Default gateway

Last updated November 15, 2024

A default gateway is the node in a computer network using the Internet protocol suite that serves as the forwarding host (router) to other networks when no other route specification matches the destination IP address of a packet.

Role

A gateway is a network node that serves as an access point to another network, often involving not only a change of addressing, but also a different networking technology. More narrowly defined, a router merely forwards packets between networks with different network prefixes. The networking software stack of each computer contains a routing table that specifies which interface is used for transmission and which router on the network is responsible for forwarding to a specific set of addresses. If none of these forwarding rules is appropriate for a given destination address, the default gateway is chosen as the router of last resort. The default gateway can be specified by the route command to configure the node's routing table and default route.

In a home or small office environment, the default gateway is a device, such as a DSL router or cable router, that connects the local network to the Internet. It serves as the default gateway for all network devices.

Enterprise network systems may require many internal network segments. A device wishing to communicate with a host on the public Internet, for example, forwards the packet to the default gateway for its network segment. This router also has a default route configured to a device on an adjacent network, one hop closer to the public network.

Examples

Single router

The following example shows IP addresses that might be used with an office network that consists of six hosts plus a router. The six hosts addresses are:

192.168.4.3
192.168.4.4
192.168.4.5
192.168.4.6
192.168.4.7
192.168.4.8

The router's inside address is:

192.168.4.1

The network has a subnet mask of:

255.255.255.0 (/24 in CIDR notation)

The address range assignable to hosts is from 192.168.4.1 to 192.168.4.254. TCP/IP defines the addresses 192.168.4.0 (network ID address) and 192.168.4.255 (broadcast IP address).

The office's hosts send packets to addresses within this range directly, by resolving the destination IP address into a MAC address with the Address Resolution Protocol (ARP) sequence and then encapsulates the IP packet into a MAC frame addressed to the destination host.

A packet addressed outside of this range, for this example, addressed to 192.168.12.3, cannot travel directly to the destination. Instead it must be sent to the default gateway for further routing to their ultimate destination. In this example, the default gateway uses the IP address 192.168.4.1, which is resolved into a MAC address with ARP in the usual way. The destination IP address remains 192.168.12.3, but the next-hop MAC address is that of the gateway, rather than of the ultimate destination.

Multi-router

In another example, a network with three routers and three hosts is connected to the Internet through Router1. The hosts' addresses are:

PC1 10.1.1.100, default gateway 10.1.1.1
PC2 172.16.1.100, default gateway 172.16.1.1
PC3 192.168.1.100, default gateway 192.168.1.96

Router1:

Interface 1 5.5.5.2 (public IP)
Interface 2 10.1.1.1

Router2:

Interface 1 10.1.1.2
Interface 2 172.16.1.1

Router3:

Interface 1 10.1.1.3
Interface 2 192.168.1.96

Network mask in all networks: 255.255.255.0 (/24 in CIDR notation). If the routers do not use a routing protocol to discover which network each router is connected to, then the routing table of each router must be set up.

Router1

Network ID	Network mask	Gateway	Interface (examples; may vary)	Cost (decreases the TTL)
0.0.0.0 (default route)	0.0.0.0	Assigned by ISP (e.g., 5.5.5.1)	eth0 (Ethernet 1st adapter)	10
10.1.1.0	255.255.255.0	10.1.1.1	eth1 (Ethernet 2nd adapter)	10
172.16.1.0	255.255.255.0	10.1.1.2	eth1 (Ethernet 2nd adapter)	10
192.168.1.0	255.255.255.0	10.1.1.3	eth1 (Ethernet 2nd adapter)	10

Router2

Network ID	Network mask	Gateway	Interface (examples; may vary)	Cost (decreases the TTL)
0.0.0.0 (default route)	0.0.0.0	10.1.1.1	eth0 (Ethernet 1st adapter)	10
172.16.1.0	255.255.255.0	172.16.1.1	eth1 (Ethernet 2nd adapter)	10

Router3

Network ID	Network mask	Gateway	Interface (examples; may vary)	Cost (decreases the TTL)
0.0.0.0 (default route)	0.0.0.0	10.1.1.1	eth0 (Ethernet 1st adapter)	10
192.168.1.0	255.255.255.0	192.168.1.96	eth1 (Ethernet 2nd adapter)	10

Router2 manages its attached networks and default gateway; router 3 does the same; router 1 manages all routes within the internal networks.

