網絡配置/無線網絡配置 - Arch Linux 中文维基

本文或本節需要翻譯。要貢獻翻譯，請訪問簡體中文翻譯團隊。

附註： 請提供模板的第一個位置參數以更詳細的指示。（在 Talk:網絡配置/無線網絡配置# 中討論）

網絡配置的主頁面是網絡配置。

配置無線網絡一般分兩步：第一步是識別硬件、安裝正確的驅動程序並進行配置，安裝盤中已經包含驅動，但是通常需要額外安裝；第二步是選擇一種管理無線連接的方式。這篇文章涵蓋了這兩方面，並提供了無線管理工具的連結地址。

#iw 段落描述了如何使用 iw^包來手動管理你的網絡接口/無線局域網連接。網絡配置#網絡管理器段落介紹了幾個可以自動管理您無線網絡接口的程序。這些程序中的某些會包含一個圖形界面，而所有的程序都支持網絡配置文件（在頻繁切換網絡時有用，比如使用筆記本電腦的場合）。

設備驅動[編輯 | 編輯原始碼]

默認的 Arch Linux 內核是模塊化的，硬件的設備驅動作為內核模塊保存在硬盤上。啟動時，udev 會根據硬件加載不同的驅動模塊，從而允許創建網絡接口。

除了相應的驅動程序之外，某些無線晶片組還需要固件。linux-firmware^包提供了很多固件，然而專有固件並不包含在內，需要另行安裝。這部分指南請參考 #安裝 driver/firmware。

注意： 如果 udev 在啟動時未加載正確的模塊，只需手動加載即可。如果 udev 為一台設備加載多個驅動程序，則產生的衝突可能會導致配置失敗。確保將不需要的模塊加入黑名單。

檢查驅動狀態[編輯 | 編輯原始碼]

根據設備的連接方式是 PCI(e) 或 USB，對應地執行 lspci -k 或 lsusb -v 可以檢查設備驅動是否已經加載：

$ lspci -k

06:00.0 Network controller: Intel Corporation WiFi Link 5100
	Subsystem: Intel Corporation WiFi Link 5100 AGN
	Kernel driver in use: iwlwifi
	Kernel modules: iwlwifi

注意： 如果網卡是 USB 設備，以 root 權限執行 grep usbcore 的輸出應當類似於 usbcore: registered new interface driver rtl8187。

同時也要通過 ip link 命令來查看無線接口是否已經創建。通常來説，設備名以字母「w」開頭，例如wlan0 或 wlp2s1。確認之後，使用以下命令使設備上線：

# ip link set <设备名> up

例如，接口設備名是 wlan0，此命令就是 ip link set wlan0 up。

注意：

如果你從命令中得到如下錯誤：RTNETLINK answers: Operation not possible due to RF-kill 錯誤，請確保設備沒有被軟鎖定或硬鎖定，詳情請參考 Rfkill 説明。
如果你從命令中得到如下錯誤：SIOCSIFFLAGS: No such file or directory，那麼大概率您的無線晶片組需要額外的固件來運行。

檢查內核信息中關於已加載固件的信息：

# dmesg | grep firmware

[   7.148259] iwlwifi 0000:02:00.0: loaded firmware version 39.30.4.1 build 35138 op_mode iwldvm

如果沒有相關的輸出，那麼需要在消息中查找關於您之前指定的模塊的完整輸出（本示例中的模塊是iwlwifi），然後查找對應的錯誤信息：

# dmesg | grep iwlwifi

[   12.342694] iwlwifi 0000:02:00.0: irq 44 for MSI/MSI-X
[   12.353466] iwlwifi 0000:02:00.0: loaded firmware version 39.31.5.1 build 35138 op_mode iwldvm
[   12.430317] iwlwifi 0000:02:00.0: CONFIG_IWLWIFI_DEBUG disabled
...
[   12.430341] iwlwifi 0000:02:00.0: Detected Intel(R) Corporation WiFi Link 5100 AGN, REV=0x6B

如果需要的內核模塊已經加載且網絡接口已經上線，您可以跳過下一節的內容。

安裝 driver/firmware[編輯 | 編輯原始碼]

根據獲得的信息，在下面網址查找硬件支持：

參閱表格 Linux 支持的無線驅動並轉到特定驅動程序頁面，其中包含受支持設備的列表。
Ubuntu Wiki 維護了一個設備被內核和用户空間驅動支持狀況的列表。
Linux 無線支持頁面和硬件兼容性列表(HCL)也維護了一個內核友好的設備列表。

注意有些廠商的產品名稱相同，實際使用的晶片組卻不同。usb-id (USB設備) 或 pci-id (PCI設備)才是唯一識別名稱。

如果您在上述列表裏找到了您的無線網卡，請按照驅動與固件排錯中的指示操作，這一節中包含有關安裝某些特定無線網卡所需的驅動程序和固件的信息。完成後，再次檢查驅動程序狀態。

如果您的上述列表裏沒有找到您的無線網卡，那麼大概率您的網卡僅在windows作業系統下受支持。對於這些設備，您可以嘗試使用 #ndiswrapper。

工具[編輯 | 編輯原始碼]

同其他網絡設備一樣，無線網絡接口可以通過 iproute2^包包提供的 ip 命令來管理。

管理一個無線網絡連接需要一套基本的工具。可以使用一個網絡管理器或直接使用以下表格中的一個：

軟件	軟件包	WEXT	nl80211	WEP	WPA/WPA2/WPA3	Archiso [1]
wireless_tools¹	wireless_tools^包	是	否	是	否	是
iw	iw^包	否	是	是	否	是
wpa_supplicant	wpa_supplicant^包	是	是	否	是	是
iwd	iwd^包	否	是	否	是	是

過時，不推薦使用.

iw 與 wireless_tools 的對比[編輯 | 編輯原始碼]

