noBGP Architecture:
How does noBGP Work?

The Problem with BGP: A Legacy Backbone in a Cloud-Native World

Border Gateway Protocol (BGP) is the foundation of today's internet routing, but it wasn't designed for what we ask of it today. BGP is:
  • Non-deterministic. You don't control the exact path your data takes.
  • Public and exposed. Traffic often travels across untrusted networks.
  • Inflexible. Routing decisions depend on pre-established relationships and AS path preferences, not real-time policy.
  • Opaque. There's little visibility or control once your data hits the wire.
Modern cloud-native architectures need routing that reflects business intent, compliance, performance, and security. BGP doesn't offer that.

Enter noBGP: Private, Deterministic Routing for a Multi-Cloud World

noBGP replaces BGP-based routing with a private, encrypted, policy-controlled network that spans clouds, data centers, and devices without the need for VPNs, NATs, or public IPs.
It's a private routing fabric where you choose the path.

Architecture Overview

1. Bridges (Agents)
These are lighweight agents installed on or within VPCs, physical servers, or edge devices. Bridges:
  • Authenticate into one or more private networks
  • Negotiate end-to-end encrypted sessions with other bridges
  • Disover and connect to the closest available router (via local discovery or central coordination)
  • Allow authorized data to pass through the Bridge to access private networks
2. Routers
Routers handle policy-driven transit across the noBGP fabric. Customers can:
  • Deploy their own routers (e.g., one per rack in a data center, one per AWS Availability Zone or Region, etc.)
  • Use noBGP's SaaS router network  
  • Mix both private and noBGP SaaS routers with control over fallback and path logic.
Each router receives traffic from a local bridge, evaluates routing policy, and forwards traffic across the router network toward the destination bridge, applying rules like:
3. Private Networks
Bridges belong to one or more private networks, which are:
noBGP Architecture diagram - Agents, Bridges, Routers, Private Networks

Routing Behavior

Path Selection Logic
Admins define routing policies. They can specify whether to:
Policies also allow "NONE" selection which defers to BGP-style best-effort routing inside the noBGP fabric, used in less strict scenarios.
Dynamic Paths and Rerouting
noBGP is resilient and adaptive:
End-to-End Encryption
All traffic is encrypted from bridge to bridge:

Centralized Control, Local Enforcement

noBGP uses a centralized control plan to:
But the data plane is distributed. Routing decisions happen at the router level, and path selection is evaluated at each hop in real time, enabling both fine-grained control and low-latency response.

Why noBGP is Superior to Legacy BGP

Comparison chart: Legacy BGP vs. noBGP

Use Case Examples

Multi-Cloud service mesh without VPNs
Deploy bridges into GCP, AWS, and Azure; define policies like "send all EU traffic through routers in Frankfurt only."
AI/ML workloads with bandwidth awareness
Train models on hybrid infrastructure while routing data through high-bandwidth paths, not cheapest or shortest ones.
Edge device connectivity
Deploy to thousands of IoT gateways. Bridges find the nearest router, and all data is routed through verified, compliant nodes.

Conclusion

noBGP delivers what BGP cannot: secure, observable, deterministic paths across any infrastructure. Whether you're building resilient SaaS, hybrid cloud apps, or multi-region compute pipelines, noBGP gives you control over the invisible highways of your data.
You don't just hope for the best parth | Choose Your Path.

Frequently Asked Questions

What exactly is "network sovereignty" and how is it different from traditional networking?

Network sovereignty means you, not BGP, decide how your data travels between destinations. Traditional networking relies on BGP (Border Gateway Protocol) to automatically select routes based on factors you can't control. With network sovereignty, you set the rules: route by latency, cost, compliance requirements, or security preferences. Your data follows paths you choose, through networks you trust.

How does noBGP actually override BGP routing decisions?

By deploying your own noBGP routing nework - you create an overlay network that sit above traditional BGP routing. Instead of sending traffic directly through public internet routes, noBGP establishes secure tunnels through your preferred network paths—whether that's private fiber, specific ISPs, or cloud provider backbones. You define the routing policies, and our platform automatically directs traffic accordingly while maintaining full visibility into every hop.

Will implementing network sovereignty affect my current network performance?

In most cases, performance improves significantly. By routing based on your actual requirements (like latency or bandwidth) rather than BGPs default path selection.

What happens if my preferred network path goes down? Do I lose connectivity?

No. noBGP includes intelligent failover mechanisms. You can define multiple preferred paths in order of priority, and the system automatically switches to backup routes if your primary path becomes unavailable. This actually makes your network more resilient than pure BGP routing, since you control both the primary paths and the fallback options.

Reinventing networking to be simple, secure, and private.
Register your free account now
noBGP company logo
Choose your Path - tagline logo
noBGP, Inc. © 2025, All rights reserved
noBGP company logo
noBGP, Inc.
Choose your path

© 2025, All rights reserved