Default gateway
Encyclopedia
In computer networking, a gateway is a node
(a router) on a TCP/IP network that serves as an access point to another network. A default gateway is the node on the computer network
that the network software uses when an IP address
does not match any other routes in the routing table
.
In home computing configurations, an ISP
often provides a physical device which both connects local hardware to the Internet
and serves as a gateway. Such devices include DSL modems and cable modem
s.
In organizational systems a gateway is a node that routes the traffic from a workstation
to another network segment
. The default gateway commonly connects the internal networks and the outside network (Internet). In such a situation, the gateway node could also act as a proxy server
and a firewall
. The gateway is also associated with both a router, which uses headers and forwarding tables to determine where packets are sent, and a switch
, which provides the actual path for the packet in and out of the gateway.
In other words, a default gateway provides an entry point and an exit point in a network.
Hosts addresses:
Router (this side) address:
The network has a subnet mask of:
Thus the usable network ranges from addresses 192.168.4.1 to 192.168.4.254. (TCP/IP defines the addresses 192.168.4.0 and 192.168.4.255 for special functions.)
The office's hosts will send packets addressed to IPs within this range directly, by resolving the destination IP address into a MAC address
through an ARP
sequence (if not already known through the host's ARP cache) and then enveloping the IP packet into a layer 2 (MAC) packet addressed to the destination host.
Packets addressed outside of this range (for this example, a packet addressed to 192.168.12.3) cannot travel directly to the destination. Instead they must be sent to the default gateway for further routing to their ultimate destination. In this example, the default gateway uses the IP address 192.168.4.1, which is resolved into a MAC address with ARP in the usual way. Note that the destination IP address remains 192.168.12.3, but the next-hop physical address is that of the gateway, rather than of the ultimate destination.
Hosts and addresses:
Router1:
Router2:
Router3:
Network mask in all networks: 255.255.255.0 (/24 in CIDR notation).
If the routers do not use a Routing Information Protocol
to discover which network each router is connected to, then the routing table of each router must be set up.
Router1
Router2
Router3
Router2 manages its attached networks and default gateway; router 3 does the same; router 1 manages all routes within the internal networks.
Accessing internal resources
If PC2 (172.16.1.100) needs to access PC3 (192.168.1.100), since PC2 has no route to 192.168.1.100 it will send packets for PC3 to its default gateway (router2). Router2 also has no route to PC3, and it will forward the packets to its default gateway (router1). Router1 has a route for this network (192.168.1.0/24) so router1 will forward the packets to router3, which will deliver the packets to PC3; reply packets will follow the same route to PC2.
Accessing external resources
If any of the computers try to access a webpage on the Internet, like http://en.wikipedia.org/, the destination will first be resolved to an IP address by using DNS
-resolving. The IP-address could be 91.198.174.2. In this example, none of the internal routers know the route to that host, so they will forward the packet through router1's gateway or default route
. Every router on the packet's way to the destination will check whether the packet's destination IP-address matches any known network routes. If a router finds a match, it will forward the packet through that route; if not, it will send the packet to its own default gateway. Each router encountered on the way will store the packet ID and where it came from so that it can pass the request back to previous sender. The packet contains source and destination, not all router hops. At last the packet will arrive back to router1, which will check for matching packet ID and route it accordingly through router2 or router3 or directly to PC1 (which was connected in the same network segment as router1).
The packet doesn't return
If router1 does not have any route to 192.168.1.0/24, and PC3 tries to access a resource outside its own network, then all routing will work until the reply is fed back to router1. Since the route is unknown to router1, it will go to router1's default gateway, and never reach router3. In the logs of the resource they will trace the request, but the requestor will never get any information. The packet will die because the TTL
-value decrease to less than 1 when it is travelling through the routers or the router will see that it has a private IP and discard it. This could be discovered by using Microsoft Windows
utility Pathping
, since you only can ping until that router which has no route or wrong route. (Note that some routers will not reply to pinging.)
Node (networking)
In communication networks, a node is a connection point, either a redistribution point or a communication endpoint . The definition of a node depends on the network and protocol layer referred to...
(a router) on a TCP/IP network that serves as an access point to another network. A default gateway is the node on the computer network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
that the network software uses when an IP address
IP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
does not match any other routes in the routing table
Routing table
In computer networking a routing table, or Routing Information Base , is a data table stored in a router or a networked computer that lists the routes to particular network destinations, and in some cases, metrics associated with those routes. The routing table contains information about the...
