Skip to main content
โšก Calmops
๐Ÿค– AI ๐Ÿ—๏ธ Architecture ๐ŸŒ Web ๐Ÿ—ƒ๏ธ Database โš™๏ธ DevOps ๐ŸŒ Network ๐Ÿ’ป Programming ๐Ÿงฎ Algorithms ๐Ÿ“ Software Eng. โ˜๏ธ Cloud ๐Ÿ”’ Security ๐Ÿ“ˆ Finance More โ†’

macOS Routing: Complete Guide to Network Configuration

Created: March 13, 2020 CalmOps 6 min read

Introduction

Understanding network routing on macOS is essential for system administrators, developers, and power users who need to manage complex network configurations. Whether you’re setting up a VPN, configuring network interfaces, or troubleshooting connectivity issues, knowing how to view and manipulate the routing table is a crucial skill.

This comprehensive guide covers everything you need to know about routing operations on macOS, from basic commands to advanced configurations.

Understanding Network Routing

What is Routing?

Routing is the process of directing network traffic between different networks. When your Mac sends data over the network, it uses the routing table to determine the best path to the destination.

The Routing Table

The routing table contains:

  • Destination networks: Where traffic is headed
  • Gateways: Next hop addresses
  • Interfaces: Network interfaces to use
  • Metrics: Cost/priority of each route

Why Routing Matters on macOS

On macOS, routing is important for:

  • VPN configurations
  • Multi-homed systems (multiple network connections)
  • Development environments
  • Network troubleshooting
  • Security and access control

Viewing Network Configuration

Listing Current Routing Table

The primary command to view routing information:

netstat -nr

This displays:

  • Routing tables for all protocols
  • Flags showing route characteristics
  • Interface information
  • Metrics

Understanding the output:

Routing tables

Internet:
Destination        Gateway            Flags      Refs      Use   Netif   Expire
default            192.168.1.1       UGSc       24        0     en0
127.0.0.1         127.0.0.1         UH          0        0     lo0
192.168.1.0/24    link#4            UC           2        0     en0

Flags indicate:

  • U: Route is up
  • G: Gateway route
  • H: Host route
  • S: Static route
  • C: Clone route
  • W: Was cloned

Viewing IP Addresses

ifconfig

Shows all network interface configurations including:

  • IP addresses (IPv4 and IPv6)
  • MAC addresses
  • Status flags
  • Packet statistics

Note: On newer macOS versions, ifconfig is deprecated but still functional. You can also use:

ipconfig

Or for more detailed information:

networksetup -listallhardwareports

This lists all hardware ports and their current configurations.

Basic Routing Operations

Adding a Route

To add a new route:

sudo route add -net 11.11.11.11/32 192.168.0.1

Breaking down this command:

  • 11.11.11.11/32: Destination network (host route in this case)
  • 192.168.0.1: Gateway IP address

Important requirements:

  • Gateway must be on a directly connected network
  • You need administrative privileges (sudo)

Route Syntax Variations

# Add a network route
sudo route add -net 10.0.0.0/8 192.168.1.1

# Add a host route
sudo route add -host 192.168.50.100 192.168.1.1

# Add a default route
sudo route add default 192.168.1.1

Deleting a Route

Remove a route with:

sudo route delete -net 11.11.11.11/32 192.168.0.1

Examples:

# Delete specific route
sudo route delete -net 10.0.0.0/8 192.168.1.1

# Delete host route
sudo route delete -host 192.168.50.100

# Delete default route
sudo route delete default

Modifying Routes

Replace an existing route:

sudo route change -net 10.0.0.0/8 192.168.2.1

Making Routes Persistent

The Challenge

Routes added via the route command are temporaryโ€”they don’t survive reboots. For persistent routes, you need additional configuration.

Method 1: Using networksetup

The recommended approach for persistent routes:

sudo networksetup -setadditionalroutes "Wi-Fi" 11.11.11.11 255.255.255.255 192.168.0.1

This configures routes for the “Wi-Fi” interface to persist across reboots.

