Commuting between several network profiles

Introduction

Object of this article

We study here the case of a computer that must adapt to different network configurations. Typically, this is a laptop that commutes between the residential network, the business one, the clients' ones, and so on. Several changes, such as IP address, gateway and name-servers, are required to switch from a configuration (or profile) to an other. In addition, we might want to restart services or start various tasks before or after reconfiguration.

Objective

We are to present in this document different softwares that identify the network to which the computer is now connected and that reconfigure the machine accordingly. That is right, all this can happen automagically with no need for user intervention!

Limitations

This document focuses on the Linux operating system in general and is based on software available from the Debian distribution in particular. Useful information may be found here if you are using another Linux distributions or even possibly for other Unix-like operating systems. This document will probably be of no utility to the Microsoft Windows system administrator, however.

Organization

This document is organized as follows: first, we present a detailed analysis of the problem, in order to isolate sub-problems and define terminology. Then, we draw a list of available softwares and compare them one at a time. Finally, we give our personal criteria and the list of packages that best suit them.

Detailed analysis of the problem

Our goal is to let the computer detect when its localization changes, to let it identify its new environment and adapt its configuration accordingly. This as a whole is our specifications and we may draw three different tasks, as described below.

• Detection of a potential change. Suspending or resuming the computer, plugging a network cable, connecting the computer to AC or docking it to a docking station, as well as adding a PCMCIA network card, are among the events that might provoke a change in the environment of the computer. Execution of the various tools described below will only be triggered on one of those events taking place. We call this task of detection of a potential change Task 1.
• Identification of current environment. At this phase, the computer will typically try and contact some "permanent" network equipments that could help it identify its current location, or that it is no longer connected to them. This task is labeled Task 3 through this document. The result of this phase will condition a potential reconfiguration at the next step.
• System reconfiguration, or Task 3. We may further distinguish two aspects of this task:
  • Reconfiguration of the network interfaces per se. At least, this involves setting its IP address, tuning the /etc/resolv.conf file (which stores name servers) and the routes. This will be our Task 3.a.
  • Service reconfiguration, or even application reconfiguration (for instance, using a different HTTP proxy), and running commands that are specific to the new environment (such as synchronizing some files). We call this Task 3.b.

Comparison of available softwares

Warning: the following comparison of available softwares was performed in August 2003 and thus may not be completely up to date. Should a new package be featured or should a package deserve a revised description in this list, I would gladly update this document according to your input.

All softwares presented in this section are available from the Debian GNU/Linux distribution. Debian has its own way to configure network interfaces: the ifupdown package provides high-level tools to configure them based on the content of file /etc/network/interfaces. That does not prevent you, however, from using the more widely known command ifconfig, possibly ignoring the /etc/network/interfaces file. The benefit of such solutions is their availability on systems other than Debian. As the author only uses Debian, he shall give his preference to solutions that integrate with the Debian way of managing network interfaces.

The Debian package ifupdown provides a "mapping" mechanism, which lets a script be called when "ifup <interface>" is issued. The output of this script will determine what mapping to invoke. Typically, the script will identify the environment of the computer. Its IP address and gateway will be set according to the activated mapping. The resolvconf package lets you configure nameservers in a similar fashion. In addition, it is possible to specify in the /etc/network/interfaces file some actions to execute after a specific mapping has been set up. The ifupdown package, in association with the resolvconf package, fulfills Task 3.a and provides the bare minimum (i.e. hooks) to run the administrator's own scripts for Task 3.b. Ifupdown and resolvconf are specific to Debian (as far as the author knows) and partially solves the issue at stake in this document. Some of the softwares listed below integrate with them, some do not.

Software for Task 1: Detection of a potential change

In order to detect when the computer suspends, stands by and resumes, it is recommended to use APM or ACPI (which are mutually exclusive) and to install the apmd or acpid package, respectively. Those packages let you run arbitrary scripts when a change occurs, such as plugging to AC or suspending the computer.

For a different matter, ifplugd is a very simple daemon that (by default) will run the command "ifup/ifdown <interface>" on plugging or unplugging the network cable. Let us mention that laptop-net (described further below in this document) integrates this functionality, but remains less robust: ifplugd may for instance ignore short disconnections of the network cable.

Finally, the hotplug package allows you to detect when a network card is inserted or ejected (typically a PCMCIA network card) and to configure the corresponding interface.

Software for Task 2 (identification of current environment) and Task 3 (system reconfiguration)

A lot of packages are available from Debian for those two tasks. Some are limited to one of them, some handle both tasks. We shall review them in alphabetical order, but before starting, a warning: the judgements below reflect the author's opinion and only his. This is not the official position of the Debian project or anybody else's but the author's.

