LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-17-2014, 10:10 PM   #1
jdubya
LQ Newbie
 
Registered: Nov 2013
Distribution: LinuxMintNadia vers12.10
Posts: 9

Rep: Reputation: Disabled
How to enable IP forwarding on a Linux host


How can IP forwarding be enabled on a Linux host with two network interfaces?
 
Old 03-17-2014, 10:20 PM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,272

Rep: Reputation: 148Reputation: 148
By default it will be "0" change it to "1"
Quote:
/etc/sysctl.conf:
net.ipv4.ip_forward = 1
And then
Quote:
sysctl -p /etc/sysctl.conf
Makesure
Quote:
cat /proc/sys/net/ipv4/ip_forward
 
1 members found this post helpful.
Old 03-17-2014, 11:38 PM   #3
jdubya
LQ Newbie
 
Registered: Nov 2013
Distribution: LinuxMintNadia vers12.10
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thanks for your help!
 
Old 03-22-2014, 08:55 PM   #4
wroom
Member
 
Registered: Dec 2009
Location: Sweden
Posts: 158

Rep: Reputation: 31
Tinkered with my proxy/firewall running openSUSE 12.3 and stumbled upon something fascinating. IP forwarding was previously enabled through Yast2, and confirmed by "cat /proc/sys/net/ipv4/ip_forward" replying with "1". This is a long time since, and now i just saw that in the /etc/sysctl.conf file it says "net.ipv4.ip_forward = 0"!

Hohum... Seems that openSUSE 12.3 doesn't regard the sysctl.conf file as usable? It has since the beginning been forwarding between four local subnets, as well as to the default route to WAN. Despite the setting in /etc/sysctl.conf.

This is a development in linux i don't like; having different sets of controls for the same functions which sometimes is regarded and sometimes not. It is bad enough with the systemd vs BSD-style rc.d. Or the /proc vs the /sys. HAL vs...

The question i am faced with now, is if some functions on the proxy/firewall is working as if ip forwarding is on, while other functions thinks ip forwarding is off?

PS: This is posted through the "enigmatic shroedingers SNAT, proxy of uncertainty" with the squid turned off. Is the proxy dead or alive? Can you read this, despite "net.ipv4.ip_forward = 0"?
 
Old 03-22-2014, 09:37 PM   #5
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,404

Rep: Reputation: Disabled
Quote:
Originally Posted by wroom View Post
This is a development in linux i don't like; having different sets of controls for the same functions which sometimes is regarded and sometimes not. It is bad enough with the systemd vs BSD-style rc.d. Or the /proc vs the /sys. HAL vs...
That would be a development related to various distributions. It has nothing to do with the Linux kernel.

There's exactly one setting that controls whether or not the IPv4 stack in the Linux kernel will forward packets. It's exposed through the virtual proc filesystem as /proc/sys/net/ipv4/ip_forward.

All those other files, like /etc/sysctl.conf and various init scripts and network configuration files, have to be read by some userspace program that ultimately writes a 1 or a 0 to /proc/sys/net/ipv4/ip_forward. If that userspace program (whatever it may be) isn't run, the setting means nothing.

With the single exception of reading and executing the file that starts the init system at bootup, the kernel doesn't read any files on its own accord. It's all controlled by daemons and other userspace applications. (The /proc and /sys directories don't count, as those contain kernel variables and data exposed as virtual files, not the other way around.)
 
Old 03-22-2014, 10:37 PM   #6
wroom
Member
 
Registered: Dec 2009
Location: Sweden
Posts: 158

Rep: Reputation: 31
Quote:
Originally Posted by Ser Olmy View Post
That would be a development related to various distributions. It has nothing to do with the Linux kernel.
You're absolutely right. It is in the various distributions.

But the "various config-fluff" in the distros can do some serious damage. Whatif someone writes an update/patch that looks at the sysctl.conf file and decides the system is not a router, and then "makes sure" to change /proc/sys/net/ipv4/ip_forward to "0" just to be safe? Wasn't long ago an update to openSUSE 12.3 killed the bind on a bunch of my servers. It minced the configuration, (probably because the writer of the patch didn't understand bind config), and i had to block the update, reinstall previous bind and then reconfigure it.

The different distros config-fluff is bringing linux down.

The reason i posted was to give example of how difficult it is to be sure all things are set right.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Forwarding ping packets from one 1st host to 2nd host via 2rd host sachee Linux - Networking 1 09-25-2011 02:51 PM
X Forwarding problem with Linux Mint machine as remote host fincher69 Linux Mint 3 01-07-2010 02:38 PM
How to enable IP forwarding? nitaish Linux - Networking 3 03-23-2006 12:51 PM


All times are GMT -5. The time now is 12:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration