Question on enabling IP forwarding at NIC level of NVA

Question

Hello,

Let's say I want traffic from VM1 to VM2 should go through VM3, Which means I am going to consider VM3 as Network Virtual Appliance (NVA) and configure routing accordingly.

My question is if my NVA, which is a Azure VM in my case, has more than one NIC cards - Do I need to enable IP forwarding on all the NICs ? Will routing work if IP forwarding is enabled on just one NIC, leaving one or more NIC on my NPA without IP forwarding enabled on them. Sorry, I can't set up the ENV and test it myself.

Appreciate your insightful response, thank you !!

Answer 1

Hello @anil kumar ,

Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

As mentioned in this doc, the IP forwarding setting must be enabled for every network interface that is attached to the virtual machine that receives traffic that the virtual machine needs to forward. A virtual machine can forward traffic whether it has multiple network interfaces or a single network interface attached to it. While IP forwarding is an Azure setting, the virtual machine must also run an application able to forward the traffic, such as firewall, WAN optimization, and load balancing applications.

So, yes you need to enable IP forwarding on all the NICs attached to the VM.

Kindly let us know if the above helps or you need further assistance on this issue.

----------------------------------------------------------------------------------------------------------------

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.