIP-COMMIT-07 | Commit Oracle | Commit-role Chainlink node |
| 5417 | CCIP-COMMIT-08 | Commit Oracle | Commit-role Chainlink node |
| 5418 | CCIP-COMMIT-09 | Commit Oracle | Commit-role Chainlink node |
| 5419 | CCIP-COMMIT-10 | Commit Oracle | Commit-role Chainlink node |
| 5420 | CCIP-COMMIT-11 | Commit Oracle | Commit-role Chainlink node |
| 5421 | CCIP-COMMIT-12 | Commit Oracle | Commit-role Chainlink node |
| 5422 | CCIP-COMMIT-13 | Commit Oracle | Commit-role Chainlink node |
| 5423 | CCIP-COMMIT-14 | Commit Oracle | Commit-role Chainlink node |
| 5424 | CCIP-COMMIT-15 | Commit Oracle | Commit-role Chainlink node |
| 5425 | CCIP-COMMIT-16 | Commit Oracle | Commit-role Chainlink node |

#### 2. Execute-Role Chainlink Nodes (16 nodes)

**VMIDs**: 5440-5455  
**Hostnames**: CCIP-EXEC-01 through CCIP-EXEC-16

**Purpose**: Monitor pending executions on destination chains, verify proofs, and execute messages on destination chains.

**Responsibilities**:
- Monitor destination chains for pending CCIP executions
- Verify Merkle proofs from commit reports
- Execute validated messages on destination chains
- Coordinate with commit DON for message verification

| VMID | Hostname | Role | Function |
|------|----------|------|----------|
| 5440 | CCIP-EXEC-01 | Execute Oracle | Execute-role Chainlink node |
| 5441 | CCIP-EXEC-02 | Execute Oracle | Execute-role Chainlink node |
| 5442 | CCIP-EXEC-03 | Execute Oracle | Execute-role Chainlink node |
| 5443 | CCIP-EXEC-04 | Execute Oracle | Execute-role Chainlink node |
| 5444 | CCIP-EXEC-05 | Execute Oracle | Execute-role Chainlink node |
| 5445 | CCIP-EXEC-06 | Execute Oracle | Execute-role Chainlink node |
| 5446 | CCIP-EXEC-07 | Execute Oracle | Execute-role Chainlink node |
| 5447 | CCIP-EXEC-08 | Execute Oracle | Execute-role Chainlink node |
| 5448 | CCIP-EXEC-09 | Execute Oracle | Execute-role Chainlink node |
| 5449 | CCIP-EXEC-10 | Execute Oracle | Execute-role Chainlink node |
| 5450 | CCIP-EXEC-11 | Execute Oracle | Execute-role Chainlink node |
| 5451 | CCIP-EXEC-12 | Execute Oracle | Execute-role Chainlink node |
| 5452 | CCIP-EXEC-13 | Execute Oracle | Execute-role Chainlink node |
| 5453 | CCIP-EXEC-14 | Execute Oracle | Execute-role Chainlink node |
| 5454 | CCIP-EXEC-15 | Execute Oracle | Execute-role Chainlink node |
| 5455 | CCIP-EXEC-16 | Execute Oracle | Execute-role Chainlink node |

---

### B) Risk Management Network (RMN) (5-7 nodes)

**VMIDs**: 5470-5474 (minimum 5) or 5470-5476 (recommended 7)  
**Hostnames**: CCIP-RMN-01 through CCIP-RMN-05 (or CCIP-RMN-07)

**Purpose**: Independent security network that monitors and validates CCIP behavior, providing an additional security layer before commits/execution proceed.

