Does a Gateway of a Subnet need to be a “real” Computer?
Clash Royale CLAN TAG#URR8PPP
Is a Gateway always a real computer or just a "logic" entity, which can be on any address, except the broadcast IP?
subnet gateway
|
show 1 more comment
Is a Gateway always a real computer or just a "logic" entity, which can be on any address, except the broadcast IP?
subnet gateway
9
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
2
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
2
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38
|
show 1 more comment
Is a Gateway always a real computer or just a "logic" entity, which can be on any address, except the broadcast IP?
subnet gateway
Is a Gateway always a real computer or just a "logic" entity, which can be on any address, except the broadcast IP?
subnet gateway
subnet gateway
asked Jan 29 at 7:32
SemoSemo
17619
17619
9
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
2
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
2
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38
|
show 1 more comment
9
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
2
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
2
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38
9
9
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
2
2
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
2
2
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38
|
show 1 more comment
4 Answers
4
active
oldest
votes
Default route (aka gateway address) has to be owned by something that is capable of forwarding packets to the rest of the internet, and which is willing to do so. It doesn't have to be the "principal" IP address of the thing that owns it (whatever that means). It can be a logical address that floats between two or more devices, and in high-availability setups it often is.
The only requirement, in order that routing works, is that whatever device currently owns and advertises the address, that device can and will route traffic.
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
|
show 5 more comments
The IP address of the gateway can be any valid host IP address in the subnet, i.e. not the network address itself nor the broadcast address. This IP address does not need to belong to a single computer or router, it can be a "floating" IP address used by several gateways. Check out the Wikipedia articles on HSRP, VRRP, GLBP, or CARP.
For example, when the subnet is 172.16.23.0/25, then:
- the network address is 172.16.23.0,
- the broadcast address is 172.16.23.127, and
- the range of valid host addresses is from 172.16.23.1 till 172.16.23.126, inclusive.
The gateway must be any of these valid host addresses, e.g. 172.16.23.65. The settings of your computer would then be, e.g.:
- IP address: 172.16.23.5
- Subnet mask: 255.255.255.128
- Default gateway: 172.16.23.65
Now adding in one of the first-hop redundancy protocols, the actual gateways (routers) can have the IP address 172.16.23.1 and 172.16.23.2 but use the virtual IP address of 172.16.23.65 to present themselves as the default gateway to the subnet.
add a comment |
"Logical entity" in your usage is a tiny bit confusing. But I'll try to answer it best I can.
From my experience, a gateway in an IP configuration is usually a physical device. While it doesn't have to be a computer in the traditional sense (it can also be a network appliance) it does have to be device.
As you may know, the purpose that a default gateway serves is to act as a forwarding entity for all requests that a.) the computer doesn't already have in its routing table or has an entry instructing the system to forward the request to an IP that happens to be the gateway and/or b.) that are outside of the broadcast domain. The default gateway is never used in situations where two hosts are on the same broadcast domain (i.e. a network topology created by a switch) because the system can use the subnet's broadcast address to find the MAC address of a system owning a particular IP address.
In short, to answer your question, technically, you can set your default gateway as any IP address on a connected network. Windows or most other OSs for that matter won't stop you because they often don't perform verification of TCP/IP details. If you're setting it, you're most likely technically-savvy enough to understand the distinction. However, if it is the IP address of a device that is unable to forward, then it will result in errors in applications reliant on routing (i.e. a web browser) because the device won't be prepared with a routing table or a routing service to forward the request.
Someone much more experienced than myself, however, should be able to easily correct me if I am wrong.
TL;DR - A physical device, most likely.
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
add a comment |
Routing table entries resolve a subnet to either a gateway or a network adapter.
A typical routing table for a device on a private network might, if you leave out the unnecessary stuff, look like
0.0.0.0/0 via 192.168.0.1
192.168.0.0/24 dev eth0
The most specific route wins for each destination, so the subnet route takes precedence over the default route for addresses in the subnet.
The gateway address is, in turn, resolved through the routing table, which determines the network interface it is given to as well as addressing on the lower layer.
