Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


SolusVM/KVM and Hetzner
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SolusVM/KVM and Hetzner

jhjh Member

A client of mine bought a Hetzner dedicated server and wants to set up KVM/SolusVM.

They have a /28 routed subnet with Hetzner's routing configuration.

So far, I have set up eth0:0 on the host with one IP from the subnet, and used that for br0. I then continued as normal. Unfortunately I have no connectivity within the VPS.

There isn't a whole lot of documentation on this, but I know some people have this working, so I thought I'd ask here.

«1

Comments

  • AmfyAmfy Member
    edited July 2013

    Already taken a look at pointopoint?

    By the way, there is a lot of documentation, you just need to know where to look :)
    ... http://wiki.hetzner.de/index.php/KVM_mit_Nutzung_aller_IPs_-_the_easy_way (yes, it's German, but the configs are the same anyway)

    And http://wiki.hetzner.de/index.php/KVM_mit_Nutzung_aller_IPs_aus_Subnetz

  • udkudk Member

    http://wiki.hetzner.de/index.php/KVM/en

    That helped me when I was a hetzner customer.

    Thanked by 1PrestigeWS
  • LeeLee Veteran

    @Amfy said:

    it's German, but the configs are the same anyway)

    Only until you click "English", Tada!

  • @W1V_Lee said:

    You need to give them credits for that, their translations are pretty good. (Atleast much better than OVH)

  • jhjh Member
    edited July 2013

    Thanks, everyone. I've tried to emulate the guides in a CentOS environment (not bothered about losing 2 IPs). Here is what I have so far:

    Host node ifcfg-eth0:

    DEVICE=eth0 BOOTPROTO=none ONBOOT=yes HWADDR=d4:3d:7e:d6:c7:6d BRIDGE=br0

    Host node ifcfg-br0:

    DEVICE="br0" TYPE=Bridge ONBOOT="yes" BOOTPROTO="static" IPADDR=144.XX.XX.240 NETMASK=255.255.255.255 SCOPE="peer 144.XX.XX.225"

    VM ifcfg-eth0:

    DEVICE=eth0 BOOTPROTO=static ONBOOT=yes IPADDR="78.XX.XX.174" GATEWAY="144.XX.XX.240" NETMASK=255.255.255.255 SCOPE="peer 144.XX.XX.240"

    And not working.. Can anyone suggest improvements?

  • prometeusprometeus Member, Host Rep

    ip forwarding enabled?

    also are you able to ping the host?

    tried to setup the bridge with some private addresses just to see if it works?

  • jhjh Member

    ip forwarding enabled?

    Yes

    also are you able to ping the host?

    No

    tried to setup the bridge with some private addresses just to see if it works?

    Not yet. I'll give it a go in a moment but I'm sure this is a config issue.

  • prometeusprometeus Member, Host Rep
    edited July 2013

    brctl show

    the vm is on the right bridge?

    iptables disabled? selinux too?

  • jhjh Member

    [root@CentOS-64-64-minimal network-scripts]# brctl show bridge name bridge id STP enabled interfaces br0 8000.d43d7ed6c76d no eth0 kvm101.0 virbr0 8000.525400519e06 yes virbr0-nic

    Yes, it's on the right bridge. Iptables is disabled and so is selinux.

  • prometeusprometeus Member, Host Rep
    edited July 2013

    so if you add a private alias to the br0 (host) and the eth0 (vm) you should be able to ping both side

    And while you are at it check also ebtables...

  • AlexanderMAlexanderM Member, Top Host, Host Rep

    bridge's don't work with Hetzer (By looking at WHT)

  • InfinityInfinity Member, Host Rep

    @AlexanderM said:
    bridge's don't work with Hetzer (By looking at WHT)

    http://www.lowendbox.com/blog/primahost-7-monthly-512mb-kvm-in-falkenstein-germany/

    Mmm, I guess they must do.

  • fislefisle Member
    edited July 2013

    I manage hetzner dedi with /29 subnet, KVM also.
    Don't know if it helps but.. here's how it works in Debian for me.

