Hetzner Additional Subnets Madness

nikc

Member
Jan 21, 2019
2
1
23
49
Hi all

1st post .... and i promise i have searched a lot ...

I'm trying to get my additional subnet (5 ips) from Hetzner to my KVM devices.

I've tried the setup here dominicpratt.de/hetzner-proxmox-netzwerkkonfiguration/#comment-6220 - No joy.

I've tried this one from the forums forum.proxmox.com/threads/proxmox-4-hetzner-extra-subnet-configuration.25019/ - No joy.

The guides from Hetzner dont work for me wiki.hetzner.de/index.php/Proxmox_VE/en

Has anyone got this working with an additonal /29 subnet for KVM devices hosted on Proxmox ?

Thanks
 
  • Like
Reactions: ScottNZUK
I managed to resolve this and thought I would share the config that worked for me, i think this is all based on stuff out there, but I could find anything with it all ...

So this is based on a hetzner EX host with an additional /29 subnet.

NOTE: fake ips below.

Main IP = 123.123.123.321
GW from Hetzner = 123.123.123.322
Subnet 123.123.321.123/29 (5 usuable IPs, 123.123.321.124-8)

Built the server using heztner installimage in rescue mode, went with debian 9.5, default config, installed proxmox as per the Heztner guide on their site, and then editing the networking config as per below

##### Configuration of host server Ethernet Adapter IP #######
auto enp0s31f6 <---- this is the name of my Ethernet adapter, yours may be different, check with "ip link" from console
iface enp0s31f6 inet static
address 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
netmask 255.255.255.255 <----- different to welcome email subnet
gateway 95.216.7.129 <---- GW IP for server as per Hetzner welcome email
pointopoint 95.216.7.129 <---- GW IP for server as per Hetzner welcome email

##### Configuration of host server IP routes to allow for additonal subnet routing#######
auto vmbr0
iface vmbr0 inet static
address 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0
up ip route add 123.123.321.124/32 dev vmbr0 <---- note the /32 not the /29 from the welcome email
up ip route add 123.123.321.125/32 dev vmbr0
up ip route add 123.123.321.126/32 dev vmbr0
up ip route add 123.123.321.127/32 dev vmbr0
up ip route add 123.123.321.128/32 dev vmbr0
###### finished #######

Next is building your VMs, i have done a couple but the principle is the same.

NOTE: this will not work with a live / netinstal as internet access is not available till post build (possibly not true as there is a possibility to jump out of installers to shell to add routes, but for now this assumes you can install without a working connection).

Ubuntu config
##### Ethernet Configuration ######
network:
version: 2
renderer: networkd
ethernets:
ens18: <---- this is the name of my Ethernet adapter in the VM, yours may be different, check with "ip link" from console
addresses: [123.123.321.124/32] <----- IP from subnet allocation that has a routing option set on host server, mask must be /32
gateway4: 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
routes:
- to: 0.0.0.0/0
via: 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
on-link: true
nameservers:
addresses: [8.8.8.8,8.8.4.4]
###### finished #######

Debian config
##### Ethernet Configuration ######
# The loopback network interface
auto lo
iface lo inet loopback

# ethernet
auto ens18 <---- this is the name of my Ethernet adapter, yours may be different, check with "ip link" from console
iface ens18 inet static
address 123.123.321.124 <----- IP from subnet allocation that has a routing option set on host server
netmask 255.255.255.255 <---- must be this and not the mask from the welcome email
pointopoint 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
gateway 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
###### finished #######

I've also got this working with a Mikrotik Cloud Hosted Router, if anyone needs those CMDs to get the CHR going let me know.

I haven't figured IP6 yet ... TBH I dont know enough about it to try :( Anyone fancy helping ?

I hope this helps someone out there !
 
I managed to resolve this and thought I would share the config that worked for me, i think this is all based on stuff out there, but I could find anything with it all ...
.................
I hope this helps someone out there !

Hi. Please share working config for Mikrotik Cloud Hosted Router.
 
  • Like
Reactions: Kamik
Thank you nikc.

