These are unedited transcripts and may contain errors.

Open Source/BoF Working Group

Thursday, 16 May, 2013, at 4p.m.:

ONDREJ FILIP: Good afternoon, ladies and gentlemen, welcome to the Open Source Working Group. We are really glad to see all of you here because this was supposed to be run as a Working Group so we really need to understand whether there is an interest and.

This is Martin Winter from NetDEF who is co?chair and co?initiator. My name is Ondrej Filip and the first point we need to talk about is the current agenda. So Martin, if you can ??

MARTIN WINTER: So we actually have a few slides here but the people who can handle the slides are missing in action.

ONDREJ FILIP: This is the first round so we have some technical problems.

MARTIN WINTER: We are the microphone support, we are just missing the video support. From that point of view. I can start talking about it in the hope that some people show up and we can talk from with more details ?? so we have a few first talks, we want to give you an update on where we are standing for the way for getting to our Working Group. And that will be the first thing, just to quick introductions, what it is and our idea is. And then going over, we have quick update from the RIPE on Open Source RIPE database software. Then we have after the quick versions of BIRD update, I think we may get ?? one moment, and we will see something magic happens now.

So first wave quick update, where we are standing on the way to the Working Group. Then we talk about the Open Source RIPE database. And like too far quick representation. Then we have BIRD, an update, some interesting changes, what has been done. Finally another quick talk about DHCP servers in BIND10. I am not even sure how you say that.

OK. And then finally, we have a round table here which we have a few people, including ourselves and basically, moderated by Nick Hilliard, talking a little bit from the supporting side which we want to discuss, bring up a few of the things like where it's standing, how it's supported, financially also from technical things and community part of you.

So that is basically the main agenda.

So, quick introduction to the Working Group on our way to it. So, this is basically ?? last year, basically, we had two times a BoF and Open Source. We had one first in Ljubljana and then we had a second one in Amsterdam and the idea was like, from the interest, hey, let's make that into a Working Group, let's make a Working Group where we can basically get a little bit better communication and coordination between people working in Open Source and the community using the Open Source. So this is specifically Open Source spot checks which are relevant to the ISP and the RIPE community, not any random spot checks. And the idea is for you to get better ID access to people working on and bringing feedback in and the Open Source they will help us to get access to hearing what is going on.

Tomorrow, at the plenary, there will be the final decision about this becoming a Working Group, so please attend the plenary tomorrow morning in the closing plenary, that will be the final session.

There is a mailing list already as decide the last year's plenary, it's not that visible, you can see it there. It's on the normal mailing list; however, as it's not an official Working Group it's not really listed yet. I hope once it becomes a Working Group it will be more visible.

So, that is basically up there, feel free to sign up. Not that many seem to know yet, it seems to be a hidden secret. And the last thing is we have a charter which is we had last time, we wrote it up last year, I can bring it up here, too.

So, which is quite long but it was kind of interesting discussion about what should be in there, and discussion came up with regard to have a bit more specific of examples to give you a good idea what the principle of the idea is on the Working Group, why we want to do this.

So this is still where it stands, if the proposed charter, I think we haven't come up with any better solution yet. If you think there needs to be things changed immediately talk about, but also, obviously, none of the charters have to be finalised, you can always change them later on.

ONDREJ FILIP: This charter was quietly, at least in the ?? quite widely discussed at the beginning, expressed they were using that. This is sort of compromised version after many discussions, if you want to add something, please do. And I would again outline the mailing list, we have about 50 people on the mailing list which is not bad but we would like to increase the number and especially to those mailing list are representations and agendas and everything, so if you can please join the mailing list if you are interested in the topic you would like to discuss now.

So that is all. And also, again, tomorrow there will be probably final decision about this Working Group, so if you like it, please come to tomorrow's plenary and possibly express your supporting view, if you wish, that would be very nice.

MARTIN WINTER: I want to add from the port checks, obviously Ondrej here is like a big support and work behind BIRD, I work behind Quagga, the idea is for this RIPE related Open Source products should be covered in there. And so, if you either involved in Open Source or writing on some code, I very welcome to join in and see how and what you want to do, how you want to present things, where you want to get there and if you as an ISP are using Open Source, please speak up, tell us too about what port checks are important to you, maybe we can try to get some of the people who may be not here like I mention here like NAGOS, which a lot of people here in the community are using and may be cool to get these, like to show up here, to talk about their ideas and where they are going and listen to your feedback directly.

ONDREJ FILIP: If there are any questions ?? not any questions or comments we can move to another topic which is a presentation.

OLAF KOLKMAN: So traditionally, it has been the case that many Open Source vendors in the DNS have presented their works and their features and so on in the DNS Working Groups. Is it the intention that all those efforts move to this potential Working Group or is some interpretation expected, what is your vision?

MARTIN WINTER: My view especially ?? DNS may be special case because there is an existing Working Group and that may be very well justified because if they have an active community at this time I would say if DNS has their own Working Group, I'd prefer if they use that time and basically continue working there and not present DNS related things in Open Source Working Group and keep the Open Source Working Group for bought checks which cannot justify the whole Working Group on its own.

ONDREJ FILIP: And I started this discussion with Peter Koch, one of the DNS Working Group chairman, well, there are many things that are related to DNS and today if you follow the DNS Working Group, or yesterday, I think, there were several presentations related to DNS and two Open Source projects presented, and one of them I think it was ?? they introduce a new way how to provision zones editing and deleting to me sounds like a protocol work and something definitely belongs to DNS. And there was another talk, we have an update of Open Source project, we speed up a little bit one of the operations and Daemon and that I believe that is not related to the DNS Working Group as a core of DNS to the protocol; it's about Open Source where we show what we have done and achieved and would like to discuss if there is some way for some improvement and what we can do in future. That is for me the ?? I agree with Peter and I am very happy to talk with any of the other Working Group Chairs, that we need not to probably write down but at least decide where are the borders. There will be some space for grey area that we probably will take just on you know, piece to piece basis on ?? you know, whatever presentation appears we can discuss it. But, I would like to make sort of agreement with the other Working Groups about this. For me it's protocol work and then the Open Source work on it.

SHANE KERR: ISC. I am also the IPv6 Working Group co?chair and I basically want to agree with everything you said. Within the RIPE Working Groups there is often a huge amount of overlap, I mean between routing and v6 and DNS and anti?abuse and these things are not isolated and it's not always clear where exactly these things lie but it turns out that all the relationship between the Working Group Chairs is cordial and friendly so you can just discuss it and try to figure out the best place, I think the examples you gave are spot on about where they would sit and things like that.

JOAO DAMAS: I agree with what you said and what followed up with Shane. It's not only the case that there is a ?? there is a Routing Working Group and that discussion does not seem to come up. I think if we did talk about and, some talks fall naturally to one side and others will fall to ?? I think there is no conflict.

ONDREJ FILIP: We have one interesting example, we will discuss about RIPE database if they are going Open Source which is, again, something that could be in the database Working Group. But I believe sort of that my gut feeling says it belongs to us now, just this announcement and it's not about the database feature at all.

MARTIN WINTER: Let's move on. We have first speaker, like Kaveh from RIPE.

