Wifi & Networking Configuration: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
(24 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= | = NetworkManager = | ||
== Setup == | |||
= DNS, Hosts = | * For Wifi, wpa_supplicant should be running (in -u mode, and as a daemon) else nothing will work. Usually if wpa_supplicant is not running it means NetworkManager has some permissions problems. To launch manually, you can run as root: | ||
wpa_supplicant -uB | |||
wpa_supplicant -udd # this will print a lot of debugging information and can be useful | |||
* Then the following commands should list your wifi interface and the available Wifi networks (after restarting NetworkManager): | |||
nmcli dev | |||
nmcli dev wifi list | |||
* Note that NetworkManager gets the list of wifi from wpa_supplicant. It may happen, though, that NetworkManager won't get the same list when it asks wpa_supplicant via the DBUS interface (standard setup) and when you run the wpa_supplicant scan manually (via wpa_cli for instance). This is because some networks can be found but not listed / returned via the DBUS interface if wpa_supplicant knows it cannot connect to them (this is also why '''nmcli dev wifi list''' may get you a different list than '''iw dev wlan0 scan'''). | |||
* To run wpa_supplicant standalone (should not be the case in usual NM setup, but can be useful for debugging), first stop NetworkManager, then kill the previous autolaunched wpa_supplicant instance, and issue following commands: | |||
wpa_supplicant -iwlp2s0 -c/etc/wpa_supplicant.conf -dd | |||
wpa_cli | |||
scan or scan_results # those are commands inside wpa_cli | |||
* You will need a minimalist configuration file (/etc/wpa_supplicant.conf) for this to work: | |||
update_config=1 | |||
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel | |||
== Connecting to a network at boot == | |||
* The connection file must be present in /etc/NetworkManager/system-connections. If it is, the connection is automatically made at boot time. | |||
* If you want to mount a NFS share automatically at boot, do the following: | |||
** add the correct entry in /etc/fstab; | |||
** add netmount and nfsclient to boot runlevel; | |||
** edit /etc/conf.d/netmount to add the line rc_need="NetworkManager net-online"; | |||
** configure /etc/conf.d/net-online to add the correct interfaces to be monitored for online status (for instance interfaces="enp0s31f6"). '''WARNING:''' if you don't do this, it looks for all interfaces and this can prevent a correct startup! | |||
=== Obsolete Information === | |||
* Just run the following command (assuming you have policykit installed): | |||
sudo polkit-auth --grant org.freedesktop.network-manager-settings.system.modify --user "elvanor" | |||
* This connects at boot (no need to wait until an user has logged and nm-applet has loaded). However, due to the time required to connect, running services such as ntp-client at boot still fail. | |||
== GUI Configuration == | |||
* On KDE 5, there is a plasmoid GUI available via the package '''kde-plasma/plasma-nm'''. It's recommended to use it. | |||
* Another option is wicd which is a totally different network manager. It currently seems not very stable on some wireless cards. | |||
* The Gnome applet for NetworkManager (gnome-extra/nm-applet) also works well on KDE. | |||
= DHCP, DNS, Hosts = | |||
* If you want to be able to type ssh valinor, and have the system automatically search for valinor.elvanor.net by default, you can add the following line to /etc/resolv.conf | * If you want to be able to type ssh valinor, and have the system automatically search for valinor.elvanor.net by default, you can add the following line to /etc/resolv.conf | ||
search elvanor.net | search elvanor.net | ||
== DHCP == | |||
* If you use DHCP, resolv.conf will be wiped, so you must edit the file /etc/dhcp/dhclient.conf and add: | * If you use DHCP, resolv.conf will be wiped, so you must edit the file /etc/dhcp/dhclient.conf and add: | ||
Line 19: | Line 66: | ||
prepend domain-name-servers 127.0.0.1; | prepend domain-name-servers 127.0.0.1; | ||
* To obtain a static IP while you are using DHCP, the best is to instruct your server (router) to associate a static IP with a given MAC address. Note that on Gentoo however, entering a static IP on /etc/conf.d/net will work: | |||
config_wlan0=( "192.168.0.2 netmask 255.255.255.0" ) | |||
= IPv6 = | |||
