How to control IP ranges of Network Manager's hotspots?

networking network-manager dhcp ip

12,677

Solution 1

After hours of trying different solutions, I was finally able to specify a subnet for a Hotspot connection using Network Manager and then set a manual ip on the client device for a sort of static ip. None of the dnsmasq/dhcp methods work with Network Manager. You have to edit the Network Manager connection file. These files are generated for each connection in the following directory:

/etc/NetworkManager/system-connections

I believe that when you create a Hotspot, a new connection file is created and is named Hotspot. You need to edit this file. Make sure you are editing the Hotspot connection file or this will not work! Change/add the following lines under the section [ipv4] to set a subnet. Make sure it has the line method=shared and use whatever ip address you want for address1= and NetworkManager will issue all connecting devices an ip in the same subnet. The format for this line is address1=ip/subnetmask,gateway. Gateway should be the same as the ip. Here is what the [ipv4] section should look like:

[ipv4]
dns-search=
method=shared
address1=192.168.125.1/24,192.168.125.1

Once you have this completed, save the file and run the following to restart Network Manager:

sudo service network-manager restart

Now your connected devices should be issued an ip address under the same subnet as the ip you entered. In this example it would be 192.168.125.x.

To get a static ip, do that on the client side device. Set a manual ip for this hotspot connection under same subnet, using the same subnet mask and gateway that were entered in the Hotspot connection file.

Here is my whole Hotspot connection file for reference:

[connection]
id=Hotspot
uuid=14032jb9-43c6-41c6-8d56-8b6b0f7xcce9
type=wifi
interface-name=wlan0
permissions=
secondaries=
timestamp=1486816539

[wifi]
mac-address=7C:84:DB:62:7B:3F
mac-address-blacklist=
mac-address-randomization=0
mode=ap
seen-bssids=7C:84:DB:62:7B:3F;
ssid=yournetworkname

[wifi-security]
group=
key-mgmt=wpa-psk
pairwise=
proto=
psk=yourpassword

[ipv4]
dns-search=
method=shared
address1=192.168.125.1/24,192.168.125.1

[ipv6]
addr-gen-mode=stable-privacy
dns-search=
ip6-privacy=0
method=ignore

Documentation on this setting in Network Manager can be read here:

https://people.freedesktop.org/~lkundrak/nm-docs/nm-settings.html

Table 36. ipv4 setting

Key Name: method

Value Type: string

Default Value:

Value Description: IP configuration method. NMSettingIP4Config and NMSettingIP6Config both support "auto", "manual", and "link-local". See the subclass-specific documentation for other values. In general, for the "auto" method, properties such as "dns" and "routes" specify information that is added on to the information returned from automatic configuration. The "ignore-auto-routes" and "ignore-auto-dns" properties modify this behavior. For methods that imply no upstream network, such as "shared" or "link-local", these properties must be empty. For IPv4 method "shared", the IP subnet can be configured by adding one manual IPv4 address or otherwise 10.42.x.0/24 is chosen.

Most important part:

For IPv4 method "shared", the IP subnet can be configured by adding one manual IPv4 address or otherwise 10.42.x.0/24 is chosen.

Solution 2

You can determine the used IPv4 subnet by configuring one manual address, like

nmcli connection modify $SHARED_NAME ipv4.addresses 192.168.2.5/24

It's documented in man nm-settings, see ipv4.method.

/etc/NetworkManager/dnsmasq.d is for using dnsmasq as DNS plugin, not for your use case of connection sharing. For that, it is instead /etc/NetworkManager/dnsmasq-shared.d -- at least in recent versions of NM. But you shouldn't need that.

Solution 3

The following appears to work OK - these commands force Network Manager to assign selected DHCP ranges to Wifi access points (10.42.0.x to wifiname1; 10.42.1.x to wifiname2):

nmcli connection modify wifiname1 ipv4.addresses 10.42.0.1 nmcli connection modify wifiname2 ipv4.addresses 10.42.1.1

Note: wifinameN (N=1/2) correspond to files in /etc/NetworkManager/system-connections.

12,677

David Radu

Updated on September 18, 2022

Comments

David Radu over 1 year

A server has two WiFi interfaces, both configured via Network Manager to be hotspots.

Connected clients get IPs in ranges 10.42.0.0/24 and 10.42.1.0/24 (AFAICS via dnsmasq invoked by NM). I need to be able to assign a specific range to a specific interface. Unfortunately, Network Manager assigns them unpredictably (so wlan0 may get 10.42.0.0 today and 10.42.1.0 tomorrow; then wlan1 gets the remaining range) which messes up my iptables because the routing rules are different for these interfaces.

