diff --git a/netclient/local/routes.go b/netclient/local/routes.go
new file mode 100644
index 00000000..948f370a
--- /dev/null
+++ b/netclient/local/routes.go
@@ -0,0 +1,48 @@
+package local
+
+import (
+	"net"
+
+	"github.com/gravitl/netmaker/netclient/ncutils"
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
+)
+
+func SetPeerRoutes(iface string, oldPeers map[string][]net.IPNet, newPeers []wgtypes.PeerConfig) {
+
+	// traverse through all recieved peers
+	for _, peer := range newPeers {
+		// if pubkey found in existing peers, check against existing peer
+		currPeerAllowedIPs := oldPeers[peer.PublicKey.String()]
+		if currPeerAllowedIPs != nil {
+			// traverse IPs, check to see if old peer contains each IP
+			for _, allowedIP := range peer.AllowedIPs { // compare new ones (if any) to old ones
+				if !ncutils.IPNetSliceContains(currPeerAllowedIPs, allowedIP) {
+					if err := setRoute(iface, &allowedIP); err != nil {
+						ncutils.PrintLog(err.Error(), 1)
+					}
+				}
+			}
+			for _, allowedIP := range currPeerAllowedIPs { // compare old ones (if any) to new ones
+				if !ncutils.IPNetSliceContains(peer.AllowedIPs, allowedIP) {
+					if err := deleteRoute(iface, &allowedIP); err != nil {
+						ncutils.PrintLog(err.Error(), 1)
+					}
+				}
+			}
+			delete(oldPeers, peer.PublicKey.String())
+		} else {
+			for _, allowedIP := range peer.AllowedIPs {
+				if err := setRoute(iface, &allowedIP); err != nil {
+					ncutils.PrintLog(err.Error(), 1)
+				}
+			}
+		}
+	}
+
+	// traverse through all existing peers
+	for _, allowedIPs := range oldPeers {
+		for _, allowedIP := range allowedIPs {
+			deleteRoute(iface, &allowedIP)
+		}
+	}
+}