Setting up a simple wireless network

The first part is to make sure you have a supported card and check your dmesg output to see that the driver loads and initializes the card properly[1] With a successfully configured card you should see something like

ath0 at pci1 dev 4 function 0 "Atheros AR5212" rev 0x01: irq 11
ath0: AR5212 5.6 phy 4.1 rf5111 1.7 rf2111 2.3, ETSI1W, address 

Next, you need to configure the interface for TCP/IP. On OpenBSD, this means an /etc/hostname.ath0 roughly like this:

up media autoselect mediaopt hostap mode 11b chan 6 nwid unwiredbsd \
 nwkey 0x1deadbeef9

Note that the configuration is divided over two lines. The first line generates an ifconfig command which sets up the interface with the correct parameters for the physical wireless network, the second command, which gets executed only after the first one completes, sets the IP address. Note that we set the channel explicitly, and we enable a weak WEP encryption by setting the nwkey parameter.

NoteFrom OpenBSD 4.4 onwards, we have WPA, config simplified in OpenBSD 4.9

From OpenBSD 4.4 onwards, WPA is available. To handle WPA keys we used wpa-psk, either from the command line to generate a pasteable key:

$ wpa-psk unwiredbsd mylongpassphrase

or directly in your network configuration file. Here is the configuration for a WPA access point, OpenBSD 4.4 style:

up media autoselect mediaopt hostap mode 11b chan 6 nwid unwiredbsd \
 wpa wpapsk $(wpa-psk unwiredbsd mylongpassphase)

In OpenBSD 4.9, the WPA key functionality was merged into ifconfig, and the configuration syntax was simplified. The WPA access point configuration in the OpenBSD 4.9 (and newer) style is:

up media autoselect mediaopt hostap mode 11b chan 6 nwid unwiredbsd \
 wpakey mylongpassphase

and you would need to set up IP addresses and likely DHCP too, of course.

On FreeBSD you would need to put those lines in your /etc/start_if.ath0, and substitute your interface name for ath0 if required

Then you most likely want to set up dhcpd to serve addresses and other relevant network information to clients. Your clients would need an /etc/hostname.ath0 configuration of

up media autoselect mode 11b chan 6 nwid unwiredbsd nwkey 0x1deadbeef9

For a setup with WPA and pre-shared keys corresponding to the access point earlier, you would need something like

up media autoselect mode 11b chan 6 nwid unwiredbsd \ 
wpa wpapsk $(wpa-psk unwiredbsd mylongpassphase)

instead. Note that the details of setting up WPA for FreeBSD differs somewhat.

and again on FreeBSD, you would need to put those lines in your /etc/start_if.ath0, and substitute your interface name for ath0 here if required.

Assuming your gateway does NAT, you will want to set up NAT for the wireless network as well, by making some small changes to your /etc/pf.conf:

air_if = "ath0"


nat on $ext_if from $air_if:network to any -> ($ext_if) static-port

You will need a similar near duplicate line for your ftp-proxy config, and include $air_if in your pass rules.

That's all there is to it. This configuration gives you a functional BSD access point, with at least token security via WEP encryption, or WPA if your setup includes OpenBSD.

A somewhat more thorough treatment of wireless networks, including setup tips for newer FreeBSD configurations, can be found in The Book of PF.



Wireless network support in OpenBSD and BSDs in general is getting better all the time, but this does not mean that getting all the bits you need is necessarily easy. A brief history of my home network goes like this: I started out buying two CNet CWP-854 cards, which should be supported in OpenBSD 3.7 via the new ral driver. The one I put in the brand new Dell machine running a non-free operating system worked right out of the box. My gateway, which had been running without incident since the 3.3 days however, was a little more problematic. The card did get recognized and configured, but once the Dell tried to get an IP address, the gateway went down with a kernel panic. The gory details are available as OpenBSD PR number 4217. I have promised to test the card again with a new snapshot - as soon as I can locate the card again. From the Dell we could see an amazing number of networks, almost all unsecured, but that's another story entirely.

I decided i wanted to try ath cards, and bought a D-Link DWL-G520, which I then managed to misplace while moving house. Next, I bought a DWL-G520+, thinking that the plus sign must mean it's better. Unfortunately, the plus meant a whole different chipset was used, the TI ACX111, which comes with a low price tag but with no documentation accessible to free software developers. Fortunately the store let me return the card for a refund with no trouble at all. At this point, I was getting rather frustrated, and went all across town to a shop which had several DWL-AG520 cards in stock. It was a bit more expensive than the others, but it did work right away. A couple of weeks later the G520 turned up, and of course that worked too. My laptop (which at the time ran FreeBSD) came with a Realtek 8180 wireless mini-PCI card built in, but for some reason I could not get it to work. I ended up buying DWL-AG650 cardbus card, which works flawlessly with the ath driver. In general, my advice is, if you shop online, keep the man pages available in another tab or window, and if you go to a physical store, make sure to tell the clerks you will be using a BSD, and if you're not sure about the card they are trying to sell you, see if you can borrow a machine to browse the online man pages. Telling the clerks up front could end up making it easier to get a refund if the part does not work, and telling them the card did work is good advocacy.

It is possibly worth noting that the acx driver, introduced in OpenBSD 4.0, has brought reverse engineered support for ACX1nn based cards to the BSDs.