idnits 2.17.1 draft-ietf-sigtran-sctp-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 91) being 5263 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 91 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 13 instances of too long lines in the document, the longest one being 3 characters in excess of 72. ** There are 2 instances of lines with control characters in the document. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 563: '...ks. These chunks MUST NOT be multiplex...' RFC 2119 keyword, line 570: '...an SCTP datagram MUST be transmitted i...' RFC 2119 keyword, line 604: '...Verification Tag MUST be set to the va...' RFC 2119 keyword, line 608: '...IT chunk, the transmitter MUST set the...' RFC 2119 keyword, line 612: '...CK, the receiver MUST drop the datagra...' (187 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: This is to allow vendors to support their own extended parameters not defined by the IETF. It MUST not affect the operation of SCTP. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: This value represents the dedicated buffer space, in number of octets, the sender of the INIT has placed in association with this window. During the life of the association this buffer space SHOULD not be lessened (i.e. dedicated buffers taken away from this association). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: The ABORT chunk is sent to the peer of an association to terminate the association. The ABORT chunk may contain cause parameters to inform the receiver the reason of the abort. DATA chunks MUST not be bundled with ABORT. Control chunks MAY be bundled with an ABORT but they MUST be placed before the ABORT in the SCTP datagram, or they will be ignored by the receiver. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: This Chunk type is available to allow vendors to support their own extended data formats not defined by the IETF. It MUST not affect the operation of SCTP. In particular, when adding a Vendor Specific chunk type, the vendor defined chunks MUST obey the congestion avoidance rules defined in this document if they carry user data. User data is defined as any data transported over the association that is delivered to the upper layer of the receiver. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: Note: after sending out INIT ACK with the cookie, "Z" MUST not allocate any resources, nor keep any states for the new association. Otherwise, "Z" will be vulnerable to resource attacks. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: After sending out the INIT ACK, the endpoint shall take no further actions, i.e., the existing association, including its current state, and the corresponding TCB MUST not be changed. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: Stewart, et al [Page 59] NOTE: In instances where the data receiver endpoint is multi-homed, if a SACK arrives at the data sender that advances the sender's cumulative TSN point, then the data sender should update its cwnd (or cwnds) apportioned to the destination addresses where the data was transmitted to. However if the SACK does not advance the cumulative TSN point, the data sender MUST not adjust the cwnd of any of the destination addresses. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'ASSOCIATE' on line 1762 -- Looks like a reference, but probably isn't: 'TERMINATE' on line 1794 -- Looks like a reference, but probably isn't: 'ABORT' on line 1756 == Unused Reference: '7' is defined on line 4715, but no explicit reference was found in the text == Unused Reference: '10' is defined on line 4723, but no explicit reference was found in the text == Unused Reference: '14' is defined on line 4735, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1750 (ref. '1') (Obsoleted by RFC 4086) ** Downref: Normative reference to an Informational RFC: RFC 1950 (ref. '2') ** Obsolete normative reference: RFC 2581 (ref. '3') (Obsoleted by RFC 5681) ** Downref: Normative reference to an Informational RFC: RFC 1321 (ref. '4') -- Possible downref: Non-RFC (?) normative reference: ref. '5' ** Downref: Normative reference to an Experimental RFC: RFC 2522 (ref. '6') ** Obsolete normative reference: RFC 793 (ref. '8') (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 1700 (ref. '10') (Obsoleted by RFC 3232) ** Obsolete normative reference: RFC 1981 (ref. '12') (Obsoleted by RFC 8201) ** Downref: Normative reference to an Informational RFC: RFC 2196 (ref. '13') ** Obsolete normative reference: RFC 2401 (ref. '14') (Obsoleted by RFC 4301) -- Possible downref: Non-RFC (?) normative reference: ref. '15' Summary: 17 errors (**), 0 flaws (~~), 13 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group R. R. Stewart 2 INTERNET-DRAFT Q. Xie 3 Motorola 4 K. Morneault 5 C. Sharp 6 Cisco 7 H. J. Schwarzbauer 8 Siemens 9 T. Taylor 10 Nortel Networks 11 I. Rytina 12 Ericsson 13 M. Kalla 14 Telcordia 15 L. Zhang 16 UCLA 17 V. Paxson 18 ACIRI 20 expires in six months February 23,2000 22 Simple Control Transmission Protocol 23 25 Status of This Memo 27 This document is an Internet-Draft and is in full conformance with all 28 provisions of Section 10 of RFC 2026. Internet-Drafts are working 29 documents of the Internet Engineering Task Force (IETF), its areas, 30 and its working groups. Note that other groups may also distribute 31 working documents as Internet-Drafts. 33 The list of current Internet-Drafts can be accessed at 34 http://www.ietf.org/ietf/1id-abstracts.txt 36 The list of Internet-Draft Shadow Directories can be accessed at 37 http://www.ietf.org/shadow.html. 39 Stewart, et al [Page 1] 40 Abstract 42 This document describes the Simple Control Transmission Protocol 43 (SCTP). SCTP is designed to transport PSTN signaling messages over 44 IP networks, but is capable of broader applications. 46 SCTP is a reliable datagram transfer protocol operating on top of an 47 unreliable routed packet network such as IP. It offers the following 48 services to its users: 50 -- acknowledged error-free non-duplicated transfer of user data, 51 -- data segmentation to conform to discovered path MTU size, 52 -- sequenced delivery of user messages within multiple streams, 53 with an option for order-of-arrival delivery of individual 54 user messages, 55 -- optional multiplexing of user messages into SCTP datagrams, and 56 -- network-level fault tolerance through supporting of multi-homing 57 at either or both ends of an association. 59 The design of SCTP includes appropriate congestion avoidance behavior 60 and resistance to flooding and masquerade attacks. 62 Stewart, et al [Page 2] 63 TABLE OF CONTENTS 65 1. Introduction..................................................5 66 1.1 Motivation..................................................5 67 1.2 Architectural View of SCTP..................................5 68 1.3 Functional View of SCTP.....................................6 69 1.3.1 Association Startup and Takedown........................7 70 1.3.2 Sequenced Delivery within Streams.......................7 71 1.3.3 User Data Segmentation..................................8 72 1.3.4 Acknowledgment and Congestion Avoidance.................8 73 1.3.5 Chunk Multiplex.........................................8 74 1.3.6 Path Management.........................................8 75 1.3.7 Message Validation......................................9 76 1.4 Recapitulation of Key Terms.................................9 77 1.5 Abbreviations...............................................11 78 2. SCTP Datagram Format..........................................11 79 2.1 SCTP Common Header Field Descriptions.......................12 80 2.2 Chunk Field Descriptions....................................13 81 2.2.1 Optional/Variable-length Parameter Format...............14 82 2.2.2 Vendor-Specific Extension Parameter Format..............15 83 2.3 SCTP Chunk Definitions......................................17 84 2.3.1 Initiation (INIT).......................................17 85 2.3.1.1 Optional or Variable Length Parameters..............19 86 2.3.2 Initiation Acknowledgment (INIT ACK)....................20 87 2.3.2.1 Optional or Variable Length Parameters..............21 88 2.3.3 Selective Acknowledgment (SACK).........................22 89 2.3.4 Heartbeat Request (HEARTBEAT)...........................25 90 2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26 91 2.3.6 Abort Association (ABORT)...............................26 92 2.3.7 Shutdown Association (SHUTDOWN).........................27 93 2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28 94 2.3.9 Operation Error (ERROR).................................28 95 2.3.10 Encryption Cookie (COOKIE).............................30 96 2.3.11 Cookie Acknowledgment (COOKIE ACK).....................31 97 2.3.12 Payload Data (DATA)....................................31 98 2.4 Vendor-Specific Chunk Extensions............................33 99 3. SCTP Association State Diagram.................................34 100 4. Association Initialization.....................................36 101 4.1 Normal Establishment of an Association......................37 102 4.1.1 Handle Stream Parameters................................38 103 4.1.2 Handle Address Parameters...............................39 104 4.1.3 Generating Encryption Cookie............................39 105 4.1.4 Cookie Processing.......................................40 106 4.1.5 Cookie Authentication...................................40 107 4.1.6 An Example of Normal Association Establishment..........41 108 4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42 109 4.2.1 Handle Duplicate INIT in COOKIE-WAIT 110 or COOKIE-SENT States...................................43 111 4.2.2 Handle Duplicate INIT in Other States...................43 112 4.2.3 Handle Duplicate INIT ACK...............................43 113 4.2.4 Handle Duplicate COOKIE.................................43 114 4.2.5 Handle Duplicate COOKIE-ACK.............................45 115 4.2.6 Handle Stale COOKIE Error...............................45 116 4.3 Other Initialization Issues.................................45 117 Stewart, et al [Page 3] 118 4.3.1 Selection of Tag Value..................................45 119 5. User Data Transfer.............................................46 120 5.1 Transmission of DATA Chunks.................................47 121 5.2 Acknowledgment of Reception of DATA Chunks..................48 122 5.2.1 Tracking Peer's Receive Buffer Space....................49 123 5.3 Management Retransmission Timer.............................49 124 5.3.1 RTO Calculation.........................................50 125 5.3.2 Retransmission Timer Rules..............................51 126 5.3.3 Handle T3-rxt Expiration................................52 127 5.4 Multi-homed SCTP Endpoints..................................52 128 5.4.1 Failover from Inactive Destination Address..............53 129 5.5 Stream Identifier and Stream Sequence Number................53 130 5.6 Ordered and Un-ordered Delivery.............................54 131 5.7 Report Gaps in Received DATA TSNs...........................54 132 5.8 Adler-32 Checksum Calculation...............................55 133 5.9 Segmentation................................................56 134 5.10 Bundling and Multiplexing..................................57 135 6. Congestion Control ..........................................57 136 6.1 SCTP Differences from TCP Congestion Control................58 137 6.2 SCTP Slow-Start and Congestion Avoidance....................59 138 6.2.1 Slow-Start..............................................59 139 6.2.2 Congestion Avoidance....................................60 140 6.2.3 Congestion Control......................................61 141 6.2.4 Fast Retransmit on Gap Reports..........................61 142 6.3 Path MTU Discovery..........................................62 143 7. Fault Management..............................................63 144 7.1 Endpoint Failure Detection..................................63 145 7.2 Path Failure Detection......................................63 146 7.3 Path Heartbeat..............................................64 147 7.4 Handle "Out of the blue" Packets............................65 148 7.5 Verification Tag............................................65 149 7.5.1 Exceptions in Verification Tag Rules....................66 150 8. Termination of Association.....................................66 151 8.1 Close of an Association.....................................66 152 8.2 Shutdown of an Association..................................67 153 9. Interface with Upper Layer.....................................68 154 9.1 ULP-to-SCTP.................................................68 155 9.2 SCTP-to-ULP.................................................76 156 10. Security Considerations.......................................79 157 10.1 Security Objectives........................................79 158 10.2 SCTP Responses To Potential Threats........................79 159 10.2.1 Countering Insider Attacks.............................79 160 10.2.2 Protecting against Data Corruption in the Network......79 161 10.2.3 Protecting Confidentiality.............................80 162 10.2.4 Protecting against Blind Denial of Service Attacks.....80 163 10.2.4.1 Flooding...........................................80 164 10.2.4.2 Masquerade.........................................81 165 10.2.4.3 Improper Monopolization of Services................81 166 10.3 Protection against Fraud and Repudiation...................82 167 11. Recommended Transmission Control Block (TCB) Parameters.......83 168 12. IANA Consideration............................................86 169 12.1 IETF-defined Chunk Extension...............................86 170 12.2 IETF-defined Chunk Parameter Extension.....................87 171 12.3 IETF-defined Additional Error Causes.......................88 172 12.4 Payload Protocol Identifiers...............................88 173 Stewart, et al [Page 4] 174 13. Suggested SCTP Protocol Parameter Values......................89 175 14. Acknowledgments...............................................89 176 15. Authors' Addresses............................................89 177 16. References....................................................90 179 1. Introduction 181 This section explains the reasoning behind the development of the 182 Simple Control Transmission Protocol (SCTP), the services it offers, 183 and the basic concepts needed to understand the detailed description 184 of the protocol. 186 1.1 Motivation 188 TCP [8] has performed immense service as the primary means of reliable 189 data transfer in IP networks. However, an increasing number of recent 190 applications have found TCP too limiting, and have incorporated their 191 own reliable data transfer protocol on top of UDP [9]. The limitations 192 which users have wished to bypass include the following: 194 -- TCP provides both reliable data transfer and strict order- 195 of-transmission delivery of data. Some applications need reliable 196 transfer without sequence maintenance, while others would be 197 satisfied with partial ordering of the data. In both of these 198 cases the head-of-line blocking offered by TCP causes 199 unnecessary delay. 201 -- The stream-oriented nature of TCP is often an inconvenience. 202 Applications must add their own record marking to delineate 203 their messages, and must make explicit use of the push facility 204 to ensure that a complete message is transferred in a 205 reasonable time. 207 -- The limited scope of TCP sockets complicates the task of 208 providing highly-available data transfer capability using 209 multi-homed hosts. 211 -- TCP is relatively vulnerable to denial of service attacks, 212 such as SYN attacks. 214 Transport of PSTN signaling across the IP network is an application 215 for which all of these limitations of TCP are relevant. While this 216 application directly motivated the development of SCTP, other 217 applications may find SCTP a good match to their requirements. 219 1.2 Architectural View of SCTP 221 SCTP is viewed as a layer between the SCTP user application ("SCTP 222 user" for short) and an unreliable routed packet network service such 223 as IP. The basic service offered by SCTP is the reliable transfer of 224 user messages between peer SCTP users. It performs this service 226 Stewart, et al [Page 5] 227 within the context of an association between two SCTP nodes. Chapter 9 228 of this document sketches the API which should exist at the boundary 229 between the SCTP and the SCTP user layers. 231 SCTP is connection-oriented in nature, but the SCTP association is a 232 broader concept than the TCP connection. SCTP provides the means for 233 each SCTP endpoint (Section 1.4) to provide the other during 234 association startup with a list of transport addresses (e.g. multiple 235 IP addresses in combination with an SCTP port) through which that 236 endpoint can be reached and from which it will originate messages. 237 The association spans transfers over all of the possible 238 source/destination combinations which may be generated from the two 239 endpoint lists. 241 _____________ _____________ 242 | SCTP User | | SCTP User | 243 | Application | | Application | 244 |-------------| |-------------| 245 | SCTP | | SCTP | 246 | Transport | | Transport | 247 | Service | | Service | 248 |-------------| |-------------| 249 | |One or more ---- One or more| | 250 | IP Network |IP address \/ IP address| IP Network | 251 | Service |appearances /\ appearances| Service | 252 |_____________| ---- |_____________| 254 SCTP Node A |<-------- Network transport ------->| SCTP Node B 256 Figure 1: An SCTP Association 258 1.3 Functional View of SCTP 260 The SCTP transport service can be decomposed into a number of 261 functions. These are depicted in Figure 2 and explained in the 262 remainder of this section. 264 SCTP User Application 266 ..----------------------------------------------------- 267 .. _____________ ____________________ 268 | | | Sequenced delivery | 269 | Association | | within streams | 270 | | |____________________| 271 | startup | 272 ..| | ____________________________ 273 | and | | User Data Segmentation | 274 | | |____________________________| 275 | takedown | 277 Stewart, et al [Page 6] 278 ..| | ____________________________ 279 | | | Acknowledgment | 280 | | | and | 281 | | | Congestion Avoidance | 282 ..| | |____________________________| 283 | | 284 | | ____________________________ 285 | | | Chunk Multiplex | 286 | | |____________________________| 287 | | 288 | | ________________________________ 289 | | | Message Validataion | 290 | | |________________________________| 291 | | 292 | | ________________________________ 293 | | | Path Management | 294 |______________ |________________________________| 296 Figure 2: Functional View of the SCTP Transport Service 298 1.3.1 Association Startup and Takedown 300 An association is initiated by a request from the SCTP user (see the 301 description of the ASSOCIATE primitive in Chapter 9). 303 A cookie mechanism, taken from that devised by Karn and Simpson in RFC 304 2522 [6], is employed during the initialization to provide protection 305 against security attacks. The cookie mechanism uses a four-way 306 handshaking, but the last two legs of which are allowed to carry user 308 data for fast setup. The startup sequence is described in chapter 4 of 309 this document. 311 SCTP provides for graceful takedown of an active association on 312 request from the SCTP user. See the description of the TERMINATE 313 primitive in chapter 9. SCTP also allows ungraceful takedown, either 314 on request from the user (ABORT primitive) or as a result of an error 315 condition detected within the SCTP layer. Chapter 8 describes both the 316 graceful and the ungraceful takedown procedures. 318 1.3.2 Sequenced Delivery within Streams 320 The term "stream" is used in SCTP to refer to a sequence of user 321 messages. This is in contrast to its usage in TCP, where it refers to 322 a sequence of bytes. 324 The SCTP user can specify at association startup time the number of 325 streams to be supported by the association. This number is negotiated 326 with the remote end (see section 4.1.1). User messages are associated 327 with stream numbers (SEND, RECEIVE primitives, Chapter 9). Internally, 328 SCTP assigns a stream sequence number to each message passed to it by 330 Stewart, et al [Page 7] 331 the SCTP user. On the receiving side, SCTP ensures that messages are 332 delivered to the SCTP user in sequence within a given stream. However, 333 while one stream may be blocked waiting for the next in-sequence user 334 message, delivery from other streams may proceed. 336 SCTP provides a mechanism for bypassing the sequenced delivery 337 service. User messages sent using this mechanism are delivered to the 338 SCTP user as soon as they are received. 340 1.3.3 User Data Segmentation 342 SCTP can segment user messages to ensure that the SCTP datagram 343 passed to the lower layer conforms to the path MTU. Segments are 344 reassembled into complete messages before being passed to the SCTP 345 user. 347 1.3.4 Acknowledgment and Congestion Avoidance 349 SCTP assigns a Transmission Sequence Number (TSN) to each user data 350 segment or unsegmented message. The TSN is independent of any 351 stream sequence number assigned at the stream level. The receiving end 352 acknowledges all TSNs received, even if there are gaps in the 353 sequence. In this way, reliable delivery is kept functionally separate 354 from sequenced delivery. 356 The Acknowledgment and Congestion Avoidance function is responsible 357 for message retransmission when timely acknowledgment has not been 358 received. Message retransmission is conditioned by congestion 359 avoidance procedures similar to those used for TCP. See Chapters 5 360 and 6 for a detailed description of the protocol procedures associated 361 with this function. 363 1.3.5 Chunk Multiplex 365 As described in Chapter 2, the SCTP datagram as delivered to the lower 366 layer consists of a common header followed by one or more chunks. Each 367 chunk may contain either user data or SCTP control information. The 368 SCTP user has the option to request "bundling", or multiplexing of 369 more than one user messages into a single SCTP datagram. The chunk 370 multiplex function of SCTP is responsible for assembly of the complete 371 SCTP datagram and its disassembly at the receiving end. 373 1.3.6 Path Management 375 The sending SCTP user is able to manipulate the set of transport 376 addresses used as destinations for SCTP datagrams, through the 377 primitives described in Chapter 9. The SCTP path management function 378 chooses the destination transport address for each outgoing SCTP 379 datagram based on the SCTP user's instructions and the currently 380 perceived reachability status of the eligible destination set. 382 Stewart, et al [Page 8] 383 The path management function monitors reachability through heartbeat 384 messages when other message traffic is inadequate to provide this 385 information, and advises the SCTP user when reachability of any far- 386 end transport address changes. The path management function is also 387 responsible for reporting the eligible set of local transport 388 addresses to the far end during association startup, and for reporting 389 the transport addresses returned from the far end to the SCTP user. 391 At association start-up, a primary destination transport address is 392 defined for each SCTP endpoint, and is used for normal sending of SCTP 393 datagrams. 395 On the receiving end, the path management is responsible for verifying 396 the existence of a valid SCTP association to which the inbound SCTP 397 datagram belongs before passing it for further processing. 399 1.3.7 Message Validation 401 A mandatory verification tag and an Adler-32 checksum [2] fields are 402 included in the SCTP common header. The verification tag value is 403 chosen by each end of the association during association startup. 404 Messages received without the verification tag value expected by the 405 receiver are discarded, as a protection against blind masquerade 406 attacks and against stale datagrams from a previous association. 408 The Adler-32 checksum should be set by the sender of each SCTP datagram, 409 to provide additional protection against data corruption in the 410 network beyond that provided by lower layers (e.g. the IP checksum). 412 1.4 Recapitulation of Key Terms 414 The language used to describe SCTP has been introduced in the previous 415 sections. This section provides a consolidated list of the key terms 416 and their definitions. 418 o SCTP user application (SCTP user): The logical higher-layer 419 application entity which uses the services of SCTP, also called 420 the Upper-layer Protocol (ULP). 422 o User message: the unit of data delivery across the interface 423 between SCTP and its user. 425 o SCTP datagram: the unit of data delivery across the interface 426 between SCTP and the unreliable packet network (e.g. IP) which 427 it is using. An SCTP datagram includes the common SCTP header, 428 possible SCTP control chunks, and user data encapsulated within 429 SCTP DATA chunks. 431 o Transport address: an address which serves as a source or 432 destination for the unreliable packet transport service used by 433 SCTP. In IP networks, a transport address is defined by the 434 combination of an IP address and an SCTP port number. 