NetworkManager 1.16 released, adding WPA3-Personal and WireGuard support

NetworkManager needs no introduction. In fifteen years since its initial release, it has reached the status of the standard Linux network configuration daemon of choice of all major Linux distributions. What, on the other hand, may need some introduction, are the features of its 28th major release.

Ladies and gentlemen, please welcome: NetworkManager-1.16.

Guarding the Wire

Unless you’ve been living under a rock for the last year, there’s a good chance you’ve heard of WireGuard. It is a brand new secure protocol for creating IPv4 and IPv6 Virtual Private Networks. It aims to be much simpler than IPsec, a traditional protocol for the job, hoping to accelerate the adoption and maintainability of the code base.

Unlike other VPN solutions NetworkManager supports, WireGuard tunnelling will be entirely handled by the Linux kernel. This has an advantages in terms of performance, and also removes the needs of a VPN plugin. We’ve started work on supporting WireGuard tunnels as first-class citizens and once the kernel bits settle, we’ll be ready.

More detail in Thomas’ article.

Wi-Fi goodies

Good Wi-Fi support is probably why many users choose NetworkManager on their laptops, and as always there are improvements in this area too. When wpa_supplicant is new enough, we’re now able use SAE authentication, as specified by the recent WPA3-Personal standard. This results in better security for password-protected home networks.

New NetworkManager adds support for pairing with Wi-Fi Direct (also known as Wi-Fi P2P) capable devices. Read more in an article by Benjamin Berg, author of GNOME Screencast, who also contributed he functionality to NetworkManager.

As usual, there’s also improvements to the IWD backend, an alternative to the venerable wpa_supplicant. With NetworkManager 1.16, users of IWD will be able to create Wi-Fi hot spots or take part in Ad-Hoc networks.

Network booting

Since the new version, it will be possible to run NetworkManager early in boot, prior to mounting the root filesystem. A dracut module will be able to convert network configuration provided on the kernel command line into keyfiles ready to be used by NetworkManager. Once NetworkManager succeeds in bringing up the network, it will terminate, leaving a state file for the real NetworkManager instance to pick up once the system is booted up.

This removes some redundancy and makes the network boot both more capable and robust.

Connectivity checks

Finally, new NetworkManager is able to be more precise in assessing connectivity status. Under the right conditions (that basically means systemd-resolved being available, not necessarily default), we’re now able to assess connectivity status on per-device basis and check IPv4 and IPv6 separately.

This will make it possible to prioritize default routes on internet-connected interfaces.

What’s next?

NetworkManager 1.18 is likely to see support for new Wi-Fi features; perhaps DPP and meshing. We’re also removing libnm-glib, since we no longer love it and nobody uses it anymore. Such is life.

What else? You decide! As always, even though patch submissions is what makes us the happiest, we also gladly take suggestions. Our issue tracker is open.

Acknowledgements

NetworkManager wouldn’t be what it is without contributions of hundreds of developers and translators worldwide. Here are the brave ones who contributed to NetworkManager since the last stable release: Aleksander Morgado, Andrei Dziahel, Andrew Zaborowski, AsciiWolf, Beniamino Galvani, Benjamin Berg, Corentin Noël, Damien Cassou, Dennis Brakhane, Evgeny Vereshchagin, Francesco Giudici, Frederic Danis, Frédéric Danis, garywill, Iñigo Martínez, Jan Alexander Steffens, Jason A. Donenfeld, Jonathan Kang, Kristjan SCHMIDT, Kyle Walker, Lennart Poettering, Li Song, Lubomir Rintel, luz.paz, Marco Trevisan, Michael Biebl, Patrick Talbert, Piotr Drąg, Rafael Fontenelle, scootergrisen, Sebastien Fabre, Soapux, Sven Schwermer, Taegil Bae, Thomas Haller, Yuri Chornoivan and Yu Watanabe.

Thank you!

Published by

Lubomir Rintel

A free software enthusiast, Fedora contributor and a NetworkManager developer.