draft-ietf-sigtran-sctp-08.txt   draft-ietf-sigtran-sctp-09.txt 
skipping to change at line 20 skipping to change at line 20
Nortel Networks Nortel Networks
I. Rytina I. Rytina
Ericsson Ericsson
M. Kalla M. Kalla
Telcordia Telcordia
L. Zhang L. Zhang
UCLA UCLA
V. Paxson V. Paxson
ACIRI ACIRI
expires in six months April 7,2000 expires in six months April 19,2000
Stream Control Transmission Protocol Stream Control Transmission Protocol
<draft-ietf-sigtran-sctp-08.txt> <draft-ietf-sigtran-sctp-09.txt>
Status of This Memo Status of This Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC 2026. Internet-Drafts are working provisions of Section 10 of RFC 2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
skipping to change at line 79 skipping to change at line 79
1.3 Functional View of SCTP.....................................6 1.3 Functional View of SCTP.....................................6
1.3.1 Association Startup and Takedown........................7 1.3.1 Association Startup and Takedown........................7
1.3.2 Sequenced Delivery within Streams.......................7 1.3.2 Sequenced Delivery within Streams.......................7
1.3.3 User Data Segmentation..................................8 1.3.3 User Data Segmentation..................................8
1.3.4 Acknowledgment and Congestion Avoidance.................8 1.3.4 Acknowledgment and Congestion Avoidance.................8
1.3.5 Chunk Multiplex.........................................8 1.3.5 Chunk Multiplex.........................................8
1.3.6 Message Validation......................................8 1.3.6 Message Validation......................................8
1.3.7 Path Management.........................................9 1.3.7 Path Management.........................................9
1.4 Recapitulation of Key Terms.................................9 1.4 Recapitulation of Key Terms.................................9
1.5 Abbreviations...............................................11 1.5 Abbreviations...............................................11
2. SCTP Datagram Format..........................................11 2. Conventions....................................................11
2.1 SCTP Common Header Field Descriptions.......................12 3. SCTP Datagram Format..........................................12
2.2 Chunk Field Descriptions....................................13 3.1 SCTP Common Header Field Descriptions.......................12
2.2.1 Optional/Variable-length Parameter Format...............14 3.2 Chunk Field Descriptions....................................13
2.2.2 Vendor-Specific Extension Parameter Format..............15 3.2.1 Optional/Variable-length Parameter Format...............14
2.3 SCTP Chunk Definitions......................................17 3.2.2 Vendor-Specific Extension Parameter Format..............15
2.3.1 Initiation (INIT).......................................17 3.3 SCTP Chunk Definitions......................................17
2.3.1.1 Optional or Variable Length Parameters..............19 3.3.1 Initiation (INIT).......................................17
2.3.2 Initiation Acknowledgment (INIT ACK)....................20 3.3.1.1 Optional or Variable Length Parameters..............19
2.3.2.1 Optional or Variable Length Parameters..............21 3.3.2 Initiation Acknowledgment (INIT ACK)....................20
2.3.3 Selective Acknowledgment (SACK).........................22 3.3.2.1 Optional or Variable Length Parameters..............21
2.3.4 Heartbeat Request (HEARTBEAT)...........................25 3.3.3 Selective Acknowledgment (SACK).........................22
2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26 3.3.4 Heartbeat Request (HEARTBEAT)...........................25
2.3.6 Abort Association (ABORT)...............................26 3.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26
2.3.7 Shutdown Association (SHUTDOWN).........................27 3.3.6 Abort Association (ABORT)...............................26
2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28 3.3.7 Shutdown Association (SHUTDOWN).........................27
2.3.9 Operation Error (ERROR).................................28 3.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28
2.3.10 State Cookie (COOKIE)..................................30 3.3.9 Operation Error (ERROR).................................28
2.3.11 Cookie Acknowledgment (COOKIE ACK).....................31 3.3.10 State Cookie (COOKIE)..................................30
2.3.12 Payload Data (DATA)....................................31 3.3.11 Cookie Acknowledgment (COOKIE ACK).....................31
2.4 Vendor-Specific Chunk Extensions............................33 3.3.12 Payload Data (DATA)....................................31
3. SCTP Association State Diagram.................................34 3.4 Vendor-Specific Chunk Extensions............................33
4. Association Initialization.....................................36 4. SCTP Association State Diagram.................................34
4.1 Normal Establishment of an Association......................37 5. Association Initialization.....................................36
4.1.1 Handle Stream Parameters................................39 5.1 Normal Establishment of an Association......................37
4.1.2 Handle Address Parameters...............................39 5.1.1 Handle Stream Parameters................................39
4.1.3 Generating State Cookie.................................39 5.1.2 Handle Address Parameters...............................39
4.1.4 Cookie Processing.......................................40 5.1.3 Generating State Cookie.................................39
4.1.5 Cookie Authentication...................................40 5.1.4 Cookie Processing.......................................40
4.1.6 An Example of Normal Association Establishment..........41 5.1.5 Cookie Authentication...................................40
4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42 5.1.6 An Example of Normal Association Establishment..........41
4.2.1 Handle Duplicate INIT in COOKIE-WAIT 5.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42
5.2.1 Handle Duplicate INIT in COOKIE-WAIT
or COOKIE-SENT States...................................43 or COOKIE-SENT States...................................43
4.2.2 Handle Duplicate INIT in Other States...................43 5.2.2 Handle Duplicate INIT in Other States...................43
4.2.3 Handle Duplicate INIT ACK...............................43 5.2.3 Handle Duplicate INIT ACK...............................43
4.2.4 Handle Duplicate COOKIE.................................43 5.2.4 Handle Duplicate COOKIE.................................43
4.2.5 Handle Duplicate COOKIE-ACK.............................45 5.2.5 Handle Duplicate COOKIE-ACK.............................45
4.2.6 Handle Stale COOKIE Error...............................45 5.2.6 Handle Stale COOKIE Error...............................45
4.3 Other Initialization Issues.................................45 5.3 Other Initialization Issues.................................45
Stewart, et al [Page 3] Stewart, et al [Page 3]
4.3.1 Selection of Tag Value..................................45 5.3.1 Selection of Tag Value..................................45
5. User Data Transfer.............................................46 6. User Data Transfer.............................................46
5.1 Transmission of DATA Chunks.................................47 6.1 Transmission of DATA Chunks.................................47
5.2 Acknowledgment of Reception of DATA Chunks..................48 6.2 Acknowledgment of Reception of DATA Chunks..................48
5.2.1 Tracking Peer's Receive Buffer Space....................49 6.2.1 Tracking Peer's Receive Buffer Space....................49
5.3 Management Retransmission Timer.............................50 6.3 Management Retransmission Timer.............................50
5.3.1 RTO Calculation.........................................50 6.3.1 RTO Calculation.........................................50
5.3.2 Retransmission Timer Rules..............................51 6.3.2 Retransmission Timer Rules..............................51
5.3.3 Handle T3-rxt Expiration................................52 6.3.3 Handle T3-rxt Expiration................................52
5.4 Multi-homed SCTP Endpoints..................................53 6.4 Multi-homed SCTP Endpoints..................................53
5.4.1 Failover from Inactive Destination Address..............54 6.4.1 Failover from Inactive Destination Address..............54
5.5 Stream Identifier and Stream Sequence Number................54 6.5 Stream Identifier and Stream Sequence Number................54
5.6 Ordered and Un-ordered Delivery.............................54 6.6 Ordered and Un-ordered Delivery.............................54
5.7 Report Gaps in Received DATA TSNs...........................55 6.7 Report Gaps in Received DATA TSNs...........................55
5.8 Adler-32 Checksum Calculation...............................56 6.8 Adler-32 Checksum Calculation...............................56
5.9 Segmentation................................................57 6.9 Segmentation................................................57
5.10 Bundling and Multiplexing..................................58 6.10 Bundling and Multiplexing..................................58
6. Congestion Control ..........................................58 7. Congestion Control ..........................................58
6.1 SCTP Differences from TCP Congestion Control................59 7.1 SCTP Differences from TCP Congestion Control................59
6.2 SCTP Slow-Start and Congestion Avoidance....................59 7.2 SCTP Slow-Start and Congestion Avoidance....................59
6.2.1 Slow-Start..............................................60 7.2.1 Slow-Start..............................................60
6.2.2 Congestion Avoidance....................................61 7.2.2 Congestion Avoidance....................................61
6.2.3 Congestion Control......................................61 7.2.3 Congestion Control......................................61
6.2.4 Fast Retransmit on Gap Reports..........................62 7.2.4 Fast Retransmit on Gap Reports..........................62
6.3 Path MTU Discovery..........................................63 7.3 Path MTU Discovery..........................................63
7. Fault Management..............................................64 8. Fault Management..............................................64
7.1 Endpoint Failure Detection..................................64 8.1 Endpoint Failure Detection..................................64
7.2 Path Failure Detection......................................64 8.2 Path Failure Detection......................................64
7.3 Path Heartbeat..............................................65 8.3 Path Heartbeat..............................................65
7.4 Handle "Out of the blue" Packets............................66 8.4 Handle "Out of the blue" Packets............................66
7.5 Verification Tag............................................67 8.5 Verification Tag............................................67
7.5.1 Exceptions in Verification Tag Rules....................67 8.5.1 Exceptions in Verification Tag Rules....................67
8. Termination of Association.....................................68 9. Termination of Association.....................................68
8.1 Close of an Association.....................................68 9.1 Close of an Association.....................................68
8.2 Shutdown of an Association..................................68 9.2 Shutdown of an Association..................................68
9. Interface with Upper Layer.....................................69 10. Interface with Upper Layer....................................69
9.1 ULP-to-SCTP.................................................70 10.1 ULP-to-SCTP................................................70
9.2 SCTP-to-ULP.................................................78 10.2 SCTP-to-ULP................................................78
10. Security Considerations.......................................82 11. Security Considerations.......................................82
10.1 Security Objectives........................................82 11.1 Security Objectives........................................82
10.2 SCTP Responses To Potential Threats........................82 11.2 SCTP Responses To Potential Threats........................82
10.2.1 Countering Insider Attacks.............................82 11.2.1 Countering Insider Attacks.............................82
10.2.2 Protecting against Data Corruption in the Network......83 11.2.2 Protecting against Data Corruption in the Network......83
10.2.3 Protecting Confidentiality.............................83 11.2.3 Protecting Confidentiality.............................83
10.2.4 Protecting against Blind Denial of Service Attacks.....83 11.2.4 Protecting against Blind Denial of Service Attacks.....83
10.2.4.1 Flooding...........................................84 11.2.4.1 Flooding...........................................84
10.2.4.2 Masquerade.........................................84 11.2.4.2 Masquerade.........................................84
10.2.4.3 Improper Monopolization of Services................85 11.2.4.3 Improper Monopolization of Services................85
10.3 Protection against Fraud and Repudiation...................85 11.3 Protection against Fraud and Repudiation...................85
11. Recommended Transmission Control Block (TCB) Parameters.......86 12. Recommended Transmission Control Block (TCB) Parameters.......86
11.1 Parameters necessary for the SCTP instance.................86 12.1 Parameters necessary for the SCTP instance.................86
11.2 Parameters necessary per association (i.e. the TCB)........87 12.2 Parameters necessary per association (i.e. the TCB)........87
11.3 Per Transport Address Data.................................88 12.3 Per Transport Address Data.................................88
11.4 General Parameters Needed..................................89 12.4 General Parameters Needed..................................89
12. IANA Consideration............................................89 13. IANA Consideration............................................89
12.1 IETF-defined Chunk Extension...............................89 13.1 IETF-defined Chunk Extension...............................89
12.2 IETF-defined Chunk Parameter Extension.....................90 13.2 IETF-defined Chunk Parameter Extension.....................90
12.3 IETF-defined Additional Error Causes.......................91 13.3 IETF-defined Additional Error Causes.......................91
12.4 Payload Protocol Identifiers...............................92 13.4 Payload Protocol Identifiers...............................92
Stewart, et al [Page 4] Stewart, et al [Page 4]
13. Suggested SCTP Protocol Parameter Values......................92 14. Suggested SCTP Protocol Parameter Values......................92
14. Acknowledgments...............................................92 15. Acknowledgments...............................................92
15. Authors' Addresses............................................93 16. Authors' Addresses............................................93
16. References....................................................94 17. References....................................................94
Appendix A .......................................................95 Appendix A .......................................................95
1. Introduction 1. Introduction
This section explains the reasoning behind the development of the This section explains the reasoning behind the development of the
Stream Control Transmission Protocol (SCTP), the services it offers, Stream Control Transmission Protocol (SCTP), the services it offers,
and the basic concepts needed to understand the detailed description and the basic concepts needed to understand the detailed description
of the protocol. of the protocol.
1.1 Motivation 1.1 Motivation
skipping to change at line 320 skipping to change at line 321
A cookie mechanism, taken from that devised by Karn and Simpson in RFC A cookie mechanism, taken from that devised by Karn and Simpson in RFC
2522 [6], is employed during the initialization to provide protection 2522 [6], is employed during the initialization to provide protection
against security attacks. The cookie mechanism uses a four-way against security attacks. The cookie mechanism uses a four-way
handshaking, but the last two legs of which are allowed to carry user handshaking, but the last two legs of which are allowed to carry user
data for fast setup. The startup sequence is described in chapter 4 of data for fast setup. The startup sequence is described in chapter 4 of
this document. this document.
SCTP provides for graceful takedown of an active association on SCTP provides for graceful takedown of an active association on
request from the SCTP user. See the description of the TERMINATE request from the SCTP user. See the description of the TERMINATE
primitive in chapter 9. SCTP also allows ungraceful takedown, either primitive in chapter 10. SCTP also allows ungraceful takedown, either
on request from the user (ABORT primitive) or as a result of an error on request from the user (ABORT primitive) or as a result of an error
condition detected within the SCTP layer. Chapter 8 describes both the condition detected within the SCTP layer. Chapter 8 describes both the
graceful and the ungraceful takedown procedures. graceful and the ungraceful takedown procedures.
1.3.2 Sequenced Delivery within Streams 1.3.2 Sequenced Delivery within Streams
The term "stream" is used in SCTP to refer to a sequence of user The term "stream" is used in SCTP to refer to a sequence of user
messages. This is in contrast to its usage in TCP, where it refers to messages. This is in contrast to its usage in TCP, where it refers to
a sequence of bytes. a sequence of bytes.
The SCTP user can specify at association startup time the number of The SCTP user can specify at association startup time the number of
streams to be supported by the association. This number is negotiated streams to be supported by the association. This number is negotiated
with the remote end (see section 4.1.1). User messages are associated with the remote end (see section 5.1.1). User messages are associated
with stream numbers (SEND, RECEIVE primitives, Chapter 9). Internally, with stream numbers (SEND, RECEIVE primitives, Chapter 9). Internally,
SCTP assigns a stream sequence number to each message passed to it by SCTP assigns a stream sequence number to each message passed to it by
Stewart, et al [Page 7] Stewart, et al [Page 7]
the SCTP user. On the receiving side, SCTP ensures that messages are the SCTP user. On the receiving side, SCTP ensures that messages are
delivered to the SCTP user in sequence within a given stream. However, delivered to the SCTP user in sequence within a given stream. However,
while one stream may be blocked waiting for the next in-sequence user while one stream may be blocked waiting for the next in-sequence user
message, delivery from other streams may proceed. message, delivery from other streams may proceed.
skipping to change at line 400 skipping to change at line 401
Stewart, et al [Page 8] Stewart, et al [Page 8]
The Adler-32 checksum should be set by the sender of each SCTP datagram, The Adler-32 checksum should be set by the sender of each SCTP datagram,
to provide additional protection against data corruption in the to provide additional protection against data corruption in the
network beyond that provided by lower layers (e.g. the IP checksum). network beyond that provided by lower layers (e.g. the IP checksum).
1.3.7 Path Management 1.3.7 Path Management
The sending SCTP user is able to manipulate the set of transport The sending SCTP user is able to manipulate the set of transport
addresses used as destinations for SCTP datagrams, through the addresses used as destinations for SCTP datagrams, through the
primitives described in Chapter 9. The SCTP path management function primitives described in Chapter 10. The SCTP path management function
chooses the destination transport address for each outgoing SCTP chooses the destination transport address for each outgoing SCTP
datagram based on the SCTP user's instructions and the currently datagram based on the SCTP user's instructions and the currently
perceived reachability status of the eligible destination set. perceived reachability status of the eligible destination set.
The path management function monitors reachability through heartbeat The path management function monitors reachability through heartbeat
messages when other message traffic is inadequate to provide this messages when other message traffic is inadequate to provide this
information, and advises the SCTP user when reachability of any far- information, and advises the SCTP user when reachability of any far-
end transport address changes. The path management function is also end transport address changes. The path management function is also
responsible for reporting the eligible set of local transport responsible for reporting the eligible set of local transport
addresses to the far end during association startup, and for reporting addresses to the far end during association startup, and for reporting
the transport addresses returned from the far end to the SCTP user. the transport addresses returned from the far end to the SCTP user.
skipping to change at line 549 skipping to change at line 550
SRTT - Smoothed RTT SRTT - Smoothed RTT
TCB - Transmission Control Block TCB - Transmission Control Block
TLV - Type-Length-Value Coding Format TLV - Type-Length-Value Coding Format
TSN - Transmission Sequence Number TSN - Transmission Sequence Number
ULP - Upper-layer Protocol ULP - Upper-layer Protocol
2. SCTP Datagram Format 2. Conventions
An SCTP datagram is composed of a common header and chunks. A chunk The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
contains either control information or user data. SHOULD NOT, RECOMMENDED, NOT RECOMMENDED, MAY, and OPTIONAL, when
they appear in this document, are to be interpreted as described in
RFC 2119 [18].
Stewart, et al [Page 11] Stewart, et al [Page 11]
3. SCTP Datagram Format
An SCTP datagram is composed of a common header and chunks. A chunk
contains either control information or user data.
The SCTP datagram format is shown below: The SCTP datagram format is shown below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Common Header | | Common Header |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk #1 | | Chunk #1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... | | ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk #n | | Chunk #n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Multiple chunks can be multiplexed into one SCTP datagram up to Multiple chunks can be multiplexed into one SCTP datagram up to
the MTU size, except for the INIT, INIT ACK, and SHUTDOWN ACK the MTU size, except for the INIT, INIT ACK, and SHUTDOWN ACK
chunks. These chunks MUST NOT be multiplexed with any other chunk in a chunks. These chunks MUST NOT be multiplexed with any other chunk in a
datagram. See Section 5.10 for more details on chunk multiplexing. datagram. See Section 6.10 for more details on chunk multiplexing.
If an user data message doesn't fit into one SCTP datagram it can be If an user data message doesn't fit into one SCTP datagram it can be
segmented into multiple chunks using the procedure defined in segmented into multiple chunks using the procedure defined in
Section 5.9. Section 6.9.
All integer fields in an SCTP datagram MUST be transmitted in the All integer fields in an SCTP datagram MUST be transmitted in the
network byte order, unless otherwise stated. network byte order, unless otherwise stated.
2.1 SCTP Common Header Field Descriptions 3.1 SCTP Common Header Field Descriptions
SCTP Common Header Format SCTP Common Header Format
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port Number | Destination Port Number | | Source Port Number | Destination Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Verification Tag | | Verification Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 622 skipping to change at line 630
The receiver of this datagram uses the Verification Tag to validate The receiver of this datagram uses the Verification Tag to validate
the sender of this SCTP datagram. On transmit, the value of this the sender of this SCTP datagram. On transmit, the value of this
Verification Tag MUST be set to the value of the Initiate Tag Verification Tag MUST be set to the value of the Initiate Tag
received from the peer endpoint during the association received from the peer endpoint during the association
initialization. initialization.
For datagrams carrying the INIT chunk, the transmitter MUST set the For datagrams carrying the INIT chunk, the transmitter MUST set the
Verification Tag to all 0's. If the receiver receives a datagram Verification Tag to all 0's. If the receiver receives a datagram
with an all-zeros Verification Tag field, it checks the Chunk ID with an all-zeros Verification Tag field, it checks the Chunk ID
immediately following the common header. If the Chunk Type is immediately following the common header. If the Chunk Type is
neither INIT nor SHUTDOWN ACK, the receiver MUST drop the datagram. neither INIT nor SHUTDOWN ACK or ABORT, the receiver MUST drop
For datagrams carrying the SHUTDOWN ACK chunk, the transmitter the datagram. For datagrams carrying the SHUTDOWN ACK chunk, the
SHOULD set the Verification Tag to the Initiate Tag received from transmitter SHOULD set the Verification Tag to the Initiate Tag
the peer endpoint during the association initialization, if known. received from the peer endpoint during the association
Otherwise, the Verification Tag MUST be set to all 0's. initialization, if known. Otherwise, the Verification Tag
MUST be set to all 0's.
Note: Special rules apply to the ABORT message see Section 8.5.
Adler-32 Checksum: 32 bit u_int Adler-32 Checksum: 32 bit u_int
This field MUST contain an Adler-32 checksum of this SCTP This field MUST contain an Adler-32 checksum of this SCTP
datagram. Its calculation is discussed in Section 5.8. datagram. Its calculation is discussed in Section 6.8.
2.2 Chunk Field Descriptions 3.2 Chunk Field Descriptions
The figure below illustrates the field format for the chunks to be The figure below illustrates the field format for the chunks to be
transmitted in the SCTP datagram. Each chunk is formatted with a Chunk transmitted in the SCTP datagram. Each chunk is formatted with a Chunk
ID field, a chunk-specific Flag field, a Length field, and a Value ID field, a chunk-specific Flag field, a Length field, and a Value
field. field.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk ID | Chunk Flags | Chunk Length | | Chunk ID | Chunk Flags | Chunk Length |
skipping to change at line 656 skipping to change at line 667
/ Chunk Value / / Chunk Value /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Chunk ID: 8 bits, u_int Chunk ID: 8 bits, u_int
This field identifies the type of information contained in the Chunk This field identifies the type of information contained in the Chunk
Value field. It takes a value from 0x00 to 0xFF. The value of 0xFE Value field. It takes a value from 0x00 to 0xFF. The value of 0xFE
is reserved for vendor-specific extensions. The value of 0xFF is is reserved for vendor-specific extensions. The value of 0xFF is
reserved for future use as an extension field. Procedures for reserved for future use as an extension field. Procedures for
extending this field by vendors are defined in Section 2.4. extending this field by vendors are defined in Section 3.4.
The values of Chunk ID are defined as follows: The values of Chunk ID are defined as follows:
Stewart, et al [Page 13] Stewart, et al [Page 13]
ID Value Chunk Type ID Value Chunk Type
----- ---------- ----- ----------
00000000 - Payload Data (DATA) 00000000 - Payload Data (DATA)
00000001 - Initiation (INIT) 00000001 - Initiation (INIT)
00000010 - Initiation Acknowledgment (INIT ACK) 00000010 - Initiation Acknowledgment (INIT ACK)
00000011 - Selective Acknowledgment (SACK) 00000011 - Selective Acknowledgment (SACK)
skipping to change at line 705 skipping to change at line 716
Length field does not count any padding. Length field does not count any padding.
