Linux find route for a particular host or network by checking the routing table. Whenever we enter a route entry by default it move into main routing table.
root# ip route show
root# ip route add 10.60.0.1 via 10.20.0.1
All above command will apply on main routing table.
We can create custom routing tables and set rule to forward certain traffic to new created routing table.
To create a new routing table, edit the file /etc/iproute2/rt_tables and add entry for new table
root# vi /etc/iproute2/rt_tables
and add following line
100 newrtable
100 is id and newrtable is name of routing table.
To check current entries in newly created routing table
root# ip route show table newrtable
To add route entry in routing table
root# ip route add default via 10.46.0.1 table newrtable
Here default gateway for this route table is 10.46.0.1. check table again
root# ip route show table newrtable
To forward traffic to this newly created route table , iptables command can be used along with ip rule command
root# iptables -t mangle -A OUTPUT -p tcp --dport 22 -j MARK --set-mark 100
Here ssh traffic marked with lablel 100
and then
root# ip rule add fwmark 100 lookup newrtable
Here the traffic marked with lablel 100 routed to table newrtable
root# ip route show
root# ip route add 10.60.0.1 via 10.20.0.1
All above command will apply on main routing table.
We can create custom routing tables and set rule to forward certain traffic to new created routing table.
To create a new routing table, edit the file /etc/iproute2/rt_tables and add entry for new table
root# vi /etc/iproute2/rt_tables
and add following line
100 newrtable
100 is id and newrtable is name of routing table.
To check current entries in newly created routing table
root# ip route show table newrtable
To add route entry in routing table
root# ip route add default via 10.46.0.1 table newrtable
Here default gateway for this route table is 10.46.0.1. check table again
root# ip route show table newrtable
To forward traffic to this newly created route table , iptables command can be used along with ip rule command
root# iptables -t mangle -A OUTPUT -p tcp --dport 22 -j MARK --set-mark 100
Here ssh traffic marked with lablel 100
and then
root# ip rule add fwmark 100 lookup newrtable
Here the traffic marked with lablel 100 routed to table newrtable
