SD-WAN Solution: Multipath Internet Gateway
The company is an independent managed services provider. The client maintains partnerships with several major networking vendors and carriers, including; Cisco, Meraki, Viptela, Silver-peak, Fortinet, Virgin Media, TalkTalk Business and SSE.
Customer
Confidential
Location
USA
Industry
Wireless, Telecom
Company’s Request
Design and create Software Defined WAN internet gateway that can utilize several WAN links simultaneously. It should be controlled via the cloud dashboard.
The system should have site2site VPN (one network for a few offices). Traffic should be managed according to categories.
Technology Set
Linux as system kernel
Full-feaured Debian OS (containers for 3-rd-party apps)
MPTCP: L4, LARTC: L3 for traffic aggregation and balancing over connections
Shadowsocks as gateway-side MPTCP endpoint and proxy, encryption of TCP traffic
OpenVPN as non-TCP traffic carrier and for point to point VPN
Traffic analysis
OpenVPN as non-TCP traffic Cisco-compatible DMVPN for point to point VPN
Shadowsocks as gateway-side MPTCP endpoint and proxy, encryption of TCP traffic
Solution
MVP was made on top of embedded Linux system with wi-fi support. The system uses MPTCP protocol to provide simultaneous access via several WAN links. To avoid using poor connection implemented link status monitor which takes care of active connections. The second endpoint for MPTCP connection is a cloud server which is relatively stable because it is located in the data center.
If all available links are down, according to failover feature traffic can be redirected to LTE
Control, configurations and status reporting were implemented via MQTT protocol.
Key features
Stable and redundant internet connection. User will ll have internet access until at least one ISP is alive.
Squeezes maximum bandwidth of your connections. The resulting bandwidth is the almost direct sum of all connections’ bandwidth.
Manual and automatic traffic prioritization: you can specify priority by traffic type (web, VoIP, p2p) and by specific service (Skype, Salesforce, Gmail or whatever is important in your business).
Detailed live reports of traffic usage in web dashboard and mobile application.
Group your gateways in different offices in a cluster and manage them in a batch.
Initialize point to point encrypted tunnels between gateways in your cluster to organize inter-office VPN.
- Gateway natively supports next-generation 3G, 4G, LTE, & Wi-Fi wireless connections for fixed or mobile applications.
- The solution keeps data private and safe using any Internet connection. The gateway automatically secures networking communications at each location.
- The user can set up new devices in seconds. The Gateway controller pushes all remaining configuration settings automatically.
- The customer can manage multiple entities on a single control plane. Each entity remains unique and keeps its own private network.
- Next Generation Cluster Management allows for auto device discovery, centralized analytics, and redundancy.
Related Cases
Increasing the Scalability of a Cloud-Based System for IoT Products
Optimized AWS IoT system for advanced scalability and efficiency.
AI-Powered Email Management Extension
An AI email extension that adapts to your unique style for smarter management and enhanced data security.
High-Speed Intrusion Detection System for Network Security
Security transformation: Peak performance in a high-speed traffic data analysis tool
Smart Sensor System and Cloud Service Solution
A versatile Smart Sensor System and Cloud Service Solution, serving various industries and offering features.