Route add on Linux
1. Adding route the network.
# route add -net network/mask gw default_gateway
# route add -net 192.168.10.0/24 gw 192.168.10.1
2. Using default gateway
# route add default gw default_gateway
# route add default gw 192.168.0.1
3. Add a route to a specific host
# route add -host hostname gw default_gateway
# rotue add -host 192.168.0.8 gw 192.168.0.1
4. Delete a route
# route del -network network/subnet default-gateway
# route del -net 192.168.10.0/24 gw 192.168.10.1
5. Delete the default gateway
# route del default gw default-gatway
# route del default gw 192.168.0.1
6. Remove a specific host from routing table
#route del -host ip-add gw default-gateway
# route del -host 192.168.0.8 gw 192.168.0.1
7. Print your routing table
# netstat -rn
# ip route
Note: Use -p flag on your route command to make the route permanent or add entry to /etc/sysconfig/static-routes.
-----------------------------------------------------------
1. Adding route the network.
# route add -net network/mask gw default_gateway
# route add -net 192.168.10.0/24 gw 192.168.10.1
2. Using default gateway
# route add default gw default_gateway
# route add default gw 192.168.0.1
3. Add a route to a specific host
# route add -host hostname gw default_gateway
# rotue add -host 192.168.0.8 gw 192.168.0.1
4. Delete a route
# route del -network network/subnet default-gateway
# route del -net 192.168.10.0/24 gw 192.168.10.1
5. Delete the default gateway
# route del default gw default-gatway
# route del default gw 192.168.0.1
6. Remove a specific host from routing table
#route del -host ip-add gw default-gateway
# route del -host 192.168.0.8 gw 192.168.0.1
7. Print your routing table
# netstat -rn
# ip route
Note: Use -p flag on your route command to make the route permanent or add entry to /etc/sysconfig/static-routes.
-----------------------------------------------------------
Configuring a Network Interface Using ifcfg Files
Interface configuration files control the software interfaces for individual network devices. As the system boots, it uses these files to determine what interfaces to bring up and how to configure them. These files are usually named
ifcfg-name
, where the suffix name refers to the name of the device that the configuration file controls. By convention, the ifcfg
file's suffix is the same as the string given by the DEVICE
directive in the configuration file itself.Static Network Settings
To configure an interface with static network settings using
ifcfg
files, for an interface with the nameeth0, create a file with name ifcfg-eth0
in the /etc/sysconfig/network-scripts/
directory as follows:DEVICE=eth0 BOOTPROTO=none ONBOOT=yes PREFIX=24 IPADDR=10.0.1.27Optionally specify the hardware or MAC address using the
HWADDR
directive. Note that this may influence the device naming procedure as explained in Chapter 8, Consistent Network Device Naming. You do not need to specify the network or broadcast address as this is calculated automatically byipcalc.Dynamic Network Settings
To configure an interface with dynamic network settings using
ifcfg
files, for an interface with nameem1, create a file with name ifcfg-em1
in the /etc/sysconfig/network-scripts/
directory as follows:DEVICE=em1 BOOTPROTO=dhcp ONBOOT=yesOptionally specify the hardware or MAC address using the
HWADDR
directive. Note that this may influence the device naming procedure as explained in Chapter 8, Consistent Network Device Naming.
To configure an interface to send a different host name to the
DHCP
server, add the following line to the ifcfg
file.DHCP_HOSTNAME=hostname
To configure an interface to ignore routes sent by a
DHCP
server, add the following line to the ifcfg
file.PEERDNS=noThis will prevent network service from updating
/etc/resolv.conf
with the DNS
servers received from a DHCP
server.
To configure an interface to use particular
DNS
servers, set PEERDNS=no
as described above and add lines as follows to the ifcfg
file:DNS1=ip-address DNS2=ip-addresswhere ip-address is the address of a
DNS
server. This will cause the network service to update /etc/resolv.conf
with the DNS
servers specified.
