netcfg

From ArchWiki
Revision as of 13:59, 13 May 2012 by 65kid (Talk | contribs) (systemd support)

Jump to: navigation, search

This template has only maintenance purposes. For linking to local translations please use interlanguage links, see Help:i18n#Interlanguage links.


Local languages: Català – Dansk – English – Español – Esperanto – Hrvatski – Indonesia – Italiano – Lietuviškai – Magyar – Nederlands – Norsk Bokmål – Polski – Português – Slovenský – Česky – Ελληνικά – Български – Русский – Српски – Українська – עברית – العربية – ไทย – 日本語 – 正體中文 – 简体中文 – 한국어


External languages (all articles in these languages should be moved to the external wiki): Deutsch – Français – Română – Suomi – Svenska – Tiếng Việt – Türkçe – فارسی

Summary help replacing me
A guide to installing and configuring netcfg – network configuration and profile scripts.
Overview
Template:Networking overview
Resources
netcfg network scripts repository

From the netcfg man page:

netcfg is used to configure and manage network connections via profiles. It has pluggable support for a range of connection types, such as wireless, ethernet, ppp. It is also capable of starting/stopping many to one connections, that is, multiple connections within the same profile, optionally with bonding.

netcfg is useful for users seeking a simple and robust means of managing multiple network configurations (e.g. laptop users). For systems connecting to a single network, the network daemon may be more appropriate.

Preparation

In the simplest cases, users must at least know the name of their network interface(s) (e.g. eth0, wlan0). If configuring a static IP address, the IP addresses of the default gateway and name server(s) must also be known.

If connecting to a wireless network, have some basic information ready. For a wireless network this includes what type of security is used, the network name (ESSID), and any password or encryption keys. Additionally, ensure the proper drivers and firmware are installed for the wireless device, as described in Wireless Setup.

Installation

Ensure you have the latest version of netcfg installed. Older versions have more bugs and may not work well with the latest drivers. The netcfg package is available in the official repositories.

As of netcfg version 2.5.x, optional dependencies include wpa_actiond – required for automatic/roaming wireless connections – and ifplugd – required for automatic Ethernet configuration. (More information.)

If you want to have Bash completion support for netcfg, install the bash-completion package from the official repositories.

Configuration

Network profiles are stored in the /etc/network.d directory. To minimize the potential for errors, copy an example configuration from /etc/network.d/examples/ to /etc/network.d/mynetwork. The file name is the name of the network profile ("mynetwork" is used as an example throughout this article). The name is not a network setting and does not need to match the wireless network name (SSID).

Depending on the connection type and security, use one of the following examples from /etc/network.d/examples as a base. Be wary of examples found on the Internet as they often contain deprecated options that may cause problems.

Connection type/security Example profile
Wireless; WEP hex key wireless-wep
Wireless; WEP string key wireless-wep-string-key
Wireless; WPA-Personal (passphrase/pre-shared key) wireless-wpa
Wireless; WPA-Enterprise wireless-wpa-config (wpa_supplicant configuration is external)
wireless-wpa-configsection (wpa_supplicant configuration stored as string)
Wired; DHCP ethernet-dhcp
Wired; static IP ethernet-static
Wired; iproute configuration ethernet-iproute

Next, modify the new configuration file, /etc/network.d/mynetwork:

  • Set INTERFACE to the correct wireless or Ethernet interface. This can be checked with ip link and iwconfig.
  • Ensure the ESSID and KEY (passphrase) are set correctly for wireless connections. Typos in these fields are common errors.
    • Note that WEP string keys (not hex keys) must be specified with a leading s: (e.g. KEY="s:somepasskey").
Note: netcfg configurations are valid Bash scripts. Any configuration involving special characters such as $ or \ needs to be quoted correctly otherwise it will be interpreted by Bash. To avoid interpretation, use single quotes or backslash escape characters where appropriate.
Note: Network information (e.g. wireless passkey) will be stored in plain text format, so users may want to change the permissions on the newly created profile (e.g. chmod 0600 /etc/network.d/mynetwork to make it readable by root only).
Note: For WPA-Personal, it is also possible to use WPA passkey encoded into a hexadecimal string, instead of as a plain text passkey.

