The routeadm command is used to administer system-wide
configuration for IP forwarding and routing. IP forwarding is the passing of
IP packets from one network to another; IP routing is the use of a routing
protocol to determine routes.
IP forwarding and routing functions are also represented as
services within the service management facility (SMF), and can be
administered by means of svcadm(8) also, using the following fault
management resource identifiers (FMRIs):
svc:/network/ipv4-forwarding:default
svc:/network/ipv6-forwarding:default
svc:/network/routing/route:default
svc:/network/routing/ripng:default
See EXAMPLES for relevant examples.
In addition to enabling and disabling routing and forwarding,
routeadm is used to interact with SMF-based routing daemon services.
Routing daemon services are identified by the presence of a routeadm
application property group, which routeadm uses in administering the
given service. Routing daemon services can also specify properties relating
to their operation in the routing application property group; these
can be modified by means of routeadm -m. If an FMRI for a service without
such a property group is specified, an error is issued and the operation is
not carried out. If a routing daemon has not been converted to SMF, the
ipv4[or 6]-routing-daemon, ipv4[or
6]-routing-daemon-args, and ipv4[or 6]-routing-stop-cmd
variables can be used to specify the appropriate daemon for IPv4 or IPv6
routing. routeadm will then run that daemon using the
svc:/network/routing/legacy-routing:ipv4[or 6] service as
appropriate. This conversion process occurs when you issue an enable
(-e), disable (-d) or an update (-u) command.
The first usage, in the SYNOPSIS above, reports the current
configuration.
The following command-line options are supported:
-p [option]
Print the configuration in parsable format. If
option is specified, only the configuration for the specified option or
variable is displayed.
-R root-dir
Specify an alternate root directory where
routeadm
applies changes.
Note -
The root file system of any non-global zones must not be
referenced with the
-R option. Doing so might damage the global zone's
file system, might compromise the security of the global zone, and might
damage the non-global zone's file system. See
zones(7).
-e option...
Enable the specified option. The effect is to prepare the
associated services (svc:/network/ipv4-forwarding:default in the case
of ipv4-forwarding) for enabling. By means of the routing-svcs
variable, the routing daemons are specified to be enabled on subsequent boot
or when routeadm -u is run.
-d option...
Disable the specified option. The effect is to prepare
the associated services (svc:/network/ipv4-forwarding:default in the
case of ipv4-forwarding) for enabling. By means of the
routing-svcs variable, the routing daemons are specified to be disabled
on subsequent boot or when routeadm -u is run.
-l fmri
List all properties in the routing application property
group for the SMF routing daemon service.
-m fmri key=value
Change property value of property key to
value in routing application property group for the SMF routing daemon
service. For multi-valued properties, the property name can be used multiple
times in the modify operation, and each associated value will be added.
-r option...
Revert the specified option to the system default. The
system defaults are specified in the description of each option.
-u
Apply the currently configured options to the running
system. These options might include enabling or disabling IP forwarding and
launching or killing routing daemons, if any are specified. It does not alter
the state of the system for those settings that have been set to default. This
option is meant to be used by administrators who do not want to reboot to
apply their changes. In addition, this option upgrades non-SMF configurations
from the invocations of daemon stop commands, which might include a set of
arguments, to a simple enabling of the appropriate service.
-s key=value
Specify string values for specific variables in a
comma-separated list with no intervening spaces. If invalid options are
specified, a warning message is displayed and the program exits. The following
variables can be specified:
routing-svcs=fmrilist
Specifies the routing daemon services to be enabled.
Routing daemon services are determined to be IPv4 or IPv6 (and so enabled or
disabled when routeadm -e/-d ipv4[or
6]-routing is run) on the basis of property values in the
routeadm application property group. Default: route:default
ripng:default
ipv4-routing-daemon=<full_path_to_routing_daemon>
Specifies the routing daemon to be started when
ipv4-routing is enabled. The routing daemon specified must be an
executable binary or shell-script. If the specified program maps to an SMF
service, the service will be used, and daemon arguments to the program will be
transferred to the properties of the service at enable time. Default:
""
ipv4-routing-daemon-args=<args>
Specifies the startup arguments to be passed to the
ipv4-routing-daemon when ipv4-routing is enabled. Default: no
arguments
ipv4-routing-stop-cmd=<command>
Specifies the command to be executed to stop the routing
daemon when
ipv4-routing is disabled.
<command> can be an
executable binary or shell-script, or a string that can be parsed by
system(3C). Default:
""ipv6-routing-daemon=<full_path_to_routing_daemon>
Specifies the routing daemon to be started when
ipv6-routing is enabled. The routing daemon specified must be an
executable binary or shell-script. If the specified program maps to an SMF
service, the service will be used, and daemon arguments to the program will be
transferred to the properties of the service at enable time. Default:
""
ipv6-routing-daemon-args=<args>
Specifies the startup arguments to be passed to the
ipv6-routing-daemon when ipv6-routing is enabled. Default:
""
ipv6-routing-stop-cmd=<command>
Specifies the command to be executed to stop the routing
daemon when
ipv6-routing is disabled.
