ROUTE(8) BSD System Manager's Manual ROUTE(8)NAMEroute - manually manipulate the routing tables.
SYNOPSISroute [-nqv] command [[modifiers] args]
DESCRIPTION
Route is a utility used to manually manipulate the network routing ta-
bles. It normally is not needed, as a system routing table management
daemon such as routed(8), should tend to this task.
The route: utility supports a limited number of general options, but a
rich command language, enabling the user to specify any arbitrary request
that could be delivered via the programmatic interface discussed in
route(4).
-n Bypasses attempts to print host and network names symbolically
when reporting actions. (The process of translating between sym-
bolic names and numerical equivalents can be quite time consum-
ing, and may require correct operation of the network; thus it
may be expedient to forgo this, especially when attempting to re-
pair networking operations),
-v (verbose) Print additional details.
-q Suppress all output.
The route: utility provides six commands:
add Add a route.
flush Remove all routes.
delete Delete a specific route.
change Change aspects of a route (such as its gateway).
get Lookup and display the route for a destination.
monitor Continuously report any changes to the routing information
base, routing lookup misses, or suspected network partition-
ings.
The monitor command has the syntax
route [-n] monitor
The flush command has the syntax
route [-n] flush [family]
If the flush command is specified, route will ``flush'' the routing ta-
bles of all gateway entries. When the address family may is specified by
any of the -osi, -xns, -inet, or -inet6 modifiers, only routes having
destinations with addresses in the delineated family will be deleted.
The other commands have the following syntax:
route [-n] command [-net | -host] destination [-gateway] gateway
where destination is the destination host or network, gateway is the
next-hop intermediary via which packets should be routed. Routes to a
particular host may be distinguished from those to a network by inter-
preting the Internet address specified as the destination argument. For
IP and IPv6 the word ``default'' can be used as a destination.
To enable IPv6 in IPv4 automatic host-to-host tunneling (as mentioned in
the IPv6 Transition Mechanisms document), one must ifconfig an interface
with a v4-compatible address, and subnet mask corresponding to the IPv4
netmask, and then one must specify the -htunnel flag (see below), a
destination of ``transdefault,'' and a gateway of some random IPv4 ad-
dress.
Example:
route [-n] add -htunnel transdefault IPv4-gateway
The above will enable a self-tunneling IPv6-in-IPv4 route.
Host and network tunnel routes can also be setup. Tunnel routes allow a
packet sent to a particular destination host or network to be encapsulat-
ed in another IP (v4 or v6) packet with the encapsulating packet ad-
dressed to the host specified by the gateway field. Supported modes of
encapsulation include: IPv6-in-IPv4, IPv6-in-IPv6, IPv4-in-IPv4, and
IPv4-in-IPv6. The mode selected is based on the address family of the
destination and gateway field. IPSEC security may be applied to a tunnel
route using the -auth and/or -encrypt options. If applied, the authenti-
cation and or encryption is done on the outer encapsulating packet and
appropriate security associations between the current node and the
gateway node will be required. See key(8).
The following syntax is used to add or delete tunnel routes:
route [-n] command [-inet | -inet6] destination -netmask netmask
-tunnel [-auth] [-encrypt] [-inet | -inet6] gateway
Examples:
route add -inet IPv4-net -tunnel -auth -encrypt -inet IPv4-gateway
The above will create an IPv4-in-IPv4 authenticated and encrypted tunnel
between the current node and IPv4-gateway for packets destined for
IPv4-net.
route add -inet6 IPv6-net -netmask IPv6-netmask -tunnel -auth -inet
IPv4-gateway
The above route will encapsulate IPv6 packets destined for IPv6-net in an
authenticated IPv4 packet that will be sent from the current node to
IPv4-gateway.
The optional modifiers -net and -host force the destination to be inter-
preted as a network or a host, respectively. Otherwise, if the
destination has a ``local address part'' of INADDR_ANY , or if the
destination is the symbolic name of a network, then the route is assumed
to be to a network; otherwise, it is presumed to be a route to a host.
For example, 128.32 is interpreted as -host 128.0.0.32; 128.32.130 is in-
terpreted as -host 128.32.0.130; -net 128.32 is interpreted as
128.32.0.0; and -net 128.32.130 is interpreted as 128.32.130.0.
If the destination is directly reachable via an interface requiring no
intermediary system to act as a gateway, the -interface modifier should
be specified; the gateway given is the address of this host on the common
network, indicating the interface to be used for transmission.
The optional modifiers -xns, -inet6, -osi, and -link specify that all
subsequent addresses are in the XNS, INET6, or OSI address families, or
are specified as link-level addresses, and the names must be numeric
specifications rather than symbolic names.
The optional -netmask qualifier is intended to achieve the effect of an
OSI ESIS redirect with the netmask option, or to manually add subnet
routes with netmasks different from that of the implied network interface
(as would otherwise be communicated using BGPv4, IS-IS, OSPF, RIP-II or
other routing protocols that propagate netmasks). One specifies an addi-
tional ensuing address parameter (to be interpreted as a network mask).
