idnits 2.17.1 draft-ietf-sigtran-sctp-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 5621 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 9 instances of too long lines in the document, the longest one being 3 characters in excess of 72. ** There are 2 instances of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 4609 has weird spacing: '...ansport bou...' == Line 4615 has weird spacing: '...ination addre...' == Line 4622 has weird spacing: '...reshold tor...' == Line 4673 has weird spacing: '...reshold wha...' == Line 4687 has weird spacing: '...s acked conge...' == (1 more instance...) == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: This is to allow vendors to support their own extended parameters not defined by the IETF. It MUST not affect the operation of SCTP. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHALL not' in this paragraph: Note 3: The INIT chunks may contain AT MOST one Host Name address parameter. Moreover, the sender of the INIT SHALL not combine any other address types with the Host Name address in the INIT while the receiver of INIT MUST ignore any other address types if the Host Name address parameter is present in the received INIT chunk. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: This value represents the dedicated buffer space, in number of octets, the sender of the INIT has placed in association with this window. During the life of the association this buffer space SHOULD not be lessened (i.e. dedicated buffers taken away from this association). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHALL not' in this paragraph: Note 3: The INIT ACK chunks may contain AT MOST one Host Name address parameter. Moreover, the sender of the INIT ACK SHALL not combine any other address types with the Host Name address in the INIT ACK while the receiver of the INIT ACK MUST ignore any other address types if the Host Name address parameter is present. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: The ABORT chunk is sent to the peer of an association to terminate the association. The ABORT chunk may contain cause parameters to inform the receiver the reason of the abort. DATA chunks MUST not be bundled with ABORT. Control chunks MAY be bundled with an ABORT but they MUST be placed before the ABORT in the SCTP datagram, or they will be ignored by the receiver. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: This Chunk type is available to allow vendors to support their own extended data formats not defined by the IETF. It MUST not affect the operation of SCTP. In particular, when adding a Vendor Specific chunk type, the vendor defined chunks MUST obey the congestion avoidance rules defined in this document if they carry user data. User data is defined as any data transported over the association that is delivered to the upper layer of the receiver. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: Note: after sending out INIT ACK with the cookie, "Z" MUST not allocate any resources, nor keep any states for the new association. Otherwise, "Z" will be vulnerable to resource attacks. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: After sending out the INIT ACK, the endpoint shall take no further actions, i.e., the existing association, including its current state, and the corresponding TCB MUST not be changed. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: Note: The sender SHOULD not use a TSN that is more than 2**31 - 1 above the beginning TSN of the current send window. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: Note: If a SACK is received that indicates a previously out of order chunk has been discarded by the receiver (due to a buffer space shortage), the sender should mark the chunk as having a first strike for retransmit against the chunk and start a timer on the last transmitted destination address (if one is not already running on that destination address). The sender SHOULD not retransmit the chunk until the fast retransmit algorithm indicates it should. This will allow the receiver time to clear up the receive buffer problem that caused it to discard the chunk. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: NOTE: In instances where the data receiver endpoint is multi-homed, if a SACK arrives at the data sender that advances the sender's cumulative TSN point, then the data sender should update its cwnd (or cwnds) apportioned to the destination addresses where the data was transmitted to. However if the SACK does not advance the cumulative TSN point, the data sender MUST not adjust the cwnd of any of the destination addresses. