From owner-freebsd-questions@FreeBSD.ORG  Wed Oct  9 04:43:58 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id E2FD7C9D
 for <freebsd-questions@freebsd.org>; Wed,  9 Oct 2013 04:43:58 +0000 (UTC)
 (envelope-from yudi.tux@gmail.com)
Received: from mail-la0-x232.google.com (mail-la0-x232.google.com
 [IPv6:2a00:1450:4010:c03::232])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 728DC290B
 for <freebsd-questions@freebsd.org>; Wed,  9 Oct 2013 04:43:58 +0000 (UTC)
Received: by mail-la0-f50.google.com with SMTP id gx14so220443lab.9
 for <freebsd-questions@freebsd.org>; Tue, 08 Oct 2013 21:43:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=T+Tdc6Rgd+bZZSoNNJRLLkOEq36Jym3UrQJ0axWZN70=;
 b=VqhPEzcZ8gOMuAFZWBpdC2z/3Xix5qD6mf67x0/PcrfzN+Osm44/5cnIDWFOF9l2y8
 rXpzMKe4eo+6hPwWcKH5YzvQ2eOQujx/UlQn8O6c2TC9tDUep2y0WYiuuJm5E2xpWWPr
 i9wOfaDtHIycf9Kfhj8y9cfAQy3qzv2kLRUqmlHCQpOpRSHdbiATVj3N73F/4sfrjzd/
 i0YkfenhPnNpS3Qs1jhACa2hDWguQNyqgt5jYi8JpYKF7DiRhRV5JKVTLa+VC/IEY5XL
 G1ta/Aes0hR2G5GD69O35QIDcKKJu1rDSr7EVVveHBRin+KVi3eYxTM3EYlryOSk7so5
 EHBw==
MIME-Version: 1.0
X-Received: by 10.152.3.42 with SMTP id 10mr4651030laz.22.1381293836465; Tue,
 08 Oct 2013 21:43:56 -0700 (PDT)
Received: by 10.114.82.4 with HTTP; Tue, 8 Oct 2013 21:43:56 -0700 (PDT)
Date: Wed, 9 Oct 2013 14:43:56 +1000
Message-ID: <CACo--mtCxL1TPuACind8VsaFmA+7jB1Hxu0+5Pviauo=mV0vOA@mail.gmail.com>
Subject: Geli and ZFS
From: yudi v <yudi.tux@gmail.com>
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2013 04:43:58 -0000

*
*
------------------------------
 There are few different ways to set-up geli with ZFS. I just want to get
some opinions (benefits and disadvantages) about the below two options


*First option*: (most commonly encountered set-up)

Have geli on the block device and ZFS on top of the geli provider.
*
Second option:*

Create a ZFS Volume on a block device, then create geli provider on top of
the ZFS volume, and finally, ZFS datasets on top.

Generally, it's recommended to let ZFS manage the whole disk if possible,
so I was wondering if the second option is better.
I will be using couple of 3TB HDDs mirrored for data and want to encrypt
them.

I am hoping someone with an in-depth understanding of ZFS will be able to
offer some insight.

-- 
Kind regards,
Yudi