View Single Post
  #1   (View Single Post)  
Old 13th May 2009
sherekhan sherekhan is offline
New User
 
Join Date: May 2009
Location: Norway
Posts: 7
Default Backup strategies and disaster planning

I have a home made script run by daily.local which every night dumps all file systems to a dedicated local hard drive using dump, compresses them with gzip and rotates them based on date. For the sake of preserving history, I like to keep the most recent backups for a while before deleting them to make room for more backups. Dump-level is determined by date; 0 once per month, 1 once per week, 2 all other days.

I have also tested that the backups work by doing a test restore on a second computer. I booted using an install CD, created file systems and boot loader, restored the dumps, booted, and everything worked as expected.

I also have the option of running the backup to an NFS server, at which point I will compress the dump on the fly through a pipe rather than after dumping. Later I also may consider using external USB devices, like a flash drive or external hard drive which can be swapped at regular intervals and stored off site.

I may also want to use something other than gzip for compression: lzop (for speed, especially when dumping over the network to NFS) or lzma (for high compression ratio, if dumping to flash devices with limited space).

I am dumping live file systems. I have seen warnings against this some places, but I have not really understood excactly why. If OpenBSD supported file system snapshots I would use these, but I guess that's not really possible. And going single mode every night is not something I want.

The computer in question mostly runs a personal mail server.

A few questions:

1) I would like to have the option of encrypting the dumps, especially if I am to use external devices for backups. What is my best option? I notice both aescrypt and ccrypt in ports uses Rijndael/AES, what is the difference between the two? Should I use any of them, or something else?

2) If encrypting my backups, and/or if I compress them with something else than gzip, I guess I can no longer expect to be able to access the dumps directly from the tools available from a basic install CD. What are my options here? Is there a good OpenBSD based live CD that includes such tools? Should I try to build my own boot CD or USB drive? Or should I be prepared to install a bare OpenBSD system and the needed tools before restoring my dumps when disaster strikes?

3) Any other comments, or other problems I have not foreseen?
Reply With Quote