# UDM Pro VLAN Migration Plan **Last Updated:** 2026-01-15 **Status:** ✅ **READY FOR MIGRATION** --- ## Overview This document provides a complete migration plan for moving existing services from the flat LAN (192.168.11.0/24) to the new VLAN-based architecture. --- ## Current State ### Existing Containers (from documentation) **ml110 (192.168.11.10):** | VMID | Hostname | Current IP | Current VLAN | Target VLAN | Target IP | |------|----------|------------|--------------|-------------|-----------| | 1000 | besu-validator-1 | 192.168.11.100 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.100 | | 1001 | besu-validator-2 | 192.168.11.101 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.101 | | 1002 | besu-validator-3 | 192.168.11.102 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.102 | | 1003 | besu-validator-4 | 192.168.11.103 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.103 | | 1004 | besu-validator-5 | 192.168.11.104 | 11 (mgmt) | 110 (BESU-VAL) | 10.110.0.104 | | 1500 | besu-sentry-1 | 192.168.11.150 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.150 | | 1501 | besu-sentry-2 | 192.168.11.151 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.151 | | 1502 | besu-sentry-3 | 192.168.11.152 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.152 | | 1503 | besu-sentry-4 | 192.168.11.153 | 11 (mgmt) | 111 (BESU-SEN) | 10.111.0.153 | | 2500 | besu-rpc-1 | 192.168.11.250 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.250 | | 2501 | besu-rpc-2 | 192.168.11.251 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.251 | | 2502 | besu-rpc-3 | 192.168.11.252 | 11 (mgmt) | 112 (BESU-RPC) | 10.112.0.252 | **Total:** 12 containers to migrate --- ## Migration Strategy ### Phase 1: Besu Validators (VLAN 110) **Containers:** 1000-1004 **Target VLAN:** 110 (BESU-VAL) **Target Subnet:** 10.110.0.0/24 **Steps:** 1. Assign VLAN 110 to containers 2. Update IP addresses to 10.110.0.100-104 3. Update Besu configuration with new IPs 4. Restart containers 5. Verify connectivity **Commands:** ```bash # Assign VLAN 110 for CTID in 1000 1001 1002 1003 1004; do ./scripts/proxmox/assign-vlan-to-container.sh $CTID 110 ml110 done # Update IP addresses (inside containers) # Configure static IPs: 10.110.0.100-104 ``` ### Phase 2: Besu Sentries (VLAN 111) **Containers:** 1500-1503 **Target VLAN:** 111 (BESU-SEN) **Target Subnet:** 10.111.0.0/24 **Steps:** 1. Assign VLAN 111 to containers 2. Update IP addresses to 10.111.0.150-153 3. Update Besu configuration 4. Restart containers 5. Verify connectivity **Commands:** ```bash # Assign VLAN 111 for CTID in 1500 1501 1502 1503; do ./scripts/proxmox/assign-vlan-to-container.sh $CTID 111 ml110 done ``` ### Phase 3: Besu RPC Nodes (VLAN 112) **Containers:** 2500-2502 **Target VLAN:** 112 (BESU-RPC) **Target Subnet:** 10.112.0.0/24 **Steps:** 1. Assign VLAN 112 to containers 2. Update IP addresses to 10.112.0.250-252 3. Update Besu configuration 4. Restart containers 5. Verify connectivity **Commands:** ```bash # Assign VLAN 112 for CTID in 2500 2501 2502; do ./scripts/proxmox/assign-vlan-to-container.sh $CTID 112 ml110 done ``` --- ## Migration Checklist ### Pre-Migration - [x] All VLANs configured on UDM Pro - [x] Network Isolation disabled - [x] Zone Matrix configured - [x] Inter-VLAN routing verified - [ ] Backup all container configurations - [ ] Document current IP assignments - [ ] Plan IP address assignments for new VLANs ### Migration Execution - [ ] Phase 1: Migrate Besu Validators (VLAN 110) - [ ] Phase 2: Migrate Besu Sentries (VLAN 111) - [ ] Phase 3: Migrate Besu RPC Nodes (VLAN 112) - [ ] Verify all services operational - [ ] Test inter-VLAN communication ### Post-Migration - [ ] Update DNS records (if applicable) - [ ] Update firewall rules - [ ] Update monitoring configurations - [ ] Update documentation - [ ] Remove old IP assignments --- ## IP Address Assignment ### VLAN 110 (BESU-VAL) - 10.110.0.0/24 | VMID | Hostname | IP Address | |------|----------|------------| | 1000 | besu-validator-1 | 10.110.0.100 | | 1001 | besu-validator-2 | 10.110.0.101 | | 1002 | besu-validator-3 | 10.110.0.102 | | 1003 | besu-validator-4 | 10.110.0.103 | | 1004 | besu-validator-5 | 10.110.0.104 | ### VLAN 111 (BESU-SEN) - 10.111.0.0/24 | VMID | Hostname | IP Address | |------|----------|------------| | 1500 | besu-sentry-1 | 10.111.0.150 | | 1501 | besu-sentry-2 | 10.111.0.151 | | 1502 | besu-sentry-3 | 10.111.0.152 | | 1503 | besu-sentry-4 | 10.111.0.153 | ### VLAN 112 (BESU-RPC) - 10.112.0.0/24 | VMID | Hostname | IP Address | |------|----------|------------| | 2500 | besu-rpc-1 | 10.112.0.250 | | 2501 | besu-rpc-2 | 10.112.0.251 | | 2502 | besu-rpc-3 | 10.112.0.252 | --- ## Migration Scripts ### Batch Migration Script ```bash #!/bin/bash # Migrate all Besu containers to appropriate VLANs HOST="ml110" echo "🚀 Starting VLAN Migration" echo "" # Validators → VLAN 110 echo "Phase 1: Migrating Validators to VLAN 110..." for CTID in 1000 1001 1002 1003 1004; do echo " Migrating container $CTID..." ./scripts/proxmox/assign-vlan-to-container.sh $CTID 110 $HOST done # Sentries → VLAN 111 echo "Phase 2: Migrating Sentries to VLAN 111..." for CTID in 1500 1501 1502 1503; do echo " Migrating container $CTID..." ./scripts/proxmox/assign-vlan-to-container.sh $CTID 111 $HOST done # RPC → VLAN 112 echo "Phase 3: Migrating RPC Nodes to VLAN 112..." for CTID in 2500 2501 2502; do echo " Migrating container $CTID..." ./scripts/proxmox/assign-vlan-to-container.sh $CTID 112 $HOST done echo "" echo "✅ Migration complete!" echo "" echo "📋 Next Steps:" echo " 1. Update IP addresses inside containers" echo " 2. Update Besu configuration" echo " 3. Restart containers" echo " 4. Verify connectivity" ``` --- ## Testing After Migration ### Connectivity Tests ```bash # Test gateway connectivity from each VLAN ping 10.110.0.1 # BESU-VAL gateway ping 10.111.0.1 # BESU-SEN gateway ping 10.112.0.1 # BESU-RPC gateway # Test inter-VLAN communication ping 10.110.0.100 # From VLAN 111 ping 10.111.0.150 # From VLAN 110 ``` ### Service Tests ```bash # Test Besu RPC endpoints curl -X POST http://10.112.0.250:8545 -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"eth_blockNumber","params":[],"id":1}' # Test validator connectivity # (Besu-specific tests) ``` --- ## Rollback Plan If migration fails: 1. **Revert VLAN assignments:** ```bash # Reassign to VLAN 11 for CTID in 1000 1001 1002 1003 1004 1500 1501 1502 1503 2500 2501 2502; do ./scripts/proxmox/assign-vlan-to-container.sh $CTID 11 ml110 done ``` 2. **Restore IP addresses:** - Revert to original 192.168.11.x addresses - Update container network configuration 3. **Restart services:** - Restart all containers - Verify services operational --- ## Summary **Status:** ✅ **READY FOR MIGRATION** **Migration Plan:** - ✅ All VLANs configured - ✅ Migration scripts ready - ✅ IP assignments planned - ✅ Testing procedures defined **Next Steps:** 1. Review migration plan 2. Execute migration in phases 3. Test after each phase 4. Complete migration --- **Last Updated:** 2026-01-15