In
computer networkingComputer networking is the engineering discipline concerned with communication between computer systems or devices. Networking, routers, routing protocols, and networking over the public Internet have their specifications defined in documents called RFCs...
, the
Stream Control Transmission Protocol (SCTP) is a
Transport LayerIn computer networking, the Transport Layer is a group of methods and protocols within a layered architecture of network components within which it is responsible for encapsulating application data blocks into data units suitable for transfer to the network infrastructure for transmission to the...
protocolIn the field of telecommunications, a communications protocol is the set of standard rules for data representation, signaling, authentication and error detection required to send information over a communications channel. An example of a simple communications protocol adapted to voice...
, serving in a similar role as the popular protocols
Transmission Control ProtocolThe Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite , so the entire suite is commonly referred to as TCP/IP...
(TCP) and
User Datagram ProtocolThe User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP). Indeed, it provides some of the same service features of both, ensuring reliable, in-sequence transport of messages with congestion control.
The protocol was defined by the IETF Signaling Transport (
SIGTRANSIGTRAN is the name given to an Internet Engineering Task Force working group that produced specifications for a family of protocols that provide reliable datagram service and user layer adaptations for SS7 and ISDN communications protocols. SIGTRAN is logically an extension of the SS7 protocol...
) working group in 2000, and is maintained by the IETF Transport Area (TSVWG) working group.
In
computer networkingComputer networking is the engineering discipline concerned with communication between computer systems or devices. Networking, routers, routing protocols, and networking over the public Internet have their specifications defined in documents called RFCs...
, the
Stream Control Transmission Protocol (SCTP) is a
Transport LayerIn computer networking, the Transport Layer is a group of methods and protocols within a layered architecture of network components within which it is responsible for encapsulating application data blocks into data units suitable for transfer to the network infrastructure for transmission to the...
protocolIn the field of telecommunications, a communications protocol is the set of standard rules for data representation, signaling, authentication and error detection required to send information over a communications channel. An example of a simple communications protocol adapted to voice...
, serving in a similar role as the popular protocols
Transmission Control ProtocolThe Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite , so the entire suite is commonly referred to as TCP/IP...
(TCP) and
User Datagram ProtocolThe User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP). Indeed, it provides some of the same service features of both, ensuring reliable, in-sequence transport of messages with congestion control.
The protocol was defined by the IETF Signaling Transport (
SIGTRANSIGTRAN is the name given to an Internet Engineering Task Force working group that produced specifications for a family of protocols that provide reliable datagram service and user layer adaptations for SS7 and ISDN communications protocols. SIGTRAN is logically an extension of the SS7 protocol...
) working group in 2000, and is maintained by the IETF Transport Area (TSVWG) working group. RFC 4960 defines the protocol. RFC 3286 provides an introduction.
In the absence of native SCTP support in operating systems it is possible to
tunnelComputer networks use a tunneling protocol when one network protocol encapsulates a different payload protocol...
SCTP over UDP, as well as mapping TCP API calls to SCTP ones.
Message-based multi-streaming
SCTP applications submit their data to be transmitted in messages (groups of bytes) to the SCTP transport layer. SCTP places messages and control information into separate
chunks (data chunks and control chunks), each identified by a
chunk header. A message can be fragmented over a number of data chunks, but each data chunk contains data from only one user message. SCTP chunks are bundled into SCTP packets. The SCTP packet, which is submitted to the Internet Protocol, consists of a packet header, SCTP control chunks when necessary, followed by SCTP data chunks when available.
In contrast to TCP, SCTP may be characterized as record-oriented, meaning it transports data in terms of messages, in a similar fashion to the
User Datagram ProtocolThe User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
(UDP), so that a group of bytes (message) sent in one transmission operation (record) is read exactly as that group at the receiver application. TCP is stream-oriented, transporting
streams of bytesIn computer science, a byte stream is a bit stream, in which data bits are grouped into units, called bytes.In computer networking the term octet stream is sometimes used to refer to the same thing; it emphasizes the use of bytes having the length of 8 bits, known as octets...
, which it correctly reorders in case of
out-of-order deliveryIn computer networking, out-of-order delivery is the delivery of data packets in a different order from which they were sent. Out-of-order delivery can be caused by packets following multiple paths through a network, or via parallel processing paths within network equipment that are not designed to...
. It does not, however, honor message boundaries, i.e., the structure of data in terms of their original transmission units at the sender.
The term
multi-streaming refers to the capability of SCTP to transmit several independent streams of chunks in parallel, for example transmitting Web page images together with the Web page text. In essence, it is the bundling of several connections into a single SCTP association, operating on messages (or chunks) rather than bytes.
TCP preserves byte order in the stream by assigning a sequence number to each packet. SCTP, on the other hand, assigns a sequence number to each
message sent in a stream. This allows independent ordering of messages in different streams. However, message ordering is optional in SCTP; a receiving application may choose to process messages in the order they are received instead of the order they were sent.
Features
Features of SCTP include:
- Multihoming
Multihoming is a technique to increase the reliability of the Internet connection for an IP network. As an adjective, it is typically used to describe a customer, rather than an Internet service provider network.- Multihoming variants :...
support in which one (or both) endpoints of a connection can consist of more than one IP address, enabling transparent fail-over between redundant network paths.
- Delivery of chunks within independent streams — this eliminates unnecessary head-of-line blocking
Head-of-line blocking is a phenomenon that appears in buffered telecommunication network switches. A switch is usually made of buffered input ports, a switch fabric and buffered output ports. Because of the FIFO nature of the input buffers and switch design, the switch fabric can only switch the...
, as opposed to TCP byte-stream delivery.
- Path Selection and Monitoring — selects a "primary" data transmission path and tests the connectivity of the transmission path.
- Validation and acknowledgment mechanisms — protect against flooding attacks and provides notification of duplicated or missing data chunks.
- Improved error detection suitable for jumbo Ethernet frames
In computer networking, jumbo frames are Ethernet frames with more than 1,500 bytes of payload . Conventionally, jumbo frames can carry up to 9,000 bytes of payload, but variations exist and some care must be taken when using the term...
.
The designers of SCTP originally intended it for the transport of telephony (Signaling System 7) protocols over
IPThe Internet Protocol is a protocol used for communicating data across a packet-switched internetwork using the Internet Protocol Suite, also referred to as TCP/IP....
, with the goal of duplicating some of the reliability attributes of the SS7 signaling network in IP. This IETF effort is known as
SIGTRANSIGTRAN is the name given to an Internet Engineering Task Force working group that produced specifications for a family of protocols that provide reliable datagram service and user layer adaptations for SS7 and ISDN communications protocols. SIGTRAN is logically an extension of the SS7 protocol...
. In the meantime, other uses have been proposed, for example, the Diameter protocol and
Reliable server poolingReliable Server Pooling is a computer protocol framework for server pool management and access. RSerPool is an IETF standard, which has been developed by the IETF Working Group and documented in RFC 5351 to RFC 5356.- Introduction :...
(RSerPool).
Motivations
TCP has provided the primary means to transfer data reliably across the Internet.
However, TCP has imposed limitations on several applications. From RFC 4960:
Comparison between transport layers
| Feature Name |
UDP The User Datagram Protocol is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol network without requiring...
|
TCPThe Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite , so the entire suite is commonly referred to as TCP/IP...
|
SCTP |
DCCP |
| Connection oriented |
|
|
|
|
| Reliable transport |
|
|
|
|
| Unreliable transport |
|
|
|
|
| Preserve message boundary |
|
|
|
|
| Ordered delivery |
|
|
|
|
| Unordered delivery |
|
|
|
|
| Data checksum A checksum or hash sum is a fixed-size datum computed from an arbitrary block of digital data for the purpose of detecting accidental errors that may have been introduced during its transmission or storage. The integrity of the data can be checked at any later time by recomputing the checksum and...
|
|
|
|
Unsure |
| Checksum size (bits) |
16 |
16 |
32 |
Unsure |
| Path MTU In computer networking, the maximum transmission unit of a layer of a communications protocol is the size of the largest protocol data unit that it can pass onwards. MTU parameters usually appear in association with a communications interface...
|
|
|
|
|
| Congestion control Congestion control concerns controlling traffic entry into a telecommunications network, so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps, such as...
|
|
|
|
|
| Multiple streams |
|
|
|
|
| Multi-homing support |
|
|
|
Unsure |
| Bundling / Nagle Nagle's algorithm, named after John Nagle, is a means of improving the efficiency of TCP/IP networks by reducing the number of packets that need to be sent over the network....
|
|
|
|
|
Implementations
The following
operating systemAn operating system is an interface between hardware and user which is responsible for the management and coordination of activities and the sharing of the resources of the computer that acts as a host for computing applications run on the machine. As a host, one of the purposes of an operating...
s implement SCTP:
- AIX
AIX is the name given to a series of proprietary operating systems sold by IBM for several of its computer system platforms, based on UNIX System V with 4.3BSD-compatible command and programming interface extensions....
Version 5
- Generic BSD with external patch at KAME project
The KAME project was a joint effort of six organizations in Japan which aimed to provide a free IPv6 and IPsec protocol stack implementation for variants of the BSD Unix computer operating-system...
- Cisco IOS
Cisco IOS is the software used on the vast majority of Cisco Systems routers and current Cisco network switches. . IOS is a package of routing, switching, internetworking and telecommunications functions tightly integrated with a multitasking operating system...
12
- DragonFly BSD
DragonFly BSD is a free Unix-like operating system created as a fork of FreeBSD 4.8. Matthew Dillon, an Amiga developer in the late 1980s and early 1990s and a FreeBSD developer between 1994 and 2003, began work on DragonFly BSD in June 2003 and announced it on the FreeBSD mailing lists on July...
since version 1.4
- FreeBSD
FreeBSD is a free Unix-like operating system descended from AT&T UNIX via the Berkeley Software Distribution . It has been characterized as "the unknown giant among free operating systems". It is not a clone of UNIX, but works like UNIX, with UNIX-compliant internals and system APIs. FreeBSD is...
, version 7 and above
- HP-UX
HP-UX is Hewlett-Packard's proprietary implementation of the Unix operating system, based on System V . It runs on the HP 9000 PA-RISC-based range of processors and HP Integrity Intel's Itanium-based systems, and was also available for later Apollo/Domain systems...
, 11i v2 and above
- Operating systems using Linux
Linux is a generic term referring to Unix-like computer operating systems based on the Linux kernel. Their development is one of the most prominent examples of free and open source software collaboration; typically all the underlying source code can be used, freely modified, and redistributed,...
kernel 2.4 and newer
- QNX
QNX is a commercial Unix-like real-time operating system, aimed primarily at the embedded systems market. On September 12, 2007, the source of the QNX kernel was released for non-commercial use.-Description:...
Neutrino Realtime OS, 6.3.0 and above
- Sun Solaris 10 and above
Various third-party implementations of SCTP exist for other operating systems.
FreeBSDFreeBSD is a free Unix-like operating system descended from AT&T UNIX via the Berkeley Software Distribution . It has been characterized as "the unknown giant among free operating systems". It is not a clone of UNIX, but works like UNIX, with UNIX-compliant internals and system APIs. FreeBSD is...
contains the SCTP reference implementation.
Userspace library:
Packet structure
| Bits |
Bits 0–7 |
8–15 |
16–23 |
24–31 |
| +0 |
Source port |
Destination port |
| 32 |
Verification tag |
| 64 |
Checksum |
| 96 |
Chunk 1 type |
Chunk 1 flags |
Chunk 1 length |
| 128 |
Chunk 1 data |
| … |
… |
| … |
Chunk N type |
Chunk N flags |
Chunk N length |
| … |
Chunk N data |
|
SCTP packets have a simpler basic structure than TCP or UDP packets. Each consists of two basic sections:
- The common header, which occupies the first 12 bytes and is highlighted in blue, and
- The data chunks, which occupy the remaining portion of the packet. The first chunk is highlighted in green, and the last of N chunks (Chunk N) is highlighted in red.
Each chunk has a type identifier that is one byte long yielding, at most, 255 different chunk types. RFC 4960 defines a list of chunk types and there are currently 15 types defined. The remainder of the chunk is a two byte length (maximum size of 65,535 bytes) and the data. If the chunk does not form a multiple of 4 bytes (i.e., the length is not a multiple of 4) then it is implicitly padded with zeros which are not included in the chunk length.
Security
SCTP was designed with features for improved security, such as 4-way
handshakeIn information technology, telecommunications, and related fields, handshaking is an automated process of negotiation that dynamically sets parameters of a communications channel established between two entities before normal communication over the channel begins...
(compared to TCP 3-way handshake) to prevent against SYN-flooding attacks, and large "Cookies" for association verification and authenticity.
Reliability was also a key aspect of the security design of SCTP. Multi-homing enables an association to stay open even when some routes and interfaces are down. This is of particular importance for
SIGTRANSIGTRAN is the name given to an Internet Engineering Task Force working group that produced specifications for a family of protocols that provide reliable datagram service and user layer adaptations for SS7 and ISDN communications protocols. SIGTRAN is logically an extension of the SS7 protocol...
as it carries SS7 over TCP/IP network using SCTP, and requires strong resilience during link outages to maintain telecommunication service even when enduring network anomalies.
Encryption was not part of the original SCTP design.
SCTP is sometimes a good fingerprinting candidate. Some operating systems ship with SCTP support enabled, and, as it is not as well known as TCP or UDP, it is sometimes overlooked in firewall and intrusion detection configurations, thus often permitting probing traffic.
RFC history
- RFC 5062 Security Attacks Found Against the Stream Control Transmission Protocol (SCTP) and Current Countermeasures
- RFC 5061 Stream Control Transmission Protocol (SCTP) Dynamic Address Reconfiguration
- RFC 5043 Stream Control Transmission Protocol (SCTP) Direct Data Placement (DDP) Adaptation
- RFC 4960 Stream Control Transmission Protocol
- RFC 4895 Authenticated Chunks for the Stream Control Transmission Protocol (SCTP)
- RFC 4820 Padding Chunk and Parameter for the Stream Control Transmission Protocol (SCTP)
- RFC 4460 Stream Control Transmission Protocol (SCTP) Specification Errata and Issues
- RFC 3873 Stream Control Transmission Protocol (SCTP) Management Information Base
A management information base stems from the OSI/ISO Network management model and is a type of database used to manage the devices in a communications network...
(MIB)
- RFC 3758 Stream Control Transmission Protocol (SCTP) Partial Reliability Extension
- RFC 3554 On the Use of Stream Control Transmission Protocol (SCTP) with IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a data stream. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of...
- RFC 3436 Transport Layer Security over Stream Control Transmission Protocol
- RFC 3309 Stream Control Transmission Protocol (SCTP) Checksum Change (obsoleted by RFC 4960)
- RFC 3286 An Introduction to the Stream Control Transmission Protocol
- RFC 3257 Stream Control Transmission Protocol Applicability Statement
- RFC 2960 Stream Control Transmission Protocol (updated by RFC 3309 and obsoleted by RFC 4960)
See also
- Transport protocol comparison table
External links