summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
Diffstat (limited to 'sbin')
-rw-r--r--sbin/route/route.8659
1 files changed, 282 insertions, 377 deletions
diff --git a/sbin/route/route.8 b/sbin/route/route.8
index 4015d2b7ef7..0b4368d29ec 100644
--- a/sbin/route/route.8
+++ b/sbin/route/route.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: route.8,v 1.111 2023/02/21 07:47:24 jmc Exp $
+.\" $OpenBSD: route.8,v 1.112 2023/03/02 17:11:33 jmc Exp $
.\" $NetBSD: route.8,v 1.6 1995/03/18 15:00:13 cgd Exp $
.\"
.\" Copyright (c) 1983, 1991, 1993
@@ -30,7 +30,7 @@
.\"
.\" @(#)route.8 8.3 (Berkeley) 3/19/94
.\"
-.Dd $Mdocdate: February 21 2023 $
+.Dd $Mdocdate: March 2 2023 $
.Dt ROUTE 8
.Os
.Sh NAME
@@ -46,33 +46,25 @@
.Ar arg ...
.Oc
.Sh DESCRIPTION
-.Nm
-is a utility used to manually view and manipulate the network routing tables.
-.Nm
-can be used to modify nearly any aspect of the routing policy,
-except packet forwarding, which can be manipulated through the
-.Xr sysctl 8
-command.
-.Pp
+At system start,
+routing tables are initialised and configured by
+.Xr netstart 8 .
The
.Nm
-utility supports a limited number of general options,
-but a rich command language enables the user to specify
-any arbitrary request that could be delivered via the
-programmatic interface discussed in
-.Xr route 4 .
+utility can be used to view or manually manipulate the network routing tables.
+Only the superuser may modify the routing tables.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl d
-Run in debug-only mode, i.e., don't actually modify the routing table.
+Run in debug-only mode, i.e. don't actually modify the routing table.
.It Fl n
Bypass attempts to print host and network names symbolically
when reporting actions.
-(The process of translating between symbolic
+The process of translating between symbolic
names and numerical equivalents can be quite time consuming, and
may require correct operation of the network; thus it may be expedient
-to forgo this, especially when attempting to repair networking operations.)
+to forgo this, especially when attempting to repair networking operations.
.It Fl q
Suppress all output.
.It Fl T Ar rtable
@@ -85,23 +77,206 @@ Write routing messages to a fake device
.Pa ( /dev/null )
instead of a real routing socket to test route manipulation.
.It Fl v
-(verbose) Print additional details.
+Print additional details.
.El
.Pp
-.Tg command
-The
-.Nm
-utility provides the following simple commands:
+The commands are as follows:
+.Pp
+.Bl -tag -width "XXXX" -compact
+.It Xo
+.Nm route
+.Op Fl dnqtv
+.Op Fl T Ar rtable
+.Cm add
+.Op Ar modifier
+.Ar destination
+.Ar gateway
+.Xc
+.It Xo
+.Nm route
+.Op Fl dnqtv
+.Op Fl T Ar rtable
+.Cm change
+.Op Ar modifier
+.Ar destination
+.Ar gateway
+.Xc
+Add a new route, or modify an existing route, to the host or network at
+.Ar destination .
+.Ar gateway
+is the next-hop intermediary by which packets should be routed.
+See
+.Sx Address notation and interpretation
+for more information.
+.Pp
+A number of modifiers can be used with
+.Cm add
+and
+.Cm change ,
+and as documented with the other commands:
.Pp
.Bl -tag -width Ds -compact
+.It Ar flags
+Various flags can be set on routes
+(viewable using
+.Cm show ) :
+.Pp
+.Bl -tag -width -blackhole -compact
+.It Fl blackhole
+silently discard packets
+.It Fl cloning
+generates a new route on use
+.It Fl iface
+destination is directly reachable
+.It Fl llinfo
+validly translates address to link address
+.It Fl mpath
+multiple gateways for a destination exist
+.It Fl nostatic
+pretend route added by kernel or daemon
+.It Fl proto1
+sets protocol specific routing flag #1
+.It Fl proto2
+sets protocol specific routing flag #2
+.It Fl reject
+emits an ICMP unreachable when matched
+.It Fl static
+manually added route (default)
+.El
+.Pp
+The
+.Fl blackhole
+and
+.Fl reject
+flags require a
+.Ar gateway
+to the loopback interface,
+either 127.0.0.1 or ::1.