下面表格給出了 iw 和 wireless_tools 命令的對比（更多示例參閱這裏）。

iw 命令	wireless_tools 命令	描述
iw dev wlan0 link	iwconfig wlan0	獲取連接狀態。
iw dev wlan0 scan	iwlist wlan0 scan	掃描可用接入點。
iw dev wlan0 set type ibss	iwconfig wlan0 mode ad-hoc	設置操作模式為 ad-hoc。
iw dev wlan0 connect your_essid	iwconfig wlan0 essid your_essid	連接到開放網絡。
iw dev wlan0 connect your_essid 2432	iwconfig wlan0 essid your_essid freq 2432M	連接到開放網絡的特定頻道。
iw dev wlan0 connect your_essid key 0:your_key	iwconfig wlan0 essid your_essid key your_key	用16進制密匙連接到 WEP 加密網絡。
iw dev wlan0 connect your_essid key 0:your_key	iwconfig wlan0 essid your_essid key s:your_key	用 ASCII 密匙連接到 WEP 加密網絡。
iw dev wlan0 set power_save on	iwconfig wlan0 power on	啟用省電功能。

iw[編輯 | 編輯原始碼]

注意：

多數命令需要使用 root權限執行。使用普通用户執行某些命令,如 iw list，不會輸出任何錯誤但並不會產生正確的輸出，造成疑惑。
根據您硬件或加密類型的不同，某些步驟並非必要。在連接至某個接入點及獲取IP位址之前，某些網卡需要首先被激活與/或掃描熱點。這可能需要您自己嘗試。例如，WPA/WPA2 用户可能會嘗試直接從步驟連接到接入點開始來激活無線網絡。

本章節的示例會假定您的無線接口設備名稱是 interface, 您想要連接到的WiFi接入點名稱是 your_essid。請將這兩個字段作相應替換。

獲取接口名[編輯 | 編輯原始碼]

提示：更多關於 iw 工具的示例，請查看官方文檔。

獲取您無線網卡的名稱，運行：

$ iw dev

接口的名稱會在 "Interface" 單詞後顯示。比如，常見的無線網卡設備名是 wlan0。

檢查連接狀態[編輯 | 編輯原始碼]

用下面的命令檢查連接狀態:

$ iw dev interface link

獲取統計數據[編輯 | 編輯原始碼]

獲取一些統計數據，比如上傳下載的數據量，信號強度等：

$ iw dev interface station dump

激活接口[編輯 | 編輯原始碼]

提示：通常不需要執行此步驟。

一些無線網卡在使用 iw 或 wireless_tools前需要先激活內核接口：

# ip link set interface up

注意： 如果出現錯誤 RTNETLINK answers: Operation not possible due to RF-kill, 請確保硬件開關已經打開。參閱 #Rfkill 説明。

如果出現錯誤 RTNETLINK answers: Operation not possible due to RF-kill, 請確保硬件開關已經打開。參閱 #Rfkill 説明。

要驗證接口確實打開：

$ ip link show interface

3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state DOWN mode DORMANT group default qlen 1000
    link/ether 12:34:56:78:9a:bc brd ff:ff:ff:ff:ff:ff

<BROADCAST,MULTICAST,UP,LOWER_UP> 中的UP 顯示接口已經打開，不要和後面的 state DOWN 混淆。

掃描接入點[編輯 | 編輯原始碼]

查看可用的接入點：

# iw dev interface scan | less

注意： 如果顯示 "Interface doesn't support scanning"，可能是忘了安裝固件。有時不以 root 運行 iwlist 也會產生這個問題。無線網絡也可能被軟鎖定，請運行 rfkill list all 進行檢查。

提示：Depending on your location, you might need to set the correct regulatory domain in order to see all available networks.

需要關注的信息:

SSID: 網絡的名稱.
Signal: 用 dbm (-100 to 0) 報吿的無線信號強度。數值越接近零，信號越好。觀察高質量連接和低質量連接的數值差異可以了解設備的信號範圍。
Security: 沒有直接報吿, 檢查 capability 開頭的行，如果有 Privacy 信息，例如 capability: ESS Privacy ShortSlotTime (0x0411), 表示網絡具有某種程度的保護，
- 如果有 RSN 信息，網絡被 Robust Security Network(WPA2) 協議保護。
- 如果有 WPA 信息，網絡被 Wi-Fi Protected Access 協議保護。
- 在 RSN 和 WPA 信息塊中，可能看到如下信息：
  - Group cipher: 數值包括 TKIP, CCMP, both, others.
  - Pairwise ciphers: 數值包括 TKIP, CCMP, both, others. 可能和 Group cipher 數值不同.
  - Authentication suites: 數值包括 PSK, 802.1x, others. 家用路由器通常可以看到 PSK (i.e. 密碼). 在大學中，通常會連結到需要登錄名和密碼的 802.1x 網絡。需要知道其使用的密碼管理方式(例如 EAP), 封裝方法 (例如 PEAP). 詳情請參考這裏和這裏.
- 如果沒有看到 RSN 或 WPA，但是看到了 Privacy, 表示使用的是 WEP.

運行模式[編輯 | 編輯原始碼]

設置無線網卡的操作模式，如果連接到漫遊網絡，需要設置操作模式為 ibss

# iw dev interface set type ibss

注意： 有些網卡需要先關閉無線接口(ip link set interface down)才能修改模式。

連接到接入點[編輯 | 編輯原始碼]

根據加密方式不同，需要使用密碼將無線設備關聯到接入點。

假設要使用的接入點 ESSID 為 MyEssid:

無加密[編輯 | 編輯原始碼]

# iw dev interface connect "your_essid"

WEP[編輯 | 編輯原始碼]

使用十六進制或 ASCII 密碼(格式是自動識別出來的，因為 WEP 密碼長度是固定的):

# iw dev interface connect "your_essid" key 0:your_key

使用十六進制或 ASCII 密碼，第三個是默認 (從0計數，共四個):

# iw dev interface connect "your_essid" key d:2:your_key

其它[編輯 | 編輯原始碼]

- iw 只能處理 WEP。要使用其他加密方案登錄, 請查看下文中的 #認證章節。

無論您使用什麼認證方法，都可以使用以下命令來確認連接是否成功：

# iw dev interface link

認證[編輯 | 編輯原始碼]