So, for a packet to 1.1.1.1
, the destination is looked up in the routing table, returning the default route, which has a gateway. The gateway is looked up again, returning the Ethernet interface.
Ethernet has MAC addresses, so an ARP lookup is done for the gateway address, and the MAC address for the gateway is used for the outgoing packet (which still uses the proper destination address in its IP header).
Other lower-level transports work differently, for example PPP links have a "peer address", so their device route uses a netmask of /32, and they skip ARP resolution and just send packets as "broadcast" over the PPP link.
Some IP stacks require manual creation of the device route, which makes this a bit more obvious:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
route add default via 192.168.0.1
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f951217%2fdoes-a-gateway-of-a-subnet-need-to-be-a-real-computer%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Default route (aka gateway address) has to be owned by something that is capable of forwarding packets to the rest of the internet, and which is willing to do so. It doesn't have to be the "principal" IP address of the thing that owns it (whatever that means). It can be a logical address that floats between two or more devices, and in high-availability setups it often is.
The only requirement, in order that routing works, is that whatever device currently owns and advertises the address, that device can and will route traffic.
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
|
show 5 more comments
Default route (aka gateway address) has to be owned by something that is capable of forwarding packets to the rest of the internet, and which is willing to do so. It doesn't have to be the "principal" IP address of the thing that owns it (whatever that means). It can be a logical address that floats between two or more devices, and in high-availability setups it often is.
The only requirement, in order that routing works, is that whatever device currently owns and advertises the address, that device can and will route traffic.
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
|
show 5 more comments
Default route (aka gateway address) has to be owned by something that is capable of forwarding packets to the rest of the internet, and which is willing to do so. It doesn't have to be the "principal" IP address of the thing that owns it (whatever that means). It can be a logical address that floats between two or more devices, and in high-availability setups it often is.
The only requirement, in order that routing works, is that whatever device currently owns and advertises the address, that device can and will route traffic.
Default route (aka gateway address) has to be owned by something that is capable of forwarding packets to the rest of the internet, and which is willing to do so. It doesn't have to be the "principal" IP address of the thing that owns it (whatever that means). It can be a logical address that floats between two or more devices, and in high-availability setups it often is.
The only requirement, in order that routing works, is that whatever device currently owns and advertises the address, that device can and will route traffic.
answered Jan 29 at 7:46
MadHatterMadHatter
70.1k11144207
70.1k11144207
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
|
show 5 more comments
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
6
6
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
... Or at least pretend to.
– Shadur
Jan 29 at 9:57
2
2
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
@Shadur I'm interested in how routing can work if default route only pretends to actually, y'know, route traffic.
– MadHatter
Jan 29 at 10:06
1
1
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
Routing itself won't work, but if all you want to allow is browsing you could have the "gateway" intercept and run a transparent proxy on ports 53, 80 and 443, and keep the system itself as isolated as possible.
– Shadur
Jan 29 at 10:09
7
7
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
OK. I don't disagree, but that's not routing. I stand by my assertion that in order for routing to work, the router must actually route, and it sounds like you wouldn't disagree with that.
– MadHatter
Jan 29 at 10:31
1
1
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
Fair point, but "gateway" as it's used in this question is default route, ie next-hop-of-last-resort. That has to be able to get you not only to any internal subnets that you don't have specific routes for, but to everything else as well.
– MadHatter
Jan 29 at 20:36
|
show 5 more comments
The IP address of the gateway can be any valid host IP address in the subnet, i.e. not the network address itself nor the broadcast address. This IP address does not need to belong to a single computer or router, it can be a "floating" IP address used by several gateways. Check out the Wikipedia articles on HSRP, VRRP, GLBP, or CARP.
For example, when the subnet is 172.16.23.0/25, then:
- the network address is 172.16.23.0,
- the broadcast address is 172.16.23.127, and
- the range of valid host addresses is from 172.16.23.1 till 172.16.23.126, inclusive.
