Static route on OSX

I have this 2008 Mac Pro running 10.10 connected to two networks, one from each interface. Now, number 1 is connected to a slower WAN, but is the route I need to take to cross a VPN tunnel to a customer site. Number 2 should be used for everything else.

Step 1: reordering the service priority in network settings so that Ethernet 2 comes before Ethernet 1 makes all traffic go to the faster WAN. But now traffic to the customer site also tries to take that route, which doesn’t work.

You can fix this on the spot by:

route add 172.30.0.0/16 10.91.92.1

…which makes traffic for the customer site (172.30.0.0/16) go to the router at 10.91.92.1. OS X already knows that the address 10.91.92.1 is to be found on the subnet 10.91.92.0/24 which is on Ethernet 1. Everything works. Until you reboot, and then you have to do it again.

You can set this up in a plist in /Library/LaunchDaemons and activate using launchctl, but I couldn’t make this work. The route never happened after reboots.

Then I found a much more reliable method (click the link for the description I found). It is based on adding the route through the command “networksetup”. In my case, with the above example, it’s as follows:

sudo networksetup -setadditionalroutes "Ethernet 1" 172.30.0.0 255.255.0.0 10.91.92.1

This removes any other routes you may have set on the same interface using the same method, so if you need more than one route, you need to set it in the same command. For instance, if you need to route 192.168.111.0 through the same gateway, do both in one go:

sudo networksetup -setadditionalroutes "Ethernet 1" 172.30.0.0 255.255.0.0 10.91.92.1 192.168.111.0 255.255.255.0 10.91.92.1

The main difference between this and the “plist route” method (except that it actually works) is that you have to set the route on a particular interface (or network service). To find out which names are available on your machine, run:

networksetup -listallnetworkservices

It seems to list the services in the order of priority, so in my case it lists the ethernet services in the order of “Ethernet 2”, then “Ethernet 1”, which is what I want.

After doing all this, check if the route is there by running:

netstat -rn

Leave a Reply

Your email address will not be published. Required fields are marked *