Difference between revisions of "Netctl (简体中文)"

From ArchWiki
Jump to: navigation, search
(move bonding stuff from "Network Configuration" to "netctl")
(update Pkg/AUR templates)
(Tag: wiki-scripts)
 
(63 intermediate revisions by 11 users not shown)
Line 1: Line 1:
 
{{Lowercase title}}
 
{{Lowercase title}}
 +
[[Category:简体中文]]
 
[[Category:Networking (简体中文)]]
 
[[Category:Networking (简体中文)]]
 +
[[cs:Netctl]]
 
[[en:Netctl]]
 
[[en:Netctl]]
 +
[[es:Netctl]]
 
[[fr:Netctl]]
 
[[fr:Netctl]]
[[es:Netctl]]
+
[[it:Netcfg]]
{{Article summary start}}
+
[[ja:Netctl]]
{{Article summary text|用netctl和网络配置脚本设置网络的指南。}}
+
[[ru:Netctl]]
{{Article summary heading|概要}}
+
{{Related articles start (简体中文)}}
{{Article summary text|{{Networking overview (简体中文)}}}}
+
{{Related|网络配置}}
{{Article summary heading|资源}}
+
{{Related|无线网络配置}}
{{Article summary wiki|Bridge with netctl}}
+
{{Related|Wicd (简体中文)}}
{{Article summary end}}
+
{{Related|网桥}}
{{TranslationStatus (简体中文)|Netctl|2013-07-27|268143}}
+
{{Related articles end}}
Netctl 是基于命令行的网络管理器,支持场景配置。它是 Arch 的项目,取代了原来的 [[netcfg]]。
+
{{TranslationStatus (简体中文)|Netctl|2018-01-10|504831}}
 +
Netctl 是基于命令行的网络管理器,支持场景配置。它是 Arch Linux 网络管理方面的原生项目。
  
 
==安装==
 
==安装==
{{Pkg|netctl}} 软件包已经进入[[Official Repositories (简体中文)|官方软件仓库]].
+
{{Pkg|netctl}} 是 {{Grp|base}} 包组的成员,所以系统中应当已经安装了。否则可以手工[[install|安装]]。
 +
netctl 有一些用于自动连接的[[#特殊 systemd 单元]]需要一些附加依赖包,详情参阅该章节。
 +
下表列出 netctl 的其他可选依赖包:
 +
{| class="wikitable"
 +
! 功能
 +
! 依赖
 +
|-
 +
| WPA || {{Pkg|wpa_supplicant}}
 +
|-
 +
| DHCP || {{Pkg|dhcpcd}} or {{Pkg|dhclient}}
 +
|-
 +
| Wifi menus || {{Pkg|dialog}}
 +
|-
 +
| PPPoE || {{Pkg|ppp}}
 +
|-
 +
|}
 +
 
  
{{Pkg|netctl}} 和 {{AUR|netcfg}}相互冲突,安装 netctl 会替换掉{{AUR|netcfg}}。如果配置不正确,可能导致连接中断。
 
  
{{Note|请使用{{ic|1=systemctl --type=service}}确保其它可以配置网络的服务都没有运行,同时使用多个网络配置工具会导致冲突。}}
+
{{警告|请使用{{ic|1=systemctl --type=service}}确保其它可以配置网络的服务都没有运行,同时使用多个网络配置工具会导致冲突。}}
  
==建议阅读==
+
==配置==
  
建议用户使用前阅读如下文档:
+
{{ic|netctl}} 使用配置文件来管理网络连接,并按需自动或手动启动不同的操作模式
*[https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.1.txt netctl]
 
*[https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile]
 
*[https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.special.7.txt netctl.special]
 
  
==配置==
+
''netctl''的配置文件保存在 {{ic|/etc/netctl/}} 。一些配置文件的示例位于 {{ic|/etc/netctl/examples/}}。
  
{{ic|netctl}} 可以用来检查和控制 systemd 网络配置管理服务的状态。软件提供了一些配置文件的示例以供参考。这些示例位于{{ic|/etc/netctl/examples/}},包括:
+
若要使用上述示例配置文件,只需将其从 {{ic|/etc/netctl/examples/}} [[Copy|复制]]到 {{ic|/etc/netctl/}} 并按需配置。参见下述[[#配置示例]]。编辑配置文件所需的首要参数是网络''端口(interface)'',详阅[[网络配置#更改设备名称]]。
*ethernet-dhcp
 
*ethernet-static
 
*wireless-wpa
 
*wireless-wpa-static
 
  
如果使用无线网络,命令{{ic|wifi-menu -o}}可以在{{ic|/etc/netctl}}自动生成配置文件。
+
{{提示|
 +
如要配置无线网络,可以用 root 身份运行 {{ic|wifi-menu -o}} 以自动在 {{ic|/etc/netctl/}} 中生成配置文件。''wifi-menu'' 需要 {{Pkg|dialog}} 包。
  
要使用示例配置,将他们从{{ic|/etc/netctl/examples/}}复制到{{ic|/etc/netctl/}}然后进行修改:
+
如要在有线网络接口上启用静态IP,并忽略线缆连接状况,可以在配置文件中添加 {{ic|1=SkipNoCarrier=yes}} 配置项
# cp /etc/netctl/examples/wireless-wpa /etc/netctl/''profile''
+
}}
 +
配置文件的完整配置项清单请参阅:[http://jlk.fjfi.cvut.cz/arch/manpages/man/netctl.profile.5 netctl.profile.5]
  
创建完配置后,通过如下方法建立连接:
+
== 使用 ==
# netctl start ''profile''
+
netctl 的完整命令清单请参阅:[http://jlk.fjfi.cvut.cz/arch/manpages/man/netctl.1 netctl(1)]
  
如果命令出错,可以使用 {{ic|journalctl -xn}} 和 {{ic|netctl status <profile>}} 检查出错原因。修正重新设置。
+
=== 启动配置文件 ===
  
=== Automatic operation ===
+
创建了一个配置文件之后请尝试用它建立一个连接。下例中的 ''profile'' 仅使用配置文件的文件名,不要带全路径名。
  
If you use only one profile (per interface) or want to switch profiles manually, the [[#Basic method|basic method]] will do. Most common examples are servers, workstations, routers etc.
+
# netctl start profile
  
If you need to switch multiple profiles frequently, use [[#Automatic switching of profiles|Automatic switching of profiles]]. Most common examples are laptops.
+
如果上面的命令返回失败,可以使用 {{ic|journalctl -xn}} 和 {{ic|netctl status ''profile''}} 命令获取进一步的失败原因信息。
  
==== Basic method ====
+
=== 启用配置文件 ===
  
With this method, you can statically start only one profile per interface. First manually check that the profile can be started  successfully, then it can be {{ic|enabled}} using
+
下列命令实现开机时自动启动配置文件:
  
 
  # netctl enable ''profile''
 
  # netctl enable ''profile''
  
This will create and enable a [[systemd]] service that will start when the computer boots.
+
这条命令将创建并启用一个随计算机启动而自动运行的 [[systemd (简体中文)|systemd]] 服务。对配置文件本身的修改无法自动关联到前述创建的服务文件,修改之后,需用下述命令重新启用该配置:
  
{{Note|The connection is only established if the profile can be started succesfully at boot time (or when the service starts). That specifically means, in case of wired connection the cable must be plugged-in, in case of wireless connection the network must be in range.}}
+
# netctl reenable ''profile''
  
{{Tip|To enable static IP profile on wired interface no matter if the cable is connected or not, use {{ic|1=SkipNoCarrier=yes}} in your profile.}}
+
启用的配置文件将在下次引导时自动启动。显然,只有线缆已连接或已处于无线信号覆盖区域时,配置文件才能成功启动。
  
