Upload
doandang
View
219
Download
3
Embed Size (px)
Citation preview
TSIN02 - Internetworking
2004 Image Coding Group, Linkpings Universitet
Lecture 5: SCTP
Litterature: RFC3257 SCTP Applicability Statement RFC3286 Introduction to SCTP Forouzan 3rd ed, Chapter 13 (optional) RFC2960 (optional extra material) RFC3309 (optional extra material)
TSIN02 - Internetworking
2
Lecture 5: SCTP
Outline:
What is SCTP?
Why SCTP?
SCTP Architecture
SCTP Header
Establishing connections
TSIN02 - Internetworking
3
What is SCTP?SCPT is a message-
oriented, reliable protocol that combines features from TCP and UDP.
But we already have TCP, UDP (and RTP) at the transport layer!
Figure from Forouzan
TSIN02 - Internetworking
4
Why SCTP?There are some limitations in TCP:
TCP use a strict order-of-transmission delivery of data
TCP is stream-oriented on a byte level
TCP have no support for multihoming
TCP does not scale well
TCP does not support timer control
TCP is relatively vulnerable to denial-of-service attacks
UDP limitations: Unreliable Transmission
No error or congestion control
No check for out-of-order or duplicated messages
PSTN signaling has been the main motivation for SCTP
TSIN02 - Internetworking
5
PSTN Signaling RequirementsWhen (1998) the SIGTRAN working group started to design a transport
protocol for transport of signaling protocols they identified the following points as important (RFC2719):
Transport a variety of SCN (Switched Circuit Network) protocol types, eg MTP3, ISUP, SCCP, TCAP etc., with the ability of providing a way to identify the specific SCN protocol being transported.
Provide a common base protocol defining header formats, security extensions and procedures for signaling transport, and support extensions to add individual SCN protocols if needed.
Together with IP, provide the relevant functionality as defined by the SCN lower layer.
Support the ability to multiplex several higher layer SCN sessions on one underlying signaling transport session. This allows, for example, several DSS1 D-channel session sto be carried in one signaling transport session
Be able to transport complete messages of greater length than the underlying SCN segmentation/reassembly limitations.
Allow for a range of suitable robust security schemes to protect signaling information being carried across networks.
Provide for congestion avoidance on the internet by supporting appropriate controls on signaling traffic generation and reaction to network congestion.
TSIN02 - Internetworking
6
PSTN Signaling Requirements cont. Relevant lower layer functionality may include:
flow control in sequence delivery of signalling messages within a control
stream logical identification of the entities on which the signaling
messages originate or terminate logical identification of the physical interface controlled by the
signalling message error detection recovery from failure of components in teh transit path retransmission and other error correcting methods detection of unavailability of peer entities
TSIN02 - Internetworking
7
More desirable features Ability to discover the Maximum Tranfer Unit (MTU) of the path
used and possiblity to fragment user data to conform to this MTU
Possibility of sending user messages within multiple streams inside the same association. Sequenced delivery of the user messages sent through the same stream, and possibility of order-of-arrival delivery of individual user messages.
Possibility of bundling multiple user messages into a single packet.
TSIN02 - Internetworking
8
SCTP - early proposalsMany protocols were suggested, eg
Reliable UDP
UDP for TCAP (T/UDP)
Simple SCCP Tunneling Protocol
PURDET
Multi-Network Datagram Transmission Protocol (MDTP)
All of the above were designed to run on top of UDP!
Finally SCTP were developed from MDTP.
TSIN02 - Internetworking
9
SCTP HistoryIn 1998 The SIGTRAN working group was formed by the IETF.
The motivation was to move existing telephone signaling protocols to run over IP. At that time several different protocols were suggested, all running over UDP. Finally SCTP was designed based on a protocol called MDTP (Multi-network Datagram Transmission Protocol).
RFC2960 was published in October 2000. After that, the Transport Area Working Group (TSVWG) took over the responsibility for the continued work on SCTP. Some updates and extentions have been designed, eg an updated checksum algorithm.
TSIN02 - Internetworking
10
SCTP ServicesSCTP offers the following services: acknowledged error-free non-duplicated transfer of user data data fragmentation to conform to discovered path MTU size sequenced delivery of user messages within multiple streams,
with an option for order-of-arrival delivery of individual user messages
optional bundling of multiple user messages into a single SCTP packet
network-level fault tolerance through supporting of multihoming at either or both ends of an association
The design of SCTP includes appropriate congestion avoidance behavior and resistance to flooding and masquerade attacks.
TSIN02 - Internetworking
11
SCTP Features Connection state at endpoints Reliable data transfer Congestion control and avoidance Message boundary conservation Path MTU discovery and message fragmentation Message bundling Multi-homed hosts support Multi-stream support Unordered data delivery possible State cookie against SYN flood attack Built in heartbeat (reachability check)
TSIN02 - Internetworking
12
Multiple Streams In SCTP the data reliability mechanism has been separated
from the message ordering mechanism A Stream in SCTP means a sequence of messages Independent messages can be transferred in parallel without
any interdependency (ie in different streams) Unordered message delivery is possible
Figure from Forouzan
TSIN02 - Internetworking
13
Multi-homed Support Several IP addresses can be listed during handshake Both IPv4 and IPv6 addresses are valid. One path is chosen as primary Other paths are checked for availability through Heartbeat Retransmissions are send on different path Switch path if congested.
Figure from Forouzan
TSIN02 - Internetworking
14
Security ConsiderationsSCTP have been designed with these security objectives:
availability of reliable and timely data transport services
integrity of the user-to-user information carried by SCTP
SCTP includes mechanisms that protects against blind denial-of -service attacks
(A blind attack is one where the attacker is unable to intercept or othervise see the content of data flows passing to and from the target SCTP node)
These include the 4-way handshake with a cookie and delayed commitment to resources.
TSIN02 - Internetworking
15
Error Control SCTP uses checksums and retransmissions to achieve reliable
transfers SCTP have built in support for selective acknowledgement
TSIN02 - Internetworking
16
Flow and Congestion ControlFlow and Congestion control in SCTP is mostly similar to that of
TCP, ie sliding windows, slow start, additive increase etc
Differences are due to: SCTP supports multiple streams, all are handled by the same
congestion control. SCTP supports multihoming, the different paths typically have
different congestion control parameters.
TSIN02 - Internetworking
17
SCTP Association The communication relationship is called an SCTP Association There can be only one association between two endpoints. An endpoint is defined by a port number and one or more IP
addresses.
TCP
IP Network Service
SCTP User App.
SCTP Transport Service
IP Network Service
SCTP Transport Service
SCTP Node A SCTP Node BOne or moreIP-addressappearance
TSIN02 - Internetworking
18
Endpoint Responsibilities Stream queue management User message fragmentation Generate acknowledgements Congestion avoidance Data bundling Packet validation Path management
TSIN02 - Internetworking
19
Connection Establishement
In SCTP connection is established through a 4-way handshake:
Figure from Forouzan
TSIN02 - Internetworking
20
Closing a ConnectionSCTP Uses a 3-message procedure to allow for a graceful
shutdown. There is also a non-graceful abort possible.
SCTP does not support half-open connections
Figure from Forouzan
TSIN02 - Internetworking
21
State diagramsDuring connection establishement the SCTP endpoints goes
through a set of states in response to various events.
CLOSED
rcv INIT(Generate cookiesnd INIT ACK)
From any state
COOKIE WAIT
COOKIE-ECHOED
ESTABLISHED
rcv valid COOKIE ECHO(create TCBsnd COOKIE ACK)
(create TCBsnd INITstrt init timer)
rcv COOKIE ECHO (snd COOKIE ECHO,stop init timer, strt cookie timer
rcv COOKIE ACK(stop cookie timer)
TSIN02 - Internetworking
22
State Example
Figure from Forouzan
TSIN02 - Internetworking
23
SCTP Building Blocks The data unit it SCTP is a chunk.
Contains at most one message from the sender
All chunks in an association are numbered using Transmission Sequence Numbers (TSN), in order.
There are two types of chunks, data chunks and control chunks.
Each stream in an association is identified with its Stream Identifier (SI).
In each stream the chunks are numbered using Stream Sequence Numbers (SSN), in order.
Several chunks, possibly from different streams, can be sent at the same time in SCTP packets. A packet contains a packet header and a number of chunks.
TSIN02 - Internetworking
24
SCTP: Packet, chunks and streams
Figure from Forouzan
TSIN02 - Internetworking
25
SCTP Packet Format
Figure from Forouzan
TSIN02 - Internetworking
26
TCP SCTP Comparison
Figure from Forouzan
TSIN02 - Internetworking
27
Chunk Field Format
Chunk Type (8 bits): Identifies the type of information contained in the Chunk Value field.
Chunk Flags (8 bits): Usage depends on the chunk type.
Chunk Length (16 bits): The size of the chunk in bytes, including type, flags, length and value fields.
Chunk Value (variable length): Contains the actual information to be transmitted.
Figure from Forouzan
TSIN02 - Internetworking
28
Chunk Types
Figure from Forouzan
TSIN02 - Internetworking
29
Chunk type extensionsNew chunk types may be developed.
Chunk types are ordered so that the highest order two bits specify the action that must be taken if the endpoint does not recognise the chunk type.
00 - stop processing and discard the packet 01 - stop processing and discard the packet and send an error
report 10 - skip this chunk and continue processing 11 - skip this chunk and continue processing and send an error
report
TSIN02 - Internetworking
30
DATA Chunk type
U UnorderedB Beginning of messageE End of message
Figure from Forouzan
TSIN02 - Internetworking
31
INIT Chunk
Figure from Forouzan
TSIN02 - Internetworking
32
INIT ACK Chunk
Figure from Forouzan
TSIN02 - Internetworking
33
COOKIE ECHO and ACK Chunks
Cookie Echo:
Cookie Ack:
Figures from Forouzan
TSIN02 - Internetworking
34
SACK Chunk
Figure from Forouzan
TSIN02 - Internetworking
35
Applications Telephone signaling SS7, SIP, MEGACO... Web pages Ftp Mobile SCTP MPEG4 video (?) Instant messaging AAA messaging - DIAMETER ...
TSIN02 - Internetworking
36
Timers in SCTPThe following timers are used within SCTP: init timer cookie timer retransmission timer shutdown timer heartbeat timer
TSIN02 - Internetworking
37
Data Transfer Example
Figure from Forouzan
TSIN02 - Internetworking
38
Available Implementations Open source can be found at www.sctp.org Huges Artesyn Communication Products Inc ...
SCTP is currently included in SUN Solaris, HP-UX, IBM AIX ...
Proprietary implementations have been made by Cisco Siemens Nokia Ericsson? ...
TSIN02 - Internetworking
39
ReferencesWWW:
www.ietf.org/html.charters/sigtran-charter.html www.ietf.org/html.charters/tsvwg-charter.html www.sctp.org http://tdrwww.exp-math.uni-essen.de/inhalt/forschung/sctp_fb/
Articles:
Improving File Transfers Using SCTP Multistreaming by S. Lahda and P.D.Amer, IPCCC 2004
Using SCTP with Partial Reliability for MPEG-4 Multimedia Streaming by M. Molteni and M. Villari, BSDCon Europe 2002
A Modified SCTP Handover Scheme for Real Time Traffic by A. Kelly, P. Perry and J. Murphy, HETNETs '03
Books:
Stream Control Transmission Protocol (SCTP) A Reference Guide by R.R Stewart and Qiaobing Xie
TSIN02 - Internetworking
40
SCTP SummarySCTP is a new transport protocol that like TCP provides connection-oriented and reliable tranmission
of data unlike TCP supports multiple streams within one connection unlike TCP supports multihoming Have built in protection against blind denial-of-service attacks was designed for use with PSTN signaling. Can be used for transmission of SIP signals, webpages, ftp
mobile SCTP...