Introduction
Networking is the backbone of any stable enterprise infrastructure. As a system administrator it is important for us to understand the network stack of the Linux operating systems and how to access network related information and manipulate it or modify it when required. We’ve written articles explaining the use of ifconfig and ip commands which essentially allow us to add/remove/update IP addresses on a Linux server. Although routing is a term that a network administrator is likely to be more familiar with but system administrators also come across it frequently.
In the simplest of terms routing is a means of sending an IP packet from one point to another. An IP packet in this case is any piece of information that is transmitted during a communication over the network. On Linux operating systems, information on how packets are to be forwarded is stored in a kernel structure called a routing table. We need to manipulate this table when configuring our systems to talk to other servers across a network. The route command is used to manipulate the kernel’s routing tables. Its primary use is to setup static routes to specific hosts or networks.
Routes can be static or dynamic. Dynamic routes are added on specialized routers whereas on the operating system level we use static routes only. In this article we will explain with examples on how to use the route command to display and manipulate the Linux kernels’ routing table.
Example 1: Display existing routes
To display existing routes set on the system run the route command without any options as shown below.
[root@linuxnix ~]# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.23.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@linuxnix ~]#
Given below is a description of some of the important fields mentioned in the above command line output.
- The Destination column identifies the destination network.
- The Gateway column identifies the defined gateway for the specified network. The 0.0.0.0 means that the network is locally connected on that interface and no more hops are needed to get to it.
- The Genmask column shows the netmask for the network
- Under the Flags section, the U flag means the route is up
- The Iface column shows the network interface
Example 2: Adding a default route
For Linux operating systems the default gateway is generally the IP address of the router that the system is connected to. The concept of default gateway basically implies that if the operating system does not have a route or destination to send an IP packet over to then it is sent out through the default gateway. The syntax for adding a default route is as follows:
route add default gw <IP address>
Given below is an example.
[root@linuxnix ~]# route add default gw 192.168.23.1 [root@linuxnix ~]#
To verify that the default route has been added we run the route -n command.
[root@linuxnix ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.23.1 0.0.0.0 UG 0 0 0 ens33 192.168.23.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@linuxnix ~]#
The G flag in the Flags section means that specified gateway should be used for this route. The destination of 0.0.0.0 implies that everything that is not already classified needs to be sent out through the specified default route. Note that there can be only one default gateway on the system.
Example 3: Adding a route
We can add a network route as well as a host route using the route command. Given below is an example of adding a network route using the route command.
[root@linuxnix ~]# route add -net 192.168.23.0 netmask 255.255.255.0 gw 192.168.23.1 [root@linuxnix ~]# [root@linuxnix ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.23.0 192.168.23.1 255.255.255.0 UG 0 0 0 ens33 192.168.23.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@linuxnix ~]#
Example 4: Delete a route
To delete a route we simply replace the word add used in the previous example to del as shown in the below example.
[root@linuxnix ~]# route del -net 192.168.23.0 netmask 255.255.255.0 gw 192.168.23.1 [root@linuxnix ~]# [root@linuxnix ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.23.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 [root@linuxnix ~]#
Example 5: Block access to a single host
We can block access to a particular host or network by rejecting routes to it. Given below is an example of blocking access to host with the IP address 193.168.23.131.
[root@linuxnix ~]# route add -host 193.168.23.131 reject [root@linuxnix ~]# [root@linuxnix ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.23.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 193.168.23.131 - 255.255.255.255 !H 0 - 0 - [root@linuxnix ~]#
The H in the Flags section indicates that this is a host route and the ! indicates that the route is being rejected or blocked.
Conclusion
This concludes our brief discussion on the concept of IP routing in Linux and the route command in Linux. We would like to mention that if you are working with a network that is leasing it’s IP address from DHCP then it’s likely that the DHCP server would be adding a route on the host to serve as a default route. The routes that we add using the route command are not presistent across reboots. In order to make them persist across reboots we need to add them to the corresponding /etc/sysconfig/network-scripts/route-<interface name> file.
Sahil Suri
Latest posts by Sahil Suri (see all)
- Google Cloud basics: Activate Cloud Shell - May 19, 2021
- Create persistent swap partition on Azure Linux VM - May 18, 2021
- DNF, YUM and RPM package manager comparison - May 17, 2021
- Introduction to the aptitude package manager for Ubuntu - March 26, 2021
- zypper package management tool examples for managing packages on SUSE Linux - March 26, 2021
