From owner-freebsd-stable@FreeBSD.ORG Fri May 29 08:44:33 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F40DB106566C for ; Fri, 29 May 2009 08:44:32 +0000 (UTC) (envelope-from dan.naumov@gmail.com) Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.28]) by mx1.freebsd.org (Postfix) with ESMTP id B1C598FC0A for ; Fri, 29 May 2009 08:44:32 +0000 (UTC) (envelope-from dan.naumov@gmail.com) Received: by yx-out-2324.google.com with SMTP id 8so3126257yxb.13 for ; Fri, 29 May 2009 01:44:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=6zsX6l5cdQuDShORFwFrqt+BNffFdnLl7ri7VSRI2YE=; b=rU0WMYPStB7lk3DLMFUegQUe7q7XfkCqCpCPSsKQF35beZZJmp3lDfiZHOdCH7qkzi dST0vjVQRcUhtChrjRcPhwNF3n0toSqdGggRvVT77+uFfVzMuCCjmMFhT1nTXm9TPvkX DpN3fJdFX/kRK+EOvVk5bvP8kgjkcuECFUjco= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=uSUY90hmviG0ZHkESOcb99SSGoM8oJahxGNy8kC6lHB1dcC5pFSH2blzILjiT0ldbC +HHC2F9b6ADPyhVo4BBg7vfusgM8M4D5hcPxz6a3tkBLPkiobi0EcyFiWmSVgtUe4fOB XtB7g0k/su516nKKqpp0EAi98PaZvYY7NfZrc= MIME-Version: 1.0 Received: by 10.100.41.9 with SMTP id o9mr3158535ano.155.1243585184860; Fri, 29 May 2009 01:19:44 -0700 (PDT) Date: Fri, 29 May 2009 11:19:44 +0300 Message-ID: From: Dan Naumov To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: ZFS on top of GELI / Intel Atom 330 system X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 08:44:33 -0000 Is there anyone here using ZFS on top of a GELI-encrypted provider on hardware which could be considered "slow" by today's standards? What are the performance implications of doing this? The reason I am asking is that I am in the process of building a small home NAS/webserver, starting with a single disk (intending to expand as the need arises) on the following hardware: http://www.tranquilpc-shop.co.uk/acatalog/BAREBONE_SERVERS.html This is essentially: Intel Arom 330 1.6 Ghz dualcore on an Intel D945GCLF2-based board with 2GB Ram, the first disk I am going to use is a 1.5TB Western Digital Caviar Green. I had someone run a few openssl crypto benchmarks (to unscientifically assess the maximum possible GELI performance) on a machine running FreeBSD on nearly the same hardware and it seems the CPU would become the bottleneck at roughly 200 MB/s throughput when using 128 bit Blowfish, 70 MB/s when using AES128 and 55 MB/s when using AES256. This, on it's own is definately enough for my neeeds (especially in the case of using Blowfish), but what are the performance implications of using ZFS on top of a GELI-encrypted provider? Also, free free to criticize my planned filesystem layout for the first disk of this system, the idea behind /mnt/sysbackup is to take a snapshot of the FreeBSD installation and it's settings before doing potentially hazardous things like upgrading to a new -RELEASE: ad1s1 (freebsd system slice) ad1s1a => 128bit Blowfish ad1s1a.eli 4GB swap ad1s1b 128GB ufs2+s / ad1s1c 128GB ufs2+s noauto /mnt/sysbackup ad1s2 => 128bit Blowfish ad1s2.eli zpool /home /mnt/data1 Thanks for your input. - Dan Naumov