draft-ietf-sigtran-sctp-06.txt   draft-ietf-sigtran-sctp-07.txt 
skipping to change at page 91, line ? skipping to change at line 20
Nortel Networks Nortel Networks
I. Rytina I. Rytina
Ericsson Ericsson
M. Kalla M. Kalla
Telcordia Telcordia
L. Zhang L. Zhang
UCLA UCLA
V. Paxson V. Paxson
ACIRI ACIRI
expires in six months February 23,2000 expires in six months March 2,2000
Simple Control Transmission Protocol Simple Control Transmission Protocol
<draft-ietf-sigtran-sctp-06.txt> <draft-ietf-sigtran-sctp-07.txt>
Status of This Memo Status of This Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC 2026. Internet-Drafts are working provisions of Section 10 of RFC 2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
skipping to change at page 91, line ? skipping to change at line 96
2.3.1.1 Optional or Variable Length Parameters..............19 2.3.1.1 Optional or Variable Length Parameters..............19
2.3.2 Initiation Acknowledgment (INIT ACK)....................20 2.3.2 Initiation Acknowledgment (INIT ACK)....................20
2.3.2.1 Optional or Variable Length Parameters..............21 2.3.2.1 Optional or Variable Length Parameters..............21
2.3.3 Selective Acknowledgment (SACK).........................22 2.3.3 Selective Acknowledgment (SACK).........................22
2.3.4 Heartbeat Request (HEARTBEAT)...........................25 2.3.4 Heartbeat Request (HEARTBEAT)...........................25
2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26 2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26
2.3.6 Abort Association (ABORT)...............................26 2.3.6 Abort Association (ABORT)...............................26
2.3.7 Shutdown Association (SHUTDOWN).........................27 2.3.7 Shutdown Association (SHUTDOWN).........................27
2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28 2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28
2.3.9 Operation Error (ERROR).................................28 2.3.9 Operation Error (ERROR).................................28
2.3.10 Encryption Cookie (COOKIE).............................30 2.3.10 State Cookie (COOKIE)..................................30
2.3.11 Cookie Acknowledgment (COOKIE ACK).....................31 2.3.11 Cookie Acknowledgment (COOKIE ACK).....................31
2.3.12 Payload Data (DATA)....................................31 2.3.12 Payload Data (DATA)....................................31
2.4 Vendor-Specific Chunk Extensions............................33 2.4 Vendor-Specific Chunk Extensions............................33
3. SCTP Association State Diagram.................................34 3. SCTP Association State Diagram.................................34
4. Association Initialization.....................................36 4. Association Initialization.....................................36
4.1 Normal Establishment of an Association......................37 4.1 Normal Establishment of an Association......................37
4.1.1 Handle Stream Parameters................................38 4.1.1 Handle Stream Parameters................................39
4.1.2 Handle Address Parameters...............................39 4.1.2 Handle Address Parameters...............................39
4.1.3 Generating Encryption Cookie............................39 4.1.3 Generating State Cookie.................................39
4.1.4 Cookie Processing.......................................40 4.1.4 Cookie Processing.......................................40
4.1.5 Cookie Authentication...................................40 4.1.5 Cookie Authentication...................................40
4.1.6 An Example of Normal Association Establishment..........41 4.1.6 An Example of Normal Association Establishment..........41
4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42 4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42
4.2.1 Handle Duplicate INIT in COOKIE-WAIT 4.2.1 Handle Duplicate INIT in COOKIE-WAIT
or COOKIE-SENT States...................................43 or COOKIE-SENT States...................................43
4.2.2 Handle Duplicate INIT in Other States...................43 4.2.2 Handle Duplicate INIT in Other States...................43
4.2.3 Handle Duplicate INIT ACK...............................43 4.2.3 Handle Duplicate INIT ACK...............................43
4.2.4 Handle Duplicate COOKIE.................................43 4.2.4 Handle Duplicate COOKIE.................................43
4.2.5 Handle Duplicate COOKIE-ACK.............................45 4.2.5 Handle Duplicate COOKIE-ACK.............................45
4.2.6 Handle Stale COOKIE Error...............................45 4.2.6 Handle Stale COOKIE Error...............................45
4.3 Other Initialization Issues.................................45 4.3 Other Initialization Issues.................................45
Stewart, et al [Page 3] Stewart, et al [Page 3]
4.3.1 Selection of Tag Value..................................45 4.3.1 Selection of Tag Value..................................45
5. User Data Transfer.............................................46 5. User Data Transfer.............................................46
5.1 Transmission of DATA Chunks.................................47 5.1 Transmission of DATA Chunks.................................47
5.2 Acknowledgment of Reception of DATA Chunks..................48 5.2 Acknowledgment of Reception of DATA Chunks..................48
5.2.1 Tracking Peer's Receive Buffer Space....................49 5.2.1 Tracking Peer's Receive Buffer Space....................49
5.3 Management Retransmission Timer.............................49 5.3 Management Retransmission Timer.............................50
5.3.1 RTO Calculation.........................................50 5.3.1 RTO Calculation.........................................50
5.3.2 Retransmission Timer Rules..............................51 5.3.2 Retransmission Timer Rules..............................51
5.3.3 Handle T3-rxt Expiration................................52 5.3.3 Handle T3-rxt Expiration................................52
5.4 Multi-homed SCTP Endpoints..................................52 5.4 Multi-homed SCTP Endpoints..................................53
5.4.1 Failover from Inactive Destination Address..............53 5.4.1 Failover from Inactive Destination Address..............54
5.5 Stream Identifier and Stream Sequence Number................53 5.5 Stream Identifier and Stream Sequence Number................54
5.6 Ordered and Un-ordered Delivery.............................54 5.6 Ordered and Un-ordered Delivery.............................54
5.7 Report Gaps in Received DATA TSNs...........................54 5.7 Report Gaps in Received DATA TSNs...........................55
5.8 Adler-32 Checksum Calculation...............................55 5.8 Adler-32 Checksum Calculation...............................56
5.9 Segmentation................................................56 5.9 Segmentation................................................57
5.10 Bundling and Multiplexing..................................57 5.10 Bundling and Multiplexing..................................58
6. Congestion Control ..........................................57 6. Congestion Control ..........................................58
6.1 SCTP Differences from TCP Congestion Control................58 6.1 SCTP Differences from TCP Congestion Control................59
6.2 SCTP Slow-Start and Congestion Avoidance....................59 6.2 SCTP Slow-Start and Congestion Avoidance....................59
6.2.1 Slow-Start..............................................59 6.2.1 Slow-Start..............................................60
6.2.2 Congestion Avoidance....................................60 6.2.2 Congestion Avoidance....................................61
6.2.3 Congestion Control......................................61 6.2.3 Congestion Control......................................61
6.2.4 Fast Retransmit on Gap Reports..........................61 6.2.4 Fast Retransmit on Gap Reports..........................62
6.3 Path MTU Discovery..........................................62 6.3 Path MTU Discovery..........................................63
7. Fault Management..............................................63 7. Fault Management..............................................64
7.1 Endpoint Failure Detection..................................63 7.1 Endpoint Failure Detection..................................64
7.2 Path Failure Detection......................................63 7.2 Path Failure Detection......................................64
7.3 Path Heartbeat..............................................64 7.3 Path Heartbeat..............................................65
7.4 Handle "Out of the blue" Packets............................65 7.4 Handle "Out of the blue" Packets............................66
7.5 Verification Tag............................................65 7.5 Verification Tag............................................67
7.5.1 Exceptions in Verification Tag Rules....................66 7.5.1 Exceptions in Verification Tag Rules....................67
8. Termination of Association.....................................66 8. Termination of Association.....................................68
8.1 Close of an Association.....................................66 8.1 Close of an Association.....................................68
8.2 Shutdown of an Association..................................67 8.2 Shutdown of an Association..................................68
9. Interface with Upper Layer.....................................68 9. Interface with Upper Layer.....................................69
9.1 ULP-to-SCTP.................................................68 9.1 ULP-to-SCTP.................................................70
9.2 SCTP-to-ULP.................................................76 9.2 SCTP-to-ULP.................................................78
10. Security Considerations.......................................79 10. Security Considerations.......................................82
10.1 Security Objectives........................................79 10.1 Security Objectives........................................82
10.2 SCTP Responses To Potential Threats........................79 10.2 SCTP Responses To Potential Threats........................82
10.2.1 Countering Insider Attacks.............................79 10.2.1 Countering Insider Attacks.............................82
10.2.2 Protecting against Data Corruption in the Network......79 10.2.2 Protecting against Data Corruption in the Network......83
10.2.3 Protecting Confidentiality.............................80 10.2.3 Protecting Confidentiality.............................83
10.2.4 Protecting against Blind Denial of Service Attacks.....80 10.2.4 Protecting against Blind Denial of Service Attacks.....83
10.2.4.1 Flooding...........................................80 10.2.4.1 Flooding...........................................84
10.2.4.2 Masquerade.........................................81 10.2.4.2 Masquerade.........................................84
10.2.4.3 Improper Monopolization of Services................81 10.2.4.3 Improper Monopolization of Services................85
10.3 Protection against Fraud and Repudiation...................82 10.3 Protection against Fraud and Repudiation...................85
11. Recommended Transmission Control Block (TCB) Parameters.......83 11. Recommended Transmission Control Block (TCB) Parameters.......86
12. IANA Consideration............................................86 11.1 Parameters necessary for the SCTP instance.................86
12.1 IETF-defined Chunk Extension...............................86 11.2 Parameters necessary per association (i.e. the TCB)........87
12.2 IETF-defined Chunk Parameter Extension.....................87 11.3 Per Transport Address Data.................................88
12.3 IETF-defined Additional Error Causes.......................88 11.4 General Parameters Needed..................................89
12.4 Payload Protocol Identifiers...............................88 12. IANA Consideration............................................89
12.1 IETF-defined Chunk Extension...............................89
12.2 IETF-defined Chunk Parameter Extension.....................90
12.3 IETF-defined Additional Error Causes.......................91
12.4 Payload Protocol Identifiers...............................92
Stewart, et al [Page 4] Stewart, et al [Page 4]
13. Suggested SCTP Protocol Parameter Values......................89 13. Suggested SCTP Protocol Parameter Values......................92
14. Acknowledgments...............................................89 14. Acknowledgments...............................................92
15. Authors' Addresses............................................89 15. Authors' Addresses............................................93
16. References....................................................90 16. References....................................................94
Appendix A .......................................................95
1. Introduction 1. Introduction
This section explains the reasoning behind the development of the This section explains the reasoning behind the development of the
Simple Control Transmission Protocol (SCTP), the services it offers, Simple Control Transmission Protocol (SCTP), the services it offers,
and the basic concepts needed to understand the detailed description and the basic concepts needed to understand the detailed description
of the protocol. of the protocol.
1.1 Motivation 1.1 Motivation
skipping to change at page 91, line ? skipping to change at line 531
o Transmission Control Block (TCB): an internal data structure o Transmission Control Block (TCB): an internal data structure
created by an SCTP endpoint for each of its existing SCTP created by an SCTP endpoint for each of its existing SCTP
associations to other SCTP endpoints. TCB contains all the status associations to other SCTP endpoints. TCB contains all the status
and operational information for the endpoint to maintain and manage and operational information for the endpoint to maintain and manage
the corresponding association. the corresponding association.
o Network Byte Order: Most significant byte first, a.k.a Big Endian. o Network Byte Order: Most significant byte first, a.k.a Big Endian.
1.5. Abbreviations 1.5. Abbreviations
MD5 - MD5 Message-Digest Algorithm [4] ICV - Integrity Check Value [4]
RTO - Retransmission Time-out RTO - Retransmission Time-out
RTT - Round-trip Time RTT - Round-trip Time
RTTVAR - Round-trip Time Variation RTTVAR - Round-trip Time Variation
SCTP - Simple Control Transmission Protocol SCTP - Simple Control Transmission Protocol
SRTT - Smoothed RTT SRTT - Smoothed RTT
skipping to change at page 91, line ? skipping to change at line 677
00000000 - Payload Data (DATA) 00000000 - Payload Data (DATA)
00000001 - Initiation (INIT) 00000001 - Initiation (INIT)
00000010 - Initiation Acknowledgment (INIT ACK) 00000010 - Initiation Acknowledgment (INIT ACK)
00000011 - Selective Acknowledgment (SACK) 00000011 - Selective Acknowledgment (SACK)
00000100 - Heartbeat Request (HEARTBEAT) 00000100 - Heartbeat Request (HEARTBEAT)
00000101 - Heartbeat Acknowledgment (HEARTBEAT ACK) 00000101 - Heartbeat Acknowledgment (HEARTBEAT ACK)
00000110 - Abort (ABORT) 00000110 - Abort (ABORT)
00000111 - Shutdown (SHUTDOWN) 00000111 - Shutdown (SHUTDOWN)
00001000 - Shutdown Acknowledgment (SHUTDOWN ACK) 00001000 - Shutdown Acknowledgment (SHUTDOWN ACK)
00001001 - Operation Error (ERROR) 00001001 - Operation Error (ERROR)
00001010 - Encryption Cookie (COOKIE) 00001010 - State Cookie (COOKIE)
00001011 - Cookie Acknowledgment (COOKIE ACK) 00001011 - Cookie Acknowledgment (COOKIE ACK)
00001100 to 11111101 - reserved by IETF 00001100 - Reserved for Explict Congestion Notification Echo (ECNE)
00001101 - Reserved for Congestion Window Reduced (CWR)
00001110 to 11111101 - reserved by IETF
11111110 - Vendor-specific Chunk Extensions 11111110 - Vendor-specific Chunk Extensions
11111111 - IETF-defined Chunk Extensions 11111111 - IETF-defined Chunk Extensions
Note: The ENCE and CWR chunk types are reserved for future use of Explicit
Congestion Notification (ECN).
Chunk Flags: 8 bits Chunk Flags: 8 bits
The usage of these bits depends on the chunk type as given by the The usage of these bits depends on the chunk type as given by the
Chunk ID. Unless otherwise specified, they are set to zero on Chunk ID. Unless otherwise specified, they are set to zero on
transmit and are ignored on receipt. transmit and are ignored on receipt.
Chunk Length: 16 bits (u_int) Chunk Length: 16 bits (u_int)
This value represents the size of the chunk in octets including the This value represents the size of the chunk in octets including the
Chunk ID, Flags, Length, and Value fields. Therefore, if the Value Chunk ID, Flags, Length, and Value fields. Therefore, if the Value
skipping to change at page 91, line ? skipping to change at line 880
/ Optional/Variable-Length Parameters / / Optional/Variable-Length Parameters /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The INIT chunk contains the following parameters. Unless otherwise The INIT chunk contains the following parameters. Unless otherwise
noted, each parameter MUST only be included once in the INIT chunk. noted, each parameter MUST only be included once in the INIT chunk.
Fixed Parameters Status Fixed Parameters Status
---------------------------------------------- ----------------------------------------------
Initiate Tag Mandatory Initiate Tag Mandatory
Receiver Window Credit Mandatory Advertised Receiver Window Credit Mandatory
Number of Outbound Streams Mandatory Number of Outbound Streams Mandatory
Number of Inbound Streams Mandatory Number of Inbound Streams Mandatory
Initial TSN Mandatory Initial TSN Mandatory
Stewart, et al [Page 17] Stewart, et al [Page 17]
Variable Parameters Status Type Value Variable Parameters Status Type Value
------------------------------------------------------------- -------------------------------------------------------------
IPv4 Address (Note 1) Optional 0x0005 IPv4 Address (Note 1) Optional 0x0005
IPv6 Address (Note 1) Optional 0x0006 IPv6 Address (Note 1) Optional 0x0006
Cookie Preservative Optional 0x0009 Cookie Preservative Optional 0x0009
Reserved for ECN Capable Optional 0x000a
Note 1: The INIT chunks may contain multiple addresses that may be Note 1: The INIT chunks may contain multiple addresses that may be
IPv4 and/or IPv6 in any combination. IPv4 and/or IPv6 in any combination.
Note 2: The ECN capable field is reserved for future use of Explicit
Congestion Notification.
Chunk Flags field in INIT is reserved, and all bits in it should be Chunk Flags field in INIT is reserved, and all bits in it should be
set to 0 by the sender and ignored by the receiver. The sequence of set to 0 by the sender and ignored by the receiver. The sequence of
parameters within an INIT may be processed in any order. parameters within an INIT may be processed in any order.
Initiate Tag: 32 bit u_int Initiate Tag: 32 bit u_int
The receiver of the INIT (the responding end) records the value of The receiver of the INIT (the responding end) records the value of
the Initiate Tag parameter. This value MUST be placed into the the Initiate Tag parameter. This value MUST be placed into the
Verification Tag field of every SCTP datagram that the responding Verification Tag field of every SCTP datagram that the responding
end transmits within this association. end transmits within this association.
skipping to change at page 91, line ? skipping to change at line 1020
If the INIT contains at least one IP Address parameter, then only the If the INIT contains at least one IP Address parameter, then only the
transport address(es) provided within the INIT may be used as transport address(es) provided within the INIT may be used as
destinations by the responding end. If the INIT does not contain any destinations by the responding end. If the INIT does not contain any
IP Address parameters, the responding end MUST use the source IP Address parameters, the responding end MUST use the source
address associated with the received SCTP datagram as its sole address associated with the received SCTP datagram as its sole
destination address for the association. destination address for the association.
Cookie Preservative Cookie Preservative
The sender of the INIT shall use this parameter to suggest to the The sender of the INIT shall use this parameter to suggest to the
receiver of the INIT for a longer life-span of the Encryption Cookie. receiver of the INIT for a longer life-span of the State Cookie.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Suggested Cookie Life-span Increment (msec.) | | Suggested Cookie Life-span Increment (msec.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Suggested Cookie Life-span Increment: 32bit u_int Suggested Cookie Life-span Increment: 32bit u_int
skipping to change at page 91, line ? skipping to change at line 1048
due to a Stale COOKIE error. Note, the receiver MAY choose to ignore due to a Stale COOKIE error. Note, the receiver MAY choose to ignore
the suggested cookie life-span increase for its own security the suggested cookie life-span increase for its own security
reasons. reasons.
2.3.2 Initiation Acknowledgment (INIT ACK) (00000010): 2.3.2 Initiation Acknowledgment (INIT ACK) (00000010):
The INIT ACK chunk is used to acknowledge the initiation of an SCTP The INIT ACK chunk is used to acknowledge the initiation of an SCTP
association. association.
The parameter part of INIT ACK is formatted similarly to the INIT The parameter part of INIT ACK is formatted similarly to the INIT
chunk. It uses two extra variable parameters: The Encryption Cookie chunk. It uses two extra variable parameters: The State Cookie
and the Unrecognized Parameter: and the Unrecognized Parameter:
The format of the INIT ACK message is shown below: The format of the INIT ACK message is shown below:
Stewart, et al [Page 20] Stewart, et al [Page 20]
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 1 0| Chunk Flags | Chunk Length | |0 0 0 0 0 0 1 0| Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initiate Tag | | Initiate Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Receiver Window Credit | | Advertised Receiver Window Credit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Outbound Streams | Number of Inbound Streams | | Number of Outbound Streams | Number of Inbound Streams |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initial TSN | | Initial TSN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \ \ \
/ Optional/Variable-Length Parameters / / Optional/Variable-Length Parameters /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The INIT ACK contains the following parameters. Unless otherwise The INIT ACK contains the following parameters. Unless otherwise
noted, each parameter MUST only be included once in the INIT ACK chunk. noted, each parameter MUST only be included once in the INIT ACK chunk.