NetworkManager will by default call the
DHCP
client, dhclient, when a profile has been set to obtain addresses automatically, or when an interface configuration file has BOOTPROTO set to dhcp
. Where DHCP
is required, an instance of dhclient
is started for every Internet protocol, IPv4
and IPv6
, on an interface. Where NetworkManager is not running, or not managing an interface, then the legacy network service will call instances of dhclient
as required.Configuring a DHCP Client
The ip utility can be used to assign
IP
addresses to an interface. The command takes the following form:ip addr [ add | del ] address dev ifname
Assigning a Static Address Using ip Commands
To assign an
IP
address to an interface, issue a command as root
as follows:~]#Further examples and command options can be found in theip address add 10.0.0.3/24 dev eth0
The address assignment of a specific device can be viewed as follows: ~]#ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether f0:de:f1:7b:6e:5f brd ff:ff:ff:ff:ff:ff inet 10.0.0.3/24 brd 10.0.0.255 scope global global eth0 valid_lft 58682sec preferred_lft 58682sec inet6 fe80::f2de:f1ff:fe7b:6e5f/64 scope link valid_lft forever preferred_lft forever
ip-address(8)
manual page. Configuring Multiple Addresses Using ip Commands
As the ip utility supports assigning multiple addresses to the same interface it is no longer necessary to use the alias interface method of binding multiple addresses to the same interface. The ip command to assign an address can be repeated multiple times in order to assign multiple address. For example:
~]#ip address add 192.168.2.223/24 dev eth1
~]#ip address add 192.168.4.223/24 dev eth1
~]#ip addr
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:fb:77:9e brd ff:ff:ff:ff:ff:ff inet 192.168.2.223/24 scope global eth1 inet 192.168.4.223/24 scope global eth1
The commands for the ip utility are documented in the
ip(8)
manual page.
NOTE
ip commands given on the command line will not persist after a system restart.
Static routes are for traffic that must not, or should not, go through the default gateway. Routing is often handled by devices on the network dedicated to routing (although any device can be configured to perform routing). Therefore, it is often not necessary to configure static routes on Red Hat Enterprise Linux servers or clients. Exceptions include traffic that must pass through an encrypted VPN tunnel or traffic that should take a specific route for reasons of cost or security. The default gateway is for any and all traffic which is not destined for the local network and for which no preferred route is specified in the routing table. The default gateway is traditionally a dedicated network router.
Configuring Static Routes Using the Command Line
If static routes are required, they can be added to the routing table by means of the
ip route add
command and removed using the ip route del
command. The more frequently used ip route
commands take the following form:ip route [ add | del | change | append | replace ] destination-address
See the ip-route(8)
man page for more details on the options and formats.
Use the
ip route
command without options to display the IP
routing table. For example:~]$ ip route default via 192.168.122.1 dev ens9 proto static metric 1024 192.168.122.0/24 dev ens9 proto kernel scope link src 192.168.122.107 192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.126
To add a static route to a host address, in other words to a single
IP
address, issue a command as root
:ip route add 192.0.2.1 via 10.0.0.1 [dev
ifname]
Where 192.0.2.1 is the IP
address of the host in dotted decimal notation, 10.0.0.1 is the next hop address and ifname is the exit interface leading to the next hop.
To add a static route to a network, in other words to an
IP
address representing a range of IP
addresses, issue the following command as root
:ip route add 192.0.2.0/24 via 10.0.0.1 [dev
ifname]
where 192.0.2.0 is the IP
address of the destination network in dotted decimal notation and /24 is the network prefix. The network prefix is the number of enabled bits in the subnet mask. This format of network address slash network prefix length is sometimes referred to as classless inter-domain routing(CIDR) notation.
Static route configuration can be stored per-interface in a
/etc/sysconfig/network-scripts/route-interface
file. For example, static routes for theeth0 interface would be stored in the /etc/sysconfig/network-scripts/route-eth0
file. The route-interface
file has two formats: ip command arguments and network/netmask directives. These are described below.
See the
ip-route(8)
man page for more information on the ip route
command. Configuring The Default Gateway
The default gateway is determined by the network scripts which parse the
/etc/sysconfig/network
file first and then the network interface ifcfg
files for interfaces that are “up”. The ifcfg
files are parsed in numerically ascending order, and the last GATEWAY directive to be read is used to compose a default route in the routing table.
The default route can thus be indicated by means of the GATEWAY directive and can be specified either globally or in interface-specific configuration files. Specifying the gateway globally has certain advantages in static networking environments, especially if more than one network interface is present. It can make fault finding simpler if applied consistently.
In dynamic network environments, where mobile hosts are managed by NetworkManager, gateway information is likely to be interface specific and is best left to be assigned by
DHCP
. In special cases where it is necessary to influence NetworkManager's selection of the exit interface to be used to reach a gateway, make use of the DEFROUTE=no
command in the ifcfg
files for those interfaces which do not lead to the default gateway.
