Start computer remotely using Wake on LAN

If you want to turn on your computer remotely on network then “Wake on LAN” is what you need. It can be applied in many situations, such as if there is a short power outage and you want to bring up your machine again by booting it remotely on network and so on.

First thing you should check if your motherboard supports Wake on LAN (WoL). You can enter into BIOS menu and look for it in power or network options (really depends on which motherboard you have)

If you see it available then make sure it is enabled in BIOS.

You can also check if WoL status using ethtool utility on linux.

manish@home:~# sudo ethtool eno1
Settings for eno1:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Full
Port: Twisted Pair
Transceiver: internal
Auto-negotiation: on
MDI-X: on (auto)
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yes

Here look for value of “Wake-on”. It should be set of “g”. There are other possible values as well which you can play with.

wol p|u|m|b|a|g|s|d...
Set Wake-on-LAN options. Not all devices support this. The
argument to this option is a string of characters specifying
which options to enable.
p Wake on phy activity
u Wake on unicast messages
m Wake on multicast messages
b Wake on broadcast messages
a Wake on ARP
g Wake on MagicPacket(tm)
s Enable SecureOn(tm) password for MagicPacket(tm)
d Disable (wake on nothing). This option clears all previous

If “Wake-on” is not set of “g” then you can set it to “g” using following command, replace eno1 by your network interface name.

ethtool -s eno1 wol g

From another linux host issue following command to boot your computer, where XX:XX:XX:XX:XX:XX is the MAC address of the machine you want to boot

wakeonlan XX:XX:XX:XX:XX:XX

It sends broadcast “magic packet” containing six FF followed by MAC on UDP port 7 or 9. Depending upon your motherboard you can also secure “Wake on LAN” with a hex password.

Typical WoL packet contains:

Sync stream (which is six times FF) followed by MAC address and optionally the password.

manish@zerry:/home/manish#sudo tcpdump -vv -xx port 9
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
07:26:50.985187 IP (tos 0x0, ttl 64, id 22979, offset 0, flags [DF], proto UDP (17), length 130) > [bad udp cksum 0xc13e -> 0x6384!] UDP, length 102
0x0000: ffff ffff ffff b827 eba1 0dff 0800 4500
0x0010: 0082 59c3 4000 4011 1fe9 c0a8 0017 ffff
0x0020: ffff cb5e 0009 006e c13e ffff ffff ffff
0x0030: 00xx xxxx xxxx xxxx xxxx xxxx xxxx xxxx

Enabling WoL could trigger potential risks to the systems. When you think your machine is powered off and it is still accepting UDP broadcast packets creates some worry in mind. Ideally you should limit use of WoL in smaller trusted networks that too with password. You can also look for controls on network switch and firewall to limit WoL packets only from trusted network ports and MAC addresses.