7.4. Static Routes and the Default Gateway
Static routes are for traffic that must not, or should not, go through the default gateway. Routing is usually handled by routing devices and therefore it is often not necessary to configure static routes on Red Hat Enterprise Linux servers or clients. Exceptions include traffic that must pass through an encrypted VPN tunnel or traffic that should take a less costly route. The default gateway is for any and all traffic which is not destined for the local network and for which no preferred route is specified in the routing table. The default gateway is traditionally a dedicated network router.
Static Routes
Use the
ip route
command to display the IP routing table. If static routes are required, they can be added to the routing table by means of the
ip route add
command and removed using the
ip route del
command. To add a static route to a host address, that is to say to a single IP address, issue the following command as
root
:
ip route add X.X.X.X
where X.X.X.X is the IP address of the host in dotted decimal notation. To add a static route to a network, that is to say to an IP address representing a range of IP addresses, issue the following command as
root
:
ip route add X.X.X.X/Y
where X.X.X.X is the IP address of the network in dotted decimal notation and Y is the network prefix. The network prefix is the number of enabled bits in the subnet mask. This format of network address slash prefix length is referred to as CIDR notation.
Static route configuration is stored per-interface in a /etc/sysconfig/network-scripts/route-interface
file. For example, static routes for the eth0
interface would be stored in the /etc/sysconfig/network-scripts/route-eth0
file. The route-interface
file has two formats: IP command arguments and network/netmask directives. These are described below.
The Default Gateway
The default gateway is specified by means of the GATEWAY directive and can be specified either globally or in interface-specific configuration files. Specifying the default gateway globally has certain advantages especially if more than one network interface is present and it can make fault finding simpler if applied consistently. There is also the GATEWAYDEV directive, which is a global option. If multiple devices specify GATEWAY, and one interface uses the GATEWAYDEV directive, that directive will take precedence. This option is not recommend as it can have unexpected consequences if an interface goes down and it can complicate fault finding.
Global default gateway configuration is stored in the
/etc/sysconfig/network
file. This file specifies gateway and host information for all network interfaces. For more information about this file and the directives it accepts, refer to
Section D.1.13, “ /etc/sysconfig/network ”.
IP Command Arguments Format
If required in a per-interface configuration file, define a default gateway on the first line. This is only required if the default gateway is not set via DHCP and is not set globally as mentioned above:
default via X.X.X.X
dev
interface
X.X.X.X
is the IP address of the default gateway. The interface
is the interface that is connected to, or can reach, the default gateway. The dev
option can be omitted, it is optional.
Define a static route. Each line is parsed as an individual route:
X.X.X.X/Y
via X.X.X.X
dev interface
X.X.X.X/Y
is the network address and netmask for the static route. X.X.X.X
and interface
are the IP address and interface for the default gateway respectively. The X.X.X.X
address does not have to be the default gateway IP address. In most cases, X.X.X.X
will be an IP address in a different subnet, and interface
will be the interface that is connected to, or can reach, that subnet. Add as many static routes as required.
The following is a sample route-eth0
file using the IP command arguments format. The default gateway is 192.168.0.1, interface eth0. The two static routes are for the 10.10.10.0/24 and 172.16.1.0/24 networks:
default via 192.168.0.1 dev eth0
10.10.10.0/24 via 192.168.0.1 dev eth0
172.16.1.0/24 via 192.168.0.1 dev eth0
Static routes should only be configured for other subnets. The above example is not necessary, since packets going to the 10.10.10.0/24 and 172.16.1.0/24 networks will use the default gateway anyway. Below is an example of setting static routes to a different subnet, on a machine in a 192.168.0.0/24 subnet. The example machine has an eth0
interface in the 192.168.0.0/24 subnet, and an eth1
interface (10.10.10.1) in the 10.10.10.0/24 subnet:
10.10.10.0/24 via 10.10.10.1 dev eth1
Specifying an exit interface is optional. It can be useful if you want to force traffic out of a specific interface. For example, in the case of a VPN, you can force traffic to a remote network to pass through a tun0 interface even when the interface is in a different sub-net to the destination network.
If the default gateway is already assigned from DHCP, the IP command arguments format can cause one of two errors during start-up, or when bringing up an interface from the down state using the ifup
command: "RTNETLINK answers: File exists" or 'Error: either "to" is a duplicate, or "X.X.X.X
" is a garbage.', where X.X.X.X
is the gateway, or a different IP address. These errors can also occur if you have another route to another network using the default gateway. Both of these errors are safe to ignore.
Network/Netmask Directives Format
You can also use the network/netmask directives format for route-interface
files. The following is a template for the network/netmask format, with instructions following afterwards:
ADDRESS0=X.X.X.X
NETMASK0=X.X.X.X
GATEWAY0=X.X.X.X
ADDRESS0=X.X.X.X
is the network number for the static route.
NETMASK0=X.X.X.X
is the netmask for the network number defined with ADDRESS0=X.X.X.X
.
GATEWAY0=X.X.X.X
is the default gateway, or an IP address that can be used to reach ADDRESS0=X.X.X.X
The following is a sample route-eth0
file using the network/netmask directives format. The default gateway is 192.168.0.1, interface eth0
. The two static routes are for the 10.10.10.0/24 and 172.16.1.0/24 networks. However, as mentioned before, this example is not necessary as the 10.10.10.0/24 and 172.16.1.0/24 networks would use the default gateway anyway:
ADDRESS0=10.10.10.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.0.1
ADDRESS1=172.16.1.0
NETMASK1=255.255.255.0
GATEWAY1=192.168.0.1
Subsequent static routes must be numbered sequentially, and must not skip any values. For example, ADDRESS0
, ADDRESS1
, ADDRESS2
, and so on.
Below is an example of setting static routes to a different subnet, on a machine in the 192.168.0.0/24 subnet. The example machine has an eth0
interface in the 192.168.0.0/24 subnet, and an eth1
interface (10.10.10.1) in the 10.10.10.0/24 subnet:
ADDRESS0=10.10.10.0
NETMASK0=255.255.255.0
GATEWAY0=10.10.10.1
Note that if DHCP is used, it can assign these settings automatically.