SURVIVING NETWORK PARTITIONING

Applications implemented as distributed systems must withstand network partitioning faults, which split the system into two Or more componen ts. Though processes in the same component can communicate with each o ther, they cannot communicate with processes in other components. If p rocesses continue to operate in the disconnected components, they migh t perform incompatible operations and make the application data incons istent. A real-world business cannot stop operating if the network par titions. The authors have developed a strategy that permits processing to continue in all components of a partitioned network. The processes in the disconnected components generate and queue fulfillment transac tions that record the actions taken while the network is partitioned. When communication is restored and the components remerge, the fulfill ment transactions are dequeued and processed to obtain a consistent st ate of the application data. Fulfillment transactions allow continued operations, require little additional infrastructure, incur little add itional overhead, and are programmed just like other types of transact ions.