Stream Control Transmission Protocol - SCTP

Protocol Engineering Laboratory

Randall Stewart NSSTG

Computer Science Dept

Prof. Paul Amer

Located at http://sctp.org Under the RFC tab

Where does it fit in?

application
Transport UDP TCP SCTP DCCP UDP
lite

application
UDP TCP SCTP DCCP UDP
lite

IP IP

CHAOS !
IP IP IP

IP

IP

What is SCTP?
Start with TCP: reliable (retransmissions) congestion-controlled flow-controlled connection-oriented selective acknowledgments Add: association 4-way handshake to reduce vulnerability to DOS attacks framing, unordered service preserve message boundaries multistreaming not one ordered stream, but 64K independent ordered streams multihoming not one, but a set of IP addresses per endpoint reachability heartbeating keeps track of endpoint status

SCTP Overview
Services/Features Connection-oriented Full duplex Reliable data transfer Partial-reliable data transfer Flow control TCP-friendly congestion control ECN capable Ordered data delivery Unordered data delivery Uses selective ACKs Path MTU discovery Application PDU fragmentation Application PDU bundling Preserves application PDU boundaries Multistreaming Multihoming Protection against SYN flooding attack Allows half-closed connections Reachability check Pseudo-header for checksum Time wait state SCTP yes yes yes optional yes yes yes yes yes yes yes yes yes yes yes yes yes no yes no (uses vtags) for vtags TCP yes yes yes no yes yes yes yes no optional yes yes yes no no no no yes yes yes for 4-tuple UDP no yes no no no no no no yes no no no no yes no no n/a n/a no yes n/a

SCTP Association setup

How many way handshake ? Host A closed
INIT (V=0 ; I=T

Host B V: verification tag I: initiation tag

closed

cookie wait

agA)

INIT PDU

SCTP Association setup

Host A closed
INIT (V=0 ; I=T

(contd)

Host B V: verification tag I: initiation tag

closed

cookie wait

agA)

CK ) T_A NI TagB I I= agA; (V=T

INIT ACK PDU

SCTP Association setup

Host A closed
INIT (V=0 ; I=T

(contd)

Host B V: verification tag I: initiation tag

closed

cookie wait

agA)

cookie echoed

CK ) T_A NI TagB I I= agA; T (V=C OOK IE_E CHO (V=T agB)

COOKIE ECHO PDU

SCTP Association setup

Host A closed
INIT (V=0 ; I=T

(contd)

Host B V: verification tag I: initiation tag

closed

cookie wait

agA)

cookie echoed

CK T_A B) INI =Tag I agA; T (V=CO OKI E_EC (V=T HO agB) A KIE_ COO A) =Tag (V CK

estbld

estbld 4way handshake !

COOKIE ACK PDU

Security: TCP Flooding Attack

(attackers)

Internet

spoofed SYNs

130.2.4.15 128.3.4.5 SYN SYN 130.2.4.15 192.10.2.8 SYN 228.3.14.5

(victim) TCP-based web server

process SYN TCB TCB

SYN 221.3.5.10 SYN 190.13.4.1 SYN

228.3.14.5

TCB
190.13.4.1

flooded!!

TCB = Transport Control Block

4-way handshake limits attack

(attackers)

spoofed INITs

130.2.4.15 128.3.4.5 INIT INIT-ACK 130.2.4.15 192.10.2.8 Internet INIT 228.3.14.5

(victim) SCTP-based web server

process INIT

INIT-ACK 228.3.14.5

221.3.5.10 INIT 190.13.4.1 INIT-ACK 190.13.4.1

No reserved resources

Message Boundaries, UDP, TCP, and SCTP

Example - DNS

Response size <= 512, UDP is used If response size > 512, TCP is used

Application must preface the header with message length

UDP preserves message boundaries TCP does not SCTP does

Data flags manage message boundaries and fragmentation

IP Encapsulated SCTP PDU

IP PDU SCTP PDU Data Chunks

Message 1

Message 2

l ro nt Co s TP unk SC Ch on mm Co r TP ade SC He er ad He

k un Ch s ta der Da ea H

IP

A Large Message Transfer

(2760 octets) data sent from application

data delivered to application receive buffer (6)

TSN TSN TSN TSN TSN TSN 6 5 4 3 2 1

data to be sent
TSN TSN TSN TSN TSN TSN 6 5 4 3 2 1

A1 A2

TSN 6 1 4 3 2 5

TSN TSN 6 1 4 5 3 2

B1 B2

Path MTU = 512 octets

1 - B bit set to 1 2 - E bit set to 1

Multi-homed Considerations
When a peer is multi-homed, a primary destination address will be selected by the SCTP endpoint. By default, all data will be sent to this primary address.* When the primary address fails, the sender will select an alternate primary address until it is restored or the user changes the primary address.

* Concurrent Multipath Transfer (CMT) may change this rule

TCP data transfer with single path failure

data sent by application data to be sent 6 5 4 3 2 2 6 5 4 3 3 6 5 4 4 6 5 1 A1 5 4 3 2 6 1 A2 connection fails! 4 5 6 3 2 1 B1 B2 data delivered to application receive buffer (6) 2 3 1

SCTP data transfer with single path failure

data sent from application data to be sent 6 5 4 3 2 2 6 5 4 3 3 6 5 4 4 6 5 5 6 6 1 A1 2 6 3 4 5 1 4 5 A2 6 5 4 3 2 6 1 4 5 6 B1 B2 data delivered to application receive buffer (6) 6 5 4 3 2 1

retransmission and eventual failover

SCTP Multistreaming

Logical separation of data within an assoc Designed to prevent head-of-line blocking Can be used to deliver multiple objects belonging to the same assoc

Eg: objects on a webpage, multimedia streams (audio/video/text), files in an FTP mget

TCP experiences HOL blocking

sent from application objects in send buffer

HOL blocking!

delivered to application receive buffer

retransmission loss
TCP connection Web server Web client

SCTP Multistreaming reduces HOL blocking

sent from application objects in send buffer

delivered to application receive buffer retransmission loss

stream 1 stream 2 stream 3

Web server

SCTP association

Web client

Head-of-Line (HOL) Blocking

HTTP over TCP HTTP over SCTP (multistreaming)

= PDU lost

= PDU lost

time

time

TCP work-around to mitigate HOL blocking

How?

Multiple persistent TCP connections to transfer independent web objects Possible HOL blocking within one TCP connection No shared sequence space => Less robust to loss detection and recovery Increased load on web server Increased connection establishment latency during SYN losses. Aggressive behavior during congestion

Problems

SCTP and TCP: Similarities

Both use a handshake to setup and terminate the state (communication) relationship between peers Both have an abortive method to terminate the state Both provide a reliable ordered service: Both follow an AIMD-based congestion control mechanism.
Lost data is retransmitted Data is (or can be) delivered in the order sent

SCTP and TCP

SCTP uses a four-way handshake to setup an association. TCP uses a three-way handshake to setup a connection. However, this does not mean that data can start to be sent more quickly (relative to the start of the connection) with TCP. SCTP can exchange data on the third and fourth leg of its handshake. TCP in practicality does not (due to socket API issues).

SCTP and TCP

SCTP delivers messages, not a byte stream
An application using TCP must frame its own messages Escapes head of line blocking, while preserving order within each stream

SCTP streams allows partially ordered transfers

An SCTP sender can send all messages in a single ordered stream to achieve the same behaviour as TCP.

SCTP and TCP

SCTP also provides a reliable un-ordered service for applications

Where is it in BSDish systems?

Available in FreeBSD 7.0 (patch avail for 6.0, 6.1 and 6.2 Available as a KLM for MAC O/S X Available for NetBSD, But? Not supportable on OpenBSD :-(

Where is it?

Other O/S's have it too

Linux (lk-sctp project), HP-UX (from Emerson), Solaris 10, AIX and a myriad of purchasable stacks.

Also a user space open source stack that can run in windows (supported by Kyoto Univ).

Other stuff

One of the MOST active groups in the SCTP community is the WIDE SCTP-wg, if you are a WIDE member please join it :-D Later this year (August) Kyoto University will be th hosting the 9 SCTP inter-op, thank you :-D SCTP documents continue to move through the IETF, many of which are implemented in most implementations (BSD stack implements all extensions that I know of :-)