Fun security issue. If you want to protect against deletion of the snapshots, you need to use something other than FreeNAS's builtin snapshot replication tool. The way FreeNAS handles it is that the source machine is responsible for deleting stale snapshots on the target machine. If your source machine is breached, and snapshots are deleted, those delete actions are carried over to the replication target machine. The best solution would be to have the target machine pull the snapshots from the source machine. But that's not possible with how FreeNAS's replication tool is setup. You gotta use another tool, like Sanoid.
Cool stuff Tom I am still in the process of putting the fibre cards into the Nas box and the hypervisor , I normally run way behind you Tom , but have learnt a ton of stuff from you , I have just started with syncthing this week and are enjoying how it all works together with the jail and TLS wrapper very cool stuff - but none the less great vid keep smiling ….. and have a great one !!!!
I literally asked this question yesterday and here is a video! Thank you so much! 1 question though, if we replicate in reverse, the destination would be read only so we would need to clone it and create shares to make it accessible right? Meaning that we would need the capacity to at least twice the size of the dataset.
How about setting up the destination server for replication as production server in the event that the main server catastrophically fails? This would give us time to build another server that will be used as replication destination. Is this a good idea?
Thanks for the video! ZFS replication is awesome, I've been using it for some time now to backup my home server to another machine in my office. My home machine is running ZFS on Arch Linux, and the backup machine is running FreeNAS 11.2U4. ZFS replication is fast and efficient, and replicates all existing snapshots from the source machine to the target machine. One useful tip I can give, to add to this video, is that if at some point you realize that you deleted some files and then you want to restore them (whether from the source machine or the target backup machine), the missing files may still (hopefully) be stored by one of the ZFS dataset snapshots. Rolling back a snapshot to restore the dataset to the state it was in when the snapshot was taken is obviously a bad idea as it would undo all the changes you made within that dataset since the snapshot was created. If you know which snapshot contains the missing files then you could clone the snapshot .... but if you're not sure which snapshot stores the missing files then ideally you need to search for the files in all of the available snapshots. This is possible because all snapshots for a dataset are accessible via a hidden folder in the root of the dataset mountpoint. So for example if your dataset is mounted at /home/justin/Videos then you will find a hidden folder called /home/justin/Videos/.zfs/snapshot. The snapshot folder contains a subfolder for each dataset snapshot, and this folder path can be searched for the missing files. You can just copy the data from the relevant snapshot folder back to where it should be.
What about the destination for replication, does it have to match the setup of the source regarding disk-setup, raidz-setup and so on, or is the destination just going to have a bunch of imagefiles with backups from the source? I mean, for example, could I use a RAID0 for the replication destination when my source is RAIDZ2? (I know it's not the best solution, but I just wondered...) :)
Figuring out how to just do a simple replication from my main pool a backup pool on the same system has been really daunbting, and i've still not succeeded. It doesn't care how many snapshots i make. Every attempt at replicating the datasets results in some snapshot from last year being replicated, excluding all the latest files since then. I thought there was a way to replicate the whole shebang but it seems impossible. Do i have to delete ALL snapshots and start over for a successful replication????
@@LAWRENCESYSTEMS Yes it does replicate some old snapshot, but completely ignores the new files. Do you know what settings i should use for replicating the files as they are in the folders now, and not as they are according to some old snapshot from last year?
@@LAWRENCESYSTEMS So say if i want to replicate with a new and current snapshot, as opposed to an old snapshot, what boxes would i tick in the replication task creation window? "Recursive" "Replicate Custom Snapshots" Or in advanced window: "(Almost) Full Filesystem relication" "Replicate specific snapshots" "Save pending snapshots" "Allow compressed write records" "Include dataset properties" "Synchronize snapshots with source" As you can imagine as a beginner on truenas, all these options are very confusing, especially given the enormus amount of time it takes to see the results of one try.
Thank you brother!
Can you also explain how to backup your Freenas to an external USB Drive?
Not all of us have another Freenas machine.
Fun security issue. If you want to protect against deletion of the snapshots, you need to use something other than FreeNAS's builtin snapshot replication tool. The way FreeNAS handles it is that the source machine is responsible for deleting stale snapshots on the target machine. If your source machine is breached, and snapshots are deleted, those delete actions are carried over to the replication target machine.
The best solution would be to have the target machine pull the snapshots from the source machine. But that's not possible with how FreeNAS's replication tool is setup. You gotta use another tool, like Sanoid.
2:08 now you got me paranoid. I find myself backing up backups.
Cool stuff Tom I am still in the process of putting the fibre cards into the Nas box and the hypervisor , I normally run way behind you Tom , but have learnt a ton of stuff from you , I have just started with syncthing this week and are enjoying how it all works together with the jail and TLS wrapper very cool stuff - but none the less great vid keep smiling ….. and have a great one !!!!
I literally asked this question yesterday and here is a video! Thank you so much! 1 question though, if we replicate in reverse, the destination would be read only so we would need to clone it and create shares to make it accessible right? Meaning that we would need the capacity to at least twice the size of the dataset.
How about setting up the destination server for replication as production server in the event that the main server catastrophically fails? This would give us time to build another server that will be used as replication destination. Is this a good idea?
Thanks for the video! ZFS replication is awesome, I've been using it for some time now to backup my home server to another machine in my office. My home machine is running ZFS on Arch Linux, and the backup machine is running FreeNAS 11.2U4. ZFS replication is fast and efficient, and replicates all existing snapshots from the source machine to the target machine. One useful tip I can give, to add to this video, is that if at some point you realize that you deleted some files and then you want to restore them (whether from the source machine or the target backup machine), the missing files may still (hopefully) be stored by one of the ZFS dataset snapshots. Rolling back a snapshot to restore the dataset to the state it was in when the snapshot was taken is obviously a bad idea as it would undo all the changes you made within that dataset since the snapshot was created. If you know which snapshot contains the missing files then you could clone the snapshot .... but if you're not sure which snapshot stores the missing files then ideally you need to search for the files in all of the available snapshots. This is possible because all snapshots for a dataset are accessible via a hidden folder in the root of the dataset mountpoint. So for example if your dataset is mounted at /home/justin/Videos then you will find a hidden folder called /home/justin/Videos/.zfs/snapshot. The snapshot folder contains a subfolder for each dataset snapshot, and this folder path can be searched for the missing files. You can just copy the data from the relevant snapshot folder back to where it should be.
hmm why not use syncthing to have a working mirror and do snapshots on both ends?
Does each server have to have the same configurations for raid? Or could you do a simple mirror on the target and a Raid5/6 config on the main one?
Good video Tom! Thank you for sharing it with us. 👌👍😎JP
What about the destination for replication, does it have to match the setup of the source regarding disk-setup, raidz-setup and so on, or is the destination just going to have a bunch of imagefiles with backups from the source? I mean, for example, could I use a RAID0 for the replication destination when my source is RAIDZ2? (I know it's not the best solution, but I just wondered...) :)
The destination does not have to be the same raid setup
@@LAWRENCESYSTEMS Thanks for the fast reply, and your channel. Great content! Subscribed!
Figuring out how to just do a simple replication from my main pool a backup pool on the same system has been really daunbting, and i've still not succeeded. It doesn't care how many snapshots i make. Every attempt at replicating the datasets results in some snapshot from last year being replicated, excluding all the latest files since then. I thought there was a way to replicate the whole shebang but it seems impossible. Do i have to delete ALL snapshots and start over for a successful replication????
Not sure what you are doing wrong because it should replicate the old snapshots.
@@LAWRENCESYSTEMS Yes it does replicate some old snapshot, but completely ignores the new files. Do you know what settings i should use for replicating the files as they are in the folders now, and not as they are according to some old snapshot from last year?
@@LAWRENCESYSTEMS Also, thank you for answering! :)
@@rBennich replication only sends the snapshots which is why it needs them, they are the static spot for the data.
@@LAWRENCESYSTEMS So say if i want to replicate with a new and current snapshot, as opposed to an old snapshot, what boxes would i tick in the replication task creation window?
"Recursive"
"Replicate Custom Snapshots"
Or in advanced window:
"(Almost) Full Filesystem relication"
"Replicate specific snapshots"
"Save pending snapshots"
"Allow compressed write records"
"Include dataset properties"
"Synchronize snapshots with source"
As you can imagine as a beginner on truenas, all these options are very confusing, especially given the enormus amount of time it takes to see the results of one try.
How to move my torrent files outside of the jail without causing copy scenario(which make it super slow and shorten HDD life)?