Re: ZFS...
Michelle Sullivan http://www.mhix.org/ Sent from my iPad > On 05 May 2019, at 05:36, Chris wrote: > > Sorry t clarify, Michelle I do believe your tail of events, just I > meant that it reads like a tale as its so unusual. There are multiple separate instances of problems over 8 years, but the final killer was without a doubt a catalog of disasters.. > > I also agree that there probably at this point of time should be more > zfs tools written for the few situations that do happen when things > get broken. This is my thought..though I am in agreement with the devs that a ZFS “fsck” is not the way to go. I think we (anyone using zfs) needs to have a “salvage what data you can to elsewhere” type tool... I am yet to explore the one written under windows that a dev sent me to see if that works (only because of the logistics of getting a windows 7 image on a USB drive that I can put into the server for recovery attempting.). If it works a version for command line would be the real answer to my prayers (and others I imagine.) > > Although I still standby my opinion I consider ZFS a huge amount more > robust than UFS, UFS always felt like I only had to sneeze the wrong > way and I would get issues. There was even one occasion simply > installing the OS on its defaults, gave me corrupted data on UFS (9.0 > release had nasty UFS journalling bug which corrupted data without any > power cuts etc.). Which I find interesting in itself as I have a machine running 9.3 which started life as a 5.x (which tells you how old it is) and it’s still running on the same *compaq* raid5 with UFS on it... with the original drives, with a hot spare that still hasn’t been used... and the only thing done to it hardware wise is I replaced the motherboard 12 months ago as it just stopped POSTing and couldn’t work out what failed...never had a drive corruption barring the fscks following hard power issues... it went with me from Brisbane to Canberra, back to Brisbane by back of car, then to Malta, back from Malta and is still downstairs... it’s my primary MX server and primary resolver for home and handles around 5k email per day.. > > In future I suggest you use mirror if the data matters. I know it > costs more in capacity for redundancy but in todays era of large > drives its the only real sensible option. Now it is and it was on my list of things to start just before this happened... in fact I have already got 4*6T drives to copy everything off ready to rebuild the entire pool with 16*6T drives in a raid 10 like config... the power/corruption beat me to it. > > On the drive failures you have clearly been quite unlucky, and the > other stuff is unusual. > Drive failure wise, I think my “luck” has been normal... remember this is an 8 year old system drives are only certified for 3 years... getting 5 years when 24x7 is not bad (especially considering its workload). The problem has always been how zfs copes, and this has been getting better overtime, but this metadata corruption is something I have seen similar before and that is where I have a problem with it... (especially when zfs devs start making statements about how the system is always right and everything else is because of hardware and if you’re not running enterprise hardware you deserve what you get... then advocating installing it on laptops etc..!) > Best of luck Thanks, I’ll need it as my changes to the code did not allow the mount though it did allow zdb to parse the drive... guess what I thought was there in zdb is not the same code in the zfs module. Michelle > >> On Sat, 4 May 2019 at 09:54, Pete French wrote: >> >> >> >>> On 04/05/2019 01:05, Michelle Sullivan wrote: >>> New batteries are only $19 on eBay for most battery types... >> >> Indeed, my problem is actual physical access to the machine, which I >> havent seen in ten years :-) I even have a relacement server sitting >> behind my desk which we never quite got around to installing. I think >> the next move it makes will be to the cloud though, so am not too worried. >> >> ___ >> freebsd-stable@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" > ___ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: ZFS...
On Sat, May 4, 2019 at 12:38 PM Chris wrote: > Sorry t clarify, Michelle I do believe your tail of events, just I > meant that it reads like a tale as its so unusual. > As the late Sir Terry Pratchett wrote, "Scientists have calculated that the chances of something so patently absurd actually existing are millions to one. But magicians have calculated that million-to-one chances crop up nine times out of ten.” -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkober...@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: route based ipsec
Hello! сб, 4 мая 2019 г. в 21:01, Scott Aitken : > > On 5/2/2019 4:16 PM, KOT MATPOCKuH wrote: > > > 0.The ipsec-tools port currently does not have a maintainer (C) > portmaster > > > ... Does this solution really supported? Or I should switch to use > > > another IKE daemon? > > I've just started using IPSEC between a 12.0-RELEASE box, a 11.2-RELEASE-p9 > box and a Cisco IOS router. > What type of peers_identifier are You using? I'm using asn1dn... And today I got a coredump on 3rd host in: #0 0x0024717f in privsep_init () I haven't seen any core dumps or crashes. I run routing between these > devices (using RIPv2 rather than OSPF) - in order to do this you need to > create tunnels between the devices because encrypting routing protocols and > things that use multicast is tricky. I felt that that the handbook example > was lacking - it should have been encrypting the tunnel endpoints and NOT > the > LAN traffic on either side of the tunnel. > I used pointtomultipoint topology and hardcoded peer's IP addresses for OSPF. No multicast => no problems :) > Anyway I built IPENCAP (aka IPinIP) tunnels using gif interfaces and > configured racoon/ipsec-tools to build the SA/SADs using the tunnel > endpoints > and IP protocol 4 (IPENCAP). > I think my next step will be try to use gre tunnels over ipsec with psk authentication. If you want the configs let me know. > No, thanks You! :) -- MATPOCKuH ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: ZFS...
