5

Here is what I need to achieve. I have a work PC with 2xSSD one for O.S. and software, and the second smaller for storing data. Currently I backup my data on an external HDD and on the cloud, I also do O.S. image to recover the full system with software. The data backup on external HDD is daily, the cloud backup is weekly and the O.S. image is monthly.

I wanted to improve this pattern by replacing my external HDD with a NAS, so the first question is: would a NAS used for storing backup files be a good idea or an overkill?

The very second question is: what kind of NAS do I need to store what above? I have read about the various RAID levels, and as of now I'm undecided between 1, 6 or 10 what is the possibility that: a) two disks will go bad at the same time or b) the second disk goes bad before I'm able to replace the first fault?

Another option could be just replacing my current external HDD with a bigger one, that can house more sets of data, but this would not really improve the security the way I had in mind.

Dave M
  • 4,514
  • 22
  • 31
  • 30
S. W. G.
  • 151
  • 1
  • 5
  • 13
    RAID is not backup. It's redundancy/high availability. Do not mix the two. If you need backups, continue doing that. If you need HA, get a NAS - but continue with a backup strategy that works for you. – parkamark Jul 28 '21 at 12:38
  • 1
    You have described how you treat the data, but you hand't described any *requirements* of your service. How reliable it must be? For how long you can tolerate a downtime? Also, what does not satisfy you in the current setup (do you experience or expect any problems with it)? Any proper advice could only be based on serviice requirements, not on current setup. – Nikita Kipriyanov Jul 28 '21 at 12:58
  • @parkamark if i continue with one external HDD, should it fail I lose all my backups, the idea of NAS is more drives less likely that I lose my data. – S. W. G. Jul 28 '21 at 13:14
  • @NikitaKipriyanov downtime should be about a few hours to 8 hours, in the case that both my SSD and backup fail I should be able to download from the cloud and restore it on a new SSD or a backup HDD that I keep in this evenience. I also considered of cloning my O:S. SSD into a HDD to extra backup, a mule to help me recover in case of disaster of multiple devices. – S. W. G. Jul 28 '21 at 13:16
  • 3
    @S.Redrum Note that having twice as many drives makes a drive failure twice as likely. – A C Jul 29 '21 at 03:18
  • To generalize what @AC said, more complicated setup is likely to be less reliable, and also tested and accustomised setup tends to be more reliable. If you live happily now and you are sure your current setup is sufficient to fullfill your current and probably near future goals, I don't see any reasons to change anything. – Nikita Kipriyanov Jul 29 '21 at 05:35
  • 1
    @S.Redrum A backup is also intended to protect against accidental deletion of files. – glglgl Jul 29 '21 at 15:27
  • What size disk drives are you considering? For Q2b, the restore time, and thus failure window, for 20 GB SMR disks is somewhat different to non-SMR 4 GB disks. – Andrew Morton Jul 29 '21 at 18:33

6 Answers6

6

The Short Answer is: it depends

The Longer Answer is regarding:

Would a NAS used for storing backup files be a good idea or an overkill?

  • In Fact, it is a commonly used practice to do so for short-Term backup
  • Long-Term Backups should be saved on Tapes or other medias.

what kind of NAS do I need to store what above?

The Short Answer is: it depends

The Long one is:

It depends on how many drives may you want to have failed at once to still be able to recover.

You may want to read about the Different Raid Level and Information on Wikipedia, as it would explode the Answer dramatically with non-related stuff.

A Commonly used Raid Level for Storing Backups are Raid 5 or Raid 10 - and yes, again it depends on your purposes and needs.

Remind: Raid is NOT a Backup, its just saves you from n-X failed drives.

Where n is your current drives and X the drives where can fail depending on the chosen raid level.

djdomi
  • 1,599
  • 3
  • 12
  • 19
  • I dont actually need to store versioning, so I just need to have the latest daily backup for the data, I keep 7 days in FIFO just in case one backup gets corrupted due to backup software (Macrium) used or non hardware causes. I don't need to share anything, was just thinking to replace external HDD with more HDDs (NAS) to lower the risk of disk failure. – S. W. G. Jul 28 '21 at 13:19
  • 1
    @S.Redrum Excactly thats the reason for nas, reduce the chance of a failure for short-term backups. you may want to [chat with me](https://chat.stackexchange.com/rooms/126791/thechat) so we dont miss-use this commentary function – djdomi Jul 28 '21 at 13:30
  • 1
    Ok so storing daily data backup, while maintaining a 7 days line could be take as a short term backup? In short what I need is: preserve the most recent copy of data, preserver a system image that I can restore quickly with all software installed, at this poinr ill just need to update the data from the most recent and I should be fine. – S. W. G. Jul 28 '21 at 14:50
3

Reexamine what point in time you need to recover if the data is lost. Losing a week of work is bad in any organization, but may be tolerable to yours. And test restores, which is the entire point of backups.

