Sysctl
sysctl is an interface for examining and dynamically changing parameters in Unix-like operating systems. The Linux implementation primarily uses files contained in a virtual file system. In Linux, the sysctl interface mechanism is also exported as part of procfs under the /proc/sys directory (not to be confused with the /sys directory). This difference means checking the value of some parameter requires opening a file in a virtual file system, reading its contents, parsing them and closing the file. The sysctl system call does exist on Linux, but does not have a wrapping function in glibc and is not recommended for use.
How to enable IP forwarding in Linux
Most modern Linux distributions will have IP forwarding disabled by default. For a normal desktop/laptop setup, one does not usually need IP forwarding. However, if one is setting up a router/gateway or a VPN server, one needs to enable IP forwarding.
- Check if IP Forwarding is enabled
One must query the sysctl kernel value "net.ipv4.ip_forward" to see if forwarding is enabled or not:
$ sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 0 #~OR~ $ cat /proc/sys/net/ipv4/ip_forward 0
The output of both of the above commands shows that IP forwarding is disabled on this system (i.e., the value of "0").
- Enable IP forwarding (non-persistent)
One can change any sysctl kernel parameter and have it go into effect immediately without rebooting the system:ng the system):
$ sysctl -w net.ipv4.ip_forward=1 #~OR~ $ echo 1 > /proc/sys/net/ipv4/ip_forward
Note, however, the setting will not be preserved after rebooting the system.
- Enable IP forwarding (persistently)
If one wishes to enable IP forwarding persistently (i.e., the change will remain after a reboot), one should add the sysctl kernel parameter setting desired to the /etc/sysctl.conf file:
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1
$ echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf:
Note: One should preferably first check that there is not already a line in that file with a value of "0".
To enable the changes made in sysctl.conf, one needs to run the command:
$ sysctl -p /etc/sysctl.conf
On RedHat-based systems, this is also enabled when restarting the network service:
$ service network restart
and on Debian/Ubuntu systems this can be also done restarting the procps service:
$ /etc/init.d/procps.sh restart
