Manually set up a routing table in Linux using the route command. This article explains the syntax and the various options.
Network administrators are always looking for better ways to manipulate network configurations. Fortunately, the Linux operating system has a wealth of tools that make it easy to configure to your heart’s content. One such tool, the route command, allows you to manipulate the Linux kernel routing table. In this Daily Feature, I’ll explain how to use the route command to add and delete routes from the routing table as well as read information from the routing table, all of which will help to put you in complete control of your network system.
Route command syntax
The basic syntax of the routecommand will depend on how you want to use the routing table. If you want to add to the routing table, use route with this syntax.
If you want to delete a route from the routing table, simply substitute the del option with the add option.
Table A lists the syntax arguments and their descriptions.
|-v||Show verbose output|
|-A||Use the specified address family (i.e., inet, inet6, ax25, netrom, ipx, ddp, x25)|
|add||Add the information (in the command) to the routing table|
|del||Delete the specified entry from the table|
|-net||The target is a network|
|host||The target is a host|
|target||The destination network or host (in dotted quad or hostnames)|
|netmask||The netmask to be used|
|gw||Route packets via a gateway|
|metric||Set the cost of a route to M|
|mss||Set the maximum TCP segment size to M bytes|
|window||Set the TCP window size to M|
|irtt||Set the initial round-trip time to I millisecond|
|reject||Install a blocking route to force a route lookup to fail (not for firewalling)|
|mod||Install a modified route (for diagnostic purposes)|
|dyn||Install a dynamic route (for diagnostic purposes)|
|dev||Associate the route to a specified device|
Below are samples of how you can use the route command. Since there are copious possible uses and examples, I have listed only the most useful.
View the routing table
In order to view the routing table, without modification, use route (with no arguments). The output of this command will look like Table B.
Notice the Flag column in Table B. To further explain this column, Table C lists the nine possible Flags that can appear.
|U||Route is up|
|H||Target is a host|
|R||Reinstate route for dynamic routing|
|D||Dynamically installed by daemon or redirect|
|M||Modified from routing daemon or redirect|
|A||Installed by addrconf|
If you want to see numerical addresses (instead of symbolic host names), add the -n switch.
Add the loopback entry
To add the loopback entry to the routing table, enter:
route add -net 127.0.0.1
This statement adds the standard Linux loopback entry to the routing table. The -net argument is used because, internally, the machine must think of itself as its own network.
Add a route to a specific network via a specific network device
To add a route to a specified network (via a specific device), the route command is used in this way:
route add -net 192.168.1.1 netmask 255.255.255.0 dev eth1
The above command will create a route to the 192.168.1.1 network through the eth1 device. In this instance, the netmask argument is optional because 192.* is a Class C network and the netmask is assumed. For efficiency, this command could also drop the dev argument.
Add a default gateway to the routing table
To add a default gateway route (to be used when no other route matches), the gw argument is used, like this:
rout add default gw our_gateway
In order for the above command to work, a route to our_gateway must already be defined. Replacing our_gateway with the actual IP address of the gateway machine could do this, or you could even add the IP address of our_gateway into the /etc/hosts file. A host name must be able to be mapped to a legal IP address (one way or another) or the entry cannot be added to the routing table. Attempting to add an unknown address to the routing table will result in a Host name lookup failure error message.
Don’t forget that it’s possible to have more than one network interface in a Linux machine. With this in mind (and route at your command), you can easily multihome a Linux box. Let’s say you want to use eth0 for all internal traffic. If your internal traffic uses a 192.168.1 IP addressing scheme and the internal gateway is 192.168.1.1, then you should issue route like:
route add default gw 192.168.1.1 dev eth0
Now your second network device will be used for external traffic with a default gateway of 184.108.40.206. (Note: This is an imaginary IP address.) To force external traffic through eth1, use route like:
route add default gw 220.127.116.11 dev eth1
With this in place, any attempts at accessing internal addressing will pass through eth0 and attempts to access external addressing will pass through eth1.
Note: The above discussion does not apply to DNS. Proper DNS entries for both internal and external networks must be in place for the multihomed server to work properly.
Those who can’t…
While the route command is certainly the most efficient method for configuring the routing table, I would like to mention that there is an alternative. For those who are “command-line impaired,” the Webmin tool allows you to configure the routing table through a simple, user-friendly interface. The one drawback to this browser-based route configuration tool is that it requires an HTTP server to be installed. There are instances when having a minimal number of services installed on a server is desired. Say, for instance, you are using your Linux server as a DNS server. Unless you have to configure DNS through Webmin, you will probably want to keep HTTP off that machine to save any possible security holes and CPU cycles.
But, as cyperpunk author Neil Stephenson so elegantly put it, “In the beginning was the command line….” And, in the end, that’s still the best tool for the job.