New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Hetzner IP prices increase - workaround?
Hello LET,
I have seen Hetzner have a special offer where there are no setup fees on some of their AX-Line.
However, since their IP prices are laughably expensive I cannot afford them.
I wanted to ask if there is a way with which I can get ipv4 addresses and connect them to the Hetzner setup via tunneling of sorts, perhaps using their IPv6 ip addresses.
This project is intended for personal use and I have no intention of selling VPSs from this setup as I understand they can be unreliable at times.
Any input on my question will be appreciated.
Comments
Just go with a provider that offers overall setup that you can afford.
accually vps from ovh might be the first option (the latency tho) or Colo a whole rack and sell IPs which you will get from bgp (low latency bc of the same datacenter)
Workaround?
Don’t use Hetzner.
But how do I redirect traffic to and from hetzner?
tunnel or wireguard
For a personal setup you shouldn't even need multiple IPv4 addresses. Set up a reverse proxy on one, and use IPv6 internally.
Or explain why you need IPv4 anyway, so we could think about other solutions better.
Can you not BYOIP at hetzner?
Will wireguard allow to "bind" an ipv4 to ipv6?
Personal VPSs
How can I buy IPs for that? I don't think people sell less then /24
No you can't, only with their colocation services.
Well, without further details... You know there are NAT VPSes sometimes sold here which share a common IPv4 for outgoing connections and for incoming get several forwarded ports from that -- you could just run the same.
Choose ovh instead of hetzner. But I bet that ovh also will increase ip pricing based on "increasing shortage".
If you only use HTTP stuff Cloudflare with IPv6 works perfectly. Nowdays I use IPv4 for mail servers only..
https://support.cloudflare.com/hc/en-us/articles/200169156-Identifying-network-ports-compatible-with-Cloudflare-s-proxy
That isn't what was being asked and you know it. If we don't know what you are intending to run in those VPSs we can't provide options that aren't based on guesswork. If you want people to help you, help them to help you by providing useful information.
As my guesses:
If you don't need others to access them, then (assuming you have IPv6 connectivity everywhere that you intend to access the VPSs from) use IPv6: https://docs.hetzner.com/robot/dedicated-server/ip/additional-ip-adresses/
If you need HTTP(S) into them via IPv4 for yourself or others, use a reverse proxy setup (caddy, nginx, ...) to forward connections into the VMs/containers. If you need SSH access to them, use the bare metal as a bastion/gateway (SSH into that, then on to the VM/container's internal address) or have each listen on a different port (like NAT based hosts do, though I prefer the first option for setups where you control the host server) or setup a VPN (wireguard, OpenVPN) for administrative access to the local subnet (the better of the three options if you have access to install the VPN client everywhere you need access from and don't need to use networks that block outgoing VPN access).
It seems Cloudflare Tunnel doesn't work with IPv6 only.
Need to download files from github to install.
Connect to their IPv4 servers.
How can I know it exactly? I am gonna make personal VPSs for me for various projects. I do need others to access them. No, they are not for DDOS / mining / whatever illegal use there may be.
I don't have IPv6 from my ISP so just sticking to IPv6 will not work. I will use other protocols then IPv6, I don't want to rely on NAT and port forwarding.
OVH's servers are a lot more expensive then Hetzner's offering, that why I am trying to stick with them
You did not consider the price of their server with IP address..
by now it should be clear hetzner is automatically filtering such setups. feel free to complain whatever but they couldnt have done this without due considerations.
You don't have to know exactly. But give what information you do know instead of having people guess and end up suggesting solutions that won't work.
See: useful details that you did know but didn't provide, that will help people help you by not suggesting things that are of no use to you.
What made you think I might have been suggesting otherwise?
What you could do,
please communicate with said provider because you can cause hell on earth with this method, mac filtering may be applied. Basically you lay a wire through cheap provider back to hetzner on layer 2 (one layer above the physical!)
It can also be done with Layer 3 easier but layer 2 would be transparent and not visible in traceroutes
How many IP's do you need?
Thank you!
When you are referring to communicated to the provider do you mean the VPS provider or Hetzner?
Layer 2 relays sounds like a good options. How can I setup this method? Can you send a guide / point me in a direction?
Not sure yet.
Can you not use hetzner cloud vm and use that to wireguard your traffic?
Why would you need more than 1 ip for PERSONAL VPS?
I haven't heard a good reason for multiple v4 addresses yet. Install Proxmox or something to manage your personal VMs, configure NAT so each VM gets an internal v4 address + public v6, then use some combination of iptables, HAProxy or nginx to forward/proxy requests from host v4 to internal v4.
In wireguard example you can configure it on a VM and then port forward 51820 from the host v4 address to the internal IP of wireguard VM.
Websites you can run in their own VMs with public v6 and either have haproxy/nginx on the host to handle v4 requests back to internal IP on VMs - or use cloudflare/some other CDN that can sit in front and forward queries from v4 users back to a v6 origin.
I wouldn't agree here; Any tunnel will add overhead; with MTU of 1500 you won't be able to pass on 1500b frames. Negotiating lower MTU won't work in L2.
Any large packet will need to be fragmented and assembled affecting performance (and potentially causing issues when DDoS protection is enabled).
Just install zerotier or another VPN that is dual stack.
It takes effort to properly do it but it's certainly possible.
Thank you for your answer!
I think its the best solution so I am trying to go with it.
I am trying to look for instructions as to how to configure this dual stack network (nat ipv4 + public ipv6) but I cannot find any guides on Hetzner that doesn't use either additional ips or subnets for ipv4
The problem is that as far as I know vpss are not supposed to have MAC addresses to the VPSs, while proxmox does it automatically
Do you have experience with such setup or can refer me to a place to start?
Instead of paying 40+ for the server and then looking for long setup
Why don’t you just get 8vps from hetzner with the same price and each has it’s own ipv4 ?!
Or are you reselling?!