孤独的长跑|
所有文章 标签 分类 关于 简体中文
孤独的长跑|

Docker安装OpenWRT

 收录于  类别 IT备忘
     约 1280 字  预计阅读 3 分钟  1 次阅读

Docker安装OpenWRT

sudo ip link set eth0 promisc on

(须结合实际网络情况,不能照抄命令) 使Docker支持IPV6,

1

sudo nano /etc/docker/daemon.json

1
2
3
4

{
  "ipv6": true,
  "fixed-cidr-v6": "2001:db8:1::/80"
}

然后 sudo systemctl restart docker (需要指定docker网卡做NAT:

1
2
3
4

sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:1::/80 ! -o docker0 -j MASQUERADE
sudo ip6tables -t nat -L
sudo ip6tables-save > /etc/ip6tables.up.rules
sudo echo "ip6tables-restore < /etc/ip6tables.up.rules" >> /etc/rc.local

)

1
2
3
4

docker network create -d macvlan \
--subnet=192.168.10.0/24 --gateway=192.168.10.1 \
--ipv6 --subnet=fe80::/16 --gateway=fe80::8edc:d4ff:fe21:437e \
-o parent=eth0 -o macvlan_mode=bridge openwrt

(fe80::728b:cdff:fece:7bf8为网卡ipv6地址)

1
2
3
4
5

docker network create -d macvlan \
--subnet=192.168.10.0/24 --gateway=192.168.10.1 \
--ipv6 --subnet=2001:db8:1::/80 --gateway=2001:db8:1::/80 \
-o parent=eth0 -o macvlan_mode=bridge openwrt
(fe80::728b:cdff:fece:7bf8为路由器ipv6地址)

1
2
3
4

docker network create -d macvlan \
--subnet=192.168.10.0/24 --gateway=192.168.10.1 \
--ipv6 \
-o parent=eth0 -o macvlan_mode=bridge openwrt

这里因为是创建的macvlan网络,因此docker不会为此创建网关路由等等设置,因此只能与公网IPV6用相同的前缀,并且指定路由网关作为自动的网关。

问题:这里的IPV6地址是手动指定的,当光猫重新拨号时,前缀和路由网关的IPv6地址会改变,这里也需要修改。

EDIT: 直接使用–ipv6而不指定subnet和gateway的话,只要指定宿主机的IPv6的NAT就可以访问IPv6外网了:

1
2

sudo ip6tables -t nat -I POSTROUTING -j MASQUERADE
sudo service ip6tables save

但如果要让外网能访问container,有两方法:

  1. 使用网卡的NDP,IP发现协议
  2. 手动分配IPv6

TODO: 测试使用默认IPv6设置,看看分配的地址

1
2
3
4
5
6
7
8

docker commit -m "Backup before IPv6" -a "Henry Tian <chariothy@gmail.com>" openwrt chariothy/openwrt

docker container update --restart=no openwrt

ip addr add 2409:8a20:b206:71f7::99 dev wrt0
ip route add 2001:db8:1::99 dev wrt0

up route -A inet6 add default gw fe80::728b:cdff:fece:7bf8 dev eth0

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

docker run \
--restart unless-stopped \
--name openwrt \
-d -it \
--ip=192.168.10.99 \
--ip6="fe80::99" \
--sysctl net.ipv6.conf.all.disable_ipv6=0 \
--sysctl net.ipv6.conf.all.forwarding=1 \
--network=openwrt \
-v openwrt:/vol \
-v /etc/localtime:/etc/localtime \
--privileged \
sulinggg/openwrt:rpi3 /sbin/init

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

docker run \
--restart unless-stopped \
--name openwrt \
-d -it \
--ip=192.168.1.99 \
--ip6 \
--network=openwrt \
-v openwrt:/vol \
-v /etc/localtime:/etc/localtime \
--privileged \
sulinggg/openwrt:x86_64 /sbin/init

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

docker run \
--restart unless-stopped \
--name ows \
-d -it \
--ip=192.168.1.100 \
--network=openwrt \
-v ows:/vol \
-v /etc/localtime:/etc/localtime \
--privileged \
chariothy/openwrt-slim:x86_64 /sbin/init

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

docker run \
--restart unless-stopped \
--name ows \
-d -it \
--ip=192.168.10.100 \
--network=openwrt \
-v ows:/vol \
-v /etc/localtime:/etc/localtime \
--privileged \
buddyfly/openwrt-aarch64 /sbin/init

  1. docker exec -it openwrt bash

  2. vi /etc/config/network

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.10.99'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.10.1'
        option broadcast '192.168.10.255'
        option dns '192.168.10.1'

  1. /etc/init.d/network restart

  2. 关闭 DHCP 服务

  3. 主路由 DHCP / DNS设置

(以下操作都在宿主机上运行)

sudo ip link add wrt0 link eth0 type macvlan mode bridge

1
2

sudo ip addr add 192.168.10.55 dev wrt0 
sudo ip link set wrt0 up

sudo ip route add 192.168.10.99 dev wrt0 

1
2

sudo route delete default gw 192.168.10.99 eth0	#如果在路由器指定99为网关
sudo route delete default gw 192.168.10.1 eth0	#如果路由器还是默认1为网关

1
2
3

sudo ip route add default via 192.168.1.99 dev wrt0 metric 1
sudo ip route del default via 192.168.1.1 dev eno1 onlink
sudo ip route add default via 192.168.1.1 dev eno1 onlink metric 100

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22

#iface eth0 inet dhcp
iface eth0 inet static
address 192.168.10.5
netmask 255.255.255.0
gateway 192.168.10.99
#iface eth0 inet6 dhcp

up ip link add wrt0 link eth0 type macvlan mode bridge
up ip addr add 192.168.10.55 dev wrt0
up ip link set wrt0 up
up ip route add 192.168.10.99 dev wrt0

up route delete default gw 192.168.10.99 eth0
up ip route add default via 192.168.10.99 dev wrt0

dns-nameservers 192.168.10.99
dns-nameservers 1.1.1.1

iface eth0 inet6 dhcp
up route -A inet6 add default gw fe80::728b:cdff:fece:7bf8 dev eth0
dns-nameservers 2400:3200::1
dns-nameservers 240C::6644

现在已经基本放弃了在docker中使用openwrt,旁路由有时不太稳定,限制也有点多。

更新于 2021-02-17
 DockerOpenwrt
返回 | 主页

Related Issues not found

Please contact @chariothy to initialize the comment