==== Automatic switching of profiles ====
+
如果需要在多个配置文件之间频繁切换(比如携带笔记本电脑旅行),应改用 [[#特殊 systemd 单元]] 一节的方法代替本节所述方法。
  
{{ic|netctl}} provides two special services for automatic switching of profiles: {{ic|netctl-auto@''interface''.service}} for wireless interfaces, and {{ic|netctl-ifplugd@''interface''.service}} for wired interfaces. Using {{ic|netctl-auto@''interface''.service}}, netctl profiles change as you move from range of one network into range of other network. Using {{ic|netctl-ifplugd@''interface''.service}}, netctl profiles change as you plug the cable in and out.
+
=== 特殊 systemd 单元 ===
  
{{Note|{{ic|netcfg}} used {{ic|net-auto-wireless.service}} and {{ic|net-auto-wired.service}} for this purpose.}}
+
''netctl'' 提供了特殊的 [[systemd]] 服务以实现有线与无线连接的自动切换。这些特殊的 systemd 单元的完整清单请参阅 {{man|7|netctl.special}}
  
First [[pacman|install]] required packages:
+
==== 有线连接 ====
* Package {{Pkg|wpa_actiond}} is required to use {{ic|netctl-auto@''interface''.service}}.
 
* Package {{Pkg|ifplugd}} is required to use {{ic|netctl-ifplugd@''interface''.service}}.
 
  
Now configure all profiles that {{ic|netctl-auto@''interface''.service}} or {{ic|netctl-ifplugd@''interface''.service}} can start. If you want some profile '''not''' to be started automatically by these services, you have to explicitly add {{ic|1=ExcludeAuto=yes}} to that profile. You can use {{ic|1=Priority=}} to set priority of some profile when multiple profiles are available. See {{ic|netctl.profile(5)}} for details.
+
[[Install|安装]] {{Pkg|ifplugd}} 包,并且[[Start/enable|启动/启用]] {{ic|netctl-ifplugd@''interface''.service}} systemd 单元。网线插入/拔出时,DHCP 配置文件将被启动/停止。
  
{{Warning|Automatic selection of a WPA-enabled profile by netctl-auto is not possible with option {{ic|1=Security=wpa-config}}, please use {{ic|1=Security=wpa-configsection}} instead.}}
+
* {{ic|netctl-ifplugd@''interface''.service}} 优先启用使用了 [[Wikipedia:DHCP|DHCP]] 的配置文件。
 +
* 若要自动启动一个静态 IP 配置文件,需要在其中增加 {{ic|1=ExcludeAuto=no}} 配置项。
 +
* 若要使某个静态 IP 配置文件的优先级高于使用 DHCP 的配置文件,可以增加 {{ic|1=Priority=2}} 配置项,这将使其优先级高于使用 DHCP 的配置文件默认的 {{ic|1=Priority=1}}
  
Once your profiles are set and verified to be working, simply enable these services with
+
==== 无线连接 ====
# systemctl enable netctl-auto@''interface''.service
 
# systemctl enable netctl-ifplugd@''interface''.service 
 
  
{{Warning|If any of the profiles contain errors, such as an empty {{ic|1=Key=}} variable, the unit will fail to load at boot.}}
+
[[Install|安装]] {{Pkg|wpa_actiond}} 包并[[Systemd_(简体中文)#使用单元|启动/启用]] {{ic|netctl-auto@''interface''.service}} systemd 单元。当在不同网络覆盖区域间移动(漫游)时,''netctl'' 配置文件将会自动启动/停止。
  
{{Warning|This method conflicts with the [[#Basic method|basic method]]. If you have previously enabled a profile through {{ic|netctl}}, run {{bc|# netctl disable ''profile''}} to prevent the profile from starting twice at boot.}}
+
* ''netctl-auto'' 要求配置文件必须使用 {{ic|1=Security=wpa-configsection}} 或 {{ic|1=Security=wpa}} 配置项才能工作,不能使用 {{ic|1=Security=wpa-config}} 配置项。
  
===从 netcfg 迁移的方法===
+
* 如果希望某些无线网络配置'''不要'''被 {{ic|netctl-auto@''interface''.service}}自动启用,需要特别在该配置文件中加入 {{ic|1=ExcludeAuto=yes}} 。
 +
* 如果存在多个无线访问点可用,可以在 ''WPAConfigSection'' 配置节中加入 {{ic|1=priority=}} 配置项(参阅 {{ic|/etc/netctl/examples/wireless-wpa-configsection}})。
  
{{ic|netctl}} 使用 {{ic|/etc/netctl}} 保存配置,而'''不是''' {{ic|/etc/network.d}} ({{ic|netcfg}}保存配置的位置).
+
注意,服务单元名称中的 ''interface'' 一词不要原文照抄,应当替换成实际的接口设备名,如 {{ic|netctl-auto@wlp4s0.service}}。详情参阅 {{ic|netctl.profile(5)}}
  
从 netcfg 迁移,请执行:
+
{{注意|
* 禁用 netcfg 服务: {{ic|# systemctl disable netcfg.service}}.
+
* 如果任何一个配置文件包含错误,例如包含空变量 {{ic|1=Key=}},即使这个文件未被使用,也将加载失败并报错 {{ic|"Failed to read or parse configuration '/run/network/wpa_supplicant_wlan0.conf'}}
* 删除 netcfg,然后安装 {{Pkg|netctl}}
+
* 本方法与 [[#基本方法|基本方法]]{{Broken section link}} 矛盾。如果你之前已经通过netctl启用了一个配置文件,运行 {{ic|netctl disable ''profile''}} 来防止这个配置在计算机启动时被启用两次。}}
*将老的网络配置移动到新目录
 
*根据 netctl.profile(5) 修改变量名称(主要是大小写变化,例如 CONNECTION 变成 Connection).
 
* For static IP configuration make sure the {{ic|Address}} variables have a netmask after the IP (e.g. {{ic|1=Address=('192.168.1.23'''/24'''' '192.168.1.87'''/24'''')}} in the example profile).
 
* If you setup a wireless profile according in the {{ic|wireless-wpa-configsection}} example, note that this overrides {{ic|wpa_supplicant}} options defined above the brackets. For a connection to a hidden wireless network, add {{ic|1=scan_ssid=1}} to the options in the {{ic|wireless-wpa-configsection}}; {{ic|1=Hidden=yes}} does not work there.  
 
*接口变量和其他变量不再需要引号(这仅仅是风格变化).
 
*为每一个配置执行{{ic|netctl enable ''profile''}}, '''last'''工作方式有变化,参阅 netctl.special(7).
 
*使用 {{ic|netctl list}} / {{ic|netctl start <profile>}} 替换 netcfg-menu. wifi-menu 依然保留。
 
* Unlike {{ic|netcfg}}, by default {{ic|netctl}} fails to bring up a [[wikipedia:Network interface controller|NIC]] when it is not connected to another powered up NIC. To solve this problem, add {{ic|1=SkipNoCarrier=yes}} at the end of your {{ic|/etc/netctl/''profile''}}.
 
