Hetzner are a relatively low-cost hosting provider based out of Germany. They provide a range of powerful but cheap dedicated servers which make a good platform for experimenting with VMWare ESXi or other virtualisation software.
However, their networking is based around statically routing MAC addresses which makes it both a bit different to more common VLAN setups and harder to get up and running. They do have a canonical guide to configuring this, but I found my knowledge of networking a lacking from what it assumes and so I found it a little hard to follow and caught myself in a few traps, so I thought I’d write up some notes.
After you’ve ordered your dedicated server, go into Robot and order your desired subnet. When doing this, you’ll first want to request a standalone “additional IP” and then have the subnet (of any size you’ll use) statically routed to it. You may wish to mention it’s for ESXi here to make this clear.
ESXi doesn’t support routing out of the box, so we’ll use the additional IP on a router VM to provide a gateway for our subnet.
Installing ESXi 6
If you’ve already done the IP configuration, or whilst you wait you can proceed to install (or jump to the next section if you’ve done this).
Using the LARA console, mount the most recent available version of ESXi
that you can. I used
VMware-VMvisor-Installer-6.0.0.update02-3620759.x86_64.iso, which is
I’d recommend avoiding passwords with special characters as these didn’t seem to pass through on my first attempt and I needed to re-install to get root access.
We should now have two standalone IP addresses and a subnet. Let’s use these as an example:
- Main IP:
- Additional IP:
The subnet has usable addresses from:
.32 defines the network and
.47 is the broadcast address.
I’ve used the first usable IP as the gateway for all of the VMs (the second IP configured below in the router). Partly this is because this IP will be pre-filled out by the Debian installer.
We’ll then be able to create 12 VMs with public IP addresses, once we account for those we’ll need to create to get it working.
When you first login to ESXi, you’ll find there are two networks. One is the “Management Network” and the other is the “VM Network”. The “Management Network” relates to the initial IP that was configured with your server. The “VM Network” is the network available to VMs on this. We’ll not quite be able to use this directly.
To use our subnet, we’ll want to create a new vSwitch and Port Group. Under
“Networking”, create a new vSwitch (I called mine
subnet0) and a Port Group
to go with it (I called mine
Subnet 0). We’ll create a router VM which acts
as a gateway between this network and the “VM Network”.
To do this, create a new VM (I’m using Debian 8, configured with 512MB RAM and a 32GB disk image) using the “VM Network” which came by default. You should manually set the MAC address to the one provided inside Robot for the “additional IP”. DHCP will work and so the installer should autoconfigure networking.
Once this is up and running, shut it down and add a new network adapter. This
should be connected to the subnet you created above. All other settings can be
the default. Bring the VM back up and configure
look something like this:
auto eth0 iface eth0 inet static address 140.201.300.61 gateway 140.201.300.57 netmask 255.255.255.248 dns-nameservers 188.8.131.52 184.108.40.206 auto eth1 iface eth1 inet static address 220.127.116.11 netmask 255.255.255.240
eth1 network needs neither a gateway (because we’re the gateway for the
network) or nameservers (we’ll be passing packets over without much interest).
Finally for the router VM, configure IP forwarding so that packets will travel through the router:
echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
You can persist this by adding:
to ` /etc/sysctl.conf`.
Now you can create a VM using one of your subnet IPs. Specify the IP address
and netmask, then the gateway IP as the one on the router connected to our
subnet vSwitch (
18.104.22.168 in this case). Your configuration will look
something like this:
auto eth0 iface eth0 inet static address 22.214.171.124 gateway 126.96.36.199 netmask 255.255.255.240 dns-nameservers 188.8.131.52 184.108.40.206
This isn’t something I’ve yet tried, but if you wanted to configure a second (or third, etc.) subnet you’d go about this in a similar manner.
- Get the new subnet routed onto the “additional IP”.
- Create another vSwitch and Port Group (perhaps,
- Add another network adapter to the router VM.
- Connect this new network adapter to the new vSwitch.
- Configure VMs in the same way.
You should now be able to bring up additional VMs and use the rest of your assigned subnet!