suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man8/ip-route.8.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

1706 lines
30 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of IP-ROUTE</TITLE>
</HEAD><BODY>
<H1>IP-ROUTE</H1>
Section: Linux (8)<BR>Updated: 13 Dec 2012<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
ip-route - routing table management
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
<P>
<BR>
<B>ip</B>
[ <I>ip-OPTIONS</I> ]
<B>route</B>
{ <I>COMMAND</I> |
<B>help</B> }
<P>
<BR>
<P>
<BR>
<B>ip route</B> {
<B>show</B> | <B>flush</B> }
<I>SELECTOR</I>
<P>
<BR>
<B>ip route save</B>
<I>SELECTOR</I>
<P>
<BR>
<B>ip route restore</B>
<P>
<BR>
<B>ip route get</B>
<I>ROUTE_GET_FLAGS</I>
<I>ADDRESS</I> [
<B>from</B><I> ADDRESS </I><B>iif</B><I> STRING</I>
] [ <B>oif</B>
<I>STRING</I> ] [
<B>mark</B>
<I>MARK</I> ] [
<B>tos</B>
<I>TOS</I> ] [
<B>vrf</B>
<I>NAME</I> ] [
<B>ipproto</B>
<I>PROTOCOL</I> ] [
<B>sport</B>
<I>NUMBER</I> ] [
<B>dport</B>
<I>NUMBER</I> ]
<P>
<BR>
<B>ip route</B> { <B>add</B> | <B>del</B> | <B>change</B> | <B>append</B> | replace<B> } </B>
<I>ROUTE</I>
<P>
<BR>
<I>SELECTOR</I> :=
[ <B>root</B>
<I>PREFIX</I> ] [
<B>match</B>
<I>PREFIX</I> ] [
<B>exact</B>
<I>PREFIX</I> ] [
<B>table</B>
<I>TABLE_ID</I> ] [
<B>vrf</B>
<I>NAME</I> ] [
<B>proto</B>
<I>RTPROTO</I> ] [
<B>type</B>
<I>TYPE</I> ] [
<B>scope</B>
<I>SCOPE</I> ]
<P>
<BR>
<I>ROUTE</I> := <I>NODE_SPEC</I> [ <I>INFO_SPEC</I> ]
<P>
<BR>
<I>NODE_SPEC</I> := [ <I>TYPE</I> ] <I>PREFIX</I> [
<B>tos</B>
<I>TOS</I> ] [
<B>table</B>
<I>TABLE_ID</I> ] [
<B>proto</B>
<I>RTPROTO</I> ] [
<B>scope</B>
<I>SCOPE</I> ] [
<B>metric</B>
<I>METRIC</I> ] [
<B>ttl-propagate</B>
{ <B>enabled</B> | <B>disabled</B> } ]
<P>
<BR>
<I>INFO_SPEC</I> := { <I>NH</I> |
<B>nhid</B>
<I>ID</I> } <I>OPTIONS FLAGS</I> [
<B>nexthop</B>
<I>NH</I> ] ...
<P>
<BR>
<I>NH</I> := [
<B>encap</B>
<I>ENCAP</I> ] [
<B>via</B>
[
<I>FAMILY</I> ] <I>ADDRESS</I> ] [
<B>dev</B>
<I>STRING</I> ] [
<B>weight</B>
<I>NUMBER</I> ] <I>NHFLAGS</I>
<P>
<BR>
<I>FAMILY</I> := [
<B>inet</B> | <B>inet6</B> | <B>mpls</B> | <B>bridge</B> | <B>link</B> ]
<P>
<BR>
<I>OPTIONS</I> := <I>FLAGS</I> [
<B>mtu</B>
<I>NUMBER</I> ] [
<B>advmss</B>
<I>NUMBER</I> ] [
<B>as</B>
[
<B>to</B>
]
<I>ADDRESS</I> ]
<B>rtt</B>
<I>TIME</I> ] [
<B>rttvar</B>
<I>TIME</I> ] [
<B>reordering</B>
<I>NUMBER</I> ] [
<B>window</B>
<I>NUMBER</I> ] [
<B>cwnd</B>
<I>NUMBER</I> ] [
<B>ssthresh</B>
<I>NUMBER</I> ] [
<B>realms</B>
<I>REALM</I> ] [
<B>rto_min</B>
<I>TIME</I> ] [
<B>initcwnd</B>
<I>NUMBER</I> ] [
<B>initrwnd</B>
<I>NUMBER</I> ] [
<B>features</B>
<I>FEATURES</I> ] [
<B>quickack</B>
<I>BOOL</I> ] [
<B>congctl</B>
<I>NAME</I> ] [
<B>pref</B>
<I>PREF</I> ] [
<B>expires</B>
<I>TIME</I> ] [
<B>fastopen_no_cookie</B>
<I>BOOL</I> ]
<P>
<BR>
<I>TYPE</I> := [
