Tom Lane wrote:
> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > Could we allow slaves to check if the backend is still alive, perhaps by
> > asking the postmaster, similar to what we do with the cancel signal ---
> > that way, the slave would never time out and always wait if the master
> > was alive.
>
> You're not considering the possibility of a transient communication
> failure. The fact that you cannot currently contact the other guy
> is not proof that he's not still alive.
>
> Example:
>
> Master Slave
> ------ -----
> commit ready-->
> <--OK
> commit done->XX
>
> where "->XX" means the message gets lost due to network failure. Now
> what? The slave cannot abort; he promised he could commit, and he does
> not know whether the master has committed or not. The master does not
> know the slave's state either; maybe he got the second message, and
> maybe he didn't. Both sides are forced to keep information about the
> open transaction indefinitely. Timing out on either side could yield
> the wrong result.
Can't the master re-send the request after a timeout?
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073