The gateway must be any of these valid host addresses, e.g. 172.16.23.65. The settings of your computer would then be, e.g.:
- IP address: 172.16.23.5
- Subnet mask: 255.255.255.128
- Default gateway: 172.16.23.65
Now adding in one of the first-hop redundancy protocols, the actual gateways (routers) can have the IP address 172.16.23.1 and 172.16.23.2 but use the virtual IP address of 172.16.23.65 to present themselves as the default gateway to the subnet.
add a comment |
The IP address of the gateway can be any valid host IP address in the subnet, i.e. not the network address itself nor the broadcast address. This IP address does not need to belong to a single computer or router, it can be a "floating" IP address used by several gateways. Check out the Wikipedia articles on HSRP, VRRP, GLBP, or CARP.
For example, when the subnet is 172.16.23.0/25, then:
- the network address is 172.16.23.0,
- the broadcast address is 172.16.23.127, and
- the range of valid host addresses is from 172.16.23.1 till 172.16.23.126, inclusive.
The gateway must be any of these valid host addresses, e.g. 172.16.23.65. The settings of your computer would then be, e.g.:
- IP address: 172.16.23.5
- Subnet mask: 255.255.255.128
- Default gateway: 172.16.23.65
Now adding in one of the first-hop redundancy protocols, the actual gateways (routers) can have the IP address 172.16.23.1 and 172.16.23.2 but use the virtual IP address of 172.16.23.65 to present themselves as the default gateway to the subnet.
add a comment |
The IP address of the gateway can be any valid host IP address in the subnet, i.e. not the network address itself nor the broadcast address. This IP address does not need to belong to a single computer or router, it can be a "floating" IP address used by several gateways. Check out the Wikipedia articles on HSRP, VRRP, GLBP, or CARP.
For example, when the subnet is 172.16.23.0/25, then:
- the network address is 172.16.23.0,
- the broadcast address is 172.16.23.127, and
- the range of valid host addresses is from 172.16.23.1 till 172.16.23.126, inclusive.
The gateway must be any of these valid host addresses, e.g. 172.16.23.65. The settings of your computer would then be, e.g.:
- IP address: 172.16.23.5
- Subnet mask: 255.255.255.128
- Default gateway: 172.16.23.65
Now adding in one of the first-hop redundancy protocols, the actual gateways (routers) can have the IP address 172.16.23.1 and 172.16.23.2 but use the virtual IP address of 172.16.23.65 to present themselves as the default gateway to the subnet.
The IP address of the gateway can be any valid host IP address in the subnet, i.e. not the network address itself nor the broadcast address. This IP address does not need to belong to a single computer or router, it can be a "floating" IP address used by several gateways. Check out the Wikipedia articles on HSRP, VRRP, GLBP, or CARP.
For example, when the subnet is 172.16.23.0/25, then:
- the network address is 172.16.23.0,
- the broadcast address is 172.16.23.127, and
- the range of valid host addresses is from 172.16.23.1 till 172.16.23.126, inclusive.
The gateway must be any of these valid host addresses, e.g. 172.16.23.65. The settings of your computer would then be, e.g.:
- IP address: 172.16.23.5
- Subnet mask: 255.255.255.128
- Default gateway: 172.16.23.65
Now adding in one of the first-hop redundancy protocols, the actual gateways (routers) can have the IP address 172.16.23.1 and 172.16.23.2 but use the virtual IP address of 172.16.23.65 to present themselves as the default gateway to the subnet.
answered Jan 29 at 7:47
TommiieTommiie
3,9462636
3,9462636
add a comment |
add a comment |
"Logical entity" in your usage is a tiny bit confusing. But I'll try to answer it best I can.
From my experience, a gateway in an IP configuration is usually a physical device. While it doesn't have to be a computer in the traditional sense (it can also be a network appliance) it does have to be device.
