From Fedora Project Wiki
No edit summary
(97 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{autolang|base=yes}}
<!-- page was renamed from NetworkManager
<!-- page was renamed from NetworkManager
-->
-->


= NetworkManager =
== NetworkManager ==
 
[http://projects.gnome.org/NetworkManager/ NetworkManager] is the primary configuration service for [[Networking]] in Fedora. Most of the information you might be interested in are
in the [[Networking]] page or its subpages.
 
=== Desktops and laptops ===


[http://people.redhat.com/dcbw/NetworkManager/ NetworkManager]  provides automatic network detection and configuration for the system. Once enabled, the NetworkManager service also monitors the network interfaces, and may automatically switch to the best connection at any given time. Applications that include NetworkManager support may automatically switch between on-line and off-line modes when the system gains or loses network connectivity.
NetworkManager provides automatic network detection and configuration for the system. Once enabled, the NetworkManager service also monitors the network interfaces, and may automatically switch to the best connection at any given time. Applications that include NetworkManager support may automatically switch between on-line and off-line modes when the system gains or loses network connectivity.


These facilities are most useful for modern laptops, where the user may move between wireless networks, and plug in to a variety of wired networks, but NetworkManager also provides features that are relevant to workstations. Current versions of NetworkManager support modem connections, and certain types of VPN. Development of these features is ongoing.
These facilities are most useful for modern laptops, where the user may move between wireless networks, and plug in to a variety of wired networks, but NetworkManager also provides features that are relevant to workstations. Current versions of NetworkManager support modem connections, and certain types of VPN. Development of these features is ongoing.
Line 10: Line 17:
NetworkManager requires Fedora to have drivers for the wired and wireless interfaces on the computer. Many manufacturers of modems and wireless devices provide limited support for Linux. You may need to install additional drivers or firmware on your Fedora system in order to activate these interfaces.
NetworkManager requires Fedora to have drivers for the wired and wireless interfaces on the computer. Many manufacturers of modems and wireless devices provide limited support for Linux. You may need to install additional drivers or firmware on your Fedora system in order to activate these interfaces.


{{admon/tip|Drivers first|NetworkManager may only work with network interfaces once the relevant drivers are correctly installed on your system. Reboot your system after installing a new firmware or a new driver in order to ensure that the changes take effect.}}
=== Servers ===
Fedora now by default relies on NetworkManager for network configuration. This is the case also for minimal installations and server installations. We are trying to
make NetworkManager as suitable for this task as possible. You can file bug reports and feature requests at http://bugzilla.gnome.org/ or, if they are related to
interoperability with the rest of the system, http://bugzilla.redhat.com/.
Upcoming release of NetworkManager will enhance the command-line tools and make server/enterprise capabilities more robust and less surprising.  Some demos of upcoming capabilities are:
* [http://people.redhat.com/dcbw/cli-bridge.ogg creating a bridge with nmcli]
* [http://people.redhat.com/dcbw/gui-bridge.ogg creating a bridge with nm-connection-editor]
* [http://people.redhat.com/dcbw/virt-wifi.ogg virtual interfaces and Wi-Fi with nmcli]
=== Documentation ===
Developer resources:
http://projects.gnome.org/NetworkManager/developers/
You can also find many configuration examples on this wiki, just follow
internal links about NetworkManager features.
=== NetworkManager objectives ===
NM is slowly changing from a desktop network connection configurator to a universal network configuration software that could be used as a part of the base system.
* Provide core network configuration features
* Expose the features through on-disk text-based configuration
* Expose the features through D-Bus API
* Provide basic CLI and GUI (other CLI/GUI frontends can be built on top of NetworkManager)


{{admon/tip|Drivers first|NetworkManager may only work with network interfaces once the relevant drivers are correctly installed on your system. Reboot your system after installing a new firmware or a new driver in order to ensure that the changes take effect.}}
The current version of NetworkManager is Fedora 17 is 0.9.4. Some of the features below may
not be available there. The current version of upstream NetworkManager is 0.9.6 and the
development version is 0.9.7 and is included in branched Fedora 18.
 
=== Features ===
 
Only features that can be considered fully working belong here.
 
