How does BGP sessions work? I need help with them.
I'm thinking about doing BGP session to use a few rented /24 subnets from IPXO with my Hetzner dedicated servers rather than buying directly from Hetzner (because it's 4.3x cheaper). I heard this is possible with BGP session thingy.
What I'm wondering is that if it would be possible to distribute 3 /24 subnets across 10 dedicated servers from Hetzner on demand. So any dedicated can have any number of IPs from the subnets rather than specific subnets (such as /25, /26 etc) per server. Because it's not certain how many IPs a dedicated will use. Also I might add more /24 subnets and more dedicated servers in the future so I should be able to expand this pool of IPs when necessary.
I will use VirtFusion for virtualization.
Can anyone help me with this?
Hetzner only offers BGP sessions on their colocation plans.
You'd have to either obtain the subnets directly from Hetzner or announce them with a different provider/ use BGP and tunnel them to Hetzner.
I wouldn't use that in production, however.
So your best bet is most likely a different provider which supports BYOIP / BGP
Why wouldn't you use that in production?
I’d assume added network complexity (additional hop) and added latency especially if that “different provider” is farther away.
Technically I’ll use a Frankfurt location for BGP and servers are located in Falkenstein and Helsinki. So there shouldn’t be much latency.
Latency is the least important thing for our use case anyway. We can even route from ASIA, US or AU to EU (I don’t know if that’s technically possible) and still be fine. That’s how much latency doesn’t matter for us. We’re not reselling hosting or something like that.
I’m not sure about hop thingy though.
hetzner itself does not support, you can buy some vps in some providers that support bgp session and then assign the ip to your hetzner server by way of tunnel
That’s what I’ll do. I was just wondering if creating a pool of IPs is possible rather than routing certain subnets to certain dedicateds.
I’ll probably use Melbicom for BGP.
Just consider that if you're routing all traffic through one single point, you have a single point of failure and you need to have a generous bandwidth allowance.
For this reason I was hoping I could create multiple BGP tunnels for the same subnets so it’ll be HA and I’ll have distributed bandwidth.
Short Answer: If latency is not a concern, you shouldn't have any issues setting it up the way you explained.
Some More Explanation:
In that case, it should be feasible to setup a BGP Session remotely via GRE/IPIP. It can be used/and is used in production (keeping the latency factor in consideration) by providers that do Remote DDoS protection (CloudFlare's MagicTransit, Stormwall etc) where you setup a BGP Session with them via GRE Tunnel.
A hop is simply a router that the packet has to traverse through to reach your network. More on the hop thingy below.
Would give you the HA beyond your infrastructure at Falkenstein and Helsinki. It can be a bit painful to manage which BGP/Tunnel the traffic reaches your infra from however (if that's a concern), since setting up a BGP Sessions over a tunnel "artificially" reduces the number of apparent hops (you can prepend the routes differently to each transit to influence the traffic).
Routers in the global routing table sees it as a single hop (from Remote to Local)
You can use bird to announce subnet in bgp vps
Then use wireguard to assign the subnet to your hetzner
Of course, you can also use any other tunnel to do the assignment
In order to use IP pool between servers, the servers must be in the same ethernet network, if the Hetzner does not support VLAN/VRACK you can do it with VXLAN.
Have you succeeded?
You can contact me here we have done this exact setup in production and worked fine with 1gbit up/down
Apparently you can ask Hetzner to move your dedicated servers to a colocation rack and have them announce your IPs. You can order any of their dedicated servers (like AX line, EX line etc) but you’ll also need to pay an extra €100 for 1Gbps but you can share this with multiple dedicated servers to reduce costs.
So you won’t need to use a BGP session anymore.
Who would’ve thought Hetzner’s "custom solutions" department would be this helpful. I’m surprised. 😄