JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 1M: System Administration Commands     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Introduction

System Administration Commands - Part 1

System Administration Commands - Part 2

luxadm(1M)

mail.local(1M)

makedbm(1M)

makemap(1M)

masfcnv(1M)

mdlogd(1M)

mdmonitord(1M)

mdnsd(1M)

medstat(1M)

metaclear(1M)

metadb(1M)

metadetach(1M)

metadevadm(1M)

metahs(1M)

metaimport(1M)

metainit(1M)

metaoffline(1M)

metaonline(1M)

metaparam(1M)

metarecover(1M)

metarename(1M)

metareplace(1M)

metaset(1M)

metassist(1M)

metastat(1M)

metasync(1M)

metattach(1M)

mib2mof(1M)

mibiisa(1M)

mkbootmedia(1M)

mkdevalloc(1M)

mkdevmaps(1M)

mkfifo(1M)

mkfile(1M)

mkfs(1M)

mkfs_pcfs(1M)

mkfs_udfs(1M)

mkfs_ufs(1M)

mknod(1M)

mkntfs(1M)

mkpwdict(1M)

modinfo(1M)

modload(1M)

modunload(1M)

mofcomp(1M)

mofreg(1M)

monacct(1M)

monitor(1M)

mount(1M)

mountall(1M)

mountd(1M)

mount_hsfs(1M)

mount_nfs(1M)

mount_pcfs(1M)

mount_smbfs(1M)

mount_tmpfs(1M)

mount_udfs(1M)

mount_ufs(1M)

mpathadm(1M)

mpstat(1M)

msgid(1M)

mvdir(1M)

named(1M)

named-checkconf(1M)

named-checkzone(1M)

named-compilezone(1M)

ncaconfd(1M)

ncheck(1M)

ncheck_ufs(1M)

ndd(1M)

ndmpadm(1M)

ndmpd(1M)

ndmpstat(1M)

netadm(1M)

netcfg(1M)

netcfgd(1M)

netservices(1M)

netstat(1M)

netstrategy(1M)

newaliases(1M)

newfs(1M)

newkey(1M)

nfs4cbd(1M)

nfsd(1M)

nfslogd(1M)

nfsmapid(1M)

nfsref(1M)

nfsstat(1M)

nscadm(1M)

nscd(1M)

nscfg(1M)

nsdb-list(1M)

nsdb-nces(1M)

nsdbparams(1M)

nsdb-resolve-fsn(1M)

nsdb-update-nci(1M)

nslookup(1M)

nsupdate(1M)

ntfscat(1M)

ntfsclone(1M)

ntfscluster(1M)

ntfscmp(1M)

ntfscp(1M)

ntfsfix(1M)

ntfsinfo(1M)

ntfslabel(1M)

ntfsls(1M)

ntfsprogs(1M)

ntfsresize(1M)

ntfsundelete(1M)

nulladm(1M)

nwamd(1M)

obpsym(1M)

oplhpd(1M)

pageout(1M)

parted(1M)

pbind(1M)

pcitool(1M)

pfedit(1M)

pginfo(1M)

pgstat(1M)

picld(1M)

ping(1M)

pkg2du(1M)

pkgadd(1M)

pkgadm(1M)

pkgask(1M)

pkgchk(1M)

pkgcond(1M)

pkg.depotd(1M)

pkgrm(1M)

pkg.sysrepo(1M)

plockstat(1M)

pntadm(1M)

polkit-is-privileged(1M)

pooladm(1M)

poolbind(1M)

poolcfg(1M)

poold(1M)

poolstat(1M)

ports(1M)

poweradm(1M)

poweroff(1M)

powertop(1M)

pppd(1M)

pppoec(1M)

pppoed(1M)

pppstats(1M)

praudit(1M)

prctmp(1M)

prdaily(1M)

projadd(1M)

projdel(1M)

projmod(1M)

prstat(1M)

prtacct(1M)

prtconf(1M)

prtdiag(1M)

prtdscp(1M)

prtfru(1M)

prtpicl(1M)

prtvtoc(1M)

psradm(1M)

psrinfo(1M)

psrset(1M)

pwck(1M)

pwconv(1M)

quot(1M)

quota(1M)

quotacheck(1M)

