Add a custom 2nd NIC to a Lighthouse instance

  1. In the Hypervisor configuration, add a 2nd network interface, and bind it to the required external network.

  2. Reboot Lighthouse, and verify that net2 is visible.

  3. Edit /etc/config/conman.conf and add two custom conns. The first conn configures the physical interface. The 2nd conn will vary depending if you want DHCP on the 2nd interface, or a Static IP address. Do not put both network-services-conns in.
    # Custom Conns for 2nd interface conn network-services-conn-init_net2
    var ifname net2
    start ip addr flush dev %ifname% start ip link set dev %ifname% up start mii-tool --restart %ifname% start sleep 2
    start ifconfig %ifname% up start sleep 2
    start bash -c "infod_client -o push -p %ifname%.link_local -d $( ifconfig %ifname% | grep fe80 | sed -r 's/.*(fe80::[^ ]+).*/\1/' )"
    stop ifconfig %ifname% down
    # Use this conn if you want DHCP conn network-services-conn
    parent network-services-conn-init_net2
    start infod_client -o push -p udhcpc.%ifname%.status -d down
    up expect-return none bash -c "/sbin/udhcpc --syslog --release -- now --interface %ifname% --foreground --script '/usr/share/udhcpc/default.script' --vendorclass 'Opengear/Lighthouse'
    -x hostname:`hostname` --retries 3 --pidfile

    /var/run/udhcpc.%ifname%.pid"

    stop ifconfig %ifname%:dhcp 0.0.0.0

    stop infod_client -o delete -p udhcpc.%ifname%

    stop infod_client -o push -p udhcpc.%ifname%.status -d down test infod-equals udhcpc.%ifname%.status up

    testperiod 15

    testthreshold 20

    testthreshold 5

# Use this conn if you want a Static IP conn network-services-conn

parent network-services-conn-init_net2

start ip addr add 192.168.0.1/255.255.255.0 broadcast 192.168.0.255 dev %ifname% label %ifname%:static1

stop ip addr del 192.168.0.1/255.255.255.0 dev %ifname

  1. Restart conman to bring the 2nd interface up, then validate that net2 has an address.
    root@lighthouse:~# pkill -HUP conman
    ... Wait 30 seconds
    # If you have used DHCP root@lighthouse:~# ifconfig net2:dhcp
    net2:dhcp Link encap:Ethernet HWaddr 52:54:00:8c:38:73 inet
    addr:192.168.82.39 Bcast:192.168.82.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:|root@lighthouse:~#

#if you have used Static root@lighthouse:~# ifconfig net2:static1

net2:static1 Link encap:Ethernet HWaddr 52:54:00:8c:38:73 inet

addr:192.168.82.39 Bcast:192.168.82.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

  1. Add a firewall rule to allow relevant incoming traffic on net2. If /etc/config/scripts/firewall-post does not exist, create the subdirectory.

root@lighthouse:~# mkdir -p /etc/config/scripts/

root@lighthouse:~# vi /etc/config/scripts/firewall-post

  1. Editing the file, add this line after any existing rules

iptables -I INPUT -i net2 -j WanInput

  1. Make sure the file is marked with execute permissions

    chmod +x /etc/config/scripts/firewall-post

  2. Force the firewall configurator to run, to install the new firewall rule
    root@lighthouse:~# configurator_firewall --force

  3. Verify you can access the device via the IP of net2.

  4. Run configurator_local_network and re-test connectivity to verify that the changes will survive system configuration changes.
    root@lighthouse:~# configurator_local_network

    root@lighthouse:~# ifconfig net2:dhcp

    net2:dhcp Link encap:Ethernet HWaddr 52:54:00:8c:38:73 inet

    addr:192.168.82.39 Bcast:192.168.82.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

    root@lighthouse:~#