TweetFollow Us on Twitter

Ghost In The Machine

Volume Number: 21 (2005)
Issue Number: 5
Column Tag: Programming

The Source Hound

Ghost In The Machine

by Dean Shavit

"The mind is not a non-physical substance residing in the body, 'a ghost in a machine,' but a set of capacities and abilities belonging to the body."

Gilbert Ryle, Concept of Mind (1949)

Mea Culpa

First, before I go any further, I have to say the following: I am a liar. In last month's Source Hound, I promised to bring MacTech readers an investigation into Tiger Server's new extended permissions a.k.a. Access Control Lists. While I am sure that I could have "bitten into the topic" with the Source Hound's special flair, it appears that Ed Marzcak, my fellow columnist, had an ace up his sleeve, so he'll be covering Tiger Server's ACLs.

One of Us, One of Us

If you've ever worked in corporate IT, the verb "Ghost" (as in 'to Ghost') is sure to conjure up an image familiar to many, that of a Help Desk Analyst, floppy disk in hand, with a big smile on their face: "So, your PC giving you a bit of the 'ol trouble no, well , go have yourself a cup of coffee and when you come back, it'll all be right as rain." One reboot later, a few keystrokes, and the Windows PC is back to pristine condition, barring no hardware trouble. It's magic.

Cloning hard drives has been the standard in corporate PC support and rollouts since the mid 1990s. It's a great way to cut the installation times for the Windows Operating System and applications down to minutes in some cases, rather than hours. Network home directories or "roaming" profiles, where the users' data resides on a server, rather than the local workstation, makes cloning almost standard operating procedure for fixing even the smallest of software glitches. While the "Imagists" are often thought of as a school of modern poets, whose ranks included William Carlos Williams and T.S. Eliot, today "imagists" are a highly-skilled loosely-knit group of tradesmen (and women) who spend their days managing a single image--operating system and software (sometimes referred to as a "standard image") that gets deployed onto dozens, hundreds, or even thousands of similar PCs.

The verb "Ghost" comes from the same type of lexical twist as calling every variety of Cola a "Coke." Symantec, the maker of antivirus and disk utilities for the Macintosh purchased the Ghost hard disk imaging solution from Binary Research Limited in June of 1998. As a defacto standard in the IT world, Ghost was and still is the preferred cloning solution for Windows PCs. At the time, I remember more than one person inquiring as to why Symantec didn't ship a Mac version of Ghost, since Symantec was a company that heavily supported the Mac with Symantec Anti-Virus (now Norton Anti-Virus) and the indispensable Norton Utilities suite of disk tools. The standard answer to that question was "with the Mac OS, you don't need to clone systems, as you can simply drag and drop a System Folder from the network or even pre-installed applications." That indeed was true. At the time, all you really needed to clone a Mac OS system and all applications was a SCSI hard drive big enough to hold everything.

In My Image

Working with images of floppy disks was nothing new to the Mac OS, even in the late 1990s. Until System 8.1, for example, Apple's installer technology used self-mounting disk images on the offhand chance someone would actually need to produce the nineteen floppy disks to install System 7.5.3 on, let's say, a PowerBook 5300 without a CD-ROM drive. Utilities such as DART (Disk Archiving Tool) and Disk Copy became more commonplace as installers grew larger and larger as Apple maintained compatibility between Macs with floppy drives and those with CD-ROMs.

Eventually, Apple did away with the floppy drive altogether, and now, with the retail release of OS X 10.4 Tiger shipping only on DVD-ROM, Apple is trying to do away with the CD-ROM as installer media as well. This is a pattern that repeats itself every time a type of media becomes unwieldy. It was not uncommon, for example, that an iMac or PowerMac G4 shipping in 2001 with OS 9.2.2 and OS X 10.1 would have a set of six or more restore CDs included. Running the software restore sequence would put the computer back into factory condition with all bundled software included. For those of us who were curious about the restore process, a little investigating led us to discover a nifty program called ASR (Apple Software Restore) hidden away on the first restore CD.


Figure 1. Classic Mac OS Disk Copy and ASR, Circa 2001

Those of us who played with the Classic Mac OS version of ASR found it could do some interesting things for deploying many Macs at the same time. In late 2001, I used ASR to roll out 35 iMacs at a customer's site in a single day. I prepped a single iMac and tested it for a while, made tweaks and updates until everyone agreed that it was ready, then used ASR to clone it to the rest of the iMacs using Firewire Target Disk mode.

