Date: Tue, 28 Aug 2007 11:10:54 +0900 From: Nathan Butcher <n-butcher@fusiongol.com> To: freebsd-current@freebsd.org Subject: Re: Encrypted zfs? Message-ID: <46D3842E.5040002@fusiongol.com>
next in thread | raw e-mail | index | archive | help
CW> I'm currently using a zraid consisting of three drives. Lately I CW> wonder what the best way would be to encrypt it. CW> I read the chapter dealing with disk encryption in the handbook, and CW> decided to use GELI. Is there anyone here on the list who has some CW> experiences with ZFS on encrypted GELI devices? Are there some CW> performance specs around? At the moment, I have created a zvol on top of ZFS and then turned it into a GELI device. Then I have run newfs on that GELI device and mounted it as a volume. It's less than an ideal way of having encryption on ZFS (you get some of the benefits of ZFS, but the filesystem on top of GELI is still UFS), but it works anyway. On my 2.13Ghz Core2 Duo with 2GB of RAM under amd64-current, my system load doesn't break much of a sweat, reading to and from the GELI volume - and speeds are tolerable. Since I have the Promise card issue, I can only give bechmarks dated from the 200706 snapshot, and I'm sure zfs performance has improved since then.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46D3842E.5040002>