ben blogs

proxmox hetzner setup notes

in , ,

Proxmox

installation

basic installation over plain debian https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm

proxmox networking

network configs derived from: https://community.hetzner.com/tutorials/install-and-configure-proxmox_ve

sysctl -w net.ipv4.ip_forward=1

sysctl -w net.ipv6.conf.all.forwarding=1

proxmox host /etc/network/interfaces

This example is for the main IPv4 of 157.90.92.151 with two subnets of 157.90.196.48/28 and 162.55.142.192/28. The IPv4 gateway is derived from the existing hetzner configs given on install.

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

auto enp8s0
iface enp8s0 inet static
  address 157.90.92.151
  netmask 255.255.255.255
  pointopoint 157.90.92.129
  gateway 157.90.92.129

iface enp8s0 inet6 static
  address 2a01:4f8:252:3e22::2
  netmask 128
  gateway fe80::1

auto vmbr0
iface vmbr0 inet static
  address 157.90.92.151
  netmask 255.255.255.255
  bridge_ports none
  bridge_stp off
  bridge_fd 0
  pre-up brctl addbr vmbr0
  up ip route add 157.90.196.48/28 dev vmbr0
  up ip route add 162.55.142.192/28 dev vmbr0
  down ip route del 157.90.196.48/28 dev vmbr0
  down ip route del 162.55.142.192/28 dev vmbr0
  post-down brctl delbr vmbr0

iface vmbr0 inet6 static
  address 2a01:4f8:252:3e22::2
  netmask 64

The important bits here are sysctl forwarding and routing our guest subnet to vmbr0.

Also need to systemctl disable --now rpcbind.socket per Hetzner rules.

debian guest config

Subnet: 157.90.196.48/28

auto ens18
iface ens18 inet static
    address 157.90.196.48/32
    # or address 157.90.196.X/32
    gateway 157.90.92.151

iface ens18 inet6 static
    # in this case i'm using the same ending as ipv4
    address 2a01:4f8:252:3e22::48/64
    gateway 2a01:4f8:252:3e22::2

/etc/apt/sources.list

deb http://mirror.hetzner.de/debian/packages bookworm main
deb http://mirror.hetzner.de/debian/packages bookworm-updates main
deb http://mirror.hetzner.de/debian/packages bookworm-backports main
deb http://mirror.hetzner.de/debian/security bookworm-security main

deb http://security.debian.org bookworm-security main

/etc/resolv.conf

These are specifically hetzner’s internal resolvers.

nameserver 213.133.100.100
nameserver 213.133.98.98
nameserver 213.133.99.99
nameserver 2a01:4f8:0:1::add:1010
nameserver 2a01:4f8:0:1::add:9999
nameserver 2a01:4f8:0:1::add:9898

Comments

Leave a Reply