436 Stewart, et al [Page 9] 437 Note, only one SCTP port may be defined for each endpoint, 438 but each endpoint may have multiple IP addresses. 440 o SCTP endpoint: the logical sender/receiver of SCTP datagrams. On a 441 multi-homed host, an SCTP endpoint is represented to its peers as a 442 combination of a set of eligible destination transport addresses to 443 which SCTP datagrams can be sent and a set of eligible source 444 transport addresses from which SCTP datagrams can be received. 446 Note, a source or destination transport address can only be 447 included in one unique SCTP endpoint, i.e., it is NOT allowed to 448 have the same SCTP source or destination transport address appear 449 in more than one SCTP endpoint. 451 o SCTP association: a protocol relationship between SCTP endpoints, 452 comprising the two SCTP endpoints and protocol state information 453 including verification tags and the currently active set of 454 Transmission Sequence Numbers (TSNs), etc. 456 o Chunk: a unit of information within an SCTP datagram, consisting of 457 a chunk header and chunk-specific content. 459 o Transmission Sequence Number (TSN): a 32-bit sequence number used 460 internally by SCTP. One TSN is attached to each chunk containing 461 user data to permit the receiving SCTP endpoint to acknowledge its 462 receipt and detect duplicate deliveries. 464 o Stream: a uni-directional logical channel established from one to 465 another associated SCTP endpoints, within which all user messages 466 are delivered in sequence except for those submitted to the 467 un-ordered delivery service. 469 Note: The relationship between stream numbers in opposite 470 directions is strictly a matter of how the applications use 471 them. It is the responsibility of the SCTP user to create and 472 manage these correlations if they are so desired. 474 o Stream Sequence Number: a 16-bit sequence number used internally by 475 SCTP to assure sequenced delivery of the user messages within a 476 given stream. One stream sequence number is attached to each user 477 message. 479 o Path: the route taken by the SCTP datagrams sent by one SCTP 480 endpoint to a specific destination transport address of its peer 481 SCTP endpoint. Note, sending to different destination transport 482 addresses does not necessarily guarantee getting separate paths. 484 o Bundling: an optional multiplexing operation, whereby more than one 485 user messages may be carried in the same SCTP datagram. Each user 486 message occupies its own DATA chunk. 488 o Outstanding TSN (at an SCTP endpoint): a TSN (and the associated DATA 489 chunk) which have been sent by the endpoint but for which it has not 490 yet received an acknowledgment. 492 Stewart, et al [Page 10] 493 o Unacknowledged TSN (at an SCTP endpoint): a TSN (and the associated DATA 494 chunk) which have been received by the endpoint but for which an 495 acknowledgment has not yet been sent. 497 o Receiver Window (rwnd): The most recently calculated receiver 498 window, in number of octets. This gives an indication of the space 499 available in the receiver's inbound buffer. 501 o Congestion Window (cwnd): An SCTP variable that limits the data, in 502 number of octets, a sender can send into the network before 503 receiving an acknowledgment on a particular destination Transport 504 address. 506 o Slow Start Threshold (ssthresh): An SCTP variable. This is the 507 threshold which the endpoint will use to determine whether to 508 perform slow start or congestion avoidance on a particular destination 509 transport address. Ssthresh is in number of octets. 511 o Transmission Control Block (TCB): an internal data structure 512 created by an SCTP endpoint for each of its existing SCTP 513 associations to other SCTP endpoints. TCB contains all the status 514 and operational information for the endpoint to maintain and manage 515 the corresponding association. 517 o Network Byte Order: Most significant byte first, a.k.a Big Endian. 519 1.5. Abbreviations 521 MD5 - MD5 Message-Digest Algorithm [4] 523 RTO - Retransmission Time-out 525 RTT - Round-trip Time 527 RTTVAR - Round-trip Time Variation 529 SCTP - Simple Control Transmission Protocol 531 SRTT - Smoothed RTT 533 TCB - Transmission Control Block 535 TLV - Type-Length-Value Coding Format 537 TSN - Transmission Sequence Number 539 ULP - Upper-layer Protocol 541 2. SCTP Datagram Format 543 An SCTP datagram is composed of a common header and chunks. A chunk 544 contains either control information or user data. 546 Stewart, et al [Page 11] 547 The SCTP datagram format is shown below: 549 0 1 2 3 550 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 551 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 | Common Header | 553 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 554 | Chunk #1 | 555 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 556 | ... | 557 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 558 | Chunk #n | 559 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 561 Multiple chunks can be multiplexed into one SCTP datagram up to 562 the MTU size, except for the INIT, INIT ACK, and SHUTDOWN ACK 563 chunks. These chunks MUST NOT be multiplexed with any other chunk in a 564 datagram. See Section 5.10 for more details on chunk multiplexing. 566 If an user data message doesn't fit into one SCTP datagram it can be 567 segmented into multiple chunks using the procedure defined in 568 Section 5.9. 570 All integer fields in an SCTP datagram MUST be transmitted in the 571 network byte order, unless otherwise stated. 573 2.1 SCTP Common Header Field Descriptions 575 SCTP Common Header Format 577 0 1 2 3 578 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 579 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 580 | Source Port Number | Destination Port Number | 581 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 582 | Verification Tag | 583 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 584 | Adler-32 Checksum | 585 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 587 Source Port Number: 16 bit u_int 589 This is the SCTP sender's port number. It can be used by the 590 receiver, in combination with the source IP address, to identify the 591 association to which this datagram belongs. 593 Destination Port Number: 16 bit u_int 595 This is the SCTP port number to which this datagram is destined. The 596 receiving host will use this port number to de-multiplex the 597 SCTP datagram to the correct receiving endpoint/application. 599 Stewart, et al [Page 12] 600 Verification Tag: 32 bit u_int 602 The receiver of this datagram uses the Verification Tag to validate 603 the sender of this SCTP datagram. On transmit, the value of this 604 Verification Tag MUST be set to the value of the Initiate Tag 605 received from the peer endpoint during the association 606 initialization. 608 For datagrams carrying the INIT chunk, the transmitter MUST set the 609 Verification Tag to all 0's. If the receiver receives a datagram 610 with an all-zeros Verification Tag field, it checks the Chunk ID 611 immediately following the common header. If the Chunk Type is 612 neither INIT nor SHUTDOWN ACK, the receiver MUST drop the datagram. 614 For datagrams carrying the SHUTDOWN ACK chunk, the transmitter 616 SHOULD set the Verification Tag to the Initiate Tag received from 617 the peer endpoint during the association initialization, if known. 618 Otherwise, the Verification Tag MUST be set to all 0's. 620 Adler-32 Checksum: 32 bit u_int 622 This field MUST contain an Adler-32 checksum of this SCTP 623 datagram. Its calculation is discussed in Section 5.8. 625 2.2 Chunk Field Descriptions 627 The figure below illustrates the field format for the chunks to be 628 transmitted in the SCTP datagram. Each chunk is formatted with a Chunk 629 ID field, a chunk-specific Flag field, a Length field, and a Value 630 field. 632 0 1 2 3 633 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 634 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 635 | Chunk ID | Chunk Flags | Chunk Length | 636 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 637 \ \ 638 / Chunk Value / 639 \ \ 640 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 642 Chunk ID: 8 bits, u_int 644 This field identifies the type of information contained in the Chunk 645 Value field. It takes a value from 0x00 to 0xFF. The value of 0xFE 646 is reserved for vendor-specific extensions. The value of 0xFF is 647 reserved for future use as an extension field. Procedures for 648 extending this field by vendors are defined in Section 2.4. 650 The values of Chunk ID are defined as follows: 652 Stewart, et al [Page 13] 653 ID Value Chunk Type 654 ----- ---------- 655 00000000 - Payload Data (DATA) 656 00000001 - Initiation (INIT) 657 00000010 - Initiation Acknowledgment (INIT ACK) 658 00000011 - Selective Acknowledgment (SACK) 659 00000100 - Heartbeat Request (HEARTBEAT) 660 00000101 - Heartbeat Acknowledgment (HEARTBEAT ACK) 661 00000110 - Abort (ABORT) 662 00000111 - Shutdown (SHUTDOWN) 663 00001000 - Shutdown Acknowledgment (SHUTDOWN ACK) 664 00001001 - Operation Error (ERROR) 665 00001010 - Encryption Cookie (COOKIE) 666 00001011 - Cookie Acknowledgment (COOKIE ACK) 667 00001100 to 11111101 - reserved by IETF 668 11111110 - Vendor-specific Chunk Extensions 669 11111111 - IETF-defined Chunk Extensions 671 Chunk Flags: 8 bits 673 The usage of these bits depends on the chunk type as given by the 674 Chunk ID. Unless otherwise specified, they are set to zero on 675 transmit and are ignored on receipt. 677 Chunk Length: 16 bits (u_int) 679 This value represents the size of the chunk in octets including the 680 Chunk ID, Flags, Length, and Value fields. Therefore, if the Value 681 field is zero-length, the Length field will be set to 0x0004. The 682 Length field does not count any padding. 684 Chunk Value: variable length 686 The Chunk Value field contains the actual information to be 687 transferred in the chunk. The usage and format of this field is 688 dependent on the Chunk ID. The Chunk Value field MUST be aligned on 689 32-bit boundaries. If the length of the chunk does not align on 690 32-bit boundaries, it is padded at the end with all zero octets. 692 SCTP defined chunks are described in detail in Section 2.3. The 693 guideline for vendor-specific chunk extensions is discussed in Section 694 2.4. And the guidelines for IETF-defined chunk extensions can be found 695 in Section 12.1 of this document. 697 2.2.1 Optional/Variable-length Parameter Format 699 The optional and variable-length parameters contained in a chunk 700 are defined in a Type-Length-Value format as shown below. 702 Stewart, et al [Page 14] 703 0 1 2 3 704 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 705 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 706 | Parameter Type | Parameter Length | 707 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 708 \ \ 709 / Parameter Value / 710 \ \ 711 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 713 Parameter Type: 16 bit u_int 715 The Type field is a 16 bit identifier of the type of parameter. It 716 takes a value of 0x0000 to 0xFFFF. 718 The value of 0xFFFE is reserved for vendor-specific extensions if 719 the specific chunk allows such extensions. The value of 0xFFFF is 720 reserved for IETF-defined extensions. Values other than those 721 defined in specific SCTP chunk description are reserved for use by 722 IETF. 724 Parameter Length: 16 bit u_int 726 The Length field contains the size of the parameter in octets, 727 including the Type, Length, and Value fields. Thus, a parameter 728 with a zero-length Value field would have a Length field of 729 0x0004. The Length does not include any padding octets. 731 Parameter Value: variable-length. 733 The Value is dependent on the value of the Type field. The value 734 field MUST be aligned on 32-bit boundaries. If the value field is 735 not aligned on 32-bit boundaries it is padded at the end with all 736 zero octets. The value field must be an integer number of octets. 738 The actual SCTP parameters are defined in the specific SCTP chunk 739 section. The guidelines for vendor-specific parameter extensions are 740 discussed in Section 2.2.2. And the rules for IETF-defined parameter 741 extensions are defined in Section 12.2. 743 2.2.2 Vendor-Specific Extension Parameter Format 745 This is to allow vendors to support their own extended parameters not 746 defined by the IETF. It MUST not affect the operation of SCTP. 748 Endpoints not equipped to interpret the vendor-specific information 749 sent by a remote endpoint MUST ignore it (although it may be 750 reported). Endpoints that do not receive desired vendor-specific 751 information SHOULD make an attempt to operate without it, although 752 they may do so (and report they are doing so) in a degraded mode. 754 A summary of the Vendor-specific extension format is shown below. The 755 fields are transmitted from left to right. 757 Stewart, et al [Page 15] 758 0 1 2 3 759 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 760 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 761 | Parameter Type = 0xFFFE | Parameter Length | 762 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 763 | Vendor-Id | 764 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 765 \ \ 766 / Parameter Value / 767 \ \ 768 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 770 Type: 16 bit u_int 772 0xFFFE for all Vendor-Specific parameters. 774 Length: 16 bit u_int 776 Indicate the size of the parameter in octets, including the 777 Type, Length, Vendor-Id, and Value fields. 779 Vendor-Id: 32 bit u_int 781 The high-order octet is 0 and the low-order 3 octets are the 782 SMI Network Management Private Enterprise Code of the Vendor 783 in network byte order, as defined in the Assigned Numbers (RFC 784 1700). 786 Value: variable length 788 The Value field is one or more octets. The actual format of the 789 information is site or application specific, and a robust 790 implementation SHOULD support the field as undistinguished 791 octets. 793 The codification of the range of allowed usage of this field is 794 outside the scope of this specification. 796 It SHOULD be encoded as a sequence of vendor type / vendor length 797 / value fields, as follows. The parameter field is 798 dependent on the vendor's definition of that attribute. An 799 example encoding of the Vendor-Specific attribute using this 800 method follows: 802 0 1 2 3 803 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 804 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 805 | Parameter Type = 0xFFFE | Parameter Length | 806 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 807 | Vendor-Id | 808 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 809 | VS-Type | VS-Length | 810 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 811 / VS-Value / 812 \ \ 813 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 814 Stewart, et al [Page 16] 815 VS-Type: 16 bit u_int 817 This field identifies the parameter included in the VS-Value field. 818 It is assigned by the vendor. 820 VS-Length: 16 bit u_int 822 This field is the length of the vendor-specific parameter and 823 Includes the VS-Type, VS-Length and VS-Value (if included) fields. 825 VS-Value: Variable Length 827 This field contains the parameter identified by the VS-Type field. 828 It's meaning is identified by the vendor. 830 2.3 SCTP Chunk Definitions 832 This section defines the format of the different SCTP chunk types. 834 2.3.1 Initiation (INIT) (00000001) 836 This chunk is used to initiate a SCTP association between two 837 endpoints. The format of the INIT message is shown below: 839 0 1 2 3 840 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 841 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 842 |0 0 0 0 0 0 0 1| Chunk Flags | Chunk Length | 843 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 844 | Initiate Tag | 845 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 846 | Advertised Receiver Window Credit (a_rwnd) | 847 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 848 | Number of Outbound Streams | Number of Inbound Streams | 849 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 850 | Initial TSN | 851 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 852 \ \ 853 / Optional/Variable-Length Parameters / 854 \ \ 855 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 857 The INIT chunk contains the following parameters. Unless otherwise 858 noted, each parameter MUST only be included once in the INIT chunk. 860 Fixed Parameters Status 861 ---------------------------------------------- 862 Initiate Tag Mandatory 863 Receiver Window Credit Mandatory 864 Number of Outbound Streams Mandatory 865 Number of Inbound Streams Mandatory 866 Initial TSN Mandatory 868 Stewart, et al [Page 17] 869 Variable Parameters Status Type Value 870 ------------------------------------------------------------- 871 IPv4 Address (Note 1) Optional 0x0005 872 IPv6 Address (Note 1) Optional 0x0006 873 Cookie Preservative Optional 0x0009 875 Note 1: The INIT chunks may contain multiple addresses that may be 876 IPv4 and/or IPv6 in any combination. 878 Chunk Flags field in INIT is reserved, and all bits in it should be 879 set to 0 by the sender and ignored by the receiver. The sequence of 880 parameters within an INIT may be processed in any order. 882 Initiate Tag: 32 bit u_int 884 The receiver of the INIT (the responding end) records the value of 885 the Initiate Tag parameter. This value MUST be placed into the 886 Verification Tag field of every SCTP datagram that the responding 887 end transmits within this association. 889 The valid range for Initiate Tag is from 0x1 to 0xffffffff. See 890 Section 4.3.1 for more on the selection of the tag value. 892 If the value of the Initiate Tag in a received INIT chunk is found 893 to be 0x0, the receiver MUST treat it as an error and silently 894 discard the datagram. 896 Advertised Receiver Window Credit (a_rwnd): 32 bit u_int 898 This value represents the dedicated buffer space, in number of 899 octets, the sender of the INIT has placed in association with this 900 window. During the life of the association this buffer space SHOULD 901 not be lessened (i.e. dedicated buffers taken away from this 902 association). 904 Number of Outbound Streams (OS): 16 bit u_int 906 Defines the number of outbound streams the sender of this INIT chunk 907 wishes to create in this association. The value of 0 MUST NOT be 908 used. 910 Number of Inbound Streams (MIS) : 16 bit u_int 912 Defines the maximum number of streams the sender of this INIT chunk 913 allows the peer end to create in this association. The value 0 MUST 914 NOT be used. 916 Initial TSN (I-TSN) : 32 bit u_int 918 Defines the initial TSN that the sender will use. The valid range is 919 from 0x0 to 0xffffffff. This field MAY be set to the value of the 920 Initiate Tag field. 922 Stewart, et al [Page 18] 923 Vendor-specific parameters are allowed in INIT. However, they MUST be 924 appended to the end of the above INIT chunks. The format of the 925 vendor-specific parameters MUST follow the Type-Length-value format as 926 defined in Section 2.2.2. In case an endpoint does not support the 927 vendor-specific chunks received, it MUST ignore them. 929 2.3.1.1 Optional/Variable Length Parameters in INIT 931 The following parameters follow the Type-Length-Value format as 932 defined in Section 2.2.1. The IP address fields MUST come after 933 the fixed-length fields defined in the previous Section. 935 Any extensions MUST come after the IP address fields. 937 IPv4 Address Parameter 939 0 1 2 3 940 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 941 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 942 |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 943 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 944 | IPv4 Address | 945 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 947 IPv4 Address: 32 bit 949 Contains an IPv4 address of the sending endpoint. It is binary 950 encoded. 952 IPv6 Address: 954 0 1 2 3 955 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 956 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 957 |0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0|0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0| 958 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 959 | | 960 | IPv6 Address | 961 | | 962 | | 963 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 965 IPv6 Address: 128 bit 967 Contains an IPv6 address of the sending endpoint. It is binary 968 encoded. 970 Combining with the Source Port Number in the SCTP common header, the 971 value passed in an IPv4 or IPv6 Address parameter indicates a 972 transport address the sender of the INIT will support for the 973 association being initiated. That is, during the lifetime of this 974 association, this IP address may appear in the source address field 976 Stewart, et al [Page 19] 977 of a datagram sent from the sender of the INIT, and may be used as a 978 destination address of a datagram sent from the receiver of the 979 INIT. 981 More than one IP Address parameters can be included in an INIT 982 chunk when the INIT sender is multi-homed. Moreover, a multi-homed 983 endpoint may have access to different types of network, thus more 984 than one address type may be present in one INIT chunk, i.e., IPv4 985 and IPv6 transport addresses are allowed in the same INIT message. 987 If the INIT contains at least one IP Address parameter, then only the 988 transport address(es) provided within the INIT may be used as 989 destinations by the responding end. If the INIT does not contain any 990 IP Address parameters, the responding end MUST use the source 991 address associated with the received SCTP datagram as its sole 992 destination address for the association. 994 Cookie Preservative 996 The sender of the INIT shall use this parameter to suggest to the 997 receiver of the INIT for a longer life-span of the Encryption Cookie. 999 0 1 2 3 1000 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1001 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1002 |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 1003 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1004 | Suggested Cookie Life-span Increment (msec.) | 1005 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1007 Suggested Cookie Life-span Increment: 32bit u_int 1009 This parameter indicates to the receiver how much increment the 1010 sender wishes the receiver to add to its default cookie life-span. 1012 This optional parameter should be added to the INIT message by the 1013 sender when it re-attempts establishing an association with a peer 1014 to which its previous attempt of establishing the association failed 1015 due to a Stale COOKIE error. Note, the receiver MAY choose to ignore 1016 the suggested cookie life-span increase for its own security 1017 reasons. 1019 2.3.2 Initiation Acknowledgment (INIT ACK) (00000010): 1021 The INIT ACK chunk is used to acknowledge the initiation of an SCTP 1022 association. 1024 The parameter part of INIT ACK is formatted similarly to the INIT 1025 chunk. It uses two extra variable parameters: The Encryption Cookie 1026 and the Unrecognized Parameter: 1028 The format of the INIT ACK message is shown below: 1030 Stewart, et al [Page 20] 1031 0 1 2 3 1032 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1033 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1034 |0 0 0 0 0 0 1 0| Chunk Flags | Chunk Length | 1035 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1036 | Initiate Tag | 1037 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1038 | Receiver Window Credit | 1039 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1040 | Number of Outbound Streams | Number of Inbound Streams | 1041 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1042 | Initial TSN | 1043 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1044 \ \ 1045 / Optional/Variable-Length Parameters / 1046 \ \ 1047 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1049 The INIT ACK contains the following parameters. Unless otherwise 1050 noted, each parameter MUST only be included once in the INIT ACK chunk. 1052 Fixed Parameters Status 1053 ---------------------------------------------- 1054 Initiate Tag Mandatory 1055 Receiver Window Credit Mandatory 1056 Number of Outbound Streams Mandatory 1057 Number of Inbound Streams Mandatory 1058 Initial TSN Mandatory 1060 Variable Parameters Status Type Value 1061 ------------------------------------------------------------- 1062 Encryption Cookie Mandatory 0x0007 1063 IPv4 Address (Note 1) Optional 0x0005 1064 IPv6 Address (Note 1) Optional 0x0006 1065 Unrecognized Parameters Optional 0x0008 1067 Note 1: The INIT ACK chunks may contain any number of IP address 1068 parameters that may be IPv4 and/or IPv6 in any combination. 1070 Same as with INIT, in combination with the Source Port carried in the 1071 SCTP common header, each IP Address parameter in the INIT ACK indicates 1072 to the receiver of the INIT ACK a valid transport address supported by 1073 the sender of the INIT ACK for the lifetime of the association being 1074 initiated. 1076 If the INIT ACK contains at least one IP Address parameter, then only 1077 the transport address(es) explicitly indicated in the INIT ACK may be 1078 used as the destination(s) by the receiver of the INIT ACK. However, 1079 if the INIT ACK contains no IP Address parameter, the receiver of the 1080 INIT ACK MUST take the source IP address associated with this INIT ACK 1081 as its sole destination address for this association. 