Community Pick: Many members of our community have endorsed this article.
Editor's Choice: This article has been selected by our editors as an exceptional contribution.

Briefly explain gateways, default gateways and static routes.

Keith AlabasterEnterprise Architect
CERTIFIED EXPERT
Published:
Updated:
A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device.

In simple terms a gateway is formed when a computer such as a server or PC has a network connection between two or more networks or subnets. Generally, such a connection is created by the host server or PC having two or more network cards installed and each having an IP address and subnet mask from a different IP address range.

A Default Gateway is simply the IP Address that a server or PC will send traffic to if it does not know of a more specific gateway to use.

An example might be as per the following taken from two of my own Windows 2003 R2 servers called GW1 and GW2.

Server GW1:
+----------------------------------------------------------------+
                      |Interface|IP Address    |Mask          |Default Gateway         |
                      +----------------------------------------------------------------+
                      |Nic 1:   |192.168.0.222 |255.255.255.0 |{Intentionally Blank}   |
                      |Nic 2:   |10.168.0.2    |255.255.255.0 |10.168.0.1              |
                      +----------------------------------------------------------------+

Open in new window

Server GW2:
+----------------------------------------------------------------+
                      |Interface|IP Address    |Mask          |Default Gateway         |
                      +----------------------------------------------------------------+
                      |Nic 1:   |192.168.0.6   |255.255.255.0 |192.168.0.222	         |
                      |Nic 2:   |192.168.5.1   |255.255.255.0 |{Intentionally Blank}   |
                      +----------------------------------------------------------------+

Open in new window

This configuration allows the server GW1 to direct any TCP/IP network traffic it receives that is destined for IP addresses within either the 10.168.0.0 or the 192.168.0.0 networks out of the appropriate network card. Basic network knowledge and the same principle would apply if I added a third or fourth Nic to the server with additional, non-overlapping IP address ranges.

A network may, of course, consist of a number of servers such as GW1 and GW2 with each holding routes to various networks and subnets and each of these are therefore classified as gateways.

By using either routing protocols or by using route statements, information is advertised to other servers or devices connected to the network on the location of these gateways and the other networks that they connect to.

For example, I have a computer called PC1 that has the following configuration:
+----------------------------------------------------------------+
                      |Interface|IP Address    |Mask          |Default Gateway         |
                      +----------------------------------------------------------------+
                      |Nic 1:   |192.168.5.14  |255.255.255.0 |192.168.5.1	         |
                      +----------------------------------------------------------------+

Open in new window

PC1 can communicate with all devices on the 192.168.5.0 subnet because PC1 is directly connected to this network. PC1 is also aware that if it needs to talk to any computer or device that is NOT on its local subnets it will need to consult its local routing table to see if it has been provided with a specific route.

You can manually check the routes on a server or workstations using the 'route print' command from a Windows CMD prompt.

In this instance, PC1 wishes to communicate via a ping message with the server GW1 at 192.168.0.222. After checking its local route table, PC1 recognises that it does not know how to find 192.168.0.222 and therefore will send the traffic to its DEFAULT gateway at 192.168.5.1. The server GW2 is a gateway and knows how to get to 192.168.0.222 because it is directly connected and so the traffic is delivered successfully. However, the cmd prompt on PC1 shows that the ping has failed.

The reason for the failure is that the Server GW1 knows nothing about the network on 192.168.5.0 as no route information has been provided. The Server GW1 knows about the networks on the 10.168.0.0 and the 192.168.0.0 subnets as these are directly attached. It also knows that if it needs to talk to a computer or device that is on a network that it does not specifically know about then it must send that traffic to its default gateway. In this case, the default gateway for GW1 is at 10.168.0.1.

Again, absolutely standard network practice and should not be of any surprise to anyone. Unfortunately though - it is a surprise to a great many people - and the often-used resolution is to put a second default gateway in to the configuration. In this case it would be to put a default gateway onto Nic 1 on the GW1 Server.

Let me repeat the explanation of a default gateway. It is the IP Address that a server or computer will use to send network traffic when it has not got a more specific route to use, it is a 'last resort' - i.e., I have no idea where to send this traffic so i will send it to my default gateway.

What do you think happens if you have TWO default gateways - confused? I expect you are and so is your computer as it now has to make a choice. The server can only select one default gateway but which one? The answer is that it will arbitrarily select whichever one it feels like at the time. It may choose the first default gateway for one packet and the other default gateway for the second packet but in all cases it is problematic and more importantly, it is NOT SUPPORTED.

So - what is the correct approach? The correct way of doing this is to have ONE default gateway and then to use static routes (or routing protocols) to sort out the route tables. In the example given, we need to tell Server GW1 how to find the 192.168.5.0 network and we do this through route statements.

At a CMD prompt on Server GW1, we type in the following command:
Route -p add 192.168.5.0 mask 255.255.255.0 192.168.0.6

Open in new window


This command tells Server GW1 that to send traffic to network devices using the 192.168.5.0 it must do so through the gateway located at 192.168.0.6. After adding this command, the ping messages sent from PC1 are replied to correctly. Similar route add commands may be required on other gateways or routers.

Bottom line - only one default gateway on any one server or other network device. It is worth remembering that the same applies if you have a Wireless adapter on your laptop. If you try and have both the Wired connection and the Wireless connection operating at the same time you will also have the same issues as both will likely have a default gateway set so disable one or the other or use static routes.

It is also worthwhile here reiterating the difference between multiple gateways and multiple default gateways. They are NOT the same thing. Within the TCP/IP advanced configurations for Windows operating systems, you will see the option for adding additional gateways. This is fine because you may have more than one route or gateway to a given network. The fact remains though that only ONE default gateway should be used and this is the only supported environment.

Finally, a default gateway should always point to an IP address that will provide access to the most networks. In this day and age of course this generally results with the final default gateway being the point where internal networks join the internet. The same is the case in my own example where the default gateway of GW1 points to 10.168.0.1 - the internal Nic of my external router.
14
19,115 Views
Keith AlabasterEnterprise Architect
CERTIFIED EXPERT

Comments (2)

Kevin CrossChief Technology Officer
CERTIFIED EXPERT
Most Valuable Expert 2011

Commented:
Nice work, Keith!
Voted yes above.
CERTIFIED EXPERT

Commented:
Hi Keith, Nice Article, see this Line

"The reason for the failure is that the Server GW1 knows nothing about the network on 195.168.5.0 as no route information has been provided."

I think it needs to be changed to-

"The reason for the failure is that the Server GW1 knows nothing about the network on 192.168.5.0 as no route information has been provided."

Very good article, I voted yes earlier and referenced it in this thread.https://www.experts-exchange.com/questions/24993507/force-windows-7-with-multiple-internet-connections-to-use-only-one.html?anchorAnswerId=26094187#a26094187

Ravi.

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.