Routing is the way that computers communicate on a local network or over internet. When you want to talk to someone, you need to know his position and how you can join it. To communicate over a network (big or not), computers need to know the path to take and this is possible with routers which give dynamically this information. There is a multitude of paths (indicated by routers) over the internet network but you can have a specific path to use and then you must configure it manually. The command which helps us to manually configure a route on Linux is the add command.
1) Show the routing table
Before editing the routing table, it is good to see the default table with the existing routes on your Linux Kernel. To do this, there is some commands that we will see:
- route -n : the route command shows / manipulates the IP routing table. Using with the
-nparameter, it shows numerical addresses instead of trying to determine symbolic host names. The values can be interpreted by humans. This command helps to identify the locally connected networks with route. This command adds static routes in the system, routes will be saved till next reboot.
Display the routing table with route command
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
- netstat -nr : the netstat command prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. Using with the
-nrparameters, it does like route command with additional information.
Display the routing table with netstat command
# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
2) Add a new route
As we say above, to manipulate the routing table, we use the route add command ( add is a parameter) to manually indicate a static path that the packets will use through the network. It is used to assign a permanent or static route which will change only if the administrator manually modify the values of the new route.
There are many possibilities for using the route add command:
- route add -net <network_address> gw <gateway> <interface_name> : to indicate the destination network we want to join. We must specify the mask of the network and the gateway to use.
We will add a new route 10.0.0.0 and display the routing table
# route add -net 10.0.0.0/8 gw 192.168.1.1 eno1 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 eno1 10.0.0.0 192.168.1.1 255.0.0.0 UG 0 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
You can add netmask switch if you want to add netmask value. If not provided then route command finds automatically the value of netmask.
# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.100 eth0 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 192.168.1.100 255.255.255.0 UG 0 0 0 eth0 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 169.254.0.0 * 255.255.0.0 U 0 0 0 eth0 10.0.0.0 192.168.1.254 255.0.0.0 UG 0 0 0 eth0 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
- route add -host <host_IP_address> gw <gateway> : to indicate a specific host that we want to join. We must only indicate the gateway to use.
We will add a specific host 10.0.0.10 and display the routing table
# route add -host 10.0.0.10 gw 192.168.1.1 eno1 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 eno1 10.0.0.0 192.168.1.1 255.0.0.0 UG 0 0 0 eno1 10.0.0.10 192.168.1.1 255.255.255.255 UGH 0 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
In the above examples, the flag column has differents values and that can be incomprehensible for most of you; that is why I will give you the signification of the flag's values. You can have it with the command man route
Flags Possible flags include
U - route is up
H - target is a host
G - use gateway
R - reinstate route for dynamic routing
D - dynamically installed by daemon or redirect
M - modified from routing daemon or redirect
A - installed by addrconf
C - cache entry
! - reject route
3) Reject and Deleting a route
We can manipulate the routing table not only to add statics routes but also to delete or reject a route that we insert early.
- route del -net <network_address> gw <gateway> <interface_name> : to delete a destination network from the routing table
We will delete the route to our 10.0.0.0/8 network and see the result
# route del -net 10.0.0.0/8 gw 192.168.1.1 eno1 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 eno1 10.0.0.10 192.168.1.1 255.255.255.255 UGH 0 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
- route add -host <host_IP_address> reject : to ban an IP address but it is still on the routing table. Note that we still use the add parameter but at the end of the command, we have reject parameter. We can conserve our gateway or not but we don't mention the output interface.
We will reject our host 10.0.0.10 and display the routing table
# route add -host 10.0.0.10 reject # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 eno1 10.0.0.10 - 255.255.255.255 !H 0 - 0 - 10.0.0.10 192.168.1.1 255.255.255.255 UGH 0 0 0 eno1 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eno1 172.16.20.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-707c8e2f7441 192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 eno1 192.168.161.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1
Note: For Persistent static routes (default gateway) for any linux distribution can be added to /etc/rc.local.
Conclusion
We have seen how to add a route over a network on internet or not. This is for manual and static methods. We must note than with that method, the route will not change unless you modify it. It is important to delete route that we don't need.
Have anything to say?