created 2024/06/09 category info, internet views 10
fast reverse proxy is a tool that has completely saved me, a girl with a shitty internet service provider, and also a girl who does not want to publicly share their home ip address. essentially it allows you to is host a service on one machine and make it accessible through a completely separate machine, even if it is on a completely separate network. especially useful if you don't have a (static) ipv4 address (or isp that lets you port forward) but have a vps that does
frp comes in two parts, frps which runs on the host with the public ip, and frpc which runs on the client hosting the service. it may be possible to run both on one machine for some weird and fucked up use case but i have not had to yet™
don't forget to set the permissions on your configuration files to 700 so only the owner, root, or a custom "frp" service user, will have access to the authentication token you set!
ideally you should be providing your own certificates for encryption cause i don't know if just forcing tls does anything
bindPort = 7000 transport.tls.force = true auth.method = "token" auth.token = "password1234"
additionally you can set these to forward web services on a subdomain with just frp. the type on the service should be set to "http" instead of "tcp" or other
vhostHTTPPort = 8080 subDomainHost = "example.com"
you can use caddy to add tls when it is exposed!
serverAddr = "192.168.1.254" serverPort = 7000 transport.tls.enable = true auth.method = "token" auth.token = "password1234"
example of forwarding a regular tcp/udp service; you may omit the remotePort if you want it to be same as the localPort
[[proxies]] name = "service" type = "tcp" localPort = 4000 remotePort = 8003
i used to use kcp on my servers since i set frp up on them, but just now as of writing i tried disabling it (thinking about how slow the data transfer rate is)
KCP is a fast and reliable protocol that can achieve the transmission effect of a reduction of the average latency by 30% to 40% and reduction of the maximum delay by a factor of three, at the cost of 10% to 20% more bandwidth wasted than TCP.
on the server, you must expliciity set a kcpBindPort, which may be the same as the bindPort:
kcpBindPort = 7000
on the client, you must explicitly choose to use the kcp protocol:
transport.protocol = "kcp"