The Internet Protocol uses routing information to decide how to send datagrams to their destination. If your computer has more than one active IP interface or is connected to more than one IP gateway, the default routing information from the Network Preferences Panel may not be sufficient for IP to determine where datagrams should be sent.

The Routes window allows you to add or remove routes that IP uses to decide where to send datagrams. To define a route, you need to specify the range of destination IP addresses that should use this route ("Destination"), and where they should be sent to ("Gateway").

To specify the range of addresses that should use a route, you enter a template IP address or network number for the "Destination" and indicate how packets matching this description should be handled as follows:

Route Type = Default

A default route matches any packet that isn't otherwise matched by a more specific route (Destination and forwards them to the specified gateway or router. You can think of a default gateway as one that tries to deliver packets for any destination. The BSD stack used in Mac OS X allows only a single default gateway in its routing table.

Route Type = Direct

A direct route forwards packets to a directly attached network or interface. The Destination will specify an address range of the form <IP Address>/<Prefix Length> where the prefix length indicates how much of the address must match. The Gateway can refer to the IP address of a local interface on this machine, or be left empty or begin with the word "link" to use the corresponding network port from the Interface PopUp such as "en0" or "ppp0". By specifying a network port, the route will remain valid even if the IP address changes.

Route Type = Host

A host route indicates the destination must match the complete IP address of a single host. The Gateway can be the address of a host on a directly attached network or a local interface similar to a direct route.

Route Type = Indirect

An indirect route forwards packets to the specified gateway or router. The Destination will specify an address range of the form <IP Address>/<Prefix Length> where the prefix length indicates how much of the address must match. The Gateway will specify the IP address of the next hop router.


ARP stands for Address Resolution Protocol which defines how IP addresses are converted to a physical hardware address needed to deliver packets to directly attached devices. Normally when a host needs to determine the hardware address for an IP address, it broadcasts an ARP request asking "who has" that IP address. Any device that recognizes that IP address as one of its own then responds with the corresponding hardware address. To reduce the number of requests, hosts maintain a table of hardware addresses they have recently discovered called an ARP cache (which is often implemented as part of the routing table). The ARP tab of the Routes window allows you to view and modify this table. You can add permanent entries and designate entries to be "Published" or used for "Proxy" ARP which means IP addresses that this machine should recognize as one of its own and respond to with a corresponding hardware address.

Normally, the IP software creates the ARP entries that need to published for each IP interface as needed. In some cases, you may wish to create additional entries that do not correspond to an IP interface so that your gateway will accept and forward packets for other IP addresses. This technique is referred to as Proxy ARP. Proxy ARP tells other hosts on a directly attached network to route packets for a specified IP address to this gateway. To create a Proxy ARP entry, enter the desired IP address, select the desired network port from the interface popup menu (leaving the HW Address field empty), and select the "Proxy" attribute.

In Mac OS X, the ARP table is the part of the routing table that specifies hardware addresses. The table is displayed under separate "Routes" and "ARP" tabs to make it easier to consider each abstraction separately.

Editing and Saving Your Changes

Clicking on a row in the Routes or ARP table will automatically transfer the corresponding information to the data entry fields below the table. To remove a route or ARP entry, select the corresponding row from the table and press the "-" button. To add a new entry, fill in the parameter fields below and press the "+" button.

You can save an IP configuration (routes & ARP) to a settings document and then restore this configuration later by opening the corresponding IPNetRouterX settings. Since the BSD stack creates route and ARP entries it needs automatically, you can designate which entries you want to save and restore by checking the "Save" column. Since the "Routes" window shows the actual routes the IP layer knows about, you can only open one document at a time to restore a previous configuration.

Specifying a Range of IP Addresses

The concept of routing packets based on their corresponding range of IP addresses is central to the design of the Internet and has evolved over time resulting in several different terms and notations being used.

A "subnet mask" or "prefix length" is just a convenient shorthand for specifying a range of IP addresses. An IP address can be represented as a 32-bit binary number. To define a range of addresses, we divide these 32-bits into a network part and a host part. The subnet mask or prefix length tells us where the split occurs. If our gateway machine is assigned a local address of and we want to indicate that this is from a range of 256 addresses, we can write this as where the "/24" is the prefix length and indicates that the first 24-bits are used as the network part. Alternativey, we can specify a subnet mask of which effectively says the same thing. The Subnet Calculator tool in IPNetRouterX is useful for converting between IP address ranges, subnet masks, prefix lengths, network numbers, and host numbers.

A range of IP addresses defined by a subnet mask is sometimes called an "IP subnet". Some references use the term "network mask" in place of subnet mask. Historically, subnet masks were not required to be contiguous (all 1's follow by all 0's), but this practice is discouraged and no longer widely used because it was less efficient. As the Internet expanded, the need to keep routing and address assignment as efficient as possible became more important. Specifying network ranges as an IP address and prefix length is the preferred technique adopted by the next generation of Internet Protocols, and is sometimes referred to as "CIDR notation" (Classless Inter-Domain Routing).

Previous | Next | Return to IPNetRouterX Help