TXGW + LGW topology
LGWs terminate spoke groups; TXGWs stitch clouds together. The mesh runs over WireGuard with both ends publicly routable — no broker, no relay tax in the middle of your traffic.
routing…
Gateways form the edge tier: a Local Gateway (LGW) per spoke group and a Transit Gateway (TXGW) for cross-cloud transit, deployed into your own central VPCs and orchestrated by the SaaS. Workload spokes attach via native CSP constructs and never run an agent, VM, or sidecar.
LGWs terminate spoke groups; TXGWs stitch clouds together. The mesh runs over WireGuard with both ends publicly routable — no broker, no relay tax in the middle of your traffic.
AWS: GWLB endpoints + VPC peering. GCP: VPC peering with ILB next-hop via custom route export. Azure: Gateway LB chaining + VNet peering. Telaron replaces the cross-charging transit layers (TGW, Virtual WAN, NCC) where it makes sense.
iBGP and eBGP via FRR give you familiar routing primitives across every cloud — a new region or CSP is a config change, not a re-architecture.
Gateways run a CIS/STIG-aligned, FIPS-140-3-capable base image and connect to the control plane over mutually authenticated TLS.
Spin up the Community tier free, or talk to us about Pro and Enterprise. No agents in your workloads, no six-figure contract.