sysctl parameter didn’t take effect after a reboot on RHEL 7 server. Parameter “net.ipv4.conf.all.forwarding” was disable before rebooting the server.
# cat /proc/sys/net/ipv4/conf/all/forwarding 1
# sysctl net.ipv4.conf.all.forwarding=0 net.ipv4.conf.all.forwarding = 0
# cat /proc/sys/net/ipv4/conf/all/forwarding 0
#cat /etc/sysctl.conf|grep net.ipv4.conf.all.forwarding net.ipv4.conf.all.forwarding = 0
# shutdown -r now
# cat /proc/sys/net/ipv4/conf/all/forwarding ### Gets enabled after reboot. 1
The Solution
RHEL 7 has a service named “tuned” which helps to create custom profiles and it overrides the “sysctl” values set in the /etc/sysctl.conf file, because “tuned” service will start after “sysctl” service. Use any one of the methods below to define the kernel parameters on RHEL/CentOS 7 server.
1. Check the active tune profile in the affected server.
# tuned-adm active Current active profile: virtual-guest
2. Navigate to the respective tuned profile directory and verify if the problematic sysctl kernel parameter is defined with any alternate value.
# cd /usr/lib/tuned/virtual-guest # cat tuned.conf # # tuned configuration # [main] include=throughput-performance [sysctl] net.ipv4.conf.all.forwarding = 1
If yes, then there are two option to fix the incorrect sysctl kernel parameter after reboot.
a) Remove the entry in tuned profile, so that “/etc/sysctl.conf” value takes effect.
# cd /usr/lib/tuned/virtual-guest # cat tuned.conf # # tuned configuration # [main] include=throughput-performance [sysctl]
b) Else, remove the entry in “/etc/sysctl.conf” which will make the tuned value persistent after reboot.
# cat /etc/sysctl.conf | grep net.ipv4.conf.all.forwarding
In this case, make sure you have the parameter present in the tuned profile file.
# cd /usr/lib/tuned/virtual-guest # cat tuned.conf # # tuned configuration # [main] include=throughput-performance [sysctl] net.ipv4.conf.all.forwarding = 0