Stream Control Transmission Protocol (SCTP)

1
Stream Control Transmission Protocol (SCTP)

• Acknowledgements
• Prof. Paul Amer
• Randall Stewart Philip Conrad
  Janardhan Iyengar

CISC 856 TCP/IP and Upper Layer
Protocols Presented By Nikhil Shirude November
15, 2007
2
Overview

• Motivation for SCTP
• SCTP PDU and Chunk Format
• SCTP 4-Way Association
• SCTP Association Shutdown
• SCTP Multi-Homing
• Summary

3
SCTP Motivation

• Primary Motivation Transportation of telephony
  signaling messages over IP networks
• Telephony Signaling rigid timing reliability
  requirements
• TCP Limitations
• head-of-line blocking
• does not preserve A-PDU boundaries
• no support for multi-homing
• vulnerable to SYN Flooding attacks
• SCTP Features
• 4 way handshake
• multihoming
• multistreaming
• framing

4
SCTP Overview
5
SCTP PDU Format
Source Port Destination Port
Verification Tag Verification Tag
Checksum Checksum
Chunk 1 Chunk 1

Chunk N Chunk N
Common Header
SCTP PDU
Chunks

• Building blocks of an SCTP PDU
• Common Header which occupies the first 12 bytes
• Header has a CRC-32 checksum.
• Chunks are of two types Control chunks and Data
  chunks

6
SCTP Chunk Format
Type Flag Length
Chunk Information (Multiple of 4 bytes) Chunk Information (Multiple of 4 bytes) Chunk Information (Multiple of 4 bytes)

• Type - Data, Init, SACK, Cookie Echo,
  HeartBeat
• Flag - Bit meanings depend on type
• Length - Defines total size of the chunk
  including type, flags, length
  and data/parameters

7
Some SCTP Chunk Types
Type SCTP TCP
0x00 DATA User data
0x01 INIT SYN
0x02 INIT-ACK
0x03 SACK Selective ACK
0x04 HEARTBEAT Keep-alive message
0x05 HEARTBEAT-ACK
0x07 SHUTDOWN FIN
0x08 SHUTDOWN-ACK
8
SCTP Feature Summary

• What TCP and SCTP both have
• reliability (retransmissions)
• congestion control
• connection oriented
• SCTP adds the following
• 4-way handshake
• to reduce vulnerability to Denial of Service
  attacks
• multihoming
• instead of one IP address per endpointa set of
  IP addresses per endpoint
• framing
• preserve message boundaries
• multistreaming
• instead of one ordered stream, up to 64K
  independent ordered streams

9
First - TCP Connection Establishment
t0
closed
listen
10
Security TCP Flooding Attack
process SYN
(victim) TCP-based web server
(attackers)
spoofed SYNs
Internet

128.3.4.5
192.10.2.8
221.3.5.10
flooded!!
TCB Transport Control Block
11
The SCTP Way 4-way handshake limits attack
process INIT
(victim) SCTP-based web server
(attackers)
spoofed INITs
Internet

128.3.4.5
192.10.2.8
221.3.5.10
No reserved resources No flooding!!
12
SCTP Four-way Association Setup
V Verification tag I Initiate tag
closed
t0
INIT (V0) (ITagA)
cookie wait
INITACK (VTagA) (ITagB)(StateCookie)
closed
1RTT
COOKIEECHO (VTagB) (StateCookie)
cookie echoed
COOKIEACK (VTagA)
2RTT
estabd
data (VTagB)
established
13
What does a Cookie contain?

• Information from original INIT
• Information from current INIT-ACK
• Timestamp
• Life span of cookie (Time to Live)
• Signature for authentication (MD5)

14
SCTP Association Graceful Shutdown
Upper layer invokes SHUTDOWN
estbld
estbld
DATA
DATA
shutdown_pending
SACK
SHUTDOWN
stop accepting data
shutdown_sent
15
shutdown_pending
SHUTDOWN
stop accepting data
DATA
shutdown_sent
shutdown_received
SHUTDOWN SACK
SHUTDOWN_ACK
shutdown_ack_sent
SHUTDOWN_COMPLETE
closed
(delete TCB)
closed
(delete TCB)
16
SCTP Feature Summary

• What TCP and SCTP both have
• reliability (retransmissions)
• congestion control
• connection oriented
• SCTP adds the following
• 4-way handshake
• to reduce vulnerability to Denial of Service
  attacks
• multihoming
• instead of one IP address per endpointa set of
  IP addresses per endpoint
• framing
• preserve message boundaries
• multistreaming
• instead of one ordered stream, up to 64K
  independent ordered streams

17
Multi-Homing
port
Application
132 (IANA)
SCTP
IP addresses
...
IP
Link
...
...
Physical
...
Multi-Homing Technique to improve reachability
of hosts which are reachable on more than 1
destinations (interfaces)
18
Traditional Uni homing

A
Internet
B
client
Web server
19
Traditional Multi homing (TCP)

A1
Internet
B1
A2
B2
client
Web server

• In TCP, host choose 1 of 4 possible
  combinations(A1,B1) or (A1,B2) or (A2,B1) or
  (A2, B2)

20
Innovative Multi homing in SCTP

A1
Internet
B1
A2
B2
client
Web server

• SCTP Multihoming
• Hosts use one association (A1,A2, B1,B2)
• New data sent to one primary destination
• - Let B1 be the web servers primary
  destination
• - Let A1 be the clients primary destination
• Path status and destination reachability
  constantly monitored.

