Date: Mon, 20 May 2013 13:44:27 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-projects@freebsd.org Subject: svn commit: r41698 - projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/advanced-networking Message-ID: <201305201344.r4KDiRQN093577@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Mon May 20 13:44:26 2013 New Revision: 41698 URL: http://svnweb.freebsd.org/changeset/doc/41698 Log: White space fix only. Translators can ignore. Approved by: mentors (implicit) Modified: projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Modified: projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml ============================================================================== --- projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Mon May 20 12:50:10 2013 (r41697) +++ projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml Mon May 20 13:44:26 2013 (r41698) @@ -46,7 +46,8 @@ </listitem> <listitem> - <para>How to set up <acronym>IPv6</acronym> on a &os; machine.</para> + <para>How to set up <acronym>IPv6</acronym> on a &os; + machine.</para> </listitem> <listitem> @@ -54,9 +55,9 @@ </listitem> <listitem> - <para>How to enable and utilize the features of the - Common Address Redundancy Protocol - (<acronym>CARP</acronym>) in &os;.</para> + <para>How to enable and utilize the features of the Common + Address Redundancy Protocol (<acronym>CARP</acronym>) in + &os;.</para> </listitem> </itemizedlist> @@ -78,8 +79,8 @@ </listitem> <listitem> - <para>Know how to install additional third-party - software (<xref linkend="ports"/>).</para> + <para>Know how to install additional third-party software + (<xref linkend="ports"/>).</para> </listitem> </itemizedlist> @@ -107,10 +108,10 @@ one to the other. This is called <firstterm>routing</firstterm>. A <quote>route</quote> is a defined pair of addresses: a <quote>destination</quote> and a - <quote>gateway</quote>. The pair indicates that when - trying to get to this <emphasis>destination</emphasis>, - communicate through this <emphasis>gateway</emphasis>. There - are three types of destinations: individual hosts, subnets, and + <quote>gateway</quote>. The pair indicates that when trying + to get to this <emphasis>destination</emphasis>, communicate + through this <emphasis>gateway</emphasis>. There are three + types of destinations: individual hosts, subnets, and <quote>default</quote>. The <quote>default route</quote> is used if none of the other routes apply. There are also three types of gateways: individual hosts, interfaces (also called @@ -139,9 +140,8 @@ host2.example.com link#1 UC 224 link#1 UC 0 0</screen> <indexterm><primary>default route</primary></indexterm> - <para>The first two lines specify the default route, - described in more detail in - <xref linkend="network-routing-default"/>, + <para>The first two lines specify the default route, described + in more detail in <xref linkend="network-routing-default"/>, and the <hostid>localhost</hostid> route.</para> <indexterm><primary>loopback device</primary></indexterm> @@ -156,46 +156,41 @@ host2.example.com link#1 UC <primary>Ethernet</primary> <secondary>MAC address</secondary> </indexterm> - <para>The addresses beginning - with <hostid role="mac">0:e0:</hostid> are Ethernet - hardware addresses, also known as <acronym>MAC</acronym> - addresses. - &os; will automatically identify any hosts, - <hostid>test0</hostid> in the example, on the local Ethernet - and add a route for that host over the - Ethernet interface, <devicename>ed0</devicename>. This type - of route has a timeout, seen in the <literal>Expire</literal> - column, which is used if - the host does not respond in a specific amount of time. When - this happens, the - route to this host will be automatically deleted. These hosts - are identified using the Routing - Information Protocol (<acronym>RIP</acronym>), which - calculates routes to local hosts - based upon a shortest path determination.</para> + <para>The addresses beginning with <hostid + role="mac">0:e0:</hostid> are Ethernet hardware addresses, + also known as <acronym>MAC</acronym> addresses. &os; will + automatically identify any hosts, <hostid>test0</hostid> in + the example, on the local Ethernet and add a route for that + host over the Ethernet interface, + <devicename>ed0</devicename>. This type of route has a + timeout, seen in the <literal>Expire</literal> column, which + is used if the host does not respond in a specific amount of + time. When this happens, the route to this host will be + automatically deleted. These hosts are identified using the + Routing Information Protocol (<acronym>RIP</acronym>), which + calculates routes to local hosts based upon a shortest path + determination.</para> <indexterm><primary>subnet</primary></indexterm> <para>&os; will add subnet routes for the local subnet. <hostid role="ipaddr">10.20.30.255</hostid> is the broadcast - address for the subnet - <hostid role="ipaddr">10.20.30</hostid> and - <hostid role="domainname">example.com</hostid> is the domain - name associated with that subnet. The designation + address for the subnet <hostid role="ipaddr">10.20.30</hostid> + and <hostid role="domainname">example.com</hostid> is the + domain name associated with that subnet. The designation <literal>link#1</literal> refers to the first Ethernet card in the machine.