* [[Tools/NetworkManager/Configuration|Configuration]] using keyfile and ifcfg-rh formats (other formats are used with other distributions)
* [[Tools/NetworkManager/CLI|CLI frontend]]
* [[Tools/NetworkManager/GUI|GUI frontend]]
* Good [[Tools/NetworkManager/IPv4|IPv4 support]] (static and automatic configuration)
* [[Tools/NetworkManager/D-Bus|D-Bus interface]]
* Local caching nameserver (dnsmasq)
* Ethernet connections (802.3)
* WiFi connections (802.11)
* VPN plugin interface
* Mobile broadband via USB or bluetooth
 
=== Untested features ===


== Enabling NetworkManager on Fedora ==
* WiMAX connections (802.16)
* ADSL
* Bluetooth (tested with mobile DUN but that may be a different story)
* OLPC Mesh


=== Command line way ===
=== Incomplete features ===
The installation process for Fedora automatically provides NetworkManager. To enable it, enter the following commands in a terminal window:


1. Set the main service to automatically start on boot: <code>su -c '/sbin/chkconfig --level 345 NetworkManager on'</code>
Only features that work reasonably well for everyday use belong here.
1. Start the service: <code>su -c '/sbin/service NetworkManager start </code>


For each
* Basic [[Tools/NetworkManager/IPv6|IPv6 support]] (broken reconfiguration, excessively many interaction with the kernel causing log bloat)
<code>su</code>
command, enter the ''root'' password at the prompt.


=== Graphical Way ===
=== Broken features ===


Start the <code>system-config-services</code> program, enter your root password and activate the <code>NetworkManager</code> service for runlevel 5.
Features that fail even with the most casual use belong here.


=== Gnome-specific information ===
* [[Tools/NetworkManager/Bonding|Bonding]] ­– devices won't join (nor automatically, nor manually) [TODO test 0.9.8.2]
* [[Tools/NetworkManager/Integration|Integration with other tools]]
* Connection 'assume', bad for IPv4, none for IPv6 (breaks IPv4 in dualstack networks)
* dispatcher.d – problems after wake up
* [[Tools/NetworkManager/VLAN|VLAN]] (it reportedly doesn't start automatically) [TODO test 0.9.8.2]


The NetworkManager tray icon automatically appears on your desktop once the services are started. If the NetworkManager service is active, then the tray icon appears each time that you log in to your desktop.
Note that there are huge improvements in git master which will eventually reach Fedora and will be published as NetworkManager 0.9.10.


NetworkManager also stores any encryption keys in the gnome-keyring manager.  If your are prompted to enter the keyring password after login, then keep reading. If your login password & the keyring password are the same, then there is a tool built to open the keyring for you on login. The package is called pam_keyring. To configure your system first install pam_keyring with yum:
=== Possible future features ===
<pre>
su -c 'yum -y install pam_keyring'</pre>
Second you'll need to modify your /etc/pam.d/gdm  file.
<pre>
su -c 'gedit /etc/pam.d/gdm'</pre>
Add the following lines
<pre>
auth    optional    pam_keyring.so try_first_pass
session optional    pam_keyring.so</pre>


The order in which this lines are placed in this file are important, here is a copy from a working system
* [[Tools/NetworkManager/Bridge|Ethernet Bridging]] – there is a feature branch, but devices won't automatically join [TODO test 0.9.8.2]
<pre>
* Keeping wired devices always on (for [[Networking/Link-local|IPv6 link-local networking]])
#%PAM-1.0
* Support for [[Tools/NetworkManager/IPv6#Automatic_reconfiguration|IPv6 automatic reconfiguration]] (changing default routes, etc...) [in git master, for 0.9.10]
auth      required    pam_env.so
* [[Tools/NetworkManager/IPv6#Long-term_goals|Event-based IPv6 handling]] without timers and duplicate processing (would clean logs and make code more robust) [in git master, for 0.9.10]
auth      optional    pam_keyring.so try_first_pass <---
* Exporting list of DNS servers and handing it over to recursive DNS servers like unbound and dnsmasq (especially necessary for proper VPN access) [WIP]
auth      include    system-auth
* [[Tools/NetworkManager/DNS|Local caching nameserver with DNSSEC]] and forwarders [WIP]
account    required    pam_nologin.so
* Support for networking on manually created interfaces (e.g. bridges) [WIP]
account    include    system-auth
* Support for easy temporary connection setup through CLI, D-Bus and GUI [WIP]
password  include    system-auth
* Support for making (the above) temporary connections permanent [WIP]
session    optional    pam_keyinit.so force revoke
* It should be possible to configure NetworkManager not to manage any devices by default (each device managed only by explicit configuration), cmdline switch might be handy [WIP]
session    include    system-auth
* NetworkManager should probably log external IPv4/IPv6 address/routing changes, as well as bridge configuration changes [WIP]
session    required    pam_loginuid.so
* NetworkManager should have an option to clean up any stuff created by itself (bridge/bond devices, addresses, etc) [WIP]
session    optional    pam_console.so
session    optional    pam_keyring.so <---</pre>