1083 Stewart, et al [Page 21] 1084 The Encryption Cookie and Unrecognized Parameters use the Type-Length- 1085 Value format as defined in Section 2.2.1 and are described below. The 1086 other fields are defined the same as their counterparts in the INIT 1087 message. 1089 2.3.2.1 Optional or Variable Length Parameters 1091 Encryption Cookie: variable size, depending on Size of Cookie 1093 This field MUST contain all the necessary state and parameter 1094 information required for the sender of this INIT ACK to create the 1095 association, along with an MD5 digital signature (128-bit). See 1096 Section 4.1.3 for details on Cookie definition. The Cookie MUST be 1097 padded with '0' to the next 32-bit word boundary. The internal 1098 format of the Cookie is implementation-specific. 1100 Unrecognized Parameters: Variable Size. 1102 This parameter is returned to the originator of the INIT message if 1103 the receiver does not recognize one or more Optional TLV parameters 1104 in the INIT chunk. This parameter field will contain the 1105 unrecognized parameters copied from the INIT message complete 1106 with TLV. 1108 Vendor-Specific parameters are allowed in INIT ACK. However, they 1109 MUST be defined using the format described in Section 2.2.2, and be 1110 appended to the end of the above INIT ACK chunk. In case the receiver 1111 of the INIT ACK does not support the vendor-specific parameters 1112 received, it MUST ignore those fields. 1114 2.3.3 Selective Acknowledgment (SACK) (00000011): 1116 This chunk is sent to the remote endpoint to acknowledge received DATA 1117 chunks and to inform the remote endpoint of gaps in the received 1118 subsequences of DATA chunks as represented by their TSNs. 1120 The SACK MUST contain the Cumulative TSN ACK and Advertised Receiver 1121 Window Credit (a_rwnd) parameters. By definition, the value of the 1122 Cumulative TSN ACK parameter is the last TSN received at the time the 1123 Selective ACK is sent, before a break in the sequence of received TSNs 1124 occurs; the next TSN value following this one has not yet been 1125 received at the reporting end. This parameter therefore acknowledges 1126 receipt of all TSNs up to and including the value given. 1128 The handling of the a_rwnd by the receiver of the SACK is discussed in 1129 detail in Section 5.2.1. 1131 The Selective ACK also contains zero or more fragment reports. Each 1132 fragment report acknowledges a subsequence of TSNs received following 1133 a break in the sequence of received TSNs. By definition, all TSNs 1134 acknowledged by fragment reports are higher than the value of the 1135 Cumulative TSN ACK. 1137 Stewart, et al [Page 22] 1138 0 1 2 3 1139 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1140 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1141 |0 0 0 0 0 0 1 1|Chunk Flags | Chunk Length | 1142 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1143 | Cumulative TSN ACK | 1144 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1145 | Advertised Receiver Window Credit (a_rwnd) | 1146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1147 | Number of Fragments = N | (Reserved) | 1148 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1149 | Fragment #1 Start | Fragment #1 End | 1150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1151 / / 1152 \ ... \ 1153 / / 1154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1155 | Fragment #N Start | Fragment #N End | 1156 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1158 Chunk Flags: 1160 Set to all zeros on transmit and ignored on receipt. 1162 Cumulative TSN ACK: 32 bit u_int 1164 This parameter contains the TSN of the last DATA chunk received in 1165 sequence before a gap. 1167 Advertised Receiver Window Credit (a_rwnd): 32 bit u_int 1169 This field indicates the updated receive buffer space in octets of 1170 the sender of this SACK, see Section 5.2.1 for details. 1172 Number of Fragments: 16 bit u_int 1174 Indicates the number of TSN fragments included in this Selective 1175 ACK. 1177 Reserved: 16 bit 1179 Must be set to all 0 by the sender and ignored by the receiver. 1181 Fragments: 1183 These fields contain the ack fragments. They are repeated for each 1184 fragment up to the number of fragments defined in the Number of 1185 Fragments field. All DATA chunks with TSNs between the (Cumulative 1186 TSN ACK + Fragment Start) and (Cumulative TSN ACK + Fragment End) of 1187 each fragment are assumed to have been received correctly. 1189 Stewart, et al [Page 23] 1190 Fragment Start: 16 bit u_int 1192 Indicates the Start offset TSN for this fragment. To calculate the 1193 actual TSN number the Cumulative TSN ACK is added to this 1194 offset number to yield the TSN. This calculated TSN identifies 1195 the first TSN in this fragment that has been received. 1197 Fragment End: 16 bit u_int 1199 Indicates the End offset TSN for this fragment. To calculate the 1200 actual TSN number the Cumulative TSN ACK is added to this 1201 offset number to yield the TSN. This calculated TSN identifies 1202 the TSN of the last DATA chunk received in this fragment. 1204 For example, assume the receiver has the following datagrams newly 1205 arrived at the time when it decides to send a Selective ACK, 1207 ---------- 1208 | TSN=17 | 1209 ---------- 1210 | | <- still missing 1211 ---------- 1212 | TSN=15 | 1213 ---------- 1214 | TSN=14 | 1215 ---------- 1216 | | <- still missing 1217 ---------- 1218 | TSN=12 | 1219 ---------- 1220 | TSN=11 | 1221 ---------- 1222 | TSN=10 | 1223 ---------- 1225 then, the parameter part of the Selective ACK MUST be constructed as 1226 follows (assuming the new a_rwnd is set to 0x1234 by the sender): 1228 +---------------+--------------+ 1229 | Cumulative TSN ACK = 12 | 1230 ----------------+--------------- 1231 | a_rwnd = 0x1234 | 1232 ----------------+--------------- 1233 | num of frag=2 | (rev = 0) | 1234 ----------------+--------------- 1235 |frag #1 strt=2 |frag #1 end=3 | 1236 ----------------+--------------- 1237 |frag #2 strt=5 |frag #2 end=5 | 1238 -------------------------------- 1240 Stewart, et al [Page 24] 1241 2.3.4 Heartbeat Request (HEARTBEAT) (00000100): 1243 An endpoint should send this chunk to its peer endpoint of the current 1244 association to probe the reachability of a particular destination 1245 transport address defined in the present association. 1247 The parameter field contains the Heartbeat Information which is a 1248 variable length opaque data structure understood only by the sender. 1250 0 1 2 3 1251 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1252 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1253 |0 0 0 0 0 1 0 0| Chunk Flags | Heartbeat Length | 1254 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1255 \ \ 1256 / Heartbeat Information (Variable-Length) / 1257 \ \ 1258 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1260 Chunk Flags: 1262 Set to zero on transmit and ignored on receipt. 1264 Heartbeat Length: 1266 Set to the size of the chunk in octets, including the chunk header 1267 and the Heartbeat Information field. 1269 Heartbeat Information: 1271 defined as a variable-length parameter using the format described in 1272 Section 2.2.1, i.e.: 1274 0 1 2 3 1275 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1276 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1277 | Heartbeat Info Type=1 | HB Info Length | 1278 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1279 / Sender-specific Heartbeat Info / 1280 \ \ 1281 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1283 The Sender-specific Heartbeat Info field should normally include 1284 information about the sender's current time when this HEARTBEAT 1285 message is sent and the destination transport address to which this 1286 HEARTBEAT is sent (see Section 7.3). 1288 Stewart, et al [Page 25] 1289 2.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK) (00000101): 1291 An endpoint should send this chunk to its peer endpoint as a response 1292 to a Heartbeat Request (see Section 7.3). 1294 The parameter field contains a variable length opaque data structure. 1296 0 1 2 3 1297 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1298 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1299 |0 0 0 0 0 1 0 1| Chunk Flags | Heartbeat Ack Length | 1300 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1301 \ \ 1302 / Heartbeat Information (Variable-Length) / 1303 \ \ 1304 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1306 Chunk Flags: 1308 Set to zero on transmit and ignored on receipt. 1310 Heartbeat Ack Length: 1312 Set to the size of the chunk in octets, including the chunk header 1313 and the Heartbeat Information field. 1315 Heartbeat Information: 1317 The values of this field SHALL be copied from the Heartbeat 1318 Information field found in the Heartbeat Request to which this 1319 Heartbeat Acknowledgment is responding. 1321 2.3.6 Abort Association (ABORT) (00000110): 1323 The ABORT chunk is sent to the peer of an association to terminate the 1324 association. The ABORT chunk may contain cause parameters to inform 1325 the receiver the reason of the abort. DATA chunks MUST not be bundled 1326 with ABORT. Control chunks MAY be bundled with an ABORT but they MUST 1327 be placed before the ABORT in the SCTP datagram, or they will be 1328 ignored by the receiver. 1330 If an endpoint receives an ABORT with a format error or for an 1331 association that doesn't exist, it MUST silently discard it. 1332 Moreover, under any circumstances, an endpoint that receives an ABORT 1333 MUST never respond to that ABORT by sending an ABORT of its own. 1335 0 1 2 3 1336 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1337 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1338 |0 0 0 0 0 1 1 0| Chunk Flags | Length | 1339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1340 \ \ 1341 / zero or more Error Causes / 1342 \ \ 1343 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1345 Stewart, et al [Page 26] 1346 Chunk Flags: 1348 Set to zero on transmit and ignored on receipt. 1350 Length: 1352 Set to the size of the chunk in octets, including the chunk header 1353 and all the Error Cause fields present. 1355 See Section 2.3.9 for Error Cause definitions. 1357 Note: Special rules apply to the Verification Tag field of SCTP 1358 datagrams which carry an ABORT, see Section 7.5 for details. 1360 2.3.7 SHUTDOWN (00000111): 1362 An endpoint in an association MUST use this chunk to initiate a 1363 graceful termination of the association with its peer. This chunk has 1364 the following format. 1366 0 1 2 3 1367 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1368 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1369 |0 0 0 0 0 1 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 1370 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1371 | Cumulative TSN ACK | 1372 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1374 Chunk Flags: 1376 Set to zero on transmit and ignored on receipt. 1378 Cumulative TSN ACK: 32 bit u_int 1380 This parameter contains the TSN of the last chunk received in 1381 sequence before any gaps. 1383 Stewart, et al [Page 27] 1384 2.3.8 Shutdown Acknowledgment (SHUTDOWN ACK) (00001000): 1386 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 1387 chunk at the completion of the shutdown process, see Section 8.2 for 1388 details. 1390 The SHUTDOWN ACK chunk has no parameters. 1392 0 1 2 3 1393 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1394 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1395 |0 0 0 0 1 0 0 0|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| 1396 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1398 Chunk Flags: 1400 Set to zero on transmit and ignored on receipt. 1402 Note: if the endpoint that receives the SHUTDOWN message does not have 1403 a TCB or tag for the sender of the SHUTDOWN, the receiver MUST still 1404 respond. In such cases, the receiver MUST send back a stand-alone 1405 SHUTDOWN ACK chunk in an SCTP datagram with the Verification Tag field 1406 of the common header filled with all '0's. 1408 2.3.9 Operation Error (ERROR) (00001001): 1410 This chunk is sent to the other endpoint in the association to notify 1411 certain error conditions. It contains one or more error causes. It has 1412 the following parameters: 1414 0 1 2 3 1415 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1417 |0 0 0 0 1 0 0 1| Chunk Flags | Length | 1418 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1419 \ \ 1420 / one or more Error Causes / 1421 \ \ 1422 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1424 Chunk Flags: 1426 Set to zero on transmit and ignored on receipt. 1428 Length: 1430 Set to the size of the chunk in octets, including the chunk header 1431 and all the Error Cause fields present. 1433 Error causes are defined as variable-length parameters using the 1434 format described in 2.2.1, i.e.: 1436 Stewart, et al [Page 28] 1437 0 1 2 3 1438 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1439 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1440 | Cause Code | Cause Length | 1441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1442 / Cause-specific Information / 1443 \ \ 1444 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1446 Cause Code: 16 bit u_int 1448 Defines the type of error conditions being reported. 1450 Cause Length: 16 bit u_int 1452 Set to the size of the parameter in octets, including the Cause Code, 1453 Cause Length, and Cause-Specific Information fields 1455 Cause-specific Information: variable length 1457 This field carries the details of the error condition. 1459 Currently SCTP defines the following error causes: 1461 Cause of error 1462 --------------- 1463 Invalid Stream Identifier: indicating receiving a DATA sent to a 1464 nonexistent stream. 1466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1467 | Cause Code=1 | Cause Length=8 | 1468 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1469 | Stream Identifier | (Reserved) | 1470 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1472 Cause of error 1473 --------------- 1474 Missing Mandatory Parameter: indicating that mandatory one or more 1475 TLV parameters are missing in a received INIT or INIT ACK. 1477 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1478 | Cause Code=2 | Cause Length=8+N*2 | 1479 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1480 | Number of missing params=N | 1481 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1482 | Missing Param Type #1 | Missing Param Type #2 | 1483 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1484 | Missing Param Type #N-1 | Missing Param Type #N | 1485 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1487 Each missing mandatory parameter type should be specified. 1489 Stewart, et al [Page 29] 1490 Cause of error 1491 -------------- 1492 Stale Cookie Error: indicating the receiving of a valid cookie 1493 which is however expired. 1495 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1496 | Cause Code=3 | Cause Length=8 | 1497 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1498 | Measure of Staleness (usec.) | 1499 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1501 The sender of this error cause MAY choose to report how long past 1502 expiration the cookie is, by putting in the Measure of Staleness 1503 field the difference, in microseconds, between the current time and 1504 the time the cookie expired. If the sender does not wish to provide 1505 this information it should set Measure of staleness to 0. 1507 Cause of error 1508 --------------- 1509 Out of Resource: indicating that the sender is out of resource. This 1510 is usually sent in combination with or within an ABORT. 1512 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1513 | Cause Code=4 | Cause Length=4 | 1514 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1516 Guidelines for IETF-defined Error Cause extensions are discussed in 1517 Section 12.3 of this document. 1519 2.3.10 Encryption Cookie (COOKIE) (00001010): 1521 This chunk is used only during the initialization of an association. 1522 It is sent by the initiator of an association to its peer to complete 1523 the initialization process. This chunk MUST precede any chunk 1524 sent within the association, but MAY be bundled with one or more DATA 1525 chunks in the same datagram. 1527 0 1 2 3 1528 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1529 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1530 |0 0 0 0 1 0 1 0|Chunk Flags | Length | 1531 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1532 | Cookie | 1533 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1535 Chunk Flags: 8 bit 1537 Set to zero on transmit and ignored on receipt. 1539 Length: 16 bit u_int 1541 Set to the size of the chunk in octets, including the 4 octets of 1542 the chunk header and the size of the Cookie. 1544 Stewart, et al [Page 30] 1545 Cookie: variable size 1547 This field must contain the exact cookie received in a previous INIT 1548 ACK. 1550 2.3.11 Cookie Acknowledgment (COOKIE ACK) (00001011): 1552 This chunk is used only during the initialization of an association. 1553 It is used to acknowledge the receipt of a COOKIE chunk. This chunk 1554 MUST precede any chunk sent within the association, but MAY be 1555 bundled with one or more DATA chunks in the same SCTP datagram. 1557 0 1 2 3 1558 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1559 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1560 |0 0 0 0 1 0 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| 1561 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1563 Chunk Flags: 1565 Set to zero on transmit and ignored on receipt. 1567 2.3.12 Payload Data (DATA) (00000000): 1569 The following format MUST be used for the DATA chunk: 1571 0 1 2 3 1572 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1573 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1574 |0 0 0 0 0 0 0 0| Reserved|U|B|E| Length | 1575 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1576 | TSN | 1577 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1578 | Stream Identifier S | Stream Sequence Number n | 1579 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1580 | Payload Protocol Identifier | 1581 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1582 \ \ 1583 / User Data (seq n of Stream S) / 1584 \ \ 1585 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1587 Reserved: 5 bits 1588 should be set to all '0's and ignored by the receiver. 1590 U bit: 1 bit 1591 The (U)nordered bit, if set, indicates that this is an unordered 1592 data chunk, and there is NO Stream Sequence Number assigned to this 1593 DATA chunk. Therefore, the receiver MUST ignore the Stream Sequence 1594 Number field. 1596 Stewart, et al [Page 31] 1597 After re-assembly (if necessary), unordered data chunks MUST be 1598 dispatched to the upper layer by the receiver without any attempt of 1599 re-ordering. 1601 Note, if an unordered user message is segmented, each segment of the 1602 message MUST have its U bit set to 1. 1604 B bit: 1 bit 1606 The (B)eginning segment bit, if set, indicates the first segment of 1607 a user message. 1609 E bit: 1 bit 1610 The (E)nding segment bit, if set, indicates the last segment of a 1611 user message. 1613 A non-segmented user message shall have both the B and E bits set 1614 to 1. Setting both B and E bits to 0 indicates a middle segment of a 1615 multi-segment user message, as summarized in the following table: 1617 B E Description 1618 ============================================================ 1619 | 1 0 | First piece of a segmented user message | 1620 +----------------------------------------------------------+ 1621 | 0 0 | Middle piece of a segmented user message | 1622 +----------------------------------------------------------+ 1623 | 0 1 | Last piece of a segmented user message | 1624 +----------------------------------------------------------+ 1625 | 1 1 | Un-segmented Message | 1626 ============================================================ 1628 Length: 16 bits (16 bit u_int) 1630 This field indicates the length of the DATA chunk in octets. It 1631 includes the Type field, the Reserved field, the U and B/E bits, the 1632 Length field, TSN, the Stream Identifier, the Stream Sequence 1633 Number, and the User Data fields. It does not include any padding. 1635 TSN : 32 bits (32 bit u_int) 1637 This value represents the TSN for this DATA chunk. The valid range 1638 of TSN is from 0x0 to 0xffffffff. 1640 Stream Identifier S: 16 bit u_int 1642 Identifies the stream to which the following user data belongs. 1644 Stream Sequence Number n: 16 bit u_int 1646 This value presents the stream sequence number of the following user 1647 data within the stream S. Valid range is 0x0 to 0xFFFF. 1649 Note, when a user message is segmented by SCTP for transport, the 1650 same stream sequence number MUST be carried in each of the segments of 1651 the message. 1653 Stewart, et al [Page 32] 1654 Payload Protocol Identifier: 32 bits (32 bit u_int) 1656 This value represents an application (or upper layer) specified 1657 protocol identifier. This value is passed to SCTP by its upper layer 1658 and sent to its peer. This identifier is not used by SCTP but may be 1659 used by certain network entities as well as the peer application to 1660 identify the type of information being carried in this DATA chunk. 1662 The value 0x0 indicates no application identifier is specified by 1663 the upper layer for this payload data. 1665 User Data: variable length 1667 This is the payload user data. The implementation MUST pad the end 1668 of the data to a 32 bit boundary with 0 octets. Any padding MUST 1669 NOT be included in the length field. 1671 2.4 Vendor-Specific Chunk Extensions 1673 This Chunk type is available to allow vendors to support their own 1674 extended data formats not defined by the IETF. It MUST not affect the 1675 operation of SCTP. In particular, when adding a Vendor Specific chunk 1676 type, the vendor defined chunks MUST obey the congestion avoidance 1677 rules defined in this document if they carry user data. User data is 1678 defined as any data transported over the association that is delivered 1679 to the upper layer of the receiver. 1681 Endpoints not equipped to interpret the vendor-specific chunk sent by 1682 a remote endpoint MUST ignore it. Endpoints that do not receive 1683 desired vendor specific information SHOULD make an attempt to operate 1684 without it, although they may do so (and report they are doing so) in 1685 a degraded mode. 1687 A summary of the Vendor-Specific Chunk format is shown below. The 1688 fields are transmitted from left to right. 1690 0 1 2 3 1691 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1692 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1693 | Type | Flags | Length | 1694 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1695 | Vendor-Id | 1696 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1697 \ \ 1698 / Value / 1699 \ \ 1700 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1702 Type: 8 bit u_int 1704 0xFE for all Vendor-Specific chunks. 1706 Stewart, et al [Page 33] 1707 Flags: 8 bit u_int 1709 Vendor specific flags. 1711 Length: 16 bit u_int 1713 Size of this Vendor-Specific chunks in octets, including the Type, 1714 Flags, Length, Vendor-Id, and Value fields. 1716 Vendor-Id: 32 bit u_int 1718 The high-order octet is 0 and the low-order 3 octets are the SMI 1719 Network Management Private Enterprise Code of the Vendor in 1720 network byte order, as defined in the Assigned Numbers (RFC 1700). 1722 Value: Variable length 1724 The Value field is one or more octets. The actual format of the 1725 information is site or application specific, and a robust 1726 implementation SHOULD support the field as undistinguished 1727 octets. 1729 The codification of the range of allowed usage of this field is 1730 outside the scope of this specification. 1732 3. SCTP Association State Diagram 1734 During the lifetime of an SCTP association, the SCTP endpoints 1735 progress from one state to another in response to various events. The 1736 events that may potentially advance an endpoint's state include: 1738 o SCTP user primitive calls, e.g., [ASSOCIATE], [TERMINATE], [ABORT], 1740 o reception of INIT, COOKIE, ABORT, SHUTDOWN, etc. control 1741 chunks, or 1743 o some timeout events. 1745 The state diagram in the figures below illustrates state changes, 1746 together with the causing events and resulting actions. Note that some 1747 of the error conditions are not shown in the state diagram. Full 1748 description of all special cases should be found in the text. 1750 Note, chunk names are given in all capital letters, while parameter 1751 names have the first letter capitalized, e.g., COOKIE chunk type vs. 1752 Cookie parameter. 