I am going to be taking the RHCE but still confused on this objective. I heard we are NOT to use the route command but to use the ip route command instead. I found a web site that is a bit helpful but not helpful enough for me to understand completely so I am coming here for that.

This site is extremely helpful in converting the route commands to the ip route command
http://homepage.smc.edu/morgan_david...e-exercise.htm

But I'd like to know what is the actual subnet the machine that is being configured for the static routes is on? I see the admin is adding a static route to reach a host on the 192.168.4.0/24 network, specifically the first command which is:

But what is the subnet of this actual machine? Is it 192.168.3.0/24? 5.0/24? Who knows?

Also, by just adding that static route (I know that 'dev eth0 is optional here), how does the machine know where to query for this new subnet without an additional gateway? Does it just go through /etc/resolv.conf and the DNS box it consults knows to reach the firewall/router box (obviously) and this box is the one configured with the 2 subnets already? Should we add in a default gw? I see the other commands below it.

But what does this do?
Its adding the entire 192.168.5.0 network to the machine but using a default gw of 192.168.4.1? Where is this gw found? On the machine itself? How can that be?

Thanks

Both the route and ip route commands can be used to manipulate the kernel routing table, but route lacks support for several advanced routing features, such as multiple routing tables and policy routing.
The above command will add an entry to the routing table for a single IPv4 address, 192.168.4.2/32. There's no way to know the size of the IP network that host is a part of, based on that routing entry alone.

Normally, you add routes for networks of a certain size, not a single address, but in any case there's no way to know for certain the network size (really the netmask) associated with any given IP address, unless you have access to a system in that network or the network administrator (or someone else with knowledge of the network) tells you. (Yes, you can send an ICMP address mask request, but don't expect a reply; such packets are usually filtered.)

Using the "dev" option in a route command says "this host/network is local to the specified interface". In your example, 192.168.4.2 is supposedly local to eth0, meaning the system on which this route is added will send an ARP request out eth0 for 192.168.4.2 when it needs to communicate with that host.

Routing never involves any higher-level protocols like DNS, and no name resolution is attempted during routing. The local routing table is the only component involved when the TCP/IP stack needs to route a packet.

Routing is all about finding the next-hop address, that is, the address of a router capable of delivering packets to a given host or network.

The route command above very much represents the typical way of adding a static route. The command says "any packets destined for 192.168.5.0/25 should go via the router 192.168.4.1". The address of the next-hop router (192.168.4.1) must be local (that is, part of a connected network) to the system on which you are entering the command.

So, what does 192.168.4.1 do with the packet? We don't know. And if the route command specified a single IP address, what is the size of that host's network? We don't know that either, and we don't really need to. All we must know, is the address of the next-hop router for any given host with which we want to communicate.

Adding routes using the "dev" parameter is really only used when an interface is configured as a point-to-point link (typically a /30 IPv4 subnet) to a router.