The RIB (Routing Information Base) and FIB (Forwarding Information Base) are two distinctly different tables. A novice user inputting routes into a machine would assume that when forwarding packets, the router simply looks at the configuration file and reads the “ip route” statements, but this is not the case.
RIB
The RIB is the list of all routes inputted whether it be by dynamic or static protocols. It can be thought of as the control plane level of routing. When a route is entered, it goes straight into the RIB. While routes are inputted into the RIB, they ARE NOT read off of it. Instead, the RIB is analyzed by the OS when new routes are entered, and the most efficient routes are entered into the FIB as well as the appropriate next hops.
FIB
The FIB is what is used to determine next hops for incoming packets. The FIB holds a definitive list of routes that know exactly where to send incoming packets. In the RIB, there may be multiple routes with the same prefix, but this will not be the case in the FIB. When the routes are put into the FIB, the most efficient one will be determined and be entered.
Now the obvious question is: Why not enter routes directly into the FIB? This whole RIB things seems unnecessary.
There are two main issues with entering directly into the FIB: capacity and recursive routes. In routers, the FIB has to be read at incredibly fast speeds in order to make quick decisions and route traffic quickly. In order to do this, the FIB is stored on DRAM. This is incredibly quick to access, but it is also very small. This means that often an entire RIB cannot be stored, so it must be consolidated into a smaller FIB to fit on DRAM. The second problem is with recursive routes. Typically, a next hop always must be an IP directly connected via ARP. If it is not, the router must break down that route into multiple other routes to create a set of routes that are all connected via ARP.
ARP
ARP has been mentioned multiple times, but we haven’t really defined it yet. ARP (Address Resolution Protocol) is used for mapping directly connected devices’ network addresses.
ARP first does this by sending out a request. ARP broadcasts its IP and MAC address as well as the desired destination address. If any of the hosts receiving the broadcast have the desired IP, they send back a response with their MAC address. When the first host receives this packet, it will update its ARP cache with the MAC address of the other host. Now, these two hosts can talk to each other because each has the MAC address of the other.