TSIN02 - Internetworking · TCP is relatively vulnerable to denial-of ... logical identification of...
Transcript of TSIN02 - Internetworking · TCP is relatively vulnerable to denial-of ... logical identification of...
TSIN02 - Internetworking
© 2004 Image Coding Group, Linköpings Universitet
Lecture 5: SCTP
Litterature: � Forouzan 3rd ed, Chapter 13� RFC3257 SCTP Applicability Statement� RFC3286 Introduction to SCTP� RFC3309 SCTP (optional extra material)� RFC2960 SCTP Checksum change (optional extra
material)
2
Outline:
� What is SCTP?
� Why SCTP?
� SCTP Architecture
� SCTP Header
� Establishing connections
3
SCPT is a message-oriented, reliable protocol that combines features from TCP and UDP.
But we already have TCP, UDP (and RTP) at the transport layer!
Figure from Forouzan
4
There are some limitations in TCP:� TCP use a strict order-of-transmission delivery
of data
� TCP is stream-oriented on a byte level
� TCP have no support for multihoming
� TCP does not scale well
� TCP is relatively vulnerable to denial-of-service attacks
UDP limitations:� Unreliable Transmission
� No error or congestion control
� No check for out-of-order or duplicated messages
PSTN signaling has been the main motivation for SCTP
5
When (1998) the SIGTRAN working group started to design a transport protocol for transport of signaling protocols they identified the following points as important (RFC2719):� Transport a variety of SCN (Switched Circuit Network) protocol types, eg MTP3, ISUP,
SCCP, TCAP etc., with the ability of providing a way to identify the specific SCN protocol being transported.
� Provide a common base protocol defining header formats, security extensions and procedures for signaling transport, and support extensions to add individual SCN protocols if needed.
� Together with IP, provide the relevant functionality as defined by the SCN lower layer.
� Support the ability to multiplex several higher layer SCN sessions on one underlying signaling transport session. This allows, for example, several DSS1 D-channel session sto be carried in one signaling transport session
� Be able to transport complete messages of greater length than the underlying SCN segmentation/reassembly limitations.
� Allow for a range of suitable robust security schemes to protect signaling information being carried across networks.
� Provide for congestion avoidance on the internet by supporting appropriate controls on signaling traffic generation and reaction to network congestion.
6
� Relevant lower layer functionality may include:� flow control� in sequence delivery of signaling messages within a control
stream� logical identification of the entities on which the signaling
messages originate or terminate� logical identification of the physical interface controlled by the
signaling message� error detection� recovery from failure of components in the transit path� retransmission and other error correcting methods� detection of unavailability of peer entities
7
� Ability to discover the Maximum Transfer Unit (MTU) of the path used and possibility to fragment user data to conform to this MTU
� Possibility of sending user messages within multiple streams inside the same association. Sequenced delivery of the user messages sent through the same stream, and possibility of order-of-arrival delivery of individual user messages.
� Possibility of bundling multiple user messages into a single packet.
8
Many protocols were suggested, eg� Reliable UDP� UDP for TCAP (T/UDP)� Simple SCCP Tunneling Protocol� PURDET� Multi-Network Datagram Transmission Protocol (MDTP)
All of the above were designed to run on top of UDP!
Finally SCTP were developed from MDTP.
9
In 1998 The SIGTRAN working group was formed by the IETF. The motivation was to move existing telephone signaling protocols to run over IP. At that time several different protocols were suggested, all running over UDP. Finally SCTP was designed based on a protocol called MDTP (Multi-network Datagram Transmission Protocol).
RFC2960 was published in October 2000. After that, the Transport Area Working Group (TSVWG) took over the responsibility for the continued work on SCTP. Some updates and extensions have been designed, eg an updated checksum algorithm.
10
SCTP offers the following services:� acknowledged error-free non-duplicated transfer of user data� data fragmentation to conform to discovered path MTU size� sequenced delivery of user messages within multiple streams,
with an option for order-of-arrival delivery of individual user messages
� optional bundling of multiple user messages into a single SCTP packet
� network-level fault tolerance through supporting of multihoming at either or both ends of an association
The design of SCTP includes appropriate congestion avoidance behavior and resistance to flooding and masquerade attacks.
11
� Connection state at endpoints� Reliable data transfer� Congestion control and avoidance� Message boundary conservation� Path MTU discovery and message fragmentation� Message bundling� Multi-homed hosts support� Multi-stream support� Unordered data delivery possible� State cookie against SYN flood attack� Built in heartbeat (reachability check)
12
� In SCTP the data reliability mechanism has been separated from the message ordering mechanism
� A Stream in SCTP means a sequence of messages� Independent messages can be transferred in parallel without
any interdependency (ie in different streams)� Unordered message delivery is possible
Figure from Forouzan
13
� Several IP addresses can be listed during handshake� Both IPv4 and IPv6 addresses are valid.� One path is chosen as primary� Other paths are checked for availability through Heartbeat� Retransmissions are send on a different path� Switch path if congested.
Figure from Forouzan 14
SCTP have been designed with these security objectives:� availability of reliable and timely data transport services� integrity of the user-to-user information carried by SCTP
SCTP includes mechanisms that protects against blind denial-of -service attacks
(A blind attack is one where the attacker is unable to intercept or otherwise see the content of data flows passing to and from the target SCTP node)
These include the 4-way handshake with a cookie and delayed commitment to resources.
