From owner-freebsd-stable@FreeBSD.ORG Sun Mar 18 17:37:30 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6C6F7106566B for ; Sun, 18 Mar 2012 17:37:30 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay02.ispgateway.de (smtprelay02.ispgateway.de [80.67.29.24]) by mx1.freebsd.org (Postfix) with ESMTP id EB4C58FC08 for ; Sun, 18 Mar 2012 17:37:29 +0000 (UTC) Received: from [109.84.90.253] (helo=fabiankeil.de) by smtprelay02.ispgateway.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1S9K1x-0007tb-22 for freebsd-stable@freebsd.org; Sun, 18 Mar 2012 18:36:33 +0100 Date: Sun, 18 Mar 2012 18:35:11 +0100 From: Fabian Keil To: freebsd-stable@freebsd.org Message-ID: <20120318183511.7eba9b07@fabiankeil.de> In-Reply-To: References: <20120307174850.746a6b0a@fabiankeil.de> <20120309152253.17a108c2@fabiankeil.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/7/643+MIPnBei0zG2g1A_MD"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Subject: Re: FreeBSD root on a geli-encrypted ZFS pool X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2012 17:37:30 -0000 --Sig_/7/643+MIPnBei0zG2g1A_MD Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable "Matthew X. Economou" wrote: > Fabian Keil writes: > > Anyway, it's a test without file system so the ZFS overhead isn't > > measured. I wasn't entirely clear about it, but my assumption was > > that the ZFS overhead might be big enough to make the difference > > between HMAC/MD5 and HMAC/SHA256 a lot less significant. >=20 > Got it. That also makes sense. I'll put this on my to-test list.=20 Great. =20 > > I'm currently using sector sizes between 512 and 8192 so I'm not > > actually expecting technical problems, it's just not clear to me > > how much the sector size matters and if 4096 is actually the best > > value when using ZFS. >=20 > The geli(8) manual page claims that larger sector sizes lower the > overhead of GEOM_ELI keying initialization and encryption/decryption > steps by requiring fewer of these compute-intensive setup operations > per block. I think the setup operations per block should stay the same, but the total number of setup operations decrease if(f) increasing the sector size decreases the number of sectors required to write the data. That however should depend on the data and I don't see why increasing the sector size should always be an improvement. Geli can't read or write less than a sector, so if the workload is randomly reading or writing a few hundred bytes, a sector size of 512 bytes should be superior to a sector size of 4 kB. Probably a sector size of 4 kB is good for some workloads, but clearly it can't be the best for all, and it's not obvious to me that it's the best for most. Fabian --Sig_/7/643+MIPnBei0zG2g1A_MD Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk9mHNMACgkQBYqIVf93VJ0PrwCfV4EpKP+Ax9/QfE7ThmR2vLfx KI0AniN8fRkPSvbnKKwykX0xdx9x+miA =Y3Kl -----END PGP SIGNATURE----- --Sig_/7/643+MIPnBei0zG2g1A_MD--