网络配置/无线网络配置

来自 Arch Linux 中文维基

本文或本节需要翻译。要贡献翻译,请访问简体中文翻译团队

附注: 请提供模板的第一个位置参数以更详细的指示。(在 Talk:网络配置/无线网络配置# 中讨论)

网络配置的主页面是网络配置

配置无线网络一般分两步:第一步是识别硬件、安装正确的驱动程序并进行配置,安装盘中已经包含驱动,但是通常需要额外安装;第二步是选择一种管理无线连接的方式。这篇文章涵盖了这两方面,并提供了无线管理工具的链接地址。

#iw 段落描述了如何使用 iw 来手动管理你的网络接口/无线局域网连接。网络配置#网络管理器 段落介绍了几个可以自动管理您无线网络接口的程序。这些程序中的某些会包含一个图形界面,而所有的程序都支持网络配置文件(在频繁切换网络时有用,比如使用笔记本电脑的场合)。

设备驱动[编辑 | 编辑源代码]

默认的 Arch Linux 内核是模块化的,硬件的设备驱动作为内核模块保存在硬盘上。启动时,udev 会根据硬件加载不同的驱动模块,从而允许创建网络接口。

除了相应的驱动程序之外,某些无线芯片组还需要固件。linux-firmware 提供了很多固件,然而专有固件并不包含在内,需要另行安装。这部分指南请参考 #安装 driver/firmware

注意: 如果 udev 在启动时未加载正确的模块,只需 手动加载 即可。 如果 udev 为一台设备加载多个驱动程序,则产生的冲突可能会导致配置失败。 确保将不需要的模块加入 黑名单

检查驱动状态[编辑 | 编辑源代码]

根据设备的连接方式是 PCI(e) 或 USB,对应地执行 lspci -klsusb -v 可以检查设备驱动是否已经加载:

$ lspci -k
06:00.0 Network controller: Intel Corporation WiFi Link 5100
	Subsystem: Intel Corporation WiFi Link 5100 AGN
	Kernel driver in use: iwlwifi
	Kernel modules: iwlwifi
注意: 如果网卡是 USB 设备,以 root 权限执行 grep usbcore 的输出应当类似于 usbcore: registered new interface driver rtl8187

同时也要通过 ip link 命令来查看无线接口是否已经创建。通常来说,设备名以字母“w”开头,例如wlan0wlp2s1。确认之后,使用以下命令使设备上线:

# ip link set <设备名> up

例如,接口设备名是 wlan0,此命令就是 ip link set wlan0 up

注意:
  • 如果你从命令中得到如下错误:RTNETLINK answers: Operation not possible due to RF-kill 错误,请确保设备没有被 软锁定 或 硬锁定,详情请参考 Rfkill 说明
  • 如果你从命令中得到如下错误:SIOCSIFFLAGS: No such file or directory, 那么大概率您的无线芯片组需要额外的固件来运行。

检查内核信息中关于已加载固件的信息:

# dmesg | grep firmware 
[   7.148259] iwlwifi 0000:02:00.0: loaded firmware version 39.30.4.1 build 35138 op_mode iwldvm

如果没有相关的输出,那么需要在消息中查找关于您之前指定的模块的完整输出(本示例中的模块是iwlwifi),然后查找对应的错误信息:

# dmesg | grep iwlwifi 
[   12.342694] iwlwifi 0000:02:00.0: irq 44 for MSI/MSI-X
[   12.353466] iwlwifi 0000:02:00.0: loaded firmware version 39.31.5.1 build 35138 op_mode iwldvm
[   12.430317] iwlwifi 0000:02:00.0: CONFIG_IWLWIFI_DEBUG disabled
...
[   12.430341] iwlwifi 0000:02:00.0: Detected Intel(R) Corporation WiFi Link 5100 AGN, REV=0x6B

如果需要的内核模块已经加载且网络接口已经上线,您可以跳过下一节的内容。

安装 driver/firmware[编辑 | 编辑源代码]

根据获得的信息,在下面网址查找硬件支持:

注意有些厂商的产品名称相同,实际使用的芯片组却不同。usb-id (USB设备) 或 pci-id (PCI设备)才是唯一识别名称。

如果您在上述列表里找到了您的无线网卡,请按照 驱动与固件排错 中的指示操作,这一节中包含有关安装某些特定无线网卡所需的驱动程序和固件的信息。完成后,再次检查驱动程序状态

如果您的上述列表里没有找到您的无线网卡,那么大概率您的网卡仅在windows操作系统下受支持。对于这些设备,您可以尝试使用 #ndiswrapper

工具[编辑 | 编辑源代码]

同其他网络设备一样,无线网络接口可以通过 iproute2 包提供的 ip 命令来管理。

管理一个无线网络连接需要一套基本的工具。可以使用一个 网络管理器 或直接使用以下表格中的一个:

软件 软件包 WEXT nl80211 WEP WPA/WPA2/WPA3 Archiso [1]
wireless_tools1 wireless_tools
iw iw
wpa_supplicant wpa_supplicant
iwd iwd
  1. 过时,不推荐使用.

iw 与 wireless_tools 的对比[编辑 | 编辑源代码]

