re as much as this is an offtopic, imho, you should do some more reading. an ietf/vrrp mailing list is a good start, i believe.
cu Making, drinking tea and reading an opus magnum from Robert Schwartz: > Great news! There has been some interesting movement on the VRRP front. > I have it running at home actually and I am more then willing (and > hopefully able) to test any and all VRRP / HA solutions for firewalls > from the public domain. I got some Dell Celeron 433's from Ye Olde Used > Compooter Shoppe for about 150$ total (with the extra NIC's) and an old > hub to share the DSL modem and a small subnet of live IP's to use on > this hub. > > I'm sure you've seen the HUT project for FreeBSD freevrrpd: > > http://www.bsdshell.net/hut_fvrrpd.html > > and it has been ported to OpenBSD by Blake Matheny > > http://www.backwatcher.com/~matheny/ > this is hard to get to compile (you need gmake for it and some other > autoconf options) > > It was translated to an unofficial OpenBSD port by Chris Kuethe: > > http://archives.neohapsis.com/archives/openbsd/2002-07/1032.html > > I'm using the source port on one gateway and the "port" on another. The > "port" installs easy obviously but you end up with the same thing. > > That being said, there are problems. The original porter (Blake > Matheny) ported FreeVRRPD to OpenBSD (and his web site is down ATM) at > version .84. This works great for load balancing and HA for web > servers, etc, but doesn't help if just 1 interface in my 8 legged > firewall fails. Version .85b from the HUT project added the "killer > app" for firewalls: Monitored Circuits! Second, state information is > not maintained when it fails over :(. > > So I would think that there's enough out there in the GPL area and > enough work already done so that you wouldn't need to reinvent the > wheel, just take the GPL'ed software already out there and finish the > port / actively work with Sebastien Petit (the developer of FreeVRRPD) > to keep it up to date with OpenBSD. > > I see that there are some comments on the patent issue that came in > after this post. This is very highly misunderstood by either me or > them. The heart of the matter was re-hashed 100000000 times with the > OpenSSL thread on misc@. It's pretty much the same type of license: > > "Cisco retains the right to assert patent claims against any party and > any > subsidiary of a party that asserts a patent it owns or controls, either > directly or indirectly, against Cisco or any of its subsidiaries or > successors in title, including the right to claim damages for any prior > use or sale of VRRP by such a party." > > http://marc.theaimsgroup.com/?l=openbsd-misc&m=100758029726542&w=2 > > http://marc.theaimsgroup.com/?l=openbsd-misc&m=102884286900348&w=2 > > http://marc.theaimsgroup.com/?l=openbsd-misc&m=102902419103247&w=2 > > 1) IANAL :) your mileage may vary, objects in the mirror are closer then > they appear. > 2) The issue is not that Cisco "owns" vrrp as a concept (they don't > actually, they own various other protocols for HA that the open standard > was based on). If Cisco "owned" it, how could it be an open protocol > with the IETF and how could Checkpoint use it flagrantly? Finally, no > one owns "high availability" or "shared IP solutions", since every > vendor (even M$!) has some form or this somewhere in their products. > 3) Cisco offered up "their" piece of the "open" protocol for free as > long as you accept their license. This license was not in the best > interest of the OpenBSD project, but it COULD BE IN THE BEST INTEREST of > one or more OpenBSD users that care more about HA then suing CISCO (see > the last link above). > 4) The OpenBSD team even had their own port of VRRPD see the first link > in the list above), but wouldn't put it in the code base because it adds > some stealth licenses to OpenBSD. (see the first link from the archives > above). > 5) There is nothing stopping people with no intention of litigation with > Cisco from making their own VRRP based on the public open standard, as > long as you promise not to sue Cisco. > 6) The OpenBSD team could not distribute VRRP without poisoning the > entire license for this one use, but independently making the software > doesn't hurt anyone except people that are using it. And the "hurt" is > that they lose their ability to sue Cisco. > > So as long as it's not in the "core" distro or distributed by the "core" > team, VRRP ports violate no patents and cause no licensing problems for > OpenBSD. > > If I'm wrong, please smacketh me with a clue stick. > > > > -----Original Message----- > > From: Luca Perugini [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, October 03, 2002 10:49 AM > > To: [EMAIL PROTECTED] > > Subject: R: Load balancing/failover > > > > > > Hi, > > I'm working on vrrp implementation on OBSD. > > My starting point was Linux vrrp implementation done by > > Jerome Etienne and FreeBSD vrrp. I hope in 2 or 3 weeks to > > have a "running" version of vrrpd for OBSD 3.1 > > > > In the meaning time I send a patch around ifconfig and 'if' > > files to support MAC showing and MAC setting on ethernet card. > > > > Luk > > > > ______________________________________________________________ > > > > Ing. Luca Perugini o mailto: [EMAIL PROTECTED] > > o > > Oxys S.r.l. o Mob.: +39 335 7746997 > > Via Gaetana Agnesi, 12 o Off.: +39 02 58327300 > > 20135 Milano MI (ITALY) o Fax : +39 02 58304654 > > ________________________________________________________________ > > > > > > > > > -- paranoic mickey (my employers have changed but, the name has remained)