+.Pp
+.It Oo Fl lock | Fl lockrest Oc Fl expire Ar n
+.It Oo Fl lock | Fl lockrest Oc Fl mtu Ar n
+Specify the lifetime for the route (e.g. if generated by a redirect)
+or the Maximum Transmission Unit (MTU) size for this path, respectively.
+The value
+.Ar n
+is locked if preceded by
+.Fl lock ;
+if preceded by
+.Fl lockrest
+all following
+.Fl expire
+and
+.Fl mtu
+metrics are locked.
+.Pp
+.It Fl host | net
+Interpret
+.Ar destination
+as a host or network, respectively.
+.Pp
+.It Fl ifa Ar address
+.It Fl ifp Ar ifname
+Where the destination and gateway are not sufficient to specify
+the route,
+these modifiers may be used to determine the interface address
+.Pq Fl ifa
+or name
+.Pq Fl ifp .
+.Pp
+.It Fl label Ar label
+Associate the route with a
+.Ar label .
+Route labels can be used to attach arbitrary information to a route.
+.Pp
+.It Fl mpath
+Used to enter multiple gateways for the same destination address (multipath).
+When multiple routes exist for a destination, one route is selected based
+on the source address of the packet.
+The
+.Xr sysctl 8
+variables
+.Va net.inet.ip.multipath
+and
+.Va net.inet6.ip6.multipath
+are used to control multipath routing.
+If set to 1,
+multiple routes with the same priority are used equally;
+if set to 0,
+the first route selected will be used for subsequent packets to that
+destination regardless of source.
+.Pp
+.It Xo
+.Fl mplslabel in Ar label
+.Fl push Ns | Ns Fl pop Ns | Ns Fl swap
+.Op Fl out Ar label
+.Fl inet Ar nexthop
+.Xc
+For MPLS routes,
+specify an ingress LSR to associate a particular label to an IPv4/IPv6 route.
+The MPLS traffic
+.Fl in
+and
+.Fl out
+modifiers are intended to identify the ingress label and, optionally,
+the outgoing one.
+Additionally, one of the following operations must be used:
+.Fl push ,
+.Fl pop
+or
+.Fl swap .
+Route's nexthop can be specified with the modifier
+.Fl inet .
+.Pp
+.It Fl netmask Ar mask
+.It Fl prefixlen Ar len
+Used to add subnet routes with the specified netmask.
+The netmask should be specified after the
+.Ar destination
+parameter.
+If no netmask is specified,
+an implicit one is used for the
+.Dv AF_INET
+family.
+The network mask can also be specified as a prefix length,
+but in that case one of either
+.Fl inet
+or
+.Fl inet6
+must also be specified.
+.Pp
+.It Fl priority Ar n
+Specifies a routing priority.
+If no priority is specified, the kernel will set a priority depending on the
+.Dv RTF_STATIC
+flag to either
+.Dv RTP_STATIC
+or
+.Dv RTP_DEFAULT .
+Note that priority 1 is reserved for kernel use.
+.El
+.Pp
+.It Xo
+.Nm route
+.Op Fl dnqtv
+.Op Fl T Ar rtable
+.Cm del Ns Op Cm ete
+.Ar destination
+.Op Fl priority Ar n
+.Op Ar gateway
+.Xc
+Delete the route to
+.Ar destination .
+If multiple routes to the destination exist,
+a specific route must be selected by specifying the priority
+and/or a gateway.
+.Pp
.It Xo
.Nm route
.Op Fl T Ar rtable
-.Tg
.Cm exec
.Op Ar command ...
.Xc
-Execute a command forcing the process and its children to use the
+Execute a command, forcing the process and its children to use the
routing table and appropriate routing domain as specified with the
.Fl T Ar rtable
option.
