Transcript No Slide Title

Espoo, 12th of February, 2002
Stream Control
Transmission Protocol
The design of a new reliable transport protocol for IP networks
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Table of contents
 Why a new reliable transport protocol?
 Datagram structure of SCTP.
 The SYN attack in TCP
 Establishment procedure in SCTP.
 Transmission of data.
 Taking profit of multihomed hosts.
 The Head Of Line (HOL) blocking in TCP.
 Avoiding the HOL blocking in TCP using several connections.
 Avoiding the HOL blocking in SCTP using several streams.
 Avoiding the HOL blocking in SCTP using unordered DATA chunks.
 The path heartbeat mechanism.
 Reporting non fatal errors in SCTP.
 Aborting associations in SCTP.
 Gracefully termination of an association.
 Summarizing: Main characteristics of SCTP
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Why a new reliable transport protocol?
 There is an increasing interest in merging IP and telephony networks.
 Among the problems that TCP has regarding telephony signaling transport we can
cite:
•
•
•
•
It suffers from the so-called Head Of Line (HOL) blocking.
It is stream oriented. There are no message delimiters.
TCP is not designed to be multihomed.
It is relatively vulnerable to denial of service attacks.
 TCP is very difficult to extend. These problems could not be solved by any TCP
extension.
 The SIGTRAN working group of the IETF started to design a new reliable transport
protocol in summer 1998.
 The initial design was called Multi-Network Datagram Transmission Protocol
(MDTP). It ran on top of UDP instead of directly over IP.
 The design of SCTP took about two years and a half. SCTP specifications are
published in RFC 2960. However, a second version of them will be published soon.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Datagram structure of SCTP
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Source Port Number
Common
Header
Destination Port Number
Verification Tag
Checksum

An SCTP datagram is composed of
a Common Header and at least
one Chunk.

Inside an SCTP datagram there
can be many chunks. Its number is
Chunks
only restricted by the Maximum
00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Transfer Unit (MTU).
An SCTP
datagram
is composed
of a Common Header and
Chunk.
Theyat least
are one
Type-Length-Value
Chunk Type
Chunk Flags
Chunk Length
(TLV) structures. They all have a
Chunk Type, the Chunk Flags,
Fixed Fields
the Chunk Length and optionally
Fixed
Fields
and
either
Parameters or Error Causes
Parameters or Error Causes.

00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
The Parameters are optional or
 Inside an
SCTP
datagram there
can
be many Chunks. The
quantity
chunks is only
variable
lengthof
fields.
Cause Code
Cause Length
Parameter
Type
Parameter
Length
restricted by the Maximum Transfer Unit (MTU).
Cause Value
Parameter
Value
 They are Type-Length-Value (TLV) structures. They all have a Chunk Type, the
Chunk Flags, the Chunk Length and optionally Fixed Fields and either Parameters
 The
Parameters
Error
Causes
areare
optional
syntactically
or variable
thelength
same fields.
as the Parameters but semantically
or Error
Causes.
different. They help discovering anomalous situations.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
The SYN attack in TCP
Fake IP Source Address A
Fake IP Source Address B
Attacker
Fake IP Source Address Z
SYNACK
SYNACK
SYNACK
SYN
SYN
SYN
IP Destination Address A
IP Destination Address B
SYN
IP Destination Address Z
Server
 The attacker sends SYN segments to a server. This attacker uses IP spoofing,
forging the source address of the IP datagrams containing those TCP segments.
 The receiver of the SYN segment saves the state of the future connection.
 The server sends back a SYN-ACK segment to the source address of the SYN
segment. Normally nobody listens to that address, and the segment is lost.
 The attacker sends many SYN segments and the receiver keeps filling its buffers.
 At some point, the server is out of resources and legitimate users can not access its
services. The attacker has successfully made a Denial of Service attack.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Establishment procedure in SCTP
Source Port Number

The client sends to the server a
datagram containing only an INIT chunk.

The INIT chunk contains the Initiate
Tag, the Advertised Receiver Window
Credit, the Number of Outbound and
Inbound Streams, and the Initial TSN.

