Iwd: Difference between revisions

(17 intermediate revisions by 10 users not shown)

Line 1:

iwd (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.

[https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ iwd] (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.

= ~~Using iwd~~ =

== Setup ==

iwd can be enabled with the following snippet.

Line 9:

Line 10:

</syntaxhighlight>

== Usage ==

Connections can be managed using the provided {{ic|iwctl}} tool.

== iwd as backend for NetworkManager ==

== Configuration ==

To configure iwd, you should use <code>networking.wireless.iwd.settings</code> option. An example configuration, which enables IPv6 and automatic connection to known networks, would be similar to:

{

networking.wireless.iwd.settings = {

Network = {

EnableIPv6 = true;

};

Settings = {

AutoConnect = true;

};

}

</syntaxhighlight>

For a detailed and up-to-date list of available settings, please reference the [https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/src/iwd.network.rst network daemon configuration docummentation], from kernel Git repo.

=== Eduroam (WPA2 Enterprise) network ===

[https://eduroam.org Eduroam] wireless networks need to get configured manually by creating following file <code>/var/lib/iwd/eduroam.8021x:</code><syntaxhighlight lang="ini">

[Security]

EAP-Method=PEAP

EAP-Identity=eduroamHDcat2024@uni-heidelberg.de

EAP-PEAP-CACert=/var/lib/iwd/ca.pem

EAP-PEAP-ServerDomainMask=radius-node1.urz.uni-heidelberg.de

EAP-PEAP-Phase2-Method=MSCHAPV2

EAP-PEAP-Phase2-Identity=xyz123@uni-heidelberg.de

EAP-PEAP-Phase2-Password=mypassword

[Settings]

Autoconnect=true

</syntaxhighlight>Replace the value in <code>EAP-Identity</code>, <code>EAP-PEAP-ServerDomainMask</code>, <code>EAP-PEAP-Phase2-Identity</code> and <code>EAP-PEAP-Phase2-Password</code> according to your university presets which can be acquired at [https://cat.eduroam.org cat.eduroam.org]. After entering your university name there the site will offer you a download link to a Python script which contains most of the required default values. The script also contains a certificate string which can be copied into the file <code>/var/lib/iwd/ca.pem</code>.

=== iwd as backend for NetworkManager ===

If iwd is present, it can be used as a backend for NetworkManager through the following snippet.

Line 17:

Line 52:

networking.networkmanager.wifi.backend = "iwd";

</syntaxhighlight>

</syntaxhighlight>{{Warning|Setting this will silently turn off MAC address randomization as Networkmanager does not control the MAC address randomization features of `iwd` for which it is turned off by default.<ref>https://bbs.archlinux.org/viewtopic.php?id=280657</ref><ref>https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1111</ref>

To remediate this, configure iwd directly using the `AddressRandomization` option.}}

== iwd as backend for Connman ==

=== iwd as backend for Connman ===

Iwd could be use as a backend for Connman too.

Line 30:

Line 66:

== Troubleshooting ==

=== org.freedesktop.service failed ===

When connecting to a protected network it could happen that no password window appears and the following message is written in the journal:

Line 36:

Line 73:

</pre>

Your desktop manager may not enable some secrets management service you may need to enable one:

{

services.gnome.gnome-keyring.enable = true;

}

</syntaxhighlight>

=== rfkill blocks wireless device ===

If the wi-fi connection is blocked by rf-kill, it it is needed to unblock the the wireless device. A way to do that with Nix is by using system.activationScripts.

{

~~services~~.~~gnome3.gnome-keyring.enable~~ = ~~true~~;

system.activationScripts = {

rfkillUnblockWlan = {

text = ''

rfkill unblock wlan

'';

deps = [];

};

}

</syntaxHighlight>

=== desconnect-info reason: 2 ===

When using certain chipsets, such as the Qualcomm qcncm865<ref>https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723</ref>, you need to use legacy EAPoL packets<ref>https://lkml.org/lkml/2020/10/14/1101</ref> to prevent a disconnect loop. In <code>iwd.service</code> this issue shows up as:<syntaxhighlight>

SA Query timed out, connection is invalid. Disconnecting...

Feb 26 10:17:10 probook iwd[4486]: event: disconnect-info, reason: 2

</syntaxhighlight>If you are using systemd-networkd, this shows up in <code>systemd-networkd.service</code> as repeated <code>Carrier Gained. Carrier Lost.</code> messages. On nixos, this can be resolved by setting the matching iwd settings option.<syntaxhighlight lang="nix">

{

networking.wireless.iwd.settings.General.ControlPortOverNL80211 = false;

}

</syntaxhighlight>

[[Category:Applications]][[Category: Networking]]

