VyOS & Hetzner Cloud

Mr_Funken · June 24, 2019, 9:28am

Hey,

I currently try to install vyos on a hetzner cloud instance.
However, as they’re doing some pretty special network stuff I’m a bit confused and don’t really know how I should configure the network on vyos.

On a preconfigured Debian system the network config looks like that

Interface Config

root@test:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 96:00:00:29:3c:8c brd ff:ff:ff:ff:ff:ff
    inet 116.203.88.148/32 brd 116.203.88.148 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2a01:4f8:c2c:8306::1/64 scope global deprecated 
       valid_lft forever preferred_lft 0sec
    inet6 fe80::9400:ff:fe29:3c8c/64 scope link 
       valid_lft forever preferred_lft forever

IPv4 Routes

root@test:~# ip route
default via 172.31.1.1 dev eth0 
172.31.1.1 dev eth0 scope link

IPv6 Routes

root@test:~# ip -6 route
2a01:4f8:c2c:8306::/64 dev eth0 proto kernel metric 256  pref medium
fe80::/64 dev eth0 proto kernel metric 256  pref medium
default via fe80::1 dev eth0 metric 1024  pref medium

They also have a “documentation” for custom iso installs, however, at the moment it seems not very helpful for me
https://wiki.hetzner.de/index.php/Cloud_ISO_Installation_Gateway/en

I already tried to setup an interface-route to 172.31.1.1 via eth0 and then a default route via 172.31.1.1, but that seems not to work

16again · June 24, 2019, 11:35am

Do you get an IPv4 dhcp address to begin with?

Mr_Funken · June 24, 2019, 11:48am

Yes,
if I enable DHCP on the interface I get an IP address.
However, it seems to be just an /32 assignment of the public IP. (for the example above, it will be
116.203.88.148/32)

16again · June 24, 2019, 6:51pm

That /32 address seems OK. (….at least for this ISP)

The routes you are fine too.

Does 172.31.1.1 end up in your ARP table?
And what’s the output of “sudo ip route show”

And finally, what’s the output while pinging 8.8.8.8 from command:

sudo tcpdump -I eth0 -n -v

Chris735 · July 1, 2019, 8:03pm

I also set up a VyOS router on Hetzner Cloud and I have the same issues. As routes I added an interface route for 172.31.1.1 for eth0 and a default route pointing to 172.31.1.1.

I can ping 172.31.1.1 and I can see it in the ARP. But pinging any other host (like 8.8.8.8) isn’t possible.
The ping only tells me “Destination Host Unreachable”

When I do a tcpdump while pinging it looks like that:

Chris735 · July 2, 2019, 8:27am

I found the solution.

sudo ip route add 172.31.1.1/32 eth0
sudo ip route add default via 172.31.1.1

It doesn’t seem to work with the VyOS CLI, so you have to do it that way.
And put the commands in the bootup script otherwise they just vanish after a reboot.
It’s located in /config/scripts/vyatta-postconfig-bootup.script

kevin_pf · July 16, 2022, 12:45am

For those looking for a solution after me, the following will do the trick:

set protocols static route 172.31.1.1/32 interface eth0
set protocols static route 0.0.0.0/0 next-hop 172.31.1.1