</para> - <para>Local network hosts and local - subnets have their routes automatically configured by a - daemon called &man.routed.8;. If it is - not running, only routes which are statically defined + <para>Local network hosts and local subnets have their routes + automatically configured by a daemon called &man.routed.8;. + If it is not running, only routes which are statically defined by the administrator will exist.</para> <para>The <literal>host1</literal> line refers to the host - by its Ethernet address. Since it is the sending - host, &os; knows to use the loopback interface - (<devicename>lo0</devicename>) rather than - the Ethernet interface.</para> + by its Ethernet address. Since it is the sending host, &os; + knows to use the loopback interface + (<devicename>lo0</devicename>) rather than the Ethernet + interface.</para> <para>The two <literal>host2</literal> lines represent aliases which were created using &man.ifconfig.8;. The @@ -206,8 +201,8 @@ host2.example.com link#1 UC hosts on the local network will have a <literal>link#1</literal> line for such routes.</para> - <para>The final line (destination subnet - <hostid role="ipaddr">224</hostid>) deals with + <para>The final line (destination subnet <hostid + role="ipaddr">224</hostid>) deals with multicasting.</para> <para>Finally, various attributes of each route can be seen in @@ -276,8 +271,8 @@ host2.example.com link#1 UC <para>When the local system needs to make a connection to a remote host, it checks the routing table to determine if a known path exists. If the remote host falls into a subnet - that it knows how to reach, the system - checks to see if it can connect using that interface.</para> + that it knows how to reach, the system checks to see if it + can connect using that interface.</para> <para>If all known paths fail, the system has one last option: the <quote>default</quote> route. This route is a special @@ -287,13 +282,13 @@ host2.example.com link#1 UC gateway is set to the system which has a direct connection to the Internet.</para> - <para>The default route for a machine - which itself is functioning as the gateway to the outside - world, will be the gateway machine at - the Internet Service Provider (<acronym>ISP</acronym>).</para> + <para>The default route for a machine which itself is + functioning as the gateway to the outside world, will be the + gateway machine at the Internet Service Provider + (<acronym>ISP</acronym>).</para> - <para>This example is a - common configuration for a default route:</para> + <para>This example is a common configuration for a default + route:</para> <mediaobject> <imageobject> @@ -311,12 +306,11 @@ host2.example.com link#1 UC <hostid>Local1</hostid> is connected to an <acronym>ISP</acronym> using a <acronym>PPP</acronym> connection. This - <acronym>PPP</acronym> server is connected through - a local area network to another gateway computer through an - external interface to the <acronym>ISP</acronym>.</para> + <acronym>PPP</acronym> server is connected through a local + area network to another gateway computer through an external + interface to the <acronym>ISP</acronym>.</para> - <para>The default routes for each machine will - be:</para> + <para>The default routes for each machine will be:</para> <informaltable frame="none" pgwide="1"> <tgroup cols="3"> @@ -347,29 +341,25 @@ host2.example.com link#1 UC <para>A common question is <quote>Why is <hostid>T1-GW</hostid> configured as the default gateway for <hostid>Local1</hostid>, rather than the - <acronym>ISP</acronym> server it is - connected to?</quote>.</para> + <acronym>ISP</acronym> server it is connected + to?</quote>.</para> <para>Since the <acronym>PPP</acronym> interface is using an - address on - the <acronym>ISP</acronym>'s local network for the local side - of the connection, - routes for any other machines on the <acronym>ISP</acronym>'s - local network will + address on the <acronym>ISP</acronym>'s local network for + the local side of the connection, routes for any other + machines on the <acronym>ISP</acronym>'s local network will be automatically generated. The system already knows how to reach the <hostid>T1-GW</hostid> machine, so there is no need for the intermediate step of sending traffic to the - <acronym>ISP</acronym>'s - server.</para> + <acronym>ISP</acronym>'s server.</para> - <para>It is common to use the address - <hostid role="ipaddr">X.X.X.1</hostid> as the gateway address - for the local network. So, if the - local class C address space is + <para>It is common to use the address <hostid + role="ipaddr">X.X.X.1</hostid> as the gateway address for + the local network. So, if the local class C address space is <hostid role="ipaddr">10.20.30</hostid> and the - <acronym>ISP</acronym> is using - <hostid role="ipaddr">10.9.9</hostid>, the default routes - would be:</para> + <acronym>ISP</acronym> is using <hostid + role="ipaddr">10.9.9</hostid>, the default routes would + be:</para> <informaltable frame="none" pgwide="1"> <tgroup cols="2"> @@ -395,8 +385,8 @@ host2.example.com link#1 UC <para>The default route can be easily defined in <filename>/etc/rc.conf</filename>. In this example, on - <hostid>Local2</hostid>, add the following - line to <filename>/etc/rc.conf</filename>:</para> + <hostid>Local2</hostid>, add the following line to + <filename>/etc/rc.conf</filename>:</para> <programlisting>defaultrouter="10.20.30.1"</programlisting> @@ -414,17 +404,16 @@ host2.example.com link#1 UC <indexterm><primary>dual homed hosts</primary></indexterm> - <para>A a dual-homed system - is a host which resides on two different networks.