@@ Line 1: / Line 1: @@
-iwd (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.
+{{DISPLAYTITLE:iwd}}
+[https://archive.kernel.org/oldwiki/iwd.wiki.kernel.org/ iwd] (iNet wireless daemon) is a Linux-only wireless daemon aiming to decrease the time spent making connections.
-= Using iwd =
+== Setup ==
 iwd can be enabled with the following snippet.
@@ Line 9: / Line 10: @@
 </syntaxhighlight>
+== Usage ==
 Connections can be managed using the provided {{ic|iwctl}} tool.
-== iwd as backend for NetworkManager ==
+== Configuration ==
+To configure iwd, you should use <code>networking.wireless.iwd.settings</code> option. An example configuration, which enables IPv6 and automatic connection to known networks, would be similar to:
+<syntaxhighlight lang="nix">
+{
+  networking.wireless.iwd.settings = {
+    Network = {
+      EnableIPv6 = true;
+    };
+    Settings = {
+      AutoConnect = true;
+    };
+  };
+}
+</syntaxhighlight>
+For a detailed and up-to-date list of available settings, please reference the [https://git.kernel.org/pub/scm/network/wireless/iwd.git/tree/src/iwd.network.rst network daemon configuration docummentation], from kernel Git repo.
+=== Eduroam (WPA2 Enterprise) network ===
+[https://eduroam.org Eduroam] wireless networks need to get configured manually by creating following file <code>/var/lib/iwd/eduroam.8021x:</code><syntaxhighlight lang="ini">
+[Security]
+EAP-Method=PEAP
+EAP-Identity=eduroamHDcat2024@uni-heidelberg.de
+EAP-PEAP-CACert=/var/lib/iwd/ca.pem
+EAP-PEAP-ServerDomainMask=radius-node1.urz.uni-heidelberg.de
+EAP-PEAP-Phase2-Method=MSCHAPV2
+EAP-PEAP-Phase2-Identity=xyz123@uni-heidelberg.de
+EAP-PEAP-Phase2-Password=mypassword
+[Settings]
+Autoconnect=true
+</syntaxhighlight>Replace the value in <code>EAP-Identity</code>, <code>EAP-PEAP-ServerDomainMask</code>, <code>EAP-PEAP-Phase2-Identity</code> and <code>EAP-PEAP-Phase2-Password</code> according to your university presets which can be acquired at [https://cat.eduroam.org cat.eduroam.org]. After entering your university name there the site will offer you a download link to a Python script which contains most of the required default values. The script also contains a certificate string which can be copied into the file <code>/var/lib/iwd/ca.pem</code>.
+=== iwd as backend for NetworkManager ===
 If iwd is present, it can be used as a backend for NetworkManager through the following snippet.
@@ Line 17: / Line 52: @@
 <syntaxhighlight lang="nix">
 networking.networkmanager.wifi.backend = "iwd";
-</syntaxhighlight>
+</syntaxhighlight>{{Warning|Setting this will silently turn off MAC address randomization as Networkmanager does not control the MAC address randomization features of `iwd` for which it is turned off by default.<ref>https://bbs.archlinux.org/viewtopic.php?id=280657</ref><ref>https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1111</ref>
+To remediate this, configure iwd directly using the `AddressRandomization` option.}}
-== iwd as backend for Connman ==
+=== iwd as backend for Connman ===
 Iwd could be use as a backend for Connman too.
@@ Line 30: / Line 66: @@
 == Troubleshooting ==
 === org.freedesktop.service failed ===
 When connecting to a protected network it could happen that no password window appears and the following message is written in the journal:
@@ Line 36: / Line 73: @@
 </pre>
 Your desktop manager may not enable some secrets management service you may need to enable one:
+<syntaxhighlight lang="nix">
+{
+  services.gnome.gnome-keyring.enable = true;
+}
+</syntaxhighlight>
+=== rfkill blocks wireless device ===
+If the wi-fi connection is blocked by rf-kill, it it is needed to unblock the the wireless device. A way to do that with Nix is by using  system.activationScripts.
 <syntaxHighlight lang=nix>
 {
-   services.gnome3.gnome-keyring.enable = true;
+   system.activationScripts = {
+    rfkillUnblockWlan = {
+      text = ''
+      rfkill unblock wlan
+      '';
+      deps = [];
+    };
+  };
 }
 </syntaxHighlight>
+=== desconnect-info reason: 2 ===
+When using certain chipsets, such as the Qualcomm qcncm865<ref>https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723</ref>, you need to use legacy EAPoL packets<ref>https://lkml.org/lkml/2020/10/14/1101</ref> to prevent a disconnect loop. In <code>iwd.service</code> this issue shows up as:<syntaxhighlight>
+SA Query timed out, connection is invalid.  Disconnecting...
+Feb 26 10:17:10 probook iwd[4486]: event: disconnect-info, reason: 2
+</syntaxhighlight>If you are using systemd-networkd, this shows up in <code>systemd-networkd.service</code> as repeated <code>Carrier Gained. Carrier Lost.</code> messages. On nixos, this can be resolved by setting the matching iwd settings option.<syntaxhighlight lang="nix">
+{
+  networking.wireless.iwd.settings.General.ControlPortOverNL80211 = false;
+}
+</syntaxhighlight>
+[[Category:Applications]][[Category: Networking]]