KAVEH RANJBAR: My name is Kaveh from RIPE NCC. So, it's more of an announcement more than presentation so I only have one slide, I just wanted to announce that we have just recently Open Sourced new RIPE database code, it's released under BSD licence so you can use it as you wish based on the term of the licence which is really short as you know. It's about 230 K ?? K lines of Java code but more than like, about 55% of it is test code. And the bay we wanted to have the Daemon for maintainability and all of that reasons, running the code you only need I can't have have a and minuscule and get and may have been. Only with these four tools we can get the tool, build it and have it working for you. The main reason I thought it might be interesting for this BoF/Working Group is there are many ?? the system is modular and there are many modules which can be reused for different reasons, there is a very high performance IP table module which at the moment we import resources from all other ?? all RIRs including RIPE. So, and by average we have 15 million resources in memory and you can do all kind of queries up and down like get all the children or all the parents of the resources and they happen to, just milliseconds, like one or two you can do search over this huge table. So wave nice implementation that have which can be used for example in a BGP implementation if someone wants to do that in Java or for scalability we have a lot of system is completely independent but it can easily scale so you can add, maintenance tasks should be handled by only one machine or picked up. A lot of parsing code for IP address parsing, for doing checks and other useful feature is access IP access because we have some limits and there is a complete management system for access for ?? from different IP addresses from different networks. And finally, there is a very complete API base which can be reused in different projects. It can be easily modified, if we are running registry for names, we have most of the required things there, except the EPP but again the basis for even EPP is there because we have complete XML parsers and things like that. So it can be used in many different ways and we would be more than happy to help and/or provide information. And if you want to contribute, I suppose, please feel free to talk to me if you have any questions about that.

ONDREJ FILIP: Are there any questions?

AUDIENCE SPEAKER: It's not a question, I just wanted to add something. I guess there is nobody else. I just want to add we have also been asked ?? I am Miriam from the RIPE NCC ?? we have also been asked often to release the RIPE Atlas software, code, and we have done that recently, and we actually did three different things, the measurement code, has been published and the also the code that we used to analyse the data, the measurements data and do our summary statistics and that has been released and in addition to that, the BG play has now been integrated in the RIPE stat and the code is also available for that. We have been recently announced on RIPE Labs if you want to have some more background information about that.

ONDREJ FILIP: Thank you very much then, Kaveh, thank you.

So the next presentation will be done by Ondrej Zajicek is my colleague and the core developer of BIRD, the most important person in the BIRD development, about the Daemon Internet routing.

ONDREJ ZAJICEK: Hello, I am Ondrej Zajicek from cz.nic and I will be talking about Internet routing Daemon. You probably know, you probably could hear something about BIRD Internet routing Daemon on a RIPE several times. Just short overview. Is software implementation of routing protocol, it's supports BGP with PF and RIPE protocols, support for IPv4 and IPv6. And Linux and BSD kernel support. It is for free and OpenSource published under GPL.

BIRD has several advantages compared to alternative routing software. For one of the main advantages is the programmable filters which is completely ?? which gives freedom to configure any policy you want. It has clear and structured config files which you could easily. Multiple protocol instances and multiple routing tables which could be altered for many purposes like policy routing and that ?? very much possibilities.

It has automatic reconfiguration on the fly so could just, auto config file and ?? some minimal changes to bring the new configuration to life. It has extensive documentation compared to other software which is not often really well?documented. It has low memory and CPU requirements and it's brief and well structured, I hope at least.

There is some disadvantages, it's more project compared to ?? it has number of features and extensions. It has use interface configuration from Cisco which is disadvantage for people who are used to Cisco and advantage for people who don't like Cisco style of configuration.

It has strict separation of IPv4 and IPv6 so you have to two complete independent daemons with configuration for IPv4 and IPv6. You are going to have to compile if you don't install from distributions two times, one for repair and ?? one for IPv4 and IPv6. Last, have no multicast routing support now.

So one example, for filter, one filter example is BGP so you can see that you have some conditional expressions, some ?? you have some objects like prefix stats where you can match ?? oh, and modify ?? so you can have ?? you have some ?? you have this site with the route, accepted, rejected or you can modify any route attribute from the language.

We have deployments mostly in route servers and some content where it works and there are also many deployments in some small E SP which could use ?? oh, I ?? there are some small deployments in some smaller ISP routing software with PC routers.

So, we have some new version about a week ago and there are some ?? can you hear me or I have to speak more? OK. So there are some list of new version, new features in several of last versions. So, we have dynamic IPv6 router advertisements, when you can configure that if you have some route, for example a fault route in your routing table then you propagate route advertisement and the route disappears and you stop or start back to zero or for lifetime or such feature. So you have, for example, two independent routers, very different ?? with different up links and propagate, we have DNS support for IPv6 router advertisement, one of the ?? not really new but bit new feature. We have selective propagation of non?best routes which is feature important for route service where if you have several ?? route server with many clients then every client may want to filter some routers and in the traditional design you get a best router and filter it or you get best filter and filter it and don't get anything ?? any router ?? any part for that prefix. And selective propagation of non?best routes then the routes are sorted and you get the first router that is active to filter so you can reject few of this and then next ?? get next one. If, without this feature we have multiple routing tables each for one clearance to in this route, route service things.

The one next feature is one feature we implement based on some input from, from people on some ? I presented BIRD, its feature known to users, for example, Juniper, that you can enter a reconfig time out and if do you some error and you get, you have lost ?? then after 30 seconds the configuration is undone and you can fix it.

And next thing we have new is the lightweight BIRD control tool because BIRD is pretty small, about 300 kilobytes of size which is small wireless home routers which have very small flash size but control tool ?? pretty big library and it is used for things like history and that, but it's not problem on a PCs because everybody has that style but on such small holders it's significantly larger requirements for the BIRD so we have now lightweight BIRD control which we have also have looking glass tool, new looking glass tool which was the one I presented two days ago.

Next thing is the plans for current development. As I mentioned before, we have IPv4 and IPv6 ?? IPv4 and IPv6 and we no plan to do something ?? some integration to one which is not really important from the current features but it was limit for new features because many new features would need some integration, for example, if we, the next feature we have IS IS which is multi?protocol, just some kind of multi?address family design so one instance can work for both address families which is not really, which does not really work for in this case and another problem if you have some BGP session then it could implement ?? could transfer two separate address family which does not really work in the current state. For IPv6 integration, the second which ?? I think which is on our ?? in our current planned development is ISIS, there are also some requests ?? requests from users for this, and there are some features which are developed but not reemerged, there are some experimental stages, for example the other part of BGP which is patch for ?? it's extension for BGP which also to send several part for one prefix. It's current draft in IETF if I remember it correctly.

The second thing which, external developments, BGP Sec, it's kind of ?? it's kind of experimental state, I am not sure of which state it is really, but we received some patches on mailing requests. So it's probably developed in the current time. And there are also some patches, external developers from MPLS, VPN and route reflector, plan to do complete support for but ? it's currently limited by abilities that applies in a Linux and ?? of the shelf support for MPLS routing so it's currently used for route reflector.

