Understanding Routing table entry

Question

I want to ask a question about route command in Linux. I have enter following command in Linux terminal

> route

and got the output:

Answer 1

192.168.1.0(-255) is the local destination, once it reaches its local destination (most likely 192.168.1.1, your router) it will be rerouted to the external IP destination. This shows how your computer chooses to send its packets which is relatively simple because most if not all of the packets leaving your computer travel to your router before they are sent to their destination.

A much more interesting routing table would be that of your router which would deal with many of both external and internal destinations. If you investigate this you will be able to learn a lot more about routing.

Answer 2

• Destination = the address of the network that the packet is headed to

The "default" means that if the destination is not found in any of the other rules than use this rule.

• Genmask = The subnet mask

If there is more than one address in the routing table that works for the outgoing packet, the rule with the higher subnet mask will be used. If those are tied, then metric comes into play but that will be different based on what protocol is being used.

• Interface = On-board connection

For example, the laptop I am on currently has three interfaces:

1. Ethernet card
2. Wireless card
3. Bluetooth

Routers generally have at least 2 interfaces for each side, 1 for each network they are a part of. For most home routers, 1 interface is part of your home network and the other is part of the external network headed toward your ISP.

• Gateway = Next hop

This is where the packet will be sent if the destination is not on the same network as the sender.

If the value is in "*" or "On-link" or the address of the current device... these all mean the same thing. It means that the packet is addressed to a device that is directly reachable by the current host. In other words, they're on the same network so the gateway won't actually be used because the host will know the data link layer (MAC) address of the destination and be able to send it directly there. These values are just used for human readability in this case.

As for the process of sending a packet:

• Destination and Genmask are used to figure out which rules are a match for the destination address of the outgoing packet.
• Interface is used to decide what communication device on the machine to send it through.
• Gateway is the address of the device on the same network that it will send the packet to (through).

Answer 3

Let's go through the lines one by one:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     1      0        0 eth0

This says that any packet with a destination of 192.168.1.0 through 192.168.1.255 will be sent out eth0 without using a gateway (unless a more-specific route overrides this one).

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.122.0   *               255.255.255.0   U     0      0        0 virbr0

This says that any packet with a destination of 192.168.122.0 through 192.168.122.255 will be sent out virbr0 without using a gateway. (Again, unless a more-specific route overrides this one.)

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
link-local      *               255.255.0.0     U     1000   0        0 eth0

This says that any packet with a link-local address will be sent out interface eth0 with no gateway.

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

This says that any packet to a destination without another route will be sent out eth0, using 192.168.1.1 as a gateway.