Pod network connectivity non-functional as a result of sysctl net.ipv4.ip_forward=0
This document (000020166) is provided subject to the disclaimer at the end of this document.
Situation
Issue
If the sysctl net.ipv4.ip_forward is set to 0 (disabled) on a Linux host, then IPv4 packet forwarding is disabled.
As a result, on a Kubernetes nodes this will prevent Pod networking from functioning.
You can confirm the current value of this sysctl on a Linux host, if you are experiencing a network issue, with the following:
sysctl net.ipv4.ip_forward
The output should show 1, for enabled.
Pre-requisites
- A Kubernetes cluster with a CNI (Container Network Interface) plugin configure, e.g. an RKE (Rancher Kubernetes Engine) or Rancher launched cluster.
- The systctl net.ipv4.ip_forward set to 0 (disabled) on the cluster hosts.
Resolution
Check if the kernel parameter net.ipv4.ip_forward is set to 1 with:
sysctl net.ipv4.ip_forward
If the current value of net.ipv4.ip_forward is 0, then set to this to 1 with the following:
sysctl net.ipv4.ip_forward=1
To make it permanent across reboot, add the following line in /etc/sysctl.conf:
net.ipv4.ip_forward=1
With this sysctl correctly enabled, Pod ingress and egress will be able to function as expected.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020166
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
