From owner-freebsd-questions@FreeBSD.ORG Mon Apr 6 14:19:43 2009 Return-Path: Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2EA21065688 for ; Mon, 6 Apr 2009 14:19:43 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [IPv6:2a01:170:102f::2]) by mx1.freebsd.org (Postfix) with ESMTP id 4996A8FC1E for ; Mon, 6 Apr 2009 14:19:43 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.3/8.14.3) with ESMTP id n36EJI0C047212; Mon, 6 Apr 2009 16:19:42 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.3/8.14.3/Submit) id n36EJIsB047211; Mon, 6 Apr 2009 16:19:18 +0200 (CEST) (envelope-from olli) Date: Mon, 6 Apr 2009 16:19:18 +0200 (CEST) Message-Id: <200904061419.n36EJIsB047211@lurza.secnetix.de> From: Oliver Fromme To: freebsd-questions@FreeBSD.ORG, modulok@gmail.com In-Reply-To: <64c038660904051158s56ef5e82m51ca3c545770487@mail.gmail.com> X-Newsgroups: list.freebsd-questions User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.4-PRERELEASE-20080904 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Mon, 06 Apr 2009 16:19:42 +0200 (CEST) Cc: Subject: Re: gmirror THEN geli, correct? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@FreeBSD.ORG, modulok@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Apr 2009 14:19:44 -0000 Modulok wrote: > I'm looking for a confirmation on the order: When setting up a (root > partiton) gmirror+geli, what is the propper order? e.g: gmirror the > disks and THEN initialize geli on the /dev/mirror partitions? Is this > correct? You can also do it the other way round. Both ways are possible and have different advantages and disadvantages. I think most people install gmirror first and put geli on top of it. The advantage of this is that it's more efficient, because data passes through geli only once for encryption when writing to the mirror. If you install geli first on both disks and then put gmirror on top of both geli instances, all data has to be encrypted twice when writing to the disk (for reading it doesn't make a difference), so it is less efficient. However, this setup has the advantage that gmirror will correctly detach one drive when its geli instance detects data corruption (if integrity verification is enabled). Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "If you aim the gun at your foot and pull the trigger, it's UNIX's job to ensure reliable delivery of the bullet to where you aimed the gun (in this case, Mr. Foot)." -- Terry Lambert, FreeBSD-hackers mailing list.