Your apps just work
LinqProtocol handles networking so you don't have to. Automatic TLS, network tunnels for ingress, and mTLS service mesh for internal communication. No port forwarding, no DNS headaches.
Deploy NowNetworking is the hardest part of self-hosting
Ask any developer who's tried to self-host: getting traffic to your app is painful.
- •Port forwarding through routers and firewalls
- •Dynamic IPs that change without warning
- •TLS certificates that expire at 3am
- •Load balancing across multiple instances
- •Service-to-service communication that's not encrypted
LinqProtocol solves all of this with a networking stack that handles complexity behind the scenes.
Enterprise networking, zero configuration
Argo Tunnels
Your apps are reachable from the internet without opening any ports on the provider's network. Tunnels create secure outbound connections to the edge, which routes traffic to your containers.
- No port forwarding required
- Works behind any firewall or NAT
- DDoS protection included
- Global edge network for low latency
Istio Ingress Gateway
All HTTP/HTTPS traffic is routed through Istio Gateway, a powerful ingress controller with advanced traffic management.
- Automatic routing based on hostnames
- Load balancing across pod replicas
- Request rate limiting and circuit breaking
- Traffic splitting and canary deployments
Cert-Manager
TLS certificates are automatically provisioned via Let's Encrypt and renewed before they expire.
- Automatic domain verification
- Automatic renewal
- Automatic deployment to Istio Gateway
Istio Service Mesh
All internal traffic between services is encrypted with mutual TLS (mTLS).
- Encrypted service-to-service communication
- Identity-based access control
- Traffic policies and routing rules
- Observability for all mesh traffic
Reachable from anywhere
Network tunnels eliminate the traditional networking challenges of decentralized infrastructure:
Provider can be anywhere
Home server, data center, edge location - doesn't matter
No static IP required
Works with dynamic IPs
No firewall changes
Only outbound connections needed
Automatic failover
Tunnels reconnect if connection drops
Every deployment gets endpoints
When you deploy on LinqProtocol, you automatically receive:
Application Endpoint
Public URL for your main application (e.g., your-app.linqprotocol.com)
API Endpoint
If your deployment exposes an API (configurable port mapping)
Console Endpoint
For Aura Code sandboxes, access to your development environment
Endpoints are provisioned within minutes of deployment and remain stable for the lifetime of your deployment.
Coming Soon
- • Custom Domains - Bring your own domain names
- • Wildcard Subdomains - For multi-tenant applications
Service-to-service communication
For deployments with multiple containers (pods), LinqProtocol provides secure internal networking:
This allows you to build microservices architectures where frontend talks to backend, backend talks to database, and everything is secure by default.
Defense in depth
Edge Security (Cloudflare)
- •DDoS protection
- •Web Application Firewall (optional)
- •Rate limiting
- •Bot management
Transport Security (Istio + Cert-Manager)
- •TLS 1.3 encryption
- •Automatic certificate rotation
- •HSTS support
Internal Security (Istio)
- •mTLS for all service-to-service traffic
- •Identity-based authorization
- •Traffic encryption and integrity
Namespace Isolation
- •Each deployment in its own namespace
- •Network policies prevent cross-namespace communication
- •No access to host network