From nobody Sun Oct 15 14:17:57 2023 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S7j5K4Wmgz4x14h for ; Sun, 15 Oct 2023 14:18:13 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-ua1-f44.google.com (mail-ua1-f44.google.com [209.85.222.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S7j5H3y85z3bRG for ; Sun, 15 Oct 2023 14:18:11 +0000 (UTC) (envelope-from asomers@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of asomers@gmail.com designates 209.85.222.44 as permitted sender) smtp.mailfrom=asomers@gmail.com; dmarc=none Received: by mail-ua1-f44.google.com with SMTP id a1e0cc1a2514c-7b5f7f4e733so1390584241.3 for ; Sun, 15 Oct 2023 07:18:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697379489; x=1697984289; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Mv9EzZrw0FobnkSob5ADqMUE5hUuJWW3CsxY2rTMTlE=; b=veOcfjdulLPdhPCPgJpjrf+AcxGL5PYpQol+lnSGGAlDujG7B7ptZZhvT9wKNO2w0L Nzm1u8DJYUKHJ4s6iiSrA1DddFIChqaO5tn6aeoJrkgmX0FBIubFPXGLR1+unkdTJmOW WNyQ9GTqB8iNOZZQDGNILLfmH1GnK5FcrOD4wMMQTzR8jl33HHdj2iTUJUmbjkNRXJdc 9EEJllHSdgI6ZqiM1Yxg1v3SENuZ31Lxx0SmfRojPgSAuTg0wfD1A5B3XKxFdboa+eS3 X7+Y+wwTv8QJehFBeZyzfkrTg+R/yGbBt328mhjGqAfzcXZfbOeLxUiAik7R3ATvexNo SmzA== X-Gm-Message-State: AOJu0YxKAu25+IHHZn+8ACxjvJCIUGXYb1r1fFNsirPKLF5/gfkZXd9c 56ibxhzxAEm0uGuEC388e0IbFUIyluUo+tcKjoMGU8D0 X-Google-Smtp-Source: AGHT+IE/VU5yiFwCoZCwcSQZHxTB3lkApmNAOoZn18Co6kwlAA7y0OP6Lam6Yy2sIzSPpsBX4omKdu8vJr01vanjnbQ= X-Received: by 2002:a1f:ed41:0:b0:495:dcd0:471 with SMTP id l62-20020a1fed41000000b00495dcd00471mr26572226vkh.5.1697379489534; Sun, 15 Oct 2023 07:18:09 -0700 (PDT) List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Alan Somers Date: Sun, 15 Oct 2023 07:17:57 -0700 Message-ID: Subject: Re: zpool geli encryption question To: freebsd-hackers@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: - X-Spamd-Result: default: False [-1.31 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.90)[-0.903]; NEURAL_SPAM_MEDIUM(0.60)[0.596]; FORGED_SENDER(0.30)[asomers@freebsd.org,asomers@gmail.com]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[freebsd-hackers@freebsd.org]; MIME_TRACE(0.00)[0:+]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.222.44:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; R_DKIM_NA(0.00)[]; FROM_NEQ_ENVFROM(0.00)[asomers@freebsd.org,asomers@gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; RCVD_IN_DNSWL_NONE(0.00)[209.85.222.44:from]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FREEFALL_USER(0.00)[asomers]; ARC_NA(0.00)[]; DMARC_NA(0.00)[freebsd.org]; FROM_HAS_DN(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; TO_DOM_EQ_FROM_DOM(0.00)[] X-Rspamd-Queue-Id: 4S7j5H3y85z3bRG On Sun, Oct 15, 2023 at 6:39=E2=80=AFAM void wrote: > > A machine periodically backs up bhyve volume-backed VMs like so: > > # zfs send ssdzfs/fbsd140R | gzip -c > /vol-backups/$(date '+%G.%m.%d_%H:= %M').fbsd140R.gz > > This vm is zfs internally with geli encryption of both the fs and swap. > > The same backup routine applies to an openbsd vm. It has its own way of > filesystem encryption. > > Both volumes are 64GB in size. On the host, both volumes use lz4. > > Surprisingly (to me at least), the freebsd backup results in a smaller > size of archive. The openbsd one results in a slightly larger archive tha= n > its source. > > I'm expecting both archives to be slightly larger than their sources, > because encrypted data is uncompressible. > > The freebsd archive is 19GB. The openbsd one is 65GB. Why is this? How much of the FreeBSD VM's disk is actually in-use? Maybe you are using TRIM with FreeBSD, which punches holes in the host's ZFS storage. That would explain why compression seems to save space, even though the data is encrypted. -Alan