Your current backups are good in that you have three copies of the data, and one at a different location. Assuming the weekly backups meet your business continuity goals if both the computer and the external were lost.

A storage array improves reliability by surviving a disk failure. Yes, it could make sense to replace the external with a NAS dedicated to backups. Note that if the primary storage is still one disk, it will fail at the same rate as before and some day require a restore. Which may be suitable for your needs.

Beware that an always-connected file share is not a cold offline backup. Ransomware will encrypt such files if it finds them. Assume your backup user is compromised, what damage can it do to backups? Typical file permission schemes cannot easily implement a user that can write to files, but cannot change them or delete them. (Try doing so with SMB or NFS.) Unplugging the backup NAS from the network when not in use may seem tedious and paranoid, but perhaps limiting access to the daily backups is useful. Confirm that the cloud backups cannot be easily altered or deleted, such as using credentials that do not have delete permissions.

Array type is a choice to make, each RAID flavor you mentioned could be decent. RAID 1 of a pair of drives is easy to do, but only 50% usable space. RAID 6 of a handful of drives will survive 2 failures, very slightly slower due to parity calculations. RAID 10 is striped RAID 1, can survive at least 1 failure, and is quite fast, but 50% usable capacity may be too expensive compared to RAID 6. All of the above are better than the single point of failure that is a single physical drive.

Backup to tape could be a different option. Superior in that cold offline backups are easy, stored tapes are not being read or written to. Further, using a different media type means a backup copy has different wear behavior, and is not vulnerable to specific flaws such as in the primary storage's controller firmware. Challenging in that tape library hardware and software can get expensive.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34
  • I think both raid 6 and 10 have 50% of total capacity? Tape backup is sequential, it would be really slow to retrieve in case I need a restore. Can ransomware affect data on NAS such as Synology? – S. W. G. Jul 28 '21 at 14:48
  • 2
    @S.Redrum Yes any device which is beeing connected can be affected, so only a connect and disconnect strategy or software that support suchs kind _can_ incraise this security point but cant in case if they been affected during infection IMHO – djdomi Jul 28 '21 at 17:09
  • Ok but I don't need to access my NAS from outside my network, I'll eventually disable the remote sharing of files from devices not on my network. So for instance it should infect my PC to reach the NAS. On my PC I use OSArmor + SysHardener it should prevent or block ransomware from at least phoning home, limiting the impact of such malware. My main concern is hardware failure right now. – S. W. G. Jul 28 '21 at 17:46
  • @S.Redrum RAID6 has N-2/N capacity. It's 50% with a 4 disk array with an 8 disk array it's 75%; it's a more fault tolerant variation of RAID5 and intended to let you have bigger array sizes before the risk of a second failure while rebuilding grows unacceptably high. RAID10 OTOH is always 50% because you're mirroring drives. – Dan Is Fiddling By Firelight Jul 29 '21 at 01:41
3

To answer your question about the possibility that two drives fail at the same time: It could happen and it might be more likely than you think. I have seen it happen on a RAID5 system which then got all its data wiped.

Usually the RAID system detects that a drive has gone bad and starts rebuilding on a hot spare or manually replaced bad drive. When this rebuilding takes place all drives in the system will have to work hard and usually all the remaining drives are of the same age, make and model as a drive which has just failed.

On the other hand, I have also seen a raid6 system fail when 6 disks of the same make, model and age decided to give up at the same time. Raid6 would allow 2 disks to give up at the same time, but when 6 of 16 disks gave up all data was lost.

