How this works: architecture, safety system, and the chaos engineering game

Fetching live status...
Network Topology
VPN (active) eBGP K8s ClusterMesh Upstream DMZ
VPN Tunnels
NL ↔ GR budget 40ms
NL ↔ NO budget 20ms
NL ↔ CH budget 25ms
NL ↔ NO-DMZ01 budget
NL ↔ NO-DMZ02 budget
NL ↔ GR freedom 40ms
NL ↔ NO freedom 20ms
NL ↔ CH freedom 25ms
NL ↔ NO-DMZ01 freedom
NL ↔ NO-DMZ02 freedom
GR ↔ NO inalan 60ms
GR ↔ CH inalan 55ms
GR ↔ NO-DMZ01 inalan
GR ↔ NO-DMZ02 inalan
NO ↔ CH vps 22ms
NO ↔ NO-DMZ01 vps
NO ↔ NO-DMZ02 vps
CH ↔ NO-DMZ01 vps
CH ↔ NO-DMZ02 vps
NO-DMZ01 ↔ NO-DMZ02 pair
NL ↔ TX budget 120ms
NL ↔ TX freedom 120ms
GR ↔ TX inalan 155ms
CH ↔ TX vps 145ms
NO ↔ TX vps 140ms
TX ↔ NO-DMZ01 vps
TX ↔ NO-DMZ02 vps
27/27
VTI Tunnels
27 active
85/87
BGP Established
3
Failover Layers
READY
ClusterMesh
6 global svc
78ms
Avg Latency
p99 217ms
227.1s
MTTR
38 events / 7d
NL primary
Tunnels 12/12 up
WAN kpn freedom
Uptime 82.26%
Devices 124
GR secondary
Tunnels 7/7 up
WAN inalan
Uptime 96.15%
Devices 52
Alerts 1
NO transit
Tunnels 18/18 up
Uptime 100.00%
CH transit
Tunnels 7/7 up
Uptime 100.00%
TX transit
Tunnels 7/7 up
Uptime 100.00%
Cross-Site Latency (ms)
NLGRNOCHTX
NL40.020.025.0120.0
GR40.060.055.0155.0
NO20.060.022.5140.0
CH25.055.022.5145.0
TX120.0155.0140.0145.0
Failover Layers
1 BFD sub-second (~900ms)
2 BGP hold-time 30s (aggressive VTI timers 10/30)
3 ISP SLA-track default route (~6-10s)
Last: WAN failover · Jun 9, 06:55 UTC · 38 events/24h
5 sites · 27 tunnels · 95 prefixes · Updated 2026-06-10T06:04:02Z