October 8, 2021
Facebook Outage Underscores Risks of Modern SDN Networks

Written by: Jeremy Rossbach
On October 4, 2021, an outage took Facebook, WhatsApp, and Instagram down for six hours. This major outage is a powerful and high-profile example of the difficulties facing those tasked with managing modern network architectures. While there has been a lot of chatter about misconfiguration and DNS failures, the reality is that this outage could have more to do with Facebook's software-defined networks (SDN) and the propensity for errors organizations are exposed to when the control plane is centralized and segregated from network devices.
An early adopter of SDN, Facebook pioneered innovative methods to automate provisioning of their massive networks. Najam Admad, director of technical operations, who architected SDN for Facebook, said in 2014, "We want to deploy, manage, monitor and fix networks using software." One of their widely publicized use cases is their software-defined backbone routing. Facebook uses SDN to augment BGP route selection. They’ve employed advanced congestion and capacity analytics in order to overcome the common shortcomings of BGP.
Facebook’s SDN controllers produce routes that then get sent to the edge routers, which are responsible for connecting to the outside world. Based on public speculation, the belief is that these SDN-controlled BGP route selection processes encountered a glitch and basically made the Facebook edge routers unreachable. This initial issue was then exacerbated by the fact that their internally hosted DNS went into hibernation mode in response to lost connections. The blog post by Facebook's Santosh Janardhan further supports this hypothesis: "During one of these routine maintenance jobs, a command was issued with the intention to assess the availability of global backbone capacity, which unintentionally took down all the connections in our backbone network, effectively disconnecting Facebook data centers globally."
This type of control-plane and data-plane disconnect is also occurring in other SDN environments. Similar malfunctions are also happening in SD-WAN scenarios. For example, operators find that, while an SD-WAN controller issues a reroute command to an edge device, the edge device ignores the command. There have also been cases in which SD-WAN controllers issue rerouting commands unnecessarily. It is becoming vital that teams in the network operations center monitor the state and the activities of controllers, so they can ensure that critical software-defined transactions are executed correctly.
The important lesson here is that as we evolve networks to be more intelligent, whether through centralizing the control plane or leveraging automation to boost efficiency, we need to make sure that suitable network observability is established. To support SDN and automation, new NetOps capabilities have to be deployed. For example, teams need to employ new operational workflows so they can validate commands using network intelligence, such as discovered topologies and historical performance and flow data. Teams can also initiate active tests that simulate traffic going to and coming from the edge router, so they can better preempt potential issues. SDN has provided many benefits, and promises more to come, but it has also introduced risks. Therefore, SDN-enabled network observability is needed to establish checks and balances. By establishing modern network observability, teams can monitor not only the networks, but the software intelligence that governs those networks.

Jeremy Rossbach
As the Chief Technical Evangelist for NetOps by Broadcom, Jeremy is passionate about meeting with customers to identify their IT operational challenges and produce solutions that fit their business and network transformation goals. Prior to joining Broadcom, he spent over 15+ years working in IT, across both public...
Other Resources You might be interested In
Handling Incomplete User Stories at the End of an Iteration
When a team reaches the end of an iteration, some user stories may not be completed. This post details causes and options for managing these scenarios.
What’s Hiding in Your Wiring Closets?
See why you must move from periodic audits to a state of perpetual awareness. Track every change, validate it against policy, and understand its impact.
All Network Monitoring Tools Are Created Equal, Right?
See how observability platforms provide a unified view across multi-vendor environments and correlate network configuration changes with performance issues.
Scale Observability, Streamline Operations with AppNeta Monitoring Policies
This post reveals how, with AppNeta’s monitoring policies, you can leverage a powerful framework for scalable, flexible, and accurate network observability.
AppNeta: Current Network Violation Map Dashboard
Learn how to configure and use the Current Network Violation Map dashboard in AppNeta to identify geographic regions impacted by WAN performance issues.
AppNeta On-Prem: Minimize Unplanned Downtime
Learn how to configure the AppNeta On-Prem environment following best practices for high availability and disaster recovery to maintain service continuity and minimize unplanned downtime.
Rally Office Hours: August 7, 2025
Get tips on how to use the Capacity Planning feature in Rally, then follow the weekly Q&A session with Rally product experts.
dSeries Version 25.0 Boosts Insights, Security, and Operational Efficiency
Discover how ESP dSeries Workload Automation 25.0 represents a significant leap forward, making workload automation more secure, visible, and efficient.
What Your SD-WAN Isn't Telling You
SD-WAN's limited view blinds it to underlay issues. Augment SD-WAN with end-to-end visibility to validate decisions and diagnose root causes for network resilience.