[SOLVED] Container and Hetzner subnets

[gregorst]

Hello guys, I decided to open this thread because I'm not finding a good solution to my problem.

First of all, I had a proxmox server on ovh, where for every additional IP address (subnet included) they provided me a static mac address to use in the network configuration of every container (lxc in this case).

Now I had to migrate my server to Hetzner, they provide subnets without the static mac address...

What is my problem? Every time I restart the network interface of my root server, the containers begins to be unreachable and to fix this, I have to regenerate a new mac address from the "network" panel of every container.

On my Dedicated the configuration is the following:

### Hetzner Online GmbH installimage

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

auto enp35s0
iface enp35s0 inet static
  address MAIN_IP
  netmask 255.255.255.192
  gateway GATEWAY_MAIN_IP

  up route add -net XXX.XXX.XXX.XXX netmask 255.255.255.192 gw XXX.XXX.XXX.XXX dev enp35s0

#To use virtual machine , I did this:

auto vmbr0
iface vmbr0 inet static
address MAIN_IP
netmask 255.255.255.192
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0
up ip route add SUBNET_IP/32 dev vmbr0
up ip route add SUBNET_IP_2/32 dev vmbr0
up ip route add SUBNET_IP_3/32 dev vmbr0
up ip route add SUBNET_IP_4/32 dev vmbr0

This is the configuration of one container (others have the same configuration) :

As said before, every time I restart the network interface of the dedicated, after that, the containers stops to work and I Have to generate a new mac address from the panel in the screenshot above.

What did I wrong?


[UPDATE]:
Not necessarily I have to change mac address, to "resume" the machine, I can for example tick and untick the firewall option, something that make some changes to the network

 

[pve n00b]

Hi!
It seems, that you have a misconfiguration. Your <MAIN IP> is bound to two ifaces (enp35s0 and vmbr1). Typo?
I am at Hetzner too and my host network config lokks like this:

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto eno1
iface eno1 inet static
        address  MAIN_IP
        netmask  255.255.255.255
        gateway  GATEWAY_IP
        pointopoint GATEWAY_IP
        
auto vmbr1
iface vmbr1 inet static
        address  FIRST_SUBNET_IP
        netmask  255.255.255.248
        bridge-ports none
        bridge-stp off
        bridge-fd 0

Maybe you can solve this by ticking the IPv6 checkbox from "Static" to "DHCP" in the network config of your VM.

Regrads,

 

[gregorst]

Hi!
It seems, that you have a misconfiguration. Your <MAIN IP> is bound to two ifaces (enp35s0 and vmbr1). Typo?
I am at Hetzner too and my host network config lokks like this:

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto eno1
iface eno1 inet static
        address  MAIN_IP
        netmask  255.255.255.255
        gateway  GATEWAY_IP
        pointopoint GATEWAY_IP
      
auto vmbr1
iface vmbr1 inet static
        address  FIRST_SUBNET_IP
        netmask  255.255.255.248
        bridge-ports none
        bridge-stp off
        bridge-fd 0

Maybe you can solve this by ticking the IPv6 checkbox from "Static" to "DHCP" in the network config of your VM.

Regrads,

Hello and thanks for your reply,
with your configuration, you made me to google more and I found out mine was a configuration for "single ip",
I copied your configuration and the situation is a lot better because for every subnet I have a bridge... So I don't need to reload anything at all.
I can say my problem is fixed. I attach my new configuration below.

auto enp35s0
iface enp35s0 inet static
  address MAIN_IP
  netmask 255.255.255.192
  gateway GW_IP
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp

  up route add -net xxx.xxx.xxx.xxx netmask 255.255.255.192 gw xxx.xxx.xxx.xxx dev enp35s0

# SUBNET 1
auto vmbr0
iface vmbr0 inet static
address SUBNET0_IP0
# WILL Make SUBNET0_IP1 TO SUBNET0_IP6 available
netmask 255.255.255.248
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

# SUBNET 2
auto vmbr1
iface vmbr1 inet static
address SUBNET1_IP0
# WILL Make SUBNET1_IP1 TO SUBNET1_IP6 available
netmask 255.255.255.248
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

Thank you


TO active every subnet ifdown vmbr0 && ifup vmbr0 etc

 

[boomdrak]

Hello and thanks for your reply,
with your configuration, you made me to google more and I found out mine was a configuration for "single ip",
I copied your configuration and the situation is a lot better because for every subnet I have a bridge... So I don't need to reload anything at all.
I can say my problem is fixed. I attach my new configuration below.

auto enp35s0
iface enp35s0 inet static
  address MAIN_IP
  netmask 255.255.255.192
  gateway GW_IP
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up echo 1 > /proc/sys/net/ipv4/conf/eno1/proxy_arp

  up route add -net xxx.xxx.xxx.xxx netmask 255.255.255.192 gw xxx.xxx.xxx.xxx dev enp35s0

# SUBNET 1
auto vmbr0
iface vmbr0 inet static
address SUBNET0_IP0
# WILL Make SUBNET0_IP1 TO SUBNET0_IP6 available
netmask 255.255.255.248
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

# SUBNET 2
auto vmbr1
iface vmbr1 inet static
address SUBNET1_IP0
# WILL Make SUBNET1_IP1 TO SUBNET1_IP6 available
netmask 255.255.255.248
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0

Thank you


TO active every subnet ifdown vmbr0 && ifup vmbr0 etc

Thanks for you help
I was missing this route config

up route add -net xxx.xxx.xxx.xxx netmask 255.255.255.192 gw xxx.xxx.xxx.xxx dev enp35s0