Route different traffic through different network interfaces (in Windows)

Updated 4/4/2019

One of my clients uses a corporate network with a pretty strict firewall. In order to be able to access both the resources on the LAN as well as the internet, I connect my computer:

1. To the corporate network using a wired connection
2. To the internet through a WiFi router

We can help Windows to properly route network traffic by configuring the routing table.

To the point!

Use route or netsh to configure your routing table so that the route to your LAN subnet has a lower combined metric (interface+gateway) than the wildcard route to the internet. Both commands have quirks and sometimes one is easier to use than the other (route requires an interface number instead of a name, which is cumbersome to find, while netsh is hard to use to add a route to a software-generated vpn route like TeamViewer).

For example, to temporarily route all traffic to the 10.0.150.x subnet through a VPN connection where your local address is 7.148.136.66, use:

route add 10.0.150.0 mask 255.255.255.0 7.148.136.66

You can write a .bat file:

netsh interface ipv4 show interfaces
netsh interface ipv4 show route
netsh interface ipv4 set interface "Wireless Network Connection" metric=25
netsh interface ipv4 set interface "Local Area Connection" metric=20
netsh interface ipv4 set route 0.0.0.0/0 "Local Area Connection" 10.0.150.253 metric=15
netsh interface ipv4 set route 10.0.150.0/24 "Local Area Connection" 10.0.150.71 metric=1
netsh interface ipv4 set route 0.0.0.0/0 "Wireless Network Connection" 192.168.0.254 metric=4
netsh interface ipv4 show interfaces
netsh interface ipv4 show route
route print
PAUSE

The end result is:

• Route 10.0.150.0/24 comes first with a metric of 21
• 0.0.0.0/0 through "Wireless Network Connection" comes next with a metric of 29
• 0.0.0.0/0 through "Local Area Connection" comes third with a metric of 35

Of course you'll have to adjust the interface names (use netsh interface ipv4 show interfaces to identify) and ip masks as needed.

Background

Some things to keep in mind:

• In windows, both the interface and the gateway is assigned a metric
• Requests are routed through the route with the lowest metric all else being equal
• The route metric = interface metric + gateway metric
• The actual route chosen by Windows depends on several factors, including: the route metric, the specificity of the route (more specific routes, i.e. routes that match with a higher netmask are preferre), whether the route is a permanent or a dynamic route etc.

OK, but how does Windows exactly determine which route to take?

Some quotes are in order:

While part of the answer is relating to the metric of the route, it is not the only detail that dictates the path. In part of the route table, you can see where the destination network is (with a subnet mask), and which interface to talk to it on.

You can specify more "specific" routes to take, and the most specific rules will prevail. For example, if you had a home network at 192.168.0.0/24, your default route table knows to use Ethernet. If you add a direct route to 192.168.0.0/25 to be routed through your Wi-Fi adapter, then any hits to 192.168.0.0 through to 192.168.0.127 will go through your Wi-Fi, and the remainder of your network through Ethernet. If you Default Gateway (next hop) is 192.168.0.1, then your default gateway will connect over Wi-Fi, as that is where the "most specific route" exists. Likewise, if your gateway is 192.168.0.254, it would go through your Ethernet.

https://superuser.com/questions/198544/how-does-windows-7-decide-which-route-to-take-if-2-connections-to-an-internet-so

When you plug in a network cable or join a WiFi network, windows automatically adds some routes to the routing table. It is possible to exert some influence on this using the GUI tools. For example, one can set both through Control Panel / Network Connections / Interface Properties / Internet Protocol Version 4 / Properties / Advanced:

Unfortunately, the gateway metric simply disappears if you leave DHCP on and try to add the default gateway as reported by the DHCP server.

Another approach would be to use a utility like NetRouteView to edit the routing table:

However, this is cumbersome and less powerful than simply...

Using the Command Line

The original tool for working with the routing table was route.exe. This has been superseded by the network shell - netsh.

Some useful commands:

• netsh interface ipv4 show interfaces
• netsh interface ipv4 show route - note that this shows the metric of the gateway only
• route print or netstat -rn - while these show the metric of the gateway + interface
• route print <destination> - shows how a route was chosen for a given destination

Further Reading

• Netsh commands for Interface Internet Protocol version 4 (IPv4)
• Adding a static route using netsh and route commands
• How to change the Gateway Metric on Windows 7
• 3 Ways to Modify Windows Route Table to Choose Which Connection to Use
• Setting multiple gateway for internet connection
• How to make Windows send specific traffic to specific ethernet ports?
• How to route different traffic thru different network interfaces (in Windows)
• Windows route selection and “route print -6” vs “netsh interface ipv6 show route”
• How to configure static routes to route traffic through a specific gateway