Advanced network configuration under FreeBSD

In this post, I will tell you how to improve your network settings under FreeBSD.


Wi-Fi setup

If we have installed FreeBSD via ethernet, and we want to set up the Wi-Fi connection, we carry out the following steps.

To display the Wi-Fi interface we enter the following command:

user: sysctl net.wlan.devices


Output =>

net.wlan.devices: iwn0

Enable wireless networking in rc.conf (country depends on your actual location):

root: sysrc cloned_interfaces+=iwm0
root: sysrc wlans_iwm0=wlan0
root: sysrc ifconfig_wlan0="WPA DHCP country de"

Modify /etc/wpa_supplicant.conf to contain your network, example:

root: nano /etc/wpa_supplicant.conf => 

network={
  ssid="myssid"
  psk="mysupersecretkey"
}

Enable the IPv6 data protection extension

By default, the IPv6 Privacy Extension mode is not activated—here is how we activate it:

root: sysrc ipv6_privacy=YES

DHCP in the background during startup

By default, the DHCP client pauses the startup until it receives an address (or times out). To avoid this, we do the following:

root: sysrc background_dhclient=YES

Failover between wired network card and Wi-Fi

This configuration enables a quick change between the wired network (priority) and Wi-Fi.

We will first test our WPA configuration before setting up this example (an Intel iwn0 Wi-Fi card and an em0 ethernet card will be used).

We start by specifying the MAC address of the Ethernet card and configure the Wi-Fi card with the same MAC address (which means that the same address is displayed regardless of the interface used):

root: setenv MACETH `ifconfig em0 | grep hwaddr | cut -d `` -f 2`
root: sysrc wlans_iwn0 = wlan0
root: sysrc ifconfig_em0 = up
root: sysrc ifconfig_wlan0 = "WPA powersave"
root: sysrc create_args_wlan0 = "wlanaddr $ MACETH country DE regdomain ETSI"
root: sysrc cloned_interfaces = lagg0
root: sysrc ifconfig_lagg0 = "up laggproto failover laggport em0 laggport wlan0 DHCP"
root: sysrc ifconfig_lagg0_ipv6 = "inet6 accept_rtadv"

A simple service netif restart may not be sufficient; if our wlan0 interface has already been configured: a restart maybe required.