  
===密码加密(256-bit PSK)===
+
通过 netctl-auto 的命令动作可以在不停止 {{ic|netctl-auto.service}} 服务的情况下手工控制一个不受 netctl-auto 管理的网络接口。完整的 netctl-auto 命令动作列表参阅 {{man|1|netctl-auto}}。
  
不想'''用明文保存密码'''的用户可以使用 256 位加密 PSK,数据是通过密码和 SSID 通过标准算法生成。
+
== 提示与技巧 ==
  
* 方法1: 使用 {{ic|wifi-menu -o}} 在 {{ic|/etc/netctl}} 中生成配置文件。
+
=== 配置示例 ===
* 方法2: 下面有手动配置方法,如果密码失败,可以试试删除 Key= 中的 \"
 
  
不管使用哪种方法,都建议用 {{ic|chmod 600 /etc/netctl/<config_file>}} 限制一般用户的访问权限。
+
==== 有线连接 ====
  
然后用[[WPA_supplicant#Configuration_file|wpa_passphrase]]生成256位加密 PSK:
+
For a DHCP connection, only the {{ic|Interface}} has to be configured after copying the {{ic|/etc/netctl/examples/ethernet-dhcp}} example profile to {{ic|/etc/netctl}}.
{{hc|Usage: wpa_passphrase [ssid] [passphrase]|
+
 
2=$ wpa_passphrase archlinux freenode|
+
For example:
  network={
+
{{hc|/etc/netctl/''my_dhcp_profile''|<nowiki>
  ssid="archlinux"
+
Interface=enp1s0
  #psk="freenode"
+
Connection=ethernet
  psk=64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
+
IP=dhcp</nowiki>
}
+
}}
{{Note|This information will be used in your profile, so do not close the terminal.}}
+
 
 +
For a static IP configuration copy the {{ic|/etc/netctl/examples/ethernet-static}} example profile to {{ic|/etc/netctl}} and modify {{ic|Interface}}, {{ic|Address}}, {{ic|Gateway}} and {{ic|DNS}}) as needed.
 +
 
 +
For example:
 +
{{hc|/etc/netctl/''my_static_profile''|<nowiki>
 +
Interface=enp1s0
 +
Connection=ethernet
 +
IP=static
 +
Address=('10.1.10.2/24')
 +
Gateway=('10.1.10.1')
 +
DNS=('10.1.10.1')</nowiki>
 
}}
 
}}
  
在第二个终端将{{ic|/etc/netctl/examples/wireless-wpa}} 复制到 {{ic|/etc/netctl}}
+
Take care to include the subnet notation of {{ic|/24}}. It equates to a netmask of {{ic|255.255.255.0}}) and without it the profile will fail to start. See also [[wikipedia:Classless Inter-Domain Routing#CIDR notation|CIDR notation]]. To alias more than one IP address per a NIC set {{ic|Address&#61;('10.1.10.2/24' '192.168.1.2/24')}}.
# cp /etc/netctl/examples/wireless-wpa /etc/netctl/wireless-wpa
 
  
编辑{{ic|/etc/netctl/wireless-wpa}},将之前生成的''Encrypted Pre-shared Key''设置到{{ic|'''Key'''}}。
+
==== 无线连接(WPA-PSK) ====
  
完成后的{{ic|wireless-wpa}}应该类似于:
+
The following applies for the standard wireless connections using a pre-shared key (WPA-PSK).
  
 
{{hc|/etc/netctl/wireless-wpa|2=
 
{{hc|/etc/netctl/wireless-wpa|2=
Line 135: Line 148:
 
Security=wpa
 
Security=wpa
 
IP=dhcp
 
IP=dhcp
ESSID=archlinux
+
ESSID=''your_essid''
 
Key=\"64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
 
Key=\"64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
 
}}
 
}}
  
{{注意|<nowiki>
+
{{注意|
* 请使用'''special non-quoted rules''' 设置 Key=,参阅 [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)]
+
* Make sure to use the '''special quoting rules''' for the {{ic|Key}} variable as explained at the end of [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)].
* 配置文件中的 Key 足够连接到 WPA-PSK 网络。也就是说,此方法仅仅将密码变得不可读,但是只要用户能够读取配置文件,就能连接到网络。请不要使用相同的密码作为网络密码。
+
* If the passphrase fails, try removing the {{ic|\"}} in the {{ic|Key}} variable.
</nowiki>}}
+
* Although "encrypted", the key that you put in the profile configuration is enough to connect to a WPA-PSK network. Therefore this process is only useful for hiding the human-readable version of the passphrase. This will not prevent anyone with read access to this file from connecting to the network.}}
  
==支持==
+
=== 隐藏无线密码 ===
官方通知帖: https://bbs.archlinux.org/viewtopic.php?id=157670
 
  
==提示和技巧==
+
You can also follow the following step to obfuscate the wireless passphrase (''wifi-menu'' does it automatically when using the {{ic|-o}} flag):
  
=== Replace 'netcfg current' ===
+
Users '''not''' wishing to have the passphrase to their wireless network stored in ''plain text'' have the option of storing the corresponding 256-bit pre-shared key instead, which is calculated from the passphrase and the SSID using standard algorithms.
  
As of April 2013 there is no netctl alternative to {{ic|netcfg current}}. If you relied on it for something, like a status bar for a tiling window manager, you can now use:
+
Calculate your 256-bit PSK using [[WPA_supplicant#Connecting_with_wpa_passphrase|wpa_passphrase]]:
# netctl list | awk '/*/ {print $2}'
+
{{hc|$ wpa_passphrase ''your_essid''|2=
or, when {{ic|netctl-auto}} was used to connect:
+
  network={
# wpa_cli -i ''interface'' status | sed -n 's/^id_str=//p'
+
  ssid="''your_essid''"
 
+
  #psk="''passphrase''"
=== Eduroam ===
+
  psk=64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
 
+
}
Some universities use a system called "Eduroam" to manage their wireless networks. For this system, a WPA config-section profile with the following format is often useful:
 
{{hc|/etc/netctl/wlan0-eduroam|<nowiki>
 
Description='Eduroam-profile for <user>'
 
Interface=wlan0
 
Connection=wireless
 
Security=wpa-configsection
 
IP=dhcp
 
WPAConfigSection=(
 
'ssid="eduroam"'
 
'proto=RSN'
 
'key_mgmt=WPA-EAP'
 
'pairwise=CCMP'
 
'auth_alg=OPEN'
 
'eap=PEAP'
 
'identity="<user>"'
 
'password="<password>"'
 
)</nowiki>
 
 
}}
 
}}
  
=== Bonding ===
+
The ''pre-shared key'' (psk) now needs to replace the plain text passphrase of the {{ic|Key}} variable in the profile.
  
From [https://www.kernel.org/doc/Documentation/networking/bonding.txt kernel documentation]:
+
=== 使用体验版图形用户界面 ===
  
:''The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical "bonded" interface. The behavior of the bonded interfaces depends on the mode. Generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed.''
+
如果你想使用图形用户界面管理 ''netctl'' 和你的网络连接,并且不在意使用非官方体验版软件包的话,可以从 [[AUR]] 安装 {{AUR|netgui}}。注意:它毕竟还只是一个 beta 版,你应该熟悉 ''netctl'' 的语法以便解决可能出现的问题。另一个图形用户界面程序的替代品是 {{AUR|netctl-gui}},它提供了基于 Qt 的图形界面、DBus  守护进程和 KDE 桌面小部件。第三个替代品是 {{AUR|netmenu}},它使用 {{Pkg|dmenu}} 作为图形界面。
  
==== Load balancing ====
+
=== Eduroam ===
  
To use bonding with netctl, additional package from official repositories is required: {{Pkg|ifenslave}}.
+
参阅 [[WPA2 Enterprise#netctl]]
  
复制 {{ic|/etc/netctl/examples/bonding}} 到 {{ic|/etc/netctl/bonding}} 并进行编辑,举例来说,像下面这样:
+
=== 绑定 ===
  
{{hc|/etc/netctl/bonding|2=
+
引自 [https://www.kernel.org/doc/Documentation/networking/bonding.txt 内核文档]:
Description='Bond Interface'
 
Interface='bond0'
 
BindsToInterfaces=('eth0' 'eth1')
 
IP=dhcp
 
IP6=stateless}}
 
  
现在你可以禁用和停止旧的网络配置,然后设置自动启动 bonding:
+
:''The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical "bonded" interface. The behavior of the bonded interfaces depends on the mode. Generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed.''
  
禁用旧的配置文件:
+
:''(Linux bonding 驱动提供了把多个网络接口聚合成一个“绑定”的单一逻辑接口的途径。绑定后接口的行为取决于绑定的模式,一般来说,提供“主备”和“负载均衡”两种模式。另外,可以提供对连接总体情况的监测功能。)''
  
  # netctl stop ethernet
+
==== 负载均衡 ====
  # netctl disable ethernet
 
  
启用并启动 bonding:
+
要用 netctl 配合 bonding,需要从官方软件源安装 {{Pkg|ifenslave}}。
  
  # netctl start bonding
+
复制 {{ic|/etc/netctl/examples/bonding}} 到 {{ic|/etc/netctl/bond0}} 然后进行编辑。例如:
  # netctl enable bonding
 
  
{{注意|要改变绑定模式(默认值是轮询),例如,用于active backup:
+
{{hc|/etc/netctl/bond0|2=
 +
Description='Bond Interface'
 +
Interface='bond0'
 +
Connection=bond
 +
BindsToInterfaces=('eth0' 'eth1')
 +
IP=dhcp
 +
IP6=stateless}}
  
创建 {{ic|/etc/modprobe.d/bonding.conf}}:
+
现在你可以停用之前的配置文件。然后设置 bonding 为自动启动,切换到新的配置。例如:
  
{{hc|/etc/modprobe.d/bonding.conf|2=
+
# netctl switch-to bond0
options bonding mode=active-backup
 
options bonding miimon=100}}
 
  
更多关于不同绑定策略(以及其它驱动程序设置)的信息,参见 [http://sourceforge.net/projects/bonding/files/Documentation/ Linux Ethernet Bonding Driver HOWTO] 和 [http://www.linuxfoundation.org/collaborate/workgroups/networking/bonding The Linux Foundation: bonding]。}}
+
{{注意|这将使用 {{ic|bonding}} 驱动的默认策略 round-robin(负载均衡)。详见[https://www.kernel.org/doc/Documentation/networking/bonding.txt 官方文档]。}}
  
查看状态和绑定模式:
+
{{提示|查看状态和绑定模式:{{bc|$ cat /proc/net/bonding/bond0}}}}
 
 
$ cat /proc/net/bonding/bond0
 
  
 
==== 有线 -> 无线故障切换 ====
 
==== 有线 -> 无线故障切换 ====
  
当有线网络断开时,使用 {{ic|bonding}} 切换到无线网络,这种方法也会在探测这两种网络连接,并在至少一种已连接时启动 dhcpcd。
+
这一部分探讨怎样用bonding来实现当有线以太网无法工作时自动切换至无线网络。我们假设所有的网络接口默认启动dhcdpcd服务。
  
你将需要官方源中的 {{Pkg|netctl}},{{Pkg|ifplugd}},{{Pkg|ifenslave}} 和 {{Pkg|wpa_supplicant}}
+
你需要从官方源安装软件包:{{Pkg|ifenslave}} 和 {{Pkg|wpa_supplicant}}.
  
首先配置 bonding 驱动程序使用 active-backup 模式:
+
首先设置 {{ic|bonding}} 驱动使用 {{ic|active-backup}}:
  
 
{{hc|/etc/modprobe.d/bonding.conf|2=
 
{{hc|/etc/modprobe.d/bonding.conf|2=
Line 234: Line 224:
 
options bonding miimon=100
 
options bonding miimon=100
 
options bonding primary=eth0
 
options bonding primary=eth0
options bonding max_bonds=0}}
+
options bonding max_bonds=0
 +
}}
  
设置`max-bonds`可以避免"Interface bond0 already exists" 错误。
+
{{ic|max_bonds}} 选项避免了 {{ic|Interface bond0 already exists}} 错误。如果使用了MAC过滤,应当添加设置 {{ic|fail_over_mac<nowiki>=</nowiki>active}}。
  
然后,配置一份 {{Pkg|netctl}} 配置文件,使用这两个硬件接口:
+
接下来,编写一个netctl配置文件来绑定两个网络接口:
  
 
{{hc|/etc/netctl/failover|2=
 
{{hc|/etc/netctl/failover|2=
Line 244: Line 235:
 
Interface='bond0'
 
Interface='bond0'
 
Connection=bond
 
Connection=bond
BindsToInterface=('eth0' 'wlan0')
+
BindsToInterfaces=('eth0' 'wlan0')
IP='no'
+
IP='dhcp'
SkipNoCarrier='no'}}
+
SkipNoCarrier='no'
 +
}}
  
启动时启用配置文件。
+
设置该配置文件自启动:
  
 
  # netctl enable failover
 
  # netctl enable failover
  
将 wpa_supplicant 配置为关联一个已知网络,可以通过 netctl profile (记得设置 IP='no'), 长期运行的 wpa_supplicant 服务或者 wpa_cli 命令实现。具体方法请访问  [[wpa_supplicant]] 页面。
+
将 wpa_supplicant 配置为关联一个已知网络,可以通过 netctl profile (记得设置 IP='no'), 和一个长期运行的 wpa_supplicant 服务或者 wpa_cli 命令实现。具体方法请访问  [[WPA_supplicant (简体中文)|wpa_supplicant]] 页面。想要长期运行 wpa_supplicant 服务,创建一个wpa_supplicant配置文件{{ic|/etc/wpa_supplicant/wpa_supplicant-wlan0.conf}} 然后运行:
 +
 
 +
# systemctl enable wpa_supplicant@wlan0
 +
 
 +
在有线网络配置中设置{{ic|1=IP='no'}}。IP地址应当只被分配到bond0接口。
 +
 
 +
如果你有一个有线连接和无线连接连接到同一个网络,现在可以将有线网络断开连接,然后重新连接而依然保持网络通畅。在大多数情况下,甚至连流媒体音乐都不会卡顿。
 +
 
 +
=== 使用任意接口 ===
 +
In some cases it may be desirable to allow a profile to use any interface on the system. A common example use case is using a common disk image across many machines with differing hardware (this is especially useful if they are headless). If you use the kernel's naming scheme, and your machine has only one ethernet interface, you can probably guess that eth0 is the right interface. If you use udev's [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ Predictable Network Interface Names], however, names will be assigned based on the specific hardware itself (e.g. enp1s0), rather than simply the order that the hardware was detected (e.g. eth0, eth1). This means that a netctl profile may work on one machine and not another, because they each have different interface names.
 +
 
 +
A quick and dirty solution is to make use of the {{ic|/etc/netctl/interfaces/}} directory. Choose a name for your interface alias ({{ic|en-any}} in this example), and write the following to a file with that name (making sure it is executable).
 +
{{hc|/etc/netctl/interfaces/en-any|<nowiki>
 +
#!/bin/bash
 +
for interface in /sys/class/net/en*; do
 +
        break;
 +
done
 +
Interface=$(basename $interface)
 +
echo "en-any: using interface $Interface";
 +
</nowiki>}}
 +
Then create a profile that uses the interface. Pay special attention to the {{ic|Interface}} directive. The rest are only provided as examples.
 +
{{hc|/etc/netctl/wired|<nowiki>
 +
Description='Wired'
 +
Interface=en-any
 +
Connection=ethernet
 +
IP=static
 +
Address=('192.168.1.15/24')
 +
Gateway='192.168.1.1'
 +
DNS=('192.168.1.1')
 +
</nowiki>}}
 +
 