quotaoff(1M)

quotaon(1M)

rad(1M)

raidctl(1M)

ramdiskadm(1M)

rarpd(1M)

rcapadm(1M)

rcapd(1M)

rctladm(1M)

rdate(1M)

rdisc(1M)

reboot(1M)

rem_drv(1M)

remove_allocatable(1M)

removef(1M)

reparsed(1M)

repquota(1M)

restricted_shell(1M)

rexd(1M)

rexecd(1M)

rlogind(1M)

rmmount(1M)

rmt(1M)

rmvolmgr(1M)

rndc(1M)

rndc-confgen(1M)

roleadd(1M)

roledel(1M)

rolemod(1M)

root_archive(1M)

route(1M)

routeadm(1M)

routed(1M)

rpcbind(1M)

rpc.bootparamd(1M)

rpcinfo(1M)

rpc.mdcommd(1M)

rpc.metad(1M)

rpc.metamedd(1M)

rpc.metamhd(1M)

rpc.rexd(1M)

rpc.rstatd(1M)

rpc.rusersd(1M)

rpc.rwalld(1M)

rpc.smserverd(1M)

rpc.sprayd(1M)

rpc.yppasswdd(1M)

rpc.ypupdated(1M)

rquotad(1M)

rsh(1M)

rshd(1M)

rstatd(1M)

rtc(1M)

rtquery(1M)

runacct(1M)

rusersd(1M)

rwall(1M)

rwalld(1M)

rwhod(1M)

sa1(1M)

sa2(1M)

sadc(1M)

sar(1M)

sasinfo(1M)

savecore(1M)

sbdadm(1M)

sched(1M)

sckmd(1M)

scmadm(1M)

sconadm(1M)

sendmail(1M)

sftp-server(1M)

shadowd(1M)

shadowstat(1M)

share(1M)

shareall(1M)

sharectl(1M)

share_nfs(1M)

share_smb(1M)

showmount(1M)

shutacct(1M)

shutdown(1M)

slpd(1M)

smattrpop(1M)

smbadm(1M)

smbd(1M)

smbiod(1M)

smbiod-svc(1M)

smbios(1M)

smbstat(1M)

smrsh(1M)

smtp-notify(1M)

sndradm(1M)

sndrd(1M)

sndrsyncd(1M)

snmpdx(1M)

snmp-notify(1M)

snmpXwbemd(1M)

snoop(1M)

soconfig(1M)

soladdapp(1M)

soldelapp(1M)

solstice(1M)

sppptun(1M)

spray(1M)

sprayd(1M)

srptadm(1M)

sshd(1M)

ssh-keysign(1M)

startup(1M)

statd(1M)

stclient(1M)

stmfadm(1M)

stmsboot(1M)

strace(1M)

strclean(1M)

strerr(1M)

sttydefs(1M)

su(1M)

sulogin(1M)

suriadm(1M)

svadm(1M)

svcadm(1M)

svcbundle(1M)

svccfg(1M)

svc.configd(1M)

svc.ipfd(1M)

svc.startd(1M)

swap(1M)

sxadm(1M)

sync(1M)

syncinit(1M)

syncloop(1M)

syncstat(1M)

sysconfig(1M)

sysdef(1M)

syseventadm(1M)

syseventconfd(1M)

syseventd(1M)

syslogd(1M)

talkd(1M)

tapes(1M)

telnetd(1M)

tftpd(1M)

th_define(1M)

th_manage(1M)

tic(1M)

tncfg(1M)

tnchkdb(1M)

tnctl(1M)

tnd(1M)

tninfo(1M)

tpmadm(1M)

traceroute(1M)

trapstat(1M)

ttymon(1M)

tunefs(1M)

turnacct(1M)

txzonemgr(1M)

tzreload(1M)

tzselect(1M)

uadmin(1M)

ucodeadm(1M)

ufsdump(1M)

ufsrestore(1M)

umount(1M)

umountall(1M)

System Administration Commands - Part 3

route

- manually manipulate the routing tables

Synopsis

route [-fnvq] sub-command [ [modifiers] args]
route [-fnvq] [-p [-R root-dir]] add | delete [modifiers] destination gateway 
     [args]
route [-fnvq] change | get [modifiers] destination 
     [gateway [args]]
route [-fn] monitor [modifiers]
route [-fnvq] flush [modifiers]
route -p [-R root-dir] show

