Pod network connectivity non-functional as a result of sysctl net.ipv4.ip_forward=0

Follow
Table of Contents

Issue

If the sysctl net.ipv4.ip_forward is set to 0 (disabled) on a Linux host, then IPv4 packet forwarding is disabled.
As a result, on a Kubernetes nodes this will prevent Pod networking from functioning.

You can confirm the current value of this sysctl on a Linux host, if you are experiencing a network issue, with the following:

sysctl net.ipv4.ip_forward

The output should show 1, for enabled.

Pre-requisites

  • A Kubernetes cluster with a CNI (Container Network Interface) plugin configure, e.g. an RKE (Rancher Kubernetes Engine) or Rancher launched cluster.
  • The systctl net.ipv4.ip_forward set to 0 (disabled) on the cluster hosts.

Resolution

Check if the kernel parameter net.ipv4.ip_forward is set to 1 with:

sysctl net.ipv4.ip_forward

If the current value of net.ipv4.ip_forward is 0, then set to this to 1 with the following:

sysctl net.ipv4.ip_forward=1

To make it permanent across reboot, add the following line in /etc/sysctl.conf:

net.ipv4.ip_forward=1

With this sysctl correctly enabled, Pod ingress and egress will be able to function as expected.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.