So, I would like to briefly speak about the question: Why we want OpenSource routing Daemon when every ISP usually by some big vendor and it's not really possible to do, some 10 or 100 gigabit routing in PC boxes. Well, common answer is that, common answer is that there are three common answers, so there is PC based routers, for example if you have small ISP for up to one gigabit speed that you could do it by PC based routers, for example if you have ?? if you are not ISP but just some ?? just organisation which want 100 megabit or gigabit connection and some router there is no need to buy vendor production, you can configure Linux router. There is better routers which I mentioned that they often ?? they are sometimes ?? they could be acquired by the software routing daemons and traditional routing application is ?? traditional routing software with route servers and route reflectors. Platform innovation because it is easier to implement, for example some new protocols like OLSR or Babel in existing routing software and 2 or 3 times easier. And/or another possibility is try to convince some big lender like Cisco that you want to implement your new protocol. So these are platforms for new protocols and for new protocols extensions, so if you like to implement new protocols extension, for example BGP 6 or something similar, it's much easier to to do in current implementation from just to have implementation for new extension.

It can also work as experiment ?? platform for experiment like FBGA routers or OpenFlow based routers where the OpenSource or Daemons could work as control plain.

Another possibility: Scientific experimental purposes. For example, I a few weeks ago I wanted to measure how fast is routing table computation in RSB for some very big RSB project so after some hours I modified BIRD to create complete virtual topology about one ?? about thousands of ?? which propagated to another router and I could easily measure the time. So, and next thing is some possible or could be used as some control pay for equipment vendors. For example L3 switches have ?? has often very limited control planes so if they could use BIRD then it could have some more advantages.

And there are another underestimated applications for BIRD or on other source Daemon are not really routed, it could be some network topology applications. For example, intelligence http mirrors or redirecters, you could have some big project like ? they have many mirrors, some use donated bandwidth and they could have some connection to BGP and where ISP could propagate which users should use this mirror, then the mirrors could propagate to some central director and then could do some http direct based on the IP address of the requests, and based on area topology and current number of mirrors.

Another possibility on the network monitoring tools where you can scratch from your routers but another possibility is you integrate routing software with your monitoring tools and just connect BGP session to routers and acquire routes in your monitoring tools. And the issue is network is ?? network visualisation, connected to ?? get complete topology and do some visualisation of current topology.

Next possible application is the IP management, you can have a server with IP address which will direct propagate to some dynamic routing and they can migrate between physical with the IP address propagate to by some routing protocols. And the last which I could mention is application for Anycast propagation. If you have some DNS, for example, recursive DNS in your network then the innocence could not propagate /32 network of its IP address to the routing RIR and you have several DNS servers for your network and if one gets down, then it's automatic ?? then automatically moved for a different routers.

So we would the development is mainly based on user requests so we would like to know your feedback from you, for example, whether you are using what feature do you want or need and if you have some test case which you use or would you want to use and if you have some experience with this.

AUDIENCE SPEAKER: My last name is bird. I use it as a route server for couple of IXs and machine routes, there is one thing I would really like is for this CLI to be a little bit nicer. If it could be just a little bit nicer.

ONDREJ ZAJICEK: Yes. OK. We could speak about that.

JOB SNIJDERS: What you don't like about the CLI? I agree with you, it's very different from IOS style or JUNOS style, but it's not like I really miss stuff.

AUDIENCE SPEAKER: I may just not more practice with it.

AUDIENCE SPEAKER: I am using BIRD for several different things, there is one thing I miss, actually, to just be able to temporary configure static route through the C ?? so having chance to for study routing for example, add a prefix, for example for dynamic black?listing based on lock monitoring and say OK I want to blacklist single IP, just have ?? to the socket directly, I want to block hole this route now, and not reconfigure or parse to get it out of there, it's even more difficult in realtime. At least if you have quite a bunch of separate engines wanting to add or remove route so that is at least one answer to your question.

AUDIENCE SPEAKER: If you create a separate routing table in line, so the moment you put aesthetic routes on your Linux box in that table, you're done. But there will be a work around. It's a work around.

ONDREJ ZAJICEK: Well, we have some similar thing in ROA table, for AP K and we have design where we have set off static and reconfigured by config file and dynamic switch are set by command lines so perhaps we can do something similar to static routes in, static protocol.

MARTIN WINTER: We are kind of out of time.

Mate Peterson: I am one of those start?ups for using BIRD so thank you. Great to have some alternatives from some of the other software solutions out there.

MARTIN WINTER: So next, we have Thomas from ISC, he will be talking about DHCP.

TOMEK MRUGALSKI: I am Tomek, I will be talking about Kea, that is set of DHCP servers.

What is my adventure with DHCP, both my master and PhD was about DHCP v6, I wrote Dibbler, the project is already ten years old. So I have used to work for seven years at Intel. I joined a bit over ISC two years ago and right now, I am lead developer of BIND10 DHCP, and sometimes I am occasionally involved in ISC?DHCP.

So, what is Kea? So, perhaps I should start with explanation, why did we need rewrite of DHCP server. So the existing code is 17 years old, so the ?? it was completely different back then. Of course the Cody involved over time but there are some fundamental things that cannot be changed. Of course, over the time, the hardware changed so right now we have multicore CPU that are available to everyone, the way networks are working has changed, of course the protocol itself also evolved right now, we have DHCP 4 and 6, completely different mechanism available and are the expectations from the DHCP servers are different.

And of course, the development techniques for software development has changed.

Another reason to start with new implementation is that we are not really satisfied with the current performance (totally) and there are no easy things that can be done to improve the per forrance. Another issue with the existing implementation it's very Mondaylytic so everything is included in one binary. For example, if you want just to run DHCP 6 server and there are some issues in the code that are related DHCP 4, you still need to upgrade to new version, so and of course, if you have, if you are using a couple features and one of them fails for whatever reason, the whole server goes down.

And there are different issues with perhaps little less important. The documentation is let's say lacking. And the code is quite complex and it's very difficult to extend.

So we came with the idea to start with the clean design from scratch. So we decided to make DHCP implementation part of the framework. So the official name is bind 10 DHCP. However, this is very difficult to say, so we came with the short code name Kea. So Kea is the name of a parrot that lives in New Zealand. But it's a nice short name and easy to type and to remember. So it ?? the implementation shares many of the features with BIND and DNS, so in particular, it has on?line configuration, so every configuration parameter can be changed on the fly and the logging is the same, we are planning to also deploy statistics, it's not available yet but the statistics will be added in the near future. Of course, for us the performance is essential, the support for IPv6 is a first class citizen, it's not a late add on. So, the core is implemented in C plus plus, we are planning to have multi?core support. We already have switchable back ends, so right now we have full support for MySQL. There is some limited support for file support and we will develop support for different lack ends like SQ?LITE, and some others.

Another idea that we are working on is hooks. So basically this is a set of possible programme attic extensions that can be hooked into the different stages of the DHCP process. Of course, the implementation will be modular and we are already benefitting from the nice features in the BIND10 frameworks, resiliency, we have one of the model shots down for whatever reasons, BIND10 process just restarts it.

So, what is the current status:

So we have DHCP v4 server that supports the standard assignment operation, we have supported for direct and relayed traffic, so the direct is not yet tested; it's implemented in and passing all our unitests. So DHCP 6 we have support for the standard assignment, this time the direct is very well tested but the relayed one is, was just matched recently so again it passes our uni test but it's not extensively tested. So we are able to do other assignment, renew our release and expiration, we have on?line configurations, switchable back ends support for standard options, for custom options and it's possible to define new options.