See https://github.com/alcarithemad/zfsp — zfs in python. May be use this as a *starting point* to build an interactive zpool/zfs explore tool? On Apr 30, 2019, at 3:14 AM, Michelle Sullivan wrote: >> Speaking for a tool like 'fsck': I think I'm mostly convinced that it's not >> necessary, because at the point ZFS says the metadata is corrupted, it means >> that these metadata was really corrupted beyond repair (all replicas were >> corrupted; otherwise it would recover by finding out the right block and >> rewrite the bad ones). > > I see this message all the time and mostly agree.. actually I do agree with > possibly a minor exception, but so minor it’s probably not worth it. However > as I suggested in my original post.. the pool says the files are there, a > tool that would send them (aka zfs send) but ignoring errors to spacemaps etc > would be real useful (to me.) > >> >> An interactive tool may be useful (e.g. "I saw data structure version 1, 2, >> 3 available, and all with bad checksum, choose which one you would want to >> try"), but I think they wouldn't be very practical for use with large data >> pools -- unlike traditional filesystems, ZFS uses copy-on-write and heavily >> depends on the metadata to find where the data is, and a regular "scan" is >> not really useful. > > Zdb -AAA showed (shows) 36m files.. which suggests the data is intact, but > it aborts the mount with I/o error because it says metadata has three > errors.. 2 ‘metadata’ and one “” (storage being the pool name).. > it does import, and it attempts to resilver but reports the resilver finishes > at some 780M (ish).. export import and it does it all again... zdb without > -AAA aborts loading metaslab 122. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: ZFS...
Sorry t clarify, Michelle I do believe your tail of events, just I meant that it reads like a tale as its so unusual. I also agree that there probably at this point of time should be more zfs tools written for the few situations that do happen when things get broken. Although I still standby my opinion I consider ZFS a huge amount more robust than UFS, UFS always felt like I only had to sneeze the wrong way and I would get issues. There was even one occasion simply installing the OS on its defaults, gave me corrupted data on UFS (9.0 release had nasty UFS journalling bug which corrupted data without any power cuts etc.). In future I suggest you use mirror if the data matters. I know it costs more in capacity for redundancy but in todays era of large drives its the only real sensible option. On the drive failures you have clearly been quite unlucky, and the other stuff is unusual. Best of luck On Sat, 4 May 2019 at 09:54, Pete French wrote: > > > > On 04/05/2019 01:05, Michelle Sullivan wrote: > > New batteries are only $19 on eBay for most battery types... > > Indeed, my problem is actual physical access to the machine, which I > havent seen in ten years :-) I even have a relacement server sitting > behind my desk which we never quite got around to installing. I think > the next move it makes will be to the cloud though, so am not too worried. > > ___ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: route based ipsec
> On 5/2/2019 4:16 PM, KOT MATPOCKuH wrote: > > 0.The ipsec-tools port currently does not have a maintainer (C) portmaster > > ... Does this solution really supported? Or I should switch to use > > another IKE daemon? I've just started using IPSEC between a 12.0-RELEASE box, a 11.2-RELEASE-p9 box and a Cisco IOS router. I haven't seen any core dumps or crashes. I run routing between these devices (using RIPv2 rather than OSPF) - in order to do this you need to create tunnels between the devices because encrypting routing protocols and things that use multicast is tricky. I felt that that the handbook example was lacking - it should have been encrypting the tunnel endpoints and NOT the LAN traffic on either side of the tunnel. Anyway I built IPENCAP (aka IPinIP) tunnels using gif interfaces and configured racoon/ipsec-tools to build the SA/SADs using the tunnel endpoints and IP protocol 4 (IPENCAP). Step 1 was to confirm I could PING over the gif tunnel without crytpo. Then I fired up racoon (setkey to create the SA and racoon for IPSEC). If you want the configs let me know. Scott ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: ZFS...
On 04/05/2019 01:05, Michelle Sullivan wrote: New batteries are only $19 on eBay for most battery types... Indeed, my problem is actual physical access to the machine, which I havent seen in ten years :-) I even have a relacement server sitting behind my desk which we never quite got around to installing. I think the next move it makes will be to the cloud though, so am not too worried. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
