noBGP Architecture:
How does noBGP Work?

The Problem with BGP: A Legacy Backbone in a Cloud-Native World

Border Gateway Protocol (BGP) is the foundation of today's internet routing, but it wasn't designed for what we ask of it today. BGP is:
  • Non-deterministic. You don't control the exact path your data takes.
  • Public and exposed. Traffic often travels across untrusted networks.
  • Inflexible. Routing decisions depend on pre-established relationships and AS path preferences, not real-time policy.
  • Opaque. There's little visibility or control once your data hits the wire.
Modern cloud-native architectures need routing that reflects business intent, compliance, performance, and security. BGP doesn't offer that.

Enter noBGP: Private, Deterministic Routing for a Multi-Cloud World

noBGP replaces BGP-based routing with a private, encrypted, policy-controlled network that spans clouds, data centers, and devices without the need for VPNs, NATs, or public IPs.
It's a private routing fabric where you choose the path.

Architecture Overview

1. Agents
Lightweight software  installed on or within VPCs, physical servers, or edge devices. Agents:
  • Authenticate into one or more private networks
  • Negotiate end-to-end encrypted sessions with other agents
  • Disover and connect to the closest available router (via local discovery or central coordination)
  • Allow authorized data to pass through the Agent to access private networks
2. Routers
Routers handle policy-driven transit across the noBGP fabric. Customers can:
  • Deploy their own routers (e.g., one per rack in a data center, one per AWS Availability Zone or Region, etc.)
  • Use noBGP's SaaS router network  
  • Mix both private and noBGP SaaS routers with control over fallback and path logic.
Each router receives traffic from a local agent, evaluates routing policy, and forwards traffic across the router network toward the destination agent, applying rules like:
3. Private Networks
Agents belong to one or more private networks, which are:
noBGP Architecture diagram - Agents, Bridges, Routers, Private Networks

Routing Behavior

Path Selection Logic
Admins define routing policies. They can specify whether to:
Policies also allow "NONE" selection which defers to BGP-style best-effort routing inside the noBGP fabric, used in less strict scenarios.
Dynamic Paths and Rerouting
noBGP is resilient and adaptive:
End-to-End Encryption
All traffic is encrypted from agent to agent:

Centralized Control, Local Enforcement

noBGP uses a centralized control plan to:
But the data plane is distributed. Routing decisions happen at the router level, and path selection is evaluated at each hop in real time, enabling both fine-grained control and low-latency response.

Why noBGP is Superior to Legacy BGP

Comparison chart: Legacy BGP vs. noBGP

Use Case Examples

Multi-Cloud service mesh without VPNs
Deploy agents into GCP, AWS, and Azure; define policies like "send all EU traffic through routers in Frankfurt only."
AI/ML workloads with bandwidth awareness
Train models on hybrid infrastructure while routing data through high-bandwidth paths, not cheapest or shortest ones.
Edge device connectivity
Deploy to thousands of IoT gateways. Agents find the nearest router, and all data is routed through verified, compliant nodes.

Conclusion

noBGP delivers what BGP cannot: secure, observable, deterministic paths across any infrastructure. Whether you're building resilient SaaS, hybrid cloud apps, or multi-region compute pipelines, noBGP gives you control over the invisible highways of your data.
You don't just hope for the best parth | Choose Your Path.

Frequently Asked Questions

How is noBGP different from a VPN or SD-WAN solution?

Unlike VPNs that create encrypted tunnels over the public internet or SD-WAN that still relies on underlying BGP routing, noBGP creates an entirely private routing fabric. You get deterministic path control, policy-based routing, and end-to-end encryption without depending on public internet infrastructure or dealing with NAT traversal, IP conflicts, or VPN gateway bottlenecks.

Can I use noBGP alongside my existing network infrastructure?

Absolutely. noBGP is designed to complement your existing setup. You can deploy agents selectively—perhaps starting with critical workloads between specific clouds or data centers—while keeping other traffic on traditional networks. You can also mix your own routers with noBGP's SaaS router network, giving you flexibility to migrate at your own pace.

What happens to my network performance and latency with noBGP?

noBGP typically improves performance because you control the path your data takes. Instead of hoping BGP finds an efficient route, you can specify policies like "use the lowest-latency path" or "route through my dedicated fiber connections." The lightweight agents add minimal overhead, and the distributed routing architecture makes forwarding decisions locally for optimal speed.

How complex is it t set up and manage noBGP compared to traditional networking?

noBGP simplifies network management by centralizing policy control while distributing enforcement. Instead of configuring individual routers, firewalls, and VPN gateways across multiple locations, you define network policies once in the noBGP admin interface. Bridges auto-discover routers and automatically handle connection management, making deployment and scaling much more straightforward than traditional enterprise networking.

Reinventing networking to be simple, secure, and private.
Register your free account now