SCTP Stream Control Transmission Protocol

1
SCTPStream Control Transmission Protocol

• Ramakrishna Velagapudi
• Sudheer kumar Adumulla
• Karthik Dhoopati

2
SCTP-Outline

• Motivation
• Overview of SCTP
• Architectural View of SCTP
• Functional View of SCTP
• Features of SCTP
• Message Formats
• Comparison with other protocols
• Security issues
• Performance issues
• Current Implementations
• Conclusions

3
Network-level architecture

• IP reference model

4
SCTP Motivation (contd )

• New applications
• Migration from PSTN to Packet based Internet
• Telephony signaling messages
• Shortcomings of existing protocols
• TCP
• head-of-line blocking
• Byte-oriented, not message-oriented
• Multi-homing support not built in
• DoS attack prone
• UDP
• No Reliability
• Absence of congestion control
• Absence of flow control

5
SCTP Motivation (contd )

• Many applications need reliable message delivery
  they do so by delineating a TCP stream
• TCP provides both strict-ordering and reliability
  many applications may not need both
• HTTP is one such application
• While transferring multiple embedded files we
  only want
• Reliable file transfer for each file
• Partial ordering for the packets of each file but
  not total ordering amongst all the packets
• TCP provides more than this (but overhead?)
• SCTP may help (how? later)

6
SCTP-Motivation HTTP Server Architecture

• Single File Transfer ( Both TCP and SCTP are
  similar)

Child process
7
SCTP-Motivation HTTP Server Architecture

• Multiple File Transfer (Embedded files)- TCP

Child process
8
SCTP-Motivation HTTP Server Architecture

• Multiple Files Transfer (Embedded Files) SCTP

Child process
9
What is SCTP?- Overview

• Originally designed to support PSTN signaling
  messages over IP Networks
• It is a reliable transport protocol operating on
  top of a connectionless packet network such as IP
  (same level as TCP)

10
SCTP Overview (contd )

• SCTP is a reliable transport protocol operating
  on top of a connectionless packet network such as
  IP. RFC 2960
• Has built-in support for multi-homed hosts
• Is message-based conserves the message
  boundaries.
• Classifies messages as
• sequenced delivery of user messages within
  multiple streams
• with an option for un-ordered delivery of
  individual user messages
• Additional security mechanisms

11
Architectural View of SCTP

• The basic service offered by SCTP is reliable
  transfer of user messages between peer SCTP
  users.
• Each end point provides a list of transport
  addresses to the other end point (i.e., multiple
  IP addresses in combination with an SCTP port).

12
Architectural View of SCTP

• The association spans transfers over all of the
  possible source/destination combinations which
  may be generated from each endpoint's lists.

13
Functional View of SCTP

• Association startup and takedown.
• Sequenced delivery within streams.
• User data fragmentation.
• Acknowledgement and congestion avoidance.
• Chunk bundling.
• Packet validation.
• Path management.

14
Functional View of SCTPAssociation startup and
takedown.

• An association is initiated by a request from the
  SCTP user.
• A cookie mechanism is employed during the
  initialization to provide protection against
  security attacks.
• SCTP provides a graceful (with the SHUTDOWN
  primitive) ,as well as an ungraceful close (i.e.,
  abort).
• SCTP does not support a half-open state (like
  TCP) wherein one side may continue sending data
  while the other is closed.

15
Functional View of SCTP Sequenced delivery
within streams

• Stream Sequence of user messages.
• SCTP user can specify at association startup time
  the number of streams to be supported.
• SCTP assigns a stream sequence number to each
  message.
• In the receiving side, it ensures that messages
  are delivered in sequence with in a given stream.
• While one stream may be blocked waiting for the
  next in-sequence user message, delivery from
  other streams may proceed.

16
Functional View of SCTP User data
fragmentation.

• SCTP can fragment user messages to ensure that
  the SCTP packet passed to the lower layer
  confirms to the path MTU.
• On receipt, fragments are reassembled into
  complete messages before being passed to the SCTP
  user.

17
Functional View of SCTP ACK and congestion
avoidance.

• SCTP assigns a Transmission Sequence Number (TSN,
  independent of stream sequence number) to each
  user data fragment or unfragmented message.
• The receiving end acknowledges all TSNs.
• The acknowledgement and congestion avoidance
  function is responsible for packet retransmission
  when timely ACK is not received.
• Congestion avoidance procedures similar to those
  used for TCP are used.

18
Functional View of SCTP Chunk bundling

• Each chunk may contain either user data or SCTP
  control information.
• Chunk bundling function is responsible for the
  assembly of the complete SCTP packet and its
  disassembly at the receiving end.

