Iwd: Difference between revisions

(14 intermediate revisions by 8 users not shown)

Line 1:

iwd (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.

[https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ iwd] (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.

= ~~Using iwd~~ =

== Setup ==

iwd can be enabled with the following snippet.

Line 9:

</syntaxhighlight>

== Usage ==

Connections can be managed using the provided {{ic|iwctl}} tool.

== iwd as backend for NetworkManager ==

== Configuration ==

To configure iwd, you should use <code>networking.wireless.iwd.settings</code> option. An example configuration, which enables IPv6 and automatic connection to known networks, would be similar to:

{

networking.wireless.iwd.settings = {

IPv6 = {

Enabled = true;

};

Settings = {

AutoConnect = true;

};

}

</syntaxhighlight>

For a detailed and up-to-date list of available settings, please reference the [https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/src/iwd.network.rst network daemon configuration docummentation], from kernel Git repo.

=== Eduroam (WPA2 Enterprise) network ===

[https://eduroam.org Eduroam] wireless networks need to get configured manually by creating following file <code>/var/lib/iwd/eduroam.8021x:</code><syntaxhighlight lang="ini">

[Security]

EAP-Method=PEAP

EAP-Identity=eduroamHDcat2024@uni-heidelberg.de

EAP-PEAP-CACert=/var/lib/iwd/ca.pem

EAP-PEAP-ServerDomainMask=radius-node1.urz.uni-heidelberg.de

EAP-PEAP-Phase2-Method=MSCHAPV2

EAP-PEAP-Phase2-Identity=xyz123@uni-heidelberg.de

EAP-PEAP-Phase2-Password=mypassword

[Settings]

Autoconnect=true

</syntaxhighlight>Replace the value in <code>EAP-Identity</code>, <code>EAP-PEAP-ServerDomainMask</code>, <code>EAP-PEAP-Phase2-Identity</code> and <code>EAP-PEAP-Phase2-Password</code> according to your university presets which can be acquired at [https://cat.eduroam.org cat.eduroam.org]. After entering your university name there the site will offer you a download link to a Python script which contains most of the required default values. The script also contains a certificate string which can be copied into the file <code>/var/lib/iwd/ca.pem</code>.

=== iwd as backend for NetworkManager ===

If iwd is present, it can be used as a backend for NetworkManager through the following snippet.

networking.networkmanager.~~extraConfig~~ = ''

networking.networkmanager.wifi.backend = "iwd";

~~[device]~~

</syntaxhighlight>

wifi.backend=iwd

'';

=== iwd as backend for Connman ===

Iwd could be use as a backend for Connman too.

services.connman.wifi.backend = "iwd";

</syntaxhighlight>

Note that iwd is experimental and it does not have feature parity with the default backend, wpa_supplicant.

== Troubleshooting ==

=== org.freedesktop.service failed ===

When connecting to a protected network it could happen that no password window appears and the following message is written in the journal:

<pre>

dbus-daemon[1732]: [session uid=9001 pid=1730] Activated service 'org.freedesktop.secrets' failed: Failed to execute program org.freedesktop.secrets: No such file or directory

</pre>

Your desktop manager may not enable some secrets management service you may need to enable one:

{

services.gnome.gnome-keyring.enable = true;

}

</syntaxhighlight>

=== rfkill blocks wireless device ===

If the wi-fi connection is blocked by rf-kill, it it is needed to unblock the the wireless device. A way to do that with Nix is by using system.activationScripts.

{

system.activationScripts = {

rfkillUnblockWlan = {

text = ''

rfkill unblock wlan

'';

deps = [];

};

}

</syntaxHighlight>

=== desconnect-info reason: 2 ===

When using certain chipsets, such as the Qualcomm qcncm865<ref>https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723</ref>, you need to use legacy EAPoL packets<ref>https://lkml.org/lkml/2020/10/14/1101</ref> to prevent a disconnect loop. In <code>iwd.service</code> this issue shows up as:<syntaxhighlight>

SA Query timed out, connection is invalid. Disconnecting...

Feb 26 10:17:10 probook iwd[4486]: event: disconnect-info, reason: 2

</syntaxhighlight>If you are using systemd-networkd, this shows up in <code>systemd-networkd.service</code> as repeated <code>Carrier Gained. Carrier Lost.</code> messages. On nixos, this can be resolved by setting the matching iwd settings option.<syntaxhighlight lang="nix">

{

networking.wireless.iwd.settings.General.ControlPortOverNL80211 = false;

}

</syntaxhighlight>

[[Category:Applications]][[Category: Networking]]

