diff --git a/doc/source/roles/role-undercloud_sysctl.rst b/doc/source/roles/role-undercloud_sysctl.rst
new file mode 100644
index 000000000..7ef195266
--- /dev/null
+++ b/doc/source/roles/role-undercloud_sysctl.rst
@@ -0,0 +1,6 @@
+=================
+undercloud_sysctl
+=================
+
+.. ansibleautoplugin::
+   :role: roles/undercloud_sysctl
diff --git a/playbooks/undercloud-sysctl.yaml b/playbooks/undercloud-sysctl.yaml
new file mode 100644
index 000000000..0b278ed32
--- /dev/null
+++ b/playbooks/undercloud-sysctl.yaml
@@ -0,0 +1,19 @@
+---
+- hosts: undercloud
+  vars:
+    metadata:
+      name: Verify undercloud sysctl option availability
+      description: |
+        The undercloud will not install properly if some of the expected sysctl
+        values are not available to be set.
+      groups:
+        - prep
+        - pre-upgrade
+        - pre-update
+      categories:
+        - os
+        - system
+      products:
+        - tripleo
+  roles:
+    - undercloud_sysctl
diff --git a/roles/undercloud_sysctl/defaults/main.yaml b/roles/undercloud_sysctl/defaults/main.yaml
new file mode 100644
index 000000000..cbe7406bc
--- /dev/null
+++ b/roles/undercloud_sysctl/defaults/main.yaml
@@ -0,0 +1,8 @@
+---
+undercloud_sysctl_options:
+  - net.ipv4.ip_forward
+  - net.ipv4.ip_nonlocal_bind
+
+undercloud_sysctl_ipv6_option: net.ipv6.ip_nonlocal_bind
+missing_options: []
+fail_options: false
diff --git a/roles/undercloud_sysctl/tasks/main.yaml b/roles/undercloud_sysctl/tasks/main.yaml
new file mode 100644
index 000000000..fa9ab0432
--- /dev/null
+++ b/roles/undercloud_sysctl/tasks/main.yaml
@@ -0,0 +1,50 @@
+---
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Check if ipv6 is enabled
+  become: true
+  register: stat_result
+  stat:
+    path: /proc/net/if_inet6
+
+- name: Set ipv6 option if enabled
+  set_fact:
+    undercloud_sysctl_options: "{{ undercloud_sysctl_options + [undercloud_sysctl_ipv6_option] }}"
+  when: stat_result.stat.exists
+
+- name: Check sysctl options
+  become: true
+  register: option_result
+  stat:
+    path: "/proc/sys/{{ item | replace('.', '/') }}"
+  loop: "{{ undercloud_sysctl_options }}"
+
+- name: Set missing options
+  set_fact:
+    missing_options: "{{ missing_options + [item.invocation.module_args.path] }}"
+  when: not item.stat.exists
+  loop: "{{ option_result.results }}"
+
+- name: Clear missing options for fail message
+  set_fact:
+    fail_options: "{{ missing_options | join(', ') | replace('/proc/sys/', '') | replace('/', '.')  }}"
+
+- name: Fail if some options are missing
+  fail:
+    msg: |
+      Required sysctl options are not available. Check
+      that your kernel is up to date. Missing: {{ fail_options }}
+  when: fail_options