Chunk Value: variable length Chunk Value: variable length
The Chunk Value field contains the actual information to be The Chunk Value field contains the actual information to be
transferred in the chunk. The usage and format of this field is transferred in the chunk. The usage and format of this field is
dependent on the Chunk ID. The Chunk Value field MUST be aligned on dependent on the Chunk ID. The Chunk Value field MUST be aligned on
32-bit boundaries. If the length of the chunk does not align on 32-bit boundaries. If the length of the chunk does not align on
32-bit boundaries, it is padded at the end with all zero octets. 32-bit boundaries, it is padded at the end with all zero octets.
SCTP defined chunks are described in detail in Section 2.3. The SCTP defined chunks are described in detail in Section 3.3. The
guideline for vendor-specific chunk extensions is discussed in Section guideline for vendor-specific chunk extensions is discussed in Section
2.4. And the guidelines for IETF-defined chunk extensions can be found 3.4. And the guidelines for IETF-defined chunk extensions can be found
in Section 12.1 of this document. in Section 13.1 of this document.
2.2.1 Optional/Variable-length Parameter Format 3.2.1 Optional/Variable-length Parameter Format
The optional and variable-length parameters contained in a chunk The optional and variable-length parameters contained in a chunk
are defined in a Type-Length-Value format as shown below. are defined in a Type-Length-Value format as shown below.
Stewart, et al [Page 14] Stewart, et al [Page 14]
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type | Parameter Length | | Parameter Type | Parameter Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 752 skipping to change at line 763
0x0004. The Length does not include any padding octets. 0x0004. The Length does not include any padding octets.
Parameter Value: variable-length. Parameter Value: variable-length.
The Value is dependent on the value of the Type field. The value The Value is dependent on the value of the Type field. The value
field MUST be aligned on 32-bit boundaries. If the value field is field MUST be aligned on 32-bit boundaries. If the value field is
not aligned on 32-bit boundaries it is padded at the end with all not aligned on 32-bit boundaries it is padded at the end with all
zero octets. The value field must be an integer number of octets. zero octets. The value field must be an integer number of octets.
The actual SCTP parameters are defined in the specific SCTP chunk The actual SCTP parameters are defined in the specific SCTP chunk
section. The guidelines for vendor-specific parameter extensions are sections. The guidelines for vendor-specific parameter extensions
discussed in Section 2.2.2. And the rules for IETF-defined parameter are discussed in Section 3.2.2. And the rules for IETF-defined
extensions are defined in Section 12.2. parameter extensions are defined in Section 13.2.
2.2.2 Vendor-Specific Extension Parameter Format 3.2.2 Vendor-Specific Extension Parameter Format
This is to allow vendors to support their own extended parameters not This is to allow vendors to support their own extended parameters not
defined by the IETF. It MUST not affect the operation of SCTP. defined by the IETF. It MUST not affect the operation of SCTP.
Endpoints not equipped to interpret the vendor-specific information Endpoints not equipped to interpret the vendor-specific information
sent by a remote endpoint MUST ignore it (although it may be sent by a remote endpoint MUST ignore it (although it may be
reported). Endpoints that do not receive desired vendor-specific reported). Endpoints that do not receive desired vendor-specific
information SHOULD make an attempt to operate without it, although information SHOULD make an attempt to operate without it, although
they may do so (and report they are doing so) in a degraded mode. they may do so (and report they are doing so) in a degraded mode.
skipping to change at line 843 skipping to change at line 854
VS-Length: 16 bit u_int VS-Length: 16 bit u_int
This field is the length of the vendor-specific parameter and This field is the length of the vendor-specific parameter and
Includes the VS-Type, VS-Length and VS-Value (if included) fields. Includes the VS-Type, VS-Length and VS-Value (if included) fields.
VS-Value: Variable Length VS-Value: Variable Length
This field contains the parameter identified by the VS-Type field. This field contains the parameter identified by the VS-Type field.
It's meaning is identified by the vendor. It's meaning is identified by the vendor.
2.3 SCTP Chunk Definitions 3.3 SCTP Chunk Definitions
This section defines the format of the different SCTP chunk types. This section defines the format of the different SCTP chunk types.
2.3.1 Initiation (INIT) (00000001) 3.3.1 Initiation (INIT) (00000001)
This chunk is used to initiate a SCTP association between two This chunk is used to initiate a SCTP association between two
endpoints. The format of the INIT message is shown below: endpoints. The format of the INIT message is shown below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 1| Chunk Flags | Chunk Length | |0 0 0 0 0 0 0 1| Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initiate Tag | | Initiate Tag |
skipping to change at line 920 skipping to change at line 931
parameters within an INIT may be processed in any order. parameters within an INIT may be processed in any order.
Initiate Tag: 32 bit u_int Initiate Tag: 32 bit u_int
The receiver of the INIT (the responding end) records the value of The receiver of the INIT (the responding end) records the value of
the Initiate Tag parameter. This value MUST be placed into the the Initiate Tag parameter. This value MUST be placed into the
Verification Tag field of every SCTP datagram that the responding Verification Tag field of every SCTP datagram that the responding
end transmits within this association. end transmits within this association.
The valid range for Initiate Tag is from 0x1 to 0xffffffff. See The valid range for Initiate Tag is from 0x1 to 0xffffffff. See
Section 4.3.1 for more on the selection of the tag value. Section 5.3.1 for more on the selection of the tag value.
If the value of the Initiate Tag in a received INIT chunk is found If the value of the Initiate Tag in a received INIT chunk is found
to be 0x0, the receiver MUST treat it as an error and silently to be 0x0, the receiver MUST treat it as an error and silently
discard the datagram. discard the datagram.
Advertised Receiver Window Credit (a_rwnd): 32 bit u_int Advertised Receiver Window Credit (a_rwnd): 32 bit u_int
This value represents the dedicated buffer space, in number of This value represents the dedicated buffer space, in number of
octets, the sender of the INIT has placed in association with this octets, the sender of the INIT has placed in association with this
window. During the life of the association this buffer space SHOULD window. During the life of the association this buffer space SHOULD
skipping to change at line 957 skipping to change at line 968
Defines the initial TSN that the sender will use. The valid range is Defines the initial TSN that the sender will use. The valid range is
from 0x0 to 0xffffffff. This field MAY be set to the value of the from 0x0 to 0xffffffff. This field MAY be set to the value of the
Initiate Tag field. Initiate Tag field.
Stewart, et al [Page 18] Stewart, et al [Page 18]
Vendor-specific parameters are allowed in INIT. However, they MUST be Vendor-specific parameters are allowed in INIT. However, they MUST be
appended to the end of the above INIT chunks. The format of the appended to the end of the above INIT chunks. The format of the
vendor-specific parameters MUST follow the Type-Length-value format as vendor-specific parameters MUST follow the Type-Length-value format as
defined in Section 2.2.2. In case an endpoint does not support the defined in Section 3.2.2. In case an endpoint does not support the
vendor-specific chunks received, it MUST ignore them. vendor-specific chunks received, it MUST ignore them.
2.3.1.1 Optional/Variable Length Parameters in INIT 3.3.1.1 Optional/Variable Length Parameters in INIT
The following parameters follow the Type-Length-Value format as The following parameters follow the Type-Length-Value format as
defined in Section 2.2.1. The IP address fields MUST come after defined in Section 3.2.1. The IP address fields MUST come after
the fixed-length fields defined in the previous Section. the fixed-length fields defined in the previous Section.
Any extensions MUST come after the IP address fields. Any extensions SHOULD come after the IP address fields.
IPv4 Address Parameter IPv4 Address Parameter
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Address | | IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1090 skipping to change at line 1101
| Address Type #1 | Address Type #2 | | Address Type #1 | Address Type #2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ...... | ......
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Address Type: 16 bit u_int Address Type: 16 bit u_int
This is filled with the type value of the corresponding address This is filled with the type value of the corresponding address
TLV (e.g., IPv4 = 0x0005, IPv6 = 0x0006). TLV (e.g., IPv4 = 0x0005, IPv6 = 0x0006).
2.3.2 Initiation Acknowledgment (INIT ACK) (00000010): 3.3.2 Initiation Acknowledgment (INIT ACK) (00000010):
The INIT ACK chunk is used to acknowledge the initiation of an SCTP The INIT ACK chunk is used to acknowledge the initiation of an SCTP
association. association.
The parameter part of INIT ACK is formatted similarly to the INIT The parameter part of INIT ACK is formatted similarly to the INIT
chunk. It uses two extra variable parameters: The State Cookie chunk. It uses two extra variable parameters: The State Cookie
and the Unrecognized Parameter: and the Unrecognized Parameter:
The format of the INIT ACK message is shown below: The format of the INIT ACK message is shown below:
skipping to change at line 1168 skipping to change at line 1179
If the INIT ACK contains at least one IP Address parameter, then only If the INIT ACK contains at least one IP Address parameter, then only
the transport address(es) explicitly indicated in the INIT ACK may be the transport address(es) explicitly indicated in the INIT ACK may be
used as the destination(s) by the receiver of the INIT ACK. However, used as the destination(s) by the receiver of the INIT ACK. However,
if the INIT ACK contains no IP Address parameter, the receiver of the if the INIT ACK contains no IP Address parameter, the receiver of the
INIT ACK MUST take the source IP address associated with this INIT ACK INIT ACK MUST take the source IP address associated with this INIT ACK
as its sole destination address for this association. as its sole destination address for this association.
Stewart, et al [Page 21] Stewart, et al [Page 21]
The State Cookie and Unrecognized Parameters use the Type-Length- The State Cookie and Unrecognized Parameters use the Type-Length-
Value format as defined in Section 2.2.1 and are described below. The Value format as defined in Section 3.2.1 and are described below. The
other fields are defined the same as their counterparts in the INIT other fields are defined the same as their counterparts in the INIT
message. message.
2.3.2.1 Optional or Variable Length Parameters 3.3.2.1 Optional or Variable Length Parameters
State Cookie: variable size, depending on Size of Cookie State Cookie: variable size, depending on Size of Cookie
This field MUST contain all the necessary state and parameter This field MUST contain all the necessary state and parameter
information required for the sender of this INIT ACK to create the information required for the sender of this INIT ACK to create the
association, along with an Integrity Check Value (ICV). See association, along with an Integrity Check Value (ICV). See
Section 4.1.3 for details on Cookie definition. The Cookie MUST be Section 5.1.3 for details on Cookie definition. The Cookie MUST be
padded with '0' to the next 32-bit word boundary. The internal padded with '0' to the next 32-bit word boundary. The internal
format of the Cookie is implementation-specific. format of the Cookie is implementation-specific.
Unrecognized Parameters: Variable Size. Unrecognized Parameters: Variable Size.
This parameter is returned to the originator of the INIT message if This parameter is returned to the originator of the INIT message if
the receiver does not recognize one or more Optional TLV parameters the receiver does not recognize one or more Optional TLV parameters
in the INIT chunk. This parameter field will contain the in the INIT chunk. This parameter field will contain the
unrecognized parameters copied from the INIT message complete unrecognized parameters copied from the INIT message complete
with TLV. with TLV.
Vendor-Specific parameters are allowed in INIT ACK. However, they Vendor-Specific parameters are allowed in INIT ACK. However, they
MUST be defined using the format described in Section 2.2.2, and be MUST be defined using the format described in Section 3.2.2, and be
appended to the end of the above INIT ACK chunk. In case the receiver appended to the end of the above INIT ACK chunk. In case the receiver
of the INIT ACK does not support the vendor-specific parameters of the INIT ACK does not support the vendor-specific parameters
received, it MUST ignore those fields. received, it MUST ignore those fields.
2.3.3 Selective Acknowledgment (SACK) (00000011): 3.3.3 Selective Acknowledgment (SACK) (00000011):
This chunk is sent to the remote endpoint to acknowledge received DATA This chunk is sent to the remote endpoint to acknowledge received DATA
chunks and to inform the remote endpoint of gaps in the received chunks and to inform the remote endpoint of gaps in the received
subsequences of DATA chunks as represented by their TSNs. subsequences of DATA chunks as represented by their TSNs.
The SACK MUST contain the Cumulative TSN ACK and Advertised Receiver The SACK MUST contain the Cumulative TSN ACK and Advertised Receiver
Window Credit (a_rwnd) parameters. By definition, the value of the Window Credit (a_rwnd) parameters. By definition, the value of the
Cumulative TSN ACK parameter is the last TSN received at the time the Cumulative TSN ACK parameter is the last TSN received at the time the
Selective ACK is sent, before a break in the sequence of received TSNs Selective ACK is sent, before a break in the sequence of received TSNs
occurs; the next TSN value following this one has not yet been occurs; the next TSN value following this one has not yet been
received at the reporting end. This parameter therefore acknowledges received at the reporting end. This parameter therefore acknowledges
receipt of all TSNs up to and including the value given. receipt of all TSNs up to and including the value given.
The handling of the a_rwnd by the receiver of the SACK is discussed in The handling of the a_rwnd by the receiver of the SACK is discussed in
detail in Section 5.2.1. detail in Section 6.2.1.
The Selective ACK also contains zero or more fragment reports. Each The Selective ACK also contains zero or more fragment reports. Each
fragment report acknowledges a subsequence of TSNs received following fragment report acknowledges a subsequence of TSNs received following
a break in the sequence of received TSNs. By definition, all TSNs a break in the sequence of received TSNs. By definition, all TSNs
acknowledged by fragment reports are higher than the value of the acknowledged by fragment reports are higher than the value of the
Cumulative TSN ACK. Cumulative TSN ACK.
Stewart, et al [Page 22] Stewart, et al [Page 22]
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at line 1261 skipping to change at line 1272
Set to all zeros on transmit and ignored on receipt. Set to all zeros on transmit and ignored on receipt.
Cumulative TSN ACK: 32 bit u_int Cumulative TSN ACK: 32 bit u_int
This parameter contains the TSN of the last DATA chunk received in This parameter contains the TSN of the last DATA chunk received in
sequence before a gap. sequence before a gap.
Advertised Receiver Window Credit (a_rwnd): 32 bit u_int Advertised Receiver Window Credit (a_rwnd): 32 bit u_int
This field indicates the updated receive buffer space in octets of This field indicates the updated receive buffer space in octets of
the sender of this SACK, see Section 5.2.1 for details. the sender of this SACK, see Section 6.2.1 for details.
Number of Fragments: 16 bit u_int Number of Fragments: 16 bit u_int
Indicates the number of TSN fragments included in this Selective Indicates the number of TSN fragments included in this Selective
ACK. ACK.
Number of Duplicate TSNs: 16 bit Number of Duplicate TSNs: 16 bit
This field contains the number of duplicate TSNs the endpoint This field contains the number of duplicate TSNs the endpoint
has received. Each duplicate TSN is listed following the fragment has received. Each duplicate TSN is listed following the fragment
skipping to change at line 1331 skipping to change at line 1342
---------- ----------
then, the parameter part of the Selective ACK MUST be constructed as then, the parameter part of the Selective ACK MUST be constructed as
follows (assuming the new a_rwnd is set to 0x1234 by the sender): follows (assuming the new a_rwnd is set to 0x1234 by the sender):
+---------------+--------------+ +---------------+--------------+
| Cumulative TSN ACK = 12 | | Cumulative TSN ACK = 12 |
----------------+--------------- ----------------+---------------
| a_rwnd = 0x1234 | | a_rwnd = 0x1234 |
----------------+--------------- ----------------+---------------
| num of frag=2 | (rev = 0) | | num of frag=2 | num of dup=0 |
----------------+--------------- ----------------+---------------
|frag #1 strt=2 |frag #1 end=3 | |frag #1 strt=2 |frag #1 end=3 |
----------------+--------------- ----------------+---------------
|frag #2 strt=5 |frag #2 end=5 | |frag #2 strt=5 |frag #2 end=5 |
-------------------------------- --------------------------------
Stewart, et al [Page 24] Stewart, et al [Page 24]
2.3.4 Heartbeat Request (HEARTBEAT) (00000100): 3.3.4 Heartbeat Request (HEARTBEAT) (00000100):
An endpoint should send this chunk to its peer endpoint of the current An endpoint should send this chunk to its peer endpoint of the current
association to probe the reachability of a particular destination association to probe the reachability of a particular destination
transport address defined in the present association. transport address defined in the present association.
The parameter field contains the Heartbeat Information which is a The parameter field contains the Heartbeat Information which is a
variable length opaque data structure understood only by the sender. variable length opaque data structure understood only by the sender.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at line 1371 skipping to change at line 1382
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
Heartbeat Length: Heartbeat Length:
Set to the size of the chunk in octets, including the chunk header Set to the size of the chunk in octets, including the chunk header
and the Heartbeat Information field. and the Heartbeat Information field.
Heartbeat Information: Heartbeat Information:
defined as a variable-length parameter using the format described in defined as a variable-length parameter using the format described in
Section 2.2.1, i.e.: Section 3.2.1, i.e.:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Heartbeat Info Type=1 | HB Info Length | | Heartbeat Info Type=1 | HB Info Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Sender-specific Heartbeat Info / / Sender-specific Heartbeat Info /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Sender-specific Heartbeat Info field should normally include The Sender-specific Heartbeat Info field should normally include
information about the sender's current time when this HEARTBEAT information about the sender's current time when this HEARTBEAT
message is sent and the destination transport address to which this message is sent and the destination transport address to which this
HEARTBEAT is sent (see Section 7.3). HEARTBEAT is sent (see Section 8.3).
Stewart, et al [Page 25] Stewart, et al [Page 25]
2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK) (00000101): 3.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK) (00000101):
An endpoint should send this chunk to its peer endpoint as a response An endpoint should send this chunk to its peer endpoint as a response
to a Heartbeat Request (see Section 7.3). to a Heartbeat Request (see Section 8.3).
The parameter field contains a variable length opaque data structure. The parameter field contains a variable length opaque data structure.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 0 1| Chunk Flags | Heartbeat Ack Length | |0 0 0 0 0 1 0 1| Chunk Flags | Heartbeat Ack Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \ \ \
/ Heartbeat Information (Variable-Length) / / Heartbeat Information (Variable-Length) /
skipping to change at line 1421 skipping to change at line 1432
Set to the size of the chunk in octets, including the chunk header Set to the size of the chunk in octets, including the chunk header
and the Heartbeat Information field. and the Heartbeat Information field.
Heartbeat Information: Heartbeat Information:
The values of this field SHALL be copied from the Heartbeat The values of this field SHALL be copied from the Heartbeat
Information field found in the Heartbeat Request to which this Information field found in the Heartbeat Request to which this
Heartbeat Acknowledgment is responding. Heartbeat Acknowledgment is responding.
2.3.6 Abort Association (ABORT) (00000110): 3.3.6 Abort Association (ABORT) (00000110):
The ABORT chunk is sent to the peer of an association to terminate the The ABORT chunk is sent to the peer of an association to terminate the
association. The ABORT chunk may contain cause parameters to inform association. The ABORT chunk may contain cause parameters to inform
the receiver the reason of the abort. DATA chunks MUST not be bundled the receiver the reason of the abort. DATA chunks MUST not be bundled
with ABORT. Control chunks MAY be bundled with an ABORT but they MUST with ABORT. Control chunks MAY be bundled with an ABORT but they MUST
be placed before the ABORT in the SCTP datagram, or they will be be placed before the ABORT in the SCTP datagram, or they will be
ignored by the receiver. ignored by the receiver.
If an endpoint receives an ABORT with a format error or for an If an endpoint receives an ABORT with a format error or for an
association that doesn't exist, it MUST silently discard it. association that doesn't exist, it MUST silently discard it.
skipping to change at line 1456 skipping to change at line 1467
Chunk Flags: Chunk Flags:
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
Length: Length:
Set to the size of the chunk in octets, including the chunk header Set to the size of the chunk in octets, including the chunk header
and all the Error Cause fields present. and all the Error Cause fields present.
See Section 2.3.9 for Error Cause definitions. See Section 3.3.9 for Error Cause definitions.
Note: Special rules apply to the Verification Tag field of SCTP Note: Special rules apply to the Verification Tag field of SCTP
datagrams which carry an ABORT, see Section 7.5 for details. datagrams which carry an ABORT, see Section 8.5.1 for details.
2.3.7 SHUTDOWN (00000111): 3.3.7 SHUTDOWN (00000111):
An endpoint in an association MUST use this chunk to initiate a An endpoint in an association MUST use this chunk to initiate a
graceful termination of the association with its peer. This chunk has graceful termination of the association with its peer. This chunk has
the following format. the following format.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| |0 0 0 0 0 1 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1486 skipping to change at line 1497
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
Cumulative TSN ACK: 32 bit u_int Cumulative TSN ACK: 32 bit u_int
This parameter contains the TSN of the last chunk received in This parameter contains the TSN of the last chunk received in
sequence before any gaps. sequence before any gaps.
Stewart, et al [Page 27] Stewart, et al [Page 27]
2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK) (00001000): 3.3.8 Shutdown Acknowledgment (SHUTDOWN ACK) (00001000):
This chunk MUST be used to acknowledge the receipt of the SHUTDOWN This chunk MUST be used to acknowledge the receipt of the SHUTDOWN
chunk at the completion of the shutdown process, see Section 8.2 for chunk at the completion of the shutdown process, see Section 9.2 for
details. details.
The SHUTDOWN ACK chunk has no parameters. The SHUTDOWN ACK chunk has no parameters.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 0 0|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| |0 0 0 0 1 0 0 0|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Chunk Flags: Chunk Flags:
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
Note: if the endpoint that receives the SHUTDOWN message does not have Note: if the endpoint that receives the SHUTDOWN message does not have
a TCB or tag for the sender of the SHUTDOWN, the receiver MUST still a TCB or tag for the sender of the SHUTDOWN, the receiver MUST still
respond. In such cases, the receiver MUST send back a stand-alone respond. In such cases, the receiver MUST send back a stand-alone
SHUTDOWN ACK chunk in an SCTP datagram with the Verification Tag field SHUTDOWN ACK chunk in an SCTP datagram with the Verification Tag field
of the common header filled with all '0's. of the common header filled with all '0's.
2.3.9 Operation Error (ERROR) (00001001): 3.3.9 Operation Error (ERROR) (00001001):
This chunk is sent to the other endpoint in the association to notify This chunk is sent to the other endpoint in the association to notify
certain error conditions. It contains one or more error causes. It has certain error conditions. It contains one or more error causes. It has
the following parameters: the following parameters:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 0 1| Chunk Flags | Length | |0 0 0 0 1 0 0 1| Chunk Flags | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1536 skipping to change at line 1547
Chunk Flags: Chunk Flags:
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
Length: Length:
Set to the size of the chunk in octets, including the chunk header Set to the size of the chunk in octets, including the chunk header
and all the Error Cause fields present. and all the Error Cause fields present.
Error causes are defined as variable-length parameters using the Error causes are defined as variable-length parameters using the
format described in 2.2.1, i.e.: format described in 3.2.1, i.e.:
Stewart, et al [Page 28] Stewart, et al [Page 28]
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code | Cause Length | | Cause Code | Cause Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Cause-specific Information / / Cause-specific Information /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1653 skipping to change at line 1664
/ The Unrecognized Parameters / / The Unrecognized Parameters /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The error field will contain the unrecognized parameters copied The error field will contain the unrecognized parameters copied
from the INIT ACK message complete with TLV. This error is normally from the INIT ACK message complete with TLV. This error is normally
bundled with the Cookie chunk when responding to the INIT ACK, when bundled with the Cookie chunk when responding to the INIT ACK, when
the sender of the Cookie wishes to report unrecognized parameters. the sender of the Cookie wishes to report unrecognized parameters.
