-
+
- 3.5: "CARP License" and "Redundancy must be free"
- 3.4: "The Legend of Puffy Hood"
- 3.3: "Puff the Barbarian"
- 3.2: "Goldflipper"
***************
*** 30,35 ****
--- 31,430 ----
+ +3.5: "CARP License" and "Redundancy must be free"
++
++ + OpenBSD 3.5 CD2 track 2 is an
+ uncompressed copy of this skit & song.
+ MP3 version of song (3.5 minutes, 7.0MB)
+ OGG version of song (3.5 minutes, 5.1MB)
+
+
+
+
+
+ + A common theme used by the comedy crew Monty Python was to emphasize + and exaggerate ridiculousnesses that their target had imposed upon + themselves. Few things could be considered as humorous as making a + redundancy protocol... redundant; e.g. being forced to replace it by + Cisco lawyers and IETF policy. ++ We've been working a few years now on our packet filtering software + pf(4) + and it became time to add failover. We want to be able to set up pf + firewalls side by side, and exchange the stateful information between + them, so that in case of failure another could take over 'keep state' + sessions. Our + pfsync(4) + protocol solves this problem. However, on both sides of the firewall, + it is also necessary to have all the regular hosts not see a + network failure. The only reliable way to do this is for both + firewall machines to have and use the same IP and MAC addresses. But + the only real way to do that is to use multicast protocols. +
+ The IETF community proposed work in this direction in the late + 90's, however in 1997 Cisco informed them that they believed some of + Cisco's patents covered the proposed IETF VRRP (Virtual Router + Redundancy Protocol); on + + March 20, 1998 they went further and specifically named their HSRP + "Hot Standby Router Protocol" patent. Reputedly, they were upset + that IETF had not simply adopted the flawed HSRP protocol as the + standard solution for this problem. Despite this legal pressure, the + IETF community forged ahead and published VRRP as a standard even + though there was a patent in the space. Why? + + There was much deliberation + at all levels of the IETF, and unfortunately for all of us the + politicians within eventually decided to allow patented technology in + standards -- as long as the patented technology is licensed under RAND + (Reasonable And Non Discriminatory) terms. As free software + programmers, we therefore find ourselves in the position that these + RAND standards must not be implemented by us, and we must deviate from + the standard. We find all this rather Unreasonable and Discriminatory + and we *will* design competing protocols. Some standards organization, + eh? +
+ Due to some HSRP flaws fixed by VRRP and for compatibility with the + (HSRP-licensed) VRRP implementations of their competitors, Cisco in + recent times has largely abandoned HSRP and now relies on VRRP instead + -- a protocol designed for and by the community, but for which they + claim patent rights. +
+ On August 7 2002, after many communications, Robert Barr (Cisco's + lawyer) firmly informed the OpenBSD community that Cisco would defend + its patents for VRRP implementations -- meaning basically that it was + impossible for a free software group to produce a truly free + implementation of the IETF standard protocol. Perhaps this is because + Cisco and Alcatel are currently engaged in a pair of patent lawsuits; a + small piece of which is Cisco attempting to use the HSRP patent + against Alcatel for their use of VRRP. Some IETF working group + members took note of our complaints, + + however an attempt in April 2003 to have the IETF abandon the use of + patented technology failed to "reach consensus" in the IETF. +
+ A few years ago, the W3C, who designs our web protocols, tried to move + to a RAND policy as well (primarily because of pressure from Microsoft + and Apple), but the community outrage was so overpowering that they + backed down. Some standards groups use this policy, while others + avoid it -- the one differentiation being the amount of corporate + participation. In the IETF, the pro-RAND agents work for AT&T, + Alcatel, IBM, Cisco, Microsoft, and other large companies. Since IETF + is an open forum, they can blend in as the populace, and vote just + like all others, except against the community. +
+ Translation: In failing to "reach consensus", the companies who + benefit from RAND won, and the community lost again. +
+ Left with little choice, we proceeded to reinvent the wheel or, more + correctly, abandon the wheel entirely and go for a "hovercraft". We + designed CARP (Common Address Redundancy Protocol) to solve the same + problem that these other protocols are designed for, but without the + same technological basis as HSRP and VRRP. We read the patent + document carefully and ensured that CARP was fundamentally different. + We also avoided many of the flaws in HSRP and VRRP (such as an inherent + lack of security). And since we are OpenBSD developers, we designed + it to use cryptography. +
+ The combination of + pf(4), + pfsync(4), and + carp(4) + has permitted us to build highly redundant firewalls. To date, we + have built a few networks that include as many as 4 firewalls, all + running random reboot cycles. As long as one firewall is alive in a + group, traffic through them moves smoothly and correctly for all of + our packet filter functionality. Cisco's low end products are unable + to do this reliably, and if they have high end products which can do + this, you most certainly cannot afford them. +
+ As a final note of course, when we petitioned IANA, the IETF body + regulating "official" internet protocol numbers, to give us numbers + for CARP and pfsync our request was denied. Apparently we had failed + to go through an official standards organization. Consequently we + were forced to choose a protocol number which would not conflict with + anything else of value, and decided to place CARP at IP protocol 112. + We also placed pfsync at an open and unused number. We informed IANA of + these decisions, but they declined to reply. +