It can also include Parameters.

The server answers with an INIT ACK
chunk, which has a similar structure than
the INIT chunk. However, it does not save
any state about the future association.

The INIT ACK chunk compulsorily
includes the State Cookie parameter. It
carries the information that came inside
the INIT chunk plus server specific data,
and a Message Authentication Code
calculated with a Secret Key.
The State Cookie parameter is sent back
inside the COOKIE ECHO chunk.
Destination Port Number
Verification
Verification
Tag
Tag
= Tag
=0 A
Checksum
Chunk Type = 2
1
(INIT
(INIT)
ACK)
Chunk Flags
(Reserved)
Chunk Length
Source Port Number
Port Number
Initiate Tag = Tag Destination
A
Z
Verification
Tag
= Tag Z
Advertised
Receiver
Window
Credit
Source
Port Number
Destination
Port Number
Number
of Outbound
StreamsChecksumNumber
of Inbound
Streams
Chunk Type = 10
Chunk Flags
Verification
Tag
=
Tag
A
Chunk
Length
Initial
TSN
(COOKIE ECHO)
(Reserved)
Chunk Type = 11
(COOKIE ACK)
Checksum
Received
Cookie
State Cookie
Parameters
+ Other
Parameters
Chunk
Flags
Chunk Length
(Reserved)
Source Port Number
Destination Port Number
SourceVerification
Port Number
Tag = 0
Destination Port Number
Verification Tag = Tag A
Chunk
(Reserved)
Flags
Checksum
Chunk Length
Chunk
(INITType
ACK)= 2
Chunk
(Reserved)
Flags
Source Port Number
Chunk Length
Initiate Tag = Tag A
Chunk
(INIT)
Type = 1
Verification Tag =Initiate
Tag ZTag = Tag Z
Advertised Receiver Window
Credit
Checksum Receiver Window Credit
Number of Outbound Streams Advertised Number
of Inbound Streams
(COOKIE
Chunk Type
ECHO)
= 10
Chunk
(Reserved)
Flags
Source
Port Number
Destination Port Number
Chunk Length
Number of Outbound
Number of Inbound Streams
Initial Streams
TSN
Verification Tag = A
Initial TSN
Received Cookie Checksum
Parameters
Chunk
(COOKIE
TypeACK)
= 11
Chunk
(Reserved)
Flags
Cookie + Other Parameters Chunk Length

 Using
The State
client
server
its Cookie
secret
sends
answers
to
key,
parameter
the
with
the
server
anserver
INIT
isasent
datagram
ACK
verifies
back
chunk,
inside
containing
that which
the COOKIE
information
only
has a
ansimilar
INIT
ECHO
inside
chunk.
structure
chunk.
the COOKIE
than the
INIT
chunk.
chunk
However,
has
not been
it does
not saveTag,
anythe
state
about the future
association.
 ECHO
The INIT
chunk
contains
themodified.
Initiate
Advertised
Receiver
Window Credit,
 The
If
the
so,
Number
INIT
the server
ACK
of chunk
Outbound
openscompulsorily
a new
andassociation.
Inbound
includes
Streams,
This
theway,
State
and
theCookie
the
server
Initial
has
parameter.
TSN.
not reserved
It carries
any
the
information
checking
that
came
that inside
the client
theincluded
INIT chunk
its real
plus
address
serverinspecific
the first data,
datagram.
and a
 resource
It can
alsountil
include
Parameters.
Authentication
a Secret
Key.
 Message
The final step
is answeringCode
to thecalculated
client with with
a COOKIE
ACK
chunk.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Transmission of data
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Checksum
Chunk Type = 3
(SACK)
Chunk Flags
( Reserved)
Chunk Length
Cumulative TSN Acknowledgement
Source Port Number
Destination Port Number
Advertised Receiver Window Credit
Verification Tag = Tag Z
Number of Gap Ack Blocks = G
Number of Duplicate TSNs = D
Checksum
Gap Ack Block #1 Start
Gap Ack Block #1 End
Chunk Type = 0
Chunk Length
Reserved
U
B
E
(DATA)
...
Transmission Sequence Number

The user data is sent inside the
DATA chunks. The Payload
Protocol Identifier (PPI) identifies
the upper user that generated the
DATA chunk.

