Title: SCTP Stream Control Transmission Protocol
1SCTPStream Control Transmission Protocol
- Ramakrishna Velagapudi
- Sudheer kumar Adumulla
- Karthik Dhoopati
2SCTP-Outline
- Motivation
- Overview of SCTP
- Architectural View of SCTP
- Functional View of SCTP
- Features of SCTP
- Message Formats
- Comparison with other protocols
- Security issues
- Performance issues
- Current Implementations
- Conclusions
3Network-level architecture
4SCTP Motivation (contd )
- New applications
- Migration from PSTN to Packet based Internet
- Telephony signaling messages
- Shortcomings of existing protocols
- TCP
- head-of-line blocking
- Byte-oriented, not message-oriented
- Multi-homing support not built in
- DoS attack prone
- UDP
- No Reliability
- Absence of congestion control
- Absence of flow control
5SCTP Motivation (contd )
- Many applications need reliable message delivery
they do so by delineating a TCP stream - TCP provides both strict-ordering and reliability
many applications may not need both - HTTP is one such application
- While transferring multiple embedded files we
only want - Reliable file transfer for each file
- Partial ordering for the packets of each file but
not total ordering amongst all the packets - TCP provides more than this (but overhead?)
- SCTP may help (how? later)
6SCTP-Motivation HTTP Server Architecture
- Single File Transfer ( Both TCP and SCTP are
similar)
Child process
7SCTP-Motivation HTTP Server Architecture
- Multiple File Transfer (Embedded files)- TCP
Child process
8SCTP-Motivation HTTP Server Architecture
- Multiple Files Transfer (Embedded Files) SCTP
Child process
9What is SCTP?- Overview
- Originally designed to support PSTN signaling
messages over IP Networks - It is a reliable transport protocol operating on
top of a connectionless packet network such as IP
(same level as TCP)
10SCTP Overview (contd )
- SCTP is a reliable transport protocol operating
on top of a connectionless packet network such as
IP. RFC 2960 - Has built-in support for multi-homed hosts
- Is message-based conserves the message
boundaries. - Classifies messages as
- sequenced delivery of user messages within
multiple streams - with an option for un-ordered delivery of
individual user messages - Additional security mechanisms
11Architectural View of SCTP
- The basic service offered by SCTP is reliable
transfer of user messages between peer SCTP
users. - Each end point provides a list of transport
addresses to the other end point (i.e., multiple
IP addresses in combination with an SCTP port).
12Architectural View of SCTP
- The association spans transfers over all of the
possible source/destination combinations which
may be generated from each endpoint's lists.
13Functional View of SCTP
- Association startup and takedown.
- Sequenced delivery within streams.
- User data fragmentation.
- Acknowledgement and congestion avoidance.
- Chunk bundling.
- Packet validation.
- Path management.
14Functional View of SCTPAssociation startup and
takedown.
- An association is initiated by a request from the
SCTP user. - A cookie mechanism is employed during the
initialization to provide protection against
security attacks. - SCTP provides a graceful (with the SHUTDOWN
primitive) ,as well as an ungraceful close (i.e.,
abort). - SCTP does not support a half-open state (like
TCP) wherein one side may continue sending data
while the other is closed.
15Functional View of SCTP Sequenced delivery
within streams
- Stream Sequence of user messages.
- SCTP user can specify at association startup time
the number of streams to be supported. - SCTP assigns a stream sequence number to each
message. - In the receiving side, it ensures that messages
are delivered in sequence with in a given stream. - While one stream may be blocked waiting for the
next in-sequence user message, delivery from
other streams may proceed.
16Functional View of SCTP User data
fragmentation.
- SCTP can fragment user messages to ensure that
the SCTP packet passed to the lower layer
confirms to the path MTU. - On receipt, fragments are reassembled into
complete messages before being passed to the SCTP
user.
17Functional View of SCTP ACK and congestion
avoidance.
- SCTP assigns a Transmission Sequence Number (TSN,
independent of stream sequence number) to each
user data fragment or unfragmented message. - The receiving end acknowledges all TSNs.
- The acknowledgement and congestion avoidance
function is responsible for packet retransmission
when timely ACK is not received. - Congestion avoidance procedures similar to those
used for TCP are used.
18Functional View of SCTP Chunk bundling
- Each chunk may contain either user data or SCTP
control information. - Chunk bundling function is responsible for the
assembly of the complete SCTP packet and its
disassembly at the receiving end.
