Information about network devices is not included in the checkpoint. Migrating sockets are re-bound on the remote system in whatever network namespace the userspace restart helper is in. Currently, some scripting allows userspace to tear down a virtual interface at time of checkpoint and build it back up at the time of restart.
What needs to happen
The kernel checkpoint operation needs to include network device information in the checkpoint stream. This will include network device names, indexes, addresses, and other configuration. In addition to network devices, information about network namespaces must be included, as well as which device is in which namespace so we can properly restore inter-container network links. This information will be restored in the kernel restart process.
In addition to this, once we are examining the interfaces in the current network namespace, we can also enumerate and include any sockets that are in time-wait state (and thus no longer are attached to a task). This will let us migrate time-wait sockets with outstanding data for the remote peer (such as might be the case of a busy migrating http server).
Creating network device types such as macvlan and veth requires speaking to RTNL, which we will need to do from the kernel side. Additionally, some care will need to be applied to allow the device types to checkpoint themselves, so that they can save information in their private data structures.