WPA2 個人模式[編輯 | 編輯原始碼]

WPA2 個人（模式）, 又名 WPA2-PSK, 是一種受保護Wi-Fi訪問（Wi-Fi存取保護）的模式。

您可以通過 wpa_supplicant 或 iwd 來連接, 或者直接使用網絡管理器. 如果您只進行了認證，那麼要獲取功能齊全的連接，您仍然需要進行手動連接或使用 DHCP 客户端。

WPA2 企業模式[編輯 | 編輯原始碼]

WPA2 企業模式 也是一種受保護Wi-Fi訪問（Wi-Fi存取保護）的模式，提供了比 WPA2 個人版更好的安全性和密鑰管理，並支持其他的企業型功能，例如 VLAN 和 NAP。然而，與個人模式不同，此種加密需要額外的 RADIUS 認證伺服器來處理用户的認證。個人模式不需要除無線路由器/接入點以外的設備，對所有用户也只要求一個密碼或密碼短語。

企業模式允許用户使用用户名和密碼或者數字證書來登錄 Wi-Fi。因為每個用户都擁有一個動態唯一的加密密碼，因此企業模式可以防止通過無限網絡的用户探聽，並提高加密強度。

本章節描述如何使用網絡管理器來連接到使用 WPA2 企業模式的無線接入點。

查看軟件接入點#RADIUS 來獲取關於設置接入點自身的相關信息。

注意： 企業級加密模式需要更複雜的客户端配置，個人模式則只需要在出現提示時輸入密碼。客户端可能需要安裝伺服器的簽名證書(CA certificate)，如果使用 EAP-TLS, 則另需要為每個用户安裝證書，再手動配置無線安全和 802.1X 認證設置。

協議間的對照可以參照此表格。

警吿： 您可以讓客户端在使用WPA2企業級時不檢查伺服器的授權證書。然而，您在任何情況下都該盡最大努力來配置證書，因為如果不驗證接入點，連接可能遭受中間人攻擊。雖然連接握手可能是加密的，但最常見的密碼傳輸配置會將密碼用明文或易於破解的MS-CHAPv2協議協議進行傳輸。因此，客户端可能會將密碼發送到代理連接的惡意接入點。

MS-CHAPv2[編輯 | 編輯原始碼]

有時，除了原配的 ppp^包 (Point-to-Point Protocol) 之外，要求 MSCHAPv2 type-2 with PEAP 的 WPA2 企業級接入點有時會需求 pptpclient^包。netctl^包似乎能在缺少 ppp-mppe 的情況下開箱即用。雖然其他認證實現方式通常都並不可用，由於其高度脆弱的特性，用户在任何情況下都不被鼓勵使用 MSCHAPv2。

eduroam[編輯 | 編輯原始碼]

eduroam 是一項面向科研，高等教育與繼續教育領域人員的國際漫遊服務。

注意： * 在應用本章節列出的任何配置之前，首先向您的機構確認連接的詳細信息。示例配置不保證任何安全性或者匹配任何安全需求。

存儲未加密的連接配置文件時，建議用 root 用户運行以下命令以限制 root 帳户對此文件的的讀取訪問權限: chmod 600 配置文件

提示：針對 NetworkManager 的配置可以用 eduroam 配置助手工具來生成。此工具需要安裝 python^包與 dbus-python^包。

手動/自動配置[編輯 | 編輯原始碼]

wpa_supplicant 可以直接通過其配置文件或使用其 CLI/GUI 前端進行配置，並與 DHCP 客户端結合使用。請參閱/usr/share/doc/wpa_supplicant/wpa_supplicant.conf 中的示例來結合您的詳細連接信息。
iwd#WPA Enterprise
NetworkManager 可以使用 nmcli 或 graphical front ends 來創建 WPA2 企業級配置文件。nmtui 不支持此功能 (NetworkManager issue 376), 但可以使用現有配置。
ConnMan 需要在連接至網絡之前配置一個單獨的配置文件。詳情請參閱 connman-service.config(5) 和 ConnMan#連接到 eduroam (802.1X)。
netctl 可以通過填寫配置中的WPAConfigSection= 字段來支持 wpa_supplicant 配置文件。詳情請參閱 netctl.profile(5)。

注意： 特殊引用規則適用: 參考 netctl.profile(5) § SPECIAL QUOTING RULES.

提示：自定義證書可通過在 WPAConfigSection 中添加字段 'ca_cert="/path/to/special/certificate.cer"' 來配置。

WPA3 個人[編輯 | 編輯原始碼]

WPA3 Personal, 又名 WPA3-SAE, 是一種受保護Wi-Fi訪問（Wi-Fi存取保護）的模式。

wpa_supplicant 及 iwd 都支持 WPA3 個人認證模式。

WPA3 企業模式[編輯 | 編輯原始碼]

WPA3 企業模式是一種受保護Wi-Fi訪問（Wi-Fi存取保護）的模式。

wpa_supplicant (自版本起 2:2.10-8) 支持 WPA3 企業模式。參見 FS#65314。

提示和技巧[編輯 | 編輯原始碼]

遵循監管區域要求[編輯 | 編輯原始碼]

監管區域用於配置無線驅動，確保對無線硬件的使用符合由 FCC、ETSI 及其他組織制定的當地法規。監管區域使用ISO 3166-1二位字母國家代碼。例如，美國的監管區域代碼是「US」，中國則是「CN」，等等。

監管區域影響無線信道的可用性。在2.4GHz波段，美國允許使用1-11信道，日本是1-14，世界上多數其它地區則是1-13。在5GHz波段，允許使用信道的規則要複雜得多。這兩種情況的更詳細信息見這一WLAN信道列表。

監管區域也影響對來自無線設備的等效各向同性輻射功率（EIRP）所作的限制。這衍生自發射功率（tx power）並以dBm/mBm（1dBm=100mBm）或mW（對數尺度）衡量。在2.4GHz波段，美國和加拿大最大限制30dBm，歐洲大部分是20dBm，世界上其他地區則是20dB-30dBm。在5GHz波段，最大值通常更低。更詳細的信息請參考 wireless-regdb（EIRP dBm 值在每行第二對括號裡）。