</para> + <para>A a dual-homed system is a host which resides on two + different networks.</para> <para>The dual-homed machine might have two Ethernet cards, each having an address on a separate subnet. Alternately, the - machine can have one Ethernet card and uses - &man.ifconfig.8; aliasing. The former is used if two - physically separate Ethernet networks are in use and the - latter - if there is one physical network segment, but two logically - separate subnets.</para> + machine can have one Ethernet card and uses &man.ifconfig.8; + aliasing. The former is used if two physically separate + Ethernet networks are in use and the latter if there is one + physical network segment, but two logically separate + subnets.</para> <para>Either way, routing tables are set up so that each subnet knows that this machine is the defined gateway (inbound route) @@ -433,9 +422,9 @@ host2.example.com link#1 UC to implement packet filtering or firewall security in either or both directions.</para> - <para>For this machine to forward packets - between the two interfaces, &os; must be configured as a - router, as demonstrated in the next section.</para> + <para>For this machine to forward packets between the two + interfaces, &os; must be configured as a router, as + demonstrated in the next section.</para> </sect2> <sect2 id="network-dedicated-router"> @@ -443,8 +432,8 @@ host2.example.com link#1 UC <indexterm><primary>router</primary></indexterm> - <para>A network router is a system that forwards packets - from one interface to another. Internet standards and good + <para>A network router is a system that forwards packets from + one interface to another. Internet standards and good engineering practice prevent the &os; Project from enabling this by default in &os;. This feature can be enabled by changing the following variable to <literal>YES</literal> in @@ -454,17 +443,17 @@ host2.example.com link#1 UC <para>This option will set the &man.sysctl.8; variable <varname>net.inet.ip.forwarding</varname> to - <literal>1</literal>. To stop routing, - reset this to <literal>0</literal>.</para> + <literal>1</literal>. To stop routing, reset this to + <literal>0</literal>.</para> <indexterm><primary>BGP</primary></indexterm> <indexterm><primary>RIP</primary></indexterm> <indexterm><primary>OSPF</primary></indexterm> <para>The new router will need routes to know where to send the - traffic. If the network is simple enough, static - routes can be used. &os; comes with the standard BSD routing - daemon &man.routed.8;, which speaks <acronym>RIP</acronym> - versions 1 and 2, and <acronym>IRDP</acronym>. Support for + traffic. If the network is simple enough, static routes can + be used. &os; comes with the standard BSD routing daemon + &man.routed.8;, which speaks <acronym>RIP</acronym> versions + 1 and 2, and <acronym>IRDP</acronym>. Support for <acronym>BGP</acronym>v4, <acronym>OSPF</acronym>v2, and other sophisticated routing protocols is available with the <filename role="package">net/zebra</filename> package or @@ -523,16 +512,14 @@ host2.example.com link#1 UC <para>In this scenario, <hostid>RouterA</hostid> is a &os; machine that is acting as a router to the rest of the - Internet. It has a default route set to - <hostid role="ipaddr">10.0.0.1</hostid> which allows it to + Internet. It has a default route set to <hostid + role="ipaddr">10.0.0.1</hostid> which allows it to connect with the outside world. <hostid>RouterB</hostid> is - already configured properly as it - uses - <hostid role="ipaddr">192.168.1.1</hostid> as the - gateway.</para> + already configured properly as it uses <hostid + role="ipaddr">192.168.1.1</hostid> as the gateway.</para> - <para>The routing table on - <hostid>RouterA</hostid> looks something like this:</para> + <para>The routing table on <hostid>RouterA</hostid> looks + something like this:</para> <screen>&prompt.user; <userinput>netstat -nr</userinput> Routing tables @@ -545,13 +532,11 @@ default 10.0.0.1 UG 192.168.1.0/24 link#2 UC 0 0 xl1</screen> <para>With the current routing table, <hostid>RouterA</hostid> - cannot reach Internal Net 2 as it does not - have a route for + cannot reach Internal Net 2 as it does not have a route for <hostid role="ipaddr">192.168.2.0/24</hostid>. The - following - command adds the Internal Net 2 network to - <hostid>RouterA</hostid>'s routing table using - <hostid role="ipaddr">192.168.1.2</hostid> as the next + following command adds the Internal Net 2 network to + <hostid>RouterA</hostid>'s routing table using <hostid + role="ipaddr">192.168.1.2</hostid> as the next hop:</para> <screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen> @@ -564,11 +549,11 @@ default 10.0.0.1 UG <sect3> <title>Persistent Configuration</title> - <para>The above example configures a static - route on a running system. However, the - routing information will not persist if the &os; system - reboots. Persistent static routes can be - entered in <filename>/etc/rc.conf</filename>:</para> + <para>The above example configures a static route on a + running system. However, the routing information will not + persist if the &os; system reboots. Persistent static + routes can be entered in + <filename>/etc/rc.conf</filename>:</para> <programlisting># Add Internal Net 2 as a static route static_routes="internalnet2" @@ -576,23 +561,21 @@ route_internalnet2="-net 192.168.2.0/24 <para>The <literal>static_routes</literal> configuration variable is a list of strings separated by a space, where - each - string references a route name. This example - only has one string in <literal>static_routes</literal>, + each string references a route name. This example only + has one string in <literal>static_routes</literal>, <replaceable>internalnet2</replaceable>. The variable <literal>route_<replaceable>internalnet2</replaceable></literal> - contains all of the configuration parameters - to &man.route.8;. This example is equivalent - to the command:</para> + contains all of the configuration parameters to + &man.route.8;. This example is equivalen to the + command:</para> <screen>&prompt.root; <userinput>route add -net 192.168.2.0/24 192.168.1.2</userinput></screen> <para>Using more than one string in - <literal>static_routes</literal> creates - multiple static routes. The following shows an - example of adding static routes for the - <hostid role="ipaddr">192.168.0.0/24</hostid> and - <hostid role="ipaddr">192.168.1.0/24</hostid> + <literal>static_routes</literal> creates multiple static + routes. The following shows an example of adding static + routes for the <hostid role="ipaddr">192.168.0.0/24</hostid> + and <hostid role="ipaddr">192.168.1.0/24</hostid> networks:</para> <programlisting>static_routes="net1 net2" @@ -610,16 +593,14 @@ route_net2="-net 192.168.1.0/24 192.168. site. But how do external sites know to send their packets to the network's <acronym>ISP</acronym>?</para> - <para>There is a system - that keeps track of all assigned address spaces - and defines their point of connection to the Internet - backbone, or the main trunk - lines that carry Internet traffic across the country and - around the world. Each backbone machine has a copy of a - master set of tables, which direct traffic for a particular - network to a specific backbone carrier, and from there down - the chain of service providers until it reaches your - network.</para> + <para>There is a system that keeps track of all assigned + address spaces and defines their point of connection to the + Internet backbone, or the main trunk lines that carry Internet + traffic across the country and around the world. Each + backbone machine has a copy of a master set of tables, which + direct traffic for a particular network to a specific + backbone carrier, and from there down the chain of service + providers until it reaches your network.</para> <para>It is the task of the service provider to advertise to the backbone sites that they are the point of connection, and @@ -637,17 +618,16 @@ route_net2="-net 192.168.1.0/24 192.168. <para>Sometimes, there is a problem with routing propagation and some sites are unable to connect. Perhaps the most useful command for trying to figure out where routing is - breaking down is &man.traceroute.8;. It is - useful when &man.ping.8; fails.</para> + breaking down is &man.traceroute.8;. It is useful when + &man.ping.8; fails.</para> <para>When using &man.traceroute.8;, include the name of the - remote host to connect to. The output will show the - gateway hosts along the path of the attempt, eventually either + remote host to connect to. The output will show the gateway + hosts along the path of the attempt, eventually either reaching the target host, or terminating because of a lack of connection.</para> - <para>For more information, refer to - &man.traceroute.8;.</para> + <para>For more information, refer to &man.traceroute.8;.</para> </sect2> <sect2 id="network-routing-multicast"> @@ -661,17 +641,15 @@ route_net2="-net 192.168.1.0/24 192.168. <secondary>MROUTING</secondary> </indexterm> <para>&os; natively supports both multicast applications and - multicast - routing. Multicast applications do not require any + multicast routing. Multicast applications do not require any special configuration of &os;; as applications will generally - run out of the box. Multicast routing - requires that support be compiled into a custom kernel:</para> + run out of the box. Multicast routing requires that support + be compiled into a custom kernel:</para> <programlisting>options MROUTING</programlisting> - <para>The multicast routing daemon, &man.mrouted.8;, - must be configured to set up tunnels and - <acronym>DVMRP</acronym> via + <para>The multicast routing daemon, &man.mrouted.8;, must be + configured to set up tunnels and <acronym>DVMRP</acronym> via <filename>/etc/mrouted.conf</filename>. More details on multicast configuration may be found in &man.mrouted.8;.</para> @@ -682,8 +660,8 @@ route_net2="-net 192.168.1.0/24 192.168. which has largely been replaced by &man.pim.4; in many multicast installations. &man.mrouted.8; and the related &man.map-mbone.8; and &man.mrinfo.8; utilities are available - in the &os; Ports Collection as - <filename role="package">net/mrouted</filename>.</para> + in the &os; Ports Collection as <filename + role="package">net/mrouted</filename>.