- Common Address Redundancy Protocol
The Common Address Redundancy Protocol or CARP is a protocol which allows multiple hosts on the same local network to share a set of IP addresses. Its primary purpose is to provide failover redundancy, especially when used with firewalls and routers. In some configurations CARP can also provide load balancing functionality. It is a free, non patent-encumbered alternative to Cisco's HSRP. CARP is mostly implemented in BSD operating systems.
If there is a single computer running a packet filter, and it goes down, the networks on either side of the packet filter can no longer communicate with each other, or they communicate without any packet filtering. If, however, there are two computers running a packet filter, running CARP, then if one fails, the other will take over, and computers on either side of the packet filter will not be aware of the failure, so operation will continue as normal. In order to make sure the new master operates the same as the old one, pfsyncd is used to synchronize packet filter states.
Principle of redundancy
A group of hosts using CARP is called a "group of redundancy". The group of redundancy allocates itself an IP address which is shared or divided among the members of the group. Within this group, a host is designated as "Master". The other members are called "slaves". The main host is that which "takes" the IP address. It answers any traffic or ARP request brought to the attention of this address. Each host can belong to several groups of redundancy. Each host must have a second unique IP address.
A common use of CARP is the creation of a group of redundant firewalls. The virtual IP address allotted to the group of redundancy is indicated as the address of the default router on the computers behind this group of firewalls. If the main firewall breaks down or is disconnected from the network, the virtual IP address will be taken by one of the firewall slaves and the service availability will not be interrupted.
In the late 1990s IETF began working on a solution to the problem of shared IPs. In 1997, Cisco informed them that this was already covered by Cisco patents. In 1998, Cisco told them it was covered by their patent of HSRP (Hot Standby Router Protocol). Nonetheless, IETF continued work on VRRP (Virtual Router Redundancy Protocol). After some debate, people decided it was OK to allow patented material in a standard, as long as it was available under RAND (Reasonable and Non-Discriminatory) Licensing terms. Because VRRP fixed problems with the HSRP protocol, Cisco began using VRRP instead, while still claiming it as its own.
Cisco informed the OpenBSD developers they would enforce their patent of HSRP. This may have been related to their lawsuit with Alcatel. Thus, a free implementation of VRRP could not be made. OpenBSD developers started CARP as an alternative to the patented VRRP, as the "reasonable and non-discriminatory" licensing terms necessarily excluded open-source implementations. To avoid infringing the HSRP patent, they ensured their idea for CARP was fundamentally different. Because of OpenBSD's focus on security, CARP was designed with security in mind, and is designed to use cryptography. It became available, completely for free, in October 2003. It was integrated into FreeBSD and released initially with FreeBSD 5.4 in May 2005. It has since been integrated into NetBSD.
No official internet protocol number
As a final note of course, when we petitioned IANA, the IETF body regulating "official" internet protocol numbers, to give us numbers for CARP and pfsync our request was denied. Apparently we had failed to go through an official standards organization. Consequently we were forced to choose a protocol number which would not conflict with anything else of value, and decided to place CARP at IP protocol 112. We also placed pfsync at an open and unused number. We informed IANA of these decisions, but they declined to reply.
IP protocol numbers at the time when the above request was made were allocated by IANA according to the rules in RFC 2780, i.e., under the "IESG Approval" or "Standards Action" process (with "Expert Review" being a third option that was not applicable to this request). Both of these processes require a textual specification describing the protocol for which a protocol number is requested, which did not exist for CARP. The OpenBSD implementation is the closest thing to a formal specification of the protocol, but source code - especially source code licensed under specific terms - is not the same as a textual technical specification. No technical specification was submitted for CARP, and IANA declined the request.
The incompatible Cisco/IETF VRRP also uses IP protocol 112, having been assigned it by IANA.
- OpenBSD's carp(4) man page
- FreeBSD's carp(4) man page
- Firewall Failover with pfsync and CARP
- UCARP: an userland CARP implementation
- NetBSD port of CARP
- FreeBSD port of CARP
- The OpenBSD song 3.5: "CARP License" and "Redundancy must be free"
Operating system Related projects People
Wikimedia Foundation. 2010.
Look at other dictionaries:
Common address redundancy protocol — ou CARP est un protocole permettant à un groupe d hôtes sur un même segment réseau de partager une adresse IP. Le nom CARP est en fait un sigle signifiant « Common Address Redundancy Protocol » (Protocole Commun De Redondance D Adresse) … Wikipédia en Français
Common Address Redundancy Protocol — ou CARP est un protocole permettant à un groupe d hôtes sur un même segment réseau de partager une adresse IP. Le nom CARP est en fait un sigle signifiant « Common Address Redundancy Protocol » (Protocole Commun De Redondance D Adresse) … Wikipédia en Français
Common Address Redundancy Protocol — Das Common Address Redundancy Protocol (CARP) ist ein Netzwerkprotokoll, mit dessen Hilfe sich die Verfügbarkeit von IP Systemen erhöhen lässt. Dies wird dadurch erreicht, dass mehrere Rechner innerhalb eines lokalen Netzes dieselben virtuellen… … Deutsch Wikipedia
Common Address Redundancy Protocol — … Википедия
Virtual Router Redundancy Protocol — (VRRP) is a non proprietary redundancy protocol described in RFC 3768 designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a virtual router (an… … Wikipedia
Virtual Router Redundancy Protocol — VRRP (Virtual Router Redundancy Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Hochverfügbarkeit von Routern VRRP im TCP/IP Protokollstapel Vermittlung VRRP IP … Deutsch Wikipedia
Virtual Router Redundancy Protocol — (VRRP) es un protocolo de redundancia no propietario definido en el RFC 3768 diseñado para aumentar la disponibilidad de la puerta de enlace por defecto dando servicio a máquinas en la misma subred. El aumento de fiabilidad se consigue mediante… … Wikipedia Español
Common Object Request Broker Architecture — The Common Object Request Broker Architecture (CORBA) is a standard defined by the Object Management Group (OMG) that enables software components written in multiple computer languages and running on multiple computers to work together (i.e., it… … Wikipedia
MAC address — This article is about a network addressing standard. For the Apple computer product, see Macintosh. For other similar terms, see Mac. A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for… … Wikipedia
Hot Standby Router Protocol — (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault tolerant default gateway, and has been described in detail in RFC 2281. The Virtual Router Redundancy Protocol (VRRP) is a standards based alternative to HSRP defined in… … Wikipedia