TweetFollow Us on Twitter

Ghost In The Machine

Volume Number: 21 (2005)
Issue Number: 5
Column Tag: Programming

The Source Hound

Ghost In The Machine

by Dean Shavit

"The mind is not a non-physical substance residing in the body, 'a ghost in a machine,' but a set of capacities and abilities belonging to the body."

Gilbert Ryle, Concept of Mind (1949)

Mea Culpa

First, before I go any further, I have to say the following: I am a liar. In last month's Source Hound, I promised to bring MacTech readers an investigation into Tiger Server's new extended permissions a.k.a. Access Control Lists. While I am sure that I could have "bitten into the topic" with the Source Hound's special flair, it appears that Ed Marzcak, my fellow columnist, had an ace up his sleeve, so he'll be covering Tiger Server's ACLs.

One of Us, One of Us

If you've ever worked in corporate IT, the verb "Ghost" (as in 'to Ghost') is sure to conjure up an image familiar to many, that of a Help Desk Analyst, floppy disk in hand, with a big smile on their face: "So, your PC giving you a bit of the 'ol trouble no, well , go have yourself a cup of coffee and when you come back, it'll all be right as rain." One reboot later, a few keystrokes, and the Windows PC is back to pristine condition, barring no hardware trouble. It's magic.

Cloning hard drives has been the standard in corporate PC support and rollouts since the mid 1990s. It's a great way to cut the installation times for the Windows Operating System and applications down to minutes in some cases, rather than hours. Network home directories or "roaming" profiles, where the users' data resides on a server, rather than the local workstation, makes cloning almost standard operating procedure for fixing even the smallest of software glitches. While the "Imagists" are often thought of as a school of modern poets, whose ranks included William Carlos Williams and T.S. Eliot, today "imagists" are a highly-skilled loosely-knit group of tradesmen (and women) who spend their days managing a single image--operating system and software (sometimes referred to as a "standard image") that gets deployed onto dozens, hundreds, or even thousands of similar PCs.

The verb "Ghost" comes from the same type of lexical twist as calling every variety of Cola a "Coke." Symantec, the maker of antivirus and disk utilities for the Macintosh purchased the Ghost hard disk imaging solution from Binary Research Limited in June of 1998. As a defacto standard in the IT world, Ghost was and still is the preferred cloning solution for Windows PCs. At the time, I remember more than one person inquiring as to why Symantec didn't ship a Mac version of Ghost, since Symantec was a company that heavily supported the Mac with Symantec Anti-Virus (now Norton Anti-Virus) and the indispensable Norton Utilities suite of disk tools. The standard answer to that question was "with the Mac OS, you don't need to clone systems, as you can simply drag and drop a System Folder from the network or even pre-installed applications." That indeed was true. At the time, all you really needed to clone a Mac OS system and all applications was a SCSI hard drive big enough to hold everything.

In My Image

Working with images of floppy disks was nothing new to the Mac OS, even in the late 1990s. Until System 8.1, for example, Apple's installer technology used self-mounting disk images on the offhand chance someone would actually need to produce the nineteen floppy disks to install System 7.5.3 on, let's say, a PowerBook 5300 without a CD-ROM drive. Utilities such as DART (Disk Archiving Tool) and Disk Copy became more commonplace as installers grew larger and larger as Apple maintained compatibility between Macs with floppy drives and those with CD-ROMs.

Eventually, Apple did away with the floppy drive altogether, and now, with the retail release of OS X 10.4 Tiger shipping only on DVD-ROM, Apple is trying to do away with the CD-ROM as installer media as well. This is a pattern that repeats itself every time a type of media becomes unwieldy. It was not uncommon, for example, that an iMac or PowerMac G4 shipping in 2001 with OS 9.2.2 and OS X 10.1 would have a set of six or more restore CDs included. Running the software restore sequence would put the computer back into factory condition with all bundled software included. For those of us who were curious about the restore process, a little investigating led us to discover a nifty program called ASR (Apple Software Restore) hidden away on the first restore CD.

Figure 1. Classic Mac OS Disk Copy and ASR, Circa 2001

Those of us who played with the Classic Mac OS version of ASR found it could do some interesting things for deploying many Macs at the same time. In late 2001, I used ASR to roll out 35 iMacs at a customer's site in a single day. I prepped a single iMac and tested it for a while, made tweaks and updates until everyone agreed that it was ready, then used ASR to clone it to the rest of the iMacs using Firewire Target Disk mode.

