version 1.29, 2004/02/13 07:14:51 |
version 1.30, 2004/03/24 07:38:36 |
|
|
<p> |
<p> |
<h3> |
<h3> |
<ul> |
<ul> |
|
<li><a href="#35">3.5: "CARP License" and "Redundancy must be free"</a> |
<li><a href="#34">3.4: "The Legend of Puffy Hood"</a> |
<li><a href="#34">3.4: "The Legend of Puffy Hood"</a> |
<li><a href="#33">3.3: "Puff the Barbarian"</a> |
<li><a href="#33">3.3: "Puff the Barbarian"</a> |
<li><a href="#32">3.2: "Goldflipper"</a> |
<li><a href="#32">3.2: "Goldflipper"</a> |
|
|
</ul> |
</ul> |
</h3> |
</h3> |
<p> |
<p> |
|
|
|
<hr> |
|
<a name=35></a> |
|
<h2><font color="#00b000">3.5: "CARP License" and "Redundancy must be free"</font></h2> |
|
<table border=0 cellspacing=0 cellpadding=2 width="100%"> |
|
<tr> |
|
<td valign="top" width="28%"> |
|
OpenBSD 3.5 CD2 track 2 is an<br> |
|
uncompressed copy of this skit & song.<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/songs/song35.mp3">MP3 version of song (3.5 minutes, 7.0MB)</a><br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/songs/song35.ogg">OGG version of song (3.5 minutes, 5.1MB)</a><br> |
|
<br> |
|
<br> |
|
<a href="images/Carp.gif"><img alt="CARP" src="images/Carp.gif"></a> |
|
<br> |
|
<br> |
|
<em> |
|
A common theme used by the comedy crew Monty Python was to emphasize |
|
and exaggerate ridiculousnesses that their target had imposed upon |
|
themselves. Few things could be considered as humorous as making a |
|
redundancy protocol... redundant; e.g. being forced to replace it by |
|
Cisco lawyers and IETF policy. |
|
<p> |
|
We've been working a few years now on our packet filtering software |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
|
and it became time to add failover. We want to be able to set up pf |
|
firewalls side by side, and exchange the stateful information between |
|
them, so that in case of failure another could take over 'keep state' |
|
sessions. Our |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4">pfsync(4)</a> |
|
protocol solves this problem. However, on both sides of the firewall, |
|
it is also necessary to have all the regular hosts not see a |
|
network failure. The only reliable way to do this is for both |
|
firewall machines to have and use the same IP and MAC addresses. But |
|
the only real way to do that is to use multicast protocols. |
|
<p> |
|
The IETF community proposed work in this direction in the late |
|
90's, however in 1997 Cisco informed them that they believed some of |
|
Cisco's patents covered the proposed IETF VRRP (Virtual Router |
|
Redundancy Protocol); on |
|
<a href="http://www.ietf.org/ietf/IPR/VRRP-CISCO"> |
|
March 20, 1998 they went further and specifically named their HSRP |
|
"Hot Standby Router Protocol" patent</a>. Reputedly, they were upset |
|
that IETF had not simply adopted the flawed HSRP protocol as the |
|
standard solution for this problem. Despite this legal pressure, the |
|
IETF community forged ahead and published VRRP as a standard even |
|
though there was a patent in the space. Why? |
|
<a href="http://www.cs-ipv6.lancs.ac.uk/ipv6/documents/standards/general-comms/ietf/vrrp/vrrp-minutes-97dec.txt"> |
|
There was much deliberation</a> |
|
at all levels of the IETF, and unfortunately for all of us the |
|
politicians within eventually decided to allow patented technology in |
|
standards -- as long as the patented technology is licensed under RAND |
|
(Reasonable And Non Discriminatory) terms. As free software |
|
programmers, we therefore find ourselves in the position that these |
|
RAND standards must not be implemented by us, and we must deviate from |
|
the standard. We find all this rather Unreasonable and Discriminatory |
|
and we *will* design competing protocols. Some standards organization, |
|
eh? |
|
<p> |
|
Due to some HSRP flaws fixed by VRRP and for compatibility with the |
|
(HSRP-licensed) VRRP implementations of their competitors, Cisco in |
|
recent times has largely abandoned HSRP and now relies on VRRP instead |
|
-- a protocol designed for and by the community, but for which they |
|
claim patent rights. |
|
<p> |
|
On August 7 2002, after many communications, Robert Barr (Cisco's |
|
lawyer) firmly informed the OpenBSD community that Cisco would defend |
|
its patents for VRRP implementations -- meaning basically that it was |
|
impossible for a free software group to produce a truly free |
|
implementation of the IETF standard protocol. Perhaps this is because |
|
Cisco and Alcatel are currently engaged in a pair of patent lawsuits; a |
|
small piece of which is Cisco attempting to use the HSRP patent |
|
against Alcatel for their use of VRRP. Some IETF working group |
|
members took note of our complaints, |
|
<a href="http://lists.microshaft.org/pipermail/dmca_discuss/2003-April/004702.html"> |
|
however an attempt in April 2003 to have the IETF abandon the use of |
|
patented technology failed to "reach consensus" in the IETF</a>. |
|
<p> |
|
A few years ago, the W3C, who designs our web protocols, tried to move |
|
to a RAND policy as well (primarily because of pressure from Microsoft |
|
and Apple), but the community outrage was so overpowering that they |
|
backed down. Some standards groups use this policy, while others |
|
avoid it -- the one differentiation being the amount of corporate |
|
