查看 Linux 内核路由表
使用下面的 route 命令可以查看 Linux 内核路由表。
# route
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
route 命令的输出项说明
输出项 说明
Destination 目标网段或者主机
Gateway 网关地址,”*” 表示目标是本主机所属的网络,不需要路由
Genmask 网络掩码
Flags 标记
一些可能的标记如下:
U — 路由是活动的
H — 目标是一个主机
N — 目标时某个网段
G — 路由指向网关
R — 恢复动态路由产生的表项
D — 由路由的后台程序动态地安装
M — 由路由的后台程序修改
! — 拒绝路由
Metric 路由距离,到达指定网络所需的中转数(linux 内核中没有使用)。
Ref 路由项引用次数(linux 内核中没有使用)。
Use 此路由项被路由软件查找的次数 。
Iface 该路由表项对应的输出接口 。
*******************************************************************************************************************************
3 种路由类型
主机路由
主机路由是路由选择表中指向单个IP地址或主机名的路由记录。主机路由的Flags字段为H。例如,在下面的示例
中,本地主机通过IP地址192.168.1.1的路由器到达IP地址为10.0.0.10的主机。
Destination Gateway Genmask Flags Metric Ref Use Iface
----------- ------- ------- ----- ------ --- --- -----
10.0.0.10 192.168.1.1 255.255.255.255 UH 0 0 0 eth0
网络路由
网络路由是代表主机可以到达的网络。网络路由的Flags字段为N。例如,在下面的示例中,本地主机将发送到网
络192.19.12的数据包转发到IP地址为192.168.1.1的路由器。
Destination Gateway Genmask Flags Metric Ref Use Iface
----------- ------- ------- ----- ----- --- --- -----
192.19.12 192.168.1.1 255.255.255.0 UN 0 0 0 eth0
默认路由
当主机不能在路由表中查找到目标主机的IP地址或网络路由时,数据包就被发送到默认路由(默认网关)上。默
认路由的Flags字段为G。例如,在下面的示例中,默认路由是IP地址为192.168.1.1的路由器。
Destination Gateway Genmask Flags Metric Ref Use Iface
----------- ------- ------- ----- ------ --- --- -----
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
*******************************************************************************************************************************
配置静态路由
route 命令
设置和查看路由表都可以用 route 命令,设置内核路由表的命令格式是:
# route [add|del] [-net|-host] target [netmask Nm] [gw Gw] [[dev] If]
其中:
add : 添加一条路由规则
del : 删除一条路由规则
-net : 目的地址是一个网络
-host : 目的地址是一个主机
target : 目的网络或主机
netmask : 目的地址的网络掩码
gw : 路由数据包通过的网关
dev : 为路由指定的网络接口
route 命令使用举例
添加到主机的路由
# route add -host 192.168.1.2 dev eth0:0
# route add -host 10.20.30.148 gw 10.20.30.40
添加到网络的路由
# route add -net 10.20.30.40 netmask 255.255.255.248 eth0
# route add -net 10.20.30.48 netmask 255.255.255.248 gw 10.20.30.41
# route add -net 192.168.1.0/24 eth1
添加默认路由
# route add default gw 192.168.1.1
删除路由
# route del -host 192.168.1.2 dev eth0:0
# route del -host 10.20.30.148 gw 10.20.30.40
# route del -net 10.20.30.40 netmask 255.255.255.248 eth0
# route del -net 10.20.30.48 netmask 255.255.255.248 gw 10.20.30.41
# route del -net 192.168.1.0/24 eth1
# route del default gw 192.168.1.1
*******************************************************************************************************************************
设置包转发
在 CentOS 中默认的内核配置已经包含了路由功能,但默认并没有在系统启动时启用此功能。开启 Linux的路由
功能可以通过调整内核的网络参数来实现。要配置和调整内核参数可以使用 sysctl 命令。例如:要开启 Linux内核的
数据包转发功能可以使用如下的命令。
# sysctl -w net.ipv4.ip_forward=1
这样设置之后,当前系统就能实现包转发,但下次启动计算机时将失效。为了使在下次启动计算机时仍然有效,
需要将下面的行写入配置文件/etc/sysctl.conf。
# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
用户还可以使用如下的命令查看当前系统是否支持包转发。
# sysctl net.ipv4.ip_forward
http://pda158.iteye.com/blog/2173154
ROUTE(8) Linux Programmer’s Manual ROUTE(8)
NAME
route - show / manipulate the IP routing table
SYNOPSIS
route [-CFvnee]
route [-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev] If]
route [-v] [-A family] del [-net|-host] target [gw Gw] [netmask Nm] [metric N] [[dev] If]
route [-V] [--version] [-h] [--help]
NOTE
This program is obsolete. For replacement check ip route.
DESCRIPTION
Route manipulates the kernel’s IP routing tables. Its primary use is to set up static routes to specific hosts or networks via an interface after it has been configured
with the ifconfig(8) program.
When the add or del options are used, route modifies the routing tables. Without these options, route displays the current contents of the routing tables.
OPTIONS
-A family
use the specified address family (eg ‘inet’; use ‘route --help’ for a full list).
-F operate on the kernel’s FIB (Forwarding Information Base) routing table. This is the default.