錯誤設置監管區域可能會有用——例如，在其他信道擁擠時可以使用未用信道，或者提升發射功率以擴大傳輸範圍。然而不推薦這種做法，因為可能會違反當地法規以及造成與其他無線電設備的干擾。

要配置監管區域，安裝 crda^包^{[損壞的連結：replaced by wireless-regdb^包]} 並重啟（以重新加載 cfg80211 模塊及所有相關驅動）。檢查啟動日誌以確認 cfg80211 正在調用CRDA：

# dmesg | grep cfg80211

以下命令可將當前監管區域設為美國：

# iw reg set US

用以下命令查詢：

$ iw reg get

注意：

你的設備國家代碼可能為「00」，它是包含了通用設置的「世界監管區域」。如果無法解除此設置，則CRDA可能配置有誤。
根據 CRDA 的 README，從內核版本4.15開始就不再需要它，因為內核會自動從固件加載監管數據庫。然而也有説法稱這一加載操作需要特定的內核設置。

然而設置監管區域可能不會改變您的設置。有些設備在固件/EEPROM中設置了一個監管區域，為設備規定了限制，這意味着通過軟件設置監管區域只能增加限制而不能減少。例如，一個 CN（中國）設備可以用軟件設置為 US（美國）監管區域，但由於中國的 EIRP 最大值為20dBm，設備將無法以美國的最大值30dBm進行發射。

例如，查看一個 Atheros 設備的固件中是否設置了監管區域：

# dmesg | grep ath:

對於其他晶片組，搜索「EEPROM」、「regdomain」或設備驅動的名字可能會有用。

要查看監管區域更改是否成功，以及查詢可用信道數和允許發射功率：

$ iw list | grep -A 15 Frequencies:

監管區域的持久設置可以通過編輯 /etc/conf.d/wireless-regdom 並解除相應區域的註釋實現。 wpa_supplicant 也可以在 /etc/wpa_supplicant/wpa_supplicant.conf 中的 country= 行應用監管區域。

也可以通過添加模塊參數（如 options cfg80211 ieee80211_regdom=EU），配置 cfg80211 內核模塊，從而使用指定的監管區域。然而這是一種老舊的監管實現。

更多信息請閱讀 wireless.kernel.org 監管文檔。

Rfkill 説明[編輯 | 編輯原始碼]

許多筆記本都有一個硬件按鈕或開關用於關閉無線網卡，然而無線網卡也可以通過內核來屏蔽。這一任務可由 rfkill 處理。顯示當前狀態：

$ rfkill

ID TYPE      DEVICE      SOFT      HARD
 0 bluetooth hci0   unblocked unblocked
 1 wlan      phy0   unblocked unblocked

如果網卡處於硬件屏蔽（hard-blocked）狀態，請使用硬件按鈕或開關來開啟它。如果無線網卡並沒有被硬件屏蔽但處於軟件屏蔽（soft-blocked），請使用以下命令：

# rfkill unblock wifi

注意： 按下硬件按鈕可能會讓無線網卡從硬件屏蔽，軟件未屏蔽狀態變為硬件未屏蔽，軟件屏蔽狀態。可以通過調整 rfkill 內核模塊的一些選項改變這一現象。

切換無線網卡的硬件按鈕是廠商專用的內核模塊處理的，經常是 WMI 模塊。特別是非常新的硬件型號，可能還沒有得到最新穩定內核的完全支持。這種情況下，在內核 bug 跟蹤系統搜索信息，並將型號報吿給對應廠商內核模塊的維護者（如果還沒有報吿的話）經常會有幫助。

參見 https://askubuntu.com/questions/62166/siocsifflags-operation-not-possible-due-to-rf-kill 。u

節能[編輯 | 編輯原始碼]

見電源管理#網絡接口。

排錯[編輯 | 編輯原始碼]

這個單元包含一般性的錯誤排除提示, 目的並非是排除與設備或固件驅動有關的錯誤。對於驅動與固件上的問題, 請看 #驅動與固件排錯.

臨時上網[編輯 | 編輯原始碼]

如果您的網絡設備出了問題但需要網絡訪問，例如，下載一些軟件或向社區尋求幫助，您可以利用安卓的內置功能來通過USB端口共享網絡。詳見 Android Tethering#USB tethering。

觀察日誌文件[編輯 | 編輯原始碼]

分析系統日誌文件是排錯的良好切入點。在進行操作（如嘗試連接到無線網絡）的同時，打開第二個終端/控制台窗口並用以下命令監看內核消息：

# dmesg -w

這樣，您就不需要手動一行一行的瀏覽這些消息了。

當您使用網絡管理器時，同樣的，可以用 systemd 提供的日誌命令：

# journalctl -f

通常來説，無線網絡錯誤都伴隨着具有特定理由代碼（reason code）的取消驗證（deauthentication）。例如：

wlan0: deauthenticating from XX:XX:XX:XX:XX:XX by local choice (reason=3)

對照原因代碼表可能會給出解決問題的第一個提示。

Failed to get IP address[編輯 | 編輯原始碼]

本文或本章節的事實準確性存在爭議。

原因： The dhcpcd^包 vs dhclient^包 is mostly FUD.（在 Talk:網絡配置/無線網絡配置中討論）

本文內容或本節內容已經過期。

原因： iwconfig is deprecated, see #iw and wireless tools comparison. (在Talk:網絡配置/無線網絡配置討論)

If getting an IP address repeatedly fails using the default dhcpcd^包 client, try installing and using dhclient^包 instead. Do not forget to select dhclient as the primary DHCP client in the connection manager.

If you can get an IP address for a wired interface and not for a wireless interface, try disabling the wireless card's power saving features (specify off instead of on).

If you get a timeout error due to a waiting for carrier problem, then you might have to set the channel mode to auto for the specific device:

# iwconfig wlan0 channel auto

Before changing the channel to auto, make sure your wireless interface is down. After it has successfully changed it, you can bring the interface up again and continue from there.

Valid IP address but cannot resolve host[編輯 | 編輯原始碼]

If you are on a public wireless network that may have a captive portal, make sure to query an HTTP page (not an HTTPS page) from your web browser, as some captive portals only redirect HTTP. If this is not the issue, check if you can resolve domain names, it may be necessary to use the DNS server advertised via DHCP.

Setting RTS and fragmentation thresholds[編輯 | 編輯原始碼]

Wireless hardware disables RTS and fragmentation by default. These are two different methods of increasing throughput at the expense of bandwidth (i.e. reliability at the expense of speed). These are useful in environments with wireless noise or many adjacent access points, which may create interference leading to timeouts or failing connections.

Packet fragmentation improves throughput by splitting up packets with size exceeding the fragmentation threshold. The maximum value (2346) effectively disables fragmentation since no packet can exceed it. The minimum value (256) maximizes throughput, but may carry a significant bandwidth cost.

# iw phy0 set frag 512

RTS improves throughput by performing a handshake with the access point before transmitting packets with size exceeding the RTS threshold. The maximum threshold (2347) effectively disables RTS since no packet can exceed it. The minimum threshold (0) enables RTS for all packets, which is probably excessive for most situations.

# iw phy0 set rts 500

注意： phy0 is the name of the wireless device as listed by iw phy.

Random disconnections[編輯 | 編輯原始碼]

Cause #1[編輯 | 編輯原始碼]

If your journal says wlan0: deauthenticating from MAC by local choice (reason=3) and you lose your Wi-Fi connection, it is likely that you have a bit too aggressive power-saving on your Wi-Fi card. Try disabling the wireless card's power saving features (specify off instead of on).

If your card does not support enabling/disabling power save mode, check the BIOS for power management options. Disabling PCI-Express power management in the BIOS of a Lenovo W520 resolved this issue.

Cause #2[編輯 | 編輯原始碼]

If you are experiencing frequent disconnections and your journal shows messages such as

ieee80211 phy0: wlan0: No probe response from AP xx:xx:xx:xx:xx:xx after 500ms, disconnecting

try changing the channel bandwidth to 20MHz through your router's settings page.

Cause #3[編輯 | 編輯原始碼]

On some laptop models with hardware rfkill switches (e.g., Thinkpad X200 series), due to wear or bad design, the switch (or its connection to the mainboard) might become loose over time resulting in seemingly random hardblocks/disconnects when you accidentally touch the switch or move the laptop. There is no software solution to this, unless your switch is electrical and the BIOS offers the option to disable the switch. If your switch is mechanical (and most are), there are lots of possible solutions, most of which aim to disable the switch: Soldering the contact point on the mainboard/wifi-card, gluing or blocking the switch, using a screw nut to tighten the switch or removing it altogether.

Cause #4[編輯 | 編輯原始碼]

Another cause for frequent disconnects or a complete failure to connect may also be a sub-standard router, incomplete settings of the router, interference by other wireless devices or low quality signal.

To troubleshoot, first try to connect to the router with no authentication and by getting closer to it.

If that works, enable WPA/WPA2 again but choose fixed and/or limited router settings. For example:

If the router is considerably older than the wireless device you use for the client, test if it works with setting the router to one wireless mode
Disable mixed-mode authentication (e.g. only WPA2 with AES, or TKIP if the router is old)
Try a fixed/free channel rather than "auto" channel (maybe the router next door is old and interfering)
Disable WPS
Change the router's 5 GHz channel(s) to a non-DFS (Dynamic Frequency Selection) channel. Connections on such channels may be dropped or suddenly switched due to interference from nearby weather radar.
Try setting your client to 2.4 GHz only instead of letting it choose what it thinks is best between 5 GHz and 2.4 GHz (the later has a lower throughput but will provide a more stable connection over longer distances)
Disable 40MHz channel bandwidth (lower throughput but less likely collisions) with cfg80211.cfg80211_disable_40mhz_24ghz=1
If the router has quality of service settings, check completeness of settings (e.g. Wi-Fi Multimedia (WMM) is part of optional QoS flow control. An erroneous router firmware may advertise its existence although the setting is not enabled)

Cause #5[編輯 | 編輯原始碼]

On some wireless network adapters (e.g. Qualcomm Atheros AR9485), random disconnects can happen with a DMA error:

# journalctl -xb

ath: phy0: DMA failed to stop in 10 ms AR_CR=0x00000024 AR_DIAG_SW=0x02000020 DMADBG_7=0x0000a400
wlp1s0: authenticate with 56:e7:ee:7b:55:bc
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 1/3)
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 2/3)
wlp1s0: send auth to 56:e7:ee:7b:55:bc (try 3/3)
wlp1s0: authentication with 56:e7:ee:7b:55:bc timed out

A possible workaround is to disable the Intel IOMMU driver (DMA), adding intel_iommu=off to the kernel parameters [2].

注意： The Intel IOMMU driver is needed for some advanced virtual machine features, like PCI pass-through.

Cause #6[編輯 | 編輯原始碼]

If you are using a device with iwlwifi and iwlmvm for wireless connectivity, and your Wi-Fi card appears to disappear when on battery power (perhaps after a reboot or resuming from suspend), this can be fixed by configuring power saving settings in iwlmvm.

Create the file /etc/modprobe.d/iwlmvm.conf if it does not exist already, then add the following line to it:

/etc/modprobe.d/iwlmvm.conf

options iwlmvm power_scheme=1

A power_scheme of 1 sets iwlmvm to "Always Active." Available options are:

Value	Description
1	Always Active
2	Balanced
3	Low-power

This fix was discovered at [3].

Cause #7[編輯 | 編輯原始碼]

If your device undergoes long periods of inactivity (e.g. a file server), the disconnection may be due to power saving, which will block incoming traffic and prevent connections. Try disabling power saving for the interface:

# iw dev interface set power_save off

You can create a udev rule to do this on boot, see Power management#Network interfaces.