participation. In the IETF, the pro-RAND agents work for AT&T, |
|
Alcatel, IBM, Cisco, Microsoft, and other large companies. Since IETF |
|
is an open forum, they can blend in as the populace, and vote just |
|
like all others, except against the community. |
|
<p> |
|
Translation: In failing to "reach consensus", the companies who |
|
benefit from RAND won, and the community lost again. |
|
<p> |
|
Left with little choice, we proceeded to reinvent the wheel or, more |
|
correctly, abandon the wheel entirely and go for a "hovercraft". We |
|
designed CARP (Common Address Redundancy Protocol) to solve the same |
|
problem that these other protocols are designed for, but without the |
|
same technological basis as HSRP and VRRP. We read the patent |
|
document carefully and ensured that CARP was fundamentally different. |
|
We also avoided many of the flaws in HSRP and VRRP (such as an inherent |
|
lack of security). And since we are OpenBSD developers, we designed |
|
it to use cryptography. |
|
<p> |
|
The combination of |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>, |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4">pfsync(4)</a>, and |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=carp&sektion=4">carp(4)</a> |
|
has permitted us to build highly redundant firewalls. To date, we |
|
have built a few networks that include as many as 4 firewalls, all |
|
running random reboot cycles. As long as one firewall is alive in a |
|
group, traffic through them moves smoothly and correctly for all of |
|
our packet filter functionality. Cisco's low end products are unable |
|
to do this reliably, and if they have high end products which can do |
|
this, you most certainly cannot afford them. |
|
<p> |
|
As a final note of course, when we petitioned IANA, the IETF body |
|
regulating "official" internet protocol numbers, to give us numbers |
|
for CARP and pfsync our request was denied. Apparently we had failed |
|
to go through an official standards organization. Consequently we |
|
were forced to choose a protocol number which would not conflict with |
|
anything else of value, and decided to place CARP at IP protocol 112. |
|
We also placed pfsync at an open and unused number. We informed IANA of |
|
these decisions, but they declined to reply. |
|
<p> |
|
This ridiculous situation then inspired one of our developers to create |
|
this parody of the well-known Monty Python skit and song. |
|
<br> |
|
</em> |
|
</td><td valign="top" width="3%"> |
|
<br> |
|
</td><td valign=top width="33%"> |
|
<br> |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Hello, I would like to buy a CARP license please. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
A what? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
A license for my network redundancy protocol, CARP. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Well, it's free isn't it? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Exactly, the protocol's name is CARP. CARP the redundancy protocol. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
What? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
He is an.... redundancy protocol. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
CARP is a free redundancy protocol! |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Yes, I chose it out of three, I didn't like the others, |
|
they were all too... encumbered. And now I must license it! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
You must be a looney. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
I am not a looney! Why should I be tied with the epithet looney merely |
|
because I wish to protect my redundancy protocol? I've heard tell |
|
that Network Associates has a pet algorithm called RSA used in IETF |
|
standards, and you wouldn't call them a looney; Geoworks has a claim |
|
on WAP, after what their lawyers do to you if you try to implement it. |
|
Cisco has two redundant patents, both encumbered, and Cadtrack has a |
|
patent on cursor movement! So, if you're calling the large American |
|
companies that fork out millions of dollars for the use of XOR a |
|
bunch of looneys, I shall have to ask you to step outside! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Alright, alright, alright. A license. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Yes. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
For a free redundancy protocol? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Yes. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
You are a looney. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Look, it allows for bleeding redundancy doesn't it? Cisco's got a |
|
patent for the HSRP, and I've got to get a license for me router |
|
VRRP. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
You don't need a license for your VRRP. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
I bleeding well do and I got one. It can't be called VRRP without it |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
There's no such thing as a bloody VRRP license. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Yes there is! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Isn't! |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Is! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Isn't! |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
