From 7412e0fe4e8fae4159f66ce5feb4a1c3fb25e879 Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Fri, 22 May 2026 14:28:17 +0100 Subject: fix(sysctl): enable net.ipv4.ip_forward for NAT bridges waydroid (and libvirt with finicky guests) need the host to route between their NAT bridge and the upstream NIC. libvirtd usually enables this on demand but it doesn't persist, so the container has no internet on a fresh boot until something else flips the bit. --- etc/sysctl.d/99-sysctl.conf | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'etc') diff --git a/etc/sysctl.d/99-sysctl.conf b/etc/sysctl.d/99-sysctl.conf index 3177c28..fc01611 100644 --- a/etc/sysctl.d/99-sysctl.conf +++ b/etc/sysctl.d/99-sysctl.conf @@ -30,3 +30,8 @@ net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv4.conf.all.log_martians = 1 + +# IP forwarding for NAT bridges (libvirt's virbr0, waydroid's waydroid0). +# libvirtd and waydroid both rely on the host routing between their bridge +# and the upstream NIC; without this they get no internet. +net.ipv4.ip_forward = 1 -- cgit v1.3.1