AF_INET6 needs this also, since all IPv6 addresses are classless. The
implicit network mask generated in the AF_INET case can be overridden by
making sure this option follows the destination parameter. CIDR style
address/netmask specification is allowed by following an IPv4 or IPv6 ad-
dress with a forward slash ('/') and the network prefix.
Routes have associated flags which influence operation of the protocols
when sending to destinations matched by the routes. These flags may be
set (or sometimes cleared) by indicating the following corresponding mod-
ifiers:
-cloning RTF_CLONING - generates a new route on use
-cloned RTF_CLONED - a cloned host route-xresolve RTF_XRESOLVE - emit mesg on use (for external lookup)
-interface ~RTF_GATEWAY - destination is directly reachable
-static RTF_STATIC - manually added route-nostatic ~RTF_STATIC - pretend route added by kernel or daemon
-reject RTF_REJECT - emit an ICMP unreachable when matched
-blackhole RTF_BLACKHOLE - silently discard pkts (during updates)
-proto1 RTF_PROTO1 - set protocol specific routing flag #1
-proto2 RTF_PROTO2 - set protocol specific routing flag #2
-llinfo RTF_LLINFO - validly translates proto addr to link addr
-rtunnel RTF_TUNNEL|RTF_GATEWAY - tunnel packets to a border router
-tunnel (alias for rtunnel)
-htunnel RTF_TUNNEL (~RTF_GATEWAY) - tunnel packets to a host
(WARNING: Results can be
unpredictable.)
-auth RTF_AUTH - authenticated tunnel
-encrypt RTF_CRYPT - encrypted tunnel
The optional modifiers -rtt, -rttvar, -sendpipe, -recvpipe, -mtu,
-hopcount, -expire, and -ssthresh provide initial values to quantities
maintained in the routing entry by transport level protocols, such as TCP
or TP4. These may be individually locked by preceding each such modifier
to be locked by the -lock meta-modifier, or one can specify that all en-
suing metrics may be locked by the -lockrest meta-modifier. Locking the
-mtu value on a route will disable Path MTU Discovery for all TCP connec-
tions using that route. Setting the -expire value will cause the route
to be deleted in the specified number of seconds. (Note: route accepts
and displays the -expire value as a relative offset to the current time,
even though it is stored in the kernel as an absolute time.)
In a change or add command where the destination and gateway are not suf-
ficient to specify the route (as in the ISO case where several interfaces
may have the same address), the -ifp or -ifa modifiers may be used to de-
termine the interface or interface address.
All symbolic names specified for a destination or gateway are looked up
first as a host name using gethostbyname(3). If this lookup fails, get-
netbyname(3) is then used to interpret the name as that of a network.
Route uses a routing socket and the new message types RTM_ADD,
RTM_DELETE, RTM_GET, and RTM_CHANGE. As such, only the super-user may
modify the routing tables.
DIAGNOSTICS
add [host | network ] %s: gateway %s flags %x
The specified route is being added to the tables. The values
printed are from the routing table entry supplied in the ioctl(2)
call. If the gateway address used was not the primary address of
the gateway (the first one returned by gethostbyname(3)), the
gateway address is printed numerically as well as symbolically.
delete [ host &| network ] %s: gateway %s flags %x
As above, but when deleting an entry.
%s %s done
When the flush command is specified, each routing table entry
deleted is indicated with a message of this form.
Network is unreachable
An attempt to add a route failed because the gateway listed was
not on a directly-connected network. The next-hop gateway must
be given.
not in table
A delete operation was attempted for an entry which wasn't pre-
sent in the tables.
routing table overflow
An add operation was attempted, but the system was low on re-
sources and was unable to allocate memory to create the new en-
try.
SEE ALSOnetintro(4), route(4), esis(4), routed(8), XNSrouted(8)HISTORY
The route command appeared in 4.2BSD.
BUGS
The first paragraph may have slightly exaggerated routed's abilities.
Some of the options available with IPv4 routes are either not available
or not tested with IPv6. Using -htunnel with destinations other than
v4-compatible IPv6 addresses is not well tested.
The creation of IPv6-in-IPv6 default tunnel routes is not supported at
the moment. Support for other default tunnel routes (e.g. IPv4-in-IPv4)
is not well tested.
For tunnel routes, setting the destination and gateway field to the same
host can lead to a system crash.
IPv4-in-IPv4 and IPv6-in-IPv6 tunnel routes are not well tested.
An IPv4-in-IPv4 or IPv6-in-IPv6 tunnel route to a network through a gate-
way that belongs in that network will crash the system when the tunnel
route is used. Example:
route add -inet 132.250.0.0 -tunnel -auth -inet 132.250.90.5
The above route currently causes endless encapsulating of packets to net-
work 132.250.0.0 which will result in a system crash. A possible
workaround is to add a static route for the gateway to some other router,
e.g.,
route add -inet 132.250.0.0 -tunnel -auth -inet 132.250.90.5
route add 132.250.90.5 132.250.90.1
4.4BSD June 1, 1994 4
