Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.
On 2017-08-28 09:28 PM, 大川敬臣 wrote: > I'm planning to build two MySQL DB servers that synchronized by DRBD 9.0 > with RHEL 7.3. > I want to enable checksum-based synchronization by adding "csums-alg > <algorithm>" to drbd.conf. > After I read user's guide [5.11. Configuring checksum-based > synchronization], I had a simple question. > > The user's guide said : > "<algorithm> may be any message digest algorithm supported by the kernel > crypto API > in your system’s kernel configuration. > Normally, you should be able to choose at least from sha1, md5, and > crc32c." > > My question is , Is there recommendation algorithm for DB server? > The algorithms (sha1, md5, crs32) are king of old ones. Can I use sha256? > Is there some reason that sha256 is not used? > > Please give me any adovices. > > Thanks, This verifies that the blocks are the same on both nodes, not the encrypt data. So the real question is; How concerned are you that a) two blocks don't match and b) those differences are just perfectly different to cause a hash collision/false match? The stronger the algorithm, the more load it will place on the system. I would stick with something fast, maybe md5 at the most. This all said, I am not an expert. If someone else says I am wrong, believe them. :) -- Digimer Papers and Projects: https://alteeve.com/w/ "I am, somehow, less interested in the weight and convolutions of Einstein’s brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops." - Stephen Jay Gould