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'ASSOCIATE' on line 1894 -- Looks like a reference, but probably isn't: 'TERMINATE' on line 1926 -- Looks like a reference, but probably isn't: 'ABORT' on line 1888 == Unused Reference: '7' is defined on line 4979, but no explicit reference was found in the text == Unused Reference: '10' is defined on line 4987, but no explicit reference was found in the text == Unused Reference: '14' is defined on line 5000, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1750 (ref. '1') (Obsoleted by RFC 4086) ** Downref: Normative reference to an Informational RFC: RFC 1950 (ref. '2') ** Obsolete normative reference: RFC 2581 (ref. '3') (Obsoleted by RFC 5681) ** Downref: Normative reference to an Informational RFC: RFC 2104 (ref. '4') -- Possible downref: Non-RFC (?) normative reference: ref. '5' ** Downref: Normative reference to an Experimental RFC: RFC 2522 (ref. '6') ** Obsolete normative reference: RFC 793 (ref. '8') (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 1700 (ref. '10') (Obsoleted by RFC 3232) ** Obsolete normative reference: RFC 1981 (ref. '12') (Obsoleted by RFC 8201) ** Downref: Normative reference to an Informational RFC: RFC 2196 (ref. '13') ** Obsolete normative reference: RFC 2401 (ref. '14') (Obsoleted by RFC 4301) -- Possible downref: Non-RFC (?) normative reference: ref. '15' -- Possible downref: Non-RFC (?) normative reference: ref. '16' ** Obsolete normative reference: RFC 1883 (ref. '17') (Obsoleted by RFC 2460) Summary: 17 errors (**), 0 flaws (~~), 23 warnings (==), 8 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group R. R. Stewart 2 INTERNET-DRAFT Q. Xie 3 Motorola 4 K. Morneault 5 C. Sharp 6 Cisco 7 H. J. Schwarzbauer 8 Siemens 9 T. Taylor 10 Nortel Networks 11 I. Rytina 12 Ericsson 13 M. Kalla 14 Telcordia 15 L. Zhang 16 UCLA 17 V. Paxson 18 ACIRI 20 expires in six months April 19,2000 22 Stream Control Transmission Protocol 23 25 Status of This Memo 27 This document is an Internet-Draft and is in full conformance with all 28 provisions of Section 10 of RFC 2026. Internet-Drafts are working 29 documents of the Internet Engineering Task Force (IETF), its areas, 30 and its working groups. Note that other groups may also distribute 31 working documents as Internet-Drafts. 33 The list of current Internet-Drafts can be accessed at 34 http://www.ietf.org/ietf/1id-abstracts.txt 36 The list of Internet-Draft Shadow Directories can be accessed at 37 http://www.ietf.org/shadow.html. 39 Stewart, et al [Page 1] 40 Abstract 42 This document describes the Stream Control Transmission Protocol 43 (SCTP). SCTP is designed to transport PSTN signaling messages over 44 IP networks, but is capable of broader applications. 46 SCTP is a reliable datagram transfer protocol operating on top of an 47 unreliable routed packet network such as IP. It offers the following 48 services to its users: 50 -- acknowledged error-free non-duplicated transfer of user data, 51 -- data segmentation to conform to discovered path MTU size, 52 -- sequenced delivery of user messages within multiple streams, 53 with an option for order-of-arrival delivery of individual 54 user messages, 55 -- optional multiplexing of user messages into SCTP datagrams, and 56 -- network-level fault tolerance through supporting of multi-homing 57 at either or both ends of an association. 59 The design of SCTP includes appropriate congestion avoidance behavior 60 and resistance to flooding and masquerade attacks. 62 Stewart, et al [Page 2] 63 TABLE OF CONTENTS 65 1. Introduction..................................................5 66 1.1 Motivation..................................................5 67 1.2 Architectural View of SCTP..................................5 68 1.3 Functional View of SCTP.....................................6 69 1.3.1 Association Startup and Takedown........................7 70 1.3.2 Sequenced Delivery within Streams.......................7 71 1.3.3 User Data Segmentation..................................8 72 1.3.4 Acknowledgment and Congestion Avoidance.................8 73 1.3.5 Chunk Multiplex.........................................8 74 1.3.6 Message Validation......................................8 75 1.3.7 Path Management.........................................9 76 1.4 Recapitulation of Key Terms.................................9 77 1.5 Abbreviations...............................................11 78 2. Conventions....................................................11 79 3. SCTP Datagram Format..........................................12 80 3.1 SCTP Common Header Field Descriptions.......................12 81 3.2 Chunk Field Descriptions....................................13 82 3.2.1 Optional/Variable-length Parameter Format...............14 83 3.2.2 Vendor-Specific Extension Parameter Format..............15 84 3.3 SCTP Chunk Definitions......................................17 85 3.3.1 Initiation (INIT).......................................17 86 3.3.1.1 Optional or Variable Length Parameters..............19 87 3.3.2 Initiation Acknowledgment (INIT ACK)....................20 88 3.3.2.1 Optional or Variable Length Parameters..............21 89 3.3.3 Selective Acknowledgment (SACK).........................22 90 3.3.4 Heartbeat Request (HEARTBEAT)...........................25 91 3.