6 Replies Latest reply on Jun 5, 2015 4:13 PM by mike18

    Route -n get command

    mike18

      Hi everyone,

       

      I am trying to check if Mcafee firewall has static route to destination.

      I run this command to know if firewall has route to destination 10.31.102.9

       

       

      route -n get 10.31.102.10

       

         route to: 10.31.102.10

      destination: 10.31.102.8??????????????????????what does  destination mean here?????

             mask: 255.255.255.248

        interface: 1-0

      if address: 10.31.102.13?????????????????????does it mean that firewall has route to destination via interface 1-0???????

           region: 1

            flags: <UP,DONE>

      recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire

             0         0         0         0      1500         1         0

       

      Regards

       

      Mike

        • 1. Re: Route -n get command
          sliedl

          'destination' is the IP address of the router to which the firewall will forward traffic for the IP address you specified in the command.

          'if address' is the IP address of the firewall interface through which this traffic will leave when destined to the IP address you specified in the command.

          • 2. Re: Route -n get command
            mike18

            If i run the same command for different IP address it shows this output

             

            route -n get 192.16.10.220

               route to: 192.16.10.220

            destination: 192.16.10.128

                   mask: 255.255.255.128

                gateway: 10.31.102.18*******************************************

              interface: 1-1

            if address: 10.31.102.17

                 region: 2

                  flags: <UP,GATEWAY,DONE,PROTO1>

            recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire

                   0         0         0         0      1500         1         0

             

            Need to understand why it shows gateway address here?

            Does it mean that traffic to 172.16.10.220 will leave via router 192.168.10.128 via firewall inetrface IP 10.31.102.17?

            What role does Gateway IP 10.31.102.18 plays here?

             

            Best Regards

             

            Mike

            • 3. Re: Route -n get command
              sliedl

              Oh sorry, the output does change when you have explicit routes configured.  The firewall I tested on only had the 'interface routes' and the 'default' route so I didn't see this same output.


              The 'destination' appears to be the broadcast address of the network-route you added.  I believe if you add a host-route instead then the 'destination' will be the same as the IP address you specified in the command (with a mask of 255.255.255.255).


              The 'gateway' is the IP address of the router to which the firewall will forward this traffic.

               

              In your first output you already have an interface on the same subnet as the IP address you specified so there is no 'gateway' specified there (since the firewall will just ARP and forward the traffic to that destination IP).

              • 4. Re: Route -n get command
                mike18

                Hi Sliedl,

                 

                Correct me if i am wrong but destination 192.16.10.128 is network address.

                Broadcast address will be 192.16.10.255.

                 

                Regards

                Mike

                • 5. Re: Route -n get command
                  sliedl

                  Yes, sorry, I mixed that one up, you're correct.

                  • 6. Re: Route -n get command
                    mike18

                    Many thanks for answering the question.

                     

                    Regards

                    Mike