• Choose a category
• All
• Classic-Fiction

131.40.52.0 wahoo U 60 80770 hme0

localhost localhost UH 4 4767 lo0

default gatehost UG 0 0 hme0

The term "gateway" is used somewhat improperly in both netstat -r and the following discussion. A gateway performs services at the application layer in the protocol stack, while a router is concerned only with the IP layer. The routing tables show IP routes, and titling the Gateway column Router instead would be more correct. However, many people associate Router with a dedicated IP router, so the less specific term Gateway is used.

The information in the routing table determines how to get to a particular remote host or network, and shows the usage statistics for each route. The destination column shows the remote address; if it is a remote network, the address has a .0 suffix to indicate that it is a network number.[3] Note that you can get to multiple networks through a single gateway. The gateway listed in the routing tables is just the first step that must be taken to reach the remote network; additional routing information on the first gateway directs a packet to another gateway if required.

The Flags column describes the gateway:

U

The gateway is up. If this flag appears in netstat -r, the gateway is probably up.

G

To get to the destination address, packets must go through a gateway. The gateway's name is in the second column.

H

The gateway is a "host gateway" and is directly connected to the network listed as the destination. In the first line of the routing table in the previous example, destination 131.40.191.1 is the IP address of gatehost, the gateway referenced in several other route table entries. Host gateways are always listed with their full IP addresses as the destination and are generally at the far end of a point-to-point link.

D

The route was added after receiving an ICMP redirect message. The local host probably sent a packet to some other router, such as gatehost, with a destination network of 131.40.208.0. gatehost consulted its routing tables and found that the router to this network was gatehost2, and to get to gatehost2 it had to send the packet back out on the same network interface on which it was received. The IP routing algorithm realizes that it should never have been handed a packet for this network in the first place, so it sends an ICMP redirect message to the originator informing it of a better route to network 131.40.208.0. Using static routes in a network with multiple gateways can lead to a steady stream of ICMP redirect requests unless the transmitting hosts update their route tables. Figure A-1 shows the generation of an ICMP redirect message.

Figure A-1. ICMP redirect generation

The last column in the output of netstat -r shows the physical or pseudo device used to reach the gateway. The last three routes deserve some additional explanation. The route with wahoo as the gateway describes the local host's connection to the local network. This is known as the interface route of the machine. The next entry shows the loopback device, which is listed as a host gateway. The last line is a default routing entry, which is used as a catchall if the destination IP network cannot be matched to any explicit route in the table.

The combination of the flags U, G, and H implies "This host is the gateway to this network": the U flag means the gateway is up, the G flag means the packets must go through a gateway, and the H flag indicates that the remote network is connected to the host listed in the route table. The gateway host has at least one network interface and one or more point-to-point links. A gateway listed with flags U and G has two or more network interfaces and is acting as a routing host. The lack of the H flag means that the remote network isn't attached directly to the gateway; the gateway host listed in the routing table is merely a stepping stone on the way to that remote network.

Armed with the route tables, we can locate the host on our local network that can forward our packets to any destination host. Since we need the MAC address