Hello,
Finally managed to configure macvlan on rockpro64 with OMV version 4.1.28-1. Thought to share my document notes for anyone having problems setting up macvlan on rockpro64 or in general.
Brief
lan interface: eth0
lan network 192.168.2.0/24
ip range used by dockers: 192.168.2.225 - 192.168.2.254
Below are setup steps in different stages from my notes during setup. It involves:
- creating subinterface (called mac0) to be used for communicating with host and defining part of the network address that will be used by dockers so that host would know how to route packets
- creating macvlan docker network
- host routing table changes if not using CIDR e.g. 192.168.2.224/27 for 192.168.2.0/24 lan
Information sources
Below are the links to information that helped me to set it up and some important points.
· General information on how omv generates configs.
o Omv generates configs of necessary os config files when doing any changes, it stores the necessary information in other files
· debian uses /etc/network/interfaces file where interface settings are defined, it is generated by omv scripts/helper-functions
· Omv forum post about editing or creating new script for your custom network interface settings
o Customize /etc/network/interfaces the OMV way [>= 1.11]
· Below forum is the one that pointed to creating corrects routes, the last one, bottom one and an additional link to source of information
o https://stackoverflow.com/ques…20host%20and%20containers.
o https://blog.oddbit.com/post/2…-docker-macvlan-networks/
· Post regarding promiscuous mode on eth0 on rockpro64 after each boot, tested and it pings no problem mac0 ip whereas before it would do 1 every 20 secconds or so
o https://www.reddit.com/r/OpenM…/omv5_pihole_setup_guide/
· Below is a good post about promiscious load on cpu, in a switched network is not existent
o https://serverfault.com/questi…us-mode-add-to-the-server
Creating sub interface (virtual network interface) mac0
1. Define mac0 interface within omv or edit /etc/network/interfaces file in other linux distros
a. nano /usr/share/openmediavault/mkconf/interfaces.d/macvlan0
#!/bin/sh
#
# This file is part of OpenMediaVault.
#
# @license http://www.gnu.org/licenses/gpl.html GPL Version 3
# @author Volker Theile <volker.theile@openmediavault.org>
# @copyright Copyright (c) 2009-2015 Volker Theile
#
# OpenMediaVault is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# any later version.
#
# OpenMediaVault is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OpenMediaVault. If not, see <http://www.gnu.org/licenses/>.
set -e
. /etc/default/openmediavault
. /usr/share/openmediavault/scripts/helper-functions
OMV_INTERFACES_CONFIG=${OMV_INTERFACES_CONFIG:-"/etc/network/interfaces"}
cat <<EOF >> ${OMV_INTERFACES_CONFIG}
# The macvlan network interface to support communication between lan,
# make sure to define correct subnet as otherwise it will push all traffic outside over eth0
# it is possible to define /32 subnet but then will require adding ip route
auto mac0
iface mac0 inet static
address 192.168.2.244
netmask 255.255.255.224
#defining same gateway on both adapters didn't work
#gateway 192.168.2.1
#create mac0 virtual interface
pre-up ip link add mac0 link eth0 type macvlan mode bridge
#enable promiscious mode on eth0 interface
#to see if it is on execute netstat -i and look for letter P in flags column for eth0
up ip link set eth0 promisc on
#delete mac0 and disable promiscious mode on eth0
post-down ip link del mac0 && ip link set eth0 promisc off
iface mac0 inet6 manual
pre-down ip -6 addr flush dev $IFACE
EOF2. Make file executable and generate /etc/network/interfaces file
a. chmod +x /usr/share/openmediavault/mkconf/interfaces.d/macvlan0
b. omv-mkconf interfaces
3. Test if it can be brought up and down, make sure to do “if down” first and confirm that ip link or ip add doesn't have mac0 entry
a. ifdown mac0
b. ifup mac0
c. reboot OS if all is good or just try to restart networking service
4. Make sure correct route exists
a. ip route
Creating macvlan docker network
1. Create docker network that has limited ip range so that host would know which interface to use to route packets, use online cidr calculators
a. use “aux address” to make sure they are not used in docker network
b. docker network create -d macvlan --subnet=192.168.2.0/24 --gateway=192.168.2.1 --ip-range 192.168.2.224/27 --aux-address 'host=192.168.2.244' --aux-address 'NAS=192.168.2.245' -o parent=eth0 homeLan
2. Test communication, try pinging from within docker host and other devices on network
a. docker run --name alpine --net=homeLan --ip=192.168.2.241 -itd alpine /bin/sh
b. docker exec -it alpine /bin/sh
Troubleshooting / packet capture
1. To troubleshoot network communication, you may need to use tcpdump, just open a separate ssh shell and ping on one and monitor output on the other
a. Define interface e.g. eth0 or mac0 and add not to monitor ssh port and define what ip to monitor or not to monitor
b. tcpdump -e -i eth0 port not 22 and host 192.168.2.241
