Snapshots done right: GAIA vs SPLAT

Just figured this out today and it is really cool.

SPLAT snapshots bundle up the world into a single gzip file and you can then export it. On boot, you interrupt the boot and you can suck it in via TFTP and rebuild. This is pretty good except takes a long time. The good part is you can export the snapshot on non-RAID systems in case the disk corrupts.

GAIA (and R75.40 SPLAT) is different. They have Logical Volume Manager on it which provides flexibility in creating and destroying logical disk partitions. When you create a snapshot, GAIA creates a whole new disk partition, and then creates a filesystem based backup on the new logical disk partition (not a single gzip file).

To explore this, create a R75.40 snapshot called DREEZSNAPSHOT. Then use logical volume manager to look at the logical volumes. I don’t have a VM to show this exactly but it will look something like this.

Image

Note how lv_log and lv_current are your current log and GAIA partitions that you are currently using? A third one will appear called something like /dev/mapper/vg_splat-lv-DREEZSNAPSHOT. It will be ‘hidden’ because it is NOT mounted onto the Unix file system.

Go ahead and mount it:

mkdir /mnt/dreez
mount /dev/mapper/vg_splat-lv-DREEZSNAPSHOT /mnt/dreez
cd /mnt/dreez

Now go explore around. See it has a full file system in it?

The cool part about all this is when you do upgrades, if (and when) the upgrade blows up GAIA will automatically revert to the old image. Before the upgrade GAIA will create an image that you can revert to if some magic tests are not passed. This is super important for that firewall in Botswana who’s local sales rep/IT guru only speaks Zambizi and you are doing the remote upgrade at 2am on Saturday with no KVM/remote console and your kids birthday party is at 7am…and the whole thing blows up. GAIA will autorestore and you are off to your kids birthday party.

THis is very cool. Other firewalls have had this for years (my glorious Sidewinder!), and CP has finally got it right too. This is a prime example of enterprise firewall management…the ability to easily manage large number of firewalls remotely. Only downside is you have to pray to the gods  the non-RAID disk doesn’t blow up.

Now if they could fix provisioning and get that fancy new mgt out there! Life will be good!

Over and out y’all,

dreez

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: