Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.
On Thu, Jun 05, 2008 at 08:09:12AM +0200, Simon Carey-Smith wrote:
> >From the online DRBD user gude, to enable online verification according to
> chapter 6 ('Enabling on-line verification') we need to add a line to the
> syncer section of the resource:
> verify-alg algorithm; # where algorithm is supported by kernel, eg:
> md5 / sha1 / crc32c
>
> Under Appendix A for drbd.conf however it says to add the line:
> data-integrity-alg alg;
these are two different things. don't mix them up.
Replication traffic integrity checking,
http://www.drbd.org/users-guide/s-integrity-check.html
net { data-integrity-alg "crc32c"; }
On-line device verification,
http://www.drbd.org/users-guide/s-online-verify.html
syncer { verify-alg "md5"; }
> We're using drbd-8.2.5 and have tried both options but can't get either to
> work. Using 'data-integrity-alg' spits back an error when DRBD starts
> saying that it found an unknown option in the conf, whereas using
> 'verify-alg' (with md5 or sha1) gives this message in the syslog when DRBD
> starts:
> localhost kernel: drbd0: data-integrity-alg: <not-used>
>
> The user guide says that the algorithm used can be "any message digest
> algorithm supported by the kernel crypto API in your system's kernel
> configuration."
> Would we get this messages because the linux kernel doesn't support
> cryptography? We're running Fedora 8 so this would be surprising. How to
> find out which crypto algorithms the kernel supports? It might be worth
> adding a comment to the user gude about how to do this.
> Cheers
--
: Lars Ellenberg http://www.linbit.com :
: DRBD/HA support and consulting sales at linbit.com :
: LINBIT Information Technologies GmbH Tel +43-1-8178292-0 :
: Vivenotgasse 48, A-1120 Vienna/Europe Fax +43-1-8178292-82 :
__
please don't Cc me, but send to list -- I'm subscribed