diff --git a/cmd/zrok/accessPrivate.go b/cmd/zrok/accessPrivate.go
index c06e2a2f..3c039640 100644
--- a/cmd/zrok/accessPrivate.go
+++ b/cmd/zrok/accessPrivate.go
@@ -5,6 +5,12 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net/url"
+	"os"
+	"os/signal"
+	"syscall"
+	"time"
+
 	tea "github.com/charmbracelet/bubbletea"
 	"github.com/go-openapi/runtime"
 	httptransport "github.com/go-openapi/runtime/client"
@@ -24,11 +30,6 @@ import (
 	"github.com/openziti/zrok/util"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
-	"net/url"
-	"os"
-	"os/signal"
-	"syscall"
-	"time"
 )
 
 func init() {
@@ -111,6 +112,8 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
 func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root) {
 	shrToken := args[0]
 
+	superNetwork, _ := root.SuperNetwork()
+
 	zrok, err := root.Client()
 	if err != nil {
 		cmd.error(err)
@@ -171,6 +174,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)
 			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
+			SuperNetwork: superNetwork,
 		})
 		if err != nil {
 			cmd.shutdown(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
@@ -190,6 +194,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)
 			ShrToken:     args[0],
 			RequestsChan: requests,
 			IdleTime:     time.Minute,
+			SuperNetwork: superNetwork,
 		})
 		if err != nil {
 			cmd.shutdown(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
@@ -208,6 +213,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)
 			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
+			SuperNetwork: superNetwork,
 		})
 		if err != nil {
 			cmd.shutdown(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
@@ -228,6 +234,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)
 			IdentityName: root.EnvironmentIdentityName(),
 			ShrToken:     args[0],
 			RequestsChan: requests,
+			SuperNetwork: superNetwork,
 		})
 		if err != nil {
 			cmd.shutdown(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
@@ -246,6 +253,7 @@ func (cmd *accessPrivateCommand) accessLocal(args []string, root env_core.Root)
 		cfg.Address = bindAddress
 		cfg.ResponseHeaders = cmd.responseHeaders
 		cfg.RequestsChan = requests
+		cfg.SuperNetwork = superNetwork
 		fe, err := proxy.NewFrontend(cfg)
 		if err != nil {
 			cmd.shutdown(accessResp.Payload.FrontendToken, root.Environment().ZitiIdentity, shrToken, zrok, auth)
diff --git a/cmd/zrok/sharePrivate.go b/cmd/zrok/sharePrivate.go
index 185ca340..f5717970 100644
--- a/cmd/zrok/sharePrivate.go
+++ b/cmd/zrok/sharePrivate.go
@@ -107,10 +107,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
 func (cmd *sharePrivateCommand) shareLocal(args []string, root env_core.Root) {
 	var target string
 
-	superNetwork := false
-	if root.Config() != nil {
-		superNetwork = root.Config().SuperNetwork
-	}
+	superNetwork, _ := root.SuperNetwork()
 
 	switch cmd.backendMode {
 	case "proxy":
diff --git a/cmd/zrok/sharePublic.go b/cmd/zrok/sharePublic.go
index efd5ced7..f89e628a 100644
--- a/cmd/zrok/sharePublic.go
+++ b/cmd/zrok/sharePublic.go
@@ -121,10 +121,7 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
 func (cmd *sharePublicCommand) shareLocal(args []string, root env_core.Root) {
 	var target string
 
-	superNetwork := false
-	if root.Config() != nil {
-		superNetwork = root.Config().SuperNetwork
-	}
+	superNetwork, _ := root.SuperNetwork()
 
 	switch cmd.backendMode {
 	case "proxy":
diff --git a/cmd/zrok/shareReserved.go b/cmd/zrok/shareReserved.go
index c01d9af0..5cc06771 100644
--- a/cmd/zrok/shareReserved.go
+++ b/cmd/zrok/shareReserved.go
@@ -102,10 +102,7 @@ func (cmd *shareReservedCommand) shareLocal(args []string, root env_core.Root) {
 	shrToken := args[0]
 	var target string
 
-	superNetwork := false
-	if root.Config() != nil {
-		superNetwork = root.Config().SuperNetwork
-	}
+	superNetwork, _ := root.SuperNetwork()
 
 	zrok, err := root.Client()
 	if err != nil {
diff --git a/endpoints/proxy/frontend.go b/endpoints/proxy/frontend.go
index bd9500ce..7348827e 100644
--- a/endpoints/proxy/frontend.go
+++ b/endpoints/proxy/frontend.go
@@ -27,6 +27,7 @@ type FrontendConfig struct {
 	ResponseHeaders []string
 	Tls             *endpoints.TlsConfig
 	RequestsChan    chan *endpoints.Request
+	SuperNetwork    bool
 }
 