下面表格给出了 iwwireless_tools 命令的对比(更多示例参阅 这里)。

iw 命令 wireless_tools 命令 描述
iw dev wlan0 link iwconfig wlan0 获取连接状态。
iw dev wlan0 scan iwlist wlan0 scan 扫描可用接入点。
iw dev wlan0 set type ibss iwconfig wlan0 mode ad-hoc 设置操作模式为 ad-hoc
iw dev wlan0 connect your_essid iwconfig wlan0 essid your_essid 连接到开放网络。
iw dev wlan0 connect your_essid 2432 iwconfig wlan0 essid your_essid freq 2432M 连接到开放网络的特定频道。
iw dev wlan0 connect your_essid key 0:your_key iwconfig wlan0 essid your_essid key your_key 用16进制密匙连接到 WEP 加密网络。
iw dev wlan0 connect your_essid key 0:your_key iwconfig wlan0 essid your_essid key s:your_key 用 ASCII 密匙连接到 WEP 加密网络。
iw dev wlan0 set power_save on iwconfig wlan0 power on 启用省电功能。

iw[编辑 | 编辑源代码]

注意:
  • 多数命令需要使用 root权限 执行。 使用普通用户执行某些命令,如 iw list,不会输出任何错误但并不会产生正确的输出,造成疑惑。
  • 根据您硬件或加密类型的不同,某些步骤并非必要。在连接至某个接入点及获取IP地址之前,某些网卡需要首先被 激活 与/或 扫描热点。这可能需要您自己尝试。例如,WPA/WPA2 用户可能会尝试直接从步骤 连接到接入点 开始来激活无线网络。

本章节的示例会假定您的无线接口设备名称是 interface, 您想要连接到的WiFi接入点名称是 your_essid。请将这两个字段作相应替换。

获取接口名[编辑 | 编辑源代码]

提示:更多关于 iw 工具的示例,请查看 官方文档

获取您无线网卡的名称,运行:

$ iw dev

接口的名称会在 "Interface" 单词后显示。比如,常见的无线网卡设备名是 wlan0

检查连接状态[编辑 | 编辑源代码]

用下面的命令检查连接状态:

$ iw dev interface link

获取统计数据[编辑 | 编辑源代码]

获取一些统计数据,比如上传下载的数据量,信号强度等:

$ iw dev interface station dump

激活接口[编辑 | 编辑源代码]

提示:通常不需要执行此步骤。

一些无线网卡在使用 iwwireless_tools前需要先激活内核接口:

# ip link set interface up
注意: 如果出现错误 RTNETLINK answers: Operation not possible due to RF-kill, 请确保硬件开关已经打开。参阅 #Rfkill 说明

如果出现错误 RTNETLINK answers: Operation not possible due to RF-kill, 请确保硬件开关已经打开。参阅 #Rfkill 说明

要验证接口确实打开:

$ ip link show interface
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state DOWN mode DORMANT group default qlen 1000
    link/ether 12:34:56:78:9a:bc brd ff:ff:ff:ff:ff:ff

<BROADCAST,MULTICAST,UP,LOWER_UP> 中的UP 显示接口已经打开,不要和后面的 state DOWN 混淆。

扫描接入点[编辑 | 编辑源代码]

查看可用的接入点:

# iw dev interface scan | less
注意: 如果显示 "Interface doesn't support scanning",可能是忘了安装固件。有时不以 root 运行 iwlist 也会产生这个问题。无线网络也可能被软锁定,请运行 rfkill list all 进行检查。


提示:Depending on your location, you might need to set the correct regulatory domain in order to see all available networks.

需要关注的信息:

  • SSID: 网络的名称.
  • Signal: 用 dbm (-100 to 0) 报告的无线信号强度。数值越接近零,信号越好。观察高质量连接和低质量连接的数值差异可以了解设备的信号范围。
  • Security: 没有直接报告, 检查 capability 开头的行,如果有 Privacy 信息,例如 capability: ESS Privacy ShortSlotTime (0x0411), 表示网络具有某种程度的保护,
    • 如果有 RSN 信息,网络被 Robust Security Network(WPA2) 协议保护。
    • 如果有 WPA 信息,网络被 Wi-Fi Protected Access 协议保护。
    • RSNWPA 信息块中,可能看到如下信息:
      • Group cipher: 数值包括 TKIP, CCMP, both, others.
      • Pairwise ciphers: 数值包括 TKIP, CCMP, both, others. 可能和 Group cipher 数值不同.
      • Authentication suites: 数值包括 PSK, 802.1x, others. 家用路由器通常可以看到 PSK (i.e. 密码). 在大学中,通常会链接到需要登录名和密码的 802.1x 网络。需要知道其使用的密码管理方式(例如 EAP), 封装方法 (例如 PEAP). 详情请参考 这里这里.
    • 如果没有看到 RSNWPA,但是看到了 Privacy, 表示使用的是 WEP.

运行模式[编辑 | 编辑源代码]

设置无线网卡的操作模式,如果连接到漫游网络,需要设置操作模式为 ibss

# iw dev interface set type ibss
注意: 有些网卡需要先关闭无线接口(ip link set interface down)才能修改模式。

连接到接入点[编辑 | 编辑源代码]

根据加密方式不同,需要使用密码将无线设备关联到接入点。

假设要使用的接入点 ESSID 为 MyEssid:

无加密[编辑 | 编辑源代码]

# iw dev interface connect "your_essid"

WEP[编辑 | 编辑源代码]

使用十六进制或 ASCII 密码(格式是自动识别出来的,因为 WEP 密码长度是固定的):

# iw dev interface connect "your_essid" key 0:your_key

使用十六进制或 ASCII 密码,第三个是默认 (从0计数,共四个):

# iw dev interface connect "your_essid" key d:2:your_key

其它[编辑 | 编辑源代码]

    • iw 只能处理 WEP。要使用其他加密方案登录, 请查看下文中的 #认证 章节。

无论您使用什么认证方法,都可以使用以下命令来确认连接是否成功:

# iw dev interface link

认证[编辑 | 编辑源代码]

WPA2 个人模式[编辑 | 编辑源代码]