1754 Stewart, et al [Page 34] 1755 ----- -------- (frm any state) 1756 / \ / rcv ABORT [ABORT] 1757 rcv INIT | | | ---------- or ---------- 1758 --------------- | v v delete TCB snd ABORT 1759 generate Cookie \ +---------+ delete TCB 1760 snd INIT.ACK ---| CLOSED | 1761 +---------+ 1762 / \ [ASSOCIATE] 1763 / \ --------------- 1764 | | create TCB 1765 | | snd INIT 1766 | | strt init timer 1767 rcv valid COOKIE | v 1768 (1) ---------------- | +------------+ 1769 create TCB | | COOKIE_WAIT| (2) 1770 snd COOKIE.ACK | +------------+ 1771 | | 1772 | | rcv INIT.ACK 1773 | | ----------------- 1774 | | snd COOKIE 1775 | | stop init timer 1776 | | strt cookie timer 1777 | v 1778 | +------------+ 1779 | | COOKIE_SENT| (3) 1780 | +------------+ 1781 | | 1782 | | rcv COOKIE.ACK 1783 | | ----------------- 1784 | | stop cookie timer 1785 v v 1786 +---------------+ 1787 | ESTABLISHED | 1788 +---------------+ 1790 (from any state except CLOSED) 1791 | 1792 | 1793 /--------+--------\ 1794 [TERMINATE] / \ 1795 ----------------- | | 1796 check outstanding | | 1797 data chunks | | 1798 v | 1799 +---------+ | 1800 |SHUTDOWN | | rcv SHUTDOWN 1801 |PENDING | | ---------------- 1802 +---------+ | x 1803 | | 1804 No more outstanding | | 1805 ------------------- | | 1806 snd SHUTDOWN | | 1807 strt shutdown timer | | 1808 v v 1810 tewart, et al [Page 35] 1811 +---------+ +-----------+ 1812 (4) |SHUTDOWN | | SHUTDOWN | (5) 1813 |SENT | | RECEIVED | 1814 +---------+ +-----------+ 1815 | | 1816 rcv SHUTDOWN.ACK | | x 1817 ------------------- | |----------------- 1818 stop shutdown timer | | retransmit missing DATA 1819 delete TCB | | send SHUTDOWN.ACK 1820 | | delete TCB 1821 | | 1822 \ +---------+ / 1823 \-->| CLOSED |<--/ 1824 +---------+ 1826 Note: 1828 (1) If the received COOKIE is invalid (i.e., failed to pass the 1829 authentication check), the receiver MUST silently discard the 1830 datagram. Or, if the received COOKIE is expired (see Section 1831 4.1.5), the receiver SHALL send back an ERROR chunk. In either 1832 case, the receiver stays in the CLOSED state. 1834 (2) If the init timer expires, the endpoint SHALL retransmit INIT 1835 and re-start the init timer without changing state. This SHALL be 1836 repeated up to 'Max.Init.Retransmits' times. After that, the 1837 endpoint SHALL abort the initialization process and report the 1838 error to SCTP user. 1840 (3) If the cookie timer expires, the endpoint SHALL retransmit 1841 COOKIE and re-start the cookie timer without changing 1842 state. This SHALL be repeated up to 'Max.Init.Retransmits' 1843 times. After that, the endpoint SHALL abort the initialization 1844 process and report the error to SCTP user. 1846 (4) In SHUTDOWN-SENT state the endpoint SHALL acknowledge any received 1847 DATA chunks without delay 1849 (5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new 1850 send request from its SCTP user. 1852 4. Association Initialization 1854 Before the first data transmission can take place from one SCTP 1855 endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must 1856 complete an initialization process in order to set up an SCTP 1857 association between them. 1859 The SCTP user at an endpoint should use the ASSOCIATE primitive to 1860 initialize an SCTP association to another SCTP endpoint. 1862 Stewart, et al [Page 36] 1863 IMPLEMENTATION NOTE: From an SCTP-user's point of view, an 1864 association may be implicitly opened, without an ASSOCIATE primitive 1865 (see 9.1 B) being invoked, by the initiating endpoint's sending of 1866 the first user data to the destination endpoint. The initiating SCTP 1867 will assume default values for all mandatory and optional parameters 1868 for the INIT/INIT ACK. 1870 Once the association is established, unidirectional streams will be 1871 open for data transfer on both ends (see Section 4.1.1). 1873 4.1 Normal Establishment of an Association 1875 The initialization process consists of the following steps (assuming 1876 that SCTP endpoint "A" tries to set up an association with SCTP 1877 endpoint "Z" and "Z" accepts the new association): 1879 A) "A" shall first send an INIT message to "Z". In the INIT, "A" must 1880 provide its security tag "Tag_A" in the Initiate Tag field. Tag_A 1881 SHOULD be a random number in the range of 0x1 to 0xffffffff (see 1882 4.3.1 for Tag value selection). After sending the INIT, "A" starts 1883 the T1-init timer and enters the COOKIE-WAIT state. 1885 B) "Z" shall respond immediately with an INIT ACK message. In the 1886 message, besides filling in other parameters, "Z" must set the 1887 Verification Tag field to Tag_A, and also provide its own security 1888 tag "Tag_Z" in the Initiate Tag field. 1890 Moreover, "Z" MUST generate and send along with the INIT ACK an 1891 Encryption Cookie. See Section 4.1.3 for Encryption Cookie 1892 generation. 1894 Note: after sending out INIT ACK with the cookie, "Z" MUST not 1895 allocate any resources, nor keep any states for the new 1896 association. Otherwise, "Z" will be vulnerable to resource attacks. 1898 C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init 1899 timer and leave COOKIE-WAIT state. "A" shall then send the cookie 1900 received in the INIT ACK message in a cookie chunk, restart the 1901 T1-init timer, and enter the COOKIE-SENT state. 1903 Note, the cookie chunk can be bundled with any pending outbound 1904 DATA chunks, but it MUST be the first chunk in the datagram. 1906 D) Upon reception of the COOKIE chunk, Endpoint "Z" will reply with 1907 a COOKIE ACK chunk after building a TCB and marking itself to 1908 the ESTABLISHED state. A COOKIE ACK chunk may be combined with 1909 any pending DATA chunks (and/or SACK chunks), but the COOKIE ACK 1910 chunk MUST be the first chunk in the datagram. 1912 IMPLEMENTATION NOTE: an implementation may choose to send the 1913 Communication Up notification to the SCTP user upon reception 1914 of a valid COOKIE. 1916 Stewart, et al [Page 37] 1917 E) Upon reception of the COOKIE ACK, endpoint "A" will move from the 1918 COOKIE-SENT state to the ESTABLISHED state, stopping the T1-init 1919 timer, and it may also notify its ULP about the successful 1920 establishment of the associate with a Communication Up notification 1921 (see Section 9). 1923 Note: A DATA chunk MUST NOT be carried in the INIT or INIT ACK message. 1925 Note: T1-init timer shall follow the same rules given in Section 5.3. 1927 Note: if an endpoint receives an INIT, INIT ACK, or COOKIE chunk but 1928 decides not to establish the new association due to missing mandatory 1929 parameters in the received INIT or INIT ACK, invalid parameter values, 1930 or, lack of local resources, it SHALL respond with an ABORT chunk. It 1931 SHOULD also specify the cause of abort, such as the type of the 1932 missing mandatory parameters, etc., by either including cause 1933 parameters or bundling with the ABORT one or more Operational ERROR 1934 chunks. The Verification Tag field in the common header of the 1935 outbound abort datagram MUST be set to equal the Initiate Tag value of 1936 the peer. 1938 Note: After the reception of the first data chunk in an association 1939 the receiver MUST immediately respond with a SACK to acknowledge 1940 the data chunk, subsequent acknowledgments should be done as 1941 described in section 5.2. 1943 Note: When an SCTP endpoint sends an INIT or INIT ACK it SHOULD 1944 include all of its transport addresses in the parameter section. This 1945 is because it may NOT be possible to control the "sending" address 1946 that a receiver of an SCTP datagram sees. A receiver thus MUST know 1947 every address that may be a source address for a peer SCTP endpoint, 1948 this assures that the inbound SCTP datagram can be matched to the 1949 proper association. 1951 Note: At the time when the TCB is created, either end MUST set its 1952 internal cumulative TSN acknowledgment point to its peer's Initial TSN 1953 minus one. 1955 IMPLEMENTATION Note: The IP address and SCTP port(s) are generally 1956 used as the key to find the TCB within an SCTP instance. 1958 4.1.1 Handle Stream Parameters 1960 In the INIT and INIT ACK messages, the sender of the message shall 1961 indicate the number of outbound streams (OS) it wishes to have in the 1962 association, as well as the maximal inbound streams (MIS) it will 1963 accept from the other endpoint. 1965 After receiving these stream configuration information from the other 1966 side, each endpoint shall perform the following check: if the peer's 1967 MIS is less than the endpoint's OS, meaning that the peer is incapable 1968 of supporting all the outbound streams the endpoint wants to 1969 configure, the endpoint MUST either settle with MIS outbound streams, 1970 or abort the association and report to its upper layer the resources 1971 shortage at its peer. 1973 Stewart, et al [Page 38] 1974 After the association is initialized, the valid outbound stream 1975 identifier range for either endpoint shall be 0 to 1976 min(local OS, remote MIS)-1. 1978 4.1.2 Handle Address Parameters 1980 During the association initialization, an endpoint shall use the 1981 following rules to discover and collect the destination transport 1982 address(es) of its peer. 1984 On reception of an INIT or INIT ACK message, the receiver shall record 1985 any transport addresses. The transport address(es) are derived by the 1986 combination of SCTP source port (from the common header) and the IP 1987 address parameter(s) carried in the INIT or INIT ACK message. The 1988 receiver should use only these transport addresses as destination 1989 transport addresses when sending subsequent datagrams to its peer. If 1990 no IP address parameters are specified in the INIT or INIT ACK 1991 message, then the source IP address from which the message arrives 1992 should be combined with SCTP source port number and be considered as 1993 the only destination transport address to use. 1995 An initial primary destination transport address shall be selected 1996 for either endpoint, using the following rules: 1998 For the initiator: any valid transport address obtained from the 1999 INIT ACK message. If no transport address is specified in the INIT 2000 ACK message, use the source transport address from which the INIT 2001 ACK message arrived. 2003 For the responder: any valid transport address obtained from the 2004 INIT message. If no transport address is specified in the INIT 2005 message, use the source transport address from which the INIT 2006 message arrived. 2008 4.1.3 Generating Encryption Cookie 2010 When sending an INIT ACK as a response to an INIT message, the sender 2011 of INIT ACK should create an Encryption Cookie and send it as part of 2012 the INIT ACK. Inside this Encryption Cookie, the sender should include 2013 a security signature, a time stamp on when the cookie is created, and 2014 the lifespan of the cookie, along with all the information necessary 2015 for it to establish the association. 2017 The following steps SHOULD be taken to generate the cookie: 2019 1) create an association TCB using information from both the received 2020 INIT and the outgoing INIT ACK messages, 2022 2) in the TCB, set the creation time to the current time of day, and 2023 the lifespan to the protocol parameter 'Valid.Cookie.Life', 2025 3) attach a private security key to the TCB and generate a 128-bit MD5 2026 signature from the key/TCB combination (see [4] for details on 2027 MD5), and 2029 Stewart, et al [Page 39] 2030 4) generate the Encryption Cookie by combining the TCB and the 2031 resultant MD5 signature. 2033 After sending the INIT ACK with the cookie, the sender SHOULD delete 2034 the TCB and any other local resource related to the new association, 2035 so as to prevent resource attacks. 2037 The private key should be a cryptographic quality random number with 2038 a sufficient length. Discussion in RFC 1750 [1] can be helpful in 2039 selection of the key. 2041 4.1.4 Cookie Processing 2043 When an endpoint receives an INIT ACK chunk in response to its INIT 2044 chunk, and the INIT ACK contains an Encryption Cookie parameter, it 2045 MUST immediately send a COOKIE chunk to its peer with the received 2046 cookie. The sender MAY also add any pending DATA chunks to the 2047 message. 2049 The sender shall also start the T1-init timer after sending out 2050 the COOKIE chunk. If the timer expires, the sender shall retransmit 2051 the COOKIE chunk and restart the T1-init timer. This is repeated until 2052 either a COOKIE ACK is received or the endpoint is marked 2053 unreachable (and thus the association enters the CLOSED state). 2055 4.1.5 Cookie Authentication 2057 When an endpoint receives a COOKIE chunk from another endpoint with 2058 which it has no association, it shall take the following actions: 2060 1) compute an MD5 signature using the TCB data carried in the cookie 2061 along with the receiver's private security key, 2063 2) authenticate the cookie as one that it previously generated by 2064 comparing the computed MD5 signature against the one carried in the 2065 cookie. If this comparison fails, the datagram, including the 2066 COOKIE and the attached user data, should be silently discarded, 2068 3) compare the creation time stamp in the cookie to the current local 2069 time, if the elapsed time is longer than the lifespan carried in 2070 the cookie, then the datagram, including the COOKIE and the 2071 attached user data, SHOULD be discarded and the endpoint MUST 2072 transmit a stale cookie operational error to the sending endpoint, 2074 4) if the cookie is valid, create an association to the sender of the 2075 COOKIE message with the information in the TCB data carried in the 2076 COOKIE, and enter the ESTABLISHED state, 2078 5) immediately acknowledge any DATA chunk in the datagram with a SACK 2079 (subsequent datagram acknowledgement should following the rules 2080 defined in Section 5.2), and, 2082 Stewart, et al [Page 40] 2083 6) send a COOKIE ACK chunk to the sender acknowledging reception of 2084 the cookie. The COOKIE ACK MAY be piggybacked with any outbound 2085 DATA chunk or SACK chunk. 2087 Note that if a COOKIE is received from an endpoint with which the 2088 receiver of the COOKIE has an existing association, the procedures in 2089 section 4.2 should be followed. 2091 4.1.6 An Example of Normal Association Establishment 2093 In the following example, "A" initiates the association and then sends 2094 a user message to "Z", then "Z" sends two user messages to "A" later 2095 (assuming no bundling or segmentation occurs): 2097 Endpoint A Endpoint Z 2099 {app sets association with Z} 2100 (build TCB) 2101 INIT [INIT Tag=Tag_A 2102 & other info] --------\ 2103 (Start T1-init timer) \ 2104 (Enter COOKIE-WAIT state) \---> (compose temp TCB and Cookie_Z) 2106 /--- INIT ACK [Veri Tag=Tag_A, 2107 / INIT Tag=Tag_Z, 2108 (Cancel T1-init timer) <------/ Cookie_Z, & other info] 2109 (destroy temp TCB) 2110 COOKIE [Cookie_Z] -----------\ 2111 (Start T1-init timer) \ 2112 (Enter COOKIE-SENT state) \---> (build TCB enter ESTABLISHED state) 2114 /---- COOKIE-ACK 2115 / 2116 (Cancel T1-init timer, <-----/ 2117 Enter established state) 2118 ... 2119 {app sends 1st user data; strm 0} 2120 DATA [TSN=initial TSN_A 2121 Strm=0,Seq=1 & user data]--\ 2122 (Start T3-rxt timer) \ 2123 \-> 2125 /----- SACK [TSN ACK=init TSN_A,Frag=0] 2126 (Cancel T3-rxt timer) <------/ 2127 ... 2129 Stewart, et al [Page 41] 2130 ... 2131 {app sends 2 datagrams;strm 0} 2132 /---- DATA 2133 / [TSN=init TSN_Z 2134 <--/ Strm=0,Seq=1 & user data 1] 2135 SACK [TSN ACK=init TSN_Z, /---- DATA 2136 Frag=0] --------\ / [TSN=init TSN_Z +1, 2137 \/ Strm=0,Seq=2 & user data 2] 2138 <------/\ 2139 \ 2140 \------> 2142 Note that If T1-init timer expires at "A" after the INIT or COOKIE 2143 chunks are sent, the same INIT or cookie chunk with the same Initiate 2144 Tag (i.e., Tag_A) or cookie shall be retransmitted and the timer 2145 restarted. This shall be repeated Max.Init.Retransmits times before "A" 2146 considers "Z" unreachable and reports the failure to its upper layer 2147 (and thus the association enters the CLOSED state). When 2148 retransmitting the INIT, the endpoint SHALL following the rules 2149 defined in 5.3 to determine the proper timer value. 2151 4.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK 2153 During the life time of an association (in one of the possible 2154 states), an endpoint may receive from its peer endpoint one of the 2155 setup chunks (INIT, INIT ACK, COOKIE, and COOKIE ACK). The receiver 2156 shall treat such a setup chuck as a duplicate and process it as 2157 described in this section. 2159 The following scenarios can cause duplicated chunks: 2161 A) The peer has crashed without being detected, and re-started itself 2162 and sent out a new INIT Chunk trying to restore the association, 2164 B) Both sides are trying to initialize the association at about the 2165 same time, 2167 C) The chunk is from a staled datagram that was used to establish 2168 the present association or a past association which is no longer in 2169 existence, 2171 D) The chunk is a false message generated by an attacker, or 2173 E) The peer never received the COOKIE ACK and is retransmitting its 2174 COOKIE. 2176 In case A), the endpoint shall reset the present association and set a 2177 new association with its peer. Case B) is unique and is discussed in 2178 Section 4.2.1. However, in cases C), D) and E), the endpoint must retain 2179 the present association. 2181 The rules in the following sections shall be applied in order to 2182 identify and correctly handle these cases. 2184 Stewart, et al [Page 42] 2185 4.2.1 Handle Duplicate INIT in COOKIE-WAIT or COOKIE-SENT State 2187 This usually indicates an initialization collision, i.e., both 2188 endpoints are attempting at about the same time to establish an 2189 association with the other endpoint. 2191 In such a case, each of the two side shall respond to the other side 2192 with an INIT ACK, with the Verification Tag field of the common header 2193 set to the tag value received from the INIT message, and the Initiate 2194 Tag field set to its own tag value (the same tag used in the INIT 2195 message sent out by itself). Each responder shall also generate a 2196 cookie with the INIT ACK. 2198 After that, no other actions shall be taken by either side, i.e., the 2199 endpoint shall not change its state, and the T1-init timer shall be 2200 left running. The normal procedures for handling cookies will 2201 resolve the duplicate INITs to a single association. 2203 4.2.2 Handle Duplicate INIT in Other States 2205 Upon reception of the duplicated INIT, the receiver shall generate an 2206 INIT ACK with an Encryption Cookie. 2208 In the outbound INIT ACK, the endpoint shall set the Verification Tag 2209 field in the common header to the peer's new tag value (from the 2210 duplicated INIT message), and the Initiate Tag field to its own tag 2211 value (unchanged from the existing association). The included 2212 Encryption Cookie shall be generated using the current time and a 2213 temporary TCB constructed with the information provided in the 2214 duplicated INIT message (see Section 4.1.3). This temporary TCB MUST 2215 be destroyed after the outbound INIT ACK is built. 2217 After sending out the INIT ACK, the endpoint shall take no further 2218 actions, i.e., the existing association, including its current state, 2219 and the corresponding TCB MUST not be changed. 2221 4.2.3 Handle Duplicate INIT ACK 2223 If an INIT ACK is received by an endpoint in any state 2224 other than the COOKIE-WAIT state, the endpoint should discard 2225 the INIT ACK message. A duplicate INIT ACK usually indicates the 2226 processing of an old INIT or duplicated INIT message. 2228 4.2.4 Handle Duplicate Cookie 2230 When a duplicated COOKIE chunk is received in any state for an 2231 existing association the following rules shall be applied: 2233 1) compute an MD5 signature using the TCB data carried in the cookie 2234 along with the receiver's private security key, 2236 Stewart, et al [Page 43] 2237 2) authenticate the cookie by comparing the computed MD5 signature 2238 against the one carried in the cookie. If this comparison fails, 2239 the datagram, including the COOKIE and the attached user data, 2240 should be silently discarded (this is case C or D above). 2242 3) compare the timestamp in the cookie to the current time, if 2243 the cookie is older than the lifespan carried in the cookie, 2244 the datagram, including the COOKIE and the attached user data, 2245 should be discarded and the endpoint MUST transmit a stale cookie 2246 error to the sending endpoint only if the Verification tags of the 2247 cookie's TCB does NOT match the current tag values in the association 2248 (this is case C or D above). If both Verification tags do match 2249 consider the cookie valid (this is case E). 2251 4) If the cookie proves to be valid, unpack the TCB into a 2252 temporary TCB. 2254 5) If the Verification Tags in the Temporary TCB matches the 2255 Verification Tags in the existing TCB, the cookie is a 2256 duplicate cookie. A cookie ack should be sent to the peer 2257 endpoint but NO update should be made to the existing 2258 TCB. 2260 6) If the the local Verification Tag in the temporary TCB 2261 does not match the local Verification Tag in the existing 2262 TCB, then the cookie is an old stale cookie and does 2263 not correspond to the existing association (case C above). 2264 The datagram should be silently discarded. 2266 7) If the peer's Verification Tag in the temporary TCB does not 2267 match the peer's Verification Tag in the existing TCB, 2268 then a restart of the peer has occurred (case A above). 2269 In such a case, the endpoint should report the restart to its ULP 2270 and respond the peer with a COOKIE ACK message. It shall also 2271 update the Verification Tag, initial TSN, and the destination 2272 address list of the existing TCB with the information from the 2273 temporary TCB. After that the temporary TCB can be discarded. 2275 Furthermore, all the congestion control parameters (e.g., cwnd, 2276 ssthresh) related to this peer shall be reset to their initial 2277 values (see Section 6.2.1). 2279 IMPLEMENTATION NOTE: It is an implementation decision on how 2280 to handle any pending datagrams. The implementation may elect 2281 to either A) send all messages back to its upper layer with the 2282 restart report, or B) automatically re-queue any datagrams 2283 pending by marking all of them as never-sent and assigning 2284 new TSN's at the time of their initial transmissions based upon 2285 the updated starting TSN (as defined in section 5). 2287 Note: The "peer's Verification Tag" is the tag received in the INIT 2288 or INIT ACK chunk. 2290 Stewart, et al [Page 44] 2291 4.2.5 Handle Duplicate COOKIE-ACK. 2293 At any state other than COOKIE-SENT, an endpoint may receive a 2294 duplicated COOKIE ACK chunk. If so, the chunk should be silently 2295 discarded. 2297 4.2.6 Handle Stale COOKIE Error 2299 A stale cookie error indicates one of a number of possible events: 2301 A) that the association failed to completely setup before the 2302 cookie issued by the sender was processed. 2304 B) an old cookie was processed after setup completed. 2306 C) an old cookie is received from someone that the receiver is 2307 not interested in having an association with and the ABORT 2308 message was lost. 2310 When processing a stale cookie an endpoint should first examine 2311 if an association is in the process of being setup, i.e. the 2312 association is in the COOKIE-SENT state. In all cases if 2313 the association is NOT in the COOKIE-SENT state, the stale 2314 cookie message should be silently discarded. 2316 If the association is in the COOKIE-SENT state, the endpoint may elect 2317 one of the following three alternatives. 2319 1) Send a new INIT message to the endpoint, to generate a new cookie 2320 and re-attempt the setup procedure. 2322 2) Discard the TCB and report to the upper layer the inability of 2323 setting-up the association. 2325 3) Send a new INIT message to the endpoint, adding a cookie 2326 preservative parameter requesting an extension on the life time of 2327 the cookie. When calculating the time extension, an implementation 2328 SHOULD use the RTT information measured based on the previous 2329 COOKIE / Stale COOKIE message exchange, and should add no more 2330 than 1 second beyond the measured RTT, due to a long cookie life 2331 time makes the endpoint more subject to a replay attack. 2333 4.3 Other Initialization Issues 2335 4.3.1 Selection of Tag Value 2337 Initiate Tag values should be selected from the range of 0x1 to 2338 0xffffffff. It is very important that the Tag value be randomized to 2339 help protect against "man in the middle" and "sequence number" attacks. 2340 It is suggested that RFC 1750 [1] be used for the Tag randomization. 2342 Stewart, et al [Page 45] 2343 Moreover, the tag value used by either endpoint in a given association 2344 MUST never be changed during the lifetime of the association. However, 2345 a new tag value MUST be used each time the endpoint tears-down and 2346 then re-establishes the association to the same peer. 2348 5. User Data Transfer 2350 For transmission efficiency, SCTP defines mechanisms for bundling of 2351 small user messages and segmentation of large user messages. 2352 The following diagram depicts the flow of user messages through SCTP. 2354 +--------------------------+ 2355 | User Messages | 2356 +--------------------------+ 2357 SCTP user ^ | 2358 ==================|==|======================================= 2359 | v (1) 2360 +------------------+ +--------------------+ 2361 | SCTP DATA Chunks | |SCTP Control Chunks | 2362 +------------------+ +--------------------+ 2363 ^ | ^ | 2364 | v (2) | v (2) 2365 +--------------------------+ 2366 | SCTP datagrams | 2367 +--------------------------+ 2368 SCTP ^ | 2369 ===========================|==|=========================== 2370 | v 2371 Unreliable Packet Transfer Service (e.g., IP) 2373 Note: 2374 (1) When converting user messages into Data chunks, SCTP sender 2375 will segment user messages larger than the current path MTU 2376 into multiple data chunks. The segmented message will normally 2377 be reassembled from data chunks before delivery to the user by 2378 the SCTP receiver (see Section 5.9 for details). 