gmirror and geli integrity check
Christian Baer
christian.baer at uni-dortmund.de
Sun Apr 8 19:47:03 UTC 2007
Hi peeps!
A while ago I set up a Sun U60 with two filesystems, that were mirrored
and then encrypted with geli with data integrity check on (init -a).
This was done in exactly *that* order (first the mirror, then geli).
Now I am having second thoughts about this altogether...
The reason is that the combination of these two functions is to protect
information from other people and from loss through hardware failure. I
did the init with -a so that I could easily *find* broken data. I am not
concerned that this machine will be somehow manipulated so that I need
to find out if someone has been tampering with my data. This was for
protection against lost though a hardware problem alone.
What happens if one drive breaks down or has a broken sector? Will this
combination help me to save data or to detect the broken sector? Or will
it cause more problems than it could solve?
The reason for my worries is the fact that the mirror was created first.
If one filesystem was created first and this filesystem were mirrored
(in doing so, forcing both filesystems to be encrypted seperately), the
integrity check would work for both filesystems and thus for both
drives. A broken file system could be identified easily. But what
happens if one of the drives in the mirror is broken? Would I be able to
identify the broken one?
Regards and happy Easter!
Chris
More information about the freebsd-geom
mailing list