The routeadm command is used to administer system-wide configuration for IP forwarding and routing. IP forwarding is the passing of IP packets from one network to another; IP routing is the use of a routing protocol to determine routes.
IP forwarding and routing functions are also represented as services within the service management facility (SMF), and can be administered by means of svcadm(1M) also, using
the following fault management resource identifiers (FMRIs):
In addition to enabling and disabling routing and forwarding, routeadm is used to interact with SMF-based routing daemon services. Routing daemon services are identified by the presence of a routeadm application property group, which routeadm uses
in administering the given service. Routing daemon services can also specify properties relating to their operation in the routing application property group; these can be modified by means of routeadm -m. If an FMRI for a service without such a property group is specified,
an error is issued and the operation is not carried out. If a routing daemon has not been converted to SMF, the ipv4[or 6]-routing-daemon, ipv4[or 6]-routing-daemon-args, and ipv4[or
6]-routing-stop-cmd variables can be used to specify the appropriate daemon for IPv4 or IPv6 routing. routeadm will then run that daemon using the svc:/network/routing/legacy-routing:ipv4[or 6] service as
appropriate. This conversion process occurs when you issue an enable (-e), disable (-d) or an update (-u) command.
The first usage, in the SYNOPSIS above, reports the current configuration.
OPTIONS
The following command-line options are supported:
-p [option]
Print the configuration in parseable format. If option is specified, only the configuration for the specified option or variable is displayed.
-Rroot-dir
Specify an alternate root directory where routeadm applies changes. This can be useful from within JumpStart scripts, where the root directory of the system being modified is mounted elsewhere.
Note -
The root file system of any non-global zones must not be referenced with the -R option. Doing so might damage the global zone's file system, might compromise the security of the global zone, and might damage the non-global zone's file system. See zones(5).
-eoption...
Enable the specified option. The effect is to prepare the associated services (svc:/network/ipv4-forwarding:default in the case of ipv4-forwarding) for enabling. By means of the routing-svcs variable, the routing daemons
are specified to be enabled on subsequent boot or when routeadm-u is run.
-doption...
Disable the specified option. The effect is to prepare the associated services (svc:/network/ipv4-forwarding:default in the case of ipv4-forwarding) for enabling. By means of the routing-svcs variable, the routing daemons
are specified to be disabled on subsequent boot or when routeadm-u is run.
-lfmri
List all properties in the routing application property group for the SMF routing daemon service.
-mfmrikey=value
Change property value of property key to value in routing application property group for the SMF routing daemon service. For multi-valued properties, the property name can be used multiple times in the modify operation, and
each associated value will be added.
-roption...
Revert the specified option to the system default. The system defaults are specified in the description of each option.
-u
Apply the currently configured options to the running system. These options might include enabling or disabling IP forwarding and launching or killing routing daemons, if any are specified. It does not alter the state of the system for those settings that have been set to default.
This option is meant to be used by administrators who do not want to reboot to apply their changes. In addition, this option upgrades non-SMF configurations from the invocations of daemon stop commands, which might include a set of arguments, to a simple enabling of the appropriate service.
-skey=value
Specify string values for specific variables in a comma-separated list with no intervening spaces. If invalid options are specified, a warning message is displayed and the program exits. The following variables can be specified:
routing-svcs=fmrilist
Specifies the routing daemon services to be enabled. Routing daemon services are determined to be IPv4 or IPv6 (and so enabled or disabled when routeadm-e/-dipv4(6)-routing is
run) on the basis of property values in the routeadm application property group. Default: route:default ripng:default
ipv4-routing-daemon=<full_path_to_routing_daemon>
Specifies the routing daemon to be started when ipv4-routing is enabled. The routing daemon specified must be an executable binary or shell-script. If the specified program maps to an SMF service, the service will be used, and daemon arguments to the program
will be transferred to the properties of the service at enable time. Default: ""
ipv4-routing-daemon-args=<args>
Specifies the startup arguments to be passed to the ipv4-routing-daemon when ipv4-routing is enabled. Default: no arguments
ipv4-routing-stop-cmd=<command>
Specifies the command to be executed to stop the routing daemon when ipv4-routing is disabled. <command> can be an executable binary or shell-script, or a string that can be parsed by system(3C). Default: ""
ipv6-routing-daemon=<full_path_to_routing_daemon>
Specifies the routing daemon to be started when ipv6-routing is enabled. The routing daemon specified must be an executable binary or shell-script. If the specified program maps to an SMF service, the service will be used, and daemon arguments to the program
will be transferred to the properties of the service at enable time. Default: ""
ipv6-routing-daemon-args=<args>
Specifies the startup arguments to be passed to the ipv6-routing-daemon when ipv6-routing is enabled. Default: ""
ipv6-routing-stop-cmd=<command>
Specifies the command to be executed to stop the routing daemon when ipv6-routing is disabled. <command> can be an executable binary or shell-script, or a string that can be parsed by system(3C). Default: ""
Multiple -e, -d, and -r options can be specified on the command line. Changes made by -e, -d, and -r are persistent, but are not applied to the running system unless routeadm is
called later with the -u option.
