Why changing the value of kernel parameter with "all" in /proc/sys/net/ipvX/all does not make affect on per interface basis ?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 5 (any version)

Issue

  • While changing the value for all i:e net.ipvX.conf.all.<parameter-name>, it does not make any changes to per interface net.ipvX.conf.all.<interface-name>.<parameter_name>
  • Tested this by changing the value of all for kernel parameter dad_transmit and accept_dad , then after sysctl -p or system reboot, the value of per interface i:e ethX / bondX is not changed.
 ~]# sysctl -a |grep accept_dad
net.ipv6.conf.virbr0.accept_dad = 1
net.ipv6.conf.sit1.accept_dad = -1
net.ipv6.conf.sit0.accept_dad = -1
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.all.accept_dad = 0
net.ipv6.conf.eth2.accept_dad = 1
net.ipv6.conf.eth1.accept_dad = 1
net.ipv6.conf.eth0.accept_dad = 1
net.ipv6.conf.lo.accept_dad = -1
~]#

~]# sysctl -p
[...]
net.ipv6.conf.all.accept_dad = 0  <<--- changed to 0
~]#
  • Other interfaces like ethx value has not changed.
[root@dhcp223-12 ~]# sysctl -a |grep accept_dad
net.ipv6.conf.virbr0.accept_dad = 1
net.ipv6.conf.sit1.accept_dad = -1
net.ipv6.conf.sit0.accept_dad = -1
net.ipv6.conf.default.accept_dad = 1
net.ipv6.conf.all.accept_dad = 0
net.ipv6.conf.eth2.accept_dad = 1
net.ipv6.conf.eth1.accept_dad = 1
net.ipv6.conf.eth0.accept_dad = 1
net.ipv6.conf.lo.accept_dad = -1
[root@dhcp223-12 ~]#
  • Is this the bug ? Or its as per design ? if as per design then what is the meaning of that setting all ?

Resolution

  • This behaviour is by design. Not every "all" parameter is treated universally, only some of them are.

  • Also the default parameter gets applied only when a new interface comes up and not for already existing interfaces.

  • One has to explicitly set such parameters for individual interfaces.

Root Cause

  • For /proc/sys/net/ipv6/conf/default/* : These "global" setting have to be set to the desired value before the device is created. And it is at creation time that these global
    values are "inherited" by the device.

  • Afterwards changes to the global value will not propagate to those
    devices again, because that might override a changed setting made
    by the user.

  • It is only newly created devices which get these values.

  • For /proc/sys/net/ipv6/conf/all/* : Although the documentation says this.

    conf/all/*:
            Change all the interface-specific settings.

  • Unfortunately not all "all" knobs are treated universally, only some
    of them are. Grep for "devconf_all" under net/ipv6 to see which ones
    get used and in what manner.

  • Another discussion on similar issues

http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1+mid:pxw4o7p2k3xn5vh3+state:results

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments