cb47cce074
- Organized 252 files across project - Root directory: 187 → 2 files (98.9% reduction) - Moved configuration guides to docs/04-configuration/ - Moved troubleshooting guides to docs/09-troubleshooting/ - Moved quick start guides to docs/01-getting-started/ - Moved reports to reports/ directory - Archived temporary files - Generated comprehensive reports and documentation - Created maintenance scripts and guides All files organized according to established standards.
9.5 KiB
Glossary and Terminology
Last Updated: 2025-01-20
Document Version: 1.0
Status: Active Documentation
Overview
This glossary provides definitions for terms, acronyms, and technical concepts used throughout the documentation.
A
API (Application Programming Interface)
A set of protocols and tools for building software applications. In this context, refers to RPC APIs (ETH, NET, WEB3) exposed by Besu nodes.
Archive Node
A blockchain node that stores the complete historical state of the blockchain, including all transactions and state changes. See also: Full Node, RPC Node.
B
Besu
Hyperledger Besu, an Ethereum client used for running blockchain nodes. Supports both public and private networks, with features like permissioning and QBFT consensus.
Block
A collection of transactions grouped together and added to the blockchain. In ChainID 138, blocks are produced approximately every 2 seconds using QBFT consensus.
Blockscout
An open-source blockchain explorer that provides a web interface for viewing blockchain data, transactions, and smart contracts.
Break-glass
Emergency access method that bypasses normal security controls. In this architecture, refers to optional inbound NAT rules for emergency access.
C
CCIP (Chainlink Cross-Chain Interoperability Protocol)
A protocol for secure cross-chain communication and token transfers. The deployment includes Commit, Execute, and RMN node types.
ChainID
A unique identifier for a blockchain network. ChainID 138 is the identifier for the Sankofa/Phoenix/PanTel network.
cloudflared
The Cloudflare Tunnel client software that creates secure, encrypted connections between internal services and Cloudflare's edge network.
Container (LXC)
Linux Container, a lightweight virtualization technology used by Proxmox. Containers share the host kernel but have isolated filesystems and network namespaces.
CORS (Cross-Origin Resource Sharing)
A security feature that allows web applications to make requests to APIs from different domains. Configured in Besu RPC settings.
D
DHCP (Dynamic Host Configuration Protocol)
A network protocol that automatically assigns IP addresses to devices on a network. Used for management VLAN (VLAN 11).
DNS (Domain Name System)
A system that translates domain names (e.g., rpc-http-pub.d-bis.org) to IP addresses.
DON (Decentralized Oracle Network)
A network of Chainlink nodes that work together to provide oracle services. In CCIP, there are Commit DONs and Execute DONs.
E
Egress
Outbound network traffic leaving the internal network. Egress NAT pools map internal IPs to public IPs for allowlisting.
Enode
Ethereum node identifier, a unique address that identifies a blockchain node on the network. Format: enode://<node-id>@<ip>:<port>
ER605
TP-Link ER605 router, used as the edge router in this architecture. Two routers (ER605-A and ER605-B) provide redundancy.
ES216G
TP-Link ES216G managed switch, used for network switching and VLAN trunking. Three switches provide core, compute, and management connectivity.
F
Failover
Automatic switching to a backup system when the primary system fails. ER605 routers support WAN failover.
Firewall
Network security system that controls incoming and outgoing network traffic based on predetermined security rules.
Full Node
A blockchain node that stores the complete blockchain and validates all transactions. See also: Archive Node, RPC Node.
G
Gateway
A network device that connects different networks and routes traffic between them. In this architecture, gateways are configured on ER605 routers for each VLAN.
Genesis Block
The first block in a blockchain. The genesis block contains the initial configuration, including validators and network parameters.
H
HA (High Availability)
System design that ensures services remain available even if individual components fail. ER605 routers provide active/standby redundancy.
Hostname
A human-readable name assigned to a network device. In this architecture, hostnames follow patterns like r630-01, ml110, besu-rpc-1.
I
Ingress
Inbound network traffic entering the internal network. In this architecture, ingress is primarily handled through Cloudflare tunnels.
IPAM (IP Address Management)
The process of planning, tracking, and managing IP address space. This architecture uses deterministic IPAM aligned with VMID allocation.
ISP (Internet Service Provider)
A company that provides internet access. This architecture uses Spectrum as the primary ISP, with a second ISP for failover.
