Setting up virtualbox on Ubuntu with multiple IPs assigned to the same physical NIC's MAC address using routing/bridging (hetzner)

Ronny Ager-Wick asked:

This is what I have:

  • Physical server at Hetzner (in Germany) with one NIC, which they have
    routed one IP address plus a /28 subnet to (I’ll call them
    136.x.y.229 and 136.x.z.240/28).
  • The physical server runs Ubuntu 14.04, Virtualbox is set up and working, but I can’t get the VMs to work with IP addresses from the subnet.
  • For simplicity I’ve set up phpVirtualBox on the server.
  • Virtualbox can see both eth0 and br0 (requires the bridge-utils package)
  • Can ssh from VM to host, but not vice versa and not between VM and the rest of the internet.

What I’m trying to achieve is for the physical server to have the single IP and for the VMs to use IPs from the subnet.
I can’t use Host only, Internal or NAT (NIC settings in virtualbox), as the VMs need to be working as a physical server, i.e. be a “full network citizen”. I guess that the VMs need to use the “Bridged Adapter” option in Virtualbox.
I know it’s possible as I’ve done the same thing before on an older server from the same company (which is gone now, so I can’t look at it).

My current setup is as follows:

# Loopback device:
auto lo
iface lo inet loopback

# device: eth0
auto  eth0
iface eth0 inet static
  address   136.x.y.229
  pointopoint   136.x.y.193
  gateway   136.x.y.193
  # default route to access subnet
  up route add -net 136.x.y.192 netmask gw 136.x.y.193 eth0

auto  br0
iface br0 inet static
  address   136.x.y.229
  bridge_ports  none
  bridge_stp    off
  bridge_fd 0
  pre-up brctl addbr br0
  up ip addr add 136.x.z.240/28 dev br0
  down ip addr del 136.x.z.240/28 dev br0

$ ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether c8:60:00:5e:bd:e0 brd ff:ff:ff:ff:ff:ff
    inet 136.x.y.229 peer 136.x.y.193/32 brd 136.x.y.255 scope global eth0
       valid_lft forever preferred_lft forever
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default
    link/ether 06:eb:98:63:81:3d brd ff:ff:ff:ff:ff:ff
    inet 136.x.y.229/26 brd 136.x.y.255 scope global br0
       valid_lft forever preferred_lft forever
    inet 136.x.z.240/28 scope global br0
       valid_lft forever preferred_lft forever

The VM is set up like this:

auto eth0
iface eth0 inet static
   address 136.x.z.242
   pointopoint 136.x.y.229
   gateway 136.x.y.229

I’ve omitted all IPV6 stuff to keep things simple.

I’ve followed Hetzner’s guides:

Apparently I can only use the Routed Method as they won’t give individual IP addresses in a subnet separate MACs, but their guide only shows how to set this up for a single IP, not for a subnet, so I’ve tried to adapt it. This is not my main area of expertise to the chance of me doing something wrong is definitely present.

But how can the VM reach the main IP (its gateway) when it’s on a different subnet? I have a feeling I need to set use one of the IP addresses in the subnet (136.x.z.241 for example) as a gateway, but how to do this is unfortunately beyond my current expertise and Hetzner’s guides do not seem to even suggest it.

One thing to note is that I can ssh from the VM to the host, using either 136.x.y.229 or 136.x.z.240, regardless of whether the gateway is set to 136.x.y.229 or 136.x.z.240. I cannot connect the other way though, and I can’t reach any other server from the VM (can’t even ping

  • I have asked my friend DuckDuckGo and he doesn’t know either, or
    maybe I don’t know how to ask him properly.
  • I’ve looked at a large number of posts that turned out not to be relevant for this particular situation, but unfortunately I can’t list them because it requires higher reputation.. I searched here on serverfault for “ubuntu virtualbox bridge” and “hetzner virtualbox”, among others.
  • The problem is likely to exist between my keyboard and my chair, so I’m hoping someone may be able to point me in the right direction.

I answered:

For bridging, you must assign MAC addresses for each IP address in the Hetzner Robot, and then configure the guest’s virtual network card to have the assigned MAC address.

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.