← all lessons
System Design · Consistency & Replication ·

Read Repair: Healing Stale Replicas on the Fly

Core concept
In a system where the same data lives on multiple machines (replicas), those copies can silently drift out of sync — a crashed node misses a write, a network hiccup delays an update, and suddenly different replicas hold different values. Read repair is a lazy healing strategy: instead of continuously patching every replica in the background, the system waits for a read request to arrive, compares what each replica returns, and immediately overwrites any stale copy with the newest value it found. This means repair work is triggered by real traffic rather than a separate maintenance process, and staleness is corrected at the exact moment it would have caused harm. The key insight is that reads are both a query and an implicit health check.

Diagram

flowchart LR
    C[Client] -->|read request| CO[Coordinator Node]
    CO -->|read| R1[Replica A\nv=5]
    CO -->|read| R2[Replica B\nv=3 stale]
    CO -->|read| R3[Replica C\nv=5]
    CO -->|repair write v=5| R2
    CO -->|return v=5| C

Concrete real-world example
Apache Cassandra (a distributed database that favors high write availability) uses read repair directly. When a coordinator node (the machine handling your request) asks all three replicas for a value and gets back {v=5, v=3, v=5}, it immediately sends a background write of v=5 to the replica that returned v=3, then returns v=5 to the client. The client never sees the stale value, and the lagging replica is quietly healed with zero operational effort.

One trade-off / gotcha
Read repair only fires when data is read. Cold or rarely accessed data — a user account that hasn't logged in for months — can stay inconsistent indefinitely because no read ever arrives to trigger the repair. Systems that rely solely on read repair therefore need a companion process called anti-entropy (a background job that compares and syncs all replicas periodically) to catch the dark corners. Without it, you have a consistency model that improves with traffic but leaves infrequently accessed data silently wrong.

An interview-style question to ponder
Your team is designing a leaderboard system. Scores are written very frequently but each individual score row is read only a few times a day by an admin dashboard — roughly 10 writes per second, 2 reads per second across millions of rows. A colleague suggests read repair as the sole consistency mechanism to keep the three replicas in sync. Should you accept this proposal?

Stuck? Show a hint

Think about the ratio of writes to reads for any given row, and what that means for how often — if ever — repair gets triggered for rows that accumulate many writes between reads.

Show answer

Read repair alone is insufficient here, and you should reject the proposal without a supplementary anti-entropy mechanism.

  • The core problem is the write-to-read ratio. Each row is written roughly 5× more often than it's read. That means a replica that falls behind during a burst can accumulate many missed writes before a single read arrives to notice the divergence.
  • When a read does arrive, repair only fixes what it can see at that instant — it compares the value each replica currently holds and picks the newest. But if the coordinator itself queried a quorum (majority) of replicas and the majority happened to be stale at that moment (e.g., one fast replica, two lagging ones), it would confidently repair toward a wrong value and return bad data to the client.
  • For millions of rows with sporadic reads, a large fraction of rows may never be read in a given 24-hour window. Stale replicas in that long tail are invisible to read repair and will stay wrong until a read happens to arrive — which could be days or never.
  • But why not just increase read frequency via synthetic "warming" reads to force repairs? That adds artificial load proportional to your dataset size, costs real throughput, and still doesn't guarantee coverage because you'd have to read every row — essentially reinventing anti-entropy (a background process that compares replica data via cryptographic tree summaries called Merkle trees) but in a far less efficient way.
  • Watch out: Read repair shines in read-heavy systems where every key is touched often; it quietly fails in write-heavy or access-skewed systems where many keys age in silence.