OECT flashes flying bull, and after installing openwrt with docker, it cannot enter openwrt
OECT After brushing Feiniu, the OpenWrt running in Docker can't get into the background, 90% of it is "macvlan completely separates the host from the container" - that is, you can ping OpenWrt from your phone or computer, but Feiniu itself can't open 192.168.x.x, so you think it's "not started", but it's actually fine, but you didn't set up a "springboard" for it.
follow the steps of human words below, and take your seats one by one.
1. Make sure the container is really running
SSH Enter the flying bull and knock on:
docker ps -a | grep openwrt see that the STATUS is
Up x minutes and continue; If it is a Exited, first docker the logs openwrt to see the error, there is a high probability that it is an IP conflict or no -privileged. 2. Turn on "mixed mode" for the physical network card
the name of the network card of Feiniu OS is strange, don't copy the
first
eth0 of other people's tutorials. first
ip a find the one with -ovs, for example, mine is enp2s0-ovs, and then: ip link set enp2s0-ovs promisc on restart will be invalid, if you want to boot automatically:
Feiniu Panel → Control Panel → Scheduled Task → Boot Script, stuff the above one in, and save 。
Feiniu Panel → Control Panel → Scheduled Task → Boot Script, stuff the above one in, and save
3. Build a MacVLAN network (don't copy the IP address, replace it with your own network segment)
my main route is 192.168.31.1, so :
# Delete the previous random construction first docker network rm openwrt-lan 2>/dev/null # Rebuild a new one docker network create -d macvlan \ --subnet=192.168.31.0/24 --gateway=192.168.31.1 \ -o parent=enp2s0-ovs openwrt-lan4. Pull the image + run the container
docker run -d --restart always --name openwrt \ --network openwrt-lan \ --privileged \ sulinggg/openwrt:x86_64 /sbin/init use
sulinggg for mirroring, don't use the old version. 5. Changing OpenWrt's own LAN IP
in the container:
docker exec -it openwrt bash vi /etc/config/network find the
restart the network after modification:
config interface 'lan' and change option ipaddr to a address in your home network segment that no one uses, for example, I changed it to 192.168.31.2. restart the network after modification:
/etc/init.d/network restart6. The most critical step - to build a "springboard" for the flying bull itself
macvlan default does not allow hosts and containers to communicate , so if you enter 192.168.31.2 in the Flying Bull browser, it will time out, not because OpenWrt is hung, but because the packet is isolated.
solution: Virtualize a small interface on the Feiniu host as an "insider":
solution: Virtualize a small interface on the Feiniu host as an "insider":
# Whatever the name is, just me_to_op is fine ip link add me_to_op link enp2s0-ovs type macvlan mode bridge ip addr add 192.168.31.5/24 dev me_to_op ip link set me_to_op up # Let traffic accessing 192.168.31.2 go through this interface ip route add 192.168.31.2 dev me_to_op after execution, immediately go to Feiniu Browser and type 192.168.31.2, and the familiar LuCI login interface will pop up 。
7. Want to make the "springboard" automatically have?
throw the above 4 commands
/etc/rc.local (create a new one if you don't have one), or add another "boot script" to the task of the flying bull plan, and you're done. 8. Or can't get in?
- computer and mobile phone can ping 192.168.31.2, but Feiniu can't → 100% didn't take the springboard, go back to step 6.
- all pings → the container didn't start, go back to step 1 to read the logs.
- can open the page, but the dialing fails→ the WAN/LAN ports in the container are reversed, and the two NIC cards of
-o parentare swapped and rebuilt the network.
summarizes in one sentence:
container has actually been started a long time ago, that is, Macvlan has blocked the flying bull body from the door; Add a small interface to the host machine as an "insider", and you can immediately enter the background.
container has actually been started a long time ago, that is, Macvlan has blocked the flying bull body from the door; Add a small interface to the host machine as an "insider", and you can immediately enter the background.
Read More
Comment List