LinuxCommandLibrary

ip-route-add

Add routing table entries

TLDR

Add a default route using gateway forwarding

$ sudo ip [[r|route]] [[a|add]] default via [gateway_ip]
copy

Add a default route using ethX
$ sudo ip [[r|route]] [[a|add]] default dev [ethX]
copy

Add a static route
$ sudo ip [[r|route]] [[a|add]] [destination_ip] via [gateway_ip] dev [ethX]
copy

Add a route to a specific routing table
$ sudo ip [[r|route]] [[a|add]] [destination_ip] dev [ethX] [[t|table]] [ip_address]
copy

SYNOPSIS

ip route add TO PREFIX [from PREFIX] [via NAME] [dev STRING] [options...]

PARAMETERS

to PREFIX
    Destination prefix (IPv4/IPv6) to match

from PREFIX
    Source prefix for route matching

dev STRING
    Outgoing device name

via NAME
    Next-hop gateway address

src ADDRESS
    Source address for outgoing packets

metric NUMBER
    Route preference metric (lower is preferred)

mtu NUMBER
    MTU for path

window NUMBER
    TCP window clamping

rtt TIME
    Initial RTT estimate (e.g., 2s)

initcwnd NUMBER
    Initial congestion window

type TYPE
    unicast|local|blackhole|broadcast|multicast|prohibit|unreachable|throw|xresolve

scope SCOPE
    global|site|link|host

protocol PROTOCOL
    kernel|boot|static|ra|man|...

onlink
    Treat route as directly connected

table TABLE_ID
    Routing table ID or name (default main)

pref MEDIUM
    Preference level: low|medium|high

vrf NAME
    VRF device name

iif STRING
    Incoming interface for encapsulation

DESCRIPTION

The ip route add command, part of the iproute2 suite, dynamically adds a route to the kernel's routing table, enabling control over packet forwarding. It replaces legacy route command with more flexible syntax supporting multiple tables, policy routing, and advanced metrics.

It specifies destinations (TO PREFIX), next hops (via), devices (dev), and attributes like metrics or scopes. Routes can be unicast, blackhole, or multipath. Essential for VPNs, multi-homed hosts, or traffic engineering.

Requires root privileges. Changes persist until reboot unless added to config files like /etc/network/interfaces or via systemd-networkd. Use ip route show to verify. Errors like 'RTNETLINK answers: Network is unreachable' indicate invalid nexthops.

CAVEATS

Requires root (use sudo). Invalid routes can cause network outage. Multipath needs equal metric. IPv6 prefers ip -6. Persists only until reboot without persistence tools.

EXAMPLE

ip route add 192.168.1.0/24 via 192.168.0.1 dev eth0 metric 100
Adds route for subnet via gateway on eth0.

MULTIPATH

ip route add 10.0.0.0/24 nexthop via 192.168.1.1 dev eth1 weight 1 nexthop via 192.168.2.1 dev eth2 weight 1
Balances via two paths.

HISTORY

Introduced in iproute2 (1999) by Alexey Kuznetsov as modern replacement for net-tools 'route'. Enhanced in Linux 2.2+ for policy routing; iproute2 v6+ adds VRF/multipath support.

SEE ALSO

ip route del(8), ip route show(8), ip route get(8), route(8), ss(8)

Copied to clipboard