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK)................26 92 3.3.6 Abort Association (ABORT)...............................26 93 3.3.7 Shutdown Association (SHUTDOWN).........................27 94 3.3.8 Shutdown Acknowledgment (SHUTDOWN ACK)..................28 95 3.3.9 Operation Error (ERROR).................................28 96 3.3.10 State Cookie (COOKIE)..................................30 97 3.3.11 Cookie Acknowledgment (COOKIE ACK).....................31 98 3.3.12 Payload Data (DATA)....................................31 99 3.4 Vendor-Specific Chunk Extensions............................33 100 4. SCTP Association State Diagram.................................34 101 5. Association Initialization.....................................36 102 5.1 Normal Establishment of an Association......................37 103 5.1.1 Handle Stream Parameters................................39 104 5.1.2 Handle Address Parameters...............................39 105 5.1.3 Generating State Cookie.................................39 106 5.1.4 Cookie Processing.......................................40 107 5.1.5 Cookie Authentication...................................40 108 5.1.6 An Example of Normal Association Establishment..........41 109 5.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK.....42 110 5.2.1 Handle Duplicate INIT in COOKIE-WAIT 111 or COOKIE-SENT States...................................43 112 5.2.2 Handle Duplicate INIT in Other States...................43 113 5.2.3 Handle Duplicate INIT ACK...............................43 114 5.2.4 Handle Duplicate COOKIE.................................43 115 5.2.5 Handle Duplicate COOKIE-ACK.............................45 116 5.2.6 Handle Stale COOKIE Error...............................45 117 5.3 Other Initialization Issues.................................45 118 Stewart, et al [Page 3] 119 5.3.1 Selection of Tag Value..................................45 120 6. User Data Transfer.............................................46 121 6.1 Transmission of DATA Chunks.................................47 122 6.2 Acknowledgment of Reception of DATA Chunks..................48 123 6.2.1 Tracking Peer's Receive Buffer Space....................49 124 6.3 Management Retransmission Timer.............................50 125 6.3.1 RTO Calculation.........................................50 126 6.3.2 Retransmission Timer Rules..............................51 127 6.3.3 Handle T3-rxt Expiration................................52 128 6.4 Multi-homed SCTP Endpoints..................................53 129 6.4.1 Failover from Inactive Destination Address..............54 130 6.5 Stream Identifier and Stream Sequence Number................54 131 6.6 Ordered and Un-ordered Delivery.............................54 132 6.7 Report Gaps in Received DATA TSNs...........................55 133 6.8 Adler-32 Checksum Calculation...............................56 134 6.9 Segmentation................................................57 135 6.10 Bundling and Multiplexing..................................58 136 7. Congestion Control ..........................................58 137 7.1 SCTP Differences from TCP Congestion Control................59 138 7.2 SCTP Slow-Start and Congestion Avoidance....................59 139 7.2.1 Slow-Start..............................................60 140 7.2.2 Congestion Avoidance....................................61 141 7.2.3 Congestion Control......................................61 142 7.2.4 Fast Retransmit on Gap Reports..........................62 143 7.3 Path MTU Discovery..........................................63 144 8. Fault Management..............................................64 145 8.1 Endpoint Failure Detection..................................64 146 8.2 Path Failure Detection......................................64 147 8.3 Path Heartbeat..............................................65 148 8.4 Handle "Out of the blue" Packets............................66 149 8.5 Verification Tag............................................67 150 8.5.1 Exceptions in Verification Tag Rules....................67 151 9. Termination of Association.....................................68 152 9.1 Close of an Association.....................................68 153 9.2 Shutdown of an Association..................................68 154 10. Interface with Upper Layer....................................69 155 10.1 ULP-to-SCTP................................................70 156 10.2 SCTP-to-ULP................................................78 157 11. Security Considerations.......................................82 158 11.1 Security Objectives........................................82 159 11.2 SCTP Responses To Potential Threats........................82 160 11.2.1 Countering Insider Attacks.............................82 161 11.2.2 Protecting against Data Corruption in the Network......83 162 11.2.3 Protecting Confidentiality.............................83 163 11.2.4 Protecting against Blind Denial of Service Attacks.....83 164 11.2.4.1 Flooding...........................................84 165 11.2.4.2 Masquerade.........................................84 166 11.2.4.3 Improper Monopolization of Services................85 167 11.3 Protection against Fraud and Repudiation...................85 168 12. Recommended Transmission Control Block (TCB) Parameters.......86 169 12.1 Parameters necessary for the SCTP instance.................86 