Henrik Carlqvist
  • 492
  • 2
  • 5
  • So more disks is not more safe than just one? – S. W. G. Jul 28 '21 at 15:05
  • Yes, more disks are more safe than just one. But you will never be 100% safe. As said elsewhere, RAID is no substitution for backup. I like the fact that you prefer storing backups on RAID in favor of a single external disk and that you do not only rely on this storage for your backups. – Henrik Carlqvist Jul 28 '21 at 15:17
  • Ho about a RAID1 with 4 disks? Would that be safer than a RAID10 or 6 or just a dumb idea? – S. W. G. Jul 28 '21 at 16:12
  • If you have 4 disks and choose between different RAID levels you have the following advantages/disadvantages: RAID1: Will survive 3 simultaneously crashing disks but only give you capacity as 1 disk, read performance might get 4 x 1 disk performance. RAID10: Might survive 2 simultaneoulsy crashing disks (but might fail depending upon which 2 disks of the 4 that will crash). The capacity will be equal 2 x disk-size and you might get read performance equal to 4 x read performance of 1 disk. RAID6: Will survive if any of two disks fail. The capacity will be equal of 2 x disk-size. – Henrik Carlqvist Jul 28 '21 at 16:22
  • I rad that Raid 6 often fail when attemping to restore a fault disk, since the other disks in the rack can fail during the restore operation. I mean if I lose a single HDD its my fault, but if I implement a Raid (spending over 1k euros) I'd be really pissed to lose data due to simultaneous fault. Ok I still have the cloud but will take longer to restore. – S. W. G. Jul 28 '21 at 16:26
  • For your purpose it might be better to spend the 1k€ on a number of external disks which you rotate at each backup. If one disk fails you might at least be able to read back an older backup from another disk. – Henrik Carlqvist Jul 28 '21 at 18:20
  • 1
    Tip: Spread the purchase of drives to multiple retailers and across multiple weeks/months. Don't buy all drives from the same dealer on the same day. That way you can lower the possibility of the other drives failing when rebuilding a RAID 5 or 6 upon one of them failing. It'll still be non-zero, though. – Tim Jul 29 '21 at 08:25
  • For consumer drives in the TB range, RAID6 effectively only lets *ONE* drive die. You need the second drive of redundancy to manage any UREs during rebuild. If you lose two full drives in RAID6 with consumer TB drives, you're back to a diceroll whether or not the array can rebuild without errors. This is why RAID5 is basically useless on modern large consumer grade drives - RAID6 is really an un-broken version of RAID5. You can't really count on RAID6 for two proper drives worth of redundancy for the same reason you can't count on RAID5 for even one. – J... Jul 29 '21 at 19:35
1

I had the same problematic as you a couple years ago, and ultimately decided that a NAS and Raid setup wouldn't be what I need.

I decided to disregard the risk of virus and ransomwares, my house burning and most of let's say "less common" problems which may occur, and decided to only focus to protect some medias against disk failure. And at the end, I just decided to add, 2 big HDD, on top of my 2 SSD and 1 HDD in my gaming PC. I copy weekly the content that i want to save on my "1st new" HDD, and i keep the 2nd new HDD unavailable and make a copy on the 2nd HDD when i feel that enough new medias where added to the "1st new HDD", and then on top of that i still had the most important stuff backed up on an external drive, and another pc. (Not that much into cloud solution, and my stuff is located at different places, so I believe it should be fine this way)

And for all of this jungling I use a software made for doing this kind of backups / copies (bvckup2), instead of going all out with a NAS, and all ..

TL:DR : If you "just" want to secure you Datas and are not interested in the others benefits of NAS, making a system only for storing backups can be easier done and used than a whole NAS, with Raid and all, also i hesitated to use Raid 1, but then just decided not to use it, so that i could have one of the 2 drive permanently unavailble, unless i manually re-activate it, so that at least this drive can be partially protected from virus, and those kind of problems.

user789985
  • 11
  • 1
  • 1
    S. Redrum did not ask about your life work history, and is far away from the point of the question. So, either update to an answer that fits the question or please remove it, there are two well-defined Questions. Which he wanted to be answered, and a “NAS” isn't just a big and expensive device. Already any device which is accessible on the network can already be a NAS as it only stands for “network attached Storage” — it usually means a device with at least 2 hard rives, but it doesn't need to have it. – djdomi Jul 29 '21 at 14:38
  • 1
    @djdomi For his question it's obvious the best Raid setup for his needs is Raid 1, i'm just stating that if he doesn't need, high availability, and "just" care about his Data and only worries about disk failure, he can only add HDD to one of his existing rig, with a decently setup copy mechanism. Then i just explained how i personnaly did it, since i believe both our needs were pretty similar. This is not a general question, so my answer is not a general answer. Your answer on the other hand is pretty useless. – user789985 Jul 30 '21 at 07:11
1

If using a small 2-bays NAS your only option is RAID1 (obviously).