Accessing internal resources: If PC2 (172.16.1.100) needs to access PC3 (192.168.1.100), since PC2 has no route to 192.168.1.100 it will send packets for PC3 to its default gateway (router2). Router2 also has no route to PC3, and it will forward the packets to its default gateway (router1). Router1 has a route for this network (192.168.1.0/24) so router1 will forward the packets to router3, which will deliver the packets to PC3; reply packets will follow the reverse path back to PC2.
Accessing external resources: If any of the computers try to access a webpage on the Internet, like https://en.wikipedia.org/, the destination will first be resolved to an IP address by using DNS-resolving. The IP-address could be 91.198.174.2. In this example, none of the internal routers know the route to that host, so they will forward the packet through router1's gateway or default route.^[1] Every router on the packet's way to the destination will check whether the packet's destination IP-address matches any known network routes. If a router finds a match, it will forward the packet through that route; if not, it will send the packet to its own default gateway. Each router encountered on the way will store the packet ID and where it came from so that it can pass the response packet back to the sender. The packet contains source and destination, not all router hops. At last the packet will arrive back to router1, which will check for matching packet ID and route it accordingly through router2 or router3 or directly to PC1 (which was connected in the same network segment as router1).
The packet doesn't return: If router1 routing table does not have any route to 192.168.1.0/24, and PC3 tries to access a resource outside its own network, then the outgoing routing will work until the reply is fed back to router1. Since the route is unknown to router1, it will go to router1's default gateway, and never reach router3. In the logs of the resource they will trace the request, but the requestor will never get any information. The packet will die because the TTL-value decreased to less than 1 when it was traveling through the routers, or the router will see that it has a private IP and discard it. This could be discovered by using the Microsoft Windows utility PathPing or MTR on Unix-like operating systems, since the ping will stop at the router which has no route or a wrong route. (Note that some routers will not reply to pinging).

Utilities

Various utility software can show the default gateway. On Windows, ipconfig may be used,^[2] while on Unix systems, ifconfig or netstat may be used.^[3] On Linux netstat has been superseded by iproute2 .^[4]^[5]

Related Research Articles

An Internet Protocol address is a numerical label such as 192.0.2.1 that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface identification, and location addressing.

Internet Protocol version 4 (IPv4) is the first version of the Internet Protocol (IP) as a standalone specification. It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version deployed for production on SATNET in 1982 and on the ARPANET in January 1983. It is still used to route most Internet traffic today, even with the ongoing deployment of Internet Protocol version 6 (IPv6), its successor.

<span class="mw-page-title-main">Router (computing)</span> Device that forwards data packets between computer networks

A router is a computer and networking device that forwards data packets between computer networks, including internetworks such as the global Internet.

In computing, traceroute and tracert are diagnostic command-line interface commands for displaying possible routes (paths) and transit delays of packets across an Internet Protocol (IP) network.

In computer networking, a routing table, or routing information base (RIB), is a data table stored in a router or a network host that lists the routes to particular network destinations, and in some cases, metrics (distances) associated with those routes. The routing table contains information about the topology of the network immediately around it.

Proxy ARP is a technique by which a proxy server on a given network answers the Address Resolution Protocol (ARP) queries for an IP address that is not on that network. The proxy is aware of the location of the traffic's destination and offers its own MAC address as the destination. The traffic directed to the proxy address is then typically routed by the proxy to the intended destination via another interface or via a tunnel.

Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. The technique was originally used to bypass the need to assign a new address to every host when a network was moved, or when the upstream Internet service provider was replaced, but could not route the network's address space. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

A subnetwork, or subnet, is a logical subdivision of an IP network. The practice of dividing a network into two or more networks is called subnetting.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. A SOCKS server accepts incoming client connection on TCP port 1080, as defined in RFC 1928.

