STREAM CONTROL TRANSMISSION PROTOCOL (SCTP)

SCTP service model• connection oriented

• reliable data transfer - no loss - no duplicates - data integrity

• ordered / unordered delivery

TCP provides only ordered service.If the application desires unordered service,

it has the option of using UDP => unreliable

SCTP separates data reliability from ordered delivery SCTP can provide unordered service with reliability SCTP can provide ordered service with reliability

• SCTP preserves message boundaries TCP is byte-oriented. Applications must add their own record marking to delineate messages.

• concept of chunks

• security against SYN flooding attack

• multi-homing

• multi-streaming

• message fragmentation and bundling

• congestion control

Comparison between SCTP, TCP and UDP

Feature SCTP

TCP

UDP

State required at endpoints Yes Yes No

Reliable Data Transfer Yes Yes No

Multi-homed Host Support Yes No No

Multi-Stream Support Yes No No

Security against SYN attacks Yes No No

Unordered Data Delivery Yes No Yes

Failure detection (Heartbeat) Yes No No

SCTP PDU format

1 common header + chunks (control or data)

Motivation

• Many applications need reliable message

delivery – they do so by delineating a TCP

stream

• TCP provides both strict-ordering and

reliability – many applications may not

need both

Motivation (contd)

• HTTP is one such application– While transferring multiple embedded files we

only want• Reliable file transfer for each file• Partial ordering for the packets of each file but not

total ordering amongst all the packets

– TCP provides more than this (but overhead?)– SCTP may help (how? – later)

HTTP Server ArchitectureMultiple File Transfer (Embedded files) - TCP

Client

Server

Childprocess

Request file 0

Fork childSend file 0

Request file 1..N

Send file 1,2,…N

HTTP Server ArchitectureMultiple Files Transfer (Embedded Files) - SCTP

Client

Server

Childprocess

Request file 0

Fork childSend file 0 – stream 0

Request files 1..N

Send file 1 – stream 1

Send file N – stream N

Reason

3 2 1 3 2 1

File 2File 31

TCPReceive buffer in kernel

Server Client

TCPSend buffer in kernel

23123

Reason

3 2 1 3 2 1

File 2File 3

1

SCTPReceive buffer in kernel

Server Client

SCTPReceive buffer in kernel

2

3

1

2

3

Multi-homing

single-homed SCTP endpoint

A1

Host A

IP=128.33.6.12

endpoint=[128.33.6.12 : 100]

B2

multi-homed SCTP endpoint

B3B1

Host B

IP1=160.15.82.20IP2=161.10.8.221IP3=10.1.61.11

endpoint=[160.15.82.20, 161.10.8.221, 10.1.61.11 : 200]

B2 B3B1

Host B

association={ [128.33.6.12 : 100] : [160.15.82.20, 161.10.8.221, 10.1.61.11 : 200] }

SCTP association

application

SCTP100

application

SCTP200

A1

Host A

IP=128.33.6.12

application

SCTP100

SCTP200

applicationIP1=160.15.82.20IP2=161.10.8.221IP3=10.1.61.11

multi-homing

• 4 possible TCP connections:•(A1,B1) or (A1,B2) or (A2,B1) or (A2,B2)

• 1 SCTP association:•({A1,A2},{B1,B2}) •Primary destinations for A & B (e.g., A1 & B1)

NetworkHost A Host BB1

B2

A1

A2

X

• What happens if a primary fails? TCP connection is broken whereas SCTP association can continue to transmit to an alternate destination address

primary alternates

DATA

• Host A monitors reachability of the primary destination address of Host B

failure detection

Host A starts the retransmission timer

• If timer expires increment error_count

If error_count > threshold state = inactive

• If Host A receives SACK before timer expires error_count = 0 & state = active

SACK

A1

Host Aapplication

SCTP100

B2 B3B1

Host Bapplication

SCTP200

• error_count is a variable associated with each destination address of a host. It is set to zero initially.

• Host A monitors reachability of alternate destination addresses of Host B

• HEARTBEAT is sent periodically to each alternate address• When a HEARTBEAT is sent

increment error_count If error_count > threshold

state = inactive

• If Host A receives a HEARTBEAT-ACK error_count = 0 & state = active

• When the primary destination address is detected unreachable => SCTP sender chooses 1 of the REACHABLE, alternate destination addresses as primary

primary alternates

HEARTBEAT HEARTBEAT-ACK

A1

Host Aapplication

SCTP100

B2 B3B1

Host Bapplication

SCTP200

association setup

mandatory -• type• chunk flags• chunk length• initiation tag• a_rwnd• outbound streams• maximum inbound streams• initial TSN

optional - • addresses(IPv4,IPv6, hostname)• supported address types• ECN capable• cookie preservative

INIT (V=0) (I=TagA)

Host AV: verification tagI: initiation tag

closed

closed

cookiewait

How many way handshake ?