WPA2 个人(模式), 又名 WPA2-PSK, 是一种 受保护Wi-Fi访问(Wi-Fi存取保护)的模式。

您可以通过 wpa_supplicantiwd 来连接, 或者直接使用 网络管理器. 如果您只进行了认证,那么要获取功能齐全的连接,您仍然需要进行手动连接 或使用 DHCP 客户端。

WPA2 企业模式[编辑 | 编辑源代码]

WPA2 企业模式 也是一种 受保护Wi-Fi访问(Wi-Fi存取保护)的模式,提供了比 WPA2 个人版更好的安全性和密钥管理,并支持其他的企业型功能,例如 VLAN 和 NAP。然而,与个人模式不同,此种加密需要额外的 RADIUS 认证服务器来处理用户的认证。个人模式不需要除无线路由器/接入点以外的设备,对所有用户也只要求一个密码或密码短语。

企业模式允许用户使用用户名和密码或者数字证书来登录 Wi-Fi。因为每个用户都拥有一个动态唯一的加密密码,因此企业模式可以防止通过无限网络的用户探听,并提高加密强度。

本章节描述如何使用 网络管理器 来连接到使用 WPA2 企业模式的无线接入点。

查看 软件接入点#RADIUS 来获取关于设置接入点自身的相关信息。

注意: 企业级加密模式需要更复杂的客户端配置,个人模式则只需要在出现提示时输入密码。客户端可能需要安装服务器的 签名证书(CA certificate),如果使用 EAP-TLS, 则另需要为每个用户安装证书,再手动配置无线安全和 802.1X 认证设置。

协议间的对照可以参照此 表格

警告: 您可以让客户端在使用WPA2企业级时不检查服务器的授权证书。然而,您在任何情况下都该尽最大努力来配置证书,因为如果不验证接入点,连接可能遭受中间人攻击。虽然连接握手可能是加密的,但最常见的密码传输配置会将密码用明文或易于破解的MS-CHAPv2协议协议进行传输。因此,客户端可能会将密码发送到代理连接的恶意接入点。

MS-CHAPv2[编辑 | 编辑源代码]

有时,除了原配的 ppp (Point-to-Point Protocol) 之外,要求 MSCHAPv2 type-2 with PEAP 的 WPA2 企业级接入点有时会需求 pptpclientnetctl 似乎能在缺少 ppp-mppe 的情况下开箱即用。虽然其他认证实现方式通常都并不可用,由于其高度脆弱的特性,用户在任何情况下都不被鼓励使用 MSCHAPv2。

eduroam[编辑 | 编辑源代码]

eduroam 是一项面向科研,高等教育与继续教育领域人员的国际漫游服务。

注意: * 在应用本章节列出的任何配置之前,首先向您的机构确认连接的详细信息。示例配置不保证任何安全性或者匹配任何安全需求。
  • 存储未加密的连接配置文件时,建议用 root 用户运行以下命令以限制 root 帐户对此文件的的读取访问权限: chmod 600 配置文件
提示:针对 NetworkManager 的配置可以用 eduroam 配置助手工具 来生成。 此工具需要安装 pythondbus-python

手动/自动配置[编辑 | 编辑源代码]

注意: 特殊引用规则适用: 参考 netctl.profile(5) § SPECIAL QUOTING RULES.
提示:自定义证书可通过在 WPAConfigSection 中添加字段 'ca_cert="/path/to/special/certificate.cer"' 来配置。

WPA3 个人[编辑 | 编辑源代码]

WPA3 Personal, 又名 WPA3-SAE, 是一种 受保护Wi-Fi访问(Wi-Fi存取保护)的模式。

wpa_supplicantiwd 都支持 WPA3 个人认证模式。

WPA3 企业模式[编辑 | 编辑源代码]

WPA3 企业模式 是一种 受保护Wi-Fi访问(Wi-Fi存取保护)的模式。

wpa_supplicant (自版本起 2:2.10-8) 支持 WPA3 企业模式。 参见 FS#65314

提示和技巧[编辑 | 编辑源代码]

遵循监管区域要求[编辑 | 编辑源代码]

监管区域用于配置无线驱动,确保对无线硬件的使用符合由 FCC、ETSI 及其他组织制定的当地法规。监管区域使用ISO 3166-1二位字母国家代码。例如,美国的监管区域代码是“US”,中国则是“CN”,等等。

监管区域影响无线信道的可用性。在2.4GHz波段,美国允许使用1-11信道,日本是1-14,世界上多数其它地区则是1-13。在5GHz波段,允许使用信道的规则要复杂得多。这两种情况的更详细信息见这一WLAN信道列表

监管区域也影响对来自无线设备的等效各向同性辐射功率(EIRP)所作的限制。这衍生自发射功率(tx power)并以dBm/mBm(1dBm=100mBm)或mW(对数尺度)衡量。在2.4GHz波段,美国和加拿大最大限制30dBm,欧洲大部分是20dBm,世界上其他地区则是20dB-30dBm。在5GHz波段,最大值通常更低。更详细的信息请参考 wireless-regdb(EIRP dBm 值在每行第二对括号里)。

错误设置监管区域可能会有用——例如,在其他信道拥挤时可以使用未用信道,或者提升发射功率以扩大传输范围。然而不推荐这种做法,因为可能会违反当地法规以及造成与其他无线电设备的干扰。

要配置监管区域,安装 crda[损坏的链接:replaced by wireless-regdb] 并重启(以重新加载 cfg80211 模块及所有相关驱动)。检查启动日志以确认 cfg80211 正在调用CRDA:

# dmesg | grep cfg80211

以下命令可将当前监管区域设为美国:

# iw reg set US

用以下命令查询:

$ iw reg get
注意:
  • 你的设备国家代码可能为“00”,它是包含了通用设置的“世界监管区域”。如果无法解除此设置,则CRDA可能配置有误。
  • 根据 CRDA 的 README,从内核版本4.15开始就不再需要它,因为内核会自动从固件加载监管数据库。然而也有说法称这一加载操作需要特定的内核设置。

然而设置监管区域可能不会改变您的设置。有些设备在固件/EEPROM中设置了一个监管区域,为设备规定了限制,这意味着通过软件设置监管区域只能增加限制而不能减少。例如,一个 CN(中国)设备可以用软件设置为 US(美国)监管区域,但由于中国的 EIRP 最大值为20dBm,设备将无法以美国的最大值30dBm进行发射。

例如,查看一个 Atheros 设备的固件中是否设置了监管区域:

# dmesg | grep ath:

对于其他芯片组,搜索“EEPROM”、“regdomain”或设备驱动的名字可能会有用。

要查看监管区域更改是否成功,以及查询可用信道数和允许发射功率:

$ iw list | grep -A 15 Frequencies:

监管区域的持久设置可以通过编辑 /etc/conf.d/wireless-regdom 并解除相应区域的注释实现。 wpa_supplicant 也可以在 /etc/wpa_supplicant/wpa_supplicant.conf 中的 country= 行应用监管区域。

也可以通过添加模块参数(如 options cfg80211 ieee80211_regdom=EU),配置 cfg80211 内核模块,从而使用指定的监管区域。然而这是一种老旧的监管实现

更多信息请阅读 wireless.kernel.org 监管文档

Rfkill 说明[编辑 | 编辑源代码]

许多笔记本都有一个硬件按钮或开关用于关闭无线网卡,然而无线网卡也可以通过内核来屏蔽。这一任务可由 rfkill 处理。显示当前状态:

$ rfkill
ID TYPE      DEVICE      SOFT      HARD
 0 bluetooth hci0   unblocked unblocked
 1 wlan      phy0   unblocked unblocked

如果网卡处于硬件屏蔽(hard-blocked)状态,请使用硬件按钮或开关来开启它。 如果无线网卡并没有被硬件屏蔽但处于软件屏蔽(soft-blocked),请使用以下命令:

# rfkill unblock wifi
注意: 按下硬件按钮可能会让无线网卡从硬件屏蔽,软件未屏蔽状态变为硬件未屏蔽,软件屏蔽状态。 可以通过调整 rfkill 内核模块的一些选项改变这一现象。

切换无线网卡的硬件按钮是厂商专用的内核模块处理的,经常是 WMI 模块。特别是非常新的硬件型号,可能还没有得到最新稳定内核的完全支持。这种情况下,在内核 bug 跟踪系统搜索信息,并将型号报告给对应厂商内核模块的维护者(如果还没有报告的话)经常会有帮助。

参见 https://askubuntu.com/questions/62166/siocsifflags-operation-not-possible-due-to-rf-kill 。u

节能[编辑 | 编辑源代码]

电源管理#网络接口

排错[编辑 | 编辑源代码]

这个单元包含一般性的错误排除提示, 目的并非是排除与设备或固件驱动有关的错误。 对于驱动与固件上的问题, 请看 #驱动与固件排错.

临时上网[编辑 | 编辑源代码]

如果您的网络设备出了问题但需要网络访问,例如, 下载一些软件或向社区寻求帮助, 您可以利用安卓的内置功能来通过USB端口共享网络。 详见 Android Tethering#USB tethering

观察日志文件[编辑 | 编辑源代码]

分析系统日志文件是排错的良好切入点。在进行操作(如尝试连接到无线网络)的同时,打开第二个终端/控制台窗口并用以下命令监看内核消息:

# dmesg -w

这样,您就不需要手动一行一行的浏览这些消息了。

当您使用网络管理器时,同样的,可以用 systemd 提供的日志命令:

# journalctl -f 

通常来说,无线网络错误都伴随着具有特定理由代码(reason code)的取消验证(deauthentication)。例如:

wlan0: deauthenticating from XX:XX:XX:XX:XX:XX by local choice (reason=3)

对照原因代码 表可能会给出解决问题的第一个提示。

Failed to get IP address[编辑 | 编辑源代码]

本文或本章节的事实准确性存在争议。

原因: The dhcpcd vs dhclient is mostly FUD.(在 Talk:网络配置/无线网络配置 中讨论)

本文内容或本节内容已经过期。

原因: iwconfig is deprecated, see #iw and wireless tools comparison. (在Talk:网络配置/无线网络配置讨论)
  • If getting an IP address repeatedly fails using the default dhcpcd client, try installing and using dhclient instead. Do not forget to select dhclient as the primary DHCP client in the connection manager.
  • If you can get an IP address for a wired interface and not for a wireless interface, try disabling the wireless card's power saving features (specify off instead of on).
  • If you get a timeout error due to a waiting for carrier problem, then you might have to set the channel mode to auto for the specific device:
# iwconfig wlan0 channel auto

Before changing the channel to auto, make sure your wireless interface is down. After it has successfully changed it, you can bring the interface up again and continue from there.

Valid IP address but cannot resolve host[编辑 | 编辑源代码]

If you are on a public wireless network that may have a captive portal, make sure to query an HTTP page (not an HTTPS page) from your web browser, as some captive portals only redirect HTTP. If this is not the issue, check if you can resolve domain names, it may be necessary to use the DNS server advertised via DHCP.

Setting RTS and fragmentation thresholds[编辑 | 编辑源代码]

Wireless hardware disables RTS and fragmentation by default. These are two different methods of increasing throughput at the expense of bandwidth (i.e. reliability at the expense of speed). These are useful in environments with wireless noise or many adjacent access points, which may create interference leading to timeouts or failing connections.

