Information Technology Reference
In-Depth Information
achieve physical separation by storing data to remote disk arrays such
as those provided by cloud backup and disaster recovery services.
Logical separation means that the interface to the backup system is re-
Definition: logical
separation
stricted to prevent premature deletion of data. For example, some backup
systems provide an interface that allows a user to read but not write old
versions of a file (e.g, the file as it existed one hour, two hours, four hours,
one day, one week, one month, and one year ago.)
14.2.3
Software integrity checks
Although storage devices include sector- or page-level checksums to detect data
corruption, many recent file systems have included additional, higher-level,
checksums and other integrity checks on their data.
These checks can catch a range of errors that hardware-level checksums can
miss. For example, they can detect wild writes or lost writes where a bug in the
operating system software, device driver software, or device firmware misdirects
a write to the wrong block or page or fails to complete an intended write.
They can also detect rare ECC false negatives when the hardware-level error
correcting codes fail to detect a multi-bit corruption.
When a software integrity check fails on a block read or during latent-error
scrubbing, the system reconstructs the lost or corrupted block using the redun-
dant storage in the RAID.
Two examples of software integrity checks used today are block integrity
metadata and file system fingerprints.
Block integrity metadata. Some le systems, like Network Appliance's
WAFL file system, include block integrity metadata that allows the software
Definition: block integrity
metadata
to validate the results of each block it reads.
As Figure 14.7 illustrates, WAFL stores a 64 byte data integrity segment
(DIS) with each 4 KB data block. The DIS contains a checksum of the data
block, the identity of the data block (e.g., the ID of the file to which it belongs
and the block's oset in that le), and a checksum of the DIS, itself.
Then, when a block is read, the system performs three checks. First, it checks
the DIS's checksum. Second, it veries that the data in the block corresponds
to the checksum in the block's data integrity segment. Third, it veries that
the identity in the block's DIS corresponds to the le block it was intending to
read. If all of these checks pass, the file system can be confident it is returning
the correct data; if not, the file system can reconstruct the necessary data from
redundant disks in the RAID.