So, we also have two other components in the solution. Another component is perb DHCP and all those three components are using common plus plus with is a library, it can do the regular operations that are expected from any of the DHCP tool like parsing packets for DHCP 4 and 6, parsing and generating packets options, also there is interface obstruction layer for defecting interfaces on any system right now we have support for Linux but we will add support for all the PSDs and solares shortly and it comes with SOCA management.

We understand that it's very important to have good documentation for the code because there is never a good time to stop development and spend couple months of developing the documentation so that is why we are developing the documentation from the day one. So and besides the users guide for Kea, we are also developing developer's guide for people who are interested in understanding how the code works internally.

So, right now we have many designs completed or and for use stages of completion. So, if you are interested, I encourage to to visit this page and there are links so, it would be great if you could comment.

OK. So let me talk for a couple of minutes about DHCP performance. So, what is the problem with DHCP performance? Usually vendors often provide performance results, look our server is so good it can handle thousand or 5,000 per second, so the issue with this is data is often not very legalistic so the point is that the most trustworthy is the data that you measure on your own and of course it's ?? there are aspects like your specific hardware limitations or other specific things circulated to your network so it's always better to measure it on your own. So, and with DHCP performance measurements there are many different things that you can measure so here we have the example transactions so you can measure the whole exchange for packets or perhaps you can measure just those two which are the more costly because the DHCP server has to do the actual assignment here. In some cases it's useful to measure the renewal because it's different type of operation performed on the database. And of course you can measure the direct traffic or perhaps traffic relayed through a relay.

So, about a year?and?a?half ago, so we tried to find a tool that would be suitable for us to measure the new implementation that we will be implementing but there are no alternatives. So there are some tools that are limited in capability or there are commercial alternatives that are hugely expensive and require dedicated hardware. So we needed a tool that is flexible, portable and basically can test any conform ant implementation. The tool that we developed is not specific to PI; if you have other DHCP servers you can also use it to test it.

So, the tool is right now is being shipped, together with source code but it's not ?? not tied very much to the bind 10 itself. So it's at least an OpenSource software right now ?? it is mostly usable on Linux but Solares will be added shorely, you can do two?way or four?way exchanges, you can define templates for the packets that are being sent. But this is not necessary. If you don't want to pay attention to those details you can just use the default values, you can sell parameters to Unicast multicast and there are lots of different parameters that you can tweak.

So, we have a couple new ideas, what we could develop in perf, the development basically stopped, we are hoping to support prefix delegation sometime, support relays in ?? extend customisation and improve the response validation.

OK. So, what are the performance results for the new implementation? So we have quite beefy servers, so there are perhaps not representative to an average implementation, but nevertheless the data that we got from the old implementation for DHCP v4, it's around 120 per second, for v6 is 1,500 per second, and for Kea it depends on the back end, so we found that the ?? MySQL is selected as a database. It's a bit over 1,100 or 1,000 for v6. However, we have different back end that is custom database in memory, so we haven't completed the v4 measurements but for the v6 we reached 8,000 per second so this is 32,000 packets exchanged per second. But basically this is not the upper limit that we could reach; we just stopped testing at this level. So the CPU usage was around 60%. So, we know that we can go up higher.

So what are the plans for Kea?

So in 2013, we will finish the direct for v4 traffic so it's the coding complete, we have unitest for it, it's just not tested yet. The same is for DHCP 6 relay, right now we are working on DNS Daemon and we think that we are almost finished the hooks designs, so the implementation will start shortly. We also plan to separate the DNS and DHCP build in BIND10 so if you are interested in building it should be much easier and extend support to other platforms.

So I have already talked about the hooks idea, so I think I will skip those slides. We have also many different features that we would like to work on. So, we are planning to add multi?core support, do prefix delegation, implement DHCP 4 and 6 failover once the standards are developed enough and we are considering different back ends.

OK. So if you are interested, this is a full OpenSource development model so the /TKPW*EUT repository is public so everything including tests and bug reports, you are welcome to submit patches and you can contribute in various ways.

OK. So that is about it. So, any questions?


AUDIENCE SPEAKER: Thank you. The slides that say current version or current status, is that 1%, 0, 11, repository.

TOMEK MRUGALSKI: That ?? from yesterday.

MARTIN WINTER: Any other questions? OK. Thank you.

So for the last part we have a panel now, we have like. So, I will be handing over the control of the panel to Nick Hilliard, he will be moderating the panel. Ondrej and myself will be actually taking part in the panel too as our normal regular function

NICK HILLIARD: Good morning, everybody ?? good afternoon, should I say. From INEX. And it is my pleasure to act as moderator for this panel discussion on OpenSource interaction within the community.

I think nerve this room probably is as OpenSource. Is there anybody who doesn't use OpenSource software here? Show of hands. We have got somebody from Google down there. No, no, Google don't use OpenSource software. I did a quick tally on INEX's systems yesterday afternoon and it turns out that we are using 500 separate packages. It was slightly surprising. It's quite a lot. The A time that has gone into developing that software has been very substantial and we considered ourselves quite privileged to be able to benefit from all of that. And we have taken it upon ourselves to feedback to the community because we believe in the OpenSource ideology and we believe in giving back what we have received.

We want to take this discussion a little bit further in terms of how to get a good rap pour and interaction between the people would use OpenSource software on the one hand, and people who produce OpenSource software on the other hand because both sets of people within the community have distinct sets of requirements, some of them produce open software because they wish to, they just like doing it; some of it doing it as part of financial means of supporting themselves. Similarly, everybody uses OpenSource software and I think it's pretty fair to say that all of our businesses depend completely on OpenSource software. If it were gone, if it weren't there, we would close?up shop and we would go away.

So, with that, I'd like to ask all of the panelists to introduce themselves. We have five people on the panel today, we have Martin Winter, Joao Damas, Olaf Kolkman, Dave Temkin and Ondrej Filip.

MARTIN WINTER: I work for NetDEF now which is actually my own company which I just recently started. You may know me from before working OpenSource routing at ICS, I do the same thing, working on Quagga, probably a few of us decided better ideas how to do it on our own. The key thing is obviously, the Quagga is ?? really community port check so we are one of the contributors in it, there are other people who work on Quagga on their own. I know somewhere here in the audience we have someone who works on the Quagga code too and we have ?? still OpenSource routing work on Quagga. But basically we are committing on getting Quagga in better shape. We want to see there is better alternative to the other routing platforms, and actually looking at routing Daemon fob their own hardware platform.

JOAO DAMAS: I work at ISC, it has been producing OpenSource since before it got its name. Basically, the things you are probably most familiar are with BIND and DHCP server. In particular the later ?? old one, now you have some information on the new one. We have historically done OpenSource to ensure that at least certain protocols in the Internet that everyone depends on, remain honest so to speak that, there are no, no incompatibilities being deployed and implemented out there. To a large extent that has been a successful effort and finally, the last years we have seen other people join the club which is really encouraging. It also helps keep us honest of course.

I think probably we will talk about what it takes to support OpenSource later. We have a bit of a strange or unusual model for our OpenSource development that we call Management OpenSource and that has created some issues, the community hasn't been as big as some grass roots based projects have been. But basically that is how we have been doing things and we will discuss those later.

