I have two installations of SLES11 SP2 on X86-64 that I use to host KVM VMs. They are configured for bridging networking and it all works after I use sysctl to set
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
I have added these three lines to the end of /etc/sysctl.conf, expecting that the system will set them on boot. This does not happen. /etc/sysctl.conf is being loaded at boot as I can see other values from that file change when I change them. Because of this I can not load VMs at boot with any reliability. If I change these settings and then load the VMs everything works fine. Why is SLES not setting these values?
Basically some module loaded after the sysctl stuff is initially applied
(pretty early on apparently) is re-setting those values. How do you get
past this? Put the commands you want, the actual sysctl commands, in
/etc/init.d/after.local so that they are called after all of the other
stuff loads:
I found the answer and thought I would report it here as others are probably seeing similar problems. The /proc entries needed to implement the sysctl settings I need are created when the bridge module is installed. That module is installed when br0 is created, much later than boot.sysctl is run so those commands fail. I am seeing that there are many similar things associated with SLES boot system. They will show up as a “/proc/sys/net/ipv6/conf/all/autoconf: No such file or directory” message where the exact file depends on which module is needed. When I added bridge to INITRD_MODULES= in /etc/sysconfig/kernel and rebuilt the initrd with mkinitrd, the modules was loaded earlier and things worked.