Divine: Automatic IP configuration detection for laptops

• Tasks 2 and 3.a, enables you to perform Task 3.b by hand.
• Only tests a remote IP (not MAC address).
• Ignores ifupdown (does not update /etc/network/interfaces).
• Does not support DHCP.
• Silly configuration file format.
• Self-defined as a "quick hack", raising security concerns.
• No reason to install it.

Guessnet: Guess which LAN is connected to a network device

• Task 2 only.
• Tests the IP address and optionally the MAC address of a remote machine, is also able to test the presence of a access concentrator (via a pppoe modem) (this needs more testing) and to run an arbitrary script. Provides a test to check whether the network cable is plugged.
• Designed for ifupdown's mappings, thus supports everything ifupdown supports (static IP, DHCP, ...). Think to package resolvconf for /etc/resolv.conf file.
• Requires tricks to pass options to itself in file /etc/network/interfaces. Legibility is decent.
• Leaves Task 3 up to ifup (which performs Task 3.a and runs user-specified scripts for Task 3.b).
• Provides promising scripts (test-dhcp, test-wifi-ap, etc) but documentation is incomplete.
• Good, its only inconvenience is that it handles one interface at a time.

Ifscheme: scheme control for network interfaces

• Integrated to ifupdown (lets you activate a specific mapping).
• Does nothing (assumes the environment has been identified, relies on ifupdown to reconfigure the system) but merely activates a specific mapping among those described in file /etc/network/interfaces.
• For those willing to reconfigure their network manually, but cleanly (a la Debian). Given our ambitions in this document, we have no reason to install that package.

ifupdown-roam: roaming enhancements for ifupdown

• Task 2 only.
• Designed for a roaming computer, its most interesting features have been integrated to the guessnet package. ifupdown-roam's author now recommends using guessnet.
• No reason to install it.

intuitively: automatic IP configuration detection for laptops

• Tasks 2 and 3.a, with hooks to run your scripts for Task 3.b.
• Similar to divine, only cleaner.
• Tests a remote machine's IP address and optionally its MAC address.
• Clean configuration file.
• Manual pages and README file.
• Uses symbolic links arranged in one tree of files per profile: /etc/intuitively/profile_id/etc/resolv.conf -> /etc/resolv.conf.
• Does not support DHCP.
• Ignores ifupdown.
• Better than divine, but still very much incomplete.

laptop-net: automatically adapt laptop ethernet

• The all-in-one: Tasks 1, 2 and 3.
• Integrated to /etc/apm and detects changes of network link state (cable is plugged or unplugged).
• Only tests IP addresses (not MAC addresses).
• Supports DHCP.
• Ignores ifupdown.
• No manual page, no README, no time to lose to guess.
• As a bonus, leaves dead symbolic links upon desinstallation.
• Probably only used by its author, and that is good this way.

laptop-netconf: network detection and configuration program for laptops

• Task 2, enables you to perform Task 3 by hand.
• Only tests pairs of IP and MAC addresses.
• Runs a user-provided script on identifying a remote host.
• Only works for one interface, in all and for all!
• Self-proclaimed still in development.
• Little documentation: short man page, in addition to the documentation found in the configuration files.
• Suggests using symbolic links, one has to write ones own script to actually use them.
• Suggests luring ifupdown by replacing the /etc/network/interfaces file.
• Not as mature and comprehensive as guessnet.

netenv: configure your system for different network environments

• Task 3.a, enables you to perform Task 3.b by hand.
• Displays a text dialog box to let you choose the network configuration on boot(!). It may be skipped, too.
• Lets you do what /etc/network/interfaces's mappings already do. Useless for Debian, unless you want the dialog box.
• Manual page and HTML documentation.
• No reason to install it (see rather ifscheme).

switchconf: change system configuration to one of many predefined

• Task 3.a, is rather tedious to setup for Task 3.b.
• Uses symbolic links, the same "elegant" way intuitively does.
• Suggests luring ifupdown by replacing the /etc/network/interfaces file.
• Uses two folders, namely before.d and after.d, where to put scripts (not included) that should be run before and after each configuration change. This is quite unpractical when one wants to run scripts only in some configurations: rather use "up" lines in the /etc/network/interfaces file for that.
• No reason to install it.

waproamd: WLAN roaming daemon

• Designed for those IEEE 802.11 WiFi interfaces whose driver supports the Linux wireless extension.
• Tasks 1 and 2: for each interface, a daemon continuously checks whether an access point is in reach.
• A generic script (or an access point specific script, if existing) is run when an access point is found or lost; this script will, typically, call iwconfig, which in turn will handle Task 3.
• Used to cooperate with ifplugd, but no longer needs it.
• Not terribly practical, but mandatory if you want to do with a WiFi interface what ifplugd does for wire interfaces, namely detecting access point presence and automatically configuring the interface with no human intervention. Note, however, that given the extra battery consumption induced by the continuous use of the WiFi card, the user of a laptop not plugged on AC might prefer manually switch the WiFi card off and only turn it on when an access point is actually available.

