Routing

Static routes, policy routing, multiple route tables, and gateway configuration.

Route Inspection

Show the full routing table — the truth about where packets go

ip route show

Show routing table with protocol info — learn which daemon added each route

ip route show proto kernel
ip route show proto static
ip route show proto dhcp

Show which route a specific destination would use — the real test

ip route get 10.50.1.20

Show route cache statistics

ip -s route show cache

Add a static route to a subnet via a gateway

sudo ip route add 10.50.20.0/24 via 10.50.1.1 dev eth0

Add a host route — /32 for a single destination

sudo ip route add 10.50.1.20/32 via 10.50.1.1

Replace a route — idempotent, creates if missing or updates if exists

sudo ip route replace 10.50.20.0/24 via 10.50.1.1 dev eth0

Delete a static route

sudo ip route del 10.50.20.0/24

Set default gateway — all traffic without a specific route goes here

sudo ip route add default via 10.50.1.1 dev eth0

Replace default gateway — avoids "RTNETLINK answers: File exists" error

sudo ip route replace default via 10.50.1.1 dev eth0

Remove default gateway

sudo ip route del default

Show only the default route

ip route show default

Add route with explicit metric — lower wins

sudo ip route add default via 10.50.1.1 dev eth0 metric 100
sudo ip route add default via 10.50.2.1 dev eth1 metric 200

Inspect metrics on all default routes — useful for dual-homed hosts

ip route show default | awk '{for(i=1;i<=NF;i++) if($i=="metric") print $0}'

Add ECMP route — kernel load-balances across multiple next-hops

sudo ip route add 10.50.20.0/24 \
  nexthop via 10.50.1.1 dev eth0 weight 1 \
  nexthop via 10.50.2.1 dev eth1 weight 1

Verify ECMP is active — shows multiple nexthop entries

ip route show 10.50.20.0/24

Add a routing rule — match source and use a different table

sudo ip rule add from 10.50.10.0/24 lookup 100

Show all routing rules — priority order matters

ip rule show

Add routes to a custom table — table 100 has its own routing decisions

sudo ip route add default via 10.50.10.1 table 100
sudo ip route add 10.50.10.0/24 dev eth0.10 table 100

Show routes in a custom table

ip route show table 100

Delete a routing rule

sudo ip rule del from 10.50.10.0/24 lookup 100

Name custom tables for readability — add to /etc/iproute2/rt_tables

echo "100 vlan-data" | sudo tee -a /etc/iproute2/rt_tables

Traceroute to verify path — shows each hop

traceroute -n 10.50.1.20

TCP traceroute — bypasses ICMP-blocking firewalls

sudo traceroute -n -T -p 443 10.50.1.20

MTR for continuous path monitoring — combines ping and traceroute

mtr -n -c 10 10.50.1.20

VyOS static route — applied in configure mode

set protocols static route 10.50.20.0/24 next-hop 10.50.1.2
set protocols static route 0.0.0.0/0 next-hop 192.168.1.1

VyOS show routing table

show ip route

VyOS blackhole route — silently drop traffic to a prefix

set protocols static route 192.168.99.0/24 blackhole

nmcli static route — survives reboot via NetworkManager

nmcli connection modify "Wired connection 1" +ipv4.routes "10.50.20.0/24 10.50.1.1"
nmcli connection up "Wired connection 1"

Verify routes applied by NetworkManager

nmcli connection show "Wired connection 1" | grep ipv4.routes

systemd-networkd static route — drop-in file approach

# /etc/systemd/network/10-eth0.network
[Route]
Destination=10.50.20.0/24
Gateway=10.50.1.1