<B>unicast</B> | <B>local</B> | <B>broadcast</B> | <B>multicast</B> | throw<B> | </B>unreachable<B> | </B>prohibit<B> | </B>blackhole<B> | </B>nat<B> ]</B>
<P>
<BR>
<I>TABLE_ID</I> := [
<B>local</B>| <B>main</B> | <B>default</B> | <B>all</B> |
<I>NUMBER</I> ]
<P>
<BR>
<I>SCOPE</I> := [
<B>host</B> | <B>link</B> | <B>global</B> |
<I>NUMBER</I> ]
<P>
<BR>
<I>NHFLAGS</I> := [
<B>onlink</B> | <B>pervasive</B> ]
<P>
<BR>
<I>RTPROTO</I> := [
<B>kernel</B> | <B>boot</B> | <B>static</B> |
<I>NUMBER</I> ]
<P>
<BR>
<I>FEATURES</I> := [
<B>ecn</B> | ]
<P>
<BR>
<I>PREF</I> := [
<B>low</B> | <B>medium</B> | <B>high</B> ]
<P>
<BR>
<I>ENCAP</I> := [
<I>ENCAP_MPLS</I> | <I>ENCAP_IP</I> | <I>ENCAP_BPF</I> |
<I>ENCAP_SEG6</I> | <I>ENCAP_SEG6LOCAL</I> ]
<P>
<BR>
<I>ENCAP_MPLS</I> :=
<B>mpls</B> [
<I>LABEL</I> ] [
<B>ttl</B>
<I>TTL</I> ]
<P>
<BR>
<I>ENCAP_IP</I> :=
<B>ip</B>
<B>id</B>
<I>TUNNEL_ID</I>
<B>dst</B>
<I>REMOTE_IP</I> [
<B>src</B>
<I>SRC</I> ] [
<B>tos</B>
<I>TOS</I> ] [
<B>ttl</B>
<I>TTL</I> ]
<P>
<BR>
<I>ENCAP_BPF</I> :=
<B>bpf</B> [
<B>in</B>
<I>PROG</I> ] [
<B>out</B>
<I>PROG</I> ] [
<B>xmit</B>
<I>PROG</I> ] [
<B>headroom</B>
<I>SIZE</I> ]
<P>
<BR>
<I>ENCAP_SEG6</I> :=
<B>seg6</B>
<B>mode</B> [
<B>encap</B> | <B>inline</B> | <B>l2encap</B> ]
<B>segs</B>
<I>SEGMENTS</I> [
<B>hmac</B>
<I>KEYID</I> ]
<P>
<BR>
<I>ENCAP_SEG6LOCAL</I> :=
<B>seg6local</B>
<B>action</B>
<I>SEG6_ACTION</I> [
<I>SEG6_ACTION_PARAM</I> ]
<P>
<BR>
<I>ROUTE_GET_FLAGS</I> :=
<B> [ </B>
<B>fibmatch</B>
<B> ] </B>
<P>
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
<B>ip route</B>
is used to manipulate entries in the kernel routing tables.
<P>
<B>Route types:</B>
<P>
<B>unicast</B>
- the route entry describes real paths to the destinations covered
by the route prefix.
<P>
<P>
<B>unreachable</B>
- these destinations are unreachable. Packets are discarded and the
ICMP message
<I>host unreachable</I>
is generated.
The local senders get an
<I>EHOSTUNREACH</I>
error.
<P>
<P>
<B>blackhole</B>
- these destinations are unreachable. Packets are discarded silently.
The local senders get an
<I>EINVAL</I>
error.
<P>
<P>
<B>prohibit</B>
- these destinations are unreachable. Packets are discarded and the
ICMP message
<I>communication administratively prohibited</I>
is generated. The local senders get an
<I>EACCES</I>
error.
<P>
<P>
<B>local</B>
- the destinations are assigned to this host. The packets are looped
back and delivered locally.
<P>
<P>
<B>broadcast</B>
- the destinations are broadcast addresses. The packets are sent as
link broadcasts.
<P>
<P>
<B>throw</B>
- a special control route used together with policy rules. If such a
route is selected, lookup in this table is terminated pretending that
no route was found. Without policy routing it is equivalent to the
absence of the route in the routing table. The packets are dropped
and the ICMP message
<I>net unreachable</I>
is generated. The local senders get an
<I>ENETUNREACH</I>
error.