**Responsibilities**:
- Independently monitor CCIP commit and execute operations
- Validate security-critical transactions
- Provide "blessing" approvals for high-value operations
- Act as independent security audit layer

| VMID | Hostname | Role | Function |
|------|----------|------|----------|
| 5470 | CCIP-RMN-01 | RMN Node | Risk Management Network node |
| 5471 | CCIP-RMN-02 | RMN Node | Risk Management Network node |
| 5472 | CCIP-RMN-03 | RMN Node | Risk Management Network node |
| 5473 | CCIP-RMN-04 | RMN Node | Risk Management Network node |
| 5474 | CCIP-RMN-05 | RMN Node | Risk Management Network node |
| 5475 | CCIP-RMN-06 | RMN Node | Risk Management Network node (optional) |
| 5476 | CCIP-RMN-07 | RMN Node | Risk Management Network node (optional) |

**Recommendation**: Deploy 7 RMN nodes (5470-5476) for stronger fault tolerance from day-1.

---

### C) Operational Control Plane (4 nodes)

#### 3. CCIP Ops / Admin (2 nodes)

**VMIDs**: 5400-5401  
**Hostnames**: CCIP-OPS-01, CCIP-OPS-02

**Purpose**: Primary operational control plane for CCIP network management, key rotation, and manual execution operations.

**Responsibilities**:
- Network administration and configuration management
- Key rotation and access control
- Manual execution coordination
- Emergency response operations

| VMID | Hostname | Role | Function |
|------|----------|------|----------|
| 5400 | CCIP-OPS-01 | Admin | Primary CCIP operations/admin node |
| 5401 | CCIP-OPS-02 | Admin | Backup CCIP operations/admin node |

#### 4. CCIP Monitoring / Telemetry (2 nodes)

**VMIDs**: 5402-5403  
**Hostnames**: CCIP-MON-01, CCIP-MON-02

**Purpose**: Metrics collection, log aggregation, alerting, and operational visibility.

**Responsibilities**:
- Metrics collection and aggregation
- Log aggregation and analysis
- Alerting and notification management
- Operational dashboard and visibility

| VMID | Hostname | Role | Function |
|------|----------|------|----------|
| 5402 | CCIP-MON-01 | Monitoring | Primary CCIP monitoring/telemetry node |
| 5403 | CCIP-MON-02 | Monitoring | Redundant CCIP monitoring/telemetry node |

---

## Complete VMID Allocation

| Component | VMID Range | Count | Hostname Pattern |
|-----------|-----------|-------|------------------|
| CCIP-OPS | 5400-5401 | 2 | CCIP-OPS-01..02 |
| CCIP-MON | 5402-5403 | 2 | CCIP-MON-01..02 |
| CCIP-COMMIT | 5410-5425 | 16 | CCIP-COMMIT-01..16 |
| CCIP-EXEC | 5440-5455 | 16 | CCIP-EXEC-01..16 |
| CCIP-RMN (min) | 5470-5474 | 5 | CCIP-RMN-01..05 |
| CCIP-RMN (opt) | 5475-5476 | 2 | CCIP-RMN-06..07 |
| **Total (min)** | **5400-5474** | **41** | - |
| **Total (rec)** | **5400-5476** | **43** | - |

---

## Deployment Summary

### Minimum Deployment (41 nodes)
- ✅ 2 Ops nodes
- ✅ 2 Monitoring nodes
- ✅ 16 Commit nodes
- ✅ 16 Execute nodes
- ✅ 5 RMN nodes

### Recommended Deployment (43 nodes)
- ✅ 2 Ops nodes
- ✅ 2 Monitoring nodes
- ✅ 16 Commit nodes
- ✅ 16 Execute nodes
- ✅ 7 RMN nodes (stronger fault tolerance)

---

## Architecture Notes

### CCIP Role Architecture

**Important**: Chainlink's CCIP v1.6 uses a **Role DON** architecture where nodes run Commit and Execute OCR plugins. The terms "Committing DON" and "Executing DON" refer to role subsets, not separate networks.

