rp_filter kernel setting precedence

When rp_filter kernel setting is configured with different boolean, which takes precedence? all.rp_filter or interface.rp_filter?

net.ipv4.conf.all.rp_filter = 1

net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.eth0.rp_filter = 0

The default property is not involved in this.

For all and eth0 Documentation about rp_filter says:

  The max value from conf/{all,interface}/rp_filter is used
  when doing source validation on the {interface}.

So here highest value takes precedence:

max(conf/all/rp_filter,conf/eth0/rp_filter)=max(1,0)=1

SRPF is thus in effect on eth0 (and all other interfaces except those having rp_filter=2 which would get Loose RPF behavior instead).

The interaction between all/rp_filter and its per-interface matching property is not the only behavior existing, documentation should be checked for each property.

The only role of the value set to default and thus default/rp_filter is to be inherited by newly created interfaces. This is documented here:

``conf/default/*``:
  Change the interface-specific default settings.

  These settings would be used during creating new interfaces.

Note that when moving an interface from a network namespace to an other, the per-interface properties will inherit their new default settings which could be different in the new namespace: it's as if the interface was just created there.