FreeBSD and Edimax N150 Wi-Fi USB network interface

I have found old Edimax N150 Wi-Fi USB network interface and would like to use it in FreeBSD 14.2. for some IoT project. I have not used Wi-Fi on FreeBSD for ages, so let's try it.

It is worth to mention that Wi-Fi network interface can be in three different modes

• Station (client) - ifconfig wlan0 mode sta
• Monitor - ifconfig wlan0 mode monitor
• Access Point - ifconfig wlan0 mode hostap

Access Point (ifconfig wlan0 mode hostap) is great in situations you would like to allow multiple Stations to connect, but the rtwn driver in FreeBSD does not support Access Point (hostap) mode.  

Monitor mode on a wireless interface (ifconfig wlan0 mode monitor) is a special mode used primarily for passive packet capturing and wireless debugging, not for normal network communication. This mode should be supported by rtwn driver in FreeBSD, but I did not tested.

Station/Client (sta) mode is supported and it is actually the only mode we will cover in this blog post.

Let's do a configuration, setup, and some performance tests ...

FreeBSD Update and Upgrade process

The Base FreeBSD System vs Third-Party Software

First of all, it is important to understand that FreeBSD hase The Base FreeBSD system and Third-Party Software.

The Base FreeBSD System is the core part of FreeBSD that includes the kernel, standard system utilities, libraries, configuration files, and essential tools required to run and manage the system. You manage it using Admin Tool freebsd-update. Tool freebsd-update is still widely used, but the FreeBSD project is gradually moving toward pkgbase tool where The Base FreeBSD System is splited into packages like FreeBSD-runtime, FreeBSD-lib, FreeBSD-kernel, etc. You will be able to manage the base system with pkg just like third-party software. It will be more modular and modern than freebsd-update, but pkgbase is not yet officially supported on RELEASE versions, therefore freebsd-update is still production ready tool for update and upgrade of The Base FreeBSD System.

Third-Party software in FreeBSD is any application or tool not included in the base system, such as web servers, editors, databases, programming languages, and desktop environments. You manage it using the pkg package manager or by Ports Collection (source code + make).

Picture is worth 1,000 words, so I have prepared visualization to understand the difference between The Base FreeBSD System and Third-Party Software.

The Base FreeBSD System and Third-Party Software

FreeBSD Router with DNS and DHCP Servers

I use FreeBSD routers in my home labs and here is my typical router configuration.

Router configuration is based on 

• General FreeBSD System Configuration
• DHCP Server Configuration
• DNS (BIND) Configuration

Wirequard VPN on FreeBSD

I use site-to-site VPNs between datacenter and two remote locations and I had some strange issues with OpenVPN site-to-site performance of one particular VPN link to remote location, but the same OpenVPN configuration worked perfectly fine in another remote location. It was probably related to some UDP magic of that particular ISP. Monthly cost of that residential link is $20, so there was unrealistic to open support ticket with ISP and do some deep troubleshooting. Instead of that, I tried WireGuard VPN and it worked like a charm.

 

That was the reason I switched to from OpenVPN to WireGuard VPN and here is configuration of WireGuard VPN Server with two VPN clients. 

I have FreeBSD based VPN box in each location and below is the diagram with WireGuard interfaces (wg0) in each datacenter. WireGuard in data center is obviously WireGuard Server (172.16.100.254/24) and in remote locations I have WireGuard Clients (172.16.100.1/24 and 172.16.100.2/24).

 

WireGuard site-to-site VPN Toplogy

HowTo switch to FreeBSD legacy console

In terms of FreeBSD console, there are two settings typically set in /boot/loader.conf to affect early boot behavior.

kern.vty=sc

This setting tells FreeBSD to use the "sc" (syscons) console driver instead of the newer "vt" (Newcons) driver.

• sc is the older legacy text console system.
• vt (the default in modern FreeBSD versions) supports Unicode, better font rendering, and KMS (Kernel Mode Setting) for modern graphics.

You might set kern.vty=sc for:

• Compatibility with older hardware
• Simpler framebuffer requirements
• Easier use in virtual machines or serial consoles

hw.vga.textmode=1 

This setting forces the VGA hardware to remain in text mode during the boot process and afterward. When used with kern.vty=sc, it helps to avoid switching to graphics mode. It is useful on real hardware where mode switching causes flicker, or to avoid issues with VMs or KVMs that don't like graphics mode. 

