Windows 10 route keeps coming back after a while every time I delete it with route delete, how can I delete route for good?

0

Initially I had a raspberry pi/pi2 on my network beating my router dhcp server and serving up IPs and because of some default options Windows clients started receiving the IP address of the pi2 dhcp server as its gateway. I fixed that by adding specific gateway router option to my dhcpd config on the raspberry pi.

But apparently on my Windows 10pc .200 I keep getting this seeming manual route (regardless if over wifi or lan) to one of my PCs lets call it 192.168.1.100 with netmask 255.255.255.255 and gateway 192.168.1.50 (pi2 address)

So when I do route print it gives:

192.168.1.100  255.255.255.255     192.168.1.50   192.168.1.200     26

So because of this I can't connect/ping from my Windows 10pc to the .100 ip

It will work after I route delete -p 192.168.1.100 but later it re-adds itself

netsh interface ipv4 show route:

No       Manual    1    192.168.1.100/32          10  192.168.1.50

I looked in registry and I didn't see any persistent routes in there (Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes )

How can I tell from where/how this phantom network route keeps coming back?

UPDATE: I just came back to use PC and again I found that route was re-added: 

192.168.1.100  255.255.255.255     192.168.1.50   192.168.1.200     26

and when I do arp -a I no longer see an entry at all for 192.168.1.100 and I can't ping or connect to .1.100 until I again route delete it.

htfree

Posted 2019-07-26T05:03:47.210

Reputation: 33

Might be your router that has the long memory. Try to delete the route and immediately reboot the router. – harrymc – 2019-07-26T16:15:18.187

you think my 192.168.1.1 router is giving out the wrong route or you mean the raspberry pi2 whose ip is .1.50 is giving out the bad route? my only confusion is that before the network/lan pc's were setting .1.50 as their gateway for the entire .1.0/24 network not just a specific route. And after I set on the pi2 .1.50 a specific router option to set gateway address to .1.1 then the PCs no longer had .1.50 for the gateway to .1.0/24 network. I guess it wouldn't hurt to Reboot the pi2 just in case though I did stop restart service etc previously. thx – htfree – 2019-07-26T20:10:02.310

Answers

0

/32 routes can appear due to an ICMP Redirect, if the firewall is configured to accept them.

Take a look at your ARP cache using arp -a – does it list the correct MAC address next to 192.168.1.100? It might be pointing to a device that used to be .1.100, but isn't anymore; so when your outdated ARP cache entry directs the packets there, the device with that MAC address redirects you to what it thinks is a more correct path.

(The "correct path" is based on what the MAC address' owner has as its default gateway.)

user1686

Posted 2019-07-26T05:03:47.210

Reputation: 283 655

Interesting info but in my case I just checked arp -a and MAC for .1.100 matches what I see when I look at ipconfig /all on that machine. And .1.100 is a manually set static IP address. But my .200 windows10pc exhibiting problem is set to DHCP. I'm guessing I can maybe fix by making this .200 to be manual/static-IP but i'd rather diagnose issue if possible to avoid similar in the future. – htfree – 2019-07-26T15:00:42.507

I'll try to redo the arp -a command again when that static route gets re-added. Right now I ran it "after" I already removed the bad route with route delete. – htfree – 2019-07-26T15:07:33.280

arp -a gives same "correct" MAC address for .1.100 whether during wrong route present or during time its deleted. But interestingly arp -a says its "dynamic" when in fact that win7pro system has its IP set statically not with DHCP. – htfree – 2019-07-26T23:19:33.603

Asked: 2019-07-26T05:03:47.210

Viewed: 249 times

Active: 2019-07-27T15:20:59.030