fault containment domain

[Bryan Ford]

>>(BTW, the term '[persistence] district' is just something that happened
>>to be on the top of my head; if this is a concept that already has a
>>well-known term, or if you've got something better, I'd like to know. )
>
>Here at Tandem, where we do worry about such things, I believe it is
>called a "fault containment domain".

Thanks, I'll start using that term.  Does the Tandem OS you're working on
have a notion of multiple fault containment domains per node, and/or
multiple nodes per fault containment domain?  Does it use checkpoint/rollback,
or message replay, or both, to recover from faults?

				Bryan