Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
docker_notes:docker-dns [2025-08-17 Sun wk33 09:59] – [Linux setup to forward packets] baumkpdocker_notes:docker-dns [2025-08-17 Sun wk33 10:27] (current) – [Linux setup to forward packets] baumkp
Line 5: Line 5:
  
 =====Linux setup to forward packets===== =====Linux setup to forward packets=====
 +<color #ed1c24>[This probably needs to be moved and consolidated elsewhere and then highlevel only reference here]</color>
 +
 The main router must be set to forward packets! The main router must be set to forward packets!
-It would seem that as of Debian 13 the ''/etc/sysctl.conf'' file is not longer used, and is deleted on upgrade.  Instead overrides must be copied into *.conf files in /etc/sysctl.d/.+It would seem that as of Debian 13 the ''/etc/sysctl.conf'' file is not longer used, and is deleted on upgrade, including any user changes.  Instead overrides must be copied into *.conf files in /etc/sysctl.d/. Normally user conf files in *.d directories are not affected by upgrades.
  
 The command ''sudo sysctl -a | less'' can be used to list all current kernel parameters and their current setting, or ''sudo sysctl net.ipv4.ip_forward'' to list a specific one. The command ''sudo sysctl -a | less'' can be used to list all current kernel parameters and their current setting, or ''sudo sysctl net.ipv4.ip_forward'' to list a specific one.
Line 15: Line 17:
 net.ipv6.conf.all.forwarding=1</code> net.ipv6.conf.all.forwarding=1</code>
 ++++ ++++
-After applying these changes reboot or apply setting using ''sudo sysctl -p /etc/sysctl.d/ip_forward.conf''+After applying these changes reboot or apply setting using ''sudo sysctl -p /etc/sysctl.d/ip_forward.conf'' (Note that ''sudo sysctl -p'' defaults to using ''/etc/sysctl.conf'' and will error if this file is not available.)
   * ''sudo sysctl -w net.ipv6.conf.all.forwarding=1'' will immediately set this parameter, but it will not be permanent and lost on reboot.   * ''sudo sysctl -w net.ipv6.conf.all.forwarding=1'' will immediately set this parameter, but it will not be permanent and lost on reboot.
-After applying these changes reboot or apply setting using ''sudo sysctl -p /etc/sysctl.conf''+ 
 +The boot systemctl reads the following configuration files to adjust kernel parameters at boot: 
 +  */etc/sysctl.d/*.conf 
 +  */run/sysctl.d/*.conf 
 +  */usr/local/lib/sysctl.d/*.conf 
 +  */usr/lib/sysctl.d/*.conf 
 +  */lib/sysctl.d/*.conf 
 + 
  
 ====References==== ====References====
 +  *[[https://thequickadvisor.com/is-ip-forwarding-required-for-docker/|Is IP forwarding required for Docker?]] (It would seem yes.)
   *[[https://askubuntu.com/questions/311053/how-to-make-ip-forwarding-permanent|How to make IP forwarding permanent?]]   *[[https://askubuntu.com/questions/311053/how-to-make-ip-forwarding-permanent|How to make IP forwarding permanent?]]
 +  *[[http://linux-ip.net/html/index.html|Guide to IP Layer Network Administration with Linux]]
 +  *[[https://linuxize.com/post/sysctl-command-in-linux/|Sysctl Command in Linux]]
 +  *[[https://commandmasters.com/commands/sysctl-linux/|How to Use the Command 'sysctl' (with Examples)]]
 +  *[[https://load-balancer.inlab.net/knowledge-base/how-to-deal-with-arp-problems-on-linux/|How to deal with ARP-Problems on Linux]]
 +  *[[https://undercodetesting.com/understanding-arp-and-nat-core-networking-protocols-for-cybersecurity/|Understanding ARP and NAT: Core Networking Protocols for Cybersecurity]]
 +  *[[https://documentation.ubuntu.com/server/how-to/wireguard-vpn/on-an-internal-system/|WireGuard on an internal system (peer-to-site)]]
  
 =====Bind9 Controls===== =====Bind9 Controls=====