Network administrators are always looking for better ways to manipulate network configurations. Fortunately, the Linux operating system has a wealth of tools that make it easy to configure to your heart’s content. One such tool, the route command, allows you to manipulate the Linux kernel routing table. In this Daily Feature, I’ll explain how to use the route command to add and delete routes from the routing table as well as read information from the routing table, all of which will help to put you in complete control of your network system.

Route command syntax
The basic syntax of the routecommand will depend on how you want to use the routing table. If you want to add to the routing table, use route with this syntax.

If you want to delete a route from the routing table, simply substitute the del option with the add option.

Table A lists the syntax arguments and their descriptions.

Table A
Option Description
-v Show verbose output
-A Use the specified address family (i.e., inet, inet6, ax25, netrom, ipx, ddp, x25)
add Add the information (in the command) to the routing table
del Delete the specified entry from the table
-net The target is a network
host The target is a host
target The destination network or host (in dotted quad or hostnames)
netmask   The netmask to be used
gw Route packets via a gateway
metric Set the cost of a route to M
mss Set the maximum TCP segment size to M bytes
window Set the TCP window size to M
irtt Set the initial round-trip time to I millisecond
reject Install a blocking route to force a route lookup to fail (not for firewalling)
mod Install a modified route (for diagnostic purposes)
dyn Install a dynamic route (for diagnostic purposes)
dev Associate the route to a specified device

Sample uses
Below are samples of how you can use the route command. Since there are copious possible uses and examples, I have listed only the most useful.

View the routing table
In order to view the routing table, without modification, use route (with no arguments). The output of this command will look like Table B.

Table B
Destination Gateway Genmask Flags Metric Ref Use Iface *   U 0 0 0 eth1 *   U 0 0 0 vmnet8 *   U 0 0 0 vmnet1 *   U 0 0 0 lo
default   UG 0 0 0 eth1

Notice the Flag column in Table B. To further explain this column, Table C lists the nine possible Flags that can appear.

Table C
Flag Description
U Route is up
H Target is a host
G Use gateway
R Reinstate route for dynamic routing
D Dynamically installed by daemon or redirect
M Modified from routing daemon or redirect
A Installed by addrconf
C Cache entry
! Reject route
Don’t assume that the ! Flag can be a replacement for firewalling.

Numerical addresses

If you want to see numerical addresses (instead of symbolic host names), add the –n switch.

Add the loopback entry
To add the loopback entry to the routing table, enter:
route add -net

This statement adds the standard Linux loopback entry to the routing table. The -net argument is used because, internally, the machine must think of itself as its own network.

Add a route to a specific network via a specific network device
To add a route to a specified network (via a specific device), the route command is used in this way:
route add -net netmask dev eth1

The above command will create a route to the network through the eth1 device. In this instance, the netmask argument is optional because 192.* is a Class C network and the netmask is assumed. For efficiency, this command could also drop the dev argument.

Add a default gateway to the routing table
To add a default gateway route (to be used when no other route matches), the gw argument is used, like this:
rout add default gw our_gateway

In order for the above command to work, a route to our_gateway must already be defined. Replacing our_gateway with the actual IP address of the gateway machine could do this, or you could even add the IP address of our_gateway into the /etc/hosts file. A host name must be able to be mapped to a legal IP address (one way or another) or the entry cannot be added to the routing table. Attempting to add an unknown address to the routing table will result in a Host name lookup failure error message.

Multiple routes
Don’t forget that it’s possible to have more than one network interface in a Linux machine. With this in mind (and route at your command), you can easily multihome a Linux box. Let’s say you want to use eth0 for all internal traffic. If your internal traffic uses a 192.168.1 IP addressing scheme and the internal gateway is, then you should issue route like:
route add default gw dev eth0

Now your second network device will be used for external traffic with a default gateway of (Note: This is an imaginary IP address.) To force external traffic through eth1, use route like:
route add default gw dev eth1

With this in place, any attempts at accessing internal addressing will pass through eth0 and attempts to access external addressing will pass through eth1.


Note: The above discussion does not apply to DNS. Proper DNS entries for both internal and external networks must be in place for the multihomed server to work properly.

Those who can’t…
While the route command is certainly the most efficient method for configuring the routing table, I would like to mention that there is an alternative. For those who are “command-line impaired,” the Webmin tool allows you to configure the routing table through a simple, user-friendly interface. The one drawback to this browser-based route configuration tool is that it requires an HTTP server to be installed. There are instances when having a minimal number of services installed on a server is desired. Say, for instance, you are using your Linux server as a DNS server. Unless you have to configure DNS through Webmin, you will probably want to keep HTTP off that machine to save any possible security holes and CPU cycles.

But, as cyperpunk author Neil Stephenson so elegantly put it, “In the beginning was the command line….” And, in the end, that’s still the best tool for the job.