I tried dhcp-range= option in /etc/dnsmasq.conf (which wasn't present as NM configures dnsmasq via command line) and some other ideas but can't find a workable solution.

Any thoughts on how I can control which IP range gets assigned to which interface?
- Admin over 7 years
  
  Why didn't dhcp-range not work? Just ignored your settings?
- David Radu over 7 years
  
  I used "dhcp-range=wlan0,10.42.0.2,10.42.0.253,72h" in dnsmasq.conf (and similar for wlan1). That did not have any effect. I presume Network Manager runs dnsmasq via cmd-line which takes precedence.
- David Radu over 7 years
  
  Also tried placing dnsmasq.conf in /etc and in /etc/NetworkManager/dnsmasq.d but DHCP ranges are still assigned unpredictably. Forgot to mention that it is 16.04.1 LTS.
- Admin over 7 years
  
  Have you tried /etc/NetworkManager/dnsmasq.d/local and then sudo restart network-manager.
- David Radu over 7 years
  
  yes (to no avail)
- David Radu over 7 years
  
  ps ax | grep dnsmasq shows me that Network Manager invokes dnsmasq twice: /usr/sbin/dnsmasq --conf-file --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=10.42.0.1 --dhcp-range=10.42.0.10,10.42.0.254,60m --dhcp-option=option:router,10.42.0.1 --dhcp-lease-max=50 --pid-file=/var/run/nm-dnsmasq-wlan0.pid --conf-dir=/etc/NetworkManager/dnsmasq-shared.d I cannot figure out why this pair changes randomly after I reboot or do sudo service network-manager restart. The randomness appears to come from Network Manager.
- David Radu over 7 years
  
  Also from cmd-line it's clear that dnsmasq should use /etc/NetworkManager/dnsmasq-shared.d which I also tried but that didn't help. Could it be that dnsmasq follows cmd-line (supplied by NM) and ignores the config file?
- Admin over 7 years
  
  Since you have two entries for the same fields, one in the cmdline and one in the config, it certainly is going to cause confusion. I would try to remove it from the cmdline start if it's being added by Network Manager and hopefully allow the config to place the values. I don't use Network Manager, so I'm not much help.
David Radu over 7 years

That doesn't seem to work. AFAICS setting an IP is incompatible with ipv4.method shared: NM fails to set the gateway and DNS properly in this situation. And manual control is impossible - nmcli refuses to accept ipv4.dns in ipv4.method shared mode. (I am pretty sure I tried that before by directly modifying address1= in NetworkManager/system-connections - the result was the same: IPs could be set but gateway/DNS were not.) Any ideas?
David Radu over 7 years

Manual link confirms this: Addresses cannot be used with the 'shared', 'link-local', or 'disabled' methods as addressing is either automatic or disabled and If shared is specified ... the interface is assigned an address in the 10.42.x.1/24 range....
thaller over 7 years

True, trusty has 0.9.8.8-0ubuntu7.1, which is very old by now. Works since 0.9.10, as also documented in recent manual. I don't understand why you talk about ipv4.dns, do you mean ipv4.addresses?
David Radu over 7 years

I tried to set DNS via ipv4.dns because nmcli connection modify $SHARED_NAME ipv4.addresses 192.168.2.5/24 leaves all clients connected to the hotspots without any gateway and DNS settings. Setting address in shared mode should not work at all but, instead, it creates non-functioning hotspots. What I really need is some control of "x" in 10.42.x.1/24 ranges used by NM (as it sets "x" randomly).
thaller over 7 years

As said, you cannot configure the chosen subnet with version 0.9.8. It works with later version by configuring one manual address. You say it doesn't work, but it's not clear from your comment why. NM on Ubuntu 14.04 would not allow you to do what you want.
David Radu over 7 years

It is Ubuntu 16.04 with NM version 1.2.2. Let me clarify my incompatible with ipv4.method shared statement. The ipv4.addresses is accepted and IP gets assigned to the right interface. However, after that change all clients connected to the hotspot stop receiving sensible gateway and DNS settings. So it makes things worse - nothing works anymore (compared to 50:50 chance currently when 10.42.0.0/24 and 10.42.1.0/24 are randomly assigned to interfaces). Is there any evidence or a working example of successfully using ipv4.method shared with ipv4.addresses?
David Radu over 7 years

Actually, it appears that changing the ipv4.addresses to use a single address (I used 10.42.0.1 and 10.42.1.1 instead of a range like 192.168.2.5/24) helps. Let me test it a bit more thoroughly - I'll confirm if it does. Your reference to documentation on gnome.org was very useful. Thanks a million, thaller!