A DATA chunk is uniquely identified
by its Transmission Sequence
Number (TSN). Its order inside the
Stream is given by the Stream
Sequence Number (SSN).

The B (Beginning) and E (End)
flags are used when fragmenting
the user data. The U (Unordered)
flag identifies the unordered DATA
chunks.
Stream Identifier
Stream Sequence Number
Gap Ack Block #G Start
Gap Ack Block #G End
Payload Protocol Identifier
Duplicate TSN #1
User Data
...
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Chunk
(SACK)
Type = 3
Checksum
Chunk
( Reserved)
Flags
Chunk Length
Cumulative TSN Acknowledgement
Advertised Receiver Window Credit
Number
of Gap
Ack
Blocks = G
Source
Port
Number
Number
of Duplicate
TSNs = D
Destination
Port Number
Gap Ack Block #1 Start
Verification Tag = TagGap
Z Ack Block #1 End
Chunk
(DATA)
Type = 0
Checksum
Reserved U B E . . .
Chunk Length
Transmission
Sequence Number
Gap Ack Block #G
Start
Gap Ack Block #G End
Duplicate TSN #D
Stream Identifier
Stream Sequence Number
Duplicate TSN #1
Payload Protocol Identifier
...
User Data
Duplicate TSN #D
 The DATA
user data
chunks
is sent
are acknowledged
inside the DATA
by the
chunks.
SACKThe
chunks.
Payload Protocol Identifier
(PPI)
identifies
upper user all
thatTSNs
generated
thetoDATA
 A
SACK
chunk the
acknowledges
previous
(andchunk.
including) the Cumulative
 TSN
A DATA
Acknowledgement.
chunk is uniquely The
identified
Gap Ack
by itsBlocks
Transmission
are included
Sequence
if thereNumber
is a hole (TSN).
in the
reception
Its order inside
sequence.
the Stream is given by the Stream Sequence Number (SSN).
 If
The
a duplicate
B (Beginning)
TSN was
andreceived
E (End)duplicated,
flags are used
its TSN
when
is fragmenting
included in athe
Duplicate
user data.
TSN.
The
U (Unordered) flag identifies the unordered DATA chunks.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Taking profit of multihomed hosts
Source Port
Port Number
Number
Source
Destination Port
Port Number
Number
Destination
Verification
Verification Tag
Tag =
= Tag
Tag Z
Z
Chunk
(SACK)
Type =
=3
3
Chunk
(SACK)
Type
Checksum
Checksum
Chunk
Reserved)
Flags
Chunk
(( Reserved)
Flags
Chunk Length
Length
Chunk
Cumulative TSN
TSN Acknowledgement
Acknowledgement
Cumulative
Advertised Receiver
Receiver Window
Window Credit
Credit
Advertised
Number of
of Gap
Gap Ack
Ack Blocks
Blocks =
=G
G
Number
Source Port Number
Number of
of Duplicate
Duplicate TSNs
TSNs =
=D
D
Number
Gap Ack
Ack Block
Block #1
#1 Start
Start
Gap
Destination Port Number
Source Port Number
Verification Tag = Tag Z
Gap Ack
Ack Block
Block #1
#1 End
End
Gap
Chunk
(DATA)
Type = 0
Checksum
Reserved U B E
Transmission Sequence Number
Gap Ack
Ack Block
Block #G
#G End
End
Gap
Duplicate TSN
TSN #1
#1
Duplicate
.. .. ..
Stream Identifier
Destination Port Number
Verification Tag = Tag Z
Chunk
(DATA)
Type = 0
Chunk Length
.. .. ..
Gap Ack
Ack Block
Block #G
#G Start
Start
Gap
Checksum
Reserved U B E
Chunk Length
Transmission Sequence Number
Stream Sequence Number
Stream Identifier
Stream Sequence Number
Payload Protocol Identifier
Payload Protocol Identifier
User Data
User Data
Duplicate TSN
TSN #D
#D
Duplicate
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Chunk
(SACK)
Type = 3
Checksum
Chunk
( Reserved)
Flags
Chunk Length
Cumulative TSN Acknowledgement
Advertised Receiver Window Credit