The Ghost Reappeareth

Prior to the release of OS X 10.2, ASR (v1.1) was available only upon "special request" from an Apple System Engineer or an AppleCare representative. This first and unsupported version of ASR had a pretty short life span, because by the time August of 2002 had rolled around, Apple released OS X 10.2, along with a spiffy new version of Disk Copy and ASR as a supported command-line tool (Disk Copy was later rolled into Disk Utility with OS X 10.3).

It was about this time that I re-discovered ASR as a useful tool for cloning Macs, mostly out of need for refreshing our ten training Macs at our office. At first, I'd set up NetInstall (which, by the way, deserves another look in Tiger Server) but had found it slow and awkward, even though I was able to automate the installation of OS X and several applications. ASR, it turned out, was exactly what I needed.

Like Peanut Butter and Chocolate

By itself, ASR is the "Peanut Butter" of the cloning process, and without disk images, the "chocolate," is only really useful for making a quick down-and-dirty copy of a hard disk, as I'd done back in 2001 with the 35 iMacs. But this is still a great thing. Let's take the retail Tiger Install DVD, for example. If you have a number of Macs without the ability to read a DVD drive, your only alternative is to order the $19.95 CD media exchange kit directly from Apple. This is hardly convenient. Not only that, you'll still have to swap out three or four CDs during the installation.

The solution to this dilemma's rather simple. You'll need to insert the Mac OS X Tiger install DVD into a computer, and attach a Firewire hard drive, making sure to uncheck the "Ignore Ownership on This Volume" checkbox in the "Get Info" window of the disk. If you don't want to use up all of the space on the Firewire drive, you might want to partition it beforehand, setting aside 4.2 gigs for the installation files. Insert the Installation DVD, attach the Firewire Drive, and issue the following command in the Terminal:

classadmin:~ classadmin$ sudo asr -source /Volumes/Mac\ OS\ X\ Install\ DVD/ -target
   /Volumes/Firewire/ -erase
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk2s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk2s10...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done
classadmin:~ classadmin$ 

Note the presence of the -erase flag in the ASR command. This is very important. Without the -erase flag, ASR will perform a file copy rather than a block copy, which will copy items "in place," overwriting folders that exist with folders of the same name from the install source, yet leaving in place any other extant folders. Not only can this potentially be messy, it can also be disastrous if you accidentally miscalculate what's going to be installed or think that somehow the source and destination will "merge." Possible data loss aside, the file copy or "restore in place" is going to be much slower than the fast block-level copy that the -erase flag enables. Using the block-copy, the whole process takes exactly nine minutes. Now, you can boot off of the Firewire disk by holding down the option key at boot time or selecting it in the Startup Disk System Preference (double-clicking the black "Install OS X" icon in the Finder won't work) and run that upgrade installation or archive-and-install or nuke-and-pave (erase and install) right from that same Firewire drive at an installation speed that'll average less than ten minutes. If you've got a lot of installations to do, and don't want to use a standard image, using a Firewire drive instead of the DVD drive is a real timesaver

Hey Tiger, Your Ectoplasm is Showing!

One of the new "features" of Tiger is a change in the way the Finder handles invisible files. Many of us veteran cloners have noticed that the ".hidden" file that lived at the root of the startup disk in previous version of OSX, has been sloughed off in favor of "genuine Mac OS 9 style" invisibility flags. While the ".hidden" file was a pretty elegant solution, allowing Mac admins to specify additional invisible folders such as /sw for Fink ( installations. What is rather inelegant, and at first glance pretty spooky, is what happens after OS X 10.4 is cloned--the formerly invisible links to /etc, /var, /tmp, and the /Volumes directory (and perhaps all of the rest, as in the figure below) become visible. To fix this, a cloner either needs to recreate the .hidden file (which is still respected by OS X 10.4) with the tmp, var, etc and Volumes entries, of course making sure to set the proper permissions when finished, or follow Apple's instructions, which requires having the Mac OS X Installation DVD inserted:

Figure 2. Ectoplasm On

Figure 3. Ectoplasm Off

Using a .hidden file:

\imacg4:/ mostadmin$ sudo vi .hidden
imacg4:/ sudo chmod 444 .hidden
Using Apple's Directions from Knowledge base article number 30167:

classadmins:~ classadmin$ cd /Volumes/Mac\ OS\ X\ Install\ DVD/System/Installation/
classadmins: /Volumes/Mac OS X Install DVD/System/Installation/Packages/OSInstall.mpkg/
   Contents/Resources classadmin$ sudo ./SetHidden /Volumes/Mac\ OS\ X\ Install\ DVD\ 1/
set invisible: "/Volumes/Mac OS X Install DVD 1/bin"
set invisible: "/Volumes/Mac OS X Install DVD 1/dev"
set invisible: "/Volumes/Mac OS X Install DVD 1/etc"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach"
set invisible: "/Volumes/Mac OS X Install DVD 1/mach_kernel"
set invisible: "/Volumes/Mac OS X Install DVD 1/private"
set invisible: "/Volumes/Mac OS X Install DVD 1/sbin"
set invisible: "/Volumes/Mac OS X Install DVD 1/tmp"
set invisible: "/Volumes/Mac OS X Install DVD 1/usr"
set invisible: "/Volumes/Mac OS X Install DVD 1/var"
set invisible: "/Volumes/Mac OS X Install DVD 1/Volumes"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DB"
set invisible: "/Volumes/Mac OS X Install DVD 1/Desktop DF"
set invisible: "/Volumes/Mac OS X Install DVD 1/.Trashes"

