http://bugzilla.opensuse.org/show_bug.cgi?id=1171770 http://bugzilla.opensuse.org/show_bug.cgi?id=1171770#c32 --- Comment #32 from Aleksa Sarai <asarai@suse.com> --- (In reply to Martin Weiss from comment #29)
FYI - just had to realize the same issue on SLES 15 SP1 with kernel 4.12.14-197.40-default and we have realized that all forward = 1 JUST the eth0 and the lo interfaces have 0 !
While all other ipv4 forwarding were 1 we saw these two on 0:
/proc/sys/net/ipv4/conf/eth0/forwarding 0 /proc/sys/net/ipv4/conf/lo/forwarding 0
Dammit. Yeah I had noticed this last week (when I was figuring out how forwarding configuration worked), but I misunderstood what I was looking at -- my assumption was that forwarding meant forwarding in *both* directions. But I think it only refers to forwarding *incoming* packets (so forwarding being disabled on the host still allows forwarded packets from the container to go to the internet).
BUT - a sysctl --system (with only net.ipv4.ip_forward=1 in the conf) did NOT change the interfaces from 0 to 1!!
Yeah, this behaviour is expected (if misguided IMHO). The kernel treats setting this sysctl to its current value as a no-op. I guess we'll need to explicitly do % echo 1 | tee /proc/sys/ipv[46]/conf/*/forwarding somewhere... -- You are receiving this mail because: You are on the CC list for the bug.