The Ghost Reappeareth

Prior to the release of OS X 10.2, ASR (v1.1) was available only upon "special request" from an Apple System Engineer or an AppleCare representative. This first and unsupported version of ASR had a pretty short life span, because by the time August of 2002 had rolled around, Apple released OS X 10.2, along with a spiffy new version of Disk Copy and ASR as a supported command-line tool (Disk Copy was later rolled into Disk Utility with OS X 10.3).

It was about this time that I re-discovered ASR as a useful tool for cloning Macs, mostly out of need for refreshing our ten training Macs at our office. At first, I'd set up NetInstall (which, by the way, deserves another look in Tiger Server) but had found it slow and awkward, even though I was able to automate the installation of OS X and several applications. ASR, it turned out, was exactly what I needed.

Like Peanut Butter and Chocolate

By itself, ASR is the "Peanut Butter" of the cloning process, and without disk images, the "chocolate," is only really useful for making a quick down-and-dirty copy of a hard disk, as I'd done back in 2001 with the 35 iMacs. But this is still a great thing. Let's take the retail Tiger Install DVD, for example. If you have a number of Macs without the ability to read a DVD drive, your only alternative is to order the $19.95 CD media exchange kit directly from Apple. This is hardly convenient. Not only that, you'll still have to swap out three or four CDs during the installation.

The solution to this dilemma's rather simple. You'll need to insert the Mac OS X Tiger install DVD into a computer, and attach a Firewire hard drive, making sure to uncheck the "Ignore Ownership on This Volume" checkbox in the "Get Info" window of the disk. If you don't want to use up all of the space on the Firewire drive, you might want to partition it beforehand, setting aside 4.2 gigs for the installation files. Insert the Installation DVD, attach the Firewire Drive, and issue the following command in the Terminal:

classadmin:~ classadmin$ sudo asr -source /Volumes/Mac\ OS\ X\ Install\ DVD/ -target
   /Volumes/Firewire/ -erase
Password:
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk2s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk2s10...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done
classadmin:~ classadmin$ 

Note the presence of the -erase flag in the ASR command. This is very important. Without the -erase flag, ASR will perform a file copy rather than a block copy, which will copy items "in place," overwriting folders that exist with folders of the same name from the install source, yet leaving in place any other extant folders. Not only can this potentially be messy, it can also be disastrous if you accidentally miscalculate what's going to be installed or think that somehow the source and destination will "merge." Possible data loss aside, the file copy or "restore in place" is going to be much slower than the fast block-level copy that the -erase flag enables. Using the block-copy, the whole process takes exactly nine minutes. Now, you can boot off of the Firewire disk by holding down the option key at boot time or selecting it in the Startup Disk System Preference (double-clicking the black "Install OS X" icon in the Finder won't work) and run that upgrade installation or archive-and-install or nuke-and-pave (erase and install) right from that same Firewire drive at an installation speed that'll average less than ten minutes. If you've got a lot of installations to do, and don't want to use a standard image, using a Firewire drive instead of the DVD drive is a real timesaver

Hey Tiger, Your Ectoplasm is Showing!

One of the new "features" of Tiger is a change in the way the Finder handles invisible files. Many of us veteran cloners have noticed that the ".hidden" file that lived at the root of the startup disk in previous version of OSX, has been sloughed off in favor of "genuine Mac OS 9 style" invisibility flags. While the ".hidden" file was a pretty elegant solution, allowing Mac admins to specify additional invisible folders such as /sw for Fink (http://fink.sourceforge.net) installations. What is rather inelegant, and at first glance pretty spooky, is what happens after OS X 10.4 is cloned--the formerly invisible links to /etc, /var, /tmp, and the /Volumes directory (and perhaps all of the rest, as in the figure below) become visible. To fix this, a cloner either needs to recreate the .hidden file (which is still respected by OS X 10.4) with the tmp, var, etc and Volumes entries, of course making sure to set the proper permissions when finished, or follow Apple's instructions, which requires having the Mac OS X Installation DVD inserted:


Figure 2. Ectoplasm On


Figure 3. Ectoplasm Off

Using a .hidden file:

\imacg4:/ mostadmin$ sudo vi .hidden
Password:
etc
var
tmp
Volumes
imacg4:/ sudo chmod 444 .hidden
Using Apple's Directions from Knowledge base article number 30167:

classadmins:~ classadmin$ cd /Volumes/Mac\ OS\ X\ Install\ DVD/System/Installation/
   Packages/OSInstall.mpkg/Contents/Resources/
classadmins: /Volumes/Mac OS X Install DVD/System/Installation/Packages/OSInstall.mpkg/
   Contents/Resources classadmin$ sudo ./SetHidden /Volumes/Mac\ OS\ X\ Install\ DVD\ 1/
      hidden_MacOS9
Password:
set invisible: "/Volumes/Mac OS X Install DVD 1/bin"
set invisible: "/Volumes/Mac OS X Install DVD 1/dev"
set invisible: "/Volumes/Mac OS X Install DVD 1/etc"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach_kernel"
set invisible: "/Volumes/Mac OS X Install DVD 1/private"
set invisible: "/Volumes/Mac OS X Install DVD 1/sbin"
set invisible: "/Volumes/Mac OS X Install DVD 1/tmp"
set invisible: "/Volumes/Mac OS X Install DVD 1/usr"
set invisible: "/Volumes/Mac OS X Install DVD 1/var"
set invisible: "/Volumes/Mac OS X Install DVD 1/Volumes"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DB"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DF"
set invisible: "/Volumes/Mac OS X Install DVD 1/.Trashes"

Whew! That's a lot of typing to stuff that Ectoplasm back into the ghostly area of the OS, as it should be. However, don't try running this command on the current startup disk before making your image! Can you say instant kernel panic? I can! Evidently Apple engineers haven't yet found a way to incorporate the "hidden_MacOS9" attributes into the imaging process, which brings us to the our next point: exactly what is the proper process to prepare a clone-able disk image for use for Tiger?

Ghosts of Images Past, Present, and Future

Up until the release of Tiger, the answer to that question was very straightforward: use Mike Bombich's amazing Carbon Copy Cloner (http://www.bombich.com), which could automate several steps of the imaging process, and which is also, by the way, considered by many (myself included) to be one of the greatest AppleScript Studio Applications in existence. Carbon Copy Cloner also alleviated the need to boot off of another drive to make the disk image, saving some time in that regard. However, due to some drastic changes to the way AppleScript Studio handles authentication in Tiger, as well as some Tiger-specific imaging issues, such as the yucky ectoplasm above, Carbon Copy Cloner no longer works, although you can run it from a Mac booted from OS X 10.3 to clone a drive with 10.4 on it. Though Bombich is working on an update to CCC for Tiger, which we'll hopefully see soon, it's also useful to step through the process of creating an image using Apple's Disk Utility.

Step 1: Preparing to Make an Image

In last Month's MacTech, Clay Williams' excellent article "An Introduction to Builds, Creating Them and Using Them in Mac OS X" gave an overview of the process of creating an image for a deployment. While we're not going to concentrate on the nuances of building the "perfect" image here (which is an art form unto itself), let's just say that there's certain "gotchas" to look out for prior to cloning multiple Macs.

    1. Make sure none of the applications on your image require individual serial numbers. Often these will check the network and will simply complain and quit if they detect other copies of themselves running.

    2. Make sure you build your image on the newest, fastest Mac you can get your hands on. It'll make the imaging process snappier, as well as ensure that all of the proper driver-level support is in place for newer hardware, as well as the old.

    3. Create your users accounts after the cloning process, unless you absolutely have no other way to deploy the Macs. I'm not necessarily talking about the "admin" user that's on every Mac, but more so about the end-user. The main reason for this is to avoid the "ByHost" preferences issue where the wrong Ethernet hardware address is embedded in the .plist files. If you need to fix this issue post-imaging, you can download a nifty perl script from: http://www.occam.com/tools (updatebyhostprefs) which can fix this issue post-cloning if you don't have network user accounts or can't/don't want to create local accounts after the fact.

    4. Make sure you clean up your Mac properly before imaging it and try not to "use" it too much between making images so that the log files, for example, don't reflect spurious information from the "master" imaging Mac. If necessary, force a log rotation by running the weekly maintenance process:

Dual2ghz:/etc/periodic/weekly dean$ sudo ./500.weekly

Then removing any archived log files:

Dual2ghz:/ dean$ sudo rm /var/log/*gz

    5. Another good practice is to "tag" your image with a small text file to identify it, who built it, what the imaging date was, and any other notes that might help you or others you work with remember when/who/did what. I favor naming the text file with a ".log" extension and saving it in the /Library/Logs folder in order to check it with the Console Utility.

Step 2: Creating the Image

In order to effectively make an image from the disk you want to clone, you'll have to boot your Master Mac from another drive, either an external Firewire disk (another Mac in target disk mode will also work quite well) or another partition (I've seen G5s with two 160 gig drives all partitioned up just for this purpose), or, if you just want to go really slow, from the OS X Tiger Install DVD (but you'll still need another drive or partition to save your image on).

    1. Open Disk Utility located in /Applications/Utilities, first, select your master disk on the left-hand side and make sure that "Repair Disk Permissions is not grayed out. If it is, you'll need to uncheck the "Ignore Ownership on this Volume" checkbox choose File > New > Disk Image from Folder. . .