    A.B.C.D = your eth0 IPv4 address

    1.2.3.4 = your eth0 netmask

    B.C.D.E = your IPv4 address for new guest

    host node:

    auto br0 iface br0 inet static address A.B.C.D netmask 1.2.3.4 bridge_ports none bridge_stp off bridge_fd 0 bridge_maxwait 0 up route add -host B.C.D.E dev br0

    debian guest:

    auto eth0 iface eth0 inet static address B.C.D.E netmask 255.255.255.255 gateway A.B.C.D pointopoint A.B.C.D

    I have this config for CentOS guests in my private Wiki, not sure if it works, havent tried:

    DEVICE=eth0 ONBOOT=yes BOOTPROTO="static" IPADDR=<Addon IP> NETMASK=255.255.255.255 GATEWAY=<Main IP> SCOPE="peer <Main IP>"

    EDIT: Maybe you need a route to guest? Last line of my host node config. Just a guess.

  • I'm use hetzner dedi with SolusVM/KVM.

    I have 3 configs:
    ifcfg-br0
    ifcfg-br0:1
    ifcfg-eth0
    route-br0

    ifcfg-br0
    DEVICE=br0
    TYPE=Bridge
    BOOTPROTO=none
    IPADDR=176.91.138.210 - main IP
    NETMASK=255.255.255.255
    SCOPE="peer 176.91.138.193" - gateway IP
    ONBOOT=yes
    DELAY=0
    IPV6INIT=yes
    IPV6ADDR=2a01:41f8:1510:44c4::2/64 - main IPv6
    IPV6_DEFAULTGW=fe80::1
    IPV6_DEFAULTDEV=br0

    ifcfg-br0:1
    DEVICE=br0:1
    TYPE=Bridge
    BOOTPROTO=static
    IPADDR=78.147.61.97 - second IP from /28 network
    NETMASK=255.255.255.224
    ONBOOT=yes
    DELAY=0
    STP=off

    ifcfg-eth0
    DEVICE=eth0
    BOOTPROTO=none
    ONBOOT=yes
    HWADDR=14:DB:E9:EF:67:77 - MAC for main IP
    BRIDGE=br0
    ETHTOOL_OPTS="speed 100 duplex full autoneg off"

    route-br0
    ADDRESS0=0.0.0.0
    NETMASK0=0.0.0.0
    GATEWAY0=176.9.38.193

    And you shoul place file 10-no-icmp-redirects.conf in /etc/sysctl.d
    10-no-icmp-redirects.conf
    net.ipv4.conf.all.send_redirects=0
    net.ipv4.conf.default.send_redirects=0
    net.ipv4.conf.br0.send_redirects=0
    net.ipv4.conf.virbr0.send_redirects=0

    Thanked by 1ndelaespada
  • Hi,

    Thanks for the above info, I was able to get BR0 running but for some reason I keep getting this error when I try and add the second one.

    Shutting down interface br0: [ OK ]
    Shutting down interface eth0: [ OK ]
    Shutting down loopback interface: [ OK ]
    Bringing up loopback interface: [ OK ]
    Bringing up interface eth0: [ OK ]
    Bringing up interface br0: error in ifcfg-br0:2: invalid alias number

    Thanks,
    Danny

  • Hi, remember that Hetzner uses a brouter approach, it's a routed subnet instead of a bridged subnet as commonly are configured for SolusVM on other networks.

    Their routers must see your main interface's mac address come with your subnet traffic, otherwise
    it is discarded.

    About the ifcfg-br0:2 error check that the file name and the DEVICE= configuration (in CentOS/RH) are the same.

    Good luck !

  • I dont know if they use a VLAN setup or Route all ips to the server ip.

    If they route the ip's to the server ip then you have to run a brouted configuration for xen/kvm

    Routed (brouter)
    In this type of configuration, the packets are routed. This requires the setting up of an additional bridge with almost the same configuration (without gateway) as "eth0".
    Host:

    /etc/sysconfig/network-scripts/ifcfg-eth0

    DEVICE=eth0
    ONBOOT=yes
    BOOTPROTO=none
    IPADDR=


    IPV6INIT=yes
    IPV6ADDR=2a01:4f8:XXX:YYYY::2/128
    IPV6_DEFAULTGW=fe80::1
    IPV6_DEFAULTDEV=eth0
    NETMASK=255.255.255.255
    SCOPE="peer "

    /etc/sysconfig/network-scripts/ifcfg-br0

    DEVICE=br0
    ONBOOT=yes
    TYPE="Bridge"
    BOOTPROTO=static
    IPADDR=


    NETMASK=255.255.255.255
    IPV6INIT=yes
    IPV6ADDR=2a01:4f8:XXX:YYYY::2/64
    STP=off
    DELAY=0
    The "eth0" configuration remains for IPv4 unchanged. The prefix for IPv6 is reduced from /64 to /128. Setup for the host route for the additional IPv4 addresses takes place via an additional configuration file:

    /etc/sysconfig/network-scripts/routes-br0

    ADDRESS0=
    NETMASK0=255.255.255.255

    as per there wiki

  • I had a similer issue recently not with a /28 though. With the fail over ip's you have to generate a virtual Mac address and add it to your kvm config.