@@ -110,16 +285,14 @@ option.
.Nm route
.Op Fl nqv
.Op Fl T Ar rtable
-.Tg
.Cm flush
-.Op Ar modifier ...
+.Op Ar family
+.Op Fl iface Ar ifname
+.Op Fl priority Ar n
.Xc
-Delete all gateway entries from the routing table.
-When the address family is specified by any one of the
-.Ar family
-modifiers (listed below), only routes having destinations with addresses
-in the delineated family will be deleted.
-Also, only routes matching a specific interface or priority can be flushed
+Delete all gateway entries from the routing table,
+optionally limited to a specific address family.
+Routes matching a specific interface or priority can be flushed
by using the
.Fl iface
or
@@ -127,48 +300,44 @@ or
modifiers.
.Pp
.It Xo
+.Bk -words
.Nm route
.Op Fl nv
.Op Fl T Ar rtable
-.Tg
.Cm get
-.Op Ar modifier ...
-.Ar address
+.Ar destination
+.Op Fl priority Ar n
+.Op Ar gateway
+.Ek
.Xc
-Extract a routing entry from the kernel.
-If
-.Fl gateway
-is specified, only routes whose gateway are in the
-same address family as the destination are shown.
+Display the route to
+.Ar destination .
+If multiple routes to the destination exist,
+a specific route may be selected by specifying the priority
+and/or a gateway.
.Pp
.It Xo
.Nm
.Op Fl n
.Op Fl T Ar rtable
-.Tg
.Cm monitor
-.Op Ar modifier ...
+.Op Ar family
+.Op Fl iface
.Xc
-Continuously report any changes to the routing information base,
-routing lookup misses, or suspected network partitionings.
-.Pp
-When the address family is specified by any one of the
-.Ar family
-modifiers (listed below), only routes having destinations with addresses
-in the delineated family will be shown.
-If the
+Continuously report any changes to the routing information base.
+The information reported can be limited to a specific address family,
+a specific routing table
+using the
+.Fl T
+option,
+or interface specific messages (link state changes) using the
.Fl iface
-modifier is used, only interface specific messages (link state changes)
-are shown.
-If a routing table is supplied with
-.Fl T ,
-only changes in that routing table will be displayed.
+modifier.
.Pp
.It Xo
.Ic route
.Op Fl dtv
.Op Fl T Ar rtable
-.Tg
.Cm nameserver
.Ar interface
.Op Ar address ...
@@ -184,12 +353,11 @@ a request to remove the nameservers for the given interface is sent.
.Nm route
.Op Fl nv
.Op Fl T Ar rtable
-.Tg
.Cm show
.Op Ar family
.Op Fl gateway
.Op Fl label Ar label
-.Op Fl priority Ar priority
+.Op Fl priority Ar n
.Xc
Display the routing table.
.Pp
@@ -224,7 +392,7 @@ The mapping between letters and flags is:
.It 1 Ta Dv RTF_PROTO1 Ta "Protocol specific routing flag #1."
.It 2 Ta Dv RTF_PROTO2 Ta "Protocol specific routing flag #2."
.It 3 Ta Dv RTF_PROTO3 Ta "Protocol specific routing flag #3."
-.It B Ta Dv RTF_BLACKHOLE Ta "Just discard pkts (during updates)."
+.It B Ta Dv RTF_BLACKHOLE Ta "Just discard packets."
.It b Ta Dv RTF_BROADCAST Ta "Correspond to a local broadcast address."
.It C Ta Dv RTF_CLONING Ta "Generate new routes on use."
.It c Ta Dv RTF_CLONED Ta "Cloned routes (generated from RTF_CLONING)."
@@ -247,328 +415,79 @@ The mapping between letters and flags is:
.It Xo
.Ic route
.Op Fl T Ar rtable
-.Tg
.Cm sourceaddr
.Op Fl inet Ns | Ns Fl inet6
+.Op Fl ifp Ar ifname
.Op Ar address
.Xc
-.It Xo
-.Ic route
-.Op Fl T Ar rtable
-.Tg
-.Cm sourceaddr
-.Op Fl inet Ns | Ns Fl inet6
-.Fl ifp
-.Ar interface
-.Xc
Set the preferred source address.