170 12.2 Parameters necessary per association (i.e. the TCB)........87 171 12.3 Per Transport Address Data.................................88 172 12.4 General Parameters Needed..................................89 173 13. IANA Consideration............................................89 174 13.1 IETF-defined Chunk Extension...............................89 175 13.2 IETF-defined Chunk Parameter Extension.....................90 176 13.3 IETF-defined Additional Error Causes.......................91 177 13.4 Payload Protocol Identifiers...............................92 178 Stewart, et al [Page 4] 179 14. Suggested SCTP Protocol Parameter Values......................92 180 15. Acknowledgments...............................................92 181 16. Authors' Addresses............................................93 182 17. References....................................................94 183 Appendix A .......................................................95 185 1. Introduction 187 This section explains the reasoning behind the development of the 188 Stream Control Transmission Protocol (SCTP), the services it offers, 189 and the basic concepts needed to understand the detailed description 190 of the protocol. 192 1.1 Motivation 194 TCP [8] has performed immense service as the primary means of reliable 195 data transfer in IP networks. However, an increasing number of recent 196 applications have found TCP too limiting, and have incorporated their 197 own reliable data transfer protocol on top of UDP [9]. The limitations 198 which users have wished to bypass include the following: 200 -- TCP provides both reliable data transfer and strict order- 201 of-transmission delivery of data. Some applications need reliable 202 transfer without sequence maintenance, while others would be 203 satisfied with partial ordering of the data. In both of these 204 cases the head-of-line blocking offered by TCP causes 205 unnecessary delay. 207 -- The stream-oriented nature of TCP is often an inconvenience. 208 Applications must add their own record marking to delineate 209 their messages, and must make explicit use of the push facility 210 to ensure that a complete message is transferred in a 211 reasonable time. 213 -- The limited scope of TCP sockets complicates the task of 214 providing highly-available data transfer capability using 215 multi-homed hosts. 217 -- TCP is relatively vulnerable to denial of service attacks, 218 such as SYN attacks. 220 Transport of PSTN signaling across the IP network is an application 221 for which all of these limitations of TCP are relevant. While this 222 application directly motivated the development of SCTP, other 223 applications may find SCTP a good match to their requirements. 225 1.2 Architectural View of SCTP 227 SCTP is viewed as a layer between the SCTP user application ("SCTP 228 user" for short) and an unreliable routed packet network service such 229 as IP. The basic service offered by SCTP is the reliable transfer of 230 user messages between peer SCTP users. It performs this service 232 Stewart, et al [Page 5] 233 within the context of an association between two SCTP nodes. Chapter 9 234 of this document sketches the API which should exist at the boundary 235 between the SCTP and the SCTP user layers. 237 SCTP is connection-oriented in nature, but the SCTP association is a 238 broader concept than the TCP connection. SCTP provides the means for 239 each SCTP endpoint (Section 1.4) to provide the other during 240 association startup with a list of transport addresses (e.g. multiple 241 IP addresses in combination with an SCTP port) through which that 242 endpoint can be reached and from which it will originate messages. 243 The association spans transfers over all of the possible 244 source/destination combinations which may be generated from the two 245 endpoint lists. 247 _____________ _____________ 248 | SCTP User | | SCTP User | 249 | Application | | Application | 250 |-------------| |-------------| 251 | SCTP | | SCTP | 252 | Transport | | Transport | 253 | Service | | Service | 254 |-------------| |-------------| 255 | |One or more ---- One or more| | 256 | IP Network |IP address \/ IP address| IP Network | 257 | Service |appearances /\ appearances| Service | 258 |_____________| ---- |_____________| 260 SCTP Node A |<-------- Network transport ------->| SCTP Node B 262 Figure 1: An SCTP Association 264 1.3 Functional View of SCTP 266 The SCTP transport service can be decomposed into a number of 267 functions. These are depicted in Figure 2 and explained in the 268 remainder of this section. 270 SCTP User Application 272 ..----------------------------------------------------- 273 .. _____________ ____________________ 274 | | | Sequenced delivery | 275 | Association | | within streams | 276 | | |____________________| 277 | startup | 278 ..| | ____________________________ 279 | and | | User Data Segmentation | 280 | | |____________________________| 281 | takedown | 283 Stewart, et al [Page 6] 284 ..| | ____________________________ 285 | | | Acknowledgment | 286 | | | and | 287 | | | Congestion Avoidance | 288 ..