Fixed Parameters Status Fixed Parameters Status
---------------------------------------------- ----------------------------------------------
Initiate Tag Mandatory Initiate Tag Mandatory
Receiver Window Credit Mandatory Advertised Receiver Window Credit Mandatory
Number of Outbound Streams Mandatory Number of Outbound Streams Mandatory
Number of Inbound Streams Mandatory Number of Inbound Streams Mandatory
Initial TSN Mandatory Initial TSN Mandatory
Variable Parameters Status Type Value Variable Parameters Status Type Value
------------------------------------------------------------- -------------------------------------------------------------
Encryption Cookie Mandatory 0x0007 State Cookie Mandatory 0x0007
IPv4 Address (Note 1) Optional 0x0005 IPv4 Address (Note 1) Optional 0x0005
IPv6 Address (Note 1) Optional 0x0006 IPv6 Address (Note 1) Optional 0x0006
Unrecognized Parameters Optional 0x0008 Unrecognized Parameters Optional 0x0008
Reserved for ECN Capable Optional 0x000a
Note 1: The INIT ACK chunks may contain any number of IP address Note 1: The INIT ACK chunks may contain any number of IP address
parameters that may be IPv4 and/or IPv6 in any combination. parameters that may be IPv4 and/or IPv6 in any combination.
Note 2: The ECN capable field is reserved for future use of Explicit
Congestion Notification.
Same as with INIT, in combination with the Source Port carried in the Same as with INIT, in combination with the Source Port carried in the
SCTP common header, each IP Address parameter in the INIT ACK indicates SCTP common header, each IP Address parameter in the INIT ACK indicates
to the receiver of the INIT ACK a valid transport address supported by to the receiver of the INIT ACK a valid transport address supported by
the sender of the INIT ACK for the lifetime of the association being the sender of the INIT ACK for the lifetime of the association being
initiated. initiated.
If the INIT ACK contains at least one IP Address parameter, then only If the INIT ACK contains at least one IP Address parameter, then only
the transport address(es) explicitly indicated in the INIT ACK may be the transport address(es) explicitly indicated in the INIT ACK may be
used as the destination(s) by the receiver of the INIT ACK. However, used as the destination(s) by the receiver of the INIT ACK. However,
if the INIT ACK contains no IP Address parameter, the receiver of the if the INIT ACK contains no IP Address parameter, the receiver of the
INIT ACK MUST take the source IP address associated with this INIT ACK INIT ACK MUST take the source IP address associated with this INIT ACK
as its sole destination address for this association. as its sole destination address for this association.
Stewart, et al [Page 21] Stewart, et al [Page 21]
The Encryption Cookie and Unrecognized Parameters use the Type-Length- The State Cookie and Unrecognized Parameters use the Type-Length-
Value format as defined in Section 2.2.1 and are described below. The Value format as defined in Section 2.2.1 and are described below. The
other fields are defined the same as their counterparts in the INIT other fields are defined the same as their counterparts in the INIT
message. message.
2.3.2.1 Optional or Variable Length Parameters 2.3.2.1 Optional or Variable Length Parameters
Encryption Cookie: variable size, depending on Size of Cookie State Cookie: variable size, depending on Size of Cookie
This field MUST contain all the necessary state and parameter This field MUST contain all the necessary state and parameter
information required for the sender of this INIT ACK to create the information required for the sender of this INIT ACK to create the
association, along with an MD5 digital signature (128-bit). See association, along with an Integrity Check Value (ICV). See
Section 4.1.3 for details on Cookie definition. The Cookie MUST be Section 4.1.3 for details on Cookie definition. The Cookie MUST be
padded with '0' to the next 32-bit word boundary. The internal padded with '0' to the next 32-bit word boundary. The internal
format of the Cookie is implementation-specific. format of the Cookie is implementation-specific.
Unrecognized Parameters: Variable Size. Unrecognized Parameters: Variable Size.
This parameter is returned to the originator of the INIT message if This parameter is returned to the originator of the INIT message if
the receiver does not recognize one or more Optional TLV parameters the receiver does not recognize one or more Optional TLV parameters
in the INIT chunk. This parameter field will contain the in the INIT chunk. This parameter field will contain the
unrecognized parameters copied from the INIT message complete unrecognized parameters copied from the INIT message complete
skipping to change at page 91, line ? skipping to change at line 1175
Stewart, et al [Page 22] Stewart, et al [Page 22]
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 1 1|Chunk Flags | Chunk Length | |0 0 0 0 0 0 1 1|Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cumulative TSN ACK | | Cumulative TSN ACK |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Advertised Receiver Window Credit (a_rwnd) | | Advertised Receiver Window Credit (a_rwnd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Fragments = N | (Reserved) | | Number of Fragments = N | Number of Duplicate TSNs = X |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fragment #1 Start | Fragment #1 End | | Fragment #1 Start | Fragment #1 End |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ / / /
\ ... \ \ ... \
/ / / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fragment #N Start | Fragment #N End | | Fragment #N Start | Fragment #N End |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Duplicate TSN 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ /
\ ... \
/ /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Duplicate TSN X |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Chunk Flags: Chunk Flags:
Set to all zeros on transmit and ignored on receipt. Set to all zeros on transmit and ignored on receipt.
Cumulative TSN ACK: 32 bit u_int Cumulative TSN ACK: 32 bit u_int
This parameter contains the TSN of the last DATA chunk received in This parameter contains the TSN of the last DATA chunk received in
sequence before a gap. sequence before a gap.
Advertised Receiver Window Credit (a_rwnd): 32 bit u_int Advertised Receiver Window Credit (a_rwnd): 32 bit u_int
This field indicates the updated receive buffer space in octets of This field indicates the updated receive buffer space in octets of
the sender of this SACK, see Section 5.2.1 for details. the sender of this SACK, see Section 5.2.1 for details.
Number of Fragments: 16 bit u_int Number of Fragments: 16 bit u_int
Indicates the number of TSN fragments included in this Selective Indicates the number of TSN fragments included in this Selective
ACK. ACK.
Reserved: 16 bit Number of Duplicate TSNs: 16 bit
Must be set to all 0 by the sender and ignored by the receiver. This field contains the number of duplicate TSNs the endpoint
has received. Each duplicate TSN is listed following the fragment
list.
Fragments: Fragments:
These fields contain the ack fragments. They are repeated for each These fields contain the ack fragments. They are repeated for each
fragment up to the number of fragments defined in the Number of fragment up to the number of fragments defined in the Number of
Fragments field. All DATA chunks with TSNs between the (Cumulative Fragments field. All DATA chunks with TSNs between the (Cumulative
TSN ACK + Fragment Start) and (Cumulative TSN ACK + Fragment End) of TSN ACK + Fragment Start) and (Cumulative TSN ACK + Fragment End) of
each fragment are assumed to have been received correctly. each fragment are assumed to have been received correctly.
Stewart, et al [Page 23] Stewart, et al [Page 23]
skipping to change at page 91, line ? skipping to change at line 1243
offset number to yield the TSN. This calculated TSN identifies offset number to yield the TSN. This calculated TSN identifies
the first TSN in this fragment that has been received. the first TSN in this fragment that has been received.
Fragment End: 16 bit u_int Fragment End: 16 bit u_int
Indicates the End offset TSN for this fragment. To calculate the Indicates the End offset TSN for this fragment. To calculate the
actual TSN number the Cumulative TSN ACK is added to this actual TSN number the Cumulative TSN ACK is added to this
offset number to yield the TSN. This calculated TSN identifies offset number to yield the TSN. This calculated TSN identifies
the TSN of the last DATA chunk received in this fragment. the TSN of the last DATA chunk received in this fragment.
Duplicate TSN: 32 bit u_int
Indicates a TSN that was received in duplicate.
For example, assume the receiver has the following datagrams newly For example, assume the receiver has the following datagrams newly
arrived at the time when it decides to send a Selective ACK, arrived at the time when it decides to send a Selective ACK,
---------- ----------
| TSN=17 | | TSN=17 |
---------- ----------
| | <- still missing | | <- still missing
---------- ----------
| TSN=15 | | TSN=15 |
---------- ----------
skipping to change at page 91, line ? skipping to change at line 1566
Out of Resource: indicating that the sender is out of resource. This Out of Resource: indicating that the sender is out of resource. This
is usually sent in combination with or within an ABORT. is usually sent in combination with or within an ABORT.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=4 | Cause Length=4 | | Cause Code=4 | Cause Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Guidelines for IETF-defined Error Cause extensions are discussed in Guidelines for IETF-defined Error Cause extensions are discussed in
Section 12.3 of this document. Section 12.3 of this document.
2.3.10 Encryption Cookie (COOKIE) (00001010): 2.3.10 State Cookie (COOKIE) (00001010):
This chunk is used only during the initialization of an association. This chunk is used only during the initialization of an association.
It is sent by the initiator of an association to its peer to complete It is sent by the initiator of an association to its peer to complete
the initialization process. This chunk MUST precede any chunk the initialization process. This chunk MUST precede any chunk
sent within the association, but MAY be bundled with one or more DATA sent within the association, but MAY be bundled with one or more DATA
chunks in the same datagram. chunks in the same datagram.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 91, line ? skipping to change at line 1839
| +------------+ | +------------+
| | | |
| | rcv COOKIE.ACK | | rcv COOKIE.ACK
| | ----------------- | | -----------------
| | stop cookie timer | | stop cookie timer
v v v v
+---------------+ +---------------+
| ESTABLISHED | | ESTABLISHED |
+---------------+ +---------------+
(from any state except CLOSED) (from the ESTABLISHED state only)
| |
| |
/--------+--------\ /--------+--------\
[TERMINATE] / \ [TERMINATE] / \
----------------- | | ----------------- | |
check outstanding | | check outstanding | |
data chunks | | data chunks | |
v | v |
+---------+ | +---------+ |
|SHUTDOWN | | rcv SHUTDOWN |SHUTDOWN | | rcv SHUTDOWN
|PENDING | | ---------------- |PENDING | | ----------------
+---------+ | x +---------+ | x
| | | |
No more outstanding | | No more outstanding | |
------------------- | | ------------------- | |
snd SHUTDOWN | | snd SHUTDOWN | |
strt shutdown timer | | strt shutdown timer | |
v v v v
tewart, et al [Page 35] Stewart, et al [Page 35]
+---------+ +-----------+ +---------+ +-----------+
(4) |SHUTDOWN | | SHUTDOWN | (5) (4) |SHUTDOWN | | SHUTDOWN | (5)
|SENT | | RECEIVED | |SENT | | RECEIVED |
+---------+ +-----------+ +---------+ +-----------+
| | | |
rcv SHUTDOWN.ACK | | x rcv SHUTDOWN.ACK | | x
------------------- | |----------------- ------------------- | |-----------------
stop shutdown timer | | retransmit missing DATA stop shutdown timer | | retransmit missing DATA
delete TCB | | send SHUTDOWN.ACK delete TCB | | send SHUTDOWN.ACK
| | delete TCB | | delete TCB
skipping to change at page 91, line ? skipping to change at line 1940
SHOULD be a random number in the range of 0x1 to 0xffffffff (see SHOULD be a random number in the range of 0x1 to 0xffffffff (see
4.3.1 for Tag value selection). After sending the INIT, "A" starts 4.3.1 for Tag value selection). After sending the INIT, "A" starts
the T1-init timer and enters the COOKIE-WAIT state. the T1-init timer and enters the COOKIE-WAIT state.
B) "Z" shall respond immediately with an INIT ACK message. In the B) "Z" shall respond immediately with an INIT ACK message. In the
message, besides filling in other parameters, "Z" must set the message, besides filling in other parameters, "Z" must set the
Verification Tag field to Tag_A, and also provide its own security Verification Tag field to Tag_A, and also provide its own security
tag "Tag_Z" in the Initiate Tag field. tag "Tag_Z" in the Initiate Tag field.
Moreover, "Z" MUST generate and send along with the INIT ACK an Moreover, "Z" MUST generate and send along with the INIT ACK an
Encryption Cookie. See Section 4.1.3 for Encryption Cookie State Cookie. See Section 4.1.3 for State Cookie generation.
generation.
Note: after sending out INIT ACK with the cookie, "Z" MUST not Note: after sending out INIT ACK with the cookie, "Z" MUST not
allocate any resources, nor keep any states for the new allocate any resources, nor keep any states for the new
association. Otherwise, "Z" will be vulnerable to resource attacks. association. Otherwise, "Z" will be vulnerable to resource attacks.
C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init
timer and leave COOKIE-WAIT state. "A" shall then send the cookie timer and leave COOKIE-WAIT state. "A" shall then send the cookie
received in the INIT ACK message in a cookie chunk, restart the received in the INIT ACK message in a cookie chunk, restart the
T1-init timer, and enter the COOKIE-SENT state. T1-init timer, and enter the COOKIE-SENT state.
Note, the cookie chunk can be bundled with any pending outbound Note, the cookie chunk can be bundled with any pending outbound
DATA chunks, but it MUST be the first chunk in the datagram. DATA chunks, but it MUST be the first chunk in the datagram AND
until the COOKIE ACK is returned the sender MUST NOT send any
other datagrams to the peer.
D) Upon reception of the COOKIE chunk, Endpoint "Z" will reply with D) Upon reception of the COOKIE chunk, Endpoint "Z" will reply with
a COOKIE ACK chunk after building a TCB and marking itself to a COOKIE ACK chunk after building a TCB and marking itself to
the ESTABLISHED state. A COOKIE ACK chunk may be combined with the ESTABLISHED state. A COOKIE ACK chunk may be combined with
any pending DATA chunks (and/or SACK chunks), but the COOKIE ACK any pending DATA chunks (and/or SACK chunks), but the COOKIE ACK
chunk MUST be the first chunk in the datagram. chunk MUST be the first chunk in the datagram.
IMPLEMENTATION NOTE: an implementation may choose to send the IMPLEMENTATION NOTE: an implementation may choose to send the
Communication Up notification to the SCTP user upon reception Communication Up notification to the SCTP user upon reception
of a valid COOKIE. of a valid COOKIE.
skipping to change at page 91, line ? skipping to change at line 2060
For the initiator: any valid transport address obtained from the For the initiator: any valid transport address obtained from the
INIT ACK message. If no transport address is specified in the INIT INIT ACK message. If no transport address is specified in the INIT
ACK message, use the source transport address from which the INIT ACK message, use the source transport address from which the INIT
ACK message arrived. ACK message arrived.
For the responder: any valid transport address obtained from the For the responder: any valid transport address obtained from the
INIT message. If no transport address is specified in the INIT INIT message. If no transport address is specified in the INIT
message, use the source transport address from which the INIT message, use the source transport address from which the INIT
message arrived. message arrived.
4.1.3 Generating Encryption Cookie 4.1.3 Generating State Cookie
When sending an INIT ACK as a response to an INIT message, the sender When sending an INIT ACK as a response to an INIT message, the sender
of INIT ACK should create an Encryption Cookie and send it as part of of INIT ACK should create an State Cookie and send it as part of the
the INIT ACK. Inside this Encryption Cookie, the sender should include INIT ACK. Inside this State Cookie, the sender should include a ICV
a security signature, a time stamp on when the cookie is created, and security signature or MAC (message Authentication code) [4], a time
the lifespan of the cookie, along with all the information necessary stamp on when the cookie is created, and the lifespan of the cookie,
for it to establish the association. along with all the information necessary for it to establish the
association.
The following steps SHOULD be taken to generate the cookie: The following steps SHOULD be taken to generate the cookie:
1) create an association TCB using information from both the received 1) create an association TCB using information from both the received
INIT and the outgoing INIT ACK messages, INIT and the outgoing INIT ACK messages,
2) in the TCB, set the creation time to the current time of day, and 2) in the TCB, set the creation time to the current time of day, and
the lifespan to the protocol parameter 'Valid.Cookie.Life', the lifespan to the protocol parameter 'Valid.Cookie.Life',
3) attach a private security key to the TCB and generate a 128-bit MD5 3) Generate a MAC signature using the TCB and a Private Key (see [4] for
signature from the key/TCB combination (see [4] for details on details on generating the MAC), and
MD5), and
Stewart, et al [Page 39] Stewart, et al [Page 39]
4) generate the Encryption Cookie by combining the TCB and the 4) generate the State Cookie by combining the TCB and the
resultant MD5 signature. resultant ICV signature.
After sending the INIT ACK with the cookie, the sender SHOULD delete After sending the INIT ACK with the cookie, the sender SHOULD delete
the TCB and any other local resource related to the new association, the TCB and any other local resource related to the new association,
so as to prevent resource attacks. so as to prevent resource attacks.
The private key should be a cryptographic quality random number with The ICV and hashing method used to generate the MAC is strictly a
a sufficient length. Discussion in RFC 1750 [1] can be helpful in private matter for the receiver of the INIT message. The use of a MAC
selection of the key. is mandatory to prevent denial of service attacks. The Private Key
MUST be random per RFC1750 [1]; it SHOULD be changed reasonably
frequently, and the timestamp in the cookie MAY be used to determine
which key should be used to verify the MAC.
4.1.4 Cookie Processing 4.1.4 Cookie Processing
When an endpoint receives an INIT ACK chunk in response to its INIT When an endpoint receives an INIT ACK chunk in response to its INIT
chunk, and the INIT ACK contains an Encryption Cookie parameter, it chunk, and the INIT ACK contains an State Cookie parameter, it
MUST immediately send a COOKIE chunk to its peer with the received MUST immediately send a COOKIE chunk to its peer with the received
cookie. The sender MAY also add any pending DATA chunks to the cookie. The sender MAY also add any pending DATA chunks to the
message. message.
The sender shall also start the T1-init timer after sending out The sender shall also start the cookie timer after sending out
the COOKIE chunk. If the timer expires, the sender shall retransmit the COOKIE chunk. If the timer expires, the sender shall retransmit
the COOKIE chunk and restart the T1-init timer. This is repeated until the COOKIE chunk and restart the cookie timer. This is repeated until
either a COOKIE ACK is received or the endpoint is marked either a COOKIE ACK is received or the endpoint is marked
unreachable (and thus the association enters the CLOSED state). unreachable (and thus the association enters the CLOSED state).
4.1.5 Cookie Authentication 4.1.5 Cookie Authentication
When an endpoint receives a COOKIE chunk from another endpoint with When an endpoint receives a COOKIE chunk from another endpoint with
which it has no association, it shall take the following actions: which it has no association, it shall take the following actions:
1) compute an MD5 signature using the TCB data carried in the cookie 1) compute a MAC signature using the TCB data carried in the cookie
along with the receiver's private security key, and the Private Key (note the timestamp in the cookie MAY be
used to determine which Private Key to use) reference [4] SHOULD
be used has a guideline for generating the MAC,
2) authenticate the cookie as one that it previously generated by 2) authenticate the cookie as one that it previously generated by
comparing the computed MD5 signature against the one carried in the comparing the computed MAC signature against the one carried in the
cookie. If this comparison fails, the datagram, including the cookie. If this comparison fails, the datagram, including the
COOKIE and the attached user data, should be silently discarded, COOKIE and the attached user data, should be silently discarded,
3) compare the creation time stamp in the cookie to the current local 3) compare the creation time stamp in the cookie to the current local
time, if the elapsed time is longer than the lifespan carried in time, if the elapsed time is longer than the lifespan carried in
the cookie, then the datagram, including the COOKIE and the the cookie, then the datagram, including the COOKIE and the
attached user data, SHOULD be discarded and the endpoint MUST attached user data, SHOULD be discarded and the endpoint MUST
transmit a stale cookie operational error to the sending endpoint, transmit a stale cookie operational error to the sending endpoint,
4) if the cookie is valid, create an association to the sender of the 4) if the cookie is valid, create an association to the sender of the
skipping to change at page 91, line ? skipping to change at line 2266
cookie with the INIT ACK. cookie with the INIT ACK.
