1、概述
显示/控制IP路由表
注意:这个程序已经过时了。更换检查ip路由
路线操作内核的IP路由表。它的主要用途是设置静态路由通过一个特定的主机或网络接口当他配置之后
当使用添加或del选项时,路由修改路由表。如果没有这些选项,显示当前路由表的内容。
2、命令格式
route[-CFvnee]
route [-v] [-A family] add [-net|-host] target [netmask Nm] [gw Gw][metric N] [mss M] [window W] [irtt I] [reject] [mod] [dyn] [reinstate] [[dev]If]
route [-v] [-A family] del [-net|-host] target [gwGw] [netmask Nm] [metric N] [[dev] If]
route [-V] [--version] [-h] [--help]
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]#
[root@lb01 ~]# ip route
10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.5 # 原型内核空间链接
172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.5
169.254.0.0/16 dev eth0 scope link metric 1002
169.254.0.0/16 dev eth1 scope link metric 1003
default via10.0.0.2 dev eth0
[root@lb01 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr00:0C:29:70:45:FA
inet addr:10.0.0.5 Bcast:10.0.0.255 Mask:255.255.255.0
………………
eth1 Link encap:Ethernet HWaddr00:0C:29:70:45:04
inet addr:172.16.1.5 Bcast:172.16.1.255 Mask:255.255.255.0
………………
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
………………
3、常用命令选项
OPTIONS
[root@lb01 ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0
172.16.1.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 1002 0 0 eth0
link-local * 255.255.0.0 U 1003 0 0 eth1
default bogon 0.0.0.0 UG 0 0 0 eth0
-Afamily 使用指定的地址族(eg ‘inet’; use ‘route --help’ for a full list)
-F 操作内核的FIB(转发信息库)路由表。这是默认的。
-C 操作内核的路由缓存。
-v 选择详细的操作。
-n ※※※ 显示数值地址而不是试图确定象征性的主机名。这是有用的,如果你试图确定为什么路线命名服务器已经消失了。
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
-e 使用netstat(8)格式显示路由表。-ee显示来自路由表的所有参数信息
[root@lb01 ~]# route -e
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0
172.16.1.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 0 0 0 eth0
link-local * 255.255.0.0 U 0 0 0 eth1
default bogon 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]# route -ee
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0 0 0 0
172.16.1.0 * 255.255.255.0 U 0 0 0 eth1 0 0 0
link-local * 255.255.0.0 U 1002 0 0 eth0 0 0 0
link-local * 255.255.0.0 U 1003 0 0 eth1 0 0 0
default bogon 0.0.0.0 UG 0 0 0 eth0 0 0 0
del 删除一个路由、线路
add 添加一个路由、线路
target 目标网络或主机。你可以提供点分十进制IP地址或主机的/网络名称。
-net 目标是一个网络。
-host 目标是一个主机
netmask NM 当添加一个网络路线,使用的子网掩码。
gw GW 通过一个网关路由数据包。
注:指定的网关必须是可到达的。这通常意味着你必须事先设置一个静态路由到网关。如果您指定了本地接口的地址,它将被用来决定哪些数据包应该被路由到。
metricM 将路由表中的度量字段设置为M(被路由的守护进程使用)。
mssM 设置线路的MTU(最大传输单位)为M字节。注意:当前命令不允许该选项去设置最大段大小(MSS)。
dev If 如果只是要指定由那一块网路卡连线出去,则使用这个设定,后面接 eth0 等
OUTPUT
[root@lb01 ~]# route -ee
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0 0 0 0
172.16.1.0 * 255.255.255.0 U 0 0 0 eth1 0 0 0
link-local * 255.255.0.0 U 1002 0 0 eth0 0 0 0
link-local * 255.255.0.0 U 1003 0 0 eth1 0 0 0
default bogon 0.0.0.0 UG 0 0 0 eth0 0 0 0
[root@lb01 ~]#
[root@lb01 ~]# route -nee
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0 0 0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 0 0 0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 0 0 0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1 0 0 0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0 0 0 0
[root@lb01 ~]#
路由表输出列表如下
Destination 目的地网络或目的地主机。
Gateway 网关地址或‘*’如果没有设置。
Genmask 目标网络的子网掩码;255.255.255.255为主机目的地、“0.0.0.0”为默认路由。
Flags:总共有多个旗标,代表的意义如下:
U (route is up):该路由是启动的;
H (target is a host):目标是一部主机 (IP) 而非网域;
G (use gateway):需要透过外部的主机 (gateway) 来转递封包;
R (reinstate route for dynamicrouting):使用动态路由时,恢复路由资讯的旗标;
D (dynamically installed bydaemon or redirect):已经由服务或转 port 功能设定为动态路由
M (modified from routing daemonor redirect):路由已经被修改了;
! (reject route):这个路由将不会被接受(用来抵挡不安全的网域!)