Figure 4. Ignore Ownership toggle in "Get Info" Window

    2. Choose the Folder you want to image, in this case, it'll be /Volumes/YourMasterDrive. Do not choose "Disk Image from Device," as that could wreak havoc with the ASR restore process later on. The "From Folder" option results in a disk image with a flexible partition size that can easily fit the drive you're imaging to. The "From Device" option will cause the restore process to revert to a file copy process rather than a block copy that will slow things down, and might result in unexpected volumes sizes on older version of OS X. For the type of image, choose "Read/Write." Normally, we'd go straight to "Compressed" which is both compress and read-only. But we've got to nuke the ectoplasm first. . . so it's another step for us. . . wait until the image finishes, then go ahead and scrub the ectoplasm by creating a .hidden file, or issuing the command from Apple knowledge base article number 30167 (after inserting the Tiger Install DVD). If you then unmount/remount the disk image, you'll see that all's well again, no ghostly remnants.


Figure 5. New Image from Folder

    3. In Disk Utility, click the "Convert" button and choose the image you just created. For the format, choose "compressed," and give it a slightly different name if saving into the same location, like "image_compressed.dmg." Go grab a beverage or several, depending on the size of your image. When done compressing, you'll notice that the image, if a base install of OS X 10.4.1, has shrunk to 1.5 gigabytes all the way down from 3.5 gigabytes.

    4. Once done converting, we've got to prep or "scan" the image for ASR. This process double-checksums the image and aligns all of the blocks for the fastest possible restore times, and, new to Tiger, is the multicast option. So, regardless if you don't know what multicast streaming is, or if you think you're going to be imaging Tiger, read on, and make sure you use Disk Utility from OS X 10.4 for the next step (though you should be using it for all of the steps). Go to the Images > Scan Image for Restore. . . menu item and select your compressed image. Time for a beverage run. Once you're done, you've got an ASR-ready disk image.


Figure 6. Scanning Image for ASR Successful

But first, before we go off willy-nilly imaging and restoring every single Mac in sight, let's savor the taste of these two great tastes that taste great together, and look into a few other uses for the "chocolate" goodies that we can make with our Disk Utility.

Other Uses for Disk Images

Disk images aren't just useful for cloning or duplicating. You'll find that applications that don't require authentication for installation are often distributed on disk images (.dmgs) for drag-and-drop easiness. Even compressed .dmgs don't require an external helper application to open and mount the downloaded file. But beyond the standard distribute-it-on-a-.dmg practice, there are other great uses for disk images that would otherwise require third-party software or even extra disk drives.

Backup: using a combination of hdiutil, cron, and psync or rsync, you can keep a bootable clone of your hard drive-up-to date as often as you'd like. It's also a great way to "preserve" a configuration of a hard disk before an upgrade (as I did before upgrading to Tiger on my PowerBook) or before sending in a Mac for a hard drive replacement, allowing for a restore to that exact configuration, if the upgrade doesn't go exactly as planned. A compressed disk image is also a nice alternative to .zip archive for long-term file archiving or electronic transfer if you know for sure that it'll be opened on another Mac. A backup script such as the one below will keep a bootable image in sync on a schedule with cron or when double clicked, if wrapped in an AppleScript as below:

do shell script "hdiutil attach '/Volumes/MAC_BACKUP/Macintosh_HD.sparseimage'"
do shell script "/usr/bin/runpsync -d '/Users/$USER' 
   '/Volumes/Mac_HD/Users/$USER'" with administrator privileges
set disk to do shell script "diskutil list|grep Mac_HD|awk 
'{print $5}'"
do shell script "hdiutil detach /dev/" & disk

A couple of things to watch out for are to make sure that the .sparseimage is initially created to be big enough to encompass all of the data it might eventually hold, and also that the like which contains the "awk" statement is properly adjusted based on the capacity of the disk, and the version of diskutil you're using, whether it be Panther or Tiger.

Security: using the 128-bit AES encryption capability of hdiutil or Disk Utility, you'll be able to store the most sensitive files in a virtually unbreakable cipher. Apple's own FileVault, by the way, uses a combination of the growable .sparseimage format with the AES-128 cipher, but is actually less secure because the password's the same as the login password by default, can be unlocked with the system's "Master" password, and is also stored in the login keychain. For the most secure settings, create a standalone AES-128 encrypted disk image, and never save the password in your keychain.