Number of Gap Ack Blocks = G
IP Network
Source Port Number
Number of Duplicate TSNs = D
Gap Ack Block #1 Start
Destination Port Number
Verification Tag = Tag Z
Gap Ack Block #1 End
Chunk
(DATA)
Type = 0
...
Checksum
Reserved U B E
Chunk Length
Transmission Sequence Number
Gap Ack Block #G Start
Gap Ack Block #G End
Stream Identifier
Stream Sequence Number
Duplicate TSN #1
Payload Protocol Identifier
...
User Data
Duplicate TSN #D
 During the establishment phase the two peers exchange their IP addresses.
 All of them can be used as source or destination addresses.
 However, one of them is the Primary Address and is the one normally used as the
destination address. The rest are kept as a backup in case the Primary Address fails
and also used for the retransmissions.
 In case the Primary Address fails, we can use any of the other addresses.
 This way we have network redundancy and it is less probable to loose an association
due to network failures.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
The Head Of Line (HOL) blocking in TCP
TCP User
6
5
4
3
2
1
1
2
32
324
5324
65234
514236
TCP connection
Receiver's Buffer
 It happens when the data sender sends unrelated messages through the same TCP
connection and one segment is lost in the way to the receiver.
 Even if all the subsequent of segments arrive normally to the receiver, they will be
kept at the receiver.
 Only when the lost segment is retransmitted and arrives to the receiver the rest of
messages can be delivered to the upper user.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Avoiding the HOL blocking in TCP using
several connections
2
1
2
1
2
TCP
User A
TCP
User B
TCP
User C
2
1
2
1
2
Receiver's
Buffer A
Receiver's
Buffer B
Receiver's
Buffer C
TCP connection A
2
2
TCP connection B
2
1
1
TCP connection C
 The HOL blocking can be avoided using different TCP connections for different user
messages.
 If one segment is lost in one of the connections, it does not affect the other user
messages.
 However, having many open connections is expensive.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Avoiding the HOL blocking in SCTP using
several streams
SCTP User
2/1
1/1
2/1
1/1
2/1
Stream 0
Stream 1
Stream 2
2/1
3/1
4/1
5/1
6/1
Stream 0
2/1
6/1
1/1
5/1
SCTP association
6/1
4/1 2/1 3/1
Stream 1
5/1
6/1
Stream 2
5/1
Receiver's Buffer
 In SCTP, a stream represents an uni-directional logical channel within which all user
messages are delivered in sequence.
 The TSN uniquely identifies the DATA chunks belonging to an association, and the
SSN is used to order those DATA chunks within a stream, independently of the other
streams. The Stream Identifier in the DATA chunk identifies the stream used.
 A DATA chunk can be sent to any existing stream of the association.
 A missing TSN sent to one stream does not affect to any TSN sent to another stream.
 The streams are cheap. They all share the same buffer and congestion variables.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Avoiding the HOL blocking in SCTP using
unordered DATA chunks
SCTP User
6/0
5/0
SCTP association
4/0
3/0
2/0
1/0
1
2/0
3/0
2/0
5/0
4/0
2/0
3/0
5/0
6/0
5/0
2/0
3/0
4/0
6/0
Stream 0
Receiver's Buffer
 The DATA chunks sent with the U flag set are delivered to the upper user as soon as
they are reassembled at the receiver.
 They are not directed to any specific stream.