* To disable IP v6 (can be useful with VPNs), issue the following command: | |||
echo 1 > /proc/sys/net/ipv6/conf/wlp2s0/disable_ipv6 | |||
= Ethernet = | |||
* With recent udevs, the ethernet card is no longer named eth0. To obtain the predictable named used, run: | |||
udevadm test-builtin net_id /sys/class/net/eth0 2> /dev/null | |||
* Be very careful in the order of data returned. ID_NET_NAME_ONBOARD takes precedence over ID_NET_NAME_PATH but is not always present! | |||
= Wifi = | = Wifi = | ||
Line 38: | Line 103: | ||
* The drivers are now present in the vanilla kernel. You just need to install the microcode which is present in Portage (for example iwl3945-ucode). Be sure you build iwfwifi drivers with the RF SWITCH option. | * The drivers are now present in the vanilla kernel. You just need to install the microcode which is present in Portage (for example iwl3945-ucode). Be sure you build iwfwifi drivers with the RF SWITCH option. | ||
* Update: the microcode is now available in the linux-firmware package. | |||
* Update 2: with recent kernels (this is the case in 3.12.x and later), you need to include the microcode in the kernel image. The option is CONFIG_FIRMWARE_IN_KERNEL, in Device Drivers -> Generic Driver Options. | |||
* You should always include the most recent release of a given firmware in the kernel blob. For instance, iwlwifi-8000C-xx.ucode, choose xx as the highest number you have installed by the linux-firmware package. | |||
* To find the name of the firmware corresponding to your chipset (not the version), use this [https://www.intel.com/content/www/us/en/support/articles/000005511/network-and-i-o/wireless-networking.html Intel site]. | |||
== Associating with an access point and Authentication == | == Associating with an access point and Authentication == | ||
* Be careful to use AES encryption on your Access Point, not TKIP. TKIP encryption is obsolete, easily breakable and wpa_supplicant does not provide support for it anymore by default (there is a tkip USE flag to activate it though). If a TKIP network is used, a default Gentoo wpa_supplicant installation (along with NetworkManager) won't list it along the list of available SSIDs. | |||
=== Previous information (should not be required now) === | |||
* Emerge <tt>wpa_supplicant</tt>. | * Emerge <tt>wpa_supplicant</tt>. | ||
Line 101: | Line 174: | ||
In fact there is only a single init script, net.lo, for the loop back interface. Other scripts are simply added by making symbolic links to net.lo, changing the "lo" with the new interface name. | In fact there is only a single init script, net.lo, for the loop back interface. Other scripts are simply added by making symbolic links to net.lo, changing the "lo" with the new interface name. | ||
== Router configuration == | |||
* If the connection is very unstable and devices keep getting disconnected, it can be because the router switches regularly to different frequencies (20Mhz / 40Mhz). There should be an option in the router configuration to manually select a frequency and keep it (no auto switch). In congested environments, it seems better to choose 20Mhz over 40Mhz. | |||
* Note also that routers provide different networks; one at 5Ghz for modern devices and one at 2,4Ghz for backward compatibility with older devices. These two separate networks can have the same SSID (or not). |
Latest revision as of 12:09, 15 June 2022
NetworkManager
Setup
- For Wifi, wpa_supplicant should be running (in -u mode, and as a daemon) else nothing will work. Usually if wpa_supplicant is not running it means NetworkManager has some permissions problems. To launch manually, you can run as root:
wpa_supplicant -uB wpa_supplicant -udd # this will print a lot of debugging information and can be useful
- Then the following commands should list your wifi interface and the available Wifi networks (after restarting NetworkManager):
nmcli dev nmcli dev wifi list
- Note that NetworkManager gets the list of wifi from wpa_supplicant. It may happen, though, that NetworkManager won't get the same list when it asks wpa_supplicant via the DBUS interface (standard setup) and when you run the wpa_supplicant scan manually (via wpa_cli for instance). This is because some networks can be found but not listed / returned via the DBUS interface if wpa_supplicant knows it cannot connect to them (this is also why nmcli dev wifi list may get you a different list than iw dev wlan0 scan).
