When network partitions happen, and heal again, Infinispan suffers from data inconsistency.  The purpose of ISPN-263 is to provide a mechanism to sacrifice availability (in Brewer's CAP theorem) in exchange for consistency during network partitions.

The implementation is based on the following design:

• A listener is registered with the transport
• Whenever a ViewChange is detected, each node tries to make a decision about whether this is a normal node failure/leave or an abnormal event (a network partition).
  • This can be "guessed" by looking at the number of nodes having left.
  • Or, this could be configured.  E.g., if the partition contains less than N nodes, it should be considered that it is in the smaller partition.
• If a node thinks a network partition has happened AND it is in the smaller partition (old_partition.size / 2 < new_partition.size) (or a configured number is hit) then:
  • Go into READ-ONLY mode by flipping a switch in an interceptor to throw an exception whenever an update operation is encountered
  • Fail all ongoing transactions and clean up transaction table
• When a MergeView is detected, reset the interceptor to allow updates.
  • TODO - how do nodes handle MergeViews from a State Transfer perspective?