From owner-freebsd-stable@FreeBSD.ORG Tue Apr 17 01:44:02 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A48971065676 for ; Tue, 17 Apr 2012 01:44:02 +0000 (UTC) (envelope-from andriy@irbisnet.com) Received: from nm15-vm0.bullet.mail.sp2.yahoo.com (nm15-vm0.bullet.mail.sp2.yahoo.com [98.139.91.208]) by mx1.freebsd.org (Postfix) with SMTP id 7077D8FC12 for ; Tue, 17 Apr 2012 01:44:02 +0000 (UTC) Received: from [98.139.91.66] by nm15.bullet.mail.sp2.yahoo.com with NNFMP; 17 Apr 2012 01:43:56 -0000 Received: from [98.139.44.88] by tm6.bullet.mail.sp2.yahoo.com with NNFMP; 17 Apr 2012 01:42:56 -0000 Received: from [127.0.0.1] by omp1025.access.mail.sp2.yahoo.com with NNFMP; 17 Apr 2012 01:42:56 -0000 X-Yahoo-Newman-Id: 400682.20986.bm@omp1025.access.mail.sp2.yahoo.com Received: (qmail 34112 invoked from network); 17 Apr 2012 01:42:56 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1334626976; bh=Phsf2+o6aPgaQq/RAgqNusWSYhDRIVlRFc6whfIi08s=; h=X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Received:Subject:Mime-Version:Content-Type:From:X-Priority:In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id:References:To:X-Mailer; b=0w3g3CWOs6KW9lskLEqW13MBQixocxl6xs+gqDOZt01vEZ89gvkOyaKN7J5yEcjWLJdIQ89hsDp4NM/6qlFQOn89ruPxYGfEclCRWyE3dfChRHG2gud34RfD/XBp9KjF4TThu/OP2pHRal5tka8niQOb0QgUpWRXvteHK2vmgxI= X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: WqJ6IQoVM1kYDd6INDLX0suRFl3JBVhbrmIouiwZLczr207 F.NHHpJ6Bmnd4aTj3clfZ8Tay3DtKrdpD6zVuqtoQ5Q.yduLrux97D0VW3Zv 1jijhc8rjsUKhYejOzlKo77Km4N8TdfH6_cQ2Cb3KYNynZqIgXZNqS6yv97o CpAar3.Gr9qZM17uu2fV4xoYZ7TBqlJcdNJm4JIPPmaV_pqkHzSHzavPVaC2 jxF6Q_1xqC4zBynT79udUD3kWnlkOD4fj5rBaHYWvUpJrSFvjgx85ob0pqf6 fsctPO7MtP4Uqkyrajdgrd3DGOp0IRmYwqxflVQ2L8f4y3PP3o4ape1pXRUf bA.coFmZa8AO_30UT6MKRsWxbPOeLuUKDwDmwsQCwsE7wARwvJwdXDT09uQo sOmDaFW92fKBL1l53pohWO1j6TfDQybycrtlD8L2ww1y_lDdwXSFk3bjOKDo ExSzRZxgAApDygBpkK0U4XjXaEMhYIYjM6Vypbfe6bLxOQ2Skc7O_bI897Hc jJI5GBZ_gGtUWRiaN3D9jZLpI357yhi3XSj2q9OqA3UcMbOhU1dimr4RE.Ke 5JIA7j4VeOmxnKM3doC7X3Dn21oV4BL7lU51k6GlspbRPvx87UinKurkVrh2 c4xATpAAd37r.3wyFjmt33g7S3frgUQzGIoxOLkXIL4rGQGcg1XmrdFoYj85 bKRBY5lUxrM4- X-Yahoo-SMTP: dz9sigaswBA5kWoYWVTZrGHmIs2vaKgG1w-- Received: from smtp.irbisnet.com (andriy@174.113.73.248 with login) by smtp108.rog.mail.gq1.yahoo.com with SMTP; 16 Apr 2012 18:42:55 -0700 PDT Received: from pollux.irbisnet.com (pollux.local [192.168.0.6]) by smtp.irbisnet.com (Postfix) with ESMTPSA id 404453019D; Mon, 16 Apr 2012 21:42:54 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1257) Content-Type: text/plain; charset=iso-8859-1 From: Andriy Bakay X-Priority: 3 (Normal) In-Reply-To: <090f695268b53508b424fde0025497bd.squirrel@eternamente.info> Date: Mon, 16 Apr 2012 21:42:53 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: <26CF73B3-11CA-4199-9B2C-EE7824041BB0@irbisnet.com> References: <090f695268b53508b424fde0025497bd.squirrel@eternamente.info> To: Nenhum_de_Nos X-Mailer: Apple Mail (2.1257) Cc: freebsd-stable@freebsd.org Subject: Re: Any options on crypt+zfs ? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Apr 2012 01:44:02 -0000 On 2012-04-16, at 13:32 , Nenhum_de_Nos wrote: > hail, >=20 > I have a soekris running an atom and 2GB RAM and ZFS using 7 drives, = small capacity though, to > test and study if I can make my home server this box and this way. It = will be a simple server, > three users tops. >=20 > I followed the handbook and made the geli step on the disks: >=20 > Geom name: label/zfs1.eli > State: ACTIVE > EncryptionAlgorithm: AES-XTS > KeyLength: 128 > Crypto: software > UsedKey: 0 > Flags: NONE > KeysAllocated: 38 > KeysTotal: 38 > Providers: > 1. Name: label/zfs1.eli > Mediasize: 160041881600 (149G) > Sectorsize: 4096 > Mode: r1w1e1 > Consumers: > 1. Name: label/zfs1 > Mediasize: 160041885184 (149G) > Sectorsize: 512 > Mode: r1w1e1 >=20 >=20 > all disks are this way (just 4 disks are on geli zfs). >=20 > would it be faster, if I had geli over zfs, and not the other way (as = is now) ? >=20 > my performance is too low (I know the hardware is not that much, but I = compared it to a friend's > arm based AP-Router gadget and my setup is when much equal. I have 1.6 = GHz Atom and 2GB ram, he > has not half this ... I know can't compare arm and x86 clock for clock = ...) >=20 > I'll try to run geli on single disk, to see how much ZFS is impacting = on performance, but, is > there any other way around ? All I want is RAID5, and FreeBSD has not = developed RAID5 from GEOM > (AFAIK) since a long time. ZFS is the way people go in recent years. >=20 > suggestions are welcome, just want to upgrade my old 8.0 BETA3 using = geom mirror/stripe to a newer > approach that would be supported by FreeBSD. >=20 > I have an external enclosure for 4 SATA disks (port multiplier = included) using 4 disks, another > port multiplier 5x1 using now 3 disks, and: >=20 > ahci1@pci0:13:0:0: class=3D0x010601 card=3D0x10601b21 = chip=3D0x06121b21 rev=3D0x01 hdr=3D0x00 > vendor =3D 'ASMedia Technology Inc.' > class =3D mass storage > subclass =3D SATA >=20 > with two eSATA to the Port Multipliers. >=20 > thanks, >=20 > matheus >=20 > machine: > ACPI Error: A valid RSDP was not found (20110527/tbxfroot-237) > Copyright (c) 1992-2012 The FreeBSD Project. > Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, = 1994 > The Regents of the University of California. All rights = reserved. > FreeBSD is a registered trademark of The FreeBSD Foundation. > FreeBSD 9.0-RELEASE #0: Wed Apr 11 13:04:15 BRT 2012 > root@macgyver:/usr/obj/usr/src/sys/net6501-amd64 amd64 > ACPI Error: A valid RSDP was not found (20110527/tbxfroot-237) > CPU: Genuine Intel(R) CPU @ 1.60GHz (1600.04-MHz K8-class CPU) > Origin =3D "GenuineIntel" Id =3D 0x20661 Family =3D 6 Model =3D 26 = Stepping =3D 1 > = Features=3D0xbfe9fbff > = Features2=3D0x40e3bd > AMD Features=3D0x20100800 > AMD Features2=3D0x1 > TSC: P-state invariant, performance statistics > real memory =3D 2147352576 (2047 MB) > avail memory =3D 2046488576 (1951 MB) > MPTable: > Event timer "LAPIC" quality 400 > FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs > FreeBSD/SMP: 1 package(s) x 1 core(s) x 2 HTT threads > cpu0 (BSP): APIC ID: 0 > cpu1 (AP/HT): APIC ID: 1 > ioapic0: Assuming intbase of 0 > ioapic0 irqs 0-23 on motherboard > kbd0 at kbdmux0 > ACPI Error: A valid RSDP was not found (20110527/tbxfroot-237) > ACPI: Table initialisation failed: AE_NOT_FOUND > ACPI: Try disabling either ACPI or apic support. > cryptosoft0: on motherboard >=20 > --=20 > We will call you Cygnus, > The God of balance you shall be >=20 > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? >=20 > http://en.wikipedia.org/wiki/Posting_style > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to = "freebsd-stable-unsubscribe@freebsd.org" The ideal solution will be ZFS with crypto support, but unfortunately = this is only available on Oracle Sun 5.11 for now. The GELI is very good, but it is mostly for single device/file image = encryption. Each new GELI device in the ZFS mirror/RAIDZ configuration = will add extra overhead. GELI on top of ZFS volume/file-backed will be even worse. You could consider PEFS from ports on top of any ZFS pool. PEFS is a = kernel level stacked cryptographic filesystem for FreeBSD: http://www.freshports.org/sysutils/pefs-kmod/ http://wiki.freebsd.org/PEFS https://github.com/glk/pefs P.S. ZFS RAIDZ1/RAIDZ2 pool is more sophisticated solution than = RAID5/RAID6.