Static Routes - Create or Remove

How to Create or Remove Static Routes in Windows 7 and 8​

   Information

This tutorial will show you how to create or remove static routes used to override the default gateway configured for certain networks. In this section I will be describing what a routing table is and how static routes play a role in this configuration.

What is a Routing Table?

A routing table is table that contains dictates who and what interface traffic should be sent to depending on the destination IP address. It is the primary component in the configuration of routers to ensure internetwork connectivity as packets are routed to their destination. For a Windows machine it is used to override the default gateway configured so you can introduce multiple networks and have the two networks be able to communicate with each other.

For example, consider this small routing table configured on a router:

When the router receives a packet with a destination IP address of 172.16.1.X ('X' being a value between 1 and 254) it will first look at it's routing table to find a corresponding route. With the scenario there is route that matches telling the router to route the packet to 10.1.1.2. From there 10.1.1.2 will look at its routing table and look for a similar route telling it where to forward the packet destined to the 172.16.1.0 network. This will continue until the packet reaches its destination. This is the main concept of how routers work. For Windows machines the same logic applies with the routing table being used to determine what interface and destination gateway/router to send the traffic to.

For example:

Any traffic destined to 10.1.1.X will be sent out the interface configured with the IP address of 192.168.0.30 to a destination gateway of 192.168.0.110. This may seem no different to normal however when put into perspective it can be seen that the default gateway configured is 192.168.0.1. This routing table overrides this use and allows traffic to be routed to any device you want.

______________________________________________________________________________

How do static routes come into this?

By default a routing table will only contain routes relevant to the default gateway and therefore does little to change the routing process. Static routes are manual entries made into the table to override the default gateway for allowing traffic to be exchanged between networks. The previous examples provided were examples of static routes made. They will typically have a gateway different to the default one configured as well as a low value for the metric.

   Warning

You need to be an Administrator to complete this.

   Tip

This also works for Windows 8 and 8.1. The same concepts apply to IPv6 as well should you have an environment to support it

   Note

Any route of '0.0.0.0' with a mask of '0.0.0.0' is a default route and is used for traffic going to your default gateway. DO NOT DELETE it otherwise all network traffic will be dropped.

Also, remember to configure a similar static route to go back to the source network otherwise reply packets will be dropped or sent to the default gateway and routed to the internet when not desired.

Add

Add a Static Route into the Routing Table

1. Open an Elevated Command Prompt.
a). Calculate the route you are going to add. You need to know the network, subnet mask and gateway that will be used. For example, I want to add a route for any traffic destined to 10.1.2.0 with a mask of 255.255.255.0 to go to a gateway of 192.168.0.6.
2. Entering the following command changing the variables as needed:
route add -p {network} mask {subnet mask} {gateway}
NOTE: If you do not receive an 'OK!' message then a parameter was wrong or missing

3. To verify enter in the following command to view the IPv4 routing table.
route print -4



______________________________________________________________________

Delete

Delete a Static Route from the Routing Table

1. Open an Elevated Command Prompt.
2. Entering the following command changing the variables as needed:
route delete {network} mask {subnet mask} {gateway}
NOTE: If you do not receive an 'OK!' message then a parameter was wrong or missing

3. To verify enter in the following command to view the IPv4 routing table.
route print -4


Now you're done! Your computer should now be routing traffic to the relevant gateway based on the IP address that you wish to access.

Hope This Helps,
Josh

 

[Britton30]

Josh this looks well thought out. I personally don't know what it means, but it's well done.

 

[Shadowjk]

Josh this looks well thought out. I personally don't know what it means, but it's well done.

Cheers Gary! It's for networks where there are two routers that you can use to access other networks. Since you can't configure multiple default gateways you would use static routes to dictate what router to use given the destination network that you wish to reach. For example, I may setup a static route that says, for any traffic going Google it should use my 2nd router but everything else just use the default gateway. Funky scenario but the concept applies

There was a couple of people that was doing some static routing on the network and sharing forum so I thought to make a tutorial to make it easier to explain and not have to use the post template which doesn't allow images.