If using a 4+ bays NAS for sequential read/write workload (ie: storing files with small or no random access at all), RAID6 should be preferred due to smaller parity overhead (at 5+ bays) and better fault tolerance (any 2 disk can die without data loss). In this case, keep in mind that replacing a disk is going to cause much reduced performance and significant stress on the others.

If random reads/writes are expected to have a significant role (ie: you will be running a database or some VMs off the NAS) or you can't stand the massive performance impact of a parity RAID rebuild, I strongly advise to use RAID10 (parity RAID without BBU caches are very slow in random write patterns).

Bonus point: use a NAS which support snapshots, so you can have point-in-time backup and recovery. And remember that RAID is not a backup, so be sure to keep other copies of your valuable data.

shodanshok
  • 47,711
  • 7
  • 111
  • 180
0

RAID 1

To answer the question posed in your title quickly and succinctly, Raid 1 will always be the most reliable, secure raid level.

If you have ten drives in a raid1 array, NINE OF THEM can fail and you are still online. no other single raid level can survive more than 2 failures

Billy left SE for Codidact
  • 174
  • 1
  • 1
  • 7
  • 1
    And your usable capacity is 10%. – Michael Hampton Jul 29 '21 at 17:31
  • @MichaelHampton Where did OP ask about capacity? i saw a vague reference to everything fitting on one drive. If that's the case, fifteen of those drives, in raid1 will be able to store the data in a raid1, or 25 drives, with more reliability – Billy left SE for Codidact Jul 29 '21 at 17:37
  • 1
    This is the real world. There are always other considerations, even if they aren't explicitly stated. – Michael Hampton Jul 29 '21 at 17:55
  • Raid 1 will always be the most reliable, secure raid level. – Billy left SE for Codidact Jul 29 '21 at 18:12
  • Your answer made that point quite well already. Why repeat it? – Michael Hampton Jul 29 '21 at 18:13
  • 1
    Of course, the controller could fail, so you'll want more than one of those... – Andrew Morton Jul 29 '21 at 18:29
  • @AndrewMorton Thanks! That's an excellent case, for Linux kernel raid, over hardware raid as well. Diversity in controller chipsets, and easy recoverability regardless of controller. You can also achieve a 'raid 1' of sorts across multiple machines with DRBD. Say, a 10 disk raid1 array on each machine. 5 storage adapters per machine. I think DRBD supports three machines now too, though only two may be active at once, and really I'd just recommend one at a time for maximum reliability and security. You could use tgtd and iscsi-tools if you want something simpler than DRBD to set up – Billy left SE for Codidact Jul 29 '21 at 18:34
  • @BillyC. There is sensible, and then there is wishful thinking. The OP is looking for the former ;) – Andrew Morton Jul 29 '21 at 18:44
  • @AndrewMorton be careful in there, inside the OP's head. no tickling. – Billy left SE for Codidact Jul 29 '21 at 18:46
  • 1
    @BillyC. What? You mean if the work PC has a M/B failure that cascades to taking out the PSU and CPU and all the spare parts have been bought by cryptominers? – Andrew Morton Jul 29 '21 at 18:55
  • cryptominers will never use raid 1 for there setups in case of storage - maybe for the OS but not storage.... – djdomi Jul 30 '21 at 08:30
  • My total data is at best 300 GB so space is not an issue, also 4 x 4 TB disks would suffice for multiple takes, if I eventually go for 4-bay NAS I'd have 3 bays in RAID 1 + 1 spare. What is holding me, is the doubt that I'd never fully use say a Synology 920+ for just copying my data, all in all I'll probably put everything on cloud backup with full/differential schemas, and maybe have one 4 TB NAS tier disk for local backups, the reason is that a Synology wont prevent for example ransomware from infecting it, should the malware infect the PC it is attached to, correct? – S. W. G. Aug 04 '21 at 15:25
  • Correct. Also. There's litle benefit to having spares with Raid1. Just add all the drives to the Raid1 to increase fault tolerance. In fact, some would argue that a 'spare' disk, sitting idle, is a big old question mark. Will it work when you need it? When it is called into action, will it fail? Plenty of disks HAVE failed in this situation. By adding it to the array as an active disk, not a spare, you keep it 'exercised' at all times. Its load will not increase when another disk fails. Also you may benefit from increased read throughput the more drives you have. – Billy left SE for Codidact Aug 04 '21 at 15:39