How to set sysctl variables on Red Hat Enterprise Linux

Solution Verified - Updated 23 Feb 2026

Environment

Red Hat Enterprise Linux 4 or later

Issue

How do I persistently set sysctl variables on Red Hat Enterprise Linux?
How to immediately set a sysctl kernel parameter in RHEL?
How to set back sysctl parameters to default values?

Resolution

A sysctl variable represents file locations under the /proc/sys directory. The dot(".") notation is used when setting in a configuration file.

To set a sysctl parameter value immediately (not persistent) on any version of RHEL:

Use the sysctl -w command. Parameter which take multiple values should have the values enclosed in quotes. For example, to set net.ipv4.ip_forward to 1 and net.ipv4.ip_local_port_range to 1025-65535:
```
  # sysctl -w net.ipv4.ip_forward=1
  # sysctl -w net.ipv4.ip_local_port_range="1025 65535"
```

Alternatively, it is possible to echo values directly into the procfs file which represents a sysctl parameter:

  # echo 1 > /proc/sys/net/ipv4/ip_forward
  # echo "1025 65535" > /proc/sys/net/ipv4/ip_local_port_range

To set a persistent value for a sysctl parameter in Red Hat Enterprise Linux (RHEL) 7, RHEL 8, RHEL 9 and RHEL 10 which will be applied at boot:

Create a new conf file under the /etc/sysctl.d/ directory. File names take the format /etc/sysctl.d/<name>.conf. Files in the /etc/sysctl.d/ directory are parsed in order so it is recommended to prepend the file name with a number signifying the order you would like the files to be parsed in. For example, /etc/sysctl.d/99-custom.conf:
```
  # cat /etc/sysctl.d/99-custom.conf
  net.ipv4.ip_forward=1
  net.ipv4.ip_local_port_range=1025 65535
```
To have the system immediately apply the values in a new/updated /etc/sysctl.d file, run sysctl -p <filename>:
```
  # sysctl -p /etc/sysctl.d/99-custom.conf
```
The sysctl values are loaded early in boot via initramfs, so finally, rebuild initramfs to override any previous persistent sysctl settings in the initial ramdisk image.
```
  # dracut -f -v 
```

note: sysctl parameters in /etc/sysctl.conf file will override parameters from /etc/sysctl.d/* files.

To set a persistent value for a sysctl parameter in RHEL 6, RHEL 5, and RHEL 4 which will be applied at boot:

Insert or update the parameter values as defined in the /etc/sysctl.conf file:

  # cat /etc/sysctl.conf 
  # Kernel sysctl configuration file for Red Hat Linux
  #
  # For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
  # sysctl.conf(5) for more details.
  ......
  net.ipv4.ip_forward=1
  net.ipv4.ip_local_port_range=1025 65535

To have the system immediately apply the values in the updated /etc/sysctl.conf file, run sysctl -p:
```
  # sysctl -p
```

To set sysctl parameters back to default values, there are two options:

When a default value is known you can make the changes in runtime by executing sysctl -w command
```
  # sysctl -w parameter=default_value
```

Please note that is required to remove the entries in the file /etc/sysctl.conf or in the file under the /etc/sysctl.d/ directory where those parameters are currently configured before the next system reboot happens, otherwise, when the system will be rebooted it will take the values configured in the files.

When a default value is unknown a system reboot is required.

Remove the entries in the file /etc/sysctl.conf or in the file under the /etc/sysctl.d/ directory where those parameters are currently configured and reboot the system, so, the changes can take effect and the parameters are changed back to the default values.

note: some parameters could be modified by echoing value to /proc files without reboot, but sysctl -w command can't modify the parameters. For example:deleted net.ipv4.ip_local_reserved_ports entry in /etc/sysctl.conf, and executed sysctl -porsysctl -w commands, not work:

Reserved 50880 port:
#  grep ip_local_reserved_ports /etc/sysctl.conf 
net.ipv4.ip_local_reserved_ports = 50880

# sysctl -a | grep net.ipv4.ip_local_reserved_ports
net.ipv4.ip_local_reserved_ports = 50880

Deleted net.ipv4.ip_local_reserved_ports entry, 50880 port is still reserved:
#  grep ip_local_reserved_ports /etc/sysctl.conf 
# 
# sysctl -p
# sysctl -a | grep ip_local_reserved_ports
net.ipv4.ip_local_reserved_ports = 50880

The sysctl -w  must be of the form name=value:
# sysctl -w net.ipv4.ip_local_reserved_ports
sysctl: "net.ipv4.ip_local_reserved_ports" must be of the form name=value

Echo command works:
# echo  > /proc/sys/net/ipv4/ip_local_reserved_ports
# sysctl -a | grep ip_local_reserved_ports
net.ipv4.ip_local_reserved_ports =

SBR

Kernel

Product(s)

Red Hat Enterprise Linux

Components

Category

Configure

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.