<P>
<P>
<B>nat</B>
- a special NAT route. Destinations covered by the prefix
are considered to be dummy (or external) addresses which require translation
to real (or internal) ones before forwarding. The addresses to translate to
are selected with the attribute
<B>via</B>.
<B>Warning:</B>
Route NAT is no longer supported in Linux 2.6.
<P>
<P>
<B>anycast</B>
- <I>not implemented</I>
the destinations are
<I>anycast</I>
addresses assigned to this host. They are mainly equivalent
to
<B>local</B>
with one difference: such addresses are invalid when used
as the source address of any packet.
<P>
<P>
<B>multicast</B>
- a special type used for multicast routing. It is not present in
normal routing tables.
<P>
<P>
<B>Route tables:</B>
Linux-2.x can pack routes into several routing tables identified
by a number in the range from 1 to 2^32-1 or by name from the file
<B>/etc/iproute2/rt_tables</B>
By default all normal routes are inserted into the
<B>main</B>
table (ID 254) and the kernel only uses this table when calculating routes.
Values (0, 253, 254, and 255) are reserved for built-in use.
<P>
<P>
Actually, one other table always exists, which is invisible but
even more important. It is the
<B>local</B>
table (ID 255). This table
consists of routes for local and broadcast addresses. The kernel maintains
this table automatically and the administrator usually need not modify it
or even look at it.
<P>
The multiple routing tables enter the game when
<I>policy routing</I>
is used.
<P>
<DL COMPACT>
<DT id="1">ip route add<DD>
add new route
<DT id="2">ip route change<DD>
change route
<DT id="3">ip route replace<DD>
change or add new one
<DL COMPACT><DT id="4"><DD>
<DL COMPACT>
<DT id="5"><B>to</B><I> TYPE PREFIX </I><B>(default)</B>
<DD>
the destination prefix of the route. If
<I>TYPE</I>
is omitted,
<B>ip</B>
assumes type
<B>unicast</B>.
Other values of
<I>TYPE</I>
are listed above.
<I>PREFIX</I>
is an IP or IPv6 address optionally followed by a slash and the
prefix length. If the length of the prefix is missing,
<B>ip</B>
assumes a full-length host route. There is also a special
<I>PREFIX</I>
<B>default</B>
- which is equivalent to IP
<B>0/0</B>
or to IPv6
<B>::/0</B>.
<P>
<DT id="6"><B>tos</B><I> TOS</I>
<DD>
<DT id="7"><B>dsfield</B><I> TOS</I>
<DD>
the Type Of Service (TOS) key. This key has no associated mask and
the longest match is understood as: First, compare the TOS
of the route and of the packet. If they are not equal, then the packet
may still match a route with a zero TOS.
<I>TOS</I>
is either an 8 bit hexadecimal number or an identifier
from
<B>/etc/iproute2/rt_dsfield</B>.
<P>
<DT id="8"><B>metric</B><I> NUMBER</I>
<DD>
<DT id="9"><B>preference</B><I> NUMBER</I>
<DD>
the preference value of the route.
<I>NUMBER</I>
is an arbitrary 32bit number, where routes with lower values are preferred.
<P>
<DT id="10"><B>table</B><I> TABLEID</I>
<DD>
the table to add this route to.
<I>TABLEID</I>
may be a number or a string from the file
<B>/etc/iproute2/rt_tables</B>.
If this parameter is omitted,
<B>ip</B>
assumes the
<B>main</B>
table, with the exception of
<B>local</B>, <B>broadcast</B> and <B>nat</B>
routes, which are put into the
<B>local</B>
table by default.
<P>
<DT id="11"><B>vrf</B><I> NAME</I>
<DD>
the vrf name to add this route to. Implicitly means the table
associated with the VRF.
<P>
<DT id="12"><B>dev</B><I> NAME</I>
<DD>
the output device name.
<P>
<DT id="13"><B>via</B><I> [ FAMILY ] ADDRESS</I>
<DD>
the address of the nexthop router, in the address family FAMILY.
Actually, the sense of this field depends on the route type. For
normal
<B>unicast</B>
routes it is either the true next hop router or, if it is a direct
route installed in BSD compatibility mode, it can be a local address
of the interface. For NAT routes it is the first address of the block
of translated IP destinations.
<P>
<DT id="14"><B>src</B><I> ADDRESS</I>
<DD>
the source address to prefer when sending to the destinations
covered by the route prefix.
<P>
<DT id="15"><B>realm</B><I> REALMID</I>
<DD>
the realm to which this route is assigned.
<I>REALMID</I>
may be a number or a string from the file
<B>/etc/iproute2/rt_realms</B>.