J
JWT (JSON Web Token)
A compact, URL-safe token format used for authentication. Besu RPC nodes use JWT tokens for secure API access.
L
LXC (Linux Container)
See: Container
Load Balancer
A device or service that distributes network traffic across multiple servers to improve performance and reliability.
M
Mermaid
A text-based diagramming language used to create flowcharts, sequence diagrams, and other visualizations in markdown documents.
ML110
HP ML110 Gen9 server, used as the management and bootstrap node in this architecture. IP: 192.168.11.10
N
NAT (Network Address Translation)
A method of remapping IP addresses. In this architecture, NAT is used for egress traffic to map private IPs to public IPs for allowlisting.
Nginx
A web server and reverse proxy. In this architecture, Nginx Proxy Manager (VMID 105) routes HTTP traffic to internal services.
Node
A computer or virtual machine that participates in a network. In blockchain context, refers to Besu nodes (validators, sentries, RPC nodes).
O
Omada
TP-Link's network management system. Used for managing ER605 routers and ES216G switches.
Oracle
In blockchain context, a service that provides external data to smart contracts. Chainlink provides oracle services.
P
P2P (Peer-to-Peer)
A network architecture where nodes communicate directly with each other without a central server. Blockchain networks use P2P for node communication.
Permissioning
A feature that restricts which nodes can join a blockchain network. Besu supports node permissioning and account permissioning.
Proxmox VE (Proxmox Virtual Environment)
An open-source server virtualization platform. Used to manage VMs and containers in this architecture.
Public IP Block
A range of public IP addresses assigned by an ISP. This architecture uses 6× /28 blocks (16 IPs each) for different purposes.
Q
QBFT (QBFT Consensus)
QBFT (QBFT Byzantine Fault Tolerance) is a consensus algorithm used by Besu for private/permissioned networks. Provides fast block times and finality.
R
R630
Dell PowerEdge R630 server, used as compute nodes in the Proxmox cluster. Four R630 servers provide production compute capacity.
RPC (Remote Procedure Call)
A protocol for requesting services from remote programs. Besu nodes expose RPC APIs (HTTP and WebSocket) for blockchain interactions.
RMN (Risk Management Network)
A network of Chainlink nodes that provide security validation for CCIP operations. RMN nodes review and approve sensitive cross-chain operations.
S
Sentry Node
A blockchain node that acts as a proxy between validator nodes and the public network, protecting validators from direct exposure.
Sovereign Tenant
An isolated tenant environment with dedicated resources and network segmentation. This architecture supports multiple sovereign tenants (SMOM, ICCC, DBIS, Absolute Realms).
Static Node
A hard-coded list of peer nodes that a blockchain node will always try to connect to. Used for reliable peer discovery in private networks.
Subnet
A logical subdivision of an IP network. This architecture uses multiple subnets (one per VLAN) for network segmentation.
T
TOML (Tom's Obvious Minimal Language)
A configuration file format. Besu uses TOML files for node configuration.
Tunnel
An encrypted connection between networks. Cloudflare tunnels provide secure access to internal services without exposing public IPs.
V
Validator
A blockchain node that participates in consensus by proposing and validating blocks. In QBFT, validators take turns proposing blocks.
VLAN (Virtual Local Area Network)
A logical network segment that groups devices regardless of physical location. This architecture uses 19 VLANs for network segmentation.
VMID (Virtual Machine ID)
A unique identifier assigned to each VM or container in Proxmox. This architecture uses a deterministic VMID allocation scheme (11,000 VMIDs).
VM (Virtual Machine)
A software emulation of a physical computer. Proxmox supports both VMs (full virtualization) and containers (LXC).
W
WebSocket
A communication protocol that provides full-duplex communication over a single TCP connection. Used for real-time RPC subscriptions.
WAN (Wide Area Network)
A network that spans a large geographic area. In this architecture, WAN refers to internet connections on ER605 routers.
Related Documentation
- ../02-architecture/NETWORK_ARCHITECTURE.md ⭐⭐⭐ - Network architecture reference
- ../06-besu/BESU_OFFICIAL_REFERENCE.md ⭐ - Besu official documentation
- ../07-ccip/CCIP_DEPLOYMENT_SPEC.md ⭐⭐ - CCIP deployment specification
Last Updated: 2025-01-20
Review Cycle: Quarterly