How this works: architecture, safety system, and the chaos engineering game

Fetching live status...
Network Topology
VPN (active) eBGP K8s ClusterMesh Upstream DMZ
VPN Tunnels
NL ↔ GR budget 45ms
NL ↔ NO budget 20ms
NL ↔ CH budget 20ms
NL ↔ NO-DMZ01 budget
NL ↔ NO-DMZ02 budget
NL ↔ GR freedom 45ms
NL ↔ NO freedom 20ms
NL ↔ CH freedom 20ms
NL ↔ NO-DMZ01 freedom
NL ↔ NO-DMZ02 freedom
GR ↔ NO inalan 55ms
GR ↔ CH inalan 55ms
GR ↔ NO-DMZ01 inalan
GR ↔ NO-DMZ02 inalan
NO ↔ CH vps 20ms
NO ↔ NO-DMZ01 vps
NO ↔ NO-DMZ02 vps
CH ↔ NO-DMZ01 vps
CH ↔ NO-DMZ02 vps
NO-DMZ01 ↔ NO-DMZ02 pair
NL ↔ TX budget 120ms
NL ↔ TX freedom 120ms
GR ↔ TX inalan 155ms
CH ↔ TX vps 140ms
NO ↔ TX vps 140ms
TX ↔ NO-DMZ01 vps
TX ↔ NO-DMZ02 vps
27/27
VTI Tunnels
27 active
87/87
BGP Established
3
Failover Layers
READY
ClusterMesh
6 global svc
77ms
Avg Latency
p99 217ms
183.6s
MTTR
37 events / 7d
NL primary
Tunnels 12/12 up
WAN kpn freedom
Uptime 81.45%
Devices 124
GR secondary
Tunnels 7/7 up
WAN inalan
Uptime 96.15%
Devices 52
Alerts 1
NO transit
Tunnels 18/18 up
Uptime 100.00%
CH transit
Tunnels 7/7 up
Uptime 100.00%
TX transit
Tunnels 7/7 up
Uptime 100.00%
Cross-Site Latency (ms)
NLGRNOCHTX
NL45.020.020.0120.0
GR45.055.055.0155.0
NO20.055.020.0140.0
CH20.055.020.0140.0
TX120.0155.0140.0140.0
Failover Layers
1 BFD sub-second (~900ms)
2 BGP hold-time 30s (aggressive VTI timers 10/30)
3 ISP SLA-track default route (~6-10s)
Last: WAN failover · Jun 8, 01:23 UTC · 37 events/24h
5 sites · 27 tunnels · 95 prefixes · Updated 2026-06-08T11:03:54Z