Enabling IP-Forwarding for IPv4 in Debian GNU/Linux

29/12/2020
Chưa phân loại
Setting up a computer network can be tricky sometimes. Enabling IPv4 Forwarding on a Linux machine is a rather simple task, luckily.

The term IP Forwarding describes sending a network package from one network interface to another one on the same device. It should be enabled when you want your system to act as a router that transfers IP packets from one network to another.

On a Linux system the Linux kernel has a variable named `ip_forward` that keeps this value. It is accessible using the file `/proc/sys/net/ipv4/ip_forward`. The default value is 0 which means no IP Forwarding, because a regular user who runs a single computer without further components is not in need of that, usually. In contrast, for routers, gateways and VPN servers it is quite an essential feature.

Next, we will explain to you how to enable IP Forwarding temporarily, and permanently.

IP Forwarding As A Temporary Solution

In order to enable this kernel parameter on the fly you have two options. Option 1 simply stores the value of 1 in the variable from above as follows:

# echo 1 > /proc/sys/net/ipv4/ip_forward

Option 2 uses the `sysctl` command that allows you to adjust different kernel parameters at runtime, too [2]. As an administrative user run the following command:

# sysctl -w net.ipv4.ip_forward=1

Keep in mind that this setting is changed instantly. Also, the result will not be preserved after rebooting the system.

You can query the stored value as follows:

# cat /proc/sys/net/ipv4/ip_forward

This command returns a value of 0 for no IP Forwarding, and a value of 1 for IP Forwarding enabled. As an alternative, using `sysctl` also shows you the current status:

# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
#

Enabling IP Forwarding Permanently

In order to achieve this some other steps have to be done. First, edit the file `/etc/sysctl.conf`. Search for a line containing the entry “#net.ipv4.ip_forward=1”, and remove the # at the beginning of the line.

Then, save the file, and run the `sysctl` command in order to enable the adjusted settings:

# sysctl -p /etc/sysctl.conf

The option `-p` is short for `–load`, and requires a name for the configuration file to be followed.

Next, restart the proc file system that provides information about the status of the Linux kernel using the following command:

# /etc/init.d/procps restart

In about 2015 the file name was shortened from `procps.sh` to `procps`. So, on elderly Debian systems the script that you have to invoke is named `procps.sh`, instead.

Dealing With Systemd

The next hurdle came with the release of Systemd version 221. IP Forwarding is disabled by default, and enabling requires an additional file to be there. If it is not there yet, just add it. The file name consists of the name of the network interface followed by the suffix `.network`, for example `eth0.network` for the network interface `/dev/eth0`. As stated in the documentation [4], other extensions are ignored.

The following code snippet shows the setup for the network interface `/dev/tun0`. It contains of two sections — `Match` and `Network`. In the Match section define the name of the network interface, and in the network section enable IP Forwarding.

# cat /etc/systemd/network/tun0.network
[Match]
Name=tun0
[Network]
IPForward=ipv4

Conclusion

Activating IP Forwarding for IPv4 is not a mystery. Just a few steps, and your are there. Happy hacking!

Links and references

* [1] Setting up Systemd-Networkd, Debian Wiki
* [2] Juergen Haas: Learn the Linux sysctl command
* [3] Systemd News for version 221
* [4] Documentation for Systemd

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

How to use Templates with Consul

Consul Template is a simple and powerful tool that populates values from consul into the file system. Consul templates...
29/12/2020

[Ubuntu] Hướng dẫn cài đặt Ubuntu 20.04 – Server – Focal Fossa – bản develop

Ubuntu tuân theo chu kỳ phát hành phiên bản mới 2 lần một năm, với một bản phát hành vào tháng...
30/12/2020

How to Create a New Sudo User on Debian 10 Buster

You can give sudo rights to any existing user by adding it to the sudo group. With the following command I will create the...
29/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

SỰ KHÁC BIỆT GIỮA RESIDENTIAL PROXY VÀ PROXY DATACENTER
17/02/2024

Mua Proxy v6 US Private chạy PRE, Face, Insta, Gmail
07/01/2024

Mua shadowsocks và hướng dẫn sữ dụng trên window
05/01/2024

Tại sao Proxy Socks lại được ưa chuộng hơn Proxy HTTP?
04/01/2024

Mua thuê proxy v4 nuôi zalo chất lượng cao, kinh nghiệm tránh quét tài khoản zalo
02/01/2024