Lecture 9

SCTP Sockets
CPE 401 / 601 Computer Network Systems

slides are modified from Janardhan Iyengar, John Rumsey, Nimish Vartak

Where is SCTP in the stack?

Application
Socket API UDP TCP
IP

user-level kernel

Application
Socket API

Transport

SCTP

SCTP UDP TCP

IP

Transport

Wifi Eth

Wifi Eth

IP

IP
IP IP

IP

IP

 New applications

SCTP Motivation
Migration from PSTN to Packet based Internet Telephony signaling messages

Shortcomings of existing protocols

TCP head-of-line blocking Byte-oriented, not message-oriented Multi-homing support not built in DoS attack prone UDP No Reliability Absence of congestion control Absence of flow control
SCTP 3

SCTP Overview
SCTP is a reliable transport protocol operating on top of a

connectionless packet network such as IP.

RFC 2960

Has built-in support for multi-homed hosts Is message-based conserves the message boundaries. Classifies messages as:

sequenced delivery of user messages within multiple streams with an option for un-ordered delivery of individual user messages

Additional security mechanisms

SCTP 4

SCTP Feature Summary

Start with TCP:
reliable (retransmissions) congestion controlled connection oriented 4-way handshake to reduce vulnerability to DOS attacks framing preserve message boundaries multistreaming instead of one ordered stream, up to 64K independent ordered streams multihoming instead of one IP address per endpoint a set of IP addresses per endpoint

Add:

SCTP

TCP Connection Setup A

t=0

1RTT

SYN Flooding Attack

attackers
130.2.4.15 128.3.4.5

victim

Flooded!! TCB TCB TCB TCB TCB

SYN
228.3.14.5

192.10.2.8

SYN
190.13.4.1

221.3.5.10

SYN
Unavailable, reserved resources

There is no ACK in response to the SYN-ACK, hence connection remains half-open Other genuine clients cannot open connections to the victim The victim is unable to provide service

Connection setup

SCTP Features (contd )

(SYN) (SYN-ACK) INIT INIT-ACK

COOKIE-ECHO COOKIE-ACK

End-Point A

End-Point Z

SCTP

Whats in a cookie?
Information from original INIT

Information from current INIT-ACK

Timestamp Life span of cookie (Time to live) Signature for authentication (SHA-1, MD5,

etc.)

SCTP

SCTP Association Setup A

t=0

1RTT

2RTT

Connection close

SCTP Features (contd )

SHUTDOWN SHUTDOWN-ACK SHUTDOWN-CMPL

End-Point A
No Half Closed State

End-Point Z

SCTP

11

Graceful Shutdown
App signals shutdown Shutdown pending

Shutdown sent

Shutdown received

Shutdown-Ack sent

Closed
Closed

SCTP state diagram

COOKIE_WAIT CLOSED

COOKIE_ECHOED
ESTABLISHED

SHUTDOWNPENDING SHUTDOWNSENT

SHUTDOWNPENDING SHUTDOWNACK-SENT CLOSED

SCTP

13

SCTP Feature Summary

Start with TCP:
reliable (retransmissions) congestion controlled connection oriented 4-way handshake to reduce vulnerability to DOS attacks framing preserve message boundaries multistreaming instead of one ordered stream, up to 64K independent ordered streams multihoming instead of one IP address per endpoint a set of IP addresses per endpoint

Add:

SCTP

14

Message Boundaries
UDP honors message boundaries

Each app message becomes a datagram

TCP does not honor message boundaries App messages become part of a byte stream SCTP maintains message boundaries Each app message is maintained as one or more data

chunks

SCTP

15

Chunks in SCTP
An SCTP packet forms the payload of an IP packet
Chunk N Chunk 1 Checksum SCTP Header Verification Tag
4

An SCTP packet consists of a 12 byte common header and one or more Chunks Control chunks bundled before
SCTP 16

Destination Port Source Port

2 2

Length

Length

Flags

Value

Value

Type

Flags

Type

SCTP Header
Source Port & Destination Port
- Uses same port concept as TCP and UDP
Checksum SCTP Header Verification Tag
4

- Exchanged between endpoints at startup -To Validate the sender

Checksum
- Protected by 32 bit checksum (CRC32 algorithm)

Destination Port Source Port

2 2
SCTP 17

Verification Tag

SCTP Chunks
Type
Chunk

- Used to distinguish data chunks and different types of control chunks

Flags Type

Length

Value

Flags
- Usage depends on Chunk type

1 1

Length
- Required because chunks have a variable length

Value
- Payload field
SCTP 18

INIT Chunk
Type = 1 Chunk Flags Chunk Length

Initiate Tag
Advertised Receiver Window Credit (a_rwnd)

