Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

net.ipv4.ip_forward not peristent, even in /etc/sysctl.conf

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
Knogle
Posts: 2
Joined: 2021-09-21 20:41

net.ipv4.ip_forward not peristent, even in /etc/sysctl.conf

#1 Post by Knogle »

Currently i'm setting up a new Debian 11 Bullseye machine to act as a Wireguard gateway.
Everything as usual, and simple.
Unfortunately i am having a heavy issue regarding the IPV4 packet forwarding.
It's a well known fact, that i have to uncomment

Code: Select all

#net.ipv4.ip_forward
in the `/etc/sysctl.conf` file, to enable packet forwarding.
Unfortunately,even when it's uncommented, the setting is not being applied automatically after reboot.
I have to manually process the sysctl file using "sysctl -p" every time after reboot.
What's wrong here? There is also no further sysctl.conf in sysctl.conf.d which may override this setting.
I have also tried on a fresh Debian 10 system, with the same issue.

Code: Select all

    root@wireguard:~# /sbin/sysctl --system
    * Applying /etc/sysctl.d/1-sysctl.conf ...
    net.ipv4.ip_forward = 1
    net.ipv6.conf.all.forwarding = 1
    * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
    kernel.pid_max = 4194304
    * Applying /usr/lib/sysctl.d/protect-links.conf ...
    fs.protected_fifos = 1
    fs.protected_hardlinks = 1
    fs.protected_regular = 2
    fs.protected_symlinks = 1
    * Applying /etc/sysctl.conf ...
    net.ipv4.ip_forward = 1
    net.ipv6.conf.all.forwarding = 1
After reboot:

Code: Select all

  root@wireguard:~# cat /proc/sys/net/ipv4/ip_forward
    0
    root@wireguard:~# cat /proc/sys/net/ipv6/conf/all/forwarding
    1
I hope someone can help me, it looks like, it's being partially applied only, i don't know if it has something to do with the IPv6 setting. Everything apart from the sysctl.conf and the Wireguard install is set to default.

Aki
Global Moderator
Global Moderator
Posts: 2816
Joined: 2014-07-20 18:12
Location: Europe
Has thanked: 68 times
Been thanked: 382 times

Re: net.ipv4.ip_forward not peristent, even in /etc/sysctl.conf

#2 Post by Aki »

Hello,
Can you send the output of these command ?

Code: Select all

find / -name sysctl.conf 2> /dev/null
lsinitramfs /boot/initrd.img-$(uname -r)  | grep sysctl.conf
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org
⠈⠳⣄⠀

Knogle
Posts: 2
Joined: 2021-09-21 20:41

Re: net.ipv4.ip_forward not peristent, even in /etc/sysctl.conf

#3 Post by Knogle »

Thanks a lot for your reply!
The issue has been solved, it was quite nasty to solve and tshoot.
I had the packe "frr" installed for routing, and by default there is a "no ip forwarding" entry in the config file, which effectively disables ipv4 forwarding. Somehow it wasn't that easy to find that out.
Even though, thanks a lot for your help!

Post Reply