Design Ngrok Tool

Design a secure, multi-protocol tunneling service for local-to-internet exposure.

Home
Interview Guide
Case Studies
Hard
Ngrok Tool

Looking for the Solution Code?

This page covers the design requirements and high-level approach.

The complete implementation code (Python, Java, C++, etc.), UML Class Diagrams, and detailed step-by-step explanation are available in our Interactive Playground.

Open Playground to View Solution →

What is the Ngrok Tool Problem?

Section titled “What is the Ngrok Tool Problem?”

Design a secure tunneling service that allows developers to expose their local servers to the internet without complex network configurations. The system should support multiple protocols (HTTP, HTTPS, TCP), provide real-time traffic inspection, handle authentication, and manage concurrent tunnel connections while ensuring data security and high availability.

In this problem, you’ll design the coordination between a public TunnelServer and a local ClientAgent, ensuring that traffic is securely routed and inspected in real-time.

Why This Problem?

Ngrok is a fantastic study for:

State Pattern - Managing tunnel lifecycles (Creating, Active, Reconnecting).
Strategy Pattern - Handling different protocols (HTTP vs. TCP) with swappable handlers.
Observer Pattern - Implementing real-time traffic inspection and logging.
Concurrency - Managing thousands of persistent connections.

Problem Overview

Section titled “Problem Overview”

Design a service that provides public URLs for local servers, handling the secure routing of requests through established persistent tunnels.

Core Requirements

Section titled “Core Requirements”

Functional Requirements:

Tunnel Creation: Allow users to request a tunnel for a specific local port and protocol.
URL Generation: Assign unique, public-facing URLs (e.g., xyz.tunnel.io).
Bidirectional Routing: Forward public requests to the local agent and return local responses.
Lifecycle Management: Track states like CREATING, ACTIVE, and DISCONNECTED.
Traffic Inspection: Log and display real-time request/response data.
Multi-protocol Support: Handle HTTP, HTTPS, and raw TCP traffic.

Non-Functional Requirements:

Security: Ensure all data moving through the tunnel is encrypted.
Availability: Handle automatic reconnection if the link is interrupted.
Scalability: Support thousands of concurrent tunnels per server.
Low Overhead: Minimize latency introduced by the forwarding hop.

What’s Expected?

Section titled “What’s Expected?”

1. System Architecture

Section titled “1. System Architecture”

The system coordinates between the TunnelServer (Public) and the ClientAgent (Private).

2. Key Classes to Design

Section titled “2. Key Classes to Design”

classDiagram
    class TunnelServer {
        -Map~String, Tunnel~ activeTunnels
        -AuthService auth
        +createTunnel(userId, port)
        +routeTraffic(publicUrl, data)
    }
    
    class Tunnel {
        -String publicUrl
        -TunnelState state
        -ProtocolHandler handler
        -Connection agentLink
        +transitionState(newState)
    }
    
    class ClientAgent {
        -String apiToken
        -int localPort
        +connectToServer()
        +forwardToLocal(data)
    }

    class ProtocolHandler {
        <<interface>>
        +handle(data)
    }

    TunnelServer "1" *-- "many" Tunnel
    Tunnel --> TunnelState
    Tunnel --> ProtocolHandler
    ClientAgent --> Tunnel

System Flow

Section titled “System Flow”

Traffic Forwarding Flow

Section titled “Traffic Forwarding Flow”

Key Design Challenges

Section titled “Key Design Challenges”

1. Persistent Connection Management

Section titled “1. Persistent Connection Management”

Since the local server is behind a firewall, the server cannot “call” the agent.

Solution: The Client-Initiated Persistent Connection. The agent initiates a long-lived TCP or WebSocket connection to the server. The server keeps this socket open. When traffic arrives at the public URL, the server “reuses” this existing socket to push data down to the agent.

2. State and Reconnection

Section titled “2. State and Reconnection”

Network blips happen. If the socket closes, the tunnel shouldn’t just vanish.

Solution: Use the State Pattern. When the socket drops, the tunnel moves to DISCONNECTED. The agent starts an exponential backoff retry logic. If it reconnects within a timeout (e.g., 5 minutes), the state moves back to ACTIVE and the same public URL is preserved.

3. Handling Different Protocols

Section titled “3. Handling Different Protocols”

Routing raw TCP traffic is very different from parsing HTTP headers for inspection.

Solution: Use the Strategy Pattern. The Tunnel object holds a ProtocolHandler. For HTTP, the handler parses headers and notifies TrafficObservers. For TCP, the handler just pipes raw bytes as fast as possible.

What You’ll Learn

Section titled “What You’ll Learn”

By solving this problem, you’ll master:

✅ Network Proxy Logic - Building bridges across firewalls.
✅ State Machines - Managing complex connection lifecycles.
✅ Protocol Abstraction - Handling HTTP vs TCP uniformly.
✅ Real-time Inspection - Using the Observer pattern for live data logging.

View Complete Solution & Practice

Section titled “View Complete Solution & Practice”

Ready to see the full implementation? Open the interactive playground to access:

🎯 Step-by-step guidance through the 8-step LLD approach
📊 Interactive UML builder to visualize your design
💻 Complete Code Solutions in Python, Java, C++, TypeScript, JavaScript, C#
🤖 AI-powered review of your design and code

🚀 View Solution in Playground

📚 Related Articles

Continue learning with these related topics

Design a Feed Generator

Design a feed generator system that aggregates content from multiple sources, ranks posts based on various algorithms, and delivers personalized feeds to users. The system should support different ranking strategies, caching mechanisms, real-time feed updates, and content filtering. Master this hard Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Rate Limiter

Design a rate limiter system that restricts the number of requests a user or client can make to an API within a specified time window. The system should support multiple rate limiting algorithms, handle concurrent requests efficiently, and be scalable across distributed environments. Master this medium Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Designing a Tic Tac Toe Game

Design a Tic Tac Toe game that allows two players to play on a 3x3 grid. Players take turns placing their symbols (X or O) in empty cells. The game should detect wins (three in a row horizontally, vertically, or diagonally) and handle draws when all cells are filled. Master this easy Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Simple Elevator System - Multiple Lifts

Design a simple elevator system that manages 2-4 elevators in a building. The system should efficiently distribute requests across elevators, balance load to minimize wait times, optimize elevator direction based on requests, and handle concurrent requests from different floors. Master this medium Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Hotel Management System

Design a hotel management system that allows guests to search for available rooms, make reservations, check in, and check out. The system should handle room management with different room types and amenities, check room availability for date ranges, manage reservations with proper state transitions, and apply pricing strategies based on room type and season. Master this easy Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Design a Movie Ticket Booking System

Design a movie ticket booking system that allows customers to search for movies, view showtimes, select seats, make bookings, and process payments. The system should handle concurrent seat bookings, manage seat availability with different seat types and pricing, and support booking confirmation and cancellation. Master this easy Low Level Design interview problem with step-by-step guidance, interactive UML class diagram builder, and complete solutions in Python, Java, C++, TypeScript, JavaScript, and C#.

→

Last updated: Jan 6, 2026

Previous
Snake and Ladder Next
Music Streaming Service