How to reload default Mac OSX routing table without rebooting

networking mac-osx iptables routing eth0

131,907

Solution 1

You need to flush the routes . Use route -n flush several times . Afterwards add your routes with route add.

Solution 2

I was running into this issue while using a home OpenVPN server and connecting to it using the Tunnelblick application on Mac.

What was happening on my end is that a route with my home IP as the destination and an incorrect gateway was getting leftover after disconnecting from the VPN. Deleting this route solved the issue, simply

$ sudo route -n delete the.good.dns.name

Example: I am at school and after a fresh computer boot, I connect to a wireless network. I connect to my home OpenVPN server with Tunnelblick.

$ netstat -nr
Destination                   Gateway
....
[home-ip]/32                  [school-default-gateway-1] ....
....

I disconnect from the VPN server. I change wireless networks. This changes my default gateway.

$ netstat -nr
Destination                   Gateway
...
[home-ip]/32                  [school-default-gateway-1] ...
...
$ ping [home-ip]
PING [home-ip]: 56 data bytes
ping: sendto: Network is unreachable
ping: sendto: Network is unreachable
Request timeout for icmp_seq 0
...

I can't under any circumstances connect to my home network (VPN, ping, anything) after this happens. If I then just delete the route:

$ sudo route -n delete [home-ip]
delete net [home-ip]
$ ping [home-ip]
PING [home-ip]: 56 data bytes
64 bytes from [home-ip]: icmp_seq=1 ttl=56 time=13.111 ms

It works fine.

There might be an issue with how the OpenVPN server/client is configured which is leaving this (and I'd be interested in finding out what that is), but I installed a Tunnelblick post-disconnect script that automates this route deletion.

Solution 3

First you need a route for your network interface. If the VPN is disconnected then just take your network interface down and then bring it back up with ifconfig. Then use the route commnand to build in your default gw. So something like:

ifconfig en0 down

ifconfig en0 up

route add <ip address> default

Solution 4

I was running into the same issue as @Sean (I'm also running OS X), in that when I switched between home and work networks the default route was not getting deleted.

For completeness, when I connect to my VPN at home and running the following command, it'd show the default gateway as below

$ netstat -nr
Destination                   Gateway
...
[home-ip]/32                  [work-default-gateway-1]

And when I disconnected, the [home-ip] gateway would still be there. When I'd connect to my work network I couldn't connect to the internet at all, and run into the same issue as OP

$ traceroute the.good.dns.name    
$ traceroute: bind: Can't assign requested address

I'd then have to manually delete the route with

$ sudo route -n delete [home-ip]

Initially I put the "route -n delete" in a post-disconnect.sh script, but that was a little messy so instead I found this link

https://code.google.com/p/tunnelblick/issues/detail?id=177

Apparently the reason is due to setting the following in my .ovpn file

user nobody
group nogroup

Which means the route is set up as root, but when the connection is taken down the user is no longer root, so the route can't be deleted.

Commenting these 2 lines in my .ovpn file fixed the problem, without having to use a post-disconnect.sh.

View more solutions

131,907

Nate Murray

Updated on September 17, 2022

Comments

Nate Murray almost 2 years

Greetings,

I'm using vpnc for a VPN client. I'm also doing some tricky things with route to make sure I can still access my local network, etc. etc. (the particulars here are not very important).

Sometimes I get the routing table so jacked up I get ping: sendto: Network is unreachable for urls that should otherwise resolve.

Currently, if I restart Mac OS X then everything is back to normal. What I'd like to do is reset the routing tables to the "default" (e.g. what it is set to at boot) without a whole system reboot.

I think that step 1 is route flush (to remove all routes). And step 2 needs to reload all of the default routes.

Any thoughts on how to do this? (e.g. what is step 2?)

EDIT Also, I'm noticing another symptom is traceroute also fails on the address in question. For instance:

traceroute the.good.dns.name

traceroute: bind: Can't assign requested address
Nate Murray over 14 years

Yes, but how does Mac OS X know what the default route's ip address is? What I'd really like to see is how Mac OS X does the boot process and do the exact same thing.
Jordan Eunson over 14 years

...? It gets it from DHCP...
Nate Murray about 13 years

I've changed this to the accepted answer. It works! I did route -n flush several times, then I just restarted my networking via the System preferences. It only took me a year to come back and figure this out :)
Alan Donnelly over 11 years

This solved a similar problem for me with the Sonicwall's Aventail Connect VPN client which I find particularly prone to "Can't assign requested address" failures, especially when switching wireless networks. Now I have a way to resolve that doesn't avoid a power cycle. Thanks!
Tom Busby about 9 years

I'm actually having a similar issue here. Really annoying.
jklp over 8 years

I'm running into the same problem, even with the example ovpn script. The only solution I've found is the same as OP, in deleting the route in a post-disconnect script :/
Whitecat about 7 years

Is there a way to automatically run this script on every disconnect?
Toby over 6 years

Thanks, this worked for me as well. It's unfortunate that the google code link doesn't work any more.
Elad Nava about 6 years

@Whitecat Yes! Check this out: superuser.com/a/1305361
Finncent Price over 5 years

I've tried using your suggestion, the problem is that when I connect to the VPN it pulls the config files from somewhere and overwrites my changes. It isn't getting them from the server, so far as I can tell because when I change those files it doesn't fix the problem. Is there some client-side location where I can find these files and destroy/modify them so my changes will stick?
Finncent Price over 5 years

I was making the trivial error of confusing ~/Library with /Library. Oops! For anyone reading this, you want to modify the file in ~/Library/Application Support/Tunnelblick/Configurations/<vpnname>.tblk/Contents/R‌esources
hans_meine about 5 years

Wow! It also helped with my problem with BarracudaVPN… I switch Wi-Fi off/on, and finally could connect again! Thanks a lot!