Description

route manually manipulates the network routing tables. These tables are normally maintained by the system routing daemon, such as in.routed(1M) and in.ripngd(1M).

route supports a limited number of general options, but a rich command language. Users can specify an arbitrary request that can be delivered by means of the programmatic interface discussed in route(7P).

route uses a routing socket and the new message types RTM_ADD, RTM_DELETE, RTM_GET, and RTM_CHANGE. While only superusers can modify routing tables, the RTM_GET operation is allowed for non-privileged users.

Options

-f

Flush the routing tables of all gateway entries. If you use the -f option in conjunction with any of the route sub-commands, route flushes the gateways before performing the sub-command. Specify the table to flush by placing the inet or inet6 modifier immediately after the -f option. If unspecified, flushing IPv4 (inet) routes is the default.

-n

Prevent attempts to print host and network names symbolically when reporting actions. This option is useful when name servers are unavailable.

-p

Make changes to the network route tables persistent across system restarts. The operation is applied to the network routing tables first and, if successful, is then applied to the list of saved routes associated with the currently active Network Configuration Profile (refer to netcfg(1M) for more information about network configuration profiles). In determining whether an operation was successful, a failure to add a route that already exists or to delete a route that is not in the routing table is ignored. Particular care should be taken when using host or network names in persistent routes, as network-based name resolution services are not available at the time routes are added at startup.

-q

Suppress all output.

-R root-dir

Specify an alternate root directory where route applies changes. This option is ignored unless used in conjunction with the -p option. When -R is specified, route changes are applied only to the list of saved routes to be used at startup, not to the network routing tables. In addition, certain checks, such as the existence of network interfaces used with -ifp, are skipped. This can be useful from within JumpStart scripts, where the root directory of the system being modified is in a location other than /.

-v

Print additional details in verbose mode.

Subcommands

The following subcommands are supported:

add

Add a route.

change

Change aspects of a route (such as its gateway).

delete

Delete a specific route.

flush

Remove all gateway entries from the routing table.

get

Look up and display the route for a destination.

monitor

Continuously report any changes to the routing information base, routing lookup misses, or suspected network partitionings.

show

Display the list of routes to be applied at system startup. Can be used only in conjunction with the -p option.

The add and delete sub-commands have the following syntax:

route [ -fnvq ] cmd destination gateway [metric/netmask]

where cmd is add or delete, destination is the destination host or network, and gateway is the next-hop intermediary through which packets should be routed. Modifiers described in OPERANDS can be placed anywhere on the command line.

The get and change sub-commands have the following syntax:

route [ -fnvq ] cmd destination [gateway [metric/netmask]]

where cmd is get or change, destination is the destination host or network, and gateway is the next-hop intermediary through which packets should be routed. Modifiers described in OPERANDS can be placed anywhere on the command line.

The monitor sub-command has the following syntax:

route monitor [ -inet | -inet6 ]

Operands

route executes its sub-commands on routes to destinations by way of gateways.

Destinations and Gateways

By default, destination and gateway addresses are interpreted as IPv4 addresses. All symbolic names are tried first as a host name, using getipnodebyname(3SOCKET). If this lookup fails in the AF_INET case, getnetbyname(3SOCKET) interprets the name as that of a network.

Including an optional modifier on the command line before the address changes how the route sub-command interprets it.

The following modifiers are supported:

-inet

Force the address to be interpreted as an IPv4 address, that is, under the AF_INET address family.

-inet6

Force the address to be interpreted as an IPv6 address, that is, under the AF_INET6 address family.

For IPv4 addresses, routes to a particular host are by default distinguished from those to a network by interpreting the Internet address specified as the destination. If the destination has a local address part (that is, the portion not covered by the netmask) of 0, or if the destination is resolved as the symbolic name of a network, then the route is assumed to be to a network; otherwise, it is presumed to be a route to a host.

You can force this selection by using one of the following modifiers:

-host

Force the destination to be interpreted as a host.

-net

Force the destination to be interpreted as a network.

