Open michaellanguage opened 2 years ago
hllhll
commented
2 years ago Look at how he adds the interfaces to the container before starting the container. There might be an issue though, since the order of the NICs might change, I found that even if the initial configuration is incorrect, openwrt is still reachable by the ip address assigned to the container if openwrt does not overwrite it
michaellanguage
commented
2 years ago Am trying to install and use mwan3 load balancing on openwrt packag install.
docker network create --driver macvlan --subnet 192.168.8.0/24 -o parent=eth1 eth1
docker network create --driver macvlan --subnet 192.168.0.0/24 -o parent=eth2 eth2
docker network connect --ip 192.168.8.80 eth1 openwrt_multi_1
docker network connect --ip 192.168.0.70 eth2 openwrt_multi_1
This are the lines i added to run.sh but they break even without assigning subnet, doing this i got
Error response from daemon: failed to set gateway while updating gateway: file exists.
Please help
Thank you
hllhll
commented
2 years ago I Did it a while back, for me, something like that worked for me for a "virtual" dmz network inside the rpi & between openwrt & other containers.
docker network create --driver macvlan \
--subnet $DMZ_SUBNET \
$DMZ_NET_NAME || exit 1
...
docker network connect --ip $DMZ_ROUTER_ADDR $DMZ_NET_NAME $CONTAINERAre you making sure you are removing everything on each attempt? Docket network, linux bridge if existing, container etc?
michaellanguage
commented
2 years ago I tried and still not working, am trying to use mwan3 package following this tutorial https://www.youtube.com/watch?v=tgRZYnrqVu4
What am trying to achieve is have my two router ethernet linked to openwrt docker and use mwan3 to combine them for load balancing and speed, if you have tried this and it work please share me the config file and run.sh file so i can attempt.
Thank you.
michaellanguage
commented
2 years ago Is there no way to achieve linking multiple ETH to the docker, and getting them to work, pls i need help on this have spent days already trying to achieve this.
hllhll
commented
2 years ago Do you know what is the actual issue? Did u try setting up a plain Ubuntu image with similar networking? before going ahead with docker-openwrt or even openwrt
michaellanguage
commented
2 years ago I did bond all the Ethernet could not work with openwrt docker, am new to docker i know that is achievable, if there is another way.
michaellanguage
commented
2 years ago here are the recipes for adding new to the openwrt container.
` sudo ip netns sudo ip link add macvlan1 link eth1 type macvlan sudo ip link set dev macvlan1 promisc on sudo ip link set macvlan1 netns openwrt_1 sudo ip netns exec openwrt_1 ifconfig macvlan1 up sudo ip netns exec openwrt_1 ip address add 192.168.16.100/24 dev macvlan1 sudo ip netns exec openwrt_1 ip route add 0.0.0.0/0 via 192.168.16.1 sudo ip netns exec openwrt_1 ifconfig sudo docker exec -it openwrt_1 ip route sudo docker exec -it openwrt_1 ping -c 2 -I eth1 GOOGLE.COM sudo ip netns exec openwrt_1 ping -c 2 -I macvlan1 192.168.16.1 sudo ip netns exec openwrt_1 ping -c 2 -I macvlan1 GOOGLE.COM
`
saket424
commented
1 year ago @michaellanguage
I tried a flavor of what was mentioned here https://guide.opencord.org/cord-6.1/operating_cord/veth_intf.html
and much to my surprise what do you know it worked! I was able to add a new enx3c8cf8eb229a nic nicknamed eth2 to an already running openwrt_1 container following these steps
cat bridge_eth2
#The interface on the hosting machine should be turned off first
sudo ip link set enx3c8cf8eb229a down
#Create a veth called veth2 and add to it the new virtual interface eth2:
sudo ip link add veth2 type veth peer name eth2
#Now add the virtual network interface eth2 to the container namespace
sudo ip link set eth2 netns openwrt_1
#Bring up the virtual interface:
sudo ip netns exec openwrt_1 ip link set eth2 up
#Bring up veth2:
sudo ip link set veth2 up
#Create a bridge named br2, and add veth2 to it and the host interface enx3c8cf8eb229a
sudo ip link add br2 type bridge
sudo ip link set veth2 master br2
sudo ip link set enx3c8cf8eb229a master br2
#Bring up again the host interface and the bridge:
sudo ip link set enx3c8cf8eb229a up
sudo ip link set br2 up
#At this point, you should see an additional interface eth2 inside the container capable of pulling dhcpHere is the unbridge_eth2 that undoes it all
cat unbridge_eth2
#sudo apt install bridge-utils
sudo ip link set veth2 down
sudo ip link delete veth2
sudo ip netns exec openwrt_1 ip link set eth2 down
sudo ip netns exec openwrt_1 ip link delete eth2
sudo ip link set enx3c8cf8eb229a down
sudo ip link set br2 down
sudo brctl delbr br2
sudo ip link set enx3c8cf8eb229a up
cat /etc/config/network
cat /etc/config/network
config globals 'globals'
option ula_prefix 'fdae:0e2b:1787::/48'
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config interface 'lan'
option proto 'static'
option ipaddr '192.168.16.2'
option netmask '255.255.255.0'
option ip6assign '64'
option device 'br-lan'
config interface 'wan'
option proto 'dhcp'
option device 'eth1'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'eth2'
option proto 'dhcp'
option device 'eth2'
cat /etc/config/firewall
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
list network 'eth2'
I also found this useful https://stackoverflow.com/questions/60189587/how-to-pass-through-physical-nic-to-docker-container
cat /etc/rc.local
sleep 30
HOST_IFACE=enp3s0
CONT_IFACE_NAME=eth3
container=openwrt_1
NSPID=$(docker inspect --format='{{ .State.Pid }}' $container)
sudo mkdir -p /var/run/netns
sudo ln -s /proc/$pid/ns/net /var/run/netns/$pid
ifconfig "$HOST_IFACE" down
ip link set "$HOST_IFACE" netns "$NSPID"
ip netns exec openwrt_1 ip link set "$HOST_IFACE" name "$CONT_IFACE_NAME"
ip netns exec openwrt_1 ip link set "$CONT_IFACE_NAME" up
How do i add multiple WAN eth0 and eth1 and eth3 without breaking the system.