FAQ

Last change on 2021-03-12 • Created on 2020-07-02

What are Hetzner Cloud Networks?

Networks provide private layer 3 links between Hetzner Cloud Servers using dedicated network interfaces. You can use them to conveniently construct multi-tier architectures spanning multiple locations.

Can Networks span multiple locations?

Yes, you can connect instances from our locations in Falkenstein, Nuremberg and Helsinki to the same network.

Will you charge for this feature? How about traffic?

The Networks feature is free. The traffic on the private network interfaces is free; will will not charge you for it.

How are IP addresses managed in Networks?

You can use the Cloud Console to manage the IP addresses in Networks. Whenever you attach a server to a network, our system will automatically assign an IPv4 address within your private network to it. Or you can choose a specific IP address within your private network if you prefer.

Since Networks is a layer 3 feature, you can only use the IP addresses allocated by the backend. Networks supports only IPv4.

Which IP addresses can I use?

You can create Networks for all RFC1918 private IP ranges which are:

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16

How are IP addresses configured on my servers?

If you recently created your server using one of our standard images, then we will automatically configure the main IP for your private network interface using DHCP.

You can disable the auto-configuration by uninstalling our auto-configuration package. In this case, you will need to manually configure the network interfaces to use them.

We have prepared an article with all the information you need about the configuration and the auto-configuration package.

Can one server have multiple IP addresses in a network?

Yes. In addition to the main IP in the network, you can also configure up to five alias IP addresses for every server. You will have to configure these IP addresses manually; the DHCP cannot provide them.

Can I attach a server to multiple networks?

You can attach your server to up to three networks at the same time.

Is traffic inside Hetzner Cloud Networks encrypted?

Traffic between Cloud Servers inside a network is private and isolated, but not automatically encrypted. We recommend you use TLS or similar protocols to encrypt sensitive traffic.

What are Subnets?

What are Subnets? Subnets are a part of the Networks feature. When you create a network, you need to define its IP range. Within this IP range, you can create one or more subnets that each have its own IP space within the network IP range. IPs for your servers will always be allocated from your Subnet IP space.

Example: You create a network 10.0.0.0/8. Within the network you create a subnet 10.0.0.0/24. When you attach a server to your network, it will get an IP from the 10.0.0.0/24 subnet.

Right now the Subnets feature is not very useful. However, this will change in the future when we add more features.

When you create a network via Cloud Console, we will pick sane defaults and automatically create a suitable subnet for it. So when in doubt, please use the defaults.

What are Routes?

Routes is an advanced feature within Networks. With it, you can create a route that is automatically applied to private traffic. You can use Routes to make sure that all packets for a given destination IP prefix will be sent to the address specified in its gateway.

What is special about route destinations that are not part of my network IP range?

If you choose a destination for your routes that is within the IP range of your network, they will automatically work as expected.

If, however, you set your destination to be outside of the network IP range, you will have to ensure that traffic for the destination gets sent to your private network interface. To do that, you need to manually add the route in the operating system of each of your servers.

Are any IP addresses reserved?

The following IP addresses cannot be assigned to your server:

  • The first IP address of your network IP range. For example, in 10.0.0.0/8, you cannot use 10.0.0.1.
  • The network and broadcast IP addresses of any subnet. For example, in 10.0.0.0/24, you cannot use 10.0.0.0 as well as 10.0.0.255.
  • The special private IP a 172.31.1.1. This IP address is being used as a default gateway of your server's public network interface.

Are there any limits on how Networks can be used?

  • You can attach up to 100 servers to a network.
  • Every server can have up to 5 alias IPs in addition to its private main IP.
  • You can create up to 50 subnets.
  • You can create up to 100 routes.

Can I include my Hetzner dedicated servers in my Hetzner Cloud Networks?

Yes, you can connect your Robot vSwitch (dedicated root servers) with your Hetzner Cloud Network. Create a new subnet in your Cloud Network and select the "Enable dedicated server vSwitch Connection" checkbox.

You can find a more detailled tutorial here.

How many vSwitches (Robot) can I connect to my Cloud Network?

You can connect each vSwitch to only one Cloud Network and you can connect each Cloud Network to only one vSwitch.

Is it possible to connect a dedicated root server vSwitch that has assigned public IP addresses?

Unfortunately, we currently don't support connecting a vSwitch with public IP addresses assigned on Robot. We will try to support this in the future, but can't promise a date yet.

How do I use Networks? Do you have any guides/tutorials?

Yes, we do! These are very helpful for getting started.

If you would like to write a tutorial about our Networks feature, please reach out to our Community Manager here by writing an issue.

Table of Contents