After that, no other actions shall be taken by either side, i.e., the After that, no other actions shall be taken by either side, i.e., the
endpoint shall not change its state, and the T1-init timer shall be endpoint shall not change its state, and the T1-init timer shall be
left running. The normal procedures for handling cookies will left running. The normal procedures for handling cookies will
resolve the duplicate INITs to a single association. resolve the duplicate INITs to a single association.
4.2.2 Handle Duplicate INIT in Other States 4.2.2 Handle Duplicate INIT in Other States
Upon reception of the duplicated INIT, the receiver shall generate an Upon reception of the duplicated INIT, the receiver shall generate an
INIT ACK with an Encryption Cookie. INIT ACK with an State Cookie.
In the outbound INIT ACK, the endpoint shall set the Verification Tag In the outbound INIT ACK, the endpoint shall set the Verification Tag
field in the common header to the peer's new tag value (from the field in the common header to the peer's new tag value (from the
duplicated INIT message), and the Initiate Tag field to its own tag duplicated INIT message), and the Initiate Tag field to its own tag
value (unchanged from the existing association). The included value (unchanged from the existing association). The included
Encryption Cookie shall be generated using the current time and a State Cookie shall be generated using the current time and a
temporary TCB constructed with the information provided in the temporary TCB constructed with the information provided in the
duplicated INIT message (see Section 4.1.3). This temporary TCB MUST duplicated INIT message (see Section 4.1.3). This temporary TCB MUST
be destroyed after the outbound INIT ACK is built. be destroyed after the outbound INIT ACK is built.
After sending out the INIT ACK, the endpoint shall take no further After sending out the INIT ACK, the endpoint shall take no further
actions, i.e., the existing association, including its current state, actions, i.e., the existing association, including its current state,
and the corresponding TCB MUST not be changed. and the corresponding TCB MUST not be changed.
4.2.3 Handle Duplicate INIT ACK 4.2.3 Handle Duplicate INIT ACK
skipping to change at page 91, line ? skipping to change at line 2467
The following general rules SHALL be applied by the sender for The following general rules SHALL be applied by the sender for
transmission and/or retransmission of outbound DATA chunks: transmission and/or retransmission of outbound DATA chunks:
A) At any given time, the sender MUST NOT transmit new data onto any A) At any given time, the sender MUST NOT transmit new data onto any
destination transport address if its peer's rwnd indicates that the destination transport address if its peer's rwnd indicates that the
peer has no buffer space (i.e. rwnd is 0, see Section 5.2.1). peer has no buffer space (i.e. rwnd is 0, see Section 5.2.1).
However, regardless of the value of rwnd (including if it is 0), However, regardless of the value of rwnd (including if it is 0),
the sender can always have ONE data packet in flight to the the sender can always have ONE data packet in flight to the
receiver. This rule allows the sender to probe for a change in rwnd receiver if allowed by cwnd (see rule B below). This rule
that the sender missed due to the update having been lost in allows the sender to probe for a change in rwnd that the sender
transmission from the receiver to the sender. missed due to the update having been lost in transmission from
the receiver to the sender.
B) At any given time, the sender MUST NOT transmit new data onto a B) At any given time, the sender MUST NOT transmit new data onto a
given transport address if it has cwnd or more octets of data given transport address if it has cwnd or more octets of data
outstanding on that transport address. outstanding on that transport address.
C) When the time comes for the sender to transmit, before sending C) When the time comes for the sender to transmit, before sending
new DATA chunks, the sender MUST first transmit any outstanding new DATA chunks, the sender MUST first transmit any outstanding
DATA chunks which are marked for retransmission (limited by the DATA chunks which are marked for retransmission (limited by the
current cwnd). current cwnd).
skipping to change at page 91, line ? skipping to change at line 2544
for SACK chunk format. In particular, the SCTP receiver MUST fill in for SACK chunk format. In particular, the SCTP receiver MUST fill in
the Cumulative TSN ACK field to indicate the latest cumulative TSN the Cumulative TSN ACK field to indicate the latest cumulative TSN
number it has received, and any received segments beyond the number it has received, and any received segments beyond the
Cumulative TSN SHALL also be reported. Cumulative TSN SHALL also be reported.
Upon reception of the SACK, the data sender MUST adjust its total Upon reception of the SACK, the data sender MUST adjust its total
outstanding data count and the outstanding data count on those outstanding data count and the outstanding data count on those
destination addresses for which one or more data chunks is destination addresses for which one or more data chunks is
acknowledged by the SACK. acknowledged by the SACK.
Note: When a datagram arrives with duplicate DATA chunk(s) and no new
DATA chunk(s), the receiver MUST immediately send a SACK with no
delay. Normally this will occur when the original SACK was lost, and
the peers RTO has expired. The duplicate TSN number(s) SHOULD be reported
in the SACK as duplicate.
When a receiver prepares a SACK, any duplicate DATA chunks received
SHOULD be reported in the SACK.
When a SACK is received the receiver MAY use the Duplicate TSN
information to determine if SACK loss is occuring. Further use
of this data is for future study.
The following example illustrates the use of delayed acknowledgments: The following example illustrates the use of delayed acknowledgments:
Endpoint A Endpoint Z Endpoint A Endpoint Z
{App sends 3 messages; strm 0} {App sends 3 messages; strm 0}
DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
(Start T3-rxt timer) (Start T3-rxt timer)
Stewart, et al [Page 48]
DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack)
/------- SACK [TSN ACK=8,Frag=0] /------- SACK [TSN ACK=8,Frag=0]
(cancel T3-rxt timer) <-----/ (cancel T3-rxt timer) <-----/
... ...
... ...
DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed)
(Start T3-rxt timer) (Start T3-rxt timer)
... ...
{App sends 1 message; strm 1} {App sends 1 message; strm 1}
(bundle SACK with DATA) (bundle SACK with DATA)
/----- SACK [TSN Ack=9,Frag=0] \ /----- SACK [TSN Ack=9,Frag=0] \
/ DATA [TSN=6,Strm=1,Seq=2] / DATA [TSN=6,Strm=1,Seq=2]
(cancel T3-rxt timer) <------/ (Start T3-rxt timer) (cancel T3-rxt timer) <------/ (Start T3-rxt timer)
Stewart, et al [Page 48]
(ack delayed) (ack delayed)
... ...
(send ack) (send ack)
SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer) SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer)
5.2.1 Tracking Peer's Receive Buffer Space 5.2.1 Tracking Peer's Receive Buffer Space
Whenever a SACK arrives, a new updated a_rwnd arrives with it. This Whenever a SACK arrives, a new updated a_rwnd arrives with it. This
value represents the amount of buffer space the sender of the SACK, at value represents the amount of buffer space the sender of the SACK, at
the time of transmitting the SACK, has left of its total receive the time of transmitting the SACK, has left of its total receive
buffer space (as specified in the INIT/INIT-ACK). After processing the buffer space (as specified in the INIT/INIT-ACK). After processing the
SACK, the receiver of the SACK must use the following rules to SACK, the receiver of the SACK must use the following rules to
re-calculate the congestion control rwnd, using the received a_rwnd re-calculate the rwnd, using the received a_rwnd value.
value.
A) At the establishment of the association, the endpoint initializes A) At the establishment of the association, the endpoint initializes
the congestion control rwnd to the Advertised Receiver Window the rwnd to the Advertised Receiver Window Credit (a_rwnd)
Credit (a_rwnd) the peer specified in the INIT or INIT ACK. the peer specified in the INIT or INIT ACK.
B) Any time a DATA chunk is transmitted to a peer, the endpoint B) Any time a DATA chunk is transmitted to a peer, the endpoint
subtracts the data size of the chunk from the rwnd of that peer. subtracts the data size of the chunk from the rwnd of that peer.
C) Any time a SACK arrives, the endpoint performs the following: C) Any time a SACK arrives, the endpoint performs the following:
If all outstanding TSNs are acknowledged by the SACK, adopt If all outstanding TSNs are acknowledged by the SACK, adopt
the a_rwnd value in the SACK as the new rwnd. the a_rwnd value in the SACK as the new rwnd.
Otherwise, take the value of the current rwnd, and add to it the Otherwise, take the value of the current rwnd, and add to it the
data size of any newly acknowledged TSNs that has its BE bits set data size of any newly acknowledged TSNs that has its BE bits set
to 11, OR that moved the cumulative TSN point forward. Then, set to 11, OR that moved the cumulative TSN point forward. Then, set
the congestion control rwnd to the lesser of the calculated value the rwnd to the lesser of the calculated value and the a_rwnd carried
and the a_rwnd carried in the SACK. in the SACK.
D) Any time the T3-rxt timer expires on any address, causing all D) Any time the T3-rxt timer expires on any address, causing all
outstanding chunks sent to that address to be marked for outstanding chunks sent to that address to be marked for
retransmission, add all of the data sizes of those chunks to the rwnd. retransmission, add all of the data sizes of those chunks to the rwnd.
Stewart, et al [Page 49]
E) Any time a DATA chunk is marked for retransmission via the E) Any time a DATA chunk is marked for retransmission via the
fast retransmit algorithm (section 6.2.4), add the DATA chunks fast retransmit algorithm (section 6.2.4), add the DATA chunks
size to the rwnd. size to the rwnd.
5.3 Management of Retransmission Timer 5.3 Management of Retransmission Timer
SCTP uses a retransmission timer T3-rxt to ensure data delivery in the SCTP uses a retransmission timer T3-rxt to ensure data delivery in the
absence of any feedback from the remote data receiver. The duration of absence of any feedback from the remote data receiver. The duration of
this timer is referred to as RTO (retransmission timeout). this timer is referred to as RTO (retransmission timeout).
When the receiver endpoint is multi-homed, the data sender endpoint When the receiver endpoint is multi-homed, the data sender endpoint
will calculate a separate RTO for each different destination transport will calculate a separate RTO for each different destination transport
addresses of the receiver endpoint. addresses of the receiver endpoint.
Stewart, et al [Page 49]
The computation and management of RTO in SCTP follows closely with how The computation and management of RTO in SCTP follows closely with how
TCP manages its retransmission timer. To compute the current RTO, an TCP manages its retransmission timer. To compute the current RTO, an
SCTP sender maintains two state variables per destination transport SCTP sender maintains two state variables per destination transport
address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time
variation). variation).
5.3.1 RTO Calculation 5.3.1 RTO Calculation
The rules governing the computation of SRTT, RTTVAR, and RTO are The rules governing the computation of SRTT, RTTVAR, and RTO are
as follows: as follows:
skipping to change at page 91, line ? skipping to change at line 2662
C3) When a new RTT measurement R' is made, set C3) When a new RTT measurement R' is made, set
RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'
Note, the value of SRTT used in the update to RTTVAR is its value Note, the value of SRTT used in the update to RTTVAR is its value
*before* updating SRTT itself using the second assignment. *before* updating SRTT itself using the second assignment.
After the computation, update RTO <- SRTT + 4 * RTTVAR. After the computation, update RTO <- SRTT + 4 * RTTVAR.
Stewart, et al [Page 50]
C4) When data is in flight and when allowed by rule C5 below, a new C4) When data is in flight and when allowed by rule C5 below, a new
RTT measurement MUST be made each round trip. Furthermore, RTT measurement MUST be made each round trip. Furthermore,
it is RECOMMENDED that new RTT measurements should be made no it is RECOMMENDED that new RTT measurements should be made no
more than once per round-trip for a given destination transport more than once per round-trip for a given destination transport
address. There are two reasons for this recommendation: first, address. There are two reasons for this recommendation: first,
it appears that measuring more frequently often does not in it appears that measuring more frequently often does not in
practice yield any significant benefit [5]; second, if practice yield any significant benefit [5]; second, if
measurements are made more often, then the values of RTO.Alpha and measurements are made more often, then the values of RTO.Alpha and
RTO.Beta in rule C3 above should be adjusted so that SRTT and RTO.Beta in rule C3 above should be adjusted so that SRTT and
RTTVAR still adjust to changes at roughly the same rate (in terms RTTVAR still adjust to changes at roughly the same rate (in terms
skipping to change at page 91, line ? skipping to change at line 2689
C5) Karn's algorithm: RTT measurements MUST NOT be made using C5) Karn's algorithm: RTT measurements MUST NOT be made using
packets that were retransmitted (and thus for which it is packets that were retransmitted (and thus for which it is
ambiguous whether the reply was for the first instance of the ambiguous whether the reply was for the first instance of the
packet or a later instance). packet or a later instance).
C6) Whenever RTO is computed, if it is less than RTO.Min seconds C6) Whenever RTO is computed, if it is less than RTO.Min seconds
then it is rounded up to RTO.Min seconds. The reason for this then it is rounded up to RTO.Min seconds. The reason for this
rule is that RTOs that do not have a high minimum value are rule is that RTOs that do not have a high minimum value are
susceptible to unnecessary timeouts [5]. susceptible to unnecessary timeouts [5].
Stewart, et al [Page 50]
C7) A maximum value may be placed on RTO provided it is at least C7) A maximum value may be placed on RTO provided it is at least
RTO.max seconds. RTO.max seconds.
There is no requirement for the clock granularity G used for computing There is no requirement for the clock granularity G used for computing
RTT measurements and the different state variables, other than RTT measurements and the different state variables, other than
G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust
RTTVAR <- G. RTTVAR <- G.
Experience [5] has shown that finer clock granularities (<= 100 msec) Experience [5] has shown that finer clock granularities (<= 100 msec)
skipping to change at page 91, line ? skipping to change at line 2715
R1) Every time a packet containing data is sent to any address (including R1) Every time a packet containing data is sent to any address (including
a retransmission), if the T3-rxt timer of that address is not a retransmission), if the T3-rxt timer of that address is not
running, start it running so that it will expire after the RTO of running, start it running so that it will expire after the RTO of
that address. The RTO used here is that obtained after any doubling that address. The RTO used here is that obtained after any doubling
due to previous T3-rxt timer expirations on the corresponding due to previous T3-rxt timer expirations on the corresponding
destination address as discussed in rule E2 below. destination address as discussed in rule E2 below.
R2) Whenever all outstanding data on an address has been acknowledged, R2) Whenever all outstanding data on an address has been acknowledged,
turn off the T3-rxt timer of that address. turn off the T3-rxt timer of that address.
Stewart, et al [Page 51]
R3) Whenever a SACK is received that acknowledges new data chunks R3) Whenever a SACK is received that acknowledges new data chunks
including the one with the earliest outstanding TSN on that address, including the one with the earliest outstanding TSN on that address,
restart T3-rxt timer of that address with its current RTO. restart T3-rxt timer of that address with its current RTO.
The following example shows the use of various timer rules (assuming The following example shows the use of various timer rules (assuming
the receiver uses delayed acks). the receiver uses delayed acks).
Endpoint A Endpoint Z Endpoint A Endpoint Z
{App begins to send} {App begins to send}
Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
skipping to change at page 91, line ? skipping to change at line 2744
/ \ / \
(Re-start T3-rxt timer) <------/ \--> (ack delayed) (Re-start T3-rxt timer) <------/ \--> (ack delayed)
(ack delayed) (ack delayed)
... ...
{send ack} {send ack}
SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer) SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer)
.. ..
(send ack) (send ack)
(Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0] (Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0]
Stewart, et al [Page 51]
5.3.3 Handle T3-rxt Expiration 5.3.3 Handle T3-rxt Expiration
Whenever the retransmission timer T3-rxt expires on a destination Whenever the retransmission timer T3-rxt expires on a destination
address, do the following: address, do the following:
E1) On the destination address where the timer expires, adjust its E1) On the destination address where the timer expires, adjust its
ssthresh with rules defined in Section 6.2.3 and set the ssthresh with rules defined in Section 6.2.3 and set the
cwnd <- MTU. cwnd <- MTU.
E2) On the destination address where the timer expires, set E2) On the destination address where the timer expires, set
skipping to change at page 91, line ? skipping to change at line 2767
E3) Determine how many of the earliest (i.e., lowest TSN) outstanding E3) Determine how many of the earliest (i.e., lowest TSN) outstanding
Data chunks on the address where the T3-rxt has expired that will Data chunks on the address where the T3-rxt has expired that will
fit into a single packet, subject to the MTU constraint for the fit into a single packet, subject to the MTU constraint for the
path corresponding to the destination transport address where the path corresponding to the destination transport address where the
retransmission is being sent to (this may be different from the retransmission is being sent to (this may be different from the
address where the timer expires [see Section 5.4]). Call this address where the timer expires [see Section 5.4]). Call this
value K. Bundle and retransmit those K data chunks in a single value K. Bundle and retransmit those K data chunks in a single
packet to the address. packet to the address.
Stewart, et al [Page 52]
E4) Start the retransmission timer T3-rxt on the destination address E4) Start the retransmission timer T3-rxt on the destination address
to where the retransmission is sent, if rule R1 above indicates to to where the retransmission is sent, if rule R1 above indicates to
do so. Note, the RTO to be used for starting T3-rxt should be the do so. Note, the RTO to be used for starting T3-rxt should be the
one of the destination address to where the retransmission is one of the destination address to where the retransmission is
sent, which, when the receiver is multi-homed, may be different sent, which, when the receiver is multi-homed, may be different
from the destination address where the timer expired (see Section from the destination address where the timer expired (see Section
5.4 below). 5.4 below).
Note that after retransmitting, once a new RTT measurement is obtained Note that after retransmitting, once a new RTT measurement is obtained
(which can happen only when new data has been sent and acknowledged, (which can happen only when new data has been sent and acknowledged,
skipping to change at page 91, line ? skipping to change at line 2800
to the new transport address, start the timer on that transport to the new transport address, start the timer on that transport
address, using the RTO value of the destination address where address, using the RTO value of the destination address where
the data is being sent, if rule R1 indicates to do so. the data is being sent, if rule R1 indicates to do so.
5.4 Multi-homed SCTP Endpoints 5.4 Multi-homed SCTP Endpoints
An SCTP endpoint is considered multi-homed if there are more than one An SCTP endpoint is considered multi-homed if there are more than one
transport addresses that can be used as a destination address to reach transport addresses that can be used as a destination address to reach
that endpoint. that endpoint.
Stewart, et al [Page 52]
Moreover, at the sender side, one of the multiple destination Moreover, at the sender side, one of the multiple destination
addresses of the multi-homed receiver endpoint shall be selected as addresses of the multi-homed receiver endpoint shall be selected as
the primary destination transport address by the UPL (see Sections the primary destination transport address by the UPL (see Sections
4.1.2 and 9.1 for details). 4.1.2 and 9.1 for details).
When the SCTP sender is transmitting to the multi-homed receiver, by When the SCTP sender is transmitting to the multi-homed receiver, by
default the transmission SHOULD always take place on the primary default the transmission SHOULD always take place on the primary
transport address, unless the SCTP user explicitly specifies the transport address, unless the SCTP user explicitly specifies the
destination transport address to use. destination transport address to use.