<P>
<DT id="16"><B>mtu</B><I> MTU</I>
<DD>
<DT id="17"><B>mtu lock</B><I> MTU</I>
<DD>
the MTU along the path to the destination. If the modifier
<B>lock</B>
is not used, the MTU may be updated by the kernel due to
Path MTU Discovery. If the modifier
<B>lock</B>
is used, no path MTU discovery will be tried, all packets
will be sent without the DF bit in IPv4 case or fragmented
to MTU for IPv6.
<P>
<DT id="18"><B>window</B><I> NUMBER</I>
<DD>
the maximal window for TCP to advertise to these destinations,
measured in bytes. It limits maximal data bursts that our TCP
peers are allowed to send to us.
<P>
<DT id="19"><B>rtt</B><I> TIME</I>
<DD>
the initial RTT ('Round Trip Time') estimate. If no suffix is
specified the units are raw values passed directly to the
routing code to maintain compatibility with previous releases.
Otherwise if a suffix of s, sec or secs is used to specify
seconds and ms, msec or msecs to specify milliseconds.
<P>
<P>
<DT id="20"><B>rttvar</B><I> TIME </I><B>(Linux 2.3.15+ only)</B>
<DD>
the initial RTT variance estimate. Values are specified as with
<B>rtt</B>
above.
<P>
<DT id="21"><B>rto_min</B><I> TIME </I><B>(Linux 2.6.23+ only)</B>
<DD>
the minimum TCP Retransmission TimeOut to use when communicating with this
destination. Values are specified as with
<B>rtt</B>
above.
<P>
<DT id="22"><B>ssthresh</B><I> NUMBER </I><B>(Linux 2.3.15+ only)</B>
<DD>
an estimate for the initial slow start threshold.
<P>
<DT id="23"><B>cwnd</B><I> NUMBER </I><B>(Linux 2.3.15+ only)</B>
<DD>
the clamp for congestion window. It is ignored if the
<B>lock</B>
flag is not used.
<P>
<DT id="24"><B>initcwnd</B><I> NUMBER </I><B>(Linux 2.5.70+ only)</B>
<DD>
the initial congestion window size for connections to this destination.
Actual window size is this value multiplied by the MSS
(``Maximal Segment Size'') for same connection. The default is
zero, meaning to use the values specified in RFC2414.
<P>
<DT id="25"><B>initrwnd</B><I> NUMBER </I><B>(Linux 2.6.33+ only)</B>
<DD>
the initial receive window size for connections to this destination.
Actual window size is this value multiplied by the MSS of the connection.
The default value is zero, meaning to use Slow Start value.
<P>
<DT id="26"><B>features</B><I> FEATURES </I><B>(Linux</B><I>3.18+</I><B>only)</B>
<DD>
Enable or disable per-route features. Only available feature at this
time is
<B>ecn</B>
to enable explicit congestion notification when initiating connections to the
given destination network.
When responding to a connection request from the given network, ecn will
also be used even if the
<B>net.ipv4.tcp_ecn</B>
sysctl is set to 0.
<P>
<DT id="27"><B>quickack</B><I> BOOL </I><B>(Linux 3.11+ only)</B>
<DD>
Enable or disable quick ack for connections to this destination.
<P>
<DT id="28"><B>fastopen_no_cookie</B><I> BOOL </I><B>(Linux 4.15+ only)</B>
<DD>
Enable TCP Fastopen without a cookie for connections to this destination.
<P>
<DT id="29"><B>congctl</B><I> NAME </I><B>(Linux 3.20+ only)</B>
<DD>
<DT id="30"><B>congctl lock</B><I> NAME </I><B>(Linux 3.20+ only)</B>
<DD>
Sets a specific TCP congestion control algorithm only for a given destination.
If not specified, Linux keeps the current global default TCP congestion control
algorithm, or the one set from the application. If the modifier
<B>lock</B>
is not used, an application may nevertheless overwrite the suggested congestion
control algorithm for that destination. If the modifier
<B>lock</B>
is used, then an application is not allowed to overwrite the specified congestion
control algorithm for that destination, thus it will be enforced/guaranteed to
use the proposed algorithm.
<P>
<DT id="31"><B>advmss</B><I> NUMBER </I><B>(Linux 2.3.15+ only)</B>
<DD>
the MSS ('Maximal Segment Size') to advertise to these
destinations when establishing TCP connections. If it is not given,
Linux uses a default value calculated from the first hop device MTU.
(If the path to these destination is asymmetric, this guess may be wrong.)
<P>
<DT id="32"><B>reordering</B><I> NUMBER </I><B>(Linux 2.3.15+ only)</B>
<DD>
Maximal reordering on the path to this destination.
If it is not given, Linux uses the value selected with
<B>sysctl</B>
variable
<B>net/ipv4/tcp_reordering</B>.
