On Sun, Jan 10, 2010 at 05:08:29PM +0200, Dan Naumov wrote: > Hello list. > > I am evaluating options for my new upcoming storage system, where for > various reasons the data will be stored on 2 x 2tb SATA disk in a > mirror and has to be encrypted (a 40gb Intel SSD will be used for the > system disk). Right now I am considering the options of FreeBSD with > GELI+ZFS and Debian Linux with MDRAID and cryptofs. Has anyone here > made any benchmarks regarding how much of a performance hit is caused > by using 2 geli devices as vdevs for a ZFS mirror pool in FreeBSD (a > similar configuration is described here: > http://blog.experimentalworks.net/2008/03/setting-up-an-encrypted-zfs-with-freebsd/)? > Some direct comparisons using bonnie++ or similar, showing the number > differences of "this is read/write/IOPS on top of a ZFS mirror and > this is read/write/IOPS on top of a ZFS mirror using GELI" would be > nice. > > I am mostly interested in benchmarks on lower end hardware, the system > is an Atom 330 which is currently using Windows 2008 server with > TrueCrypt in a non-raid configuration and with that setup, I am > getting roughly 55mb/s reads and writes when using TrueCrypt > (nonencrypted it's around 115mb/s).
Although I cannot comment on ZFS, my $HOME partition is UFS2+geli. Reads (with dd) of uncached big[1] files are ~70MB/s. Reading an unchached big file from a non-encrypted UFS2 partition is ~120MB/s. Note that the vfs cache has a huge influence here; Repeating the same read will be 4 – 7 times faster! The sysctls for ZFS chaching will probably have a big impact too. Roland [1] several 100s of MiB. -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgp4DdjGsXivv.pgp
Description: PGP signature