Cause #8[編輯 | 編輯原始碼]

If you notice occasional interruptions when connected to a mesh network (e.g., WiFi6) and notice a message such as:

# journalctl -b

kernel: wlan0: disconnect from AP aa:bb:cc:dd:ee:ff for new auth to 11:22:33:44:55:66

You are experiencing roaming issues. Depending on your mean of connection and the issue at hand, one could:

Lock the BSSID (the aa:bb:cc:dd:ee:ff show above) in NetworkManager if roaming is not desired (see NetworkManager#Regular network disconnects, latency and lost packets (WiFi)).
Adjust the bgscan setting in Wpa_supplicant#Roaming

Wi-Fi networks invisible because of incorrect regulatory domain[編輯 | 編輯原始碼]

If the computer's Wi-Fi channels do not match those of the user's country, some in-range Wi-Fi networks might be invisible because they use wireless channels that are not allowed by default. The solution is to configure the regulatory domain correctly; see #Respecting the regulatory domain.

驅動與固件排錯[編輯 | 編輯原始碼]

This section covers methods and procedures for installing kernel modules and firmware for specific chipsets, that differ from generic method.

See Kernel modules for general informations on operations with modules.

Ralink[編輯 | 編輯原始碼]

rt2x00[編輯 | 編輯原始碼]

Ralink 晶片組的統一驅動，代替了 rt2500, rt61, rt73 等。Linux 內核從 2.6.24 開始包含此驅動，但是有些設備可能需要額外固件。可以使用標準 wpa_supplicant^包和 iwconfig 工具配置。

有些晶片組需要固件文件，可以安裝軟件包 linux-firmware^包。

參見: Using the new rt2x00 beta driver

Since kernel 3.0, rt2x00 includes also these drivers: rt2800pci, rt2800usb. rt2860sta 被主分支驅動 rt2800pci 替代，rt2870sta 被 rt2800usb 替代。
通過 iwpriv 可以配置很多參數，文檔在 Ralink 原始碼包中。

rt3090[編輯 | 編輯原始碼]

For devices which use the rt3090 chipset, it should be possible to use the rt2800pci driver; however, it does not work with this chipset very well (e.g. sometimes it is not possible to use higher rate than 2Mb/s).

rt3290[編輯 | 編輯原始碼]

The rt3290 chipset is recognised by the kernel rt2800pci module. However, some users experience problems and reverting to a patched Ralink driver seems to be beneficial in these cases.

rt3573[編輯 | 編輯原始碼]

2012年新出的晶片組，需要 Ralink 的閉源驅動，有不同的廠商使用他們，參閱Belkin N750 示例。

mt7612u[編輯 | 編輯原始碼]

New chipset as of 2014, released under their new commercial name Mediatek. It is an AC1200 or AC1300 chipset. Manufacturer provides drivers for Linux on their support page. As of kernel 5.5 it should be supported by the included mt76 driver.

Realtek[編輯 | 編輯原始碼]

See [4]^{[失效連結 2022-11-10]} for a list of Realtek chipsets and specifications.

rtl8192cu[編輯 | 編輯原始碼]

The driver is now in the kernel, but many users have reported being unable to make a connection although scanning for networks does work.

8192cu-dkms^AUR includes many patches; try this if it does not work fine with the driver in kernel.

rtl8723ae/rtl8723be[編輯 | 編輯原始碼]

The rtl8723ae and rtl8723be modules are included in the mainline Linux kernel.

Some users may encounter errors with powersave on this card. This is shown with occasional disconnects that are not recognized by high level network managers (netctl, NetworkManager). This error can be confirmed by running dmesg -w as root or journalctl -f as root and looking for output related to powersave and the rtl8723ae/rtl8723be module. If you have this issue, use the fwlps=0 kernel option which should prevent the WiFi card from automatically sleeping and halting connection. See Kernel module#Setting module options.

If you have poor signal, perhaps your device has only one physical antenna connected, and antenna autoselection is broken. You can force the choice of antenna with ant_sel=1 or ant_sel=2 kernel option. [5]

rtl88xxau[編輯 | 編輯原始碼]

Realtek chipsets rtl8811au, rtl8812au, rtl8814au and rtl8821au designed for various USB adapters ranging from AC600 to AC1900. Several packages provide various kernel drivers, these require DKMS (the dkms^包 package and the kernel headers installed):

Chipset	Package	Notes
rtl8811au, rtl8812au, rtl8821au	rtl88xxau-aircrack-dkms-git^AUR	Aircrack-ng kernel module for 8811au, 8812au and 8821au chipsets with monitor mode and injection support.
rtl8812au	rtl8812au-dkms-git^AUR	Latest official Realtek driver version for rtl8812au only.
rtl8811au, rtl8821au	rtl8821au-dkms-git^AUR	Newer driver version for rtl8821au.
rtl8814au	rtl8814au-dkms-git^AUR	Possibly works for rtl8813au too.

rtl8811cu/rtl8821cu[編輯 | 編輯原始碼]

rtl8821cu-dkms-git^AUR provides a kernel module for the Realtek 8811cu and 8821cu chipset.

This requires DKMS, so make sure you have your proper kernel headers installed.

If no wireless interface shows up even though the 8821cu module is loaded, you may need to manually specify the rtw_RFE_type option [6][7]. Try e.g. rtw_RFE_type=0x26, other values might also work. See Kernel module#Setting module options for details.

rtl8821ce[編輯 | 編輯原始碼]

rtl8821ce-dkms-git^AUR provides a kernel module for the Realtek 8821ce chipset found in the Asus X543UA.

This requires DKMS, so make sure you have your proper kernel headers installed.

注意： It has been reported [8] that the default rtl8821ce module provided by Realtek is broken for Linux kernel ≥ 5.9, which may lead to low connectivity. The AUR version above should be preferred. See the statement on GitHub. Use lspci -k to check whether the default kernel driver (rtw88_8821ce) is in use. If it is, blacklist it and reboot your system.

rtl8822bu[編輯 | 編輯原始碼]

rtl88x2bu-dkms-git^AUR provides a kernel module for the Realtek 8822bu chipset found in the Edimax EW7822ULC USB3, Asus AC53 Nano USB 802.11ac and TP-Link Archer T3U adapter.

