Static routing

note

The NetFoundry zLAN firewall does not manage static routing. You must configure and manage your own routes using standard Linux tools. This page covers common operations for managing static routes with the ip command.

What is a static route?

A static route is a manually configured network route that tells the system how to reach a specific network or IP address using a designated path (gateway). Static routes do not change automatically, and are commonly used when:

• Connecting to remote networks via a specific gateway
• Isolating traffic through certain interfaces
• Working with networks not reachable via the default route

View the routing table

To view the current routing table:

ip route show

Example output:

default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100

Explanation:

• default via 192.168.1.1 dev eth0: All traffic not matched by more specific rules will go through 192.168.1.1 on eth0.
• 192.168.1.0/24 dev eth0: Traffic to the 192.168.1.0/24 network is sent directly via the local interface eth0.

Add a static route

To add a static route:

sudo ip route add <destination> via <gateway> dev <interface>

Examples:

• Add a route to a remote network:

  sudo ip route add 10.0.2.0/24 via 192.168.1.1 dev eth0

• Add a route to a single host:

  sudo ip route add 203.0.113.50 via 192.168.1.1 dev eth0

• Use a specific source IP:

  sudo ip route add 10.10.20.0/24 via 192.168.1.1 dev eth0 src 192.168.1.100

Delete a static route

To remove a static route:

sudo ip route del <destination> via <gateway> dev <interface>

Or, if there's only one matching route for that destination:

sudo ip route del <destination>

Make routes persistent

By default, routes added with ip route are not persistent—they are lost after a reboot.

Ubuntu/Debian

Netplan

Newer Ubuntu and Debian versions use Netplan for network configuration. To create a persistent static route:

1. Find your Netplan config file (e.g. /etc/netplan/01-netcfg.yaml)
2. Edit it to include the static route:

   network:
     version: 2
     ethernets:
       eth0:
         dhcp4: no
         addresses:
           - 192.168.1.100/24
         gateway4: 192.168.1.1
         routes:
           - to: 10.0.2.0/24
             via: 192.168.1.1

3. Apply the changes:

   sudo netplan apply

note

You can add multiple routes under the routes: list.

Legacy ifupdown

If your system uses the older /etc/network/interfaces method:

iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0
    gateway 192.168.1.1
    up ip route add 10.0.2.0/24 via 192.168.1.1 dev eth0

RedHat/CentOS/Rocky/AlmaLinux

Create or edit the file /etc/sysconfig/network-scripts/route-eth0:

10.0.2.0/24 via 192.168.1.1 dev eth0

Restart networking:

sudo systemctl restart network

Summary of commands

Action	Command Example
View routes	ip route show
Add route to network	sudo ip route add 10.0.2.0/24 via 192.168.1.1 dev eth0
Add route to host	sudo ip route add 203.0.113.50 via 192.168.1.1 dev eth0
Delete a route	sudo ip route del 10.0.2.0/24 via 192.168.1.1 dev eth0
Persistent (Ubuntu/Debian)	Add route to routes: section in /etc/netplan/*.yaml or use up ip route add ... in /etc/network/interfaces
Persistent (RedHat/CentOS/Rocky/AlmaLinux)	Use /etc/sysconfig/network-scripts/route-<interface>

Troubleshoot routing issues

• Use ip route get <IP> to see which path a packet will take:

  ip route get 10.0.2.10

• Check available interfaces:

  ip link show

• Confirm that the gateway is reachable:

  ping <gateway-ip>

• Use traceroute <ip> to see the path packets are taking:

  sudo apt install traceroute   # Debian/Ubuntu
  sudo yum install traceroute   # RHEL/CentOS
  traceroute 10.0.2.10