It ensures that the system boots and runs entirely in VGA 80x25 text mode, improving compatibility and avoiding graphical issues.

How to disable all hardware network offload features and Jumbo Frames in Debian and FreeBSD

FreeBSD commands to disable hardware network offload features

# Disable hardware offload features

ifconfig vmx0 -rxcsum -rxcsum6 -txcsum -txcsum6 -tso -lro -vlanhwtag -vlanhwtso -vlanhwcsum -mextpg

 

# Disable Jumbo Frames

ifconfig vmx0 mtu 1500

 

#Check current settings

ifconfig vmx0

Debian commands to disable hardware network offload features

#!/usr/bin/sh

 

#Disable Jumbo Frames

ip link set dev ens192 mtu 1500

 

#Disable Large Receive Offload (LRO)

ethtool -K ens192 lro off

#Disable TCP Segmentation Offload (TSO)

ethtool -K ens192 tso off

#Disable Generic Receive Offload (GRO)

ethtool -K ens192 gro off

#Disable Generic Segmentation Offload (GSO)

ethtool -K ens192 gso off

#Disable Scatter-Gather (SG)

ethtool -K ens192 sg off

#Disable RX Checksumming

ethtool -K ens192 rx-checksumming off

#Disable TX Checksumming

ethtool -K ens192 tx-checksumming off

#Disable RX VLAN offloading

ethtool -K ens192 rx-vlan-offload off 

#Disable TX VLAN offloading

ethtool -K ens192 tx-vlan-offload off 

#Disable TX UDP Tunnel Segmentation Offload

ethtool -K ens192 tx-udp_tnl-segmentation off

#Disable Transmit UDP Tunnel Checksum Segmentation Offload 

ethtool -K ens192 tx-udp_tnl-csum-segmentation off

#Check current settings

ethtool -k ens192

How to switch TCP Stack and Congestion Algorithms in FreeBSD

The TCP stack and congestion control algorithms are core components of any modern operating system's networking infrastructure. They directly influence the performance, reliability, and efficiency of data communication over networks, especially over the internet or WANs.

Role of the TCP Stack

The TCP (Transmission Control Protocol) stack is part of the OS kernel that

1. Manages Reliable Transport
• Handles packet ordering, retransmission, and acknowledgment (ACKs).
• Ensures no data is lost, duplicated, or delivered out of order.
2. Implements Flow Control
• Uses the sliding window mechanism to prevent overwhelming the receiver.
3. Implements Congestion Control
• Reacts to network conditions (e.g., packet loss or delay) to adjust transmission rates.
4. Integrates with the OS Networking Subsystem
• Interacts with the IP layer, NIC drivers, and user-space sockets (bind(), send(), etc.).
• Supports features like NAT traversal, QoS, TCP Fast Open, and ECN (Explicit Congestion Notification).

Role of Congestion Algorithms

Congestion Algorithms determine how fast TCP can send data, especially under varying network conditions. Modern algorithms:

• Adjust the congestion window (cwnd) dynamically.
• Try to avoid congestion (proactively) and recover quickly if it happens.

Let's deep dive into options we have in FreeBSD 14 and how we can use them ...

How to set package site in FreeBSD

When you want to explicitly set packahe site in FreeBSD use shell command below ...

setenv PACKAGESITE https://pkg.FreeBSD.org/FreeBSD:14:amd64/latest

Then you can use package commands as usual. 

pkg update

pkg search

pkg install

etc.

Useful troubleshooting commands in FreeBSD

One-liner #1

freebsd-version -kru ; uname -aKU

These two commands in sequence display detailed information about your FreeBSD system's version and kernel. It helps to

• Detect version mismatches between kernel and userland (e.g. after patching).
• Confirm if a reboot is pending.
• See detailed kernel version info (compiled vs. running)

One-liner #2

pciconf -lv | grep -B 3 -A 1 display

This one-liner helps you identify the PCI display controller (graphics card) and shows a few lines before and after the line containing the word display for context, including device ID, vendor, and possibly the driver in use.

