Are you a Linux user who wants to have more control over your network connectivity? Do you want to learn how to manage the routes that determine how your system communicates with other hosts and networks? If so, you need to know about the ip route command.
The ip route command is a powerful tool that allows you to display, add, delete, or modify routes in the kernel routing table. The kernel routing table is a data structure that stores information about how packets are forwarded between different hosts and networks. By using the ip route command, you can configure your system’s network behavior according to your needs and preferences.
In this article, you will learn everything you need to know about the ip route command in Linux. You will learn how to use it with some common examples and advanced features. You will also learn about routing tables, routing policies, and routing metrics, which are important concepts for understanding how routing works in Linux.
How to Use the ip route Command
The general format for using the ip route command is:
bash
ip route [COMMAND] [OPTIONS] [DESTINATION] [VIA] [DEVICE]
COMMAND
can be one of the following: show (or list), add, delete, replace, change, append, prepend, test, or flush. If you don’t specify any command, show is assumed by default.OPTIONS
can be any of the available options for the ip route command, such as scope, table, metric, protocol, etc. You can use theip route help
command to see a list of all options.DESTINATION
can be a network address (e.g., 192.168.1.0/24), a host address (e.g., 192.168.1.1), or default (which means all destinations that are not explicitly specified in other routes).VIA
can be an IP address of a gateway (e.g., via 192.168.1.254) or an interface name (e.g., dev eth0).DEVICE
can be an interface name (e.g., dev eth0) or an interface index (e.g., dev 2).
ip route Command Examples
Let’s see some examples of how to use the ip route command in Linux for different purposes.
Displaying routes
To display all routes in the kernel routing table, you can use either of these commands:
bash
ip route show
ip route list
The output will look something like this:
bash
default via 192.168.1.254 dev eth0 proto dhcp metric 100
169.254.0.0/16 dev eth0 scope link metric 1000
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100
The output shows three routes: one for the default gateway (which is used for destinations that are not matched by any other route), one for the link-local network (which is used for zero-configuration networking), and one for the local network (which is used for hosts on the same subnet).
To display a single route for a specific destination, you can use this command:
bash
ip route get [DESTINATION]
For example, if you want to see the route that would be used to reach 8..8..8..8 (which is one of Google’s public DNS servers), you can use this command:
bash
ip route get 8.8.8.8
The output will look something like this:
bash
8.8.8.8 via 192.168.1.254 dev eth0 src 192.168.1.100 uid 1000
cache
The output shows the route that would be used to reach 8..8..8..8. It also shows the source address, the user ID, and the cache status of the route.
To display routes with a specific attribute, you can use this command:
bash
ip route show [OPTION]
For example, if you want to see only routes with a metric of 100, you can use this command:
bash
ip route show metric 100
The output will look something like this:
bash
default via 192.168.1.254 dev eth0 proto dhcp metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100
Adding routes
To add a route to a network, you can use this command:
bash
ip route add [NETWORK] via [GATEWAY] dev [DEVICE]
For example, if you want to add a route to the network 10..54./24 via the gateway 19..68..54 on the device etho, you can use this command:
bash
ip route add 10..54./24 via 19..68..54 dev etho
The output will not show anything, but you can verify that the new route has
been added to the routing table by using the ip route show
command.
To add a route to a host, you can use this command:
bash
ip route add [HOST] via [GATEWAY] dev [DEVICE]
For example, if you want to add a route to the host 10..54..1 via the gateway 19..68..54 on the device etho, you can use this command:
bash
ip route add 10..54..1 via 19..68..54 dev etho
The output will not show anything, but you can verify that the new route has
been added to the routing table by using the ip route show
command.
To add a default route, you can use this command:
bash
ip route add default via [GATEWAY] dev [DEVICE]
For example, if you want to add a default route via the gateway 19..68..54 on the device etho, you can use this command:
bash
ip route add default via 19..68..54 dev etho
The output will not show anything, but you can verify that the new default
route has been added to the routing table by using the ip route show
command.
Deleting routes
To delete a route, you can use this command:
bash
ip route delete [DESTINATION] via [GATEWAY] dev [DEVICE]
You need to specify the same parameters as when you added the route.
For example, if you want to delete the route to the network 10..54./24 that you added earlier, you can use this command:
bash
ip route delete 10..54./24 via 19..68..54 dev etho
The output will not show anything, but you can verify that the route has been
deleted from the routing table by using the ip route show
command.
Modifying routes
To modify an existing route, you can use either of these commands:
bash
ip route replace [DESTINATION] via [GATEWAY] dev [DEVICE] [OPTIONS]
ip route change [DESTINATION] via [GATEWAY] dev [DEVICE] [OPTIONS]
You need to specify the same parameters as when you added or deleted the route, plus any options that you want to change.
The difference between these two commands is that replace will create a new route if none exists, while change will only modify an existing route.