Global default gateway configuration is stored in the
/etc/sysconfig/network
file. This file specifies gateway and host information for all network interfaces. .
Static routes set using ip commands at the command prompt will be lost if the system is shutdown or restarted. To configure static routes to be persistent after a system restart, they must be placed in per-interface configuration files in the
/etc/sysconfig/network-scripts/
directory. The file name should be of the format route-ifname
. There are two types of commands to use in the configuration files; ip commands as explained in Section 2.4.4.1, “Static Routes Using the IP Command Arguments Format” and the Network/Netmask format as explained in Section 2.4.4.2, “Network/Netmask Directives Format”.
If required in a per-interface configuration file, for example
/etc/sysconfig/network-scripts/route-eth0
, define a route to a default gateway on the first line. This is only required if the gateway is not set via DHCP
and is not set globally in the /etc/sysconfig/network
file:default via 192.168.1.1 dev
interface
where 192.168.1.1 is the
IP
address of the default gateway. The interface is the interface that is connected to, or can reach, the default gateway. The dev
option can be omitted, it is optional. Note that this setting takes precedence over a setting in the /etc/sysconfig/network
file.
If a route to a remote network is required, a static route can be specified as follows. Each line is parsed as an individual route:
10.10.10.0/24 via 192.168.1.1 [dev
interface]
where 10.10.10.0/24 is the network address and prefix length of the remote or destination network. The address 192.168.1.1 is the
IP
address leading to the remote network. It is preferably the next hop address but the address of the exit interface will work. The “next hop” means the remote end of a link, for example a gateway or router. The dev
option can be used to specify the exit interface interface but it is not required. Add as many static routes as required.
The following is an example of a
route-interface
file using the ip command arguments format. The default gateway is 192.168.0.1
, interface eth0 and a leased line or WAN connection is available at 192.168.0.10
. The two static routes are for reaching the 10.10.10.0/24
network and the 172.16.1.10/32
host:default via 192.168.0.1 dev eth0 10.10.10.0/24 via 192.168.0.10 dev eth0 172.16.1.10/32 via 192.168.0.10 dev eth0
In the above example, packets going to the local
192.168.0.0/24
network will be directed out the interface attached to that network. Packets going to the 10.10.10.0/24
network and 172.16.1.10/32
host will be directed to 192.168.0.10
. Packets to unknown, remote, networks will use the default gateway therefore static routes should only be configured for remote networks or hosts if the default route is not suitable. Remote in this context means any networks or hosts that are not directly attached to the system.
Specifying an exit interface is optional. It can be useful if you want to force traffic out of a specific interface. For example, in the case of a VPN, you can force traffic to a remote network to pass through a tun0 interface even when the interface is in a different subnet to the destination network.
IMPORTANT
If the default gateway is already assigned by
DHCP
and if the same gateway with the same metric is specified in a configuration file, an error during start-up, or when bringing up an interface, will occur. The follow error message may be shown: "RTNETLINK answers: File exists". This error may be ignored.
You can also use the network/netmask directives format for
route-interface
files. The following is a template for the network/netmask format, with instructions following afterwards:ADDRESS0=10.10.10.0 NETMASK0=255.255.255.0 GATEWAY0=192.168.1.1
ADDRESS0=10.10.10.0
is the network address of the remote network or host to be reached.NETMASK0=255.255.255.0
is the netmask for the network address defined withADDRESS0=10.10.10.0
.GATEWAY0=192.168.1.1
is the default gateway, or anIP
address that can be used to reachADDRESS0=10.10.10.0
The following is an example of a
route-interface
file using the network/netmask directives format. The default gateway is 192.168.0.1
but a leased line or WAN connection is available at 192.168.0.10
. The two static routes are for reaching the 10.10.10.0/24
and 172.16.1.0/24
networks:ADDRESS0=10.10.10.0 NETMASK0=255.255.255.0 GATEWAY0=192.168.0.10 ADDRESS1=172.16.1.10 NETMASK1=255.255.255.0 GATEWAY1=192.168.0.10
Subsequent static routes must be numbered sequentially, and must not skip any values. For example,
ADDRESS0
, ADDRESS1
, ADDRESS2
, and so on.
IPsec, provided by Libreswan, is the preferred method for creating a VPN in Red Hat Enterprise Linux 7. Configuring an IPsec VPN using the command line is documented in the Red Hat Enterprise Linux 7 Security Guide.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Using_the_Command_Line_Interface.html
No comments:
Post a Comment