On Tue, May 29, 2012 at 1:40 PM, Theo de Raadt <[email protected]> wrote: >> I was just reading the April's issue of the Communications of the ACM (the >> flagship magazine of the Association for Computing Machinery), and noticed >> that OpenBSD and its developers were mentioned in one article, in a rather >> negative way: >> >> "Unfortunately, there is a segment of the open source community that >> is >> incapable of playing well with others, when those others don't play >> the way >> they want them to. For those who have not had to deal with these >> people, it's >> a bit like talking to a four-year-old. When you explain >> checkers to your >> niece, she might decide that she doesn't like your >> rules and follows her own >> rules. You humor her, she's being creative, >> and this is amusing in a >> four-year-old. If you were playing chess with a >> colleague who suddenly told >> you that the king could move one, two, or >> three places in one go, you would >> be pissed off, because this person >> would obviously be screwing with you, or >> insane. Have I lost my mind?! What does this have to do with VRRP or network >> protocols? The >> OpenBSD team, led as always by their Glorious Leader (their >> words, not >> mine), decided that a RAND license just wasn't free enough for >> them. >> They wrote their own protocol, which was completely incompatible with >> VRRP. Well, you say, that's not so bad; that's competition, and we all >> know >> that competition is good and brings better products, and it's the >> glorious >> triumph of Capitalism. But there is one last little nit to this >> story. The >> new protocol dubbed CARP (Common Address Redundancy >> Protocol) uses the exact >> same IP number as VRRP (112). Most people, and >> KV includes himself in this >> group, think this was a jerk move. "Why >> would they do this?" I hear you cry. >> Well, it turns out that they >> believe themselves to be in a war with the >> enemies of open source, as >> well as with those opposed to motherhood and apple >> pie. Stomping on the >> same protocol number was, in their minds, a strike >> against their enemies >> and all for the good. Of course, it makes operating >> devices with both >> protocols in the same network difficult, and it makes >> debugging the >> software that implements the protocol nearly impossible." >> Here is the link to the article: >> http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr >> act >> >> If you are not a member of the ACM, you can read it in ACM Queue, in which it >> was published in January: http://queue.acm.org/detail.cfm?id=2090149 >> >> I somehow feel this is a very distorted view of what really happened. Perhaps >> it would be good if somebody "official" wrote a Letter to the Editor >> (Communications of the ACM publish them in every issue)? > > I've seen this discussed in a few places. It is completely distorted. > This will be my only mail about this, because there are always people > who want to rewrite history and the that author is one of them. > > We have the email archives of the private communications with IETF, > IANA, Cisco, HP, Nokia, and other organizations to try to solve this > protocol/service issue going back almost 2 years before we released > the first CARP and pfsync code outside our group. > > IANA refused to give us new unique protocol and service number because > we had not gone through the process of following the rules layed out > by the IETF VRRP guys. > > Yet, we had discussions all the way up to the top to try to > solve this. Let me quote the signature from one email -- and I had more > than 30 emails with this guy trying to find a way out of this: > > Robert Barr > Patent Counsel > Cisco Systems > 408-525-9706 > > Robert Barr was the one who could have said: Sure, we abandon the claim > of HSRP on VRRP, and guess what? We'd have simply gone to VRRP. > > My vrrp email folder has 145 emails in it, all of them leading up to > the point where we abandoned efforts to work with IETF/IANA/Companies > and instead deployd a new protocol. THE TERMS GIVEN TO USE WERE > IMPOSSIBLE. > > IANA was saying that there was *no way in hell* that we would get new > protocol or service numbers, unless we submitted our work to a > standards commitee and let them mangle it. Unlike the CACM author, > we're not stammering idiots. We know exactly what would have > happened. CARP would have been absorbed into IETF's VRRP plan and > spat out the other side in a few years with all the patent glue stuck > to it again. > > There were too many people with big skin in the battle, since Alcatel > and Cisco were using the super lame VRRP / HSRP patent issue as one of > the components in some huge patent battles they had going on at the > time. > > As a result of the big companies being involved in a patent war, IANA > abrogated their responsibility of being responsible, and instead > decided to be as spiteful and unrecognizing of the reason why we had > invented CARP. Players in their midst were not toing to let an open > source alternative to a patented protocol come into being, when VRRP > was the very first RAND-licenced patented standard ever to come into > existance. > > Everyone knows that the HSRP / VRRP patent thing is a load of bull. > But since this was the foundation of the RAND rules at IETF, noone > wants to back down on that one. They'll back down on 200 other > patents first. > > The story of this is described in the artwork for our 3.5 release, in the > left-hand column of http://openbsd.org/lyrics.html#35 > > Finally, unlike what the author says, VRRP and CARP interoperate just > fine today. In the early days, when a few vendors had really buggy > VRRP their routers crashed. But that is a reliablility/security problem, > since anyone could have injected such packets to cause those crashes. > > And which vendors would those be? HMM. I WONDER! Why, they'd be the > ones who I accuse of using their considerable clout at the IETF and > IANA to not give us unique numbers we can use. > > After all, anyone can tell that the /etc/protocols file is full! > > We went through every single step of politics to try to solve things. > > Then we decided to deploy on the same fashion as VRRP, but with the > version number cranked. We told all the people at IANA, IETF and > Cisco that we were going to take this action. I just re-read that > mail. > > At that point, they declined to ever reply again. Who's the child now? > > I will quote something one chunk of mail from Robert Barr at > Cisco: > > From: "Robert Barr " <[email protected]> > To: "'Theo de Raadt'" <[email protected]> > Subject: RE: Patent claims on VRRP > Date: Tue, 21 Oct 2003 20:33:25 -0700 > > I hope CARP is successful, I really do. > Please think about my risk management comments tho. I am not trying to win > any argument, just sharing my reality. > > The author of the ACM article is a whining pathetic liar who lives in > the heart of the land where those powerful vendors operate. It would > be really difficult for him to have another opinion on this matter. He's > also a FreeBSD developer. > > On the other hand, the ACM should be ashamed for having allowed that to > be published. That, I think they should be contacted about. Except check > out this URL: > > http://www.acm.org/acmelections/Secretary-Treas_G_Neville-Neil.pdf > > See how this works? George V. Neville-Neil is total slimeball. Follow > the money and influence. >
Theo, I couldn't help but notice that you completely side-stepped the 'glorious leader' part. So, is it true then? ;-) -B
