Hetzner - DokuWiki

Netzkonfiguration Debian/en
Zeile 95: Zeile 95:
 
== Additional IP Addresses  ==
 
== Additional IP Addresses  ==
  
Alle alten Serverpakete der DS-Serie enthalten ein /29-Subnetz, dass 6 weitere Adressen beinhaltet. Dieses Netz schließt sich nicht direkt an die Hauptadresse an, sondern muss im Hetzner-Robot beantragt werden.
+
The old DS servers included a /29 subnet. For our new EQ/EX Server you can order up to 4 additional IPs. The network configuration is quite similar.
  
Neue Server der EQ-Serie erhalten auf Antrag vier einzelne IP-Adressen. Die Konfiguration erfolgt jedoch auf die gleiche Weise:
+
In order to use the additional addresses on the server you will need the package "iproute" and "ip". Configurations with alias interfaces like (eth0:1, eth0:2 etc.) are outdated and should not be used. To add an address please run:
 
+
Um die zusätzlichen Adressen auf dem Server zu nutzen, wird das Paket "iproute" mit dem Dienstprogramm "ip" benötigt. Konfigurationen mit Alias-Schnittstellen (eth0:1, eth0:2 etc.) sind veraltet und sollten keine Verwendung mehr finden. Um eine Adresse hinzuzufügen, genügt das folgende Kommando:
+
  
 
  ip addr add 10.4.2.1/32 dev eth0
 
  ip addr add 10.4.2.1/32 dev eth0
  
Der Befehl "ip addr" zeigt die momentan aktiven IP-Adressen an. Da das Subnetz dem Server exklusiv zur Verfügung steht, ist es auch hier sinnvoll, die Adressen mit der Präfixlänge /32, also der Subnetzmaske 255.255.255.255 hinzuzufügen.
+
The command "ip addr" shows the currently active IP addresses. Because the server uses the entire subnet it's useful to add the addresses with the prefix /32 which means subnet mask is 255.255.255.255
  
Leider bieten die Konfigurationsmechanismen der Debian-Distriution keine Möglichkeit, mehrere IP-Adressen in der Datei "/etc/network/interfaces" zu hinterlegen. Diese Problem kann manuell oder mit einem speziellen Skript umgangen werden:
+
Unfortunately the configuration mechanisms of Debian doesn't allow to save more than one IP in the file "/etc/network/interfaces". This problem can be bypassed manually.
  
 
=== Manual Configuration ===
 
=== Manual Configuration ===

Version vom 7. Dezember 2011, 15:52 Uhr

Please note: It is not permitted, in addition to the main IP received by Hetzner simply use any neighbour IP as an additional IP address. If you would like to order additional IP addresses or an additional subnet please send us a request via https://www.hetzner.de/robot

Inhaltsverzeichnis

Main IP Address

IPv4

The main IP of a Hetzner root server is usually located in a /27 or /26 subnet. In order to prevent an accidental use of a foreign IP address our infrastructure rejects any Ethernet packets that are not addressed to the gateway address. In order to reach any server in the same subnet our standard images have already a static route in their network configuration. The static route forwards the entire traffic to the gateway instead of sending it directly to the neighbour server.

This is not the best solution because of duplicate and inconsistent information appearing in the routing table. A better way to reach a server in your subnet is to set the netmast to 255.255.255.255 (/32). The server assumes it's alone in that subnet and won't send any packets directly. However, now you need an explicit host route to the gateway. This is very easy with Debian, by adding the option "pointopoint 192.168.0.1" in the Configuration. Please change "192.168.0.1" to the valid IP address of your gateway.

## /etc/network/interfaces example Hetzner root server
# Loopback-Adapter
auto lo
iface lo inet loopback
# LAN interface
auto eth0
iface eth0 inet static
  # Main IP address of the server
  address 192.168.0.250
  # Netmask 255.255.255.255 (/32) independent from the
  # real subnet size (e.g. /27)
  netmask 255.255.255.255
  # explicit host route to the gateway
  gateway 192.168.0.1
  pointopoint 192.168.0.1

The additional route to the gateway is no longer necessary.