Whew! That's a lot of typing to stuff that Ectoplasm back into the ghostly area of the OS, as it should be. However, don't try running this command on the current startup disk before making your image! Can you say instant kernel panic? I can! Evidently Apple engineers haven't yet found a way to incorporate the "hidden_MacOS9" attributes into the imaging process, which brings us to the our next point: exactly what is the proper process to prepare a clone-able disk image for use for Tiger?

Ghosts of Images Past, Present, and Future

Up until the release of Tiger, the answer to that question was very straightforward: use Mike Bombich's amazing Carbon Copy Cloner (, which could automate several steps of the imaging process, and which is also, by the way, considered by many (myself included) to be one of the greatest AppleScript Studio Applications in existence. Carbon Copy Cloner also alleviated the need to boot off of another drive to make the disk image, saving some time in that regard. However, due to some drastic changes to the way AppleScript Studio handles authentication in Tiger, as well as some Tiger-specific imaging issues, such as the yucky ectoplasm above, Carbon Copy Cloner no longer works, although you can run it from a Mac booted from OS X 10.3 to clone a drive with 10.4 on it. Though Bombich is working on an update to CCC for Tiger, which we'll hopefully see soon, it's also useful to step through the process of creating an image using Apple's Disk Utility.

Step 1: Preparing to Make an Image

In last Month's MacTech, Clay Williams' excellent article "An Introduction to Builds, Creating Them and Using Them in Mac OS X" gave an overview of the process of creating an image for a deployment. While we're not going to concentrate on the nuances of building the "perfect" image here (which is an art form unto itself), let's just say that there's certain "gotchas" to look out for prior to cloning multiple Macs.

    1. Make sure none of the applications on your image require individual serial numbers. Often these will check the network and will simply complain and quit if they detect other copies of themselves running.

    2. Make sure you build your image on the newest, fastest Mac you can get your hands on. It'll make the imaging process snappier, as well as ensure that all of the proper driver-level support is in place for newer hardware, as well as the old.

    3. Create your users accounts after the cloning process, unless you absolutely have no other way to deploy the Macs. I'm not necessarily talking about the "admin" user that's on every Mac, but more so about the end-user. The main reason for this is to avoid the "ByHost" preferences issue where the wrong Ethernet hardware address is embedded in the .plist files. If you need to fix this issue post-imaging, you can download a nifty perl script from: (updatebyhostprefs) which can fix this issue post-cloning if you don't have network user accounts or can't/don't want to create local accounts after the fact.

    4. Make sure you clean up your Mac properly before imaging it and try not to "use" it too much between making images so that the log files, for example, don't reflect spurious information from the "master" imaging Mac. If necessary, force a log rotation by running the weekly maintenance process:

Dual2ghz:/etc/periodic/weekly dean$ sudo ./500.weekly

Then removing any archived log files:

Dual2ghz:/ dean$ sudo rm /var/log/*gz

    5. Another good practice is to "tag" your image with a small text file to identify it, who built it, what the imaging date was, and any other notes that might help you or others you work with remember when/who/did what. I favor naming the text file with a ".log" extension and saving it in the /Library/Logs folder in order to check it with the Console Utility.

Step 2: Creating the Image

In order to effectively make an image from the disk you want to clone, you'll have to boot your Master Mac from another drive, either an external Firewire disk (another Mac in target disk mode will also work quite well) or another partition (I've seen G5s with two 160 gig drives all partitioned up just for this purpose), or, if you just want to go really slow, from the OS X Tiger Install DVD (but you'll still need another drive or partition to save your image on).

    1. Open Disk Utility located in /Applications/Utilities, first, select your master disk on the left-hand side and make sure that "Repair Disk Permissions is not grayed out. If it is, you'll need to uncheck the "Ignore Ownership on this Volume" checkbox choose File > New > Disk Image from Folder. . .