Thanks!,
Josh

 

[Britton30]

Oh, I see now. You can possibly set multiple static routes to one gateway then?

 

[Shadowjk]

Yep, you certainly can! I may setup a static route that says to go to sevenforums and eightforums use one router and to go to vistaforums and nineforums use the other router.

Quite literaly, the possibilities are endless

 

[Britton30]

Cool stuff, thanks.

 

[Kaktussoft]

route -p add 10.10.10.0 mask 255.255.255.0 192.168.1.1

So add -p .... this will make it permanent (what you want in most cases, otherwise the setting will be gone after reboot). In will be stored in registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes

 

[Shadowjk]

route -p add 10.10.10.0 mask 255.255.255.0 192.168.1.1

So add -p .... this will make it permanent (what you want in most cases, otherwise the setting will be gone after reboot). In will be stored in registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes

Thanks! Tutorial updated.

I never had an issue after reboot though personally Though it might have something to do with me using a static IP address on my interface I do not know. Normally I do static routing or use a routing protocol at the router itself rather than client devices. Either way cheers for the heads up

Josh

 

[Kaktussoft]

Normally you configure routing in the router! Normaly static routes are defined to connect 2 subnets, let's call it subnetA and subnetB.

All computers on subnetA have to know where subnetB is..... so configure route to subenetB on subnetA's defaultgateway.

All computers on subnetB have to know where subnetA is..... so configure route to subenetA on subnetB's defaultgateway.

 

[Shadowjk]

Normally you configure routing in the router! Normaly static routes are defined to connect 2 subnets, let's call it subnetA and subnetB.

All computers on subnetA have to know where subnetB is..... so configure route to subenetB on subnetA's defaultgateway.

All computers on subnetB have to know where subnetA is..... so configure route to subenetA on subnetB's defaultgateway.

I would completely agree with you! Though my reason for this is that most home routers do not support the use of routing protocols (RIP, OSPF, ISIS you name it) or even static routing. They just have a default route to the internet...

Still, being able to do it on the client end can be useful for the average techy home user who has multiple subnets. Plus, scalability is typically not an issue for home users so manual configuration shouldn't be an issue.

Josh

 

[arisandy]

ask Route

Please i Have question and long time no answer

my laptop
IP = 192.168.1.89
mask = 255.255.255.0
gateway = 192.168.1.1
(manual setting or not DHCP)

and I have a openvpn client connect with my laptop and have address 10.0.0.10 (its fine).
and i have a computer with
IP = 192.168.1.95
mask = 255.255.255.0
gateway = 192.168.1.1

now i need access 10.0.0.1 from 192.168.1.95 computer, cause i dont want too much openvpn client on same network.
many time i route add -p it cannot be done.
please help me, i will be appreciate it. thanks a lot

 

[Shadowjk]

What is the exact command you are trying to enter? In order to reach the 10.0.0.1 address you would need to setup a default gateway and routing would happen on the default gateway. For a VPN solution you would typically have two separate networks joined by an intermediate one. For example:

192.168.1.0/24 -----------------------------10.0.0.0/24------------------------------------192.168.2.0/24

Where is the other end of the VPN connection going to?

Many Thanks,
Josh

 

[arisandy]

Thnks for answer Josh

how can i setup a default gateway?

i have vpn server on VPS ip is 10.0.0.1
and my laptop is connect with server on vps and ip is 10.0.0.10

so,
mylaptop My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.1

i'd set my laptop as a default gateway so like this,
mylaptop My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.89

i'd enable ip router, now i can access the internet its fine.
but i still cannot access 10.0.0.1-10.0.0.254
i need to access all vpn ip through that gw (192.168.1.89),
can you help me please?