- To run wpa_supplicant standalone (should not be the case in usual NM setup, but can be useful for debugging), first stop NetworkManager, then kill the previous autolaunched wpa_supplicant instance, and issue following commands:
wpa_supplicant -iwlp2s0 -c/etc/wpa_supplicant.conf -dd wpa_cli scan or scan_results # those are commands inside wpa_cli
- You will need a minimalist configuration file (/etc/wpa_supplicant.conf) for this to work:
update_config=1 ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
Connecting to a network at boot
- The connection file must be present in /etc/NetworkManager/system-connections. If it is, the connection is automatically made at boot time.
- If you want to mount a NFS share automatically at boot, do the following:
- add the correct entry in /etc/fstab;
- add netmount and nfsclient to boot runlevel;
- edit /etc/conf.d/netmount to add the line rc_need="NetworkManager net-online";
- configure /etc/conf.d/net-online to add the correct interfaces to be monitored for online status (for instance interfaces="enp0s31f6"). WARNING: if you don't do this, it looks for all interfaces and this can prevent a correct startup!
Obsolete Information
- Just run the following command (assuming you have policykit installed):
sudo polkit-auth --grant org.freedesktop.network-manager-settings.system.modify --user "elvanor"
- This connects at boot (no need to wait until an user has logged and nm-applet has loaded). However, due to the time required to connect, running services such as ntp-client at boot still fail.
GUI Configuration
- On KDE 5, there is a plasmoid GUI available via the package kde-plasma/plasma-nm. It's recommended to use it.
- Another option is wicd which is a totally different network manager. It currently seems not very stable on some wireless cards.
- The Gnome applet for NetworkManager (gnome-extra/nm-applet) also works well on KDE.
DHCP, DNS, Hosts
- If you want to be able to type ssh valinor, and have the system automatically search for valinor.elvanor.net by default, you can add the following line to /etc/resolv.conf
search elvanor.net
DHCP
- If you use DHCP, resolv.conf will be wiped, so you must edit the file /etc/dhcp/dhclient.conf and add:
supersede domain-name "elvanor.net";
Note that you could also configure the DHCP server so that it gives this information to the clients.
- To add a custom DNS server when you use DHCP (for example when using the NetworkManager), you can add the following to /etc/dhcp/dhclient.conf:
prepend domain-name-servers 127.0.0.1;
- To obtain a static IP while you are using DHCP, the best is to instruct your server (router) to associate a static IP with a given MAC address. Note that on Gentoo however, entering a static IP on /etc/conf.d/net will work:
config_wlan0=( "192.168.0.2 netmask 255.255.255.0" )
IPv6
- To disable IP v6 (can be useful with VPNs), issue the following command:
echo 1 > /proc/sys/net/ipv6/conf/wlp2s0/disable_ipv6
Ethernet
- With recent udevs, the ethernet card is no longer named eth0. To obtain the predictable named used, run:
udevadm test-builtin net_id /sys/class/net/eth0 2> /dev/null
- Be very careful in the order of data returned. ID_NET_NAME_ONBOARD takes precedence over ID_NET_NAME_PATH but is not always present!
Wifi
Setting up Wifi under Gentoo involves several steps.
Get your driver working
- This depends on your wireless card. Usually it will require very recent releases of the Linux kernel, and additional drivers or programs.
- Be sure to select the following stuff:
- Device drivers -> Network devices -> Wireless LAN
- Generic IEEE 802.11 Networking Stack
- Associated cryptographic support within the networking stack (WARNING: this may be available ONLY after you said "yes" to Wireless LAN)
- Once you have an interface working (eg iwconfig lists something) you can proceed to the next step.
Intel Wireless cards
- The drivers are now present in the vanilla kernel. You just need to install the microcode which is present in Portage (for example iwl3945-ucode). Be sure you build iwfwifi drivers with the RF SWITCH option.