As you may know, the purpose that a default gateway serves is to act as a forwarding entity for all requests that a.) the computer doesn't already have in its routing table or has an entry instructing the system to forward the request to an IP that happens to be the gateway and/or b.) that are outside of the broadcast domain. The default gateway is never used in situations where two hosts are on the same broadcast domain (i.e. a network topology created by a switch) because the system can use the subnet's broadcast address to find the MAC address of a system owning a particular IP address.
In short, to answer your question, technically, you can set your default gateway as any IP address on a connected network. Windows or most other OSs for that matter won't stop you because they often don't perform verification of TCP/IP details. If you're setting it, you're most likely technically-savvy enough to understand the distinction. However, if it is the IP address of a device that is unable to forward, then it will result in errors in applications reliant on routing (i.e. a web browser) because the device won't be prepared with a routing table or a routing service to forward the request.
Someone much more experienced than myself, however, should be able to easily correct me if I am wrong.
TL;DR - A physical device, most likely.
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
add a comment |
"Logical entity" in your usage is a tiny bit confusing. But I'll try to answer it best I can.
From my experience, a gateway in an IP configuration is usually a physical device. While it doesn't have to be a computer in the traditional sense (it can also be a network appliance) it does have to be device.
As you may know, the purpose that a default gateway serves is to act as a forwarding entity for all requests that a.) the computer doesn't already have in its routing table or has an entry instructing the system to forward the request to an IP that happens to be the gateway and/or b.) that are outside of the broadcast domain. The default gateway is never used in situations where two hosts are on the same broadcast domain (i.e. a network topology created by a switch) because the system can use the subnet's broadcast address to find the MAC address of a system owning a particular IP address.
In short, to answer your question, technically, you can set your default gateway as any IP address on a connected network. Windows or most other OSs for that matter won't stop you because they often don't perform verification of TCP/IP details. If you're setting it, you're most likely technically-savvy enough to understand the distinction. However, if it is the IP address of a device that is unable to forward, then it will result in errors in applications reliant on routing (i.e. a web browser) because the device won't be prepared with a routing table or a routing service to forward the request.
Someone much more experienced than myself, however, should be able to easily correct me if I am wrong.
TL;DR - A physical device, most likely.
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
add a comment |
"Logical entity" in your usage is a tiny bit confusing. But I'll try to answer it best I can.
From my experience, a gateway in an IP configuration is usually a physical device. While it doesn't have to be a computer in the traditional sense (it can also be a network appliance) it does have to be device.
As you may know, the purpose that a default gateway serves is to act as a forwarding entity for all requests that a.) the computer doesn't already have in its routing table or has an entry instructing the system to forward the request to an IP that happens to be the gateway and/or b.) that are outside of the broadcast domain. The default gateway is never used in situations where two hosts are on the same broadcast domain (i.e. a network topology created by a switch) because the system can use the subnet's broadcast address to find the MAC address of a system owning a particular IP address.
In short, to answer your question, technically, you can set your default gateway as any IP address on a connected network. Windows or most other OSs for that matter won't stop you because they often don't perform verification of TCP/IP details. If you're setting it, you're most likely technically-savvy enough to understand the distinction. However, if it is the IP address of a device that is unable to forward, then it will result in errors in applications reliant on routing (i.e. a web browser) because the device won't be prepared with a routing table or a routing service to forward the request.
Someone much more experienced than myself, however, should be able to easily correct me if I am wrong.
TL;DR - A physical device, most likely.
"Logical entity" in your usage is a tiny bit confusing. But I'll try to answer it best I can.
From my experience, a gateway in an IP configuration is usually a physical device. While it doesn't have to be a computer in the traditional sense (it can also be a network appliance) it does have to be device.
As you may know, the purpose that a default gateway serves is to act as a forwarding entity for all requests that a.) the computer doesn't already have in its routing table or has an entry instructing the system to forward the request to an IP that happens to be the gateway and/or b.) that are outside of the broadcast domain. The default gateway is never used in situations where two hosts are on the same broadcast domain (i.e. a network topology created by a switch) because the system can use the subnet's broadcast address to find the MAC address of a system owning a particular IP address.
