virtualizor_logo
Virtualizor
Get Virtualizor

Hetzner Network

Overview

This article will explain you if you have server from Hetzner then how you can config the network related setting or IP Pools on the Virtualizor panel.

Hetzner Additional IPs

If you have additional IPs from the Hetzner. So please follow this steps to config or create ip pool on the virtualizor panel. Please go to Virtualizor Admin Panel -> IP Pool -> Create IP Pool and the following fields in the Create IP Pool form have to be filled as below:

  • Gateway : Use Gateway same as provided by Hetzner.
  • Netmask : Use netmask of the IP same as provided by Hetzner.
  • Routed : Please check on 'Use routed network' option.
  • Adding ip : Add ips along with Mac generated from Hetzner panel.

Note

OpenVZ containers do not require mac for the ips.
Using Multiple IPs in a vps will not be possible since Hetzner does not provides option to generate same MAC for multiple IPs.
Having same MAC generated would be required since Virtualizor will add the IPs as alias on eth0 within vps.
Additional_IPs

Hetzner Subnet/IP Range

If you have Subnetted IPs from the Hetzner. So please follow this steps to config or create ip pool on the virtualizor panel.
Please go to Virtualizor Admin Panel -> IP Pool -> Create IP Pool and the following fields in the Create IP Pool form have to be filled as below:

  • Gateway : This will be first Ip of the usable range assigned to you.
Note

You cannot use that gateway ip in vps.

  • Netmask : Use the same as provided by Hetzner.
  • NAT: Please check on Enable NAT option .
  • Adding ip : Please add ip range to the pool .
Hetzner-Subnet

Proxmox Servers

Since NAT Pool is not supported in case of Proxmox , you will need to create NAT Bridge manually on it. You can follow the below steps for the same :

Modify the file : /etc/network/interfaces and create bridge (Eg : vmbr0) manually and assign it the Subnet that has been allocated by the data center.

In the below example , Server IP is 192.168.1.10 and the Subnets allocated by data center are 192.168.24.48/28 and 192.168.25.48/28

auto lo
iface lo inet loopback

iface lo inet6 loopback

auto eth0
iface eth0 inet static
        address 192.168.1.10/26
        gateway 192.168.1.2
        up route add -net 192.168.1.1 netmask 255.255.255.192 gw 192.168.1.1 dev eth0

iface eth1 inet manual

iface eth2 inet manual

#This bridge is for subnet 192.168.24.48/28
#Use 1st IP from the usable range , i.e 192.168.24.49
auto vmbr0
iface vmbr0 inet static
        address 192.168.24.49/28
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '192.168.24.49/28' -o vmbr0 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.24.49/28' -o vmbr0 -j MASQUERADE

#This Bridge is for subnet 192.168.25.48/28 (If you've purchased 2nd subnets from them, You will need to create another bridge for 2nd subnet as well)
#Use 1st IP from the usable range , i.e 192.168.25.49
auto vmbr1
iface vmbr1 inet static
        address 192.168.25.49/28
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        mtu 1500
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up iptables -t nat -A POSTROUTING -s '192.168.25.49/28' -o vmbr1 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.25.49/28' -o vmbr1 -j MASQUERADE

We are almost setup now. Just make sure everything is correct before you restart the network. After that restart the network :

# ifup vmbr0

Once bridge is created and you're able to ping it , you can create IP Pool on Virtualizor panel with the below network settings :

  • Gateway : IP of the Subnet / Bridge created earlier in the above step.
  • Netmask : Should be given by the data center.
  • Vlan : Please check on Enable VLAN option.
  • Bridge name : The name of the bridge you've created above. Example : vmbr0

Note

Please confirm from your Data center once if such network setup is not going causing any external MAC usage issues.
Using Multiple IPs in a vps from other IP pools with different gateways will not be possible.

Troubleshooting
Note

Single IPs cannot be added to Nat IP pool. Only a range of IPs can be added while creating the Pool.
The list of usable IPs are provided by Hetzner.
NAT Pool option on panel is not supported for Proxmox servers.
Vps/Bridge start issue

A Nat bridge is created after NAT ip pool is added from panel.
Its config file will reside under /etc/libvirt/qemu/networks/ directory
If NAT bridge is not started and its giving these errors on panel while starting vps :

The VPS failed to start
error: Failed to create domain from /etc/libvirt/qemu/v1001.xml
error: Requested operation is not valid: network 'natbr1' is not active

Then you can try starting the bridge :

virsh net-start natbr1

Once its started you can set it to auto start :

virsh net-autostart natbr1

If net-start command fails with this error :

virsh net-start natbr1
setlocale: No such file or directory
error: Failed to start network natbr1
error: The name org.fedoraproject.FirewallD1 was not provided by any .service files

Then you will need to start firewalld service as well :

service firewalld start

And also add our ports to avoid issues :

firewall-cmd --zone=public --permanent --add-port=4081-4085/tcp
firewall-cmd --zone=public --permanent --add-port=5900-6000/tcp (vnc ports can go higher than 6000 ranges as well)
firewall-cmd --reload

After starting firewalld, you can try to start NAT bridge again.

Bridge failing to start

If NAT bridge is not started and it's giving these errors :
For ubuntu 22.04 and above

virsh net-start natbr0
error: Failed to start network natbr0
error: Cannot check dnsmasq binary /usr/sbin/dnsmasq: No such file or directory

You can install the package "dnsmasq-base" on server.

apt install dnsmasq-base
Outgoing ip for vps

If the outgoing ip for vps is not shown as expected and it shows as server's ip then you will need to add a firewall in iptables :

root@host ~ # iptables -S -t nat

-P PREROUTING ACCEPT

-P INPUT ACCEPT

-P OUTPUT ACCEPT

-P POSTROUTING ACCEPT

-A POSTROUTING -s My-IP/27 -o Bridge-name -j MASQUERADE //This one needs to be removed

root@host~ # iptables -t nat -D  POSTROUTING -s My-IP/27 -o Bridge-name -j MASQUERADE

Where, PUBLIC_IF is the NAT bridge name listed in virsh net-list command.

Also comment any un-wanted NAT rule added for viifbr0 in /etc/sysconfig/iptables file and then service iptables restart

Hetzner IPv6

Add IPv6 Address

Before adding IP Pool for IPv6 please make sure you have already configure the ipv6 address on your Host Server with bridge viifbr0.

Now please go to Virtualizor Admin Panel -> IP Pool -> Create IP Pool and the following fields in the Create IP Pool form have to be filled as below:

  • Gateway : Use the IP which was configured for the server.
  • Netmask : Use netmask of the IP same as provided by Hetzner.
  • Routed : Please check on 'Use routed network' option.
  • Generate IPv6 : Please enter each octect of your ipv6 to generate the ipv6 address.
Ipv6

Add IPv6 Subnets

To generate or in order to create IPv6 Subnets you need to have an IPv6 IP Pool.

Now that you have an IPv6 IP Pool, Which we have created in previous steps now we can generate the subnets.
To do so go to Virtualizor Admin Panel -> IP Pool -> Add IPv6 Subnets. Fill in the details accordingly and the following is a screenshot of the wizard :

IPv6_subnet
    Was this page helpful?
    Yes No
    Open Modal Box
    Newsletter Subscription
    Subscribing you to the mailing list