If
.Ar address
-is the word "default", 0.0.0.0 or ::, source address will
-be chosen by the kernel for the matching address family.
-When
-.Ar address
-is omitted, preferred source address is printed if set.
+is omitted, the preferred source address is printed, if set.
If
.Fl ifp
-is used, source will use IP assigned to
-.Ar interface .
-The preferred source will not be used when:
-.Pp
-.Bl -bullet -compact
-.It
-destination is on-link
-.It
-source address is assigned to a disabled interface
-.El
+is used, the address assigned to the interface
+.Ar ifname
+is used.
+The preferred source address is not used if the destination is on-link
+or the source address is assigned to a disabled interface.
.El
+.Ss Address notation and interpretation
+Addresses are assumed to be IPv4 unless they contain a colon,
+in which case they are treated as IPv6.
+Alternatively they may be specified as belonging to a particular address family
+using one of the following modifiers:
.Pp
-.Tg destination
-.Tg gateway
-The other commands relating to adding, changing, or deleting routes
-have the syntax:
-.Pp
-.Bl -tag -width Fl -compact
-.It Xo
-.Nm route
-.Op Fl dnqtv
-.Op Fl T Ar rtable
-.Tg
-.Cm add
-.Op Ar modifier ...
-.Ar destination gateway
-.Xc
-.It Xo
-.Nm route
-.Op Fl dnqtv
-.Op Fl T Ar rtable
-.Tg
-.Cm change
-.Op Ar modifier ...
-.Ar destination gateway
-.Xc
-.It Xo
-.Nm route
-.Op Fl dnqtv
-.Op Fl T Ar rtable
-.Tg delete
-.Tg
-.Cm del Ns Op Cm ete
-.Op Ar modifier ...
-.Ar destination gateway
-.Xc
+.Bl -tag -width "-inet6XXX" -offset indent -compact
+.It Fl inet
+IPv4 addresses;
+see
+.Xr ip 4
+.It Fl inet6
+IPv6 addresses;
+see
+.Xr ip6 4
+.It Fl link
+hardware (link-level) addresses
+.It Fl mpls
+MPLS addresses
+.It Fl sa
+actual
+.Vt sockaddr
+data, in hexadecimal format
.El
.Pp
.Ar destination
-is the destination host or network;
-.Ar gateway
-is the next-hop intermediary via which packets should be routed.
-Routes to a particular host may be distinguished from those to
-a network by interpreting the Internet address specified as the
-.Ar destination
-argument.
-The optional modifiers
-.Tg
-.Fl net
-and
-.Tg
-.Fl host
-cause the destination to be interpreted as a network or a host, respectively.
-Otherwise, type is chosen based on the following rules:
-.Pp
-.Tg default
-The route is assumed to be to a network if any of the following apply to
-.Ar destination :
+is assumed to be a route to a network
+if any of the following apply:
.Pp
.Bl -bullet -compact
.It
-it is the word "default", equivalent to 0/0
+the
+.Fl net
+modifier is used
.It
-it is an IPv4 address with less than 3 dots
+it is the word "default", equivalent to 0/0 or ::/0
.It
-it is an IPv4 address with a
+it is an address with a
.Dq / Ns Em XX
-suffix (where
+suffix, where
.Em XX
is the number of bits in the network portion of the address
-and is less than 32)
.It
-it is an IPv6 address with a
-.Dq / Ns Em XX
-suffix (where
-.Em XX
-is the number of bits in the network portion of the address
-and is less than 128)
-.It
-it is the symbolic name of a network.
-.El
-.Pp
-If
-.Ar destination
-is a valid IP address or host name, it is presumed to be a route to a host.
-.Pp
-For example,
-.Li 192.168.1.1
-is interpreted as
-.Fl host Li 192.168.1.1
-and
-.Li 192.168.1
-is interpreted as
-.Fl net Li 192.168.1 .
-Note, however, that
-.Li 192.168.2.0
-will be interpreted as
-.Fl host Li 192.168.2.0
-since it is a complete IP address with 3 dots.
