networking:ip_forwarding
This is an old revision of the document!
Table of Contents
Networking - IP Forwarding
IP forwarding is also known as routing.
If the Linux server is acting as a firewall, router, or NAT device, it will need to be capable of forwarding packets that are meant for other destinations (other than itself).
- IP forwarding should usually be turned off if one of the aforementioned configurations is not being used.
- This prevents wasting bandwidth or resources to forward packets elsewhere, if not needed.
Linux uses the net.ipv4.ip_forward kernel variable to toggle this setting on or off.
Check if IP forwarding is enabled or disabled, using sysctl
sysctl net.ipv4.ip_forward
returns:
net.ipv4.ip_forward = 0
NOTE: This shows the net.ipv4.ip_forward kernel setting is 0, which means it is off.
- If it were set to 1, that would mean it is enabled.
Alternatively, check if IP forwarding is enabled or disabled, using proc
cat /proc/sys/net/ipv4/ip_forward
returns:
0
Enable or disable IP forwarding
Using sysctl
sysctl -w net.ipv4.ip_forward=0 or sysctl -w net.ipv4.ip_forward=1
Alternatively, change the setting inside /proc/sys/net/ipv4/ip_forward to turn the setting on or off.
echo 0 > /proc/sys/net/ipv4/ip_forward or echo 1 > /proc/sys/net/ipv4/ip_forward
TAGS
- TAG: Firewall
- TAG: Networking
- TAG: Router
- TAG: Routing
- TAG: Security
networking/ip_forwarding.1747817838.txt.gz · Last modified: 2025/05/21 08:57 by peter