| | |____________________________| 289 | | 290 | | ____________________________ 291 | | | Chunk Multiplex | 292 | | |____________________________| 293 | | 294 | | ________________________________ 295 | | | Message Validation | 296 | | |________________________________| 297 | | 298 | | ________________________________ 299 | | | Path Management | 300 |______________ |________________________________| 302 Figure 2: Functional View of the SCTP Transport Service 304 1.3.1 Association Startup and Takedown 306 An association is initiated by a request from the SCTP user (see the 307 description of the ASSOCIATE primitive in Chapter 9). 309 A cookie mechanism, taken from that devised by Karn and Simpson in RFC 310 2522 [6], is employed during the initialization to provide protection 311 against security attacks. The cookie mechanism uses a four-way 312 handshaking, but the last two legs of which are allowed to carry user 313 data for fast setup. The startup sequence is described in chapter 4 of 314 this document. 316 SCTP provides for graceful takedown of an active association on 317 request from the SCTP user. See the description of the TERMINATE 318 primitive in chapter 10. SCTP also allows ungraceful takedown, either 319 on request from the user (ABORT primitive) or as a result of an error 320 condition detected within the SCTP layer. Chapter 8 describes both the 321 graceful and the ungraceful takedown procedures. 323 1.3.2 Sequenced Delivery within Streams 325 The term "stream" is used in SCTP to refer to a sequence of user 326 messages. This is in contrast to its usage in TCP, where it refers to 327 a sequence of bytes. 329 The SCTP user can specify at association startup time the number of 330 streams to be supported by the association. This number is negotiated 331 with the remote end (see section 5.1.1). User messages are associated 332 with stream numbers (SEND, RECEIVE primitives, Chapter 9). Internally, 333 SCTP assigns a stream sequence number to each message passed to it by 335 Stewart, et al [Page 7] 336 the SCTP user. On the receiving side, SCTP ensures that messages are 337 delivered to the SCTP user in sequence within a given stream. However, 338 while one stream may be blocked waiting for the next in-sequence user 339 message, delivery from other streams may proceed. 341 SCTP provides a mechanism for bypassing the sequenced delivery 342 service. User messages sent using this mechanism are delivered to the 343 SCTP user as soon as they are received. 345 1.3.3 User Data Segmentation 347 SCTP can segment user messages to ensure that the SCTP datagram 348 passed to the lower layer conforms to the path MTU. Segments are 349 reassembled into complete messages before being passed to the SCTP 350 user. 352 1.3.4 Acknowledgment and Congestion Avoidance 354 SCTP assigns a Transmission Sequence Number (TSN) to each user data 355 segment or unsegmented message. The TSN is independent of any 356 stream sequence number assigned at the stream level. The receiving end 357 acknowledges all TSNs received, even if there are gaps in the 358 sequence. In this way, reliable delivery is kept functionally separate 359 from sequenced delivery. 361 The Acknowledgment and Congestion Avoidance function is responsible 362 for message retransmission when timely acknowledgment has not been 363 received. Message retransmission is conditioned by congestion 364 avoidance procedures similar to those used for TCP. See Chapters 5 365 and 6 for a detailed description of the protocol procedures associated 366 with this function. 368 1.3.5 Chunk Multiplex 370 As described in Chapter 2, the SCTP datagram as delivered to the lower 371 layer consists of a common header followed by one or more chunks. Each 372 chunk may contain either user data or SCTP control information. The 373 SCTP user has the option to request "bundling", or multiplexing of 374 more than one user messages into a single SCTP datagram. The chunk 375 multiplex function of SCTP is responsible for assembly of the complete 376 SCTP datagram and its disassembly at the receiving end. 378 1.3.6 Message Validation 380 A mandatory verification tag and an Adler-32 checksum [2] fields are 381 included in the SCTP common header. The verification tag value is 382 chosen by each end of the association during association startup. 383 Messages received without the verification tag value expected by the 384 receiver are discarded, as a protection against blind masquerade 385 attacks and against stale datagrams from a previous association. 387 Stewart, et al [Page 8] 388 The Adler-32 checksum should be set by the sender of each SCTP datagram, 389 to provide additional protection against data corruption in the 390 network beyond that provided by lower layers (e.g. the IP checksum). 