The route command is the interface used to access the Linux kernel’s routing tables. The route command operates in three modes: display, add, and delete. When used to add or delete routes from the routing table, its use is generally limited to adding and removing static route entries.
When route is used with no parameters, the route command prints the routing table to stdout:
[root@lefty /root]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface Lefty * 255.255.255.255 UH 0 0 0 eth0 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
The Destination column when combined with the Genmask, which is the netmask of the destination network, identifies the network entry to be routed. The Gateway column identifies the gateway to be used for the particular network, should the G (gateway) flag be set in the Flags column. The Flags column tells the administrator how the kernel is going to interpret the routing entry. The various flags and their meanings are summarized in Table 9.5.
Flag | Description |
---|---|
! | Learned routes for this network are rejected. |
A | Route added by addrconf, an IPv6 address configuration protocol. (http://www.ietf.cnri.reston.va.us/proceedings/95apr/charters/addrconf-charter.html) |
C | Cache entry. |
D | Route created by routing daemon (D) or ICMP redirect. |
G | Use the gateway (G) identified in the Gateway column for traffic bound to the network identified in the routing entry. |
M | route has been modified (M) by a routing daemon or ICMP redirect. |
R | Reinstate routing to allow routing updates for this particular routing entry. |
U | The network route is created (up) and will be used by the kernel to make routing decisions. |
The route command without any parameters is equivalent to the netstat -r command covered later in this chapter.
The -C option displays the cache statistics for routing entries as well as directly connected hosts. The output of the route command with -C also shows the source and destination addresses that triggered the route lookup. The -C parameter is used to see that routing entries are active and being used. Here is an example of route -C in action:
[root@lefty /root]# route -C Kernel IP routing cache Source Destination Gateway Flags Metric Ref Use Iface lefty host4.some.com 192.168.1.1 0 0 10 eth0 lefty 192.168.1.102 192.168.1.102 0 2 4 eth0 lefty host4.some.com 192.168.1.1 0 0 10 eth0
Each entry shows the source, followed by the destination, and the gateway of the traffic that used the route. Notice in the second entry that the destination and gateway are actually the same address. This signifies a directly connected host. The Use column shows how many packets were sent for that particular entry, and the Iface column reports the local interface the traffic used.
The -n option turns off name resolution so that all the entries printed with the route command are printed using IP addresses rather than host names.
The -v option was originally used with the route command to provide additional information—most notably the netmask of the route entry; however, current versions of the route command provide the additional information without the -v. It is just covered here for your reference in case an older version of Linux or route command is used.
The -V displays route’s version, as well as the net tool version and the protocols supported:
[root@lefty /root]# route -V net-tools 1.54 route 1.96 (1999-01-01) +NEW_ADDRT +RTF_IRTT +RTF_REJECT +I18N AF: (inet) +UNIX +INET +INET6 +IPX +AX25 +NETROM +ATALK +ECONET +ROSE HW: +ETHER +ARC +SLIP +PPP +TUNNEL +TR +AX25 +NETROM +FR +ROSE +ASH +SIT +FDDI+HIPPI +HDLC/LAPB
The real power of the route command is to add static routes that affect routing on the local node and, if a routing daemon is running on that local node, affect traffic within the autonomous system as well.
The route command used to add routes takes the following format:
route add -net destination netmask netmask gw gateway address
For example, to route all traffic destined for 10.1.1.0/24 to the router at 192.168 .1.253, use
[root@lefty /root]# route add -net 10.1.1.0 netmask 255.255.255.0 gw 192.168.1.253
To add a routing entry for a specific host, the -host parameter is used, and the routing entry does not need the netmask parameter. To add a route for 192.168.1.200 to 192.168.1.1, the route command would look like this:
[root@lefty /root]# route add -host 192.168.1.200 gw 192.168.1.1
This route command would then create an entry that would appear as the following when the route command is entered without any parameters:
[root@lefty /root]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.200 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
For PPP networks it is sometimes necessary or preferable to route to a network interface rather than a gateway address. This is used to allow IP addresses to be saved by not using an IP transit network for the serial connection or to create a route when a nonbroadcast network is used. An example follows, but the subject is covered more thoroughly in Chapter 7, “Kernel Support Tools.”
[root@lefty /root]# route add -net 10.10.10.0 netmask 255.255.255.0 ppp0