​What is a Default Gateway?

A default gateway is where all your internet traffic goes first before leaving your network. That’s pretty much it.

“But that’s just my router.”, you might say, and you’re not wrong, but not all routers are gateways. Technically, routers do just one major thing: route. When a packet comes in, they glare at it (in the case of stateful packet inspection), look at their clipboard over their spectacles, and then tell the packet what its next destination is and what port to go out.

“But my router also does port forwarding.” It’s doing NAT, Network Address Translation, and also working double duty as a firewall. Your router is actually more than just a router, even though we most commonly call it that–it’s a Residential Gateway. You might also rely on it for DNS or other network services. It’s a jack of all trades.

Because your router speaks all these different languages, and often translates between them or makes decisions based on different protocols across multiple networks, it’s considered a gateway. Gateways connect multiple networks using multiple protocols and bridge layers of the standard networking model. This is also why they’re such powerful devices.

However, a default gateway is not something your router decides to be. Instead, the devices on its LANs–the networks “behind” it that are local to your home, business, preferred coffee shop, or wherever else you’re connected to the internet–decide to send all their traffic to this gateway.

They do this by themselves being routers. All internet-capable devices typically have what’s called a routing table, which is just a list of where to send packets according to their IP address. There are some more complex routing functions that set different routes according to other features, known as policy-based routing, as well, but our main concern is the basic routing table. Typically it needs to have at least two entries: which port do we send packets to our default gateway on, and which IP do we send them to. This looks something like:

192.0.0.1 dev ens10

default via 192.0.0.1 dev ens10

These have been greatly simplified, but here the IP 192.0.0.1 is the Default Gateway (or default route), ens10 is the network device the computer is connected through (probably an ethernet port), and the first word of the second route, “default” is a keyword that the router translates to the network 0.0.0.0/0 (or 0/0 in shorthand, and ::0/0 in IPv6). What’s the IP 0/0? That’s the whole internet. That’s arguably where the default in default gateway comes from.

You can find your computer’s routing information using these commands on the command line:

Windows:  route PRINT

Linux:  ip route, ip -6 route, route

MacOS:  netstat -rn

Your router will typically also accept the “ip” or the “route” commands, because it is most likely Linux-based. The default for Linux is to return IPv4 routes; a “-6” argument will return IPv6 instead.

Curiously, if your ISP supports IPv6, you may notice that your IPv6 Default Gateway and your IPv4 Default Gateway are listed in your router as different IPs. Partially, this is because IPv4 devices cannot use IPv6 (but IPv6 addresses contain IPv4: the IPv4 default gateway from earlier can be written ::ffff:192.0.0.1 in IPv6).

Alternatively, under Windows 10 you can find your network information in the UI by typing “Network Status” into the Start Bar search (or finding Network & Internet -> Status in Settings) and clicking the “View hardware and connection properties” option on the Network Status page:

On Windows 11 scroll down to “Advanced network settings” and click “Hardware and connection properties”.

On MacOS this info can be found either by going to System Preferences -> Network and selecting the appropriate connection device (usually either Ethernet or Wi-Fi), or by clicking the Apple, selecting “About This Mac”, then clicking “System Report”, selecting the “Network” section, and then the relevant device. The second option is the long way around, but provides more information.

On Linux this will vary, but it’s generally best found via command line.