How is Wormhole Network built?

Systems architecture

Wormhole Network is made of different components, that we could divide between data and control planes. There are some considerations to be made when deploying your secure private network.

  • Control plane

    The control plane is the set of components where our users can make changes to their secure private networks - These changes are pushed then to the distributed servers.
    There are two ways of interacting with the control plane: Using the web frontend or using our REST API. Either way gives you the same amount of control over your secure private network's configuration.

  • Data plane

    These servers are located on different locations and providers. The main reason for this distribution is because these servers act as communication hubs for your secure private network, thus handling all your traffic.

  • Traffic considerations

    As your traffic has to go up to the Wormhole Network's server and then back down to its destination, it is advisable to create your secure private network on a server close to your assets. If your assets are in two separate regions, create your secure private network on the region and provider where you expect more internal traffic. Secure private networks created on the same region and provided only inject a negligible amount of latency for most applications.

How should I architect my secure private network?

Deployments architecture

Wormhole Network's core features are both its simplicity and its potential to be as complex as you need.

  • Simple architecture

    Every newly deployed network is a flat layer 2 network.
    As simple as that. We also provide DHCP by default to make it work out of the box for you.
    The DHCP server assigns IP addresses from to in a /24 network. The first 9 addresses and the last 4 are reserved for future platform use.

  • Blank canvas

    Wormhole Network's simplicity doesn't stop you from making your network as complex as you need to. As it's a layer 2 network, you could build any layer 3 complexity on top of it. Some of our customers deploy Linux routers inside Wormhole Network to route traffic to a wider cloud or on-premises network, even running dynamic routing protocols like BGP inside Wormhole.
    Wormhole Network is both a just works and a blank canvas tool.