William Herrin wrote:
Facebook's _internal_ DNS, while not anycasted, followed a similar logic: if the data center is isolated and their data goes stale, they stop serving potentially wrong answers.
As I already wrote, that is a standard mechanism of DNS with SOA expiration period as is documented in rfc1034
Then we agree:
Do we?
The failure mode was that after the data centers disconnected from each other, all their DNS expired, breaking the tools they'd normally use to recover.
It means DNS management of facebook is poor. If they are using standard expire mechanism, they should have used two zones facebook.com for external users with short expire and internal.facebook.com for internal users with long expire.
Facebook withdrawing the BGP routes to its anycasted public DNS servers as they expired made no difference.
If they are not using standard expire mechanism expecting internal data still accessible even after external data has expired, there is difference. Masataka Ohta