How does Mac OSX prioritize network interfaces when routing?

20

4

To give a concrete example, how does OSX choose which of these default entries from netstat -nr to route to? 

Destination        Gateway            Flags        Refs      Use   Netif Expire
0/1                10.10.99.100       UGSc            0        0    ppp0
default            192.168.1.1        UGSc            5        0     en0
default            192.168.1.1        UGScI           1        0     en1
default            192.0.2.1          UGScI         157        2    ppp0

From what I have been able to tell OSX uses metrics on its interfaces rather than on its routing table entries. But by default all of those interface metrics are 0 so how does it choose? Last created interface?

I've seen some folks suggest its the order in the Network preferences, but in my case the ppp0 interface (from SonicWall NetExtender) isn't listed there.

There is some discussion in this thread, but no answer that I see.

studgeek

Posted 2012-09-10T19:11:52.563

Reputation: 1 805

Have you find out how to set route metric? – endryha – 2015-12-01T19:37:52.320

Answers

8

Most systems follows these rules when choosing which route to use:

  • Find the most specific ones (i.e. the ones with the longest matching prefix).
  • Choose the one with the highest priority.

On Linux (and, I think, on Windows) priority is determined by metric, but it is not the case on macOS as you correctly pointed out. Instead of assigning metrics to individual routes, macOS assigns priorities to interfaces. You can use networksetup -listnetworkserviceorder to view this order and networksetup -ordernetworkservices to change it.

Now, this route from your output makes me think that in your case specificity also plays its role:

Destination        Gateway            Flags        Refs      Use   Netif Expire
0/1                10.10.99.100       UGSc            0        0    ppp0

This route covers the bottom half of the address space and therefore I would expect to also find:

128.0/1            10.10.99.100       UGSc            0        0    ppp0

in your routing table. This is a standard trick VPN software uses to prioritise its routes over default: it adds two routes which together cover all IP addresses, but each of them is more specific than default, so they win.

kirelagin

Posted 2012-09-10T19:11:52.563

Reputation: 2 664

On Linux, priority is only determined by metric for single routing table cases, however higher priority rules can override metric of routes from another tables with lower prio rule entry in multiple routing table cases. Also with dynamic routing, one has to consider the lowest administrative distance. – Moreaki – 2019-02-03T21:25:35.810

Thanks you so much for: "This is a standard trick VPN software uses to prioritise its routes over default". This finally helped me understand WTF was going on in my case. – ipmcc – 2019-05-02T16:06:26.053

15

Any routing table which has multiple default routes with equal metrics does load balancing. The case with a mac though is that it will select the first interface which is in the interface list. If you want to see and change the list, go to "open network preferences", here you will see a list of network interfaces like ethernet, airport, ppp through mobile or 3g, etc. Below the list, you will see an asterisk shaped option with a down arrow. Click this and set the "set service order". Here you can change preference of your particular interface.

http://www.sustworks.com/site/prod_ipnrx_help/html/AlternateRouteHelp.html

Samir Sogay

Posted 2012-09-10T19:11:52.563

Reputation: 193

3Is there any source you can reference that confirms this? If you can reference a site that'll make your answer more worthwhile and people will vote it up. – slm – 2012-12-29T13:20:58.773

1

"Set service order" can be confirmed here: OS X Mountain Lion: Change the priority of your network connections

– David Moles – 2013-08-15T02:57:26.993

Asked: 2012-09-10T19:11:52.563

Viewed: 21 300 times

Active: 2018-06-20T11:35:10.397