Debian sysctl.conf Values Not Persisting After Reboot: Fixing net.ipv6.bindv6only Issue


2 views

When working with Debian systems (particularly Wheezy/Sid in this case), you might encounter situations where changes made to /etc/sysctl.conf don't persist after reboot. The specific example here involves the net.ipv6.bindv6only parameter defaulting back to 1 despite being set to 0 in the configuration file.

Modern Debian systems handle sysctl settings through multiple mechanisms:

1. /etc/sysctl.conf - The traditional configuration file
2. /etc/sysctl.d/ - Directory for package-specific settings
3. Systemd services (on newer systems)
4. Network interface scripts

Method 1: Verify proper file loading

First, check if your settings are being overwritten during boot:

# Check current value
sysctl net.ipv6.bindv6only

# Apply manually to test
sudo sysctl -w net.ipv6.bindv6only=0

# Make permanent (if manual change works)
echo "net.ipv6.bindv6only=0" | sudo tee /etc/sysctl.d/10-network.conf
sudo sysctl -p /etc/sysctl.d/10-network.conf

Method 2: Check for competing configurations

# Search for any other files that might set this
sudo grep -r "bindv6only" /etc/sysctl* /etc/network/

If the above doesn't work, examine the boot sequence:

# Check boot logs for sysctl activities
journalctl -b | grep sysctl

# Alternative for older systems:
dmesg | grep -i "sysctl"

For systems using systemd, create a custom service to ensure late application:

# /etc/systemd/system/fix-sysctl.service
[Unit]
Description=Fix sysctl network parameters
After=network.target

[Service]
Type=oneshot
ExecStart=/sbin/sysctl -p /etc/sysctl.d/10-network.conf

[Install]
WantedBy=multi-user.target

Some network managers might reset IPv6 parameters. For NetworkManager:

# Create or edit:
/etc/NetworkManager/dispatcher.d/99-sysctl-tweaks

#!/bin/sh
[ "$1" = "up" ] && /sbin/sysctl -w net.ipv6.bindv6only=0

After implementing any solution, verify persistence:

# Reboot and check
sudo reboot
sysctl net.ipv6.bindv6only

# Alternative verification without reboot
sudo service procps restart
sysctl net.ipv6.bindv6only

On modern Debian systems (including Wheezy and later), the traditional /etc/sysctl.conf approach might not work as expected due to changes in the initialization process. Here's what's happening under the hood:

# Check current value
sysctl net.ipv6.bindv6only
# Expected: net.ipv6.bindv6only = 0
# Actual: net.ipv6.bindv6only = 1

Debian now uses a more flexible system for kernel parameter management:

# The new configuration directory
ls /etc/sysctl.d/
# Should show various .conf files

Create a dedicated configuration file in /etc/sysctl.d/:

# Create new configuration
echo "net.ipv6.bindv6only = 0" | sudo tee /etc/sysctl.d/10-ipv6.conf

# Apply changes immediately
sudo sysctl -p /etc/sysctl.d/10-ipv6.conf

Ensure the changes persist after reboot:

# Check if the file is processed during boot
grep -r "bindv6only" /etc/rc*

# Alternative verification
sudo service procps restart
sysctl net.ipv6.bindv6only

If the issue persists, consider these additional checks:

# Check boot order
ls -l /etc/rcS.d/ | grep sysctl

# Verify systemd systems (if applicable)
systemctl status systemd-sysctl.service

# Alternative approach for legacy systems
update-rc.d procps defaults

For complex scenarios, you might need to modify the sysctl service itself:

# Create override file for systemd
sudo mkdir -p /etc/systemd/system/sysctl.service.d/
echo "[Service]
ExecStartPost=/bin/sleep 10" | sudo tee /etc/systemd/system/sysctl.service.d/override.conf

# Reload systemd
sudo systemctl daemon-reload