Configuring Topology

Network topology describes the physical and logical structure of a network. In the Cardano network, each stake pool must operate at least one block-producing node and one relay node. The keys and certificates required to issue blocks are located on the block-producing node. For security reasons, your block producer must connect only to one or more relay nodes that you—the stake pool operator—control.

The following diagram illustrates Cardano network topology:

For details on Cardano networking components, visit Peer-to-peer (P2P) Networking.

Before you start the nodes comprising your stake pool, you must:

• Configure your relay node(s) to connect with your block-producing node

• Configure your block-producing node to connect only with your relay node(s)

Configuring a Relay Node

To configure your relay node(s) to connect with your block-producing node:

1. On the computer hosting your relay node, using a text editor open the config.json file, and then edit the following option if needed:

"EnableP2P": true,

1. Save and close the config.json file.

2. In a terminal window, type the following command to navigate to the folder where you downloaded Cardano configuration files:

cd ${NODE_HOME}

1. To create a backup of the original topology configuration file, type:

cp topology.json topology.json.bak

1. Using a text editor, open the topology.json file, and then add a record for the block-producing node in the localRoots section as follows, where <BlockProducingNodeIPAddress> is the IP address of the block-producing node in your stake pool configuration, and <BlockProducingNodeName> is an optional descriptive label for your block-producing node. Also, set the value true for the trustable key:

{
  "bootstrapPeers": [
    {
      "address": "backbone.cardano.iog.io",
      "port": 3001
    },
    {
      "address": "backbone.mainnet.emurgornd.com",
      "port": 3001
    },
    {
      "address": "backbone.mainnet.cardanofoundation.org",
      "port": 3001
    }
  ],
  "localRoots": [
    {
      "accessPoints": [
	    {
          "address": "<BlockProducingNodeIPAddress>",
          "port": 6000,
          "name": "<BlockProducingNodeName>"
        }
	  ],
      "advertise": false,
	  "comment": "Do NOT advertise the block-producing node",
      "trustable": true,
      "valency": 1
    }
  ],
  "publicRoots": [
    {
      "accessPoints": [],
      "advertise": false
    }
  ],
  "useLedgerAfterSlot": 128908821
}

1. Save and close the topology.json file.

2. To configure additional relay nodes, repeat steps 1 to 6 for each additional relay node in your stake pool configuration.

For more details on configuring topology, visit Understanding Configuration Files.

Configuring Your Block-producing Node

To configure your block-producing node to connect only with your relay node(s):

1. On the computer hosting your block-producing node, using a text editor open the config-bp.json file, and then edit the following option if needed:

"EnableP2P": true,

1. Save and close the config-bp.json file.

2. On the computer hosting your block-producing node, in a terminal window type the following command to navigate to the folder where you downloaded Cardano configuration files:

cd ${NODE_HOME}

1. To create a backup of the original topology configuration file, type:

cp topology.json topology.json.bak

1. Using a text editor, open the topology.json file, and then replace the contents of the file with one or more records, as needed, to reference only the relay node(s) in your stake pool configuration. For example, the following lines configure a single relay node where <RelayNodeIPAddress> is the IP address of the relay node and <RelayNodeName> is an optional descriptive label for the relay node. Set the value true for the trustable key. Also, set the value of bootstrapPeers to null and the value of useLedgerAfterSlot to -1:

{
  "bootstrapPeers": null,
  "localRoots": [
    {
      "accessPoints": [
	    {
          "address": "<RelayNodeIPAddress>",
          "port": 6000,
          "name": "<RelayNodeName>"
        }
	  ],
      "advertise": false,
      "trustable": true,
      "valency": 1
    }
  ],
  "publicRoots": [
    {
      "accessPoints": [],
      "advertise": false
    }
  ],
  "useLedgerAfterSlot": -1
}

1. Save and close the topology.json file.

Configuring Port Forwarding

Port forwarding creates an association between the public WAN IP address of a router and a private LAN IP address dedicated to a computer or device on the private network that the router manages.

So that relay nodes in the Cardano network can connect to a relay node in your stake pool configuration, in your firewall configuration you must open a port and forward traffic received on the port to the computer and port where the relay node listens.

To help confirm that your ports are configured as needed, you can use the Port Forwarding Tester or CanYouSeeMe.org for example.

Conclusion

The topology configuration described above allows your nodes to connect securely with each other, as well as with other relay nodes in the Cardano network.

If you configure two or more relays in your stake pool, then consider Implementing Peer Sharing to help improve network security.