In short, to answer your question, technically, you can set your default gateway as any IP address on a connected network. Windows or most other OSs for that matter won't stop you because they often don't perform verification of TCP/IP details. If you're setting it, you're most likely technically-savvy enough to understand the distinction. However, if it is the IP address of a device that is unable to forward, then it will result in errors in applications reliant on routing (i.e. a web browser) because the device won't be prepared with a routing table or a routing service to forward the request.
Someone much more experienced than myself, however, should be able to easily correct me if I am wrong.
TL;DR - A physical device, most likely.
edited Jan 30 at 7:36
Alex Hajnal
1033
1033
answered Jan 29 at 7:46
kelvintechiekelvintechie
3168
3168
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
add a comment |
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
You can have multiple different IP subnets on the same broadcast domain. In such cases traffic between those hosts will flow via their default gateways unless extra entries are added to the hosts routing tables or ICMP redirects are in use.
– Peter Green
Jan 29 at 16:29
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
Peter, I never considered that. Thanks! :)
– kelvintechie
Jan 29 at 22:35
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
@PeterGreen Yea, there are a lot of odd edge cases. For example, say 192.168.0.0/24 and 10.0.0.0/24 are on the same physical Ethernet LAN with the gateway for both being the same physical router at 192.168.0.1 and 10.0.0.1 respectively. If 192.168.0.100 pings 10.0.0.100 the first round-trip will be relayed through the gateway. The gateway may also send ICMP redirects to each host telling them they're on the same LAN. If so, each host will then then send ARP requests to get their peer's MAC addresses and all further communication will then occur directly between the peers (not via the gateway).
– Alex Hajnal
Jan 30 at 14:30
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
Note that with the above example, hosts need to be prodded (via an ICMP redirect) to broadcast an ARP request for the MAC address of a peer on a foreign network. Absent a redirect hosts won't make foreign-network ARP requests.
– Alex Hajnal
Jan 30 at 14:44
add a comment |
Routing table entries resolve a subnet to either a gateway or a network adapter.
A typical routing table for a device on a private network might, if you leave out the unnecessary stuff, look like
0.0.0.0/0 via 192.168.0.1
192.168.0.0/24 dev eth0
The most specific route wins for each destination, so the subnet route takes precedence over the default route for addresses in the subnet.
The gateway address is, in turn, resolved through the routing table, which determines the network interface it is given to as well as addressing on the lower layer.
So, for a packet to 1.1.1.1
, the destination is looked up in the routing table, returning the default route, which has a gateway. The gateway is looked up again, returning the Ethernet interface.
Ethernet has MAC addresses, so an ARP lookup is done for the gateway address, and the MAC address for the gateway is used for the outgoing packet (which still uses the proper destination address in its IP header).
Other lower-level transports work differently, for example PPP links have a "peer address", so their device route uses a netmask of /32, and they skip ARP resolution and just send packets as "broadcast" over the PPP link.
Some IP stacks require manual creation of the device route, which makes this a bit more obvious:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
route add default via 192.168.0.1
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
add a comment |
Routing table entries resolve a subnet to either a gateway or a network adapter.
A typical routing table for a device on a private network might, if you leave out the unnecessary stuff, look like
0.0.0.0/0 via 192.168.0.1
192.168.0.0/24 dev eth0
The most specific route wins for each destination, so the subnet route takes precedence over the default route for addresses in the subnet.
The gateway address is, in turn, resolved through the routing table, which determines the network interface it is given to as well as addressing on the lower layer.
So, for a packet to 1.1.1.1
, the destination is looked up in the routing table, returning the default route, which has a gateway. The gateway is looked up again, returning the Ethernet interface.
Ethernet has MAC addresses, so an ARP lookup is done for the gateway address, and the MAC address for the gateway is used for the outgoing packet (which still uses the proper destination address in its IP header).
Other lower-level transports work differently, for example PPP links have a "peer address", so their device route uses a netmask of /32, and they skip ARP resolution and just send packets as "broadcast" over the PPP link.
