~/ linuxnetwork.net

Manipulating the IP Routing Table: A Comprehensive Guide

In the world of networking, the IP routing table plays a crucial role in determining how data packets are forwarded from one network to another. Whether you're a system administrator managing a corporate network or a hobbyist tinkering with your home network setup, understanding how to view and manipulate the IP routing table is essential. This guide covers the route and ip route commands for viewing and managing routes on Linux and Windows systems.

Table of Contents#

  1. Understanding the IP Routing Table
  2. Viewing the IP Routing Table
  3. Manipulating the IP Routing Table
  4. Making Routes Persistent
  5. Testing Routes
  6. Common Practices and Best Practices
  7. Example Usage
  8. References

Understanding the IP Routing Table#

The IP routing table is a data structure that resides in the memory of a router or a host (like your computer). It contains a set of rules (routes) that determine where incoming IP packets should be sent. Each route typically consists of the following information:

  • Destination Network: The IP address range (e.g., 192.168.1.0/24) that the route applies to.
  • Next Hop: The IP address of the device (usually another router) that the packet should be forwarded to.
  • Interface: The network interface (e.g., eth0, Wi-Fi) through which the packet will be sent.
  • Metric: A value that indicates the cost or preference of the route. Lower metrics are generally preferred.

Viewing the IP Routing Table#

On Linux#

On Linux systems, you can use the ip route or legacy route commands to view the routing table. The ip route command from the iproute2 package is the modern, recommended approach. The older route command (from the net-tools package) is deprecated but still widely available.

  • Using ip route (recommended):
ip route show

The output is modern and can be more detailed. For example:

default via 192.168.1.1 dev eth0 proto dhcp metric 100 
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100
  • Using route (deprecated):
route -n

The -n option displays IP addresses numerically instead of resolving hostnames (which can be slower). The output will show entries like:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 eth0

Here, the first entry is the default route (destination 0.0.0.0 means any network not matched by other routes), and the second entry is for the local network (192.168.1.0/24).

On Windows#

On Windows, you can use the route print command in the Command Prompt.

route print

The output will look something like this:

===========================================================================
Interface List
12...00 15 5d 01 02 03 ......Intel(R) Ethernet Connection (2) I219-V
 1...00 15 5d 01 02 04 ......Intel(R) Wi-Fi 6 AX201 160MHz
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.1.1    192.168.1.100     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    100
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    100
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    100
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    100
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    100
===========================================================================

Manipulating the IP Routing Table#

Adding Routes#

On Linux (using ip route)#

To add a static route, you can use the following syntax:

sudo ip route add <destination_network>/<prefix_length> via <next_hop> dev <interface>

For example, to add a route to the network 10.0.0.0/24 with the next hop at 192.168.1.2 and using the eth0 interface:

sudo ip route add 10.0.0.0/24 via 192.168.1.2 dev eth0

To add or replace a route idempotently (add if it doesn't exist, replace if it does):

sudo ip route replace 10.0.0.0/24 via 192.168.1.2 dev eth0

On Windows#

In the Command Prompt (run as Administrator), you can use the route add command:

route add <destination_network> mask <subnet_mask> <gateway> metric <metric_value> if <interface_number>

For example:

route add 10.0.0.0 mask 255.255.255.0 192.168.1.2 metric 1 if 12

Here, 12 is the interface number (you can find it from the route print output).

Deleting Routes#

On Linux (using ip route)#

To delete a route:

sudo ip route del <destination_network>/<prefix_length>

For example:

sudo ip route del 10.0.0.0/24

On Windows#

In the Command Prompt (Administrator):

route delete <destination_network> mask <subnet_mask>

E.g.,

route delete 10.0.0.0 mask 255.255.255.0

Modifying Routes#

On Linux (using ip route)#

You can use the ip route change command. The syntax is similar to ip route add, but it updates an existing route. For example:

sudo ip route change 10.0.0.0/24 via 192.168.1.3 dev eth0

This changes the next hop for the 10.0.0.0/24 route. Alternatively, ip route replace will add the route if it doesn't exist or replace it if it does.

On Windows#

On Windows, you can use the route change command to modify an existing route directly. The syntax is similar to route add:

route change <destination_network> mask <subnet_mask> <gateway> metric <metric_value> if <interface_number>

For example:

route change 10.0.0.0 mask 255.255.255.0 192.168.1.3 metric 1 if 12

This changes the next hop for the 10.0.0.0/24 route.

Making Routes Persistent#

Routes added with ip route add or route add are temporary and will be lost after a reboot. To make routes persistent across reboots, you need to configure them in your system's network configuration files.

On Linux#

The method varies by distribution:

Ubuntu/Debian (using Netplan) — Edit the YAML configuration in /etc/netplan/ and add routes under the interface:

network:
  version: 2
  ethernets:
    eth0:
      routes:
        - to: 10.0.0.0/24
          via: 192.168.1.2

RHEL/CentOS (using NetworkManager or ifcfg files) — Add routes to the interface configuration file in /etc/sysconfig/network-scripts/:

# In /etc/sysconfig/network-scripts/route-eth0
10.0.0.0/24 via 192.168.1.2

systemd-networkd — Add [Route] sections to .network files in /etc/systemd/network/.

On Windows#

Use the /p flag with the route add command to create a persistent route that survives reboots:

route /p add 10.0.0.0 mask 255.255.255.0 192.168.1.2

Persistent routes are stored in the Windows registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes.

Testing Routes#

On Linux#

Use ip route get to simulate which route the kernel would use for a given destination:

ip route get 10.0.0.1

This shows the interface, source address, and next hop that would be used, without actually sending traffic.

On Windows#

Use tracert to trace the path packets take to a destination:

tracert 10.0.0.1

Common Practices and Best Practices#

Static vs. Dynamic Routing#

  • Static Routing: Involves manually adding routes (as we've been doing). It's simple for small networks but can be error-prone and time-consuming for large, complex networks. Use it when you have a stable network topology and limited routes.
  • Dynamic Routing: Protocols like RIP (Routing Information Protocol), OSPF (Open Shortest Path First), and BGP (Border Gateway Protocol) automatically update the routing table based on network changes. Use dynamic routing for large, evolving networks. However, it requires more configuration and resources.

Security Considerations#

  • Filtering Routes: In a router, use access control lists (ACLs) to filter incoming and outgoing routes. For example, on a Linux router with iptables, you can block unauthorized routes.
  • Secure Configuration: Ensure that only authorized users (e.g., with proper sudo privileges on Linux or Administrator rights on Windows) can modify the routing table.

Example Usage#

Setting Up a Default Gateway#

On Linux#

If your default gateway (the router that connects you to the wider Internet) changes, you can set it using:

sudo ip route replace default via <new_gateway_ip> dev <interface>

For example:

sudo ip route replace default via 192.168.1.5 dev eth0

On Windows#

route change 0.0.0.0 mask 0.0.0.0 <new_gateway_ip> metric 1 if <interface_number>

Configuring a Specific Route#

Suppose you have a server on the 172.16.0.0/16 network, and the path to reach it is through a specific router (192.168.1.10).

On Linux#

sudo ip route add 172.16.0.0/16 via 192.168.1.10 dev eth0

On Windows#

route add 172.16.0.0 mask 255.255.0.0 192.168.1.10 metric 1 if <interface_number>

References#

By following the concepts and commands in this guide, you should be well-equipped to manage the IP routing table on your systems, whether it's for basic home networking or more complex enterprise setups.

2026-04