![leap second leap second](https://endruntechnologies.com/sites/default/files/inline-images/img_leap-seconds.jpg)
![leap second leap second](http://www.quantumleap-alsplace.com/img/episodeimages/privatedancer/19.jpg)
![leap second leap second](https://immortal.org/wp-content/uploads/2015/05/time-leap-second.jpg)
Re: DCF77 and the inception of leap seconds Steve Allen.Re: DCF77 and the inception of leap seconds Michael Deckers via LEAPSECS.DCF77 and the inception of leap seconds Steve Allen.Re: is leap smear legal in Germany? Tom Van Baak.Re: is leap smear legal in Germany? Warner Losh.Re: is leap smear legal in Germany? Kevin Birth.Re: is leap smear legal in Germany? Martin Burnicki.Re: is leap smear legal in Germany? Steffen Nurpmeso.
#Leap second update#
In measuring the performance of the upstream DNS resolvers used for CNAME lookups RRDNS contains the following code: // Update upstream sRTT on UDP queries, penalize it if it fails Go currently doesn’t offer a monotonic time source (see issue 12914 for discussion). Unfortunately, this function does not guarantee monotonicity. RRDNS is written in Go and uses Go’s time.Now() function to get the time.
#Leap second code#
In our case, some code assumed that the difference between two times would always be, at worst, zero. The root cause of the bug that affected our DNS service was the belief that time cannot go backwards. A falsehood programmers believe about time The negative number got there through a combination of the leap second and smoothing. The weighted selection code, at a later point, was being fed the negative number which caused it to panic. Some of these resolutions ended up recording in a data structure a negative value during the leap second. RRDNS keeps track of how well the internal resolvers are performing and does a weighted selection of possible resolvers (we operate multiple per data center for redundancy) and chooses the most performant. Internally, Cloudflare operates DNS resolvers to lookup DNS records from the Internet and RRDNS talks to these resolvers to get IP addresses when doing CNAME lookups. It was this CNAME lookup code that contained the bug that caused the outage. It does this automatically using standard recursive DNS. When a customer uses the CNAME option, Cloudflare has occasionally to do a lookup, using DNS, for the actual IP address of the origin server. This image shows a test site with an A record for and a CNAME for pointing directly to Heroku.
![leap second leap second](https://i.ytimg.com/vi/jHS3af08B9k/maxresdefault.jpg)
the IP address of is 192.0.2.123 and is entered as an A record) or they enter a CNAME (e.g. They do this in two ways: either they enter the IP addresses associated with the names (e.g. They need to tell us the IP address of their origin web servers so we can contact the servers to handle non-cached requests. A little bit about Cloudflare DNSĬloudflare customers use our DNS service to serve the authoritative answers for DNS queries for their domains. We are sorry that our customers were affected, but we thought it was worth writing up the root cause for others to understand. The most affected machines were patched in 90 minutes and the fix was rolled out worldwide by 0645 UTC. At peak approximately 0.2% of DNS queries to Cloudflare were affected and less than 1% of all HTTP requests to Cloudflare encountered an error. The problem only affected customers who use CNAME DNS records with Cloudflare, and only affected a small number of machines across Cloudflare's 102 data centers. The net effect was that some DNS resolutions to some Cloudflare managed web properties failed. This panic was caught using the recover feature of the Go language. A little later this negative value caused RRDNS to panic. At midnight UTC on New Year’s Day, deep inside Cloudflare’s custom RRDNS software, a number went negative when it should always have been, at worst, zero.