Now reboot your computer.  After login the keyring will be unlocked for you.
Note: Some of the features described here may have been already available and working at some point of time.


'''Changing keyring password'''
More resources:


If your keyring password is different from your login password, you will be prompted to enter it every time you login to your computer. To 'fix' this, see below:
* http://wiki.ovirt.org/wiki/SetupNetworks_SyncNetworks
* http://wiki.ovirt.org/wiki/Category:Feature


[[Fedora 10 or older]]
=== Community feature requests (mostly from bugzilla) ===


If you are running Fedora 10 or older, you should first install the following tools:
* [https://bugzilla.gnome.org/show_bug.cgi?id=560471 Automatically connect VPN for a physical connection]
* [https://bugzilla.gnome.org/show_bug.cgi?id=580018 Implement (wireless) connections priority]
* [https://bugzilla.gnome.org/show_bug.cgi?id=349151 Automatically reconnect dropped VPN]
* [https://bugzilla.gnome.org/show_bug.cgi?id=504763 Simultaneous VPN connections]
* [https://bugzilla.gnome.org/show_bug.cgi?id=514304 Captive portal authentication]
* [https://bugzilla.gnome.org/show_bug.cgi?id=582720 OLSRd]
* [https://bugzilla.gnome.org/show_bug.cgi?id=593815 IPv6 connection sharing]
* [https://bugzilla.gnome.org/show_bug.cgi?id=632716 N2N]
* Importing various VPN configuration formats
* [https://bugzilla.gnome.org/show_bug.cgi?id=679512 6to4]
* [https://bugzilla.gnome.org/show_bug.cgi?id=592305 Tor]
* [https://bugzilla.gnome.org/show_bug.cgi?id=591530 UPnP]


<pre>
=== Known problems ===
su -c 'yum -y install gnome-keyring-manager gnome-keyring pam_keyring'</pre>


Once you have installed pam_keyring and gnome-keyring, you will need to log out and back on. Then you can run
* [http://bugzilla.redhat.com/show_bug.cgi?id=815243 NetworkManager gets automaticaly respawned in F17, no sane way to temporarily disable it]
<pre>
* dhclient left over upon exist and spawned duplicately (also dhclient's check failes when permision denied when writing pidfile)
/usr/libexec/pam-keyring-tool -c</pre>
* [[Tools/NetworkManager/IPv6|Serious IPv6 problems]] (some of fixed in 0.9.6), affecting also IPv4 networking and link [reworked in master, for 0.9.10]
to change the default password. Alternatively you can now change a password through gnome-keyring-manager. Download and install gnome-keyring-manager. Then highlight the keyring and select Change Keyring Password from the Keyring menu of gnome-keyring-manager.
* [[Tools/NetworkManager/Integration#Kernel|IPv6 code is still full of workarounds]] [reworked in master, for 0.9.10]
* [http://bugzilla.gnome.org/show_bug.cgi?id=678417 Malfunctioning connection 'assume' functionality for IPv4] ([https://bugzilla.gnome.org/show_bug.cgi?id=676740 removed for IPv6])
* [http://bugzilla.gnome.org/show_bug.cgi?id=673682 NetworkManager's dispatcher fails to call scripts at resume]
* [http://bugzilla.gnome.org/show_bug.cgi?id=667874 NM writes to its own configuration file] [WIP]
* [http://bugzilla.gnome.org/show_bug.cgi?id=668251 Desktop: NM GUIs keep asking for wifi passwords] [TODO re-test]
* NetworkManager features are not currently implemented with [[Tools/NetworkManager/Testing|testability]] in mind [WIP]
* [https://bugzilla.gnome.org/show_bug.cgi?id=673334 NM won't sometimes set custom MAC address]
* nmcli is essentially lame and its syntax and output is inconsistent (e.g. true/false versus yes/no) [WIP]