Guidelines for IETF-defined Error Cause extensions are discussed in Guidelines for IETF-defined Error Cause extensions are discussed in
Section 12.3 of this document. Section 13.3 of this document.
2.3.10 State Cookie (COOKIE) (00001010): 3.3.10 State Cookie (COOKIE) (00001010):
This chunk is used only during the initialization of an association. This chunk is used only during the initialization of an association.
It is sent by the initiator of an association to its peer to complete It is sent by the initiator of an association to its peer to complete
the initialization process. This chunk MUST precede any chunk the initialization process. This chunk MUST precede any chunk
sent within the association, but MAY be bundled with one or more DATA sent within the association, but MAY be bundled with one or more DATA
chunks in the same datagram. chunks in the same datagram.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1684 skipping to change at line 1695
Length: 16 bit u_int Length: 16 bit u_int
Set to the size of the chunk in octets, including the 4 octets of Set to the size of the chunk in octets, including the 4 octets of
the chunk header and the size of the Cookie. the chunk header and the size of the Cookie.
Stewart, et al [Page 30] Stewart, et al [Page 30]
Cookie: variable size Cookie: variable size
This field must contain the exact cookie received in a previous INIT This field must contain the exact cookie received in the
ACK. State Cookie parameter from a previous INIT ACK.
2.3.11 Cookie Acknowledgment (COOKIE ACK) (00001011): 3.3.11 Cookie Acknowledgment (COOKIE ACK) (00001011):
This chunk is used only during the initialization of an association. This chunk is used only during the initialization of an association.
It is used to acknowledge the receipt of a COOKIE chunk. This chunk It is used to acknowledge the receipt of a COOKIE chunk. This chunk
MUST precede any chunk sent within the association, but MAY be MUST precede any chunk sent within the association, but MAY be
bundled with one or more DATA chunks in the same SCTP datagram. bundled with one or more DATA chunks in the same SCTP datagram.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| |0 0 0 0 1 0 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Chunk Flags: Chunk Flags:
Set to zero on transmit and ignored on receipt. Set to zero on transmit and ignored on receipt.
2.3.12 Payload Data (DATA) (00000000): 3.3.12 Payload Data (DATA) (00000000):
The following format MUST be used for the DATA chunk: The following format MUST be used for the DATA chunk:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0| Reserved|U|B|E| Length | |0 0 0 0 0 0 0 0| Reserved|U|B|E| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TSN | | TSN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at line 1809 skipping to change at line 1820
The value 0x0 indicates no application identifier is specified by The value 0x0 indicates no application identifier is specified by
the upper layer for this payload data. the upper layer for this payload data.
User Data: variable length User Data: variable length
This is the payload user data. The implementation MUST pad the end This is the payload user data. The implementation MUST pad the end
of the data to a 32 bit boundary with 0 octets. Any padding MUST of the data to a 32 bit boundary with 0 octets. Any padding MUST
NOT be included in the length field. NOT be included in the length field.
2.4 Vendor-Specific Chunk Extensions 3.4 Vendor-Specific Chunk Extensions
This Chunk type is available to allow vendors to support their own This Chunk type is available to allow vendors to support their own
extended data formats not defined by the IETF. It MUST not affect the extended data formats not defined by the IETF. It MUST not affect the
operation of SCTP. In particular, when adding a Vendor Specific chunk operation of SCTP. In particular, when adding a Vendor Specific chunk
type, the vendor defined chunks MUST obey the congestion avoidance type, the vendor defined chunks MUST obey the congestion avoidance
rules defined in this document if they carry user data. User data is rules defined in this document if they carry user data. User data is
defined as any data transported over the association that is delivered defined as any data transported over the association that is delivered
to the upper layer of the receiver. to the upper layer of the receiver.
Endpoints not equipped to interpret the vendor-specific chunk sent by Endpoints not equipped to interpret the vendor-specific chunk sent by
skipping to change at line 1870 skipping to change at line 1881
Value: Variable length Value: Variable length
The Value field is one or more octets. The actual format of the The Value field is one or more octets. The actual format of the
information is site or application specific, and a robust information is site or application specific, and a robust
implementation SHOULD support the field as undistinguished implementation SHOULD support the field as undistinguished
octets. octets.
The codification of the range of allowed usage of this field is The codification of the range of allowed usage of this field is
outside the scope of this specification. outside the scope of this specification.
3. SCTP Association State Diagram 4. SCTP Association State Diagram
During the lifetime of an SCTP association, the SCTP endpoints During the lifetime of an SCTP association, the SCTP endpoints
progress from one state to another in response to various events. The progress from one state to another in response to various events. The
events that may potentially advance an endpoint's state include: events that may potentially advance an endpoint's state include:
o SCTP user primitive calls, e.g., [ASSOCIATE], [TERMINATE], [ABORT], o SCTP user primitive calls, e.g., [ASSOCIATE], [TERMINATE], [ABORT],
o reception of INIT, COOKIE, ABORT, SHUTDOWN, etc. control o reception of INIT, COOKIE, ABORT, SHUTDOWN, etc. control
chunks, or chunks, or
skipping to change at line 1969 skipping to change at line 1980
| | | |
\ +---------+ / \ +---------+ /
\-->| CLOSED |<--/ \-->| CLOSED |<--/
+---------+ +---------+
Note: Note:
(1) If the received COOKIE is invalid (i.e., failed to pass the (1) If the received COOKIE is invalid (i.e., failed to pass the
authentication check), the receiver MUST silently discard the authentication check), the receiver MUST silently discard the
datagram. Or, if the received COOKIE is expired (see Section datagram. Or, if the received COOKIE is expired (see Section
4.1.5), the receiver SHALL send back an ERROR chunk. In either 5.1.5), the receiver SHALL send back an ERROR chunk. In either
case, the receiver stays in the CLOSED state. case, the receiver stays in the CLOSED state.
(2) If the init timer expires, the endpoint SHALL retransmit INIT (2) If the init timer expires, the endpoint SHALL retransmit INIT
and re-start the init timer without changing state. This SHALL be and re-start the init timer without changing state. This SHALL be
repeated up to 'Max.Init.Retransmits' times. After that, the repeated up to 'Max.Init.Retransmits' times. After that, the
endpoint SHALL abort the initialization process and report the endpoint SHALL abort the initialization process and report the
error to SCTP user. error to SCTP user.
(3) If the T1-cookie timer expires, the endpoint SHALL retransmit (3) If the T1-cookie timer expires, the endpoint SHALL retransmit
COOKIE and re-start the T1-cookie timer without changing COOKIE and re-start the T1-cookie timer without changing
state. This SHALL be repeated up to 'Max.Init.Retransmits' state. This SHALL be repeated up to 'Max.Init.Retransmits'
times. After that, the endpoint SHALL abort the initialization times. After that, the endpoint SHALL abort the initialization
process and report the error to SCTP user. process and report the error to SCTP user.
(4) In SHUTDOWN-SENT state the endpoint SHALL acknowledge any received (4) In SHUTDOWN-SENT state the endpoint SHALL acknowledge any received
DATA chunks without delay DATA chunks without delay
(5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new (5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new
send request from its SCTP user. send request from its SCTP user.
4. Association Initialization 5. Association Initialization
Before the first data transmission can take place from one SCTP Before the first data transmission can take place from one SCTP
endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must
complete an initialization process in order to set up an SCTP complete an initialization process in order to set up an SCTP
association between them. association between them.
The SCTP user at an endpoint should use the ASSOCIATE primitive to The SCTP user at an endpoint should use the ASSOCIATE primitive to
initialize an SCTP association to another SCTP endpoint. initialize an SCTP association to another SCTP endpoint.
Stewart, et al [Page 36] Stewart, et al [Page 36]
IMPLEMENTATION NOTE: From an SCTP-user's point of view, an IMPLEMENTATION NOTE: From an SCTP-user's point of view, an
association may be implicitly opened, without an ASSOCIATE primitive association may be implicitly opened, without an ASSOCIATE primitive
(see 9.1 B) being invoked, by the initiating endpoint's sending of (see 10.1 B) being invoked, by the initiating endpoint's sending of
the first user data to the destination endpoint. The initiating SCTP the first user data to the destination endpoint. The initiating SCTP
will assume default values for all mandatory and optional parameters will assume default values for all mandatory and optional parameters
for the INIT/INIT ACK. for the INIT/INIT ACK.
Once the association is established, unidirectional streams will be Once the association is established, unidirectional streams will be
open for data transfer on both ends (see Section 4.1.1). open for data transfer on both ends (see Section 5.1.1).
4.1 Normal Establishment of an Association 5.1 Normal Establishment of an Association
The initialization process consists of the following steps (assuming The initialization process consists of the following steps (assuming
that SCTP endpoint "A" tries to set up an association with SCTP that SCTP endpoint "A" tries to set up an association with SCTP
endpoint "Z" and "Z" accepts the new association): endpoint "Z" and "Z" accepts the new association):
A) "A" shall first send an INIT message to "Z". In the INIT, "A" must A) "A" shall first send an INIT message to "Z". In the INIT, "A" must
provide its security tag "Tag_A" in the Initiate Tag field. Tag_A provide its security tag "Tag_A" in the Initiate Tag field. Tag_A
SHOULD be a random number in the range of 0x1 to 0xffffffff (see SHOULD be a random number in the range of 0x1 to 0xffffffff (see
4.3.1 for Tag value selection). After sending the INIT, "A" starts 5.3.1 for Tag value selection). After sending the INIT, "A" starts
the T1-init timer and enters the COOKIE-WAIT state. the T1-init timer and enters the COOKIE-WAIT state.
B) "Z" shall respond immediately with an INIT ACK message. In the B) "Z" shall respond immediately with an INIT ACK message. In the
message, besides filling in other parameters, "Z" must set the message, besides filling in other parameters, "Z" must set the
Verification Tag field to Tag_A, and also provide its own security Verification Tag field to Tag_A, and also provide its own security
tag "Tag_Z" in the Initiate Tag field. tag "Tag_Z" in the Initiate Tag field.
Moreover, "Z" MUST generate and send along with the INIT ACK an Moreover, "Z" MUST generate and send along with the INIT ACK an
State Cookie. See Section 4.1.3 for State Cookie generation. State Cookie. See Section 5.1.3 for State Cookie generation.
Note: after sending out INIT ACK with the cookie, "Z" MUST not Note: after sending out INIT ACK with the cookie, "Z" MUST not
allocate any resources, nor keep any states for the new allocate any resources, nor keep any states for the new
association. Otherwise, "Z" will be vulnerable to resource attacks. association. Otherwise, "Z" will be vulnerable to resource attacks.
C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init
timer and leave COOKIE-WAIT state. "A" shall then send the cookie timer and leave COOKIE-WAIT state. "A" shall then send the cookie
received in the INIT ACK message in a cookie chunk, start the received in the INIT ACK message in a cookie chunk, start the
T1-cookie timer, and enter the COOKIE-SENT state. T1-cookie timer, and enter the COOKIE-SENT state.
skipping to change at line 2061 skipping to change at line 2072
IMPLEMENTATION NOTE: an implementation may choose to send the IMPLEMENTATION NOTE: an implementation may choose to send the
Communication Up notification to the SCTP user upon reception Communication Up notification to the SCTP user upon reception
of a valid COOKIE. of a valid COOKIE.
Stewart, et al [Page 37] Stewart, et al [Page 37]
E) Upon reception of the COOKIE ACK, endpoint "A" will move from the E) Upon reception of the COOKIE ACK, endpoint "A" will move from the
COOKIE-SENT state to the ESTABLISHED state, stopping the T1-cookie COOKIE-SENT state to the ESTABLISHED state, stopping the T1-cookie
timer, and it may also notify its ULP about the successful timer, and it may also notify its ULP about the successful
establishment of the associate with a Communication Up notification establishment of the associate with a Communication Up notification
(see Section 9). (see Section 10).
Note: A DATA chunk MUST NOT be carried in the INIT or INIT ACK message. Note: A DATA chunk MUST NOT be carried in the INIT or INIT ACK message.
Note: T1-init timer and T1-cookie timer shall follow the same rules Note: T1-init timer and T1-cookie timer shall follow the same rules
given in Section 5.3. given in Section 6.3.
Note: if an endpoint receives an INIT, INIT ACK, or COOKIE chunk but Note: if an endpoint receives an INIT, INIT ACK, or COOKIE chunk but
decides not to establish the new association due to missing mandatory decides not to establish the new association due to missing mandatory
parameters in the received INIT or INIT ACK, invalid parameter values, parameters in the received INIT or INIT ACK, invalid parameter values,
or, lack of local resources, it SHALL respond with an ABORT chunk. It or, lack of local resources, it SHALL respond with an ABORT chunk. It
SHOULD also specify the cause of abort, such as the type of the SHOULD also specify the cause of abort, such as the type of the
missing mandatory parameters, etc., by either including cause missing mandatory parameters, etc., by either including cause
parameters or bundling with the ABORT one or more Operational ERROR parameters or bundling with the ABORT one or more Operational ERROR
chunks. The Verification Tag field in the common header of the chunks. The Verification Tag field in the common header of the
outbound abort datagram MUST be set to equal the Initiate Tag value of outbound abort datagram MUST be set to equal the Initiate Tag value of
the peer. the peer.
Note: After the reception of the first data chunk in an association Note: After the reception of the first data chunk in an association
the receiver MUST immediately respond with a SACK to acknowledge the receiver MUST immediately respond with a SACK to acknowledge
the data chunk, subsequent acknowledgments should be done as the data chunk, subsequent acknowledgments should be done as
described in section 5.2. described in section 6.2.
Note: When an SCTP endpoint sends an INIT or INIT ACK it SHOULD Note: When an SCTP endpoint sends an INIT or INIT ACK it SHOULD
include all of its transport addresses in the parameter section. This include all of its transport addresses in the parameter section. This
is because it may NOT be possible to control the "sending" address is because it may NOT be possible to control the "sending" address
that a receiver of an SCTP datagram sees. A receiver thus MUST know that a receiver of an SCTP datagram sees. A receiver thus MUST know
every address that may be a source address for a peer SCTP endpoint, every address that may be a source address for a peer SCTP endpoint,
this assures that the inbound SCTP datagram can be matched to the this assures that the inbound SCTP datagram can be matched to the
proper association. proper association.
Note: At the time when the TCB is created, either end MUST set its Note: At the time when the TCB is created, either end MUST set its
internal cumulative TSN acknowledgment point to its peer's Initial TSN internal cumulative TSN acknowledgment point to its peer's Initial TSN
minus one. minus one.
IMPLEMENTATION Note: The IP address and SCTP port(s) are generally IMPLEMENTATION Note: The IP address and SCTP port(s) are generally
used as the key to find the TCB within an SCTP instance. used as the key to find the TCB within an SCTP instance.
4.1.1 Handle Stream Parameters 5.1.1 Handle Stream Parameters
In the INIT and INIT ACK messages, the sender of the message shall In the INIT and INIT ACK messages, the sender of the message shall
indicate the number of outbound streams (OS) it wishes to have in the indicate the number of outbound streams (OS) it wishes to have in the
association, as well as the maximal inbound streams (MIS) it will association, as well as the maximal inbound streams (MIS) it will
accept from the other endpoint. accept from the other endpoint.
After receiving these stream configuration information from the other After receiving these stream configuration information from the other
side, each endpoint shall perform the following check: if the peer's side, each endpoint shall perform the following check: if the peer's
MIS is less than the endpoint's OS, meaning that the peer is incapable MIS is less than the endpoint's OS, meaning that the peer is incapable
of supporting all the outbound streams the endpoint wants to of supporting all the outbound streams the endpoint wants to
configure, the endpoint MUST either settle with MIS outbound streams, configure, the endpoint MUST either settle with MIS outbound streams,
or abort the association and report to its upper layer the resources or abort the association and report to its upper layer the resources
shortage at its peer. shortage at its peer.
Stewart, et al [Page 38] Stewart, et al [Page 38]
After the association is initialized, the valid outbound stream After the association is initialized, the valid outbound stream
identifier range for either endpoint shall be 0 to identifier range for either endpoint shall be 0 to
min(local OS, remote MIS)-1. min(local OS, remote MIS)-1.
4.1.2 Handle Address Parameters 5.1.2 Handle Address Parameters
During the association initialization, an endpoint shall use the During the association initialization, an endpoint shall use the
following rules to discover and collect the destination transport following rules to discover and collect the destination transport
address(es) of its peer. address(es) of its peer.
A) If there are no address parameters present in the received INIT A) If there are no address parameters present in the received INIT
or INIT ACK message, the receiver shall take the source IP address or INIT ACK message, the receiver shall take the source IP address
from which the message arrives and record it, in combination with from which the message arrives and record it, in combination with
the SCTP source port number, as the only destination transport the SCTP source port number, as the only destination transport
address for this peer. address for this peer.
skipping to change at line 2199 skipping to change at line 2210
abort the association with an Unresolvable Address error if it is abort the association with an Unresolvable Address error if it is
unwilling or incapable of using any of the address types indicated by unwilling or incapable of using any of the address types indicated by
its peer. its peer.
IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK
fails to resolve the address parameter due to an unsupported type, fails to resolve the address parameter due to an unsupported type,
it can abort the initiation process and then attempt a re-initiation it can abort the initiation process and then attempt a re-initiation
by using a 'Supported Address Types' parameter in the new INIT to by using a 'Supported Address Types' parameter in the new INIT to
indicate what types of address it prefers. indicate what types of address it prefers.
4.1.3 Generating State Cookie 5.1.3 Generating State Cookie
When sending an INIT ACK as a response to an INIT message, the sender When sending an INIT ACK as a response to an INIT message, the sender
of INIT ACK should create an State Cookie and send it as part of the of INIT ACK should create an State Cookie and send it as part of the
INIT ACK. Inside this State Cookie, the sender should include a ICV INIT ACK. Inside this State Cookie, the sender should include a ICV
security signature or MAC (message Authentication code) [4], a time security signature or MAC (message Authentication code) [4], a time
stamp on when the cookie is created, and the lifespan of the cookie, stamp on when the cookie is created, and the lifespan of the cookie,
along with all the information necessary for it to establish the along with all the information necessary for it to establish the
association. association.
The following steps SHOULD be taken to generate the cookie: The following steps SHOULD be taken to generate the cookie:
skipping to change at line 2236 skipping to change at line 2247
the TCB and any other local resource related to the new association, the TCB and any other local resource related to the new association,
so as to prevent resource attacks. so as to prevent resource attacks.
The ICV and hashing method used to generate the MAC is strictly a The ICV and hashing method used to generate the MAC is strictly a
private matter for the receiver of the INIT message. The use of a MAC private matter for the receiver of the INIT message. The use of a MAC
is mandatory to prevent denial of service attacks. The Private Key is mandatory to prevent denial of service attacks. The Private Key
MUST be random per RFC1750 [1]; it SHOULD be changed reasonably MUST be random per RFC1750 [1]; it SHOULD be changed reasonably
frequently, and the timestamp in the cookie MAY be used to determine frequently, and the timestamp in the cookie MAY be used to determine
which key should be used to verify the MAC. which key should be used to verify the MAC.
4.1.4 Cookie Processing 5.1.4 Cookie Processing
When an endpoint receives an INIT ACK chunk with a State Cookie When an endpoint receives an INIT ACK chunk with a State Cookie
parameter, it MUST immediately send a COOKIE chunk to its peer with parameter, it MUST immediately send a COOKIE chunk to its peer with
the received cookie. The sender MAY also add any pending DATA chunks the received cookie. The sender MAY also add any pending DATA chunks
to the message. to the message.
The sender shall also start the T1-cookie timer after sending out The sender shall also start the T1-cookie timer after sending out
the COOKIE chunk. If the timer expires, the sender shall retransmit the COOKIE chunk. If the timer expires, the sender shall retransmit
the COOKIE chunk and restart the T1-cookie timer. This is repeated until the COOKIE chunk and restart the T1-cookie timer. This is repeated until
either a COOKIE ACK is received or 'Max.Init.Retransmits' is reached either a COOKIE ACK is received or 'Max.Init.Retransmits' is reached
causing the endpoint to be marked unreachable (and thus the association causing the endpoint to be marked unreachable (and thus the association
enters the CLOSED state). enters the CLOSED state).
4.1.5 Cookie Authentication 5.1.5 Cookie Authentication
When an endpoint receives a COOKIE chunk from another endpoint with When an endpoint receives a COOKIE chunk from another endpoint with
which it has no association, it shall take the following actions: which it has no association, it shall take the following actions:
1) compute a MAC signature using the TCB data carried in the cookie 1) compute a MAC signature using the TCB data carried in the cookie
and the Private Key (note the timestamp in the cookie MAY be and the Private Key (note the timestamp in the cookie MAY be
used to determine which Private Key to use) reference [4] SHOULD used to determine which Private Key to use) reference [4] SHOULD
be used has a guideline for generating the MAC, be used has a guideline for generating the MAC,
2) authenticate the cookie as one that it previously generated by 2) authenticate the cookie as one that it previously generated by
skipping to change at line 2277 skipping to change at line 2288
the cookie, then the datagram, including the COOKIE and the the cookie, then the datagram, including the COOKIE and the
attached user data, SHOULD be discarded and the endpoint MUST attached user data, SHOULD be discarded and the endpoint MUST
transmit a stale cookie operational error to the sending endpoint, transmit a stale cookie operational error to the sending endpoint,
4) if the cookie is valid, create an association to the sender of the 4) if the cookie is valid, create an association to the sender of the
COOKIE message with the information in the TCB data carried in the COOKIE message with the information in the TCB data carried in the
COOKIE, and enter the ESTABLISHED state, COOKIE, and enter the ESTABLISHED state,
5) immediately acknowledge any DATA chunk in the datagram with a SACK 5) immediately acknowledge any DATA chunk in the datagram with a SACK
(subsequent datagram acknowledgment should follow the rules defined (subsequent datagram acknowledgment should follow the rules defined
in Section 5.2), and, in Section 6.2), and,
Stewart, et al [Page 40] Stewart, et al [Page 40]
6) send a COOKIE ACK chunk to the sender acknowledging reception of 6) send a COOKIE ACK chunk to the sender acknowledging reception of
the cookie. The COOKIE ACK MAY be piggy-backed with any outbound the cookie. The COOKIE ACK MAY be piggy-backed with any outbound
DATA chunk or SACK chunk. DATA chunk or SACK chunk.
Note that if a COOKIE is received from an endpoint with which the Note that if a COOKIE is received from an endpoint with which the
receiver of the COOKIE has an existing association, the procedures in receiver of the COOKIE has an existing association, the procedures in
section 4.2 should be followed. section 5.2 should be followed.