Some IP stacks require manual creation of the device route, which makes this a bit more obvious:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
route add default via 192.168.0.1
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
add a comment |
Routing table entries resolve a subnet to either a gateway or a network adapter.
A typical routing table for a device on a private network might, if you leave out the unnecessary stuff, look like
0.0.0.0/0 via 192.168.0.1
192.168.0.0/24 dev eth0
The most specific route wins for each destination, so the subnet route takes precedence over the default route for addresses in the subnet.
The gateway address is, in turn, resolved through the routing table, which determines the network interface it is given to as well as addressing on the lower layer.
So, for a packet to 1.1.1.1
, the destination is looked up in the routing table, returning the default route, which has a gateway. The gateway is looked up again, returning the Ethernet interface.
Ethernet has MAC addresses, so an ARP lookup is done for the gateway address, and the MAC address for the gateway is used for the outgoing packet (which still uses the proper destination address in its IP header).
Other lower-level transports work differently, for example PPP links have a "peer address", so their device route uses a netmask of /32, and they skip ARP resolution and just send packets as "broadcast" over the PPP link.
Some IP stacks require manual creation of the device route, which makes this a bit more obvious:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
route add default via 192.168.0.1
Routing table entries resolve a subnet to either a gateway or a network adapter.
A typical routing table for a device on a private network might, if you leave out the unnecessary stuff, look like
0.0.0.0/0 via 192.168.0.1
192.168.0.0/24 dev eth0
The most specific route wins for each destination, so the subnet route takes precedence over the default route for addresses in the subnet.
The gateway address is, in turn, resolved through the routing table, which determines the network interface it is given to as well as addressing on the lower layer.
So, for a packet to 1.1.1.1
, the destination is looked up in the routing table, returning the default route, which has a gateway. The gateway is looked up again, returning the Ethernet interface.
Ethernet has MAC addresses, so an ARP lookup is done for the gateway address, and the MAC address for the gateway is used for the outgoing packet (which still uses the proper destination address in its IP header).
Other lower-level transports work differently, for example PPP links have a "peer address", so their device route uses a netmask of /32, and they skip ARP resolution and just send packets as "broadcast" over the PPP link.
Some IP stacks require manual creation of the device route, which makes this a bit more obvious:
ifconfig eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 up
route add -net 192.168.0.0 netmask 255.255.255.0 dev eth0
route add default via 192.168.0.1
answered Jan 29 at 15:57
Simon RichterSimon Richter
995411
995411
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
add a comment |
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
Thanks for giving pointers.
– Semo
Jan 30 at 5:40
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f951217%2fdoes-a-gateway-of-a-subnet-need-to-be-a-real-computer%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
9
The modern and arguably more correct term for a gateway is router. Routers can exist purely in software, conventional computers such as PC's, laptops and server systems can be used as routers but generally dedicated hardware devices are used
– HBruijn
Jan 29 at 8:11
2
What do you mean by "logic entity"?
– Barmar
Jan 29 at 17:50
2
@HBruijn, in most cases a gateway is a router. The general term is that a gateway is the host on the network to which other hosts send traffic that it destined for a different network. That doesn't mean that is must be a router. It could be a proxy, ALG, etc. Also, there may be a corner case where any traffic destined for a different network needs to be trapped and not forwarded by the gateway, in which case it is not a router because it is not routing packets between networks.
– Ron Maupin
Jan 29 at 18:58
I'd wager that a system that is capable of making forwarding decisions based on destination ip addresses does not have to be Turing complete ... so, no, a router need not be a computer (same applies one level below for bridges and one level high for gateways, though possible to different extents. Nevertheless, each such system is typically a device (or collection of devices) that can be configured administratively or by additional applications (such as routing protocols) - and to even be able to process a configuration, these things tend to be (specialized) computers.
– Hagen von Eitzen
Jan 29 at 21:45
@Barmar I mean if a Gateway must be a specialized hardware device like a Bridge or Router, or if it could be just a piece of information like a setting in a server, which is kind of mutable, if you think in terms of programming languages.
– Semo
Jan 30 at 5:38