Enable IP forwarding on Linux
For many distros such as Ubuntu, Debian, CentOS, RHEL, Fedora, and more, you can enable IP forwarding with these commands:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf sudo sysctl -p /etc/sysctl.conf
Other distros may require different steps.
When enabling IP forwarding, ensure your firewall is set up to deny traffic
forwarding by default. This is a default setting for common firewalls like
firewalld, and ensures your device doesn’t route traffic you don’t intend.
Tailscale requires no special firewall configuration. It automatically manages rules to permit forwarding needed by our features.