Managing WiFi using NetworkManager

NetworkManager is a program for providing detection and configuration for systems to automatically connect to network.
NetworkManager's functionality can be useful for both wireless and wired networks.
This guide describes how to use NetworkManager to configure wireless networks.

Enabling and disabling WiFi

To check if WiFi is enabled by NetworkManager run

# nmcli dev show wlan0

and check the GENERAL.STATE line. If WiFi is enabled, the state is either connected or disconnected. If WiFi is disabled the state is unavailable.

To enable WiFi run

# nmcli radio wifi on

or if you need to disable it you can run

# nmcli radio wifi off

Configuring WiFi Client

Scanning for available WiFi APs

If WiFi is enabled you can get the list of available APs by running

# nmcli dev wifi list

Connecting to an open WiFi network

To connect to an open WiFi network run

# nmcli dev wifi connect <SSID>

To connect to an open hidden WiFi network run

# nmcli dev wifi connect <SSID> hidden yes

To check connection status run

# nmcli con show <SSID>

To check WiFi device status run

# nmcli dev show wlan0

Connecting to a protected WiFi network

To connect to a protected WiFi network run

# nmcli dev wifi connect <SSID> password <password> ifname wlan0

To connect to a protected hidden WiFi network run

# nmcli dev wifi connect <SSID> password <password> hidden yes ifname wlan0

To check connection status run

# nmcli con show <SSID>

To check WiFi device status run

# nmcli dev show wlan0

Managing existing connections

Once established, the connection is preserved across reboots unless deleted explicitly.

To show existing connections, run

# nmcli con show

To disconnect from a WiFi network, run

# nmcli con down <SSID>

To reconnect to a WiFi network, run

# nmcli con up <SSID>

To permanently delete a connection, run

# nmcli con delete <SSID>

Configuring WiFi Access Point

NetworkManager can also be used to turn WiFi interface into Access Point.
The benefit of using NetworkManager in this scenario is the complete automation of WiFi, DHCP server and NAT configuration.

Disabling standalone dnsmasq service

Dnsmasq is a lightweight DNS forwarder and DHCP server.
By default dnsmasq runs as a standalone service and will conflict with dnsmasq instance launched by NetworkManager.
To prevent the conflict, disable dnsmasq service by running the following commands:

# systemctl disable dnsmasq
# systemctl stop dnsmasq

For NetworkManager to run dnsmasq as a local caching DNS server, edit/create /etc/NetworkManager/NetworkManager.conf and add the following

[main]
dns=dnsmasq

Creating WiFi AP

Use the following commands to create the initial AP setup

# nmcli con add type wifi ifname wlan0 mode ap con-name <name> ssid <ssid>
# nmcli con modify <name> 802-11-wireless.band <band>
# nmcli con modify <name> 802-11-wireless.channel <channel>
# nmcli con modify <name> 802-11-wireless-security.key-mgmt <key-mgmt>
# nmcli con modify <name> 802-11-wireless-security.proto <proto>
# nmcli con modify <name> 802-11-wireless-security.group <group>
# nmcli con modify <name> 802-11-wireless-security.pairwise <pairwise>
# nmcli con modify <name> 802-11-wireless-security.psk <passphrase>
# nmcli con modify <name> ipv4.method shared
# nmcli con up <name>

For example, the following commands will create AP configuration named WIFI_AP on interface wlan0, with SSID MY_AP, 2.4GHz band, channel 1, WPA2-PSK security, CCMP encryption and passphrase 11223344

# nmcli con add type wifi ifname wlan0 mode ap con-name WIFI_AP ssid MY_AP
# nmcli con modify WIFI_AP 802-11-wireless.band bg
# nmcli con modify WIFI_AP 802-11-wireless.channel 1
# nmcli con modify WIFI_AP 802-11-wireless-security.key-mgmt wpa-psk
# nmcli con modify WIFI_AP 802-11-wireless-security.proto rsn
# nmcli con modify WIFI_AP 802-11-wireless-security.group ccmp
# nmcli con modify WIFI_AP 802-11-wireless-security.pairwise ccmp
# nmcli con modify WIFI_AP 802-11-wireless-security.psk 11223344
# nmcli con modify WIFI_AP ipv4.method shared
# nmcli con up WIFI_AP

The complete list of nmcli configuration parameters is described in https://developer.gnome.org/NetworkManager/stable/ref-settings.html

Configuring DHCP subnet

By default 10.42.0.x/24 subnet is used by NetworkManager DHCP server, with 10.42.0.1 address assigned to AP itself. To modify it use the following command

# nmcli con modify <name> ipv4.addr <ipaddress/prefix>

For example, the following command will set DHCP subnet to 192.168.5.x/24

# nmcli con modify WIFI_AP ipv4.addr 192.168.5.1/24

Editing AP configuration file

NetworkManager will create /etc/NetworkManager/system-connections/WIFI_AP configuration file.
In addition to executing nmcli commands one can also edit this file to modify the AP settings.

For changes in configuration file to take effect, restart NetworkManager by running

# systemctl NetworkManager restart

Managing existing connections

Once created, the AP configuration is preserved across reboots unless deleted explicitly.

To show existing connections, run

# nmcli con show

To temporarily disable AP configuration, run

# nmcli con down <name>

To enable AP configuration, run

# nmcli con up <name>

To permanently delete AP configuration, run

# nmcli con delete <name>

Testing WiFi throughput

Establish connection to WiFi network and use iperf3 tool on target and another host:

iperf3 server (on Target/Host):

# iperf3 -s

iperf3 client (on Host/Target):

Run UDP test for 30 seconds
# iperf3 -c <IP_ADDRESS_OF_IPERF_SERVER> -t 30 -u -b 0

Run TCP test for 30 seconds
# iperf3 -c <IP_ADDRESS_OF_IPERF_SERVER> -t 30