VPN Service

Solution

Our team built a versatile platform that:

• Works with seven router models, including legacy hardware;

• Supports Windows and Linux-based OSes like Debian, Ubuntu, CentOS, AlmaLinux, Rocky Linux, OpenWrt, FreeBSD, and derivatives like PFSense. Shell scripts are included for quick builds on all supported OSes;

• Offers configuration tools tailored to specific router manufacturers, designed to handle specialized tasks;

• Doesn’t require IT professionals for deployment.

Developing software for certain routers was quite time-consuming due to their custom operating systems. This required us to recompile numerous libraries used by the application.

We've moved several Linux builds over to Docker, a containerization platform. Building for a specific hardware architecture, such as ARM, requires having a router on that platform because you need to compile the app right on the architecture where the VPN will operate. Docker is really useful since it can emulate different architectures.

Major Issues Resolved

Memory Leak in a Linux Build

Testing revealed a memory leak in an app running on one version of Linux, which caused system instability and forced frequent reboots.

Our approach:

• We ran deep code profiling to track where resources weren’t being freed properly.
• By refining the memory management logic, we eliminated the root causes of the leaks.

Outcome: The application achieved stable performance, even under high-demand scenarios.

Slow Connection Speeds on a Specific Router Model

The performance bottleneck was caused by forced virtualization of the runtime environment hosting the VPN server, which led to excessive CPU load during packet redirection. This significantly slowed down the VPN server's performance and packet processing. 

Solution: We advised the client to use different routers to set up the VPN network.

System Malfunction

In some cases, the system didn’t adhere to network standards, resulting in poor compatibility with certain configurations.

Our approach:

• Gathered detailed feedback from the client regarding system issues;
• Conducted a thorough code review and consolidated fragmented functions into a unified structure, improving maintainability and performance;
• Updated the codebase to meet established networking standards.

Result: The client and their users now enjoy a stable system that works seamlessly within their network setups—no extra technical fixes required!

The Scope of Work

• Developing scripts and programs for app build processes (resource compression, installer creation).

• Enhancing legacy code with no documentation, featuring more than 200,000 lines of source code.

• Configuring containers for software build and execution.

• Building external utilities in Python and C++ to communicate with the client's software and their customers' devices.

• Designing performance and availability testing utilities for the client's devices.

Technologies Used

• Client and server application—the C language;
• Utilities that configure and monitor the kernel on specific routers, and some utilities that interact with third-party services—C++;
• The software for the CradlePoint router build is written in Python using PyCharm IDE. We utilized libraries like Requests, re, Base64, Subprocess, Time, and os, along with the Cradlepoint NetCloud OS SDK framework, cURL, and Boost;
• Containerization—Docker, Dockerfile, and Docker Compose (YAML); 
• Bash scripting and the GCC compiler collection, Oracle VM VirtualBox, and package managers for Linux builds and debugging;
• Windows builds—C#;
• Windows and Linux system libraries, the WinAPI framework, Visual Studio, and Visual Studio Code for app development.

Result

We developed client and server VPN applications, along with configuration utilities, for various hardware architectures and operating systems. 

Benefits for the Client Company:

• A versatile solution that can serve over 50 clients;

• Customization options to fit multiple router models.

Benefits for End Users:

• Enhanced capabilities for remote work, branch integration, and IoT connectivity;

• Quick and easy VPN setup and deployment that users can handle on their own—no tech expertise required.

We're planning to develop software for macOS and mobile VPN apps for Android and iOS that can operate with the client's servers in advanced mode. These apps will be native, which is the best choice when it comes to interacting with operating systems.