- Update: the microcode is now available in the linux-firmware package.
- Update 2: with recent kernels (this is the case in 3.12.x and later), you need to include the microcode in the kernel image. The option is CONFIG_FIRMWARE_IN_KERNEL, in Device Drivers -> Generic Driver Options.
- You should always include the most recent release of a given firmware in the kernel blob. For instance, iwlwifi-8000C-xx.ucode, choose xx as the highest number you have installed by the linux-firmware package.
- To find the name of the firmware corresponding to your chipset (not the version), use this Intel site.
Associating with an access point and Authentication
- Be careful to use AES encryption on your Access Point, not TKIP. TKIP encryption is obsolete, easily breakable and wpa_supplicant does not provide support for it anymore by default (there is a tkip USE flag to activate it though). If a TKIP network is used, a default Gentoo wpa_supplicant installation (along with NetworkManager) won't list it along the list of available SSIDs.
Previous information (should not be required now)
- Emerge wpa_supplicant.
- The configuration file used by wpa_supplicant under Gentoo is in /etc/wpa_supplicant/wpa_supplicant.conf. So edit your changes there. Sample below:
network={ ssid="Arda" scan_ssid=1 proto=WPA pairwise=CCMP TKIP psk="password_goes_here_56831" priority=2 }
- The pairwise option specifies the cryptographic algorithms used for authentication. CCMP also means AES.
- To basically test if authentication is working, launch wpa_supplicant with the -c and -i flags, supplying both a configuration file and an interface name. Example:
wpa_supplicant -ieth1 -c/etc/wpa_supplicant/wpa_supplicant.conf
Note that if you forget the -i or -c flag, wpa_supplicant will refuse to work.
- Once it is working, create a symlink in /etc/init.d:
ln -s net.lo net.eth1
where you replace eth1 with your interface name.
- Add some configuration options to /etc/conf.d/net. See for example this Gentoo documentation.
- Finally run /etc/init.d/net.eth1 start and if everything goes smoothly, you can add it to the default run level.
WEP access
- WEP access is much easier than WPA, just don't use WPA supplicant! All you need is in the wireless-tools package. Issue the following commands:
iwconfig eth1 essid MyNetworkName iwconfig eth1 key 0123456789 dhcpcd eth1
- Edit /etc/conf.d/net to get wifi networking automatically started at boot.
- If your ESSID name contains a single quote ('), then you are in trouble. I was unable to properly escape this character in /etc/conf.d/net. The easiest way is then to create your own script (/etc/init.d/wireless) containing the above commands.
- Note for troubleshooting: some problems can put the card in a buggy state. Issue the command:
iwlist eth1 scan
to get a list of available networks. If no results appear, then it's best to reboot your machine.
ipw3945 specific notes (pre-iwlwifi)
- These notes are obsolete now that the recommended driver to use for this card is iwlwifi.
- Be careful to add the daemon init script to the boot runlevel, not the default one. Else things won't work automatically after boot.
- Include ipw3945 in the list of modules to be autoloaded. However by default it will start the daemon as soon as it is loaded, and this does not work well on Gentoo (maybe because it should wait a little?). So modify the file /etc/modules.d/ipw3945d so that installing the module does not load the init script automatically. Then run (of course) update-modules. This way you can have a clean boot sequence without errors :)
A note on init scripts on Gentoo
In fact there is only a single init script, net.lo, for the loop back interface. Other scripts are simply added by making symbolic links to net.lo, changing the "lo" with the new interface name.
Router configuration
- If the connection is very unstable and devices keep getting disconnected, it can be because the router switches regularly to different frequencies (20Mhz / 40Mhz). There should be an option in the router configuration to manually select a frequency and keep it (no auto switch). In congested environments, it seems better to choose 20Mhz over 40Mhz.
- Note also that routers provide different networks; one at 5Ghz for modern devices and one at 2,4Ghz for backward compatibility with older devices. These two separate networks can have the same SSID (or not).