Line 5: |
Line 5: |
| The <code>TCP_REPAIR</code> socket option was added to the kernel 3.5 to help with C/R for TCP sockets. | | The <code>TCP_REPAIR</code> socket option was added to the kernel 3.5 to help with C/R for TCP sockets. |
| | | |
− | When this option is used, a socket is switched into a special mode, in which any action performed on it | + | When this option is used, the socket is switched into a special mode, in which any action performed on it |
| does not result in anything defined by an appropriate protocol actions, but rather directly puts the socket | | does not result in anything defined by an appropriate protocol actions, but rather directly puts the socket |
− | into a state, in which the socket is expected to be at the end of the successfully finished operation. | + | into the state that the socket is expected to be in at the end of a successfully finished operation. |
| | | |
| For example, calling <code>connect()</code> on a repaired socket just changes its state to <code>ESTABLISHED</code>, | | For example, calling <code>connect()</code> on a repaired socket just changes its state to <code>ESTABLISHED</code>, |
Line 68: |
Line 68: |
| per-connection iptables rules the "network-lock"/"network-unlock" [[action scripts]] are called so that the user | | per-connection iptables rules the "network-lock"/"network-unlock" [[action scripts]] are called so that the user |
| could isolate the whole netns from network. Typically this is done by downing the respective veth pair end. | | could isolate the whole netns from network. Typically this is done by downing the respective veth pair end. |
| + | |
| + | == States == |
| + | === TCP_SYN_SENT === |
| + | There is only one difference with TCP_ESTABLISHED, we have to restore a socket and disable the repair mode before calling <code>connect()</code>. The kernel will send a one syn-sent packet with the same initial sequence number and sets the TCP_SYN_SENT state for the socket. |
| + | |
| + | === Half-closed sockets === |
| + | A socket is half-closed when it sent or received a fin packet. These sockets are in one for these states: TCP_FIN_WAIT1, TCP_FIN_WAIT2, TCP_CLOSING, TCP_LAST_ACL, TCP_CLOSE_WAIT. To restore these states, we restore a socket into the TCP_ESTABLISHED state and then we call shutfown(SHUT_WR), if a socket has sent a fin packet and we send a fake fin packet, if a socket has received it before. For example, if we want to restore the TCP_FIN_WAIT1 state, we have to call shutfown(SHUT_WR) and we can send a fake ack to the fin packet to restore the TCP_FIN_WAIT2 state. |
| | | |
| == See also == | | == See also == |
| * [[Simple TCP pair]] | | * [[Simple TCP pair]] |
| * [[TCP repair TODO]] | | * [[TCP repair TODO]] |
| + | * [[CLI/opt/--tcp-close|Dropping the connection]] |
| | | |
| == External links == | | == External links == |
Line 78: |
Line 86: |
| [[Category:Under the hood]] | | [[Category:Under the hood]] |
| [[Category:Sockets]] | | [[Category:Sockets]] |
| + | [[Category: Editor help needed]] |