/routing/route

/routing/route

Summary

The /routing/route menu is a read-only table that displays all routes from all address families configured on the RouterOS device. This central routing table serves as the definitive source of truth for understanding how the router will forward traffic to any given destination. Unlike the /ip/route menu which allows configuration of static routes, the /routing/route table provides a unified view of routes from every source including connected networks, static routes, DHCP routes, and routes learned through dynamic routing protocols such as BGP, OSPF, and RIP.

Understanding the /routing/route table is essential for network troubleshooting, route propagation verification, and understanding the overall routing state of the router. The table displays routes from all routing tables (including VRF instances) and shows detailed route attributes that influence route selection and forwarding behavior. Each entry in the table contains flags indicating the route’s status, protocol of origin, and various attributes that determine how traffic matching that route will be processed.

The routing table follows the standard IP routing paradigm where the router examines the destination IP address of incoming packets and performs a longest-prefix-match lookup to select the most specific route. When multiple routes match the destination, the router applies its route selection algorithm considering distance, scope, target-scope, and protocol-specific attributes to elect a single active route that gets installed in the Forwarding Information Base (FIB) for actual packet forwarding.

Understanding Route Flags

Route flags provide essential status information about each route entry and indicate how the route was learned, its current state, and its eligibility for forwarding. These flags appear as single characters in the first column of route table output and communicate critical information at a glance.

Active and State Flags

The active flag (A) indicates that the route has been elected as the best route for its destination and is eligible for installation in the FIB. Only active routes participate in actual packet forwarding. Routes that are not active are held as candidates and may become active if the current active route becomes unavailable due to link failure, administrative changes, or route expiration.

The disabled flag (X) indicates that the route has been administratively disabled. Disabled routes remain in the routing table but are not considered for active route election and will not be used for forwarding regardless of other route attributes.

The filtered flag (F) indicates that the route was excluded from route selection by routing filters. Filtered routes may be valid routes from a protocol perspective but have been intentionally excluded by administrator-configured routing policy rules.

The unreachable flag (U) indicates that the route’s next-hop cannot be reached. This typically occurs when the gateway address specified in the route cannot be resolved through the routing table or when the interface associated with the route is down.

Protocol Origin Flags

Protocol origin flags indicate how the route was added to the routing table and help administrators quickly identify the source of each route entry. Connected routes (c) are automatically generated for directly attached networks when an IP address is configured on an interface. Static routes (s) are manually configured by the administrator through the /ip/route menu. Dynamic routing protocol routes are marked with their protocol identifier: BGP routes (b), OSPF routes (o), and RIP routes (r).

DHCP routes (d) are learned from DHCP servers and typically provide default gateway information or specific route announcements. Modem routes (m) are added by LTE or 3G modem services when the cellular interface obtains network configuration. VPN routes (v) are created by VPN protocols such as PPPoE, L2TP, and SSTP when these tunnels are established.

Special Purpose Flags

The blackhole flag (B) indicates a blackhole route configured to discard matching traffic. Blackhole routes are used for traffic filtering, rate limiting, or preventing traffic from reaching certain destinations while avoiding ICMP unreachable messages that might reveal network topology.

The ECMP flag (+) indicates that the route is part of an Equal-Cost Multi-Path group where multiple next-hops provide equal-cost routes to the same destination. ECMP enables load balancing across multiple links or paths.

The hardware offload flag (H) indicates that the route is eligible for hardware offloading on supported hardware such as SwitchOS devices or routers with ASIC-based forwarding capabilities.

The copy flag (y) indicates a route copy that exists for L3VPN redistribution purposes. These copies carry VPNv4 or VPNv6 specific attributes and are not used for regular forwarding.

Route Types and Address Families

RouterOS supports multiple address families in the routing table, each with its own characteristics and purpose. Understanding these address families is important for comprehensive route management and troubleshooting.

IPv4 Routes

IPv4 routes (afi=ip4) comprise the majority of routes in most RouterOS deployments and carry destination prefixes in the standard IPv4 address format with subnet mask notation. The IPv4 address family handles all traditional IP routing for networks using the 32-bit IPv4 address space. Routes in this family are displayed with the ip4 identifier in the AFI column and represent destinations that routers use to forward standard IPv4 packets.

Example IPv4 routes include connected routes for locally attached networks like 192.168.1.0/24, static routes to remote networks reachable through specific gateways, and dynamically learned routes from routing protocols carrying prefixes from other autonomous systems or areas.

IPv6 Routes

IPv6 routes (afi=ip6) handle the 128-bit IPv6 address space and follow similar routing principles as IPv4 with some differences in address representation and routing protocol operation. IPv6 routes display with the ip6 identifier and often include link-local addresses with zone identifiers (such as fe80::%ether1/64) that specify the interface scope.

The IPv6 routing table includes automatically generated link-local routes for each interface, global unicast routes for configured IPv6 addresses, and routes learned through routing protocols such as OSPFv3, BGP, or static configuration.

