Failover Networking at OVH: A Complete Explanation

At OVH, you can purchase many of what they call “Failover IPs”, which are basically additional IP addresses for your server. They can also be moved between servers in your account relatively quickly, but today we’re going to talk about their applications in virtual machines. The obvious advantage to having many IP addresses is, of course, being able to run lots of VMs and giving them each their own IP addresses. You can run your own VPS provider! Unfortunately, OVH’s configuration for these things is a little bit non-standard, so you’ll need to jump through some additional hoops to get it working.

This post isn’t going to tell you how to get it working in your VMs. I have a handful of other posts (and might make more later) on that topic. This post is going to attempt to explain how failover IP actually works so you can figure it out yourself assuming you know how the networking system you’re working with works.

So, the first thing you have to understand about failover IPs is that they’re routed to your server through the same port as your main IP address. All the network traffic goes through the same pipe, and you have to use the same OVH router to move that traffic. When you’re creating your VM, you need to make sure you set your network interface to bridge to the main networking card in your server. With KVM/libvirt you’ll want to use the macvtap method for bridging, though a classical VM bridge should do the trick as well.

It’s also important to know that OVH’s routers have strict whitelisting. If a machine tries to bind to an IP address that hasn’t been assigned to it, it won’t work. This is determined by MAC address. OVH does not let you plug your own MAC addresses into their router, so you’ll have to get their router to give you a MAC you can plug into your VM. Simply log into your OVH control panel, go to the list of IP addresses, and assign a virtual MAC to the IP address you want to use. After a bit of time passes, you will be able to see the MAC that has been assigned to your IP address, and you must use that same MAC address for your virtual network card. It’s worth noting that you can use the ovh VM type for any hypervisor except for VMware, which will require the vmware VM type. This is because VMware has strict(er) limitations on the MAC addresses assigned to virtual network cards.

Remember how I said your VMs would have to use the same router as your host? Your failover IPs are in a different /24 subnet to your main IP address, so you won’t be able to reach the router without telling your virtualized operating system where to find it. Luckily, finding the router’s IP is simple, we just have to configure it. The router that you have to use is always going to be the .254 of the /24 that your host is in. In simpler terms, if your host machine’s IP address is, your router’s IP address is Since that’s in a different subnet than the virtual machine’s own IP, you have to define a static route. In other words, you have to tell the networking system that the router’s IP address isn’t across the internet like it seems it should be, it’s available right over the eth0 interface. In the Linux ip system, this is acomplished by the command ip route add <gateway> dev eth0. If your networking system doesn’t support setting static routes by device (which is quite common), all you have to do is set it to get to the router through your machine’s failover IP. For example ip route add <gateway> via <virt-ip>. Once you’ve added the static route you should be able to ping the router, set your default route, and get out to the internet!

Hopefully that made sense, explained a bit about how OVH’s routers work, and helped you solve any pitfalls you may have run into with the network configuration at OVH. Next week I think I’ll talk about getting IPv6 working. That post will be… Interesting.

This site uses Akismet to reduce spam. Learn how your comment data is processed.