IPv6

The above mentioned principle applies to IPv6 as well. Instead of a single main IP you get a /64 subnet and instead of a /27 subnet your server is located in a /59 subnet. A direct communication within the /59 subnet is not possible and is discarded by the switch. Therefore, the entire traffic including your own subnet has to be forwarded to the gateway.

There is no "pointopoint" setting in IPv6. Please use "pre-up" to set the route to the gateway manually.

For example:

  • Address: 2a01:4f8:61:20e1::2 untill 2a01:4f8:61:20e1:ffff:ffff:ffff:ffff
  • We use the first address from there: 2a01:4f8:61:20e1::2
  • Gateway: 2a01:4f8:61:20e0::1
## /etc/network/interfaces example Hetzner root server
# Loopback-Adapter
auto lo
iface lo inet loopback
# IPv6 LAN
auto eth0
iface eth0 inet6 static
  # Main IPv6 Address of the server
  address 2a01:4f8:61:20e1::2
  netmask 64
  # Host Route, because the gateway is outside of the /64 subnet
  up ip -6 route add 2a01:4f8:61:20e0::1 dev eth0
  # Host Route, because the gateway is outside of the /64 subnet
  down ip -6 route del 2a01:4f8:61:20e0::1 dev eth0
  # Default Route
  up ip -6 route add default via 2a01:4f8:61:20e0::1 dev eth0
  down ip -6 route del default via 2a01:4f8:61:20e0::1 dev eth0

IPv4 + IPv6

Usually you can use both IPv4 and IPv6. You can join both configuration files together and omit duplicate entries

## /etc/network/interfaces example Hetzner root server
# Loopback-Adapter
auto lo
iface lo inet loopback
# LAN interface
auto eth0
iface eth0 inet static
  # Main IP address of the server
  address 192.168.0.250
  # Netmask 255.255.255.255 (/32) independent from the
  # real subnet size (e.g. /27)
  netmask 255.255.255.255
  # explicit host route to the gateway
  gateway 192.168.0.1
  pointopoint 192.168.0.1
iface eth0 inet6 static
  # Main IPv6 Address of the server
  address 2a01:4f8:61:20e1::2
  netmask 64
  # Host Route, because the gateway is outside of the /64 subnet
  up ip -6 route add 2a01:4f8:61:20e0::1 dev eth0
  # Host Route, because the gateway is outside of the /64 subnet
  down ip -6 route del 2a01:4f8:61:20e0::1 dev eth0
  # Default Route
  up ip -6 route add default via 2a01:4f8:61:20e0::1 dev eth0
  down ip -6 route del default via 2a01:4f8:61:20e0::1 dev eth0

Additional IP Addresses

The old DS servers included a /29 subnet. For our new EQ/EX Server you can order up to 4 additional IPs. The network configuration is quite similar.

In order to use the additional addresses on the server you will need the package "iproute" and "ip". Configurations with alias interfaces like (eth0:1, eth0:2 etc.) are outdated and should not be used. To add an address please run:

ip addr add 10.4.2.1/32 dev eth0

The command "ip addr" shows the currently active IP addresses. Because the server uses the entire subnet it's useful to add the addresses with the prefix /32 which means subnet mask is 255.255.255.255

Unfortunately the configuration mechanisms of Debian doesn't allow to save more than one IP in the file "/etc/network/interfaces". This problem can be bypassed manually.

Manual Configuration

In der /etc/network/interfaces werden unter dem entsprechenden Interface (hier eth0) die folgenden beiden Zeilen eingefügt:

  up ip addr add 10.4.2.1/32 dev eth0
  down ip addr del 10.4.2.1/32 dev eth0

up und down erwarten einfach eine Zeile Shell-Code und könnnen für mehrere Adressen wiederholt vorkommen. Der Nachteil: sowohl Schnittstellenname als auch die einzustellende Adresse müssen jeweils zwei mal aufgeführt werden, bei einer größeren Anzahl Adressen wird die Konfiguration daher unübersichtlich und fehleranfällig; ändern sich die Daten, müssen alle Einträge angepasst werden.



© 2020. Hetzner Online GmbH. Alle Rechte vorbehalten.