Link-Local Routes

Link-local routes (afi=link) represent the directly connected interfaces themselves and have the link address family. These routes with destinations like ether1, ether2, or loopback are automatically created when interfaces come up and serve as the basis for resolving next-hop addresses in other routes.

VPN Routes

VPN routes (afi=vpn4 or vpn6) carry routing information for Layer 3 VPN instances and are used in VRF deployments. These routes display with identifiers like 111.111.111.2&65530:100 and include Route Distinguisher (RD) and Route Target (RT) values that enable route leaking between VRF instances.

Route Properties and Attributes

Destination and Gateway

The dst-address property specifies the destination prefix that the route matches, expressed in CIDR notation. This is the network address and prefix length that determines which traffic uses this route. Routes with shorter prefixes (smaller prefix length numbers) match more destinations but are less specific, while longer prefixes match fewer destinations with greater specificity.

The gateway property specifies the configured next-hop address that traffic matching this route should be forwarded to. The gateway can be specified as an IP address, an interface name, or a combination using the ip%interface format for interface-scoped addresses.

The immediate-gw property shows the resolved actual gateway and interface that will be used for forwarding. When a route specifies a gateway IP address, RouterOS performs a recursive lookup to resolve this address to an actual interface and next-hop. The resolved value is displayed in immediate-gw and represents the actual forwarding information.

Distance and Scope

The distance property is the administrative distance that influences route selection when multiple routes to the same destination exist from different sources. Lower distance values are preferred, with connected routes at distance 0, static routes at distance 1, and various protocol distances defined by default (OSPF at 110, BGP at 20 or 200 depending on implementation, RIP at 120).

The scope property controls the next-hop lookup process and indicates how far the router should search when resolving recursive routes. Routes with scope 10 can resolve their next-hop through directly connected routes (scope 0), while routes with higher scope values can traverse additional routing table lookups. Scope helps prevent routing loops by limiting how far the resolver can travel during recursive next-hop resolution.

The target-scope property sets the scope that will be used when this route is referenced as a next-hop by other routes. This allows administrators to control the recursive resolution behavior of dependent routes.

Routing Table Association

The routing-table property indicates which routing table the route belongs to. RouterOS supports multiple routing tables for policy routing scenarios where different traffic flows may use different routing contexts. The main routing table is the default, but VRF instances create additional routing tables with independent route sets.

Routes in VRF instances display the vrf-interface parameter showing which VRF context they belong to, enabling identification of routes that belong to specific VRF instances even when viewing from the default routing context.

Protocol-Specific Attributes

Routes from dynamic routing protocols carry protocol-specific attributes that influence route selection and provide information about the path characteristics. BGP routes include AS path information, communities, local preference, MED values, origin codes, and RPKI validation status. OSPF routes include metric values, route type (inter-area, intra-area, external type-1, external type-2), and OSPF tag values.

These attributes enable sophisticated routing policy implementation where route selection considers not just distance but path characteristics, community memberships, and validation status.

Viewing the Routing Table

Basic Route Table Display

The simplest way to view the routing table is to print the contents without additional modifiers, which displays the route flags, destination addresses, gateways, and basic attributes.

[admin@MikroTik] /routing/route> print
Flags: A - ACTIVE; c, s, a, l, y - COPY; H - HW-OFFLOADED
Columns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE, IMMEDIATE-GW
    DST-ADDRESS                 GATEWAY           AFI   D  SCOPE  TA  IMMEDIATE-GW
 lH 10.0.0.0/8                                    ip4   0
As  10.0.0.0/8                  10.155.130.1      ip4   1     30  10  10.155.130.1%ether1
 lH 10.155.130.0/25                               ip4   0
Ac  10.155.130.0/25             ether1            ip4   0     10      ether1
 aH 10.155.130.12/32                              ip4   0
Ac  111.13.0.0/24               ether2            ip4   0     10      ether2

Detailed Route Information

The detail modifier provides comprehensive information about each route including all protocol-specific attributes and debugging information. This view is essential for troubleshooting route selection issues and verifying routing protocol operation.

[admin@MikroTik] /routing/route> print detail
Flags: X - disabled, F - filtered, U - unreachable, A - active;
c - connect, s - static, r - RIP, b - BGP, o - OSPF, d - dhcp, v - vpn, m - modem, a - ldp-address, l - ldp-mapping, y - copy; H - hw-offloaded;
+ - ecmp, B - blackhole

  o   afi=ip4 contribution=best-candidate dst-address=0.0.0.0/0 routing-table=main gateway=10.155.101.1%ether1 immediate-gw=10.155.101.1%ether1
       distance=110 scope=20 target-scope=10 belongs-to="OSPF route"
       OSPF.metric=2 .tag=111 .type=ext-type-1
       debug.fwp-ptr=0x203425A0

 Ad + afi=ip4 contribution=active dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=10.155.101.1 immediate-gw=10.155.101.1%ether1
       distance=1 scope=30 target-scope=10 vrf-interface=ether1 belongs-to="DHCP route"
       debug.fwp-ptr=0x20342060