 +
When the {{ic|wired}} profile is started, any machine using the two files above will automatically bring up and configure the first ethernet interface found on the system, regardless of what name udev assigned to it. Note that this is not the most robust way to go about configuring interfaces. If you use multiple interfaces, netctl may try to assign the same interface to them, and will likely cause a disruption in connectivity. If you do not mind a more complicated solution, {{ic|netctl-auto}} is likely to be more reliable.
 +
 
 +
=== 使用钩子 ===
 +
 
 +
netctl supports hooks in {{ic|/etc/netctl/hooks/}} and per interface hooks in {{ic|/etc/netctl/interfaces/}}. You can set any option in a hook/interface that you can
 +
in a profile. They are read the same way! Most importantly this includes {{ic|ExecUpPost}} and {{ic|ExecDownPre}}.
 +
 
 +
When a profile is read, netctl sources ''all executable'' scripts in {{ic|hooks}}, then it reads the profile file for the connection and finally it sources an executable script with the name of the interface used in the profile from the {{ic|interfaces}} directory. Therefore, declarations in an interface script override declarations in the profile, which override declarations in hooks.
 +
 
 +
The variables {{ic|$INTERFACE}}, {{ic|$SSID}}, {{ic|$ACTION}} and {{ic|$Profile}} are available in hooks/interfaces '''only''' when using {{ic|netctl-auto}}
 +
 
 +
==== 范例 ====
 +
 
 +
===== 在已有连接上执行命令 =====
 +
{{hc|/etc/netctl/hooks/myservices|<nowiki>
 +
#!/bin/sh
 +
ExecUpPost="systemctl start crashplan.service; systemctl start dropbox@<username>.service"
 +
ExecDownPre="systemctl stop crashplan.service; systemctl stop dropbox@<username>.service"
 +
</nowiki>}}
 +
 
 +
===== 激活 network-online.target =====
 +
 
 +
{{hc|/etc/netctl/hooks/status|<nowiki>
 +
#!/bin/sh
 +
ExecUpPost="systemctl start network-online.target"
 +
ExecDownPre="systemctl stop network-online.target"
 +
</nowiki>}}
 +
 
 +
Using this, systemd services requiring an active network connection can be [[Systemd#Handling_dependencies|ordered]] to start only after the {{ic|network-online.target}} is reached, and can be stopped before the connection is brought down.
 +
 
 +
===== 设置默认 DHCP 客户端 =====
  
创建 {{Pkg|ifplugd}} 操作,自动为绑定的接口进行 DHCP 分配:
+
To set or change the DHCP client used for all profiles:
  
{{hc|/etc/ifplugd/bond_dhcp.action|2=
+
{{hc|/etc/netctl/hooks/dhcp|<nowiki>
 
#!/bin/sh
 
#!/bin/sh
 +
DHCPClient='dhclient'
 +
</nowiki>}}
 +
 +
Alternatively, it may also be specified for a specific network interface by creating an executable file {{ic|/etc/netctl/interfaces/<interface>}} with the following line:
 +
 +
DHCPClient='dhclient'
 +
 +
{{Expansion|It would be useful to replace the example with a general hook that executes different actions depending on {{ic|$ACTION}} being CONNECT and DISCONNECT.}}
 +
 +
== 排错 ==
 +
 +
=== Job for netctl@wlan(...).service failed ===
 +
 +
Some people have an issue when they connect to a network with ''netctl'', for example:
 +
 +
{{hc|# netctl start wlan0-ssid|<nowiki>
 +
Job for netctl@wlan0\x2ssid.service failed. See 'systemctl status netctl@wlan0\x2ssid.service' and 'journalctl -xn' for details.
 +
</nowiki>}}
 +
 +
When then looking at {{ic|journalctl -xn}}, either of the following are shown:
 +
 +
1. If your device ({{ic|wlan0}} in this case) is up:
 +
network[2322]: The interface of network profile 'wlan0-ssid' is already up
 +
 +
Setting the interface down should resolve the problem:
 +
# ip link set wlan0 down
 +
 +
Then retry:
 +
# netctl start wlan0-ssid
 +
 +
{{Accuracy|The following is an unsolved issue, using different DHCP client is just a poor/unexplained workaround.}}
 +
 +
2. If it is down:
 +
dhcpcd[261]: wlan0: ipv4_sendrawpacket: Network is down
 +
 +
One way to solve this is to use a different DHCP client, for example {{Pkg|dhclient}}. After installing the package configure ''netctl'' to use it:
 +
 +
{{hc|/etc/netctl/wlan0-ssid|<nowiki>
 +
...
 +
DHCPClient='dhclient'
 +
</nowiki>}}
 +
 +
Adding the {{ic|ForceConnect}} option may also be helpful:
 +
 +
{{hc|/etc/netctl/wlan0-ssid|<nowiki>
 +
 +
...
 +
 +
ForceConnect=yes
 +
</nowiki>}}
 +
 +
Save it and try to connect with the profile:
 +
# netctl start wlan0-ssid
 +
 +
=== dhcpcd: ipv4_addroute: File exists ===
 +
 +
On some systems dhcpcd in combination with netctl causes timeout issues on resume, particularly when having switched networks in the meantime. netctl will report that you are successfully connected but you still receive timeout issues. In this case, the old default route still exists and is not being renewed. A workaround to avoid this misbehaviour is to switch to [[#Set default DHCP client|dhclient]]{{Broken section link}} as the default dhcp client. More information on the issue can be found [https://bbs.archlinux.org/viewtopic.php?pid=1399842#p1399842 here].
  
case "$2" in
+
=== DHCP timeout issues ===
  up)
 
    systemctl start "dhcpcd@$1.service" && exit 0
 
    ;;
 
  down)
 
    systemctl stop "dhcpcd@$1.service" && exit 0
 
    ;;
 
  *)
 
    echo "Wrong arguments" > /dev/stderr
 
    ;;
 
esac
 
exit 1}}
 
  
并使它可执行
+
If you are having timeout issues when requesting leases via DHCP you can set the timeout value higher than netctl's 30 seconds by default. Create a file in {{ic|/etc/netctl/hooks/}} or {{ic|/etc/netctl/interfaces/}}, add {{ic|1=TimeoutDHCP=40}} to it for a timeout of 40 seconds and make the file executable.
  
# chmod +x /etc/ifplugd/bond_dhcp.action
+
=== Connection timeout issues ===
  
然后创建 [[systemd]] 服务,启动 bond0 上的 ifplugd:
+
If you are having timeout issues that are unrelated to DHCP (on a static ethernet connection for example), and are experiencing errors similar to the following when starting your profile:
 +
{{hc|# journalctl _SYSTEMD_UNIT&#61;netctl@''profile''.service|
 +
Starting network profile &#39;''profile''&#39;...
 +
No connection found on interface 'eth0' (timeout)
 +
Failed to bring the network up for profile &#39;''profile''&#39;
 +
}}
 +
Then you should increase carrier and up timeouts by adding {{ic|1=TimeoutUp=}} and {{ic|1=TimeoutCarrier=}} to your profile file:
 +
{{hc|/etc/netctl/''profile''|<nowiki>
 +
...
 +
TimeoutUp=300
 +
TimeoutCarrier=300</nowiki>
 +
}}
 +
Do not forget to reenable your profile:
  
{{hc|/etc/systemd/system/net-auto-bonded@.service|2=
+
# netctl reenable ''profile''
 +
 
 +
=== Problems with netctl-auto on resume ===
 +
Sometimes ''netctl-auto'' fails to reconnect when the system resumes from suspend. An easy solution is to restart the service for ''netctl-auto''.
 +
This can be automated with an additional service like the following:
 +
 
 +
{{hc|/etc/systemd/system/netctl-auto-resume@.service|<nowiki>
 
[Unit]
 