15
� SCTP uses checksums and retransmissions to achieve reliable transfers
� SCTP have built in support for selective acknowledgment
16
Flow and Congestion control in SCTP is mostly similar to that of TCP, ie sliding windows, slow start, additive increase etc
Differences are due to:� SCTP supports multiple streams, all are handled by the same
congestion control.� SCTP supports multihoming, the different paths typically have
different congestion control parameters.
17
� The communication relationship is called an SCTP association� There can be only one association between two endpoints.� An endpoint is defined by a port number and one or more IP
addresses.
User App.
IP Network Service
User App.
SCTP Transport Service
IP Network Service
SCTP Transport Service
SCTP Node A SCTP Node BOne or moreIP-addressappearance
18
� Stream queue management � User message fragmentation� Generating acknowledgments� Congestion avoidance� Data bundling� Packet validation� Path management
19
In SCTP connection is established through a 4-way handshake:
Figure from Forouzan 20
SCTP Uses a 3-message procedure to allow for a graceful shutdown. There is also a non-graceful abort possible.
SCTP does not support “half-open” connections
Figure from Forouzan
21
During connection establishment the SCTP endpoints goes through a set of states in response to various events.
CLOSED
rcv INIT(Generate cookiesnd INIT ACK)
From any state
COOKIE WAIT
COOKIE-ECHOED
ESTABLISHED
rcv valid COOKIE ECHO(create TCBsnd COOKIE ACK)
(create TCBsnd INITstrt init timer)
rcv COOKIE ECHO (snd COOKIE ECHO,stop init timer, strt cookie timer
rcv COOKIE ACK(stop cookie timer)
TSIN02 - Internetworking
22
State Example
Figure from Forouzan
23
� The data unit it SCTP is a chunk.� Contains at most one message from the sender� All chunks in an association are numbered using
Transmission Sequence Numbers (TSN), in order.� There are two types of chunks, data chunks and control
chunks.� Each stream in an association is identified with its Stream
Identifier (SI).� In each stream the chunks are numbered using Stream
Sequence Numbers (SSN), in order.� Several chunks, possibly from different streams, can be sent at
the same time in SCTP packets. A packet contains a packet header and a number of chunks.
24Figure from Forouzan
TSIN02 - Internetworking
25
SCTP Packet Format
Figure from Forouzan 26Figure from Forouzan
TSIN02 - Internetworking
27
Chunk Field Format
Chunk Type (8 bits): Identifies the type of information contained in the Chunk Value field.
Chunk Flags (8 bits): Usage depends on the chunk type.
Chunk Length (16 bits): The size of the chunk in bytes, including type, flags, length and value fields.
Chunk Value (variable length): Contains the actual information to be transmitted.
Figure from Forouzan
TSIN02 - Internetworking
28
Chunk Types
Figure from Forouzan
29
New chunk types may be developed.
Chunk types are ordered so that the highest order two bits specify the action that must be taken if the endpoint does not recognise the chunk type.
� 00 - stop processing and discard the packet� 01 - stop processing and discard the packet and send an error
report� 10 - skip this chunk and continue processing� 11 - skip this chunk and continue processing and send an error
report
30
U – UnorderedB – Beginning of messageE – End of message
Figure from Forouzan
31Figure from Forouzan 32Figure from Forouzan
33
Cookie Echo:
Cookie Ack:
Figures from Forouzan 34Figure from Forouzan
35
� Telephone signaling – SS7, SIP, MEGACO...� Web pages� Ftp� Mobile SCTP� MPEG4 video (?)� Instant messaging� AAA messaging - DIAMETER� ...
36
The following timers are used within SCTP:� init timer� cookie timer� retransmission timer� shutdown timer� heartbeat timer
37Figure from Forouzan 38
� Open source – can be found at www.sctp.org� Huges � Artesyn Communication Products Inc� ...
SCTP is currently included in SUN Solaris, HP-UX, IBM AIX ...
Proprietary implementations have been made by� Cisco� Siemens� Nokia� Ericsson?� ...
39
WWW:
� www.ietf.org/html.charters/sigtran-charter.html� www.ietf.org/html.charters/tsvwg-charter.html� www.sctp.org� http://tdrwww.exp-math.uni-essen.de/inhalt/forschung/sctp_fb/
Articles:
� “Improving File Transfers Using SCTP Multistreaming” by S. Lahda and P.D.Amer, IPCCC 2004
� “Using SCTP with Partial Reliability for MPEG-4 Multimedia Streaming” by M. Molteni and M. Villari, BSDCon Europe 2002
� “A Modified SCTP Handover Scheme for Real Time Traffic” by A. Kelly, P. Perry and J. Murphy, HETNETs '03
Books:
� “Stream Control Transmission Protocol (SCTP) – A Reference Guide” by R.R Stewart and Qiaobing Xie
40
SCTP is a new transport protocol that � like TCP provides connection-oriented and reliable tranmission
of data� unlike TCP supports multiple streams within one connection� unlike TCP supports multihoming� Have built in protection against blind denial-of-service attacks� was designed for use with PSTN signaling.� Can be used for transmission of SIP signals, webpages, ftp
mobile SCTP...