21
Multi-homing Association
single-homed SCTP endpoint
multi-homed SCTP endpoint
Host B
Host A
application
IP1160.15.82.20 IP2161.10.8.221 IP310.1.61.11
application
200
100
SCTP
SCTP
B2
B3
B1
A1
IP128.33.6.12
endpoint128.33.6.12 100
endpoint160.15.82.20, 161.10.8.221, 10.1.61.11
200
SCTP association
Host A
Host B
application
application
IP1160.15.82.20 IP2161.10.8.221 IP310.1.61.11
100
200
SCTP
SCTP
A1
B2
B3
B1
IP128.33.6.12
association 128.33.6.12 100
160.15.82.20, 161.10.8.221, 10.1.61.11 200
22
TCP data transfer without loss
data
data
delivered to application
sent by application
receive buffer (6)
data to be sent
1
2
3
4
5
6
1
3
2
2
3
4
5
6
3
4
5
6
4
5
6
5
6
6
4
5
6

A1
B1
1
2
3
2
3
4
1
4
5
5
6
6
A2
B2
23
TCP data transfer with loss
data
data
delivered to application
sent from application
receive buffer (6)
data to be sent
1
2
3
4
5
6
1
3
2
2
3
4
5
6
4
5
6
retransmission

loss
A1
B1
3
4
1
5
6
1
2
3
2
4
5
6
A2
B2
24
TCP data transfer with single path failure
data
data
delivered to application
sent by application
receive buffer (6)
data to be sent
1
2
3
4
5
6
1
3
2
2
3
4
5
6
3
4
5
6
4
5
6
connection fails!

A1
B1
5
1
5
6
6
1
2
3
2
3
4
4
6
6
5
5
4
4
A2
B2
25
SCTP data transfer without loss
data
data
delivered to application
sent by application
receive buffer (6)
data to be sent
1
2
3
4
5
6
1
3
2
2
3
4
5
6
3
4
5
6
4
5
6
5
6
6
4
5
6

A1
B1
1
2
3
2
3
4
1
4
5
5
6
6
A2
B2
26
SCTP data transfer with loss
data
data
delivered to application
sent from application
receive buffer (6)
data to be sent
1
2
3
4
5
6
1
3
2
2
3
4
5
6
6
4
5
6

loss
A1
B1
1
3
4
5
6
3
4
1
5
6
2
A2
B2
2
2
retransmission
27
SCTP data transfer with single path failure
data
data
delivered to application
sent by application
receive buffer (6)
data to be sent
2
3
1
1
2
3
4
5
6
2
3
4
5
6
3
4
5
6
4
5
6
4
5
5
6
6
6

A1
B1
1
2
3
4
5
6
2
1
5
4
3
6
A2
B2
6
6
5
5
4
4
retransmission
28
Multihoming Example

• Laptop connected via Ethernet and Wireless.
• Both the interfaces are reachable by the peer.
• Ethernet gets disconnected, transmission of data
  fails.
• Failure detected, SCTP uses the wireless
  interface to transmit.
• HEARTBEAT is received.
• Ethernet link is restored.

Heartbeat received
Ethernet
B1
Ethernet

Internet
A1
B2
802.11
A2
802.11
Client Host (SCTP)
New Transmission Path
Server Host (SCTP)
29
SCTP Failure Detection

• Host A monitors reachability of primary dest
  address of Host B

Host A
Host B
application
application
primary
100
alternates
200
SCTP
SCTP
A1
B2
B3
B1
SACK
DATA

• Host A starts the retransmission timer
• If timer expires
• increment error_count
• If error_count gt threshold
• path inactive
• If Host A receives SACK before timer expires
• error_count 0 path active

error_count --gt variable associated with each
destination address of a host. (initially zero)
30
Host A monitors reachability of idle destination
addresses of Host B
Host A
Host B
application
application
primary
100
alternates
200
SCTP
SCTP
A1
B2
B3
B1
HEARTBEAT-ACK
HEARTBEAT

• HEARTBEAT is sent periodically to each idle
  address
• When a HEARTBEAT is sent
• increment error_count
• If error_count gt threshold
• path inactive
• If Host A receives a HEARTBEAT-ACK
• error_count 0 path active
• When primary dest. address is detected
  unreachable gt
• SCTP sender chooses REACHABLE, alternate
  dest. address as primary

31
HEARTBEAT?

• HEARTBEAT is a chunk that an endpoint sends to
  its peer endpoints to probe the reachability
  of a particular destination transport address.
• In our case, the HEARTBEAT is sent to a
  destination address which has been idle for a
  long time to check for its reachability.
• HEARTBEAT ACK is a chunk which an endpoint sends
  to its peer endpoints as a response to a
  HEARBEAT chunk.

32
Summary of SCTP

• SCTP used for applications which require data
  reliability and rigid timing.
• SCTP provides security against DOS attacks by
  using cookies during association
• SCTP association can bind multiple IP addresses
  at each endpoint
• SCTP provides multi-homing for applications that
  require high degree of fault tolerance.

33
Reference Material

• Textbooks
• Stream Control Transmission Protocol (SCTP)
• Randall Stewart, Qiaobing Xie, Addison Wesley,
  2002
• TCP/IP Protocol Suite Chapter 13
• Behrouz Forouzan
• RFCs
• RFC 2960 - Stream Control Transmission Protocol
• RFC 3286 - An Introduction to SCTP
• RFC 4460 - SCTP Specification Errata and Issues

34

• Thank You!!!!