.
In home computing configurations, an ISP
Internet service provider
An Internet service provider is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and host other people servers...
often provides a physical device which both connects local hardware to the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
and serves as a gateway. Such devices include DSL modems and cable modem
Cable modem
A cable modem is a type of network bridge and modem that provides bi-directional data communication via radio frequency channels on a HFC and RFoG infrastructure. Cable modems are primarily used to deliver broadband Internet access in the form of cable Internet, taking advantage of the high...
s.
In organizational systems a gateway is a node that routes the traffic from a workstation
Workstation
A workstation is a high-end microcomputer designed for technical or scientific applications. Intended primarily to be used by one person at a time, they are commonly connected to a local area network and run multi-user operating systems...
to another network segment
Network segment
A network segment is a portion of a computer network. The nature and extent of a segment depends on the nature of the network and the device or devices used to interconnect end stations.-Ethernet:...
. The default gateway commonly connects the internal networks and the outside network (Internet). In such a situation, the gateway node could also act as a proxy server
Proxy server
In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...
and a firewall
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
. The gateway is also associated with both a router, which uses headers and forwarding tables to determine where packets are sent, and a switch
Network switch
A network switch or switching hub is a computer networking device that connects network segments.The term commonly refers to a multi-port network bridge that processes and routes data at the data link layer of the OSI model...
, which provides the actual path for the packet in and out of the gateway.
In other words, a default gateway provides an entry point and an exit point in a network.
Example1
An office network consists of six hosts and a router is given as:Hosts addresses:
- 192.168.4.3
- 192.168.4.4
- 192.168.4.5
- 192.168.4.6
- 192.168.4.7
- 192.168.4.8
Router (this side) address:
- 192.168.4.1
The network has a subnet mask of:
- 255.255.255.0 (/24 in CIDR notation)
Thus the usable network ranges from addresses 192.168.4.1 to 192.168.4.254. (TCP/IP defines the addresses 192.168.4.0 and 192.168.4.255 for special functions.)
The office's hosts will send packets addressed to IPs within this range directly, by resolving the destination IP address into a MAC address
MAC address
A Media Access Control address is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet...
through an ARP
Address Resolution Protocol
Address Resolution Protocol is a telecommunications protocol used for resolution of network layer addresses into link layer addresses, a critical function in multiple-access networks. ARP was defined by RFC 826 in 1982. It is Internet Standard STD 37...
sequence (if not already known through the host's ARP cache) and then enveloping the IP packet into a layer 2 (MAC) packet addressed to the destination host.
Packets addressed outside of this range (for this example, a packet addressed to 192.168.12.3) cannot travel directly to the destination. Instead they must be sent to the default gateway for further routing to their ultimate destination. In this example, the default gateway uses the IP address 192.168.4.1, which is resolved into a MAC address with ARP in the usual way. Note that the destination IP address remains 192.168.12.3, but the next-hop physical address is that of the gateway, rather than of the ultimate destination.
Example2
A network with three routers and three hosts, connected to the Internet through router1.Hosts and addresses:
- PC1 10.1.1.100, default gateway 10.1.1.1
- PC2 172.16.1.100, default gateway 172.16.1.1
- PC3 192.168.1.100, default gateway 192.168.1.96
Router1:
- Interface 1 5.5.5.2 (public IP)
- Interface 2 10.1.1.1
Router2:
- Interface 1 10.1.1.2
- Interface 2 172.16.1.1
Router3:
- Interface 1 10.1.1.3
- Interface 2 192.168.1.96
Network mask in all networks: 255.255.255.0 (/24 in CIDR notation).
If the routers do not use a Routing Information Protocol
Routing Information Protocol
The Routing Information Protocol is a distance-vector routing protocol, which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination. The maximum number of hops allowed for RIP is 15....
to discover which network each router is connected to, then the routing table of each router must be set up.
