just trolling
But Hetzner is the only hosting provider with such l2 crap network without filtering in known in the world.
(personnaly, I'll use a routed setup if I was hosting at hetzner)
On another Note, as soon as I enable "Outbound NAT" on OPNSense using one of the Additional IPv4 Addresses, everything breaks down
.
It seems Inbound (Port-forwarding) NAT works correctly with the Additional IPs (configured in OPNSense -> Interfaces -> Virtual IPs), but for Outbound NAT it doesn't appear that they can be used . Even when forcing to use the same gateway etc.
So basically I will always have the same Public (Primary) IPv4 address in every Container in the OPNsense DMZ/LAN
.
Something is off ... Since this is a Bridge Configuration for IPv4, it's a bit weird that I would need static Routes .
But there is definitively some Outbound Traffic Issue. I cannot ping anything OUT of each VM in the OPNSense DMZ/LAN, but I have no problem accessing HTTPS Webserver or SSH running in that same VM.
EDIT 1: Weird, it seems that only the Main and First 2 Additional IPv4 Addresses are working Outbound. Could it be there is some Routing Issue at Hetzner and their Switch needs to learn (i.e. it takes a bit of time) ? The last 2 Additional IPv4 Addresses are NOT working with Outbound NAT ...
EDIT 2: I forgot to add the new IPs to the Allowed IPset for the OPNSense VM
. Not it works correctly.