</para> </note> </sect2> </sect1> @@ -729,96 +707,83 @@ route_net2="-net 192.168.1.0/24 192.168. a master with all the other stations associating to it, the network is known as a <acronym>BSS</acronym>, and the master - station is termed an - access point (<acronym>AP</acronym>). In a - <acronym>BSS</acronym>, all communication passes through + station is termed an access point (<acronym>AP</acronym>). + In a <acronym>BSS</acronym>, all communication passes through the <acronym>AP</acronym>; even when one station wants to - communicate with - another wireless station, messages must go through the - <acronym>AP</acronym>. In - the second form of network, there is no master and stations - communicate directly. This form of network is termed an - <acronym>IBSS</acronym> - and is commonly known as an - <emphasis>ad-hoc network</emphasis>.</para> + communicate with another wireless station, messages must go + through the <acronym>AP</acronym>. In the second form of + network, there is no master and stations communicate directly. + This form of network is termed an <acronym>IBSS</acronym> + and is commonly known as an <emphasis>ad-hoc + network</emphasis>.</para> <para>802.11 networks were first deployed in the 2.4GHz band using protocols defined by the &ieee; 802.11 and 802.11b standard. These specifications include the operating frequencies and the <acronym>MAC</acronym> layer - characteristics, including framing and - transmission rates, as communication can occur at various - rates. Later, the 802.11a standard defined operation in the - 5GHz band, including different signaling mechanisms and - higher transmission rates. Still later, the 802.11g standard - defined the use of 802.11a signaling and - transmission mechanisms in the 2.4GHz band in such a way as to - be backwards compatible with 802.11b networks.</para> + characteristics, including framing and transmission rates, + as communication can occur at various rates. Later, the + 802.11a standard defined operation in the 5GHz band, including + different signaling mechanisms and higher transmission rates. + Still later, the 802.11g standard defined the use of 802.11a + signaling and transmission mechanisms in the 2.4GHz band in + such a way as to be backwards compatible with 802.11b + networks.</para> <para>Separate from the underlying transmission techniques, 802.11 networks have a variety of security mechanisms. The original 802.11 specifications defined a simple security protocol called <acronym>WEP</acronym>. This protocol uses a - fixed pre-shared key - and the RC4 cryptographic cipher to encode data transmitted on - a network. Stations must all agree on the fixed key in order - to communicate. This scheme was shown to be easily broken and - is now rarely used except to discourage transient users from - joining networks. Current security practice is given by the - &ieee; 802.11i specification that defines new cryptographic - ciphers and an additional protocol to authenticate stations to - an access point and exchange keys for data - communication. Cryptographic keys are periodically - refreshed and there are mechanisms for detecting - and countering intrusion attempts. Another + fixed pre-shared key and the RC4 cryptographic cipher to + encode data transmitted on a network. Stations must all + agree on the fixed key in order to communicate. This scheme + was shown to be easily broken and is now rarely used except + to discourage transient users from joining networks. Current + security practice is given by the &ieee; 802.11i specification + that defines new cryptographic ciphers and an additional + protocol to authenticate stations to an access point and + exchange keys for data communication. Cryptographic keys + are periodically refreshed and there are mechanisms for + detecting and countering intrusion attempts. Another security protocol specification commonly used in wireless networks is termed <acronym>WPA</acronym>, which was a - precursor to 802.11i. <acronym>WPA</acronym> - specifies a subset of - the requirements found in 802.11i and is designed for - implementation on legacy hardware. Specifically, - <acronym>WPA</acronym> requires - only the <acronym>TKIP</acronym> cipher that is derived from - the original <acronym>WEP</acronym> - cipher. 802.11i permits use of <acronym>TKIP</acronym> but - also requires support - for a stronger cipher, AES-CCM, for encrypting data. The - <acronym>AES</acronym> - cipher was not required in <acronym>WPA</acronym> because it - was deemed too + precursor to 802.11i. <acronym>WPA</acronym> specifies a + subset of the requirements found in 802.11i and is designed + for implementation on legacy hardware. Specifically, + <acronym>WPA</acronym> requires only the + <acronym>TKIP</acronym> cipher that is derived from the + original <acronym>WEP</acronym> cipher. 802.11i permits use + of <acronym>TKIP</acronym> but also requires support for a + stronger cipher, AES-CCM, for encrypting data. The + <acronym>AES</acronym> cipher was not required in + <acronym>WPA</acronym> because it was deemed too computationally costly to be implemented on legacy hardware.