Design and Implementation of an SD-WAN VPN System to Support Multipath and Multi-WAN-Hop Routing in the Public Internet

We present the design of a multipath multi-WAN-hop SD-WAN (MMS) system to realize an overlay network on top of the public internet. The MMS includes an SD-WAN system controller (SSC) and MMS gateways (MMSGs), one for each branch. The SSC is responsible for configuring the routing paths for the whole system. The MMSG uses low-cost access networks such as PON, xDSL, PLC, cable modems, and even LTE/5G to access the public internet. We propose an IP address swapping technique to realize multihop routing in the public internet. In addition, we implement IP over MPTCP (IPoMP) in MMSGs, in which a flow between a pair of branches is mapped into multiple MPTCP subflows to exploit multipath routing.