William Herrin wrote:
Facebook's _internal_ DNS, while not anycasted, followed a similar
logic: if the data center is isolated and their data goes stale, they
stop serving potentially wrong answers.
As I already wrote, that is a standard mechanism of DNS with SOA
expiration period as is documented in rfc1034
Then we agree:
Do we?
The failure mode was that after the data centers
disconnected from each other, all their DNS expired, breaking the
tools they'd normally use to recover.
It means DNS management of facebook is poor.
If they are using standard expire mechanism, they should have
used two zones facebook.com for external users with short
expire and internal.facebook.com for internal users with long
expire.
Facebook withdrawing the BGP
routes to its anycasted public DNS servers as they expired made no
difference.
If they are not using standard expire mechanism expecting
internal data still accessible even after external data
has expired, there is difference.
Masataka Ohta
