- 1 Installation
- 1.1 NetworkManager 0.9.8
- 1.2 NetworkManager 0.9.10
- 1.3 NetworkManager live ebuild (future 1.0 release)
- 1.4 NetworkManager VPN plugins
- 1.5 NetworkManager split DNS and DNSSEC support using unbound and dnssec-trigger
- 1.6 NetworkManager CLI and TUI
- 1.7 NetworkManager GUI bits in GTK
- 1.8 Kernel configuration
- 2 Configuration
- 3 Troubleshotting
NetworkManager requires an implementation of udev and D-Bus. On laptops and desktops, it is typically built with polkit to enable local users to configure it. It also optionally integrates with systemd, upower, consolekit and others.
It's a good idea to use dhclient from net-misc/dhcp instead of net-misc/dhcpcd. While dhcpcd in standalone mode provides some interesting features over dhclient, those will not be used by NetworkManager. Most upstream developers and most users of other distributions do use dhclient and it's therefore much better tested, works correctly with IPv6 and is generally a better DHCP client to be used with NetworkManager.
NetworkManager branch 0.9.8 is the stable version of NetworkManager in Gentoo.
NetworkManager branch 0.9.10 isn't in portage. It would be a good addition though as it provides large part of features that are getting to the upcoming 1.0 release.
NetworkManager live ebuild (future 1.0 release)
NetworkManager is changing substantially and its feature set is slowly moving from a laptop oriented tool to a universal network management service configured using all sorts of tools from nmcli through nmtui to GUI tools like nm-applet, nm-connection-editor, Gnome Shell's network indicator, Gnome 3 control center, KDE plasma-nm and more.
Now you can install the live ebuild.
If anything goes wrong, contact User:Pavlix. Those are live ebuilds and therefore they can occasionally need updating. I'm also considering starting a separate overlay just for networking related tools, let me know if that would help you.
NetworkManager VPN plugins
- net-misc/networkmanager-openconnect - VPN connection using OpenConnect
- net-misc/networkmanager-openswan - VPN connection using net-misc/openswan or net-misc/libreswan
- net-misc/networkmanager-openvpn - VPN connection using OpenVPN server
- net-misc/networkmanager-pptp - VPN connection to a PPTP server
- net-misc/networkmanager-sstp - VPN connection to a SSTP server
- net-misc/networkmanager-vpnc - VPN connection using net-misc/vpnc
NetworkManager split DNS and DNSSEC support using unbound and dnssec-trigger
This doesn't yet work well with upstream releases nor in portage. But you can use Layman to add the [ixit overlay and install net-misc/networkmanager, net-dns/dnssec-trigger and net-dns/unbound live ebuilds from there.
Now you can install the live ebuilds.
The main difference from simple DNSSEC support like in the dnsmasq plugin is that dnssec-trigger does its best to ensure that you get a working DNSSEC configuration even on your laptop roaming among third party networks with different capabilities as well as to allow you to still access local resources and that you can choose to work without DNSSEC when it cannot provide a working setup.
NetworkManager CLI and TUI
Those are included in the current versions of net-misc/networkmanager.
NetworkManager GUI bits in GTK
The systray applet is in gnome-extra/nm-applet and works in classic Xembed based systrays. If you don't have one in your desktop environment, you can use a standalone systray like stalonetray. The connection editor GUI in the same package as the applet. Note that this package serves all sorts of desktop environments and panels with systrays but it's no longer used by Gnome which has its own implementations in Gnome Shell and [[Gnome Control Center]].
Also note that the current upstream version doesn't support the appindicator API and thus doesn't work in some systray implemenatation like that in current versions of KDE and Unity or the development versions of Enlightenment.
=== NetworkManager manager KDE GUIs
For Wifi devices enable also the following options:
Look at the udev page for kernel configuration needed for this NetworkManager dependency.
On Gentoo, NetworkManager uses the plugdev group, so add your user to plugdev.
Starting and enabling the service
You can now start NetworkManager:
To start NetworkManager at boot time, add it your default runlevel:
Note that NetworkManager will not connect if other services are also managing connections. So you need to remove them, if you have them installed.
On a systemd-based install, you can start NetworkManager like soː
To start it at boot timeː
Portage knows the global USE flag networkmanager for enabling support for NetworkManager in other packages. Enabling this USE flag will pull in net-misc/networkmanager automatically:
The USE flags of networkmanager are:
|avahi||No||Add avahi/Zeroconf support|
|bluetooth||Yes||Enables Bluetooth Support|
|connection-sharing||No||Use net-dns/dnsmasq and net-firewall/iptables for connection sharing|
|consolekit||Yes||Use sys-auth/consolekit for session tracking|
|dhclient||No||Use dhclient from net-misc/dhcp for getting ip|
|dhcpcd||Yes||Use net-misc/dhcpcd for getting ip|
|doc||No||Adds extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally|
|gnutls||No||Adds support for net-libs/gnutls (TLS 1.0 and SSL 3.0 support)|
|introspection||Yes||Adds support for GObject based introspection|
|modemmanager||No||Enable support for mobile broadband devices using net-misc/modemmanager|
|nss||Yes||Use dev-libs/nss for cryptography|
|ppp||Yes||Enable support for mobile broadband and PPPoE connections using net-dialup/ppp|
|resolvconf||No||Use net-dns/openresolv for managing DNS information|
|vala||No||Enable bindings for dev-lang/vala|
|wext||Yes||Enable support for the deprecated Wext (Wireless Extensions) API; needed for some older drivers (e.g. ipw2200, ndiswrapper)|
|wimax||No||Enable support for WiMAX connections using net-wireless/wimax|
After setting this you want to update your system so the changes take effect:
Setting a hostname
If you built NetworkManager with USE=dhclient, you can set a hostname like this:
nm-applet and X session startup
To be able to get nm-applet started when starting your light X session or light desktop environment, just put the following line in your ~/.xinitrc file:
For gnome-base/gnome-keyring support, add the following lines before the previous line. This will ease password management for GnuPG, ssh and Wifi:
NetworkManager can be set up to use Dnsmasq as a local DNS server that passes the DNS queries on to your provider's DNS server. /etc/resolv.conf will be set to point to 127.0.0.1, where dnsmasq runs and processes the queries. This can be useful for example if an application chroots for security reasons and before doing so copies /etc/resolv.conf. Then it would never be informed about changes to the DNS servers as your laptop moves from Wifi to Wifi.
Setup of dnsmasq is simple:
Then restart NetworkManager.
Dnsmasq can optionally validate DNSSEC data while passing through queries (must be compiled with the dnssec use flag). This can be accomplished by adding these lines to the NetworkManager dnsmasq config file:
The trusted anchor can be found here. After this change dnsmasq will return SERVFAIL and no DNS data if the validation fails. If the validation succeeds it sets the ad flag. In case the domain does not support DNSSEC dnsmasq behaves as before.
If your ISP's DNS server does not forward DNSSEC data then this will fail. In that case you can uncomment the last line, but it will defy the purpose of DNSSEC. Google's server 220.127.116.11 provise DNSSEC data.