Packet fragmentation improves throughput by splitting up packets with size exceeding the fragmentation threshold. The maximum value (2346) effectively disables fragmentation since no packet can exceed it. The minimum value (256) maximizes throughput, but may carry a significant bandwidth cost.

# iw phy0 set frag 512

RTS improves throughput by performing a handshake with the access point before transmitting packets with size exceeding the RTS threshold. The maximum threshold (2347) effectively disables RTS since no packet can exceed it. The minimum threshold (0) enables RTS for all packets, which is probably excessive for most situations.

# iw phy0 set rts 500
注意: phy0 is the name of the wireless device as listed by iw phy.

Random disconnections[编辑 | 编辑源代码]

Cause #1[编辑 | 编辑源代码]

If your journal says wlan0: deauthenticating from MAC by local choice (reason=3) and you lose your Wi-Fi connection, it is likely that you have a bit too aggressive power-saving on your Wi-Fi card. Try disabling the wireless card's power saving features (specify off instead of on).

If your card does not support enabling/disabling power save mode, check the BIOS for power management options. Disabling PCI-Express power management in the BIOS of a Lenovo W520 resolved this issue.

Cause #2[编辑 | 编辑源代码]

If you are experiencing frequent disconnections and your journal shows messages such as

ieee80211 phy0: wlan0: No probe response from AP xx:xx:xx:xx:xx:xx after 500ms, disconnecting

try changing the channel bandwidth to 20MHz through your router's settings page.

Cause #3[编辑 | 编辑源代码]

On some laptop models with hardware rfkill switches (e.g., Thinkpad X200 series), due to wear or bad design, the switch (or its connection to the mainboard) might become loose over time resulting in seemingly random hardblocks/disconnects when you accidentally touch the switch or move the laptop. There is no software solution to this, unless your switch is electrical and the BIOS offers the option to disable the switch. If your switch is mechanical (and most are), there are lots of possible solutions, most of which aim to disable the switch: Soldering the contact point on the mainboard/wifi-card, gluing or blocking the switch, using a screw nut to tighten the switch or removing it altogether.

Cause #4[编辑 | 编辑源代码]

Another cause for frequent disconnects or a complete failure to connect may also be a sub-standard router, incomplete settings of the router, interference by other wireless devices or low quality signal.

To troubleshoot, first try to connect to the router with no authentication and by getting closer to it.

If that works, enable WPA/WPA2 again but choose fixed and/or limited router settings. For example:

  • If the router is considerably older than the wireless device you use for the client, test if it works with setting the router to one wireless mode
  • Disable mixed-mode authentication (e.g. only WPA2 with AES, or TKIP if the router is old)
  • Try a fixed/free channel rather than "auto" channel (maybe the router next door is old and interfering)
  • Disable WPS
  • Change the router's 5 GHz channel(s) to a non-DFS (Dynamic Frequency Selection) channel. Connections on such channels may be dropped or suddenly switched due to interference from nearby weather radar.
  • Try setting your client to 2.4 GHz only instead of letting it choose what it thinks is best between 5 GHz and 2.4 GHz (the later has a lower throughput but will provide a more stable connection over longer distances)
  • Disable 40MHz channel bandwidth (lower throughput but less likely collisions) with cfg80211.cfg80211_disable_40mhz_24ghz=1
  • If the router has quality of service settings, check completeness of settings (e.g. Wi-Fi Multimedia (WMM) is part of optional QoS flow control. An erroneous router firmware may advertise its existence although the setting is not enabled)

Cause #5[编辑 | 编辑源代码]

On some wireless network adapters (e.g. Qualcomm Atheros AR9485), random disconnects can happen with a DMA error:

# journalctl -xb
ath: phy0: DMA failed to stop in 10 ms AR_CR=0x00000024 AR_DIAG_SW=0x02000020 DMADBG_7=0x0000a400
wlp1s0: authenticate with 56:e7:ee:7b:55:bc
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 1/3)
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 2/3)
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 3/3)
wlp1s0: authentication with 56:e7:ee:7b:55:bc timed out

A possible workaround is to disable the Intel IOMMU driver (DMA), adding intel_iommu=off to the kernel parameters [2].

注意: The Intel IOMMU driver is needed for some advanced virtual machine features, like PCI pass-through.

Cause #6[编辑 | 编辑源代码]

If you are using a device with iwlwifi and iwlmvm for wireless connectivity, and your Wi-Fi card appears to disappear when on battery power (perhaps after a reboot or resuming from suspend), this can be fixed by configuring power saving settings in iwlmvm.

Create the file /etc/modprobe.d/iwlmvm.conf if it does not exist already, then add the following line to it:

/etc/modprobe.d/iwlmvm.conf
options iwlmvm power_scheme=1

A power_scheme of 1 sets iwlmvm to "Always Active." Available options are:

Value Description
1 Always Active
2 Balanced
3 Low-power

This fix was discovered at [3].

Cause #7[编辑 | 编辑源代码]

If your device undergoes long periods of inactivity (e.g. a file server), the disconnection may be due to power saving, which will block incoming traffic and prevent connections. Try disabling power saving for the interface:

# iw dev interface set power_save off

You can create a udev rule to do this on boot, see Power management#Network interfaces.

Cause #8[编辑 | 编辑源代码]

If you notice occasional interruptions when connected to a mesh network (e.g., WiFi6) and notice a message such as:

# journalctl -b
kernel: wlan0: disconnect from AP aa:bb:cc:dd:ee:ff for new auth to 11:22:33:44:55:66

You are experiencing roaming issues. Depending on your mean of connection and the issue at hand, one could:

Wi-Fi networks invisible because of incorrect regulatory domain[编辑 | 编辑源代码]

If the computer's Wi-Fi channels do not match those of the user's country, some in-range Wi-Fi networks might be invisible because they use wireless channels that are not allowed by default. The solution is to configure the regulatory domain correctly; see #Respecting the regulatory domain.

