Replication & Consistency • Quorum ReplicationMedium⏱️ ~3 min
What is Quorum Replication and How Does Quorum Intersection Guarantee Consistency?
Quorum replication is a distributed replication strategy that stores each data item on n replicas and requires acknowledgments from a quorum before considering an operation successful. Specifically, a write operation requires w (write quorum) replicas to acknowledge, while a read operation requires r (read quorum) replicas to respond. The fundamental safety property is quorum intersection: any read quorum must overlap with any write quorum by at least one replica, ensuring that reads can always see the most recently committed write. The mathematical constraint that guarantees intersection is r + w > n. For example, with n = 3 replicas, setting w = 2 and r = 2 gives 2 + 2 = 4 > 3, ensuring at least one replica will be in both the read and write quorums.
Majority quorums are the most common special case, where both read and write quorums are set to floor(n/2) + 1. With three replicas, this means w = 2 and r = 2. With five replicas, majority is w = 3 and r = 3. This symmetric configuration provides strong consistency guarantees while tolerating up to floor(n/2) replica failures. Weighted quorums generalize this concept by assigning different weights to replicas based on their failure domains or capacity, requiring that the sum of read weights plus write weights exceeds the total weight. For instance, Amazon Dynamo uses weighted quorums where each availability zone (AZ) must contribute to both read and write quorums to avoid correlated failure risks within a single AZ.
The tunable nature of r and w creates a fundamental consistency versus availability tradeoff. Setting w = 1 with n = 3 allows writes to succeed even when only one replica is reachable, maximizing write availability during network partitions. However, to maintain quorum intersection, r must then be at least 3 to ensure reads see all possible writes. Conversely, relaxing read quorums to r = 1 reduces read latency but requires w = 3 for consistency. Amazon DynamoDB typically defaults to w = 2, r = 2 in single region deployments across three AZs, which provides read your write consistency within the region and tolerates one replica failure with single digit millisecond p99 latency under normal conditions.
💡 Key Takeaways
•The core safety rule r + w > n ensures quorum intersection. With n = 3 replicas, w = 2 and r = 2 satisfies 2 + 2 = 4 > 3, guaranteeing at least one overlapping replica.
•Majority quorums use w = r = floor(n/2) + 1, which means 2 out of 3 for three replicas, or 3 out of 5 for five replicas. This symmetric configuration tolerates up to floor(n/2) failures.
•Amazon DynamoDB uses n = 3 across availability zones with typical defaults w = 2, r = 2, achieving single digit millisecond p99 latency within a region under provisioned capacity.
•Small write quorums (w = 1) maximize write availability but require large read quorums (r = n) to maintain consistency, creating read amplification. Small read quorums (r = 1) reduce read latency but require w = n for safety.
•Weighted quorums assign different weights to replicas based on failure domains. Amazon systems often require quorum contributions from at least two availability zones to avoid correlated failures.
•Dynamic quorums can adjust r and w thresholds as nodes fail or recover, but must preserve intersection across all reconfigurations. Violating intersection during membership changes can cause data loss or inconsistency.
📌 Examples
Amazon Dynamo internal system commonly uses n = 3 replicas per key across racks and availability zones, with tunable defaults w = 2, r = 2. This configuration tolerates one replica failure while maintaining read your write consistency.
Amazon S3 stores data redundantly across at least 3 availability zones in a region. Internal operations use quorum based commits across AZs, achieving 11 nines durability target with PUT and GET operations typically completing in tens of milliseconds at p50.
With n = 5 replicas and majority quorum w = 3, r = 3, you can tolerate up to 2 simultaneous replica failures. A write succeeds when any 3 of the 5 replicas acknowledge, and a read queries any 3 replicas, ensuring at least one overlap.