Follow the procedure on the WPA supplicant page's first example exercise to generate a hexadecimal string from you WPA passkey.
Save the new hexadecimal string into your wireless WPA profile in /etc/network.d/mynetwork as the value of the KEY variable (make sure this will be the only KEY variable enabled), to look similar to this (replace the string with your one):

KEY='7b271c9a7c8a6ac07d12403a1f0792d7d92b5957ff8dfd56481ced43ec6a6515'

That should do it, without the need to reveal the passkey.

Usage

To connect a profile:

# netcfg mynetwork

To disconnect a profile:

# netcfg down <profile-name>

If successful, users can configure netcfg to connect automatically or during boot. If the connection fails, see #Troubleshooting for solutions and how to get help.

For other functions, see:

$ netcfg help

Connecting automatically

Several methods are available to users wanting to automatically connect network profiles (e.g. during boot or whilst roaming). Note that a network profile must be properly configured within the /etc/network.d directory first (see #Configuration).

Tip: If enabling one of the following daemons and nothing is configured within the INTERFACES array in /etc/rc.conf, you may remove the network daemon from the DAEMONS array. If you mount NFS shares during boot, ensure the netfs daemon remains listed, though (otherwise the network will be dropped before unmounting shares during shutdown).

net-profiles

net-profiles allows users to connect profiles during boot.

To enable this feature, users must add net-profiles to the DAEMONS array in /etc/rc.conf and specify profiles to try in the NETWORKS array in /et/conf.d/netcfg:

/etc/rc.conf
DAEMONS=(... net-profiles ...)
/etc/conf.d/netcfg
NETWORKS=(mynetwork yournetwork)

Alternatively, net-profiles can be configured to display a menu – allowing users to choose a desired profile – by setting the contents of the NETWORKS array to menu:

/etc/conf.d/netcfg
NETWORKS=(menu)

Additionally, the dialog package is required.

Tip: Access the menu at any time by running netcfg-menu in a terminal.

net-auto-wireless

net-auto-wireless allows users to automatically connect to wireless networks with proper roaming support.

To enable this feature, users must add net-auto-wireless to the DAEMONS array in /etc/rc.conf:

/etc/rc.conf
DAEMONS=(... net-auto-wireless ...)

And specify the desired wireless interface with the WIRELESS_INTERFACE variable in /etc/conf.d/netcfg:

/etc/conf.d/netcfg
WIRELESS_INTERFACE="wlan0"

It is also possible to define a list of wireless networks that should be automatically connected with the AUTO_PROFILES variable in /etc/conf.d/netcfg. If AUTO_PROFILES is not set, all wireless networks will be tried.

Additionally, the wpa_actiond package is required. Note that wireless-wpa-config profiles do not work with net-auto-wireless. Convert them to wireless-wpa-configsection instead.

net-auto-wired

net-auto-wired allows users to automatically connect to wired networks.

To enable this feature, users must install ifplugd, then add net-auto-wired to the DAEMONS array in /etc/rc.conf and specify the desired wired interface with the WIRED_INTERFACE variable in /etc/conf.d/netcfg:

/etc/rc.conf
DAEMONS=(... net-auto-wired ...)
/etc/conf.d/netcfg
WIRED_INTERFACE="eth0"

The daemon starts an ifplugd process which runs /etc/ifplugd/netcfg.action when the status of the wired interface changes (e.g. a cable is plugged in or unplugged). On plugging in a cable, attempts are made to start any profiles with CONNECTION = "ethernet" or "ethernet-iproute" and INTERFACE = WIRED_INTERFACE until one of them succeeds.

Note: DHCP profiles are tried before static ones, which could lead to undesired results in some cases. However, one can tell netcfg to prefer a particular interface by adding AUTO_WIRED=1 to the desired profile.
Note: The net-auto-wired daemon cannot start multiple ifplugd processes for multiple interfaces (unlike ifplugd's own /etc/rc.d/ifplugd which can).


systemd support

Since version 2.8.2 netcfg provides systemd unit files. The service files net-auto-wireless.service and net-auto-wired.service correspond to the initscripts daemons /etc/rc.d/net-auto-wireless and /etc/rc.d/net-auto-wired. To connect to multiple profiles at boot you can use netcfg.service which is equivalent to /etc/rc.d/net-profiles and starts all profiles specified in the NETWORKS array in /etc/conf.d/netcfg. These service files can be enabled and started with systemctl as usual.