驱动与固件排错[编辑 | 编辑源代码]

This section covers methods and procedures for installing kernel modules and firmware for specific chipsets, that differ from generic method.

See Kernel modules for general informations on operations with modules.

Ralink[编辑 | 编辑源代码]

rt2x00[编辑 | 编辑源代码]

Ralink 芯片组的统一驱动,代替了 rt2500, rt61, rt73 等。Linux 内核从 2.6.24 开始包含此驱动,但是有些设备可能需要额外固件。可以使用标准 wpa_supplicantiwconfig 工具配置。

有些芯片组需要固件文件,可以安装软件包 linux-firmware

参见: Using the new rt2x00 beta driver

  • Since kernel 3.0, rt2x00 includes also these drivers: rt2800pci, rt2800usb. rt2860sta 被主分支驱动 rt2800pci 替代,rt2870start2800usb 替代。
  • 通过 iwpriv 可以配置很多参数,文档在 Ralink 源代码包 中。

rt3090[编辑 | 编辑源代码]

For devices which use the rt3090 chipset, it should be possible to use the rt2800pci driver; however, it does not work with this chipset very well (e.g. sometimes it is not possible to use higher rate than 2Mb/s).

rt3290[编辑 | 编辑源代码]

The rt3290 chipset is recognised by the kernel rt2800pci module. However, some users experience problems and reverting to a patched Ralink driver seems to be beneficial in these cases.

rt3573[编辑 | 编辑源代码]

2012年新出的芯片组,需要 Ralink 的闭源驱动,有不同的厂商使用他们,参阅Belkin N750 示例

mt7612u[编辑 | 编辑源代码]

New chipset as of 2014, released under their new commercial name Mediatek. It is an AC1200 or AC1300 chipset. Manufacturer provides drivers for Linux on their support page. As of kernel 5.5 it should be supported by the included mt76 driver.

Realtek[编辑 | 编辑源代码]

See [4][失效链接 2022-11-10] for a list of Realtek chipsets and specifications.

rtl8192cu[编辑 | 编辑源代码]

The driver is now in the kernel, but many users have reported being unable to make a connection although scanning for networks does work.

8192cu-dkmsAUR includes many patches; try this if it does not work fine with the driver in kernel.

rtl8723ae/rtl8723be[编辑 | 编辑源代码]

The rtl8723ae and rtl8723be modules are included in the mainline Linux kernel.

Some users may encounter errors with powersave on this card. This is shown with occasional disconnects that are not recognized by high level network managers (netctl, NetworkManager). This error can be confirmed by running dmesg -w as root or journalctl -f as root and looking for output related to powersave and the rtl8723ae/rtl8723be module. If you have this issue, use the fwlps=0 kernel option which should prevent the WiFi card from automatically sleeping and halting connection. See Kernel module#Setting module options.

If you have poor signal, perhaps your device has only one physical antenna connected, and antenna autoselection is broken. You can force the choice of antenna with ant_sel=1 or ant_sel=2 kernel option. [5]

rtl88xxau[编辑 | 编辑源代码]

Realtek chipsets rtl8811au, rtl8812au, rtl8814au and rtl8821au designed for various USB adapters ranging from AC600 to AC1900. Several packages provide various kernel drivers, these require DKMS (the dkms package and the kernel headers installed):

Chipset Package Notes
rtl8811au, rtl8812au, rtl8821au rtl88xxau-aircrack-dkms-gitAUR Aircrack-ng kernel module for 8811au, 8812au and 8821au chipsets with monitor mode and injection support.
rtl8812au rtl8812au-dkms-gitAUR Latest official Realtek driver version for rtl8812au only.
rtl8811au, rtl8821au rtl8821au-dkms-gitAUR Newer driver version for rtl8821au.
rtl8814au rtl8814au-dkms-gitAUR Possibly works for rtl8813au too.

rtl8811cu/rtl8821cu[编辑 | 编辑源代码]

rtl8821cu-dkms-gitAUR provides a kernel module for the Realtek 8811cu and 8821cu chipset.

This requires DKMS, so make sure you have your proper kernel headers installed.

If no wireless interface shows up even though the 8821cu module is loaded, you may need to manually specify the rtw_RFE_type option [6][7]. Try e.g. rtw_RFE_type=0x26, other values might also work. See Kernel module#Setting module options for details.

rtl8821ce[编辑 | 编辑源代码]

rtl8821ce-dkms-gitAUR provides a kernel module for the Realtek 8821ce chipset found in the Asus X543UA.

This requires DKMS, so make sure you have your proper kernel headers installed.

注意: It has been reported [8] that the default rtl8821ce module provided by Realtek is broken for Linux kernel ≥ 5.9, which may lead to low connectivity. The AUR version above should be preferred. See the statement on GitHub. Use lspci -k to check whether the default kernel driver (rtw88_8821ce) is in use. If it is, blacklist it and reboot your system.

rtl8822bu[编辑 | 编辑源代码]

rtl88x2bu-dkms-gitAUR provides a kernel module for the Realtek 8822bu chipset found in the Edimax EW7822ULC USB3, Asus AC53 Nano USB 802.11ac and TP-Link Archer T3U adapter.

This requires DKMS, so make sure you have your proper kernel headers installed.

rtl8xxxu[编辑 | 编辑源代码]

这篇文章的某些内容需要扩充。

原因: Specific issues with the mainline module and kernel versions should be stated. (在 Talk:网络配置/无线网络配置 中讨论)

Issues with the rtl8xxxu mainline kernel module may be solved by compiling a third-party module for the specific chipset. The source code can be found in GitHub repositories.

