Line 5: |
Line 5: |
| The <code>TCP_REPAIR</code> socket option was added to the kernel 3.5 to help with C/R for TCP sockets. | | The <code>TCP_REPAIR</code> socket option was added to the kernel 3.5 to help with C/R for TCP sockets. |
| | | |
− | When this option is used, a socket is switched into a special mode, in which any action performed on it | + | When this option is used, the socket is switched into a special mode, in which any action performed on it |
| does not result in anything defined by an appropriate protocol actions, but rather directly puts the socket | | does not result in anything defined by an appropriate protocol actions, but rather directly puts the socket |
− | into a state, in which the socket is expected to be at the end of the successfully finished operation. | + | into the state that the socket is expected to be in at the end of a successfully finished operation. |
| | | |
| For example, calling <code>connect()</code> on a repaired socket just changes its state to <code>ESTABLISHED</code>, | | For example, calling <code>connect()</code> on a repaired socket just changes its state to <code>ESTABLISHED</code>, |
Line 56: |
Line 56: |
| netfilter rule is configured that drops all the packets from peer to a socket we're dealing with. This rule sits | | netfilter rule is configured that drops all the packets from peer to a socket we're dealing with. This rule sits |
| in the host netfilter tables after the criu dump command finishes and it should be there when you issue the | | in the host netfilter tables after the criu dump command finishes and it should be there when you issue the |
− | criu restore one. | + | criu restore one. The locking method can be specified using the {{opt|--network-lock}} option. |
| | | |
| Another thing to note is -- on restore there should be available the IP address, that was used by the connection. | | Another thing to note is -- on restore there should be available the IP address, that was used by the connection. |
Line 62: |
Line 62: |
| IP address should be copied too. | | IP address should be copied too. |
| | | |
− | That said, the command line option <code>--tcp-established</code> should be used when calling criu to explicitly state, that the | + | That said, the command line option {{opt|--tcp-established}} should be used when calling criu to explicitly state, that the |
| caller is aware of this "transitional" state of the netfilter. | | caller is aware of this "transitional" state of the netfilter. |
| | | |
Line 71: |
Line 71: |
| == States == | | == States == |
| === TCP_SYN_SENT === | | === TCP_SYN_SENT === |
− | There is only one difference with TCP_ESTABLISHED, we have to restore a socket and disable the repair mode before calling <code>conenct()</code>. The kernel will send a one syn-sent packet with the same initial sequence number and sets the TCP_SYN_SENT state for the socket. | + | There is only one difference with TCP_ESTABLISHED, we have to restore a socket and disable the repair mode before calling <code>connect()</code>. The kernel will send a one syn-sent packet with the same initial sequence number and sets the TCP_SYN_SENT state for the socket. |
| | | |
| === Half-closed sockets === | | === Half-closed sockets === |