2380 (2) Multiple data and control chunks may be multiplexed by the 2381 sender into a single SCTP datagram for transmission, as long as 2382 the final size of the datagram does not exceed the current path 2383 MTU. The receiver will de-multiplex the datagram back into 2384 the original chunks. 2386 The segmentation and bundling mechanisms, as detailed in Sections 5.9 2387 and 5.10, are optional to implement by the data sender, but they MUST 2388 be implemented by the data receiver, i.e., an SCTP receiver MUST be 2389 prepared to receive and process bundled or segmented data. 2391 Stewart, et al [Page 46] 2392 5.1 Transmission of DATA Chunks 2394 The following general rules SHALL be applied by the sender for 2395 transmission and/or retransmission of outbound DATA chunks: 2397 A) At any given time, the sender MUST NOT transmit new data onto any 2398 destination transport address if its peer's rwnd indicates that the 2399 peer has no buffer space (i.e. rwnd is 0, see Section 5.2.1). 2401 However, regardless of the value of rwnd (including if it is 0), 2402 the sender can always have ONE data packet in flight to the 2403 receiver. This rule allows the sender to probe for a change in rwnd 2404 that the sender missed due to the update having been lost in 2405 transmission from the receiver to the sender. 2407 B) At any given time, the sender MUST NOT transmit new data onto a 2408 given transport address if it has cwnd or more octets of data 2409 outstanding on that transport address. 2411 C) When the time comes for the sender to transmit, before sending 2412 new DATA chunks, the sender MUST first transmit any outstanding 2413 DATA chunks which are marked for retransmission (limited by the 2414 current cwnd). 2416 D) Then, the sender can send out as many new DATA chunks as Rule A and 2417 Rule B above allow. 2419 Note: multiple DATA chunks committed for transmission MAY be 2420 bundled in a single packet, unless bundling is explicitly disallowed 2421 by ULP of the data sender. Furthermore, DATA chunks being 2422 retransmitted MAY be bundled with new DATA chunks, as long as the 2423 resulting packet size does not exceed the path MTU. 2425 Note: before a sender transmits a data packet, if any received DATA 2426 chunks have not been acknowledged (e.g., due to delayed ack), the 2427 sender should create a SACK and bundle it with the outbound DATA 2428 chunk, as long as the size of the final SCTP datagram does not exceed 2429 the current MTU. See Section 5.2. 2431 IMPLEMENTATION Note: when the window is full (i.e., transmission is 2432 disallowed by Rule A and/or Rule B), the sender MAY still accept 2433 send requests from its upper layer, but SHALL transmit no more DATA 2434 chunks until some or all of the outstanding DATA chunks are 2435 acknowledged and transmission is allowed by Rule A and Rule B 2436 again. 2438 Whenever a transmission or retransmission is made to any address, if 2439 the T3-rxt timer of that address is not currently running, the sender 2440 MUST start that timer. However, if the timer of that address is 2441 already running, the sender SHALL restart the timer ONLY IF the 2442 earliest (i.e., lowest TSN) outstanding DATA chunk sent to that 2443 address is being retransmitted. 2445 Stewart, et al [Page 47] 2446 When starting or restarting the T3-rxt timer, the timer value must be 2447 adjusted according to the timer rules defined in Sections 5.3.2, 2448 and 5.3.3. 2450 5.2 Acknowledgment on Reception of DATA Chunks 2452 The SCTP receiver MUST always acknowledge the SCTP sender about the 2453 reception of each DATA chunk. 2455 The guidelines on delayed acknowledgment algorithm specified in 2456 Section 4.2 of RFC 2581 [3] SHOULD be followed. Specifically, an 2457 acknowledgment SHOULD be generated for at least every second datagram 2458 received, and SHOULD be generated within 200 ms of the arrival of any 2459 unacknowledged datagram. 2461 IMPLEMENTATION NOTE: the maximal delay for generating an 2462 acknowledgment may be configured by the SCTP user, either 2463 statically or dynamically, in order to meet the specific 2464 timing requirement of the signaling protocol being carried. 2466 Acknowledgments MUST be sent in SACK control chunks. A SACK chunk can 2467 acknowledge the reception of multiple DATA chunks. See Section 2.3.3 2468 for SACK chunk format. In particular, the SCTP receiver MUST fill in 2469 the Cumulative TSN ACK field to indicate the latest cumulative TSN 2470 number it has received, and any received segments beyond the 2471 Cumulative TSN SHALL also be reported. 2473 Upon reception of the SACK, the data sender MUST adjust its total 2474 outstanding data count and the outstanding data count on those 2475 destination addresses for which one or more data chunks is 2476 acknowledged by the SACK. 2478 The following example illustrates the use of delayed acknowledgments: 2480 Endpoint A Endpoint Z 2482 {App sends 3 messages; strm 0} 2483 DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 2484 (Start T3-rxt timer) 2486 DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) 2487 /------- SACK [TSN ACK=8,Frag=0] 2488 (cancel T3-rxt timer) <-----/ 2489 ... 2490 ... 2492 DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) 2493 (Start T3-rxt timer) 2494 ... 2495 {App sends 1 message; strm 1} 2496 (bundle SACK with DATA) 2497 /----- SACK [TSN Ack=9,Frag=0] \ 2498 / DATA [TSN=6,Strm=1,Seq=2] 2499 (cancel T3-rxt timer) <------/ (Start T3-rxt timer) 2501 Stewart, et al [Page 48] 2502 (ack delayed) 2503 ... 2504 (send ack) 2505 SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer) 2507 5.2.1 Tracking Peer's Receive Buffer Space 2509 Whenever a SACK arrives, a new updated a_rwnd arrives with it. This 2510 value represents the amount of buffer space the sender of the SACK, at 2511 the time of transmitting the SACK, has left of its total receive 2512 buffer space (as specified in the INIT/INIT-ACK). After processing the 2513 SACK, the receiver of the SACK must use the following rules to 2514 re-calculate the congestion control rwnd, using the received a_rwnd 2515 value. 2517 A) At the establishment of the association, the endpoint initializes 2518 the congestion control rwnd to the Advertised Receiver Window 2519 Credit (a_rwnd) the peer specified in the INIT or INIT ACK. 2521 B) Any time a DATA chunk is transmitted to a peer, the endpoint 2522 subtracts the data size of the chunk from the rwnd of that peer. 2524 C) Any time a SACK arrives, the endpoint performs the following: 2526 If all outstanding TSNs are acknowledged by the SACK, adopt 2527 the a_rwnd value in the SACK as the new rwnd. 2529 Otherwise, take the value of the current rwnd, and add to it the 2530 data size of any newly acknowledged TSNs that has its BE bits set 2531 to 11, OR that moved the cumulative TSN point forward. Then, set 2532 the congestion control rwnd to the lesser of the calculated value 2533 and the a_rwnd carried in the SACK. 2535 D) Any time the T3-rxt timer expires on any address, causing all 2536 outstanding chunks sent to that address to be marked for 2537 retransmission, add all of the data sizes of those chunks to the rwnd. 2539 E) Any time a DATA chunk is marked for retransmission via the 2540 fast retransmit algorithm (section 6.2.4), add the DATA chunks 2541 size to the rwnd. 2543 5.3 Management of Retransmission Timer 2545 SCTP uses a retransmission timer T3-rxt to ensure data delivery in the 2546 absence of any feedback from the remote data receiver. The duration of 2547 this timer is referred to as RTO (retransmission timeout). 2549 When the receiver endpoint is multi-homed, the data sender endpoint 2550 will calculate a separate RTO for each different destination transport 2551 addresses of the receiver endpoint. 2553 Stewart, et al [Page 49] 2554 The computation and management of RTO in SCTP follows closely with how 2555 TCP manages its retransmission timer. To compute the current RTO, an 2556 SCTP sender maintains two state variables per destination transport 2557 address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time 2558 variation). 2560 5.3.1 RTO Calculation 2562 The rules governing the computation of SRTT, RTTVAR, and RTO are 2563 as follows: 2565 C1) Until an RTT measurement has been made for a packet sent 2566 to the given destination transport address, set RTO to the 2567 protocol parameter 'RTO.Initial'. 2569 C2) When the first RTT measurement R is made, set SRTT <- R, 2570 RTTVAR <- R/2, and RTO <- SRTT + 4 * RTTVAR. 2572 C3) When a new RTT measurement R' is made, set 2574 RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| 2575 SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 2577 Note, the value of SRTT used in the update to RTTVAR is its value 2578 *before* updating SRTT itself using the second assignment. 2580 After the computation, update RTO <- SRTT + 4 * RTTVAR. 2582 C4) When data is in flight and when allowed by rule C5 below, a new 2583 RTT measurement MUST be made each round trip. Furthermore, 2584 it is RECOMMENDED that new RTT measurements should be made no 2585 more than once per round-trip for a given destination transport 2586 address. There are two reasons for this recommendation: first, 2587 it appears that measuring more frequently often does not in 2588 practice yield any significant benefit [5]; second, if 2589 measurements are made more often, then the values of RTO.Alpha and 2590 RTO.Beta in rule C3 above should be adjusted so that SRTT and 2591 RTTVAR still adjust to changes at roughly the same rate (in terms 2592 of how many round trips it takes them to reflect new value) as 2593 they would if making only one measurement per round-trip and 2594 using RTO.Alpha and RTO.Beta as given in rule C3. However, the 2595 exact nature of these adjustments remains a research issue. 2597 C5) Karn's algorithm: RTT measurements MUST NOT be made using 2598 packets that were retransmitted (and thus for which it is 2599 ambiguous whether the reply was for the first instance of the 2600 packet or a later instance). 2602 C6) Whenever RTO is computed, if it is less than RTO.Min seconds 2603 then it is rounded up to RTO.Min seconds. The reason for this 2604 rule is that RTOs that do not have a high minimum value are 2605 susceptible to unnecessary timeouts [5]. 2607 Stewart, et al [Page 50] 2608 C7) A maximum value may be placed on RTO provided it is at least 2609 RTO.max seconds. 2611 There is no requirement for the clock granularity G used for computing 2612 RTT measurements and the different state variables, other than 2614 G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust 2615 RTTVAR <- G. 2617 Experience [5] has shown that finer clock granularities (<= 100 msec) 2618 perform somewhat better than more coarse granularities. 2620 5.3.2 Retransmission Timer Rules 2622 The rules for managing the retransmission timer are as follows: 2624 R1) Every time a packet containing data is sent to any address (including 2625 a retransmission), if the T3-rxt timer of that address is not 2626 running, start it running so that it will expire after the RTO of 2627 that address. The RTO used here is that obtained after any doubling 2628 due to previous T3-rxt timer expirations on the corresponding 2629 destination address as discussed in rule E2 below. 2631 R2) Whenever all outstanding data on an address has been acknowledged, 2632 turn off the T3-rxt timer of that address. 2634 R3) Whenever a SACK is received that acknowledges new data chunks 2635 including the one with the earliest outstanding TSN on that address, 2636 restart T3-rxt timer of that address with its current RTO. 2638 The following example shows the use of various timer rules (assuming 2639 the receiver uses delayed acks). 2641 Endpoint A Endpoint Z 2642 {App begins to send} 2643 Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 2644 (Start T3-rxt timer) 2645 {App sends 1 message; strm 1} 2646 (bundle ack with data) 2647 DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN ACK=7,Frag=0] \ 2648 \ / DATA [TSN=6,Strm=1,Seq=2] 2649 \ / (Start T3-rxt timer) 2650 \ 2651 / \ 2652 (Re-start T3-rxt timer) <------/ \--> (ack delayed) 2653 (ack delayed) 2654 ... 2655 {send ack} 2656 SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer) 2657 .. 2658 (send ack) 2659 (Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0] 2661 Stewart, et al [Page 51] 2662 5.3.3 Handle T3-rxt Expiration 2664 Whenever the retransmission timer T3-rxt expires on a destination 2665 address, do the following: 2667 E1) On the destination address where the timer expires, adjust its 2668 ssthresh with rules defined in Section 6.2.3 and set the 2669 cwnd <- MTU. 2671 E2) On the destination address where the timer expires, set 2672 RTO <- RTO * 2 ("back off the timer"). The maximum value discussed 2673 in rule C7 above (RTO.max) may be used to provide an upper bound 2674 to this doubling operation. 2676 E3) Determine how many of the earliest (i.e., lowest TSN) outstanding 2677 Data chunks on the address where the T3-rxt has expired that will 2678 fit into a single packet, subject to the MTU constraint for the 2679 path corresponding to the destination transport address where the 2680 retransmission is being sent to (this may be different from the 2681 address where the timer expires [see Section 5.4]). Call this 2682 value K. Bundle and retransmit those K data chunks in a single 2683 packet to the address. 2685 E4) Start the retransmission timer T3-rxt on the destination address 2686 to where the retransmission is sent, if rule R1 above indicates to 2687 do so. Note, the RTO to be used for starting T3-rxt should be the 2688 one of the destination address to where the retransmission is 2689 sent, which, when the receiver is multi-homed, may be different 2690 from the destination address where the timer expired (see Section 2691 5.4 below). 2693 Note that after retransmitting, once a new RTT measurement is obtained 2694 (which can happen only when new data has been sent and acknowledged, 2695 per rule C5, or for a measurement made from a Heartbeat [see Section 2696 7.3]), the computation in rule C3 is performed, including the 2697 computation of RTO, which may result in "collapsing" RTO back down 2698 after it has been subject to doubling (rule E2). 2700 The final rule for managing the retransmission timer concerns failover 2701 (see Section 5.4.1): 2703 F1) Whenever SCTP switches from the current destination transport 2704 address to a different one, the current retransmission timers are 2705 left running. As soon as SCTP transmits a packet containing data 2706 to the new transport address, start the timer on that transport 2707 address, using the RTO value of the destination address where 2708 the data is being sent, if rule R1 indicates to do so. 2710 5.4 Multi-homed SCTP Endpoints 2712 An SCTP endpoint is considered multi-homed if there are more than one 2713 transport addresses that can be used as a destination address to reach 2714 that endpoint. 2716 Stewart, et al [Page 52] 2717 Moreover, at the sender side, one of the multiple destination 2718 addresses of the multi-homed receiver endpoint shall be selected as 2719 the primary destination transport address by the UPL (see Sections 2720 4.1.2 and 9.1 for details). 2722 When the SCTP sender is transmitting to the multi-homed receiver, by 2723 default the transmission SHOULD always take place on the primary 2724 transport address, unless the SCTP user explicitly specifies the 2725 destination transport address to use. 2727 The acknowledgment SHOULD be transmitted to the same destination 2728 transport address from which the DATA or control chunk being 2729 acknowledged were received. 2731 However, when acknowledging multiple DATA chunks in a single SACK, the 2732 SACK message may be transmitted to one of the destination transport 2733 addresses from which the DATA or control chunks being acknowledged 2734 were received. 2736 Furthermore, when the receiver is multi-homed, the SCTP data sender 2737 SHOULD try to retransmit a chunk to an active destination transport 2738 address that is different from the last destination address where the 2739 data chunk was sent to. 2741 Note, retransmissions do not affect the total outstanding data 2742 count. However, if the data chunk is retransmitted onto a different 2743 destination address, both the outstanding data counts on the new 2744 destination address and the old destination address where the data 2745 chunk was last sent to shall be adjusted accordingly. 2747 5.4.1 Failover from Inactive Destination Address 2749 Some of the destination transport addresses of a multi-homed SCTP data 2750 receiver may become inactive due to either the occurrence of certain 2751 error conditions (see Section 7.2) or adjustments from SCTP user. 2753 When there is outbound data to send and the primary destination 2754 transport address becomes inactive (e.g., due to failures), or where 2755 the SCTP user explicitly requests to send data to an inactive 2756 destination transport address, before reporting an error to its ULP, 2757 the SCTP sender should try to send the data to an alternate active 2758 destination transport address if one exists. 2760 5.5 Stream Identifier and Stream Sequence Number 2762 Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk 2763 with an invalid stream identifier is received, the receiver shall, 2764 after acknowledging the reception of the DATA chunk following the normal 2765 procedure, respond immediately with an ERROR message with cause set to 2766 Invalid Stream Identifier (see Section 2.3.9) and discard the DATA 2767 chunk. 2769 Stewart, et al [Page 53] 2770 The stream sequence number in all the streams shall start from 0x0 2771 when the association is established. Also, when the stream sequence 2772 number reaches the value 0xffff the next stream sequence number shall 2773 be set to 0x0. 2775 5.6 Ordered and Un-ordered Delivery 2777 By default the SCTP receiver shall ensure the DATA chunks within any 2778 given stream be delivered to the upper layer according to the order of 2779 their stream sequence number. If there are DATA chunks arriving out of 2780 order of their stream sequence number, the receiver MUST hold the 2781 received DATA chunks from delivery until they are re-ordered. 2783 However, an SCTP sender can indicate that no ordered delivery is 2784 required on a particular DATA chunk within the stream by setting the U 2785 flag of the DATA chunk to 1. 2787 In this case, the receiver must bypass the ordering mechanism and 2788 immediately delivery the data to the upper layer (after re-assembly if 2789 the user data is segmented by the sender). 2791 This provides an effective way of transmitting "out-of-band" data in a 2792 given stream. Also, a stream can be used as an "unordered" stream by 2793 simply setting the U flag to 1 in all outbound DATA chunks sent 2794 through that stream. 2796 IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an 2797 implementation may choose to place the DATA chunk in an outbound 2798 datagram that is at the head of the outbound transmission queue if 2799 possible. 2801 Note that the 'Stream Sequence Number' field in an un-ordered data 2802 chunk has no significance; the sender can fill it with arbitrary 2803 value, but the receiver MUST ignore the field. 2805 5.7 Report Gaps in Received DATA TSNs 2807 Upon the reception of a new DATA chunk, an SCTP receiver shall examine 2808 the continuity of the TSNs received. If the receiver detects that gaps 2809 exist in the received DATA chunk sequence, an SACK with fragment 2810 reports shall be sent back immediately. 2812 Based on the segment reports from the SACK, the data sender can 2813 calculate the missing DATA chunks and make decisions on whether to 2814 retransmit them (see Section 5.3 for details). 2816 Multiple gaps can be reported in one single SACK (see Section 2.3.3). 2818 Note that when the data sender is multi-homed, the SCTP receiver 2819 SHOULD always try to send the SACK to the same network from where the 2820 last DATA chunk was received. 2822 Stewart, et al [Page 54] 2823 Upon the reception of the SACK, the data sender SHALL remove all DATA 2824 chunks which have been acknowledged by the SACK. The data sender MUST 2825 also treat all the DATA chunks which fall into the gaps between the 2826 fragments reported by the SACK as "missing". The number of "missing" 2827 reports for each outstanding DATA chunk MUST be recorded by the data 2828 sender in order to make retransmission decision, see Section 6.2.4 for 2829 details. 2831 The following example shows the use of SACK to report a gap. 2833 Endpoint A Endpoint Z 2834 {App sends 3 messages; strm 0} 2835 DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) 2836 (Start T3-rxt timer) 2838 DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) 2840 DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, 2841 immediately send ack) 2842 /----- SACK [TSN ACK=6,Frag=1, 2843 / Strt=2,End=2] 2844 <-----/ 2845 (remove 6 and 8 from out-queue, 2846 and strike 7 as "1" missing report) 2848 Note: in order to keep the size of the outbound SCTP datagram not to 2849 exceed the current path MTU, the maximal number of fragments that can 2850 be reported within a single SACK chunk is limited. When a single SACK 2851 can not cover all the fragments needed to be reported due to the MTU 2852 limitation, the endpoint SHALL send only one SACK, reporting the 2853 fragments from the lowest to highest TSNs, within the size limit set 2854 by the MTU, and leave the remaining highest TSN fragment numbers 2855 unacknowledged. 2857 5.8 Adler-32 Checksum Calculation 2859 When sending an SCTP datagram, the sender MUST strengthen the data 2860 integrity of the transmission by including the Adler-32 checksum 2861 value calculated on the datagram, as described below. 2863 After the datagram is constructed (containing the SCTP common header 2864 and one or more control or DATA chunks), the sender shall: 2866 1) fill in the proper Verification Tag in the SCTP common header and 2867 initialize the Adler-32 checksum filed to 0's. 2869 2) calculate the Adler-32 checksum of the whole datagram, including the 2870 SCTP common header and all the chunks. Refer to Sections 8.2 and 9 2871 in [2] for details of the Adler-32 algorithm. And, 2873 3) put the resultant value into the Adler-32 checksum field in the 2874 common header, and leave the rest of the bits unchanged. 2876 Stewart, et al [Page 55] 2877 When an SCTP datagram is received, the receiver MUST first check the 2878 Adler-32 checksum: 2880 1) store the received Adler-32 checksum value aside, 2882 2) replace the 32 bits of the Adler-32 checksum field in the received 2883 SCTP datagram with all '0's and calculate an Adler-32 checksum 2884 value of the whole received datagram. And, 2886 3) verify that the calculated Adler-32 checksum is the same as the 2887 received Adler-32 checksum, If not, the receiver MUST treat the 2888 datagram as an invalid SCTP datagram. 2890 The default procedure of handling invalid SCTP datagrams is to 2891 silently discard them. 2893 5.9 Segmentation 2895 Segmentation MUST be performed by the data sender if the user message 2896 to be sent has a large size that causes the outbound SCTP datagram 2897 size exceeding the current MTU. 2899 Note, if the data receiver is multi-homed, the sender shall choose a 2900 size no larger than the latest MTU of the current primary destination 2901 address. 2903 When determining when to segment, the SCTP implementation MUST take 2904 into account the SCTP datagram header as well as the DATA chunk 2905 header. The implementation MAY also take account of the space required 2906 for a SACK chunk. 2908 IMPLEMENTATION NOTE: if segmentation is not support by the sender, 2909 an error should be reported to the sender's SCTP user if the data to be 2910 sent has a size exceeding the current MTU. In such cases the Send 2911 primitive discussed in Section 9.1 would need to return an error 2912 to the upper layer. 2914 Segmentation takes the following steps: 2916 1) the data sender SHALL break the large user message into a series of 2917 DATA chunks, such that each of the chunks can be fit into an IP 2918 datagram smaller than or equal to the current MTU, 2920 2) the data sender MUST then assign, in sequence, a separate TSN to 2921 each of the DATA chunks in the series, 2923 3) the data sender MUST also set the B/E bits of the first DATA chunk 2924 in the series to '10', the B/E bits of the last DATA chunk in the 2925 series to '01', and the B/E bits of all other DATA chunks in the 2926 series to '00'. 2928 Stewart, et al [Page 56] 2929 The data receiver MUST recognize the segmented DATA chunks, by 2930 examining the B/E bits in each of the received DATA chunks, and queue 2931 the segmented DATA chunks for re-assembly. Then, it shall pass the 2932 re-assembled user message to the specific stream for possible 2933 re-ordering and final dispatching. 2935 Note, if the data receiver runs out of buffer space while still 2936 waiting for more segments to complete the re-assembly of the message, 2937 it should dispatch part of its inbound message through a partial 2938 delivery API (see Section 9), freeing some of its receive buffer space 2939 so that the rest of the message may be received. 2941 5.10 Bundling and Multiplexing 2943 An SCTP sender achieves data bundling by simply including multiple 2944 DATA chunks in one outbound SCTP datagram. Note that the total size of 2945 the resultant IP datagram, including the SCTP datagram and IP headers, 2946 MUST be less or equal to the current MTU. 2948 Note, if the data receiver is multi-homed, the sender shall choose a 2949 size no larger than the latest MTU of the current primary destination 2950 address. 2952 When multiplexing control chunks with DATA chunks, control chunks have 2953 the priority and MUST be placed first in the outbound SCTP datagram 2954 and be transmitted first. The transmitter MUST transmit DATA chunks 2955 within a SCTP datagram in increasing order of TSN. 2957 Partial chunks MUST NOT be placed in a SCTP datagram. 2959 The receiver MUST process the chunks in order in the datagram. The 2960 receiver uses the chunk length field to determine the end of a chunk 2961 and beginning of the next chunk taking account of the fact that all 2962 chunks end on a thirty-two-bit word boundary. If the receiver detects 2963 a partial chunk, it MUST drop the chunk. 2965 6. Congestion control 2967 Congestion control is one of the basic functions in the SCTP protocol. 2968 For some applications, it may be likely that adequate resources will 2969 be allocated to SCTP traffic to assure prompt delivery of 2970 time-critical SCTP data - thus it would appear to be unlikely, during 2971 normal operations, that SCTP transmissions encounter severe congestion 2972 condition. However SCTP must prepare itself for adverse operational 2973 conditions, which can develop upon partial network failures or 2974 unexpected traffic surge. In such situations SCTP must follow correct 2975 congestion control steps to recover from congestion quickly in order 2976 to get data delivered as soon as possible. In the absence of network 2977 congestion, these preventive congestion control algorithms should show 2978 no impact on the protocol performance. 2980 Stewart, et al [Page 57] 2981 IMPLEMENTATION NOTE: as far as its specific performance requirements 2982 are met, an implementation is always allowed to adopt a more 2983 conservative congestion control algorithm than the one defined 2984 below. 2986 The congestion control algorithms used by SCTP are based on RFC 2581 2987 [3], "TCP Congestion Control". This section describes how the 2988 algorithms defined in RFC 2581 are adopted for use in SCTP. We first 2989 list differences in protocol designs between TCP and SCTP, and then 2990 describe SCTP's congestion control scheme. The description will use 2991 the same terminology as in TCP congestion control whenever 2992 appropriate. 2994 6.1 SCTP Differences from TCP Congestion control 2996 One difference between SCTP and TCP is that Selective Acknowledgment 2997 function (SACK) is designed into SCTP, rather than an enhancement that 2998 is added to the protocol later as is the case for TCP. SCTP SACK 2999 carries different semantic meanings from that of TCP SACK. TCP 3000 considers the information carried in the SACK as advisory information 3001 only. In SCTP, any DATA chunk that has been acknowledged by SACK, 3002 including DATA that arrived at the receiving end out of order, are 3003 considered having been delivered to the destination application, and 3004 the sender is free to discard the local copy. Consequently, the value 3005 of cwnd controls the amount of outstanding data, rather than the upper 3006 bound between the highest acknowledged sequence number and the latest 3007 DATA chunk that can be sent within the congestion window, as is the 3008 case in TCP. SCTP SACK leads to different implementations of 3009 fast-retransmit and fast-recovery from that of TCP. 3011 The biggest difference between SCTP and TCP, however, is multi-homing. 3012 SCTP is designed to establish robust communication associations 3013 between two end points each of which may be reachable by more than one 3014 transport address. Potentially different addresses may lead to 3015 distinguished data paths between the two points, thus ideally one may 3016 need a separate set of congestion control parameters for each of the 3017 paths. The treatment here of congestion control for multi-homed 3018 receivers is new with SCTP and may require refinement in the 3019 future. The current algorithms make the following assumptions: 3021 o The sender always uses the same destination address until being 3022 instructed by the upper layer otherwise. 3024 o The sender keeps a separate congestion control parameter set for each 3025 of the destination addresses. The parameters should decay if the 3026 address is not used for a long enough time period. 3028 o For each of the destination addresses, do slow-start upon the first 3029 transmission to that address. 3031 Stewart, et al [Page 58] 3032 6.2 SCTP Slow-Start and Congestion Avoidance 3034 The slow start and congestion avoidance algorithms MUST be used by a 3035 SCTP sender to control the amount of outstanding data being injected 3036 into the network. The congestion control in SCTP is employed in regard 3037 to the association, not to an individual stream. In some situations it 3038 may be beneficial for an SCTP sender to be more conservative than the 3039 algorithms allow, however an SCTP sender MUST NOT be more aggressive 3040 than the following algorithms allow. 3042 Like TCP, an SCTP sender uses the following three control variables to 3043 regulate its transmission rate. 3045 o Receiver advertised window size (rwnd, in octets), which is set by 3046 the receiver based on its available buffer space for incoming packets. 3048 o Congestion control window (cwnd, in octets), which is adjusted by 3049 the sender based on observed network conditions. 3051 o Slow-start threshold (ssthresh, in octets), which is used by the 3052 sender to distinguish slow start and congestion avoidance phases. 3054 SCTP also requires one additional control variable, partial_bytes_acked, 3055 which is used during congestion avoidance phase to facilitate cwnd 3056 adjustment. 3058 6.2.1 Slow-Start 3060 Beginning data transmission into a network with unknown conditions 3061 requires SCTP to probe the network to determine the available capacity. 3062 The slow start algorithm is used for this purpose at the beginning of a 3063 transfer, or after repairing loss detected by the retransmission timer. 3065 o The initial cwnd before data transmission or after a sufficiently 3066 long idle period MUST be <= 2*MTU. 3068 o The initial cwnd after a retransmission timeout MUST be no more 3069 than 1*MTU. 3071 o The initial value of ssthresh MAY be arbitrarily high (for example, 3072 some implementations use the size of the receiver advertised window). 3074 o Whenever cwnd is greater than zero, the sender is allowed to have cwnd 3075 octets of data outstanding on that transport address. 3077 o When cwnd is less than or equal to ssthresh an SCTP sender MUST use 3078 the slow start algorithm to increase cwnd (assuming the current 3079 congestion window is being fully utilized). If the incoming SACK 3080 advances the cumulative TSN, cwnd MUST be increased by at most the 3081 lesser of 1) the total size of the previously outstanding DATA 3082 chunk(s) acknowledged, and 2) the destinations path MTU. 3083 This prevents against the ACK-Splitting attack outlined in [15]. 3085 Stewart, et al [Page 59] 3086 NOTE: In instances where the data receiver endpoint is multi-homed, 3087 if a SACK arrives at the data sender that advances the 3088 sender's cumulative TSN point, then the data sender should update 3089 its cwnd (or cwnds) apportioned to the destination addresses where 3090 the data was transmitted to. However if the SACK does not advance 3091 the cumulative TSN point, the data sender MUST not adjust the cwnd 3092 of any of the destination addresses. 3094 NOTE: because an SCTP data sender's cwnd is not tied to its 3095 cumulative TSN point, as duplicate SACKs come in, even though they 3096 may not advance the cumulative TSN point an SCTP sender can still 3097 use them to clock out new data. That is, the data newly 3098 acknowledged by the SACK diminishes the amount of data now in 3099 flight to less than cwnd; and so the current, unchanged value of 3100 cwnd now allows new data to be sent. On the other hand, the 3101 increase of cwnd must be tied to the cumulative TSN advancement as 3102 specified above. Otherwise the duplicate SACKs will not only clock 3103 out new data, but also will adversely clock out *more* new data 3104 than what has just left the network, during a time of possible 3105 congestion. 3107 o When the sender does not transmit data on a given transport address, 3108 the cwnd of the transport address should be adjusted to 3109 max(cwnd / 2, 2*MTU) per RTO. 3111 6.2.2 Congestion Avoidance 3113 When cwnd is greater than ssthresh, cwnd should be incremented 3114 by 1*MTU per RTT if the sender has cwnd or more octets of data 3115 outstanding on the corresponding transport address. 3117 In practice an implementation can achieve this goal in the 3118 following way: 3120 o partial_bytes_acked is initialized to 0. 3122 o Whenever cwnd is greater than ssthresh, upon each SACK arrival, 3123 increase partial_bytes_acked by the total number of octets of all 3124 new chunks acknowledged in that SACK. 3126 o When partial_bytes_acked is equal or greater than cwnd and before 3127 the arrival of the SACK the sender has cwnd or more octets of data 3128 outstanding, increase cwnd by MTU, and reset partial_bytes_acked to 3129 (partial_bytes_acked - cwnd). 3131 o Same as in the slow start, when the sender does not transmit data on 3132 a given transport address, the cwnd of the transport address should 3133 be adjusted to max(cwnd / 2, 2*MTU) per RTO. 3135 Stewart, et al [Page 60] 3136 6.2.3 Congestion Control 3138 Upon detection of packet losses from SACK reports (see section 6.2.4), 3139 the sender should do the following: 3141 ssthresh = max(cwnd/2, 2*MTU) 3142 cwnd = ssthresh 3144 Basically, a packet loss causes cwnd to be cut in half. 3146 When the T3-rxt timer expires on an address, SCTP should perform 3147 slow start by: 3149 ssthresh = max(cwnd/2, 2*MTU) 3150 cwnd = 1*MTU 3152 and assure that no more than one data packet will be in flight on that 3153 address until the sender receives acknowledgment for successful delivery 3154 of data to that address. 3156 6.2.4 Fast Retransmit on Gap Reports 3158 In the absence of data losses, a SCTP receiver performs delayed 3159 acknowledgment. However, whenever a receiver notices a hole in the 3160 arriving TSN sequence, it should start sending a SACK back every time 3161 a packet arrives carrying data. 3163 At the sender end, whenever the sender receives a SACK that indicate 3164 some TSN(s) missing, it SHOULD wait for 3 further miss indications 3165 (via subsequent SACKs) on the same TSN(s) before taking action. 3167 When the TSN(s) is reported as missing in consecutive SACKs for the 3168 4th time, the sender shall: 3170 1) Mark the missing DATA chunk(s) for retransmission, 3172 2) Adjust the ssthresh and cwnd of the destination address(es) where 3173 the missing data chunks were last sent, according to the formula 3174 described in Section 6.2.3. 3176 3) Determine how many of the earliest (i.e., lowest TSN) missing Data 3177 chunks will fit into a single packet, subject to constraint of the 3178 path MTU of the destination transport address to which the packet 3179 is being sent. Call this value K. Retransmit those K data chunks in 3180 a single packet. 3182 4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest 3183 outstanding TSN number sent to that address, or we are retransmitting 3184 the first outstanding Data chunk sent to that address. 3186 Note, before the above adjustments, if the received SACK also 3187 acknowledges new data chunks and advances the cumulative TSN point, 3188 the cwnd adjustment rules defined in Sections 6.2.1 and 6.2.2 must 3189 be applied first. 3191 Stewart, et al [Page 61] 3192 A straightforward implementation of the above requires that the sender 3193 keeps a counter for each TSN hole first reported by a SACK; the 3194 counter keeps track of whether 3 subsequent SACKs have reported the 3195 same hole. 3197 Because cwnd in SCTP indirectly bounds the number of outstanding 3198 TSN's, the effect of TCP fast-recovery is achieved automatically with 3199 no adjustment to the congestion control window size. 3201 6.3 Path MTU Discovery 3203 RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender 3204 maintains an estimate of the maximum transmission unit (MTU) along a 3205 given Internet path and refrains from sending datagrams along that 3206 path which exceed the MTU, other than occasional attempts to probe for 3207 a change in the path MTU. RFC 1191 is thorough in its discussion of 3208 the MTU discovery mechanism and strategies for determining the current 3209 end-to-end MTU setting as well as detecting changes in this value. 3210 RFC 1981 [12] discusses applying the same mechanisms for IPv6. 3212 An SCTP sender SHOULD apply these techniques, and SHOULD do so on a 3213 per-destination-address basis. 3215 There are 4 ways in which SCTP differs from the description in RFC 1191 3216 of applying MTU discovery to TCP: 3218 1) SCTP associations can span multiple set of addresses. 3219 Per the above comment, an SCTP sender MUST maintain separate 3220 MTU estimates for each destination address of its peer. 3222 2) Elsewhere in this document, when the term "MTU" is discussed, 3223 it refers to the MTU associated with the destination address 3224 corresponding to the context of the discussion. 3226 3) Unlike TCP, SCTP does not have a notion of "Maximum Segment 3227 Size". Accordingly, the MTU for each destination address 3228 SHOULD be initialized to a value no larger than the link MTU 3229 for the local interface to which datagrams for that remote 3230 destination address will be routed. 3232 4) Since data transmission in SCTP is naturally structured in 3233 terms of TSNs rather than bytes (as is the case for TCP), the 3234 discussion in section 6.5 of RFC 1191 applies: when retransmitting 3235 a datagram to a remote address for which the datagram appears 3236 too large for the path MTU to that address, the datagram SHOULD 3237 be retransmitted without the DF bit set, allowing it to possibly 3238 be fragmented. Transmissions of new datagrams MUST have DF set. 3240 Other than these differences, the discussion of TCP's use of MTU 3241 discovery in RFCs 1191 and 1981 applies to SCTP, too, on a 3242 per-destination-address basis. 3244 Stewart, et al [Page 62] 3245 7. Fault Management 3247 7.1 Endpoint Failure Detection 3249 The data sender shall keep a counter on the total number of 3250 consecutive retransmissions to its peer (including retransmissions to 3251 ALL the destination transport addresses of the peer if it is 3252 multi-homed). 3253 If the value of this counter exceeds the limit indicated in the 3254 protocol parameter 'Association.Max.Retrans', the data sender shall 3255 consider the peer endpoint unreachable and shall stop transmitting any 3256 more data to it (and thus the association enters the CLOSED state). In 3257 addition, the data sender shall report the failure to the upper layer, 3258 and optionally report back all outstanding user data remaining in its 3259 outbound queue. The association is automatically terminated when the 3260 peer endpoint becomes unreachable. 3262 The counter shall be reset each time a datagram sent to that 3263 destination address is acknowledged by the peer endpoint, or 3264 a HEARTBEAT-ACK is received from the peer endpoint. 3266 7.2 Path Failure Detection 3268 When the remote endpoint is multi-homed, the data sender should keep a 3269 'retrans.count' counter for each of the destination transport 3270 addresses of the remote endpoint. 3272 Each time the T3-rxt timer on any address, or when a HEARTBEAT sent to 3273 an idle address is not acknowledged, the 'retrans.count' counter of 3274 that destination address will be incremented. When the value in 3275 'retrans.count' exceeds the protocol parameter 'Path.Max.Retrans' of 3276 that destination address, the data sender should mark the destination 3277 transport address as inactive, and a notification SHOULD be sent to 3278 the upper layer. 3280 When an outstanding TSN is acknowledged or a HEARTBEAT sent to that 3281 address is acknowledged with a HEARTBEAT-ACK, the data sender shall 3282 clear the 'retrans.count' counter of the destination transport address 3283 to which the datagram was last sent (or HEARTBEAT was sent). Note, 3284 when the data receiver is multi-homed and the last sent was a 3285 retransmission to an alternate address of the receiver, there exists 3286 an ambiguity as to whether or not the acknowledgment should be 3287 credited to the address of the last sent. However, this ambiguity does 3288 not seem to bear any significant consequence to SCTP behavior. If this 3289 ambiguity is undesirable, the data sender may choose not to clear the 3290 'retrans.count' counter if the last sent was a retransmission. 3292 Note, when configuring the SCTP endpoint, the user should avoid 3293 having the value of 'Association.Max.Retrans' larger than the 3294 summation of the 'Path.Max.Retrans' of all the destination addresses 3295 for the remote endpoint. Otherwise, all the destination addresses may 3296 become inactive while the endpoint still considers the peer endpoint 3297 reachable. When this condition occurs, how the SCTP chooses to function 3298 is implementation specific. 3300 Stewart, et al [Page 63] 3301 Note, when the primary destination address is marked inactive (due to 3302 excessive retransmissions, for instance), the sender MAY automatically 3303 transmit new datagrams to an alternate destination address if one 3304 exists and is active. This is, however, an implementation option. 3306 7.3 Path Heartbeat 3308 By default, an SCTP endpoint shall monitor the reachability of the 3309 idle destination transport address(es) of its peer by sending 3310 HEARTBEAT messages periodically to the destination transport 3311 address(es). 3313 A destination transport address is considered "idle" if no new chunk 3314 which can be used for updating path RTT (usually including first 3315 transmission DATA, INIT, COOKIE, etc.) and no heartbeat has been sent 3316 to it within the current heartbeat period of that address. This 3317 applies to both active and inactive destination addresses. 3319 The upper layer can optionally initiate the following functions: 3321 A) disable heart beat on a specific destination transport address of a 3322 given association, 3323 B) re-enable heart beat on a specific destination transport address of 3324 a given association, and, 3325 C) request an on-demand heartbeat on a specific destination transport 3326 address of a given association. 3328 The endpoint should increment the respective 'retrans.count' counter 3329 of the destination transport address each time a HEARTBEAT is sent to 3330 that address. 3332 When the value of this counter reaches the protocol parameter 3333 'Path.Max.Retrans', the endpoint should mark the corresponding 3334 destination address as inactive if it is not so marked, and may also 3335 optionally report to the upper layer the change of reachability of 3336 this destination address. After this, the endpoint should continue 3337 heartbeat on this destination address but should stop increasing the 3338 counter. 3340 The sender of the HEARTBEAT message should include in the Heartbeat 3341 Information field of the message the current time when the message is 3342 sent out and the information on the destination address to which the 3343 message is sent. 3345 The receiver of the HEARTBEAT should immediately respond with a 3346 HEARTBEAT ACK that contains the Heartbeat Information field copied out 3347 from the received HEARTBEAT message. 3349 Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT 3350 should clear the 'retrans.count' counter of the destination transport 3351 address to which the HEARTBEAT was sent, and mark the destination 3352 transport address as active if it is not so marked. The endpoint may 3353 optionally report to the upper layer when an inactive destination 3354 address is marked as active due to the reception of the latest 3355 HEARTBEAT ACK. 3357 Stewart, et al [Page 64] 3358 The receiver of the HEARTBEAT ACK should also perform an RTT 3359 measurement for that destination transport address using the time 3360 value carried in the HEARTBEAT ACK message. 3362 On an idle destination address that is allowed to heartbeat, HEARTBEAT 3363 messages is RECOMMENDED to be sent once per RTO of that destination 3364 address, with jittering of +/- 50%, and exponential back-off if the 3365 previous HEARTBEAT is unanswered. 3367 A primitive is provided for the SCTP user to change the heart 3368 beat interval and turn on or off the heart beat on a given destination 3369 address. Note, the heartbeat interval set by the SCTP user on any of 3370 the idle destination addresses SHOULD be no smaller than the RTO of 3371 that destination address. Separate timers may be used to control the 3372 heartbeat transmission for different idle destination addresses. 3374 7.4 Handle "Out of the blue" Packets 3376 An SCTP datagram is called an "out of the blue" (OOTB) datagram if it 3377 is correctly formed, i.e., passed the receiver's Adler-32 check (see 3378 Section 5.8), but the receiver is not able to identify the association 3379 to which this datagram belongs. 3381 The receiver of an OOTB datagram MUST do the following: 3383 1) check if the OOTB datagram contains an ABORT chunk. If so, the 3384 receiver MUST silently discarded the OOTB datagram and take no 3385 further action. Otherwise, 3387 2) the receiver should respond the sender of the OOTB datagram with an 3388 ABORT. When sending the ABORT, the receiver of the OOTB datagram 3389 MUST fill in the Verification Tag field of the outbound datagram 3390 with the value found in the Verification Tag field of the OOTB 3391 datagram. After sending this ABORT, the receiver of the OOTB 3392 datagram shall discard the OOTB datagram and take no further 3393 action. 3395 7.5 Verification Tag 3397 The Verification Tag rules defined in this section apply when sending 3398 or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN 3399 ACK, or ABORT chunk. The rules for sending and receiving SCTP 3400 datagrams containing one of these chunk types are discussed separately 3401 in Section 7.5.1. 3403 When sending an SCTP datagram, the sender MUST fill in the 3404 Verification Tag field of the outbound datagram with the tag value of 3405 the peer endpoint to which this SCTP datagram is destined. 3407 When receiving an SCTP datagram, the receiver MUST ensure that the 3408 value in the Verification Tag field of the received SCTP datagram 3409 matches its own Tag. If the received tag value does not match the 3410 receiver's own tag value, the receiver shall silently discard the 3411 datagram and shall not process it any further. 3413 Stewart, et al [Page 65] 3414 7.5.1 Exceptions in Verification Tag Rules 3416 A) Rules for datagram carrying INIT: 3418 - The sender MUST set the Verification Tag of the datagram to 0. 3419 - The receiver, when noticing an incoming SCTP datagram with the 3420 Verification Tag set to 0, should continue to process the datagram 3421 only if an INIT chunk is present. Otherwise, the receiver MUST 3422 silently discard the datagram and take no further action. 3424 B) Rules for datagram carrying ABORT: 3426 - The sender shall always fill in the Verification Tag field of the 3427 outbound datagram with the destination endpoint's tag value if it 3428 is known. 3429 - If the ABORT is sent in response to an OOTB datagram, the sender 3430 MUST follow the procedure described in Section 7.4. 3431 - The receiver MUST accept the datagram IF the Verification Tag 3432 matches either its own tag, OR the tag of its peer. Otherwise, the 3433 receiver MUST silently discard the datagram and take no further 3434 action. 3436 C) Rules for datagram carrying SHUTDOWN ACK: 3438 - When sending a SHUTDOWN ACK, the sender is allowed to either use 3439 the destination endpoint's tag or set the Verification Tag field 3440 of the outbound datagram to 0. 3441 - The receiver of a SHUTDOWN ACK shall accept the datagram IF the 3442 Verification Tag field of the datagram matches its own tag OR is 3443 set to 0. Otherwise, the receiver MUST silently discard the 3444 datagram and take no further action. NOTE: the receiver of the 3445 SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN 3446 SENT state. 3448 8. Termination of Association 3450 All existing associations should be terminated when an endpoint exits 3451 from service. An association can be terminated by either close or 3452 shutdown. 3454 8.1 Close of an Association 3456 When an endpoint decides to close down an existing association, it 3457 shall send an ABORT message to its peer endpoint. The sender MUST fill 3458 in the peer's Verification Tag in the outbound datagram and MUST NOT 3459 bundle any DATA chunk with the ABORT. 3461 No acknowledgment is required for an ABORT message. In any 3462 circumstances, an endpoint MUST NOT respond to any received datagram 3463 that contains an ABORT with its own ABORT (also see Section 7.4). 3465 The receiver shall apply the special Verification Tag check rules 3466 described in Section 7.5.1 when handling the datagram carrying an 3467 ABORT. 3469 Stewart, et al [Page 66] 3470 After checking the Verification Tag, the peer shall remove the 3471 association from its record, and shall report the termination to its 3472 upper layer. 3474 8.2 Shutdown of an Association 3476 Using the TERMINATE primitive (see Section 9.1), the upper layer of an 3477 endpoint in an association can gracefully shutdown the association. 