Alternatively you can use the template service file netcfg@.service that allows you to connect to a single profile on boot without having to specify it in /etc/conf.d/netcfg. To specify the desired profile, create a corresponding symlink to /etc/systemd/system/multi-user.target.wants:

# ln -s /usr/lib/systemd/system/netcfg@.service /etc/systemd/system/multi-user.target.wants/netcfg@<profile-name>.service

Tips and tricks

Passing arguments to iwconfig before connecting

Simply add the following to a profile:

IWCONFIG="<arguments>"

Where <arguments> can be any valid iwconfig argument. The script then runs iwconfig $INTERFACE $IWCONFIG.

For example, force the card to register to a specific access point given by MAC address:

IWCONFIG="ap 12:34:56:78:90:12"

This supersedes the IWOPTS and WEP_OPTS options which were incompletely implemented.

rfkill (enable/disable radio power)

netcfg can enable/disable radio for wireless cards equipped with software control of radio. For wireless cards with hardware switches, netcfg can detect disabled hardware switches and fail accordingly.

To enable rfkill support, you need to specify what sort of switch the wireless interface has; hardware or software. This can be set within a profile or at the interface level (/etc/network.d/interfaces/$INTERFACE; see #Per-interface configuration).

RFKILL=soft # can be either 'hard' or 'soft'

For some kill switches the rfkill entry in /sys is not linked to the interface and the RFKILL_NAME variable needs to be set to the contents of the matching /sys/class/rfkill/rfkill#/name.

For example, on an Eee PC:

RFKILL=soft
RFKILL_NAME='eeepc-wlan'

On a mid-2011 Thinkpad:

RFKILL=hard
RFKILL_NAME='phy0'
Note: The net-auto-wireless daemon requires an interface level configuration of rfkill or it will not start.
Warning: Some devices (at least few SiS cards) can create /sys/class/rfkill/rfkill# entries with different names on every switch. Something like this will work in such cases (wifi-only solution!):
/etc/network.d/interfaces/wlan0
RFKILL=hard
RFKILL_NAME=`cat /sys/class/rfkill/rfkill*/name 2> /dev/null || echo ""`

Execute commands before/after interface up/down

If your interface requires special actions prior/after the establishment/closure of a connection, you may use the PRE_UP, POST_UP, PRE_DOWN, and POST_DOWN variables.

For example, if you want to configure your wireless card to operate in ad-hoc mode but you can only change modes when the interface is down, you could use something like this:

PRE_UP="ip link set wlan0 down; iwconfig wlan0 mode ad-hoc"

Or if you want to mount your network shares after a successful connection, you could use:

POST_UP="sleep 5; mount /mnt/shares/nexus/utorrent 2>/dev/null"

Sometimes you may want to run something from netcfg with another user:

POST_UP="su -c '/you/own/command' username"
Note: If the commands specified in these properties return anything other than 0 (success), netcfg aborts the current operation. So if you want to mount a certain network share that might not be available at the time of connection (thus returning an error), you could create a separate Bash script with the mount commands and a exit 0 at the end. Alternatively you can add || true to the end of the command that may fail.

Intermittent Connection Failure

Some driver+hardware combinations drop associations sometimes. Use the pre and post commands to add/remove the driver and use a script like the following to fix the current connection:

/usr/local/bin/netcfgd
#!/bin/bash
log() { logger -t "$( basename $0 )" "$*" ; }

main() {
        local host
        while sleep 1; do
                [[ "$( netcfg current )" = "" ]] && continue

                host=$( route -n | awk '/^0.0.0.0/ { print $2 }' )
                ping -c 1 $host && continue

                log "trying to reassociate"
                wpa_cli reassociate
                ping -c 1 $host && continue

                log "reassociate failed, reconfiguring network"
                netcfg -r $( netcfg current )
        done
}

exec 1>/dev/null
[[ $EUID != 0 ]] && { log "must be root"; exit 1; }

for cmd in wpa_cli ping netcfg; do
        ! which $cmd && {
                log "can't find command ${cmd}, exiting..."
                exit 1
        }
done

log 'starting...'
main 

Per-interface configuration

Configuration options that apply to all profiles using an interface can be set using /etc/network.d/interfaces/$INTERFACE. For example:

/etc/network.d/interfaces/wlan0

This is useful for wpa_supplicant options, rfkill switch support, pre/post up/down scripts and net-auto-wireless. These options are loaded before profiles so that any profile-based options will take priority.