Some drivers may be already prepared in the AUR, e.g. rtl8723bu-dkms-gitAUR.

RTW88[编辑 | 编辑源代码]

An RTW88 kernel module patchset has been recently posted to the kernel mailing list, which should hopefully make it into the mainstream kernel.

Upstream kernels or those with the patchset will support most RTW88 chip devices if configured and compiled to do so. linux-zen and linux-zen-gitAUR both include these patches, with the packaged version already having the module built.

The driver supports: 882BE, 8822BU, 8822CE, 8822CU, 8723DE, 8723DU, 8821CE, and 8821CU.

Atheros[编辑 | 编辑源代码]

MadWifi team 开发组维护了三个模块:
  • madwifi 是最老的驱动, Arch kernel 从 2.6.39.1 开始已经不再包含。
  • ath5k 将逐步替代 ath_pci,有些芯片组使用效果很好,但有些还不能很好工作(后面有介绍)
  • ath9k 是新的官方驱动,适用于新 Atheros 硬件。

There are some other drivers for some Atheros devices. See Linux Wireless documentation for details.

ath5k[编辑 | 编辑源代码]

参考:

If you find web pages randomly loading very slow, or if the device is unable to lease an IP address, try to switch from hardware to software encryption by loading the ath5k module with nohwcrypt=1 option. See Kernel modules#Setting module options for details.

有些笔记本的 LED 指示灯有问题,可以:

echo none > "/sys/class/leds/ath5k-phy0::tx/trigger"
echo none > "/sys/class/leds/ath5k-phy0::rx/trigger"

ath9k[编辑 | 编辑源代码]

External resources:

As of Linux 3.15.1, some users have been experiencing a decrease in bandwidth. In some cases, this can fixed by setting the nohwcrypt=1 option for the ath9k module. See Kernel module#Setting module options.

注意: Use the command lsmod to see what modules are in use and change ath9k if it is named differently (e.g. ath9k_htc).

An ath9k mailing list exists for support and development related discussions.

Power saving[编辑 | 编辑源代码]

Although Linux Wireless says that dynamic power saving is enabled for Atheros ath9k single-chips newer than AR9280, for some devices (e.g. AR9285) powertop might still report that power saving is disabled. In this case enable it manually.

On some devices (e.g. AR9285), enabling the power saving might result in the following error:

# iw dev wlan0 set power_save on
command failed: Operation not supported (-95)

The solution is to set the ps_enable=1 option for the ath9k module. see Kernel module#Setting module options.

Intel[编辑 | 编辑源代码]

iwlegacy[编辑 | 编辑源代码]

iwlegacy is the wireless driver for Intel's 3945 and 4965 wireless chips. The firmware is included in the linux-firmware package.

udev should load the driver automatically, otherwise load iwl3945 or iwl4965 manually. See Kernel modules for details.

If you have problems connecting to networks in general or your link quality is very poor, try to disable 802.11n:

/etc/modprobe.d/iwl4965.conf
options iwl4965 11n_disable=1

If the failures persist during bootup and you are using Nouveau driver, try enabling early KMS to prevent the conflict [9].

iwlwifi[编辑 | 编辑源代码]

iwlwifi is the wireless driver for Intel's current wireless chips, such as 5100AGN, 5300AGN, and 5350AGN. See the full list of supported devices. The firmware is included in the linux-firmware package. The linux-firmware-iwlwifi-gitAUR may contain some updates sooner.

If you have problems connecting to networks in general or your link quality is very poor, try to disable 802.11n, and perhaps also enable software encryption:

/etc/modprobe.d/iwlwifi.conf
options iwlwifi 11n_disable=1 swcrypto=1

If you have a problem with slow uplink speed in 802.11n mode, for example 20Mbps, try to enable antenna aggregation:

/etc/modprobe.d/iwlwifi.conf
options iwlwifi 11n_disable=8

Do not be confused with the option name, when the value is set to 8 it does not disable anything but re-enables transmission antenna aggregation.[10] [11]

In case this does not work for you, you may try disabling power saving for your wireless adapter.

Some have never gotten this to work. Others found salvation by disabling N in their router settings after trying everything. This is known to have been the only solution on more than one occasion. The second link there mentions a 5ghz option that might be worth exploring.

If you have an 802.11ax (WiFi 6) access point and have problems detecting the beacons or an unreliable connection, review Intel Article 54799.

注意: Using 11n_disable=0 will also prevent 802.11ac and only allow connection with slower protocols (802.11a in the 5GHz band or 802.11b/g in the 2.4 GHz band).
Bluetooth coexistence[编辑 | 编辑源代码]

If you have difficulty connecting a bluetooth headset and maintaining good downlink speed, try disabling bluetooth coexistence [12]:

/etc/modprobe.d/iwlwifi.conf
options iwlwifi bt_coex_active=0
注意: Since kernel version 5.8, the bt_coex_active and sw_crypto module options have been disabled for the hardware handled by the iwlmvm kernel module. For older hardware handled by the iwldvm module, the options are still enabled.
Firmware issues[编辑 | 编辑源代码]

You may have some issue where the driver outputs stack traces & errors, which can cause some stuttering.

# dmesg
Microcode SW error detected.  Restarting 0x2000000.

Alternatively, you may simply experience miscellaneous issues (e.g. connection issues on 5GHz, random disconnections, no connection on resume).

To confirm it is the cause of the issues, downgrade the package linux-firmware.