-In this case the number of bits in the network portion of the address must
-be explicitly listed, for example
-.Li 192.168.2.0/24 ,
-.Li 192.168.2/24 ,
-or alternately
-.Li 192.168.2 .
-.Pp
-If the destination is directly reachable
-via an interface requiring
-no intermediary system to act as a gateway, the
-.Tg
-.Fl iface
-modifier should be specified;
-the gateway given is the address of this host on the common network,
-indicating the interface to be used for transmission.
-.Pp
-To allow addresses to be interpreted as belonging to a particular address
-family (as well as for use in the
-.Tg
-.Ar family
-arguments to some commands), the following modifiers may be used:
-.Pp
-.Bl -tag -width -inet6 -compact
-.It Fl inet
-Internet Protocol version 4 (IPv4) addresses
-(see
-.Xr ip 4 )
-.It Fl inet6
-Internet Protocol version 6 (IPv6) addresses
-(see
-.Xr ip6 4 )
-.It Fl link
-Hardware (link-level) addresses
-.It Fl mpls
-MPLS addresses
-.It Fl sa
-Actual
-.Vt sockaddr
-data, in hexadecimal format
-.El
-.Pp
-In the absence of modifiers, an address is assumed to be IPv4,
-unless containing a
-.Sq :\&
-character, when it is treated as IPv6.
-.Pp
-The optional modifier
-.Fl link
-specifies that all subsequent addresses are specified as link-level addresses,
-and the names must be numeric specifications rather than
-symbolic names.
-.Pp
-The optional
-.Tg
+it specifies the network portion either with
.Fl netmask
-qualifier is intended to manually add subnet routes with
-netmasks different from that of the implied network interface
-(as would otherwise be communicated using a routing protocol).
-One specifies an additional ensuing address parameter
-(to be interpreted as a network mask).
-The implicit network mask generated in the
-.Dv AF_INET
-case
-can be overridden by making sure this option follows the
-.Ar destination
-parameter.
-.Tg
-.Fl prefixlen
-is also available for a similar purpose, for IPv6/v4.
-.Pp
-A specific routing priority can be specified with the optional
-.Tg
-.Fl priority
-qualifier.
-If no priority is specified, the kernel will set a priority depending on the
-.Dv RTF_STATIC
-flag to either
-.Dv RTP_STATIC
or
-.Dv RTP_DEFAULT .
-Note that priority 1 is reserved for kernel use.
-.Pp
-The optional
-.Tg
-.Fl mpath
-modifier needs to be specified with the
-.Cm add
-command to be able to enter multiple gateways for the same destination address
-(multipath).
-When multiple routes exist for a destination, one route is selected based
-on the source address of the packet.
-The
-.Xr sysctl 8
-variables
-.Va net.inet.ip.multipath
-and
-.Va net.inet6.ip6.multipath
-are used to control multipath routing.
-If set to 1,
-multiple routes with the same priority are used equally;
-if set to 0,
-the first route selected will be used for subsequent packets to that
-destination regardless of source.
-.Pp
-When inserting MPLS routes,
-particular modifiers must be used.
-The
-.Tg
-.Fl mplslabel
-modifier needs to be specified in an ingress LSR to associate a particular
-label to an IPv4/IPv6 route.
-The MPLS traffic
-.Fl in
-and
-.Fl out
-modifiers are intended to identify the ingress label and, optionally,
-the outgoing one.
-Additionally, one of the following operations must be used:
-.Fl push ,
-.Fl pop
-and
-.Fl swap .
-Route's nexthop can be specified with the modifier
-.Fl inet .
-.Pp
-Routes have associated flags which influence operation of the protocols
-when sending to destinations matched by the routes.