+ This ridiculous situation then inspired one of our developers to create + this parody of the well-known Monty Python skit and song. +
+
++
++
+
+ Customer: + Hello, I would like to buy a CARP license please. +
+ Licenser: + A what? +
+ Customer: + A license for my network redundancy protocol, CARP. +
+ Licenser: + Well, it's free isn't it? +
+ Customer: + Exactly, the protocol's name is CARP. CARP the redundancy protocol. +
+ Licenser: + What? +
+ Customer: + He is an.... redundancy protocol. +
+ Licenser: + CARP is a free redundancy protocol! +
+ Customer: + Yes, I chose it out of three, I didn't like the others, + they were all too... encumbered. And now I must license it! +
+ Licenser: + You must be a looney. +
+ Customer: + I am not a looney! Why should I be tied with the epithet looney merely + because I wish to protect my redundancy protocol? I've heard tell + that Network Associates has a pet algorithm called RSA used in IETF + standards, and you wouldn't call them a looney; Geoworks has a claim + on WAP, after what their lawyers do to you if you try to implement it. + Cisco has two redundant patents, both encumbered, and Cadtrack has a + patent on cursor movement! So, if you're calling the large American + companies that fork out millions of dollars for the use of XOR a + bunch of looneys, I shall have to ask you to step outside! +
+ Licenser: + Alright, alright, alright. A license. +
+ Customer: + Yes. +
+ Licenser: + For a free redundancy protocol? +
+ Customer: + Yes. +
+ Licenser: + You are a looney. +
+ Customer: + Look, it allows for bleeding redundancy doesn't it? Cisco's got a + patent for the HSRP, and I've got to get a license for me router + VRRP. +
+ Licenser: + You don't need a license for your VRRP. +
+ Customer: + I bleeding well do and I got one. It can't be called VRRP without it +
+ Licenser: + There's no such thing as a bloody VRRP license. +
+ Customer: + Yes there is! +
+ Licenser: + Isn't! +
+ Customer: + Is! +
+ Licenser: + Isn't! +
+ Customer: + I bleeding got one, look! What's that then? +
+ Licenser: + This is a Cisco HSRP patent document with the word "Cisco" crossed + out and the word "IETF" written in in crayon. +
+ Customer: + The man didn't have the right form. +
+ Licenser: + What man? +
+ Customer: + Robert Barr, the man from the redundancy detector van. +
+ Licenser: + The looney detector van, you mean. +
+ Customer: + Look, it's people like you what cause unrest. +
+ Licenser: + What redundancy detector van? +
+ Customer: + The redundancy detector van from the Monopoly of Cizzz-coeee. +
+ Licenser: + Cizzz-coeee? +
+ Customer: + It was spelt like that on the van. I'm very observant! I never seen + so many bleeding aerials. The man said that their equipment could + pinpoint a failover configuration at 400 yards! And my Cisco router, + being such a flappy bat, was a piece of cake. +
+ Licenser: + How much did you pay for this? +
+ Customer: + Sixty quid, and twenty grand for the PIX. +
+ Licenser: + What PIX? +
+ Customer: + The PIX I'm replacing! +
+ Licenser: + So you're replacing your PIX with free software, and yet you want to + license it? +
+ Customer: + There's nothing so odd about that. I'm sure they patented this + protocol too. After all, the IETF had a hand in it! +
+ Licenser: + No they didn't! +
+ Customer: + Did! +
+ Licenser: + Didn't! +
+ Customer: + Did, did, did and did! +
+ Licenser: + Oh, all right. +
+ Customer: + Spoken like a gentleman, sir. Now, are you going to give me a CARP + license? +
+ Licenser: + I promise you that there is no such thing. You don't need one. +
+ Customer: + In that case, give me a Firewall License. +
+ Licenser: + A license? +
+ Customer: + Yes. +
+ Licenser: + For your firewall? +
+ Customer: + No. +
+ Licenser: + No? +
+ Customer: + No, half my firewall. It had an accident. +
+ Licenser: + You're off your chump. +
+ Customer: + Look, if you intend by that utilization of an obscure colloquialism + to imply that my sanity is not up to scratch, or indeed to deny the + semi-existence of my little half firewall, I shall have to ask you to + listen to this! Take it away CARP the orchestra leader! +
+
+ A zero... one.. A one zero one one
+
+ VRRP, philosophically,
+ must ipso facto standard be
+ But standard it
+ needs to be free
+ vis a vis
+ the IETF
+ you see?
+
+ But can VRRP
+ be said to be
+ or not to be
+ a standard, see,
+ when VRRP can not be free,
+ due to some Cisco patentry..
+
+ Singing...
+
+ La Dee Dee, 1, 2, 3.
+ VRRP ain't free.
+ O P E N B S D
+ CARP is free
+
+ Is this wretched Cisco-eze
+ let through IETF to mean
+ my firewall must pay legal fees?
+ No! CARP and PF are Free!
+
+ Fiddle dee dum,
+ Fiddle dee dee,
+ CARP and PF are free.
+
+ 1 1 2,
+ Tee Hee Hee,
+ CARP and PF are free.
+
+ My firewall just keeps running, see,
+ bisected accidentally,
+ one summer afternoon by me.
+ Redundancy's good when free.
+
+ Redundancy must be free.
+ Redundancy must be free.
+
+ The End
+
+ Under the Geddy Lee?
+
+ No, Redundancy must be free!
+
+ Geddy must be free.
+
+
++ 
++ + "CARP License" sketch:
+ Tony Binns as the Customer, Peter Rumpel as the Licenser. +
+ "Reduncancy must be free" song:
+ Lead vocal by Peter Rumpel, backing vocals by Jonathan Lewis and Ty Semaka. + Piano by Janet Lewis, acoustic guitars by Chantal Vitalis. + Bass and Geddy Lee questioning by Jonathan Lewis. + Lyrics by Bob Beck.
+
+
+ + +
3.4: "The Legend of Puffy Hood"
*************** *** 488,493 ****
Public Discussion Forum about contents of these web pages: www@openbsd.org
!
$OpenBSD: lyrics.html,v 1.29 2004/02/13 07:14:51 david Exp $