Page 1 of 1

Bare metal CHR on Hetzner Dedicated

Posted: Fri Aug 31, 2018 8:20 pm
by Joni
cd /root && curl -O https://download2.mikrotik.com/routeros/6.42.3/chr-6.42.3.img.zip && gunzip -S .zip chr-6.42.3.img.zip
dd if=/root/chr-6.42.3.img of=/dev/sda
Tried this on Hetzner dedicated (bare metal, EX series, I know bm isn't officially supported but I don't want the virtualization maintenance overhead) however everything except routing (public ip subnets, ie forwarding) works, at least I can't get it working with any config. Sort of sad. (neither 6.40.9 (Bugfix only) or 6.42.7 (Current) or 6.43rc66 (Release candidate))
Please open a new topic and describe what exactly does not work. It's either working completely or not. It cannot 'disable routing for some unknown reason'. Where do you get your "public subnets"? Can't Hetzner block unknown IPs by default (it should, I hope)?
Either working completely or not was my impression too, until I tried this.

The intention is to provide public IP addresses to another mikrotik router behind NAT over L2TP VPN, via EoIP (nevermind overhead). L2TP works (if assigned to can internally ping each other with the public subnet IPs), EoIP (if assigned to can internally ping each other with the public subnet IPs) works but traffic from internet to the public subnet doesn't even enter Ether1-WAN (or anywhere else for that matter, torch).

Hetzner provides public IPs / subnet upon order https://wiki.hetzner.de/index.php/Zusae ... en#Subnets and trying any combination of "every" mikrotik forum suggested way of getting them forwarded, as in routing, doesn't work. "Obviously" the server doesn't have internal physical interfaces (uncertain if nor why it should matter). Hetzner support has verified the public subnet (/29) is routed to the public WAN IP. There are no firewalls etc, just plain routing. (https://wiki.mikrotik.com/wiki/Simple_S ... es_Example etc)

@Chupaka I'm happy to provide you (reputation) with the RouterOS logins / details to the "empty" test installation if you care to test it yourself, as I surely have exhausted all theories on why it shouldn't work.

Re: Bare metal CHR on Hetzner Dedicated

Posted: Sat Sep 01, 2018 8:37 am
by Joni
To be specific, even assigning a one additional IP to the ether1-WAN interface doesn't respond to ping, with Linux it works without anything more than
ip address add a.b.c.d/32 dev eth0

Re: Bare metal CHR on Hetzner Dedicated

Posted: Sat Sep 01, 2018 10:51 am
by Joni
Exact same issue viewtopic.php?t=114844
and almost same, except I can't ping out... viewtopic.php?t=83196

Re: Bare metal CHR on Hetzner Dedicated

Posted: Mon Sep 03, 2018 12:46 pm
by Chupaka
@Chupaka I'm happy to provide you (reputation) with the RouterOS logins / details to the "empty" test installation if you care to test it yourself, as I surely have exhausted all theories on why it shouldn't work.
Ping me at Skype

Re: Bare metal CHR on Hetzner Dedicated

Posted: Fri Oct 25, 2019 7:05 pm
by izumin
Did you anyhow solve the problem?

Re: Bare metal CHR on Hetzner Dedicated

Posted: Sat Oct 26, 2019 6:40 pm
by Joni
Did you anyhow solve the problem?
Unfortunately no.

Re: Bare metal CHR on Hetzner Dedicated

Posted: Thu Oct 31, 2019 12:27 pm
by izumin
its a pity, i have the same problem. Just move with my CHR to hetzner and there is no route(s) that can make it be online. But neighbor VM's is pinging but no hypervisor.

Re: Bare metal CHR on Hetzner Dedicated

Posted: Thu Oct 31, 2019 6:14 pm
by Joni
Duh... Forgot to mention that Hetzner Cloud works for CHR...

Re: Bare metal CHR on Hetzner Dedicated  [SOLVED]

Posted: Fri Nov 01, 2019 10:39 am
by normis
Yes, Hetzner Cloud works fine like this: https://wiki.mikrotik.com/wiki/Manual:CHR_Hetzner