How to enable or disable ip_forwarding in Solaris 10 and prior
A number of factors affect how IP forwarding and routing is configured at boot time. Prior to Solaris 10, IPv4 forwarding could be disabled at boot time by creating the file /etc/notrouter. Solaris 10 no longer makes use of the /etc/notrouter file. For Solaris 10, IP forwarding is disabled by default and can be enabled using the routeadm utility.
The following instructions show how to change ip_forwarding settings for various Solaris Operating system releases.
For releases prior to Solaris 10
IP forwarding settings can be manipulated by using ndd command.
To enable/disable IPv4 forwarding:
# ndd -set /dev/ip ip_forwarding [value]
# ndd -set /dev/ip ip_forwarding 0
To view the current setting:
# ndd -get /dev/ip ip_forwarding
The value can be 0, or 1:
- 0 - do not forward
- 1 - forward
For Solaris 8 and 9, there is also a capability to control IPv6 packet forwarding.
# ndd -set /dev/ip ip6_forwarding [value]
# ndd -set /dev/ip ip6_forwarding 0
Additionally, Solaris 8 and 9 can provide a finer-grained IP forwarding on an interface by interface basis.
# ndd -set /dev/ip [interface]:ip_forwarding [value]
# ndd -set /dev/ip interface:ip_forwarding 1
For Solaris 9 only IPv6 interfaces:
# ndd -set /dev/ip [interface]:ip6_forwarding [value]
To preserve changes across reboots, include the appropriate ndd statement in a system startup script. The script should be run between existing S69inet and S72inetsvc scripts.
For Solaris 10
Solaris 10 introduced a new utility called routeadm to allow configuration of IP forwarding and routing. Enabling or disabling forwarding with routeadm commands are persistent across reboots.
To enable IP forwarding:
# routeadm -e ipv4-forwarding # routeadm -e ipv6-forwarding
To disable IP forwarding:
# routeadm -d ipv4-forwarding # routeadm -d ipv6-forwarding
To apply the changes to the running system:
# routeadm -u
routeadm arguments may also be combined:
# routeadm -e ipv4-forwarding -e ipv6-forwarding -u
Without arguments, routeadm reports the current configuration.
To control IP forwarding on a individual IPv4 or IPv6 interface use the ifconfig utility:
- To enable IP forwarding:
# ifconfig interface router # ifconfig interface ipv6 router
- To disable IP forwarding:
# ifconfig interface -router # ifconfig interface ipv6 -router
To preserve these changes across reboots, the router or -router flag may be added to the file /etc/hostame.[interface] or /etc/hostname6.[interface] (in case of IPv6).