For infrastructure planning:
- **Commit-role nodes** handle source chain observation and commit report generation
- **Execute-role nodes** handle destination chain message execution
- **RMN nodes** provide independent security validation
- **Ops/Monitoring nodes** provide operational control and visibility

### Security Model

The RMN (Risk Management Network) provides an additional security layer by:
- Independently validating CCIP operations
- Providing "blessing" approvals for high-value transactions
- Acting as a security audit layer separate from the oracle quorum

---

## Network Requirements

### VLAN Assignments (Post-Migration)

Once VLAN migration is complete, CCIP nodes will be assigned to the following VLANs:

| Role | VLAN ID | VLAN Name | Subnet | Gateway | Egress NAT Pool |
|------|---------|-----------|--------|---------|----------------|
| Ops/Admin | 130 | CCIP-OPS | 10.130.0.0/24 | 10.130.0.1 | Block #1 (restricted) |
| Monitoring | 131 | CCIP-MON | 10.131.0.0/24 | 10.131.0.1 | Block #1 (restricted) |
| Commit | 132 | CCIP-COMMIT | 10.132.0.0/24 | 10.132.0.1 | **Block #2** `<PUBLIC_BLOCK_2>/28` |
| Execute | 133 | CCIP-EXEC | 10.133.0.0/24 | 10.133.0.1 | **Block #3** `<PUBLIC_BLOCK_3>/28` |
| RMN | 134 | CCIP-RMN | 10.134.0.0/24 | 10.134.0.1 | **Block #4** `<PUBLIC_BLOCK_4>/28` |

### Interim Network (Pre-VLAN Migration)

**Status:** ✅ Range cleared 2026-02-01. No conflicts.

While still on flat LAN (192.168.11.0/24), use interim IP assignments:
- Ops/Admin: 192.168.11.170-171
- Monitoring: 192.168.11.172-173
- Commit: 192.168.11.174-189
- Execute: 192.168.11.190-205
- RMN: 192.168.11.206-212

### Connectivity
- All CCIP nodes must have connectivity to:
  - Source chain (ChainID 138 - Besu network)
  - Destination chain(s) (to be specified)
  - Each other (for OCR/DON coordination)
  - RMN nodes (for security validation)

### Ports
- Standard Chainlink node ports (configurable)
- P2P networking for OCR coordination
- RPC endpoints for chain connectivity
- Monitoring/metrics endpoints

### Egress NAT Configuration

**Role-based egress NAT pools** provide provable separation and allowlisting:

- **Commit nodes (VLAN 132)**: Egress via Block #2
  - Allows allowlisting of commit node egress IPs
  - Enables source chain RPC allowlisting

- **Execute nodes (VLAN 133)**: Egress via Block #3
  - Allows allowlisting of execute node egress IPs
  - Enables destination chain RPC allowlisting

- **RMN nodes (VLAN 134)**: Egress via Block #4
  - Independent security-plane egress
  - Enables RMN-specific allowlisting

See **[NETWORK_ARCHITECTURE.md](../02-architecture/NETWORK_ARCHITECTURE.md)** for complete network architecture.

---

## Next Steps

1. ✅ VMID allocation defined (5400-5599 range)
2. ⏳ Deploy operational control plane (5400-5403)
3. ⏳ Deploy commit oracle nodes (5410-5425)
4. ⏳ Deploy execute oracle nodes (5440-5455)
5. ⏳ Deploy RMN nodes (5470-5474 or 5470-5476)
6. ⏳ Configure CCIP lane connections
7. ⏳ Configure destination chain(s) connectivity

---

## References

- [CCIP Architecture Overview](https://docs.chain.link/ccip/concepts/architecture/overview)
- [Offchain Architecture](https://docs.chain.link/ccip/concepts/architecture/offchain/overview)
- [Risk Management Network](https://docs.chain.link/ccip/concepts/architecture/offchain/risk-management-network)
- [CCIP Execution Latency](https://docs.chain.link/ccip/ccip-execution-latency)
- [Manual Execution](https://docs.chain.link/ccip/concepts/manual-execution)