nanog mailing list archives
Re: Better description of what happened
From: Hugo Slabbert <hugo () slabnet com>
Date: Wed, 6 Oct 2021 14:55:38 -0700
Do we actually know this wrt the tools referred to in "the total loss of DNS broke many of the tools we’d normally use to investigate and resolve outages like this."? Those tools aren't necessarily located in any of the remote data centers, and some of them might even refer to resources outside the facebook network.
Yea; that's kinda the thinking here. Specifics are scarce, but there were notes re: the OOB for instance also being unusable. The questions are how much that was due to dependence of the OOB network on the production side, and how much DNS being notionally available might have supported getting things back off the ground (if it would just provide mgt addresses for key devices, or if perhaps there was a AAA dependency that also rode on DNS). This isn't to say there aren't other design considerations in play to make that fly (e.g. if DNS lives in edge POPs, and such an edge POP gets isolated from the FB network but still has public Internet peering, how do we ensure that edge POP does not continue exporting the DNS prefix into the DFZ and serving stale records?), but perhaps also still solvable I'm sure they'll learn from this and in the future have some better things
in place to account for such a scenario.
100% I think we can say with some level of confidence that there is going to be a *lot* of discussion and re-evaluation of inter-service dependencies. -- Hugo Slabbert On Wed, Oct 6, 2021 at 9:48 AM Tom Beecher <beecher () beecher cc> wrote:
I mean, at the end of the day they likely designed these systems to be able to handle one or more datacenters being disconnected from the world, and considered a scenario of ALL their datacenters being disconnected from the world so unlikely they chose not to solve for it. Works great, until it doesn't. I'm sure they'll learn from this and in the future have some better things in place to account for such a scenario. On Wed, Oct 6, 2021 at 12:21 PM Bjørn Mork <bjorn () mork no> wrote:Tom Beecher <beecher () beecher cc> writes:Even if the external announcements were not withdrawn, and the edge DNS servers could provide stale answers, the IPs those answers provided wouldn't have actuallybeenreachableDo we actually know this wrt the tools referred to in "the total loss of DNS broke many of the tools we’d normally use to investigate and resolve outages like this."? Those tools aren't necessarily located in any of the remote data centers, and some of them might even refer to resources outside the facebook network. Not to mention that keeping the DNS service up would have prevented resolver overload in the rest of the world. Besides, the disconnected frontend servers are probably configured to display a "we have a slight technical issue. will be right back" notice in such situations. This is a much better user experience that the "facebook? never heard of it" message we got on monday. yes, it makes sense to keep your domains alive even if your network isn't. That's why the best practice is name servers in more than one AS. Bjørn
Current thread:
- Better description of what happened, (continued)
- Better description of what happened Michael Thomas (Oct 05)
- Re: Better description of what happened scott (Oct 05)
- Re: Better description of what happened Curtis Maurand (Oct 06)
- Re: Better description of what happened PJ Capelli via NANOG (Oct 06)
- Re: Better description of what happened Andy Brezinsky (Oct 05)
- Re: Better description of what happened Michael Thomas (Oct 05)
- Re: Better description of what happened Hugo Slabbert (Oct 05)
- Re: Better description of what happened Tom Beecher (Oct 06)
- Re: Better description of what happened Bjørn Mork (Oct 06)
- Re: Better description of what happened Tom Beecher (Oct 06)
- Re: Better description of what happened Hugo Slabbert (Oct 06)
- Re: Facebook post-mortems... Masataka Ohta (Oct 05)
- Re: Facebook post-mortems... Bjørn Mork (Oct 05)
- Re: Facebook post-mortems... Masataka Ohta (Oct 06)
- Re: Facebook post-mortems... Bjørn Mork (Oct 06)
- DNS pulling BGP routes? Michael Thomas (Oct 06)
- Re: DNS pulling BGP routes? J. Hellenthal via NANOG (Oct 06)
- Re: DNS pulling BGP routes? Jared Mauch (Oct 06)
- Re: DNS pulling BGP routes? Blake Dunlap (Oct 06)
- Re: DNS pulling BGP routes? Masataka Ohta (Oct 06)
- Re: DNS pulling BGP routes? William Herrin (Oct 07)