One-liner #3

pkg repos -el | sort -f ; pkg repos -e

This one-liner prints a sorted list of repository names and full configuration of each repository. This is helpful for debugging, auditing, or confirming what repositories are enabled and how they're configured.

IPv6 - Part 2 - IPv6 configuration in FreeBSD

Before configuration of IPv6 in FreeBSD, I highly recommend to read my (Part 1) blog post "Everything I need to know about IPv6 address blocks" to get familiar with IPv6 basic concepts.

In all three sites of my home lab environment I use FreeBSD as a primary Operating System. I'll start exploring IPv6 right on the FreeBSD operating system.

The IPv6 configuration in FreeBSD is usually easy. ISP router typically supports SLAAC, so you can dynamically get IPv6 addresses, IPv6 default route, and even IPv6 DNS addresses from ISP router. The second option how to get IPv6 configuration from ISP router is DHCPv6.

Let’s explore and configure both SLAAC and DHCPv6 in my environment, and document all the details in this blog post - Part 2 of my blog series on IPv6.

IPv6 - Part 1 - Everything I need to know about IPv6 addresses

IPv6 (Internet Protocol version 6) was officially released as a standard in December 1998, with the publication of RFC 2460 by the IETF (Internet Engineering Task Force). 

 

It was usable for interoperability testing between Unix-like systems and Windows-based systems since 2006, when Microsoft included native IPv6 support in Windows Vista.

 

In 2012, major ISPs and websites enabled IPv6 permanently. It is called World IPv6 Launch Day.

 

It’s now 2025, so I think it’s time to test IPv6 readiness across the three ISPs I use for my home lab networks here in Czechia, Central Europe.

 

These ISPs are

1. Vodafone (Global Telco Provider) - ISP for my apartement where is small home lab
2. StarNet (Czech Telco Provider) - ISP for my house where is large home lab
3. Cloud4com (Czech Cloud Service Provider) - ISP for my lab in data center (cloud-based)

My home lab network, shown below, has been running on IPv4 for nearly 20 years. Is it already the right time to switch to IPv6?

 

The idea is to keep IPv4 network as is and create new IPv6 network in paralel to do a Proof of Concept and get more familiar with IPv6. I can afford it because all my sites are fully virtualized, therefore it is not a problem to spin up additional IPv6 routers or devices in any of three sites.

 

In this Part 1 blog post, I would like to cover everything I need to know about IPv6 addresses. In future blog posts, I'll cover configuration details and real experience with IPv6.

How to boot FreeBSD into Single User Mode

When something went wrong, it is good to boot into single user mode (without the user/root authorization) and do some maintenance tasks.

Boot in to a single user mode

First of all, you must have access to FreeBSD console to manage boot process, because you have to somehowe initiated reboot of the system. When you have access to console keyboard, simply press CTRL+ALT+DEL. Another option is hardware reset or power-ofF & power-on, but this is not a graceful reboot and you can damage something.

During the boot sequence, there is "Bestie boot menu" where you can simply select option 2 by pressing key 2.

Bestie boot menu

Change read-only filesystem to read-write

When FreeBSD is booted into a single user mode, the file system is in read-only mode for safety.

When you want to change someting in file system or even change root or user password, you have to remount file system from read-only mode into read-write mode. 

For UFS

Below is the sequence of commands to do so if you have UFS file system.

mount -u / 

mount -a

Command (mount -u /) remounts the root filesystem (/) using the options specified (or defaults from /etc/fstab), without unmounting it.

Command (mount -a) mounts the rest of the filesystems defined in /etc/fstab.

For ZFS

Below is the sequence of commands for ZFS file system.

zfs set readonly=off zroot/ROOT/default
zfs mount -a

 

Commands above are self explanatory.

Work in a single user mode

Now you can do a troubleshooting or fixing some problems in single user operating system, where nobody else can login into the system and noone will interfere with you.

Alternative to single user mode

You can boot your system from FreeBSD boot media (ISO, USB Stick, etc.) into a recovery mode. It is essentialy running system from Live CD/USB disk. In such mode you have to mount disk filesystems by yourself to have read/write access to it.