OLAF KOLKMAN: I am with NLnet Labs, one of those recently founded parties that does more or less the same as ISC. Recently we have been funded in 2000 to work on OpenSource and open standards. We came into existence because of an endowment from selling one of the biggest ISPs ?? the first public ISP in the Netherlands whereby a foundation was the major shareholder. So that is ?? has been sort of the funding model for the decade that we have been in existence, that is subject to change now, I think we will talk about that. As I said OpenSource and open standards mainly those technologies that make a network out of networks on Internet and more specifically, we have been working on DNS code unbound and as the stuff we are most known for. But we also were involved in DNS and there is a whole spectrum of going from managed OpenSource to being a party contributor.

I think I will stick with that, we will probably get to further questions.

DAVE TEMKIN: Dave Temkin, your token American. I am with Netflix. We have actually interestingly enough, over the past few years, significantly transitioned from a world in which we were bound up in very proprietary code, things like oracle running on IBM powered PC which you can imagine the stack behind that and how incredibly proprietary tree that was. I am sure those of you who are familiar with the general goings?on in the community have heard about things like Netflix cloud prize and in general our usage of AWS and what comes along with that is a large amount of openness about how we utilise OpenSource software and fostering that community.

In our case, unlike a lot of other big players, we don't really see our software as being our define intellectual property so we don't really care if someone can spin off a replica of our streaming back end service or our website based on how transparent we are about our code because intellectual is how we licence content.

ONDREJ FILIP: And sometimes, I will speak in the head of cz.nic which is the registry of Of the domain, we as many domains do, had some surpluses in our financing so we asked our members to do what it then and they were very clever and decided to put all those money into OpenSource and to look trendy we named that part cz.nic labs and while this went quite far and we started a lot of the OpenSource projects so currently we have more OpenSource than the rest of the people taking care of the domain so we are sort of reasonably OpenSource that has some small domain operation attached to it. And we are doing a lot of projects basically every single line of code we write is OpenSource, the most visible are BIRD Internet routing, Daemon, implementation, I think yesterday you will see the looking glass but there is a lot more things, DNS NG and we also starting to clay with some OpenSource hardware so there is some more things to come. So that is basically it.

NICK HILLIARD: Thank you very much. I'd like to start off by asking a question, a lot of us have code that we have a back end of our systems, it's lying around the place; how can you take that code and transform it into an actual product with the community behind it and develop it? I am going to ask Ondrej about this because he inherited the BIRD source code which did a certain amount what have they needed, the code rotted quite badly, no community, very little documentation, how did you take that and build it into what it is today?

ONDREJ FILIP: The sound is not perfect here. Can you repeat the question? I'm sorry.

NICK HILLIARD: How did you take the elements of code for BIRD or for any of the other software projects that you handle as OpenSource and how did you turn them into products with communities behind them and with documentation and systems that people could actually download and install on, within their own companies?

ONDREJ FILIP: It's a good question and very complicated part because many of you know that doing some product ?? you know has 80% of the features is quite easy part and you spent a few days and it works and everybody is happy but to debug it and make a package on very many machines is complicated so we don't have any magic to that, it's a lot of work and we have the luxury that we are, you know, complete company, so we don't, you know, have problems with many things that other OpenSource developers have, we have professional testers that take care of the products, I wouldn't underestimate them, which is the web sides graphics, also some sort of marketing which is always necessary if you want to spread out the work you have. So that is a lot of work and unfortunately I hate the word, you have certain processes in the company to be able to fill that role. I started BIRD ten years ago, since that was just a voluntary work and there was no system, we created a lot of code lines but it has used still the moment that we took it systematically and started to work on it as a project. That will not work for us but work for the others. That was a huge leap that we had to make in our mindset to be able to deliver something like BIRD to the others.

NICK HILLIARD: Maybe Olaf could tell us about NLnet Labs' experience with some of the projects that they do, for example, NSD?

OLAF KOLKMAN: Yes, that experience is a little bit wider I would say. For NSD, so at NLnet Labs I think it's important to understand it was founded for research and development and took that fairly serious from the onset. With NSD, the history was that the folk at the RIPE NCC were running K?root and figured that having one biological strain of code would not be a good thing and so they set out to develop something new from scratch and since there were high expectations on the stability of that code we started, my predecessor started with fairly high standards on development. So, that was built from scratch as a product, immediately target for high end production. Unbound has a little bit of a different history. We came out with the same approach, biological diversity, so to speak, but also the development of working on DNSSEC codes so we could do interoperability tests and we ran into a group of people that had developed Java code, if you look at the unbound net page ?? NL net page you see those people listed and they had written a prototype which we took up and rewrote again with the idea of making that highly visible or highly stable and professional. We do have the luck that for that development work, we had the funding. Funded by Deanet Foundation and we could take that approach. So, the approach to the development of software has been towards high?end production systems from scratch. Other things that we have done, for instance on the other side of the spectrum there is the maintenance of net DNS which is much more community effort, where we are much sort of a coordinating role than writing the code ourselves. So we play the whole spectrum, I would say, with some products having a more high?end profile than others, so to speak.

NICK HILLIARD: Thank you very much. So I think what I am hearing from the two of you is that there is a substantial amount of resourcing and commitment required to bringing a project from its inception or even from a hand?over point to creating the community and everything behind it.

OLAF KOLKMAN: Yeah I would say that bringing a project from something that is just been posted on Github which has potential to something which can be used cross?industry in high availability environments, there is a lot of effort within ?? beyond that.

NICK HILLIARD: Good. From the user perspective, we all use software occasionally at breaks. I'd like to ask Dave on his opinions on what on earth Netflix does when something breaks badly, and it's OpenSource software and they have management screaming because something is broken; there is no escalation path necessary. What do you do? How do you handle the situation internally?

DAVE TEMKIN: So there is only so much that I am exposed to that actual side of the process, but there is multiple things. First of all, we have got extremely talented developers, generally we don't use a tool or package unless we are intimately familiar with it so no one is sitting on a box somewhere doing like random package and it goes into production. There is a lot of thought that goes into how we deploy all of our applications and the dependencies on them. If you read about how we deploy applications in the Amazon cloud, for example, when we do what most people consider to be an upgrade, we actually roll?out brand new hosts with the new version of application to it, do a quick test and blow away the old hosts. And so because of that, a lot of the QA work that is done in deploying that and being intimately familiar with it, avoids that problem. Otherwise, you know, we tend to get as close as we can to the vendors who support applications, OpenSource applications that we can, so great example is working with Ondrej for BIRD, you know, we are very close with the people who wrote engine X so we have supported the company that was spun up to do commercial support for engin X. We tend to make sure that when we rely heavily on a package like that, we give it the support that it needs to make sure that the, to some extent we are pioneers with it but we want to make sure that the rest of the community is benefitting from it and by that happening, we can be sure that everyone has eyes on the packages that we are using


MARTIN WINTER: I want to add something there, worked on ISP in the past it's amazing when people ask about the support issue and if you work in ISP and use some of these big Windows and run into a problem you probably all have the experience how long it may take you to get fixed, it may be months or years, even the code box in the past where it took like two years for them to even start working on them. So, it's on the OpenSource, you can go to the community or whoever is behind it and support and ask them, but there you actually have an alternative, you can either have the skills like people have at Netflix and you can go into it, because you think it's important and fix it and if you don't have the skills, there are lot of other people out there, you may be able to find someone out in the community or contact and pay them a little bit and get thingsed fix sod you have a lot more chances that have a timely fix compared to the normal big Windows.

