As a Linux user, you may come across a scenario where you need to access information about your network routing. This information can be very useful for troubleshooting, monitoring, and security purposes. In this article, we will learn how to display routing information in Linux and understand the output.
What is Routing Information?
Routing information refers to the path that a packet takes to reach its destination. It includes information such as the next hop IP address, the network mask, and the gateway address. The routing information can also include information about the metric, the interface, and the flags used by the routing protocol.
Why Display Routing Information?
There are many reasons why you may want to display routing information. For example, you may need to troubleshoot a network issue, such as a slow connection or a dropped packet. You may also want to monitor network traffic to see if there is any unusual behavior. Additionally, displaying routing information can be useful for security purposes, as you can monitor for any suspicious network activity.
How to Display Routing Information in Linux
There are several tools that can be used to display routing information in Linux. Some of the most commonly used tools are “route,” “netstat,” and “ip route.” In this article, we will look at the “ip route” command, which is the most comprehensive tool for displaying routing information.
“ip route” Command
The “ip route” command is part of the iproute2 suite, which is used to manage the Linux networking stack. The command is used to display the routing table and to add or remove routes. The syntax for the “ip route” command is as follows:
ip route [OPTIONS] [ARGUMENTS]
Let’s start by looking at the basic output of the “ip route” command. To display the routing table, simply run the following command:
The output will look something like this:
default via 192.168.1.1 dev enp0s3 proto dhcp src 192.168.1.10 metric 100 192.168.1.0/24 dev enp0s3 proto kernel scope link src 192.168.1.10 metric 100
In the output, you will see two lines. The first line is the default route, which is used for packets that do not match any other routes in the table. The second line is a route to the local network.
Let’s take a closer look at the output to understand what each field represents:
- Destination: This is the network or host that the route applies to. In the example, the destination is either “default” or “192.168.1.0/24.”
- Gateway: This is the IP address of the next hop router. In the example, the gateway is “192.168.1.1.”
- Device: This is the network interface used by the route. In the example, the device is “enp0s3.”
- Proto: This is the routing protocol used by the route. In the example, the proto is either “dhcp” or “kernel.”
- Src: This is the source IP address used by the route. In the example, the source IP is “192.168.1.10.”
- Metric: This is the cost associated with the route. The lower the metric, the more preferred the route. In the example, the metric is “100.”
Understanding Routing Table Flags
The routing table flags are used to specify the type of route and the state of the route. There are several flags that can be used, including:
- U: This flag indicates that the route is up and active.
- H: This flag indicates that the route is a host route, meaning that it applies to a specific host, not a network.
- G: This flag indicates that the route is a gateway route, meaning that it leads to a gateway.
- R: This flag indicates that the route is a reject route, meaning that packets matching this route will be discarded.
- M: This flag indicates that the route is modified by a user, not a routing protocol.
- A: This flag indicates that the route was added automatically, such as by a DHCP server.
- C: This flag indicates that the route is a cache route, meaning that it was created as a result of a route lookup.
To display the flags for a specific route, use the following command:
ip route show [DESTINATION]
For example, to display the flags for the default route, use the following command:
ip route show default
Adding and Removing Routes
In addition to displaying routing information, you can also add or remove routes using the “ip route” command. To add a route, use the following command:
ip route add [DESTINATION] via [GATEWAY] dev [DEVICE]
For example, to add a route to network 10.0.0.0/8 via the gateway 192.168.1.1 on the device enp0s3, use the following command:
ip route add 10.0.0.0/8 via 192.168.1.1 dev enp0s3
To remove a route, use the following command:
ip route del [DESTINATION]
For example, to remove the route to network 10.0.0.0/8, use the following command:
ip route del 10.0.0.0/8
Displaying routing information in Linux can be a useful tool for troubleshooting, monitoring, and security purposes. By using the “ip route” command, you can access a wealth of information about your network routing, including the destination, gateway, device, proto, src, and metric. With this information, you can better understand how packets are being routed on your network and take appropriate action as needed.