How do I add static routes to Roqos Core?

Currently Roqos Core apps and webapps do not support adding static routes. Very soon we will add this feature. Till then following are the steps to add static routes both dynamically and statically:

1. In your Roqos app or webapp simply slide the switch and enable the SSH server on your Roqos Core. 

Screenshot_from_2021-04-01_17-19-33.png

2. Make a SSH into your Roqos Core and use admin as username, and your Roqos account password as the password.

3. To see the current routes, type sudo ip route show, which should show you something similar to below example:

# sudo ip route show
0.0.0.0/1 via 172.19.32.1 dev tun0
default via 192.168.1.1 dev eth0
52.54.149.0 via 192.168.1.1 dev eth0
52.206.212.203 via 192.168.1.1 dev eth0
54.83.142.9 via 192.168.1.1 dev eth0
54.83.153.35 via 192.168.1.1 dev eth0
54.83.154.17 via 192.168.1.1 dev eth0
70.169.163.26 via 192.168.1.1 dev eth0
128.0.0.0/1 via 172.19.32.1 dev tun0
172.16.32.0/24 dev tun1 proto kernel scope link src 172.16.32.1
172.19.32.0/24 dev tun0 proto kernel scope link src 172.19.32.2
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.5
192.168.27.0/24 dev br0 proto kernel scope link src 192.168.27.1
192.168.77.0/24 dev br1 proto kernel scope link src 192.168.77.1 linkdown

In the above example, VPN-Out feature is enabled and connected, and it’s route address is 172.19.32.1 on an interface named tun0, that can be seen at the first line.

Default gateway/route, which is the regular, non VPN interface is denoted by default, and is 192.168.1.1 on interface named eth0 in this example.

Keep in mind that the default internet interface in an RC10 is always eth0, and the VPN-Out interface is always tun0.

4. If you would like to add a static route on the default gateway address and interface. Command to use for this operation is sudo ip route add, with the following syntax:

sudo ip route add DestinationIP/Mask via RouteIP dev InterfaceName

For example, if you want to route traffic destined to 1.2.3.0/24 network over non-VPN link (eth0), adding this route would be achieved with the following command:

 sudo ip route add 1.2.3.0/24 via 192.168.1.1 dev eth0

After adding this static route, you can see it with sudo ip route show command:

# sudo ip route show
0.0.0.0/1 via 172.19.32.1 dev tun0
default via 192.168.1.1 dev eth0
1.2.3.0/24 via 192.168.1.1 dev eth0
52.54.149.0 via 192.168.1.1 dev eth0
52.206.212.203 via 192.168.1.1 dev eth0
54.83.142.9 via 192.168.1.1 dev eth0
54.83.153.35 via 192.168.1.1 dev eth0
54.83.154.17 via 192.168.1.1 dev eth0
70.169.163.26 via 192.168.1.1 dev eth0
128.0.0.0/1 via 172.19.32.1 dev tun0
172.16.32.0/24 dev tun1 proto kernel scope link src 172.16.32.1
172.19.32.0/24 dev tun0 proto kernel scope link src 172.19.32.2
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.5
192.168.27.0/24 dev br0 proto kernel scope link src 192.168.27.1
192.168.77.0/24 dev br1 proto kernel scope link src 192.168.77.1 linkdown

At this point, all traffic destined to 1.2.3.0/24 network will bypass VPN-Out connection and instead will go through the regular ISP connection. This static route will remain intact until it is deleted manually, or Roqos Core is rebooted.

5. To delete a static route you previously added, use sudo ip route del command, for example:

sudo ip route del 1.2.3.0/24 via 192.168.1.1 dev eth0

6. To ensure static routes are still valid after a rebooting your Roqos Core, you can add these routes in a file called /etc/rc.local. Please make sure that you add the command right before the line at the end that says “exit 0”. When you open up /etc/rc.local with an editor (both nano and vim is installed in your Roqos Core that can be used to edit this file):

# System boot up
echo -n "System bootup complete ... "
$scripts/rcBootAlert.py
echo "done."

# In case, some RC fails to create rcUpgradeInProgress 
echo 0 > $myetc/rcUpgradeInProgress

# initialize rcWirelessWAN
$scripts/rcWirelessWAN.py --initialize

exit 0

Adding a permanent static route would make it look like:

# System boot up
echo -n "System bootup complete ... "
$scripts/rcBootAlert.py
echo "done."

# In case, some RC fails to create rcUpgradeInProgress 
echo 0 > $myetc/rcUpgradeInProgress

# initialize rcWirelessWAN
$scripts/rcWirelessWAN.py --initialize

# new static routes
sudo ip route add 1.2.3.0/24 via 192.168.1.1 dev eth0
sudo ip route add 10.2.3.1/32 via 192.168.1.1 dev eth0

exit 0

 

Warnings 

  1. Please make sure to not delete or modify any other lines in the rc.local file, as it can affect the operation of your Roqos Core. 
  2. rc.local file will be overwritten when a new software update is installed automatically to your Roqos Core, removing the static routes you have added. Current software version can be seen in the Roqos App under Settings - About - Software Version.

Contact Support Team

Our support team is here to help. If you are unable to find answers in our support center, please submit your question, and we will get back to you as soon as possible.