A safe, FAT haven for your HFS files: Recently, with the price of large (one gigabyte and bigger) keychain (USB) flash drives coming down to below $100 or even $49, they've become viable as a data transfer tool, quickie backup device, or even a data recovery or troubleshooting tool. However, in these days of OS X applications that don't have resource forks or create documents with resource forks, it easy to sometimes forget that nearly all of these USB drives come formatted with the FAT16 file system, which is still unfriendly to Classic Mac Applications, as well as Postscript Fonts, and QuarkXpress Documents, just to name a few. If you copy a file from your Mac to a FAT16 keychain drive, you'll separate the resource forks of the files and find that your Applications, Fonts, and other document may be trashed beyond the point of recoverability. One way around this problem is to format your USB drive with the HFS+ file system using Disk Utility, however, this prohibits the flash drive from ever being used with a Windows or Linux computer. I simply created a "sparseimage" on my USB keychain drive. A sparseimage is the a disk image with a "growable" filesystem. When you create a sparseimage, you have to specify the maximum size it can grow to, but it won't reach that size unless you fill it up. Now, when you attach your USB drive to a Mac, simply double-click the sparseimage to mount it. Put your Mac files in there, and you'll enjoy the best of both worlds, without having to reformat your USB drive.

Prepping for Emulators: often installing an emulator such as PearPC (http://www.pearpc.net) or Qemu (http://fabrice.bellard.free.fr/qemu), or even Mini vMmac (http://minivmac.sourceforge.net) for those who want a Mac Plus emulated under OS X requires a blank hard disk image to begin installation of an operating system or host the applications.


Figure 7. Mini vMac Emulator

Disk Utility is Apple's way of churning out blank filesystems that can be in various formats, including UFS, HFS+ with case sensitivity, FAT32, UFS (UNIX File System) or even free space, so that your chosen emulator can recognize and re-format if its chosen filesystem (like NTFS, for example) isn't directly supported by Disk Utility. Simply create a new read-write disk image, mount it, and treat it just like any other disk! Here's a quick tip for emulation fans: don't try the sparseimage format with an emulator, it won't work.


Figure 8. File System Options in Disk Utility

Burning: just about any CD-ROM or DVD-ROM (single layer) that mounts under Mac OS X is a candidate for burning. Even though the Tiger's Burn Folders have made it quicker to make multiple copies of CDs or DVDs, nothing's quicker than using Disk Utility to burn disk images, since OS X preps the burn session as a disk image anyway, increasing processing time. If there are discs that need to be distributed, it's easier to burn them as needed from disk images rather than from another optical disc or from a folder. A multiple-session CD or DVD is also possible with the "Leave disc appendable" option--simply burn additional disk images to the media until you run out of space. Note that ISO-9660 format (used for cross-platform discs) doesn't support multiple sessions.


Figure 9. Burn Options in Disk Utility

Ready, Set, Ghost!

OK, I know you're all excited about what we can do with disk images. Now it's time to start slinging them via ASR. I'll start with the simplest, most straightforward way. Of course, if you're going to be wiping out an entire disk with the contents of another, it should be pretty clear that the drive that's going to be imaged can't be "in use," so I'll have to boot from another disk. In this first example, I'll work from a Mac that's got the hard disk of an iBook mounted in target disk mode. The image is coming from a server volume. It's a simple process to drag the source image into the "Source" section of the "Restore" tab in Disk Utility, tell it to erase the destination, and viola, in just a few minutes I have a perfect clone from my image.


Figure 10. Using ASR from Disk Utility

Alternately, you can boot from the OS X Installer DVD and grab the .dmg from a Firewire drive, then use the "Restore" tab in Disk Utility to image the target drive, but booting from the Installation DVD is quite slow, so you'd even be better off booting from a Firewire disk that had the Installation DVD copied to it as in our very first ASR example. If you're a little more hard core than that, you can always do it the via the CLI:

powermacg4:~ classadmin$ sudo asr -source ~/Desktop/System_asr.dmg -target /Volumes/Firewire/
   -noverify -erase
Password:
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk1s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk1s10...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

There's absolutely nothing wrong with using "a different" hard disk to boot from and then clone your target disk. If you're deploying new machines, right out of the box, it can be a pretty efficient way to go, though you'll have to do one or two or three at a time. However, in some Mass Deployment situations, it's helpful to be able to "re-image" Macs say, at a semester break during a school year without having to go from machine to machine. If that's the case, then you're going to need to use NetBoot, of which the setup details, I'm sorry to say, are far beyond the scope of this article. However, if you've used NetBoot to re-image or deploy a lot of Macs, you'll know that running ASR over afp (Apple Filing Protocol) can put quite a drag on your network, with each additional ASR session taking up more and more bandwidth until all slow to a crawl.

