Completing the Edge Peering Configuration
When two Roving Edge systems have correctly configured local endpoints, the peer connection can be created.
The peer connection is a symmetrical configuration, meaning the setup must be performed on each connected device. The administrators exchange the relevant configuration details of their system, so they can each include the peer details required for creating the connection. A trust relationship between the appliances is established through a CA chain stored in the Secret Service (Vault).
When the first device completes its side of the connection setup, it goes into a waiting state. By design, the device with the IP address ending with the lowest value initiates the connection. As soon as the entry for the peer device is detected, the CA certificates are verified and the mutual trust relationship is confirmed. After successful peering, a secure tunnel is established between the systems. It allows the administration services on the systems to exchange information with each other.
These parameters are required to create a peer connection:
-
the IP addresses of the remote endpoint for the tunnel
-
properties of the peer device: domain name, system name, serial number, ASN ID if applicable
-
properties of the peer Admin Service: host name, admin user name, admin password, CA chain
The network configuration must allow peer-to-peer connectivity between the replication endpoints, or use routable IPs when both systems are in separate address spaces. Ensure that the new network setup does not overlap with existing connections between the device and the data center.
- Creating the Edge Peer Connection
-
When you have obtained all required parameters, create the peer connection.
-
Service CLI:
Enter the following command on a single line, replacing the sample parameters with the ones you obtained:
RED2-ADMIN> create edgePeerConnection \ name=<peerconnection1> description=<"my peer connection"> \ peerAdminHostname=<myred01.mydomain.com> peerSerialNumber=<1654BF2465> \ peerAdminUserName=<admin> peerAdminPassword=<password> \ peerSystemName=<myred01> peerDomainName=<mydomain.com> \ peerReplicationIp=10.212.128.142 \ peerAdminCaChain=<ca_string>Check the peer connection configuration using the following commands:
RED2-ADMIN> list edgePeerConnection Data: id Name Peer Admin Hostname Peer Rack Serial Number Lifecycle State -- ---- ------------------- ----------------------- --------------- ocid1.drpeerconnection....unique_ID peerconnection1 myred01.mydomain.com 1654BF2465 ACTIVE RED2-ADMIN> show peerConnection id=ocid1.drpeerconnection....unique_ID Data: Id = ocid1.drpeerconnection....unique_ID Type = EdgePeerConnection Lifecycle Sub State = ACTIVE Lifecycle State = ACTIVE Peer Rack Serial Number = 1654BF2465 Peer Replication IP = 10.80.116.240 Peer Admin CaChain = -----BEGIN CERTIFICATE-----\nMIIFbjCCA1agAwIBAgIQfMPkn17+ZTNl/jZjYzbpn[...] Peer Admin Hostname = myred01.mydomain.com Peer Rack Domain Name = mydomain.com Peer Rack System Name = myred01 Last Updated Time = 2026-01-12T10:45:02Z Time Created = 2025-12-03T11:48:28Z Peer Rack Admin User Name = admin Peer Rack Admin User Password = ******* ProgressRecordIds 1 = id:d39144d6-feef-4988-ba71-fac4b046fff8 type:ProgressRecord name: ProgressRecordIds 2 = id:940b397f-993c-4ab9-9708-909dabb65c47 type:ProgressRecord name: ProgressRecordIds 3 = id:64b31360-3d0d-4dc2-a925-35164143eb25 type:ProgressRecord name: ProgressRecordIds 4 = id:7e8d9e2e-74b1-4d31-9098-7a09d719ec6a type:ProgressRecord name: ProgressRecordIds 5 = id:2309bcdc-1689-410b-a93e-528444ada2a5 type:ProgressRecord name: ProgressRecordIds 6 = id:8a4d5747-d8fe-48e2-96e2-f4c797964cbe type:ProgressRecord name: Name = peerconnection1 Work State = Normal -
Service Web UI:
Under Disaster Recovery Service, open the Edge Peer Connections page. In the top-right corner, click Create Peer Connection.
In the pop-up window, enter all parameters in the respective fields. Click Create Peer Connection to apply the settings.
In the Edge Peer Connections page, the table displays a new entry for the connection you created. Click the name in the table to display the detail page of the peer connection, and review its configuration parameters.
-
- Updating the Edge Peer Connection
-
There is no CLI command or UI function to modify the peer connection once it's configured. Changing the peer connection requires that you delete it and create a new connection with the updated parameters.
However, you can perform an update on existing peer connections to accept a new CA chain from the peer system. A certificate change stops replication between the ZFS Storage Appliances, but the update command enables it again.-
Service CLI:
Look up the ID of the peer connection you need to update, then enter the update command as shown.
RED2-ADMIN> list edgePeerConnection Data: id Name Peer Admin Hostname Peer Rack Serial Number Lifecycle State -- ---- ------------------- ----------------------- --------------- ocid1.drpeerconnection....unique_ID peerconnection1 myred01.mydomain.com 1654BF2465 ACTIVE RED2-ADMIN> updateEdgePeerConnection id=ocid1.drpeerconnection....unique_ID -
Service Web UI:
Under Disaster Recovery Service, open the Edge Peer Connections page. In the table, click the name of the connection you need to update. The peer connection detail page is displayed. In the top-right corner, click Update.
-
- Deleting the Edge Peer Connection
-
If a peer connection is no longer used, you can delete it. Ensure that the peer configuration is removed from each connected device.
-
Service CLI:
Look up the ID of the peer connection you want to delete, then enter the delete command as shown.
RED2-ADMIN> list edgePeerConnection Data: id Name Peer Admin Hostname Peer Rack Serial Number Lifecycle State -- ---- ------------------- ----------------------- --------------- ocid1.drpeerconnection....unique_ID peerconnection1 myred01.mydomain.com 1654BF2465 ACTIVE RED2-ADMIN> delete edgePeerConnection id=ocid1.drpeerconnection....unique_ID -
Service Web UI:
Under Disaster Recovery Service, open the Edge Peer Connections page. In the table, click the name of the connection you want to delete. The peer connection detail page is displayed. In the top-right corner, click Delete.
-