求助： docker macvlan 如何配置？

version: '3' services: openwrt: image: lede:test # ports: # - "80:80" networks: - openwrt-WAN - openwrt-LAN privileged: true networks: openwrt-WAN: driver: macvlan driver_opts: parent: eth0 ipam: config: - gateway: "192.168.2.1" subnet: "192.168.2.0/24" openwrt-LAN: driver: bridge internal: true 

想用 docker 来部署 openwrt ，按照上面的配置部署后，容器内成功获取 ip

/ # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 02:42:ac:1d:00:02 brd ff:ff:ff:ff:ff:ff inet 192.168.10.1/24 brd 192.168.10.255 scope global br-lan valid_lft forever preferred_lft forever 100: eth0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:c0:a8:02:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet 192.168.2.192/24 brd 192.168.2.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::42:c0ff:fea8:202/64 scope link valid_lft forever preferred_lft forever 101: eth1@if102: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default link/ether 02:42:ac:1d:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0 

"192.168.2.0/24"的其它机器可以 ping 通容器 但是 http 和 ssh 都不行