19
Functional View of SCTP Packet validation

• A mandatory verification tag field and a 32 bit
  checksum field are included in the SCTP common
  header.
• Packets received without the expected
  Verification Tag value are discarded (as a
  protection against blind masquerade attacks).
• ckecksum provides protection against data
  corruption in the network.

20
Functional View of SCTP Path management

• Monitors Reachability.
• Responsible for reporting the eligible set local
  transport addresses..
• At association start-up, a primary path is
  defined for each SCTP end point.
• On the receiving end, the path management is
  responsible for verifying the existence of a
  valid SCTP association to which the inbound SCTP
  packet belongs before passing it for further
  processing.

21
SCTP Key Features

• Connection set-up
• Multi-homing
• Data sending
• Multi-streaming
• Connection shut-down

22
SCTP Connection setup
(SYN) INIT
(SYN-ACK) INIT-ACK
COOKIE-ECHO
COOKIE-ACK
End-Point A
End-Point Z
23
Hand Shake
TCB-Transmission control block
24
SCTP Multi-homing
Internet
End-Point A
End-Point Z
25
SCTP Multi-Homing

• SCTP endpoints exchange the lists of IP addresses
  used at the remote endpoint. One of the listed IP
  addresses will be designed as the primary
  address.
• If the primary address repeatedly drops chunks,
  however, all chunks will be transmitted to an
  alternate address.

26
SCTP Data sending
27
Data DeliveryTCP

• Data transmission in TCP is byte-stream oriented
  in SCTP, it is message-oriented.
• In TCP, data is transported as a consecutive
  stream of bytes between two endpoints.
• The receiving application will need to do some
  complex buffering and framing to reconstruct the
  messages.

28
Data DeliverySCTP

• SCTP Each message is delivered as a complete
  read, which lifts a lot of the work off the
  application layer.
• Unordered Delivery SCTP allows for data to be
  sent reliably but unordered.

29
SACKs

• All acknowledgements in SCTP are with SACKs. They
  are useful as they indicate if there are any gaps
  in the transmission.
• TCP can only report four missing data packets in
  a SACK, SCTP allows for much larger amounts to be
  reported.

30
Congestion Control

• This is a critical element in any transport
  protocol.
• It regulates the flow of data entering the
  network, limiting it to accommodate for
  occurrences of congestion.
• SCTP and TCP hold the same congestion control
  mechanism- Additive Increase, Multiplicative
  Decrease (AIMD) congestion window management.

31
SCTP Multi-streaming
32
SCTP Multistreaming
33
What about multistreaming in TCP?

• Multistreaming can be achieved in TCP, however it
  involves opening multiple TCP connections which
  each act as a stream to send data.
• Opening multiple TCP connections is
  TCP-unfriendly, which means that a pair of
  communicating nodes will obtain a larger
  proportion of the available channel bandwidth. 

34
SCTP Multi-Streaming

• The Stream Sequence Number (SSN)

35
SCTP Message Format
36
SCTP Connection close
SHUTDOWN
SHUTDOWN-ACK
SHUTDOWN-CMPL
End-Point A
End-Point Z
No Half Closed State
37
Comparison between SCTP, TCP and UDP
Feature SCTP TCP UDP
Reliable Data Transfer Yes Yes No
Multi-homed Host Support Yes No No
Multi-Stream Support Yes No No
Security against SYN attacks Yes No No
Unordered Data Delivery Yes No Yes
38
Key Issues

• Differences between TCP and SCTP.
• Security Issues
• Performance Analysis
• Implementations
• Conclusion and references

39
Major Differences from TCP

• SCTP is message oriented as opposed to being byte
  stream oriented
• SCTP has the concept of an association instead of
  a connection
• Each association can have multiple streams
• SCTP separates reliable transfer of datagrams
  from the delivery mechanism
• SCTP supports multihoming

40
Security issue in TCP

• Some TCP implementations have been known to be
  vulnerable to blind denial of service attacks,
  i.e., attacks that had been executed by an
  attacker that could not see most of the traffic
  to or from the target host.
• Blind connection forgery is another potential
  threat to TCP. By guessing valid sequence
  numbers, an attacker would be able to forge a
  connection.

41
Hand Shake
TCB-Transmission control block
42
Security issues in SCTP

• To make it hard for blind attackers to inject
  forged SCTP datagrams into existing associations,
  each side of an SCTP association uses a 32 bit
  value called "Verification Tag" to ensure that a
  datagram really belongs to the existing
  association.
• Unlike in TCP, usage of cookie in association
  establishment is made mandatory in SCTP.
• It is important to note that neither TCP nor SCTP
  protect itself from man-in-the-middle attacks
  where an established session might be hijacked

43
Security issues (cont)

• Also, to prevent blind connection/session setup
  forgery, both TCP implementations supporting
  SYN-cookies and SCTP implementations rely on a
  server-known, secret key to protect the HMAC
  data. It must be ensured that this key is created
  subject to the recommendations
• Reference-Network working group, Siemens 2002

44
Performance analysis

• This experiment was conducted on the Linux
  implementation of SCTP,LKSCTP.
• The DataTAG Transatlantic gigabit network extends
  from Geneva to Chicago. (Approx 4000 miles)
• On both sides of the link are two dual processor
  Intel Pentium 4 machines.
• The link is composed of a 1 Gigabit channel.

45
Cont

• Test runs of the 2 protocols (SCTP and then TCP)
  were done for a being able to make a fair
  comparison of the two.
• http//datatag.web.cern.ch/datatag/WP3/sctp/tests.
  htm

46
TCP Outperforms SCTP.
47
Bandwidth for long time intervals
48
Data transfers for long time intervals
49
Data transfers for short time intervals
50
Bandwidth over entire time period
51
Data transfer over entire time period
52
Data Analysis

• The TCP bandwidth drops for long time intervals,
  however still maintaining a sizeable gap over
  SCTP
• It is evident from these results that TCP
  provides a significantly higher bandwidth than
  SCTP, which at times only reaches about 5 of the
  TCP bandwidth. The tests show that this
  performance gap exists across a range of various
  time intervals.

53
Data Analysis

• SCTP is still a new protocol compared to TCP,
  which has been around since the early 1980s. A
  great deal of work has been carried out in regard
  to performance in TCP. The same degree of
  performance work has not been undertaken in SCTP
  yet (although there are plans to do so).
• A substantial amount of time and effort has been
  devoted to work on the Linux TCP stack to improve
  performance this is not the case with LKSCTP,
  which is primarily developed on BSD kernels. 

54
Data analysiscont.

• The priority in the LKSCTP project has been to
  make SCTP feature complete. Only recently have
  they been turning their attention to performance
  issues. The performance gap exists for now, but
  given time the developers will likely be able to
  close the gap.
• The LKSCTP project holds great potential and it
  is probably just a matter of time before the
  performance gap is closed and SCTP becomes a real
  contender with TCP.

55
SCTP Implementations

• Implementation
• The M2PA protocol supports the transport of
  Signaling System Number 7 (SS7)
• M2UA is used for backhauling of SS7 MTP2-User
  signaling messages over IP using the Stream
  Control Transmission Protocol (SCTP).
• M3UA supports the transport of any SS7 MTP3-User
  signalling (such as ISUP and SCCP messages) over
  IP, using the services of the Stream Control
  Transmission Protocol (SCTP)

56
Alternative Protocols

• Multi-homed TCP-by Huitema. This protocol
  unifies multi homing, mobility and network
  renumbering support
• TCP-R By Funato. This protocol implements
  mobility with TCP options.
• TCP migrate
• TCP Multi home options

57
Summary Conclusion

• Like TCP
• Provides connection establishment
• Ensures Reliability
• Provisions for ordered and un-ordered data
• Provides Congestion Control
• In addition to TCP features
• Provides multi-homing
• Provides multi-streaming
• Has security features
• Well suited for Multimedia but cant replace TCP
  yet.
• Present Implementations of SCTP show promise of
  improvements.

58
SCTP References

• Computer.org
• (http//www.computer.org/internet/v5n6/w6wire.htm
  )
• IETF RFC 2960
• (http//www.ietf.org/rfc/rfc2960.txt)
• Stream Control Transmission Protocol (SCTP) A
  Reference Guide, R. Stewart and Q. Xie, Addison
  Wesley
• IBM.com
• (http//oss.software.ibm.com/linux/presentations/
  lwce2002/Chats/SCTP/SCTP-LWE.pdf)

59
3 questions

• 1. What are the major differences between TCP and
  SCTP?
• Ans-
• SCTP is message oriented as opposed to being byte
  stream oriented.
• SCTP has the concept of an association instead of
  a connection .Each association can have multiple
  streams.
• SCTP separates reliable transfer of Datagram from
  the delivery mechanism.
• SCTP supports Multihoming.

60
Ques 2

• 2. How does Multi streaming work in SCTP?
• Ans-
• In SCTP all the streams reside in a single
  association. For each stream in the association,
  the SCTP increases the Stream Sequence Number
  (SSN) for the data chunk generated by the
  application user .These SSN numbers are used by
  the receiver to determine the sequence of
  delivery. The SCTP performs in-sequence delivery
  per stream.

61
3. Comparison between SCTP, TCP and UDP.

• Feature SCTP
  TCP UDP
• State required at endpoints Yes Yes No
• Reliable DataTransfer Yes Yes
  No
• Multi-homed Host Support Yes No No
• Multi-Stream Support Yes No No
• Security against SYN attacks Yes No No
• Unordered Data Delivery Yes No Yes
• Failure detection (Heartbeat) Yes No No