This requires DKMS, so make sure you have your proper kernel headers installed.

rtl8xxxu[編輯 | 編輯原始碼]

這篇文章的某些內容需要擴充。

原因： Specific issues with the mainline module and kernel versions should be stated. (在 Talk:網絡配置/無線網絡配置中討論)

Issues with the rtl8xxxu mainline kernel module may be solved by compiling a third-party module for the specific chipset. The source code can be found in GitHub repositories.

Some drivers may be already prepared in the AUR, e.g. rtl8723bu-dkms-git^AUR.

RTW88[編輯 | 編輯原始碼]

An RTW88 kernel module patchset has been recently posted to the kernel mailing list, which should hopefully make it into the mainstream kernel.

Upstream kernels or those with the patchset will support most RTW88 chip devices if configured and compiled to do so. linux-zen^包 and linux-zen-git^AUR both include these patches, with the packaged version already having the module built.

The driver supports: 882BE, 8822BU, 8822CE, 8822CU, 8723DE, 8723DU, 8821CE, and 8821CU.

Atheros[編輯 | 編輯原始碼]

MadWifi team 开发组维护了三个模块：

madwifi 是最老的驅動, Arch kernel 從 2.6.39.1 開始已經不再包含。
ath5k 將逐步替代 ath_pci，有些晶片組使用效果很好，但有些還不能很好工作(後面有介紹)
ath9k 是新的官方驅動，適用於新 Atheros 硬件。

There are some other drivers for some Atheros devices. See Linux Wireless documentation for details.

ath5k[編輯 | 編輯原始碼]

參考:

If you find web pages randomly loading very slow, or if the device is unable to lease an IP address, try to switch from hardware to software encryption by loading the ath5k module with nohwcrypt=1 option. See Kernel modules#Setting module options for details.

有些筆記本的 LED 指示燈有問題，可以：

echo none > "/sys/class/leds/ath5k-phy0::tx/trigger"
echo none > "/sys/class/leds/ath5k-phy0::rx/trigger"

ath9k[編輯 | 編輯原始碼]

External resources:

As of Linux 3.15.1, some users have been experiencing a decrease in bandwidth. In some cases, this can fixed by setting the nohwcrypt=1 option for the ath9k module. See Kernel module#Setting module options.

注意： Use the command lsmod to see what modules are in use and change ath9k if it is named differently (e.g. ath9k_htc).

An ath9k mailing list exists for support and development related discussions.

Power saving[編輯 | 編輯原始碼]

Although Linux Wireless says that dynamic power saving is enabled for Atheros ath9k single-chips newer than AR9280, for some devices (e.g. AR9285) powertop^包 might still report that power saving is disabled. In this case enable it manually.

On some devices (e.g. AR9285), enabling the power saving might result in the following error:

# iw dev wlan0 set power_save on

command failed: Operation not supported (-95)

The solution is to set the ps_enable=1 option for the ath9k module. see Kernel module#Setting module options.

Intel[編輯 | 編輯原始碼]

iwlegacy[編輯 | 編輯原始碼]

iwlegacy is the wireless driver for Intel's 3945 and 4965 wireless chips. The firmware is included in the linux-firmware^包 package.

udev should load the driver automatically, otherwise load iwl3945 or iwl4965 manually. See Kernel modules for details.

If you have problems connecting to networks in general or your link quality is very poor, try to disable 802.11n:

/etc/modprobe.d/iwl4965.conf

options iwl4965 11n_disable=1

If the failures persist during bootup and you are using Nouveau driver, try enabling early KMS to prevent the conflict [9].

iwlwifi[編輯 | 編輯原始碼]

iwlwifi is the wireless driver for Intel's current wireless chips, such as 5100AGN, 5300AGN, and 5350AGN. See the full list of supported devices. The firmware is included in the linux-firmware^包 package. The linux-firmware-iwlwifi-git^AUR may contain some updates sooner.

If you have problems connecting to networks in general or your link quality is very poor, try to disable 802.11n, and perhaps also enable software encryption:

/etc/modprobe.d/iwlwifi.conf

options iwlwifi 11n_disable=1 swcrypto=1

If you have a problem with slow uplink speed in 802.11n mode, for example 20Mbps, try to enable antenna aggregation:

/etc/modprobe.d/iwlwifi.conf

options iwlwifi 11n_disable=8

Do not be confused with the option name, when the value is set to 8 it does not disable anything but re-enables transmission antenna aggregation.[10] [11]

In case this does not work for you, you may try disabling power saving for your wireless adapter.

Some have never gotten this to work. Others found salvation by disabling N in their router settings after trying everything. This is known to have been the only solution on more than one occasion. The second link there mentions a 5ghz option that might be worth exploring.

If you have an 802.11ax (WiFi 6) access point and have problems detecting the beacons or an unreliable connection, review Intel Article 54799.

注意： Using 11n_disable=0 will also prevent 802.11ac and only allow connection with slower protocols (802.11a in the 5GHz band or 802.11b/g in the 2.4 GHz band).

Bluetooth coexistence[編輯 | 編輯原始碼]

If you have difficulty connecting a bluetooth headset and maintaining good downlink speed, try disabling bluetooth coexistence [12]:

/etc/modprobe.d/iwlwifi.conf

options iwlwifi bt_coex_active=0

注意： Since kernel version 5.8, the bt_coex_active and sw_crypto module options have been disabled for the hardware handled by the iwlmvm kernel module. For older hardware handled by the iwldvm module, the options are still enabled.

Firmware issues[編輯 | 編輯原始碼]

You may have some issue where the driver outputs stack traces & errors, which can cause some stuttering.

# dmesg

Microcode SW error detected.  Restarting 0x2000000.

Alternatively, you may simply experience miscellaneous issues (e.g. connection issues on 5GHz, random disconnections, no connection on resume).

To confirm it is the cause of the issues, downgrade the package linux-firmware^包.