</para> - <para>The other - standard to be aware of is 802.11e. It defines + <para>The other standard to be aware of is 802.11e. It defines protocols for deploying multimedia applications, such as streaming video and voice over IP (<acronym>VoIP</acronym>), - in - an 802.11 network. - Like 802.11i, 802.11e also has a precursor specification - termed <acronym>WME</acronym> (later renamed - <acronym>WMM</acronym>) that has been defined by an + in an 802.11 network. Like 802.11i, 802.11e also has a + precursor specification termed <acronym>WME</acronym> (later + renamed <acronym>WMM</acronym>) that has been defined by an industry group as a subset of 802.11e that can be deployed now to enable multimedia applications while waiting for the final ratification of 802.11e. The most important thing to know about 802.11e and <acronym>WME</acronym>/<acronym>WMM</acronym> is that it - enables prioritized - traffic over a wireless network through Quality of Service - (<acronym>QoS</acronym>) protocols and enhanced media access - protocols. Proper - implementation of these protocols enables high speed bursting - of data and prioritized traffic flow.</para> - - <para>&os; supports networks that operate - using 802.11a, 802.11b, and 802.11g. The - <acronym>WPA</acronym> and 802.11i + enables prioritized traffic over a wireless network through + Quality of Service (<acronym>QoS</acronym>) protocols and + enhanced media access protocols. Proper implementation of + these protocols enables high speed bursting of data and + prioritized traffic flow.</para> + + <para>&os; supports networks that operate using 802.11a, + 802.11b, and 802.11g. The <acronym>WPA</acronym> and 802.11i security protocols are likewise supported (in conjunction with any of 11a, 11b, and 11g) and <acronym>QoS</acronym> and - traffic prioritization - required by the <acronym>WME</acronym>/<acronym>WMM</acronym> - protocols are supported for a limited - set of wireless devices.</para> + traffic prioritization required by the + <acronym>WME</acronym>/<acronym>WMM</acronym> protocols are + supported for a limited set of wireless devices.</para> </sect2> <sect2 id="network-wireless-basic"> @@ -827,65 +792,58 @@ route_net2="-net 192.168.1.0/24 192.168. <sect3> <title>Kernel Configuration</title> - <para>To use wireless networking, a wireless - networking card is needed and the kernel needs to be - configured with the + <para>To use wireless networking, a wireless networking card + is needed and the kernel needs to be configured with the appropriate wireless networking support. The kernel is separated into multiple modules so that only the required - support needs to be - configured.</para> + support needs to be configured.</para> <para>The most commonly used wireless devices are those that use parts made - by - Atheros. These devices are supported by &man.ath.4; + by Atheros. These devices are supported by &man.ath.4; and require the following line to be added to <filename>/boot/loader.conf</filename>:</para> <programlisting>if_ath_load="YES"</programlisting> <para>The Atheros driver is split up into three separate - pieces: the driver (&man.ath.4;), the hardware - support layer that handles chip-specific functions + pieces: the driver (&man.ath.4;), the hardware support + layer that handles chip-specific functions (&man.ath.hal.4;), and an algorithm for selecting the - rate for transmitting frames. - When this support is loaded as - kernel modules, any dependencies are automatically handled. - To load support for a different type of wireless device, - specify the module for that device. This example is for - devices based on the Intersil Prism parts (&man.wi.4;) - driver:</para> + rate for transmitting frames. When this support is loaded + as kernel modules, any dependencies are automatically + handled. To load support for a different type of wireless + device, specify the module for that device. This example + is for devices based on the Intersil Prism parts + (&man.wi.4;) driver:</para> <programlisting>if_wi_load="YES"</programlisting> <note> - <para>The examples in this section use an - &man.ath.4; device and the device name in the examples - must - be changed according to the configuration. A list of + <para>The examples in this section use an &man.ath.4; + device and the device name in the examples must be + changed according to the configuration. A list of available wireless drivers and supported adapters can be found in the &os; Hardware Notes, available on the <ulink url="http://www.FreeBSD.org/releases/index.html">Release Information</ulink> page of the &os; website. If a native &os; driver for the wireless device does not - exist, it may be possible to use the &windows; - driver with the help of the - <link linkend="config-network-ndis">NDIS</link> driver + exist, it may be possible to use the &windows; driver + with the help of the <link + linkend="config-network-ndis">NDIS</link> driver wrapper.</para> </note> - <para>In addition, the modules that implement - cryptographic support for the security protocols - to use must be loaded. These are intended to be dynamically - loaded on - demand by the &man.wlan.4; module, but for now they must be - manually configured. The following modules are available: + <para>In addition, the modules that implement cryptographic + support for the security protocols to use must be loaded. + These are intended to be dynamically loaded on demand by + the &man.wlan.4; module, but for now they must be manually + configured. The following modules are available: &man.wlan.wep.4;, &man.wlan.ccmp.4;, and &man.wlan.tkip.4;. The &man.wlan.ccmp.4; and &man.wlan.tkip.4; drivers are only needed when using the <acronym>WPA</acronym> or - 802.11i - security protocols. If the network does not use + 802.11i security protocols. If the network does not use encryption, &man.wlan.wep.4; support is not needed. To load these modules at boot time, add the following lines to <filename>/boot/loader.conf</filename>:</para> @@ -895,17 +853,15 @@ wlan_ccmp_load="YES" wlan_tkip_load="YES"</programlisting> <para>Once this information has been added to - <filename>/boot/loader.conf</filename>, reboot - the &os; box. Alternately, - load the modules by hand using + <filename>/boot/loader.conf</filename>, reboot the &os; + box. Alternately, load the modules by hand using &man.kldload.8;.