[systemd-devel] ip forwarding

Reindl Harald h.reindl at thelounge.net
Fri Nov 6 01:09:09 PST 2015



Am 06.11.2015 um 08:11 schrieb Johannes Ernst:
> This makes my point. The default = 0 is counter intuitive and costs much time for the lucky ones among us who can figure it out. The rest will just give up...

defaults should have security in mind, most setups don't need it enabled 
and the ones which will just give up don't understand what they are 
doing anyways and so bette don't mess with it

(no i am not a systemd developer but delevoper and sysadmin for many years)

>> On Nov 5, 2015, at 22:32, Peter Paule <systemd-devel at fedux.org> wrote:
>>
>> Hi Johannes,
>>
>> I had the same problem, I even wrote an article about that
>> (https://www.fedux.org/articles/2015/09/09/having-no-fun-with-rubygems-systemd-docker-and-networking.html).
>>
>> I think, you use `systemd-networkd`. Correct? The behaviour is documented
>> in "systemd.network-manual".
>>
>>   Note: unless this option is turned on, or set to “kernel”, no IP
>>   forwarding is done on this interface, even if this is globally turned on
>>   in the kernel, with the net.ipv4.ip_forward,
>>   net.ipv4.conf.all.forwarding, and net.ipv6.conf.all.forwarding sysctl
>>   options.
>>
>> I took me by surprise, too. But a new tool needs some learning.
>> Unfortunately. Though I would suggest to add some example to the manual
>> `systemd.network` or at least add a comment like that

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20151106/e873e58b/attachment.sig>


More information about the systemd-devel mailing list