Dave: To that point exactly, you know, I made reference earlier to the giant IBM and/orical more as that used to run Netflix until about two?and?a?half years ago. When it was open a ticket with, Oracle or whomever it may be, and wait and hope that they figure out how to fix it with the software has in place. It's completely transformed it to now if there is a problem with the OpenSource package, A, is there work around, no. B can we fix it and recome file real quick, is there some commercial entity out there that we can contract with to get it fixed and all of those things have dramatically brought down our meantime to repair. We are more stable in AWS at this point thank than we were in our data centre.

NICK HILLIARD: Could I ask Joao, the ?? writing the software that ?? how do you interact with the community in terms of accepting bugs, bug fixes, security issues and that?

JOAO DAMAS: Well, basically we have had this mailing list established for a long, long time where we receive a reasonable amount of input, we didn't go through them as time permits, depending, we tried to rehash things as they come in sear if they are serious or not. And try to address the serious ones first. And just like everything else, that has limited resource, some bugs that I perceived as being less interesting or less severe are left open for quite some time, I mean, in some cases it's ridiculous long time. But, that is just a reflection of the need to prioritise and get the most important things addressed first, right? Of course, then, it's a balance between the number of defects that are found and how many you can fix and how many you can fix depends essentially on how much resources you have available. And they come in different shapes

NICK HILLIARD: OK. So the resources that you have available, do you have specific clients or clients of clients, for example, you know, head red hat users or others who contract to the ISC for support, who shout loudly pay money and therefore bug fixes faster and how does that interact with accepting community fixes?

JOAO DAMAS: Traditionally that has not been the case. We would listen to everyone pretty much the same way except some people would be more forthcoming with their reports than others. People who pay for support tend not to be shy about asking for stuff whereas other people may be trying to cope with things themselves and not be as vocal. So, there is a bit of self?selection on the communication. Whenever there is a serious bug coming in it doesn't matter who reports it, we really take it seriously and it's addressed pretty quickly. There is a kind of reflection ?? a second part to the process which is what happens once we have identified, for instance, a big security bug, how do we report it back and address it and public the fix. And that is a little bit different also depending on the specifics of the package. BIND, for instance, is used around the world in name servers that you don't really want to go down at any time independently of whether they have contracts with us or not am and we do try to establish communication channels with as many of the people as possible. I mean, we have our route servers so we are in that community but also some of the TLDs and so on, some of these name servers really, really not want to?ing down because of the amount of people that would be affected so Rye to basically make sure that these people know us and we know them because in any human relationship, knowledge of the other party makes a big difference in how things are transmitted and how easy it is to transmit

NICK HILLIARD: Thank you very much. I'd like to ask the question: How can we make OpenSource developers continue writing the excellent quality code that they generally do? Maybe Martin would like to take this point up because he has been working on the OpenSource project for a while and now doing it at ?? what do you need in terms of feedback from the community, do you need resources, money, tickets to RIPE or NANOG, how can the community help you?

MARTIN WINTER: Part of it obviously is that a lot of the community here is working on volunteers. There are a few people who are lucky to getting paid for it but even then it's very slim margins if anything at all and most of it unfortunately OpenSource, people seem to be willing to pay for everything else but there is ?? OpenSource software which is very essential and they don't seem to have an issue to pay for it, when they ask for ?? they kind of ask the same way, demand it from another window ?? vendor, but not help out and the cool thing with OpenSource, you can support in different ways, some companies maybe feel nice to support some money towards the projects they are using so if you are using BIND or unbound or BIRD or something, you may have like a way to say hey, for me that is an essential thing and maybe I should support it. Maybe supporting some of the other things like open BGPD is an example, which I know some people used it. I know the people would love to come to RIPE too, but they don't have the money, they don't have the means to pay for the hotel here. So if you are using it, maybe it would be cool too, you could sponsor like that to come to a RIPE meeting and talk to it or maybe you can give them direct money or other resources so approach the projects you have and see what they need. Normally it's usually money and/or time or like support, feedback things, like in that direction so if you are using it, you find issues to report the thing. People actually listen, it doesn't matter if you pay or not, people listen to OpenSource community. You heard on bind, ISC doesn't care that much if you are paying or not if you are reporting a serious bug they will listen to you.

JOAO DAMAS: There is, I mean there is a discussion has been going on for a long time around OpenSource which has to do with the overload of the word "free" in the English language. There are a lot of people that use OpenSource in the sense it's free they don't have to pay for that. If that is their motivation it's practically possible to get anyone to contribute to the project, maybe fix a bug once in their life time, there is no other contribution. There are the people who like, when I heard from David here who see the usage of OpenSource as a strategic advantage in the fact that it gives them vendor independence, gives them better control, faster turn around for fixes and so on, those people are much easier to engage than the standard if you want to have continued involvement, you are going to have someone, need someone delegated to it and they are more willing to contribute.

OLAF KOLKMAN: Free as in freedom.

DAVE TEMKIN: You know a great example, I am not sure of this but I am guessing, Netflix is probably the largest deployed base of BIRD at this point. I think we have well over 1,000 appliances in the world running it. How many tickets have we ever opened?


DAVE TEMKIN: We have never opened a ticket, it works, it does what we need it to do. We are happy to support it in whatever way we can. We find that we hope that if we do the time does come that we need support it will be there. On top of that, if you look at how we are fostering or trying to foster the development of tools you know, Netflix cloud prize that we announced that I think running through September, where the idea that people don't, we know people don't get paid for a lot of this projects and do it out of the goodness of their heart, the idea of the cloud prize is that, we hopefully can get some of these people recognised, the people who sit at home, you know separate from their day jobs hacking away on code to make cool stuff work. If we can at least help that a little bit, we know that we have hopefully given people tools that they wouldn't otherwise had, maybe a tool that someone wouldn't have gone through the effort to release but did because they wanted it to be recognised and they thought that they could make at least a little bit of money doing it.

MARTIN WINTER: I want to add something, especially as I work on Quagga here, people say here to oh Quagga doesn't work especially BGP, it has issues, everybody complains about it and it doesn't work and that is why don't support it in any way. I talked to many people in here and they say yes we are still using it internally, all of our infrastructure depends on it, we have a lot of things modified, we haven't even figured out a way to submit the patches back to the community, which is kind of like strange, so they somehow depend on it but they are not supporting it. And I mean, they are risking the issue that the port checked which they depend on, may just die because nobody is supporting enough and they should actually think from the community that you want to support the port check, you depend on it. And you need somehow that it stays around for some time.

OLAF KOLKMAN: Maybe I am changing the topic a bit, but we are currently going through a transition of having a sugar daddy so to speak to finding needs for continuity. And for us, that is a search for what is a credible story for which people in our community are willing to write a pay cheque. The guys that developed the code need to be fed in order to allow for continuity, people do recognise that but on the other hand they do not want to give a blank cheque. So, we are trying to figure out what are the means in order to justify a money flowing in our direction. Support is one thing. Another thing is, for instance, demonstrated impact on what your product does and that, what I just heard, BIRD running in net flex and supporting a gigantic infrastructure, those are things that are incredibly strong marketing digs so to speak for the BIRD people and I think that in general, if you use OpenSource projects in your environment and they are suck successful in giving you business, that fact only, sharing that with the broader community, letting the people know who write that software, we are using this introduction, we have got these experiences, that is already very useful impact. And effect. Because it can show impact to sponsors, it can show impact to sponsers, it can show impact in several other environments that might help to give funding.