Host B

SCTP INIT PDU

association setup

mandatory –All fields present in mandatory INIT +• state cookie

optional -• addresses(IPv4,IPv6, hostname)• ECN Capable• error reporting for unrecognized parameters

INIT (V=0) (I=TagA)

INIT-ACK

(V=TagA) (I=TagB)

V: verification tag I: initiation tag

closed

closedcookiewait

Host A Host B

association setup

• type• chunk flags• chunk length• state cookie

DATA chunk can be sent along with COOKIE-ECHO

INIT (V=0) (I=TagA)INIT-ACK

(V=TagA) (I=TagB)

COOKIE-ECHO

(V=TagB)

V: verification tag I: initiation tag

closed

closed

cookiewait

cookieechoed

Host BHost A

SYN

victim Flooded!!

buffer holding half-open (pending)connections

why COOKIE ???

SYN

SYN

SYN

SYN

SYN

• There is no ACK in response to the SYN-ACK, hence connection remains half-open• Other genuine clients cannot open connections to the victim• The victim is unable to provide service

TCP SYN flooding attack

attackers

128.3.4.5

192.10.2.8

221.3.5.10 SYN

SYN

190.13.4.1

228.3.14.5

130.2.4.15

how does COOKIE help ?

PrepareCOOKIE

Send INIT_ACKwith COOKIE

Host BreceivesINIT • Receiver of INIT does not make the

Transmission Control Block (TCB) [i.e no pending connection information kept]• Remains in CLOSED state• In case of attack, COOKIE-ECHO won’t arrive but receiver is unaffected

COOKIE expired ? Send ERRORchunk

Discard SCTP PDU

validyes

Sender can requestlonger cookie lifenext time through theCookie - preservativeparameter in theINIT chunk

how does COOKIE help ?

PrepareCOOKIE

Send INIT_ACKwith COOKIE

Extract & ValidateCOOKIE

Host B receivesCOOKIE-ECHO

invalidDiscard SCTP PDU

Unpack COOKIE andbuild association TCB

no

Host BreceivesINIT

association setup

• type• chunk flags• chunk length

DATA chunk can be sent along with COOKIE-ACK

INIT (V=0) (I=TagA)INIT-ACK

(V=TagA) (I=TagB)COOKIE-ECHO

(V=TagB)

COOKIE-ACK

(V=TagA)

V: verification tag I: initiation tag

closed

closed

cookiewait

established

cookieechoed

established 4 – way handshake !

Host A Host B

association shutdown

upper layerinvokes SHUTDOWN

shutdown_pending

DATA

DATA

SACK

SHUTDOWN

shutdown_sent

established established

Host A Host B

SHUTDOWN

DATASHUTDOWN+ SACK

SHUTDOWN_ACK

SHUTDOWN_COMPLETE

shutdown_sentshutdown_received

delete TCBshutdown_ack_sent

delete TCBclosedclosed

stop accepting data

when should a SACK be sent ?

DATA (TSN 1)

SACK 1 + DATAEndpoint sends DATA to its peer, always bundlea SACK chunk to ack any new DATA chunks

DATA (TSN 2)

SACK 2

If no DATA to be sent to the peer, then SACK is DELAYED Delay – 200 to 500 ms

200 ms

Host A Host B

DATA (TSN 2)

SACK 2 Duplicate data chunks => immediately send SACK without any delay

when should a SACK be sent ?

DATA (TSN 3)

SACK 4

Must send a SACK for every other SCTP PDU received without any delay

Host A Host B

DATA (TSN 4)

XDATA (TSN 5)

DATA (TSN 6)

SACK 4

One or more TSNs missing => immediately send SACK with Gap Ack blocks without any delay

200 ms

summary• SCTP PDU = 1 common header + 1 or more chunks ( control or data)

• Association setup = 4 way handshake (INIT, INIT-ACK, COOKIE-ECHO, COOKIE_ACK)

• COOKIE mechanism to prevent SYN flooding attack

• Graceful shutdown(SHUTDOWN, SHUTDOWN-ACK, SHUTDOWN-COMPLETE) no half-close as in TCP

• Separates reliability from ordered delivery

• Preserves message boundaries

• SACK chunks to ack cumulative TSN + gap ack blocks + duplicate TSNs

• Achieves link / path redundancy by supporting multi-homed hosts along with reachability check

References

• Randall R. Stewart, Qiaobing Xie. Stream Control Transmission Protocol (SCTP) A Reference Guide

• Stewart et. al. Stream Contol Transmission Protocol RFC-2960, October 2000. URL: http://www.ietf.org/rfc/rfc2960.txt

• SCTP for Beginners URL:http://tdrwww.exp-math.uni essen.de/inhalt/forschung/sctp_fb/index.html

• SCTP overview http://www.sctp.org/sctpoverview.html

• SCTP tutorial http://www.iec.org/online/tutorials/sctp/

• SCTP applicability statement http://www.ietf.org/rfc/rfc3257.txt

References

Slides collected from various sources including Keyur Shah, Sourabh Ladha, P. Amer, P. Conrad, Sam Baskinger