[Unit]
Description=Provides automatic dhcp resolution for bonded failover connection
+
Description=restart netctl-auto on resume.
Requires=netctl@failover.service
+
Requisite=netctl-auto@%i.service
After=netctl@failover.service
+
After=suspend.target
  
 
[Service]
 
[Service]
ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/bond_dhcp.action -fIns
+
Type=oneshot
 +
ExecStart=/usr/bin/systemctl restart netctl-auto@%i.service
  
 
[Install]
 
[Install]
WantedBy=multi-user.target}}
+
WantedBy=suspend.target
 +
</nowiki>}}
 +
 
 +
To [[enable]] this service for your wireless card, for example, enable {{ic|netctl-auto-resume@wlan0.service}} as root. Change {{ic|wlan0}} to the required network interface.
 +
 
 +
If the device is not yet running on resume when the unit is started, this will fail. It can be fixed by adding the following dependency in the ''After'' line:
 +
 
 +
{{hc|/etc/systemd/system/netctl-auto-resume@.service|<nowiki>
 +
...
 +
After=suspend.target sys-subsystem-net-devices-%i.device
 +
...
 +
</nowiki>}}
 +
 
 +
=== netctl-auto suddenly stopped working for WiFi adapters ===
 +
 
 +
This problem seems to be related to a recent wpa_supplicant update (see {{Bug|44731}}), but a work-around is quite trivial. Just create a file for your interface (e.g. wlp3s0) in /etc/netctl/interfaces with the following content and make it executable:
 +
 
 +
{{hc|/etc/netctl/interfaces/wlp3s0|<nowiki>
 +
WPAOptions="-m ''"
 +
</nowiki>}}
 +
 
 +
After that, try to restart your netctl-auto service and WiFi auto detection should work well again.
  
启用 net-auto-bonded 服务并重启:
+
=== netctl-auto does not automatically unblock a wireless card to use an interface ===
 +
 
 +
Many laptops have a hardware button (or switch) to turn off wireless card, however, the card can also be blocked by the kernel. This can be handled by [[rfkill]].
 +
 
 +
If you want ''netctl-auto'' to automatically unblock your wireless card to connect to a particular network, set {{ic|1=RFKill=++auto++}} option for the wireless connection of your choice, as specified in the [https://github.com/joukewitteveen/netctl/blob/master/docs/netctl.profile.5.txt netctl.profile(5)] man page.
 +
 
 +
=== RTNETLINK answers: File exists (with multiple NICs) ===
 +
 
 +
This is a very misleading response, it really means that you have assigned a default gateway in an earlier netctl control file. When netctl starts up the n-th NIC and goes to set its local route, it fails because there is already a default route from n-1.
 +
 
 +
Remove it and everything works, except you no longer have a default route and so cannot access things such as the internet. {{ic|ExecUpPost}} does not work as it gets executed for each network card.
 +
 
 +
A possible solution is creating a new service:
 +
 
 +
{{hc|/etc/systemd/system/defaultrouter.service|<nowiki>
 +
[Unit]
 +
Description
 +
Requires=netctl.service
 +
After=netctl.service
 +
Before=ntpd.service,dnsmasq.service
 +
 
 +
[Service]
 +
Type=oneshot
 +
ExecStart=/usr/bin/ip route add default via 192.168.xxx.yyy</nowiki>}}
  
# systemctl enable net-auto-bonded@bond0.service
+
== 参见 ==
# reboot
 
  
如果有线连接和无线连接位于同一个网络,现在你可以断开重连有线网络而不会断网。甚至大多数情况下,播放流媒体音乐都不会有间断!
+
* [https://lists.archlinux.org/pipermail/arch-projects/2012-December/003473.html Initial mailing list announcement]
 +
* [https://bbs.archlinux.org/viewtopic.php?id=157670 官方陈述页面]
 +
* 在AUR中有一个可用的cinnamon applet: {{AUR|cinnamon-applet-netctl-systray-menu}}{{Broken package link|{{aur-mirror|cinnamon-applet-netctl-systray-menu}}}}

Latest revision as of 06:41, 7 April 2018

翻译状态: 本文是英文页面 Netctl翻译,最后翻译时间:2018-01-10,点击这里可以查看翻译后英文页面的改动。

Netctl 是基于命令行的网络管理器,支持场景配置。它是 Arch Linux 网络管理方面的原生项目。

安装

netctlbase 包组的成员,所以系统中应当已经安装了。否则可以手工安装。 netctl 有一些用于自动连接的#特殊 systemd 单元需要一些附加依赖包,详情参阅该章节。 下表列出 netctl 的其他可选依赖包:

功能 依赖
WPA wpa_supplicant
DHCP dhcpcd or dhclient
Wifi menus dialog
PPPoE ppp


警告: 请使用systemctl --type=service确保其它可以配置网络的服务都没有运行,同时使用多个网络配置工具会导致冲突。

配置

netctl 使用配置文件来管理网络连接,并按需自动或手动启动不同的操作模式

netctl的配置文件保存在 /etc/netctl/ 。一些配置文件的示例位于 /etc/netctl/examples/

若要使用上述示例配置文件,只需将其从 /etc/netctl/examples/ 复制/etc/netctl/ 并按需配置。参见下述#配置示例。编辑配置文件所需的首要参数是网络端口(interface),详阅网络配置#更改设备名称

提示:

如要配置无线网络,可以用 root 身份运行 wifi-menu -o 以自动在 /etc/netctl/ 中生成配置文件。wifi-menu 需要 dialog 包。

如要在有线网络接口上启用静态IP,并忽略线缆连接状况,可以在配置文件中添加 SkipNoCarrier=yes 配置项

配置文件的完整配置项清单请参阅:netctl.profile.5

使用

netctl 的完整命令清单请参阅:netctl(1)

启动配置文件

创建了一个配置文件之后请尝试用它建立一个连接。下例中的 profile 仅使用配置文件的文件名,不要带全路径名。

# netctl start profile

如果上面的命令返回失败,可以使用 journalctl -xnnetctl status profile 命令获取进一步的失败原因信息。

启用配置文件

下列命令实现开机时自动启动配置文件:

# netctl enable profile

这条命令将创建并启用一个随计算机启动而自动运行的 systemd 服务。对配置文件本身的修改无法自动关联到前述创建的服务文件,修改之后,需用下述命令重新启用该配置:

# netctl reenable profile

启用的配置文件将在下次引导时自动启动。显然,只有线缆已连接或已处于无线信号覆盖区域时,配置文件才能成功启动。

如果需要在多个配置文件之间频繁切换(比如携带笔记本电脑旅行),应改用 #特殊 systemd 单元 一节的方法代替本节所述方法。

特殊 systemd 单元

netctl 提供了特殊的 systemd 服务以实现有线与无线连接的自动切换。这些特殊的 systemd 单元的完整清单请参阅 netctl.special(7)

有线连接

安装 ifplugd 包,并且启动/启用 netctl-ifplugd@interface.service systemd 单元。网线插入/拔出时,DHCP 配置文件将被启动/停止。

  • netctl-ifplugd@interface.service 优先启用使用了 DHCP 的配置文件。
  • 若要自动启动一个静态 IP 配置文件,需要在其中增加 ExcludeAuto=no 配置项。
  • 若要使某个静态 IP 配置文件的优先级高于使用 DHCP 的配置文件,可以增加 Priority=2 配置项,这将使其优先级高于使用 DHCP 的配置文件默认的 Priority=1

无线连接

安装 wpa_actiond 包并启动/启用 netctl-auto@interface.service systemd 单元。当在不同网络覆盖区域间移动(漫游)时,netctl 配置文件将会自动启动/停止。