<P>
<DT id="33"><B>nexthop</B><I> NEXTHOP</I>
<DD>
the nexthop of a multipath route.
<I>NEXTHOP</I>
is a complex value with its own syntax similar to the top level
argument lists:
<P>
<B>via</B><I> [ FAMILY ] ADDRESS</I>
- is the nexthop router.
<P>
<P>
<B>dev</B><I> NAME</I>
- is the output device.
<P>
<P>
<B>weight</B><I> NUMBER</I>
- is a weight for this element of a multipath
route reflecting its relative bandwidth or quality.
<P>
The internal buffer used in iproute2 limits the maximum number of nexthops that
may be specified in one go. If only
<I>ADDRESS</I>
is given, the current buffer size allows for 144 IPv6 nexthops and 253 IPv4
ones. For IPv4, this effectively limits the number of nexthops possible per
route. With IPv6, further nexthops may be appended to the same route via
<B>ip route append</B>
command.
<P>
<DT id="34"><B>scope</B><I> SCOPE_VAL</I>
<DD>
the scope of the destinations covered by the route prefix.
<I>SCOPE_VAL</I>
may be a number or a string from the file
<B>/etc/iproute2/rt_scopes</B>.
If this parameter is omitted,
<B>ip</B>
assumes scope
<B>global</B>
for all gatewayed
<B>unicast</B>
routes, scope
<B>link</B>
for direct
<B>unicast</B> and <B>broadcast</B>
routes and scope
<B>host</B> for <B>local</B>
routes.
<P>
<DT id="35"><B>protocol</B><I> RTPROTO</I>
<DD>
the routing protocol identifier of this route.
<I>RTPROTO</I>
may be a number or a string from the file
<B>/etc/iproute2/rt_protos</B>.
If the routing protocol ID is not given,
<B>ip assumes protocol</B>
<B>boot</B>
(i.e. it assumes the route was added by someone who doesn't
understand what they are doing). Several protocol values have
a fixed interpretation.
Namely:
<P>
<B>redirect</B>
- the route was installed due to an ICMP redirect.
<P>
<P>
<B>kernel</B>
- the route was installed by the kernel during autoconfiguration.
<P>
<P>
<B>boot</B>
- the route was installed during the bootup sequence.
If a routing daemon starts, it will purge all of them.
<P>
<P>
<B>static</B>
- the route was installed by the administrator
to override dynamic routing. Routing daemon will respect them
and, probably, even advertise them to its peers.
<P>
<P>
<B>ra</B>
- the route was installed by Router Discovery protocol.
<P>
<P>
The rest of the values are not reserved and the administrator is free
to assign (or not to assign) protocol tags.
<P>
<DT id="36"><B>onlink</B>
<DD>
pretend that the nexthop is directly attached to this link,
even if it does not match any interface prefix.
<P>
<DT id="37"><B>pref</B><I> PREF</I>
<DD>
the IPv6 route preference.
<I>PREF</I>
is a string specifying the route preference as defined in RFC4191 for Router
Discovery messages. Namely:
<P>
<B>low</B>
- the route has a lowest priority
<P>
<P>
<B>medium</B>
- the route has a default priority
<P>
<P>
<B>high</B>
- the route has a highest priority
<P>
<P>
<DT id="38"><B>nhid</B><I> ID</I>
<DD>
use nexthop object with given id as nexthop specification.
<P>
<DT id="39"><B>encap</B><I> ENCAPTYPE ENCAPHDR</I>
<DD>
attach tunnel encapsulation attributes to this route.
<P>
<I>ENCAPTYPE</I>
is a string specifying the supported encapsulation type. Namely:
<P>
<B>mpls</B>
- encapsulation type MPLS
<P>
<B>ip</B>
- IP encapsulation (Geneve, GRE, VXLAN, ...)
<P>
<B>bpf</B>
- Execution of BPF program
<P>
<B>seg6</B>
- encapsulation type IPv6 Segment Routing
<P>
<B>seg6local</B>
- local SRv6 segment processing
<P>
<I>ENCAPHDR</I>
is a set of encapsulation attributes specific to the
<I>ENCAPTYPE.</I>
<P>
<B>mpls</B>
<I>MPLSLABEL</I>
- mpls label stack with labels separated by
<I>/</I>
<P>
<P>
<B>ttl</B>
<I>TTL</I>
- TTL to use for MPLS header or 0 to inherit from IP header
<P>
<P>
<B>ip</B>
<B>id</B>
<I>TUNNEL_ID</I>
<B>dst</B>
<I>REMOTE_IP</I> [
<B>src</B>
<I>SRC</I> ] [
<B>tos</B>
<I>TOS</I> ] [
<B>ttl</B>
<I>TTL</I> ] [
<B>key</B> ] [ <B>csum</B> ] [ <B>seq</B> ]
<P>
<P>
<B>bpf</B>
<B>in</B>
<I>PROG</I>
- BPF program to execute for incoming packets
<P>
<P>
<B>out</B>
<I>PROG</I>
- BPF program to execute for outgoing packets
<P>
<P>
<B>xmit</B>
<I>PROG</I>
- BPF program to execute for transmitted packets
<P>
<P>
<B>headroom</B>
<I>SIZE</I>
- Size of header BPF program will attach (xmit)
<P>
<P>
<B>seg6</B>
<B>mode inline</B>
- Directly insert Segment Routing Header after IPv6 header
<P>
<P>
<B>mode encap</B>
- Encapsulate packet in an outer IPv6 header with SRH
<P>
<P>
<B>mode l2encap</B>
- Encapsulate ingress L2 frame within an outer IPv6 header and SRH
<P>
<P>
<I>SEGMENTS</I>
- List of comma-separated IPv6 addresses
<P>
<P>
<I>KEYID</I>
- Numerical value in decimal representation. See <B><A HREF="/cgi-bin/man/man2html?8+ip-sr">ip-sr</A></B>(8).
<P>
<P>
<B>seg6local</B>
<I>SEG6_ACTION</I> [
<I>SEG6_ACTION_PARAM</I> ]
- Operation to perform on matching packets.
The following actions are currently supported (<B>Linux 4.14+ only</B>).
<P>
<B>End</B>
- Regular SRv6 processing as intermediate segment endpoint.
This action only accepts packets with a non-zero Segments Left
value. Other matching packets are dropped.
<P>
<B>End.X nh6</B>
<I>NEXTHOP</I>
- Regular SRv6 processing as intermediate segment endpoint.
Additionally, forward processed packets to given next-hop.
This action only accepts packets with a non-zero Segments Left
value. Other matching packets are dropped.
<P>
<B>End.DX6 nh6</B>
<I>NEXTHOP</I>
- Decapsulate inner IPv6 packet and forward it to the
specified next-hop. If the argument is set to ::, then
the next-hop is selected according to the local selection
rules. This action only accepts packets with either a zero Segments
Left value or no SRH at all, and an inner IPv6 packet. Other
matching packets are dropped.
<P>
<B>End.B6 srh segs</B>
<I>SEGMENTS</I> [
<B>hmac</B>
<I>KEYID</I> ]
- Insert the specified SRH immediately after the IPv6 header,
update the DA with the first segment of the newly inserted SRH,
then forward the resulting packet. The original SRH is not
modified. This action only accepts packets with a non-zero
Segments Left value. Other matching packets are dropped.
<P>
<B>End.B6.Encaps srh segs</B>
<I>SEGMENTS</I> [
<B>hmac</B>
<I>KEYID</I> ]
- Regular SRv6 processing as intermediate segment endpoint.
Additionally, encapsulate the matching packet within an outer IPv6 header
followed by the specified SRH. The destination address of the outer IPv6
header is set to the first segment of the new SRH. The source
address is set as described in <B><A HREF="/cgi-bin/man/man2html?8+ip-sr">ip-sr</A></B>(8).
<P>
<P>
<DT id="40"><B>expires</B><I> TIME </I><B>(Linux 4.4+ only)</B>
<DD>
the route will be deleted after the expires time.
<B>Only</B>
support IPv6 at present.
<P>
<DT id="41"><B>ttl-propagate</B> { <B>enabled</B> | <B>disabled</B> }
<DD>
Control whether TTL should be propagated from any encap into the
un-encapsulated packet, overriding any global configuration. Only
supported for MPLS at present.
</DL>
</DL>
<P>
<DT id="42">ip route delete<DD>
delete route
<DL COMPACT><DT id="43"><DD>
<B>ip route del</B>
has the same arguments as
<B>ip route add</B>,
but their semantics are a bit different.
<P>
Key values
(<B>to</B>, <B>tos</B>, <B>preference</B> and <B>table</B>)
select the route to delete. If optional attributes are present,
<B>ip</B>
verifies that they coincide with the attributes of the route to delete.
If no route with the given key and attributes was found,
<B>ip route del</B>
fails.
</DL>
<P>
<DT id="44">ip route show<DD>
list routes
<DL COMPACT><DT id="45"><DD>
the command displays the contents of the routing tables or the route(s)
selected by some criteria.
<P>
<DL COMPACT>
<DT id="46"><B>to</B><I> SELECTOR </I><B>(default)</B>
<DD>
only select routes from the given range of destinations.