<command> can be an
executable binary or shell-script, or a string that can be parsed by
system(3C). Default:
""Multiple -e, -d, and -r options can be
specified on the command line. Changes made by -e, -d, and
-r are persistent, but are not applied to the running system unless
routeadm is called later with the -u option.
Use the following options as arguments to the -e,
-d, and -r options (shown above as option...).
ipv4-forwarding
Controls the global forwarding configuration for all IPv4
interfaces. The system default is
disabled. If enabled, IP will forward
IPv4 packets to and from interfaces when appropriate. If disabled, IP will not
forward IPv4 packets to and from interfaces when appropriate. The SMF service
associated with this configuration variable is
svc:/network/routing/ipv4-forwarding. This service will be enabled or
disabled as appropriate when
routeadm is called with the
u
option. As an alternative, you can use
svcadm(8). Services that require
ipv4-forwarding to be enabled should specify a dependency on this
service.
ipv4-routing
Determines whether an IPv4 routing daemon is run. The
system default is
enabled unless the
/etc/defaultrouter file
exists (see
defaultrouter(5)), in which case the default is
disabled. The value of this option reflects the state of all IPv4
routing services, such that if any IPv4 routing service is enabled,
ipv4-routing is enabled. This allows users to interact with routing
services using
svcadm(8), as well as through
routeadm. IPv4
routing services, specified by means of the
routing-svcs variable, will
be prepared for enable on next boot when the user explicitly enables
ipv4-routing. The SMF routing daemon service for
in.routed
(
svc:/network/routing/route:default) is specified by default.
ipv6-forwarding
Controls the global forwarding configuration for all IPv6
interfaces. The system default is
disabled. If enabled, IP will forward
IPv6 packets to and from interfaces when appropriate. If disabled, IP will not
forward IPv6 packets to and from interfaces when appropriate. The SMF service
associated with this configuration variable is
svc:/network/routing/ipv6-forwarding. This service will be enabled or
disabled as appropriate when
routeadm is called with the
-u
option, or
svcadm(8) is used. Services that require
ipv6-forwarding to be enabled should specify a dependency on this
service.
ipv6-routing
Determines whether an IPv6 routing daemon is run. The
system default is
disabled. The value of this option reflects the state
of all IPv6 routing services, such that, if any IPv6 routing service is
enabled,
ipv6-routing is enabled. This allows users to interact with
routing services via
svcadm(8) as well as through
routeadm. IPv6
routing services, specified by means of the
routing-svcs variable, will
be prepared for enable on next boot when the user explicitly enables
ipv6-routing. The SMF routing daemon service for
in.ripngd
(
svc:/network/routing/ripng:default) is specified by default.
The forwarding and routing settings are related but not mutually
dependent. For example, a router typically forwards IP packets and uses a
routing protocol, but nothing would prevent an administrator from
configuring a router that forwards packets and does not use a routing
protocol. In that case, the administrator would enable forwarding, disable
routing, and populate the router's routing table with static routes.
The forwarding settings are global settings. Each interface also
has an IFF_ROUTER forwarding flag that determines whether packets can
be forwarded to or from a particular interface. That flag can be
independently controlled by means of ifconfig(8)'s router option.
When the global forwarding setting is changed (that is, -u is issued
to change the value from enabled to disabled or vice-versa),
all interface flags in the system are changed simultaneously to reflect the
new global policy. Interfaces configured by means of DHCP automatically have
their interface-specific IFF_ROUTER flag cleared.
When a new interface is plumbed by means of ifconfig, the
value of the interface-specific forwarding flag is set according to the
current global forwarding value. Thus, the forwarding value forms the
"default" for all new interfaces.
Example 1 Enabling IPv4 Forwarding
IPv4 forwarding is disabled by default. The following command
enables IPv4 forwarding:
example# routeadm -e ipv4-forwarding
Example 2 Apply Configured Settings to the Running
System
In the previous example, a system setting was changed, but will
not take effect until the next reboot unless a command such as the following
is used:
example# routeadm -u
An alternative to the above two steps is to simply enable the
equivalent SMF service:
example# svcadm enable svc:/network/ipv4-forwarding
...or, using the abbreviated FMRI:
example# svcadm enable ipv4-forwarding
Example 3 Making a Setting Revert to its Default
To make the setting changed in the first example revert to its
default, enter the following:
example# routeadm -r ipv4-forwarding
example# routeadm -u
Example 4 Starting in.routed with the -q
Flag
Setting the -q flag is represented in the SMF service by
setting the quiet_mode property to true. The following sequence of
commands starts in.routed with the -q flag:
example# routeadm -m route:default quiet_mode=true
example# routeadm -e ipv4-routing -u
See in.routed(8) for details of property names and how they
relate to daemon behavior.