Editing Common Address Redundancy Protocol

{{Short description|Computer networking protocol}}
{{Distinguish|Cache Array Routing Protocol}}
The '''Common Address Redundancy Protocol''' or '''CARP ''' is a computer [[networking protocol]] which allows multiple [[Host (network)|hosts]] on the same [[local area network]] to share a set of [[IP addresses]]. Its primary purpose is to provide [[failover]] redundancy, especially when used with [[Firewall (computing)|firewalls]] and [[Router (computing)|routers]]. In some configurations, CARP can also provide [[load balancing (computing)|load balancing]] functionality.  CARP provides functionality similar to [[Virtual Router Redundancy Protocol]] (VRRP) and to [[Cisco Systems]]' [[Hot Standby Router Protocol]] (HSRP).  It is implemented in several [[BSD]]-based [[operating system]]s and has been [[Porting|ported]] to [[Linux]] (ucarp).<ref name="ucarp manpage">[http://manpages.ubuntu.com/manpages/bionic/man8/ucarp.8.html ucarp manpage]</ref>

==Example==
If there is a single computer running a [[packet filter]], and it goes down, the networks on either side of the packet filter can no longer communicate with each other, or they communicate without any packet filtering. If, however, there are two computers running a packet filter, running CARP, then if one fails, the other will take over, and computers on either side of the packet filter will not be aware of the failure, so operation will continue as normal. In order to make sure the new active/primary operates the same as the old one, the packet filter used must support synchronization of state between the two computers.

==Principle of redundancy==
A group of hosts using CARP is called a "group of redundancy". The group of redundancy allocates itself an IP address which is shared or divided among the members of the group. Within this group, a host is designated as "active/primary". The other members are "standby". The main host is that which "takes" the IP address. It answers any traffic or [[Address Resolution Protocol|ARP request]] brought to the attention of this address. Each host can belong to several groups of redundancy. Each host must have a second unique IP address.

A common use of CARP is the creation of a group of redundant firewalls. The [[virtual IP address]] allotted to the group of redundancy is indicated as the address of the default router on the computers behind this group of firewalls. If the main firewall breaks down or is disconnected from the network, the virtual IP address will be taken by one of the firewall slaves and the service availability will not be interrupted.

==History==
In the late 1990s the [[Internet Engineering Task Force]] (IETF) began work on a protocol for router redundancy.  In 1997, Cisco informed the IETF that it had patents in this area and, in 1998, pointed out its patent on [[HSRP]].<ref>{{cite web|url=http://www.ietf.org/ietf-ftp/IPR/VRRP-CISCO|title=VRRP-CISCO|publisher=IETF|access-date=2011-11-26|archive-url=https://web.archive.org/web/20140313072021/http://www.ietf.org/ietf-ftp/IPR/VRRP-CISCO|archive-date=2014-03-13|url-status=dead}}</ref>  Nonetheless, IETF continued work on [[VRRP]].  After some debate, the IETF VRRP working group decided to approve the standard, despite its reliance on patented techniques, as long as Cisco made the patent available to third parties under [[reasonable and non-discriminatory licensing]] terms.

Cisco informed the [[OpenBSD]] developers that it would enforce its patent on HSRP.  Cisco's position may have been due to their lawsuit with Alcatel.  As Cisco's licensing terms prevented an open-source VRRP implementation, the OpenBSD developers began developing CARP instead.  OpenBSD focuses on security.  They designed CARP to use [[cryptography]].  This made CARP fundamentally different from VRRP and ensured that CARP did not infringe on Cisco's patent.  CARP became available in October 2003.<ref>{{cite web|url=http://marc.info/?l=openbsd-misc&m=106642790513590|title='CARP'|author=Ryan McBride|date=17 October 2003|publisher=Mailing list ARChives}}</ref>  Later, it was integrated into [[FreeBSD]] (first released in May 2005 with FreeBSD 5.4),<ref>[http://www.freebsd.org/releases/5.4R/relnotes-i386.html#NET-PROTO FreeBSD 5.4 i386 release notes], retrieved 2010-01-06</ref> [[NetBSD]] and [[Linux]] (ucarp).<ref name="ucarp manpage"/> While Cisco's US patent expired in 2014, the two incompatible protocols continue to coexist.

==Incompatibility with IETF standards==
OpenBSD uses VRRP's protocol number and MAC addresses.  The OpenBSD project requested unique numbers from the [[Internet Assigned Numbers Authority]] (IANA) but was denied.

To allocate numbers, IANA has several requirements.  At the time, these were specified in [https://tools.ietf.org/html/rfc2780 RFC 2780].  Requirements include participating in a collaborative, lengthy discussion process within the [[IETF]] and producing a detailed textual specification of the protocol.  The OpenBSD developers met neither requirement{{Citation needed|reason=This claim needs an actual source|date=October 2019}}.  OpenBSD's website states the following:<ref>{{cite web
 | url = http://www.openbsd.org/lyrics.html#35 | date = 2004-05-01
 | title = CARP License | work = OpenBSD Release Songs
}}</ref>
{{Quote|As a final note of course, when we petitioned IANA, the IETF body regulating[sic] "official" internet protocol numbers, to give us numbers for CARP and ''pfsync'', our request was denied. Apparently we had failed to go through an official standards organization. Consequently we were forced to choose a protocol number which would not conflict with anything else of value, and decided to place CARP at IP protocol 112. We also placed ''pfsync'' at an open and unused number. We informed IANA of these decisions, but they declined to reply.}}

IANA had assigned protocol number 112 to [[VRRP]] (in 1998, via RFC 2338).<ref>{{cite web|title=Protocol Numbers|url=https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml|publisher=IANA|accessdate=19 June 2014}}</ref>  Protocol number 112 remains in use by VRRP.

CARP also uses a range of [[Ethernet]] [[MAC address]]es which [[IEEE]] had assigned to IANA/IETF for the VRRP protocol.<ref>{{cite web|title=Ethernet Numbers|url=https://www.iana.org/assignments/ethernet-numbers/ethernet-numbers.xhtml|accessdate=19 June 2014}}</ref>

In spite of the overlap, it is still possible to use VRRP and CARP in the same [[broadcast domain]], as long as the VRRP group ID and the CARP virtual host ID are different.

==See also==
{{Portal|Free and open-source software}}

* [[Gateway Load Balancing Protocol]] (GLBP)
* [[HSRP]]
* [[pfsync]]
* [[VRRP]]
* [[IP network multipathing]] (IPMP)

==References==
<references/>

==External links==
* {{man|4|carp|OpenBSD}}
* {{man|4|carp|FreeBSD}}
* [http://manpages.ubuntu.com/manpages/bionic/man8/ucarp.8.html UCARP: userland CARP implementation]
* [http://www.netbsd.org/changes/2006.html#carp-support NetBSD port of CARP]
* [http://www.openbsd.org/lyrics.html#35 The OpenBSD song 3.5: "CARP License" and "Redundancy must be free"]

{{OpenBSD}}

[[Category:High-availability cluster computing]]
[[Category:OpenBSD]]
[[Category:FreeBSD]]
[[Category:First-hop redundancy protocols]]