On Thu, 09.06.16 17:11, Egor M. (dsx+systemd-de...@droidnest.org) wrote: > Hello. > > How to enable IPv6 forwarding in systemd-nspawn containers? I have a container > with network-bridge (--network-bridge=br0). Despite of > net.ipv6.conf.all.forwarding value and corresponding interface values, IPv6 > forwarding is still disabled inside container, while IPv4 forwarding inherited > correctly from host system and works just fine.
Hmm, did I grok this right, you want to enable IPv4 forwarding inside the container, so that the container acts as router? Currently npsawn will mount all of /proc/sys read-only, under the assumption that these sysctl are not namespaced. Are you saying the networking controls are correctly namespaced, and thus can be set to different values from the host without interfering with it? If so, we should probably mount /proc/sys/net writable after all. If so, could you please file a PR about this, and we'll make the change in upstream nspawn. For now though you can just make /proc/sys/net writable manually and then set the right sysctl there... Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
