How to enable ip forward in opensolaris
a console "echo "1" > /proc/sys/net/ipv4/ip_forward"
In opensolaris this task is more complicated.
Why?because, they can :)
root@opensolaris:/net# uname -a
SunOS opensolaris 5.11 snv_101b i86pc i386 i86pc Solaris
to check if the ip forward is enabled type:
root@opensolaris:/net# svcs -a | grep forward
disabled 10:24:40 svc:/network/ipv6-forwarding:default
disabled 12:46:49 svc:/network/ipv4-forwarding:default
in this case, it is disabled (by default)
To enable it, you can do:
- root@opensolaris:~# ifconfig pcn0 router
for ipv6:
root@opensolaris:~# ifconfig pcn0 inet6 router
- root@opensolaris:~# ndd -set /dev/ip ip_forwarding 1
for ipv6:
root@opensolaris:~# ndd -set /dev/ip ip6_forwarding 1
- In the previous Solaris releases
root@opensolaris:~# routeadm -e ipv4-forwarding
for ipv6:
root@opensolaris:~# routeadm -e ipv6-forwarding
To disable ip forward
root@opensolaris:~# ifconfig pcn0 -router
root@opensolaris:~# ifconfig pcn0 inet6 -router
root@opensolaris:~# ndd -set /dev/ip ip_forwarding 0
root@opensolaris:~# ndd -set /dev/ip ip6_forwarding 0
root@opensolaris:~# routeadm -d ipv4-forwarding
root@opensolaris:~# routeadm -d ipv6-forwarding
After this you must start the ip_forward service.To do this type:
root@opensolaris:~# svcadm enable network/ipv4-forwarding
To stop this service type root@opensolaris:~# svcadm disable
network/ipv4-forwarding
To test if the ip forward is enabled type:
root@opensolaris:~# svcs -a | grep forward
disabled 10:24:40 svc:/network/ipv6-forwarding:default
online 13:01:32 svc:/network/ipv4-forwarding:default
In my case only the ipv4 was enabled.
Also you cat check by running routeadm
root@opensolaris:~# routeadm
Configuration Current Current
Option Configuration System State
---------------------------------------------------------------
IPv4 routing disabled disabled
IPv6 routing disabled disabled
IPv4 forwarding enabled enabled
IPv6 forwarding disabled disabled
Routing services "route:default ripng:default"
[...]
That is all.Enjoy :)
Anyway, to have a working server, ipfilter/ipnat is your friend.
More to come about this issue later ;)
Update: more about NAT here
Comments