A broadcast address is a network address used to transmit to all devices connected to a multiple-access communications network. A message sent to a broadcast address may be received by all network-attached hosts.

<span class="mw-page-title-main">Port forwarding</span> Computer networking feature

In computer networking, port forwarding or port mapping is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. This technique is most commonly used to make services on a host residing on a protected or masqueraded (internal) network available to hosts on the opposite side of the gateway, by remapping the destination IP address and port number of the communication to an internal host.

Longest prefix match refers to an algorithm used by routers in Internet Protocol (IP) networking to select an entry from a routing table.

A supernetwork, or supernet, is an Internet Protocol (IP) network that is formed by aggregation of multiple networks into a larger network. The new routing prefix for the aggregate network represents the constituent networks in a single routing table entry. The process of forming a supernet is called supernetting, prefix aggregation, route aggregation, or route summarization.

ifconfig is a system administration utility in Unix-like operating systems for network interface configuration.

In computer networking, the default route is a configuration of the Internet Protocol (IP) that establishes a forwarding rule for packets when no specific address of a next-hop host is available from the routing table or other routing mechanisms.

A gateway is a piece of networking hardware or software used in telecommunications networks that allows data to flow from one discrete network to another. Gateways are distinct from routers or switches in that they communicate using more than one protocol to connect multiple networks and can operate at any of the seven layers of the OSI model.

A UDP Helper Address is a special router configuration used to forward broadcast network traffic from a client machine on one subnet to a server in another subnet.

In network routing, the control plane is the part of the router architecture that is concerned with establishing the network topology, or the information in a routing table that defines what to do with incoming packets. Control plane functions, such as participating in routing protocols, run in the architectural control element. In most cases, the routing table contains a list of destination addresses and the outgoing interface(s) associated with each. Control plane logic also can identify certain packets to be discarded, as well as preferential treatment of certain packets for which a high quality of service is defined by such mechanisms as differentiated services.

In computing, route is a command used to view and manipulate the IP routing table in Unix-like and Microsoft Windows operating systems and also in IBM OS/2 and ReactOS. Manual manipulation of the routing table is characteristic of static routing.

IP routing is the application of routing methodologies to IP networks. This involves not only protocols and technologies but includes the policies of the worldwide organization and configuration of Internet infrastructure. In each IP network node, IP routing involves the determination of a suitable path for a network packet from a source to its destination in an IP network. The process uses static configuration rules or dynamically obtained from routing protocols to select specific packet forwarding methods to direct traffic to the next available intermediate network node one hop closer to the desired final destination, a total path potentially spanning multiple computer networks.

References

↑ Bhardwaj, Mukesh (2019-01-11). "192.168.1.1 Login Page, Username, Password, and WiFi Settings". iTech Hacks. Retrieved 2019-02-25.
↑ "Top 7 TCP/IP Utilities For Networking Pros". pluralsight.com. Retrieved 2019-05-05.
↑ Henry-Stocker, Sandra (2013-08-03). "Unix: Getting from here to there (routing basics)". Network World. Retrieved 2019-05-05.
↑ "News: Deprecation of net-tools". archlinux.org. Retrieved 2020-05-18.
↑ "Deprecated Linux networking commands and their replacements". Doug Vitale Tech Blog. 2011-12-21. Retrieved 2020-05-18.

External links

The Linux Documentation Project

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Bhardwaj, Mukesh (2019-01-11). "192.168.1.1 Login Page, Username, Password, and WiFi Settings". iTech Hacks. Retrieved 2019-02-25.

[2] "Top 7 TCP/IP Utilities For Networking Pros". pluralsight.com. Retrieved 2019-05-05.

[3] Henry-Stocker, Sandra (2013-08-03). "Unix: Getting from here to there (routing basics)". Network World. Retrieved 2019-05-05.

[4] "News: Deprecation of net-tools". archlinux.org. Retrieved 2020-05-18.

[5] "Deprecated Linux networking commands and their replacements". Doug Vitale Tech Blog. 2011-12-21. Retrieved 2020-05-18.

[1]

[2]

[3]

[4]

[5]