Router1
| Network ID | Network mask | Gateway | Interface (examples; may vary) | Cost (decreases the TTL Time to live Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data... ) |
|---|---|---|---|---|
| 0.0.0.0 (default route Default route A default route, also known as the gateway of last resort, is the network route used by a router when no other known route exists for a given IP packet's destination address. All the packets for destinations not known by the router's routing table are sent to the default route... ) |
0.0.0.0 | Assigned by ISP (e.g. 5.5.5.1) | eth0 (Ethernet 1st adapter) | 10 |
| 10.1.1.0 | 255.255.255.0 | 10.1.1.1 | eth1 (Ethernet 2nd adapter) | 10 |
| 172.16.1.0 | 255.255.255.0 | 10.1.1.2 | eth1 (Ethernet 2nd adapter) | 10 |
| 192.168.1.0 | 255.255.255.0 | 10.1.1.3 | eth1 (Ethernet 2nd adapter) | 10 |
Router2
| Network ID | Network mask | Gateway | Interface (examples; may vary) | Cost (decreases the TTL Time to live Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data... ) |
|---|---|---|---|---|
| 0.0.0.0 (default route Default route A default route, also known as the gateway of last resort, is the network route used by a router when no other known route exists for a given IP packet's destination address. All the packets for destinations not known by the router's routing table are sent to the default route... ) |
0.0.0.0 | 10.1.1.1 | eth0 (Ethernet 1st adapter) | 10 |
| 172.16.1.0 | 255.255.255.0 | 172.16.1.1 | eth1 (Ethernet 2nd adapter) | 10 |
Router3
| Network ID | Network mask | Gateway | Interface (examples; may vary) | Cost (decreases the TTL Time to live Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data... ) |
|---|---|---|---|---|
| 0.0.0.0 (default route Default route A default route, also known as the gateway of last resort, is the network route used by a router when no other known route exists for a given IP packet's destination address. All the packets for destinations not known by the router's routing table are sent to the default route... ) |
0.0.0.0 | 10.1.1.1 | eth0 (Ethernet 1st adapter) | 10 |
| 192.168.1.0 | 255.255.255.0 | 192.168.1.96 | eth1 (Ethernet 2nd adapter) | 10 |
Router2 manages its attached networks and default gateway; router 3 does the same; router 1 manages all routes within the internal networks.
Accessing internal resources
If PC2 (172.16.1.100) needs to access PC3 (192.168.1.100), since PC2 has no route to 192.168.1.100 it will send packets for PC3 to its default gateway (router2). Router2 also has no route to PC3, and it will forward the packets to its default gateway (router1). Router1 has a route for this network (192.168.1.0/24) so router1 will forward the packets to router3, which will deliver the packets to PC3; reply packets will follow the same route to PC2.
Accessing external resources
If any of the computers try to access a webpage on the Internet, like http://en.wikipedia.org/, the destination will first be resolved to an IP address by using DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
-resolving. The IP-address could be 91.198.174.2. In this example, none of the internal routers know the route to that host, so they will forward the packet through router1's gateway or default route
Default route
A default route, also known as the gateway of last resort, is the network route used by a router when no other known route exists for a given IP packet's destination address. All the packets for destinations not known by the router's routing table are sent to the default route...
. Every router on the packet's way to the destination will check whether the packet's destination IP-address matches any known network routes. If a router finds a match, it will forward the packet through that route; if not, it will send the packet to its own default gateway. Each router encountered on the way will store the packet ID and where it came from so that it can pass the request back to previous sender. The packet contains source and destination, not all router hops. At last the packet will arrive back to router1, which will check for matching packet ID and route it accordingly through router2 or router3 or directly to PC1 (which was connected in the same network segment as router1).
The packet doesn't return
If router1 does not have any route to 192.168.1.0/24, and PC3 tries to access a resource outside its own network, then all routing will work until the reply is fed back to router1. Since the route is unknown to router1, it will go to router1's default gateway, and never reach router3. In the logs of the resource they will trace the request, but the requestor will never get any information. The packet will die because the TTL
Time to live
Time to live is a mechanism that limits the lifespan of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. In computer networking, TTL prevents a data...
-value decrease to less than 1 when it is travelling through the routers or the router will see that it has a private IP and discard it. This could be discovered by using Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
utility Pathping
Pathping
PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.It provides details of the path between two hosts and Ping-like statistics for each node in the path based on samples taken over a time period, depending on how many nodes...
, since you only can ping until that router which has no route or wrong route. (Note that some routers will not reply to pinging.)
See also
- route (command)Route (command)route is a command used to view and manipulate the TCP/IP routing table in both Unix-like and Windows operating systems. Manual manipulation of the routing table is characteristic of static routing....
: generic command for displaying/configuring TCP/IP routing tables (including gateways) on both Windows and UnixUnixUnix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
-clone systems.