From owner-freebsd-stable@FreeBSD.ORG Fri Mar 1 16:11:39 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D6D66D21 for ; Fri, 1 Mar 2013 16:11:39 +0000 (UTC) (envelope-from karl@denninger.net) Received: from fs.denninger.net (wsip-70-169-168-7.pn.at.cox.net [70.169.168.7]) by mx1.freebsd.org (Postfix) with ESMTP id 9FA6078A for ; Fri, 1 Mar 2013 16:11:38 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by fs.denninger.net (8.14.6/8.13.1) with ESMTP id r21GBdZb053668 for ; Fri, 1 Mar 2013 10:11:39 -0600 (CST) (envelope-from karl@denninger.net) Received: from [127.0.0.1] [192.168.1.40] by Spamblock-sys (LOCAL); Fri Mar 1 10:11:39 2013 Message-ID: <5130D336.3000004@denninger.net> Date: Fri, 01 Mar 2013 10:11:34 -0600 From: Karl Denninger User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130215 Thunderbird/17.0.3 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Musings on ZFS Backup strategies References: <5130BA35.5060809@denninger.net> <5130CD1C.90709@denninger.net> In-Reply-To: X-Enigmail-Version: 1.5 X-Antivirus: avast! (VPS 130301-0, 03/01/2013), Outbound message X-Antivirus-Status: Clean Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Mar 2013 16:11:39 -0000 On 3/1/2013 10:08 AM, dweimer wrote: > On 03/01/2013 9:45 am, Karl Denninger wrote: >>> >>> I briefly did something like this between two FreeNAS boxes, it seemed >>> to work well, but my secondary Box wasn't quite up to par hardware. >>> Combine that with the lack of necessary internet bandwidth with a >>> second physical location in case of something really disastrous, like >>> a tornado or fire destroying my house. I ended up just using an eSATA >>> drive dock and Bacula, with a few external drives rotated regularly >>> into my office at work, rather than upgrading the secondary box. >>> >>> If you have the secondary box that is adequate, and either offsite >>> backups aren't a concern or you have a big enough pipe to a secondary >>> location that houses the backup this should work. >>> >>> I would recommend testing your incremental snapshot rotation, I never >>> did test a restore from anything but the most recent set of data when >>> I was running my setup, I did however save a weeks worth of hourly >>> snapshots on a couple of the more rapidly changing data sets. >>> >> I rotate the disaster disks out to a safe-deposit box at the bank, and >> they're geli-encrypted, so if stolen they're worthless to the thief >> (other than their cash value as a drive) and if the building goes "poof" >> I have the ones in the vault to recover from. There's the potential for >> loss up to the rotation time of course but that is the same risk I had >> with all UFS filesystems. >> >> I've tested the restores onto a spare box and it appears to work as >> expected... >> >> Thanks for the comments! > > Yes, good point on the Geli encryption, I do that as well on my > external backup drives, didn't think to mention that in the last > post. I have considered the safe-Deposit box as well, but our office > building at work is fairly well secured seeing as it houses the main > data-center for our company, doors locked 24 hours a day, with > electronic locks that log all entries. Its also an old brick and > concrete building, that has survived a direct Tornado hit about 15 > years ago with only very minor cosmetic exterior damage, to the awning > over the front stairs and the Company logo above it. I feel fairly > secure in keeping the disk drives there, and if ever need my offsite > backup at 3:00am I can go get it rather than be stuck waiting for the > bank to open. > I keep two copies on-site (rsync'd from one to the other), both offline when not actively being written to, and rotate the second with one in the vault. When the vault copy is rotated on the next cycle it is sync'd automatically. So I have two shots at a restore on-site all the time; the "last chance" one is in the vault in the event the building is destroyed and if that happens the delay until the bank opens is probably the least of my problems. -- -- Karl Denninger /The Market Ticker ®/ Cuda Systems LLC