Skip to content
Aether Platform

NCS Architecture

NCS (Network Connectivity Service) utilizes an architecture that is fundamentally different from traditional VPNs or sidecar-based service meshes.

While typical Cloud IDE SaaS solutions are confined to “closed environments over the internet,” NCS provides unparalleled Network Flexibility via the Secure Tunnel Fabric, allowing you to securely bridge on-premise, Private Cloud, and multi-cloud environments as if they were on the same local segment.

eBPF Data Plane

The data plane of NCS operates directly within the Linux kernel using eBPF (extended Berkeley Packet Filter) technology.

  • Kernel-Level Routing: Routes packets at high speed within the kernel without context switching to user space.
  • Zero Overhead: Eliminates the need to inject sidecar proxies (like Envoy) into every Pod, conserving CPU/Memory resources.

Sidecar-less Design

Traditional meshes like Istio require a sidecar container for every application container. NCS manages eBPF programs via node-level agents, making it extremely non-intrusive to applications.

Global Edge Network

Aether deploys Edge Nodes globally. Users connect to the physically nearest Edge Node, and traffic traverses Aether’s optimized backbone network (leveraging AWS Direct Connect / Google Cloud Interconnect, etc.) to reach the workspace. This ensures low latency even for intercontinental connections.