Skip to main content

Proxy vs. Transparent

Proxy Mode vs. Transparent mode

Mode Overview

Both modes let you access devices located anywhere on the Internet and without exiting public access available.

Both modes require that the device you want to access through your public IP or URLs is connected with one of the private network configurations available under the Network tab from your setip.io Admin Panel and loaded into the Host's running WireGuard stack.

Proxy Mode

Proxy Mode does more for you as it intercepts all HTTPS connection and routes them to a device connected to your private network over the regular internet through WireGuard standard tunneling configurations and in plain HTTP so you do not have to worry about SSL certificates during development and staging.

Transparent mode

In transparent mode, all traffic is directed towards the private IP address ending in .2 and only to the private IP ending in .2. So if you have created your account in transparent mode please consider only the WireGuard configuration with private IP ending with .2.

All traffic is forwarded to the private IP ending in .2 including UDP traffic so you could run a DNS server for example or some other more advanced protocols not available in Proxy mode.

In transparent mode, you have no SSL termination available, so if you need SSL you will need to handle certificates yourself. Similarly, if you need an HTTP server you may want to consider one of the open-source proxy servers available, to make your life easier you can access Proxy Manager one-click install to be deployed on your own host after that host is connected to setip.io successfully on your private network. Proxy Manager is a popular web-based UI on top of the Nginx proxy which is the most popular proxy server while allowing you to handle your TLS connections on-premises and automatically.

PROXY MODE - ONE PUBLIC IP - MULTIPLE PRIVATE IPs

PROXY MODE - ONE PUBLIC IP - MULTIPLE PRIVATE IPs

TRANSPARENT MODE - ONE PUBLIC IP - THREE PRIVATE IPs ACTIVE ON CLOUD - 1 IP ACTIVE - 2 STANDBY

TRANSPARENT MODE - ONE PUBLIC IP - THREE PRIVATE IPs ACTIVE ON CLOUD - 1 IP ACTIVE - 2 STANDBY

TRANSPARENT MODE - ONE PUBLIC IP - ONE PRIVATE IP ON-PREMISE

TRANSPARENT MODE - ONE PUBLIC IP - ONE PRIVATE IP ON PREMISE

DNS

Your DNS server features are made transparent and automatic so you should never have to mess with it. In certain cases that can not be simplified its good to customize DNS to fit the need so you can access your DNS records under the "DNS (Server)" tab that you will find in the Management section of the site.

Enabling you to manage your DNS service directly and closely from your code is key to the ability for you to stay safe from being locked in any vendor's solution as it would require your service downtime to change vendors in the future.

Your DNS records are available for resolution from any of the other setip.io users account DNS servers as well, this creates a mesh of DNS servers always available.

DNS responses are cached globally, first among setip.io tenants DNS servers and then globally to various DNS recursive resolvers globally, so modifications can take a few minutes to propagate among setip.io users and longer globally.

Managing DNS is not the purpose of this documentation but you are able to add some records that may be necessary if you wish to associate external services to your domain name that is managed on setip.io. Examples of services that require some DNS editing will be email MX records for example, with DNS editing one can simply add MX records so incoming emails point to a mail provider of choice for receiving incoming messages.

DNS Editing

DNS Architecture