=============
Architecture
=============

This section describes the architecture of Bonded Internet and its core
components.

|image0|

The figure above shows the logical layout of the partner network,
management server, aggregator, private WAN router, bonder/CPE, and
customer/end-user network.

Key concepts and features
--------------------------

-  `Routing and tunneling <bonds/routing-and-tunneling.html>`__:
   Bonded Internet is a sophisticated VPN that transports IP packets
   between bonders, aggregators, private WAN routers, datacentre
   routers, and premise routers and firewalls.
-  `Private WAN <private-wan/index.html>`__: Bonded Internet can send
   traffic between groups of sites in an isolated, secure manner, making
   it simple and inexpensive to deploy an advanced private WAN. Bonded
   Internet can replace or integrate with MPLS networks.
-  `Tunnel security and
   encryption <bonds/tunnel-security-and-encryption.html>`__: packets
   sent between sites can be configured with a variety of security and
   encryption options
-  `Bandwidth adaptation <bonds/leg-bandwidth-adaptation.html>`__: leg
   speeds can be adjusted automatically based on real-time performance
   data measured by the bonders and aggregators.

Organizational constructs
--------------------------

There are a number of organizational constructs available in Bonded
Internet, as follows:

#. `Spaces <spaces/index.html>`__: The main way to organize a Bonded
   Internet environment, spaces allow bonds, aggregators, users, and
   other components to be placed into distinct groups. Spaces can have
   their own IP subnet assignments, user interface branding options, and
   private WAN settings. Spaces are arranged in a hierarchy, similar to
   a directory structure, where one root space can have multiple child
   spaces, and each child space can have their own child spaces, and so
   on.
#. `Routing groups <policies/routing-groups.html>`__: Represent
   closely-related groups of aggregators and private WAN routers. In
   general, a datacentre should be represented by one routing group.
   Routing groups are a core component of IP management.
#. `IP allocations and delegations <spaces/ip-management.html>`__: IP
   subnet records used to manage the assignment of IP addresses to bonds
   and private WAN spaces.
#. `Authorization groups <users-groups-permissions/index.html>`__: Groupings of application
   permissions to which users are assigned. For example, an
   authorization group could have permission to view, add, change, and
   delete bonds and legs, and any users allowed to manage bonds and legs
   could be assigned to that group.

Servers
--------

Bonded Internet uses four types of servers:

#. `Management server <administration/management-server.html>`__: Hosts
   management and monitoring applications. A partner has only one
   management server, but one management server can control multiple
   spaces, aggregators, bonders, and private WAN routers.
#. `Aggregation server or
   aggregator <aggregators/index.html>`__: Powerful hosts with a
   single high-speed connection to the Internet. Aggregators split
   traffic bound for customers into multiple streams for each leg and
   recombine traffic from each leg before sending it on to its final
   destination on the Internet. An aggregator can host multiple bonders.
#. `Private WAN router
   <private-wan/private-wan-with-private-wan-routers/routers.html>`__: Controls
   configuration of private WAN routing on aggregators and routes
   private WAN traffic between aggregators in a routing group, to
   private WAN routers in other routing groups, and to external gateways
   for access to the Internet and other networks.
#. `Bonder or Customer Premises Equipment
   (CPE) <bonds/bonders.html>`__: Bonders are located at customers'
   sites and have multiple connections to the Internet. They split
   traffic bound for the Internet into multiple streams for each leg,
   sending that traffic to an aggregation server, and recombine traffic
   from an aggregator to each leg and then send it on to its final
   destination on the customer's LAN.

Components
-----------

#. `Bond <bonds/index.html>`__: A collection of legs, connected IPs,
   CPE NAT IPs, and routes, and responsible for transporting traffic
   between a bonder and an aggregator.
#. `Leg <bonds/legs.html>`__: A single Internet connection at the
   customer's site.
#. `Connected IP <bonds/connected-ips.html>`__: A network used for
   communication between the bonder and the customer's local network.
#. `CPE NAT IP <bonds/cpe-nat-ips.html>`__: A way to assign a single
   public IP to a bond using network address translation.
#. `Route <bonds/routes.html>`__: A subnet routed from an aggregator
   to the customer's network.


.. |image0| image:: /attachments/1179702/11667357.png