</para> <note> <para>For users who do not want to use modules, it is - possible to - compile these drivers into the kernel by adding the - following lines to a custom kernel configuration - file:</para> + possible to compile these drivers into the kernel by + adding the following lines to a custom kernel + configuration file:</para> <programlisting>device wlan # 802.11 support device wlan_wep # 802.11 WEP support @@ -922,10 +878,8 @@ device ath_rate_sample # SampleRate tx machine.</para> </note> - <para>Information - about the wireless device should appear in the boot - messages, like - this:</para> + <para>Information about the wireless device should appear + in the boot messages, like this:</para> <screen>ath0: <Atheros 5212> mem 0x88000000-0x8800ffff irq 11 at device 0.0 on cardbus1 ath0: [ITHREAD] @@ -937,12 +891,11 @@ ath0: AR2413 mac 7.9 RF2413 phy 4.5</scr <title>Infrastructure Mode</title> <para>Infrastructure (<acronym>BSS</acronym>) mode is the - mode that is - typically used. In this mode, a number of wireless access - points are connected to a wired network. Each wireless - network has its own name, called the <acronym>SSID</acronym>. - Wireless clients connect to the wireless access - points.</para> + mode that is typically used. In this mode, a number of + wireless access points are connected to a wired network. + Each wireless network has its own name, called the + <acronym>SSID</acronym>. Wireless clients connect to the + wireless access points.</para> <sect3> <title>&os; Clients</title> @@ -950,12 +903,11 @@ ath0: AR2413 mac 7.9 RF2413 phy 4.5</scr <sect4> <title>How to Find Access Points</title> - <para>To scan for available networks, use - &man.ifconfig.8;. This request may - take a few moments to complete as it requires the - system to switch to each available wireless frequency and - probe for available access points. Only the superuser - can initiate a scan:</para> + <para>To scan for available networks, use &man.ifconfig.8;. + This request may take a few moments to complete as it + requires the system to switch to each available wireless + frequency and probe for available access points. Only + the superuser can initiate a scan:</para> <screen>&prompt.root; <userinput>ifconfig <replaceable>wlan0</replaceable> create wlandev <replaceable>ath0</replaceable></userinput> &prompt.root; <userinput>ifconfig <replaceable>wlan0</replaceable> up scan</userinput> @@ -964,20 +916,20 @@ dlinkap 00:13:46:49:41:76 11 freebsdap 00:11:95:c3:0d:ac 1 54M -83:96 100 EPS WPA</screen> <note> - <para>The interface must be <option>up</option> - before it can scan. Subsequent scan requests do not - require the interface to be marked as up again.</para> + <para>The interface must be <option>up</option> before + it can scan. Subsequent scan requests do not require + the interface to be marked as up again.</para> </note> <para>The output of a scan request lists each - <acronym>BSS</acronym>/<acronym>IBSS</acronym> - network found. Besides listing the name of the network, - the <literal>SSID</literal>, the output also shows the + <acronym>BSS</acronym>/<acronym>IBSS</acronym> network + found. Besides listing the name of the network, the + <literal>SSID</literal>, the output also shows the <literal>BSSID</literal>, which is the - <acronym>MAC</acronym> address of the - access point. The <literal>CAPS</literal> field - identifies the type of each network and the capabilities - of the stations operating there:</para> + <acronym>MAC</acronym> address of the access point. The + <literal>CAPS</literal> field identifies the type of + each network and the capabilities of the stations + operating there:</para> <table frame="none" pgwide="0"> <title>Station Capability Codes</title> @@ -1003,18 +955,18 @@ freebsdap 00:11:95:c3:0d:ac 1 <row> <entry><literal>I</literal></entry> <entry><acronym>IBSS</acronym>/ad-hoc network. - Indicates that the - station is part of an ad-hoc network rather than - an <acronym>ESS</acronym> network.</entry> + Indicates that the station is part of an ad-hoc + network rather than an <acronym>ESS</acronym> + network.</entry> </row> <row> <entry><literal>P</literal></entry> - <entry>Privacy. Encryption is required - for all data frames exchanged within the - <acronym>BSS</acronym> - using cryptographic means such as - <acronym>WEP</acronym>, <acronym>TKIP</acronym> or + <entry>Privacy. Encryption is required for all + data frames exchanged within the + <acronym>BSS</acronym> using cryptographic means + such as <acronym>WEP</acronym>, + <acronym>TKIP</acronym> or <acronym>AES</acronym>-<acronym>CCMP</acronym>.</entry> </row> @@ -1022,10 +974,9 @@ freebsdap 00:11:95:c3:0d:ac 1 <entry><literal>S</literal></entry> <entry>Short Preamble. Indicates that the network is using short preambles, defined in 802.11b High - Rate/DSSS PHY, and utilizes a 56 bit - sync field rather than the 128 bit - field used in - long preamble mode.