Use the following options as arguments to the -e, -d, and -r options (shown above as option...).
ipv4-forwarding
Controls the global forwarding configuration for all IPv4 interfaces. The system default is disabled. If enabled, IP will forward IPv4 packets to and from interfaces when appropriate. If disabled, IP will not forward IPv4 packets to and from interfaces when appropriate.
The SMF service associated with this configuration variable is svc:/network/routing/ipv4-forwarding. This service will be enabled or disabled as appropriate when routeadm is called with the u option. As an alternative, you can use svcadm(1M). Services that require ipv4-forwarding to be enabled should specify a dependency on this service.
ipv4-routing
Determines whether an IPv4 routing daemon is run. The system default is enabled unless the /etc/defaultrouter file exists (see defaultrouter(4)), in which case the default is disabled. The value of this option reflects the state of all IPv4 routing services, such that if any IPv4 routing service is enabled, ipv4-routing is enabled. This allows users
to interact with routing services using svcadm(1M), as well as through routeadm. IPv4 routing services, specified by means of the routing-svcs variable,
will be prepared for enable on next boot when the user explicitly enables ipv4-routing. The SMF routing daemon service for in.routed (svc:/network/routing/route:default) is specified by default.
ipv6-forwarding
Controls the global forwarding configuration for all IPv6 interfaces. The system default is disabled. If enabled, IP will forward IPv6 packets to and from interfaces when appropriate. If disabled, IP will not forward IPv6 packets to and from interfaces when appropriate.
The SMF service associated with this configuration variable is svc:/network/routing/ipv6-forwarding. This service will be enabled or disabled as appropriate when routeadm is called with the -u option, or svcadm(1M) is used. Services that require ipv6-forwarding to be enabled should specify a dependency on this service.
ipv6-routing
Determines whether an IPv6 routing daemon is run. The system default is disabled. The value of this option reflects the state of all IPv6 routing services, such that, if any IPv6 routing service is enabled, ipv6-routing is enabled. This allows
users to interact with routing services via svcadm(1M) as well as through routeadm. IPv6 routing services, specified by means of the routing-svcs variable,
will be prepared for enable on next boot when the user explicitly enables ipv6-routing. The SMF routing daemon service for in.ripngd (svc:/network/routing/ripng:default) is specified by default.
The forwarding and routing settings are related but not mutually dependent. For example, a router typically forwards IP packets and uses a routing protocol, but nothing would prevent an administrator from configuring a router that forwards packets and does not use a routing protocol. In
that case, the administrator would enable forwarding, disable routing, and populate the router's routing table with static routes.
The forwarding settings are global settings. Each interface also has an IFF_ROUTER forwarding flag that determines whether packets can be forwarded to or from a particular interface. That flag can be independently controlled by means of ifconfig(1M)'s router option. When the global forwarding setting is changed (that is, -u is issued to change the value from enabled to disabled or vice-versa), all interface
flags in the system are changed simultaneously to reflect the new global policy. Interfaces configured by means of DHCP automatically have their interface-specific IFF_ROUTER flag cleared.
When a new interface is plumbed by means of ifconfig, the value of the interface-specific forwarding flag is set according to the current global forwarding value. Thus, the forwarding value forms the "default" for all new interfaces.
EXAMPLES
Example 1 Enabling IPv4 Forwarding
IPv4 forwarding is disabled by default. The following command enables IPv4 forwarding:
example# routeadm -e ipv4-forwarding
Example 2 Apply Configured Settings to the Running System
In the previous example, a system setting was changed, but will not take effect until the next reboot unless a command such as the following is used:
example# routeadm -u
An alternative to the above two steps is to simply enable the equivalent SMF service:
Setting the -q flag is represented in the SMF service by setting the quiet_mode property to true. The following sequence of commands starts in.routed with the -q flag: