All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
HELP! IPv6, Virtualizor, Hetzner - MAC abuses
hello,
I installed KVM Virtualizor on Hetzner server,
then I created bridge to viifbr0. Next, I created several VM using only IPv6
after few minutes I got this message:
"We have detected that your server is using different MAC addresses from those allowed by your Robot account."
Please help me to solve this problem.
cat ifcfg-enp2s0
DEVICE=enp2s0
HWADDR=Ax:xx:xx:x9
ONBOOT=yes
IPV6INIT=yes
BRIDGE=viifbr0
NM_CONTROLLED="no"
NETBOOT=no
cat ifcfg-viifbr0
DEVICE=viifbr0
TYPE=Bridge
BOOTPROTO=static
GATEWAY=GATEWAY
IPADDR=IPv4
NETMASK=255.255.255.192
SCOPE="peer Gateway"
ONBOOT=yes
IPV6_AUTOCONF=no
IPV6INIT=yes
IPV6ADDR=xxx:xxxx:xxxx:2/64
IPV6_DEFAULTGW=fe80::1
IPV6_DEFAULTDEV=viifbr0
IPV6_FAILURE_FATAL=no
DNS1=8.8.8.8
DNS2=2001:4860:4860::8888
NM_CONTROLLED="no"
cat route-viifbr0
ADDRESS0=0.0.0.0
NETMASK0=0.0.0.0
GATEWAY0=GATEWAY
sysctl.conf
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
i added ipv6 in virtualizor panel and check "routed"
Comments
Change it to a routed setup (I'm not familiar with Centos network config so can't advise the best way) rather than a bridged setup.
Edit: or speak to their support about ordering virtual MAC addresses and use them for your VMs
by checking "routed" in ip-pool virtualizor, i think that should use routed connection for each vm to new bridged connection. but it is weird why i still get mac abuses
I contacted both virtualizor and hetzner, none of them are helpful
It's a bit more involved than just ticking routed. You need a second interface but don't bridge it to the main network interface.
Then create a route on the interface for the ipv6 addresses/subnets.
I just contacted hetzner about macs, they wont give more macs for ipv6.
about your solution, please correct if what i said wrong:
1. if i have enp5s0 i create enp5s0:0
2. then i can bridge viifbr0 to np5s0:0
3. then all vms connect to this viibr0
am i correct?
Hetzner logic:
Says on WIKI you can use a bridged network model, then block your server's IP address for using a bridged network model.
I've had a server with them for a personal blog and a backup thing. Dumped them after I saw you can't really get them to be reasonable in any way.
Ahh, this leads me to hetzner logic part 2:
You can, of course, backup your VMs and transfer the data on your PC, but we won't unblock your IP. You need to hocus-pocus-data-downloadus via the Lantronix KVM.
This is similar to what I use - feel free to adjust to CentOS network setup
Hope that helps.
thanks for your help that give me more reference,
so what I did same as you, i stated the ipv4 and ipv6 in both nic (default and bridge) then my vm use viibr0 with new gateway ::3
then i received this email "The issue of the relevant ticket has been successfully resolved"
thanks again for your help
Hello,
recently I had the same problem and with the help of this thread I was able to solve the problem at least partially. I did it as described above, but DNS is not working inside my VM. I can ping naked ip's and I can ping my vm from the outside. But it does not connect via ssh from the outside nor can I connect to any server from my VM.
My IPV4-VM works in bridge-mode flawlessly.
Thanks for any hint in advance.
My neworkt setup is:
This reference is priceless, seeing as Hetzner can't be bothered to produce their own documentation for how to do it:
This shows how to setup Hetzner IPv6 on host node with radvd and how to route traffic for IPv6 for your VMs.
my 2 cents.
Cheers!
For the record:
I figured out the error. It was between the screen and the chair
The code above is totally fine. I did this mistake several times before and did not think of my firewall.
After adding this to my firewall it worked like a charm.