16 lines
674 B
Plaintext
16 lines
674 B
Plaintext
# The Strict mode of RFC3704 Reverse Path filtering breaks some pretty
|
|
# common and reasonable use cases.
|
|
#
|
|
# Notably, it makes it impossible for NetworkManager to do connectivity
|
|
# check on a newly arriving default route (it starts with a higher metric
|
|
# and is bumped lower if there's connectivity).
|
|
#
|
|
# Kernel's default is 0 (no filter), systemd configures a Loose filter since
|
|
# commit 230450d4e4f1 ('sysctl.d: switch net.ipv4.conf.all.rp_filter from 1
|
|
# to 2'). However, RHEL systemd package happens to default to Strict mode
|
|
# for historic reasons. Let's override it if we're doing connectivity
|
|
# checking.
|
|
|
|
# Source route verification
|
|
net.ipv4.conf.all.rp_filter = 0
|