4.1.6 An Example of Normal Association Establishment 5.1.6 An Example of Normal Association Establishment
In the following example, "A" initiates the association and then sends In the following example, "A" initiates the association and then sends
a user message to "Z", then "Z" sends two user messages to "A" later a user message to "Z", then "Z" sends two user messages to "A" later
(assuming no bundling or segmentation occurs): (assuming no bundling or segmentation occurs):
Endpoint A Endpoint Z Endpoint A Endpoint Z
{app sets association with Z} {app sets association with Z}
(build TCB) (build TCB)
INIT [INIT Tag=Tag_A INIT [INIT Tag=Tag_A
skipping to change at line 2347 skipping to change at line 2358
\ \
\------> \------>
Note that If T1-init timer expires at "A" after the INIT or COOKIE Note that If T1-init timer expires at "A" after the INIT or COOKIE
chunks are sent, the same INIT or cookie chunk with the same Initiate chunks are sent, the same INIT or cookie chunk with the same Initiate
Tag (i.e., Tag_A) or cookie shall be retransmitted and the timer Tag (i.e., Tag_A) or cookie shall be retransmitted and the timer
restarted. This shall be repeated Max.Init.Retransmits times before "A" restarted. This shall be repeated Max.Init.Retransmits times before "A"
considers "Z" unreachable and reports the failure to its upper layer considers "Z" unreachable and reports the failure to its upper layer
(and thus the association enters the CLOSED state). When (and thus the association enters the CLOSED state). When
retransmitting the INIT, the endpoint SHALL following the rules retransmitting the INIT, the endpoint SHALL following the rules
defined in 5.3 to determine the proper timer value. defined in 6.3 to determine the proper timer value.
4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK 5.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK
During the life time of an association (in one of the possible During the life time of an association (in one of the possible
states), an endpoint may receive from its peer endpoint one of the states), an endpoint may receive from its peer endpoint one of the
setup chunks (INIT, INIT ACK, COOKIE, and COOKIE ACK). The receiver setup chunks (INIT, INIT ACK, COOKIE, and COOKIE ACK). The receiver
shall treat such a setup chuck as a duplicate and process it as shall treat such a setup chuck as a duplicate and process it as
described in this section. described in this section.
The following scenarios can cause duplicated chunks: The following scenarios can cause duplicated chunks:
A) The peer has crashed without being detected, and re-started itself A) The peer has crashed without being detected, and re-started itself
skipping to change at line 2376 skipping to change at line 2387
the present association or a past association which is no longer in the present association or a past association which is no longer in
existence, existence,
D) The chunk is a false message generated by an attacker, or D) The chunk is a false message generated by an attacker, or
E) The peer never received the COOKIE ACK and is retransmitting its E) The peer never received the COOKIE ACK and is retransmitting its
COOKIE. COOKIE.
In case A), the endpoint shall reset the present association and set a In case A), the endpoint shall reset the present association and set a
new association with its peer. Case B) is unique and is discussed in new association with its peer. Case B) is unique and is discussed in
Section 4.2.1. However, in cases C), D) and E), the endpoint must retain Section 5.2.1. However, in cases C), D) and E), the endpoint must retain
the present association. the present association.
The rules in the following sections shall be applied in order to The rules in the following sections shall be applied in order to
identify and correctly handle these cases. identify and correctly handle these cases.
Stewart, et al [Page 42] Stewart, et al [Page 42]
4.2.1 Handle Duplicate INIT in COOKIE-WAIT or COOKIE-SENT State 5.2.1 Handle Duplicate INIT in COOKIE-WAIT or COOKIE-SENT State
This usually indicates an initialization collision, i.e., both This usually indicates an initialization collision, i.e., both
endpoints are attempting at about the same time to establish an endpoints are attempting at about the same time to establish an
association with the other endpoint. association with the other endpoint.
In such a case, each of the two side shall respond to the other side In such a case, each of the two side shall respond to the other side
with an INIT ACK, with the Verification Tag field of the common header with an INIT ACK, with the Verification Tag field of the common header
set to the tag value received from the INIT message, and the Initiate set to the tag value received from the INIT message, and the Initiate
Tag field set to its own tag value (the same tag used in the INIT Tag field set to its own tag value (the same tag used in the INIT
message sent out by itself). Each responder shall also generate a message sent out by itself). Each responder shall also generate a
cookie with the INIT ACK. cookie with the INIT ACK.
After that, no other actions shall be taken by either side, i.e., the After that, no other actions shall be taken by either side, i.e., the
endpoint shall not change its state, and the T1-init timer shall be endpoint shall not change its state, and the T1-init timer shall be
left running. The normal procedures for handling cookies will left running. The normal procedures for handling cookies will
resolve the duplicate INITs to a single association. resolve the duplicate INITs to a single association.
4.2.2 Handle Duplicate INIT in Other States 5.2.2 Handle Duplicate INIT in Other States
Upon reception of the duplicated INIT, the receiver shall generate an Upon reception of the duplicated INIT, the receiver shall generate an
INIT ACK with an State Cookie. INIT ACK with an State Cookie.
In the outbound INIT ACK, the endpoint shall set the Verification Tag In the outbound INIT ACK, the endpoint shall set the Verification Tag
field in the common header to the peer's new tag value (from the field in the common header to the peer's new tag value (from the
duplicated INIT message), and the Initiate Tag field to its own tag duplicated INIT message), and the Initiate Tag field to its own tag
value (unchanged from the existing association). The included value (unchanged from the existing association). The included
State Cookie shall be generated using the current time and a State Cookie shall be generated using the current time and a
temporary TCB constructed with the information provided in the temporary TCB constructed with the information provided in the
duplicated INIT message (see Section 4.1.3). This temporary TCB MUST duplicated INIT message (see Section 5.1.3). This temporary TCB MUST
be destroyed after the outbound INIT ACK is built. be destroyed after the outbound INIT ACK is built.
After sending out the INIT ACK, the endpoint shall take no further After sending out the INIT ACK, the endpoint shall take no further
actions, i.e., the existing association, including its current state, actions, i.e., the existing association, including its current state,
and the corresponding TCB MUST not be changed. and the corresponding TCB MUST not be changed.
4.2.3 Handle Duplicate INIT ACK 5.2.3 Handle Duplicate INIT ACK
If an INIT ACK is received by an endpoint in any state If an INIT ACK is received by an endpoint in any state
other than the COOKIE-WAIT state, the endpoint should discard other than the COOKIE-WAIT state, the endpoint should discard
the INIT ACK message. A duplicate INIT ACK usually indicates the the INIT ACK message. A duplicate INIT ACK usually indicates the
processing of an old INIT or duplicated INIT message. processing of an old INIT or duplicated INIT message.
4.2.4 Handle Duplicate Cookie 5.2.4 Handle Duplicate Cookie
When a duplicated COOKIE chunk is received in any state for an When a duplicated COOKIE chunk is received in any state for an
existing association the following rules shall be applied: existing association the following rules shall be applied:
1) compute a MAC signature using the TCB data carried in the cookie 1) compute a MAC signature using the TCB data carried in the cookie
along with the receiver's private security key, along with the receiver's private security key,
Stewart, et al [Page 43] Stewart, et al [Page 43]
2) authenticate the cookie by comparing the computed MAC signature 2) authenticate the cookie by comparing the computed MAC signature
skipping to change at line 2492 skipping to change at line 2503
restart report, or B) automatically re-queue any datagrams restart report, or B) automatically re-queue any datagrams
pending by marking all of them as never-sent and assigning pending by marking all of them as never-sent and assigning
new TSN's at the time of their initial transmissions based upon new TSN's at the time of their initial transmissions based upon
the updated starting TSN (as defined in section 5). the updated starting TSN (as defined in section 5).
Note: The "peer's Verification Tag" is the tag received in the INIT Note: The "peer's Verification Tag" is the tag received in the INIT
or INIT ACK chunk. or INIT ACK chunk.
Stewart, et al [Page 44] Stewart, et al [Page 44]
4.2.5 Handle Duplicate COOKIE-ACK. 5.2.5 Handle Duplicate COOKIE-ACK.
At any state other than COOKIE-SENT, an endpoint may receive a At any state other than COOKIE-SENT, an endpoint may receive a
duplicated COOKIE ACK chunk. If so, the chunk should be silently duplicated COOKIE ACK chunk. If so, the chunk should be silently
discarded. discarded.
4.2.6 Handle Stale COOKIE Error 5.2.6 Handle Stale COOKIE Error
A stale cookie error indicates one of a number of possible events: A stale cookie error indicates one of a number of possible events:
A) that the association failed to completely setup before the A) that the association failed to completely setup before the
cookie issued by the sender was processed. cookie issued by the sender was processed.
B) an old cookie was processed after setup completed. B) an old cookie was processed after setup completed.
C) an old cookie is received from someone that the receiver is C) an old cookie is received from someone that the receiver is
not interested in having an association with and the ABORT not interested in having an association with and the ABORT
skipping to change at line 2534 skipping to change at line 2545
setting-up the association. setting-up the association.
3) Send a new INIT message to the endpoint, adding a cookie 3) Send a new INIT message to the endpoint, adding a cookie
preservative parameter requesting an extension on the life time of preservative parameter requesting an extension on the life time of
the cookie. When calculating the time extension, an implementation the cookie. When calculating the time extension, an implementation
SHOULD use the RTT information measured based on the previous SHOULD use the RTT information measured based on the previous
COOKIE / Stale COOKIE message exchange, and should add no more COOKIE / Stale COOKIE message exchange, and should add no more
than 1 second beyond the measured RTT, due to a long cookie life than 1 second beyond the measured RTT, due to a long cookie life
time makes the endpoint more subject to a replay attack. time makes the endpoint more subject to a replay attack.
4.3 Other Initialization Issues 5.3 Other Initialization Issues
4.3.1 Selection of Tag Value 5.3.1 Selection of Tag Value
Initiate Tag values should be selected from the range of 0x1 to Initiate Tag values should be selected from the range of 0x1 to
0xffffffff. It is very important that the Tag value be randomized to 0xffffffff. It is very important that the Tag value be randomized to
help protect against "man in the middle" and "sequence number" attacks. help protect against "man in the middle" and "sequence number" attacks.
It is suggested that RFC 1750 [1] be used for the Tag randomization. It is suggested that RFC 1750 [1] be used for the Tag randomization.
Stewart, et al [Page 45] Stewart, et al [Page 45]
Moreover, the tag value used by either endpoint in a given association Moreover, the tag value used by either endpoint in a given association
MUST never be changed during the lifetime of the association. However, MUST never be changed during the lifetime of the association. However,
a new tag value MUST be used each time the endpoint tears-down and a new tag value MUST be used each time the endpoint tears-down and
then re-establishes the association to the same peer. then re-establishes the association to the same peer.
5. User Data Transfer 6. User Data Transfer
For transmission efficiency, SCTP defines mechanisms for bundling of For transmission efficiency, SCTP defines mechanisms for bundling of
small user messages and segmentation of large user messages. small user messages and segmentation of large user messages.
The following diagram depicts the flow of user messages through SCTP. The following diagram depicts the flow of user messages through SCTP.
+--------------------------+ +--------------------------+
| User Messages | | User Messages |
+--------------------------+ +--------------------------+
SCTP user ^ | SCTP user ^ |
==================|==|======================================= ==================|==|=======================================
skipping to change at line 2580 skipping to change at line 2591
SCTP ^ | SCTP ^ |
===========================|==|=========================== ===========================|==|===========================
| v | v
Unreliable Packet Transfer Service (e.g., IP) Unreliable Packet Transfer Service (e.g., IP)
Note: Note:
(1) When converting user messages into Data chunks, SCTP sender (1) When converting user messages into Data chunks, SCTP sender
will segment user messages larger than the current path MTU will segment user messages larger than the current path MTU
into multiple data chunks. The segmented message will normally into multiple data chunks. The segmented message will normally
be reassembled from data chunks before delivery to the user by be reassembled from data chunks before delivery to the user by
the SCTP receiver (see Section 5.9 for details). the SCTP receiver (see Section 6.9 for details).
(2) Multiple data and control chunks may be multiplexed by the (2) Multiple data and control chunks may be multiplexed by the
sender into a single SCTP datagram for transmission, as long as sender into a single SCTP datagram for transmission, as long as
the final size of the datagram does not exceed the current path the final size of the datagram does not exceed the current path
MTU. The receiver will de-multiplex the datagram back into MTU. The receiver will de-multiplex the datagram back into
the original chunks. the original chunks.
The segmentation and bundling mechanisms, as detailed in Sections 5.9 The segmentation and bundling mechanisms, as detailed in Sections 6.9
and 5.10, are optional to implement by the data sender, but they MUST and 6.10, are optional to implement by the data sender, but they MUST
be implemented by the data receiver, i.e., an SCTP receiver MUST be be implemented by the data receiver, i.e., an SCTP receiver MUST be
prepared to receive and process bundled or segmented data. prepared to receive and process bundled or segmented data.
Stewart, et al [Page 46] Stewart, et al [Page 46]
5.1 Transmission of DATA Chunks 6.1 Transmission of DATA Chunks
The following general rules SHALL be applied by the sender for The following general rules SHALL be applied by the sender for
transmission and/or retransmission of outbound DATA chunks: transmission and/or retransmission of outbound DATA chunks:
A) At any given time, the sender MUST NOT transmit new data onto any A) At any given time, the sender MUST NOT transmit new data onto any
destination transport address if its peer's rwnd indicates that the destination transport address if its peer's rwnd indicates that the
peer has no buffer space (i.e. rwnd is 0, see Section 5.2.1). peer has no buffer space (i.e. rwnd is 0, see Section 6.2.1).
However, regardless of the value of rwnd (including if it is 0), However, regardless of the value of rwnd (including if it is 0),
the sender can always have ONE data packet in flight to the the sender can always have ONE data packet in flight to the
receiver if allowed by cwnd (see rule B below). This rule receiver if allowed by cwnd (see rule B below). This rule
allows the sender to probe for a change in rwnd that the sender allows the sender to probe for a change in rwnd that the sender
missed due to the update having been lost in transmission from missed due to the update having been lost in transmission from
the receiver to the sender. the receiver to the sender.
B) At any given time, the sender MUST NOT transmit new data onto a B) At any given time, the sender MUST NOT transmit new data onto a
given transport address if it has cwnd or more octets of data given transport address if it has cwnd or more octets of data
skipping to change at line 2633 skipping to change at line 2644
Note: multiple DATA chunks committed for transmission MAY be Note: multiple DATA chunks committed for transmission MAY be
bundled in a single packet, unless bundling is explicitly disallowed bundled in a single packet, unless bundling is explicitly disallowed
by ULP of the data sender. Furthermore, DATA chunks being by ULP of the data sender. Furthermore, DATA chunks being
retransmitted MAY be bundled with new DATA chunks, as long as the retransmitted MAY be bundled with new DATA chunks, as long as the
resulting packet size does not exceed the path MTU. resulting packet size does not exceed the path MTU.
Note: before a sender transmits a data packet, if any received DATA Note: before a sender transmits a data packet, if any received DATA
chunks have not been acknowledged (e.g., due to delayed ack), the chunks have not been acknowledged (e.g., due to delayed ack), the
sender should create a SACK and bundle it with the outbound DATA sender should create a SACK and bundle it with the outbound DATA
chunk, as long as the size of the final SCTP datagram does not exceed chunk, as long as the size of the final SCTP datagram does not exceed
the current MTU. See Section 5.2. the current MTU. See Section 6.2.
IMPLEMENTATION Note: when the window is full (i.e., transmission is IMPLEMENTATION Note: when the window is full (i.e., transmission is
disallowed by Rule A and/or Rule B), the sender MAY still accept disallowed by Rule A and/or Rule B), the sender MAY still accept
send requests from its upper layer, but SHALL transmit no more DATA send requests from its upper layer, but SHALL transmit no more DATA
chunks until some or all of the outstanding DATA chunks are chunks until some or all of the outstanding DATA chunks are
acknowledged and transmission is allowed by Rule A and Rule B acknowledged and transmission is allowed by Rule A and Rule B
again. again.
Whenever a transmission or retransmission is made to any address, if Whenever a transmission or retransmission is made to any address, if
the T3-rxt timer of that address is not currently running, the sender the T3-rxt timer of that address is not currently running, the sender
MUST start that timer. However, if the timer of that address is MUST start that timer. However, if the timer of that address is
already running, the sender SHALL restart the timer ONLY IF the already running, the sender SHALL restart the timer ONLY IF the
earliest (i.e., lowest TSN) outstanding DATA chunk sent to that earliest (i.e., lowest TSN) outstanding DATA chunk sent to that
address is being retransmitted. address is being retransmitted.
Stewart, et al [Page 47] Stewart, et al [Page 47]
When starting or restarting the T3-rxt timer, the timer value must be When starting or restarting the T3-rxt timer, the timer value must be
adjusted according to the timer rules defined in Sections 5.3.2, adjusted according to the timer rules defined in Sections 6.3.2,
and 5.3.3. and 6.3.3.
Note: The sender SHOULD not use a TSN that is more than 2**31 - 1 Note: The sender SHOULD not use a TSN that is more than 2**31 - 1
above the beginning TSN of the current send window. above the beginning TSN of the current send window.
5.2 Acknowledgment on Reception of DATA Chunks 6.2 Acknowledgment on Reception of DATA Chunks
The SCTP receiver MUST always acknowledge the SCTP sender about the The SCTP receiver MUST always acknowledge the SCTP sender about the
reception of each DATA chunk. reception of each DATA chunk.
The guidelines on delayed acknowledgment algorithm specified in The guidelines on delayed acknowledgment algorithm specified in
Section 4.2 of RFC 2581 [3] SHOULD be followed. Specifically, an Section 4.2 of RFC 2581 [3] SHOULD be followed. Specifically, an
acknowledgment SHOULD be generated for at least every second datagram acknowledgment SHOULD be generated for at least every second datagram
received, and SHOULD be generated within 200 ms of the arrival of any received, and SHOULD be generated within 200 ms of the arrival of any
unacknowledged datagram. unacknowledged datagram.
IMPLEMENTATION NOTE: the maximal delay for generating an IMPLEMENTATION NOTE: the maximal delay for generating an
acknowledgment may be configured by the SCTP user, either acknowledgment may be configured by the SCTP user, either
statically or dynamically, in order to meet the specific statically or dynamically, in order to meet the specific
timing requirement of the signaling protocol being carried. timing requirement of the signaling protocol being carried.
Acknowledgments MUST be sent in SACK control chunks. A SACK chunk can Acknowledgments MUST be sent in SACK control chunks. A SACK chunk can
acknowledge the reception of multiple DATA chunks. See Section 2.3.3 acknowledge the reception of multiple DATA chunks. See Section 3.3.3
for SACK chunk format. In particular, the SCTP receiver MUST fill in for SACK chunk format. In particular, the SCTP receiver MUST fill in
the Cumulative TSN ACK field to indicate the latest cumulative TSN the Cumulative TSN ACK field to indicate the latest cumulative TSN
number it has received, and any received segments beyond the number it has received, and any received segments beyond the
Cumulative TSN SHALL also be reported. Cumulative TSN SHALL also be reported.
Upon reception of the SACK, the data sender MUST adjust its total Upon reception of the SACK, the data sender MUST adjust its total
outstanding data count and the outstanding data count on those outstanding data count and the outstanding data count on those
destination addresses for which one or more data chunks is destination addresses for which one or more data chunks is
acknowledged by the SACK. acknowledged by the SACK.
Note: When a datagram arrives with duplicate DATA chunk(s) and no new Note: When a datagram arrives with duplicate DATA chunk(s) and no new
DATA chunk(s), the receiver MUST immediately send a SACK with no DATA chunk(s), the receiver MUST immediately send a SACK with no
delay. Normally this will occur when the original SACK was lost, and delay. Normally this will occur when the original SACK was lost, and
the peers RTO has expired. The duplicate TSN number(s) SHOULD be reported the peers RTO has expired. The duplicate TSN number(s) SHOULD be
in the SACK as duplicate. reported in the SACK as duplicate.
When a receiver prepares a SACK, any duplicate DATA chunks received When a receiver prepares a SACK, any duplicate DATA chunks received
SHOULD be reported in the SACK. SHOULD be reported in the SACK.
When a SACK is received the receiver MAY use the Duplicate TSN When a SACK is received the receiver MAY use the Duplicate TSN
information to determine if SACK loss is occurring. Further use information to determine if SACK loss is occurring. Further use
of this data is for future study. of this data is for future study.
Note: If a SACK is received that indicates a previously out of order Note: If a SACK is received that indicates a previously out of order
chunk has been discarded by the receiver (due to a buffer space chunk has been discarded by the receiver (due to a buffer space
skipping to change at line 2744 skipping to change at line 2755
(ack delayed) (ack delayed)
... ...
(send ack) (send ack)
SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer) SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer)
Note: If a receiver receives a DATA chunk with 0 length (no user data Note: If a receiver receives a DATA chunk with 0 length (no user data
part) it MUST follow the normal procedures for handling TSN and stream part) it MUST follow the normal procedures for handling TSN and stream
sequence number. However, it MAY choose not to deliver the NULL data to sequence number. However, it MAY choose not to deliver the NULL data to
the upper layer. the upper layer.
5.2.1 Tracking Peer's Receive Buffer Space 6.2.1 Tracking Peer's Receive Buffer Space
Whenever a SACK arrives, a new updated a_rwnd arrives with it. This Whenever a SACK arrives, a new updated a_rwnd arrives with it. This
value represents the amount of buffer space the sender of the SACK, at value represents the amount of buffer space the sender of the SACK, at
the time of transmitting the SACK, has left of its total receive the time of transmitting the SACK, has left of its total receive
buffer space (as specified in the INIT/INIT-ACK). After processing the buffer space (as specified in the INIT/INIT-ACK). After processing the
SACK, the receiver of the SACK SHOULD use the following rules to SACK, the receiver of the SACK SHOULD use the following rules to
re-calculate the rwnd, using the received a_rwnd value. re-calculate the rwnd, using the received a_rwnd value.
A) At the establishment of the association, the endpoint initializes A) At the establishment of the association, the endpoint initializes
the rwnd to the Advertised Receiver Window Credit (a_rwnd) the rwnd to the Advertised Receiver Window Credit (a_rwnd)
skipping to change at line 2781 skipping to change at line 2792
D) Any time the T3-rxt timer expires on any address, causing all D) Any time the T3-rxt timer expires on any address, causing all
outstanding chunks sent to that address to be marked for outstanding chunks sent to that address to be marked for
retransmission, add all of the data sizes of those chunks to the rwnd. retransmission, add all of the data sizes of those chunks to the rwnd.
Stewart, et al [Page 49] Stewart, et al [Page 49]
E) Any time a DATA chunk is marked for retransmission via the E) Any time a DATA chunk is marked for retransmission via the
fast retransmit algorithm (section 6.2.4), add the DATA chunks fast retransmit algorithm (section 6.2.4), add the DATA chunks
size to the rwnd. size to the rwnd.
5.3 Management of Retransmission Timer 6.3 Management of Retransmission Timer
SCTP uses a retransmission timer T3-rxt to ensure data delivery in the SCTP uses a retransmission timer T3-rxt to ensure data delivery in the
absence of any feedback from the remote data receiver. The duration of absence of any feedback from the remote data receiver. The duration of
this timer is referred to as RTO (retransmission timeout). this timer is referred to as RTO (retransmission timeout).
When the receiver endpoint is multi-homed, the data sender endpoint When the receiver endpoint is multi-homed, the data sender endpoint
will calculate a separate RTO for each different destination transport will calculate a separate RTO for each different destination transport
addresses of the receiver endpoint. addresses of the receiver endpoint.
The computation and management of RTO in SCTP follows closely with how The computation and management of RTO in SCTP follows closely with how
TCP manages its retransmission timer. To compute the current RTO, an TCP manages its retransmission timer. To compute the current RTO, an
SCTP sender maintains two state variables per destination transport SCTP sender maintains two state variables per destination transport
address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time
variation). variation).
5.3.1 RTO Calculation 6.3.1 RTO Calculation
The rules governing the computation of SRTT, RTTVAR, and RTO are The rules governing the computation of SRTT, RTTVAR, and RTO are
as follows: as follows:
C1) Until an RTT measurement has been made for a packet sent C1) Until an RTT measurement has been made for a packet sent
to the given destination transport address, set RTO to the to the given destination transport address, set RTO to the
protocol parameter 'RTO.Initial'. protocol parameter 'RTO.Initial'.
C2) When the first RTT measurement R is made, set SRTT <- R, C2) When the first RTT measurement R is made, set SRTT <- R,
RTTVAR <- R/2, and RTO <- SRTT + 4 * RTTVAR. RTTVAR <- R/2, and RTO <- SRTT + 4 * RTTVAR.
skipping to change at line 2858 skipping to change at line 2869
There is no requirement for the clock granularity G used for computing There is no requirement for the clock granularity G used for computing
RTT measurements and the different state variables, other than RTT measurements and the different state variables, other than
G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust
RTTVAR <- G. RTTVAR <- G.
Experience [5] has shown that finer clock granularities (<= 100 msec) Experience [5] has shown that finer clock granularities (<= 100 msec)
perform somewhat better than more coarse granularities. perform somewhat better than more coarse granularities.
5.3.2 Retransmission Timer Rules 6.3.2 Retransmission Timer Rules
The rules for managing the retransmission timer are as follows: The rules for managing the retransmission timer are as follows:
R1) Every time a packet containing data is sent to any address (including R1) Every time a packet containing data is sent to any address (including
a retransmission), if the T3-rxt timer of that address is not a retransmission), if the T3-rxt timer of that address is not
running, start it running so that it will expire after the RTO of running, start it running so that it will expire after the RTO of
that address. The RTO used here is that obtained after any doubling that address. The RTO used here is that obtained after any doubling
due to previous T3-rxt timer expirations on the corresponding due to previous T3-rxt timer expirations on the corresponding
destination address as discussed in rule E2 below. destination address as discussed in rule E2 below.
skipping to change at line 2901 skipping to change at line 2912
/ \ / \
(Re-start T3-rxt timer) <------/ \--> (ack delayed) (Re-start T3-rxt timer) <------/ \--> (ack delayed)
(ack delayed) (ack delayed)
... ...
{send ack} {send ack}
SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer) SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer)
.. ..
(send ack) (send ack)
(Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0] (Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0]
5.3.3 Handle T3-rxt Expiration 6.3.3 Handle T3-rxt Expiration
Whenever the retransmission timer T3-rxt expires on a destination Whenever the retransmission timer T3-rxt expires on a destination
address, do the following: address, do the following:
E1) On the destination address where the timer expires, adjust its E1) On the destination address where the timer expires, adjust its
ssthresh with rules defined in Section 6.2.3 and set the ssthresh with rules defined in Section 7.2.3 and set the
cwnd <- MTU. cwnd <- MTU.
E2) On the destination address where the timer expires, set E2) On the destination address where the timer expires, set
RTO <- RTO * 2 ("back off the timer"). The maximum value discussed RTO <- RTO * 2 ("back off the timer"). The maximum value discussed
in rule C7 above (RTO.max) may be used to provide an upper bound in rule C7 above (RTO.max) may be used to provide an upper bound
to this doubling operation. to this doubling operation.
E3) Determine how many of the earliest (i.e., lowest TSN) outstanding E3) Determine how many of the earliest (i.e., lowest TSN) outstanding
Data chunks on the address where the T3-rxt has expired that will Data chunks on the address where the T3-rxt has expired that will
fit into a single packet, subject to the MTU constraint for the fit into a single packet, subject to the MTU constraint for the
path corresponding to the destination transport address where the path corresponding to the destination transport address where the
retransmission is being sent to (this may be different from the retransmission is being sent to (this may be different from the
address where the timer expires [see Section 5.4]). Call this address where the timer expires [see Section 6.4]). Call this
value K. Bundle and retransmit those K data chunks in a single value K. Bundle and retransmit those K data chunks in a single
packet to the address. packet to the address.
Stewart, et al [Page 52] Stewart, et al [Page 52]
E4) Start the retransmission timer T3-rxt on the destination address E4) Start the retransmission timer T3-rxt on the destination address
to where the retransmission is sent, if rule R1 above indicates to to where the retransmission is sent, if rule R1 above indicates to
do so. Note, the RTO to be used for starting T3-rxt should be the do so. Note, the RTO to be used for starting T3-rxt should be the
one of the destination address to where the retransmission is one of the destination address to where the retransmission is
sent, which, when the receiver is multi-homed, may be different sent, which, when the receiver is multi-homed, may be different
from the destination address where the timer expired (see Section from the destination address where the timer expired (see Section
5.4 below). 6.4 below).
Note that after retransmitting, once a new RTT measurement is obtained Note that after retransmitting, once a new RTT measurement is obtained
(which can happen only when new data has been sent and acknowledged, (which can happen only when new data has been sent and acknowledged,
per rule C5, or for a measurement made from a Heartbeat [see Section per rule C5, or for a measurement made from a Heartbeat [see Section
7.3]), the computation in rule C3 is performed, including the 8.3]), the computation in rule C3 is performed, including the
computation of RTO, which may result in "collapsing" RTO back down computation of RTO, which may result in "collapsing" RTO back down
after it has been subject to doubling (rule E2). after it has been subject to doubling (rule E2).
The final rule for managing the retransmission timer concerns failover The final rule for managing the retransmission timer concerns failover
(see Section 5.4.1): (see Section 6.4.1):
F1) Whenever SCTP switches from the current destination transport F1) Whenever SCTP switches from the current destination transport
address to a different one, the current retransmission timers are address to a different one, the current retransmission timers are
left running. As soon as SCTP transmits a packet containing data left running. As soon as SCTP transmits a packet containing data
to the new transport address, start the timer on that transport to the new transport address, start the timer on that transport
address, using the RTO value of the destination address where address, using the RTO value of the destination address where
the data is being sent, if rule R1 indicates to do so. the data is being sent, if rule R1 indicates to do so.
5.4 Multi-homed SCTP Endpoints 6.4 Multi-homed SCTP Endpoints
An SCTP endpoint is considered multi-homed if there are more than one An SCTP endpoint is considered multi-homed if there are more than one
transport addresses that can be used as a destination address to reach transport addresses that can be used as a destination address to reach
that endpoint. that endpoint.
Moreover, at the sender side, one of the multiple destination Moreover, at the sender side, one of the multiple destination
addresses of the multi-homed receiver endpoint shall be selected as addresses of the multi-homed receiver endpoint shall be selected as
the primary destination transport address by the UPL (see Sections the primary destination transport address by the UPL (see Sections
4.1.2 and 9.1 for details). 5.1.2 and 10.1 for details).
When the SCTP sender is transmitting to the multi-homed receiver, by When the SCTP sender is transmitting to the multi-homed receiver, by
default the transmission SHOULD always take place on the primary default the transmission SHOULD always take place on the primary
transport address, unless the SCTP user explicitly specifies the transport address, unless the SCTP user explicitly specifies the
destination transport address to use. destination transport address to use.
The acknowledgment SHOULD be transmitted to the same destination The acknowledgment SHOULD be transmitted to the same destination
transport address from which the DATA or control chunk being transport address from which the DATA or control chunk being
acknowledged were received. acknowledged were received.
skipping to change at line 2989 skipping to change at line 3000
SHOULD try to retransmit a chunk to an active destination transport SHOULD try to retransmit a chunk to an active destination transport
address that is different from the last destination address where the address that is different from the last destination address where the
data chunk was sent to. data chunk was sent to.
Note, retransmissions do not affect the total outstanding data Note, retransmissions do not affect the total outstanding data
count. However, if the data chunk is retransmitted onto a different count. However, if the data chunk is retransmitted onto a different
destination address, both the outstanding data counts on the new destination address, both the outstanding data counts on the new
destination address and the old destination address where the data destination address and the old destination address where the data
chunk was last sent to shall be adjusted accordingly. chunk was last sent to shall be adjusted accordingly.
5.4.1 Failover from Inactive Destination Address 6.4.1 Failover from Inactive Destination Address
Some of the destination transport addresses of a multi-homed SCTP data Some of the destination transport addresses of a multi-homed SCTP data
receiver may become inactive due to either the occurrence of certain receiver may become inactive due to either the occurrence of certain
error conditions (see Section 7.2) or adjustments from SCTP user. error conditions (see Section 8.2) or adjustments from SCTP user.
When there is outbound data to send and the primary destination When there is outbound data to send and the primary destination
transport address becomes inactive (e.g., due to failures), or where transport address becomes inactive (e.g., due to failures), or where
the SCTP user explicitly requests to send data to an inactive the SCTP user explicitly requests to send data to an inactive
destination transport address, before reporting an error to its ULP, destination transport address, before reporting an error to its ULP,
the SCTP sender should try to send the data to an alternate active the SCTP sender should try to send the data to an alternate active
destination transport address if one exists. destination transport address if one exists.
5.5 Stream Identifier and Stream Sequence Number 6.5 Stream Identifier and Stream Sequence Number
Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk
with an invalid stream identifier is received, the receiver shall, with an invalid stream identifier is received, the receiver shall,
after acknowledging the reception of the DATA chunk following the normal after acknowledging the reception of the DATA chunk following the normal
procedure, respond immediately with an ERROR message with cause set to procedure, respond immediately with an ERROR message with cause set to
Invalid Stream Identifier (see Section 2.3.9) and discard the DATA Invalid Stream Identifier (see Section 3.3.9) and discard the DATA
chunk. chunk.
The stream sequence number in all the streams shall start from 0x0 The stream sequence number in all the streams shall start from 0x0
when the association is established. Also, when the stream sequence when the association is established. Also, when the stream sequence
number reaches the value 0xffff the next stream sequence number shall number reaches the value 0xffff the next stream sequence number shall
be set to 0x0. be set to 0x0.
5.6 Ordered and Un-ordered Delivery 6.6 Ordered and Un-ordered Delivery
By default the SCTP receiver shall ensure the DATA chunks within any By default the SCTP receiver shall ensure the DATA chunks within any
given stream be delivered to the upper layer according to the order of given stream be delivered to the upper layer according to the order of
their stream sequence number. If there are DATA chunks arriving out of their stream sequence number. If there are DATA chunks arriving out of
order of their stream sequence number, the receiver MUST hold the order of their stream sequence number, the receiver MUST hold the
received DATA chunks from delivery until they are re-ordered. received DATA chunks from delivery until they are re-ordered.
However, an SCTP sender can indicate that no ordered delivery is However, an SCTP sender can indicate that no ordered delivery is
required on a particular DATA chunk within the stream by setting the U required on a particular DATA chunk within the stream by setting the U
flag of the DATA chunk to 1. flag of the DATA chunk to 1.
skipping to change at line 3048 skipping to change at line 3059
IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an
implementation may choose to place the DATA chunk in an outbound implementation may choose to place the DATA chunk in an outbound
datagram that is at the head of the outbound transmission queue if datagram that is at the head of the outbound transmission queue if
possible. possible.
Note that the 'Stream Sequence Number' field in an un-ordered data Note that the 'Stream Sequence Number' field in an un-ordered data
chunk has no significance; the sender can fill it with arbitrary chunk has no significance; the sender can fill it with arbitrary
value, but the receiver MUST ignore the field. value, but the receiver MUST ignore the field.
5.7 Report Gaps in Received DATA TSNs 6.7 Report Gaps in Received DATA TSNs
Upon the reception of a new DATA chunk, an SCTP receiver shall examine Upon the reception of a new DATA chunk, an SCTP receiver shall examine
the continuity of the TSNs received. If the receiver detects that gaps the continuity of the TSNs received. If the receiver detects that gaps
exist in the received DATA chunk sequence, an SACK with fragment exist in the received DATA chunk sequence, an SACK with fragment
reports shall be sent back immediately. reports shall be sent back immediately.
Based on the segment reports from the SACK, the data sender can Based on the segment reports from the SACK, the data sender can
calculate the missing DATA chunks and make decisions on whether to calculate the missing DATA chunks and make decisions on whether to
retransmit them (see Section 5.3 for details). retransmit them (see Section 6.3 for details).
Multiple gaps can be reported in one single SACK (see Section 2.3.3). Multiple gaps can be reported in one single SACK (see Section 3.3.3).
Note that when the data sender is multi-homed, the SCTP receiver Note that when the data sender is multi-homed, the SCTP receiver
SHOULD always try to send the SACK to the same network from where the SHOULD always try to send the SACK to the same network from where the
last DATA chunk was received. last DATA chunk was received.
Upon the reception of the SACK, the data sender SHALL remove all DATA Upon the reception of the SACK, the data sender SHALL remove all DATA
chunks which have been acknowledged by the SACK. The data sender MUST chunks which have been acknowledged by the SACKs cumulative TSN. The
also treat all the DATA chunks which fall into the gaps between the data sender MUST also treat all the DATA chunks which fall into the
fragments reported by the SACK as "missing". The number of "missing" gaps between the fragments reported by the SACK as "missing". The
reports for each outstanding DATA chunk MUST be recorded by the data number of "missing" reports for each outstanding DATA chunk MUST be
sender in order to make retransmission decision, see Section 6.2.4 for recorded by the data sender in order to make retransmission decision,
details. see Section 7.2.4 for details.
The following example shows the use of SACK to report a gap. The following example shows the use of SACK to report a gap.
Endpoint A Endpoint Z Endpoint A Endpoint Z
{App sends 3 messages; strm 0} {App sends 3 messages; strm 0}
DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed)
(Start T3-rxt timer) (Start T3-rxt timer)
Stewart, et al [Page 55] Stewart, et al [Page 55]
skipping to change at line 3101 skipping to change at line 3112
Note: in order to keep the size of the outbound SCTP datagram not to Note: in order to keep the size of the outbound SCTP datagram not to
exceed the current path MTU, the maximal number of fragments that can exceed the current path MTU, the maximal number of fragments that can
be reported within a single SACK chunk is limited. When a single SACK be reported within a single SACK chunk is limited. When a single SACK
can not cover all the fragments needed to be reported due to the MTU can not cover all the fragments needed to be reported due to the MTU
limitation, the endpoint SHALL send only one SACK, reporting the limitation, the endpoint SHALL send only one SACK, reporting the
fragments from the lowest to highest TSNs, within the size limit set fragments from the lowest to highest TSNs, within the size limit set
by the MTU, and leave the remaining highest TSN fragment numbers by the MTU, and leave the remaining highest TSN fragment numbers
unacknowledged. unacknowledged.
5.8 Adler-32 Checksum Calculation 6.8 Adler-32 Checksum Calculation
When sending an SCTP datagram, the sender MUST strengthen the data When sending an SCTP datagram, the sender MUST strengthen the data
integrity of the transmission by including the Adler-32 checksum integrity of the transmission by including the Adler-32 checksum
value calculated on the datagram, as described below. value calculated on the datagram, as described below.
After the datagram is constructed (containing the SCTP common header After the datagram is constructed (containing the SCTP common header
and one or more control or DATA chunks), the sender shall: and one or more control or DATA chunks), the sender shall:
1) fill in the proper Verification Tag in the SCTP common header and 1) fill in the proper Verification Tag in the SCTP common header and
initialize the Adler-32 checksum filed to 0's. initialize the Adler-32 checksum filed to 0's.
2) calculate the Adler-32 checksum of the whole datagram, including the 2) calculate the Adler-32 checksum of the whole datagram, including the
SCTP common header and all the chunks. Refer to Sections 8.2 and 9 SCTP common header and all the chunks. Refer to Sections 2.2 and 9
in [2] for details of the Adler-32 algorithm. And, in [2] for details of the Adler-32 algorithm. And,
3) put the resultant value into the Adler-32 checksum field in the 3) put the resultant value into the Adler-32 checksum field in the
common header, and leave the rest of the bits unchanged. common header, and leave the rest of the bits unchanged.
When an SCTP datagram is received, the receiver MUST first check the When an SCTP datagram is received, the receiver MUST first check the
Adler-32 checksum: Adler-32 checksum:
1) store the received Adler-32 checksum value aside, 1) store the received Adler-32 checksum value aside,
skipping to change at line 3138 skipping to change at line 3149
3) verify that the calculated Adler-32 checksum is the same as the 3) verify that the calculated Adler-32 checksum is the same as the
received Adler-32 checksum, If not, the receiver MUST treat the received Adler-32 checksum, If not, the receiver MUST treat the
datagram as an invalid SCTP datagram. datagram as an invalid SCTP datagram.
The default procedure of handling invalid SCTP datagrams is to The default procedure of handling invalid SCTP datagrams is to
silently discard them. silently discard them.
Stewart, et al [Page 56] Stewart, et al [Page 56]
5.9 Segmentation 6.9 Segmentation
Segmentation MUST be performed by the data sender if the user message Segmentation MUST be performed by the data sender if the user message
to be sent has a large size that causes the outbound SCTP datagram to be sent has a large size that causes the outbound SCTP datagram
size exceeding the current MTU. size exceeding the current MTU.
Note, if the data receiver is multi-homed, the sender shall choose a Note, if the data receiver is multi-homed, the sender shall choose a
size no larger than the latest MTU of the current primary destination size no larger than the latest MTU of the current primary destination
address. address.
When determining when to segment, the SCTP implementation MUST take When determining when to segment, the SCTP implementation MUST take
into account the SCTP datagram header as well as the DATA chunk into account the SCTP datagram header as well as the DATA chunk
header. The implementation MAY also take account of the space required header. The implementation MAY also take account of the space required
for a SACK chunk. for a SACK chunk.
IMPLEMENTATION NOTE: if segmentation is not support by the sender, IMPLEMENTATION NOTE: if segmentation is not support by the sender,
an error should be reported to the sender's SCTP user if the data to be an error should be reported to the sender's SCTP user if the data to
sent has a size exceeding the current MTU. In such cases the Send be sent has a size exceeding the current MTU. In such cases the Send
primitive discussed in Section 9.1 would need to return an error primitive discussed in Section 10.1 would need to return an error
to the upper layer. to the upper layer.
Segmentation takes the following steps: Segmentation takes the following steps:
1) the data sender SHALL break the large user message into a series of 1) the data sender SHALL break the large user message into a series of
DATA chunks, such that each of the chunks can be fit into an IP DATA chunks, such that each of the chunks can be fit into an IP
datagram smaller than or equal to the current MTU, datagram smaller than or equal to the current MTU,
2) the data sender MUST then assign, in sequence, a separate TSN to 2) the data sender MUST then assign, in sequence, a separate TSN to
each of the DATA chunks in the series, each of the DATA chunks in the series,
skipping to change at line 3182 skipping to change at line 3193
The data receiver MUST recognize the segmented DATA chunks, by The data receiver MUST recognize the segmented DATA chunks, by
examining the B/E bits in each of the received DATA chunks, and queue examining the B/E bits in each of the received DATA chunks, and queue
the segmented DATA chunks for re-assembly. Then, it shall pass the the segmented DATA chunks for re-assembly. Then, it shall pass the
re-assembled user message to the specific stream for possible re-assembled user message to the specific stream for possible
re-ordering and final dispatching. re-ordering and final dispatching.
Note, if the data receiver runs out of buffer space while still Note, if the data receiver runs out of buffer space while still
waiting for more segments to complete the re-assembly of the message, waiting for more segments to complete the re-assembly of the message,
it should dispatch part of its inbound message through a partial it should dispatch part of its inbound message through a partial
delivery API (see Section 9), freeing some of its receive buffer space delivery API (see Section 10), freeing some of its receive buffer space
so that the rest of the message may be received. so that the rest of the message may be received.
Stewart, et al [Page 57] Stewart, et al [Page 57]
5.10 Bundling and Multiplexing 6.10 Bundling and Multiplexing
An SCTP sender achieves data bundling by simply including multiple An SCTP sender achieves data bundling by simply including multiple
DATA chunks in one outbound SCTP datagram. Note that the total size of DATA chunks in one outbound SCTP datagram. Note that the total size of
the resultant IP datagram, including the SCTP datagram and IP headers, the resultant IP datagram, including the SCTP datagram and IP headers,
MUST be less or equal to the current MTU. MUST be less or equal to the current MTU.
Note, if the data receiver is multi-homed, the sender shall choose a Note, if the data receiver is multi-homed, the sender shall choose a
size no larger than the latest MTU of the current primary destination size no larger than the latest MTU of the current primary destination
address. address.
skipping to change at line 3211 skipping to change at line 3222
within a SCTP datagram in increasing order of TSN. within a SCTP datagram in increasing order of TSN.
Partial chunks MUST NOT be placed in a SCTP datagram. Partial chunks MUST NOT be placed in a SCTP datagram.
The receiver MUST process the chunks in order in the datagram. The The receiver MUST process the chunks in order in the datagram. The
receiver uses the chunk length field to determine the end of a chunk receiver uses the chunk length field to determine the end of a chunk
and beginning of the next chunk taking account of the fact that all and beginning of the next chunk taking account of the fact that all
chunks end on a thirty-two-bit word boundary. If the receiver detects chunks end on a thirty-two-bit word boundary. If the receiver detects
a partial chunk, it MUST drop the chunk. a partial chunk, it MUST drop the chunk.
6. Congestion control 7. Congestion control
Congestion control is one of the basic functions in the SCTP protocol. Congestion control is one of the basic functions in the SCTP protocol.
For some applications, it may be likely that adequate resources will For some applications, it may be likely that adequate resources will
be allocated to SCTP traffic to assure prompt delivery of be allocated to SCTP traffic to assure prompt delivery of
time-critical SCTP data - thus it would appear to be unlikely, during time-critical SCTP data - thus it would appear to be unlikely, during
normal operations, that SCTP transmissions encounter severe congestion normal operations, that SCTP transmissions encounter severe congestion
condition. However SCTP must prepare itself for adverse operational condition. However SCTP must prepare itself for adverse operational
conditions, which can develop upon partial network failures or conditions, which can develop upon partial network failures or
unexpected traffic surges. In such situations SCTP must follow correct unexpected traffic surges. In such situations SCTP must follow correct
congestion control steps to recover from congestion quickly in order congestion control steps to recover from congestion quickly in order
skipping to change at line 3244 skipping to change at line 3255
list differences in protocol designs between TCP and SCTP, and then list differences in protocol designs between TCP and SCTP, and then
describe SCTP's congestion control scheme. The description will use describe SCTP's congestion control scheme. The description will use
the same terminology as in TCP congestion control whenever the same terminology as in TCP congestion control whenever
appropriate. appropriate.
Note: SCTP congestion control is always applied to the entire association, Note: SCTP congestion control is always applied to the entire association,
and NOT to individual streams. and NOT to individual streams.
Stewart, et al [Page 58] Stewart, et al [Page 58]
6.1 SCTP Differences from TCP Congestion control 7.1 SCTP Differences from TCP Congestion control
One difference between SCTP and TCP is that the Selective One difference between SCTP and TCP is that the Selective
Acknowledgment function (SACK) is designed into SCTP, rather than an Acknowledgment function (SACK) is designed into SCTP, rather than an
enhancement that is added to the protocol later as is the case for enhancement that is added to the protocol later as is the case for
TCP. SCTP SACK carries the same semantic meaning with that of TCP TCP. SCTP SACK carries the same semantic meaning with that of TCP
SACK. TCP and SCTP considers the information carried in the SACK as SACK. TCP and SCTP considers the information carried in the SACK as
advisory information only. In SCTP, any DATA chunk that has been advisory information only. In SCTP, any DATA chunk that has been
acknowledged by SACK, including DATA that arrived at the receiving end acknowledged by SACK, including DATA that arrived at the receiving end
out of order, are NOT considered fully delivered until the Cumulative out of order, are NOT considered fully delivered until the Cumulative
Acknowledgment point passes the acknowledged DATA chunk. Consequently, Acknowledgment point passes the acknowledged DATA chunk. Consequently,
skipping to change at line 3276 skipping to change at line 3287
distinguished data paths between the two points, thus ideally one may distinguished data paths between the two points, thus ideally one may
need a separate set of congestion control parameters for each of the need a separate set of congestion control parameters for each of the
paths. The treatment here of congestion control for multi-homed paths. The treatment here of congestion control for multi-homed
receivers is new with SCTP and may require refinement in the receivers is new with SCTP and may require refinement in the
future. The current algorithms make the following assumptions: future. The current algorithms make the following assumptions:
o The sender always uses the same destination address until being o The sender always uses the same destination address until being
instructed by the upper layer otherwise. instructed by the upper layer otherwise.
o The sender keeps a separate congestion control parameter set for each o The sender keeps a separate congestion control parameter set for each
of the destination addresses it can send to (NOT each source-destination of the destination addresses it can send to (NOT each
pair but for each destination) . The parameters should decay if source-destination pair but for each destination) . The parameters
the address is not used for a long enough time period. should decay if the address is not used for a long enough
time period.
o For each of the destination addresses, do slow-start upon the first o For each of the destination addresses, do slow-start upon the first
transmission to that address. transmission to that address.
6.2 SCTP Slow-Start and Congestion Avoidance 7.2 SCTP Slow-Start and Congestion Avoidance
The slow start and congestion avoidance algorithms MUST be used by a The slow start and congestion avoidance algorithms MUST be used by a
SCTP sender to control the amount of outstanding data being injected SCTP sender to control the amount of outstanding data being injected
into the network. The congestion control in SCTP is employed in regard into the network. The congestion control in SCTP is employed in regard
to the association, not to an individual stream. In some situations it to the association, not to an individual stream. In some situations it
may be beneficial for an SCTP sender to be more conservative than the may be beneficial for an SCTP sender to be more conservative than the
algorithms allow, however an SCTP sender MUST NOT be more aggressive algorithms allow, however an SCTP sender MUST NOT be more aggressive
than the following algorithms allow. than the following algorithms allow.
Like TCP, an SCTP sender uses the following three control variables Like TCP, an SCTP sender uses the following three control variables
skipping to change at line 3320 skipping to change at line 3332
Note: This variable is maintained on a per-destination basis. Note: This variable is maintained on a per-destination basis.
SCTP also requires one additional control variable, partial_bytes_acked, SCTP also requires one additional control variable, partial_bytes_acked,
which is used during congestion avoidance phase to facilitate cwnd which is used during congestion avoidance phase to facilitate cwnd
adjustment. adjustment.
Unlike TCP, an SCTP sender MUST keep a set of these control variables Unlike TCP, an SCTP sender MUST keep a set of these control variables
for EACH destination address of its peer (when its peer is multi-homed). for EACH destination address of its peer (when its peer is multi-homed).
6.2.1 Slow-Start 7.2.1 Slow-Start
Beginning data transmission into a network with unknown conditions Beginning data transmission into a network with unknown conditions
requires SCTP to probe the network to determine the available capacity. requires SCTP to probe the network to determine the available capacity.
The slow start algorithm is used for this purpose at the beginning of a The slow start algorithm is used for this purpose at the beginning of a
transfer, or after repairing loss detected by the retransmission timer. transfer, or after repairing loss detected by the retransmission timer.
o The initial cwnd before data transmission or after a sufficiently o The initial cwnd before data transmission or after a sufficiently
long idle period MUST be <= 2*MTU. long idle period MUST be <= 2*MTU.
o The initial cwnd after a retransmission timeout MUST be no more o The initial cwnd after a retransmission timeout MUST be no more
skipping to change at line 3373 skipping to change at line 3385
increase of cwnd must be tied to the cumulative TSN advancement as increase of cwnd must be tied to the cumulative TSN advancement as
specified above. Otherwise the duplicate SACKs will not only clock specified above. Otherwise the duplicate SACKs will not only clock
out new data, but also will adversely clock out *more* new data out new data, but also will adversely clock out *more* new data
than what has just left the network, during a time of possible than what has just left the network, during a time of possible
congestion. congestion.
o When the sender does not transmit data on a given transport address, o When the sender does not transmit data on a given transport address,
the cwnd of the transport address should be adjusted to the cwnd of the transport address should be adjusted to
max(cwnd / 2, 2*MTU) per RTO. max(cwnd / 2, 2*MTU) per RTO.
6.2.2 Congestion Avoidance 7.2.2 Congestion Avoidance
When cwnd is greater than ssthresh, cwnd should be incremented When cwnd is greater than ssthresh, cwnd should be incremented
by 1*MTU per RTT if the sender has cwnd or more octets of data by 1*MTU per RTT if the sender has cwnd or more octets of data
outstanding on the corresponding transport address. outstanding on the corresponding transport address.
In practice an implementation can achieve this goal in the In practice an implementation can achieve this goal in the
following way: following way:
o partial_bytes_acked is initialized to 0. o partial_bytes_acked is initialized to 0.
skipping to change at line 3400 skipping to change at line 3412
outstanding, increase cwnd by MTU, and reset partial_bytes_acked to outstanding, increase cwnd by MTU, and reset partial_bytes_acked to
(partial_bytes_acked - cwnd). (partial_bytes_acked - cwnd).
o Same as in the slow start, when the sender does not transmit data on o Same as in the slow start, when the sender does not transmit data on
a given transport address, the cwnd of the transport address should a given transport address, the cwnd of the transport address should
be adjusted to max(cwnd / 2, 2*MTU) per RTO. be adjusted to max(cwnd / 2, 2*MTU) per RTO.
o When all of the data transmitted by the sender has been acknowledged o When all of the data transmitted by the sender has been acknowledged
by the receiver, partial_bytes_acked is initialized to 0. by the receiver, partial_bytes_acked is initialized to 0.
6.2.3 Congestion Control 7.2.3 Congestion Control
Upon detection of packet losses from SACK reports (see section 6.2.4), Upon detection of packet losses from SACK reports (see section 7.2.4),
the sender should do the following: the sender should do the following:
ssthresh = max(cwnd/2, 2*MTU) ssthresh = max(cwnd/2, 2*MTU)
cwnd = ssthresh cwnd = ssthresh
Stewart, et al [Page 61] Stewart, et al [Page 61]
Basically, a packet loss causes cwnd to be cut in half. Basically, a packet loss causes cwnd to be cut in half.
When the T3-rxt timer expires on an address, SCTP should perform When the T3-rxt timer expires on an address, SCTP should perform
slow start by: slow start by:
ssthresh = max(cwnd/2, 2*MTU) ssthresh = max(cwnd/2, 2*MTU)
cwnd = 1*MTU cwnd = 1*MTU
and assure that no more than one data packet will be in flight on that and assure that no more than one data packet will be in flight on that
address until the sender receives acknowledgment for successful delivery address until the sender receives acknowledgment for successful delivery
of data to that address. of data to that address.
6.2.4 Fast Retransmit on Gap Reports 7.2.4 Fast Retransmit on Gap Reports
In the absence of data losses, a SCTP receiver performs delayed In the absence of data losses, a SCTP receiver performs delayed
acknowledgment. However, whenever a receiver notices a hole in the acknowledgment. However, whenever a receiver notices a hole in the
arriving TSN sequence, it should start sending a SACK back every time arriving TSN sequence, it should start sending a SACK back every time
a packet arrives carrying data. a packet arrives carrying data.
At the sender end, whenever the sender receives a SACK that indicate At the sender end, whenever the sender receives a SACK that indicate
some TSN(s) missing, it SHOULD wait for 3 further miss indications some TSN(s) missing, it SHOULD wait for 3 further miss indications
(via subsequent SACKs) on the same TSN(s) before taking action. (via subsequent SACKs) on the same TSN(s) before taking action.
When the TSN(s) is reported as missing in consecutive SACKs for the When the TSN(s) is reported as missing in consecutive SACKs for the
4th time, the sender shall: 4th time, the sender shall:
1) Mark the missing DATA chunk(s) for retransmission, 1) Mark the missing DATA chunk(s) for retransmission,
2) Adjust the ssthresh and cwnd of the destination address(es) where 2) Adjust the ssthresh and cwnd of the destination address(es) where
the missing data chunks were last sent, according to the formula the missing data chunks were last sent, according to the formula
described in Section 6.2.3. described in Section 7.2.3.
3) Determine how many of the earliest (i.e., lowest TSN) missing Data 3) Determine how many of the earliest (i.e., lowest TSN) missing Data
chunks will fit into a single packet, subject to constraint of the chunks will fit into a single packet, subject to constraint of the
path MTU of the destination transport address to which the packet path MTU of the destination transport address to which the packet
is being sent. Call this value K. Retransmit those K data chunks in is being sent. Call this value K. Retransmit those K data chunks in
a single packet. a single packet.
4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest 4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest
outstanding TSN number sent to that address, or we are retransmitting outstanding TSN number sent to that address, or we are retransmitting
the first outstanding Data chunk sent to that address. the first outstanding Data chunk sent to that address.
Note, before the above adjustments, if the received SACK also Note, before the above adjustments, if the received SACK also
acknowledges new data chunks and advances the cumulative TSN point, acknowledges new data chunks and advances the cumulative TSN point,
the cwnd adjustment rules defined in Sections 6.2.1 and 6.2.2 must the cwnd adjustment rules defined in Sections 7.2.1 and 7.2.2 must
be applied first. be applied first.
A straightforward implementation of the above requires that the sender A straightforward implementation of the above requires that the sender
keeps a counter for each TSN hole first reported by a SACK; the keeps a counter for each TSN hole first reported by a SACK; the
counter keeps track of whether 3 subsequent SACKs have reported the counter keeps track of whether 3 subsequent SACKs have reported the
same hole. same hole.
Stewart, et al [Page 62] Stewart, et al [Page 62]
Because cwnd in SCTP indirectly bounds the number of outstanding Because cwnd in SCTP indirectly bounds the number of outstanding
TSN's, the effect of TCP fast-recovery is achieved automatically with TSN's, the effect of TCP fast-recovery is achieved automatically with
no adjustment to the congestion control window size. no adjustment to the congestion control window size.
6.3 Path MTU Discovery 7.3 Path MTU Discovery
RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender
maintains an estimate of the maximum transmission unit (MTU) along a maintains an estimate of the maximum transmission unit (MTU) along a
given Internet path and refrains from sending datagrams along that given Internet path and refrains from sending datagrams along that
path which exceed the MTU, other than occasional attempts to probe for path which exceed the MTU, other than occasional attempts to probe for
a change in the path MTU. RFC 1191 is thorough in its discussion of a change in the path MTU. RFC 1191 is thorough in its discussion of
the MTU discovery mechanism and strategies for determining the current the MTU discovery mechanism and strategies for determining the current
end-to-end MTU setting as well as detecting changes in this value. end-to-end MTU setting as well as detecting changes in this value.
RFC 1981 [12] discusses applying the same mechanisms for IPv6. RFC 1981 [12] discusses applying the same mechanisms for IPv6.
skipping to change at line 3516 skipping to change at line 3528
Other than these differences, the discussion of TCP's use of MTU Other than these differences, the discussion of TCP's use of MTU
discovery in RFCs 1191 and 1981 applies to SCTP, too, on a discovery in RFCs 1191 and 1981 applies to SCTP, too, on a
per-destination-address basis. per-destination-address basis.
Note: For IPv6 destination addresses the DF bit does not exist, Note: For IPv6 destination addresses the DF bit does not exist,
instead the datagram must be fragmented as described in RFC1883 [17]. instead the datagram must be fragmented as described in RFC1883 [17].
Stewart, et al [Page 63] Stewart, et al [Page 63]
7. Fault Management 8. Fault Management
7.1 Endpoint Failure Detection 8.1 Endpoint Failure Detection
The data sender shall keep a counter on the total number of The data sender shall keep a counter on the total number of
consecutive retransmissions to its peer (including retransmissions to consecutive retransmissions to its peer (including retransmissions to
ALL the destination transport addresses of the peer if it is ALL the destination transport addresses of the peer if it is
multi-homed). multi-homed). If the value of this counter exceeds the limit
If the value of this counter exceeds the limit indicated in the indicated in the protocol parameter 'Association.Max.Retrans', the
protocol parameter 'Association.Max.Retrans', the data sender shall data sender shall consider the peer endpoint unreachable and shall
consider the peer endpoint unreachable and shall stop transmitting any stop transmitting any more data to it (and thus the association enters
more data to it (and thus the association enters the CLOSED state). In the CLOSED state). In addition, the data sender shall report the
addition, the data sender shall report the failure to the upper layer, failure to the upper layer, and optionally report back all outstanding
and optionally report back all outstanding user data remaining in its user data remaining in its outbound queue. The association is
outbound queue. The association is automatically terminated when the automatically terminated when the peer endpoint becomes unreachable.
peer endpoint becomes unreachable.
The counter shall be reset each time a datagram sent to that The counter shall be reset each time a datagram sent to that
destination address is acknowledged by the peer endpoint, or destination address is acknowledged by the peer endpoint, or
a HEARTBEAT-ACK is received from the peer endpoint. a HEARTBEAT-ACK is received from the peer endpoint.
7.2 Path Failure Detection 8.2 Path Failure Detection
When the remote endpoint is multi-homed, the data sender should keep a When the remote endpoint is multi-homed, the data sender should keep a
'retrans.count' counter for each of the destination transport 'retrans.count' counter for each of the destination transport
addresses of the remote endpoint. addresses of the remote endpoint.
Each time the T3-rxt timer on any address, or when a HEARTBEAT sent to Each time the T3-rxt timer on any address, or when a HEARTBEAT sent to
an idle address is not acknowledged, the 'retrans.count' counter of an idle address is not acknowledged, the 'retrans.count' counter of
that destination address will be incremented. When the value in that destination address will be incremented. When the value in
'retrans.count' exceeds the protocol parameter 'Path.Max.Retrans' of 'retrans.count' exceeds the protocol parameter 'Path.Max.Retrans' of
that destination address, the data sender should mark the destination that destination address, the data sender should mark the destination
skipping to change at line 3578 skipping to change at line 3589
for the remote endpoint. Otherwise, all the destination addresses may for the remote endpoint. Otherwise, all the destination addresses may
become inactive while the endpoint still considers the peer endpoint become inactive while the endpoint still considers the peer endpoint
reachable. When this condition occurs, how the SCTP chooses to function reachable. When this condition occurs, how the SCTP chooses to function
is implementation specific. is implementation specific.
Note, when the primary destination address is marked inactive (due to Note, when the primary destination address is marked inactive (due to
excessive retransmissions, for instance), the sender MAY automatically excessive retransmissions, for instance), the sender MAY automatically
transmit new datagrams to an alternate destination address if one transmit new datagrams to an alternate destination address if one
exists and is active. This is, however, an implementation option. exists and is active. This is, however, an implementation option.
7.3 Path Heartbeat 8.3 Path Heartbeat
By default, an SCTP endpoint shall monitor the reachability of the By default, an SCTP endpoint shall monitor the reachability of the
idle destination transport address(es) of its peer by sending idle destination transport address(es) of its peer by sending
HEARTBEAT messages periodically to the destination transport HEARTBEAT messages periodically to the destination transport
address(es). address(es).
A destination transport address is considered "idle" if no new chunk A destination transport address is considered "idle" if no new chunk
which can be used for updating path RTT (usually including first which can be used for updating path RTT (usually including first
transmission DATA, INIT, COOKIE, etc.) and no heartbeat has been sent transmission DATA, INIT, COOKIE, etc.) and no heartbeat has been sent
to it within the current heartbeat period of that address. This to it within the current heartbeat period of that address. This
skipping to change at line 3655 skipping to change at line 3666
address, with jittering of +/- 50%, and exponential back-off if the address, with jittering of +/- 50%, and exponential back-off if the
previous HEARTBEAT is unanswered. previous HEARTBEAT is unanswered.
A primitive is provided for the SCTP user to change the heart A primitive is provided for the SCTP user to change the heart
beat interval and turn on or off the heart beat on a given destination beat interval and turn on or off the heart beat on a given destination
address. Note, the heartbeat interval set by the SCTP user on any of address. Note, the heartbeat interval set by the SCTP user on any of
the idle destination addresses SHOULD be no smaller than the RTO of the idle destination addresses SHOULD be no smaller than the RTO of
that destination address. Separate timers may be used to control the that destination address. Separate timers may be used to control the
heartbeat transmission for different idle destination addresses. heartbeat transmission for different idle destination addresses.
7.4 Handle "Out of the blue" Packets 8.4 Handle "Out of the blue" Packets
An SCTP datagram is called an "out of the blue" (OOTB) datagram if it An SCTP datagram is called an "out of the blue" (OOTB) datagram if it
is correctly formed, i.e., passed the receiver's Adler-32 check (see is correctly formed, i.e., passed the receiver's Adler-32 check (see
Section 5.8), but the receiver is not able to identify the association Section 6.8), but the receiver is not able to identify the association
to which this datagram belongs. to which this datagram belongs.
The receiver of an OOTB datagram MUST do the following: The receiver of an OOTB datagram MUST do the following:
1) check if the OOTB datagram contains an ABORT chunk. If so, the 1) check if the OOTB datagram contains an ABORT chunk. If so, the
receiver MUST silently discarded the OOTB datagram and take no receiver MUST silently discarded the OOTB datagram and take no
further action. Otherwise, further action. Otherwise,
2) the receiver should respond the sender of the OOTB datagram with an 2) the receiver should respond the sender of the OOTB datagram with an
ABORT. When sending the ABORT, the receiver of the OOTB datagram ABORT. When sending the ABORT, the receiver of the OOTB datagram
MUST fill in the Verification Tag field of the outbound datagram MUST fill in the Verification Tag field of the outbound datagram
with the value found in the Verification Tag field of the OOTB with the value found in the Verification Tag field of the OOTB
datagram. After sending this ABORT, the receiver of the OOTB datagram. After sending this ABORT, the receiver of the OOTB
datagram shall discard the OOTB datagram and take no further datagram shall discard the OOTB datagram and take no further
action. action.
Stewart, et al [Page 66] Stewart, et al [Page 66]
7.5 Verification Tag 8.5 Verification Tag
The Verification Tag rules defined in this section apply when sending The Verification Tag rules defined in this section apply when sending
or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN
ACK, or ABORT chunk. The rules for sending and receiving SCTP ACK, or ABORT chunk. The rules for sending and receiving SCTP
datagrams containing one of these chunk types are discussed separately datagrams containing one of these chunk types are discussed separately
in Section 7.5.1. in Section 8.5.1.
When sending an SCTP datagram, the sender MUST fill in the When sending an SCTP datagram, the sender MUST fill in the
Verification Tag field of the outbound datagram with the tag value of Verification Tag field of the outbound datagram with the tag value of
the peer endpoint to which this SCTP datagram is destined. the peer endpoint to which this SCTP datagram is destined.
When receiving an SCTP datagram, the receiver MUST ensure that the When receiving an SCTP datagram, the receiver MUST ensure that the
value in the Verification Tag field of the received SCTP datagram value in the Verification Tag field of the received SCTP datagram
matches its own Tag. If the received tag value does not match the matches its own Tag. If the received tag value does not match the
receiver's own tag value, the receiver shall silently discard the receiver's own tag value, the receiver shall silently discard the
datagram and shall not process it any further. datagram and shall not process it any further.
7.5.1 Exceptions in Verification Tag Rules 8.5.1 Exceptions in Verification Tag Rules
A) Rules for datagram carrying INIT: A) Rules for datagram carrying INIT:
- The sender MUST set the Verification Tag of the datagram to 0. - The sender MUST set the Verification Tag of the datagram to 0.
- The receiver, when noticing an incoming SCTP datagram with the - The receiver, when noticing an incoming SCTP datagram with the
Verification Tag set to 0, should continue to process the datagram Verification Tag set to 0, should continue to process the datagram
only if an INIT chunk is present. Otherwise, the receiver MUST only if an INIT chunk is present. Otherwise, the receiver MUST
silently discard the datagram and take no further action. silently discard the datagram and take no further action.
B) Rules for datagram carrying ABORT: B) Rules for datagram carrying ABORT:
- The sender shall always fill in the Verification Tag field of the - The sender shall always fill in the Verification Tag field of the
outbound datagram with the destination endpoint's tag value if it outbound datagram with the destination endpoint's tag value if it
is known. is known.
- If the ABORT is sent in response to an OOTB datagram, the sender - If the ABORT is sent in response to an OOTB datagram, the sender
MUST follow the procedure described in Section 7.4. MUST follow the procedure described in Section 8.4.
- The receiver MUST accept the datagram IF the Verification Tag - The receiver MUST accept the datagram IF the Verification Tag
matches either its own tag, OR the tag of its peer. Otherwise, the matches either its own tag, OR the tag of its peer. Otherwise, the
receiver MUST silently discard the datagram and take no further receiver MUST silently discard the datagram and take no further
action. action.
C) Rules for datagram carrying SHUTDOWN ACK: C) Rules for datagram carrying SHUTDOWN ACK:
- When sending a SHUTDOWN ACK, the sender is allowed to either use - When sending a SHUTDOWN ACK, the sender is allowed to either use
the destination endpoint's tag or set the Verification Tag field the destination endpoint's tag or set the Verification Tag field
of the outbound datagram to 0. of the outbound datagram to 0.
- The receiver of a SHUTDOWN ACK shall accept the datagram IF the - The receiver of a SHUTDOWN ACK shall accept the datagram IF the
Verification Tag field of the datagram matches its own tag OR is Verification Tag field of the datagram matches its own tag OR is
set to 0. Otherwise, the receiver MUST silently discard the set to 0. Otherwise, the receiver MUST silently discard the
datagram and take no further action. NOTE: the receiver of the datagram and take no further action. NOTE: the receiver of the
SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN
SENT state. SENT state.
Stewart, et al [Page 67] Stewart, et al [Page 67]
8. Termination of Association 9. Termination of Association
All existing associations should be terminated when an endpoint exits All existing associations should be terminated when an endpoint exits
from service. An association can be terminated by either close or from service. An association can be terminated by either close or
shutdown. shutdown.
8.1 Close of an Association 9.1 Close of an Association
When an endpoint decides to close down an existing association, it When an endpoint decides to close down an existing association, it
shall send an ABORT message to its peer endpoint. The sender MUST fill shall send an ABORT message to its peer endpoint. The sender MUST fill
in the peer's Verification Tag in the outbound datagram and MUST NOT in the peer's Verification Tag in the outbound datagram and MUST NOT
bundle any DATA chunk with the ABORT. bundle any DATA chunk with the ABORT.
No acknowledgment is required for an ABORT message. In any No acknowledgment is required for an ABORT message. In any
circumstances, an endpoint MUST NOT respond to any received datagram circumstances, an endpoint MUST NOT respond to any received datagram
that contains an ABORT with its own ABORT (also see Section 7.4). that contains an ABORT with its own ABORT (also see Section 8.4).
The receiver shall apply the special Verification Tag check rules The receiver shall apply the special Verification Tag check rules
described in Section 7.5.1 when handling the datagram carrying an described in Section 8.5.1 when handling the datagram carrying an
ABORT. ABORT.
After checking the Verification Tag, the peer shall remove the After checking the Verification Tag, the peer shall remove the
association from its record, and shall report the termination to its association from its record, and shall report the termination to its
upper layer. upper layer.
8.2 Shutdown of an Association 9.2 Shutdown of an Association
Using the TERMINATE primitive (see Section 9.1), the upper layer of an Using the TERMINATE primitive (see Section 10.1), the upper layer of an
endpoint in an association can gracefully shutdown the association. endpoint in an association can gracefully shutdown the association.
This will guarantee that all outstanding datagrams from the peer of This will guarantee that all outstanding datagrams from the peer of
the shutdown initiator be delivered before the association the shutdown initiator be delivered before the association
terminates. terminates.
Upon receipt of the TERMINATE primitive from its upper layer, the Upon receipt of the TERMINATE primitive from its upper layer, the
initiator endpoint enters SHUTDOWN-PENDING state and remains there initiator endpoint enters SHUTDOWN-PENDING state and remains there
until all outstanding TSNs have been acknowledged by the far end. It until all outstanding TSNs have been acknowledged by the far end. It
accepts no new data from its upper layer, but retransmits data to the accepts no new data from its upper layer, but retransmits data to the
far end if necessary to fill gaps. far end if necessary to fill gaps.
Once all outstanding TSNs have been acknowledged, the initiator Once all outstanding TSNs have been acknowledged, the initiator
endpoint shall send a SHUTDOWN message to the peer of the association, endpoint shall send a SHUTDOWN message to the peer of the association,
and shall include the last cumulative TSN it has received from the and shall include the last cumulative TSN it has received from the
peer in the 'Cumulative TSN ACK' field. It shall then start the peer in the 'Cumulative TSN ACK' field. It shall then start the
T2-shutdown timer and enter the Shutdown-sent state. If the timer T2-shutdown timer and enter the Shutdown-sent state. If the timer
expires, the initiator must re-send the SHUTDOWN with the updated last expires, the initiator must re-send the SHUTDOWN with the updated last
TSN received from its peer. TSN received from its peer.
The same rules in 5.3 SHALL be followed to determine the proper timer The same rules in 6.3 SHALL be followed to determine the proper timer
value for T2-shutdown. The sender of the SHUTDOWN message may also value for T2-shutdown. The sender of the SHUTDOWN message may also
optionally include a SACK to indicate any gaps by bundling both the optionally include a SACK to indicate any gaps by bundling both the
SACK and SHUTDOWN message together. SACK and SHUTDOWN message together.
Stewart, et al [Page 68] Stewart, et al [Page 68]
Note the sender of a shutdown should limit the number of Note the sender of a shutdown should limit the number of
retransmissions of the shutdown message to the protocol parameter retransmissions of the shutdown message to the protocol parameter
'Association.Max.Retrans'. If this threshold is exceeded the endpoint 'Association.Max.Retrans'. If this threshold is exceeded the endpoint
should destroy the TCB and may report the endpoint unreachable to the should destroy the TCB and may report the endpoint unreachable to the
upper layer (and thus the association enters the CLOSED state). upper layer (and thus the association enters the CLOSED state).
Upon the reception of the SHUTDOWN, the peer shall enter the Upon the reception of the SHUTDOWN, the peer shall enter the
Shutdown-received state, and shall verify, by checking the TSN ACK Shutdown-received state, and shall verify, by checking the TSN ACK
field of the message, that all its outstanding datagrams have been field of the message, that all its outstanding datagrams have been
received by the initiator. received by the initiator.
If there are still outstanding datagrams left, the peer shall mark If there are still outstanding datagrams left, the peer shall mark
them for retransmission and start the retransmit procedure as defined them for retransmission and start the retransmit procedure as defined
in Section 5.3. in Section 6.3.
While in Shutdown-sent state, the initiator shall immediately respond While in Shutdown-sent state, the initiator shall immediately respond
to each inbound SCTP datagram containing user data from the peer with to each inbound SCTP datagram containing user data from the peer with
a SACK and restart the T2-shutdown timer. a SACK and restart the T2-shutdown timer.
If there is no more outstanding datagrams, the peer shall send a If there is no more outstanding datagrams, the peer shall send a
SHUTDOWN ACK and then remove all record of the association. SHUTDOWN ACK and then remove all record of the association.
Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the
T2-shutdown timer and remove all record of the association. T2-shutdown timer and remove all record of the association.
skipping to change at line 3832 skipping to change at line 3843
with a stand-alone SHUTDOWN ACK in an SCTP datagram with the with a stand-alone SHUTDOWN ACK in an SCTP datagram with the
Verification Tag field of its common header set to 0, and let the Verification Tag field of its common header set to 0, and let the
normal T1-init timer cause the INIT message to be retransmitted and normal T1-init timer cause the INIT message to be retransmitted and
thus restart the association. thus restart the association.
Note: if an endpoint is in Shutdown-sent state and receives a Note: if an endpoint is in Shutdown-sent state and receives a
SHUTDOWN message from its peer, the endpoint shall respond SHUTDOWN message from its peer, the endpoint shall respond
immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer
and remove all record of the association. and remove all record of the association.
9. Interface with Upper Layer 10. Interface with Upper Layer
The Upper Layer Protocols (ULP) shall request for services by passing The Upper Layer Protocols (ULP) shall request for services by passing
primitives to SCTP and shall receive notifications from SCTP for primitives to SCTP and shall receive notifications from SCTP for
various events. various events.
Stewart, et al [Page 69] Stewart, et al [Page 69]
The primitives and notifications described in this section should be The primitives and notifications described in this section should be
used as a guideline for implementing SCTP. The following functional used as a guideline for implementing SCTP. The following functional
description of ULP interface primitives is shown for illustrative description of ULP interface primitives is shown for illustrative
purposes. We must warn readers that different SCTP implementations may purposes. We must warn readers that different SCTP implementations may
have different ULP interfaces. However, all SCTPs must provide a have different ULP interfaces. However, all SCTPs must provide a
certain minimum set of services to guarantee that all SCTP certain minimum set of services to guarantee that all SCTP
implementations can support the same protocol hierarchy. implementations can support the same protocol hierarchy.
9.1 ULP-to-SCTP 10.1 ULP-to-SCTP
The following sections functionally characterize a ULP/SCTP interface. The following sections functionally characterize a ULP/SCTP interface.
The notation used is similar to most procedure or function calls in The notation used is similar to most procedure or function calls in
high level languages. high level languages.
The ULP primitives described below specify the basic functions the The ULP primitives described below specify the basic functions the
SCTP must perform to support inter-process communication. Individual SCTP must perform to support inter-process communication. Individual
implementations must define their own exact format, and may provide implementations must define their own exact format, and may provide
combinations or subsets of the basic functions in single calls. combinations or subsets of the basic functions in single calls.
skipping to change at line 4259 skipping to change at line 4270
This primitive allows the local SCTP to customize the protocol This primitive allows the local SCTP to customize the protocol
parameters. parameters.
Mandatory attributes: Mandatory attributes:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o protocol parameter list - The specific names and values of the o protocol parameter list - The specific names and values of the
protocol parameters (e.g., Association.Max.Retrans [see Section protocol parameters (e.g., Association.Max.Retrans [see Section
13]) that the SCTP user wishes to customize. 14]) that the SCTP user wishes to customize.
Optional attributes: Optional attributes:
o destination transport address - some of the protocol parameters may o destination transport address - some of the protocol parameters may
be set on a per destination transport address basis. be set on a per destination transport address basis.
9.2 SCTP-to-ULP 10.2 SCTP-to-ULP
It is assumed that the operating system or application environment It is assumed that the operating system or application environment
provides a means for the SCTP to asynchronously signal the ULP provides a means for the SCTP to asynchronously signal the ULP
process. When SCTP does signal an ULP process, certain information is process. When SCTP does signal an ULP process, certain information is
passed to the ULP. passed to the ULP.
IMPLEMENTATION NOTE: in some cases this may be done through a IMPLEMENTATION NOTE: in some cases this may be done through a
seperate socket or error channel. seperate socket or error channel.
Stewart, et al [Page 78] Stewart, et al [Page 78]
skipping to change at line 4304 skipping to change at line 4315
The following may be optionally be passed with the notification: The following may be optionally be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o data - the location ULP can find the un-delivered message. o data - the location ULP can find the un-delivered message.
o cause code - indicating the reason of the failure, e.g., size too o cause code - indicating the reason of the failure, e.g., size too
large, message life-time expiration, etc. large, message life-time expiration, etc.
o context - optional information associated with this message (see o context - optional information associated with this message (see
D in section 9.1). D in section 10.1).
C) NETWORK STATUS CHANGE notification C) NETWORK STATUS CHANGE notification
When a destination transport address is marked down (e.g., when SCTP When a destination transport address is marked down (e.g., when SCTP
detects a failure), or marked up (e.g., when SCTP detects a recovery), detects a failure), or marked up (e.g., when SCTP detects a recovery),
SCTP shall invoke this notification on the ULP. SCTP shall invoke this notification on the ULP.
The following shall be passed with the notification: The following shall be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
skipping to change at line 4398 skipping to change at line 4409
The following can be passed with the notification: The following can be passed with the notification:
o association id - local handle to the SCTP association o association id - local handle to the SCTP association
o error info - this indicates the type of error and optionally some o error info - this indicates the type of error and optionally some
additional information received through the ERROR chunk. additional information received through the ERROR chunk.
Stewart, et al [Page 81] Stewart, et al [Page 81]
10. Security Considerations 11. Security Considerations
10.1 Security Objectives 11.1 Security Objectives
As a common transport protocol designed to reliably carry time- As a common transport protocol designed to reliably carry time-
sensitive user messages, such as billing or signaling messages for sensitive user messages, such as billing or signaling messages for
telephony services, between two networked endpoints, SCTP has the telephony services, between two networked endpoints, SCTP has the
following security objectives. following security objectives.
- availability of reliable and timely data transport services - availability of reliable and timely data transport services
- integrity of the user-to-user information carried by SCTP - integrity of the user-to-user information carried by SCTP
10.2 SCTP Responses To Potential Threats 11.2 SCTP Responses To Potential Threats
It is clear that SCTP may potentially be used in a wide variety of It is clear that SCTP may potentially be used in a wide variety of
risk situations. It is important for operator(s) of the systems risk situations. It is important for operator(s) of the systems
concerned to analyze their particular situations and decide on the concerned to analyze their particular situations and decide on the
appropriate counter-measures. appropriate counter-measures.
Where the SCTP system serves a group of users, it is probably Where the SCTP system serves a group of users, it is probably
operating as part of a professionally managed corporate or service operating as part of a professionally managed corporate or service
provider network. It is reasonable to expect that this management provider network. It is reasonable to expect that this management
includes an appropriate security policy framework. [RFC 2196, "Site includes an appropriate security policy framework. [RFC 2196, "Site
Security Handbook", B. Fraser Ed., September 1997] should be Security Handbook", B. Fraser Ed., September 1997] should be
consulted for guidance. consulted for guidance.
The case is more difficult where the SCTP system is operated by a The case is more difficult where the SCTP system is operated by a
private user. The service provider with whom that user has a private user. The service provider with whom that user has a
contractual arrangement SHOULD provide help to ensure that the contractual arrangement SHOULD provide help to ensure that the
user's site is secure, ranging from advice on configuration through user's site is secure, ranging from advice on configuration through
downloaded scripts and security software. downloaded scripts and security software.
10.2.1 Countering Insider Attacks 11.2.1 Countering Insider Attacks
The principles of the Site Security Handbook [13] should be applied The principles of the Site Security Handbook [13] should be applied
to minimize the risk of theft of information or sabotage by to minimize the risk of theft of information or sabotage by
insiders. These include publication of security policies, control insiders. These include publication of security policies, control
of access at the physical, software, and network levels, and of access at the physical, software, and network levels, and
separation of services. separation of services.
Stewart, et al [Page 82] Stewart, et al [Page 82]
10.2.2 Protecting against Data Corruption in the Network 11.2.2 Protecting against Data Corruption in the Network
Where the risk of undetected errors in datagrams delivered by the Where the risk of undetected errors in datagrams delivered by the
lower layer transport services is considered to be too great, lower layer transport services is considered to be too great,
additional checksum protection may be required. The question is additional checksum protection may be required. The question is
whether this is appropriately provided as an SCTP service because it whether this is appropriately provided as an SCTP service because it
is needed by most potential users of SCTP, or whether instead it is needed by most potential users of SCTP, or whether instead it
should be provided by the SCTP user application. (The SCTP protocol should be provided by the SCTP user application. (The SCTP protocol
overhead, as opposed to the signaling payload, is protected overhead, as opposed to the signaling payload, is protected adequately
adequately by the Adler-32 checksum and measures taken in SCTP to prevent by the Adler-32 checksum and measures taken in SCTP to prevent replay
replay attacks and masquerade.) In any event, the checksum must be attacks and masquerade.) In any event, the checksum must be
specifically designed to ensure that it detects the errors left specifically designed to ensure that it detects the errors left behind
behind by the Adler-32 checksum. by the Adler-32 checksum.
10.2.3 Protecting Confidentiality 11.2.3 Protecting Confidentiality
In most cases, the risk of breach of confidentiality applies to the In most cases, the risk of breach of confidentiality applies to the
signaling data payload, not to the SCTP or lower-layer protocol signaling data payload, not to the SCTP or lower-layer protocol
overheads. If that is true, encryption of the SCTP user data only overheads. If that is true, encryption of the SCTP user data only
may be considered. As with the supplementary checksum service, user may be considered. As with the supplementary checksum service, user
data encryption may be performed by the SCTP user application. data encryption may be performed by the SCTP user application.
Particularly for mobile users, the requirement for confidentiality Particularly for mobile users, the requirement for confidentiality
may include the masking of IP addresses and ports. In this case may include the masking of IP addresses and ports. In this case
IPSEC ESP should be used instead of application-level encryption. IPSEC ESP should be used instead of application-level encryption.
skipping to change at line 4478 skipping to change at line 4489
appropriately. appropriately.
Regardless of which level performs the encryption, the IPSEC ISAKMP Regardless of which level performs the encryption, the IPSEC ISAKMP
service should be used for key management. service should be used for key management.
Operators should consult [RFC 2401, "Security Architecture for the Operators should consult [RFC 2401, "Security Architecture for the
Internet Protocol", S. Kent, R. Atkinson, November 1998] for Internet Protocol", S. Kent, R. Atkinson, November 1998] for
information on the configuration of IPSEC services between hosts information on the configuration of IPSEC services between hosts
with and without intervening firewalls. with and without intervening firewalls.
10.2.4 Protecting against Blind Denial of Service Attacks 11.2.4 Protecting against Blind Denial of Service Attacks
A blind attack is one where the attacker is unable to intercept or A blind attack is one where the attacker is unable to intercept or
otherwise see the content of data flows passing to and from the otherwise see the content of data flows passing to and from the
target SCTP node where it is not a party to the association. Blind target SCTP node where it is not a party to the association. Blind
denial of service attacks may take the form of flooding, masquerade, denial of service attacks may take the form of flooding, masquerade,
or improper monopolization of services. or improper monopolization of services.
Stewart, et al [Page 83] Stewart, et al [Page 83]
10.2.4.1 Flooding 11.2.4.1 Flooding
The objective of flooding is to cause loss of service and incorrect The objective of flooding is to cause loss of service and incorrect
behavior at target systems through resource exhaustion, interference behavior at target systems through resource exhaustion, interference
with legitimate transactions, and exploitation of buffer-related with legitimate transactions, and exploitation of buffer-related
software bugs. Flooding may be directed either at the SCTP node or at software bugs. Flooding may be directed either at the SCTP node or at
resources in the intervening IP Access Links or the Internetwork. resources in the intervening IP Access Links or the Internetwork.
Where the latter entities are the target, flooding will manifest Where the latter entities are the target, flooding will manifest
itself as loss of network services, including potentially the breach itself as loss of network services, including potentially the breach
of any firewalls in place. of any firewalls in place.
skipping to change at line 4523 skipping to change at line 4534
to take protective measures. Procedures should be in place for the to take protective measures. Procedures should be in place for the
operator to act on such alarms if a clear pattern of abuse emerges. operator to act on such alarms if a clear pattern of abuse emerges.
The design of SCTP is resistant to flooding attacks, particularly in The design of SCTP is resistant to flooding attacks, particularly in
its use of a four-way start-up handshake, its use of a cookie to its use of a four-way start-up handshake, its use of a cookie to
defer commitment of resources at the responding SCTP node until the defer commitment of resources at the responding SCTP node until the
handshake is completed, and its use of a verification tag to prevent handshake is completed, and its use of a verification tag to prevent
insertion of extraneous messages into the flow of an established insertion of extraneous messages into the flow of an established
association. association.
10.2.4.2 Masquerade 11.2.4.2 Masquerade
Masquerade can be used to deny service in several ways: Masquerade can be used to deny service in several ways:
- by tying up resources at the target SCTP node to which the - by tying up resources at the target SCTP node to which the
impersonated node has limited access. For example, the target node impersonated node has limited access. For example, the target node
may by policy permit a maximum of one SCTP association with the may by policy permit a maximum of one SCTP association with the
impersonated SCTP node. The masquerading attacker may attempt to impersonated SCTP node. The masquerading attacker may attempt to
establish an association purporting to come from the impersonated establish an association purporting to come from the impersonated
node so that the latter cannot do so when it requires it. node so that the latter cannot do so when it requires it.
- by deliberately allowing the impersonation to be detected, - by deliberately allowing the impersonation to be detected,
skipping to change at line 4556 skipping to change at line 4567
Logging of received INIT requests and abnormalities such as Logging of received INIT requests and abnormalities such as
unexpected INIT ACKs might be considered as a way to detect patterns unexpected INIT ACKs might be considered as a way to detect patterns
of hostile activity. However, the potential usefulness of such of hostile activity. However, the potential usefulness of such
logging must be weighed against the increased SCTP startup logging must be weighed against the increased SCTP startup
processing it implies, rendering the SCTP node more vulnerable to processing it implies, rendering the SCTP node more vulnerable to
flooding attacks. Logging is pointless without the establishment of flooding attacks. Logging is pointless without the establishment of
operating procedures to review and analyze the logs on a routine operating procedures to review and analyze the logs on a routine
basis. basis.
10.2.4.3 Improper Monopolization of Services 11.2.4.3 Improper Monopolization of Services
Attacks under this heading are performed openly and legitimately by Attacks under this heading are performed openly and legitimately by
the attacker. They are directed against fellow users of the target the attacker. They are directed against fellow users of the target
SCTP node or of the shared resources between the attacker and the SCTP node or of the shared resources between the attacker and the
target node. Possible attacks include the opening of a large number target node. Possible attacks include the opening of a large number
of associations between the attacker's node and the target, or of associations between the attacker's node and the target, or
transfer of large volumes of information within a legitimately- transfer of large volumes of information within a legitimately-
established association. established association.
Such attacks take advantage of policy deficiencies at the target Such attacks take advantage of policy deficiencies at the target
SCTP node. Defense begins with a contractual prohibition of SCTP node. Defense begins with a contractual prohibition of
behavior directed to denial of service to others. Policy limits behavior directed to denial of service to others. Policy limits
should be placed on the number of associations per adjoining SCTP should be placed on the number of associations per adjoining SCTP
node. SCTP user applications should be capable of detecting large node. SCTP user applications should be capable of detecting large
volumes of illegitimate or "no-op" messages within a given volumes of illegitimate or "no-op" messages within a given
association and either logging or terminating the association as a association and either logging or terminating the association as a
result, based on local policy. result, based on local policy.
10.3 Protection against Fraud and Repudiation 11.3 Protection against Fraud and Repudiation
The objective of fraud is to obtain services without authorization The objective of fraud is to obtain services without authorization
and specifically without paying for them. In order to achieve this and specifically without paying for them. In order to achieve this
objective, the attacker must induce the SCTP user application at the objective, the attacker must induce the SCTP user application at the
target SCTP node to provide the desired service while accepting target SCTP node to provide the desired service while accepting
invalid billing data or failing to collect it. Repudiation is a invalid billing data or failing to collect it. Repudiation is a
related problem, since it may occur as a deliberate act of fraud or related problem, since it may occur as a deliberate act of fraud or
simply because the repudiating party kept inadequate records of simply because the repudiating party kept inadequate records of
service received. service received.
Potential fraudulent attacks include interception and misuse of Potential fraudulent attacks include interception and misuse of
authorizing information such as credit card numbers, blind authorizing information such as credit card numbers, blind
masquerade and replay, and man-in-the middle attacks which modify masquerade and replay, and man-in-the middle attacks which modify
the messages passing through a target SCTP association in real time. the messages passing through a target SCTP association in real time.
Stewart, et al [Page 85] Stewart, et al [Page 85]
The interception attack is countered by the confidentiality measures The interception attack is countered by the confidentiality measures
discussed in section 10.2.3 above. discussed in section 11.2.3 above.
Section 10.2.4.2 describes how SCTP is resistant to blind masquerade Section 11.2.4.2 describes how SCTP is resistant to blind masquerade
attacks, as a result of the four-way startup handshake and the attacks, as a result of the four-way startup handshake and the
validation tag. The validation tag and TSN together are protections validation tag. The validation tag and TSN together are protections
against blind replay attacks, where the replay is into an existing against blind replay attacks, where the replay is into an existing
association. association.
However, SCTP does not protect against man-in-the-middle attacks However, SCTP does not protect against man-in-the-middle attacks
where the attacker is able to intercept and alter the messages sent where the attacker is able to intercept and alter the messages sent
and received in an association. Where a significant possibility of and received in an association. Where a significant possibility of
such attacks is seen to exist, or where possible repudiation is an such attacks is seen to exist, or where possible repudiation is an
issue, the use of the IPSEC AH service is recommended to ensure both issue, the use of the IPSEC AH service is recommended to ensure both
the integrity and the authenticity of the messages passed. the integrity and the authenticity of the messages passed.
SCTP also provides no protection against attacks originating at or SCTP also provides no protection against attacks originating at or
beyond the SCTP node and taking place within the context of an beyond the SCTP node and taking place within the context of an
existing association. Prevention of such attacks should be covered existing association. Prevention of such attacks should be covered
by appropriate security policies at the host site, as discussed in by appropriate security policies at the host site, as discussed in
section 10.2.1. section 11.2.1.
11. Recommended Transmission Control Block (TCB) Parameters 12. Recommended Transmission Control Block (TCB) Parameters
This section details a recommended set of parameters that should This section details a recommended set of parameters that should
be contained within the TCB for an implementation. This section is be contained within the TCB for an implementation. This section is
for illustrative purposes and should not be deemed as requirements for illustrative purposes and should not be deemed as requirements
on an implementation NOR as an exhaustive list of all parameters on an implementation NOR as an exhaustive list of all parameters
inside an SCTP TCB. Each implementation may need its own additional inside an SCTP TCB. Each implementation may need its own additional
parameters to optimize their implementation. parameters to optimize their implementation.
11.1 Parameters necessary for the SCTP instance 12.1 Parameters necessary for the SCTP instance
Associations A list of current associations and mappings to the Associations A list of current associations and mappings to the
data consumers for each association. This may be in data consumers for each association. This may be in
the form of a hash table or other implementation dependent the form of a hash table or other implementation dependent
structure. The data consumers may be process identification structure. The data consumers may be process identification
information such as file descriptors, named pipe pointer, or information such as file descriptors, named pipe pointer,
table pointers dependent on how SCTP is implemented. or table pointers dependent on how SCTP is implemented.
Secret Key A secret key used by this endpoint to sign all cookies. This Secret Key A secret key used by this endpoint to sign all cookies.
SHOULD be a cryptographic quality random number with This SHOULD be a cryptographic quality random number with
a sufficient length. Discussion in RFC 1750 [1] can be a sufficient length. Discussion in RFC 1750 [1] can be
helpful in selection of the key. helpful in selection of the key.
Address List The list of IP addresses that this instance has bound. This Address List The list of IP addresses that this instance has bound. This
information is passed to one's peer(s) in INIT and INIT-ACK information is passed to one's peer(s) in INIT and
messages. INIT-ACK messages.
SCTP Port The local SCTP port number the endpoint is bound to. SCTP Por The local SCTP port number the endpoint is bound to.
Stewart, et al [Page 86] Stewart, et al [Page 86]
11.2 Parameters necessary per association (i.e. the TCB) 12.2 Parameters necessary per association (i.e. the TCB)
Peer Tag value to be sent in every datagram and is received Peer Tag value to be sent in every datagram and is received
Verification in the INIT or INIT ACK message. Verification in the INIT or INIT ACK message.
Tag Tag
My Tag expected in every inbound datagram and sent in the My Tag expected in every inbound datagram and sent in the
Verification INIT or INIT ACK message. Verification INIT or INIT ACK message.
Tag Tag
State A state variable indicating what state the association is State A state variable indicating what state the association is
in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED, in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED,
SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED. SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED.
Note: No "CLOSED" state is illustrated since if a Note: No "CLOSED" state is illustrated since if a
association is "CLOSED" its TCB SHOULD be removed. association is "CLOSED" its TCB SHOULD be removed.
Peer Transport A list of SCTP transport addresses that the peer is Peer A list of SCTP transport addresses that the peer is
Address List bound to. This information is derived from the INIT or Transport bound to. This information is derived from the INIT or
INIT-ACK and is used to associate an inbound datagram Address INIT-ACK and is used to associate an inbound datagram
with a given association. Normally this information is List with a given association. Normally this information is
hashed or keyed for quick lookup and access of the TCB. hashed or keyed for quick lookup and access of the TCB.
Primary This is the current primary destination transport Primary This is the current primary destination transport
Destination address of the peer endpoint. Destination address of the peer endpoint.
Overall The overall association error count. Overall The overall association error count.
Error Count Error Count
Overall Error The threshold for this association that if the Overall Overall The threshold for this association that if the Overall
Threshold Error Count reaches will cause this association to be Error Error Count reaches will cause this association to be
torn down. Threshold torn down.
Peer Rwnd Current calculated value of the peer's rwnd. Peer Rwnd Current calculated value of the peer's rwnd.
Next TSN My next TSN number I will assign. This is sent in Next TSN My next TSN number I will assign. This is sent in
the INIT or INIT-ACK message to the peer and the INIT or INIT-ACK message to the peer and
incremented each time a DATA chunk is assigned a incremented each time a DATA chunk is assigned a
TSN (normally just prior to transmit or during TSN (normally just prior to transmit or during
segmentation). segmentation).
Last Rcvd TSN This is the last TSN I received and is the Last Rcvd This is the last TSN I received and is the
current cumulative TSN point. This value is TSN current cumulative TSN point. This value is
set initially by taking the peers initial TSN, set initially by taking the peers initial TSN,
received in the INIT or INIT-ACK message, and received in the INIT or INIT-ACK message, and
subtracting one from it. subtracting one from it.
Mapping Array An array of bits or bytes indicating which out of Mapping An array of bits or bytes indicating which out of
order TSN's have been received (relative to the Array order TSN's have been received (relative to the
cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist, cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist,
i.e. no out of order messages have been received, i.e. no out of order messages have been received,
this array will be set to all zero. This structure this array will be set to all zero. This structure
may be in the form of a circular buffer or bit array. may be in the form of a circular buffer or bit array.
Stewart, et al [Page 87] Stewart, et al [Page 87]
Ack State This flag indicates if the next received datagram Ack State This flag indicates if the next received datagram
is to be responded to with a SACK. This is initialized is to be responded to with a SACK. This is initialized
to 0, when a datagram is received it is incremented. to 0, when a datagram is received it is incremented.
If this value reaches 2, a SACK is sent and the value If this value reaches 2, a SACK is sent and the value
is reset to 0. Note: this is used only when no datagrams is reset to 0. Note: this is used only when no datagrams
are received out of order, when DATA chunks are out are received out of order, when DATA chunks are out
of order SACK's are not delayed (see Section 5). of order SACK's are not delayed (see Section 6).
Inbound An array of structures to track the inbound streams. Inbound An array of structures to track the inbound streams.
Streams Normally including the next sequence number expected Streams Normally including the next sequence number expected
and possibly the stream number. and possibly the stream number.
Outbound An array of structures to track the outbound streams. Outbound An array of structures to track the outbound streams.
Streams Normally including the next sequence number to Streams Normally including the next sequence number to
be sent on the stream. be sent on the stream.
Reasm Queue A re-assembly queue. Reasm Queue A re-assembly queue.
11.3 Per Transport Address Data 12.3 Per Transport Address Data
For each destination transport address in the peer's address list derived For each destination transport address in the peer's address list
from the INIT or INIT ACK message, a number of data elements needs to be derived from the INIT or INIT ACK message, a number of data elements
maintained including: needs to be maintained including:
Error count The current error count for this destination. Error count The current error count for this destination.
Error Current error threshold for this destination i.e. Error Current error threshold for this destination i.e.
Threshold what value marks the destination down if Error count Threshold what value marks the destination down if Error count
reaches this value. reaches this value.
cwnd The current congestion window. cwnd The current congestion window.
ssthresh The current ssthresh value. ssthresh The current ssthresh value.
RTO The current retransmission timeout value. RTO The current retransmission timeout value.
SRTT The current smoothed round trip time. SRTT The current smoothed round trip time.
RTTVAR The current RTT variation. RTTVAR The current RTT variation.
partial bytes The tracking method for increase of cwnd when in partial The tracking method for increase of cwnd when in
acked congestion avoidance mode (see section 6.2.2) bytes acked congestion avoidance mode (see section 6.2.2)
state The current state of this destination, i.e. DOWN, UP, state The current state of this destination, i.e. DOWN, UP,
ALLOW-HB, NO-HEARTBEAT, etc. ALLOW-HB, NO-HEARTBEAT, etc.
P-MTU The current known path MTU. P-MTU The current known path MTU.
Per A timer used by each destination. Per A timer used by each destination.
Destination Destination
Timer Timer
Stewart, et al [Page 88] Stewart, et al [Page 88]
RTO-Pending A flag used to track if one of the datagrams sent to this RTO-Pending A flag used to track if one of the datagrams sent to this
address is currently being used to compute a RTT. If this address is currently being used to compute a RTT. If this
flag is 0, the next datagram sent to this destination flag is 0, the next datagram sent to this destination
should be used to compute a RTT and this flag should be should be used to compute a RTT and this flag should be
set. Every time the RTT calculation set. Every time the RTT calculation
completes (i.e. the datagram is SACK'd) clear this flag. completes (i.e. the datagram is SACK'd) clear this flag.
last-time The time this destination was last sent to. This can be used last-time The time this destination was last sent to. This can be
used to determine if a HEARTBEAT is needed. used used to determine if a HEARTBEAT is needed.
11.4 General Parameters Needed 12.4 General Parameters Needed
Out Queue A queue of outbound datagrams. Out Queue A queue of outbound datagrams.
In Queue A queue of inbound datagrams. In Queue A queue of inbound datagrams.
12. IANA Consideration 13. IANA Consideration
This protocol will require port reservation like TCP for the use of This protocol will require port reservation like TCP for the use of
"well known" servers within the Internet. It is suggested that all "well known" servers within the Internet. It is suggested that all
current TCP ports should be automatically reserved in the SCTP port current TCP ports should be automatically reserved in the SCTP port
address space. New requests should follow IANA's current mechanisms address space. New requests should follow IANA's current mechanisms
for TCP. for TCP.
This protocol may also be extended through IANA in three ways: This protocol may also be extended through IANA in three ways:
-- through definition of additional chunk types, -- through definition of additional chunk types,
-- through definition of additional parameter types, or -- through definition of additional parameter types, or
-- through definition of additional cause codes within Operation -- through definition of additional cause codes within Operation
Error chunks Error chunks
In the case where a particular ULP using SCTP desires to have its own In the case where a particular ULP using SCTP desires to have its own
ports, the ULP should be responsible for registering with IANA for ports, the ULP should be responsible for registering with IANA for
getting its ports assigned. getting its ports assigned.
12.1 IETF-defined Chunk Extension 13.1 IETF-defined Chunk Extension
The appropriate use of specific chunk types is an integral part of the The appropriate use of specific chunk types is an integral part of the
SCTP protocol. In consequence, the intention is that new IETF-defined SCTP protocol. In consequence, the intention is that new IETF-defined
chunk types MUST be supported by standards-track RFC documentation. chunk types MUST be supported by standards-track RFC documentation.
As a transitional step, a new chunk type MAY be introduced in an As a transitional step, a new chunk type MAY be introduced in an
Experimental RFC. Chunk type codes MUST remain permanently associated Experimental RFC. Chunk type codes MUST remain permanently associated
with the original documentation on the basis of which they were with the original documentation on the basis of which they were
allocated. Thus if the RFC supporting a given chunk type is allocated. Thus if the RFC supporting a given chunk type is
deprecated in favor of a new document, the corresponding chunk type deprecated in favor of a new document, the corresponding chunk type
code value is also deprecated and a new code value is allocated in code value is also deprecated and a new code value is allocated in
association with the replacement document. association with the replacement document.
Stewart, et al [Page 89] Stewart, et al [Page 89]
The documentation for a new chunk code type must include the following The documentation for a new chunk code type must include the following
information: information:
(a) a long and short name for the new chunk type; (a) a long and short name for the new chunk type;
(b) a detailed description of the structure of the chunk, which MUST (b) a detailed description of the structure of the chunk, which MUST
conform to the basic structure defined in section 2.2; conform to the basic structure defined in section 3.2;
(c) a detailed definition and description of intended use of each field (c) a detailed definition and description of intended use of each field
within the chunk, including the chunk flags if any; within the chunk, including the chunk flags if any;
(d) a detailed procedural description of the use of the new chunk type (d) a detailed procedural description of the use of the new chunk type
within the operation of the protocol. within the operation of the protocol.
If the primary numbering space reserved for IETF use (0x00 to 0xFD) is If the primary numbering space reserved for IETF use (0x00 to 0xFD) is
exhausted, new codes shall subsequently be allocated in the extension exhausted, new codes shall subsequently be allocated in the extension
range 0x0000 through 0xFFFF. Chunks allocated in this range MUST range 0x0000 through 0xFFFF. Chunks allocated in this range MUST
conform to the following structure: conform to the following structure:
First word (32 bits): First word (32 bits):
as shown in section 2.2, with chunk type code equal to 0xFF. as shown in section 3.2, with chunk type code equal to 0xFF.
Second word: Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code value. (0x00). Final two octets contain the allocated extension code value.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|Chunk Flags | Chunk Length | |1 1 1 1 1 1 1 1|Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \ \ \
/ Value / / Value /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
12.2 IETF-defined Chunk Parameter Extension 13.2 IETF-defined Chunk Parameter Extension
The allocation of a new chunk parameter type code from the IETF The allocation of a new chunk parameter type code from the IETF
numbering space MUST be supported by RFC documentation. As with chunk numbering space MUST be supported by RFC documentation. As with chunk
type codes, parameter type codes are uniquely associated with their type codes, parameter type codes are uniquely associated with their
supporting document and MUST be replaced if new documentation is supporting document and MUST be replaced if new documentation is
provided. This documentation may be Informational, Experimental, or provided. This documentation may be Informational, Experimental, or
standards-track at the discretion of the IESG. It MUST contain the standards-track at the discretion of the IESG. It MUST contain the
following information: following information:
(a) Name of the parameter type. (a) Name of the parameter type.
(b) Detailed description of the structure of the parameter field. This (b) Detailed description of the structure of the parameter field. This
structure MUST conform to the general type-length-value format structure MUST conform to the general type-length-value format
described in section 2.2.1. described in section 3.2.1.
(c) Detailed definition of each component of the parameter value. (c) Detailed definition of each component of the parameter value.
(d) Detailed description of the intended use of this parameter type, (d) Detailed description of the intended use of this parameter type,
and an indication of whether and under what circumstances and an indication of whether and under what circumstances
multiple instances of this parameter type may be found within the multiple instances of this parameter type may be found within the
same chunk. same chunk.
Stewart, et al [Page 90] Stewart, et al [Page 90]
Additional parameter type codes may be allocated initially from the Additional parameter type codes may be allocated initially from the
range 0x0000 through 0xFFFD. If this space is exhausted, extension range 0x0000 through 0xFFFD. If this space is exhausted, extension
codes shall be allocated in the range 0x0000 through 0xFFFF. Where an codes shall be allocated in the range 0x0000 through 0xFFFF. Where an
extension code has been allocated, the format of the parameter must extension code has been allocated, the format of the parameter must
conform to the following structure: conform to the following structure:
First word (32 bits): First word (32 bits):
contains the parameter type code 0xFFFF and parameter length as contains the parameter type code 0xFFFF and parameter length as
described in section 2.2.1. described in section 3.2.1.
Second word: Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code (0x00). Final two octets contain the allocated extension code
value. value.
The Value portion of the parameter, if any, follows the second word. The Value portion of the parameter, if any, follows the second word.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| Length | |1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \ \ \
/ Value / / Value /
\ \ \ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
12.3 IETF-defined Additional Error Causes 13.3 IETF-defined Additional Error Causes
Additional cause codes may be allocated in the range 0x0004 to 0xFFFF Additional cause codes may be allocated in the range 0x0004 to 0xFFFF
upon receipt of any permanently-available public documentation upon receipt of any permanently-available public documentation
containing the following information: containing the following information:
(a) Name of the error condition. (a) Name of the error condition.
(b) Detailed description of the conditions under which an SCTP (b) Detailed description of the conditions under which an SCTP
endpoint should issue an Operation Error with this cause code. endpoint should issue an Operation Error with this cause code.
(c) Expected action by the SCTP endpoint which receives an Operation (c) Expected action by the SCTP endpoint which receives an Operation
Error chunk containing this cause code. Error chunk containing this cause code.
(d) Detailed description of the structure and content of data fields (d) Detailed description of the structure and content of data fields
which accompany this cause code. which accompany this cause code.
The initial word (32 bits) of a cause code parameter MUST conform to The initial word (32 bits) of a cause code parameter MUST conform to
the format shown in section 2.3.9, i.e.: the format shown in section 3.3.9, i.e.:
-- first two octets contain the cause code value -- first two octets contain the cause code value
-- last two octets contain length of the cause parameter. -- last two octets contain length of the cause parameter.
Stewart, et al [Page 91] Stewart, et al [Page 91]
12.4 Payload Protocol Identifiers 13.4 Payload Protocol Identifiers
Except for value 0x00000000 which is reserved by SCTP to indicate the Except for value 0x00000000 which is reserved by SCTP to indicate the
absence of a payload protocol identifier in a DATA chunk, SCTP will absence of a payload protocol identifier in a DATA chunk, SCTP will
not be responsible for standardizing or verifying any payload protocol not be responsible for standardizing or verifying any payload protocol
identifiers; SCTP simply receives the identifier from the upper layer identifiers; SCTP simply receives the identifier from the upper layer
and carries it with the corresponding payload data. and carries it with the corresponding payload data.
The upper layer, i.e, the SCTP user, SHOULD standardize any specific The upper layer, i.e, the SCTP user, SHOULD standardize any specific
protocol identifier with IANA if it is so desired. The use of any protocol identifier with IANA if it is so desired. The use of any
specific payload protocol identifier is out of the scope of SCTP. specific payload protocol identifier is out of the scope of SCTP.
13. Suggested SCTP Protocol Parameter Values 14. Suggested SCTP Protocol Parameter Values
The following protocol parameters are RECOMMENDED: The following protocol parameters are RECOMMENDED:
RTO.Initial - 3 seconds RTO.Initial - 3 seconds
RTO.Min - 1 second RTO.Min - 1 second
RTO.Max - 60 seconds RTO.Max - 60 seconds
RTO.Alpha - 1/8 RTO.Alpha - 1/8
RTO.Beta - 1/4 RTO.Beta - 1/4
Valid.Cookie.Life - 5 seconds Valid.Cookie.Life - 5 seconds
Association.Max.Retrans - 10 attempts Association.Max.Retrans - 10 attempts
Path.Max.Retrans - 5 attempts (per destination address) Path.Max.Retrans - 5 attempts (per destination address)
Max.Init.Retransmits - 8 attempts Max.Init.Retransmits - 8 attempts
'retrans.count' - counter (per destination address) 'retrans.count' - counter (per destination address)
'receiver.buffer' - variable (per peer endpoint) 'receiver.buffer' - variable (per peer endpoint)
IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to
customize some of these protocol parameters (see Section 9). customize some of these protocol parameters (see Section 10).
14. Acknowledgments 15. Acknowledgments
The authors wish to thank Mark Allman, Richard Band, Scott Bradner, The authors wish to thank Mark Allman, Richard Band, Scott Bradner,
Steve Bellovin, Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege, Steve Bellovin, Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege,
Henry Houh, Christian Huetima, Gary Lehecka, John Loughney, Daniel Henry Houh, Christian Huetima, Gary Lehecka, John Loughney, Daniel
Luan, Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno Luan, Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno
Rajahalme, Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez, Rajahalme, Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez,
A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their
invaluable comments. invaluable comments.
Stewart, et al [Page 92] Stewart, et al [Page 92]
15. Authors' Addresses 16. Authors' Addresses
Randall R. Stewart Tel: +1-847-632-7438 Randall R. Stewart Tel: +1-847-632-7438
Motorola, Inc. EMail: rstewar1@email.mot.com Motorola, Inc. EMail: rstewar1@email.mot.com
1501 W. Shure Drive, #2315 1501 W. Shure Drive, #2315
Arlington Heights, IL 60004 Arlington Heights, IL 60004
USA USA
Qiaobing Xie Tel: +1-847-632-3028 Qiaobing Xie Tel: +1-847-632-3028
Motorola, Inc. EMail: qxie1@email.mot.com Motorola, Inc. EMail: qxie1@email.mot.com
1501 W. Shure Drive, #2309 1501 W. Shure Drive, #2309
skipping to change at line 5020 skipping to change at line 5031
4531G Boelter Hall 4531G Boelter Hall
Los Angeles, CA 90095-1596 Los Angeles, CA 90095-1596
USA USA
Vern Paxson Tel: +1-510-642-4274 x 302 Vern Paxson Tel: +1-510-642-4274 x 302
ACIRI EMail: vern@aciri.org ACIRI EMail: vern@aciri.org
1947 Center St., Suite 600, 1947 Center St., Suite 600,
Berkeley, CA 94704-1198 Berkeley, CA 94704-1198
USA USA
16. References 17. References
[1] Eastlake , D. (ed.), "Randomness Recommendations for Security", [1] Eastlake , D. (ed.), "Randomness Recommendations for Security",
RFC 1750, December 1994. RFC 1750, December 1994.
[2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format [2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format
Specification version 3.3", RFC 1950, May 1996. Specification version 3.3", RFC 1950, May 1996.
[3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion [3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion
Control", RFC 2581, April 1999. Control", RFC 2581, April 1999.
skipping to change at line 5075 skipping to change at line 5086
[15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T., [15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T.,
"TCP Congestion Control with a Misbehaving Receiver", ACM "TCP Congestion Control with a Misbehaving Receiver", ACM
Computer Communication Review, 29(5), October 1999. Computer Communication Review, 29(5), October 1999.
[16] Fall, K., and Floyd, S., Simulation-based Comparisons of Tahoe, [16] Fall, K., and Floyd, S., Simulation-based Comparisons of Tahoe,
Reno, and SACK TCP, Computer Communications Review, V. 26 N. 3, Reno, and SACK TCP, Computer Communications Review, V. 26 N. 3,
July 1996, pp. 5-21. July 1996, pp. 5-21.
[17] Deering, S., and R. Hinden, "Internet Protocol, Version [17] Deering, S., and R. Hinden, "Internet Protocol, Version
6 (IPv6) Specification", RFC 1883, December 1995. 6 (IPv6) Specification", RFC 1883, December 1995.
[18] Bradner, S. "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
Appendix A: Explicit Congestion Notification Appendix A: Explicit Congestion Notification
ECN (Ramakrishnan, k., Floyd, S., "Explicit Congestion Notification", ECN (Ramakrishnan, k., Floyd, S., "Explicit Congestion Notification",
RFC 2481, January 1999) describes a proposed extension to IP that RFC 2481, January 1999) describes a proposed extension to IP that
details a method to become aware of congestion outside of datagram details a method to become aware of congestion outside of datagram
loss. This is an optional feature that an implementation MAY choose to loss. This is an optional feature that an implementation MAY choose to
add to SCTP. This appendix details the minor differences an implementor add to SCTP. This appendix details the minor differences an implementor
will need to be aware of if they choose to implement this feature. will need to be aware of if they choose to implement this feature.
In general RFC 2481 should be followed with the following exceptions. In general RFC 2481 should be followed with the following exceptions.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/