Figure 4. Ignore Ownership toggle in "Get Info" Window

    2. Choose the Folder you want to image, in this case, it'll be /Volumes/YourMasterDrive. Do not choose "Disk Image from Device," as that could wreak havoc with the ASR restore process later on. The "From Folder" option results in a disk image with a flexible partition size that can easily fit the drive you're imaging to. The "From Device" option will cause the restore process to revert to a file copy process rather than a block copy that will slow things down, and might result in unexpected volumes sizes on older version of OS X. For the type of image, choose "Read/Write." Normally, we'd go straight to "Compressed" which is both compress and read-only. But we've got to nuke the ectoplasm first. . . so it's another step for us. . . wait until the image finishes, then go ahead and scrub the ectoplasm by creating a .hidden file, or issuing the command from Apple knowledge base article number 30167 (after inserting the Tiger Install DVD). If you then unmount/remount the disk image, you'll see that all's well again, no ghostly remnants.

Figure 5. New Image from Folder

    3. In Disk Utility, click the "Convert" button and choose the image you just created. For the format, choose "compressed," and give it a slightly different name if saving into the same location, like "image_compressed.dmg." Go grab a beverage or several, depending on the size of your image. When done compressing, you'll notice that the image, if a base install of OS X 10.4.1, has shrunk to 1.5 gigabytes all the way down from 3.5 gigabytes.

    4. Once done converting, we've got to prep or "scan" the image for ASR. This process double-checksums the image and aligns all of the blocks for the fastest possible restore times, and, new to Tiger, is the multicast option. So, regardless if you don't know what multicast streaming is, or if you think you're going to be imaging Tiger, read on, and make sure you use Disk Utility from OS X 10.4 for the next step (though you should be using it for all of the steps). Go to the Images > Scan Image for Restore. . . menu item and select your compressed image. Time for a beverage run. Once you're done, you've got an ASR-ready disk image.

Figure 6. Scanning Image for ASR Successful

But first, before we go off willy-nilly imaging and restoring every single Mac in sight, let's savor the taste of these two great tastes that taste great together, and look into a few other uses for the "chocolate" goodies that we can make with our Disk Utility.

Other Uses for Disk Images

Disk images aren't just useful for cloning or duplicating. You'll find that applications that don't require authentication for installation are often distributed on disk images (.dmgs) for drag-and-drop easiness. Even compressed .dmgs don't require an external helper application to open and mount the downloaded file. But beyond the standard distribute-it-on-a-.dmg practice, there are other great uses for disk images that would otherwise require third-party software or even extra disk drives.

Backup: using a combination of hdiutil, cron, and psync or rsync, you can keep a bootable clone of your hard drive-up-to date as often as you'd like. It's also a great way to "preserve" a configuration of a hard disk before an upgrade (as I did before upgrading to Tiger on my PowerBook) or before sending in a Mac for a hard drive replacement, allowing for a restore to that exact configuration, if the upgrade doesn't go exactly as planned. A compressed disk image is also a nice alternative to .zip archive for long-term file archiving or electronic transfer if you know for sure that it'll be opened on another Mac. A backup script such as the one below will keep a bootable image in sync on a schedule with cron or when double clicked, if wrapped in an AppleScript as below:

do shell script "hdiutil attach '/Volumes/MAC_BACKUP/Macintosh_HD.sparseimage'"
do shell script "/usr/bin/runpsync -d '/Users/$USER' 
   '/Volumes/Mac_HD/Users/$USER'" with administrator privileges
set disk to do shell script "diskutil list|grep Mac_HD|awk 
'{print $5}'"
do shell script "hdiutil detach /dev/" & disk

A couple of things to watch out for are to make sure that the .sparseimage is initially created to be big enough to encompass all of the data it might eventually hold, and also that the like which contains the "awk" statement is properly adjusted based on the capacity of the disk, and the version of diskutil you're using, whether it be Panther or Tiger.

Security: using the 128-bit AES encryption capability of hdiutil or Disk Utility, you'll be able to store the most sensitive files in a virtually unbreakable cipher. Apple's own FileVault, by the way, uses a combination of the growable .sparseimage format with the AES-128 cipher, but is actually less secure because the password's the same as the login password by default, can be unlocked with the system's "Master" password, and is also stored in the login keychain. For the most secure settings, create a standalone AES-128 encrypted disk image, and never save the password in your keychain.