The acknowledgment SHOULD be transmitted to the same destination The acknowledgment SHOULD be transmitted to the same destination
transport address from which the DATA or control chunk being transport address from which the DATA or control chunk being
acknowledged were received. acknowledged were received.
However, when acknowledging multiple DATA chunks in a single SACK, the However, when acknowledging multiple DATA chunks in a single SACK, the
SACK message may be transmitted to one of the destination transport SACK message may be transmitted to one of the destination transport
addresses from which the DATA or control chunks being acknowledged addresses from which the DATA or control chunks being acknowledged
were received. were received.
Stewart, et al [Page 53]
Furthermore, when the receiver is multi-homed, the SCTP data sender Furthermore, when the receiver is multi-homed, the SCTP data sender
SHOULD try to retransmit a chunk to an active destination transport SHOULD try to retransmit a chunk to an active destination transport
address that is different from the last destination address where the address that is different from the last destination address where the
data chunk was sent to. data chunk was sent to.
Note, retransmissions do not affect the total outstanding data Note, retransmissions do not affect the total outstanding data
count. However, if the data chunk is retransmitted onto a different count. However, if the data chunk is retransmitted onto a different
destination address, both the outstanding data counts on the new destination address, both the outstanding data counts on the new
destination address and the old destination address where the data destination address and the old destination address where the data
chunk was last sent to shall be adjusted accordingly. chunk was last sent to shall be adjusted accordingly.
skipping to change at page 91, line ? skipping to change at line 2854
5.5 Stream Identifier and Stream Sequence Number 5.5 Stream Identifier and Stream Sequence Number
Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk
with an invalid stream identifier is received, the receiver shall, with an invalid stream identifier is received, the receiver shall,
after acknowledging the reception of the DATA chunk following the normal after acknowledging the reception of the DATA chunk following the normal
procedure, respond immediately with an ERROR message with cause set to procedure, respond immediately with an ERROR message with cause set to
Invalid Stream Identifier (see Section 2.3.9) and discard the DATA Invalid Stream Identifier (see Section 2.3.9) and discard the DATA
chunk. chunk.
Stewart, et al [Page 53]
The stream sequence number in all the streams shall start from 0x0 The stream sequence number in all the streams shall start from 0x0
when the association is established. Also, when the stream sequence when the association is established. Also, when the stream sequence
number reaches the value 0xffff the next stream sequence number shall number reaches the value 0xffff the next stream sequence number shall
be set to 0x0. be set to 0x0.
5.6 Ordered and Un-ordered Delivery 5.6 Ordered and Un-ordered Delivery
By default the SCTP receiver shall ensure the DATA chunks within any By default the SCTP receiver shall ensure the DATA chunks within any
given stream be delivered to the upper layer according to the order of given stream be delivered to the upper layer according to the order of
their stream sequence number. If there are DATA chunks arriving out of their stream sequence number. If there are DATA chunks arriving out of
order of their stream sequence number, the receiver MUST hold the order of their stream sequence number, the receiver MUST hold the
received DATA chunks from delivery until they are re-ordered. received DATA chunks from delivery until they are re-ordered.
However, an SCTP sender can indicate that no ordered delivery is However, an SCTP sender can indicate that no ordered delivery is
required on a particular DATA chunk within the stream by setting the U required on a particular DATA chunk within the stream by setting the U
flag of the DATA chunk to 1. flag of the DATA chunk to 1.
Stewart, et al [Page 54]
In this case, the receiver must bypass the ordering mechanism and In this case, the receiver must bypass the ordering mechanism and
immediately delivery the data to the upper layer (after re-assembly if immediately delivery the data to the upper layer (after re-assembly if
the user data is segmented by the sender). the user data is segmented by the sender).
This provides an effective way of transmitting "out-of-band" data in a This provides an effective way of transmitting "out-of-band" data in a
given stream. Also, a stream can be used as an "unordered" stream by given stream. Also, a stream can be used as an "unordered" stream by
simply setting the U flag to 1 in all outbound DATA chunks sent simply setting the U flag to 1 in all outbound DATA chunks sent
through that stream. through that stream.
IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an
skipping to change at page 91, line ? skipping to change at line 2908
Based on the segment reports from the SACK, the data sender can Based on the segment reports from the SACK, the data sender can
calculate the missing DATA chunks and make decisions on whether to calculate the missing DATA chunks and make decisions on whether to
retransmit them (see Section 5.3 for details). retransmit them (see Section 5.3 for details).
Multiple gaps can be reported in one single SACK (see Section 2.3.3). Multiple gaps can be reported in one single SACK (see Section 2.3.3).
Note that when the data sender is multi-homed, the SCTP receiver Note that when the data sender is multi-homed, the SCTP receiver
SHOULD always try to send the SACK to the same network from where the SHOULD always try to send the SACK to the same network from where the
last DATA chunk was received. last DATA chunk was received.
Stewart, et al [Page 54]
Upon the reception of the SACK, the data sender SHALL remove all DATA Upon the reception of the SACK, the data sender SHALL remove all DATA
chunks which have been acknowledged by the SACK. The data sender MUST chunks which have been acknowledged by the SACK. The data sender MUST
also treat all the DATA chunks which fall into the gaps between the also treat all the DATA chunks which fall into the gaps between the
fragments reported by the SACK as "missing". The number of "missing" fragments reported by the SACK as "missing". The number of "missing"
reports for each outstanding DATA chunk MUST be recorded by the data reports for each outstanding DATA chunk MUST be recorded by the data
sender in order to make retransmission decision, see Section 6.2.4 for sender in order to make retransmission decision, see Section 6.2.4 for
details. details.
The following example shows the use of SACK to report a gap. The following example shows the use of SACK to report a gap.
Endpoint A Endpoint Z Endpoint A Endpoint Z
{App sends 3 messages; strm 0} {App sends 3 messages; strm 0}
DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed)
(Start T3-rxt timer) (Start T3-rxt timer)
Stewart, et al [Page 55]
DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) DATA [TSN=7,Strm=0,Seq=3] --------> X (lost)
DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected,
immediately send ack) immediately send ack)
/----- SACK [TSN ACK=6,Frag=1, /----- SACK [TSN ACK=6,Frag=1,
/ Strt=2,End=2] / Strt=2,End=2]
<-----/ <-----/
(remove 6 and 8 from out-queue, (remove 6 and 8 from out-queue,
and strike 7 as "1" missing report) and strike 7 as "1" missing report)
skipping to change at page 91, line ? skipping to change at line 2963
1) fill in the proper Verification Tag in the SCTP common header and 1) fill in the proper Verification Tag in the SCTP common header and
initialize the Adler-32 checksum filed to 0's. initialize the Adler-32 checksum filed to 0's.
2) calculate the Adler-32 checksum of the whole datagram, including the 2) calculate the Adler-32 checksum of the whole datagram, including the
SCTP common header and all the chunks. Refer to Sections 8.2 and 9 SCTP common header and all the chunks. Refer to Sections 8.2 and 9
in [2] for details of the Adler-32 algorithm. And, in [2] for details of the Adler-32 algorithm. And,
3) put the resultant value into the Adler-32 checksum field in the 3) put the resultant value into the Adler-32 checksum field in the
common header, and leave the rest of the bits unchanged. common header, and leave the rest of the bits unchanged.
Stewart, et al [Page 55]
When an SCTP datagram is received, the receiver MUST first check the When an SCTP datagram is received, the receiver MUST first check the
Adler-32 checksum: Adler-32 checksum:
1) store the received Adler-32 checksum value aside, 1) store the received Adler-32 checksum value aside,
2) replace the 32 bits of the Adler-32 checksum field in the received 2) replace the 32 bits of the Adler-32 checksum field in the received
SCTP datagram with all '0's and calculate an Adler-32 checksum SCTP datagram with all '0's and calculate an Adler-32 checksum
value of the whole received datagram. And, value of the whole received datagram. And,
3) verify that the calculated Adler-32 checksum is the same as the 3) verify that the calculated Adler-32 checksum is the same as the
received Adler-32 checksum, If not, the receiver MUST treat the received Adler-32 checksum, If not, the receiver MUST treat the
datagram as an invalid SCTP datagram. datagram as an invalid SCTP datagram.
The default procedure of handling invalid SCTP datagrams is to The default procedure of handling invalid SCTP datagrams is to
silently discard them. silently discard them.
Stewart, et al [Page 56]
5.9 Segmentation 5.9 Segmentation
Segmentation MUST be performed by the data sender if the user message Segmentation MUST be performed by the data sender if the user message
to be sent has a large size that causes the outbound SCTP datagram to be sent has a large size that causes the outbound SCTP datagram
size exceeding the current MTU. size exceeding the current MTU.
Note, if the data receiver is multi-homed, the sender shall choose a Note, if the data receiver is multi-homed, the sender shall choose a
size no larger than the latest MTU of the current primary destination size no larger than the latest MTU of the current primary destination
address. address.
skipping to change at page 91, line ? skipping to change at line 3016
datagram smaller than or equal to the current MTU, datagram smaller than or equal to the current MTU,
2) the data sender MUST then assign, in sequence, a separate TSN to 2) the data sender MUST then assign, in sequence, a separate TSN to
each of the DATA chunks in the series, each of the DATA chunks in the series,
3) the data sender MUST also set the B/E bits of the first DATA chunk 3) the data sender MUST also set the B/E bits of the first DATA chunk
in the series to '10', the B/E bits of the last DATA chunk in the in the series to '10', the B/E bits of the last DATA chunk in the
series to '01', and the B/E bits of all other DATA chunks in the series to '01', and the B/E bits of all other DATA chunks in the
series to '00'. series to '00'.
Stewart, et al [Page 56]
The data receiver MUST recognize the segmented DATA chunks, by The data receiver MUST recognize the segmented DATA chunks, by
examining the B/E bits in each of the received DATA chunks, and queue examining the B/E bits in each of the received DATA chunks, and queue
the segmented DATA chunks for re-assembly. Then, it shall pass the the segmented DATA chunks for re-assembly. Then, it shall pass the
re-assembled user message to the specific stream for possible re-assembled user message to the specific stream for possible
re-ordering and final dispatching. re-ordering and final dispatching.
Note, if the data receiver runs out of buffer space while still Note, if the data receiver runs out of buffer space while still
waiting for more segments to complete the re-assembly of the message, waiting for more segments to complete the re-assembly of the message,
it should dispatch part of its inbound message through a partial it should dispatch part of its inbound message through a partial
delivery API (see Section 9), freeing some of its receive buffer space delivery API (see Section 9), freeing some of its receive buffer space
so that the rest of the message may be received. so that the rest of the message may be received.
Stewart, et al [Page 57]
5.10 Bundling and Multiplexing 5.10 Bundling and Multiplexing
An SCTP sender achieves data bundling by simply including multiple An SCTP sender achieves data bundling by simply including multiple
DATA chunks in one outbound SCTP datagram. Note that the total size of DATA chunks in one outbound SCTP datagram. Note that the total size of
the resultant IP datagram, including the SCTP datagram and IP headers, the resultant IP datagram, including the SCTP datagram and IP headers,
MUST be less or equal to the current MTU. MUST be less or equal to the current MTU.
Note, if the data receiver is multi-homed, the sender shall choose a Note, if the data receiver is multi-homed, the sender shall choose a
size no larger than the latest MTU of the current primary destination size no larger than the latest MTU of the current primary destination
address. address.
skipping to change at page 91, line ? skipping to change at line 3063
6. Congestion control 6. Congestion control
Congestion control is one of the basic functions in the SCTP protocol. Congestion control is one of the basic functions in the SCTP protocol.
For some applications, it may be likely that adequate resources will For some applications, it may be likely that adequate resources will
be allocated to SCTP traffic to assure prompt delivery of be allocated to SCTP traffic to assure prompt delivery of
time-critical SCTP data - thus it would appear to be unlikely, during time-critical SCTP data - thus it would appear to be unlikely, during
normal operations, that SCTP transmissions encounter severe congestion normal operations, that SCTP transmissions encounter severe congestion
condition. However SCTP must prepare itself for adverse operational condition. However SCTP must prepare itself for adverse operational
conditions, which can develop upon partial network failures or conditions, which can develop upon partial network failures or
unexpected traffic surge. In such situations SCTP must follow correct unexpected traffic surges. In such situations SCTP must follow correct
congestion control steps to recover from congestion quickly in order congestion control steps to recover from congestion quickly in order
to get data delivered as soon as possible. In the absence of network to get data delivered as soon as possible. In the absence of network
congestion, these preventive congestion control algorithms should show congestion, these preventive congestion control algorithms should show
no impact on the protocol performance. no impact on the protocol performance.
Stewart, et al [Page 57]
IMPLEMENTATION NOTE: as far as its specific performance requirements IMPLEMENTATION NOTE: as far as its specific performance requirements
are met, an implementation is always allowed to adopt a more are met, an implementation is always allowed to adopt a more
conservative congestion control algorithm than the one defined conservative congestion control algorithm than the one defined
below. below.
The congestion control algorithms used by SCTP are based on RFC 2581 The congestion control algorithms used by SCTP are based on RFC 2581
[3], "TCP Congestion Control". This section describes how the [3], "TCP Congestion Control". This section describes how the
algorithms defined in RFC 2581 are adopted for use in SCTP. We first algorithms defined in RFC 2581 are adopted for use in SCTP. We first
list differences in protocol designs between TCP and SCTP, and then list differences in protocol designs between TCP and SCTP, and then
describe SCTP's congestion control scheme. The description will use describe SCTP's congestion control scheme. The description will use
the same terminology as in TCP congestion control whenever the same terminology as in TCP congestion control whenever
appropriate. appropriate.
Note: SCTP congestion control is always applied to the entire association,
and NOT to individual streams.
Stewart, et al [Page 58]
6.1 SCTP Differences from TCP Congestion control 6.1 SCTP Differences from TCP Congestion control
One difference between SCTP and TCP is that Selective Acknowledgment One difference between SCTP and TCP is that the Selective
function (SACK) is designed into SCTP, rather than an enhancement that Acknowledgment function (SACK) is designed into SCTP, rather than an
is added to the protocol later as is the case for TCP. SCTP SACK enhancement that is added to the protocol later as is the case for
carries different semantic meanings from that of TCP SACK. TCP TCP. SCTP SACK carries the same semantic meaning with that of TCP
considers the information carried in the SACK as advisory information SACK. TCP and SCTP considers the information carried in the SACK as
only. In SCTP, any DATA chunk that has been acknowledged by SACK, advisory information only. In SCTP, any DATA chunk that has been
including DATA that arrived at the receiving end out of order, are acknowledged by SACK, including DATA that arrived at the receiving end
considered having been delivered to the destination application, and out of order, are NOT considered fully delivered until the Cumulative
the sender is free to discard the local copy. Consequently, the value Acknowledgement point passes the acknowledged DATA chunk. Consequently,
of cwnd controls the amount of outstanding data, rather than the upper the value of cwnd controls the amount of outstanding data, rather than
bound between the highest acknowledged sequence number and the latest the upper bound between the highest acknowledged sequence number and
DATA chunk that can be sent within the congestion window, as is the the latest DATA chunk that can be sent within the congestion window,
case in TCP. SCTP SACK leads to different implementations of as is the case in non-SACK TCP. SCTP SACK leads to different
fast-retransmit and fast-recovery from that of TCP. implementations of fast-retransmit and fast-recovery from that of
non-SACK TCP. As an example see [16].
The biggest difference between SCTP and TCP, however, is multi-homing. The biggest difference between SCTP and TCP, however, is multi-homing.
SCTP is designed to establish robust communication associations SCTP is designed to establish robust communication associations
between two end points each of which may be reachable by more than one between two end points each of which may be reachable by more than one
transport address. Potentially different addresses may lead to transport address. Potentially different addresses may lead to
distinguished data paths between the two points, thus ideally one may distinguished data paths between the two points, thus ideally one may
need a separate set of congestion control parameters for each of the need a separate set of congestion control parameters for each of the
paths. The treatment here of congestion control for multi-homed paths. The treatment here of congestion control for multi-homed
receivers is new with SCTP and may require refinement in the receivers is new with SCTP and may require refinement in the
future. The current algorithms make the following assumptions: future. The current algorithms make the following assumptions:
o The sender always uses the same destination address until being o The sender always uses the same destination address until being
instructed by the upper layer otherwise. instructed by the upper layer otherwise.
o The sender keeps a separate congestion control parameter set for each o The sender keeps a separate congestion control parameter set for each
of the destination addresses. The parameters should decay if the of the destination addresses it can send to (NOT each source-destination
address is not used for a long enough time period. pair but for each destination) . The parameters should decay if
the address is not used for a long enough time period.
o For each of the destination addresses, do slow-start upon the first o For each of the destination addresses, do slow-start upon the first
transmission to that address. transmission to that address.
Stewart, et al [Page 58]
6.2 SCTP Slow-Start and Congestion Avoidance 6.2 SCTP Slow-Start and Congestion Avoidance
The slow start and congestion avoidance algorithms MUST be used by a The slow start and congestion avoidance algorithms MUST be used by a
SCTP sender to control the amount of outstanding data being injected SCTP sender to control the amount of outstanding data being injected
into the network. The congestion control in SCTP is employed in regard into the network. The congestion control in SCTP is employed in regard
to the association, not to an individual stream. In some situations it to the association, not to an individual stream. In some situations it
may be beneficial for an SCTP sender to be more conservative than the may be beneficial for an SCTP sender to be more conservative than the
algorithms allow, however an SCTP sender MUST NOT be more aggressive algorithms allow, however an SCTP sender MUST NOT be more aggressive
than the following algorithms allow. than the following algorithms allow.
Like TCP, an SCTP sender uses the following three control variables to Like TCP, an SCTP sender uses the following three control variables on a
regulate its transmission rate. per destination basis to regulate its transmission rate.
Stewart, et al [Page 59]
o Receiver advertised window size (rwnd, in octets), which is set by o Receiver advertised window size (rwnd, in octets), which is set by
the receiver based on its available buffer space for incoming packets. the receiver based on its available buffer space for incoming packets.
o Congestion control window (cwnd, in octets), which is adjusted by o Congestion control window (cwnd, in octets), which is adjusted by
the sender based on observed network conditions. the sender based on observed network conditions.
o Slow-start threshold (ssthresh, in octets), which is used by the o Slow-start threshold (ssthresh, in octets), which is used by the
sender to distinguish slow start and congestion avoidance phases. sender to distinguish slow start and congestion avoidance phases.
SCTP also requires one additional control variable, partial_bytes_acked, SCTP also requires one additional control variable, partial_bytes_acked,
which is used during congestion avoidance phase to facilitate cwnd which is used during congestion avoidance phase to facilitate cwnd
adjustment. adjustment.
Unlike TCP, an SCTP sender MUST keep a set of these control variables
for EACH destination address of its peer (when its peer is multi-homed).
6.2.1 Slow-Start 6.2.1 Slow-Start
Beginning data transmission into a network with unknown conditions Beginning data transmission into a network with unknown conditions
requires SCTP to probe the network to determine the available capacity. requires SCTP to probe the network to determine the available capacity.
