route print command show almost all On-link gateway

Question

Trying to learn about routing tables, when preforming route print on cmd window I get this result on the IPv4 table:

===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.9     50
         10.0.0.0    255.255.255.0         On-link          10.0.0.9    306
         10.0.0.9  255.255.255.255         On-link          10.0.0.9    306
       10.0.0.255  255.255.255.255         On-link          10.0.0.9    306
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link          10.0.0.9    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link          10.0.0.9    306
===========================================================================

From my understanding, the Network Destination and Netmask combine show the Network ID, and Gateway is the "next hop" meaning it is the address where addresses from Network ID can get to the internet, via the Interface on the right.

This table is different from other I seen on line, and almost all the gateways are On-link. From a simple google search, I found those On-link mean addresses reachable locally (my router's address?) so On-link=10.0.0.138 in this example? And since network ID is all 0.0.0.0 that means the only routing available on my system is going to 10.0.0.138 through 10.0.0.9? If so why I need the other rows? If I'm wrong I would love to know better.

Thanks.

[tag:osi] has nothing to do with this, or with anything else in the real world either. — user207421, Aug 30 '20 at 05:20

manish ma · Accepted Answer · 2020-06-05T19:47:51.843

2

"on-link" doesn't equal 10.0.0.138. It means that the destination network is directly attached to the interface - meaning traffic that matches this route entry will trigger an ARP request that should be sent from this link to resolve the destination IP directly (not the gateway 10.0.0.138). This is also called "glean adjacency". The 10.0.0.9 route instructs packets with destination IP 10.0.0.9 to be sent to the CPU (AKA punt adjacency). 127.0.0.0/24 network is for internal communication within the machine. 224.0.0.0/4 is for multicast traffic.

edited Jun 05 '20 at 19:47

answered Jun 05 '20 at 19:35

manish ma

1,706
1
14
19

So basically "on-link" is "IDK but you can find it yourself with an ARP request?" And why the 10.0.0.138 is the next hop of addresses from 0.0.0.0/0, doesn't that mean EVREY address will be directed to 10.0.0.138? If so, whats the point of the other rows? If not, what does 0.0.0.0/0 actually means? THANKS AGAIN. – Gal Birka Jun 05 '20 at 19:46
1

Routing works based on longest prefix match. 0.0.0.0/0 is the worst match possible, so only packets that didn't match any other entry will match it. – manish ma Jun 05 '20 at 19:49

route print command show almost all On-link gateway

1 Answers1