Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi WAN: Public IP overlap error on Hetzner hosting

    Scheduled Pinned Locked Moved Routing and Multi WAN
    12 Posts 3 Posters 1.4k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • KOMK Offline
      KOM @tharun518
      last edited by

      @tharun518

      Multiple WANs sharing a single gateway IP

      T 1 Reply Last reply Reply Quote 0
      • T Offline
        tharun518 @KOM
        last edited by

        @kom Thanks for the article.

        I am already using NAT rules for each interface. The problem is I can't configure the IPs on the interface. It gives the overlapping subnet error. So can't proceed further.

        KOMK 1 Reply Last reply Reply Quote 0
        • KOMK Offline
          KOM @tharun518
          last edited by

          @tharun518 I think they mean that you have to have something in front of your OPT interfaces performing the NAT for you on traffic before it hits your OPTs to stop that overlap error.

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            tharun518 @KOM
            last edited by

            @kom I wonder how I could implement it virtually on Hyper-V.

            I kind of got a workaround. I can use DHCP option and it automatically configure IP and gateway. The problem is due to multiple gateway connectivity is not working. But I found that if I add the additional interface after configurating WAN it work. It will default to WAN gateway until reboot.

            I am still wondering if there is a official solution problem this problem.

            V 1 Reply Last reply Reply Quote 0
            • V Offline
              viragomann @tharun518
              last edited by

              @tharun518
              Do some searches here or in the internet. You're are certainly not the first one who run pfSense on Hetzner with multiple public IPs.

              It seems quite strange to me that the provider requires the correct MAC for each IP to talk to it. If that is not the case, you could simply add the second and other IPs as IP Alias to a single interface.

              T 1 Reply Last reply Reply Quote 0
              • T Offline
                tharun518 @viragomann
                last edited by

                @viragomann I also thought the same. I have been searching on Google for past few days. But haven't found anything close to my scenario. Hence, thought to post it here.

                KOMK 1 Reply Last reply Reply Quote 0
                • KOMK Offline
                  KOM @tharun518
                  last edited by

                  @tharun518 Can you go back to Hetzner and ask why this is, and if they have an solution? Like viragoman, I have not seen an ISP that forces specific MAC addresses on its IPs.

                  T 1 Reply Last reply Reply Quote 0
                  • T Offline
                    tharun518 @KOM
                    last edited by

                    @kom I have asked them. Their solution is to purchase an entire subnet (6 IPs) but I need only 2. For subnet they can route it to a main IP without need for a subnet.

                    I think most hosting providers use MAC binding. OVH allows to reuse same MAC. So this allow to use same WAN interface and use virtual IP.

                    1 Reply Last reply Reply Quote 0
                    • V Offline
                      viragomann
                      last edited by viragomann

                      @tharun518
                      A quick search here drew this german thread: https://forum.netgate.com/topic/58492/multiple-wan-esxi-5-1-bei-hetzner-pfsense-2-03-nicht-mehr-erreichbar/8

                      The guy got it solved by configuring the first interface with correct mask and the default gateway and set the mask of the others to /32 and set teh gateway to none.
                      So they don't overlap and all use the default gateway.

                      T 1 Reply Last reply Reply Quote 1
                      • T Offline
                        tharun518 @viragomann
                        last edited by

                        @viragomann I think you posted wrong link.

                        It seems to be a good solution. I will give it try later.

                        V 1 Reply Last reply Reply Quote 0
                        • V Offline
                          viragomann @tharun518
                          last edited by

                          @tharun518
                          Corrected it.

                          1 Reply Last reply Reply Quote 1
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.