392 1.3.7 Path Management 394 The sending SCTP user is able to manipulate the set of transport 395 addresses used as destinations for SCTP datagrams, through the 396 primitives described in Chapter 10. The SCTP path management function 397 chooses the destination transport address for each outgoing SCTP 398 datagram based on the SCTP user's instructions and the currently 399 perceived reachability status of the eligible destination set. 400 The path management function monitors reachability through heartbeat 401 messages when other message traffic is inadequate to provide this 402 information, and advises the SCTP user when reachability of any far- 403 end transport address changes. The path management function is also 404 responsible for reporting the eligible set of local transport 405 addresses to the far end during association startup, and for reporting 406 the transport addresses returned from the far end to the SCTP user. 408 At association start-up, a primary destination transport address is 409 defined for each SCTP endpoint, and is used for normal sending of SCTP 410 datagrams. 412 On the receiving end, the path management is responsible for verifying 413 the existence of a valid SCTP association to which the inbound SCTP 414 datagram belongs before passing it for further processing. 416 1.4 Recapitulation of Key Terms 418 The language used to describe SCTP has been introduced in the previous 419 sections. This section provides a consolidated list of the key terms 420 and their definitions. 422 o SCTP user application (SCTP user): The logical higher-layer 423 application entity which uses the services of SCTP, also called 424 the Upper-layer Protocol (ULP). 426 o User message: the unit of data delivery across the interface 427 between SCTP and its user. 429 o SCTP datagram: the unit of data delivery across the interface 430 between SCTP and the unreliable packet network (e.g. IP) which 431 it is using. An SCTP datagram includes the common SCTP header, 432 possible SCTP control chunks, and user data encapsulated within 433 SCTP DATA chunks. 435 o Transport address: an address which serves as a source or 436 destination for the unreliable packet transport service used by 437 SCTP. In IP networks, a transport address is defined by the 438 combination of an IP address and an SCTP port number. 440 Stewart, et al [Page 9] 441 Note, only one SCTP port may be defined for each endpoint, 442 but each endpoint may have multiple IP addresses. 444 o SCTP endpoint: the logical sender/receiver of SCTP datagrams. On a 445 multi-homed host, an SCTP endpoint is represented to its peers as a 446 combination of a set of eligible destination transport addresses to 447 which SCTP datagrams can be sent and a set of eligible source 448 transport addresses from which SCTP datagrams can be received. 450 Note, a source or destination transport address can only be 451 included in one unique SCTP endpoint, i.e., it is NOT allowed to 452 have the same SCTP source or destination transport address appear 453 in more than one SCTP endpoint. 455 o SCTP association: a protocol relationship between SCTP endpoints, 456 comprising the two SCTP endpoints and protocol state information 457 including verification tags and the currently active set of 458 Transmission Sequence Numbers (TSNs), etc. 460 o Chunk: a unit of information within an SCTP datagram, consisting of 461 a chunk header and chunk-specific content. 463 o Transmission Sequence Number (TSN): a 32-bit sequence number used 464 internally by SCTP. One TSN is attached to each chunk containing 465 user data to permit the receiving SCTP endpoint to acknowledge its 466 receipt and detect duplicate deliveries. 468 o Stream: a uni-directional logical channel established from one to 469 another associated SCTP endpoints, within which all user messages 470 are delivered in sequence except for those submitted to the 471 un-ordered delivery service. 473 Note: The relationship between stream numbers in opposite 474 directions is strictly a matter of how the applications use 475 them. It is the responsibility of the SCTP user to create and 476 manage these correlations if they are so desired. 478 o Stream Sequence Number: a 16-bit sequence number used internally by 479 SCTP to assure sequenced delivery of the user messages within a 480 given stream. One stream sequence number is attached to each user 481 message. 483 o Path: the route taken by the SCTP datagrams sent by one SCTP 484 endpoint to a specific destination transport address of its peer 485 SCTP endpoint. Note, sending to different destination transport 486 addresses does not necessarily guarantee getting separate paths. 488 o Bundling: an optional multiplexing operation, whereby more than one 489 user messages may be carried in the same SCTP datagram. Each user 490 message occupies its own DATA chunk. 492 o Outstanding TSN (at an SCTP endpoint): a TSN (and the associated DATA 493 chunk) which have been sent by the endpoint but for which it has not 494 yet received an acknowledgment. 496 Stewart, et al [Page 10] 497 o Unacknowledged TSN (at an SCTP endpoint): a TSN (and the associated DATA 498 chunk) which have been received by the endpoint but for which an 499 acknowledgment has not yet been sent. 501 o Receiver Window (rwnd): The most recently calculated receiver 502 window, in number of octets. This gives an indication of the space 503 available in the receiver's inbound buffer. 