home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

TCP/IP Network Administration

TCP/IP Network AdministrationSearch this book
Previous: 2.4 Internet Routing Architecture Chapter 2
Delivering the Data
Next: 2.6 Address Resolution

2.5 The Routing Table

Gateways route data between networks; but all network devices, hosts as well as gateways, must make routing decisions. For most hosts, the routing decisions are simple:

  • If the destination host is on the local network, the data is delivered to the destination host.

  • If the destination host is on a remote network, the data is forwarded to a local gateway.

Because routing is network-oriented, IP makes routing decisions based on the network portion of the address. The IP module determines the network part of the destination's IP address by applying the network mask to the address. If the destination network is the local network, the mask that is applied may be the local subnet mask. If no mask is provided with the address, the address class determines the network portion of the address.

After determining the destination network, the IP module looks up the network in the local routing table . [7] Packets are routed toward their destination as directed by the routing table. The routing table may be built by the system administrator or by routing protocols, but the end result is the same; IP routing decisions are simple table look-ups.

[7] This table is also called the forwarding table .

You can display the routing table's contents with the netstat -nr command. The -r option tells netstat to display the routing table, and the -n option tells netstat to display the table in numeric form. It's useful to display the routing table in numeric form because the destination of most routes is a network, and networks are usually referred to by network numbers.

On a Solaris system, the netstat command displays the routing table with the following fields:


The destination network (or host).


The gateway to use to reach the specified destination.


The flags describe certain characteristics of this route. The possible flag values are:


Indicates that the route is up and operational.


Indicates this is a route to a specific host (most routes are to networks).


Means the route uses a gateway. The system's network interfaces provide routes to directly connected networks. All other routes use remote gateways. Directly connected networks do not have the G flag set; all other routes do.


Means that this route was added because of an ICMP Redirect Message. When a system learns of a route via an ICMP Redirect, it adds the route to its routing table, so that additional packets bound for that destination will not need to be redirected. The system uses the D flag to mark these routes.


The number of times the route has been referenced to establish a connection.


The number of packets transmitted via this route.


The name of the network interface [8] used by this route.

[8] The network interface is the network access hardware and software that IP uses to communicate with the physical network. See Chapter 6, Configuring the Interface , for details.

The only two fields important for our current discussion are the destination and gateway fields. The following is a sample routing table:


netstat -nr

Routing Table:
Destination  Gateway        Flags  Ref    Use   Interface
----------- -----------     -----  ----  -----  ---------       UH      1      298       lo0 
default     UG      2    50360     U      40   111379       le0     UG      4     1179     UG     10     1113     UG      2     1379     UG      4     1119

The first table entry is the loopback route for the local host. This is the loopback address mentioned earlier as a reserved network number. Because every system uses the loopback route to send datagrams to itself, this entry is in every host's routing table. The H flag is set because it is a route to a specific host (, not a route to an entire network ( We'll see the loopback facility again when we discuss kernel configuration and the ifconfig command. For now, however, our real interest is in external routes.

Another unique entry in the routing table is the entry with the word "default" in the destination field. This entry is for the default route , and the gateway specified in this entry is the default gateway . The default route is the other reserved network number mentioned earlier: The default gateway is used whenever there is no specific route in the table for a destination network address. For example, this routing table has no entry for network If IP receives any datagrams addressed to this network, it will send the datagram via the default gateway

You can tell from the sample routing table display that this host ( peanut ) is directly connected to network The routing table entry for that network does not specify an external gateway; i.e., the routing table entry for does not have the G flag set. Therefore, peanut must be directly connected to that network.

All of the gateways that appear in a routing table are on networks directly connected to the local system. In the sample shown above this means that, regardless of the destination address, the gateway addresses all begin with 172.16.12. This is the only network to which peanut is directly attached, and therefore it is the only network to which peanut can directly deliver data. The gateways that peanut uses to reach the rest of the Internet must be on peanut 's subnet.

In Figure 2.5 the IP layer of each host and gateway on our imaginary network is replaced by a small piece of a routing table, showing destination networks and the gateways used to reach those destinations. When the source host ( sends data to the destination host (, it first determines that is the local network's official address and applies the subnet mask. (Network is subnetted using the mask After applying the subnet mask, IP knows that the destination's network address is The routing table in the source host shows that data bound for should be sent to gateway Gateway makes direct delivery through its interface. Examining the routing tables shows that all systems list only gateways on networks they are directly connected to. Note that is the default gateway for both and But because cannot reach network directly, it has a different default route.

Figure 2.5: Table-based routing

Figure 2.5

A routing table does not contain end-to-end routes. A route points only to the next gateway, called the next hop , along the path to the destination network. [9] The host relies on the local gateway to deliver the data, and the gateway relies on other gateways. As a datagram moves from one gateway to another, it should eventually reach one that is directly connected to its destination network. It is this last gateway that finally delivers the data to the destination host.

[9] As we'll see in Chapter 7, Configuring Routing , some routing protocols, such as OSPF and BGP, obtain end-to-end routing information. Nevertheless, the packet is still passed to the next-hop router.

Previous: 2.4 Internet Routing Architecture TCP/IP Network Administration Next: 2.6 Address Resolution
2.4 Internet Routing Architecture Book Index 2.6 Address Resolution