</entry> + Rate/DSSS PHY, and utilizes a 56 bit sync field + rather than the 128 bit field used in long + preamble mode.</entry> </row> <row> @@ -1056,15 +1007,14 @@ freebsdap 00:11:95:c3:0d:ac 1 <para>This section provides a simple example of how to make the wireless network adapter work in &os; without encryption. Once familiar with these concepts, it is - strongly recommend to use - <link linkend="network-wireless-wpa">WPA</link> to set up + strongly recommend to use <link + linkend="network-wireless-wpa">WPA</link> to set up the wireless network.</para> <para>There are three basic steps to configure a wireless network: select an access point, authenticate the station, and configure an <acronym>IP</acronym> address. - The following - sections discuss each step.</para> + The following sections discuss each step.</para> <sect5> <title>Selecting an Access Point</title> @@ -1072,15 +1022,14 @@ freebsdap 00:11:95:c3:0d:ac 1 <para>Most of the time, it is sufficient to let the system choose an access point using the builtin heuristics. This is the default behaviour when an interface is - marked as - up or it is listed in + marked as up or it is listed in <filename>/etc/rc.conf</filename>:</para> <programlisting>wlans_ath0="wlan0" ifconfig_wlan0="DHCP"</programlisting> - <para>If there are multiple access points, - a specific one can be selected by its + <para>If there are multiple access points, a specific + one can be selected by its <acronym>SSID</acronym>:</para> <programlisting>wlans_ath0="wlan0" @@ -1088,11 +1037,10 @@ ifconfig_wlan0="ssid <replaceable>your_s <para>In an environment where there are multiple access points with the same <acronym>SSID</acronym>, which - is often done to simplify - roaming, it may be necessary to associate to one - specific device. In this case, the - <acronym>BSSID</acronym> of the access point can - be specified, with or without the + is often done to simplify roaming, it may be necessary + to associate to one specific device. In this case, the + <acronym>BSSID</acronym> of the access point can be + specified, with or without the <acronym>SSID</acronym>:</para> <programlisting>wlans_ath0="wlan0" @@ -1100,8 +1048,7 @@ ifconfig_wlan0="ssid <replaceable>your_s <para>There are other ways to constrain the choice of an access point, such as limiting the set of frequencies - the - system will scan on. This may be useful for a + the system will scan on. This may be useful for a multi-band wireless card as scanning all the possible channels can be time-consuming. To limit operation to a specific band, use the <option>mode</option> @@ -1111,13 +1058,11 @@ ifconfig_wlan0="ssid <replaceable>your_s ifconfig_wlan0="mode <replaceable>11g</replaceable> ssid <replaceable>your_ssid_here</replaceable> DHCP"</programlisting> <para>This example will force the card to operate in - 802.11g, which is - defined only for 2.4GHz frequencies so any 5GHz channels - will not be considered. This can also be achieved with - the + 802.11g, which is defined only for 2.4GHz frequencies + so any 5GHz channels will not be considered. This can + also be achieved witt the <option>channel</option> parameter, which locks - operation to - one specific frequency, and the + operation to one specific frequency, and the <option>chanlist</option> parameter, to specify a list of channels for scanning. More information about these parameters can be found in &man.ifconfig.8;.</para> @@ -1129,49 +1074,42 @@ ifconfig_wlan0="mode <replaceable>11g</r <para>Once an access point is selected, the station needs to authenticate before it can pass data. Authentication can happen in several ways. The most - common scheme, open authentication, - allows any station to join the network and communicate. - This is the authentication to use for test - purposes the first time a wireless network is setup. - Other schemes require cryptographic handshakes to be - completed before data traffic can flow, either using - pre-shared keys or secrets, or more complex schemes that - involve backend services such as - <acronym>RADIUS</acronym>. - Open authentication is the default - setting. The next most common setup is - <acronym>WPA-PSK</acronym>, also - known - as <acronym>WPA</acronym> Personal, which is described - in <xref + common scheme, open authentication, allows any station + to join the network and communicate. This is the + authentication to use for test purposes the first time + a wireless network is setup. Other schemes require + cryptographic handshakes to be completed before data + traffic can flow, either using pre-shared keys or + secrets, or more complex schemes that involve backend + services such as <acronym>RADIUS</acronym>. Open + authentication is the default setting. The next most + common setup is <acronym>WPA-PSK</acronym>, also + known as <acronym>WPA</acronym> Personal, which is + described in <xref linkend="network-wireless-wpa-wpa-psk"/>.</para> <note> <para>If using an &apple; &airport; Extreme base - station for an access point, - shared-key authentication together with a - <acronym>WEP</acronym> key needs to be configured. - This can be configured in + station for an access point, shared-key authentication + together with a <acronym>WEP</acronym> key needs to + be configured. This can be configured in <filename>/etc/rc.conf</filename> or by using *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201305201344.r4KDiRQN093577>