/etc/network.d/interfaces/$INTERFACE may contain any valid profile option, though you are likely to use PRE_UP/DOWN and POST_UP/DOWN (described in the previous section) or one of the options listed below. Remember that these options are set for all profiles using the interface; you probably do not want to connect to your work VPN here, for instance, as it will try to connect on every wireless network!

WPA_GROUP   - Setting the group of the wpa_ctrl interface
WPA_COUNTRY - Enforces local regulatory limitations and allows use of more channels
WPA_DRIVER  - Defaults to wext, may want nl80211 for mac80211 devices
Note: POST_UP/POST_DOWN require the wpa_actiond package.

Output hooks

netcfg has limited support to load hooks that handle output. By default it loads the arch hook which provides the familiar output that you see. A syslog logging hook is also included. These can be found at /usr/lib/network/hooks.

ArchAssistant (GUI)

A Qt-based netcfg front-end called ArchAssistant exists. It proposes to manage and connect/disconnect profiles from a system tray icon. Automatic wireless detection is also available. This tool is particularly useful for laptop users.

Links:

There is also a relatively new GUI for netcfg on qt-apps.org that does only network configuration. You can find it here.

wifi-select

There is a console tool for selecting wireless networks in "real-time" (in NetworkManager fashion) called wifi-select. The tool is convenient for use in Internet cafés or other places you are visiting for the first (and maybe the last) time. With this tool, you do not need to create a profile for a new network, just run wifi-select wlan0 as root and choose the desired network.

The tool is currently packaged as wifi-select and is available in the official repositories.

wifi-select does the following:

  • parses iwlist scan results and presents a list of networks along with their security settings (WPA/WEP/none) using dialog
  • if user selects network with existing profile -- just use this profile to connect with netcfg
  • if user selects a new network (for example, a Wi-Fi hotspot), wifi-select automatically generates a new profile with corresponding $SECURITY and asks for the key (if needed). It uses DHCP as $IP by default
  • then, if the connection succeeds, the profile is saved for later usage
  • if the connection fails, the user is asked if he or she wants to keep generated profile for further usage (for example to change $IP to static or adjust some additional options)

Links:

Note: Latest version of netcfg will provide wifi-menu with functionality equal to that of wifi-select.

Passing arguments to dhcpcd

For example, add

DHCP_OPTIONS='-C resolv.conf -G'

to the desired profile. The above example prevents dhcpcd from writing to /etc/resolv.conf and setting any default routes.

Using dhclient instead of dhcpcd

To use dhclient instead of dhcpcd, simply add DHCLIENT=yes to the desired profile.

Configuring a bridge for use with virtual machines (VMs)

To configure a bridge named br0 with a static IP:

/etc/network.d/br0
INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="bridge br0 static"
BRIDGE_INTERFACES="eth0"
IP='static'
ADDR='10.0.0.10'
GATEWAY='10.0.0.1'
DNS='10.0.0.1'

To configure a bridge named br0 with a dhcp IP:

/etc/network.d/br0
INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="bridge br0 dhcp"
BRIDGE_INTERFACES="eth0"
IP='dhcp'

Then add the corresponding bridge name to your NETWORKS=(...) in /etc/conf.d/netcfg.

It can be brought up by calling it directly, or by restarting net-profiles.

netcfg br0
rc.d restart net-profiles

Adding multiple IP addresses to one interface

If you want to assign multiple IP addresses to 1 specific interface, this can be done by issuing the relevant ip command in a POST_UP statement (which as the name suggests will be executed after the interface has been brought up). Multiple statements can be separated with a ;. So if you for example would want to assign both 10.0.0.1 and 10.0.0.2 to interface eth0; the config would look something among the lines of:

/etc/network.d/multiple_ip
INTERFACE="eth0"
CONNECTION="ethernet"
IP='static'
ADDR='10.0.0.1'
POST_UP='ip addr add 10.0.0.2/24 dev eth0'

Adding static routes

When wanting to configure static routes, this can be done by issuing the relevant ip command in a POSTUP statement (which as the name suggests will be executed after the interface has been brought up). Optionally, a PRE_DOWN statement can be added to remove said routes when the interface is brought down. Multiple statements can be separated with a ;. In the below example we'll route 10.0.1.0/24 over interface eth1 and then remove the route when the interface is brought down.

