[systemd-devel] systemd-networkd: IPForward with ipv6

Mantas Mikulėnas grawity at gmail.com
Mon Jun 8 13:39:21 PDT 2015 

IIRC, it is not quite a noop, but a logical AND between the two?

Or maybe it was an OR. I'm pretty sure now the 'forwarding' setting was an
OR between all & interface (but, some other setting was an AND). I might be
wrong though.

Anyway, different net.ipvx.conf settings have different rules, and it is
frankly confusing as duck. But they aren't "broken" nor "ignored", no.

-- 
Mantas Mikulėnas
On Jun 8, 2015 23:00, "Lennart Poettering" <lennart at poettering.net> wrote:

> On Wed, 03.06.15 19:18, Sébastien Luttringer (seblu at seblu.net) wrote:
>
> > Hello,
> >
> > Since systemd v220, IPForward= parameter in [Network] set kernel
> > parameters by interface (/proc/sys/net/ipv[46]/conf/*/forwarding).
> > This is nice and works perfectly for ipv4.
> >
> > Unfortunately, ipv6 forwarding doesn't works until we manually set
> > /proc/sys/net/ipv6/conf/all/forwarding to 1.
>
> Are you saying that /proc/sys/net/ipv6/conf/$interface/forwarding is a
> NOP in the kernel for anything except $interface being "all"?
>
> That sounds seriously broken in the kernel. They should not expose a
> setting that is a NOP like that...
>
> >
> > In term of user experience, IPforward=ipv6 doesn't enable ipv6
> > forwarding on the interface. That's tricked me.
> >
> > From:
> > https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
> >
> > conf/all/forwarding - BOOLEAN
> >         Enable global IPv6 forwarding between all interfaces.
> >
> >         IPv4 and IPv6 work differently here; e.g. netfilter must be
> > used
> >         to control which interfaces may forward packets and which not.
> >
> > An maybe better explained here:
> > http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/proc-sys-net-ipv6..html
>
> This documentation is not particularly good, but it certainly doesn't
> suggest the option was a NOP.
>
> Can you elaborate on this?
>
> Do you have any references that clarify that IPv6 and IPv4 handling of
> this setting is really different?
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20150608/1acddab1/attachment.html>

More information about the systemd-devel mailing list