From Christoph's Personal Wiki
Jump to: navigation, search

sysctl is an interface for examining and dynamically changing parameters in Unix-like operating systems. The Linux implementation primarily uses files contained in a virtual file system. In Linux, the sysctl interface mechanism is also exported as part of procfs under the /proc/sys directory (not to be confused with the /sys directory). This difference means checking the value of some parameter requires opening a file in a virtual file system, reading its contents, parsing them and closing the file. The sysctl system call does exist on Linux, but does not have a wrapping function in glibc and is not recommended for use.

How to enable IP forwarding in Linux

Most modern Linux distributions will have IP forwarding disabled by default. For a normal desktop/laptop setup, one does not usually need IP forwarding. However, if one is setting up a router/gateway or a VPN server, one needs to enable IP forwarding.

  • Check if IP Forwarding is enabled

One must query the sysctl kernel value "net.ipv4.ip_forward" to see if forwarding is enabled or not:

$ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
$ cat /proc/sys/net/ipv4/ip_forward

The output of both of the above commands shows that IP forwarding is disabled on this system (i.e., the value of "0").

  • Enable IP forwarding (non-persistent)

One can change any sysctl kernel parameter and have it go into effect immediately without rebooting the system:ng the system):

$ sysctl -w net.ipv4.ip_forward=1
$ echo 1 > /proc/sys/net/ipv4/ip_forward

Note, however, the setting will not be preserved after rebooting the system.

  • Enable IP forwarding (persistently)

If one wishes to enable IP forwarding persistently (i.e., the change will remain after a reboot), one should add the sysctl kernel parameter setting desired to the /etc/sysctl.conf file: If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1

$ echo "net.ipv4.ip_forward = 1" >>/etc/sysctl.conf:

Note: One should preferably first check that there is not already a line in that file with a value of "0".

To enable the changes made in sysctl.conf, one needs to run the command:

$ sysctl -p /etc/sysctl.conf

On RedHat-based systems, this is also enabled when restarting the network service:

$ service network restart

and on Debian/Ubuntu systems this can be also done restarting the procps service:

$ /etc/init.d/ restart

External links