 As + afi=ip4 contribution=active dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=10.155.101.1 immediate-gw=10.155.101.1%ether1
       distance=1 scope=30 target-scope=10 belongs-to="Static route"
       debug.fwp-ptr=0x20342060

 Fb   afi=ip4 contribution=filtered dst-address=1.0.0.0/24 routing-table=main gateway=10.155.101.1 immediate-gw=10.155.101.1%ether1 distance=20
       scope=40 target-scope=10 belongs-to="BGP IP routes from 10.155.101.217" rpki=invalid
       BGP.peer-cache-id=*B000002 .as-path="65530,100,9002,13335" .atomic-aggregate=yes .origin=igp
       debug.fwp-ptr=0x20342960

Filtering Route Output

Route output can be filtered using the where clause to focus on specific routes or route types. This is particularly useful in networks with large routing tables.

# View only active BGP routes
/routing/route print where BGP=yes && active=yes

# View routes with specific gateway
/routing/route print where gateway=10.155.101.1

# View routes in a specific VRF
/routing/route print where routing-table=ISP_A

# View routes with RPKI invalid status
/routing/route print where rpki=invalid

Route Selection Process

RouterOS uses a deterministic route selection process to elect a single active route when multiple routes to the same destination exist. The selection process considers multiple factors in a specific order, with routes that satisfy earlier criteria proceeding to the next evaluation stage.

The first consideration is route validity and reachability. Routes with unreachable next-hops or disabled routes are eliminated from consideration. The second consideration is protocol distance, with lower distances preferred. This explains why static routes (distance 1) typically win over OSPF routes (distance 110) when both point to the same destination.

When multiple routes have identical distance values, the route with the most specific match (longest prefix length) wins. If multiple routes have identical distance and prefix length, the route with the lowest route cost (protocol-specific metric) is selected. Finally, if all prior criteria are equal, the route with the lowest immediate-gw address value wins as a tiebreaker.

The scope and target-scope values influence recursive next-hop resolution but do not directly affect active route election between competing routes to the same destination.

Troubleshooting Route Issues

Identifying Inactive Routes

When routes appear in the routing table but are not marked as active, use the detail view to understand the contribution status and identify what is preventing the route from being elected.

# Check route contribution status
/routing/route print detail where !active

Common reasons for routes not becoming active include:

• The route’s next-hop cannot be resolved (immediate-gw shows unresolved status)
• A better route exists with lower distance or longer prefix
• The route has been filtered by routing filters
• The route’s interface is disabled or down

Resolving Gateway Issues

Gateway resolution failures prevent routes from becoming active. Verify that the gateway address is reachable through the main routing table and that the interface specified in the immediate-gw is operational.

# Check if gateway is reachable
ping 10.155.101.1

# Check interface status
/interface print

# Verify recursive route resolution
/ip/route print detail where dst-address=10.155.101.1

BGP Route Validation

BGP routes display RPKI validation status that indicates whether the prefix is verified as legitimately originated by the reported autonomous system. Routes with rpki=invalid may be filtered by default depending on router configuration.

# View RPKI validation status for BGP routes
/routing/route print where BGP=yes

# Check RPKI validator status
/routing/route/rpki print

# View BGP routes grouped by validation status
/routing/route print where BGP=yes && rpki=valid
/routing/route print where BGP=yes && rpki=invalid

Route Statistics and Monitoring

Tracking Route Changes

Monitor route changes over time to detect instability or unauthorized route modifications. The routing table maintains timestamps for route creation and last update.

# View route creation and update times (detail view includes timestamps)
/routing/route print detail

Counting Routes by Type

Understand the composition of the routing table by counting routes by their origin protocol.

# Count routes by protocol (requires scripting or export parsing)
:put "Protocol distribution requires external processing"

Exporting Route Information

Export the routing table configuration for documentation or analysis purposes.

# Export routes in text format
/routing/route print file=routes-backup.txt

# Export specific routes
/routing/route print where routing-table=main terse

Route Management Best Practices

Documentation

Maintain documentation of all statically configured routes including their purpose, origin, and expected behavior. Route comments in the configuration provide inline documentation that appears in route table displays.

/ip/route add dst-address=0.0.0.0/0 gateway=203.0.113.1 comment="Primary ISP connection"

Regular Verification

Periodically verify that routes in the table match expected configurations. Check for unexpected routes, routes with incorrect gateways, or routes that have become inactive due to topology changes.

Change Management

Document all route changes and understand the impact on traffic flow before implementing changes. Use routing filters to control which routes are accepted from dynamic routing protocols to prevent route injection attacks or unintended routing behavior.

Route Security

Implement RPKI validation for BGP routes to prevent prefix hijacking and route spoofing. Configure route filters to accept only routes from authorized peers and with valid origin AS values. Monitor the routing table for unexpected routes that could indicate compromise or misconfiguration.