The slow start algorithm is used for this purpose at the beginning of a The slow start algorithm is used for this purpose at the beginning of a
transfer, or after repairing loss detected by the retransmission timer. transfer, or after repairing loss detected by the retransmission timer.
o The initial cwnd before data transmission or after a sufficiently o The initial cwnd before data transmission or after a sufficiently
long idle period MUST be <= 2*MTU. long idle period MUST be <= 2*MTU.
skipping to change at page 91, line ? skipping to change at line 3184
octets of data outstanding on that transport address. octets of data outstanding on that transport address.
o When cwnd is less than or equal to ssthresh an SCTP sender MUST use o When cwnd is less than or equal to ssthresh an SCTP sender MUST use
the slow start algorithm to increase cwnd (assuming the current the slow start algorithm to increase cwnd (assuming the current
congestion window is being fully utilized). If the incoming SACK congestion window is being fully utilized). If the incoming SACK
advances the cumulative TSN, cwnd MUST be increased by at most the advances the cumulative TSN, cwnd MUST be increased by at most the
lesser of 1) the total size of the previously outstanding DATA lesser of 1) the total size of the previously outstanding DATA
chunk(s) acknowledged, and 2) the destinations path MTU. chunk(s) acknowledged, and 2) the destinations path MTU.
This prevents against the ACK-Splitting attack outlined in [15]. This prevents against the ACK-Splitting attack outlined in [15].
Stewart, et al [Page 59]
NOTE: In instances where the data receiver endpoint is multi-homed, NOTE: In instances where the data receiver endpoint is multi-homed,
if a SACK arrives at the data sender that advances the if a SACK arrives at the data sender that advances the
sender's cumulative TSN point, then the data sender should update sender's cumulative TSN point, then the data sender should update
its cwnd (or cwnds) apportioned to the destination addresses where its cwnd (or cwnds) apportioned to the destination addresses where
the data was transmitted to. However if the SACK does not advance the data was transmitted to. However if the SACK does not advance
the cumulative TSN point, the data sender MUST not adjust the cwnd the cumulative TSN point, the data sender MUST not adjust the cwnd
of any of the destination addresses. of any of the destination addresses.
Stewart, et al [Page 60]
NOTE: because an SCTP data sender's cwnd is not tied to its NOTE: because an SCTP data sender's cwnd is not tied to its
cumulative TSN point, as duplicate SACKs come in, even though they cumulative TSN point, as duplicate SACKs come in, even though they
may not advance the cumulative TSN point an SCTP sender can still may not advance the cumulative TSN point an SCTP sender can still
use them to clock out new data. That is, the data newly use them to clock out new data. That is, the data newly
acknowledged by the SACK diminishes the amount of data now in acknowledged by the SACK diminishes the amount of data now in
flight to less than cwnd; and so the current, unchanged value of flight to less than cwnd; and so the current, unchanged value of
cwnd now allows new data to be sent. On the other hand, the cwnd now allows new data to be sent. On the other hand, the
increase of cwnd must be tied to the cumulative TSN advancement as increase of cwnd must be tied to the cumulative TSN advancement as
specified above. Otherwise the duplicate SACKs will not only clock specified above. Otherwise the duplicate SACKs will not only clock
out new data, but also will adversely clock out *more* new data out new data, but also will adversely clock out *more* new data
skipping to change at page 91, line ? skipping to change at line 3234
o When partial_bytes_acked is equal or greater than cwnd and before o When partial_bytes_acked is equal or greater than cwnd and before
the arrival of the SACK the sender has cwnd or more octets of data the arrival of the SACK the sender has cwnd or more octets of data
outstanding, increase cwnd by MTU, and reset partial_bytes_acked to outstanding, increase cwnd by MTU, and reset partial_bytes_acked to
(partial_bytes_acked - cwnd). (partial_bytes_acked - cwnd).
o Same as in the slow start, when the sender does not transmit data on o Same as in the slow start, when the sender does not transmit data on
a given transport address, the cwnd of the transport address should a given transport address, the cwnd of the transport address should
be adjusted to max(cwnd / 2, 2*MTU) per RTO. be adjusted to max(cwnd / 2, 2*MTU) per RTO.
Stewart, et al [Page 60] o When all of the data transmitted by the sender has been acknowledged
by the receiver, partial_bytes_acked is initialized to 0.
6.2.3 Congestion Control 6.2.3 Congestion Control
Upon detection of packet losses from SACK reports (see section 6.2.4), Upon detection of packet losses from SACK reports (see section 6.2.4),
the sender should do the following: the sender should do the following:
ssthresh = max(cwnd/2, 2*MTU) ssthresh = max(cwnd/2, 2*MTU)
cwnd = ssthresh cwnd = ssthresh
Stewart, et al [Page 61]
Basically, a packet loss causes cwnd to be cut in half. Basically, a packet loss causes cwnd to be cut in half.
When the T3-rxt timer expires on an address, SCTP should perform When the T3-rxt timer expires on an address, SCTP should perform
slow start by: slow start by:
ssthresh = max(cwnd/2, 2*MTU) ssthresh = max(cwnd/2, 2*MTU)
cwnd = 1*MTU cwnd = 1*MTU
and assure that no more than one data packet will be in flight on that and assure that no more than one data packet will be in flight on that
address until the sender receives acknowledgment for successful delivery address until the sender receives acknowledgment for successful delivery
skipping to change at page 91, line ? skipping to change at line 3294
4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest 4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest
outstanding TSN number sent to that address, or we are retransmitting outstanding TSN number sent to that address, or we are retransmitting
the first outstanding Data chunk sent to that address. the first outstanding Data chunk sent to that address.
Note, before the above adjustments, if the received SACK also Note, before the above adjustments, if the received SACK also
acknowledges new data chunks and advances the cumulative TSN point, acknowledges new data chunks and advances the cumulative TSN point,
the cwnd adjustment rules defined in Sections 6.2.1 and 6.2.2 must the cwnd adjustment rules defined in Sections 6.2.1 and 6.2.2 must
be applied first. be applied first.
Stewart, et al [Page 61]
A straightforward implementation of the above requires that the sender A straightforward implementation of the above requires that the sender
keeps a counter for each TSN hole first reported by a SACK; the keeps a counter for each TSN hole first reported by a SACK; the
counter keeps track of whether 3 subsequent SACKs have reported the counter keeps track of whether 3 subsequent SACKs have reported the
same hole. same hole.
Stewart, et al [Page 62]
Because cwnd in SCTP indirectly bounds the number of outstanding Because cwnd in SCTP indirectly bounds the number of outstanding
TSN's, the effect of TCP fast-recovery is achieved automatically with TSN's, the effect of TCP fast-recovery is achieved automatically with
no adjustment to the congestion control window size. no adjustment to the congestion control window size.
6.3 Path MTU Discovery 6.3 Path MTU Discovery
RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender
maintains an estimate of the maximum transmission unit (MTU) along a maintains an estimate of the maximum transmission unit (MTU) along a
given Internet path and refrains from sending datagrams along that given Internet path and refrains from sending datagrams along that
path which exceed the MTU, other than occasional attempts to probe for path which exceed the MTU, other than occasional attempts to probe for
skipping to change at page 91, line ? skipping to change at line 3348
discussion in section 6.5 of RFC 1191 applies: when retransmitting discussion in section 6.5 of RFC 1191 applies: when retransmitting
a datagram to a remote address for which the datagram appears a datagram to a remote address for which the datagram appears
too large for the path MTU to that address, the datagram SHOULD too large for the path MTU to that address, the datagram SHOULD
be retransmitted without the DF bit set, allowing it to possibly be retransmitted without the DF bit set, allowing it to possibly
be fragmented. Transmissions of new datagrams MUST have DF set. be fragmented. Transmissions of new datagrams MUST have DF set.
Other than these differences, the discussion of TCP's use of MTU Other than these differences, the discussion of TCP's use of MTU
discovery in RFCs 1191 and 1981 applies to SCTP, too, on a discovery in RFCs 1191 and 1981 applies to SCTP, too, on a
per-destination-address basis. per-destination-address basis.
Stewart, et al [Page 62] Stewart, et al [Page 63]
7. Fault Management 7. Fault Management
7.1 Endpoint Failure Detection 7.1 Endpoint Failure Detection
The data sender shall keep a counter on the total number of The data sender shall keep a counter on the total number of
consecutive retransmissions to its peer (including retransmissions to consecutive retransmissions to its peer (including retransmissions to
ALL the destination transport addresses of the peer if it is ALL the destination transport addresses of the peer if it is
multi-homed). multi-homed).
If the value of this counter exceeds the limit indicated in the If the value of this counter exceeds the limit indicated in the
skipping to change at page 91, line ? skipping to change at line 3397
clear the 'retrans.count' counter of the destination transport address clear the 'retrans.count' counter of the destination transport address
to which the datagram was last sent (or HEARTBEAT was sent). Note, to which the datagram was last sent (or HEARTBEAT was sent). Note,
when the data receiver is multi-homed and the last sent was a when the data receiver is multi-homed and the last sent was a
retransmission to an alternate address of the receiver, there exists retransmission to an alternate address of the receiver, there exists
an ambiguity as to whether or not the acknowledgment should be an ambiguity as to whether or not the acknowledgment should be
credited to the address of the last sent. However, this ambiguity does credited to the address of the last sent. However, this ambiguity does
not seem to bear any significant consequence to SCTP behavior. If this not seem to bear any significant consequence to SCTP behavior. If this
ambiguity is undesirable, the data sender may choose not to clear the ambiguity is undesirable, the data sender may choose not to clear the
'retrans.count' counter if the last sent was a retransmission. 'retrans.count' counter if the last sent was a retransmission.
Stewart, et al [Page 64]
Note, when configuring the SCTP endpoint, the user should avoid Note, when configuring the SCTP endpoint, the user should avoid
having the value of 'Association.Max.Retrans' larger than the having the value of 'Association.Max.Retrans' larger than the
summation of the 'Path.Max.Retrans' of all the destination addresses summation of the 'Path.Max.Retrans' of all the destination addresses
for the remote endpoint. Otherwise, all the destination addresses may for the remote endpoint. Otherwise, all the destination addresses may
become inactive while the endpoint still considers the peer endpoint become inactive while the endpoint still considers the peer endpoint
reachable. When this condition occurs, how the SCTP chooses to function reachable. When this condition occurs, how the SCTP chooses to function
is implementation specific. is implementation specific.
Stewart, et al [Page 63]
Note, when the primary destination address is marked inactive (due to Note, when the primary destination address is marked inactive (due to
excessive retransmissions, for instance), the sender MAY automatically excessive retransmissions, for instance), the sender MAY automatically
transmit new datagrams to an alternate destination address if one transmit new datagrams to an alternate destination address if one
exists and is active. This is, however, an implementation option. exists and is active. This is, however, an implementation option.
7.3 Path Heartbeat 7.3 Path Heartbeat
By default, an SCTP endpoint shall monitor the reachability of the By default, an SCTP endpoint shall monitor the reachability of the
idle destination transport address(es) of its peer by sending idle destination transport address(es) of its peer by sending
HEARTBEAT messages periodically to the destination transport HEARTBEAT messages periodically to the destination transport
skipping to change at page 91, line ? skipping to change at line 3451
optionally report to the upper layer the change of reachability of optionally report to the upper layer the change of reachability of
this destination address. After this, the endpoint should continue this destination address. After this, the endpoint should continue
heartbeat on this destination address but should stop increasing the heartbeat on this destination address but should stop increasing the
counter. counter.
The sender of the HEARTBEAT message should include in the Heartbeat The sender of the HEARTBEAT message should include in the Heartbeat
Information field of the message the current time when the message is Information field of the message the current time when the message is
sent out and the information on the destination address to which the sent out and the information on the destination address to which the
message is sent. message is sent.
Stewart, et al [Page 65]
The receiver of the HEARTBEAT should immediately respond with a The receiver of the HEARTBEAT should immediately respond with a
HEARTBEAT ACK that contains the Heartbeat Information field copied out HEARTBEAT ACK that contains the Heartbeat Information field copied out
from the received HEARTBEAT message. from the received HEARTBEAT message.
Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT
should clear the 'retrans.count' counter of the destination transport should clear the 'retrans.count' counter of the destination transport
address to which the HEARTBEAT was sent, and mark the destination address to which the HEARTBEAT was sent, and mark the destination
transport address as active if it is not so marked. The endpoint may transport address as active if it is not so marked. The endpoint may
optionally report to the upper layer when an inactive destination optionally report to the upper layer when an inactive destination
address is marked as active due to the reception of the latest address is marked as active due to the reception of the latest
HEARTBEAT ACK. HEARTBEAT ACK.
Stewart, et al [Page 64]
The receiver of the HEARTBEAT ACK should also perform an RTT The receiver of the HEARTBEAT ACK should also perform an RTT
measurement for that destination transport address using the time measurement for that destination transport address using the time
value carried in the HEARTBEAT ACK message. value carried in the HEARTBEAT ACK message.
On an idle destination address that is allowed to heartbeat, HEARTBEAT On an idle destination address that is allowed to heartbeat, HEARTBEAT
messages is RECOMMENDED to be sent once per RTO of that destination messages is RECOMMENDED to be sent once per RTO of that destination
address, with jittering of +/- 50%, and exponential back-off if the address, with jittering of +/- 50%, and exponential back-off if the
previous HEARTBEAT is unanswered. previous HEARTBEAT is unanswered.
A primitive is provided for the SCTP user to change the heart A primitive is provided for the SCTP user to change the heart
skipping to change at page 91, line ? skipping to change at line 3502
further action. Otherwise, further action. Otherwise,
2) the receiver should respond the sender of the OOTB datagram with an 2) the receiver should respond the sender of the OOTB datagram with an
ABORT. When sending the ABORT, the receiver of the OOTB datagram ABORT. When sending the ABORT, the receiver of the OOTB datagram
MUST fill in the Verification Tag field of the outbound datagram MUST fill in the Verification Tag field of the outbound datagram
with the value found in the Verification Tag field of the OOTB with the value found in the Verification Tag field of the OOTB
datagram. After sending this ABORT, the receiver of the OOTB datagram. After sending this ABORT, the receiver of the OOTB
datagram shall discard the OOTB datagram and take no further datagram shall discard the OOTB datagram and take no further
action. action.
Stewart, et al [Page 66]
7.5 Verification Tag 7.5 Verification Tag
The Verification Tag rules defined in this section apply when sending The Verification Tag rules defined in this section apply when sending
or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN
ACK, or ABORT chunk. The rules for sending and receiving SCTP ACK, or ABORT chunk. The rules for sending and receiving SCTP
datagrams containing one of these chunk types are discussed separately datagrams containing one of these chunk types are discussed separately
in Section 7.5.1. in Section 7.5.1.
When sending an SCTP datagram, the sender MUST fill in the When sending an SCTP datagram, the sender MUST fill in the
Verification Tag field of the outbound datagram with the tag value of Verification Tag field of the outbound datagram with the tag value of
the peer endpoint to which this SCTP datagram is destined. the peer endpoint to which this SCTP datagram is destined.
When receiving an SCTP datagram, the receiver MUST ensure that the When receiving an SCTP datagram, the receiver MUST ensure that the
value in the Verification Tag field of the received SCTP datagram value in the Verification Tag field of the received SCTP datagram
matches its own Tag. If the received tag value does not match the matches its own Tag. If the received tag value does not match the
receiver's own tag value, the receiver shall silently discard the receiver's own tag value, the receiver shall silently discard the
datagram and shall not process it any further. datagram and shall not process it any further.
Stewart, et al [Page 65]
7.5.1 Exceptions in Verification Tag Rules 7.5.1 Exceptions in Verification Tag Rules
A) Rules for datagram carrying INIT: A) Rules for datagram carrying INIT:
- The sender MUST set the Verification Tag of the datagram to 0. - The sender MUST set the Verification Tag of the datagram to 0.
- The receiver, when noticing an incoming SCTP datagram with the - The receiver, when noticing an incoming SCTP datagram with the
Verification Tag set to 0, should continue to process the datagram Verification Tag set to 0, should continue to process the datagram
only if an INIT chunk is present. Otherwise, the receiver MUST only if an INIT chunk is present. Otherwise, the receiver MUST
silently discard the datagram and take no further action. silently discard the datagram and take no further action.
skipping to change at page 91, line ? skipping to change at line 3556
- When sending a SHUTDOWN ACK, the sender is allowed to either use - When sending a SHUTDOWN ACK, the sender is allowed to either use
the destination endpoint's tag or set the Verification Tag field the destination endpoint's tag or set the Verification Tag field
of the outbound datagram to 0. of the outbound datagram to 0.
- The receiver of a SHUTDOWN ACK shall accept the datagram IF the - The receiver of a SHUTDOWN ACK shall accept the datagram IF the
Verification Tag field of the datagram matches its own tag OR is Verification Tag field of the datagram matches its own tag OR is
set to 0. Otherwise, the receiver MUST silently discard the set to 0. Otherwise, the receiver MUST silently discard the
datagram and take no further action. NOTE: the receiver of the datagram and take no further action. NOTE: the receiver of the
SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN
SENT state. SENT state.
Stewart, et al [Page 67]
8. Termination of Association 8. Termination of Association
All existing associations should be terminated when an endpoint exits All existing associations should be terminated when an endpoint exits
from service. An association can be terminated by either close or from service. An association can be terminated by either close or
shutdown. shutdown.
8.1 Close of an Association 8.1 Close of an Association
When an endpoint decides to close down an existing association, it When an endpoint decides to close down an existing association, it
shall send an ABORT message to its peer endpoint. The sender MUST fill shall send an ABORT message to its peer endpoint. The sender MUST fill
skipping to change at page 91, line ? skipping to change at line 3579
bundle any DATA chunk with the ABORT. bundle any DATA chunk with the ABORT.
No acknowledgment is required for an ABORT message. In any No acknowledgment is required for an ABORT message. In any
circumstances, an endpoint MUST NOT respond to any received datagram circumstances, an endpoint MUST NOT respond to any received datagram
that contains an ABORT with its own ABORT (also see Section 7.4). that contains an ABORT with its own ABORT (also see Section 7.4).
The receiver shall apply the special Verification Tag check rules The receiver shall apply the special Verification Tag check rules
described in Section 7.5.1 when handling the datagram carrying an described in Section 7.5.1 when handling the datagram carrying an
ABORT. ABORT.
Stewart, et al [Page 66]
After checking the Verification Tag, the peer shall remove the After checking the Verification Tag, the peer shall remove the
association from its record, and shall report the termination to its association from its record, and shall report the termination to its
upper layer. upper layer.
8.2 Shutdown of an Association 8.2 Shutdown of an Association
Using the TERMINATE primitive (see Section 9.1), the upper layer of an Using the TERMINATE primitive (see Section 9.1), the upper layer of an
endpoint in an association can gracefully shutdown the association. endpoint in an association can gracefully shutdown the association.
This will guarantee that all outstanding datagrams from the peer of This will guarantee that all outstanding datagrams from the peer of
the shutdown initiator be delivered before the association the shutdown initiator be delivered before the association
skipping to change at page 91, line ? skipping to change at line 3610
peer in the 'Cumulative TSN ACK' field. It shall then start the peer in the 'Cumulative TSN ACK' field. It shall then start the
T2-shutdown timer and enter the Shutdown-sent state. If the timer T2-shutdown timer and enter the Shutdown-sent state. If the timer
expires, the initiator must re-send the SHUTDOWN with the updated last expires, the initiator must re-send the SHUTDOWN with the updated last
TSN received from its peer. TSN received from its peer.
