Failure Handling (cont’d)
Primary failure (cont’d)
- All replicas must now check that they have the same updates from the failed primary
- During the election, each replica reports the id of the last log record it received from the primary
- The most up-to-date replica sends its latest updates to (at least) the new primary.
- Could still lose an update that committed at the primary and wasn’t forwarded before the primary failed … but solving it requires synchronous replication (2-phase commit to propagate updates to replicas)