Proxmox node connection can be a little sipler.
You don't actually need to assign IP address for your NIC, it is enough if you have address on your first bridge.
My setup is like that:

Code:
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto vmbr0
iface vmbr0 inet static
  address 123.123.123.123/32
  gateway 124.124.124.124
  pointopoint 124.124.124.124
  bridge_ports eth0
  bridge_stp off
  bridge_fd 0
  bridge_hello 2
  bridge_maxage 12
#WAN
 
auto vmbr1
iface vmbr1 inet manual
  bridge_ports tap0
  bridge_stp off
  bridge_fd 0
  bridge_maxwait 0
#VM internal

auto eth0
iface eth0 inet manual
  offload-rx  off
  offload-tx  off
  offload-sg  off
  offload-tso off

Ignore offload-* part if you dont have intel NIC, but if you do: install ethtool and use this conf.
And now you just add VM's to vmbr0 (ip rounting must be enabled!)
And yes, you need to add:
Code:
up ip route add 123.123.321.128/32 dev vmbr0
for every VM that you are using on this proxmox node.
I have failover IP's an automatic script that does this in case of vm start or migration (adds route in host, changes gateway in VM, reroutes IP using hetzner API).
 
I managed to resolve this and thought I would share the config that worked for me, i think this is all based on stuff out there, but I could find anything with it all ...

So this is based on a hetzner EX host with an additional /29 subnet.

NOTE: fake ips below.

Main IP = 123.123.123.321
GW from Hetzner = 123.123.123.322
Subnet 123.123.321.123/29 (5 usuable IPs, 123.123.321.124-8)

Built the server using heztner installimage in rescue mode, went with debian 9.5, default config, installed proxmox as per the Heztner guide on their site, and then editing the networking config as per below

##### Configuration of host server Ethernet Adapter IP #######
auto enp0s31f6 <---- this is the name of my Ethernet adapter, yours may be different, check with "ip link" from console
iface enp0s31f6 inet static
address 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
netmask 255.255.255.255 <----- different to welcome email subnet
gateway 95.216.7.129 <---- GW IP for server as per Hetzner welcome email
pointopoint 95.216.7.129 <---- GW IP for server as per Hetzner welcome email

##### Configuration of host server IP routes to allow for additonal subnet routing#######
auto vmbr0
iface vmbr0 inet static
address 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
netmask 255.255.255.255
bridge_ports none
bridge_stp off
bridge_fd 0
bridge_maxwait 0
up ip route add 123.123.321.124/32 dev vmbr0 <---- note the /32 not the /29 from the welcome email
up ip route add 123.123.321.125/32 dev vmbr0
up ip route add 123.123.321.126/32 dev vmbr0
up ip route add 123.123.321.127/32 dev vmbr0
up ip route add 123.123.321.128/32 dev vmbr0
###### finished #######

Next is building your VMs, i have done a couple but the principle is the same.

NOTE: this will not work with a live / netinstal as internet access is not available till post build (possibly not true as there is a possibility to jump out of installers to shell to add routes, but for now this assumes you can install without a working connection).

Ubuntu config
##### Ethernet Configuration ######
network:
version: 2
renderer: networkd
ethernets:
ens18: <---- this is the name of my Ethernet adapter in the VM, yours may be different, check with "ip link" from console
addresses: [123.123.321.124/32] <----- IP from subnet allocation that has a routing option set on host server, mask must be /32
gateway4: 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
routes:
- to: 0.0.0.0/0
via: 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
on-link: true
nameservers:
addresses: [8.8.8.8,8.8.4.4]
###### finished #######

Debian config
##### Ethernet Configuration ######
# The loopback network interface
auto lo
iface lo inet loopback

# ethernet
auto ens18 <---- this is the name of my Ethernet adapter, yours may be different, check with "ip link" from console
iface ens18 inet static
address 123.123.321.124 <----- IP from subnet allocation that has a routing option set on host server
netmask 255.255.255.255 <---- must be this and not the mask from the welcome email
pointopoint 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
gateway 123.123.123.321 <---- Main IP for server as per Hetzner welcome email
###### finished #######


I've also got this working with a Mikrotik Cloud Hosted Router, if anyone needs those CMDs to get the CHR going let me know.

I haven't figured IP6 yet ... TBH I dont know enough about it to try :( Anyone fancy helping ?

I hope this helps someone out there !

please can you share your config and settings for Proxmox and CHR. Thank you
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!