/etc/network.d/static_routes
INTERFACE="eth1"
CONNECTION="ethernet"
IP='static'
POST_UP='ip route add 10.0.1.0/24 dev eth1'
PRE_DOWN='ip route del 10.0.1.0/24 dev eth1'

Troubleshooting

Debugging

To run netcfg with debugging output, set the NETCFG_DEBUG environment variable to "yes", for example:

# NETCFG_DEBUG="yes" netcfg <arguments>

Debugging information for wpa_supplicant can be logged using WPA_OPTS within a profile, for example:

WPA_OPTS="-f/path/to/log"

Whatever is entered here will be added to the command when wpa_supplicant is called.

Network unavailable

This error is typically due to:

  • Out of range; or
  • Driver issue.

Wireless association failed

This error is typically due to:

  • Out of range/reception;
  • Incorrect configuration;
  • Invalid key;
  • Driver problem; or
  • Trying to connect to a hidden network.

If the connection problem is due to poor reception, increase the TIMEOUT variable in /etc/network.d/mynetwork, such as:

TIMEOUT=60

If an AP with a hidden SSID is used, try:

PRE_UP='iwconfig $INTERFACE essid $ESSID'

Unable to get IP address with DHCP

This error is typically due to:

  • Out of range/reception

Try increasing DHCP_TIMEOUT variable in your network /etc/network.d/profile.

Not a valid connection, check spelling or look at examples

You must set CONNECTION to one of the connection types listed in the /usr/lib/network/connections directory. Alternatively, use one of the provided configuration examples in /etc/network.d/examples.

No Connection

If you get a set of debug messages similar to the following (remembering that profile names and interface names may be different), it could be that the process of bringing up the interface is taking too long.

 DEBUG: Loading profile eth0-dhcp
 DEBUG: Configuring interface eth0
 :: eth0-dhcp up
 DEBUG: status reported to profile_up as:
 DEBUG: Loading profile eth0-dhcp
 DEBUG: Configuring interface eth0
 DEBUG: ethernet_iproute_up ifup
   > No connection
 DEBUG: profile_up connect failed
  [FAIL]

The default is 2 seconds. To lengthen the timeout, set the CARRIER_TIMEOUT variable before calling netcfg.

This thread shows one example of this issue: https://bbs.archlinux.org/viewtopic.php?id=138615

Driver quirks

Note: You most likely do not need quirks; ensure your configuration is correct before considering them. Quirks are intended for a small range of drivers with unusual issues, many of them older versions. These are workarounds, not solutions.

Some drivers behave oddly and need workarounds to connect. Quirks must be enabled manually. They are best determined by reading the forums, seeing what others have used, and, if that fails, trial and error. Quirks can be combined.

prescan
Run iwlist $INTERFACE scan before attempting to connect (Broadcom)
preessid
Run iwconfig $INTERFACE essid $ESSID before attempting to connect (ipw3945, Broadcom and Intel PRO/Wireless 4965AGN)
wpaessid
Same as previous, run before starting wpa_supplicant. Not supported anymore - use IWCONFIG="essid $ESSID" instead. (ath9k)
predown
Take interface down before association and then restore it after (madwifi)
postsleep
Sleep one second before checking if the association was successful
postscan
Run iwlist scan after associating

Add the required quirks to the netcfg configuration file /etc/network.d/mynetwork, for example:

QUIRKS=(prescan preessid)

If you receive "Wireless network not found", "Association failed" errors and have tried the above, or if an AP with a hidden SSID is used, see the above section #Wireless association failed.

Ralink legacy drivers rt2500, rt2400 that use iwpriv

There is no plans to add WPA support to these drivers. rt2x00 is supported, however, and will replace these.

If you must use them, create a shell script that runs the needed iwpriv commands and put its path in PRE_UP.

find: "/var/run/network//suspend/": No such file or directory

If you get this error message, then do not bother because it is a known bug. Create the directory by hand.

It still does not work, what do I do?

If this article did not help solve your problem, the next best places to ask for help are the forums, the mailing list, and the #archlinux IRC channel.

To be able to determine the problem, we need information. When you ask, provide the following output:

  • ALL OUTPUT FROM netcfg
    • This is absolutely crucial to be able determine what went wrong. The message might be short or non-existent, but it can mean a great deal.
  • /etc/network.d network profiles
    • This is also crucial as many problems are simple configuration issues. Feel free to censor your wireless key.
  • netcfg version
  • lsmod
  • iwconfig

FAQ

Template:FAQ

Template:FAQ

Template:FAQ