-These flags may be set (or sometimes cleared)
-by indicating the following corresponding modifiers:
-.Bl -column "-blackhole" "RTF_BLACKHOLE" "description"
-.It Fl blackhole Ta Dv RTF_BLACKHOLE Ta "silently discard pkts (during updates)"
-.It Fl cloning Ta Dv RTF_CLONING Ta "generates a new route on use"
-.It Fl iface Ta Pf ~ Dv RTF_GATEWAY Ta "destination is directly reachable"
-.It Fl llinfo Ta Dv RTF_LLINFO Ta "validly translates proto addr to link addr"
-.It Fl mpath Ta Dv RTF_MPATH Ta "multiple gateways for a destination exist"
-.It Fl nostatic Ta Pf ~ Dv RTF_STATIC Ta "pretend route added by kernel or daemon"
-.It Fl proto1 Ta Dv RTF_PROTO1 Ta "set protocol specific routing flag #1"
-.It Fl proto2 Ta Dv RTF_PROTO2 Ta "set protocol specific routing flag #2"
-.It Fl reject Ta Dv RTF_REJECT Ta "emit an ICMP unreachable when matched"
-.It Fl static Ta Dv RTF_STATIC Ta "manually added route"
-.El
-.Pp
-The optional modifiers
-.Fl expire
-and
-.Fl mtu
-provide initial values to quantities maintained in the routing entry
-by transport level protocols, such as TCP (see
-.Xr tcp 4 ) .
-They have the following meanings:
-.Pp
-.Bl -tag -width "-priority n" -compact
-.It Fl expire Ar n
-Lifetime for route (e.g., if generated by a redirect).
-.It Fl mtu Ar n
-Maximum transmission unit (MTU) size for this path.
+.Fl prefixlen
.El
.Pp
-These may be individually locked by preceding each such modifier to
-be locked by
-the
-.Tg
-.Fl lock
-meta-modifier, or one can
-specify that all ensuing metrics may be locked by the
-.Fl lockrest
-meta-modifier.
-.Pp
-In a
-.Cm change
-or
-.Cm add
-command where the destination and gateway are not sufficient to specify
-the route, the
-.Tg
-.Fl ifp
-or
-.Tg
-.Fl ifa
-modifiers may be used to determine the interface name or interface address.
-.Pp
-The optional
-.Tg
-.Fl label
-modifier specifies on route addition or modification that the route
-should have the given
-.Em label
-associated with it.
-Route labels can be used to attach arbitrary information to a route.
+If
+.Ar destination
+is a valid IP address or host name,
+or the
+.Fl host
+modifier is used,
+it is assumed to be a route to a host.
.Pp
All symbolic names specified for a
.Ar destination
@@ -576,18 +495,6 @@ or
.Ar gateway
are looked up using
.Xr gethostbyname 3 .
-.Pp
-.Nm
-uses a routing socket (see
-.Xr route 4 )
-and the message types
-.Dv RTM_ADD ,
-.Dv RTM_DELETE ,
-.Dv RTM_GET ,
-and
-.Dv RTM_CHANGE .
-As such, only the superuser may modify
-the routing tables.
.Sh FILES
.Bl -tag -width "/etc/mygate" -compact
.It Pa /etc/hosts
@@ -596,6 +503,11 @@ host and network name database
default gateway address
.El
.Sh EXAMPLES
+Show the current IPv4 routing tables,
+without attempting to print hostnames symbolically:
+.Pp
+.Dl $ route -n show -inet
+.Pp
Add a static
.Xr inet 4
route to the 192.168.5.0/24 network via the 192.168.0.1 gateway:
@@ -651,21 +563,14 @@ low on resources and was unable to allocate memory
to create the new entry.
.El
.Sh SEE ALSO
-.Xr id 1 ,
-.Xr netstat 1 ,
.Xr gethostbyname 3 ,
-.Xr netintro 4 ,
+.Xr inet_net_pton 3 ,
+.Xr inet_pton 3 ,
.Xr route 4 ,
.Xr rtable 4 ,
-.Xr tcp 4 ,
.Xr hosts 5 ,
.Xr mygate 5 ,
-.Xr resolv.conf 5 ,
-.Xr bgpd 8 ,
-.Xr ospfd 8 ,
-.Xr resolvd 8 ,
-.Xr ripd 8 ,
-.Xr sysctl 8
+.Xr netstart 8
.Sh HISTORY
The
.Nm