Understanding Redis Cache Penetration, Breakdown, and Avalanche: Differences and Solutions
The article explains the concepts of Redis cache penetration, cache breakdown, and cache avalanche, compares their causes, and provides practical mitigation techniques such as parameter validation, null‑key caching, Bloom filters, rate limiting, hot‑data pre‑warming, and multi‑level caching to protect database stability.
Cache Penetration
Cache penetration occurs when a large number of requests contain keys that do not exist in either the cache or the database, causing all requests to hit the database and potentially overload it.
Typical mitigation steps include:
Validate request parameters early and reject illegal inputs (e.g., negative IDs, malformed emails).
Cache a placeholder for nonexistent keys with a short TTL, e.g., SET key value EX 10086. For frequently changing malicious keys, keep the TTL very short (e.g., 1 minute).
Use a consistent key naming convention such as table:column:primaryKey.
Java example for caching null values:
public Object getObjectInclNullById(Integer id) {
// From cache
Object cacheValue = cache.get(id);
// Cache miss
if (cacheValue == null) {
// From storage
Object storageValue = storage.get(key);
// Cache the result (including null)
cache.set(key, storageValue);
// If storage returned null, set a short expiration to avoid attack risk
if (storageValue == null) {
cache.expire(key, 60 * 5);
}
return storageValue;
}
return cacheValue;
}Deploy a Bloom filter to quickly reject requests for keys that are definitely absent. The filter uses a large bit array (e.g., 1 M bits ≈ 122 KB) and multiple hash functions; false positives are possible, but false negatives are not.
Apply interface rate limiting and optional IP black‑listing for abusive traffic.
Cache Breakdown (Cache Miss on Hot Data)
Cache breakdown happens when a hot key expires in the cache while still existing in the database, causing a sudden surge of requests to hit the database.
Solutions include:
Set hot data to never expire or use a long TTL.
Pre‑warm hot data before it expires (e.g., keep flash‑sale items cached until the sale ends).
Use a mutex lock so that only one request repopulates the cache while others wait.
Difference from penetration: penetration keys are absent from both cache and database, whereas breakdown keys are present in the database but missing from the cache.
Cache Avalanche
Cache avalanche occurs when a large portion of cached entries expire simultaneously (or the Redis service crashes), causing massive traffic to flood the database.
Mitigation strategies:
Deploy Redis clusters to avoid a single point of failure.
Rate limit incoming requests.
Use multi‑level caching (local + Redis) so that a fallback cache can serve some requests if Redis is unavailable.
Randomize TTLs for different keys to stagger expirations.
Optionally keep critical data permanently cached (though this reduces flexibility).
Pre‑warm caches via scheduled jobs (e.g., xxl‑job) or asynchronous pipelines using message queues like Kafka.
Difference from breakdown: avalanche is caused by massive or total cache expiration, while breakdown is triggered by a single hot key expiring.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Shepherd Advanced Notes
Dedicated to sharing advanced Java technical insights, daily work snippets, and the power of persistent effort.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