NICK HILLIARD: I think there is an issue here, if could I suggest it, that sometimes people want to contribute, they can't necessarily contribute code but they would like to contribute money. Who on earth do you pay the pay cheque to and how do you guarantee that that pay cheque is going to end up fixing the problem that you want or supporting the product that you needed supported? Is there any way that the community could set up bursaries? I mean, we have seen ow the Google summary code project has produced the most amazing results in a whole pile of different software products where ideas are submitted to a review board, they go out, people choose projects or apply for money, they get developers, things get done. Is there any way that we could replicate something like this within the RIPE community so funds and resources are made available?

OLAF KOLKMAN: Well, I am holding the microphone coincidentally but if you look at the people who are sitting at this stage now, the question of where to get money is relatively simple, because we all are backed by foundations, companies, legal entities that can engage in a contract, and either provide you with a support contract, a development grant or what have you. So, for the people at this table, I think where can the money flow is fairly easy. If it comes to, for instance, we have got to get up projects that are living in cyberspace with not well?identified people question becomes much more questions and I think that is where the Google code examples sort of plays in. If it comes to what you just said, how can we make sure that the people who do OpenSource, that is relevant to this community, get to speak to this community, I think there might be methods in order to facilitate that but that involves setting up governance structures and what have you but I could imagine that would be a very useful thing for the community, bringing the individual not, not a small entity to the venue.

JOAO DAMAS: Yes, just I mean, there are things like ? around here, the RIPE NCC itself has throughout the years hosted several students on summer or longer internships. Usually, they work inside the RIPE NCC and end up producing stuff, part of what they get back is of course the experience of working in a real environment. Tomek that was here before is currently engaged at least two or three students in the university in the city where he lives. So it's not uncommon for organisations, universities like have programmes for last year students or put undergraduate students to collaborating in this sort of thing.

TOMEK MRUGALSKI: So the issue with cooperating with the universities is that it's not something that you can rely on so we started five topics and out of those only one student is delivering useful code. Also it requires long?term commitment. So it's basically a process but it takes a lot of time to have useful results.

JOAO DAMAS: It's the same with the Google summer of code, I think OpenSource routing is currently engaged with at least two summer code. Takes attention and time. Hint hint things like this, student support and things, I think most of the time that is less, not really a way to get good cheap workforce, it's more for getting more people engaged on the port checks, like many of these have an issue too especially as a Quagga like very small amount of people who actually actively working on it and that is, I think that is the main benefit out of some of these events

NICK HILLIARD: OK. I'd like to throw this question open to the floor. Are there people in the floor who would be interested in funding OpenSource projects potentially through some bursary or through some sort of style of sponsorship, you know to bring developers to meetings like this so they can meet with their communities? Is that something that is going to work for you people? Because it seems, what it seems clear to me is that there are very, very substantial resourcing requirements in order to make OpenSource projects work. And in order to do that those resources need to come from somewhere, so there seems to be a synergy, users on the one side using it who have resources available to them, we all buy servers for 1,000 euro or 3 a piece or whatever or routers and on the other hand we have developers who need to be able to pay the rent and the mortgage and all that sort of thing.

AUDIENCE SPEAKER: I want to throw a question to the panel: Maybe crowd funding, like that maybe something that could help support or give money to development of new OpenSource or new features?

Dave: I am going to throw a question back out that way, in the question of form of an answer, which is that billion dollar companies are running a lot of this code that this community supports and so why are we talking about this like it's a charity? So why are we talking about it like oh, I really hope that someone will donate 100 dollars to write this code, this billion dollar company is going to run to continue to operate their business.

AUDIENCE SPEAKER: So I have a kind of comment or question: I have tried to engage with ?? tried to find developers to improve a certain package that I wanted so I am not talking about the scale or that you might be thinking about. But and if I find it actually quite difficult so either I had to go through ?? either I would try to contact whoever is maintaining that code and they may or may not be interested or I try to go independently to let's say freelancing type organisation like website market, so I do agree with your point that if there is a maybe a model where developers that are kind of familiar with certain packages and willing to put in sometime, if there is some way to kind of reach them and to actually pay them I think that would be very convenient and be able to support more and ??

OLAF KOLKMAN: I want to respond to that. If that is the case, if you have developers that are interested in certain package and that want to treat that package professionally, so to speak, then they need to have some continuity because otherwise they will be employed elsewhere, they will lose interest and the priority of the pay cheque, the mouth that is ?? the hand that is feeding gets the priority over the one?off person that gets into say can you make this feature. So, having ?? I think having institutions in place so to speak, is probably a better guarantee for continuity.

AUDIENCE SPEAKER: Are you suggesting that that all OpenSource development be done by full?time employees?

OLAF KOLKMAN: No, but it depends on the size of the thing you depend on. If things like MySQL serious pieces of software and, MySQL is maintained by a fairly big group of professional programmeers and I am not going to talk about my neighbour's software or my own.

AUDIENCE SPEAKER: Back to the Crown funding, there was a project neighbouring ?? for monitoring and the they crowd funded that and I think that is maybe, that is one company that is funded the whole project and on some stuff from the developer for that and I think that is maybe the point where the engineers who like to spend money on the projects can go to the boss and ask for money for the project.

DAVE TEMKIN: So actually, the company is in the room which is Atrollo, if I believe correctly. And so I think my concern with that is, I want to see like the actual proof, let's see what that turns out from a code quality perspective because basically it was put out there as pay us 5,000 dollars and request any feature you want and we will put that feature in and I am looking forward to seeing what the result is there. I will just leave it at that.

AUDIENCE SPEAKER: Carsten: Specificing privately. My experience with OpenSource software in big companies or even smaller companies is that sometimes the upper management doesn't understand the concepts and even OpenSource is around for a long time now, it's still they don't understand licences, they don't understand the models and that there are developers that need some money to work. What can we do? Is there any ideas?

MARTIN WINTER: So, that is actually a very classic example, even when I have discussions here between people and many times I talk also in the US to ISPs, are you using Quagga and the people look at me, no, we don't use it and a day later I talk to someone else at the company and I use a Quagga, yes we have to on our every server it's essential piece of our software and the other person doesn't know because somebody just download and installed it, the management have no ideas, the ones who right the cheques for all the supports and everything don't know about it. If you use OpenSource make sure your management knows that so if you are depending on some that have thing make sure the management knows about that and maybe even publically acknowledge it, that would be a good start.

AUDIENCE SPEAKER: I tried seven years now with not so much success.

OLAF KOLKMAN: But that is you talking to people around you, but I guess that the people in this room who work for the company could go to the top floor and say we use OpenSource and our community depends on it and we have continuity risks if it breaks down and there are methodologies, pay your company a bit for maintenance because I know you do that. So there is all kinds of mechanism by which the freedom of the software can be maintained and the freedom of the companies deploying that can be maintained and provide continuity. As long as that upper management knows there are some mouth that need to be fed

NICK HILLIARD: OK. Do we have any further comments from the floor? Do people ?? do people generally see that their organisation might be able to fund OpenSource software if there were, if there were suitable mechanisms for funding? Maybe we could have a show of hands or something like that to see how many people would be able to fund time, resources, money? Yes? No? We certainly have some.