I bleeding got one, look! What's that then? |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
This is a Cisco HSRP patent document with the word "Cisco" crossed |
|
out and the word "IETF" written in in crayon. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
The man didn't have the right form. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
What man? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Robert Barr, the man from the redundancy detector van. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
The looney detector van, you mean. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Look, it's people like you what cause unrest. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
What redundancy detector van? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
The redundancy detector van from the Monopoly of Cizzz-coeee. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Cizzz-coeee? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
It was spelt like that on the van. I'm very observant! I never seen |
|
so many bleeding aerials. The man said that their equipment could |
|
pinpoint a failover configuration at 400 yards! And my Cisco router, |
|
being such a flappy bat, was a piece of cake. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
How much did you pay for this? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Sixty quid, and twenty grand for the PIX. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
What PIX? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
The PIX I'm replacing! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
So you're replacing your PIX with free software, and yet you want to |
|
license it? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
There's nothing so odd about that. I'm sure they patented this |
|
protocol too. After all, the IETF had a hand in it! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
No they didn't! |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Did! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Didn't! |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Did, did, did and did! |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
Oh, all right. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Spoken like a gentleman, sir. Now, are you going to give me a CARP |
|
license? |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
I promise you that there is no such thing. You don't need one. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
In that case, give me a Firewall License. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
A license? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Yes. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
For your firewall? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
No. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
No? |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
No, half my firewall. It had an accident. |
|
<br> |
|
<font color="#b00000">Licenser:</font> |
|
You're off your chump. |
|
<br> |
|
<font color="#b00000">Customer:</font> |
|
Look, if you intend by that utilization of an obscure colloquialism |
|
to imply that my sanity is not up to scratch, or indeed to deny the |
|
semi-existence of my little half firewall, I shall have to ask you to |
|
listen to this! Take it away CARP the orchestra leader! |
|
<br> |
|
<br> |
|
A zero... one.. A one zero one one<br> |
|
<br> |
|
VRRP, philosophically,<br> |
|
must ipso facto standard be<br> |
|
But standard it<br> |
|
needs to be free<br> |
|
vis a vis<br> |
|
the IETF<br> |
|
you see?<br> |
|
<br> |
|
But can VRRP<br> |
|
be said to be<br> |
|
or not to be<br> |
|
a standard, see,<br> |
|
when VRRP can not be free,<br> |
|
due to some Cisco patentry..<br> |
|
<br> |
|
Singing...<br> |
|
<br> |
|
La Dee Dee, 1, 2, 3.<br> |
|
VRRP ain't free.<br> |
|
O P E N B S D<br> |
|
CARP is free<br> |
|
<br> |
|
Is this wretched Cisco-eze<br> |
|
let through IETF to mean<br> |
|
my firewall must pay legal fees?<br> |
|
No! CARP and PF are Free!<br> |
|
<br> |
|
Fiddle dee dum,<br> |
|
Fiddle dee dee,<br> |
|
CARP and PF are free.<br> |
|
<br> |
|
1 1 2,<br> |
|
Tee Hee Hee,<br> |
|
CARP and PF are free.<br> |
|
<br> |
|
My firewall just keeps running, see,<br> |
|
bisected accidentally,<br> |
|
one summer afternoon by me.<br> |
|
Redundancy's good when free.<br> |
|
<br> |
|
Redundancy must be free.<br> |
|
Redundancy must be free.<br> |
|
<br> |
|
The End<br> |
|
<br> |
|
Under the Geddy Lee?<br> |
|
<br> |
|
No, Redundancy must be free!<br> |
|
<br> |
|
Geddy must be free.<br> |
|
<br> |
|
<br> |
|
</td><td valign=top width="33%"> |
|
<img src="images/Carp_song.gif"><br> |
|
</td></tr></table> |
|
<p> |
|
<em> |
|
<font color="#00b000">"CARP License"</font> sketch:<br> |
|
Tony Binns as the Customer, Peter Rumpel as the Licenser. |
|
<br> |
|
<font color="#00b000">"Reduncancy must be free"</font> song:<br> |
|
Lead vocal by Peter Rumpel, backing vocals by Jonathan Lewis and Ty Semaka. |
|
Piano by Janet Lewis, acoustic guitars by Chantal Vitalis. |
|
Bass and Geddy Lee questioning by Jonathan Lewis. |
|
Lyrics by Bob Beck.<br> |
|
<br> |
|
<br> |
|
</em> |
|
|
<hr> |
<hr> |
<a name=34></a> |
<a name=34></a> |