  • netctl-auto 要求配置文件必须使用 Security=wpa-configsectionSecurity=wpa 配置项才能工作,不能使用 Security=wpa-config 配置项。
  • 如果希望某些无线网络配置不要netctl-auto@interface.service自动启用,需要特别在该配置文件中加入 ExcludeAuto=yes
  • 如果存在多个无线访问点可用,可以在 WPAConfigSection 配置节中加入 priority= 配置项(参阅 /etc/netctl/examples/wireless-wpa-configsection)。

注意,服务单元名称中的 interface 一词不要原文照抄,应当替换成实际的接口设备名,如 netctl-auto@wlp4s0.service。详情参阅 netctl.profile(5)

注意:
  • 如果任何一个配置文件包含错误,例如包含空变量 Key=,即使这个文件未被使用,也将加载失败并报错 "Failed to read or parse configuration '/run/network/wpa_supplicant_wlan0.conf'
  • 本方法与 基本方法[broken link: invalid section] 矛盾。如果你之前已经通过netctl启用了一个配置文件,运行 netctl disable profile 来防止这个配置在计算机启动时被启用两次。

通过 netctl-auto 的命令动作可以在不停止 netctl-auto.service 服务的情况下手工控制一个不受 netctl-auto 管理的网络接口。完整的 netctl-auto 命令动作列表参阅 netctl-auto(1)

提示与技巧

配置示例

有线连接

For a DHCP connection, only the Interface has to be configured after copying the /etc/netctl/examples/ethernet-dhcp example profile to /etc/netctl.

For example:

/etc/netctl/my_dhcp_profile
Interface=enp1s0
Connection=ethernet
IP=dhcp

For a static IP configuration copy the /etc/netctl/examples/ethernet-static example profile to /etc/netctl and modify Interface, Address, Gateway and DNS) as needed.

For example:

/etc/netctl/my_static_profile
Interface=enp1s0
Connection=ethernet
IP=static
Address=('10.1.10.2/24')
Gateway=('10.1.10.1')
DNS=('10.1.10.1')

Take care to include the subnet notation of /24. It equates to a netmask of 255.255.255.0) and without it the profile will fail to start. See also CIDR notation. To alias more than one IP address per a NIC set Address=('10.1.10.2/24' '192.168.1.2/24').

无线连接(WPA-PSK)

The following applies for the standard wireless connections using a pre-shared key (WPA-PSK).

/etc/netctl/wireless-wpa
Description='A simple WPA encrypted wireless connection using 256-bit PSK'
Interface=wlp2s2
Connection=wireless
Security=wpa
IP=dhcp
ESSID=your_essid
Key=\"64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
注意:
  • Make sure to use the special quoting rules for the Key variable as explained at the end of netctl.profile(5).
  • If the passphrase fails, try removing the \" in the Key variable.
  • Although "encrypted", the key that you put in the profile configuration is enough to connect to a WPA-PSK network. Therefore this process is only useful for hiding the human-readable version of the passphrase. This will not prevent anyone with read access to this file from connecting to the network.

隐藏无线密码

You can also follow the following step to obfuscate the wireless passphrase (wifi-menu does it automatically when using the -o flag):

Users not wishing to have the passphrase to their wireless network stored in plain text have the option of storing the corresponding 256-bit pre-shared key instead, which is calculated from the passphrase and the SSID using standard algorithms.

Calculate your 256-bit PSK using wpa_passphrase:

$ wpa_passphrase your_essid
network={
  ssid="your_essid"
  #psk="passphrase"
  psk=64cf3ced850ecef39197bb7b7b301fc39437a6aa6c6a599d0534b16af578e04a
}

The pre-shared key (psk) now needs to replace the plain text passphrase of the Key variable in the profile.

使用体验版图形用户界面

如果你想使用图形用户界面管理 netctl 和你的网络连接,并且不在意使用非官方体验版软件包的话,可以从 AUR 安装 netguiAUR。注意:它毕竟还只是一个 beta 版,你应该熟悉 netctl 的语法以便解决可能出现的问题。另一个图形用户界面程序的替代品是 netctl-guiAUR,它提供了基于 Qt 的图形界面、DBus 守护进程和 KDE 桌面小部件。第三个替代品是 netmenuAUR,它使用 dmenu 作为图形界面。

Eduroam

参阅 WPA2 Enterprise#netctl

绑定

引自 内核文档:

The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical "bonded" interface. The behavior of the bonded interfaces depends on the mode. Generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed.
(Linux bonding 驱动提供了把多个网络接口聚合成一个“绑定”的单一逻辑接口的途径。绑定后接口的行为取决于绑定的模式,一般来说,提供“主备”和“负载均衡”两种模式。另外,可以提供对连接总体情况的监测功能。)

负载均衡

要用 netctl 配合 bonding,需要从官方软件源安装 ifenslave

复制 /etc/netctl/examples/bonding/etc/netctl/bond0 然后进行编辑。例如:

/etc/netctl/bond0
Description='Bond Interface'
Interface='bond0'
Connection=bond
BindsToInterfaces=('eth0' 'eth1')
IP=dhcp
IP6=stateless

现在你可以停用之前的配置文件。然后设置 bonding 为自动启动,切换到新的配置。例如:

# netctl switch-to bond0
注意: 这将使用 bonding 驱动的默认策略 round-robin(负载均衡)。详见官方文档
提示: 查看状态和绑定模式:
$ cat /proc/net/bonding/bond0

有线 -> 无线故障切换

这一部分探讨怎样用bonding来实现当有线以太网无法工作时自动切换至无线网络。我们假设所有的网络接口默认启动dhcdpcd服务。

你需要从官方源安装软件包:ifenslavewpa_supplicant.

首先设置 bonding 驱动使用 active-backup:

/etc/modprobe.d/bonding.conf
options bonding mode=active-backup
options bonding miimon=100
options bonding primary=eth0
options bonding max_bonds=0

max_bonds 选项避免了 Interface bond0 already exists 错误。如果使用了MAC过滤,应当添加设置 fail_over_mac=active

接下来,编写一个netctl配置文件来绑定两个网络接口:

/etc/netctl/failover
Description='A wired connection with failover to wireless'
Interface='bond0'
Connection=bond
BindsToInterfaces=('eth0' 'wlan0')
IP='dhcp'
SkipNoCarrier='no'

设置该配置文件自启动:

# netctl enable failover

将 wpa_supplicant 配置为关联一个已知网络,可以通过 netctl profile (记得设置 IP='no'), 和一个长期运行的 wpa_supplicant 服务或者 wpa_cli 命令实现。具体方法请访问 wpa_supplicant 页面。想要长期运行 wpa_supplicant 服务,创建一个wpa_supplicant配置文件/etc/wpa_supplicant/wpa_supplicant-wlan0.conf 然后运行:

# systemctl enable wpa_supplicant@wlan0

在有线网络配置中设置IP='no'。IP地址应当只被分配到bond0接口。

如果你有一个有线连接和无线连接连接到同一个网络,现在可以将有线网络断开连接,然后重新连接而依然保持网络通畅。在大多数情况下,甚至连流媒体音乐都不会卡顿。

使用任意接口

In some cases it may be desirable to allow a profile to use any interface on the system. A common example use case is using a common disk image across many machines with differing hardware (this is especially useful if they are headless). If you use the kernel's naming scheme, and your machine has only one ethernet interface, you can probably guess that eth0 is the right interface. If you use udev's Predictable Network Interface Names, however, names will be assigned based on the specific hardware itself (e.g. enp1s0), rather than simply the order that the hardware was detected (e.g. eth0, eth1). This means that a netctl profile may work on one machine and not another, because they each have different interface names.

