Hetzner + additional IP + /29 public subnet

A

adrpan

New Member
Mar 7, 2023
6
0
1
Hi,
last time my boss decided to buy /29 for next vm's. Im a bit without experiences with that "advanced things" like networking so i need some help/advice. Generally i tried with these tutorial ( https://docs.hetzner.com/robot/dedicated-server/network/net-config-debian-ubuntu#routed-brouter ) and i started created ENI in our host and its looks like:

Code: 
auto lo
iface lo inet loopback

auto enp8s0
iface enp8s0 inet manual
        address xxx.xxx.134.92 #MAIN IP
        netmask 255.255.255.255
        gateway xxx.xxx.134.65
        pointopoint xxx.xxx.134.65


auto vmbr0
iface vmbr0 inet static
        address xxx.xxx.134.92 #MAIN IP
        netmask 255.255.255.255
        gateway xxx.xxx.134.65
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        pre-up brctl addbr vmbr0
        up ip route add xxx.xxx.134.89/26 dev vmbr0 # ADDITIONAL IP
        down ip route del xxx.xxx.134.89/26 dev vmbr0
#hosting

auto vmbr5
iface vmbr5 inet static
        address 10.10.90.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
#private lan

auto vmbr2
iface vmbr2 inet static
        address xxx.xxx.134.92 # MAIN IP
        netmask 255.255.255.255
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        pre-up brctl addbr vmbr2
        up ip route add zzz.zzz.29.57 dev vmbr2 #IP from /29 subnet
        down ip route del zzz.zzz.29.57 dev vmbr2
#public vms

informations from Hetzner i have:
Gateway: xxx.xxx.134.92 #MAIN IP
Netmask: 255.255.255.248
Broadcast: zzz.zzz.29.63
usable IP zzz.zzz.29.57-63

and here config in vm's

Code: 
auto ens18
iface ens18 inet static
    address zzz.zzz.29.57
    netmask 255.255.255.248
    gateway xxx.xxx.134.92 #MAIN IP
    pointopoint xxx.xxx.134.92 #MAIN IP
    dns-nameservers 1.1.1.1 213.133.106.251

auto ens19
iface ens19 inet static
    address  10.10.90.5/24

but it doesnt work. Anyone have any idea what mistake i did? Maybe i shouldnt mixed these things and send ticket to Hetzner about hwaddress for /29? Thanks for any help in this thread
;)


Now i have this config and works well

Code: 
auto lo
iface lo inet loopback

iface enp8s0 inet manual


auto vmbr0
iface vmbr0 inet static
    address xxx.xxx.134.92/26 #MAIN IP
    gateway xxx.xxx.134.65
    bridge-ports enp8s0
    bridge-stp off
    bridge-fd 1
    bridge-vlan-aware yes
    bridge-vids 2-4094
    pointopoint xxx.xxx.134.65
    up ip route add xxx.xxx.134.89/26 dev vmbr0 #ADDITIONAL IP


auto vmbr5
iface vmbr5 inet static
    address 10.10.90.1/24
    bridge-ports none
    bridge-stp off
    bridge-fd 0
#private vlan
 
Yes i made it very simple, compare with version above and You could see differences. Many help i recived from github scripts.
Code: 
auto lo
iface lo inet loopback


auto enp8s0
iface enp8s0 inet static
    address xxx.xxx.134.92 #MAIN IP
    gateway xxx.xxx.134.65
    netmask 255.255.255.192
    pointopoint xxx.xxx.134.65


auto vmbr1
iface vmbr1 inet static
    address xxx.xxx.134.92
    netmastk 255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
    up ip route add xxx.xxx.134.89/32 dev vmbr1 #ADDITIONAL IP
#hosting


auto vmbr2
iface vmbr2 inet static
    address xxx.xxx.134.92
    netmask 255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
        up ip route add zzz.zzz.29.56/29 dev vmbr2 #IP FROM /29 subnet
#hostingv2 subnet


auto vmbr5
iface vmbr5 inet static
    address 10.10.90.1/24
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
#private lan
 
adrpan said:
Yes i made it very simple, compare with version above and You could see differences. Many help i recived from github scripts.
Code: 
auto lo
iface lo inet loopback


auto enp8s0
iface enp8s0 inet static
    address xxx.xxx.134.92 #MAIN IP
    gateway xxx.xxx.134.65
    netmask 255.255.255.192
    pointopoint xxx.xxx.134.65


auto vmbr1
iface vmbr1 inet static
    address xxx.xxx.134.92
    netmastk 255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
    up ip route add xxx.xxx.134.89/32 dev vmbr1 #ADDITIONAL IP
#hosting


auto vmbr2
iface vmbr2 inet static
    address xxx.xxx.134.92
    netmask 255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
        up ip route add zzz.zzz.29.56/29 dev vmbr2 #IP FROM /29 subnet
#hostingv2 subnet


auto vmbr5
iface vmbr5 inet static
    address 10.10.90.1/24
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    bridge_maxwait 0
#private lan
Click to expand...

You have the github links?, I did or replicated what you have, but it doesn't work for me, when I use subnet 29 in my opnsense, I can't get the 1:1 nat to work for me.

example of my config:


Code: 
auto vmbr2
iface vmbr2 inet static
    address 95.X.X.169# My first usable ip
    netmask 255.255.255.255
    bridge-ports none
    bridge-stp off
    bridge-fd 0
    up route add 95.X.X.170/29 dev vmbr2
 
I've tried this configuration with a single ip address out of MAIN IP subnet, i also have one inside and it works with the config you mentioned, point to point to gw in the physical interface, and then the first bridge with no bridge port and the route for the first ip , and it works, now hetzner has given to me a second ip address, outside, considering it as /32 subnet and using your configuration it should work, i've created a second bridge with the main ip address and the route for the new address, but id doesn't work, maybe is something related to vm config? is a vm , non container, and it's an ubuntu 20 host, so it has netplan, for what i've read i have to put a route instead of default gateway, but i have no connection any idea ? here's my configs



auto enp7s0
iface enp7s0 inet static
address x.x.x..95/32
gateway x.x.x.65
pointopoint x.x.x.65


auto vmbr1
iface vmbr1 inet static
address x.x.x.95/32
bridge-ports none
bridge-stp off
bridge-fd 0
up ip route add x.x.x.73/32 dev vmbr1 # FIRST ADDITIONAL INSIDE MAIN IP SUBNET WORKING

auto vmbr2
iface vmbr2 inet static
address x.x.x.95
netmask 255.255.255.255
bridge-ports none
bridge-stp off
bridge-fd 0
bridge_maxwait 0
up ip route add y.y.y.74/32 dev vmbr2 #IP FROM outside main subnet NOT WORKING



in vm config , netplan based instead of default gateway i've tried using a route to 0.0.0.0/0 via the main gateway x.x.x.65 ( as well as the gateway of the second address, but no one of these works ! )
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back