A safe, FAT haven for your HFS files: Recently, with the price of large (one gigabyte and bigger) keychain (USB) flash drives coming down to below $100 or even $49, they've become viable as a data transfer tool, quickie backup device, or even a data recovery or troubleshooting tool. However, in these days of OS X applications that don't have resource forks or create documents with resource forks, it easy to sometimes forget that nearly all of these USB drives come formatted with the FAT16 file system, which is still unfriendly to Classic Mac Applications, as well as Postscript Fonts, and QuarkXpress Documents, just to name a few. If you copy a file from your Mac to a FAT16 keychain drive, you'll separate the resource forks of the files and find that your Applications, Fonts, and other document may be trashed beyond the point of recoverability. One way around this problem is to format your USB drive with the HFS+ file system using Disk Utility, however, this prohibits the flash drive from ever being used with a Windows or Linux computer. I simply created a "sparseimage" on my USB keychain drive. A sparseimage is the a disk image with a "growable" filesystem. When you create a sparseimage, you have to specify the maximum size it can grow to, but it won't reach that size unless you fill it up. Now, when you attach your USB drive to a Mac, simply double-click the sparseimage to mount it. Put your Mac files in there, and you'll enjoy the best of both worlds, without having to reformat your USB drive.

Prepping for Emulators: often installing an emulator such as PearPC ( or Qemu (, or even Mini vMmac ( for those who want a Mac Plus emulated under OS X requires a blank hard disk image to begin installation of an operating system or host the applications.

Figure 7. Mini vMac Emulator

Disk Utility is Apple's way of churning out blank filesystems that can be in various formats, including UFS, HFS+ with case sensitivity, FAT32, UFS (UNIX File System) or even free space, so that your chosen emulator can recognize and re-format if its chosen filesystem (like NTFS, for example) isn't directly supported by Disk Utility. Simply create a new read-write disk image, mount it, and treat it just like any other disk! Here's a quick tip for emulation fans: don't try the sparseimage format with an emulator, it won't work.

Figure 8. File System Options in Disk Utility

Burning: just about any CD-ROM or DVD-ROM (single layer) that mounts under Mac OS X is a candidate for burning. Even though the Tiger's Burn Folders have made it quicker to make multiple copies of CDs or DVDs, nothing's quicker than using Disk Utility to burn disk images, since OS X preps the burn session as a disk image anyway, increasing processing time. If there are discs that need to be distributed, it's easier to burn them as needed from disk images rather than from another optical disc or from a folder. A multiple-session CD or DVD is also possible with the "Leave disc appendable" option--simply burn additional disk images to the media until you run out of space. Note that ISO-9660 format (used for cross-platform discs) doesn't support multiple sessions.

Figure 9. Burn Options in Disk Utility

Ready, Set, Ghost!

OK, I know you're all excited about what we can do with disk images. Now it's time to start slinging them via ASR. I'll start with the simplest, most straightforward way. Of course, if you're going to be wiping out an entire disk with the contents of another, it should be pretty clear that the drive that's going to be imaged can't be "in use," so I'll have to boot from another disk. In this first example, I'll work from a Mac that's got the hard disk of an iBook mounted in target disk mode. The image is coming from a server volume. It's a simple process to drag the source image into the "Source" section of the "Restore" tab in Disk Utility, tell it to erase the destination, and viola, in just a few minutes I have a perfect clone from my image.

Figure 10. Using ASR from Disk Utility

Alternately, you can boot from the OS X Installer DVD and grab the .dmg from a Firewire drive, then use the "Restore" tab in Disk Utility to image the target drive, but booting from the Installation DVD is quite slow, so you'd even be better off booting from a Firewire disk that had the Installation DVD copied to it as in our very first ASR example. If you're a little more hard core than that, you can always do it the via the CLI:

powermacg4:~ classadmin$ sudo asr -source ~/Desktop/System_asr.dmg -target /Volumes/Firewire/
   -noverify -erase
        Validating target...done
        Validating source...done
        Erase contents of /dev/disk1s10 (/Volumes/Firewire)? [ny]: y
        Erasing target device /dev/disk1s10...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

There's absolutely nothing wrong with using "a different" hard disk to boot from and then clone your target disk. If you're deploying new machines, right out of the box, it can be a pretty efficient way to go, though you'll have to do one or two or three at a time. However, in some Mass Deployment situations, it's helpful to be able to "re-image" Macs say, at a semester break during a school year without having to go from machine to machine. If that's the case, then you're going to need to use NetBoot, of which the setup details, I'm sorry to say, are far beyond the scope of this article. However, if you've used NetBoot to re-image or deploy a lot of Macs, you'll know that running ASR over afp (Apple Filing Protocol) can put quite a drag on your network, with each additional ASR session taking up more and more bandwidth until all slow to a crawl.