A (installed by addrconf)
C (cache entry)
Iface 使用哪个网卡发送数据包
4、常用示例
1、查看当前路由信息
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]# cat/etc/sysconfig/network-scripts/ifcfg-eth0 # 当前网关信息
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
USERCTL=no
IPV6INIT=no
IPADDR=10.0.0.5
NETMASK=255.255.255.0
DNS2=223.5.5.5
GATEWAY=10.0.0.2
DNS1=10.0.0.2
[root@lb01 ~]# ping203.81.19.1
PING 203.81.19.1 (203.81.19.1) 56(84) bytes ofdata.
64 bytes from 203.81.19.1: icmp_seq=1 ttl=128 time=7.42ms
64 bytes from 203.81.19.1: icmp_seq=2 ttl=128time=13.5 ms
^C
--- 203.81.19.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss,time 1330ms
rtt min/avg/max/mdev = 7.429/10.514/13.599/3.085 ms
2、默认网关的操作
### 删除默认网关
[root@lb01 ~]# route deldefault gw 10.0.0.2 # 删除默认网关
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
[root@lb01 ~]# ping203.81.19.1 # 外网不通
connect: Network is unreachable
### 添加默认网关
[root@lb01 ~]# route adddefault gw 10.0.0.2 # 添加默认网关
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]# ping 203.81.19.1 # 外网通畅
PING 203.81.19.1 (203.81.19.1) 56(84) bytes ofdata.
64 bytes from 203.81.19.1: icmp_seq=1 ttl=128time=14.4 ms
64 bytes from 203.81.19.1: icmp_seq=2 ttl=128time=11.3 ms
^C
--- 203.81.19.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss,time 1327ms
rtt min/avg/max/mdev = 11.359/12.905/14.452/1.550ms
3、网络路由【不同网段通信】
如下图实现他们之间的通信
对应的网卡信息如下
### 主机1
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr00:0C:29:B9:9F:6C
inet addr:10.0.0.52 Bcast:10.0.0.255 Mask:255.255.255.0
………………
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
………………
## 主机2
[root@lb01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@lb01 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr00:0C:29:70:45:FA
inet addr:10.0.0.5 Bcast:10.0.0.255 Mask:255.255.255.0
………………
eth1 Link encap:Ethernet HWaddr00:0C:29:70:45:04
inet addr:172.16.1.5 Bcast:172.16.1.255 Mask:255.255.255.0
………………
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
………………
## 主机3
[root@web01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
[root@web01 ~]# ifconfig
eth1 Link encap:Ethernet HWaddr00:0C:29:9A:7F:1D
inet addr:172.16.1.8 Bcast:172.16.1.255 Mask:255.255.255.0
………………
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
………………
具体操作
1、实现主机1和主机3互相通信
### 主机1
[root@db02 ~]# ping172.16.1.8
PING 172.16.1.8 (172.16.1.8) 56(84) bytes of data. #ping不通
^C
--- 172.16.1.8 ping statistics ---
3 packets transmitted, 0 received, 100% packetloss, time 2231ms
[root@db02 ~]# route add-net 172.16.1.0 netmask 255.255.255.0 gw 10.0.0.5 # ç 添加网段
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 10.0.0.5 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# ping 172.16.1.8 ## 还是ping不通,因为去的路通了,但是回来的路还不通
PING 172.16.1.8(172.16.1.8) 56(84) bytes of data.