 func DefaultFrontendConfig(identityName string) *FrontendConfig {
@@ -57,6 +58,11 @@ func NewFrontend(cfg *FrontendConfig) (*Frontend, error) {
 		return nil, errors.Wrap(err, "error loading config")
 	}
 	zCfg.ConfigTypes = []string{sdk.ZrokProxyConfig}
+	if cfg.SuperNetwork {
+		zCfg.MaxDefaultConnections = 2
+		zCfg.MaxControlConnections = 1
+		logrus.Warnf("super networking enabled")
+	}
 	zCtx, err := ziti.NewContext(zCfg)
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading ziti context")
diff --git a/endpoints/publicProxy/http.go b/endpoints/publicProxy/http.go
index af5ddecb..3c22f99c 100644
--- a/endpoints/publicProxy/http.go
+++ b/endpoints/publicProxy/http.go
@@ -64,12 +64,11 @@ func NewHTTP(cfg *Config) (*HttpFrontend, error) {
 		return nil, errors.Wrap(err, "error loading ziti context")
 	}
 	zDialCtx := zitiDialContext{ctx: zCtx}
-	if root.Config() != nil {
-		if root.Config().SuperNetwork {
-			zCfg.MaxDefaultConnections = 2
-			zCfg.MaxControlConnections = 1
-			logrus.Warnf("super networking enabled")
-		}
+	superNetwork, _ := root.SuperNetwork()
+	if superNetwork {
+		zCfg.MaxDefaultConnections = 2
+		zCfg.MaxControlConnections = 1
+		logrus.Warnf("super networking enabled")
 	}
 	zTransport := http.DefaultTransport.(*http.Transport).Clone()
 	zTransport.DialContext = zDialCtx.Dial
diff --git a/endpoints/tcpTunnel/frontend.go b/endpoints/tcpTunnel/frontend.go
index 8695a20f..ead60368 100644
--- a/endpoints/tcpTunnel/frontend.go
+++ b/endpoints/tcpTunnel/frontend.go
@@ -1,14 +1,15 @@
 package tcpTunnel
 
 import (
+	"net"
+	"time"
+
 	"github.com/openziti/sdk-golang/ziti"
 	"github.com/openziti/zrok/endpoints"
 	"github.com/openziti/zrok/environment"
 	"github.com/openziti/zrok/sdk/golang/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"net"
-	"time"
 )
 
 type FrontendConfig struct {
@@ -16,6 +17,7 @@ type FrontendConfig struct {
 	IdentityName string
 	ShrToken     string
 	RequestsChan chan *endpoints.Request
+	SuperNetwork bool
 }
 
 type Frontend struct {
@@ -42,6 +44,12 @@ func NewFrontend(cfg *FrontendConfig) (*Frontend, error) {
 		return nil, errors.Wrap(err, "error loading config")
 	}
 	zCfg.ConfigTypes = []string{sdk.ZrokProxyConfig}
+	superNetwork, _ := env.SuperNetwork()
+	if superNetwork {
+		zCfg.MaxDefaultConnections = 2
+		zCfg.MaxControlConnections = 1
+		logrus.Warnf("super networking enabled")
+	}
 	zCtx, err := ziti.NewContext(zCfg)
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading ziti context")
diff --git a/endpoints/udpTunnel/frontend.go b/endpoints/udpTunnel/frontend.go
index 9df61b64..0ede797e 100644
--- a/endpoints/udpTunnel/frontend.go
+++ b/endpoints/udpTunnel/frontend.go
@@ -1,15 +1,16 @@
 package udpTunnel
 
 import (
+	"net"
+	"sync"
+	"time"
+
 	"github.com/openziti/sdk-golang/ziti"
 	"github.com/openziti/zrok/endpoints"
 	"github.com/openziti/zrok/environment"
 	"github.com/openziti/zrok/sdk/golang/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"net"
-	"sync"
-	"time"
 )
 
 type FrontendConfig struct {
@@ -18,6 +19,7 @@ type FrontendConfig struct {
 	ShrToken     string
 	RequestsChan chan *endpoints.Request
 	IdleTime     time.Duration
+	SuperNetwork bool
 }
 
 type Frontend struct {
@@ -112,6 +114,12 @@ func NewFrontend(cfg *FrontendConfig) (*Frontend, error) {
 		return nil, errors.Wrap(err, "error loading config")
 	}
 	zCfg.ConfigTypes = []string{sdk.ZrokProxyConfig}
+	superNetwork, _ := env.SuperNetwork()
+	if superNetwork {
+		zCfg.MaxDefaultConnections = 2
+		zCfg.MaxControlConnections = 1
+		logrus.Warnf("super networking enabled")
+	}
 	zCtx, err := ziti.NewContext(zCfg)
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading ziti context")
diff --git a/endpoints/vpn/frontend.go b/endpoints/vpn/frontend.go
index 3ad26436..785b584e 100644
--- a/endpoints/vpn/frontend.go
+++ b/endpoints/vpn/frontend.go
@@ -2,6 +2,9 @@ package vpn
 
 import (
 	"encoding/json"
+	"net"
+	"time"
+
 	"github.com/net-byte/vtun/common/config"
 	"github.com/net-byte/vtun/tun"
 	"github.com/openziti/sdk-golang/ziti"
@@ -10,14 +13,13 @@ import (
 	"github.com/openziti/zrok/sdk/golang/sdk"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"net"
-	"time"
 )
 
 type FrontendConfig struct {
 	IdentityName string
 	ShrToken     string
 	RequestsChan chan *endpoints.Request
+	SuperNetwork bool
 }
 
 type Frontend struct {
@@ -40,6 +42,12 @@ func NewFrontend(cfg *FrontendConfig) (*Frontend, error) {
 		return nil, errors.Wrap(err, "error loading config")
 	}
 	zCfg.ConfigTypes = []string{sdk.ZrokProxyConfig}
+	superNetwork, _ := env.SuperNetwork()
+	if superNetwork {
+		zCfg.MaxDefaultConnections = 2
+		zCfg.MaxControlConnections = 1
+		logrus.Warnf("super networking enabled")
+	}
 	zCtx, err := ziti.NewContext(zCfg)
 	if err != nil {
 		return nil, errors.Wrap(err, "error loading ziti context")