What is the difference between "all", "default" and a specific device in a sysctl parameter?

Solution Verified - Updated 23 Jan 2024

Environment

Red Hat Enterprise Linux(All versions)

Issue

What are the differences in the specification of all, default or a specific device (eth0) in some sysctl parameters, e.g.:
```
net.ipv4.conf.eth0.rp_filter 0
```
vs
```
net.ipv4.conf.all.rp_filter 0
```
Setting a sysctl parameter on a specific interface.

Resolution

The following are the specific ways these parameters are translated:

all: if all sits in the device position of the parameter, all existing devices will take on this specified parameter setting, regardless of the interface's own setting. An exception would be that the interface value is a greater than the 'all' value.
default: if default sits in the device position of the parameter, all newly-created devices will take on this specified parameter setting
ethX: if ethX (any interface name) sits in the device position of the parameter, only that device will take on this specified parameter setting

Note on "all"

As per the kernel documentation:

Documentation/networking/ip-sysctl.txt

The max value from conf/{all,interface}/rp_filter is used
when doing source validation on the {interface}.

So if interfaces are configured as follows:

net.ipv4.conf.all.rp_filter  = 1
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 2

Then:

eth0 and eth1 act as if rp_filter = 1
eth2 acts as if rp_filter = 2

This is because all is set to 1, and the max value of all or the interface name is used.

Note on Red Hat Enterprise Linux 7 and 8:

On Red Hat Enterprise Linux 7 NIC drivers can be loaded before sysctl defaults are loaded depending on the hardware. If you notice inconsistencies, you may use /sbin/ifup-local script in order to load the defaults you want for such interface. A very basic example script is below, for reference:

#!/bin/bash

sysctl net.ipv4.conf.$1.rp_filter=2

Please refer to this solution for more information on this script.

If NetworkManager is in use, a NetworkManager Dispatcher Script should be created instead, so that it can fire a script any time a link comes up or goes down.
As for example /etc/NetworkManager/dispatcher.d/30-rp_filter

SBR

Product(s)

Red Hat Enterprise Linux

Components

procps

Tags

sysinit

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.