-C operate on the kernel’s routing cache.
-v select verbose operation.
-n show numerical addresses instead of trying to determine symbolic host names. This is useful if you are trying to determine why the route to your nameserver has van-
ished.
-e use netstat(8)-format for displaying the routing table. -ee will generate a very long line with all parameters from the routing table.
del delete a route.
add add a new route.
target the destination network or host. You can provide IP addresses in dotted decimal or host/network names.
-net the target is a network.
-host the target is a host.
netmask NM
when adding a network route, the netmask to be used.
gw GW route packets via a gateway. NOTE: The specified gateway must be reachable first. This usually means that you have to set up a static route to the gateway before-
hand. If you specify the address of one of your local interfaces, it will be used to decide about the interface to which the packets should be routed to. This is a
BSDism compatibility hack.
metric M
set the metric field in the routing table (used by routing daemons) to M.
mss M sets MTU (Maximum Transmission Unit) of the route to M bytes. Note that the current implementation of the route command does not allow the option to set the Maximum
Segment Size (MSS).
window W
set the TCP window size for connections over this route to W bytes. This is typically only used on AX.25 networks and with drivers unable to handle back to back
frames.
irtt I set the initial round trip time (irtt) for TCP connections over this route to I milliseconds (1-12000). This is typically only used on AX.25 networks. If omitted the
RFC 1122 default of 300ms is used.
reject install a blocking route, which will force a route lookup to fail. This is for example used to mask out networks before using the default route. This is NOT for
firewalling.
mod, dyn, reinstate
install a dynamic or modified route. These flags are for diagnostic purposes, and are generally only set by routing daemons.
dev If force the route to be associated with the specified device, as the kernel will otherwise try to determine the device on its own (by checking already existing routes
and device specifications, and where the route is added to). In most normal networks you won’t need this.
If dev If is the last option on the command line, the word dev may be omitted, as it’s the default. Otherwise the order of the route modifiers (metric - netmask - gw
- dev) doesn’t matter.
EXAMPLES
route add -net 127.0.0.0
adds the normal loopback entry, using netmask 255.0.0.0 (class A net, determined from the destination address) and associated with the "lo" device (assuming this
device was prviously set up correctly with ifconfig(8)).
route add -net 192.56.76.0 netmask 255.255.255.0 dev eth0
adds a route to the network 192.56.76.x via "eth0". The Class C netmask modifier is not really necessary here because 192.* is a Class C IP address. The word "dev"
can be omitted here.
route add default gw mango-gw
adds a default route (which will be used if no other route matches). All packets using this route will be gatewayed through "mango-gw". The device which will actu-
ally be used for that route depends on how we can reach "mango-gw" - the static route to "mango-gw" will have to be set up before.
route add ipx4 sl0
Adds the route to the "ipx4" host via the SLIP interface (assuming that "ipx4" is the SLIP host).
route add -net 192.57.66.0 netmask 255.255.255.0 gw ipx4
This command adds the net "192.57.66.x" to be gatewayed through the former route to the SLIP interface.
route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0
This is an obscure one documented so people know how to do it. This sets all of the class D (multicast) IP routes to go via "eth0". This is the correct normal config-
uration line with a multicasting kernel.
route add -net 10.0.0.0 netmask 255.0.0.0 reject
This installs a rejecting route for the private network "10.x.x.x."
OUTPUT
The output of the kernel routing table is organized in the following columns
Destination
The destination network or destination host.
Gateway
The gateway address or ’*’ if none set.
Genmask
The netmask for the destination net; ’255.255.255.255’ for a host destination and ’0.0.0.0’ for the default route.
Flags Possible flags include
U (route is up)
H (target is a host)
G (use gateway)
R (reinstate route for dynamic routing)
D (dynamically installed by daemon or redirect)
M (modified from routing daemon or redirect)
A (installed by addrconf)
C (cache entry)
! (reject route)
Metric The ’distance’ to the target (usually counted in hops). It is not used by recent kernels, but may be needed by routing daemons.
Ref Number of references to this route. (Not used in the Linux kernel.)
Use Count of lookups for the route. Depending on the use of -F and -C this will be either route cache misses (-F) or hits (-C).
Iface Interface to which packets for this route will be sent.
MSS Default maximum segement size for TCP connections over this route.
Window Default window size for TCP connections over this route.
irtt Initial RTT (Round Trip Time). The kernel uses this to guess about the best TCP protocol parameters without waiting on (possibly slow) answers.
HH (cached only)
The number of ARP entries and cached routes that refer to the hardware header cache for the cached route. This will be -1 if a hardware address is not needed for the
interface of the cached route (e.g. lo).
Arp (cached only)
Whether or not the hardware address for the cached route is up to date.
FILES
/proc/net/ipv6_route
/proc/net/route
/proc/net/rt_cache
SEE ALSO
ip(8)
HISTORY
Route for Linux was originally written by Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org> and then modified by Johannes Stille and Linus Torvalds for pl15. Alan Cox added
the mss and window options for Linux 1.1.22. irtt support and merged with netstat from Bernd Eckenfels.
AUTHOR
Currently maintained by Phil Blundell <Philip.Blundell@pobox.com>.