[SOLVED] OpenWrt LXC installation error

Ntp server never worked. It kept complaining that it has no permission to change the host time. It also just kept failing to start in general. Ntp server just worked in a vm. The firewall would have issues on startup and reboots. My ct required a script I wrote to check if the firewall is not loaded and then reload it. The script isn't needed in a vm since the firewall has always loaded and stays loaded. Once in a while the WAN link would drop even after passing the nic directly into the ct. Using the sqm package was barely effective in a ct but noticeably effective in a vm. Restoring backups (owrt backups not ct backups) was hit or miss and sometimes it was easier (and cleaner) to rebuild the ct and then restore the backup after first boot. YMMV.
 
  • Like
Reactions: diversity
really I think the people at turnkey should consider this. I'll state again that OpenWrt is hands down the best in class.

Or are there suggestions to things we might have missed?
 
Give it a shot. Like I said, ymmv. I used cts in proxmox6 not 7 so maybe it got better.

I do prefer owrt especially with how easy it was (for me) to get my vpn server going. In owrt, install the vpn server requirements and configure and off and running. Dynamic dns takes care of the IP address and done. For me, owrt is plenty enough. I don't have a huge home network and I would rather vpn into my network then open it up completely to the public web.
 
generalproxuser said:
Give it a shot. Like I said, ymmv. I used cts in proxmox6 not 7 so maybe it got better.

I do prefer owrt especially with how easy it was (for me) to get my vpn server going. In owrt, install the vpn server requirements and configure and off and running. Dynamic dns takes care of the IP address and done. For me, owrt is plenty enough. I don't have a huge home network and I would rather vpn into my network then open it up completely to the public web.
Click to expand...
It's not only plenty. it is brutal ;)
 
I think that once OpenWrt has moved away from iptables the @ProxmoxStaff should give it a fair try. Maybe it works out great
 
fowr0yl said:
After hours of investigating I have found a solution, that seems to work ...

First find the container you wish to install. I wish to use OpenWrt 21.02
In pve gui navigate to "CT Templates" and choose "Download URL"
Paste the url and choose a filename. This name is to identify the correct template afterwards. I choosed "openwrt-21.02.rootfs.tar.xz"

Next step has to be done via CLI because you have to set the parm ostype=unmanaged. This could not be done in the gui :(
The following command will create the CT.

Code: 
root@pve:/# pct create 202 /var/lib/pve/local-btrfs/template/cache/openwrt-21.02.rootfs.tar.xz --arch amd64 --hostname OpenWrt-21.02 --rootfs local-btrfs:202 --memory 1024 --cores 2 --ostype unmanaged --unprivileged 1

Adding 2 network interfaces (eth0, eth1) can be done via gui or CLI.

Code: 
root@pve:/# pct set 202 -net0 name=eth0,bridge=vmbr0,ip=dhcp,ip6=auto,firewall=1,type=veth
root@pve:/# pct set 202 -net1 name=eth1,bridge=vmbr0,ip=dhcp,ip6=auto,firewall=1,type=veth,tag=10

All prepared for the first start now.

After starting OpenWrt and looking into the OpenWrt console you will find, that there is just interface eth0. This is not a pve or lxc problem.
There is just no interface "LAN" defined in OpenWrt ....

You can do this via uci commands or go the easy way. Login into LuCI, which is already running , go to network and add the LAN Interface. Thats it.
Click to expand...
this guide worked like a charm. thanks a bunch everyone participating in this thread. let the good times begin!!!
 
I now have kernel version 5.13 rather than 5.4. it's even better than running an OpenWrt snapshot in a VM which will be having kernel 5.10
 
I am also getting issues with NTP.
When looking at the host syslog I do see the following
udit[1065261]: AVC apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-999_</var/lib/lxc>" name="/sys/fs/bpf/" pid=1065261 comm="mount" fstype="bpf" srcname="bpffs" flags="rw, nosuid, nodev, noexec, noatime, silent"

So i'll try maging the container privilaged because I also can not make use of PCIe wifi components at the moment.

Is anyone interested in results or we can consider this topic as truly closed?
 
@chamseddine installing openwrt no longer is an issue thanks to the help here earlier. So not really sure why you would post a link after the fact.

Or have you solved the NTP, using PCEe devices from host issue? If so then please share that ;)

Using NTP, host hardware, using a privileged container is also not working out at the moment.
 
Hi @diversity did you have any luck with PCIe and NTP on LXC? I am hoping to run openwrt in LXC with a PCIe wifi card too.

Otherwise is running it in a VM an option with host devices?
 
rcwsr said:
Hi @diversity did you have any luck with PCIe and NTP on LXC? I am hoping to run openwrt in LXC with a PCIe wifi card too.

Otherwise is running it in a VM an option with host devices?
Click to expand...
I never did fix the NTP issue and the host app armor issue. So I abandoned that route :( as I finally figured that most if not all of my client devices could not use wifi6 and/or WPA3 anyway. So wanting kernel support for my WIFI6 PCIe devices no longer seemed to be paramount.

I kept using OpenWrt as VM and am making use of USB passthrough to enable it to have a WAP. That turned out to be a huge success.

For the NIC's I virtualize them but I recently found out my motherboard allowes for actual sharing of the on board NIC's. SR-IOV I believe the technology is called so I might give that a try once. But it is a low priority at the moment as things are working great.

In general terms I believe you can pass anything through to OpenWrt and it will show up there neatly. Actual firmware support might be spotty if you are passing through bleeding edge devices like WIFI6 stuff.

However it is a linux box in heart and soul so you could implant custom firmware. I recently done something similar to get wifi working on debian 11 on my amd ryzen laptop.
 
Last edited:
Thanks. Yeah I'm similarly trying to set up a dumb AP on a computer that's already running various other services on proxmox. This is an old Dell optiplex from 2013 I believe (runs great pulling just 25w!) so not sure if it would have the SR-IOV feature.

I was going to order a pcie wireless card but you mention USB passthrough, so are you using a USB wireless dongle instead or does pcie class as USB in this context? I have one laying around I might try that as a first step.

Is it simple enough to get openwrt running as a vm?
 
1660805936755.png
it's super simple to virtualize OpenWrt. It might take a few tries though as getting the NICS to play nice might not be intuitive from the get go.
 
it's glorious to have an OpenWrt running 'virtually' (pun intended) without restrictions ;)

USB WAP or PCIe WAP are the only way to go for me going forward. It's soo muych easier than having to deal with several hardware routers through the house.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back