On-line device verification is not enabled for resources by default. To enable it, add the following lines to your resource configuration in /etc/drbd.conf:

resource resource
  syncer { 
    verify-alg algorithm;
  }
  ...
}

algorithm may be any message digest algorithm supported by the kernel crypto API in your system's kernel configuration. Normally, you should be able to choose at least from sha1, md5, and crc32c.

If you make this change to an existing resource, as always, synchronize your drbd.conf to the peer. and run drbdadm adjust resource on both nodes.

After you have enabled on-line verification, you will be able to initiate a verification run using the following command:

When you do so, DRBD starts an online verification run for resource, and if it detects any blocks not in sync, will mark those blocks as such and write a message to the kernel log. Any applications using the device at that time can continue to do so unimpeded, and you may also switch resource roles at will.

If out-of-sync blocks were detected during the verification run, you may resynchronize them using the following commands after verification has completed:

Most users will want to automate on-line device verification. This can be easily accomplished. Create a file with the following contents, named /etc/cron.d/drbd-verify on one of your nodes:

42 0 * * 0    root    /sbin/drbdadm verify resource

This will have cron invoke a device verification every Sunday at 42 minutes past midnight.

If you have enabled on-line verification for all your resources (for example, by adding verify-alg algorithm to the common section in /etc/drbd.conf), you may also use:

42 0 * * 0    root    /sbin/drbdadm verify all