 Unordered DATA chunks are conceptually similar to UDP datagrams. However,
unordered messages are normally acknowledged and can also be fragmented.
 Using unordered data we can also avoid the HOL blocking without even using
streams. However, this scheme can be used only if the order of delivery of user
messages does not matter.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
The path heartbeat mechanism
Source
Port
Number
Source
Port
Number
Destination
Port
Number
Destination
Port
Number
Verification
Tag
= Tag
Verification
Tag
= Tag
A Z
Checksum
Checksum
Chunk
Type
Chunk
Type
= 5= 4
(HEARTBEAT)
(HEARTBEAT
A.)
Chunk
Flags
Chunk
Flags
(Reserved)
(Reserved)
Heartbeat
Info
Type
Heartbeat
Info
Type
= 1= 1
Chunk
Length
Chunk
Length
Heartbeat
Info
Length
Heartbeat
Info
Length
Sender-specific
Heartbeat
Info
Sender-specific
Heartbeat
Info
Source Port Number
Destination Port Number
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Verification Tag = Tag A
Checksum
Chunk
(HEARTBEAT)
Type = 4
Chunk Flags
Checksum
(HEARTBEAT
Chunk Type =(Reserved)
A.)
5
Chunk Flags
Chunk Length
(Reserved)
Chunk Length
Heartbeat Info Type = 1
Heartbeat Info Length
Heartbeat Info Type = 1
Heartbeat Info Length
Sender-specific Heartbeat Info
Sender-specific Heartbeat Info
 One host sends the HEARTBEAT chunk to its peer. It contains a TLV structure similar
to a Parameter, called Heartbeat Info. Its internal structure is implementation specific.
 Upon receipt of this chunk, the receiver must answer with a HEARTBEAT ACK chunk,
copying the Heartbeat Info inside the HEARTBEAT ACK chunk.
 If the HEARTBEAT ACK chunk is not received on time, it counts as an error on the
address used. Too many errors make the address to be considered as unreachable.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Reporting non fatal errors in SCTP
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Checksum
Chunk Type = 9
(ERROR)
Chunk Flags
(Reserved)
Chunk Length
Error Causes
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Chunk
(ERROR)
Typ = 9
Checksum
Chunk
(Reserved)
Flags
Chunk Length
Parameters
 If one of the hosts involved in an association has any non-fatal problem, it sends an
ERROR chunk to its peer endpoint.
 An ERROR chunk must include at least one Error Cause indicating the reason(s)
why the chunk was sent.
 They are used to indicate solvable problems, to help debugging SCTP
implementations and to make SCTP extensions backward compatibles.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Aborting associations in SCTP
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Checksum
Chunk Type = 6
(ABORT)
Reserved
Chunk Length
T
Error Causes
Source Port Number
Destination Port Number
Verification Tag = Tag Z
Chunk
(ABORT)
Typ = 6
Reserveddf
Checksum
T
Chunk Length
Parameters
 When a host has a problem that makes impossible continuing with an existing
association, it sends the ABORT chunk.
 As the ERROR chunk, the ABORT chunk can carry Error Causes to state which was
the problem. However, they are not compulsory in the ABORT chunk.
 Once the ABORT chunk is received, the association ceases to exist. The abort
procedure should not be used to terminate associations if possible.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Gracefully termination of an association
Source Port Number

