TL;DR: I propose to have IPForward default to “no change”, rather than 0, as 0
has unexpected consequences for non-expert users.
Details: A few months ago there where some threads about ip_forwarding needing
a toggle from 1 to 0 and back to 1 before it would work. [1][2][3]
It appears I found the reason for this. With "net.ipv4.ip_forward = 1” in
sysctl.d, after a fresh boot:
> for i in /proc/sys/net/ipv4/ip_forward
/proc/sys/net/ipv4/conf/*/forwarding; do echo -n $i: ; cat $i; done
/proc/sys/net/ipv4/ip_forward:1
/proc/sys/net/ipv4/conf/all/forwarding:1
/proc/sys/net/ipv4/conf/default/forwarding:1
/proc/sys/net/ipv4/conf/enp0s3/forwarding:0 <= Why?
/proc/sys/net/ipv4/conf/lo/forwarding:1
If I then do the toggle dance:
> sysctl net.ipv4.ip_forward=0
> sysctl net.ipv4.ip_forward=1
I get what I expected in the first place:
/proc/sys/net/ipv4/ip_forward:1
/proc/sys/net/ipv4/conf/all/forwarding:1
/proc/sys/net/ipv4/conf/default/forwarding:1
/proc/sys/net/ipv4/conf/enp0s3/forwarding:1
/proc/sys/net/ipv4/conf/lo/forwarding:1
Adding net.ipv4.conf.enp0s3.forwarding = 1 to sysctl.d does not have the
desired effect.
Turns out my innocent-looking .network file is the culprit:
[Match]
Name=en*
[Network]
DHCP=ipv4
Without that file, after boot the enp0s3 flag remains 1 as expected.
The problem: I thought I created that file to say “get an IP address via DHCP”
because that’s all it talks about. But due to the IPForward default, I also
specified “and turn off ip forwarding”, which is non-obvious (e.g. I just found
out, and I originally ran into this in June). So I suggest the default should
be “don’t touch this setting” instead of 0.
Cheers,
Johannes.
[1] http://lists.freedesktop.org/archives/systemd-devel/2015-June/033239.html
[2] http://lists.freedesktop.org/archives/systemd-devel/2015-July/033738.html
[3] https://github.com/systemd/systemd/issues/468
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
