Presentation is loading. Please wait.

Presentation is loading. Please wait.

Classifying fault-tolerance Masking tolerance. Application runs as it is. The failure does not have a visible impact. All properties (both liveness & safety)

Published byMatilda Bryant Modified over 8 years ago

Similar presentations

Presentation on theme: "Classifying fault-tolerance Masking tolerance. Application runs as it is. The failure does not have a visible impact. All properties (both liveness & safety)"— Presentation transcript:

1 Classifying fault-tolerance Masking tolerance. Application runs as it is. The failure does not have a visible impact. All properties (both liveness & safety) continue to hold. Non-masking tolerance. Safety property is temporarily affected, but not liveness. Example 1. Clocks lose synchronization, but recover soon thereafter. Example 2. Multiple processes temporarily enter their critical sections, but thereafter, the normal behavior is restored. Backward error-recovery vs. forward error-recovery

2 Backward vs. forward error recovery Backward error recovery When safety property is violated, the computation rolls back and resumes from a previous correct state. time rollback Forward error recovery Computation does not care about getting the history right, but moves on, as long as eventually the safety property is restored. True for self-stabilizing systems.

3 Classifying fault-tolerance Fail-safe tolerance Given safety predicate is preserved, but liveness may be affected Example. Due to failure, no process can enter its critical section for an indefinite period. In a traffic crossing, failure changes the traffic in both directions to red. Graceful degradation Application continues, but in a “degraded” mode. Much depends on what kind of degradation is acceptable. Example. Consider message-based mutual exclusion. Processes will enter their critical sections, but not in timestamp order.

4 Failure detection The design of fault-tolerant systems will be easier if failures can be detected. Depends on the 1. System model, and 2. the type of failures. Asynchronous systems are more tricky. We first focus on synchronous systems only

5 Detection of crash failures Failure can be detected using heartbeat messages (periodic “I am alive” broadcast) and timeout - if processors speed has a known lower bound - channel delays have a known upper bound.

6 Detection of omission failures For FIFO channels: Use sequence numbers with messages. Non-FIFO channels and bounded propagation delay - use timeout What about non-FIFO channels for which the upper bound of the delay is not known? Use unbounded sequence numbers and acknowledgments. But acknowledgments may be lost too, causing unnecessary re-transmission of messages :- ( Let us look how a real protocol deals with omission ….

7 Tolerating crash failures Triple modular redundancy (TMR) for masking any single failure. N-modular redundancy masks up to m failures, when N = 2m +1 Take a vote What if the voting unit fails?

8 Tolerating omission failures A central issue in networking A B router Routers may drop messages, but reliable end-to-end transmission is an important requirement. This implies, the communication must tolerate Loss, Duplication, and Re-ordering of messages

9 Stenning’s protocol {program for process S} define ok : boolean; next : integer; initially next = 0, ok = true, both channels are empty; dook  send (m[next], next); ok:= false ÿ(ack, next) is received  ok:= true; next := next + 1  timeout (R,S)  send (m[next], next) od {program for process R} define r : integer; initially r = 0; do(m[ ], s) is received  s = r  accept the message; send (ack, r); r:= r+1  (m[ ], s) is received  s≠r   (ack, r-1) od Sender S Receiver R m[0], 0 ack

10 Observations on Stenning’s protocol Both messages and acks may be lost Q. Why is the last ack reinforced by R when s≠r? A. Needed to guarantee progress. Progress is guaranteed, but the protocol is inefficient due to low throughput. Sender S Receiver R m[0], 0 ack

11 Sliding window protocol The sender continues the send action without receiving the acknowledgements of at most w messages (w > 0), w is called the window size.

12 Sliding window protocol {program for process S} define next, last, w : integer; initially next = 0, last = -1, w > 0 do last+1 ≤ next ≤ last + w  send (m[next], next); next := next + 1 ÿ(ack, j) is received  if j > last  last := j  j ≤ last  skip fi ÿtimeout (R,S)  next := last+1 {retransmission begins} od {program for process R} define j : integer; initially j = 0; do(m[next], next) is received  if j = next  accept message; send (ack, j); j:= j+1  j ≠ next  send (ack, j-1) fi; od

Download ppt "Classifying fault-tolerance Masking tolerance. Application runs as it is. The failure does not have a visible impact. All properties (both liveness & safety)"

Similar presentations

CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Reliable Multicast --- 1 Steve Ko Computer Sciences and Engineering University at Buffalo.

CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Reliable Multicast Steve Ko Computer Sciences and Engineering University at Buffalo.
Leader Election Let G = (V,E) define the network topology. Each process i has a variable L(i) that defines the leader.  i,j  V  i,j are non-faulty.

Leader Election Let G = (V,E) define the network topology. Each process i has a variable L(i) that defines the leader.  i,j  V  i,j are non-faulty.
6.852: Distributed Algorithms Spring, 2008 Class 7.

6.852: Distributed Algorithms Spring, 2008 Class 7.
Sliding window protocol The sender continues the send action without receiving the acknowledgements of at most w messages (w > 0), w is called the window.

Sliding window protocol The sender continues the send action without receiving the acknowledgements of at most w messages (w > 0), w is called the window.
Self-stabilizing Distributed Systems Sukumar Ghosh Professor, Department of Computer Science University of Iowa.

Self-stabilizing Distributed Systems Sukumar Ghosh Professor, Department of Computer Science University of Iowa.
Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,

Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,
Faults and fault-tolerance One of the selling points of a distributed system is that the system will continue to perform even if some components / processes.

Faults and fault-tolerance One of the selling points of a distributed system is that the system will continue to perform even if some components / processes.
Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.

Distributed systems Module 2 -Distributed algorithms Teaching unit 1 – Basic techniques Ernesto Damiani University of Bozen Lesson 3 – Distributed Systems.
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Transport Protocols Slide 1 Transport Protocols.

Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Transport Protocols Slide 1 Transport Protocols.
Page 1 Copyright © 2002-2010 Alexander Allister Shvartsman CSE 6510 (461) Fall 2010 Selected Notes on Fault-Tolerance (12) Alexander A. Shvartsman Computer.

Page 1 Copyright © Alexander Allister Shvartsman CSE 6510 (461) Fall 2010 Selected Notes on Fault-Tolerance (12) Alexander A. Shvartsman Computer.
R R R Fault Tolerant Computing. R R R Acknowledgements The following lectures are based on materials from the following sources; –S. Kulkarni –J. Rushby.

R R R Fault Tolerant Computing. R R R Acknowledgements The following lectures are based on materials from the following sources; –S. Kulkarni –J. Rushby.
Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.

Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.
Distributed Mutual Exclusion

Distributed Mutual Exclusion
Faults and fault-tolerance

Faults and fault-tolerance
ARQ Mechanisms Rudra Dutta ECE/CSC 570 - Fall 2010, Section 001, 601.

ARQ Mechanisms Rudra Dutta ECE/CSC Fall 2010, Section 001, 601.
Wireless TCP Prasun Dewan Department of Computer Science University of North Carolina

Wireless TCP Prasun Dewan Department of Computer Science University of North Carolina
Total Order Broadcast and Multicast Algorithms: Taxonomy and Survey (Paper by X. Défago, A. Schiper, and P. Urbán) ACM computing Surveys, Vol. 36,No 4,

Total Order Broadcast and Multicast Algorithms: Taxonomy and Survey (Paper by X. Défago, A. Schiper, and P. Urbán) ACM computing Surveys, Vol. 36,No 4,
Review for Exam 2. Topics included Deadlock detection Resource and communication deadlock Graph algorithms: Routing, spanning tree, MST, leader election.

Review for Exam 2. Topics included Deadlock detection Resource and communication deadlock Graph algorithms: Routing, spanning tree, MST, leader election.
CS425 /CSE424/ECE428 – Distributed Systems – Fall 2011 Material derived from slides by I. Gupta, M. Harandi, J. Hou, S. Mitra, K. Nahrstedt, N. Vaidya.

CS425 /CSE424/ECE428 – Distributed Systems – Fall 2011 Material derived from slides by I. Gupta, M. Harandi, J. Hou, S. Mitra, K. Nahrstedt, N. Vaidya.
Coordination and Agreement. Topics Distributed Mutual Exclusion Leader Election.

Coordination and Agreement. Topics Distributed Mutual Exclusion Leader Election.

Similar presentations

Ads by Google