DNS Resolution

If the connection fails, or if problems occur when roaming through changing networks, create a /etc/iwd/main.conf file with the content from Listing 2 using your preferred editor. The configuration causes iwd to hand over name resolution to systemd-resolved. resolvconf is also available as an alternative.

[General]
EnableNetworkConfiguration=true
[Network]
NameResolvingService=systemd

As you can see, a computer with iwd can quickly be integrated into a wireless network; graphical tools are not absolutely necessary. Similarly, iwd access can also be set up using WPS, which automatically configures a wireless connection at the touch of a button, PIN entry, or Near Field Communication (NFC) on a device [6]. The wsc list command shows whether your device is compatible.

For example, if your router supports WPS, type

wsc wlan0 push-button

and press the WPS button on the router. If you need a PIN, the command is

wsc wlan0 start-user-pin

followed by the eight-digit PIN. Other commands supported by iwctl are summarized in Table 1.

Small GUI

When you get iwd set up, the next step is to check the iwgtk GUI management tool, which is still very new. Up to now, only Arch Linux (via AUR) and Alpine Linux offer a binary package for iwgtk. However, it doesn't take long to build the package – the only dependencies are iwd and GTK3.

To build iwgtk, download the ZIP file from GitHub [7] while the connection just created with iwd is still active. If you're familiar with Git, you can also clone it. However, Ubuntu doesn't come with basic developer packages such as gcc and make out the box, and you need to install libgtk3-dev and libglib2.0-dev-bin.

Go to the unzipped folder, iwgtk-master/, and call make, sudo make install, and make clean in that order. After launching the application by typing iwgtk, you will immediately see the existing connection. The GUI is already capable of handling the most common use cases via the D-Bus API. For example, if you now terminate the existing connection, you can restore it with iwgtk.

The application lets you scan for networks in the vicinity, display known networks, include hidden networks, and connect devices via WPS. The GUI also displays the MAC address. In addition, you can switch from the default mode designated as Station to Access Point (AP) or Ad-hoc. The developers recently added an icon for the system section (Figure 5).

Figure 5: The small iwgtk GUI covers most of the iwctl client's command set. However, it cannot and does not seek to compete with the wealth of functions in NetworkManager.

You can't use the iwgtk GUI with WPA Enterprise functions, because they are not available via the D-Bus API but instead require configuration in /var/lib/iwd/. WPA Enterprise lets the WiFi base station negotiate connection requests from the clients with a downstream RADIUS server. If you need the WPA Enterprise variants, EAP-PWD, EAP-PEAP, or TTLS-PAP, see the article on iwd in the Arch Linux Wiki [8].

Also with NetworkManager

The last step is to test iwd as a back end for NetworkManager. Start by reinstalling NetworkManager. If WPA Supplicant is still active from the previous tests, there is no need for action; if not, repeat the appropriate steps from Listing 1. Then edit the NetworkManager configuration (Listing 3).

$ sudo systemctl stop NetworkManager.service
$ sudo nano /etc/NetworkManager/NetworkManager.conf

You need to add a new wifi.backend=iwd line to the [device] section. Then relaunch NetworkManager and reboot your computer; you will have to enter the WiFi password. You have now successfully replaced WPA Supplicant with iwd, which means you can look forward to faster establishment of WiFi connections, and you can also switch to WPA3 Personal.

Commissioning the TP-Link AC750 router as an access point on a Fritz!Box worked in all three tested scenarios. You need root privileges for monitoring with the third component, iwmon. The command outputs a log that is more suitable for developers. Typing

<C>iwmon -w log.pcap<C>

redirects the log to a file, which you can load into Wireshark for analysis and evaluation (Figure 6). The .pcap suffix stands for Packet Capture, an interface for recording network traffic.

Figure 6: The iwmon analysis tool lets you redirect output into a PCAP file, which you can then evaluate using Wireshark.