Finding your interface name:

networksetup -listallhardwareports

Sample output:

Hardware Port: Wi-Fi
Device: en0
Ethernet Address: 00:00:00:00:00:00

Hardware Port: Ethernet
Device: en1
Ethernet Address: 00:00:00:00:00:00

Setting multiple routes:

sudo networksetup -setadditionalroutes "Wi-Fi" \
    10.0.0.0 255.0.0.0 192.168.1.1 \
    172.16.0.0 255.240.0.0 192.168.1.1 \
    192.168.0.0 255.255.0.0 192.168.1.1

Method 2: Launch Daemon

For more complex routing, create a launch daemon:

  1. Create a script at /usr/local/bin/routes.sh:
#!/bin/bash
route add -net 11.11.11.11/32 192.168.0.1
  1. Make it executable:
sudo chmod +x /usr/local/bin/routes.sh
  1. Create a plist file at /Library/LaunchDaemons/com.custom.routes.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.custom.routes</string>
    <key>ProgramArguments</key>
    <array>
        <string>/usr/local/bin/routes.sh</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>
  1. Load the daemon:
sudo launchctl load /Library/LaunchDaemons/com.custom.routes.plist

Network Configuration Commands

Getting Interface Information

# Get info for specific interface
networksetup -getinfo "Wi-Fi"

# Shows:
# DHCP Configuration
# IPv4: 192.168.1.100
# Subnet Mask: 255.255.255.0
# Router: 192.168.1.1

Setting Manual IP Address

sudo networksetup -setmanual "Wi-Fi" 192.168.1.100 255.255.255.0 192.168.1.1

Syntax: setmanual [service] [IP] [subnet] [router]

Setting DHCP

sudo networksetup -setdhcp "Wi-Fi"

Getting Current DNS Settings

networksetup -getdnsservers "Wi-Fi"

Setting DNS Servers

# Set specific DNS servers
sudo networksetup -setdnsservers "Wi-Fi" 8.8.8.8 8.8.4.4

# Clear DNS servers
sudo networksetup -setdnsservers "Wi-Fi" empty

Troubleshooting Network Issues

Verifying Route Addition

After adding a route, verify it’s in the table:

netstat -nr | grep 11.11.11.11

Testing Connectivity

# Test basic connectivity
ping 11.11.11.11

# Continuous ping
ping -i 2 11.11.11.11

# Test with specific packet size
ping -s 1000 11.11.11.11

Checking Gateway Reachability

# Ping the gateway
ping 192.168.0.1

# Trace route to destination
traceroute 11.11.11.11

# Alternative (network diagnostic)
traceroute -I 11.11.11.11

Flushing Routes

Warning: Use cautiously as this affects all routing:

sudo route flush

This clears the routing table. You’ll need to re-add necessary routes.

Common Issues and Solutions

Route Not Found

  • Verify gateway is reachable: ping 192.168.0.1
  • Check if interface exists: ifconfig
  • Ensure correct network notation

Gateway Unreachable

  • Verify physical connection
  • Check if gateway is on same subnet
  • Verify local IP configuration

Routes Not Persisting

  • Check networksetup configuration
  • Verify launch daemon if used
  • Ensure proper permissions

Advanced Routing Concepts

Default Routes

The default route (gateway of last resort) is used when no specific route matches:

# View default route
netstat -nr | grep default

# Add default route
sudo route add default 192.168.1.1

Static Routes

Static routes are manually configured:

# Add static route
sudo route add -net 172.16.0.0/12 10.0.0.1

Policy Routing

For advanced routing based on source:

# Advanced routing may require pf rules or additional tools
# See: man pfctl

macOS Network Tools Reference

Essential Commands Summary

Command Purpose
netstat -nr View routing table
ifconfig Configure interfaces
ipconfig View IP configuration
route add Add route
route delete Delete route
ping Test connectivity
traceroute Trace path
networksetup Configure network
arp View ARP table
ndp View NDP table (IPv6)

Useful Combinations

# Get complete network status
netstat -an | grep ESTABLISHED

# View listening ports
lsof -i -P | grep LISTEN

# Check DNS resolution
nslookup example.com

# Monitor network traffic
nettop

Security Considerations

VPN Routing

When using VPNs, understand split tunneling:

  • Full tunnel: All traffic through VPN
  • Split tunnel: Only specific traffic through VPN

Firewall Interaction

macOS includes a built-in firewall. Configure with:

# Enable firewall
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

# Add exceptions
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --addapp /Applications/AppName.app

Best Practices

  1. Document your routes: Keep notes of custom routes
  2. Test before deploying: Verify routes in non-production first
  3. Use persistent methods: Prefer networksetup for permanent routes
  4. Monitor connectivity: Regular testing prevents issues
  5. Backup configurations: Before making changes

Conclusion

Mastering routing on macOS enables you to:

  • Configure complex network setups
  • Troubleshoot connectivity issues
  • Set up VPNs and development environments
  • Manage network security

Remember:

  • Temporary routes don’t persist after reboot
  • Use netstat -nr to verify route changes
  • Keep backups of network configurations
  • Test changes before deploying to production

With these skills, you can effectively manage macOS network configurations for any scenario.

References

Comments