<I>SELECTOR</I>
consists of an optional modifier
(<B>root</B>, <B>match</B> or <B>exact</B>)
and a prefix.
<B>root</B><I> PREFIX</I>
selects routes with prefixes not shorter than
<I>PREFIX</I>.
F.e.
<B>root</B><I> 0/0</I>
selects the entire routing table.
<B>match</B><I> PREFIX</I>
selects routes with prefixes not longer than
<I>PREFIX</I>.
F.e.
<B>match</B><I> 10.0/16</I>
selects
<I>10.0/16</I>,
<I>10/8</I> and <I>0/0</I>,
but it does not select
<I>10.1/16</I> and <I>10.0.0/24</I>.
And
<B>exact</B><I> PREFIX</I>
(or just
<I>PREFIX</I>)
selects routes with this exact prefix. If neither of these options
are present,
<B>ip</B>
assumes
<B>root</B><I> 0/0</I>
i.e. it lists the entire table.
<P>
<DT id="47"><B>tos</B><I> TOS</I>
<DD>
<DT id="48"><B>dsfield</B><I> TOS</I>
<DD>
only select routes with the given TOS.
<P>
<DT id="49"><B>table</B><I> TABLEID</I>
<DD>
show the routes from this table(s). The default setting is to show table
<B>main</B>.
<I>TABLEID</I>
may either be the ID of a real table or one of the special values:
<P>
<B>all</B>
- list all of the tables.
<P>
<B>cache</B>
- dump the routing cache.
<P>
<DT id="50"><B>vrf</B><I> NAME</I>
<DD>
show the routes for the table associated with the vrf name
<P>
<DT id="51"><B>cloned</B>
<DD>
<DT id="52"><B>cached</B>
<DD>
list cloned routes i.e. routes which were dynamically forked from
other routes because some route attribute (f.e. MTU) was updated.
Actually, it is equivalent to
<B>table cache</B>.
<P>
<DT id="53"><B>from</B><I> SELECTOR</I>
<DD>
the same syntax as for
<B>to</B>,
but it binds the source address range rather than destinations.
Note that the
<B>from</B>
option only works with cloned routes.
<P>
<DT id="54"><B>protocol</B><I> RTPROTO</I>
<DD>
only list routes of this protocol.
<P>
<DT id="55"><B>scope</B><I> SCOPE_VAL</I>
<DD>
only list routes with this scope.
<P>
<DT id="56"><B>type</B><I> TYPE</I>
<DD>
only list routes of this type.
<P>
<DT id="57"><B>dev</B><I> NAME</I>
<DD>
only list routes going via this device.
<P>
<DT id="58"><B>via</B><I> [ FAMILY ] PREFIX</I>
<DD>
only list routes going via the nexthop routers selected by
<I>PREFIX</I>.
<P>
<DT id="59"><B>src</B><I> PREFIX</I>
<DD>
only list routes with preferred source addresses selected
by
<I>PREFIX</I>.
<P>
<DT id="60"><B>realm</B><I> REALMID</I>
<DD>
<DT id="61"><B>realms</B><I> FROMREALM/TOREALM</I>
<DD>
only list routes with these realms.
</DL>
</DL>
<P>
<DT id="62">ip route flush<DD>
flush routing tables
<DL COMPACT><DT id="63"><DD>
this command flushes routes selected by some criteria.
<P>
<P>
The arguments have the same syntax and semantics as the arguments of
<B>ip route show</B>,
but routing tables are not listed but purged. The only difference is
the default action:
<B>show</B>
dumps all the IP main routing table but
<B>flush</B>
prints the helper page.
<P>
<P>
With the
<B>-statistics</B>
option, the command becomes verbose. It prints out the number of
deleted routes and the number of rounds made to flush the routing
table. If the option is given
twice,
<B>ip route flush</B>
also dumps all the deleted routes in the format described in the
previous subsection.
</DL>
<P>
<DT id="64">ip route get<DD>
get a single route
<DL COMPACT><DT id="65"><DD>
this command gets a single route to a destination and prints its
contents exactly as the kernel sees it.
<P>
<DL COMPACT>
<DT id="66"><B>fibmatch</B>
<DD>
Return full fib lookup matched route. Default is to return the resolved
dst entry
<P>
<DT id="67"><B>to</B><I> ADDRESS </I><B>(default)</B>
<DD>
the destination address.
<P>
<DT id="68"><B>from</B><I> ADDRESS</I>
<DD>
the source address.
<P>
<DT id="69"><B>tos</B><I> TOS</I>
<DD>
<DT id="70"><B>dsfield</B><I> TOS</I>
<DD>
the Type Of Service.
<P>
<DT id="71"><B>iif</B><I> NAME</I>
<DD>
the device from which this packet is expected to arrive.
