Ist es möglich, sich auf einer Steckdose zu veristen?
https://stackoverflow.com/questions/161838
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
Ist es möglich, sich auf einer Steckdose zu veristen, nachdem Sie Hör angerufen haben (FD, Rückstand)?
EDIT: Mein Fehler, dass ich mich nicht klar machte. Ich möchte in der Lage sein, auf der Steckdose vorübergehend nicht zu veristen. Call Close () lässt die Sockel im M2LS -Zustand und hindert mich daran, sie wieder zu öffnen (oder schlimmer noch, ein schändliches Programm könnte an diesen Sockel binden)
Vorübergehend unverhindert wäre ein Weg (vielleicht nicht der beste Weg), einem vorgelagerten Lastbalancer zu signalisieren, dass diese App für den Moment keine weiteren Anfragen annehmen könnte
Lösung
In einigen Socket -Bibliotheken können Sie eingehende Verbindungen spezifisch ablehnen. Zum Beispiel: GNUs Commonc ++: TCPSocket -Klasse hat ein ablehnen Methode.
BSD -Sockets haben diese Funktionalität nicht. Du kannst annehmen die Verbindung und dann sofort nah dran es, während der Sockel offen bleibt:
while (running) {
int i32ConnectFD = accept(i32SocketFD, NULL, NULL);
while (noConnectionsPlease) {
shutdown(i32ConnectFD, 2);
close(i32ConnectFD);
break;
}
}
Andere Tipps
Nach dem Schließen der Steckdose können Ihre Programme Ihnen möglicherweise immer noch sagen, dass der Sockel "verwendet" ist. Dies liegt an einer gewissen Verrücktheit, über die ich nicht genau weiß. Aber die Manpage of Sockets zeigt Ihnen, dass es eine Flagge gibt, um denselben Sockel wiederzuverwenden, träge: "So_Reuseaddr". Stellen Sie es mit "setSockopt ()" ein.
Close it. As I recall;
close(fd);
Based on your edited version of the question, I'm not sure you have to "unlisten" or close(). Two options come to mind:
1) After you invoke listen(), connections are not actually accepted until (logically enough) you call accept(). You can "unlisten" by simply ignoring socket activity and deferring any accept()'s until you are ready for them. Any inbound connection attempts backlog onto the queue that was created when the port was opened in listen mode. Once the backlog queue is full in the stack, further connection attempts are simply dropped on the floor. When you resume with accepts(), you'll quickly dequeue the backlog and be ready for more connections.
2) If you really want the port to appear completely closed temporarily, you might dynamically apply the kernel level packet filter to the port to prevent the inbound connection attempts from reaching the network stack. For example, you could use Berkeley Packet Filter (BPF) on most *nix platforms. That is you want to drop inbound packets coming in to the port of interest using the platform's firewall features. This, of course, varies by platform, but is a possible approach.
I don't think it's a good way to signal an upstream load-balancer. It would have to actually send some connections to your server before the message got through - those connections would probably get rejected.
Likewise, any connections which were pending when you closed the listening socket will get closed with no data.
If you want to signal the upstream load balancer, you should have a protocol for doing that. Don't try to abuse TCP to do it.
Fortunately if the clients are normal web browsers, you can get away with an awful lot - simply closing sockets generally results in them retrying transparently to the user (to a point).
There is no explicit method to unlisten!
You can either close(fd) or shutdown(fd, how)
fd is the socket file descriptor you want to shutdown, and how is one of the following:
0 Further receives are disallowed
1 Further sends are disallowed
2 Further sends and receives are disallowed (like close())
At a basic level, sockets are either open or closed (we'll ignore the niceties of the TCP/IP state diagram here).
If your socket is closed, then nothing can send data to it. If it's open, then incoming data will be accepted and acknowledged by the TCP/IP stack until it's buffering algorithm cries "enough!". At that point, further data will not be acknowledged.
You have two choices that I can see. Either close() the socket when you want to "unlisten", and reopen it later - Use setsockopt() with the SO_REUSEADDR flag to allow you to rebind to the well-known port before TIME_WAIT2 expires.
The other choice is to keep the socket open but simply not accept() from it while you're 'busy'. Assuming you have an application-level acknowledge to requests, You load balancer would realise it's not getting a response and act accordingly.
Here's a rather ugly approach based on your edited question:
Open a socket for listening with a normal backlog. Proceed.
When you want to "shut down", open a 2nd one with a backlog of 1 and SO_REUSEADDR. Close the first one. When ready to resume, do another socket juggle to one with a normal backlog.
Picky details around draining the accept queue from the socket that you're closing will be the killer here. Probably enough of a killer to make this approach nonviable.
I don't necessarily think this is a good idea, but...
You might be able to call listen a second time. The POSIX spec doesn't say not to. Perhaps you could call it a second time with a backlog parameter of 0 when you want to "unlisten".
What happens when listen is called with a backlog of 0 seems to be implementation defined. The POSIX spec says it may allow connections to be accepted, which implies some implementations may choose to reject all connections if the backlog parameter is 0. More likely though, your implementation will choose some positive value when you pass in 0 (probably either 1 or SOMAXCONN).
The question didn't say what kind of socket. If it is a unix socket, you can stop and start listening with rename(2). You can also permanently stop listening with unlink(2), and since the socket remains open you can continue to service your backlog. This approach seems quite handy, though I have not seen used before and am just exploring it myself.
You already got some answers on the impossibility to do this via the socket API.
You can use other OS methods (i.e. Host firwewall/iptables/ipfilter) to set up a temporary reject rule.
I found that most load balancers are a bit limited in the possibilities they offer to recognize connection problems (most of them recognize a RST only in the connect probe, not as answer to a legit connection attempt.)
Anyway, if you are limited by the probes detecting the inavailability, you set up an application level probe which does a HTTP request or FTP login or similiar things it will recognize if you simply close after accept. It could even interpret error messages like "500 service not available", which seems cleaner to me anyway. With SNMP some load balancers can also use the result as a load hint.