OLAF KOLKMAN: I actually wondered, there are a couple of people who raised their hand in the beginning and didn't raise their hand now. And I am just curious, why?

NICK HILLIARD: I think we have established from, the point of view of the panel that resourcing is necessary. We have requirements for resourcing in the OpenSource world and there are some, certainly some people who are actively willing to contribute towards it and I think maybe if we could take home from this BoF what we are ?? the take home message would be that if we can try and work some towards mechanism of joining the two sides together to make the funding available, to make the resourcing available to the people who can produce the results then that would probably be a reasonable outcome.

SHANE KERR: ISC. So, this is our boot strapping of a BoF into a Working Group. Is it reasonable to think that maybe we could actually try to produce some output as a Working Group, some document or statement of trying to encourage people in this process, a statement from the RIPE community saying, OpenSource software is important for the Internet, it's important for businesses on the Internet, the things we discussed here, in order to do it right in some cases people need to get paid for it, and companies should be willing to do that. I think having such a document could help in these cases where people can't get support from their management.

NICK HILLIARD: And it's important because all of us use it without exception in this room.

OLAF KOLKMAN: I think that is a very good idea, but I hope that it is not the producers that will write the document but the consumers that will write that document.

SHANE KERR: That is a good idea. You are not only attractive, you are very smart, Olaf.

OLAF KOLKMAN: Make a picture.

AUDIENCE SPEAKER: Rob: Perhaps more relevant for this formerly ISC and formerly Eplock technology corporation, I have been on both sides, selling commercial software and doing OpenSource.

Back in my life as an embedded system developer for a commercial company, there is free software free as in speech, beer and puppy. We made a lot of money of free as in puppy, because we had people who'd show up in our ?? talking to us and say, oh, we are interested in your software but it's so expensive and we'd say, go with God, man, go and install the free stuff and come back to us when you need an upgrade. You might want to think about trying to tap that revenue stream. If you can make the OpenSource stuff keeping up with the free tours that the customers need and they don't go off to your commercial competition because oh, my God can cannot afford to open grade this stuff we need a contract. I don't know how much you can get out that have but there was a lot of money back in the day.

DAVE TEMKIN: Isn't that the model of red hat and ISQL, there is demonstrable model where that is exactly what people do.

JOAO DAMAS: Sometimes as have two strong opinions about why it should go and not go in the software and sometimes we ourselves need to listen more to what other people are asking as to make the software relevant.

RUEDIGER VOLK: For Shane's proposal for a list, I would suggest a list that kind of tells very specific packages that are kind of endorsed by the community and, well, okay, kind of I am living in environment where the official IT rules are not recognising all this stuff. I am quite sure the guys who are writing it are using it themselves. But on the other hand there are departments that really want to do business internally and kind of ?? kind of having an endorsed list of stuff that is considered quality and essential for operations by the community, I think can help to also open the money flow in some cases, it's clear, it's clear that list is not going to help all the tiny projects that are around but, well, okay. Using that list in some arguments, in some discussions as an example that well, okay, because it is coming out of that kind of effort, does not this disqualify already helps.

SHANE KERR: Responding to that. That idea makes me very, very, very nervous. I think, I don't think it's the role of the RIPE community to tell people which products they need to spend their money on. Basically.

RUEDIGER VOLK: No, it is not spend the money on, it is the stuff we are using suck successfully and ??

NICK HILLIARD: If you have a comment to make could you come up to the microphone so we have a record of what you are saying.

RUEDIGER VOLK: This is not supposed to be the suggestion on the first place spend your money here. It is this is the stuff that we are ?? that we have good experience with and in our context is recognised as being essential tool of a trade.

DAVE TEMKIN: What if my tool that I want to have endorsed by the RIPE community is fantastically killing puppies, or in the real example, what if I am using that to wire tap computers illegally? I can get that endorsed by RIPE? We all don't want to get into that business.
RUEDIGER VOLK: There may be cases where there are reasons not to put something on the list. But well okay.

NICK HILLIARD: Could I make an alternative suggestion and that is we discuss instead of specific applications that we might want to see on the list that we discuss perhaps instead of saying it's applications that would be any application but under certain types of licence, for example that they would be for example OpenSource initiative compatible licences? Does this seem reasonable as an alternative?

RUEDIGER VOLK: I never ?? I never wanted to spend time on figuring out the advantages and disadvantages of the various licensing models. I would ?? well okay, I would not put that somewhere on the stage actually. But well okay, kind of the licensing seems to me more of a concern for the authors than for the users. As long as kind of the general idea of open use is included.

MARTIN WINTER: When you say a list of software, I have a hard time with that because everyone in here may have a different list what they think is ? software. Classic example, I work on Quagga, they would never touch it, that works fine. Netflix looked at it and they decided bird was the right choice pour them too. Other people make Quagga right choice, so I have a hard time when you would recommend Quagga because quality. It may be quality or it may not work at all for you. And it's really depends on what would you do with it. So, it's a bit challenging but on the other side you already know what software you are using so you made that decision for you already. It's only now going to have and support these projects.

OLAF KOLKMAN: It goes a little bit back to what I said earlier about impact. It really helps if we can put on a web page this company, this company, this company and this company uses this software in production in bulk. And then you can go to your top management and says, hey, this other telco is using this software as well, they seem to be happy and then with the general piece of RIPE recommendation that using open software free done, diversity, open interfaces, the whole set of arguments that made his upper floor decide to go with open software, that together might be of great help to this community

NICK HILLIARD: Shane, you were about to make an aim for the microphone but you didn't.

SHANE KERR: Well, I think certainly in an OpenSource Working Group we love talking about licences. So I think it would be shocking to not want to talk about them. I don't think licences have that much correlation with the quality and relevance of any particular software, so it's kind of a gating function from the OpenSource point of view but it's ?? we have all used a lot of really crappy OpenSource software too, some of which I have written


DAVE TEMKIN: But it is important to some extent, you look at like us, like I mentioned we have a deployed, have BIRD deployed on thousands of free BDS appliances, if we are not cautious of licensing on that software and ship out a few thousands of them, someone gets angry with us and decides they are revoking that licence because it's not the one we thought it was, we are in big trouble.

NICK HILLIARD: Okay. Thank you very much. I think this is something that the community needs to take up and I very much like Shane's idea that we need to come out with some statement on what the community is doing with OpenSource licensing, or at least OpenSource software and how it's important to our businesses. Do we have a BoF mailing list at this stage that we can sign up to?

ONDREJ FILIP: Yes, there is a BoF maybe Working Group list, I think we announced it at the beginning of the session and I can't remember the URL because it's pretty long but I believe able to display it tomorrow during the plenary.

MARTIN WINTER: It's one of the official basically mailing lists, the only thing it's not yet announced on the RIPE website so if you go where the normal place where you would sign up, the list which is called OpenSource?WG for Working Group but assume once it's official Working Group it will be on the RIPE website so I hope that is just a matter of days.

NICK HILLIARD: Okay. I'd like to thank our panelists and for the people in the audience who participated. And with that I think we can close this session for today. So thank you very much.