Why does this ROUTE ADD command fail?
Solution 1
You cannot have the loopback device (127.0.0.1) be the gateway. It doesn't make sense.
What you are saying with this command is "route all traffic that goes to this address(es) through this gateway". Because loopback does not route to any network, it does not work.
Find out which gateway you want this traffic to go through and use that instead. In a comment you mentioned using your own IP address. That might work because your IP would just fail routing the traffic. I have not tested this so ymmv:
route ADD 199.239.136.200 MASK 255.255.255.255 <OWN_IP> METRIC 10
Might be worth for you to check out Wikipedia's article on loopback for more information. Also, check out this superuser question for information on the gateway's role in routing.
Solution 2
You're trying to add your own device as the gateway, for every port on your computer I can come up with a reason to do this. The issues, is that windows will not let you set 127.0.0.1 as the gateway. This might be due to the fact that it is not defined by windows ipconfig. So, instead of using 127.0.0.1 as the gateway, Windows has re-defined it as "On-Link" :
Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 10.10.2.210 11
To set an On-Link gateway you have to specify it as 0.0.0.0 . My guess is that Microsoft knew that this gateway is impossible, so they internally defined it as the local address gateway.
To set this simply use:
C:\Windows\system32>route add 127.0.0.0 mask 255.0.0.0 0.0.0.0
OK!
C:\Windows\system32>route add 127.0.0.1 mask 255.255.255.255 0.0.0.0
OK!
Make sure you specify your own metric and interface as Windows might not pick the one you intended on using.
Related videos on Youtube
Android Eve
Updated on September 17, 2022Comments
-
Android Eve over 1 year
I am trying to block access to a single IP address by adding a specific route that leads "nowhere" (instead of the default gateway):
route ADD 199.239.136.200 MASK 255.255.255.255 127.0.0.1 METRIC 10
The problem is that this command fails with the following error:
The route addition failed: The parameter is incorrect.
It doesn't say which parameter is incorrect. I probably violated an implied rule of networking basics but I don't know what it is. Any idea which parameter is incorrect and, more importantly, why?
Thanks.
-
Android Eve over 13 yearsThat's exactly the intent. I want to mask a single IP address only, not a range. BTW, I just experimented with ROUTE ADD a little more and discovered that if I change the 3rd parameter from 127.0.0.1 to the IP address of my PC, everything works properly. That is, ROUTE ADD succeeds and the destination IP address is indeed blocked. Now I need to understand why. Any idea?
-
Belmin Fernandez over 13 yearsMy apologies. I'll edit my example. I was merely trying to help you figure out why 127.0.0.1 won't work. The problem is not about "cannot have 127.0.0.1 be the router for a non 127.0.0.0 destination". Has to do with loopback being a virtual device. Using your own IP address as the gateway could possibly work.
-
Android Eve over 13 yearsNo problem. I already gave you +1 for the part that says "You cannot have the loopback device (127.0.0.1) be the gateway". Unlike Nick's answer which pointed at the mask, you correctly pointed at the gateway part of the ROUTE ADD command. I am still not sure, however, that I understand all the rules about what constitutes a valid gateway. I am going to accept your answer, though, because I have at least one version of the ROUTE ADD command that works for me. :)