UNIVERSITY OF MANCHESTER
School of Computer Science
JTL's Fedora Tips
Setting up networks
Here are some tips for setting up networks on Fedora, without resorting to using the GNOME/KDE network GUI `patronage'. In particular, if you believe networks should be independent of desktop and user and whether anybody is even logged on, and should be able to be started from scripts, etc., then read on! ;-)
Please feel free to pass me any constructive feedback by email. jtl{at}cs.man.ac.uk (you will need to edit the abstraction of the at sign). You can also suggest other topics for me to give some hints about.
Section links
| Read first | General information |
| Multi-use devices | Having multiple network setups for the same device |
| Wired DHCP | Setting up a wired network: DHCP |
| Wired Fixed IP | Setting up a wired network: fixed IP |
| Wireless -- WEP | Setting up a wireless WEP network |
| Wireless -- WPA | Setting up a wireless WPA network |
| Search Google for Fedora network configuration |
Read first
On Fedora (and Red Hat), every network which `belongs' to the whole machine
(as opposed to an individual user) has configuration information stored in the
directory /etc/sysconfig/network-scripts.
Each network has a file called ifcfg-X where X is
the name of the network. Often the the name, X is the same as the
name of the device used by the network, but it does not have to be.
For example, you will probably find a file called ifcfg-eth0
which was placed there by the Fedora installation process. This probably
contains a configuration for using a wired network on device eth0
(the first wired ethernet port) that will work for a network using
Dynamic Host Control Protocol (DHCP).
Networks that need authentication keys (e.g. wireless ones) will also have
a file called keys-X where X is the name of the
network.
To start the network called X from the command line or within
a script, we run the command ifup X. And to shut it down we run
ifdown X.
The configuration may specify the network should be started at boot up, in
which case it is started when either of the network or the
NetworkManager services are started. Otherwise it is to be
started on demand by a user or a script.
The configuration may state that ordinary users are allowed to start and
stop the network. Otherwise only root can do so.
Multi-use devices
The name of a network does not have to be the same as the name of the device the network uses. You may wonder why that is useful.
For a mobile machine, you probably don't want any network started up at boot. Instead you want to start a network when you're ready, and you may need to start the right one for the location you are in. For example, you might have a wireless network for use at home, another for work, a third for when you visit your girl/boyfriend, your mum, etc.. Each of these will no doubt have different settings -- in particular different authentication keys.
So you set up ifcfg-home and keys-home to use
device wlan0 (the first wireless LAN card), and run ifup
home and ifdown home as you need to.
Then you pop to your work, and set up ifcfg-work and
keys-work also to use the same device. And you make another pair
of files for each of the places you frequent -- this way you never need to
re-enter the setup information when you go back to a place you have been to
before! ;-)
For a desktop machine, you might want to use the same wireless card sometimes to talk to a router, and sometimes to act as an ad-hoc network when the router is not available.
Back to topWired DHCP
Setting up a wired network: DHCP
Expand: Wired DHCP
Wired Fixed IP
Setting up a wired network: fixed IP
Expand: Wired Fixed IP
Wireless -- WEP
Setting up a wireless WEP network
Expand: Wireless -- WEP
Wireless -- WPA
N.B. For the configuration described here to work, you will probably need
to disable the NetworkManager service, because it seems to insist
on starting wpa-supplicant, which interferes unhelpfully with the
authentication keys. To disable the NetworkManager service,
execute (as root) the following.
chkconfig NetworkManager off # NetworkManager is not started at boot /etc/init.d/NetworkManager stop # Stop it right now killall wpa_supplicant # Stop any running wpa_supplicant chkconfig network on # network service is started at boot /etc/init.d/network start # Start it now
A wireless network that uses WPA authentication is the most tricky -- the
standard Fedora scripts do not support it at all! However, I have scripts here
that you can download and place next to the standard ones in
/etc/sysconfig/network-scripts, that will add such support.
They are ifup-wpa and ifdown-wpa: please download them both and, as
root, put them in /etc/sysconfig/network-scripts,
and make them executable (chmod +x if*-wpa).
The following configuration file will not work without the above mentioned scripts!
Here is the contents of an ifcfg-X file, where X
is the chosen name for the network, for use with device wlan0
(the first wireless card) on a wireless network which has a Dynamic
Host Control Protocol (DHCP) server on it, and which uses WPA
security.
DEVICETYPE=wpa # Instead of setting TYPE: needs if{up,down}-wpa
DEVICE=wlan0 # Use the first wireless card.
ONBOOT=no # Do not start on machine boot.
BOOTPROTO=dhcp # Get IP and DNS info via DHCP.
USERCTL=yes # Allow ordinary users to start/stop this network.
NM_CONTROLLED=no # Tell NetworkManager to keep its pesky hands off!
ESSID="MyWpaEssid" # The ESSID of the wireless network.
The order of the assignments does not matter. In fact the file is sourced by a shell script, and so these are shell variable assignments. Note: you thus cannot have spaces around the equals sign.
If you want this network started at boot up, change ONBOOT to
yes.
USERCTL to no.
I prefer setting NM_CONTROLLED to no so that the
pesky NetworkManager service doesn't make `clever' assumptions
and change the configuration for me -- typically losing information I have
entered! In fact I disable the NetworkManager service completely
-- it is designed for `passive users' for whom bad decisions are better than
none! :-)
Each wireless network has an Extended Service Set ID
(ESSID) which (within a wireless range) uniquely identifies that network. You
need to set this to the ESSID of the network you wish to connect with. If you
want to find out what ESSIDs are around then run iwlist wlan0
scan (although this doesn't always give any results, for some
reason).
If you want to set up a connection to a WPA wireless network that does not have DHCP available, then compare the configuration files (above) for wired networks for with and without DHCP, and make the same changes to this one.
Of course, a WPA wireless network also has an authentication key to worry
about. You need to obtain the hexadecimal shared key for the network. Some
routers will show you this, others will show only the passphrase from which it
was generated. You can determine the hexadecimal shared key for a network with
ESSID "MY ESSID" and passphrase "my passphrase" by running
wpa_passphrase "MY ESSID" "my passphrase"
-- you can select
and paste the long hexadecimal key from the output of that.
Place the hexadecimal shared key in the keys-X file, where
X is the chosen name for the network, as follows.
WPA_PSK=d24c7fb355bc1c502194ec9b2f4649b03e3d02fb95a03fb94ab586f62bd0ed98
It is essential that this file does not have public readability
(chmod go= keys-X).
Search Google for Fedora network configuration
Google