<P>
<DT id="72"><B>oif</B><I> NAME</I>
<DD>
force the output device on which this packet will be routed.
<P>
<DT id="73"><B>mark</B><I> MARK</I>
<DD>
the firewall mark
(<B>fwmark</B>)
<P>
<DT id="74"><B>vrf</B><I> NAME</I>
<DD>
force the vrf device on which this packet will be routed.
<P>
<DT id="75"><B>ipproto</B><I> PROTOCOL</I>
<DD>
ip protocol as seen by the route lookup
<P>
<DT id="76"><B>sport</B><I> NUMBER</I>
<DD>
source port as seen by the route lookup
<P>
<DT id="77"><B>dport</B><I> NUMBER</I>
<DD>
destination port as seen by the route lookup
<P>
<DT id="78"><B>connected</B>
<DD>
if no source address
(option <B>from</B>)
was given, relookup the route with the source set to the preferred
address received from the first lookup.
If policy routing is used, it may be a different route.
<P>
</DL>
<P>
Note that this operation is not equivalent to
<B>ip route show</B>.
<B>show</B>
shows existing routes.
<B>get</B>
resolves them and creates new clones if necessary. Essentially,
<B>get</B>
is equivalent to sending a packet along this path.
If the
<B>iif</B>
argument is not given, the kernel creates a route
to output packets towards the requested destination.
This is equivalent to pinging the destination
with a subsequent
<B>ip route ls cache</B>,
however, no packets are actually sent. With the
<B>iif</B>
argument, the kernel pretends that a packet arrived from this interface
and searches for a path to forward the packet.
</DL>
<P>
<DT id="79">ip route save<DD>
save routing table information to stdout
<DL COMPACT><DT id="80"><DD>
This command behaves like
<B>ip route show</B>
except that the output is raw data suitable for passing to
<B>ip route restore</B>.
</DL>
<P>
<DT id="81">ip route restore<DD>
restore routing table information from stdin
<DL COMPACT><DT id="82"><DD>
This command expects to read a data stream as returned from
<B>ip route save</B>.
It will attempt to restore the routing table information exactly as
it was at the time of the save, so any translation of information
in the stream (such as device indexes) must be done first. Any existing
routes are left unchanged. Any routes specified in the data stream that
already exist in the table will be ignored.
</DL>
<P>
</DL>
<A NAME="lbAE">&nbsp;</A>
<H2>NOTES</H2>
Starting with Linux kernel version 3.6, there is no routing cache for IPv4
anymore. Hence
<B>ip route show cached</B>
will never print any entries on systems with this or newer kernel versions.
<P>
<A NAME="lbAF">&nbsp;</A>
<H2>EXAMPLES</H2>
<P>
ip ro
<DL COMPACT><DT id="83"><DD>
Show all route entries in the kernel.
</DL>
<P>
ip route add default via 192.168.1.1 dev eth0
<DL COMPACT><DT id="84"><DD>
Adds a default route (for all addresses) via the local gateway 192.168.1.1 that can
be reached on device eth0.
</DL>
<P>
ip route add 10.1.1.0/30 encap mpls 200/300 via 10.1.1.1 dev eth0
<DL COMPACT><DT id="85"><DD>
Adds an ipv4 route with mpls encapsulation attributes attached to it.
</DL>
<P>
ip -6 route add 2001:db8:1::/64 encap seg6 mode encap segs 2001:db8:42::1,2001:db8:ffff::2 dev eth0
<DL COMPACT><DT id="86"><DD>
Adds an IPv6 route with SRv6 encapsulation and two segments attached.
</DL>
<P>
ip route add 10.1.1.0/30 nhid 10
<DL COMPACT><DT id="87"><DD>
Adds an ipv4 route using nexthop object with id 10.
</DL>
<A NAME="lbAG">&nbsp;</A>
<H2>SEE ALSO</H2>
<BR>
<B><A HREF="/cgi-bin/man/man2html?8+ip">ip</A></B>(8)
<P>
<A NAME="lbAH">&nbsp;</A>
<H2>AUTHOR</H2>
Original Manpage by Michail Litvak &lt;<A HREF="mailto:mci@owl.openwall.com">mci@owl.openwall.com</A>&gt;
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="88"><A HREF="#lbAB">NAME</A><DD>
<DT id="89"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="90"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="91"><A HREF="#lbAE">NOTES</A><DD>
<DT id="92"><A HREF="#lbAF">EXAMPLES</A><DD>
<DT id="93"><A HREF="#lbAG">SEE ALSO</A><DD>
<DT id="94"><A HREF="#lbAH">AUTHOR</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:13 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink