Hetzner connect cloud servers with dedicated servers via vSwitch on Debian 11


Get 20€ credit with Hetzner using my link :)
https://hetzner.cloud/?ref=Vi4UjGTcwywL

Today we're going to connect our dedicated servers with our cloud servers on Hetzner. This was a bit challenging to figure out but in the end it works great! So let's start.
Im going to use a new project for this but you can use your existing one.

1. Create a new vSwitch (or use an existing one) on your Hetzner robot. You can name it what ever you want. Remember your VLAN ID.

2. Create an internal network within your cloud project (or use an existing one)

3. Add a new subnet within this network and select "Enable dedicated server vSwitch connection". Choose the vSwitch you created previously.

The subnet mask depends on your original network range. A /24 network obviously can't create another /24 subnet within it self.

4. Now attach your dedicated server(s) you want to connect to your vSwitch as well as your cloud servers on the cloud console.

5. Setup your the network on your dedicated server. This will be an example for Debian based systems. This is how your default config should look like when using a pre installed system. Mine only shows an IPv6 since i dont use an IPv4.

/etc/network/interfaces
### Hetzner Online GmbH installimage

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback
iface lo inet6 loopback

auto enp9s0
iface enp9s0 inet6 static
  address 2a01:xxx:xxx:xxxx::2
  netmask 64
  gateway fe80::1

Now add the following below. Make sure you use the exact network name (in my case "enp9s0" and add your VLAN ID from before in the end.
Give yourself an IP within your /24 range. In my case i used 10.128.100.10.

Adjust your routes on the bottom if you used different ranges within your privat network. The gateway information (10.128.100.1 in my case) are visible on the vSwitch page on Hetzner Robot. If you followed the tutorial 1:1 it will be the same.

auto enp9s0.4001
iface enp9s0.4001 inet static
  address 10.128.100.10
  netmask 255.255.255.0
  vlan-raw-device enp9s0
  up ip route add 10.128.0.0/16 via 10.128.100.1 dev enp9s0.4001
  down ip route del 10.128.0.0/16 via 10.128.100.1 dev enp9s0.4001

Now restart the network and you should be able to ping your cloud servers and vice versa.

systemctl restart networking

If anything is unclear or you want to add something please register an account and comment under this post. Im happy to help!