A quick and dirty solution is to make use of the /etc/netctl/interfaces/ directory. Choose a name for your interface alias (en-any in this example), and write the following to a file with that name (making sure it is executable).

/etc/netctl/interfaces/en-any
#!/bin/bash
for interface in /sys/class/net/en*; do
        break;
done
Interface=$(basename $interface)
echo "en-any: using interface $Interface";

Then create a profile that uses the interface. Pay special attention to the Interface directive. The rest are only provided as examples.

/etc/netctl/wired
Description='Wired'
Interface=en-any
Connection=ethernet
IP=static
Address=('192.168.1.15/24')
Gateway='192.168.1.1'
DNS=('192.168.1.1')

When the wired profile is started, any machine using the two files above will automatically bring up and configure the first ethernet interface found on the system, regardless of what name udev assigned to it. Note that this is not the most robust way to go about configuring interfaces. If you use multiple interfaces, netctl may try to assign the same interface to them, and will likely cause a disruption in connectivity. If you do not mind a more complicated solution, netctl-auto is likely to be more reliable.

使用钩子

netctl supports hooks in /etc/netctl/hooks/ and per interface hooks in /etc/netctl/interfaces/. You can set any option in a hook/interface that you can in a profile. They are read the same way! Most importantly this includes ExecUpPost and ExecDownPre.

When a profile is read, netctl sources all executable scripts in hooks, then it reads the profile file for the connection and finally it sources an executable script with the name of the interface used in the profile from the interfaces directory. Therefore, declarations in an interface script override declarations in the profile, which override declarations in hooks.

The variables $INTERFACE, $SSID, $ACTION and $Profile are available in hooks/interfaces only when using netctl-auto

范例

在已有连接上执行命令
/etc/netctl/hooks/myservices
#!/bin/sh
ExecUpPost="systemctl start crashplan.service; systemctl start dropbox@<username>.service"
ExecDownPre="systemctl stop crashplan.service; systemctl stop dropbox@<username>.service"
激活 network-online.target
/etc/netctl/hooks/status
#!/bin/sh
ExecUpPost="systemctl start network-online.target"
ExecDownPre="systemctl stop network-online.target"

Using this, systemd services requiring an active network connection can be ordered to start only after the network-online.target is reached, and can be stopped before the connection is brought down.

设置默认 DHCP 客户端

To set or change the DHCP client used for all profiles:

/etc/netctl/hooks/dhcp
#!/bin/sh
DHCPClient='dhclient'

Alternatively, it may also be specified for a specific network interface by creating an executable file /etc/netctl/interfaces/<interface> with the following line:

DHCPClient='dhclient'

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: It would be useful to replace the example with a general hook that executes different actions depending on $ACTION being CONNECT and DISCONNECT. (Discuss in Talk:Netctl (简体中文)#)

排错

Job for netctl@wlan(...).service failed

Some people have an issue when they connect to a network with netctl, for example:

# netctl start wlan0-ssid
Job for netctl@wlan0\x2ssid.service failed. See 'systemctl status netctl@wlan0\x2ssid.service' and 'journalctl -xn' for details.

When then looking at journalctl -xn, either of the following are shown:

1. If your device (wlan0 in this case) is up:

network[2322]: The interface of network profile 'wlan0-ssid' is already up

Setting the interface down should resolve the problem:

# ip link set wlan0 down

Then retry:

# netctl start wlan0-ssid

Tango-inaccurate.pngThe factual accuracy of this article or section is disputed.Tango-inaccurate.png

Reason: The following is an unsolved issue, using different DHCP client is just a poor/unexplained workaround. (Discuss in Talk:Netctl (简体中文)#)

2. If it is down:

dhcpcd[261]: wlan0: ipv4_sendrawpacket: Network is down

One way to solve this is to use a different DHCP client, for example dhclient. After installing the package configure netctl to use it:

/etc/netctl/wlan0-ssid
...
DHCPClient='dhclient'

Adding the ForceConnect option may also be helpful:

/etc/netctl/wlan0-ssid

...

ForceConnect=yes

Save it and try to connect with the profile:

# netctl start wlan0-ssid

dhcpcd: ipv4_addroute: File exists

On some systems dhcpcd in combination with netctl causes timeout issues on resume, particularly when having switched networks in the meantime. netctl will report that you are successfully connected but you still receive timeout issues. In this case, the old default route still exists and is not being renewed. A workaround to avoid this misbehaviour is to switch to dhclient[broken link: invalid section] as the default dhcp client. More information on the issue can be found here.

DHCP timeout issues

If you are having timeout issues when requesting leases via DHCP you can set the timeout value higher than netctl's 30 seconds by default. Create a file in /etc/netctl/hooks/ or /etc/netctl/interfaces/, add TimeoutDHCP=40 to it for a timeout of 40 seconds and make the file executable.

Connection timeout issues

If you are having timeout issues that are unrelated to DHCP (on a static ethernet connection for example), and are experiencing errors similar to the following when starting your profile:

# journalctl _SYSTEMD_UNIT=netctl@profile.service
Starting network profile 'profile'...
No connection found on interface 'eth0' (timeout)
Failed to bring the network up for profile 'profile'

Then you should increase carrier and up timeouts by adding TimeoutUp= and TimeoutCarrier= to your profile file:

/etc/netctl/profile
...
TimeoutUp=300
TimeoutCarrier=300

Do not forget to reenable your profile:

# netctl reenable profile

Problems with netctl-auto on resume

Sometimes netctl-auto fails to reconnect when the system resumes from suspend. An easy solution is to restart the service for netctl-auto. This can be automated with an additional service like the following:

/etc/systemd/system/netctl-auto-resume@.service
[Unit]
Description=restart netctl-auto on resume.
Requisite=netctl-auto@%i.service
After=suspend.target

[Service]
Type=oneshot
ExecStart=/usr/bin/systemctl restart netctl-auto@%i.service

[Install]
WantedBy=suspend.target

To enable this service for your wireless card, for example, enable netctl-auto-resume@wlan0.service as root. Change wlan0 to the required network interface.

If the device is not yet running on resume when the unit is started, this will fail. It can be fixed by adding the following dependency in the After line:

/etc/systemd/system/netctl-auto-resume@.service
...
After=suspend.target sys-subsystem-net-devices-%i.device
...

netctl-auto suddenly stopped working for WiFi adapters

This problem seems to be related to a recent wpa_supplicant update (see FS#44731), but a work-around is quite trivial. Just create a file for your interface (e.g. wlp3s0) in /etc/netctl/interfaces with the following content and make it executable:

/etc/netctl/interfaces/wlp3s0
WPAOptions="-m ''"

After that, try to restart your netctl-auto service and WiFi auto detection should work well again.

netctl-auto does not automatically unblock a wireless card to use an interface

Many laptops have a hardware button (or switch) to turn off wireless card, however, the card can also be blocked by the kernel. This can be handled by rfkill.

If you want netctl-auto to automatically unblock your wireless card to connect to a particular network, set RFKill=++auto++ option for the wireless connection of your choice, as specified in the netctl.profile(5) man page.

RTNETLINK answers: File exists (with multiple NICs)

This is a very misleading response, it really means that you have assigned a default gateway in an earlier netctl control file. When netctl starts up the n-th NIC and goes to set its local route, it fails because there is already a default route from n-1.

Remove it and everything works, except you no longer have a default route and so cannot access things such as the internet. ExecUpPost does not work as it gets executed for each network card.

A possible solution is creating a new service:

/etc/systemd/system/defaultrouter.service
[Unit]
Description
Requires=netctl.service
After=netctl.service
Before=ntpd.service,dnsmasq.service

[Service]
Type=oneshot
ExecStart=/usr/bin/ip route add default via 192.168.xxx.yyy

参见