 

[arisandy]

so i need mylaptop act as router.
on ubuntu im use ip masquerade with webmin. and im done with that i can access all vpn ip and internet of course.
on ubuntu is very easy to become default gateway, but in windows???

 

[Kaktussoft]

how can i setup a default gateway?

i have vpn server on VPS ip is 10.0.0.1
and my laptop is connect with server on vps and ip is 10.0.0.10

so,
mylaptop My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.1

i'd set my laptop as a default gateway so like this,
mylaptop My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.89

i'd enable ip router, now i can access the internet its fine.
but i still cannot access 10.0.0.1-10.0.0.254
i need to access all vpn ip through that gw (192.168.1.89),
can you help me please?

How can 10.0.0.1-10.0.0.254 know the route back?

 

[arisandy]

route back? im sorry what dou you mean?

 

[arisandy]

how can i setup a default gateway?

i have vpn server on VPS ip is 10.0.0.1
and my laptop is connect with server on vps and ip is 10.0.0.10

so,
mylaptop ------------------------ My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.1

i'd set my laptop as a default gateway so like this,
mylaptop ------------------------ My computer
IP 192.168.1.89 - - - - - - - - - - 192.168.1.95
VPN 10.0.0.10
Mask 255.255.255.0 - - - - - - - - - 255.255.255.0
gw 192.168.1.1 -- - - - - - - - - 192.168.1.89

i'd enable ip router, now i can access the internet its fine.
but i still cannot access 10.0.0.1-10.0.0.254
i need to access all vpn ip through that gw (192.168.1.89) from my computer (192.168.1.95) ,
can you help me please?

 

[Kaktussoft]

route back? im sorry what dou you mean?

"How can 10.0.0.1-10.0.0.254 know the route back?"

I mean if you send something to 10.0.0.x .... then 10.0.0.x should send a message back like "packet receied successfully". But how does he know the route to the original sender?

 

[arisandy]

ok ok i know now. the server is not know he came original packet or not. cause im use openvpn.
so, i make this very simple.
i have 2 different network on my laptop, so i need another computer connect to my computer to access internet and vpn.

 

[Shadowjk]

I think I just about understand what is going on....

On your laptop that you wish to act as the router you would need to set the following commands to enable routing as well as enable NAT so that the route back can be made. If you don't want to use NAT then simply make sure a valid route from 10.0.0.1 knows how to reach your computer on 192.168.1.95.

echo 1 > /proc/sys/net/ipv4/ip_forward

The above will allow your linux laptop (192.168.1.89) to be able to route traffic between interfaces.

iptables -t nat -A POSTROUTING -o [COLOR="Red"]{[I]OUTBOUND INTERFACE[/I]}[/COLOR] -j MASQUERADE

The above sets the outbound interface used to reach the VPN connection. Please replace the OUTBOUND interface section with the interface used to reach the VPN connection (10.0.0.10)... eth0, wlan0 .... etc.

iptables -A FORWARD --in-interface [COLOR="red"]{[I]INBOUND INTERFACE[/I]}[/COLOR] -j ACCEPT

The next command sets the inbound interface that connects to the same network as your computer. So the interface with an IP address of 192.168.1.89. Please replace the reference INBOUND interface with the relevant interface such as eth0, wlan0 ... etc.

Then simply set the route of the destination network from your computer side. For example, if you wish to access the the network of 192.168.2.0/24 using the VPN tunnel then you would input the following command onto your main computer:

route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.89

If you want to access the internet using the VPN connection then you would simply change the default gateway of your main computer to the laptops IP address. For example, you would change the default gateway from 192.168.1.1 to 192.168.1.89. Also, on your main laptop you should change the default gateway to the VPN of 10.0.0.1. This will cause a default route to be added and allow the internet traffic to flow to the VPN server.

   Note

The VPN server at the other end should have a default route in place in order to appropriately route the traffic otherwise your internet traffic would be dropped there.

Hopefully this makes sense and helps somewhat

Josh