We have an issue with the use of Hetzner Cloud's Network with Hetzner Robot's vSwitch. I'm setting up a new project, where I have 2 dedicated Robot servers. They are set up in a vSwitch with a /28 public subnet. We need those IP's for whitelisting to/from external parties.
Because we have a very dynamic application load, we use Cloud servers with a scaling mechanism for handling all the application logic. But we need to have all the outgoing traffic from our application servers go through the Robot servers because of the IP whitelisting.
However, it seems I cannot define a private IP from a Robot vSwitch as a default gateway. It just will not come through (Yes, I can ping between my cloud servers and robot servers). Also it's not possible to define a static route in the Cloud Network pointing to a vSwitch private IP. The interface explicit states its within the range of a vSwitch and thus not allowed.
In another topic I've found a way to use GRE tunneling. This works, but is P2P. We have 2 dedicated servers (running keepalived with a floating private IP for high availability). But we have a dynamic amount of application servers. It's hard to create and maintain GRE tunnels between all of the individual servers.
The goal is to have our Cloud application servers make use of the /28 subnet linked to Robot's vSwitch for outgoing traffic. Does anyone know if this is possible?
