SD-WAN Solution: Multipath Internet Gateway

The company is an independent managed services provider. The client maintains partnerships with several major networking vendors and carriers, including; Cisco, Meraki, Viptela, Silver-peak, Fortinet, Virgin Media, TalkTalk Business and SSE.






Wireless, Telecom

Company’s Request

Design and create Software Defined WAN internet gateway that can utilize several WAN links simultaneously. It should be controlled via the cloud dashboard.
The system should have site2site VPN (one network for a few offices). Traffic should be managed according to categories.

Similar Project Idea?

Submit your requirements and we will contact you

Technology Set

Linux as system kernel

Full-feaured Debian OS (containers for 3-rd-party apps)

MPTCP: L4, LARTC: L3 for traffic aggregation and balancing over connections

Shadowsocks as gateway-side MPTCP endpoint and proxy, encryption of TCP traffic

OpenVPN as non-TCP traffic carrier and for point to point VPN

Traffic analysis

OpenVPN as non-TCP traffic Cisco-compatible DMVPN for point to point VPN

Shadowsocks as gateway-side MPTCP endpoint and proxy, encryption of TCP traffic


MVP was made on top of embedded Linux system with wi-fi support. The system uses MPTCP protocol to provide simultaneous access via several WAN links. To avoid using poor connection implemented link status monitor which takes care of active connections. The second endpoint for MPTCP connection is a cloud server which is relatively stable because it is located in the data center.
If all available links are down, according to failover feature traffic can be redirected to LTE
Control, configurations and status reporting were implemented via MQTT protocol.

Key features

Stable and redundant internet connection. User will ll have internet access until at least one ISP is alive.
Squeezes maximum bandwidth of your connections. The resulting bandwidth is the almost direct sum of all connections’ bandwidth.
Manual and automatic traffic prioritization: you can specify priority by traffic type (web, VoIP, p2p) and by specific service (Skype, Salesforce, Gmail or whatever is important in your business).
Detailed live reports of traffic usage in web dashboard and mobile application.
Group your gateways in different offices in a cluster and manage them in a batch.
Initialize point to point encrypted tunnels between gateways in your cluster to organize inter-office VPN.

Value Delivered
  • Gateway natively supports next-generation 3G, 4G, LTE, & Wi-Fi wireless connections for fixed or mobile applications.
  • The solution keeps data private and safe using any Internet connection. The gateway automatically secures networking communications at each location.
  • The user can set up new devices in seconds. The Gateway controller pushes all remaining configuration settings automatically.
  • The customer can manage multiple entities on a single control plane. Each entity remains unique and keeps its own private network.
  • Next Generation Cluster Management allows for auto device discovery, centralized analytics, and redundancy.

Related Cases

Increasing the Scalability of a Cloud-Based System for IoT Products

Optimized AWS IoT system for advanced scalability and efficiency.

Empowering Smart Cities with Sustainable Solar-Powered IoT Solutions

AI-Powered Email Management Extension

An AI email extension that adapts to your unique style for smarter management and enhanced data security.

High-Speed Intrusion Detection System for Network Security

Security transformation: Peak performance in a high-speed traffic data analysis tool

Smart Sensor System and Cloud Service Solution

A versatile Smart Sensor System and Cloud Service Solution, serving various industries and offering features.