Difference between revisions of "Linux enable packet forwarding"
m (Pio2pio moved page IP forwarding to Linux enable packet forwarding) |
|
(No difference)
|
Latest revision as of 21:04, 6 March 2015
By default Linux distributions will have IP Forwarding disabled. This is normally a good idea, as most peoples will not need IP Forwarding, but if we are setting up a Linux router/gateway or maybe a VPN server (pptp or ipsec) or just a plain dial-in server then we will need to enable forwarding.
Check if IP Forwarding is enabled
Using sysctl query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not
sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 0
or checking out the value in the /proc system:
cat /proc/sys/net/ipv4/ip_forward 0
In the both examples IP forwarding is disabled as show the value 0
Enable IP Forwarding on the fly
As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly without rebooting the system
sysctl -w net.ipv4.ip_forward=1
or
echo 1 > /proc/sys/net/ipv4/ip_forward
the setting is changed instantly; the result will not be preserved after rebooting the system.
Permanent setting using /etc/sysctl.conf
To make this configuration permanent is using the file /etc/sysctl.conf where we add a line containing net.ipv4.ip_forward = 1
/etc/sysctl.conf: net.ipv4.ip_forward = 1
if you already have an entry net.ipv4.ip_forward with the 'value 0 you can change that to 1.
To enable the changes made in sysctl.conf you will need to run the command:
sysctl -p /etc/sysctl.conf
On RedHat based systems this is also enabled when restarting the network service:
service network restart
and on Debian/Ubuntu systems this can be also done restarting the procps service:
/etc/init.d/procps.sh restart
Using distribution specific init scripts
Although the methods presented above should work just fine and you would not need any other method of doing this, I just wanted to note that there are also other methods to enable IP Forwarding specific to some Linux distributions. For example Debian based distributions might use the setting:
/etc/network/options: ip_forward=no
set it to yes and restart the network service. Also RedHat distributions might set this using:
/etc/sysconfig/network: FORWARD_IPV4=true
and again restart the network service.