The New Black

Luckily for us, Apple's been thinking a little ahead, and has, with Tiger, given us a new form of ASR: the multicast server. Mutlicasting is based on the concept of a group. The multicast "data stream" (often video or audio) is broadcast one way to a group of addresses that fall in between 224.0.0.0 to 239.255.255.255, or what's also referred to as the class "D" IP address space. If you've ever heard of a "broadcast storm" you're not far from the concept of a multicast. Therefore, except for special networks such as the Multicast backbone or "mbone," multicasting is not allowed on the Internet. Basically, a multicast is a continuous, one-way stream of data that a group of clients tap into to receive that data stream, and because the mutlicast is delivered to all clients willing to accept it, it can move data much more efficiently than session-oriented afp connections.

While multicast ASR isn't going to help with the requirement to "boot from another disk" or to NetBoot, it could make the process of deploying multiple Macs much faster than ever before. I decided to put multicast ASR through its paces to see how well it worked in the early releases of Tiger. First, I was delighted to find that the ASR multicast server does not require OS X Server, but does require that the ASR multicast client be booted from a Tiger disk. That doesn't mean, for example, that the image being multicast couldn't be OS X 10.3, or even OS 9 for that matter.

The steps for setting up an ASR multicast server are rather simple. First, prepare the image as in the instructions above, but if using an image prepared under Disk Utility for OS X 10.3, be sure to scan the image for ASR again, which will make it multicast compatible. Then, setup the server from the CLI:

imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Data Rate" -int 3000000
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Multicast Address" 224.0.0.123 
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "DNS Service Discovery" -bool true

Note that although the man page for ASR suggests that you create the ".plist" file (asrcast in the example above) in the /tmp directory, I've had problems with that, so I just throw it on my desktop or in another folder. The two required settings govern the rate of the multicast, which is very important for both performance and "network safety," which I'll get to in a minute. The second is the multicast address that the server uses. That's not the address for the client to connect to, however, but note that third, optional setting "DNS Service Discovery" -bool true, which activates Bonjour (a.k.a Rendezvous or Zeroconf) for the multicast server. Once all those are entered, the multicast server can be started with:

imacg4:~ mostadmin$ sudo asr -source ~/system_asr.dmg -server ~/Desktop/asrcast.plist/
Password:
Multicast server configuration:
DNS Service Discovery: true
Data Rate: 3000000
Multicast Address: 224.0.0.123
Ready to start accepting clients
Starting stream Tues May 31  05:09:31 2005

And the multicast client, when ready to connect can do it this way:

classadmins-power-mac-g4:~ classadmin$ sudo asr -source asr://imacg4.local -target 
   /Volumes/System -noverify -erase
Password:
        Validating target...done
        Validating source...done

        Erase contents of /dev/disk0s3 (/Volumes/System)? [ny]: y
        Erasing target device /dev/disk0s3...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

It's interesting how well that works: even if the ASR multicast server has a dynamic IP address, you can connect to it by its "computername.local" if you've enabled the "DNS Service Discovery" setting, but then that only works on your local subnet, which incidentally, is where the ASR multicast would most likely be contained, unless multicast forwarding has been properly configured on your LAN.

Multicast Ups/Downs

After giving ASR mutlicast a workout, I've come to several conclusions, none of which are very surprising. At its peak performance, a multicast ASR restore is a little bit faster than a single restore over an afp connection or even a locally attached Firewire disk. The difference is really apparent, however, when you run several concurrent multicast restores, which all take virtually the same amount of time as a single restore, whereas the afp restores start to bog. I could see, that under ideal conditions, multicast ASR could cut the restore times by nearly 75% for a group of 100 network-booted Macs, depending on the size of the image.

Yet running an ASR multicast server isn't without its pitfalls. You have to carefully evaluate how much multicast traffic your LAN can handle. . . as I found out when I first fired up my multicast server. A tcpdump of the network interface of all of the computers in my lab revealed the following multicast traffic:

04:05:58.625372 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.626846 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.628306 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.629778 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.631251 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.632740 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.634217 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.635730 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.637169 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.638630 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.640113 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.641579 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.647351 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466
04:05:58.648753 IP 192.168.0.90.55035 > 224.0.0.123.7800: UDP, length: 1466

which seemed to be a little bit too much for some of our other network services such our 3Com NBX VOIP phone system, which went offline, or my internal Nagios test server, which promptly emailed me the following warning:

***** Nagios  *****

Notification Type: PROBLEM

Service: current users
Host: nagitest
Address: 64.32.214.184
State: CRITICAL

Date/Time: Monday May 30 05:38:43 CDT 2005

Additional Info:

