Linux: Automatically remove routing reference when next-hop is unreachable

Question

I'm setting up the routing for my site-to-site wireguard VPN. Everything seems to be working fine but I have noticed that if a remote destination (next-hop) becomes unreachable the Linux kernel doesn't remove the reference to it from the routing table.

root@router:/# ip route
...
10.0.0.0/24 via 192.168.192.10 dev wg0
...

I have tried to define the destination in multiple way e.g. specifying only the output interface

ip add 10.0.0.0/24 dev wg0

or just the next-hop IP

ip add 10.0.0.0/24 via 192.168.192.10

In neither cases if the remote site runs into any issue and the IP 192.168.192.10 becomes unreachable I can still see the references in the local routing table.

Is there any way to have the next-hop reachability tracked (other than me scripting this up a boring list of periodic ping) so that if this becomes unreachable any reference to it is automatically removed from the routing table?

Thanks

Answer 1

Add the "monitor" option to the route command when defining the route as follows to enable the monitoring:

ip route add 10.0.0.0/24 via 192.168.192.10 dev wg0 monitor

you can also specify the monitoring interval and the minimum number of unsuccessful probes before the next-hop is regarded as being unreachable:

ip route change 10.0.0.0/24 via 192.168.192.10 dev wg0 monitor interval 5 timeout 10

This command will set the monitoring interval to 5 seconds and the timeout for failed probes to 10 seconds.