The default gateway is the device that routes traffic from the local network to devices on remote networks. In a home or small business environment, the default gateway is often used to connect the local network to the Internet.
If the host is sending a packet to a device on a different IP network, then the host must forward the packet through the intermediate device to the default gateway. This is because a host device does not maintain routing information, beyond the local network, to reach remote destinations. The default gateway does. The default gateway, which is most often a router, maintains a routing table. A routing table is a data file in RAM that is used to store route information about directly connected network, as well as entries of remote networks the device has learned about. A router uses the information in the routing table to determine the best path to reach those destinations.
So how does a host keep track of whether or not to forward packets to the default gateway? Hosts must maintain their own, local, routing table to ensure that network layer packets are directed to the correct destination network. The local table of the host typically contains:
- Direct connection - This is a route to the loopback interface (127.0.0.1).
- Local network route - The network which the host is connected to is automatically populated in the host routing table.
- Local default route - The default route represents the route that packets must take to reach all remote network addresses. The default route is created when a default gateway address is present on the host. The default gateway address is the IP address of the network interface of the router that is connected to the local network. The default gateway address can be configured on the host manually or learned dynamically.
It is important to note that the default route, and therefore, the default gateway, is only used when a host must forward packets to a remote network. It is not required, nor even needs to be configured, if only sending packets to devices on the local network.
For example, consider a network printer/scanner. If the network printer has an IP address and subnet mask configured, then local hosts can send documents to the printer to be printed. Additionally, the printer can forward documents that have been scanned to any local hosts. As long as the printer is only used locally, a default gateway address is not required. In fact, by not configuring a default gateway address on the printer, you are effectively denying Internet access, which may be a wise security choice. No Internet access means no security risk. While devices, such as printers, may offer the capability to perform automatic updates via the Internet, it is usually easier and more secure to achieve those same updates via a local upload from a secured local host, such as a PC.