@@ Line 1: / Line 1: @@
-iwd (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.
+[https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ iwd] (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.
-= Using iwd =
+== Setup ==
 iwd can be enabled with the following snippet.
@@ Line 9: / Line 9: @@
 </syntaxhighlight>
+== Usage ==
 Connections can be managed using the provided {{ic|iwctl}} tool.
-== iwd as backend for NetworkManager ==
+== Configuration ==
+To configure iwd, you should use <code>networking.wireless.iwd.settings</code> option. An example configuration, which enables IPv6 and automatic connection to known networks, would be similar to:
+<syntaxhighlight lang="nix">
+{
+  networking.wireless.iwd.settings = {
+    IPv6 = {
+      Enabled = true;
+    };
+    Settings = {
+      AutoConnect = true;
+    };
+  };
+}
+</syntaxhighlight>
+For a detailed and up-to-date list of available settings, please reference the [https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/src/iwd.network.rst network daemon configuration docummentation], from kernel Git repo.
+=== Eduroam (WPA2 Enterprise) network ===
+[https://eduroam.org Eduroam] wireless networks need to get configured manually by creating following file <code>/var/lib/iwd/eduroam.8021x:</code><syntaxhighlight lang="ini">
+[Security]
+EAP-Method=PEAP
+EAP-Identity=eduroamHDcat2024@uni-heidelberg.de
+EAP-PEAP-CACert=/var/lib/iwd/ca.pem
+EAP-PEAP-ServerDomainMask=radius-node1.urz.uni-heidelberg.de
+EAP-PEAP-Phase2-Method=MSCHAPV2
+EAP-PEAP-Phase2-Identity=xyz123@uni-heidelberg.de
+EAP-PEAP-Phase2-Password=mypassword
+[Settings]
+Autoconnect=true
+</syntaxhighlight>Replace the value in <code>EAP-Identity</code>, <code>EAP-PEAP-ServerDomainMask</code>, <code>EAP-PEAP-Phase2-Identity</code> and <code>EAP-PEAP-Phase2-Password</code> according to your university presets which can be acquired at [https://cat.eduroam.org cat.eduroam.org]. After entering your university name there the site will offer you a download link to a Python script which contains most of the required default values. The script also contains a certificate string which can be copied into the file <code>/var/lib/iwd/ca.pem</code>.
+=== iwd as backend for NetworkManager ===
 If iwd is present, it can be used as a backend for NetworkManager through the following snippet.
 <syntaxhighlight lang="nix">
-networking.networkmanager.extraConfig = ''
+networking.networkmanager.wifi.backend = "iwd";
-  [device]
+</syntaxhighlight>
-  wifi.backend=iwd
-'';
+=== iwd as backend for Connman ===
+Iwd could be use as a backend for Connman too.
+<syntaxhighlight lang="nix">
+services.connman.wifi.backend = "iwd";
 </syntaxhighlight>
 Note that iwd is experimental and it does not have feature parity with the default backend, wpa_supplicant.
+== Troubleshooting ==
+=== org.freedesktop.service failed ===
+When connecting to a protected network it could happen that no password window appears and the following message is written in the journal:
+<pre>
+dbus-daemon[1732]: [session uid=9001 pid=1730] Activated service 'org.freedesktop.secrets' failed: Failed to execute program org.freedesktop.secrets: No such file or directory
+</pre>
+Your desktop manager may not enable some secrets management service you may need to enable one:
+<syntaxhighlight lang="nix">
+{
+  services.gnome.gnome-keyring.enable = true;
+}
+</syntaxhighlight>
+=== rfkill blocks wireless device ===
+If the wi-fi connection is blocked by rf-kill, it it is needed to unblock the the wireless device. A way to do that with Nix is by using  system.activationScripts.
+<syntaxHighlight lang=nix>
+{
+  system.activationScripts = {
+    rfkillUnblockWlan = {
+      text = ''
+      rfkill unblock wlan
+      '';
+      deps = [];
+    };
+  };
+}
+</syntaxHighlight>
+=== desconnect-info reason: 2 ===
+When using certain chipsets, such as the Qualcomm qcncm865<ref>https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723</ref>, you need to use legacy EAPoL packets<ref>https://lkml.org/lkml/2020/10/14/1101</ref> to prevent a disconnect loop. In <code>iwd.service</code> this issue shows up as:<syntaxhighlight>
+SA Query timed out, connection is invalid.  Disconnecting...
+Feb 26 10:17:10 probook iwd[4486]: event: disconnect-info, reason: 2
+</syntaxhighlight>If you are using systemd-networkd, this shows up in <code>systemd-networkd.service</code> as repeated <code>Carrier Gained. Carrier Lost.</code> messages. On nixos, this can be resolved by setting the matching iwd settings option.<syntaxhighlight lang="nix">
+{
+  networking.wireless.iwd.settings.General.ControlPortOverNL80211 = false;
+}
+</syntaxhighlight>
+[[Category:Applications]][[Category: Networking]]