^C
--- 172.16.1.8ping statistics ---
3 packetstransmitted, 0 received, 100% packet loss, time 2051ms
## 主机3
[root@web01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
[root@web01 ~]# route add-net 10.0.0.0 netmask 255.255.255.0 gw 172.16.1.5 # ç 添加网段
[root@web01 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 172.16.1.5 255.255.255.0 UG 0 0 0 eth1
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
#### 这样相互之间就可以通信了
## 主机1
[root@db02 ~]# ping 172.16.1.8
PING 172.16.1.8 (172.16.1.8) 56(84) bytes of data.
64 bytes from 172.16.1.8: icmp_seq=1 ttl=63time=0.917 ms
64 bytes from 172.16.1.8: icmp_seq=2 ttl=63time=1.93 ms
64 bytes from 172.16.1.8: icmp_seq=3 ttl=63time=1.23 ms
^C
--- 172.16.1.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,time 2267ms
rtt min/avg/max/mdev = 0.917/1.361/1.932/0.425 ms
## 主机3
[root@web01 ~]# ping 10.0.0.52 #ping通了
PING 10.0.0.52 (10.0.0.52) 56(84) bytes of data.
64 bytes from 10.0.0.52: icmp_seq=1 ttl=63time=0.915 ms
64 bytes from 10.0.0.52: icmp_seq=2 ttl=63time=1.06 ms
64 bytes from 10.0.0.52: icmp_seq=3 ttl=63time=1.34 ms
^C
--- 10.0.0.52 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,time 2205ms
rtt min/avg/max/mdev = 0.915/1.107/1.342/0.178 ms
如下图:
2、添加网段通信和删除网段
### 添加
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# route add-net 172.16.1.0 netmask 255.255.255.0 gw 10.0.0.5
## 或者 route add -net172.16.1.0/24 gw 10.0.0.5
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 10.0.0.5 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
### 或者如下,添加网段
[root@db02 ~]# route add -net 172.16.1.0/24 dev eth0 ## 不建议使用
[root@db02 ~]#route -n
Kernel IProuting table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 # ç 经测试有问题,不推荐使用
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
### 删除路由
[root@db02 ~]# route del-net 172.16.1.0 netmask 255.255.255.0
[root@db02 ~]# route del-net 172.16.1.0/24
4、主机路由
### 添加主机路由
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# route add-host 10.0.0.5 dev eth0
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
### 删除主机路由
[root@db02 ~]# route del-host 10.0.0.5 dev eth0
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
5、路由信息永久生效
### 路由信息如下
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# route add-net 172.16.1.0/24 gw 10.0.0.5
[root@db02 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 10.0.0.5 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
### 方法1
[root@db02 ~]# tail -2 /etc/rc.local # ç 开机生效,但是重启网卡失效【不推荐】
# route info
route add -net 172.16.1.0/24 gw10.0.0.5
### 方法2
[root@db02 ~]# route -n ### 只有外网 10.0.0.52
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 10.0.0.5 255.255.255.0 UG 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
0.0.0.0 10.0.0.2 0.0.0.0 UG 0 0 0 eth0
[root@db02 ~]# vim /etc/sysconfig/static-routes # ç 默认该文件不存在,重启系统和网卡都有效【外网内网都可以,推荐使用】
any net 172.16.1.0/24 gw 10.0.0.5
###**********************
[root@web01 ~]# route -n ### 只有内网 172.16.1.8
Kernel IProuting table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 172.16.1.5 255.255.255.0 UG 0 0 0 eth1
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
[root@web01 ~]#vim /etc/sysconfig/static-routes # ç 默认该文件不存在,重启系统和网卡都有效【外网内网都可以,推荐使用】
any net 10.0.0.0/24 gw172.16.1.5
### 方法3
[root@db02 ~]# vim/etc/sysconfig/network-scripts/route-eth0 # ç 默认该文件不存在,重启系统和网卡都有效【测试时:外网可以,内网失效】
172.16.1.0/24 via 10.0.0.5
如果是默认路由网关配置
5、命令所在位置和类型
[root@db02 ~]# which route
/sbin/route
[root@db02 ~]# type route
route is hashed (/sbin/route)
6、另请参见
1、关于linux的添加永久静态路由的static-routes方法