[[Fedora 11 and newer]]
Note: some of the problems are deep in the core of NetworkManager. It can be expected that more problems will emerge over time or while fixing the currently known ones.
https://bugzilla.redhat.com/show_bug.cgi?id=815243


The ''Seahorse Encryption Key Manager'' has replaced gnome-keyring-manager in Fedora 11 onwards. You can install Seahorse via ''Add/Remove Software'' or from the command line:
=== Unreproduced problems ===


<pre>
* List of unmanaged devices (by MAC) is sometimes ignored
su -c 'yum -y install seahorse'
* Manually assigned IPv4 addresses get lost (in tens of seconds)
</pre>
* Serious doubts about working integration with network-scripts
* Doubts about overall robustness of NM behavior in non-standard situations
* Doubts about *local* NetworkManager security (polkit rules would deserve some auditing)


Once you have installed Seahorse, you will find its program icon titled 'Passwords and Encryption Keys' in the ''Applications...Accessories'' menu folder. To change the default keyring password, start Seahorse then right click ''Passwords:login'' at the top of the ''Passwords'' tab and select ''Change Password''.
Steps to 100% reproduce those are unknown, any help appreciated.


=== KDE specific information ===
=== Notes ===


To control NetworkManager by a system tray applet you need to install and start the program <code>knetworkmanager</code> of the same named package. The keys to the different networks are stored automatically in KDE's password storage system kwalletmanager.
* NetworkManager builds against specific distributions, not tools or dependencies (--with-distro) [fixed in 0.9.8]


== Further Information ==
== Further Information ==
* [[Networking]] – the starting point for those who seek network-related information on Fedora Wiki
* Refer to the System Administrator's Guide here: [http://docs.fedoraproject.org/ Fedora Documentation ]
* [http://www.redhat.com/magazine/003jan05/features/networkmanager/ Red Hat Magazine article on NetworkManager] : Good summary of the technology
* [http://www.redhat.com/magazine/003jan05/features/networkmanager/ Red Hat Magazine article on NetworkManager] : Good summary of the technology
* [http://projects.gnome.org/NetworkManager/ The NetworkManager Website]  
* [http://projects.gnome.org/NetworkManager/ The NetworkManager Website]  
* [http://mail.gnome.org/mailman/listinfo/networkmanager-list The NetworkManager mailing list]  
* [http://mail.gnome.org/mailman/listinfo/networkmanager-list The NetworkManager mailing list]  
* [[Local Caching Nameserver]]
* [[Local Caching Nameserver]]
----
----
[[Category:Desktop]]
[[Category:Desktop]]

Revision as of 15:29, 18 December 2013


NetworkManager

NetworkManager is the primary configuration service for Networking in Fedora. Most of the information you might be interested in are in the Networking page or its subpages.

Desktops and laptops

NetworkManager provides automatic network detection and configuration for the system. Once enabled, the NetworkManager service also monitors the network interfaces, and may automatically switch to the best connection at any given time. Applications that include NetworkManager support may automatically switch between on-line and off-line modes when the system gains or loses network connectivity.

These facilities are most useful for modern laptops, where the user may move between wireless networks, and plug in to a variety of wired networks, but NetworkManager also provides features that are relevant to workstations. Current versions of NetworkManager support modem connections, and certain types of VPN. Development of these features is ongoing.

NetworkManager requires Fedora to have drivers for the wired and wireless interfaces on the computer. Many manufacturers of modems and wireless devices provide limited support for Linux. You may need to install additional drivers or firmware on your Fedora system in order to activate these interfaces.

Idea.png
Drivers first
NetworkManager may only work with network interfaces once the relevant drivers are correctly installed on your system. Reboot your system after installing a new firmware or a new driver in order to ensure that the changes take effect.

Servers

Fedora now by default relies on NetworkManager for network configuration. This is the case also for minimal installations and server installations. We are trying to make NetworkManager as suitable for this task as possible. You can file bug reports and feature requests at http://bugzilla.gnome.org/ or, if they are related to interoperability with the rest of the system, http://bugzilla.redhat.com/.

Upcoming release of NetworkManager will enhance the command-line tools and make server/enterprise capabilities more robust and less surprising. Some demos of upcoming capabilities are:

Documentation

Developer resources:

http://projects.gnome.org/NetworkManager/developers/

You can also find many configuration examples on this wiki, just follow internal links about NetworkManager features.

NetworkManager objectives

NM is slowly changing from a desktop network connection configurator to a universal network configuration software that could be used as a part of the base system.

  • Provide core network configuration features
  • Expose the features through on-disk text-based configuration
  • Expose the features through D-Bus API
  • Provide basic CLI and GUI (other CLI/GUI frontends can be built on top of NetworkManager)

The current version of NetworkManager is Fedora 17 is 0.9.4. Some of the features below may not be available there. The current version of upstream NetworkManager is 0.9.6 and the development version is 0.9.7 and is included in branched Fedora 18.

Features

Only features that can be considered fully working belong here.

  • Configuration using keyfile and ifcfg-rh formats (other formats are used with other distributions)
  • CLI frontend
  • GUI frontend
  • Good IPv4 support (static and automatic configuration)
  • D-Bus interface
  • Local caching nameserver (dnsmasq)
  • Ethernet connections (802.3)
  • WiFi connections (802.11)
  • VPN plugin interface
  • Mobile broadband via USB or bluetooth

Untested features

  • WiMAX connections (802.16)
  • ADSL
  • Bluetooth (tested with mobile DUN but that may be a different story)
  • OLPC Mesh

Incomplete features

Only features that work reasonably well for everyday use belong here.

  • Basic IPv6 support (broken reconfiguration, excessively many interaction with the kernel causing log bloat)

Broken features

Features that fail even with the most casual use belong here.

  • Bonding ­– devices won't join (nor automatically, nor manually) [TODO test 0.9.8.2]
  • Integration with other tools
  • Connection 'assume', bad for IPv4, none for IPv6 (breaks IPv4 in dualstack networks)
  • dispatcher.d – problems after wake up
  • VLAN (it reportedly doesn't start automatically) [TODO test 0.9.8.2]

Note that there are huge improvements in git master which will eventually reach Fedora and will be published as NetworkManager 0.9.10.

Possible future features

  • Ethernet Bridging – there is a feature branch, but devices won't automatically join [TODO test 0.9.8.2]
  • Keeping wired devices always on (for IPv6 link-local networking)
  • Support for IPv6 automatic reconfiguration (changing default routes, etc...) [in git master, for 0.9.10]
  • Event-based IPv6 handling without timers and duplicate processing (would clean logs and make code more robust) [in git master, for 0.9.10]
  • Exporting list of DNS servers and handing it over to recursive DNS servers like unbound and dnsmasq (especially necessary for proper VPN access) [WIP]
  • Local caching nameserver with DNSSEC and forwarders [WIP]
  • Support for networking on manually created interfaces (e.g. bridges) [WIP]
  • Support for easy temporary connection setup through CLI, D-Bus and GUI [WIP]
  • Support for making (the above) temporary connections permanent [WIP]
  • It should be possible to configure NetworkManager not to manage any devices by default (each device managed only by explicit configuration), cmdline switch might be handy [WIP]
  • NetworkManager should probably log external IPv4/IPv6 address/routing changes, as well as bridge configuration changes [WIP]
  • NetworkManager should have an option to clean up any stuff created by itself (bridge/bond devices, addresses, etc) [WIP]

Note: Some of the features described here may have been already available and working at some point of time.

More resources:

Community feature requests (mostly from bugzilla)

Known problems

Note: some of the problems are deep in the core of NetworkManager. It can be expected that more problems will emerge over time or while fixing the currently known ones. https://bugzilla.redhat.com/show_bug.cgi?id=815243

Unreproduced problems

  • List of unmanaged devices (by MAC) is sometimes ignored
  • Manually assigned IPv4 addresses get lost (in tens of seconds)
  • Serious doubts about working integration with network-scripts
  • Doubts about overall robustness of NM behavior in non-standard situations
  • Doubts about *local* NetworkManager security (polkit rules would deserve some auditing)

Steps to 100% reproduce those are unknown, any help appreciated.

Notes

  • NetworkManager builds against specific distributions, not tools or dependencies (--with-distro) [fixed in 0.9.8]

Further Information

Retrieved from "https://fedoraproject.org/w/index.php?title=Tools/NetworkManager&oldid=365132"