For example, if you want to change the metric of the default route from 100 to 50, you can use either of these commands:
bash
ip route replace default via 19..68..54 dev etho metric 50
ip route change default via 19..68..54 dev etho metric 50
The output will not show anything, but you can verify that the metric of the
default route has been changed by using the ip route show
command.
Advanced Features of the ip route Command
The ip route command also supports some advanced features that allow you to manage multiple routing tables, routing policies, and routing metrics.
Routing tables
Routing tables are data structuresthat store information about how packets are forwarded between different hosts and networks. Linux supports multiple routing tables, which can be used for different purposes. For example, you can use different routing tables for different interfaces, protocols, or users.
To use multiple routing tables, you need to specify the table name or number
with the ip route
command. For example, to add a route to the table named
“vpn”, you can use this command:
bash
ip route add [DESTINATION] via [GATEWAY] dev [DEVICE] table vpn
To display the routes in a specific table, you can use this command:
bash
ip route show table [TABLE]
To list all the available tables, you can use this command:
bash
ip route show table all
You can also define your own custom tables by editing the
/etc/iproute2/rt_tables
file. For example, to create a table named “custom”
with the number 100, you can add this line to the file:
bash
100 custom
Then, you can use the “custom” table with the ip route
command as usual.
Routing policies
Routing policies are rules that determine which routing table to use for a given packet. Linux supports multiple routing policies, which can be used for different purposes. For example, you can use different routing policies for different sources, destinations, or priorities.
To use multiple routing policies, you need to use the ip rule
command, which
is another tool from the iproute2 package. The ip rule
command allows you to
add, delete, or show rules in the kernel policy database.
The general format for using the ip rule
command is:
bash
ip rule [COMMAND] [OPTIONS] [PRIORITY]
COMMAND
can be one of the following: add, delete, or show. If no command is specified, show is assumed by default.OPTIONS
can be any of the available options for theip rule
command, such as from, to, fwmark, iif, oif, table, etc. You can use theip rule help
command to see a list of all options.PRIORITY
can be a number that indicates the order of the rule in the policy database. The lower the number, the higher the priority.
ip rule Command Examples
Here are some examples of how to use the ip rule command in Linux for different purposes.
Adding rules
To add a rule to the policy database, you can use this command:
bash
ip rule add [OPTIONS] [PRIORITY]
For example, if you want to add a rule that says that packets from 192..68..100 should use the table “vpn”, you can use this command:
bash
ip rule add from 192..68..100 table vpn
The output will not show anything, but you can verify that the new rule has
been added to the policy database by using the ip rule show
command.
To add a rule with a specific priority, you can use this command:
bash
ip rule add [OPTIONS] priority [PRIORITY]
For example, if you want to add a rule that says that packets to 10..54./24 should use the table “custom” with a priority of 200, you can use this command:
bash
ip rule add to 10..54./24 table custom priority 200
The output will not show anything, but you can verify that the new rule has
been added to the policy database by using the ip rule show
command.
Deleting rules
To delete a rule from the policy database, you can use this command:
bash
ip rule delete [OPTIONS] [PRIORITY]
You need to specify the same parameters as when you added the rule.
For example, if you want to delete the rule that says that packets from 192..68..100 should use the table “vpn” that you added earlier, you can use this command:
bash
ip rule delete from 192..68..100 table vpn
The output will not show anything, but you can verify that the rule has been
deleted from the policy database by using the ip rule show
command.
Showing rules
To show all rules in the policy database, you can use either of these commands:
bash
ip rule show
ip rule list
The output will look something like this:
bash
0: from all lookup local
200: from all to 10..54./24 lookup custom
32766: from all lookup main
32767: from all lookup default
The output shows four rules: one for local addresses (which are handled by the kernel), one for custom addresses (which are handled by the custom table), one for main addresses (which are handled by the main table), and one for default addresses (which are handled by the default table).
Routing metrics
Routing metrics are values that indicate the cost or preference of a route. Linux supports multiple routing metrics, which can be used for different purposes. For example, you can use different routing metrics for different protocols, interfaces, or gateways.
To use multiple routing metrics, you need to specify the metric name or number
with the ip route
command. For example, to add a route with a metric of 50,
you can use this command:
bash
ip route add [DESTINATION] via [GATEWAY] dev [DEVICE] metric 50
To display the routes with a specific metric, you can use this command:
bash
ip route show metric [METRIC]
To list all the available metrics, you can use this command:
bash
ip route show metric all
You can also define your own custom metrics by editing the
/etc/iproute2/rt_metrics
file. For example, to create a metric named
“reliability” with the number 10, you can add this line to the file:
bash
10 reliability
Then, you can use the “reliability” metric with the ip route
command as
usual.
Conclusion
In this article, you have learned how to use the ip route command in Linux to manage your network connectivity. You have also learned about some advanced features of the ip route command, such as routing tables, routing policies, and routing metrics.
The ip route command is a powerful and versatile tool that can help you configure your system’s network behavior according to your needs and preferences. By mastering the ip route command, you can have more control over your network connectivity and performance.