In a typical enterprise environment with dual WAN connections, we often need to route specific traffic through secondary gateways. Here's the exact infrastructure I'm working with:
- Primary gateway: Windows Server 2008 (192.168.16.1)
- Secondary gateway: Router at 192.168.1.254
- Linux client IP: 192.168.16.22 (able to ping 192.168.1.254)
- Target server: 123.123.123.123
When attempting to create a static route using the classic route command:
sudo route add -host 123.123.123.123 gw 192.168.1.254 dev eth0
SIOCADDRT: No such process
This error typically indicates one of several potential issues, despite successful ping connectivity.
The traditional route command is deprecated in favor of the ip utility. Try this instead:
sudo ip route add 123.123.123.123/32 via 192.168.1.254 dev eth0
If this fails with "Network is unreachable", we need to verify the gateway's accessibility.
First, confirm ARP resolution works:
arping -I eth0 192.168.1.254Then test the actual route with traceroute:
traceroute -n 192.168.1.254Examine your current routing table for conflicts:
ip route show
route -nLook for existing routes that might conflict with your new route.
Check if firewall rules are blocking route setup:
sudo iptables -L -n -vICMP (ping) might be allowed while routing traffic is blocked.
For Debian-based systems, add to /etc/network/interfaces:
post-up ip route add 123.123.123.123/32 via 192.168.1.254 dev eth0For RHEL-based systems, create /etc/sysconfig/network-scripts/route-eth0:
123.123.123.123/32 via 192.168.1.254 dev eth0For more complex scenarios, consider policy routing:
sudo ip rule add from 192.168.16.22 table 100
sudo ip route add default via 192.168.1.254 dev eth0 table 100After adding the route, verify with:
ip route get 123.123.123.123And test actual connectivity:
curl --interface eth0 http://123.123.123.123While you can ping the gateway (192.168.1.254), the route addition fails with SIOCADDRT: No such process. This typically indicates one of these scenarios:
# First verify the gateway is truly reachable with advanced ping:
ping -c 4 -I eth0 192.168.1.254
# Check if the gateway responds to ARP requests
arping -I eth0 -c 3 192.168.1.254
# Verify route table before modification
ip route show
Modern Linux systems prefer ip route over the deprecated route command. Try these alternatives:
# Method 1: Using ip route command
sudo ip route add 123.123.123.123 via 192.168.1.254 dev eth0
# Method 2: Persistent route (Ubuntu/Debian)
echo "123.123.123.123 via 192.168.1.254 dev eth0" | sudo tee -a /etc/network/interfaces.d/static-routes
# Method 3: NetworkManager CLI (if used)
nmcli connection modify eth0 +ipv4.routes "123.123.123.123/32 192.168.1.254"
On your Windows Server 2008 router, ensure proper routing is configured:
# Check existing routes on Windows
route print
# Verify RRAS NAT configuration
netsh routing ip nat show interface
ICMP (ping) might be allowed while routing protocols are blocked:
# Check Linux firewall rules
sudo iptables -L -n -v
# Temporarily disable firewall for testing
sudo systemctl stop firewalld # For RHEL/CentOS
sudo ufw disable # For Ubuntu
Capture network traffic during route addition attempt:
sudo tcpdump -i eth0 host 192.168.1.254 -w route_debug.pcap
# After reproducing the error, analyze with:
tcpdump -r route_debug.pcap -nn -v
For a production environment, consider these robust approaches:
# Create a network configuration script
#!/bin/bash
ip route flush cache
ip route add 123.123.123.123 via 192.168.1.254 dev eth0 || \
echo "Failed to add route; investigating..." >> /var/log/network_routes.log
# Add to cron for persistence
(crontab -l 2>/dev/null; echo "@reboot /path/to/route_script.sh") | crontab -
For more granular control when multiple interfaces exist:
# Create custom routing table
echo "200 custom_route" >> /etc/iproute2/rt_tables
# Add rule for specific traffic
ip rule add from 192.168.16.22 table custom_route
ip route add default via 192.168.1.254 dev eth0 table custom_route
# Verify configuration
ip rule show
ip route show table custom_route