If confirmed, move the buggy firmware files so that an older version is loaded (to be able to have an up to date linux-firmware^包 since it is not only providing firmware updates for your Intel WiFi card):

# for i in {64..73} ; do mv /usr/lib/firmware/iwlwifi-ty-a0-gf-a0-$i.ucode.xz /usr/lib/firmware/iwlwifi-ty-a0-gf-a0-$i.ucode.xz.bak ; done

To avoid having to repeat these steps manually after each update, use the NoExtract array in pacman.conf with a wildcard to block their installation. See pacman#Skip files from being installed to system.

Adapter not detected after booting from Windows[編輯 | 編輯原始碼]

If the WiFi adapter is not getting detected after finishing a session in Windows, this might be due to Windows' Fast Startup feature which is enabled by default. Try disabling Fast Startup. The iwlwifi kernel driver wiki has an entry for this.

禁用 LED 閃爍[編輯 | 編輯原始碼]

注意： This works with the iwlegacy and iwlwifi drivers.

默認設置中 LED 閃爍是開着的，有些人不喜歡，可以systemd-tmpfiles^{[損壞的連結：無效的章節]}禁止閃爍：

/etc/tmpfiles.d/phy0-led.conf

w /sys/class/leds/phy0-led/trigger - - - - phy0radio

Run systemd-tmpfiles --create phy0-led.conf for the change to take effect, or reboot.

To see all the possible trigger values for this LED:

# cat /sys/class/leds/phy0-led/trigger

提示：If you do not have /sys/class/leds/phy0-led, you may try to use the led_mode="1" module option. It should be valid for both iwlwifi and iwlegacy drivers.

# cat /sys/class/leds/phy0-led/trigger

Broadcom[編輯 | 編輯原始碼]

See Broadcom wireless.

Tenda w322u[編輯 | 編輯原始碼]

Treat this Tenda card as an rt2870sta device. See #rt2x00.

orinoco[編輯 | 編輯原始碼]

這應當是內核的一部分，是已經被安裝的。

Some Orinoco chipsets are Hermes II. You can use the wlags49_h2_cs driver instead of orinoco_cs and gain WPA support. To use the driver, blacklist orinoco_cs first.

prism54[編輯 | 編輯原始碼]

The driver p54 is included in kernel, but you have to download the appropriate firmware for your card from this site and install it into the /usr/lib/firmware directory.

過時的 prism54 和新內核模塊 p54pci 或 p54usb 同時裝入造成衝突，使用 lsmod | grep prism54 查看是否裝入了過時模塊，如果是，那麼就屏蔽 prism54 並根據上面方法修改固件名稱。

zd1211rw[編輯 | 編輯原始碼]

zd1211rw 是ZyDAS ZD1211 802.11b/g USB WLAN晶片的驅動，最近的版本的內核已經包括了。[13]有被支持的設備列表。需要安裝固件zd1211-firmware^AUR。

hostap_cs[編輯 | 編輯原始碼]

Host AP is a Linux driver for wireless LAN cards based on Intersil's Prism2/2.5/3 chipset. The driver is included in Linux kernel.

注意： Make sure to blacklist the orinico_cs driver, it may cause problems.

Other drivers/devices[編輯 | 編輯原始碼]

Tenda w322u[編輯 | 編輯原始碼]

Treat this Tenda card as an rt2870sta device. See #rt2x00.

orinoco[編輯 | 編輯原始碼]

This should be a part of the kernel package and be installed already.

Some Orinoco chipsets are Hermes II. You can use the wlags49_h2_cs driver instead of orinoco_cs and gain WPA support. To use the driver, blacklist orinoco_cs first.

prism54[編輯 | 編輯原始碼]

The driver p54 is included in kernel, but you have to download the appropriate firmware for your card from this site and install it into the /usr/lib/firmware directory.

注意： There is also older, deprecated driver prism54, which might conflict with the newer driver (p54pci or p54usb). Make sure to blacklist prism54.

ACX100/111[編輯 | 編輯原始碼]

警吿： The drivers for these devices are broken and do not work with newer kernel versions.

Packages: tiacx tiacx-firmware (deleted from official repositories and AUR)

See official wiki for details.

zd1211rw[編輯 | 編輯原始碼]

zd1211rw is a driver for the ZyDAS ZD1211 802.11b/g USB WLAN chipset, and it is included in recent versions of the Linux kernel. See [14] for a list of supported devices. You only need to install the firmware for the device, provided by the zd1211-firmware^AUR package.

hostap_cs[編輯 | 編輯原始碼]

Host AP is a Linux driver for wireless LAN cards based on Intersil's Prism2/2.5/3 chipset. The driver is included in Linux kernel.

注意： Make sure to blacklist the orinico_cs driver, it may cause problems.

ndiswrapper[編輯 | 編輯原始碼]

Ndiswrapper並不是一個真正的驅動,但是如果你無法找到適合你的無線網卡驅動的適合, 它就派上用場了.有的時候, 它是非常有用的.為了使用Ndiswrapper, 你需要Windows驅動中的*.inf文件(*.sys文件應該和*.info在同一個目錄中)。如果你需要從 *.exe 文件解壓縮，你可以使用 cabextract^包.

警吿： 確保使用合適架構(也就是32/64位)的驅動。

下面是安裝ndiswrapper的幾個步驟:

1. 安裝 ndiswrapper-dkms^包 2. 安裝驅動到 /etc/ndiswrapper/*

ndiswrapper -i filename.inf

3. 列出所有的安裝的驅動

ndiswrapper -l

4. 配置文件寫到 /etc/modprobe.d/ndiswrapper.conf

ndiswrapper -m
depmod -a

然後依照這裏設置啟動時加載這個模塊。

modprobe ndiswrapper
iwconfig

如果正常的話, 你應該可以看到wlan0接口了. 如果有問題的話, 你可以閱讀： Ndiswrapper installation wiki^{[失效連結 2020-08-04 ⓘ]}. ndiswrapper howto 和 ndiswrapper FAQ.

參見[編輯 | 編輯原始碼]

The Linux Wireless project
Aircrack-ng guide on installing drivers
Wireless Device Database Wiki (This fork is hosted by wi-cat.ru since the original wiki has shut down. There are two less complete versions available: TechInfoDepot, deviwiki)