Fedora Core 3 T42 Automatic Network Access

Bill Moss
Updated December 7, 2004

Review of Standard Network Configuration

During the installation of FC3, the built-in wired adapter is configured as device eth0 with either a static ip address or an ip address automatically obtained from a DHCP server. After the first boot, the Network Configuration tool (NEAT) can be used to make additional settings such as 'allow all users to enable and disable the device' and 'automatically obtain DNS information from provider.' These settings are saved in the configuration file

  /etc/sysconfig/network-scripts/ifcfg-eth0

Now assume that the ipw2200 wireless driver is downloaded and installed as explained in another article. During the reboot after installation, the new wireless hardware should be detected and configured as device eth1. In any event, configuration can be done after boot using NEAT. This configuration can include specification of a wireless SSID and WEP key. Note that hex WEP keys must begin with '0x' when using this tool. These settings are saved in two files

  /etc/sysconfig/network-scripts/ifcfg-eth1
  /etc/sysconfig/network-scripts/keys-eth1

A traditional approach to network management is to set one of the interfaces to start at boot and then to manually activate the other as needed. A second, more flexible approach is to use NEAT to define network profiles that can be selected at the grub boot screen as explained in yet another article. In either case, the Network Device Control tool can be used to activate and deactivate the wired and wireless interfaces or to switch profiles.

When NEAT or the Network Device Control tool are used to activate an interface, the script

  /etc/sysconfig/network-scripts/ifup

is called. The ifup script tests to see that the interface is available, configures it, and then uses dhclient to obtain an ip address if necessary. In the case of a wireless interface, ifup calls

  /etc/sysconfig/network-scripts/ifup-wireless

to do the configuration. The ifup-wireless script uses iwconfig and the settings in ifcfg-eth1 and keys-eth1 to configure the wireless interface.

Non-traditional Methods of Network Interface Activation

In the remainder of this article, we assume that no network devices are activated during boot by either of the methods discussed above. In this case, the network service can be removed from level 5 using the Services tool. We will discuss several methods for activating and deactivating network devices manually and automatically.

Here is the hardware and OS information for this discussion.

  Windows XP SP2
  Intel Pro/Wireless 2200BG Network Connection 
      Windows XP driver 8.0.12.20000
  Intel Pro/1000 MT Mobile Connection, Windows XP driver 7.2.17.0
  
  Fedora Core 3, kernel 2.6.9.-1.681
  Wireless driver ipw2200 version 0.15
  Ethernet driver e1000

Most of my connection time is spend at home or at Clemson University. At home, I use a SMC Barricade 7004 AWBR, router/switch/access point (AP). The Barricade is set up to use a static 128 bit WEP key and it broadcasts the SSID 'cuairnet.' Many of the commons areas and classrooms at Clemson are covered by Cisco access points, all configured with the SSID 'cuairnet' and a static 128 bit WEP key. The Clemson wireless network does not broadcast its SSID. The SSID is said to be hidden. There is plenty to read on the internet about the minimal security provided by static WEP and the questionalbe worth of hidden SSIDs, but this article is not about those topics.

Windows XP and Wireless Zero Configuration

By default, Windows XP comes with a service called Wireless Zero Configuration (WZC). This service can be used to manage wireless connections to AP's which broadcast their SSIDs. Unfortunately, this utility will not reliably connect to AP's whose SSIDs are hidden. If you monitor your laptop's system events, you will see the wireless connection randomly dropped and then picked up again a several minutes later. There is no way to configure around this behavior. It is a design feature. Students and faculty with relatively recent IBM Thinkpads have an alternative, called the IBM Access Connections Utility.

Windows XP and the IBM Access Connections Utility

In my opinion, IBM has set the standard with this utility. Here are its main features.

If I remove the Ethernet cable from my laptop in the office, the IBM Access Connection Utility automatically switches from my Clemson Wired profile to my Clemson Wireless profile. It turns off the wired adapter, turns on the wireless adapter, configures it, and obtains an ip address. If I plug the Ethernet cable back in, the process is reversed and a connection is re-established using my Clemson Wired profile. A search for wireless AP's on campus will come up empty because the campus AP's do not broadcast their SSIDs. The IBM Access Connection Utility can connect to these AP's because my Clemson Wireless profile contains the SSID and WEP key.

FC3 Commandline Configuration, Activation, and Deactivation

The commands

  /sbin/ifup eth0
   
  /sbin/ifdown eth0

will activate and deactivate the wired interface. The commands

  /sbin/iwconfig eth1 key xxxxxxxxxxxxxxxxxxxxxxxxxx
  /sbin/iwconfig eth1 essid cuairnet
  /sbin/dhclient -1 -q  -lf /var/lib/dhcp/dhclient-eth1.leases 
      -pf /var/run/dhclient-eth1.pid eth1
    
  /sbin/iwconfig eth1 key off
  /sbin/iwconfig eth1 essid any
  /sbin/ifdown eth1

will activate and deactivate the wireless interface.

WPA_Supplicant

wpa_supplicant can be downloaded from its home Web site using the URL

  http://hostap.epitest.fi/wpa_supplicant/
      wpa_supplicant-0.2.5.tar.gz

In the installation directory, I created the file .config containing the lines

  CONFIG_DRIVER_WEXT=y
  CONFIG_WIRELESS_EXTENSION=y

In the installation directory, I issued the make command and then copied the executables to /usr/local/bin. I created the file /etc/wpa_supplicant.conf containing the lines

  ctrl_interface=/var/run/wpa_supplicant
  ctrl_interface_group=0
  eapol_version=1
  ap_scan=1
  network={
         ssid="cuairnet"
         key_mgmt=NONE
         wep_key0=xxxxxxxxxxxxxxxxxxxxxxxxxx
         wep_tx_keyidx=0
         priority=0
  }

I removed the key from keys-eth1, removed most of the wireless configuration from ifcfg-eth1, and added the line WPA=yes.

  IPV6INIT=no
  ONBOOT=no
  USERCTL=yes
  PEERDNS=yes
  TYPE=Wireless
  DEVICE=eth1
  HWADDR=00:0e:35:14:60:d0
  BOOTPROTO=dhcp
  MODE=Managed
  WPA=yes

I added to the end of ifup-wireless, the lines

  if [ "$WPA" = "yes" -a -x /usr/local/bin/wpa_supplicant ]; then
      /usr/local/bin/wpa_supplicant -Bw -c/etc/wpa_supplicant.conf -i$DEVICE
  fi

To the file ifdown, I added the lines

  # is the device wireless?
  is_wireless_device ${DEVICE} && . ./ifdown-wireless

just before the line

  OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${DEVICETYPE}"

I created the file ifdown-wireless containing the lines

  #!/bin/bash

  if [ "$WPA" = "yes" -a -x /usr/local/bin/wpa_supplicant ]; then
     killall wpa_supplicant
     rm -r /var/run/wpa_supplicant
  fi

and I set executible permissions for this file.

The Network Device Control can be used to activate eth1. The script ifup will call ifup-wireless, which will run wpa_supplicant in the background. The utility wpa_supplicant will scan for AP's which are broadcasting their SSID. Once wpa_supplicant has associated with an AP, control will be returned to ifup-wireless and then to ifup, which will finish by calling dhclient to acquire an ip address. If the Network Device Control is used to deactivate eth1, this process is reversed. If you move to a different location, eth1 must be deactivated and then activated to force wpa_supplicant to connect to a different AP.

This setup is a variant of the traditional setup. The wpa_supplicant provides for the automatic connection to an available, preconfigured network when the wireless interface is activated. When WPA support is added to the ipw2200 driver, this setup could be modified to handle WPA. wpa_supplicant would have to be recompiled with a different .config file and a different wpa_supplicant.conf would be needed.

NetworkManager

This presentation has been moved to a separate article.