The New Black

Luckily for us, Apple's been thinking a little ahead, and has, with Tiger, given us a new form of ASR: the multicast server. Mutlicasting is based on the concept of a group. The multicast "data stream" (often video or audio) is broadcast one way to a group of addresses that fall in between to, or what's also referred to as the class "D" IP address space. If you've ever heard of a "broadcast storm" you're not far from the concept of a multicast. Therefore, except for special networks such as the Multicast backbone or "mbone," multicasting is not allowed on the Internet. Basically, a multicast is a continuous, one-way stream of data that a group of clients tap into to receive that data stream, and because the mutlicast is delivered to all clients willing to accept it, it can move data much more efficiently than session-oriented afp connections.

While multicast ASR isn't going to help with the requirement to "boot from another disk" or to NetBoot, it could make the process of deploying multiple Macs much faster than ever before. I decided to put multicast ASR through its paces to see how well it worked in the early releases of Tiger. First, I was delighted to find that the ASR multicast server does not require OS X Server, but does require that the ASR multicast client be booted from a Tiger disk. That doesn't mean, for example, that the image being multicast couldn't be OS X 10.3, or even OS 9 for that matter.

The steps for setting up an ASR multicast server are rather simple. First, prepare the image as in the instructions above, but if using an image prepared under Disk Utility for OS X 10.3, be sure to scan the image for ASR again, which will make it multicast compatible. Then, setup the server from the CLI:

imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Data Rate" -int 3000000
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "Multicast Address" 
imacg4:~ mostadmin$ defaults write ~/Desktop/asrcast "DNS Service Discovery" -bool true

Note that although the man page for ASR suggests that you create the ".plist" file (asrcast in the example above) in the /tmp directory, I've had problems with that, so I just throw it on my desktop or in another folder. The two required settings govern the rate of the multicast, which is very important for both performance and "network safety," which I'll get to in a minute. The second is the multicast address that the server uses. That's not the address for the client to connect to, however, but note that third, optional setting "DNS Service Discovery" -bool true, which activates Bonjour (a.k.a Rendezvous or Zeroconf) for the multicast server. Once all those are entered, the multicast server can be started with:

imacg4:~ mostadmin$ sudo asr -source ~/system_asr.dmg -server ~/Desktop/asrcast.plist/
Multicast server configuration:
DNS Service Discovery: true
Data Rate: 3000000
Multicast Address:
Ready to start accepting clients
Starting stream Tues May 31  05:09:31 2005

And the multicast client, when ready to connect can do it this way:

classadmins-power-mac-g4:~ classadmin$ sudo asr -source asr://imacg4.local -target 
   /Volumes/System -noverify -erase
        Validating target...done
        Validating source...done

        Erase contents of /dev/disk0s3 (/Volumes/System)? [ny]: y
        Erasing target device /dev/disk0s3...done
        Retrieving scan information...done
        Validating sizes...done
        Restoring  ....10....20....30....40....50....60....70....80....90....100
        Remounting target volume...done

It's interesting how well that works: even if the ASR multicast server has a dynamic IP address, you can connect to it by its "computername.local" if you've enabled the "DNS Service Discovery" setting, but then that only works on your local subnet, which incidentally, is where the ASR multicast would most likely be contained, unless multicast forwarding has been properly configured on your LAN.

Multicast Ups/Downs

After giving ASR mutlicast a workout, I've come to several conclusions, none of which are very surprising. At its peak performance, a multicast ASR restore is a little bit faster than a single restore over an afp connection or even a locally attached Firewire disk. The difference is really apparent, however, when you run several concurrent multicast restores, which all take virtually the same amount of time as a single restore, whereas the afp restores start to bog. I could see, that under ideal conditions, multicast ASR could cut the restore times by nearly 75% for a group of 100 network-booted Macs, depending on the size of the image.

Yet running an ASR multicast server isn't without its pitfalls. You have to carefully evaluate how much multicast traffic your LAN can handle. . . as I found out when I first fired up my multicast server. A tcpdump of the network interface of all of the computers in my lab revealed the following multicast traffic:

04:05:58.625372 IP > UDP, length: 1466
04:05:58.626846 IP > UDP, length: 1466
04:05:58.628306 IP > UDP, length: 1466
04:05:58.629778 IP > UDP, length: 1466
04:05:58.631251 IP > UDP, length: 1466
04:05:58.632740 IP > UDP, length: 1466
04:05:58.634217 IP > UDP, length: 1466
04:05:58.635730 IP > UDP, length: 1466
04:05:58.637169 IP > UDP, length: 1466
04:05:58.638630 IP > UDP, length: 1466
04:05:58.640113 IP > UDP, length: 1466
04:05:58.641579 IP > UDP, length: 1466
04:05:58.647351 IP > UDP, length: 1466
04:05:58.648753 IP > UDP, length: 1466

which seemed to be a little bit too much for some of our other network services such our 3Com NBX VOIP phone system, which went offline, or my internal Nagios test server, which promptly emailed me the following warning:

***** Nagios  *****

Notification Type: PROBLEM

Service: current users
Host: nagitest

Date/Time: Monday May 30 05:38:43 CDT 2005

Additional Info:

CHECK_NRPE: Socket timeout after 10 seconds

And then a minute or so after shutting off the multicast:

***** Nagios  *****

Notification Type: RECOVERY

Service: current users
Host: nagitest
State: OK

Date/Time: Monday May 30 05:43:22 CDT 2005

Additional Info:

USERS OK - 1 users currently logged in

Other anomalies included DNS lookup timeouts, web pages that failed to load, as well as afp authentication hangups. It seems that the multicast rate suggested by Apple in the ASR man page is a little too high for practical use for the network at our office, so cutting it in half seemed to help somewhat, but realistically it seemed safer to cut it to a third of the suggested rate, 2000000. Also, any other multicasting devices (phone systems, video streaming, etc.,) or running two multicast servers simultaneously will absolutely kill your network. Also to take under consideration is lowering the data rate at the client side to account for Macs with slower hard drives, less RAM, or slower network connections. It's pretty obvious to me that ASR multicast would be best run on an isolated switch or on a network where everyone had gone home for the day or the weekend. It's a pretty harsh mistress.

In the Black

If you've followed along with me up to this point, you might have already formulated the question that'll I'll answer for you right now. Is ASR Open-Source software? The answer's a big en-oh. So what's the Source Hound doing writing about something not-open-source? Well, it's free, which is close enough for me. Oh, and did I fail to mention that Symantec Ghost starts at $69 a seat? Of course, the cost goes down with volume buys, but the last group of thirty licenses I purchased for a Windows customer came in at about $400, and who knows what the upgrade will cost when Longhorn arrives. Who was it that said Macs were more expensive than PCs?

In Next Month's Source Hound

If you think I like Open-Source software, tune in next month as I sit down for a virtual interview with the grand pubah of Mac Geekery, Drunkenbatman of Drunkenblog ( We'll be discussing a wide range of topics from Open-Source to software development at Apple, QuickTime 7, Intellectual Property and the GPL, and oh my! Everything, including the cow!

Dean Shavit is an ACSA (Apple Certified System Administrator) who loves to use a Mac, but hates paying for software. Since he's not into breaking the law, his most common response to any cool solution is: "Does that cost money?" If it does, you can bet he's on the hunt for an Open-Source or freeware alternative. Besides surfing for hours, following the scent of great source code, he's a partner at MOST Training & Consulting in Chicago, where he trains system administrators in OS X and OS X Server, conducts large-scale Mac Deployment and Upgrade projects, and writes for his own website, If you have questions or comments you can contact him:


Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Pack a magnifying glass and practice you...
Somehow it has already been a year since Torchlight: Infinite launched, and XD Games is celebrating by blending in what sounds like a truly fantastic new update. Fans of Cthulhu rejoice, as Whispering Mist brings some horror elements, and tests... | Read more »
Summon your guild and prepare for war in...
Netmarble is making some pretty big moves with their latest update for Seven Knights Idle Adventure, with a bunch of interesting additions. Two new heroes enter the battle, there are events and bosses abound, and perhaps most interesting, a huge... | Read more »
Make the passage of time your plaything...
While some of us are still waiting for a chance to get our hands on Ash Prime - yes, don’t remind me I could currently buy him this month I’m barely hanging on - Digital Extremes has announced its next anticipated Prime Form for Warframe. Starting... | Read more »
If you can find it and fit through the d...
The holy trinity of amazing company names have come together, to release their equally amazing and adorable mobile game, Hamster Inn. Published by HyperBeard Games, and co-developed by Mum Not Proud and Little Sasquatch Studios, it's time to... | Read more »
Amikin Survival opens for pre-orders on...
Join me on the wonderful trip down the inspiration rabbit hole; much as Palworld seemingly “borrowed” many aspects from the hit Pokemon franchise, it is time for the heavily armed animal survival to also spawn some illegitimate children as Helio... | Read more »
PUBG Mobile teams up with global phenome...
Since launching in 2019, SpyxFamily has exploded to damn near catastrophic popularity, so it was only a matter of time before a mobile game snapped up a collaboration. Enter PUBG Mobile. Until May 12th, players will be able to collect a host of... | Read more »
Embark into the frozen tundra of certain...
Chucklefish, developers of hit action-adventure sandbox game Starbound and owner of one of the cutest logos in gaming, has released their roguelike deck-builder Wildfrost. Created alongside developers Gaziter and Deadpan Games, Wildfrost will... | Read more »
MoreFun Studios has announced Season 4,...
Tension has escalated in the ever-volatile world of Arena Breakout, as your old pal Randall Fisher and bosses Fred and Perrero continue to lob insults and explosives at each other, bringing us to a new phase of warfare. Season 4, Into The Fog of... | Read more »
Top Mobile Game Discounts
Every day, we pick out a curated list of the best mobile discounts on the App Store and post them here. This list won't be comprehensive, but it every game on it is recommended. Feel free to check out the coverage we did on them in the links below... | Read more »
Marvel Future Fight celebrates nine year...
Announced alongside an advertising image I can only assume was aimed squarely at myself with the prominent Deadpool and Odin featured on it, Netmarble has revealed their celebrations for the 9th anniversary of Marvel Future Fight. The Countdown... | Read more »

