When entries are added to the FIB, the following specific rules are processed in sequence:
Rule 1: Routes with the same destination
- Adding a route when a route to the same destination exists but with a different routing tag
If a routing entry is to be entered into the FIB and a route with the same destination but a different
routing tag already exists there, then the existing route is overwritten by the newly added routing
tag.
Example:
- The INTRANET network (192.168.1.0/24) is set up on the router.
- The IPv4 routing table already contains a routing entry with the destination 192.168.45.0/24 and routing tag
0, which refers to the Internet remote site INTERNET-DEFAULT (DHCPoE). Since this is a routing entry for a
WAN connection with routing tag 0 (see rule 5), this route is also entered into all other routing
tables.
- A new entry is made in the IPv4 routing table for the destination 192.168.45.0/24 with routing tag 5, which
refers to the Internet remote site INTERNET-DEFAULT.
- The static route with routing tag 5 overwrites the DHCPoE route in the table with tag 5.
- The static route with routing tag 5 overwrites the DHCPoE route in the table with tag 5.
- Adding multiple routes with the same destination but different routing tags and tags that are unknown to the
FIB
If multiple routes with the same destination and different routing tags are entered into the FIB and
the routing tag of the routes is unknown to the FIB, the route is copied to all tables that
do not yet know this route.
Example 1:
- Along with the network INTRANET (192.168.45.0/24), two DMZ networks are set up (DMZ1 with 192.168.10.0/24 and DMZ2 with 192.168.20.0/24).
- A routing entry for destination 10.0.0.0/24 with routing tag 5 already exists in the IPv4 routing table, so
there is a table for routing tag 5 in the FIB.
- Two routes with the destination 192.168.1.0/24 are added to the IPv4 routing table for routing tags 1 and 2,
each of which point as next hop to an IP address in one of the DMZ networks (routing tag 1 to the IP address
192.168.10.253 in the DMZ1 and routing tag 2 to the IP address 192.168.20.253 in the DMZ2).
- The route for the DMZ1 interface is entered into the FIB both in the table with tag 0 and in the
table for tag 5.
- The route for the DMZ1 interface is entered into the FIB both in the table with tag 0 and in the
table for tag 5.
- In addition to the network INTRANET (192.168.45.0/24) with tag 0, a DMZ (192.168.10.0/24) with tag 0 is set up on the router and thus both are entered into the FIB in the table for routing tag 0.
- A routing entry for destination 10.0.0.0/24 with routing tag 5 already exists in the IPv4 routing table, so
there is a table for routing tag 5 in the FIB.
- A route with the destination 192.168.45.0/24 and tag 1 is added to the IPv4 routing table. The next hop for
this route is set to the IP address 192.168.10.253 in the DMZ.
- The route for the DMZ is entered in the FIB into the table with tag 5 but not in the table with tag
0, since an entry with tag 0 exists already (INTRANET) and the existing entry is preferred.
- The route for the DMZ is entered in the FIB into the table with tag 5 but not in the table with tag
0, since an entry with tag 0 exists already (INTRANET) and the existing entry is preferred.
- Adding multiple routes with the same destination and different routing tags and inserting the route into the FIB
into the table with tag 0
If multiple routes with the same destination and different routing tags are added, the route with the
lowest tag is added to the table with tag 0 unless it already contains a route with tag 0.
Example:
- The router is set up with the INTRANET network (192.168.45.0/24).
- Two routes with the destination 192.168.1.0/24 are added to the IPv4 routing table for routing tags 2 and 5,
each of which point as next hop to an IP address in the INTRANET network (tag 2 to 192.168.45.253 and tag 5
to 192.168.45.254).
- The route with tag 2 is transferred to the table with tag 0.
- The route with tag 2 is transferred to the table with tag 0.
- The router is set up with the INTRANET network (192.168.45.0/24).
- Different rule for routes with the DMZ interface
In contrast, routes with the DMZ interface and arriving from another tag can displace routes of the type Connected
WAN, provided they have the same destination network.
Example:
- The router is set up with the INTRANET network (192.168.1.0/24).
- A routing entry for the destination 192.168.45.0/24 with the tag 0 already exists. This is a separate route
of a DHCPoE connection (Connected WAN).
- A DMZ (192.168.45.0/24) with tag 1 is created.
- The original route of the type Connected WAN is overwritten by the route of the DMZ.
- The original route of the type Connected WAN is overwritten by the route of the DMZ.
Rule 2: Dynamic routing protocols
If the route is generated by a dynamic routing protocol (eBGP, iBGP, OSPF, RIP, LISP), the route in the FIB is inserted into the table with the routing tag that was handed over.
Rule 3: Configuring a loopback address
- If routing tag 0 is handed over, the route is inserted into all tables of the FIB.
- If the routing tag handed over is not equal to 0, the route is entered into the FIB in the table with the assigned routing tag and also into the table with the routing tag 0.
Rule 4: Routes with the destination DMZ can be reached from all networks
Routes with the DMZ as their destination (e.g. an IP network with the type DMZ) can be addressed via any routing tag, since an entry is automatically created for the DMZ in the FIB for each routing tag configured in the router.
Rule 5: Routes with a destination in the WAN and handling static routes
- If the route has the routing tag 0 and the destination interface is the WAN (Internet remote site), or you are configuring a static route with routing tag 0 (in the IPv4/IPv6 routing table), the route is inserted in the FIB into all tables.
- If the route has a tag other than 0, the route is inserted into the FIB with the configured tag.
Rule 6: Routes with a destination in the LAN
- If a route is entered with a destination in the LAN (i.e. an IPv4/IPv6 network) with the routing tag 0, the route is only inserted into the FIB table with the routing tag 0.
- If a route is entered with a destination in the LAN (i.e. a IPv4/IPv6 network) and a routing tag other than 0, the route is entered into the FIB table with the assigned routing tag and is also entered into the table with routing tag 0.
Rule 7: Behavior in cases not described above
If none of the above rules apply, the route is only inserted into the FIB table with the routing tag as handed over.
If a routing entry is removed from the FIB, there is a search for an equivalent replacement that meets the rules described in rule 1 – 7. If the FIB no longer contains a routing entry for a specific routing tag, the associated table is deleted.