If confirmed, move the buggy firmware files so that an older version is loaded (to be able to have an up to date linux-firmware since it is not only providing firmware updates for your Intel WiFi card):

# for i in {64..73} ; do mv /usr/lib/firmware/iwlwifi-ty-a0-gf-a0-$i.ucode.xz /usr/lib/firmware/iwlwifi-ty-a0-gf-a0-$i.ucode.xz.bak ; done

To avoid having to repeat these steps manually after each update, use the NoExtract array in pacman.conf with a wildcard to block their installation. See pacman#Skip files from being installed to system.

Adapter not detected after booting from Windows[编辑 | 编辑源代码]

If the WiFi adapter is not getting detected after finishing a session in Windows, this might be due to Windows' Fast Startup feature which is enabled by default. Try disabling Fast Startup. The iwlwifi kernel driver wiki has an entry for this.

禁用 LED 闪烁[编辑 | 编辑源代码]
注意: This works with the iwlegacy and iwlwifi drivers.

默认设置中 LED 闪烁是开着的,有些人不喜欢,可以systemd-tmpfiles[损坏的链接:无效的章节]禁止闪烁:

/etc/tmpfiles.d/phy0-led.conf
w /sys/class/leds/phy0-led/trigger - - - - phy0radio

Run systemd-tmpfiles --create phy0-led.conf for the change to take effect, or reboot.

To see all the possible trigger values for this LED:

# cat /sys/class/leds/phy0-led/trigger
提示:If you do not have /sys/class/leds/phy0-led, you may try to use the led_mode="1" module option. It should be valid for both iwlwifi and iwlegacy drivers.
# cat /sys/class/leds/phy0-led/trigger

Broadcom[编辑 | 编辑源代码]

See Broadcom wireless.

Tenda w322u[编辑 | 编辑源代码]

Treat this Tenda card as an rt2870sta device. See #rt2x00.

orinoco[编辑 | 编辑源代码]

这应当是内核的一部分,是已经被安装的。

Some Orinoco chipsets are Hermes II. You can use the wlags49_h2_cs driver instead of orinoco_cs and gain WPA support. To use the driver, blacklist orinoco_cs first.

prism54[编辑 | 编辑源代码]

The driver p54 is included in kernel, but you have to download the appropriate firmware for your card from this site and install it into the /usr/lib/firmware directory.

过时的 prism54 和新内核模块 p54pcip54usb 同时装入造成冲突,使用 lsmod | grep prism54 查看是否装入了过时模块,如果是,那么就 屏蔽 prism54 并根据上面方法修改固件名称。

zd1211rw[编辑 | 编辑源代码]

zd1211rw 是ZyDAS ZD1211 802.11b/g USB WLAN芯片的驱动,最近的版本的内核已经包括了。[13]有被支持的设备列表。 需要安装固件zd1211-firmwareAUR

hostap_cs[编辑 | 编辑源代码]

Host AP is a Linux driver for wireless LAN cards based on Intersil's Prism2/2.5/3 chipset. The driver is included in Linux kernel.

注意: Make sure to blacklist the orinico_cs driver, it may cause problems.

Other drivers/devices[编辑 | 编辑源代码]

Tenda w322u[编辑 | 编辑源代码]

Treat this Tenda card as an rt2870sta device. See #rt2x00.

orinoco[编辑 | 编辑源代码]

This should be a part of the kernel package and be installed already.

Some Orinoco chipsets are Hermes II. You can use the wlags49_h2_cs driver instead of orinoco_cs and gain WPA support. To use the driver, blacklist orinoco_cs first.

prism54[编辑 | 编辑源代码]

The driver p54 is included in kernel, but you have to download the appropriate firmware for your card from this site and install it into the /usr/lib/firmware directory.

注意: There is also older, deprecated driver prism54, which might conflict with the newer driver (p54pci or p54usb). Make sure to blacklist prism54.

ACX100/111[编辑 | 编辑源代码]

警告: The drivers for these devices are broken and do not work with newer kernel versions.

Packages: tiacx tiacx-firmware (deleted from official repositories and AUR)

See official wiki for details.

zd1211rw[编辑 | 编辑源代码]

zd1211rw is a driver for the ZyDAS ZD1211 802.11b/g USB WLAN chipset, and it is included in recent versions of the Linux kernel. See [14] for a list of supported devices. You only need to install the firmware for the device, provided by the zd1211-firmwareAUR package.

hostap_cs[编辑 | 编辑源代码]

Host AP is a Linux driver for wireless LAN cards based on Intersil's Prism2/2.5/3 chipset. The driver is included in Linux kernel.

注意: Make sure to blacklist the orinico_cs driver, it may cause problems.

ndiswrapper[编辑 | 编辑源代码]

Ndiswrapper并不是一个真正的驱动,但是如果你无法找到适合你的无线网卡驱动的适合, 它就派上用场了.有的时候, 它是非常有用的.为了使用Ndiswrapper, 你需要Windows驱动中的*.inf文件(*.sys文件应该和*.info在同一个目录中)。如果你需要从 *.exe 文件解压缩,你可以使用 cabextract.

警告: 确保使用合适架构(也就是32/64位)的驱动。

下面是安装ndiswrapper的几个步骤:


1. 安装 ndiswrapper-dkms 2. 安装驱动到 /etc/ndiswrapper/*

ndiswrapper -i filename.inf

3. 列出所有的安装的驱动

ndiswrapper -l

4. 配置文件写到 /etc/modprobe.d/ndiswrapper.conf

ndiswrapper -m
depmod -a

然后依照 这里设置启动时加载这个模块。

modprobe ndiswrapper
iwconfig

如果正常的话, 你应该可以看到wlan0接口了. 如果有问题的话, 你可以阅读: Ndiswrapper installation wiki[失效链接 2020-08-04 ⓘ]. ndiswrapper howtondiswrapper FAQ.

参见[编辑 | 编辑源代码]