CHECK_NRPE: Socket timeout after 10 seconds

And then a minute or so after shutting off the multicast:

***** Nagios  *****

Notification Type: RECOVERY

Service: current users
Host: nagitest
Address: 64.32.214.184
State: OK

Date/Time: Monday May 30 05:43:22 CDT 2005

Additional Info:

USERS OK - 1 users currently logged in

Other anomalies included DNS lookup timeouts, web pages that failed to load, as well as afp authentication hangups. It seems that the multicast rate suggested by Apple in the ASR man page is a little too high for practical use for the network at our office, so cutting it in half seemed to help somewhat, but realistically it seemed safer to cut it to a third of the suggested rate, 2000000. Also, any other multicasting devices (phone systems, video streaming, etc.,) or running two multicast servers simultaneously will absolutely kill your network. Also to take under consideration is lowering the data rate at the client side to account for Macs with slower hard drives, less RAM, or slower network connections. It's pretty obvious to me that ASR multicast would be best run on an isolated switch or on a network where everyone had gone home for the day or the weekend. It's a pretty harsh mistress.

In the Black

If you've followed along with me up to this point, you might have already formulated the question that'll I'll answer for you right now. Is ASR Open-Source software? The answer's a big en-oh. So what's the Source Hound doing writing about something not-open-source? Well, it's free, which is close enough for me. Oh, and did I fail to mention that Symantec Ghost starts at $69 a seat? Of course, the cost goes down with volume buys, but the last group of thirty licenses I purchased for a Windows customer came in at about $400, and who knows what the upgrade will cost when Longhorn arrives. Who was it that said Macs were more expensive than PCs?

In Next Month's Source Hound

If you think I like Open-Source software, tune in next month as I sit down for a virtual interview with the grand pubah of Mac Geekery, Drunkenbatman of Drunkenblog (http://www.drunkenblog.com). We'll be discussing a wide range of topics from Open-Source to software development at Apple, QuickTime 7, Intellectual Property and the GPL, and oh my! Everything, including the cow!


Dean Shavit is an ACSA (Apple Certified System Administrator) who loves to use a Mac, but hates paying for software. Since he's not into breaking the law, his most common response to any cool solution is: "Does that cost money?" If it does, you can bet he's on the hunt for an Open-Source or freeware alternative. Besides surfing for hours, following the scent of great source code, he's a partner at MOST Training & Consulting in Chicago, where he trains system administrators in OS X and OS X Server, conducts large-scale Mac Deployment and Upgrade projects, and writes for his own website, http://www.themachelpdesk.com. If you have questions or comments you can contact him: dean@macworkshops.com.

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Whitethorn Games combines two completely...
If you have ever gone fishing then you know that it is a lesson in patience, sitting around waiting for a bite that may never come. Well, that's because you have been doing it wrong, since as Whitehorn Games now demonstrates in new release Skate... | Read more »
Call of Duty Warzone is a Waiting Simula...
It's always fun when a splashy multiplayer game comes to mobile because they are few and far between, so I was excited to see the notification about Call of Duty: Warzone Mobile (finally) launching last week and wanted to try it out. As someone who... | Read more »
Albion Online introduces some massive ne...
Sandbox Interactive has announced an upcoming update to its flagship MMORPG Albion Online, containing massive updates to its existing guild Vs guild systems. Someone clearly rewatched the Helms Deep battle in Lord of the Rings and spent the next... | Read more »
Chucklefish announces launch date of the...
Chucklefish, the indie London-based team we probably all know from developing Terraria or their stint publishing Stardew Valley, has revealed the mobile release date for roguelike deck-builder Wildfrost. Developed by Gaziter and Deadpan Games, the... | Read more »
Netmarble opens pre-registration for act...
It has been close to three years since Netmarble announced they would be adapting the smash series Solo Leveling into a video game, and at last, they have announced the opening of pre-orders for Solo Leveling: Arise. [Read more] | Read more »
PUBG Mobile celebrates sixth anniversary...
For the past six years, PUBG Mobile has been one of the most popular shooters you can play in the palm of your hand, and Krafton is celebrating this milestone and many years of ups by teaming up with hit music man JVKE to create a special song for... | Read more »
ASTRA: Knights of Veda refuse to pump th...
In perhaps the most recent example of being incredibly eager, ASTRA: Knights of Veda has dropped its second collaboration with South Korean boyband Seventeen, named so as it consists of exactly thirteen members and a video collaboration with Lee... | Read more »
Collect all your cats and caterpillars a...
If you are growing tired of trying to build a town with your phone by using it as a tiny, ineffectual shover then fear no longer, as Independent Arts Software has announced the upcoming release of Construction Simulator 4, from the critically... | Read more »
Backbone complete its lineup of 2nd Gene...
With all the ports of big AAA games that have been coming to mobile, it is becoming more convenient than ever to own a good controller, and to help with this Backbone has announced the completion of their 2nd generation product lineup with their... | Read more »
Zenless Zone Zero opens entries for its...
miHoYo, aka HoYoverse, has become such a big name in mobile gaming that it's hard to believe that arguably their flagship title, Genshin Impact, is only three and a half years old. Now, they continue the road to the next title in their world, with... | Read more »

