When a host wants to reach a destination that is outside of its own network, it has to use a default gateway. We use a router or multilayer switch (that’s a switch that can do routing) as a default gateway.
In this lesson I’ll explain how a host knows when to use the default gateway or not and how it works behind the scenes. Let’s start with a simple example:
Above we have two hosts connected to a switch. We only have network 192.168.1.0 with subnet mask 255.255.255.0.
When one host wants to send something to another host then it will check if the destination is inside or outside its own network. When the destination is in the same network then it will use ARP to find the MAC address of the destination and it can send the IP packet. How does the host check if the destination is in the same network? This is done by checking the subnet mask. For example, let’s say that 192.168.1.1 wants to send an IP packet to 192.168.1.2:
| Source | 192.168.1.1 | 11000000 10101000 00000001 00000001 |
| Destination | 192.168.1.2 | 11000000 10101000 00000001 00000010 |
| Subnet mask | 255.255.255.0 | 11111111 11111111 11111111 00000000 |
The subnet mask tells us which part of the IP address is the network and host part, the host that uses 192.168.1.1 sees that 192.168.1.2 is using the exact same network address and will know that it can use ARP to find the MAC address, create an Ethernet frame, encapsulate the IP packet and send it towards the switch.
Now let’s take a look at an example where we do require a default gateway. Take a look at this picture:
Above we have two hosts and two networks:
- 192.168.1.0
- 192.168.2.0
In between is a router that has two interfaces, it has an IP address for each network. The host on the left side will use 192.168.1.254 as its default gateway and the host on the right side will use 192.168.2.254 as its default gateway.
When the left host wants to reach the host on the right, it will check if the destination is in the same network or not:
| Source | 192.168.1.1 | 11000000 10101000 00000001 00000001 |
| Destination | 192.168.2.1 | 11000000 10101000 00000010 00000001 |
| Subnet mask | 255.255.255.0 | 11111111 11111111 11111111 00000000 |
These two hosts are not in the same network, you can see that the third octet is different. Our host will know that it can’t reach the destination directly and so it will use the default gateway for this. It will be up to the router to get this IP packet to the destination. What happens is that the host will use ARP to find the MAC address of the default gateway.
Once it has the MAC address of the default gateway, it will create an Ethernet frame that has the MAC address of the default gateway in the destination field. The IP packet will remain the same. It will have a source IP address of 192.168.1.1 and a destination IP address of 192.168.2.1.
I hope this lesson has been helpful to understand how hosts determine when to use their default gateway. If you have any questions, feel free to leave a comment.
What if i have 2 network interface card on my host system with two different default gateway IP address configured.
Host will use which default gateway to forward the traffice. ??
Hi Shinu,
It will depend on the host but Windows for example uses a metric to determine which default gateway to pick.
Try a “route print” on a Windows machine when it’s connected with two network interfaces and has default gateways. You can see which default gateway it will prefer.
Rene
Rene,
Hello, normally I use the command
ip route 0.0.0.0 0.0.0.0to define the default route, but there is another command,
ip default-gatewayalso. What is the difference between the two commands?
Thanks,
Chris
Hi Chris,
IP route is used on a router to enter something in its routing table. The effect will be the same…
Devices like switches don’t build a routing table so that’s when you need to use the ip default-gateway command. Also, on a router you can use it if you disable the routing table with “no ip routing”.
Rene
Hi Rene,
I have a question. Does the ARP table at Host A keep an entry for each non-local IP address to the Router’s MAC address, or it will keep only one entry relating the Router’s interface IP address to its MAC address?
Thanks
Miguel