ip-route-get

Print route to a destination

$ ip [[r|route]] [[g|get]] [1.1.1.1]

$ ip [[r|route]] [[g|get]] [destination] from [source]

$ ip [[r|route]] [[g|get]] [destination] iif [ethX]

$ ip [[r|route]] [[g|get]] [destination] oif [ethX]

$ ip [[r|route]] [[g|get]] [destination] tos [0x10]

$ ip [[r|route]] [[g|get]] [destination] vrf [myvrf]

ip route get DESTINATION [from ADDRESS] [iif NAME] [oif NAME] [tos TOS] [mark MARK] [uid UID] [ipproto PROTOCOL] [sport PORT] [dport PORT] [pref SRC_PREF] [metric METRIC] [via GW] [src ADDRESS] [vrf NAME]

DESTINATION
    The target IP address or network prefix for which to perform the routing lookup (e.g., 192.168.1.1, 10.0.0.0/8).

from ADDRESS
    Specifies the source IP address of the hypothetical packet. This can influence policy routing decisions.

iif NAME
    Simulates the packet arriving on a specific input interface (e.g., eth0, lo). Useful for troubleshooting incoming traffic paths.

oif NAME
    Simulates the packet being sent out a specific output interface. Less common for 'get' but allows testing explicit paths.

tos TOS
    Specifies the Type of Service byte (or DSCP value) for the hypothetical packet, affecting routes based on TOS.

mark MARK
    Specifies the firewall mark (fwmark) associated with the packet, critical for testing policy routing rules that use marks.

uid UID
    Specifies the user ID of the process originating the packet, used in policy routing for user-specific rules.

ipproto PROTOCOL
    Specifies the IP protocol number (e.g., 6 for TCP, 17 for UDP) for the packet, influencing protocol-specific rules.

sport PORT
    Specifies the source port number for the packet, used in conjunction with 'ipproto'.

dport PORT
    Specifies the destination port number for the packet, used in conjunction with 'ipproto'.

pref SRC_PREF
    Specifies the source address preference, used in advanced policy routing to select a preferred source IP.

metric METRIC
    Considers routes with a specific metric value. Not commonly used to force a route, but for testing.

via GW
    Simulates routing a packet through a specific gateway, overriding the default gateway selection logic.

src ADDRESS
    Explicitly requests the kernel to use this source IP address for the lookup. Similar to 'from'.

vrf NAME
    Specifies the Virtual Routing and Forwarding (VRF) table to perform the lookup within.

The ip route get command is a powerful diagnostic tool within the iproute2 suite, used to simulate how the Linux kernel would route packets to a specific destination.

Unlike ip route show, which lists the entire routing table, ip route get performs a live lookup, mimicking the kernel's routing logic for a hypothetical packet.

It provides detailed information about the chosen route, including the output interface (dev), the gateway (via), the source IP address that would be used (src), and various metrics or flags (e.g., cache).

This command is invaluable for troubleshooting connectivity issues, verifying policy routing rules, and understanding why certain traffic might be taking an unexpected path. It allows administrators to test different routing scenarios by specifying parameters like the incoming interface, source address, or even firewall marks, helping to pinpoint routing misconfigurations without sending actual traffic.

The ip route get command performs a simulation of the kernel's routing decision, not an actual packet transmission. Therefore, it does not account for external factors like firewalls, NAT devices, or network congestion outside the host. The output reflects only what the kernel's routing table would choose based on its internal rules. Complex queries involving parameters like mark or uid may require root privileges. While powerful, it doesn't provide insight into why a particular route was chosen from a policy perspective, only what route was chosen.

Troubleshooting Connectivity: Determine the exact path (interface, gateway, source IP) a packet would take to a specific destination.

Verifying Source IP Selection: Use the src option to simulate traffic originating from a particular address and see which source IP the kernel would select for the outgoing packet.

Understanding Policy Routing: Test how different firewall marks (mark) or user IDs (uid) might influence routing decisions based on configured policy routing rules.

The output typically shows:
src ADDRESS: The source IP address the kernel would use.
via GATEWAY: The next-hop gateway for the destination.
dev INTERFACE: The outgoing network interface.
cache: Indicates if the route is from the routing cache (common for frequently used routes).
Other fields like metric, prefsrc, expires may also be present, providing further details about the route's properties.

The ip route get command is an integral part of the iproute2 utility suite, which was developed to replace the older, less feature-rich net-tools commands (like ifconfig and route) in modern Linux distributions. Initiated primarily by Alexey Kuznetsov, iproute2 provides a more consistent, flexible, and powerful interface for network configuration and management, particularly well-suited for complex networking setups involving policy routing, VRFs, and traffic control. The get subcommand specifically offers a unique diagnostic capability that was largely absent in earlier toolsets, reflecting the increasing need for precise routing analysis in contemporary network environments.

ip(8), ip-route(8), ip-rule(8), route(8)