The same rules in 5.3 SHALL be followed to determine the proper timer The same rules in 5.3 SHALL be followed to determine the proper timer
value for T2-shutdown. The sender of the SHUTDOWN message may also value for T2-shutdown. The sender of the SHUTDOWN message may also
optionally include a SACK to indicate any gaps by bundling both the optionally include a SACK to indicate any gaps by bundling both the
SACK and SHUTDOWN message together. SACK and SHUTDOWN message together.
Stewart, et al [Page 68]
Note the sender of a shutdown should limit the number of Note the sender of a shutdown should limit the number of
retransmissions of the shutdown message to the protocol parameter retransmissions of the shutdown message to the protocol parameter
'Association.Max.Retrans'. If this threshold is exceeded the endpoint 'Association.Max.Retrans'. If this threshold is exceeded the endpoint
should destroy the TCB and may report the endpoint unreachable to the should destroy the TCB and may report the endpoint unreachable to the
upper layer (and thus the association enters the CLOSED state). upper layer (and thus the association enters the CLOSED state).
Upon the reception of the SHUTDOWN, the peer shall enter the Upon the reception of the SHUTDOWN, the peer shall enter the
Shutdown-received state, and shall verify, by checking the TSN ACK Shutdown-received state, and shall verify, by checking the TSN ACK
field of the message, that all its outstanding datagrams have been field of the message, that all its outstanding datagrams have been
received by the initiator. received by the initiator.
skipping to change at page 91, line ? skipping to change at line 3634
them for retransmission and start the retransmit procedure as defined them for retransmission and start the retransmit procedure as defined
in Section 5.3. in Section 5.3.
While in Shutdown-sent state, the initiator shall immediately respond While in Shutdown-sent state, the initiator shall immediately respond
to each inbound SCTP datagram containing user data from the peer with to each inbound SCTP datagram containing user data from the peer with
a SACK and restart the T2-shutdown timer. a SACK and restart the T2-shutdown timer.
If there is no more outstanding datagrams, the peer shall send a If there is no more outstanding datagrams, the peer shall send a
SHUTDOWN ACK and then remove all record of the association. SHUTDOWN ACK and then remove all record of the association.
Stewart, et al [Page 67]
Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the
T2-shutdown timer and remove all record of the association. T2-shutdown timer and remove all record of the association.
Note: that it should be the responsibility of the initiator to assure Note: that it should be the responsibility of the initiator to assure
that all the outstanding datagrams on its side have been resolved that all the outstanding datagrams on its side have been resolved
before it initiates the shutdown procedure. before it initiates the shutdown procedure.
Note: an endpoint shall reject any new data request from its upper Note: an endpoint shall reject any new data request from its upper
layer if it is in Shutdown-sent or Shutdown-received state until layer if it is in Shutdown-sent or Shutdown-received state until
completion of the sequence. completion of the sequence.
skipping to change at page 91, line ? skipping to change at line 3664
SHUTDOWN message from its peer, the endpoint shall respond SHUTDOWN message from its peer, the endpoint shall respond
immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer
and remove all record of the association. and remove all record of the association.
9. Interface with Upper Layer 9. Interface with Upper Layer
The Upper Layer Protocols (ULP) shall request for services by passing The Upper Layer Protocols (ULP) shall request for services by passing
primitives to SCTP and shall receive notifications from SCTP for primitives to SCTP and shall receive notifications from SCTP for
various events. various events.
Stewart, et al [Page 69]
The primitives and notifications described in this section should be The primitives and notifications described in this section should be
used as a guideline for implementing SCTP. The following functional used as a guideline for implementing SCTP. The following functional
description of ULP interface primitives is shown for illustrative description of ULP interface primitives is shown for illustrative
purposes. We must warn readers that different SCTP implementations may purposes. We must warn readers that different SCTP implementations may
have different ULP interfaces. However, all SCTPs must provide a have different ULP interfaces. However, all SCTPs must provide a
certain minimum set of services to guarantee that all SCTP certain minimum set of services to guarantee that all SCTP
implementations can support the same protocol hierarchy. implementations can support the same protocol hierarchy.
9.1 ULP-to-SCTP 9.1 ULP-to-SCTP
skipping to change at page 91, line ? skipping to change at line 3690
The ULP primitives described below specify the basic functions the The ULP primitives described below specify the basic functions the
SCTP must perform to support inter-process communication. Individual SCTP must perform to support inter-process communication. Individual
implementations must define their own exact format, and may provide implementations must define their own exact format, and may provide
combinations or subsets of the basic functions in single calls. combinations or subsets of the basic functions in single calls.
A) Initialize A) Initialize
Format: INITIALIZE ([local port], [local eligible address]) Format: INITIALIZE ([local port], [local eligible address])
-> local SCTP instance name -> local SCTP instance name
Stewart, et al [Page 68]
This primitive allows SCTP to initialize its internal data structures This primitive allows SCTP to initialize its internal data structures
and allocate necessary resources for setting up its operation and allocate necessary resources for setting up its operation
environment. Note that once SCTP is initialized, ULP can communicate environment. Note that once SCTP is initialized, ULP can communicate
directly with other endpoints without re-invoking this primitive. directly with other endpoints without re-invoking this primitive.
A local SCTP instance name will be returned to the ULP by the SCTP. A local SCTP instance name will be returned to the ULP by the SCTP.
Mandatory attributes: Mandatory attributes:
None. None.
skipping to change at page 91, line ? skipping to change at line 3718
o local eligible address - A single address that the local SCTP o local eligible address - A single address that the local SCTP
endpoint should bind. By default all transport interface cards endpoint should bind. By default all transport interface cards
should be used by the local endpoint. should be used by the local endpoint.
IMPLEMENTATION NOTE: if this optional attribute is supported by an IMPLEMENTATION NOTE: if this optional attribute is supported by an
implementation, it will be the responsibility of the implementation implementation, it will be the responsibility of the implementation
to enforce that the IP source address field of any SCTP datagrams to enforce that the IP source address field of any SCTP datagrams
sent out by this endpoint MUST contain the IP addresses sent out by this endpoint MUST contain the IP addresses
indicated in the local eligible address. indicated in the local eligible address.
Stewart, et al [Page 70]
B) Associate B) Associate
Format: ASSOCIATE(local SCTP instance name, destination transport Format: ASSOCIATE(local SCTP instance name, destination transport
addr, outbound stream count) addr, outbound stream count)
-> association id [,destination transport addr list] [,outbound stream -> association id [,destination transport addr list] [,outbound stream
count] count]
This primitive allows the upper layer to initiate an association to a This primitive allows the upper layer to initiate an association to a
specific peer endpoint. specific peer endpoint.
The peer endpoint shall be specified by one of the transport addresses The peer endpoint shall be specified by one of the transport addresses
which defines the endpoint (see section 1.4). If the local SCTP which defines the endpoint (see section 1.4). If the local SCTP
instance has not been initialized, the ASSOCIATE is considered an instance has not been initialized, the ASSOCIATE is considered an
error. error.
An association id, which is a local handle to the SCTP association, An association id, which is a local handle to the SCTP association,
will be returned on successful establishment of the association. If will be returned on successful establishment of the association. If
SCTP is not able to open an SCTP association with the peer endpoint, SCTP is not able to open an SCTP association with the peer endpoint,
an error is returned. an error is returned.
Stewart, et al [Page 69]
Other association parameters may be returned, including the complete Other association parameters may be returned, including the complete
destination transport addresses of the peer as well as the outbound destination transport addresses of the peer as well as the outbound
stream count of the local endpoint. One of the transport address from stream count of the local endpoint. One of the transport address from
the returned destination addresses will be selected by the local the returned destination addresses will be selected by the local
endpoint as default primary destination address for sending SCTP endpoint as default primary destination address for sending SCTP
datagrams to this peer. The returned "destination transport addr datagrams to this peer. The returned "destination transport addr
list" can be used by the ULP to change the default primary destination list" can be used by the ULP to change the default primary destination
address or to force sending a datagram to a specific transport address. address or to force sending a datagram to a specific transport address.
IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a
skipping to change at page 91, line ? skipping to change at line 3772
addresses of the peer endpoint with which the association is to be addresses of the peer endpoint with which the association is to be
established. established.
o outbound stream count - the number of outbound streams the ULP o outbound stream count - the number of outbound streams the ULP
would like to open towards this peer endpoint. would like to open towards this peer endpoint.
Optional attributes: Optional attributes:
None. None.
Stewart, et al [Page 71]
C) Terminate C) Terminate
Format: TERMINATE(association id) Format: TERMINATE(association id)
-> result -> result
Gracefully terminates an association. Any locally queued user data Gracefully terminates an association. Any locally queued user data
will be delivered to the peer. The association will be terminated only will be delivered to the peer. The association will be terminated only
after the peer acknowledges all the messages sent. A success code after the peer acknowledges all the messages sent. A success code
will be returned on successful termination of the association. If will be returned on successful termination of the association. If
attempting to terminate the association results in a failure, an error attempting to terminate the association results in a failure, an error
code shall be returned. code shall be returned.
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
Optional attributes: Optional attributes:
None. None.
Stewart, et al [Page 70]
D) Abort D) Abort
Format: ABORT(association id [, cause code]) Format: ABORT(association id [, cause code])
-> result -> result
Ungracefully terminates an association. Any locally queued user data Ungracefully terminates an association. Any locally queued user data
will be discarded and an ABORT message is sent to the peer. A success will be discarded and an ABORT message is sent to the peer. A success
code will be returned on successful abortion of the association. If code will be returned on successful abortion of the association. If
attempting to abort the association results in a failure, an error attempting to abort the association results in a failure, an error
code shall be returned. code shall be returned.
skipping to change at page 91, line ? skipping to change at line 3819
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
Optional attributes: Optional attributes:
o cause code - reason of the abort to be passed to the peer. o cause code - reason of the abort to be passed to the peer.
None. None.
Stewart, et al [Page 72]
E) Send E) Send
Format: SEND(association id, buffer address, byte count [,context] Format: SEND(association id, buffer address, byte count [,context]
[,stream id] [,life time] [,destination transport address] [,un-order [,stream id] [,life time] [,destination transport address] [,un-order
flag] [,no-bundle flag]) flag] [,no-bundle flag])
-> result -> result
This is the main method to send user data via SCTP. This is the main method to send user data via SCTP.
Mandatory attributes: Mandatory attributes:
skipping to change at page 91, line ? skipping to change at line 3848
Optional attributes: Optional attributes:
o context - optional information that will be carried in the o context - optional information that will be carried in the
sending failure notification to the ULP if the transportation of sending failure notification to the ULP if the transportation of
this datagram fails. this datagram fails.
o stream id - to indicate which stream to send the data on. If not o stream id - to indicate which stream to send the data on. If not
specified, stream 0 will be used. specified, stream 0 will be used.
Stewart, et al [Page 71]
o life time - specifies the life time of the user data. The user data o life time - specifies the life time of the user data. The user data
will not be sent by SCTP after the life time expires. This will not be sent by SCTP after the life time expires. This
parameter can be used to avoid efforts to transmit stale parameter can be used to avoid efforts to transmit stale
user messages. SCTP notifies the ULP, if the data cannot be user messages. SCTP notifies the ULP, if the data cannot be
initiated to transport (i.e. sent to the destination via SCTP's initiated to transport (i.e. sent to the destination via SCTP's
send primitive) within the life time variable. However, the send primitive) within the life time variable. However, the
user data will be transmitted if a TSN has been assigned to the user data will be transmitted if a TSN has been assigned to the
user data before the life time expired. user data before the life time expired.
o destination transport address - specified as one of the destination o destination transport address - specified as one of the destination
skipping to change at page 91, line ? skipping to change at line 3870
transport address for sending the datagram, instead of the current transport address for sending the datagram, instead of the current
primary destination transport address. primary destination transport address.
o un-order flag - this flag, if present, indicates that the user o un-order flag - this flag, if present, indicates that the user
would like the data delivered in an un-ordered fashion to the peer. would like the data delivered in an un-ordered fashion to the peer.
o no-bundle flag - instructs SCTP not to bundle the user data with o no-bundle flag - instructs SCTP not to bundle the user data with
other outbound DATA chunks. Note: SCTP may still bundle even when other outbound DATA chunks. Note: SCTP may still bundle even when
this flag is present, when faced with network congestion. this flag is present, when faced with network congestion.
Stewart, et al [Page 73]
F) Set Primary F) Set Primary
Format: SETPRIMARY(association id, destination transport address) Format: SETPRIMARY(association id, destination transport address)
-> result -> result
Instructs the local SCTP to use the specified destination transport Instructs the local SCTP to use the specified destination transport
address as primary destination address for sending datagrams. address as primary destination address for sending datagrams.
The result of attempting this operation shall be returned. If the The result of attempting this operation shall be returned. If the
specified destination transport address is not present in the specified destination transport address is not present in the
skipping to change at page 91, line ? skipping to change at line 3893
command or communication up notification, an error shall be returned. command or communication up notification, an error shall be returned.
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o destination transport address - specified as one of the transport o destination transport address - specified as one of the transport
addresses of the peer endpoint, which should be used as primary addresses of the peer endpoint, which should be used as primary
address for sending datagrams. This overrides the current primary address for sending datagrams. This overrides the current primary
address information maintained by the local SCTP endpoint. address information maintained by the local SCTP endpoint.
Stewart, et al [Page 74]
Stewart, et al [Page 72]
G) Receive G) Receive
Format: RECEIVE(association id, buffer address, buffer size Format: RECEIVE(association id, buffer address, buffer size
[,stream id]) [,stream id])
-> byte count [,transport address] [,stream id] [,stream sequence number] -> byte count [,transport address] [,stream id] [,stream sequence number]
[,partial flag] [, delivery number] [,partial flag] [, delivery number]
This primitive shall read the first user message in the SCTP in-queue This primitive shall read the first user message in the SCTP in-queue
to ULP, if there is one available, into the specified buffer. The size to ULP, if there is one available, into the specified buffer. The size
skipping to change at page 91, line ? skipping to change at line 3938
o stream sequence number - the stream sequence number assigned by the o stream sequence number - the stream sequence number assigned by the
sending SCTP peer. sending SCTP peer.
o partial flag - if this returned flag is set to 1, then this o partial flag - if this returned flag is set to 1, then this
message is a partial delivery of the whole message. When message is a partial delivery of the whole message. When
this flag is set, the stream id and stream sequence number MUST this flag is set, the stream id and stream sequence number MUST
accompany this receive. When this flag is set to 0, it indicates accompany this receive. When this flag is set to 0, it indicates
that no more deliveries will be received for this stream sequence that no more deliveries will be received for this stream sequence
number. number.
Stewart, et al [Page 73] Stewart, et al [Page 75]
H) Status H) Status
Format: STATUS(association id) Format: STATUS(association id)
-> status data -> status data
This primitive should return a data block containing the following This primitive should return a data block containing the following
information: information:
association connection state, association connection state,
destination transport address list, destination transport address list,
skipping to change at page 91, line ? skipping to change at line 3996
o new state - the new state of heart beat for this destination o new state - the new state of heart beat for this destination
transport address (either enabled or disabled). transport address (either enabled or disabled).
Optional attributes: Optional attributes:
o interval - if present, indicates the frequency of the heart beat if o interval - if present, indicates the frequency of the heart beat if
this is to enable heart beat on a destination transport this is to enable heart beat on a destination transport
address. Default interval is the RTO of the destination address. address. Default interval is the RTO of the destination address.
Stewart, et al [Page 74] Stewart, et al [Page 76]
J) Request HeartBeat J) Request HeartBeat
Format: REQUESTHEARTBEAT(association id, destination transport Format: REQUESTHEARTBEAT(association id, destination transport
address) address)
-> result -> result
Instructs the local endpoint to perform a HeartBeat on the specified Instructs the local endpoint to perform a HeartBeat on the specified
destination transport address of the given association. The returned destination transport address of the given association. The returned
result should indicate whether the transmission of the HEARTBEAT result should indicate whether the transmission of the HEARTBEAT
skipping to change at page 91, line ? skipping to change at line 4033
returned result can be an integer containing the most recent SRTT in returned result can be an integer containing the most recent SRTT in
milliseconds. milliseconds.
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o destination transport address - the transport address of the o destination transport address - the transport address of the
association on which the SRTT measurement is to be reported. association on which the SRTT measurement is to be reported.
Stewart, et al [Page 77]
L) Set Failure Threshold L) Set Failure Threshold
Format: SETFAILURETHRESHOLD(association id, destination transport Format: SETFAILURETHRESHOLD(association id, destination transport
address, failure threshold) address, failure threshold)
-> result -> result
This primitive allows the local SCTP to customize the reachability This primitive allows the local SCTP to customize the reachability
failure detection threshold 'Path.Max.Retrans' for the specified failure detection threshold 'Path.Max.Retrans' for the specified
destination address. destination address.
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o destination transport address - the transport address of the o destination transport address - the transport address of the
association on which the failure detection threshold is to be set. association on which the failure detection threshold is to be set.
o failure threshold - the new value of 'Path.Max.Retrans' for the o failure threshold - the new value of 'Path.Max.Retrans' for the
destination address. destination address.
Stewart, et al [Page 75]
M) Set Protocol Parameters M) Set Protocol Parameters
Format: SETPROTOCOLPARAMETERS(association id, [,destination transport Format: SETPROTOCOLPARAMETERS(association id, [,destination transport
address,] protocol parameter list) address,] protocol parameter list)
-> result -> result
This primitive allows the local SCTP to customize the protocol This primitive allows the local SCTP to customize the protocol
parameters. parameters.
Mandatory attributes: Mandatory attributes:
skipping to change at page 91, line ? skipping to change at line 4087
9.2 SCTP-to-ULP 9.2 SCTP-to-ULP
It is assumed that the operating system or application environment It is assumed that the operating system or application environment
provides a means for the SCTP to asynchronously signal the ULP provides a means for the SCTP to asynchronously signal the ULP
process. When SCTP does signal an ULP process, certain information is process. When SCTP does signal an ULP process, certain information is
passed to the ULP. passed to the ULP.
IMPLEMENTATION NOTE: in some cases this may be done through a IMPLEMENTATION NOTE: in some cases this may be done through a
seperate socket or error channel. seperate socket or error channel.
Stewart, et al [Page 78]
A) DATA ARRIVE notification A) DATA ARRIVE notification
SCTP shall invoke this notification on the ULP when a user message is SCTP shall invoke this notification on the ULP when a user message is
successfully received and ready for retrieval. successfully received and ready for retrieval.
The following may be optionally be passed with the notification: The following may be optionally be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o stream id - to indicate which stream the data is received on. o stream id - to indicate which stream the data is received on.
Stewart, et al [Page 76]
B) SEND FAILURE notification B) SEND FAILURE notification
If a message can not be delivered SCTP shall invoke this notification If a message can not be delivered SCTP shall invoke this notification
on the ULP. on the ULP.
The following may be optionally be passed with the notification: The following may be optionally be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o data - the location ULP can find the un-delivered message. o data - the location ULP can find the un-delivered message.
skipping to change at page 91, line ? skipping to change at line 4132
The following shall be passed with the notification: The following shall be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o destination transport address - This indicates the destination o destination transport address - This indicates the destination
transport address of the peer endpoint affected by the change; transport address of the peer endpoint affected by the change;
o new-status - This indicates the new status. o new-status - This indicates the new status.