Price Scanner via

Every model of Apple’s 13-inch M3 MacBook Air...
Best Buy has Apple 13″ MacBook Airs with M3 CPUs in stock and on sale today for $100 off MSRP. Prices start at $999. Their prices are the lowest currently available for new 13″ M3 MacBook Airs among... Read more
Sunday Sale: Apple iPad Magic Keyboards for 1...
Walmart has Apple Magic Keyboards for 12.9″ iPad Pros, in Black, on sale for $150 off MSRP on their online store. Sale price for online orders only, in-store price may vary. Order online and choose... Read more
Apple Watch Ultra 2 now available at Apple fo...
Apple has, for the first time, begun offering Certified Refurbished Apple Watch Ultra 2 models in their online store for $679, or $120 off MSRP. Each Watch includes Apple’s standard one-year warranty... Read more
AT&T has the iPhone 14 on sale for only $...
AT&T has the 128GB Apple iPhone 14 available for only $5.99 per month for new and existing customers when you activate unlimited service and use AT&T’s 36 month installment plan. The fine... Read more
Amazon is offering a $100 discount on every M...
Amazon is offering a $100 instant discount on each configuration of Apple’s new 13″ M3 MacBook Air, in Midnight, this weekend. These are the lowest prices currently available for new 13″ M3 MacBook... Read more
You can save $300-$480 on a 14-inch M3 Pro/Ma...
Apple has 14″ M3 Pro and M3 Max MacBook Pros in stock today and available, Certified Refurbished, starting at $1699 and ranging up to $480 off MSRP. Each model features a new outer case, shipping is... Read more
24-inch M1 iMacs available at Apple starting...
Apple has clearance M1 iMacs available in their Certified Refurbished store starting at $1049 and ranging up to $300 off original MSRP. Each iMac is in like-new condition and comes with Apple’s... Read more
Walmart continues to offer $699 13-inch M1 Ma...
Walmart continues to offer new Apple 13″ M1 MacBook Airs (8GB RAM, 256GB SSD) online for $699, $300 off original MSRP, in Space Gray, Silver, and Gold colors. These are new MacBook for sale by... Read more
B&H has 13-inch M2 MacBook Airs with 16GB...
B&H Photo has 13″ MacBook Airs with M2 CPUs, 16GB of memory, and 256GB of storage in stock and on sale for $1099, $100 off Apple’s MSRP for this configuration. Free 1-2 day delivery is available... Read more
14-inch M3 MacBook Pro with 16GB of RAM avail...
Apple has the 14″ M3 MacBook Pro with 16GB of RAM and 1TB of storage, Certified Refurbished, available for $300 off MSRP. Each MacBook Pro features a new outer case, shipping is free, and an Apple 1-... Read more

Jobs Board

*Apple* Systems Administrator - JAMF - Activ...
…**Public Trust/Other Required:** None **Job Family:** Systems Administration **Skills:** Apple Platforms,Computer Servers,Jamf Pro **Experience:** 3 + years of Read more
IT Systems Engineer ( *Apple* Platforms) - S...
IT Systems Engineer ( Apple Platforms) at SpaceX Hawthorne, CA SpaceX was founded under the belief that a future where humanity is out exploring the stars is Read more
Nurse Anesthetist - *Apple* Hill Surgery Ce...
Nurse Anesthetist - Apple Hill Surgery Center Location: WellSpan Medical Group, York, PA Schedule: Full Time Sign-On Bonus Eligible Remote/Hybrid Regular Apply Now Read more
Housekeeper, *Apple* Valley Village - Cassi...
Apple Valley Village Health Care Center, a senior care campus, is hiring a Part-Time Housekeeper to join our team! We will train you for this position! In this role, Read more
Sublease Associate Optometrist- *Apple* Val...
Sublease Associate Optometrist- Apple Valley, CA- Target Optical Date: Apr 20, 2024 Brand: Target Optical Location: Apple Valley, CA, US, 92307 **Requisition Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.