  • ngstargate is a hero! He managed to get this working, the actual issue I posted above was because I did not use Putty to amend the BR0:2 file. Now working a charm!

    Thanked by 1ngstargate
  • Thanks !!! Its working now,

  • ngstargate or any other let me know the to configure a subnet /28 in the hetzner DC. We just route the subnet IP's via bridge interface.

  • rskrsk Member, Patron Provider

    Just a quick skim, this thread has been revived in 2013, 2015, and 2016 ...

    Thanked by 1Lunar
  • I have configured a bridge br0 from eth0 and routed the subnet /28 via br0.

    Do we need to configure another bridge for it like br0:1 for routing the IP in subnet /28.

  • We are receiving abuse report from hetzner for using unassigned mac when having the above setup. Is there any way to resolve it.

  • make sure to have your correct MAC address set with HWADDR= and don't copy'n'paste thingswithout adapting. best way probably is to get someone setting things up for you even if that cost you a few bucks.

  • we didn't change the mac id which is assigned for the eth. As we are using KVM virtulization each vps must use mac. They are mentioning mac which is not allowed to use on there network.

  • we didn't change the mac id which is assigned for the eth. As we are using KVM virtulization each vps must use mac. They are mentioning mac which is not allowed to use on there network.

  • I was referring to you talking about

    ping4support said: having the above setup

    which includes something like:

    ifcfg-eth0
    DEVICE=eth0
    BOOTPROTO=none
    ONBOOT=yes
    HWADDR=**14:DB:E9:EF:67:77**
    BRIDGE=br0
    ETHTOOL_OPTS="speed 100 duplex full autoneg off"
    

    so if you simply copied those settings you might have copied the whole line HWADDR= which may give a MAC address for eth0 and if you haven't changed that accordingly to your real MAC it may result in your network trying to use a wrong one which hetzner routers filter for sure.

    I am not that much into centos so can't help a lot with that, but there is a hetzner wiki explaining how to simply add additional IPs or a whole subnet to your server:

    https://wiki.hetzner.de/index.php/Netzkonfiguration_CentOS/en

  • I recommend using ProxMox.

  • ping4supportping4support Member
    edited October 2016

    I have configured the bridge in the server successfully and It is working. But we are facing mac issue with the secondary range 148.xx.xx.xx / 29..

    Please have a check our below configuration.

    ======================

    ifcfg-eth0

    DEVICE=eth0
    ONBOOT=yes
    HWADDR=00:1E:67:00:1E:67
    BOOTPROTO=none
    IPADDR=148.xx.xx.14
    NETMASK=255.255.255.255
    IPV6INIT=yes
    #IPV6_DEFAULTGW=fe80::1
    #IPV6_DEFAULTDEV=eth0
    NM_CONTROLLED=yes
    BROADCAST=148.xx.xx.31
    BRIDGE=br0

    ifcfg-br0

    DEVICE=br0
    TYPE=Bridge
    ONBOOT=yes
    #HWADDR=00:1E:67:00:1E:67
    BOOTPROTO=none
    IPADDR=148.xxx.xxx.14
    NETMASK=255.255.255.255
    SCOPE="peer 148.xxx.xxx.1"
    DELAY=0

    =========================

    I also moved route-eth0 to route-br0.

    secondary IP range details,

    ================
    Gateway:148.xxx.xxx.14
    Netmask: 255.255.255.248

    Broadcast:148.xxx.xxx.23

    `

    And routed the subnet via br0 using below command.

    route add -host 148.xxx.xxx.xx dev br0

    It is working fine for me.

    Now the issue is with the MAC the hetzner is say that we are using unauthorized mac in our servers. As we are using solusvm+kvm so the vps need mac. Please any one help on it.

Sign In or Register to comment.