For example:

Destination
Destination Equivalent
128.32
-host 128.0.0.32
128.32.130
-host 128.32.0.130
-net 128.32
128.32.0.0
-net 128.32.130
128.32.130.0

Two modifiers avoid confusion between addresses and keywords (for example., host used as a symbolic host name). You can distinguish a destination by preceding it with the -dst modifier. You can distinguish a gateway address by using the -gateway modifier. If the destination is directly reachable by way of an interface requiring no intermediary IP router to act as a gateway, this can be indicated by using the -interface or -iface modifier.

In the following example, the route does not refer to an external gateway (router), but rather to one of the machine's interfaces. Packets with IP destination addresses matching the destination and mask on such a route are sent out on the interface identified by the gateway address. For interfaces using the ARP protocol, this type of route is used to specify that all matching destinations are local to the physical link. That is, a host could be configured to ARP for all addresses, without regard to the configured interface netmask, by adding a default route using this command. For example:

example# route add default hostname -interface

where gateway address hostname is the name or IP address associated with the network interface over which all matching packets should be sent. On a host with a single network interface, hostname is usually the same as the nodename returned by the uname -n command. See uname(1).

For backward compatibility with older systems, directly reachable routes can also be specified by placing a 0 after the gateway address:

example# route add default hostname 0 

This value was once a route metric, but this metric is no longer used. If the value is specified as 0, then the destination is directly reachable (equivalent to specifying -interface). If it is non-zero but cannot be interpreted as a subnet mask, then a gateway is used (default).

With the AF_INET address family or an IPv4 address, a separate subnet mask can be specified. This can be specified in one of the following ways:

If a subnet mask is not specified, the mask used is the subnet mask of the output interface selected by the gateway address, if the classful network of the destination is the same as the classful network of the interface. Otherwise, the classful network mask for the destination address is used.

Each of the following examples creates an IPv4 route to the destination 192.0.2.32 subnet with a subnet mask of 255.255.255.224:

example# route add 192.0.2.32/27 somegateway
example# route add 192.0.2.32 -netmask 255.255.255.224 somegateway
example# route add 192.0.2.32 somegateway 255.255.255.224

For IPv6, only the slash format is accepted. The following example creates an IPv6 route to the destination 33fe:: with a netmask of 16 one-bits followed by 112 zero-bits.

example# route add -inet6 3ffe::/16 somegateway

In cases where the gateway does not uniquely identify the output interface (for example, when several interfaces have the same address), you can use the -ifp ifname modifier to specify the interface by name. For example, -ifp lo0 associates the route with the lo0 interface. If the named interface is an underlying interface in an IPMP (IP multipathing) group, then requests to add a route will automatically be translated to the corresponding IPMP IP interface, and requests to delete or change a route on an underlying interface will fail.

When the routing table contains several equal routes, that is, routes for the same destination and mask, then IP attempts to spread the traffic over those routes. The spreading is such that an individual transport connection uses the same route to avoid packet reordering as seen by, for example, TCP. The details of the spreading algorithm is not documented and is likely to evolve over time.

Routing Flags

Routes have associated flags that influence operation of the protocols when sending to destinations matched by the routes. These flags can be set (and in some cases cleared, indicated by ~) by including the following modifiers on the command line:

Modifier
Flag
Description
-interface
~RTF_GATEWAY
Destination is directly reachable
-iface
~RTF_GATEWAY
Alias for interface modifier
-static
RTF_STATIC
Manually added route
-nostatic
~RTF_STATIC
Pretend route was added by kernel or routing daemon
-reject
RTF_REJECT
Emit an ICMP unreachable when matched
-blackhole
RTF_BLACKHOLE
Silently discard packets
-proto1
RTF_PROTO1
Set protocol specific routing flag #1
-proto2
RTF_PROTO2
Set protocol specific routing flag #2
-private
RTF_PRIVATE
Do not advertise this route
-multirt
RTF_MULTIRT
Creates the specified redundant route
-setsrc
RTF_SETSRC
Assigns the default source address
-indirect
RTF_INDIRECT
Allows adding routes where gateway is not on-link

The optional -indirect modifier allows adding routes where the gateway is not directly reachable. When an indirect route is the best match for a packet to be sent or forwarded, then IP proceeds to look up that gateway to find a route that is directly reachable. The -indirect modifier can be used even if the gateway is directly reachable.

