Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
docker_notes:docker-dns [2025-08-17 Sun wk33 09:52] – [Linux setup to forward packets] baumkpdocker_notes:docker-dns [2025-08-17 Sun wk33 10:27] (current) – [Linux setup to forward packets] baumkp
Line 5: Line 5:
  
 =====Linux setup to forward packets===== =====Linux setup to forward packets=====
 +<color #ed1c24>[This probably needs to be moved and consolidated elsewhere and then highlevel only reference here]</color>
 +
 The main router must be set to forward packets! The main router must be set to forward packets!
-It would seem that as of Debian 13 the ''/etc/sysctl.conf'' file is not longer used, and is deleted up upgrade.  Instead overrides must be copied into *.conf files in /etc/sysctl.d/++old, not longer used|The ability to forward packets must be set / allowed, edit or add the following parameters in ''sudo vim /etc/sysctl.conf'':++  The command ''sudo sysctl -a | less'' can be used to list all current kernel parameters, or ''sudo sysctl net.ipv4.ip_forward'' to list a specific one. +It would seem that as of Debian 13 the ''/etc/sysctl.conf'' file is not longer used, and is deleted on upgrade, including any user changes.  Instead overrides must be copied into *.conf files in /etc/sysctl.d/Normally user conf files in *.d directories are not affected by upgrades. 
-  *net.ipv4.ip_forward = 1 + 
-  *net.ipv4.conf.all.proxy_arp = 1 +The command ''sudo sysctl -a | less'' can be used to list all current kernel parameters and their current setting, or ''sudo sysctl net.ipv4.ip_forward'' to list a specific one. 
-  *net.ipv6.conf.all.forwarding=1 + 
-  * ''sudo sysctl net.ipv6.conf.all.forwarding=1'' similar for ipv6  +++++sudo vim /etc/sysctl.d/ip_forward.conf| 
-After applying these changes reboot or apply setting using ''sudo sysctl -p /etc/sysctl.conf''+<code>net.ipv4.ip_forward = 1 
 +net.ipv4.conf.all.proxy_arp = 1 
 +net.ipv6.conf.all.forwarding=1</code> 
 +++++ 
 +After applying these changes reboot or apply setting using ''sudo sysctl -p /etc/sysctl.d/ip_forward.conf'' (Note that ''sudo sysctl -p'' defaults to using ''/etc/sysctl.conf'' and will error if this file is not available.) 
 +  * ''sudo sysctl -w net.ipv6.conf.all.forwarding=1'' will immediately set this parameter, but it will not be permanent and lost on reboot
 + 
 +The boot systemctl reads the following configuration files to adjust kernel parameters at boot: 
 +  */etc/sysctl.d/*.conf 
 +  */run/sysctl.d/*.conf 
 +  */usr/local/lib/sysctl.d/*.conf 
 +  */usr/lib/sysctl.d/*.conf 
 +  */lib/sysctl.d/*.conf 
 + 
  
 ====References==== ====References====
 +  *[[https://thequickadvisor.com/is-ip-forwarding-required-for-docker/|Is IP forwarding required for Docker?]] (It would seem yes.)
   *[[https://askubuntu.com/questions/311053/how-to-make-ip-forwarding-permanent|How to make IP forwarding permanent?]]   *[[https://askubuntu.com/questions/311053/how-to-make-ip-forwarding-permanent|How to make IP forwarding permanent?]]
 +  *[[http://linux-ip.net/html/index.html|Guide to IP Layer Network Administration with Linux]]
 +  *[[https://linuxize.com/post/sysctl-command-in-linux/|Sysctl Command in Linux]]
 +  *[[https://commandmasters.com/commands/sysctl-linux/|How to Use the Command 'sysctl' (with Examples)]]
 +  *[[https://load-balancer.inlab.net/knowledge-base/how-to-deal-with-arp-problems-on-linux/|How to deal with ARP-Problems on Linux]]
 +  *[[https://undercodetesting.com/understanding-arp-and-nat-core-networking-protocols-for-cybersecurity/|Understanding ARP and NAT: Core Networking Protocols for Cybersecurity]]
 +  *[[https://documentation.ubuntu.com/server/how-to/wireguard-vpn/on-an-internal-system/|WireGuard on an internal system (peer-to-site)]]
  
 =====Bind9 Controls===== =====Bind9 Controls=====