The need for reliable connectivity with high bandwidths is continuously growing. BONDIX developed its SANE (Simple Aggregation of Networks) software to ensure reliable connectivity for all applications such as voice, video and data transmission. This applies to mobile as well as stationary deployments.
This simple and efficient software solution can be installed on different platforms to enable these WAN aggregation functions. The SANE software implements bonding (aggregation) of, load balancing between, and seamless handover across, different WAN interfaces and WAN providers. It thus provides a highly available overall connection that keeps you online without interruption.
To increase the throughput or availability of access to remote applications, the use of two or more connections is often chosen. These can be fixed network or wireless (WiFi, cellular) connections, or a combination of these. The question is how to manage the use of these different connections efficiently and easily. This is where the SANE software comes in. With the unique SANE technology, you ensure a highly available connection and optimal throughput.
High availability and bonding
With a second connection via an alternative cellular network operator (or another WAN medium such as WiFi or satellite), the total bandwidth available for even a single TCP/IP connection can be increased, as well as the uptime. Line failures or network problems at service providers can thus be mitigated. With SANE, WAN scheduling is based on a wide range of policies and presets, which are available in the SANE Client and can be selected by the user based on his requirements:
SANE technology offers three options here:
- Seamless handover: different connections are available, but only one connection is used by the running application at a time. In the event of a failure of this active connection, the system automatically switches to the next available connection. This switchover is seamless because this connection is already established and does not have to be re-established.
- Load balancing with seamless handover: the data of the application is distributed evenly over the available connections using a fixed algorithm (Round Robin method). The maximum available bandwidth for an application is limited by the available bandwidth of the best single connection. If a connection fails, the data traffic is distributed to the remaining connections. However, it is possible that an application may no longer function error-free after switching due to the now lower available bandwidth.
- Bonding (WAN aggregation): The optimal solution for the simultaneous use of several WAN connections is SANE Bonding (aggregation). With bonding, the user application benefits from the aggregate of the bandwidth available from the individual WANs. SANE optimizes the distribution of traffic flows across the various connections. This is particularly advantageous if the bandwidth of a single connection cannot provide the bandwidth required by the application.
- Replication: For low-latency real-time applications, this option reduces jitter and loss by replicating the user’s packet-flow on two or more available WANs. With its very efficient bonding and wide feature set, the SANE software enables an optimal and cost-effective connection for mobile as well as fixed locations.
With SANE you can easily add a mobile connection to enhance throughput from a fixed internet connection during times of peak demand – SANE will automatically switch this connection on as soon as more data throughput is required, and off again to save data costs when user traffic recedes.
The SANE architecture consists of the SANE client and the SANE server (relay). The client software is installed on the router (CPE) and allows all existing interfaces of these routers to be combined into a virtual tunnel. The tunnel can be established via any type of WAN medium and uses a SANE Server as a relay, from which the data is then forwarded to its end point. This creates a connection that is transparent to IP traffic. The router and server send and receive the standard data, and forward it to the corresponding destinations in the intranet. Here it can also be decided whether direct internet access is also possible.
Unlike other WAN bonding solutions on the market, due to its unique architecture, SANE does not rely on a proprietary VPN to effectively bundle data traffic. The SANE application serves as a transparent transport layer for reliable transmission of user data, and existing encryption already used or certified by the user (IPsec, OpenVPN, Openwired, Wireguard etc) can continue to be used.
The SANE software has several built-in security mechanisms:
Due to the pseudo-random distribution of the data packets over all available WAN interfaces and thus over different provider networks during transmission, a "man in the middle" attack is practically impossible. If the user encrypts the data, there is usually no possibility of third parties being able to decrypt the data.
Due to its certificate-based, automated authentication and configuration process, Bondix SANE offers the highest level of security with minimal configuration effort. The use of the customers own certificates is possible and recommended. If a router is lost or stolen, it can be permanently excluded from the network in just a few steps.
The configuration web interface available on the SANE client is deactivated by default, but can be activated on the server side if required. This function reliably prevents access to elementary settings of the local SANE Client and further increases security.
SANE has several tools built in to monitor the status of the client, gateway, and all WAN connections during operation.
The SANE client software is intended as a hardware-agnostic multi-WAN router operating system and is available today on the following Teltonika platforms:
- Teltonika RUTX 9
- Teltonika RUTX 11
- Teltonika RUTX 12
- Teltonika RUTX R1
- Teltonika RUT 950/955 (3rd quarter 2021)
On the server side, the software is delivered as an Open Virtual Appliance (OVA), which can be installed on a local server as well as in the cloud.
Any of the trademarks, service marks, collective marks, design rights or similar rights that are mentioned, used or cited in the articles are the property of their respective owners.