Number of Outbound Streams

Number of Inbound Streams

Initial Transmission Sequence Number (TSN) Optional/Variable-Length Parameters

SCTP

19

Data Chunk
Type = 0 Reserv. U B E Length

Transmission Sequence Number (TSN) Stream Identifier S Stream Sequence Number N

Payload Protocol Identifier

User Data (seq. n of Stream S)

SCTP

20

Selective Acknowledgement
DATA chunk TSN=109 DATA chunk TSN=110 DATA chunk TSN=111 DATA chunk TSN=112 DATA chunk TSN=113 DATA chunk TSN=114 X DATA chunk TSN=115 X DATA chunk TSN=116 DATA chunk TSN=117 DATA chunk TSN=118 DATA chunk TSN=119 DATA chunk TSN=120 DATA chunk TSN=121 DATA chunk TSN=122 DATA chunk TSN=123 DATA chunk TSN=124 X DATA chunk TSN=125 DATA chunk TSN=126 SACK chunk Cumulative TSN=113 Gap Ack Block #1 Start = +3 End = +9 Gap Ack Block #2 Start = +11 End = +13

SACK Chunk
Type = 3 Chunk Flags Chunk Length

Cumulative Transmission Sequence Number (TSN) Ack

Advertised Receiver Window Credit (a_rwnd)

Number of Gap Ack Blocks = N

Gap Ack Block #1 Start

Number of Duplicate TSNs = X

Gap Ack Block #1 End

Gap Ack Block #N Start

Gap Ack Block #N End

Duplicate Transmission Sequence Number (TSN) 1

Duplicate Transmission Sequence Number (TSN) N

SCTP 22

SCTP Feature Summary

Start with TCP:
reliable (retransmissions) congestion controlled connection oriented 4-way handshake to reduce vulnerability to DOS attacks framing preserve message boundaries multistreaming instead of one ordered stream, up to 64K independent ordered streams multihoming instead of one IP address per endpoint a set of IP addresses per endpoint

Add:

SCTP

23

Multi-streaming

A.k.a. partial ordering. Eliminates Head of Line (HOL) blocking In TCP, all data must be sent in order; loss at head of line delays delivery of subsequent data In SCTP, you can send over up to 64K independent streams, each ordered independently A loss on one stream does not delay the delivery on other streams i.e. multi-streaming eliminates HOL blocking
SCTP 24

Head-of-Line Blocking in TCP

1S 2 3 4

R
ACK 2 1 ACK 3

Rs App

5
6

ACK 3
ACK 3 ACK 3

PDU 3 is blocking the head of the line.

Head-of-line Blocking
TCP provides a single data stream When a segment is lost, subsequent segments

must wait to be processed.

Problem for some applications (telephony)

SCTP provides multiple independent streams per

association

SCTP

26

SCTP Multistreaming

Logical separation of data within an assoc Designed to prevent head-of-line blocking Can be used to deliver multiple objects belonging to the

same assoc

Eg: objects on a webpage, multimedia streams (audio/video/text), files in an FTP mget

SCTP Feature Summary

Start with TCP:
reliable (retransmissions) congestion controlled connection oriented 4-way handshake to reduce vulnerability to DOS attacks framing preserve message boundaries multistreaming instead of one ordered stream, up to 64K independent ordered streams multihoming instead of one IP address per endpoint a set of IP addresses per endpoint

Add:

SCTP

28

Multi-homing
Internet

End-Point A

End-Point Z

In TCP, connections made between <IP addr,port> and <IP addr, port> If a host is multi-homed, you have to choose ONE IP Addr only, at each end If that interface goes down, so does the connection With SCTP, you can list as many IP addresses per endpoint as you like If host is still reachable through ANY of those addresses, connection stays up. SCTP 29

SCTP Multi-Homing
IP B2 IP A1 IP A2 IP B3 IP B1

IP network

Multiple src/dest ip addresses

Use of different physical paths not guaranteed

Peer reachability and path status are monitored

(heartbeat) One selectable default destination Parameters per path (cwnd, ssthresh, RTT)

SCTP

30

What is SCTP Multihoming?

A1 A2

ISP ISP

Internet

ISP ISP

B1 B2

Host A

Host B

Hosts pick 1 of 4 possible TCP connections:

{(A1, B1), (A1, B2), (A2, B1), (A2, B2)}

Hosts use 1 SCTP association:

({A1,A2}, {B1,B2}) Selectable primary dest: Host A B1 ; Host B A1 New data sent only to primary destination

SCTP 31

Multihoming Operation

IP address A1

DATA
IP address B1

SCTP Endpoint A
IP address A2

SCTP Endpoint B DATA

IP address B2

SACK

SCTP

32

SCTP Summary
Well suited for Multimedia Like TCP Provides connection establishment Ensures Reliability Provisions for ordered and un-ordered data

Provides Congestion Control

In addition to TCP features Provides multi-homing

Provides multi-streaming
Has security features
SCTP

33

SCTP Socket Types

SCTP socket API comes in two forms: one-

to-one and one-to-many.

The one-to-many at one time was known by

the UDP style socket. The one-to-one used to be called the a TCP style socket.

So what is the purpose of each socket style

and how can it be used?

SCTP

35

One-to-One style
The purpose of the one-to-one style socket is to

provide a smooth transition mechanism for those applications running on TCP and wishing to move to SCTP. The same semantics used in TCP are used with this style. A server will typically open the socket, make a call to listen (to accept associations), and call accept, blocking upon the arrival of a new association. The only notable difference between a TCP socket and a SCTP socket is the socket call uses IPPROTO_SCTP instead of IPPROTO_TCP (or 0).
SCTP

36

One-to-One Example Server

int sd, newfd, sosz; struct sockaddr_in6 sin6;

sosz = sizeof(sin6);
sd = socket(AF_INET6, SOCK_STREAM, IPPROTO_SCTP); listen(sd, 1); while (1) { newfd = accept(sd, (struct sockaddr *)&sin6, &sosz) do_child_stuff(newfd, &sin6, sosz); }

SCTP

37

One-to-Many style
A typical server using a one-to-many style socket will

do a socket() call, followed by a listen() and recvfrom(). A typical client will just sendto() the server of his choice. Note that the connect() and accept() call are not needed. The connect() call can be done by either side (server or client) but it is not needed. Note that this style is more like what a UDP client/server would look like thus the previous name.

SCTP

38

One-to-many Example Server

int sd, newfd, sosz, msg_flags; struct sockaddr_in6 sin6; struct sndrcvinfo snd_rcv; char buf[8000]; sosz = sizeof(sin6); sd = socket(AF_INET6, SOCK_SEQPKT, IPPROTO_SCTP); listen(sd, 1); while (1) { len = sctp_recvmsg(sd, buf, sizeof(buf), (sockaddr *)&sin6, &sosz, &snd_rcv, &msg_flags); do_child_stuff(newfd, buf, len, &sin6, &snd_rcv, msg_flags);

SCTP

39

SCTP Notifications
The SCTP stack, at times, has information it

may wish to share with its application (or Upper Layer Protocol ... ULP). The ULP can turn off and on specific notifications via a socket options call. By default ALL notifications are off. We can get a notification

By reading data and looking at the msg_flags, if the message read is a notification, then "MSG_NOTIFICATION is contained within the msg_flags argument upon return.
SCTP 40

Deciphering Notifications
Every Notification uses a TLV format as

illustrated below:

Type of notifications SCTP_ASSOC_CHANGE SCTP_PEER_ADDR_CHANGE SCTP_REMOTE_ERROR SCTP_SEND_FAILED SCTP_SHUTDOWN_EVENT ....

struct sctp_tlv { u_int16_t sn_type; u_int16_t sn_flags; u_int32_t sn_length; };

SCTP

41

Socket Options
SCTP provides a host of socket options to

perform a mirad of operations. Some have unique structures others just turn things on and off with boolean's or integers.
SCTP_NODELAY SCTP_MAXSEG SCTP_ASSOCINFO SCTP_AUTOCLOSE SCTP_ADAPTION_LAYER SCTP_DEFAULT_SEND_PARAM SCTP_DISABLE_FRAGMENTS ...

SCTP

42

Extended system calls.

sctp_connectx

Allows a user to specify multiple address to attempt to connect too. Allows an application to bind a set of addresses instead of one or all addresses.

sctp_bindx

sctp_opt_info Some implementations do not support a getsockopt() call that allows data to be passed both ways. This call is compatible with all implementations. sctp_peeloff

this call is used to convert a single association that is part of a one-to-many socket into an individual new socket descriptor that is a one-to-one socket.

43

Extended system calls

sctp_getpaddrs

This call will return a block of memory holding the peers addresses currently part of the association.

sctp_freepaddrs This call is used to release the memory back that the sctp_getpaddrs call allocated.
sctp_getladdrs This call will return a block of memory holding the local addresses bound to an association. sctp_freeladdrs

This call should be used to release the memory allocated by sctp-getladdrs back to the system.
SCTP 44

Extended system calls

sctp_sendmsg This call will allow the caller to specify on the command line things like the stream number and other SCTPish information to be sent with a message.
sctp_send

This call has a similar purpose to sctp_sendmsg but instead of a large number of command line options, a sctp_sendrcvinfo structure is used to pass the relevant information.

sctp_recvmsg This call (as we saw previously) is used to receive a message but also a sctp_sendrcvinfo structure with details on the message (e.g. The stream number and stream sequence number). SCTP

45

Summary
SCTP is a new transport protocol available now in bleeding edge Linux and BSD kernels, and will make its way into the mainstream It has some cool new features

SCTP

46