EFA on Hetzner cloud unreachable

Questions and answers about how to do stuff
Post Reply
ronaldr
Posts: 1
Joined: 26 May 2020 02:11

EFA on Hetzner cloud unreachable

Post by ronaldr » 26 May 2020 02:25

I've just up an EFA instance on Hetzner cloud.
First I tried with full recursion, this didn't work. I did a re-install without recursion and I'm running into the same issues.

After install I noticed unbound wasn't starting. I managed to fix this by:
nano /etc/unbound/conf.d/forwarders.conf
in there "forward-addr" was empty. Just to try it out I filled both with 1.1.1.1 and 1.0.0.1.
After this unbound did start.

However when I try to do a nslookup for google.com or any other domain (server set to 127.0.0.1) it immediately fails with SERVFAIL.
If I do the same but set nslookup to resolve from my external IP it timesout, as I expected.

Trying to go to the webinterface with http://externalIP or https://externalIP I just get server cannot be reached.

HTTPD access log is empty, error log has some logs but they're all notices. Unfortunately I'm unable to copy since I'm unable to access SSH aswell.

Not being able to access SSH happened on the first install as well.

I really don't know how to go from here. During setup I used all default values. IP/Gateway had all been filled in.
I didn't enable IPv6 in this install though.

walter54
Posts: 2
Joined: 30 Jun 2020 10:24

Re: EFA on Hetzner cloud unreachable

Post by walter54 » 30 Jun 2020 10:30

Same here.
Just did a fresh install of EFA 4.
Everything worked according to the book up until the final reboot after the initial config.
Now the machine is unreachable from the outside, neither port 22 (SSH) nor 80/443 (HTTP(S)) respond.

I assume it's a networking issue...

Will keep digging.

Cheers,
Mathias

walter54
Posts: 2
Joined: 30 Jun 2020 10:24

Re: EFA on Hetzner cloud unreachable

Post by walter54 » 30 Jun 2020 14:23

Well, it turned out the solution was pretty simple.
During the initial configuration process simply tell EFA to *not* configure IPv4 or IPv6.
Everything else can be enabled (including DNS over IPv6 and DNS Recursion), but the IPv4 and IPv6 network settings are already properly configured when the cloud machine is booted the first time, so there is no reason for EFA to mess with that part of the machine configuration.

Cheers,
Mathias

User avatar
darky83
Site Admin
Posts: 539
Joined: 30 Sep 2012 11:03
Location: eFa
Contact:

Re: EFA on Hetzner cloud unreachable

Post by darky83 » 30 Jun 2020 15:15

Yep, hetzner cloud has a auto ip config in the image they use.

(Note that if you use an custom ISO image for re-installation that you can use the IP configuration :))
Version eFa 4.x now available!

Post Reply