whereami: automatically reconfigure your (laptop) system for a new location

• Tasks 2 and 3.a, provides several scripts for 3.b.
• Impressive as to situation identification: tests an IP or MAC address, the response to a DHCP request, the presence of a network cable, of a PPPOE access concentrator, of a pattern in "lspci -v"'s output (to detect a docking station), of a kernel module being loaded ("lsmod"), of a WiFi access point, and lastly it can test whether bytes were received on the interface.
• Lets you cascade tests, as well as test several interfaces successively: the provided sample configuration files are hideously complicated but show that virtually all situations can be described and handled.
• Typically ignores the /etc/network/interface file. It seems that you have to reconfigure the IP by hand(!).
• Runs any number of scripts when one arrives to, leaves or simply is in a specific situation.
• Provides scripts to adapt bins, masqmail, Netscape's configuration file, the /etc/resolv.conf file, exim4's, exim's, postfix's and qmail's smarthost, the timezone, ...
• Optionally integrated to APM.
• Manual pages and HTML documentation (not perfectly up to date).
• In the end, whereami is impressive for Task 2, a bit weak for Task 3.a and flexible and handy to the extreme, thanks to its scripts, for Task 3.b.
• If whereami cannot solve your roaming configuration problem, no other package will do. Now, you may be able to get out of it with something a tiny bit simpler than whereami...

Discussion

In this section, we shall present the author's particular setup and motivate his software choices. In the following case study, the laptop computer commutes between a residential network and a professional one and only possesses a single permanent network interface (as opposed to removable PCMCIA cards). On top of fullfiling our specifications, the author would like the chosen solution to:

1. integrate with the Debian way of managing network interfaces, as opposed to short-circuiting ifupdown and directly modifying the interfaces;
2. comply with the "Unix philosophy", as summarized by "one task per tool".

Therefore, the author selected:

• For Task 1 (detection of a potential change), packages apmd and ifplugd. ifplugd is the natural choice for detecting the network cable being plugged or unplugged, and the choice of apmd was forced by the use of the APM system as the power management system (should the author use the ACPI system, he would have installed the acpid package).
• For Task 2 (identification of the current environment), package guessnet. It provides a sufficient set of tests and is well integrated to ifupdown.
• For Task 3.a (network interface reconfiguration): /etc/network/interfaces's mappings, as suggested by package ifupdown, and using package resolvconf to handle the /etc/resolv.conf file (name resolution).
• For Task 3.b (service reconfiguration): up lines in /etc/network/interfaces file, lines that only contain very simple commands for now. Nevertheless, the author kept a copy of those scripts provided by package whereami for a possible future use.

Apmd, ifplugd, resolvconf and guessnet packages required no particular reconfiguration. The whole roaming configuration is described, in a compact and rather clear manner, in the /etc/network/interfaces file, of which extracts are presented in appendix as an example.

Guessnet is thus our preferred solution to our roaming problem, for its by-design integration to the Debian way to manage network interfaces and for its rich functionality (numerous tests, multiple physical interface support, ...). For more complicated cases, especially where it is necessary to cascade tests or to test several physical interfaces at one, whereami seems to be the only contender.

Acknowledgments

The author wishes to thank first and foremost all contributors, let them be developers, users or translators, to the Debian project for providing to the largest number a large set of quality software. Thanks also go the debian-user-french mailing-list's contributors, in particular François Tourde and Loïc Minier.

Appendix

Extracts from the author's /etc/network/interfaces

mapping eth0
    script /usr/sbin/guessnet-ifupdown
    map default: none
    map verbose: true

iface eth0-limsi inet static
    # Interface configuration, usual part
    address 192.44.xx.yy (hidden)
    netmask 255.255.255.0
    broadcast 192.44.78.255
    gateway 192.44.78.22
    # Lines for resolvconf
    dns-search limsi.fr
    dns-nameservers 192.44.78.7 192.44.78.53 192.175.152.129
    # Test definitions, for guessnet
    test1-peer address 192.44.78.22 mac aa:bb:cc:dd:ee:ff (hidden)
    test2-peer address 192.44.78.22 mac aa:bb:cc:dd:ee:ff (hidden)
    # Adapting default printer
    up foomatic-configure -n biglexrv -D

iface eth0-family inet static
    address 192.168.2.26
    netmask 255.255.255.0
    broadcast 192.168.2.255
    gateway 192.168.2.22
    dns-search family
    dns-nameservers 192.168.2.22
    test-peer address 192.168.2.1 mac aa:bb:cc:dd:ee:ff (hidden)
    up foomatic-configure -n CanonS600 -D

Legalese

Copyright Daniel Déchelotte, 2004-2005.

This software is governed by the CeCILL license under French law and abiding by the rules of distribution of free software. You can use, modify and/ or redistribute the document under the terms of the CeCILL license as circulated by CEA, CNRS and INRIA at the following URL http://www.cecill.info/.