From owner-freebsd-stable@FreeBSD.ORG Fri Jun 3 22:50:16 2005 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CBD0E16A41F for ; Fri, 3 Jun 2005 22:50:16 +0000 (GMT) (envelope-from karl@FS.denninger.net) Received: from FS.denninger.net (wsip-68-15-213-52.at.at.cox.net [68.15.213.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1AD5943D49 for ; Fri, 3 Jun 2005 22:50:15 +0000 (GMT) (envelope-from karl@FS.denninger.net) Received: from fs.denninger.net (localhost [127.0.0.1]) by FS.denninger.net (8.13.3/8.13.1) with SMTP id j53MoFkb060925 for ; Fri, 3 Jun 2005 17:50:15 -0500 (CDT) (envelope-from karl@FS.denninger.net) Received: from fs.denninger.net [127.0.0.1] by Spamblock-sys; Fri Jun 3 17:50:15 2005 Received: (from karl@localhost) by FS.denninger.net (8.13.3/8.13.1/Submit) id j53MoFWg060923 for freebsd-stable@freebsd.org; Fri, 3 Jun 2005 17:50:15 -0500 (CDT) (envelope-from karl) Date: Fri, 3 Jun 2005 17:50:15 -0500 From: Karl Denninger To: freebsd-stable@freebsd.org Message-ID: <20050603225015.GA60773@FS.denninger.net> Mail-Followup-To: freebsd-stable@freebsd.org References: <20050603222620.GA708@hiMolde.no> <20050603223634.GA13927@thened.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050603223634.GA13927@thened.net> User-Agent: Mutt/1.4.2.1i Organization: Karl's Sushi and Packet Smashers X-Die-Spammers: Spammers cheerfully broiled for supper and served with ketchup! Subject: Re: RAID-1 as back-up X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2005 22:50:17 -0000 On Fri, Jun 03, 2005 at 06:36:34PM -0400, Alec Berryman wrote: > Hans F. Nordhaug on 2005-06-04 00:26:20 +0200: > > > I would like to use RAID-1 as a back-up solution. If one of the disk > > breaks I would like my server to continue to run from the other > > disk. > > Just as fair warning, you should not rely on RAID as a 'backup' like > you would rely on writing to removable media and storing off-site. If > someone cracks your computer and you want to go back to known good > snapshot, you're out of luck; if you accidently overwrite something, > RAID won't help you. That depends. You can use a third volume in a RAID1 system to image to nightly under automatic control and detach it when finished. Done with care this disk will NOT be used at boot (it might actually boot the kernel, BUT it is not considered one of the providers in gmirror if you "remove" it, so it will not come back into the configuration on a restart) If a hacker scribbles on your disks, this one can still be booted manually with a bit of effort (couple of commands from single user mode.) It will not come up clean but if care is taken (e.g. flushing any open DBMS processes that are active at the time of the detach) you can insure that critical areas on the system are intact, even though a FSCK will be required. You can also (since the disk is detached) physically remove it from the machine (assuming hardware support for such a thing) and physically take the disk somewhere and shove it in an offsite location. The beauty of this over a tape backup is that it is MUCH faster (I can copy about 300GB this way in under five hours), is a true image copy and the resulting media is directly bootable (no restore required) It can also be mounted separately if necessary with the system running (if set up correctly) so you can incrementally copy a file that has been removed by accident, for example, back onto the working volumes. Another option is to DUMP to a disk. Using the snapshop features this is even safer in terms of data integrity but you lose the online nature of the backup (it has to be restored if there is a problem; you can't just boot the volume.) It also allows incremental backups if you desire to use them. As with all backup strategies (absent write-once media in SOME cases) if the media is PHYSICALLY connected to the machine and it is hacked it is possible for a hacker to scribble on THAT as well. This is no more likely, however, than it is for a tape cartridge system (e.g. tape library, etc) that is likewise available while the machine is running. Backup up to a disk drive is becoming much more attractive in terms of total cost, especially when one includes in the picture the time required to restore. The high-capacity tape makers are no longer necessarily the option of choice for this necessary function. -- -- Karl Denninger (karl@denninger.net) Internet Consultant & Kids Rights Activist http://www.denninger.net My home on the net - links to everything I do! http://scubaforum.org Your UNCENSORED place to talk about DIVING! http://www.spamcuda.net SPAM FREE mailboxes - FREE FOR A LIMITED TIME! http://genesis3.blogspot.com Musings Of A Sentient Mind