跪拜 Guibai
← All articles
Backend

A Broken Snowflake ID Generator Caused Duplicate Order Numbers in Production

By 神奇小汤圆 ·
Read original on juejin.cn ↗ Google Translate ↗ Alt translation

A single bad ID generator can silently corrupt orders, payments, and audit trails across an entire distributed system. The fix is trivial — swap in a battle-tested library — but the blast radius of getting it wrong is permanent data damage.

Summary

A production outage traced back to a hand-rolled Snowflake ID generator that collapsed under its own design flaws. The timestamp field was truncated to 31 bits, cycling every 24.85 days and wrapping repeatedly since the 2018 epoch. Worker and data center IDs were never configured, leaving every instance at zero, while the business ID was derived from the last octet of an IP address — a value that collided across nodes.

The combination of a short timestamp window, absent node differentiation, and a weak uniqueness factor produced full ID collisions that broke core order and transaction flows. The incident is a case study in why distributed ID generation is not a casual weekend project.

Mature libraries like Hutool and Baomidou handle clock rollback, bit layout, and worker coordination out of the box. For larger deployments, worker ID assignment can scale from simple config files up to Redis- or Zookeeper-backed coordination, but the baseline rule is the same: use a proven implementation and verify its uniqueness guarantees before it reaches production.

Takeaways
A 31-bit timestamp field wraps every 24.85 days; the generator had been cycling repeatedly since its 2018 epoch.
Worker ID and data center ID were both hardcoded to zero, stripping away node-level uniqueness.
Using the last octet of an IP address as a business ID produced frequent collisions across instances.
Standard Snowflake uses 41 bits for the timestamp; shrinking that field breaks the algorithm's core guarantee.
Mature open-source libraries like Hutool and Baomidou handle clock rollback, bit layout, and worker coordination without custom code.
Worker ID assignment can start with config files and scale to registry-based or Redis/Zookeeper-backed allocation as systems grow.
Concatenating business metadata into an ID breaks numeric sorting, bloats storage, and creates compatibility risks when business definitions change.
Conclusions

The failure mode is especially dangerous because it is silent: IDs look valid right up until they collide, and by then the corrupted data is already written.

Custom Snowflake implementations often break on the timestamp field first, because developers underestimate how quickly a shortened bit width wraps in real calendar time.

Deriving uniqueness from IP address segments is a recurring anti-pattern in distributed ID generation; it assumes a network topology that rarely holds in containerized or cloud environments.

The post's worker-ID scaling ladder — config file, IP+port hash, registry, coordination service — is a practical maturity model that maps directly to infrastructure complexity without over-engineering early.

Concepts & terms
Snowflake ID
A 64-bit distributed unique ID scheme invented by Twitter. It packs a timestamp, a data center ID, a worker ID, and a sequence number into a single long integer, producing roughly time-sortable IDs without a central coordinator.
Clock rollback
A scenario where a machine's system clock jumps backward, which can cause a Snowflake generator to produce duplicate IDs if it does not detect and wait out the rollback or use a sequence-extension strategy.
Source: juejin.cn ↗ Google Translate ↗ Backup ↗