19Functional View of SCTP Packet validation
- A mandatory verification tag field and a 32 bit
checksum field are included in the SCTP common
header. - Packets received without the expected
Verification Tag value are discarded (as a
protection against blind masquerade attacks). - ckecksum provides protection against data
corruption in the network.
20Functional View of SCTP Path management
- Monitors Reachability.
- Responsible for reporting the eligible set local
transport addresses.. - At association start-up, a primary path is
defined for each SCTP end point. - On the receiving end, the path management is
responsible for verifying the existence of a
valid SCTP association to which the inbound SCTP
packet belongs before passing it for further
processing.
21SCTP Key Features
- Connection set-up
- Multi-homing
- Data sending
- Multi-streaming
- Connection shut-down
22 SCTP Connection setup
(SYN) INIT
(SYN-ACK) INIT-ACK
COOKIE-ECHO
COOKIE-ACK
End-Point A
End-Point Z
23Hand Shake
TCB-Transmission control block
24SCTP Multi-homing
Internet
End-Point A
End-Point Z
25SCTP Multi-Homing
- SCTP endpoints exchange the lists of IP addresses
used at the remote endpoint. One of the listed IP
addresses will be designed as the primary
address. - If the primary address repeatedly drops chunks,
however, all chunks will be transmitted to an
alternate address.
26SCTP Data sending
27Data DeliveryTCP
- Data transmission in TCP is byte-stream oriented
in SCTP, it is message-oriented. - In TCP, data is transported as a consecutive
stream of bytes between two endpoints. - The receiving application will need to do some
complex buffering and framing to reconstruct the
messages.
28Data DeliverySCTP
- SCTP Each message is delivered as a complete
read, which lifts a lot of the work off the
application layer. - Unordered Delivery SCTP allows for data to be
sent reliably but unordered.
29SACKs
- All acknowledgements in SCTP are with SACKs. They
are useful as they indicate if there are any gaps
in the transmission. - TCP can only report four missing data packets in
a SACK, SCTP allows for much larger amounts to be
reported.
30Congestion Control
- This is a critical element in any transport
protocol. - It regulates the flow of data entering the
network, limiting it to accommodate for
occurrences of congestion. - SCTP and TCP hold the same congestion control
mechanism- Additive Increase, Multiplicative
Decrease (AIMD) congestion window management.
31SCTP Multi-streaming
32SCTP Multistreaming
33What about multistreaming in TCP?
- Multistreaming can be achieved in TCP, however it
involves opening multiple TCP connections which
each act as a stream to send data. - Opening multiple TCP connections is
TCP-unfriendly, which means that a pair of
communicating nodes will obtain a larger
proportion of the available channel bandwidth.
34SCTP Multi-Streaming
- The Stream Sequence Number (SSN)
35SCTP Message Format
36SCTP Connection close
SHUTDOWN
SHUTDOWN-ACK
SHUTDOWN-CMPL
End-Point A
End-Point Z
No Half Closed State
37Comparison between SCTP, TCP and UDP
Feature SCTP TCP UDP
Reliable Data Transfer Yes Yes No
Multi-homed Host Support Yes No No
Multi-Stream Support Yes No No
Security against SYN attacks Yes No No
Unordered Data Delivery Yes No Yes
38Key Issues
- Differences between TCP and SCTP.
- Security Issues
- Performance Analysis
- Implementations
- Conclusion and references
39Major Differences from TCP
- SCTP is message oriented as opposed to being byte
stream oriented - SCTP has the concept of an association instead of
a connection - Each association can have multiple streams
- SCTP separates reliable transfer of datagrams
from the delivery mechanism - SCTP supports multihoming
40Security issue in TCP
- Some TCP implementations have been known to be
vulnerable to blind denial of service attacks,
i.e., attacks that had been executed by an
attacker that could not see most of the traffic
to or from the target host. - Blind connection forgery is another potential
threat to TCP. By guessing valid sequence
numbers, an attacker would be able to forge a
connection.
41Hand Shake
TCB-Transmission control block
42Security issues in SCTP
- To make it hard for blind attackers to inject
forged SCTP datagrams into existing associations,
each side of an SCTP association uses a 32 bit
value called "Verification Tag" to ensure that a
datagram really belongs to the existing
association. - Unlike in TCP, usage of cookie in association
establishment is made mandatory in SCTP. - It is important to note that neither TCP nor SCTP
protect itself from man-in-the-middle attacks
where an established session might be hijacked
43Security issues (cont)
- Also, to prevent blind connection/session setup
forgery, both TCP implementations supporting
SYN-cookies and SCTP implementations rely on a
server-known, secret key to protect the HMAC
data. It must be ensured that this key is created
subject to the recommendations - Reference-Network working group, Siemens 2002
44Performance analysis
- This experiment was conducted on the Linux
implementation of SCTP,LKSCTP. - The DataTAG Transatlantic gigabit network extends
from Geneva to Chicago. (Approx 4000 miles) - On both sides of the link are two dual processor
Intel Pentium 4 machines. - The link is composed of a 1 Gigabit channel.
45Cont
- Test runs of the 2 protocols (SCTP and then TCP)
were done for a being able to make a fair
comparison of the two. - http//datatag.web.cern.ch/datatag/WP3/sctp/tests.
htm
46TCP Outperforms SCTP.
47Bandwidth for long time intervals
48Data transfers for long time intervals
49Data transfers for short time intervals
50Bandwidth over entire time period
51Data transfer over entire time period
52Data Analysis
- The TCP bandwidth drops for long time intervals,
however still maintaining a sizeable gap over
SCTP - It is evident from these results that TCP
provides a significantly higher bandwidth than
SCTP, which at times only reaches about 5 of the
TCP bandwidth. The tests show that this
performance gap exists across a range of various
time intervals.
53Data Analysis
- SCTP is still a new protocol compared to TCP,
which has been around since the early 1980s. A
great deal of work has been carried out in regard
to performance in TCP. The same degree of
performance work has not been undertaken in SCTP
yet (although there are plans to do so). - A substantial amount of time and effort has been
devoted to work on the Linux TCP stack to improve
performance this is not the case with LKSCTP,
which is primarily developed on BSD kernels.
54Data analysiscont.
- The priority in the LKSCTP project has been to
make SCTP feature complete. Only recently have
they been turning their attention to performance
issues. The performance gap exists for now, but
given time the developers will likely be able to
close the gap. - The LKSCTP project holds great potential and it
is probably just a matter of time before the
performance gap is closed and SCTP becomes a real
contender with TCP.
55SCTP Implementations
- Implementation
- The M2PA protocol supports the transport of
Signaling System Number 7 (SS7) - M2UA is used for backhauling of SS7 MTP2-User
signaling messages over IP using the Stream
Control Transmission Protocol (SCTP). - M3UA supports the transport of any SS7 MTP3-User
signalling (such as ISUP and SCCP messages) over
IP, using the services of the Stream Control
Transmission Protocol (SCTP)
56Alternative Protocols
- Multi-homed TCP-by Huitema. This protocol
unifies multi homing, mobility and network
renumbering support - TCP-R By Funato. This protocol implements
mobility with TCP options. - TCP migrate
- TCP Multi home options
57Summary Conclusion
- Like TCP
- Provides connection establishment
- Ensures Reliability
- Provisions for ordered and un-ordered data
- Provides Congestion Control
- In addition to TCP features
- Provides multi-homing
- Provides multi-streaming
- Has security features
- Well suited for Multimedia but cant replace TCP
yet. - Present Implementations of SCTP show promise of
improvements. -
58SCTP References
- Computer.org
- (http//www.computer.org/internet/v5n6/w6wire.htm
) - IETF RFC 2960
- (http//www.ietf.org/rfc/rfc2960.txt)
- Stream Control Transmission Protocol (SCTP) A
Reference Guide, R. Stewart and Q. Xie, Addison
Wesley - IBM.com
- (http//oss.software.ibm.com/linux/presentations/
lwce2002/Chats/SCTP/SCTP-LWE.pdf)
593 questions
- 1. What are the major differences between TCP and
SCTP? - Ans-
- SCTP is message oriented as opposed to being byte
stream oriented. - SCTP has the concept of an association instead of
a connection .Each association can have multiple
streams. - SCTP separates reliable transfer of Datagram from
the delivery mechanism. - SCTP supports Multihoming.
60Ques 2
- 2. How does Multi streaming work in SCTP?
- Ans-
- In SCTP all the streams reside in a single
association. For each stream in the association,
the SCTP increases the Stream Sequence Number
(SSN) for the data chunk generated by the
application user .These SSN numbers are used by
the receiver to determine the sequence of
delivery. The SCTP performs in-sequence delivery
per stream.
613. Comparison between SCTP, TCP and UDP.
- Feature SCTP
TCP UDP - State required at endpoints Yes Yes No
- Reliable DataTransfer Yes Yes
No - Multi-homed Host Support Yes No No
- Multi-Stream Support Yes No No
- Security against SYN attacks Yes No No
- Unordered Data Delivery Yes No Yes
- Failure detection (Heartbeat) Yes No No