If a host wants to start the shutdown
procedure, it sends the SHUTDOWN
chunk.

Is the responsibility of the sender to
send this chunk when all the data it
wants to send has been already
acknowledged.

The SHUTDOWN chunk includes the
Cumulative TSN Acknowledgement
as the SACK chunk does.

When the peer endpoint has also
received the acknowledgement of all the
DATA chunks, it sends back the
SHUTDOWN ACK chunk.
Destination Port Number
Source Port Number
Destination
Port Number
Verification Tag = Tag
Z
Z
Verification
Tag = Tag A
Checksum
Chunk Type = 8
(SHUTDOWN)
ChunkType
Type==14
9
Chunk
A.)
(SHUTDOWN C.)
Chunk Flags
Checksum
Chunk Length
(Reserved)
Chunk Flags
Reserved
T TSN ACK Chunk Length
Cumulative
(Reserved)
Source Port Number
Verification Tag = Tag Z
Destination Port Number
Checksum
Verification
Tag = Tag Z
Chunk
(Reserved)
Flags
Source
Port Number
Destination Port Number
Chunk Length
Checksum
Verification Tag = Tag A
Chunk
(Reserved)
Flags
Chunk Length
Received Cookie
Checksum
(SHUTDOWN
Chunk TypeCumulative
= A.)
9
Chunk
(Reserved)
Flags
TSN
ACK
Chunk Length
Source Port Number
(COOKIE
Chunk Type
ECHO)
= 10
Chunk
(SHUTDOWN)
Type = 8
 The
When
If a host
lastthe
chunk
wants
peerto
used
endpoint
start
in the
thehas
shutdown
shutdown
also received
procedure,
procedure
theis
it acknowledgement
sends
the SHUTDOWN
the SHUTDOWN
COMPLETE.
of allchunk.
the DATA
it sends
backofthe
ACKthis
 chunks,
The
Is the
T (TCB
responsibility
missing)
flag
theSHUTDOWN
issender
set when
to send
there
ischunk.
not
chunk
a TCB
when
at the
allSHUTDOWN
the data it wants
ACK to
receiver.
send hasThis
beencan
already
happen
acknowledged.
if the peer has restarted.
 In
The
SCTP
SHUTDOWN
there are not
chunk
halfalso
closed
includes
associations
the Cumulative
as in TCP.
TSN
TheAcknowledgement
shutdown procedureas
is
theasymmetric.
SACK chunk does.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Summarizing: Main characteristics of SCTP
 It is able to take profit of multihomed hosts.
 It can avoid the SYN attack thanks to its cookie mechanism.
 The existence of independent streams helps avoiding the HOL blocking.
 It is message-oriented as UDP, but at the same time reliable as TCP is.
 It is able to notify error conditions, thus making possible solving certain errors at
the transport level.
 It is highly inspired in TCP. Most of the optional features of TCP are compulsory in
SCTP. The congestion avoidance mechanism is the same as in TCP.
 SCTP uses a very similar socket interface than the one TCP uses.
 There are already some open source SCTP implementations.
 SCTP performance is at least as good as TCP's one.
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Questions?
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
Extra slides
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
The finite state machine model (I)
ABORT
ABORT
Any State
ABORT
INIT
ASSOCIATE
CLOSED
INIT ACK
INIT
COOKIE ECHO
INIT ACK
COOKIE-WAIT
COOKIE ACK
COOKIE ECHO
COOKIE
ACK
COOKIE-ECHOED
 As TCP, SCTP is a
symmetrical
protocol.
The client and the server
are functionally identical.
 It
uses
a
four-way
handshake establishment
procedure. However, the
last two legs can already
carry user data.
 It provides mechanisms to
solve initiation collisions
or to realize about a
restart of the peer.
ESTABLISHED
ASSOCIATE
SHUTDO
WN
CLIENT
ESTABLISHED
SHUTDOWN
SHUTDOW
N
COMPLETE
State
User Primitive Call
Control chunk
sent or received
State change
SERVER
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola
Espoo, 12th of February, 2002
The finite state machine model (II)
SHUTDO
WN
SHUTDOWN
ESTABLISHED
CLIENT
SERVER
SHUTDOWNPENDING
*
SHUTDOWN
SHUTDOWN
ACK
SHUTDOWNRECEIVED
SHUTDOWN ACK
SHUTDOW
N
COMPLETE
SHUTDOWNSENT
SHUTDOWN
 There is not half closed
associations in SCTP.
 The shutdown algorithm is
asymmetric. Once one
endpoint starts closing the
association, the other host
must do the same.
SHUTDOWN
COMPLETE
*
SHUTDOWNACK-SENT
ESTABLISHED
ASSOCIATE
* The state is changed and
the signal is sent when
there are no more
outstanding DATA chunks.
 SCTP uses a three-way
handshake
shutdown
algorithm.
SHUTDOW
N
COMPLETE
State
User Primitive Call
Control chunk
sent or received
State change
CLOSED
Stream Control Transmission Protocol: The design of a new reliable transport protocol for IP networks
Author:
Iván Arias Rodríguez
Supervisor: Raimo Kantola