3478 This will guarantee that all outstanding datagrams from the peer of 3479 the shutdown initiator be delivered before the association 3480 terminates. 3482 Upon receipt of the TERMINATE primitive from its upper layer, the 3483 initiator endpoint enters SHUTDOWN-PENDING state and remains there 3484 until all outstanding TSNs have been acknowledged by the far end. It 3485 accepts no new data from its upper layer, but retransmits data to the 3486 far end if necessary to fill gaps. 3488 Once all outstanding TSNs have been acknowledged, the initiator 3489 endpoint shall send a SHUTDOWN message to the peer of the association, 3490 and shall include the last cumulative TSN it has received from the 3491 peer in the 'Cumulative TSN ACK' field. It shall then start the 3492 T2-shutdown timer and enter the Shutdown-sent state. If the timer 3493 expires, the initiator must re-send the SHUTDOWN with the updated last 3494 TSN received from its peer. 3496 The same rules in 5.3 SHALL be followed to determine the proper timer 3497 value for T2-shutdown. The sender of the SHUTDOWN message may also 3498 optionally include a SACK to indicate any gaps by bundling both the 3499 SACK and SHUTDOWN message together. 3501 Note the sender of a shutdown should limit the number of 3502 retransmissions of the shutdown message to the protocol parameter 3503 'Association.Max.Retrans'. If this threshold is exceeded the endpoint 3504 should destroy the TCB and may report the endpoint unreachable to the 3505 upper layer (and thus the association enters the CLOSED state). 3507 Upon the reception of the SHUTDOWN, the peer shall enter the 3508 Shutdown-received state, and shall verify, by checking the TSN ACK 3509 field of the message, that all its outstanding datagrams have been 3510 received by the initiator. 3512 If there are still outstanding datagrams left, the peer shall mark 3513 them for retransmission and start the retransmit procedure as defined 3514 in Section 5.3. 3516 While in Shutdown-sent state, the initiator shall immediately respond 3517 to each inbound SCTP datagram containing user data from the peer with 3518 a SACK and restart the T2-shutdown timer. 3520 If there is no more outstanding datagrams, the peer shall send a 3521 SHUTDOWN ACK and then remove all record of the association. 3523 Stewart, et al [Page 67] 3524 Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the 3525 T2-shutdown timer and remove all record of the association. 3527 Note: that it should be the responsibility of the initiator to assure 3528 that all the outstanding datagrams on its side have been resolved 3529 before it initiates the shutdown procedure. 3531 Note: an endpoint shall reject any new data request from its upper 3532 layer if it is in Shutdown-sent or Shutdown-received state until 3533 completion of the sequence. 3535 Note: if an endpoint is in Shutdown-sent state and receives an INIT 3536 message from its peer, it should discard the INIT message and 3537 retransmit the shutdown message. The sender of the INIT should respond 3538 with a stand-alone SHUTDOWN ACK in an SCTP datagram with the 3539 Verification Tag field of its common header set to 0, and let the 3540 normal T1-init timer cause the INIT message to be retransmitted and 3541 thus restart the association. 3543 Note: if an endpoint is in Shutdown-sent state and receives a 3544 SHUTDOWN message from its peer, the endpoint shall respond 3545 immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer 3546 and remove all record of the association. 3548 9. Interface with Upper Layer 3550 The Upper Layer Protocols (ULP) shall request for services by passing 3551 primitives to SCTP and shall receive notifications from SCTP for 3552 various events. 3554 The primitives and notifications described in this section should be 3555 used as a guideline for implementing SCTP. The following functional 3556 description of ULP interface primitives is shown for illustrative 3557 purposes. We must warn readers that different SCTP implementations may 3558 have different ULP interfaces. However, all SCTPs must provide a 3559 certain minimum set of services to guarantee that all SCTP 3560 implementations can support the same protocol hierarchy. 3562 9.1 ULP-to-SCTP 3564 The following sections functionally characterize a ULP/SCTP interface. 3565 The notation used is similar to most procedure or function calls in 3566 high level languages. 3568 The ULP primitives described below specify the basic functions the 3569 SCTP must perform to support inter-process communication. Individual 3570 implementations must define their own exact format, and may provide 3571 combinations or subsets of the basic functions in single calls. 3573 A) Initialize 3575 Format: INITIALIZE ([local port], [local eligible address]) 3576 -> local SCTP instance name 3578 Stewart, et al [Page 68] 3579 This primitive allows SCTP to initialize its internal data structures 3580 and allocate necessary resources for setting up its operation 3581 environment. Note that once SCTP is initialized, ULP can communicate 3582 directly with other endpoints without re-invoking this primitive. 3584 A local SCTP instance name will be returned to the ULP by the SCTP. 3586 Mandatory attributes: 3588 None. 3590 Optional attributes: 3592 The following types of attributes may be passed along with the 3593 primitive: 3595 o local port - SCTP port number, if ULP wants it to be specified; 3597 o local eligible address - A single address that the local SCTP 3598 endpoint should bind. By default all transport interface cards 3599 should be used by the local endpoint. 3601 IMPLEMENTATION NOTE: if this optional attribute is supported by an 3602 implementation, it will be the responsibility of the implementation 3603 to enforce that the IP source address field of any SCTP datagrams 3604 sent out by this endpoint MUST contain the IP addresses 3605 indicated in the local eligible address. 3607 B) Associate 3609 Format: ASSOCIATE(local SCTP instance name, destination transport 3610 addr, outbound stream count) 3611 -> association id [,destination transport addr list] [,outbound stream 3612 count] 3614 This primitive allows the upper layer to initiate an association to a 3615 specific peer endpoint. 3617 The peer endpoint shall be specified by one of the transport addresses 3618 which defines the endpoint (see section 1.4). If the local SCTP 3619 instance has not been initialized, the ASSOCIATE is considered an 3620 error. 3622 An association id, which is a local handle to the SCTP association, 3623 will be returned on successful establishment of the association. If 3624 SCTP is not able to open an SCTP association with the peer endpoint, 3625 an error is returned. 3627 Stewart, et al [Page 69] 3628 Other association parameters may be returned, including the complete 3629 destination transport addresses of the peer as well as the outbound 3630 stream count of the local endpoint. One of the transport address from 3631 the returned destination addresses will be selected by the local 3632 endpoint as default primary destination address for sending SCTP 3633 datagrams to this peer. The returned "destination transport addr 3634 list" can be used by the ULP to change the default primary destination 3635 address or to force sending a datagram to a specific transport address. 3637 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 3638 blocking function call, the ASSOCIATE primitive can return 3639 association parameters in addition to the association id upon 3640 successful establishment. If ASSOCIATE primitive is implemented as a 3641 non-blocking call, only the association id shall be returned and 3642 association parameters shall be passed using the COMMUNICATION UP 3643 notification. 3645 Mandatory attributes: 3647 o local SCTP instance name - obtained from the INITIALIZE operation. 3649 o destination transport addr - specified as one of the transport 3650 addresses of the peer endpoint with which the association is to be 3651 established. 3653 o outbound stream count - the number of outbound streams the ULP 3654 would like to open towards this peer endpoint. 3656 Optional attributes: 3658 None. 3660 C) Terminate 3662 Format: TERMINATE(association id) 3663 -> result 3665 Gracefully terminates an association. Any locally queued user data 3666 will be delivered to the peer. The association will be terminated only 3667 after the peer acknowledges all the messages sent. A success code 3668 will be returned on successful termination of the association. If 3669 attempting to terminate the association results in a failure, an error 3670 code shall be returned. 3672 Mandatory attributes: 3674 o association id - local handle to the SCTP association 3676 Optional attributes: 3678 None. 3680 Stewart, et al [Page 70] 3681 D) Abort 3683 Format: ABORT(association id [, cause code]) 3684 -> result 3686 Ungracefully terminates an association. Any locally queued user data 3687 will be discarded and an ABORT message is sent to the peer. A success 3688 code will be returned on successful abortion of the association. If 3689 attempting to abort the association results in a failure, an error 3690 code shall be returned. 3692 Note: If possible the SCTP should attempt to return all un-acknowledged 3693 data to the upper layer, however this behavior is implementation 3694 dependent. 3696 Mandatory attributes: 3698 o association id - local handle to the SCTP association 3700 Optional attributes: 3702 o cause code - reason of the abort to be passed to the peer. 3704 None. 3706 E) Send 3708 Format: SEND(association id, buffer address, byte count [,context] 3709 [,stream id] [,life time] [,destination transport address] [,un-order 3710 flag] [,no-bundle flag]) 3711 -> result 3713 This is the main method to send user data via SCTP. 3715 Mandatory attributes: 3717 o association id - local handle to the SCTP association 3719 o buffer address - the location where the user message to be 3720 transmitted is stored; 3722 o byte count - The size of the user data in number of octets; 3724 Optional attributes: 3726 o context - optional information that will be carried in the 3727 sending failure notification to the ULP if the transportation of 3728 this datagram fails. 3730 o stream id - to indicate which stream to send the data on. If not 3731 specified, stream 0 will be used. 3733 Stewart, et al [Page 71] 3734 o life time - specifies the life time of the user data. The user data 3735 will not be sent by SCTP after the life time expires. This 3736 parameter can be used to avoid efforts to transmit stale 3737 user messages. SCTP notifies the ULP, if the data cannot be 3738 initiated to transport (i.e. sent to the destination via SCTP's 3739 send primitive) within the life time variable. However, the 3740 user data will be transmitted if a TSN has been assigned to the 3741 user data before the life time expired. 3743 o destination transport address - specified as one of the destination 3744 transport addresses of the peer endpoint to which this message 3745 should be sent. Whenever possible, SCTP should use this destination 3746 transport address for sending the datagram, instead of the current 3747 primary destination transport address. 3749 o un-order flag - this flag, if present, indicates that the user 3750 would like the data delivered in an un-ordered fashion to the peer. 3752 o no-bundle flag - instructs SCTP not to bundle the user data with 3753 other outbound DATA chunks. Note: SCTP may still bundle even when 3754 this flag is present, when faced with network congestion. 3756 F) Set Primary 3758 Format: SETPRIMARY(association id, destination transport address) 3759 -> result 3761 Instructs the local SCTP to use the specified destination transport 3762 address as primary destination address for sending datagrams. 3764 The result of attempting this operation shall be returned. If the 3765 specified destination transport address is not present in the 3766 "destination transport address list" returned earlier in an associate 3767 command or communication up notification, an error shall be returned. 3769 Mandatory attributes: 3771 o association id - local handle to the SCTP association 3773 o destination transport address - specified as one of the transport 3774 addresses of the peer endpoint, which should be used as primary 3775 address for sending datagrams. This overrides the current primary 3776 address information maintained by the local SCTP endpoint. 3778 Stewart, et al [Page 72] 3779 G) Receive 3781 Format: RECEIVE(association id, buffer address, buffer size 3782 [,stream id]) 3783 -> byte count [,transport address] [,stream id] [,stream sequence number] 3784 [,partial flag] [, delivery number] 3786 This primitive shall read the first user message in the SCTP in-queue 3787 to ULP, if there is one available, into the specified buffer. The size 3788 of the message read, in octets, will be returned. It may, depending on 3789 the specific implementation, also return other information such as the 3790 sender's address, the stream id on which it is received, whether there 3791 are more messages available for retrieval, etc. For ordered messages, 3792 their stream sequence number may also be returned. 3794 Depending upon the implementation, if this primitive is invoked when 3795 no message is available the implementation should return an indication 3796 of this condition or should block the invoking process until data does 3797 become available. 3799 Mandatory attributes: 3801 o association id - local handle to the SCTP association 3803 o buffer address - the memory location indicated by the ULP to store 3804 the received message. 3806 o buffer size - the maximum size of data to be received, in octets. 3808 Optional attributes: 3810 o stream id - to indicate which stream to receive the data on. 3812 o stream sequence number - the stream sequence number assigned by the 3813 sending SCTP peer. 3815 o partial flag - if this returned flag is set to 1, then this 3816 message is a partial delivery of the whole message. When 3817 this flag is set, the stream id and stream sequence number MUST 3818 accompany this receive. When this flag is set to 0, it indicates 3819 that no more deliveries will be received for this stream sequence 3820 number. 3822 Stewart, et al [Page 73] 3823 H) Status 3825 Format: STATUS(association id) 3826 -> status data 3828 This primitive should return a data block containing the following 3829 information: 3830 association connection state, 3831 destination transport address list, 3832 destination transport address reachability state, 3833 current receiver window size, 3834 current congestion window sizes, 3835 number of DATA chunks awaiting acknowledgment, 3836 number of DATA chunks pending receipt, 3837 primary destination transport address, 3838 SRTT on primary destination address, 3839 RTO on primary destination address, 3840 SRTT and RTO on other destination addresses, etc. 3842 Mandatory attributes: 3844 o association id - local handle to the SCTP association 3846 Optional attributes: 3848 None. 3850 I) Change Heartbeat 3852 Format: CHANGEHEARTBEAT(association id, destination transport address, 3853 new state [,interval]) 3854 -> result 3856 Instructs the local endpoint to enable or disable heart beat on the 3857 specified destination transport address. 3859 The result of attempting this operation shall be returned. 3860 Note, even when enabled, heart beat will not take place if the 3861 destination transport address is not idle. 3863 Mandatory attributes: 3865 o association id - local handle to the SCTP association 3867 o destination transport address - specified as one of the transport 3868 addresses of the peer endpoint. 3870 o new state - the new state of heart beat for this destination 3871 transport address (either enabled or disabled). 3873 Optional attributes: 3875 o interval - if present, indicates the frequency of the heart beat if 3876 this is to enable heart beat on a destination transport 3877 address. Default interval is the RTO of the destination address. 3879 Stewart, et al [Page 74] 3880 J) Request HeartBeat 3882 Format: REQUESTHEARTBEAT(association id, destination transport 3883 address) 3884 -> result 3886 Instructs the local endpoint to perform a HeartBeat on the specified 3887 destination transport address of the given association. The returned 3888 result should indicate whether the transmission of the HEARTBEAT 3889 message to the destination address is successful. 3891 Mandatory attributes: 3893 o association id - local handle to the SCTP association 3895 o destination transport address - the transport address of the 3896 association on which a heartbeat should be issued. 3898 K) Get SRTT Report 3900 Format: GETSRTTREPORT(association id, destination transport address) 3901 -> srtt result 3903 Instructs the local SCTP to report the current SRTT measurement on the 3904 specified destination transport address of the given association. The 3905 returned result can be an integer containing the most recent SRTT in 3906 milliseconds. 3908 Mandatory attributes: 3910 o association id - local handle to the SCTP association 3912 o destination transport address - the transport address of the 3913 association on which the SRTT measurement is to be reported. 3915 L) Set Failure Threshold 3917 Format: SETFAILURETHRESHOLD(association id, destination transport 3918 address, failure threshold) 3919 -> result 3921 This primitive allows the local SCTP to customize the reachability 3922 failure detection threshold 'Path.Max.Retrans' for the specified 3923 destination address. 3925 Mandatory attributes: 3927 o association id - local handle to the SCTP association 3929 o destination transport address - the transport address of the 3930 association on which the failure detection threshold is to be set. 3932 o failure threshold - the new value of 'Path.Max.Retrans' for the 3933 destination address. 3935 Stewart, et al [Page 75] 3936 M) Set Protocol Parameters 3938 Format: SETPROTOCOLPARAMETERS(association id, [,destination transport 3939 address,] protocol parameter list) 3940 -> result 3942 This primitive allows the local SCTP to customize the protocol 3943 parameters. 3945 Mandatory attributes: 3947 o association id - local handle to the SCTP association 3949 o protocol parameter list - The specific names and values of the 3950 protocol parameters (e.g., Association.Max.Retrans [see Section 3951 13]) that the SCTP user wishes to customize. 3953 Optional attributes: 3955 o destination transport address - some of the protocol parameters may 3956 be set on a per destination transport address basis. 3958 9.2 SCTP-to-ULP 3960 It is assumed that the operating system or application environment 3961 provides a means for the SCTP to asynchronously signal the ULP 3962 process. When SCTP does signal an ULP process, certain information is 3963 passed to the ULP. 3965 IMPLEMENTATION NOTE: in some cases this may be done through a 3966 seperate socket or error channel. 3968 A) DATA ARRIVE notification 3970 SCTP shall invoke this notification on the ULP when a user message is 3971 successfully received and ready for retrieval. 3973 The following may be optionally be passed with the notification: 3975 o association id - local handle to the SCTP association 3977 o stream id - to indicate which stream the data is received on. 3979 Stewart, et al [Page 76] 3980 B) SEND FAILURE notification 3982 If a message can not be delivered SCTP shall invoke this notification 3983 on the ULP. 3985 The following may be optionally be passed with the notification: 3987 o association id - local handle to the SCTP association 3989 o data - the location ULP can find the un-delivered message. 3991 o cause code - indicating the reason of the failure, e.g., size too 3992 large, message life-time expiration, etc. 3994 o context - optional information associated with this message (see 3995 D in section 9.1). 3997 C) NETWORK STATUS CHANGE notification 3999 When a destination transport address is marked down (e.g., when SCTP 4000 detects a failure), or marked up (e.g., when SCTP detects a recovery), 4001 SCTP shall invoke this notification on the ULP. 4003 The following shall be passed with the notification: 4005 o association id - local handle to the SCTP association 4007 o destination transport address - This indicates the destination 4008 transport address of the peer endpoint affected by the change; 4010 o new-status - This indicates the new status. 4012 D) COMMUNICATION UP notification 4014 This notification is used when SCTP becomes ready to send or receive 4015 user messages, or when a lost communication to an endpoint is 4016 restored. 4018 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 4019 blocking function call, the association parameters are returned as a 4020 result of the ASSOCIATE primitive itself. In that case, 4021 COMMUNICATION UP notification is optional at the association 4022 initiator's side. 4024 The following shall be passed with the notification: 4026 o association id - local handle to the SCTP association 4028 o status - This indicates what type of event that has occurred 4030 o destination transport address list - the complete set of transport 4031 addresses of the peer 4033 Stewart, et al [Page 77] 4034 o outbound stream count - the maximum number of streams allowed to be 4035 used in this association by the ULP 4037 o inbound stream count - the number of streams the peer endpoint 4038 has requested with this association (this may not be the same 4039 number has 'outbound stream count'). 4041 E) COMMUNICATION LOST notification 4043 When SCTP loses communication to an endpoint completely or detects 4044 that the endpoint has performed an abort or graceful shutdown 4045 operation, it shall invoke this notification on the ULP. 4047 The following shall be passed with the notification: 4049 o association id - local handle to the SCTP association 4051 o status - This indicates what type of event that has occurred; 4053 The following may be optionally passed with the notification: 4055 o unsent-messages - The number and location of un-sent messages 4056 still in hold by SCTP; 4058 o unacknowledged-messages - The number and location of messages 4059 that were attempted to be transported to the destination, but were 4060 not acknowledged when the loss of communication was detected. 4062 o last-acked - the sequence number last acked by that peer endpoint; 4064 o last-sent - the sequence number last sent to that peer endpoint; 4066 o received-but-not-delivered - messages that were received by SCTP 4067 but not yet delivered to the ULP. 4069 Note: the un-send data report may not be accurate for those user 4070 messages which are segmented by SCTP during transmission. 4072 F) COMMUNICATION ERROR notification 4074 When SCTP receives an ERROR chunk from its peer and decides to notify 4075 its ULP, it can invoke this notification on the ULP. 4077 The following can be passed with the notification: 4079 o association id - local handle to the SCTP association 4081 o error info - this indicates the type of error and optionally some 4082 additional information received through the ERROR chunk. 4084 Stewart, et al [Page 78] 4085 10. Security Considerations 4087 10.1 Security Objectives 4089 As a common transport protocol designed to reliably carry time- 4090 sensitive user messages, such as billing or signaling messages for 4091 telephony services, between two networked endpoints, SCTP has the 4092 following security objectives. 4094 - availability of reliable and timely data transport services 4095 - integrity of the user-to-user information carried by SCTP 4097 10.2 SCTP Responses To Potential Threats 4099 It is clear that SCTP may potentially be used in a wide variety of 4100 risk situations. It is important for operator(s) of the systems 4101 concerned to analyze their particular situations and decide on the 4102 appropriate counter-measures. 4104 Where the SCTP system serves a group of users, it is probably 4105 operating as part of a professionally managed corporate or service 4106 provider network. It is reasonable to expect that this management 4107 includes an appropriate security policy framework. [RFC 2196, "Site 4108 Security Handbook", B. Fraser Ed., September 1997] should be 4109 consulted for guidance. 4111 The case is more difficult where the SCTP system is operated by a 4112 private user. The service provider with whom that user has a 4113 contractual arrangement SHOULD provide help to ensure that the 4114 user's site is secure, ranging from advice on configuration through 4115 downloaded scripts and security software. 4117 10.2.1 Countering Insider Attacks 4119 The principles of the Site Security Handbook [13] should be applied 4120 to minimize the risk of theft of information or sabotage by 4121 insiders. These include publication of security policies, control 4122 of access at the physical, software, and network levels, and 4123 separation of services. 4125 10.2.2 Protecting against Data Corruption in the Network 4127 Where the risk of undetected errors in datagrams delivered by the 4128 lower layer transport services is considered to be too great, 4129 additional checksum protection may be required. The question is 4130 whether this is appropriately provided as an SCTP service because it 4131 is needed by most potential users of SCTP, or whether instead it 4132 should be provided by the SCTP user application. (The SCTP protocol 4133 overhead, as opposed to the signaling payload, is protected 4134 adequately by the Adler-32 checksum and measures taken in SCTP to prevent 4135 replay attacks and masquerade.) In any event, the checksum must be 4136 specifically designed to ensure that it detects the errors left 4137 behind by the Adler-32 checksum. 4139 Stewart, et al [Page 79] 4140 10.2.3 Protecting Confidentiality 4142 In most cases, the risk of breach of confidentiality applies to the 4143 signaling data payload, not to the SCTP or lower-layer protocol 4144 overheads. If that is true, encryption of the SCTP user data only 4145 may be considered. As with the supplementary checksum service, user 4146 data encryption may be performed by the SCTP user application. 4148 Particularly for mobile users, the requirement for confidentiality 4149 may include the masking of IP addresses and ports. In this case 4150 IPSEC ESP should be used instead of application-level encryption. 4151 Similarly, where other reasons prompt the use of the IPSEC ESP 4152 service, application-level encryption is unnecessary. It will be up 4153 to the SCTP system operators to configure the application 4154 appropriately. 4156 Regardless of which level performs the encryption, the IPSEC ISAKMP 4157 service should be used for key management. 4159 Operators should consult [RFC 2401, "Security Architecture for the 4160 Internet Protocol", S. Kent, R. Atkinson, November 1998] for 4161 information on the configuration of IPSEC services between hosts 4162 with and without intervening firewalls. 4164 10.2.4 Protecting against Blind Denial of Service Attacks 4166 A blind attack is one where the attacker is unable to intercept or 4167 otherwise see the content of data flows passing to and from the 4168 target SCTP node where it is not a party to the association. Blind 4169 denial of service attacks may take the form of flooding, masquerade, 4170 or improper monopolization of services. 4172 10.2.4.1 Flooding 4174 The objective of flooding is to cause loss of service and incorrect 4175 behavior at target systems through resource exhaustion, interference 4176 with legitimate transactions, and exploitation of buffer-related 4177 software bugs. Flooding may be directed either at the SCTP node or at 4178 resources in the intervening IP Access Links or the Internetwork. 4179 Where the latter entities are the target, flooding will manifest 4180 itself as loss of network services, including potentially the breach 4181 of any firewalls in place. 4183 In general, protection against flooding begins at the equipment 4184 design level, where it includes measures such as: 4186 - avoiding commitment of limited resources before determining that 4187 the request for service is legitimate 4188 - giving priority to completion of processing in progress over the 4189 acceptance of new work 4190 - identification and removal of duplicate or stale queued requests 4191 for service. 4193 Stewart, et al [Page 80] 4194 Network equipment should be capable of generating an alarm and log 4195 if a suspicious increase in traffic occurs. The log should provide 4196 information such as the identity of the incoming link and source 4197 address(es) used which will help the network or SCTP system operator 4198 to take protective measures. Procedures should be in place for the 4199 operator to act on such alarms if a clear pattern of abuse emerges. 4201 The design of SCTP is resistant to flooding attacks, particularly in 4202 its use of a four-way start-up handshake, its use of a cookie to 4203 defer commitment of resources at the responding SCTP node until the 4204 handshake is completed, and its use of a verification tag to prevent 4205 insertion of extraneous messages into the flow of an established 4206 association. 4208 10.2.4.2 Masquerade 4210 Masquerade can be used to deny service in several ways: 4212 - by tying up resources at the target SCTP node to which the 4213 impersonated node has limited access. For example, the target node 4214 may by policy permit a maximum of one SCTP association with the 4215 impersonated SCTP node. The masquerading attacker may attempt to 4216 establish an association purporting to come from the impersonated 4217 node so that the latter cannot do so when it requires it. 4218 - by deliberately allowing the impersonation to be detected, 4219 thereby provoking counter-measures which cause the impersonated node 4220 to be locked out of the target SCTP node. 4221 - by interfering with an established association by inserting 4222 extraneous content such as a SHUTDOWN request. 4224 SCTP prevents masquerade through IP spoofing by use of the four-way 4225 startup handshake. Because the initial exchange is memoryless, no 4226 lockout mechanism is triggered by masquerade attacks. SCTP protects 4227 against insertion of extraneous messages into the flow of an 4228 established association by use of the verification tag. 4230 Logging of received INIT requests and abnormalities such as 4231 unexpected INIT ACKs might be considered as a way to detect patterns 4232 of hostile activity. However, the potential usefulness of such 4233 logging must be weighed against the increased SCTP startup 4234 processing it implies, rendering the SCTP node more vulnerable to 4235 flooding attacks. Logging is pointless without the establishment of 4236 operating procedures to review and analyze the logs on a routine 4237 basis. 4239 10.2.4.3 Improper Monopolization of Services 4241 Attacks under this heading are performed openly and legitimately by 4242 the attacker. They are directed against fellow users of the target 4243 SCTP node or of the shared resources between the attacker and the 4244 target node. Possible attacks include the opening of a large number 4245 of associations between the attacker's node and the target, or 4246 transfer of large volumes of information within a legitimately- 4247 established association. 4249 Stewart, et al [Page 81] 4250 Such attacks take advantage of policy deficiencies at the target 4251 SCTP node. Defense begins with a contractual prohibition of 4252 behavior directed to denial of service to others. Policy limits 4253 should be placed on the number of associations per adjoining SCTP 4254 node. SCTP user applications should be capable of detecting large 4255 volumes of illegitimate or "no-op" messages within a given 4256 association and either logging or terminating the association as a 4257 result, based on local policy. 4259 10.3 Protection against Fraud and Repudiation 4261 The objective of fraud is to obtain services without authorization 4262 and specifically without paying for them. In order to achieve this 4263 objective, the attacker must induce the SCTP user application at the 4264 target SCTP node to provide the desired service while accepting 4265 invalid billing data or failing to collect it. Repudiation is a 4266 related problem, since it may occur as a deliberate act of fraud or 4267 simply because the repudiating party kept inadequate records of 4268 service received. 4270 Potential fraudulent attacks include interception and misuse of 4271 authorizing information such as credit card numbers, blind 4272 masquerade and replay, and man-in-the middle attacks which modify 4273 the messages passing through a target SCTP association in real time. 4275 The interception attack is countered by the confidentiality measures 4276 discussed in section 10.2.3 above. 4278 Section 10.2.4.2 describes how SCTP is resistant to blind masquerade 4279 attacks, as a result of the four-way startup handshake and the 4280 validation tag. The validation tag and TSN together are protections 4281 against blind replay attacks, where the replay is into an existing 4282 association. 4284 However, SCTP does not protect against man-in-the-middle attacks 4285 where the attacker is able to intercept and alter the messages sent 4286 and received in an association. Where a significant possibility of 4287 such attacks is seen to exist, or where possible repudiation is an 4288 issue, the use of the IPSEC AH service is recommended to ensure both 4289 the integrity and the authenticity of the messages passed. 4291 SCTP also provides no protection against attacks originating at or 4292 beyond the SCTP node and taking place within the context of an 4293 existing association. Prevention of such attacks should be covered 4294 by appropriate security policies at the host site, as discussed in 4295 section 10.2.1. 4297 Stewart, et al [Page 82] 4298 11. Recommended Transmission Control Block (TCB) Parameters 4300 This section details a recommended set of parameters that should 4301 be contained within the TCB for an implementation. This section is 4302 for illustrative purposes and should not be deemed has requirements 4303 on an implementation NOR as an exhaustive list of all parameters 4304 inside an SCTP TCB. Each implemenation may need its own additional 4305 parameters to optimize their implemenation. 4307 11.1 Parameters necessary for the SCTP instance 4309 Associations - A list of current associations and mappings to the 4310 data consumers for each association. This may be in 4311 the form of a hash table or other implementation dependent 4312 structure. The data consumers may be process identification 4313 information such as file descriptors, named pipe pointer, or 4314 table pointers dependent on how SCTP is implemented. 4316 Secret Key - A secret key used by this endpoint to sign all cookies. This 4317 SHOULD be a cryptographic quality random number with 4318 a sufficient length. Discussion in RFC 1750 [1] can be 4319 helpful in selection of the key. 4321 Address List - The list of IP addresses that this instance has bound. This 4322 information is passed to ones peer('s) in INIT and INIT-ACK 4323 messages. 4325 SCTP Port - The local SCTP port number the endpoint is bound to. 4327 11.2 Parameters necessary per association (i.e. the TCB) 4329 State - A state variable indicating what state the association is 4330 in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED, 4331 SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED. 4332 Note: No "CLOSED" state is illustrated since if a 4333 association is "CLOSED" its TCB SHOULD be removed. 4335 Peer Transport 4336 Address List - A list of SCTP transport addresses that the peer is 4337 bound to. This information is derived from the INIT or 4338 INIT-ACK and is used to associate an inbound datagram 4339 with a given association. Normally this information is 4340 hashed or keyed for quick lookup and access of the TCB. 4342 Primary 4343 Destination - This is the current primary destination transport 4344 address of the peer endpoint. 4346 Overall 4347 Error Count - The overall association error count. 4349 Overall Error 4350 Threshold - The threshold for this association that if the Overall 4351 Error Count reaches will cause this association to be 4352 torn down. 4354 Stewart, et al [Page 83] 4355 Per Transport 4356 Address Data - For each destination transport address in the peer's 4357 address list derived from the INIT or INIT ACK message, 4358 a number of data elements needs to be maintained 4359 including: 4360 - Error count - The current error count for this 4361 destination. 4362 - Error Threshold - Current error threshold for 4363 this destination i.e. what value 4364 marks the destination down if 4365 Error count reaches this value. 4366 - cwnd - The current congestion window. 4367 - ssthresh - The current ssthresh value. 4368 - RTO - The current retransmission timeout vaule. 4369 - SRTT - The current smoothed round trip time. 4370 - RTTVAR - The current RTT variation. 4371 - partial_bytes_acked - The tracking method for 4372 increase of cwnd when in 4373 congestion avoidance mode 4374 (see section 6.2.2) 4375 - state - The current state of this destionation, 4376 i.e. DOWN, UP, ALLOW-HB, NO-HEARTBEAT, 4377 etc. 4378 - P-MTU - The current known path MTU. 4379 - Per Destination Timer - A timer used by each 4380 destination. 4381 - RTO-Pending - A flag used to track if one of 4382 the datagrams sent to this address 4383 is currently being used to compute 4384 a RTT. If this flag is 0, the next 4385 datagram sent to this destination 4386 should be used to compute a RTT and 4387 this flag should be set. Every time 4388 the RTT calcualtion completes (i.e. 4389 the datagram is SACK'd) clear this 4390 flag. 4392 - last-timeused - The time this destination was 4393 last sent to. This can be used 4394 to determine if a HEARTBEAT is 4395 needed. 4397 Peer Verification 4398 Tag - Tag value to be sent in every datagram and is received 4399 in the INIT or INIT ACK message. 4401 My Verification 4402 Tag - Tag expected in every inbound datagram and sent in the 4403 INIT or INIT ACK message. 4405 Peer Rwnd - Current calculated value of the peer's rwnd. 4407 Next TSN - My next TSN number I will assign. This is sent in 4408 the INIT or INIT-ACK message to the peer and 4409 incremented each time a DATA chunk is assigned a 4410 TSN (normally just prior to transmit or during 4411 segmentation). 4413 Stewart, et al [Page 84] 4414 Last Rcvd TSN - This is the last TSN I received and is the 4415 current cumulative TSN point. This value is 4416 set initially by taking the peers initial TSN, 4417 received in the INIT or INIT-ACK message, and 4418 subtracting one from it. 4420 Mapping Array - An array of bits or bytes indicating which out of 4421 order TSN's have been received (relative to the 4422 cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist, 4423 i.e. no out of order messages have been received, 4424 this array will be set to all zero. This structure 4425 may be in the form of a circular buffer or bit array. 4427 Ack State - This flag indicates if the next received datagram 4428 is to be responded to with a SACK. This is initialized 4429 to 0, when a datagram is received it is incremented. 4430 If this value reaches 2, a SACK is sent and the value 4431 is reset to 0. Note: this is used only when no datagrams 4432 are received out of order, when DATA chunks are out 4433 of order SACK's are not delayed (see Section 5). 4435 Out Queue - A queue of outbound datagrams. 4437 In Queue - A queue of inbound datagrams. 4439 Reasm Queue - A re-assembly queue. 4441 Inbound 4442 Streams - An array of structures to track the inbound streams. 4443 Normally including the next sequence number expected 4444 and possibly the stream number. 4446 Outbound 4447 Streams - An array of structures to track the outbound streams. 4448 Normally including the next sequence number to 4449 be sent on the stream. 4451 Stewart, et al [Page 85] 4452 12. IANA Consideration 4454 This protocol will require port reservation like TCP for the use of 4455 "well known" servers within the Internet. It is suggested that all 4456 current TCP ports should be automatically reserved in the SCTP port 4457 address space. New requests should follow IANA's current mechanisms 4458 for TCP. 4460 This protocol may also be extended through IANA in three ways: 4461 -- through definition of additional chunk types, 4462 -- through definition of additional parameter types, or 4463 -- through definition of additional cause codes within Operation 4464 Error chunks 4466 In the case where a particular ULP using SCTP desires to have its own 4467 ports, the ULP should be responsible for registering with IANA for 4468 getting its ports assigned. 4470 12.1 IETF-defined Chunk Extension 4472 The appropriate use of specific chunk types is an integral part of the 4473 SCTP protocol. In consequence, the intention is that new IETF-defined 4474 chunk types MUST be supported by standards-track RFC documentation. 4475 As a transitional step, a new chunk type MAY be introduced in an 4476 Experimental RFC. Chunk type codes MUST remain permanently associated 4477 with the original documentation on the basis of which they were 4478 allocated. Thus if the RFC supporting a given chunk type is 4479 deprecated in favor of a new document, the corresponding chunk type 4480 code value is also deprecated and a new code value is allocated in 4481 association with the replacement document. 4483 The documentation for a new chunk code type must include the following 4484 information: 4485 (a) a long and short name for the new chunk type; 4486 (b) a detailed description of the structure of the chunk, which MUST 4487 conform to the basic structure defined in section 2.2; 4488 (c) a detailed definition and description of intended use of each field 4489 within the chunk, including the chunk flags if any; 4490 (d) a detailed procedural description of the use of the new chunk type 4491 within the operation of the protocol. 4493 If the primary numbering space reserved for IETF use (0x00 to 0xFD) is 4494 exhausted, new codes shall subsequently be allocated in the extension 4495 range 0x0000 through 0xFFFF. Chunks allocated in this range MUST 4496 conform to the following structure: 4498 Stewart, et al [Page 86] 4499 First word (32 bits): 4500 as shown in section 2.2, with chunk type code equal to 0xFF. 4502 Second word: 4503 first octet MUST be all 1's (0xFF). Next octet MUST be all 0's 4504 (0x00). Final two octets contain the allocated extension code value. 4506 0 1 2 3 4507 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 4508 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4509 |1 1 1 1 1 1 1 1|Chunk Flags | Chunk Length | 4510 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4511 |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | 4512 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4513 \ \ 4514 / Value / 4515 \ \ 4516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4518 12.2 IETF-defined Chunk Parameter Extension 4520 The allocation of a new chunk parameter type code from the IETF 4521 numbering space MUST be supported by RFC documentation. As with chunk 4522 type codes, parameter type codes are uniquely associated with their 4523 supporting document and MUST be replaced if new documentation is 4524 provided. This documentation may be Informational, Experimental, or 4525 standards-track at the discretion of the IESG. It MUST contain the 4526 following information: 4527 (a) Name of the parameter type. 4528 (b) Detailed description of the structure of the parameter field. This 4529 structure MUST conform to the general type-length-value format 4530 described in section 2.2.1. 4531 (c) Detailed definition of each component of the parameter value. 4532 (d) Detailed description of the intended use of this parameter type, 4533 and an indication of whether and under what circumstances 4534 multiple instances of this parameter type may be found within the 4535 same chunk. 4537 Additional parameter type codes may be allocated initially from the 4538 range 0x0000 through 0xFFFD. If this space is exhausted, extension 4539 codes shall be allocated in the range 0x0000 through 0xFFFF. Where an 4540 extension code has been allocated, the format of the parameter must 4541 conform to the following structure: 4543 Stewart, et al [Page 87] 4544 First word (32 bits): 4545 contains the parameter type code 0xFFFF and parameter length as 4546 described in section 2.2.1. 4548 Second word: 4549 first octet MUST be all 1's (0xFF). Next octet MUST be all 0's 4550 (0x00). Final two octets contain the allocated extension code 4551 value. 4553 The Value portion of the parameter, if any, follows the second word. 4555 0 1 2 3 4556 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 4557 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4558 |1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| Length | 4559 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4560 |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | 4561 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4562 \ \ 4563 / Value / 4564 \ \ 4565 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4567 12.3 IETF-defined Additional Error Causes 4569 Additional cause codes may be allocated in the range 0x0004 to 0xFFFF 4570 upon receipt of any permanently-available public documentation 4571 containing the following information: 4572 (a) Name of the error condition. 4573 (b) Detailed description of the conditions under which an SCTP 4574 endpoint should issue an Operation Error with this cause code. 4575 (c) Expected action by the SCTP endpoint which receives an Operation 4576 Error chunk containing this cause code. 4577 (d) Detailed description of the structure and content of data fields 4578 which accompany this cause code. 4580 The initial word (32 bits) of a cause code parameter MUST conform to 4581 the format shown in section 2.3.9, i.e.: 4582 -- first two octets contain the cause code value 4583 -- last two octets contain length of the cause parameter. 4585 12.4 Payload Protocol Identifiers 4587 Except for value 0x00000000 which is reserved by SCTP to indicate the 4588 absence of a payload protocol identifier in a DATA chunk, SCTP will 4589 not be responsible for standardizing or verifying any payload protocol 4590 identifiers; SCTP simply receives the identifier from the upper layer 4591 and carries it with the corresponding payload data. 4593 The upper layer, i.e, the SCTP user, SHOULD standardize any specific 4594 protocol identifier with IANA if it is so desired. The use of any 4595 specific payload protocol identifier is out of the scope of SCTP. 4597 Stewart, et al [Page 88] 4598 13. Suggested SCTP Protocol Parameter Values 4600 The following protocol parameters are RECOMMENDED: 4602 RTO.Initial - 3 seconds 4603 RTO.Min - 1 second 4604 RTO.Max - 60 seconds 4605 RTO.Alpha - 1/8 4606 RTO.Beta - 1/4 4607 Valid.Cookie.Life - 5 seconds 4608 Association.Max.Retrans - 10 attempts 4609 Path.Max.Retrans - 5 attempts (per destination address) 4610 Max.Init.Retransmits - 8 attempts 4612 'retrans.count' - counter (per destination address) 4613 'receiver.buffer' - variable (per peer endpoint) 4615 IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to 4616 customize some of these protocol parameters (see Section 9). 4618 14. Acknowledgments 4620 The authors wish to thank Mark Allman, Richard Band, Scott Bradner, 4621 Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege, Henry Houh, 4622 Christian Huetima, Gary Lehecka, John Loughney, Daniel Luan, Lyndon 4623 Ong, Kelvin Porter, Heinz Prantner, Jarno Rajahalme, Ivan Rodreguez, 4624 A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their 4625 invaluable comments. 4627 15. Authors' Addresses 4629 Randall R. Stewart Tel: +1-847-632-7438 4630 Motorola, Inc. EMail: rstewar1@email.mot.com 4631 1501 W. Shure Drive, #2315 4632 Arlington Heights, IL 60004 4633 USA 4635 Qiaobing Xie Tel: +1-847-632-3028 4636 Motorola, Inc. EMail: qxie1@email.mot.com 4637 1501 W. Shure Drive, #2309 4638 Arlington Heights, IL 60004 4639 USA 4641 Ken Morneault Tel: +1-703-484-3323 4642 Cisco Systems Inc. EMail: kmorneau@cisco.com 4643 13615 Dulles Technology Drive 4644 Herndon, VA. 20171 4645 USA 4647 Chip Sharp Tel: +1-919-472-3121 4648 Cisco Systems Inc. EMail:chsharp@cisco.com 4649 7025 Kit Creek Road 4650 Research Triangle Park, NC 27709 4651 USA 4653 Stewart, et al [Page 89] 4654 Hanns Juergen Schwarzbauer Tel: +49-89-722-24236 4655 SIEMENS AG 4656 Hofmannstr. 51 4657 81359 Munich 4658 Germany 4659 EMail: HannsJuergen.Schwarzbauer@icn.siemens.de 4661 Tom Taylor Tel: +1-613-736-0961 4662 Nortel Networks 4663 1852 Lorraine Ave. 4664 Ottawa, Ontario 4665 Canada K1H 6Z8 4666 EMail:taylor@nortelnetworks.com 4668 Ian Rytina Tel: +61-3-9301-6164 4669 Ericsson Australia EMail:ian.rytina@ericsson.com 4670 37/360 Elizabeth Street 4671 Melbourne, Victoria 3000 4672 Australia 4674 Malleswar Kalla Tel: +1-973-829-5212 4675 Telcordia Technologies 4676 MCC 1J211R 4677 445 South Street 4678 Morristown, NJ 07960 4679 USA 4680 EMail: kalla@research.telcordia.com 4682 Lixia Zhang Tel: +1-310-825-2695 4683 UCLA Computer Science Department EMail: lixia@cs.ucla.edu 4684 4531G Boelter Hall 4685 Los Angeles, CA 90095-1596 4686 USA 4688 Vern Paxson Tel: +1-510-642-4274 x 302 4689 ACIRI EMail: vern@aciri.org 4690 1947 Center St., Suite 600, 4691 Berkeley, CA 94704-1198 4692 USA 4694 16. References 4696 [1] Eastlake , D. (ed.), "Randomness Recommendations for Security", 4697 RFC 1750, December 1994. 4699 [2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format 4700 Specification version 3.3", RFC 1950, May 1996. 4702 [3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion 4703 Control", RFC 2581, April 1999. 4705 Stewart, et al [Page 90] 4706 [4] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, 4707 August 1999. 4709 [5] Allman, M., and Paxson, V., "On Estimating End-to-End Network 4710 Path Properties", Proc. SIGCOMM'99, 1999. 4712 [6] Karn, P., and Simpson, W., "Photuris: Session-Key Management 4713 Protocol", RFC 2522, March 1999. 4715 [7] Bradner, S., "The Internet Standards Process -- Revision 3", 4716 RFC 2026, October 1996. 4718 [8] Postel, J. (ed.), "Transmission Control Protocol", RFC 793, 4719 September 1981. 4721 [9] Postel, J. (ed.), "User Datagram Protocol", RFC 768, August 1980. 4723 [10] Reynolds, J., and Postel, J. (ed.), "Assigned Numbers", RFC 1700, 4724 October 1994. 4726 [11] Mogul, J., and Deering, S., "Path MTU Discovery", RFC 1191, 4727 November 1990. 4729 [12] McCann, J., Deering, S., and Mogul, J., "Path MTU Discovery for 4730 IP version 6", RFC 1981, August 1996. 4732 [13] Fraser, B. (ed.), "Site Security Handbook", RFC 2196, September 4733 1997. 4735 [14] Kent, S., and Atkinson, R., "Security Architecture for the 4736 Internet Protocol", RFC 2401, November 1998. 4738 [15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T., 4739 "TCP Congestion Control with a Misbehaving Receiver", ACM 4740 Computer Communication Review, 29(5), October 1999. 4742 This Internet Draft expires in 6 months from February, 2000