Stewart, et al [Page 79]
D) COMMUNICATION UP notification D) COMMUNICATION UP notification
This notification is used when SCTP becomes ready to send or receive This notification is used when SCTP becomes ready to send or receive
user messages, or when a lost communication to an endpoint is user messages, or when a lost communication to an endpoint is
restored. restored.
IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a
blocking function call, the association parameters are returned as a blocking function call, the association parameters are returned as a
result of the ASSOCIATE primitive itself. In that case, result of the ASSOCIATE primitive itself. In that case,
COMMUNICATION UP notification is optional at the association COMMUNICATION UP notification is optional at the association
skipping to change at page 91, line ? skipping to change at line 4155
The following shall be passed with the notification: The following shall be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o status - This indicates what type of event that has occurred o status - This indicates what type of event that has occurred
o destination transport address list - the complete set of transport o destination transport address list - the complete set of transport
addresses of the peer addresses of the peer
Stewart, et al [Page 77]
o outbound stream count - the maximum number of streams allowed to be o outbound stream count - the maximum number of streams allowed to be
used in this association by the ULP used in this association by the ULP
o inbound stream count - the number of streams the peer endpoint o inbound stream count - the number of streams the peer endpoint
has requested with this association (this may not be the same has requested with this association (this may not be the same
number has 'outbound stream count'). number has 'outbound stream count').
Stewart, et al [Page 80]
E) COMMUNICATION LOST notification E) COMMUNICATION LOST notification
When SCTP loses communication to an endpoint completely or detects When SCTP loses communication to an endpoint completely or detects
that the endpoint has performed an abort or graceful shutdown that the endpoint has performed an abort or graceful shutdown
operation, it shall invoke this notification on the ULP. operation, it shall invoke this notification on the ULP.
The following shall be passed with the notification: The following shall be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
skipping to change at page 91, line ? skipping to change at line 4207
When SCTP receives an ERROR chunk from its peer and decides to notify When SCTP receives an ERROR chunk from its peer and decides to notify
its ULP, it can invoke this notification on the ULP. its ULP, it can invoke this notification on the ULP.
The following can be passed with the notification: The following can be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o error info - this indicates the type of error and optionally some o error info - this indicates the type of error and optionally some
additional information received through the ERROR chunk. additional information received through the ERROR chunk.
Stewart, et al [Page 78] Stewart, et al [Page 81]
10. Security Considerations 10. Security Considerations
10.1 Security Objectives 10.1 Security Objectives
As a common transport protocol designed to reliably carry time- As a common transport protocol designed to reliably carry time-
sensitive user messages, such as billing or signaling messages for sensitive user messages, such as billing or signaling messages for
telephony services, between two networked endpoints, SCTP has the telephony services, between two networked endpoints, SCTP has the
following security objectives. following security objectives.
skipping to change at page 91, line ? skipping to change at line 4249
downloaded scripts and security software. downloaded scripts and security software.
10.2.1 Countering Insider Attacks 10.2.1 Countering Insider Attacks
The principles of the Site Security Handbook [13] should be applied The principles of the Site Security Handbook [13] should be applied
to minimize the risk of theft of information or sabotage by to minimize the risk of theft of information or sabotage by
insiders. These include publication of security policies, control insiders. These include publication of security policies, control
of access at the physical, software, and network levels, and of access at the physical, software, and network levels, and
separation of services. separation of services.
Stewart, et al [Page 82]
10.2.2 Protecting against Data Corruption in the Network 10.2.2 Protecting against Data Corruption in the Network
Where the risk of undetected errors in datagrams delivered by the Where the risk of undetected errors in datagrams delivered by the
lower layer transport services is considered to be too great, lower layer transport services is considered to be too great,
additional checksum protection may be required. The question is additional checksum protection may be required. The question is
whether this is appropriately provided as an SCTP service because it whether this is appropriately provided as an SCTP service because it
is needed by most potential users of SCTP, or whether instead it is needed by most potential users of SCTP, or whether instead it
should be provided by the SCTP user application. (The SCTP protocol should be provided by the SCTP user application. (The SCTP protocol
overhead, as opposed to the signaling payload, is protected overhead, as opposed to the signaling payload, is protected
adequately by the Adler-32 checksum and measures taken in SCTP to prevent adequately by the Adler-32 checksum and measures taken in SCTP to prevent
replay attacks and masquerade.) In any event, the checksum must be replay attacks and masquerade.) In any event, the checksum must be
specifically designed to ensure that it detects the errors left specifically designed to ensure that it detects the errors left
behind by the Adler-32 checksum. behind by the Adler-32 checksum.
Stewart, et al [Page 79]
10.2.3 Protecting Confidentiality 10.2.3 Protecting Confidentiality
In most cases, the risk of breach of confidentiality applies to the In most cases, the risk of breach of confidentiality applies to the
signaling data payload, not to the SCTP or lower-layer protocol signaling data payload, not to the SCTP or lower-layer protocol
overheads. If that is true, encryption of the SCTP user data only overheads. If that is true, encryption of the SCTP user data only
may be considered. As with the supplementary checksum service, user may be considered. As with the supplementary checksum service, user
data encryption may be performed by the SCTP user application. data encryption may be performed by the SCTP user application.
Particularly for mobile users, the requirement for confidentiality Particularly for mobile users, the requirement for confidentiality
may include the masking of IP addresses and ports. In this case may include the masking of IP addresses and ports. In this case
skipping to change at page 91, line ? skipping to change at line 4297
with and without intervening firewalls. with and without intervening firewalls.
10.2.4 Protecting against Blind Denial of Service Attacks 10.2.4 Protecting against Blind Denial of Service Attacks
A blind attack is one where the attacker is unable to intercept or A blind attack is one where the attacker is unable to intercept or
otherwise see the content of data flows passing to and from the otherwise see the content of data flows passing to and from the
target SCTP node where it is not a party to the association. Blind target SCTP node where it is not a party to the association. Blind
denial of service attacks may take the form of flooding, masquerade, denial of service attacks may take the form of flooding, masquerade,
or improper monopolization of services. or improper monopolization of services.
Stewart, et al [Page 83]
10.2.4.1 Flooding 10.2.4.1 Flooding
The objective of flooding is to cause loss of service and incorrect The objective of flooding is to cause loss of service and incorrect
behavior at target systems through resource exhaustion, interference behavior at target systems through resource exhaustion, interference
with legitimate transactions, and exploitation of buffer-related with legitimate transactions, and exploitation of buffer-related
software bugs. Flooding may be directed either at the SCTP node or at software bugs. Flooding may be directed either at the SCTP node or at
resources in the intervening IP Access Links or the Internetwork. resources in the intervening IP Access Links or the Internetwork.
Where the latter entities are the target, flooding will manifest Where the latter entities are the target, flooding will manifest
itself as loss of network services, including potentially the breach itself as loss of network services, including potentially the breach
of any firewalls in place. of any firewalls in place.
skipping to change at page 91, line ? skipping to change at line 4320
In general, protection against flooding begins at the equipment In general, protection against flooding begins at the equipment
design level, where it includes measures such as: design level, where it includes measures such as:
- avoiding commitment of limited resources before determining that - avoiding commitment of limited resources before determining that
the request for service is legitimate the request for service is legitimate
- giving priority to completion of processing in progress over the - giving priority to completion of processing in progress over the
acceptance of new work acceptance of new work
- identification and removal of duplicate or stale queued requests - identification and removal of duplicate or stale queued requests
for service. for service.
Stewart, et al [Page 80]
Network equipment should be capable of generating an alarm and log Network equipment should be capable of generating an alarm and log
if a suspicious increase in traffic occurs. The log should provide if a suspicious increase in traffic occurs. The log should provide
information such as the identity of the incoming link and source information such as the identity of the incoming link and source
address(es) used which will help the network or SCTP system operator address(es) used which will help the network or SCTP system operator
to take protective measures. Procedures should be in place for the to take protective measures. Procedures should be in place for the
operator to act on such alarms if a clear pattern of abuse emerges. operator to act on such alarms if a clear pattern of abuse emerges.
The design of SCTP is resistant to flooding attacks, particularly in The design of SCTP is resistant to flooding attacks, particularly in
its use of a four-way start-up handshake, its use of a cookie to its use of a four-way start-up handshake, its use of a cookie to
defer commitment of resources at the responding SCTP node until the defer commitment of resources at the responding SCTP node until the
skipping to change at page 91, line ? skipping to change at line 4350
may by policy permit a maximum of one SCTP association with the may by policy permit a maximum of one SCTP association with the
impersonated SCTP node. The masquerading attacker may attempt to impersonated SCTP node. The masquerading attacker may attempt to
establish an association purporting to come from the impersonated establish an association purporting to come from the impersonated
node so that the latter cannot do so when it requires it. node so that the latter cannot do so when it requires it.
- by deliberately allowing the impersonation to be detected, - by deliberately allowing the impersonation to be detected,
thereby provoking counter-measures which cause the impersonated node thereby provoking counter-measures which cause the impersonated node
to be locked out of the target SCTP node. to be locked out of the target SCTP node.
- by interfering with an established association by inserting - by interfering with an established association by inserting
extraneous content such as a SHUTDOWN request. extraneous content such as a SHUTDOWN request.
Stewart, et al [Page 84]
SCTP prevents masquerade through IP spoofing by use of the four-way SCTP prevents masquerade through IP spoofing by use of the four-way
startup handshake. Because the initial exchange is memoryless, no startup handshake. Because the initial exchange is memoryless, no
lockout mechanism is triggered by masquerade attacks. SCTP protects lockout mechanism is triggered by masquerade attacks. SCTP protects
against insertion of extraneous messages into the flow of an against insertion of extraneous messages into the flow of an
established association by use of the verification tag. established association by use of the verification tag.
Logging of received INIT requests and abnormalities such as Logging of received INIT requests and abnormalities such as
unexpected INIT ACKs might be considered as a way to detect patterns unexpected INIT ACKs might be considered as a way to detect patterns
of hostile activity. However, the potential usefulness of such of hostile activity. However, the potential usefulness of such
logging must be weighed against the increased SCTP startup logging must be weighed against the increased SCTP startup
skipping to change at page 91, line ? skipping to change at line 4377
10.2.4.3 Improper Monopolization of Services 10.2.4.3 Improper Monopolization of Services
Attacks under this heading are performed openly and legitimately by Attacks under this heading are performed openly and legitimately by
the attacker. They are directed against fellow users of the target the attacker. They are directed against fellow users of the target
SCTP node or of the shared resources between the attacker and the SCTP node or of the shared resources between the attacker and the
target node. Possible attacks include the opening of a large number target node. Possible attacks include the opening of a large number
of associations between the attacker's node and the target, or of associations between the attacker's node and the target, or
transfer of large volumes of information within a legitimately- transfer of large volumes of information within a legitimately-
established association. established association.
Stewart, et al [Page 81]
Such attacks take advantage of policy deficiencies at the target Such attacks take advantage of policy deficiencies at the target
SCTP node. Defense begins with a contractual prohibition of SCTP node. Defense begins with a contractual prohibition of
behavior directed to denial of service to others. Policy limits behavior directed to denial of service to others. Policy limits
should be placed on the number of associations per adjoining SCTP should be placed on the number of associations per adjoining SCTP
node. SCTP user applications should be capable of detecting large node. SCTP user applications should be capable of detecting large
volumes of illegitimate or "no-op" messages within a given volumes of illegitimate or "no-op" messages within a given
association and either logging or terminating the association as a association and either logging or terminating the association as a
result, based on local policy. result, based on local policy.
10.3 Protection against Fraud and Repudiation 10.3 Protection against Fraud and Repudiation
skipping to change at page 91, line ? skipping to change at line 4402
invalid billing data or failing to collect it. Repudiation is a invalid billing data or failing to collect it. Repudiation is a
related problem, since it may occur as a deliberate act of fraud or related problem, since it may occur as a deliberate act of fraud or
simply because the repudiating party kept inadequate records of simply because the repudiating party kept inadequate records of
service received. service received.
Potential fraudulent attacks include interception and misuse of Potential fraudulent attacks include interception and misuse of
authorizing information such as credit card numbers, blind authorizing information such as credit card numbers, blind
masquerade and replay, and man-in-the middle attacks which modify masquerade and replay, and man-in-the middle attacks which modify
the messages passing through a target SCTP association in real time. the messages passing through a target SCTP association in real time.
Stewart, et al [Page 85]
The interception attack is countered by the confidentiality measures The interception attack is countered by the confidentiality measures
discussed in section 10.2.3 above. discussed in section 10.2.3 above.
Section 10.2.4.2 describes how SCTP is resistant to blind masquerade Section 10.2.4.2 describes how SCTP is resistant to blind masquerade
attacks, as a result of the four-way startup handshake and the attacks, as a result of the four-way startup handshake and the
validation tag. The validation tag and TSN together are protections validation tag. The validation tag and TSN together are protections
against blind replay attacks, where the replay is into an existing against blind replay attacks, where the replay is into an existing
association. association.
However, SCTP does not protect against man-in-the-middle attacks However, SCTP does not protect against man-in-the-middle attacks
skipping to change at page 91, line ? skipping to change at line 4426
such attacks is seen to exist, or where possible repudiation is an such attacks is seen to exist, or where possible repudiation is an
issue, the use of the IPSEC AH service is recommended to ensure both issue, the use of the IPSEC AH service is recommended to ensure both
the integrity and the authenticity of the messages passed. the integrity and the authenticity of the messages passed.
SCTP also provides no protection against attacks originating at or SCTP also provides no protection against attacks originating at or
beyond the SCTP node and taking place within the context of an beyond the SCTP node and taking place within the context of an
existing association. Prevention of such attacks should be covered existing association. Prevention of such attacks should be covered
by appropriate security policies at the host site, as discussed in by appropriate security policies at the host site, as discussed in
section 10.2.1. section 10.2.1.
Stewart, et al [Page 82]
11. Recommended Transmission Control Block (TCB) Parameters 11. Recommended Transmission Control Block (TCB) Parameters
This section details a recommended set of parameters that should This section details a recommended set of parameters that should
be contained within the TCB for an implementation. This section is be contained within the TCB for an implementation. This section is
for illustrative purposes and should not be deemed has requirements for illustrative purposes and should not be deemed as requirements
on an implementation NOR as an exhaustive list of all parameters on an implementation NOR as an exhaustive list of all parameters
inside an SCTP TCB. Each implemenation may need its own additional inside an SCTP TCB. Each implemenation may need its own additional
parameters to optimize their implemenation. parameters to optimize their implemenation.
11.1 Parameters necessary for the SCTP instance 11.1 Parameters necessary for the SCTP instance
Associations - A list of current associations and mappings to the Associations A list of current associations and mappings to the
data consumers for each association. This may be in data consumers for each association. This may be in
the form of a hash table or other implementation dependent the form of a hash table or other implementation dependent
structure. The data consumers may be process identification structure. The data consumers may be process identification
information such as file descriptors, named pipe pointer, or information such as file descriptors, named pipe pointer, or
table pointers dependent on how SCTP is implemented. table pointers dependent on how SCTP is implemented.
Secret Key - A secret key used by this endpoint to sign all cookies. This Secret Key A secret key used by this endpoint to sign all cookies. This
SHOULD be a cryptographic quality random number with SHOULD be a cryptographic quality random number with
a sufficient length. Discussion in RFC 1750 [1] can be a sufficient length. Discussion in RFC 1750 [1] can be
helpful in selection of the key. helpful in selection of the key.
Address List - The list of IP addresses that this instance has bound. This Address List The list of IP addresses that this instance has bound. This
information is passed to ones peer('s) in INIT and INIT-ACK information is passed to one's peer(s) in INIT and INIT-ACK
messages. messages.
SCTP Port - The local SCTP port number the endpoint is bound to. SCTP Port The local SCTP port number the endpoint is bound to.
Stewart, et al [Page 86]
Peer Tag value to be sent in every datagram and is received
Verification in the INIT or INIT ACK message.
Tag
My Tag expected in every inbound datagram and sent in the
Verification INIT or INIT ACK message.
Tag
11.2 Parameters necessary per association (i.e. the TCB) 11.2 Parameters necessary per association (i.e. the TCB)
State - A state variable indicating what state the association is State A state variable indicating what state the association is
in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED, in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED,
SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED. SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED.
Note: No "CLOSED" state is illustrated since if a Note: No "CLOSED" state is illustrated since if a
association is "CLOSED" its TCB SHOULD be removed. association is "CLOSED" its TCB SHOULD be removed.
Peer Transport Peer Transport A list of SCTP transport addresses that the peer is
Address List - A list of SCTP transport addresses that the peer is Address List bound to. This information is derived from the INIT or
bound to. This information is derived from the INIT or
INIT-ACK and is used to associate an inbound datagram INIT-ACK and is used to associate an inbound datagram
with a given association. Normally this information is with a given association. Normally this information is
hashed or keyed for quick lookup and access of the TCB. hashed or keyed for quick lookup and access of the TCB.
Primary Primary This is the current primary destination transport
Destination - This is the current primary destination transport Destination address of the peer endpoint.
address of the peer endpoint.
Overall Overall The overall association error count.
Error Count - The overall association error count. Error Count
Overall Error Overall Error The threshold for this association that if the Overall
Threshold - The threshold for this association that if the Overall Threshold Error Count reaches will cause this association to be
Error Count reaches will cause this association to be
torn down. torn down.
Stewart, et al [Page 83] Peer Rwnd Current calculated value of the peer's rwnd.
Per Transport
Address Data - For each destination transport address in the peer's
address list derived from the INIT or INIT ACK message,
a number of data elements needs to be maintained
including:
- Error count - The current error count for this
destination.
- Error Threshold - Current error threshold for
this destination i.e. what value
marks the destination down if
Error count reaches this value.
- cwnd - The current congestion window.
- ssthresh - The current ssthresh value.
- RTO - The current retransmission timeout vaule.
- SRTT - The current smoothed round trip time.
- RTTVAR - The current RTT variation.
- partial_bytes_acked - The tracking method for
increase of cwnd when in
congestion avoidance mode
(see section 6.2.2)
- state - The current state of this destionation,
i.e. DOWN, UP, ALLOW-HB, NO-HEARTBEAT,
etc.
- P-MTU - The current known path MTU.
- Per Destination Timer - A timer used by each
destination.
- RTO-Pending - A flag used to track if one of
the datagrams sent to this address
is currently being used to compute
a RTT. If this flag is 0, the next
datagram sent to this destination
should be used to compute a RTT and
this flag should be set. Every time
the RTT calcualtion completes (i.e.
the datagram is SACK'd) clear this
flag.
- last-timeused - The time this destination was
last sent to. This can be used
to determine if a HEARTBEAT is
needed.
Peer Verification
Tag - Tag value to be sent in every datagram and is received
in the INIT or INIT ACK message.
My Verification
Tag - Tag expected in every inbound datagram and sent in the
INIT or INIT ACK message.
Peer Rwnd - Current calculated value of the peer's rwnd.
Next TSN - My next TSN number I will assign. This is sent in Next TSN My next TSN number I will assign. This is sent in
the INIT or INIT-ACK message to the peer and the INIT or INIT-ACK message to the peer and
incremented each time a DATA chunk is assigned a incremented each time a DATA chunk is assigned a
TSN (normally just prior to transmit or during TSN (normally just prior to transmit or during
segmentation). segmentation).