The optional modifiers -rtt, -rttvar, -sendpipe, -recvpipe, -mtu, -hopcount, -expire, and -ssthresh provide initial values to quantities maintained in the routing entry by transport level protocols, such as TCP. These can be individually locked either by preceding each modifier to be locked by the -lock meta-modifier, or by specifying that all ensuing metrics can be locked by the -lockrest meta-modifier.

Some transport layer protocols can support only some of these metrics. The following optional modifiers are supported:

-expire

Lifetime for the entry. This optional modifier is not currently supported.

-hopcount

Maximum hop count. This optional modifier is not currently supported.

-mtu

Maximum MTU in bytes.

-recvpipe

Receive pipe size in bytes.

-rtt

Round trip time in microseconds.

-rttvar

Round trip time variance in microseconds.

-sendpipe

Send pipe size in bytes.

-ssthresh

Send pipe size threshold in bytes.

-secattr

Security attributes of the route. This modifier is available only if the system is configured with the Solaris Trusted Extensions feature.

The -secattr modifier has the following format:

min_sl=val,max_sl=val,doi=val,cipso

or:

sl=VAL,doi=VAL,cipso

In the first form, above, the val for min_sl and max_sl is a sensitivity label in either hex or string form. The val for doi is a non-negative integer. The route will apply only for packets with the same domain of interpretation as defined by the doi value and within the accreditation range defined by the min_sl and max_sl values. The cipso keyword is optional and set by default. Valid min_sl, max_sl and doi keyword/value pairs are mandatory. Note that if val contains a space, it must be protected by double quotes.

The second form, above, is equivalent to specifying the first form with the same VAL for min_sl and max_sl. The second form should be used for the get command, because get uses only a single sensitivity label.

Compatibility

The modifiers host and net are taken to be equivalent to -host and -net. To specify a symbolic address that matches one of these names, use the dst or gateway keyword to distinguish it. For example: -dst host

The following two flags are also accepted for compatibility with older systems, but have no effect.

Modifier
Flag
-cloning
RTF_CLONING
-xresolve
RTF_XRESOLVE

The -ifa hostname modifier is also accepted, but has no effect.

Files

/etc/defaultrouter

List of default routers

/etc/hosts

List of host names and net addresses

/etc/networks

List of network names and addresses

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/core-os

See Also

uname(1), in.ripngd(1M), in.routed(1M), netcfg(1M), netstat(1M), routed(1M), ioctl(2), getipnodebyname(3SOCKET), getnetbyname(3SOCKET), inet_addr(3SOCKET), defaultrouter(4), hosts(4), networks(4), attributes(5), arp(7P), ip(7P), route(7P), routing(7P)

Diagnostics

add [ hostnetwork ] destination:gateway flags

The specified route is being added to the tables. The values printed are from the routing table entry supplied in the ioctl(2) call. If the gateway address used was not the primary address of the gateway (the first one returned by getipnodebyname(3SOCKET)) the gateway address is printed numerically as well as symbolically.

delete [ hostnetwork ] destination:gateway flags
change [ hostnetwork ] destination:gateway flags

As add, but when deleting or changing an entry.

destination done

When the -f flag is specified, or the flush sub-command is used, each routing table entry deleted is indicated with a message of this form.

Network is unreachable

An attempt to add a route failed because the gateway listed was not on a directly-connected network. Give the next-hop gateway instead.

not in table

A delete operation was attempted for an entry that is not in the table.

entry exists

An add operation was attempted for a route that already exists in the kernel.

routing table overflow

An operation was attempted, but the system was unable to allocate memory to create the new entry.

insufficient privileges

An attempt to add, delete, change, or flush a route failed because the calling process does not have appropriate privileges.

Notes

Specifying that destinations are local (with the -interfacemodifier) assumes that the routers implement proxy ARP, meaning that they respond to ARP queries for all reachable destinations. Normally, using either router discovery or RIP is more reliable and scalable than using proxy ARP. See in.routed(1M) for information related to RIP.

Combining the all destinations are local route with subnet or network routes can lead to unpredictable results. The search order as it relates to the all destinations are local route are undefined and can vary from release to release.