Description of problem:
Since Red Hat Enterprise Linux 7.0, the content of the file /etc/sysctl.conf has changed (together with the whole /etc/sysctl.d/ system).
The default setting of the net.ipv4.ip_forward ( = 0) has dissapeared from the file and there is no obvious way to permanently set IP packet forwarding in case the system is used as a router.
The same is true for setting IP packet forwarding for IPv6, if a separate kernel parameter is necessary. In the new paradigm, is /etc/sysctl.conf the correct place is there another method/another file ?
There is no obvious (recommended, documented) way of permanently setting the IPv4 and IPv6 packet forwarding.
Please document a recommended way of setting this, in the correct place (file).
Thank you for raising this bug.
You may the Security Guide useful, in particular this section:
Thank you, Stephen, but neither of the commands:
~]# /sbin/sysctl -w net.ipv4.conf.all.forwarding=1
~]# /sbin/sysctl -w net.ipv6.conf.all.forwarding=1
~]# /sbin/sysctl -w net.ipv4.ip_forward=1
does not survive a reboot (firewalld is disabled as a service, no other firewall solution in place - such as shorewall).
Should I put this back in /etc/sysctl.conf or /etc/sysctl.d/90-sysctl.conf, via a text editor, manually? What should be the correct file?
Re page as per link in comment 2.
I see this text at the end of "Disabling Source Routing" section:
"In order to make the settings permanent they must be added to /etc/sysctl.conf. "
At the end of the "Reverse Path Filtering" section, I see this text:
"To make these settings persistent across reboot, modify the /etc/sysctl.conf file."
Not consistent....I should improve that.
I will review the Networking Guide to see if I can find an appropriate place to mention packet forwarding and link to the section in the Security Guide.
The update has been published on the Customer Portal