Stewart, et al [Page 84] Last Rcvd TSN This is the last TSN I received and is the
Last Rcvd TSN - This is the last TSN I received and is the
current cumulative TSN point. This value is current cumulative TSN point. This value is
set initially by taking the peers initial TSN, set initially by taking the peers initial TSN,
received in the INIT or INIT-ACK message, and received in the INIT or INIT-ACK message, and
subtracting one from it. subtracting one from it.
Mapping Array - An array of bits or bytes indicating which out of Mapping Array An array of bits or bytes indicating which out of
order TSN's have been received (relative to the order TSN's have been received (relative to the
cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist, cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist,
i.e. no out of order messages have been received, i.e. no out of order messages have been received,
this array will be set to all zero. This structure this array will be set to all zero. This structure
may be in the form of a circular buffer or bit array. may be in the form of a circular buffer or bit array.
Ack State - This flag indicates if the next received datagram Stewart, et al [Page 87]
Ack State This flag indicates if the next received datagram
is to be responded to with a SACK. This is initialized is to be responded to with a SACK. This is initialized
to 0, when a datagram is received it is incremented. to 0, when a datagram is received it is incremented.
If this value reaches 2, a SACK is sent and the value If this value reaches 2, a SACK is sent and the value
is reset to 0. Note: this is used only when no datagrams is reset to 0. Note: this is used only when no datagrams
are received out of order, when DATA chunks are out are received out of order, when DATA chunks are out
of order SACK's are not delayed (see Section 5). of order SACK's are not delayed (see Section 5).
Out Queue - A queue of outbound datagrams. Inbound An array of structures to track the inbound streams.
Streams Normally including the next sequence number expected
and possibly the stream number.
In Queue - A queue of inbound datagrams. Outbound An array of structures to track the outbound streams.
Streams Normally including the next sequence number to
be sent on the stream.
Reasm Queue - A re-assembly queue. Reasm Queue A re-assembly queue.
Inbound 11.3 Per Transport Address Data
Streams - An array of structures to track the inbound streams.
Normally including the next sequence number expected
and possibly the stream number.
Outbound For each destination transport address in the peer's address list derived
Streams - An array of structures to track the outbound streams. from the INIT or INIT ACK message, a number of data elements needs to be
Normally including the next sequence number to maintained including:
be sent on the stream.
Stewart, et al [Page 85] Error count The current error count for this destination.
Error Current error threshold for this destination i.e.
Threshold what value marks the destination down if Error count
reaches this value.
cwnd The current congestion window.
ssthresh The current ssthresh value.
RTO The current retransmission timeout vaule.
SRTT The current smoothed round trip time.
RTTVAR The current RTT variation.
partial bytes The tracking method for increase of cwnd when in
acked congestion avoidance mode (see section 6.2.2)
state The current state of this destionation, i.e. DOWN, UP,
ALLOW-HB, NO-HEARTBEAT, etc.
P-MTU The current known path MTU.
Per A timer used by each destination.
Destination
Timer
Stewart, et al [Page 88]
RTO-Pending A flag used to track if one of the datagrams sent to this address
is currently being used to compute a RTT. If this flag is 0, the
next datagram sent to this destination should be used to compute
a RTT and this flag should be set. Every time the RTT calcualtion
completes (i.e. the datagram is SACK'd) clear this flag.
last-time The time this destination was last sent to. This can be used
used to determine if a HEARTBEAT is needed.
11.4 General Parameters Needed
Out Queue A queue of outbound datagrams.
In Queue A queue of inbound datagrams.
12. IANA Consideration 12. IANA Consideration
This protocol will require port reservation like TCP for the use of This protocol will require port reservation like TCP for the use of
"well known" servers within the Internet. It is suggested that all "well known" servers within the Internet. It is suggested that all
current TCP ports should be automatically reserved in the SCTP port current TCP ports should be automatically reserved in the SCTP port
address space. New requests should follow IANA's current mechanisms address space. New requests should follow IANA's current mechanisms
for TCP. for TCP.
This protocol may also be extended through IANA in three ways: This protocol may also be extended through IANA in three ways:
skipping to change at page 91, line ? skipping to change at line 4612
SCTP protocol. In consequence, the intention is that new IETF-defined SCTP protocol. In consequence, the intention is that new IETF-defined
chunk types MUST be supported by standards-track RFC documentation. chunk types MUST be supported by standards-track RFC documentation.
As a transitional step, a new chunk type MAY be introduced in an As a transitional step, a new chunk type MAY be introduced in an
Experimental RFC. Chunk type codes MUST remain permanently associated Experimental RFC. Chunk type codes MUST remain permanently associated
with the original documentation on the basis of which they were with the original documentation on the basis of which they were
allocated. Thus if the RFC supporting a given chunk type is allocated. Thus if the RFC supporting a given chunk type is
deprecated in favor of a new document, the corresponding chunk type deprecated in favor of a new document, the corresponding chunk type
code value is also deprecated and a new code value is allocated in code value is also deprecated and a new code value is allocated in
association with the replacement document. association with the replacement document.
Stewart, et al [Page 89]
The documentation for a new chunk code type must include the following The documentation for a new chunk code type must include the following
information: information:
(a) a long and short name for the new chunk type; (a) a long and short name for the new chunk type;
(b) a detailed description of the structure of the chunk, which MUST (b) a detailed description of the structure of the chunk, which MUST
conform to the basic structure defined in section 2.2; conform to the basic structure defined in section 2.2;
(c) a detailed definition and description of intended use of each field (c) a detailed definition and description of intended use of each field
within the chunk, including the chunk flags if any; within the chunk, including the chunk flags if any;
(d) a detailed procedural description of the use of the new chunk type (d) a detailed procedural description of the use of the new chunk type
within the operation of the protocol. within the operation of the protocol.
If the primary numbering space reserved for IETF use (0x00 to 0xFD) is If the primary numbering space reserved for IETF use (0x00 to 0xFD) is
exhausted, new codes shall subsequently be allocated in the extension exhausted, new codes shall subsequently be allocated in the extension
range 0x0000 through 0xFFFF. Chunks allocated in this range MUST range 0x0000 through 0xFFFF. Chunks allocated in this range MUST
conform to the following structure: conform to the following structure:
Stewart, et al [Page 86]
First word (32 bits): First word (32 bits):
as shown in section 2.2, with chunk type code equal to 0xFF. as shown in section 2.2, with chunk type code equal to 0xFF.
Second word: Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code value. (0x00). Final two octets contain the allocated extension code value.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 91, line ? skipping to change at line 4667
(a) Name of the parameter type. (a) Name of the parameter type.
(b) Detailed description of the structure of the parameter field. This (b) Detailed description of the structure of the parameter field. This
structure MUST conform to the general type-length-value format structure MUST conform to the general type-length-value format
described in section 2.2.1. described in section 2.2.1.
(c) Detailed definition of each component of the parameter value. (c) Detailed definition of each component of the parameter value.
(d) Detailed description of the intended use of this parameter type, (d) Detailed description of the intended use of this parameter type,
and an indication of whether and under what circumstances and an indication of whether and under what circumstances
multiple instances of this parameter type may be found within the multiple instances of this parameter type may be found within the
same chunk. same chunk.
Stewart, et al [Page 90]
Additional parameter type codes may be allocated initially from the Additional parameter type codes may be allocated initially from the
range 0x0000 through 0xFFFD. If this space is exhausted, extension range 0x0000 through 0xFFFD. If this space is exhausted, extension
codes shall be allocated in the range 0x0000 through 0xFFFF. Where an codes shall be allocated in the range 0x0000 through 0xFFFF. Where an
extension code has been allocated, the format of the parameter must extension code has been allocated, the format of the parameter must
conform to the following structure: conform to the following structure:
Stewart, et al [Page 87]
First word (32 bits): First word (32 bits):
contains the parameter type code 0xFFFF and parameter length as contains the parameter type code 0xFFFF and parameter length as
described in section 2.2.1. described in section 2.2.1.
Second word: Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code (0x00). Final two octets contain the allocated extension code
value. value.
The Value portion of the parameter, if any, follows the second word. The Value portion of the parameter, if any, follows the second word.
skipping to change at page 91, line ? skipping to change at line 4716
(c) Expected action by the SCTP endpoint which receives an Operation (c) Expected action by the SCTP endpoint which receives an Operation
Error chunk containing this cause code. Error chunk containing this cause code.
(d) Detailed description of the structure and content of data fields (d) Detailed description of the structure and content of data fields
which accompany this cause code. which accompany this cause code.
The initial word (32 bits) of a cause code parameter MUST conform to The initial word (32 bits) of a cause code parameter MUST conform to
the format shown in section 2.3.9, i.e.: the format shown in section 2.3.9, i.e.:
-- first two octets contain the cause code value -- first two octets contain the cause code value
-- last two octets contain length of the cause parameter. -- last two octets contain length of the cause parameter.
Stewart, et al [Page 91]
12.4 Payload Protocol Identifiers 12.4 Payload Protocol Identifiers
Except for value 0x00000000 which is reserved by SCTP to indicate the Except for value 0x00000000 which is reserved by SCTP to indicate the
absence of a payload protocol identifier in a DATA chunk, SCTP will absence of a payload protocol identifier in a DATA chunk, SCTP will
not be responsible for standardizing or verifying any payload protocol not be responsible for standardizing or verifying any payload protocol
identifiers; SCTP simply receives the identifier from the upper layer identifiers; SCTP simply receives the identifier from the upper layer
and carries it with the corresponding payload data. and carries it with the corresponding payload data.
The upper layer, i.e, the SCTP user, SHOULD standardize any specific The upper layer, i.e, the SCTP user, SHOULD standardize any specific
protocol identifier with IANA if it is so desired. The use of any protocol identifier with IANA if it is so desired. The use of any
specific payload protocol identifier is out of the scope of SCTP. specific payload protocol identifier is out of the scope of SCTP.
Stewart, et al [Page 88]
13. Suggested SCTP Protocol Parameter Values 13. Suggested SCTP Protocol Parameter Values
The following protocol parameters are RECOMMENDED: The following protocol parameters are RECOMMENDED:
RTO.Initial - 3 seconds RTO.Initial - 3 seconds
RTO.Min - 1 second RTO.Min - 1 second
RTO.Max - 60 seconds RTO.Max - 60 seconds
RTO.Alpha - 1/8 RTO.Alpha - 1/8
RTO.Beta - 1/4 RTO.Beta - 1/4
Valid.Cookie.Life - 5 seconds Valid.Cookie.Life - 5 seconds
skipping to change at page 91, line ? skipping to change at line 4753
'retrans.count' - counter (per destination address) 'retrans.count' - counter (per destination address)
'receiver.buffer' - variable (per peer endpoint) 'receiver.buffer' - variable (per peer endpoint)
IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to
customize some of these protocol parameters (see Section 9). customize some of these protocol parameters (see Section 9).
14. Acknowledgments 14. Acknowledgments
The authors wish to thank Mark Allman, Richard Band, Scott Bradner, The authors wish to thank Mark Allman, Richard Band, Scott Bradner,
Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege, Henry Houh, Steve Bellovin, Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege,
Christian Huetima, Gary Lehecka, John Loughney, Daniel Luan, Lyndon Henry Houh, Christian Huetima, Gary Lehecka, John Loughney, Daniel
Ong, Kelvin Porter, Heinz Prantner, Jarno Rajahalme, Ivan Rodreguez, Luan, Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno
Rajahalme, Ivan Raymond E. Reeves, Renee Revis, Arias Rodriguez,
A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their
invaluable comments. invaluable comments.
Stewart, et al [Page 92]
15. Authors' Addresses 15. Authors' Addresses
Randall R. Stewart Tel: +1-847-632-7438 Randall R. Stewart Tel: +1-847-632-7438
Motorola, Inc. EMail: rstewar1@email.mot.com Motorola, Inc. EMail: rstewar1@email.mot.com
1501 W. Shure Drive, #2315 1501 W. Shure Drive, #2315
Arlington Heights, IL 60004 Arlington Heights, IL 60004
USA USA
Qiaobing Xie Tel: +1-847-632-3028 Qiaobing Xie Tel: +1-847-632-3028
Motorola, Inc. EMail: qxie1@email.mot.com Motorola, Inc. EMail: qxie1@email.mot.com
skipping to change at page 91, line ? skipping to change at line 4788
13615 Dulles Technology Drive 13615 Dulles Technology Drive
Herndon, VA. 20171 Herndon, VA. 20171
USA USA
Chip Sharp Tel: +1-919-472-3121 Chip Sharp Tel: +1-919-472-3121
Cisco Systems Inc. EMail:chsharp@cisco.com Cisco Systems Inc. EMail:chsharp@cisco.com
7025 Kit Creek Road 7025 Kit Creek Road
Research Triangle Park, NC 27709 Research Triangle Park, NC 27709
USA USA
Stewart, et al [Page 89]
Hanns Juergen Schwarzbauer Tel: +49-89-722-24236 Hanns Juergen Schwarzbauer Tel: +49-89-722-24236
SIEMENS AG SIEMENS AG
Hofmannstr. 51 Hofmannstr. 51
81359 Munich 81359 Munich
Germany Germany
EMail: HannsJuergen.Schwarzbauer@icn.siemens.de EMail: HannsJuergen.Schwarzbauer@icn.siemens.de
Tom Taylor Tel: +1-613-736-0961 Tom Taylor Tel: +1-613-736-0961
Nortel Networks Nortel Networks
1852 Lorraine Ave. 1852 Lorraine Ave.
skipping to change at page 91, line ? skipping to change at line 4816
Australia Australia
Malleswar Kalla Tel: +1-973-829-5212 Malleswar Kalla Tel: +1-973-829-5212
Telcordia Technologies Telcordia Technologies
MCC 1J211R MCC 1J211R
445 South Street 445 South Street
Morristown, NJ 07960 Morristown, NJ 07960
USA USA
EMail: kalla@research.telcordia.com EMail: kalla@research.telcordia.com
Stewart, et al [Page 93]
Lixia Zhang Tel: +1-310-825-2695 Lixia Zhang Tel: +1-310-825-2695
UCLA Computer Science Department EMail: lixia@cs.ucla.edu UCLA Computer Science Department EMail: lixia@cs.ucla.edu
4531G Boelter Hall 4531G Boelter Hall
Los Angeles, CA 90095-1596 Los Angeles, CA 90095-1596
USA USA
Vern Paxson Tel: +1-510-642-4274 x 302 Vern Paxson Tel: +1-510-642-4274 x 302
ACIRI EMail: vern@aciri.org ACIRI EMail: vern@aciri.org
1947 Center St., Suite 600, 1947 Center St., Suite 600,
Berkeley, CA 94704-1198 Berkeley, CA 94704-1198
skipping to change at page 91, line ? skipping to change at line 4841
[1] Eastlake , D. (ed.), "Randomness Recommendations for Security", [1] Eastlake , D. (ed.), "Randomness Recommendations for Security",
RFC 1750, December 1994. RFC 1750, December 1994.
[2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format [2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format
Specification version 3.3", RFC 1950, May 1996. Specification version 3.3", RFC 1950, May 1996.
[3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion [3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion
Control", RFC 2581, April 1999. Control", RFC 2581, April 1999.
Stewart, et al [Page 90] [4] Krawczyk, H., Bellare, M., Canetti, R., "HMAC: Keyed-Hashing for
Message Authentication", RFC 2104, March 1997.
[4] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
August 1999.
[5] Allman, M., and Paxson, V., "On Estimating End-to-End Network [5] Allman, M., and Paxson, V., "On Estimating End-to-End Network
Path Properties", Proc. SIGCOMM'99, 1999. Path Properties", Proc. SIGCOMM'99, 1999.
[6] Karn, P., and Simpson, W., "Photuris: Session-Key Management [6] Karn, P., and Simpson, W., "Photuris: Session-Key Management
Protocol", RFC 2522, March 1999. Protocol", RFC 2522, March 1999.
[7] Bradner, S., "The Internet Standards Process -- Revision 3", [7] Bradner, S., "The Internet Standards Process -- Revision 3",
RFC 2026, October 1996. RFC 2026, October 1996.
skipping to change at page 91, line ? skipping to change at line 4870
[11] Mogul, J., and Deering, S., "Path MTU Discovery", RFC 1191, [11] Mogul, J., and Deering, S., "Path MTU Discovery", RFC 1191,
November 1990. November 1990.
[12] McCann, J., Deering, S., and Mogul, J., "Path MTU Discovery for [12] McCann, J., Deering, S., and Mogul, J., "Path MTU Discovery for
IP version 6", RFC 1981, August 1996. IP version 6", RFC 1981, August 1996.
[13] Fraser, B. (ed.), "Site Security Handbook", RFC 2196, September [13] Fraser, B. (ed.), "Site Security Handbook", RFC 2196, September
1997. 1997.
Stewart, et al [Page 94]
[14] Kent, S., and Atkinson, R., "Security Architecture for the [14] Kent, S., and Atkinson, R., "Security Architecture for the
Internet Protocol", RFC 2401, November 1998. Internet Protocol", RFC 2401, November 1998.
[15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T., [15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T.,
"TCP Congestion Control with a Misbehaving Receiver", ACM "TCP Congestion Control with a Misbehaving Receiver", ACM
Computer Communication Review, 29(5), October 1999. Computer Communication Review, 29(5), October 1999.
This Internet Draft expires in 6 months from February, 2000 [16] Fall, K., and Floyd, S., Simulation-based Comparisons of Tahoe,
Reno, and SACK TCP, Computer Communications Review, V. 26 N. 3,
July 1996, pp. 5-21.
Appendix A: Explicit Congestion Notification
ECN (Ramakrishnan, k., Floyd, S., "Explicit Congestion Notification",
RFC 2481, January 1999) describes a proposed extension to IP that
details a method to become aware of congestion outside of datagram
loss. This is an optional feature that an implemenation MAY choose to
add to SCTP. This appendix details the minor differences an implemenator
will need to be aware of if they choose to implement this feature.
In general RFC 2481 should be followed with the following exceptions.
Negotiation:
RFC2481 details negotiation of ECN during the SYN and SYN-ACK stages
of a TCP connection. The sender of the SYN sets two bits in the
TCP flags, and the sender of the SYN-ACK sets only 1 bit. The reasoning
behind this is to assure both sides are truely ECN capable. For SCTP
this is not necessary. To indicate that an endpoint is ECN capable
a endpoint MAY add to the INIT and or INIT-ACK message the TLV
reserved for ECN. This TLV contains no parameters and thus has
the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type = 0x000a | Parameter Length = 0x0004 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Stewart, et al [Page 95]
ECN-Echo:
RFC 2481 details a specific bit for a receiver to send back in its
acknowledgments to notifiy the sender of the Congestion Experienced (CE)
bit having arrived from the network. For SCTP this same indication is
made by including the ECNE chunk. This chunk contains NO parameters
or data and looks as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ID=00001100 | Flags=00000000| Chunk Length=0004 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Note: The ECNE is considered a Control chunk.
CWR:
RFC 2481 details a specific bit for a sender to send in its
next outbound datagram to indicate to its peer that it has
reduced its congestion window. This is termed the CWR bit. For
SCTP the same indication is made by including the CWR chunk.
This chunk contains NO parameters or data and looks as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ID=00001101 | Flags=00000000| Chunk Length=0004 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Note: The CWR is considered a Control chunk.
This Internet Draft expires in 6 months from March, 2000
Stewart, et al [Page 96]
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/