Price Scanner via MacPrices.net

B&H has Apple’s 13-inch M2 MacBook Airs o...
B&H Photo has 13″ MacBook Airs with M2 CPUs and 256GB of storage in stock and on sale for up to $150 off Apple’s new MSRP, starting at only $849. Free 1-2 day delivery is available to most US... Read more
M2 Mac minis on sale for $100-$200 off MSRP,...
B&H Photo has Apple’s M2-powered Mac minis back in stock and on sale today for $100-$200 off MSRP. Free 1-2 day shipping is available for most US addresses: – Mac mini M2/256GB SSD: $499, save $... Read more
Mac Studios with M2 Max and M2 Ultra CPUs on...
B&H Photo has standard-configuration Mac Studios with Apple’s M2 Max & Ultra CPUs in stock today and on Easter sale for $200 off MSRP. Their prices are the lowest available for these models... Read more
Deal Alert! B&H Photo has Apple’s 14-inch...
B&H Photo has new Gray and Black 14″ M3, M3 Pro, and M3 Max MacBook Pros on sale for $200-$300 off MSRP, starting at only $1399. B&H offers free 1-2 day delivery to most US addresses: – 14″ 8... Read more
Department Of Justice Sets Sights On Apple In...
NEWS – The ball has finally dropped on the big Apple. The ball (metaphorically speaking) — an antitrust lawsuit filed in the U.S. on March 21 by the Department of Justice (DOJ) — came down following... Read more
New 13-inch M3 MacBook Air on sale for $999,...
Amazon has Apple’s new 13″ M3 MacBook Air on sale for $100 off MSRP for the first time, now just $999 shipped. Shipping is free: – 13″ MacBook Air (8GB RAM/256GB SSD/Space Gray): $999 $100 off MSRP... Read more
Amazon has Apple’s 9th-generation WiFi iPads...
Amazon has Apple’s 9th generation 10.2″ WiFi iPads on sale for $80-$100 off MSRP, starting only $249. Their prices are the lowest available for new iPads anywhere: – 10″ 64GB WiFi iPad (Space Gray or... Read more
Discounted 14-inch M3 MacBook Pros with 16GB...
Apple retailer Expercom has 14″ MacBook Pros with M3 CPUs and 16GB of standard memory discounted by up to $120 off Apple’s MSRP: – 14″ M3 MacBook Pro (16GB RAM/256GB SSD): $1691.06 $108 off MSRP – 14... Read more
Clearance 15-inch M2 MacBook Airs on sale for...
B&H Photo has Apple’s 15″ MacBook Airs with M2 CPUs (8GB RAM/256GB SSD) in stock today and on clearance sale for $999 in all four colors. Free 1-2 delivery is available to most US addresses.... Read more
Clearance 13-inch M1 MacBook Airs drop to onl...
B&H has Apple’s base 13″ M1 MacBook Air (Space Gray, Silver, & Gold) in stock and on clearance sale today for $300 off MSRP, only $699. Free 1-2 day shipping is available to most addresses in... Read more

Jobs Board

Medical Assistant - Surgical Oncology- *Apple...
Medical Assistant - Surgical Oncology- Apple Hill Location: WellSpan Medical Group, York, PA Schedule: Full Time Sign-On Bonus Eligible Remote/Hybrid Regular Apply Read more
Omnichannel Associate - *Apple* Blossom Mal...
Omnichannel Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Cashier - *Apple* Blossom Mall - JCPenney (...
Cashier - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Blossom Mall Read more
Operations Associate - *Apple* Blossom Mall...
Operations Associate - Apple Blossom Mall Location:Winchester, VA, United States (https://jobs.jcp.com/jobs/location/191170/winchester-va-united-states) - Apple Read more
Business Analyst | *Apple* Pay - Banco Popu...
Business Analyst | Apple PayApply now " Apply now + Apply Now + Start applying with LinkedIn Start + Please wait Date:Mar 19, 2024 Location: San Juan-Cupey, PR Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.