505 o Congestion Window (cwnd): An SCTP variable that limits the data, in 506 number of octets, a sender can send into the network before 507 receiving an acknowledgment on a particular destination Transport 508 address. 510 o Slow Start Threshold (ssthresh): An SCTP variable. This is the 511 threshold which the endpoint will use to determine whether to 512 perform slow start or congestion avoidance on a particular destination 513 transport address. Ssthresh is in number of octets. 515 o Transmission Control Block (TCB): an internal data structure 516 created by an SCTP endpoint for each of its existing SCTP 517 associations to other SCTP endpoints. TCB contains all the status 518 and operational information for the endpoint to maintain and manage 519 the corresponding association. 521 o Network Byte Order: Most significant byte first, a.k.a Big Endian. 523 1.5. Abbreviations 525 ICV - Integrity Check Value [4] 527 RTO - Retransmission Time-out 529 RTT - Round-trip Time 531 RTTVAR - Round-trip Time Variation 533 SCTP - Stream Control Transmission Protocol 535 SRTT - Smoothed RTT 537 TCB - Transmission Control Block 539 TLV - Type-Length-Value Coding Format 541 TSN - Transmission Sequence Number 543 ULP - Upper-layer Protocol 545 2. Conventions 547 The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, 548 SHOULD NOT, RECOMMENDED, NOT RECOMMENDED, MAY, and OPTIONAL, when 549 they appear in this document, are to be interpreted as described in 550 RFC 2119 [18]. 552 Stewart, et al [Page 11] 553 3. SCTP Datagram Format 555 An SCTP datagram is composed of a common header and chunks. A chunk 556 contains either control information or user data. 558 The SCTP datagram format is shown below: 560 0 1 2 3 561 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 563 | Common Header | 564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 565 | Chunk #1 | 566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 567 | ... | 568 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 569 | Chunk #n | 570 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 572 Multiple chunks can be multiplexed into one SCTP datagram up to 573 the MTU size, except for the INIT, INIT ACK, and SHUTDOWN ACK 574 chunks. These chunks MUST NOT be multiplexed with any other chunk in a 575 datagram. See Section 6.10 for more details on chunk multiplexing. 577 If an user data message doesn't fit into one SCTP datagram it can be 578 segmented into multiple chunks using the procedure defined in 579 Section 6.9. 581 All integer fields in an SCTP datagram MUST be transmitted in the 582 network byte order, unless otherwise stated. 584 3.1 SCTP Common Header Field Descriptions 586 SCTP Common Header Format 588 0 1 2 3 589 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 590 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 591 | Source Port Number | Destination Port Number | 592 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 593 | Verification Tag | 594 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 595 | Adler-32 Checksum | 596 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 598 Source Port Number: 16 bit u_int 600 This is the SCTP sender's port number. It can be used by the 601 receiver, in combination with the source IP address, to identify the 602 association to which this datagram belongs. 604 Destination Port Number: 16 bit u_int 606 This is the SCTP port number to which this datagram is destined. The 607 receiving host will use this port number to de-multiplex the 608 SCTP datagram to the correct receiving endpoint/application. 610 Stewart, et al [Page 12] 611 Verification Tag: 32 bit u_int 613 The receiver of this datagram uses the Verification Tag to validate 614 the sender of this SCTP datagram. On transmit, the value of this 615 Verification Tag MUST be set to the value of the Initiate Tag 616 received from the peer endpoint during the association 617 initialization. 619 For datagrams carrying the INIT chunk, the transmitter MUST set the 620 Verification Tag to all 0's. If the receiver receives a datagram 621 with an all-zeros Verification Tag field, it checks the Chunk ID 622 immediately following the common header. If the Chunk Type is 623 neither INIT nor SHUTDOWN ACK or ABORT, the receiver MUST drop 624 the datagram. For datagrams carrying the SHUTDOWN ACK chunk, the 625 transmitter SHOULD set the Verification Tag to the Initiate Tag 626 received from the peer endpoint during the association 627 initialization, if known. Otherwise, the Verification Tag 628 MUST be set to all 0's. 630 Note: Special rules apply to the ABORT message see Section 8.5. 632 Adler-32 Checksum: 32 bit u_int 634 This field MUST contain an Adler-32 checksum of this SCTP 635 datagram. Its calculation is discussed in Section 6.8. 637 3.2 Chunk Field Descriptions 639 The figure below illustrates the field format for the chunks to be 640 transmitted in the SCTP datagram. Each chunk is formatted with a Chunk 641 ID field, a chunk-specific Flag field, a Length field, and a Value 642 field. 644 0 1 2 3 645 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 646 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 647 | Chunk ID | Chunk Flags | Chunk Length | 648 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 649 \ \ 650 / Chunk Value / 651 \ \ 652 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 654 Chunk ID: 8 bits, u_int 656 This field identifies the type of information contained in the Chunk 657 Value field. It takes a value from 0x00 to 0xFF. The value of 0xFE 658 is reserved for vendor-specific extensions. The value of 0xFF is 659 reserved for future use as an extension field. Procedures for 660 extending this field by vendors are defined in Section 3.4. 662 The values of Chunk ID are defined as follows: 664 Stewart, et al [Page 13] 665 ID Value Chunk Type 666 ----- ---------- 667 00000000 - Payload Data (DATA) 668 00000001 - Initiation (INIT) 669 00000010 - Initiation Acknowledgment (INIT ACK) 670 00000011 - Selective Acknowledgment (SACK) 671 00000100 - Heartbeat Request (HEARTBEAT) 672 00000101 - Heartbeat Acknowledgment (HEARTBEAT ACK) 673 00000110 - Abort (ABORT) 674 00000111 - Shutdown (SHUTDOWN) 675 00001000 - Shutdown Acknowledgment (SHUTDOWN ACK) 676 00001001 - Operation Error (ERROR) 677 00001010 - State Cookie (COOKIE) 678 00001011 - Cookie Acknowledgment (COOKIE ACK) 679 00001100 - Reserved for Explicit Congestion Notification Echo (ECNE) 680 00001101 - Reserved for Congestion Window Reduced (CWR) 681 00001110 to 11111101 - reserved by IETF 682 11111110 - Vendor-specific Chunk Extensions 683 11111111 - IETF-defined Chunk Extensions 685 Note: The ECNE and CWR chunk types are reserved for future use of Explicit 686 Congestion Notification (ECN). 688 Chunk Flags: 8 bits 690 The usage of these bits depends on the chunk type as given by the 691 Chunk ID. Unless otherwise specified, they are set to zero on 692 transmit and are ignored on receipt. 694 Chunk Length: 16 bits (u_int) 696 This value represents the size of the chunk in octets including the 697 Chunk ID, Flags, Length, and Value fields. Therefore, if the Value 698 field is zero-length, the Length field will be set to 0x0004. The 699 Length field does not count any padding. 701 Chunk Value: variable length 703 The Chunk Value field contains the actual information to be 704 transferred in the chunk. The usage and format of this field is 705 dependent on the Chunk ID. The Chunk Value field MUST be aligned on 706 32-bit boundaries. If the length of the chunk does not align on 707 32-bit boundaries, it is padded at the end with all zero octets. 709 SCTP defined chunks are described in detail in Section 3.3. The 710 guideline for vendor-specific chunk extensions is discussed in Section 711 3.4. And the guidelines for IETF-defined chunk extensions can be found 712 in Section 13.1 of this document. 714 3.2.1 Optional/Variable-length Parameter Format 716 The optional and variable-length parameters contained in a chunk 717 are defined in a Type-Length-Value format as shown below. 719 Stewart, et al [Page 14] 720 0 1 2 3 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | Parameter Type | Parameter Length | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 \ \ 726 / Parameter Value / 727 \ \ 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 730 Parameter Type: 16 bit u_int 732 The Type field is a 16 bit identifier of the type of parameter. It 733 takes a value of 0x0000 to 0xFFFF. 735 The value of 0xFFFE is reserved for vendor-specific extensions if 736 the specific chunk allows such extensions. The value of 0xFFFF is 737 reserved for IETF-defined extensions. Values other than those 738 defined in specific SCTP chunk description are reserved for use by 739 IETF. 741 Parameter Length: 16 bit u_int 743 The Length field contains the size of the parameter in octets, 744 including the Type, Length, and Value fields. Thus, a parameter 745 with a zero-length Value field would have a Length field of 746 0x0004. The Length does not include any padding octets. 748 Parameter Value: variable-length. 750 The Value is dependent on the value of the Type field. The value 751 field MUST be aligned on 32-bit boundaries. If the value field is 752 not aligned on 32-bit boundaries it is padded at the end with all 753 zero octets. The value field must be an integer number of octets. 755 The actual SCTP parameters are defined in the specific SCTP chunk 756 sections. The guidelines for vendor-specific parameter extensions 757 are discussed in Section 3.2.2. And the rules for IETF-defined 758 parameter extensions are defined in Section 13.2. 760 3.2.2 Vendor-Specific Extension Parameter Format 762 This is to allow vendors to support their own extended parameters not 763 defined by the IETF. It MUST not affect the operation of SCTP. 765 Endpoints not equipped to interpret the vendor-specific information 766 sent by a remote endpoint MUST ignore it (although it may be 767 reported). Endpoints that do not receive desired vendor-specific 768 information SHOULD make an attempt to operate without it, although 769 they may do so (and report they are doing so) in a degraded mode. 771 A summary of the Vendor-specific extension format is shown below. The 772 fields are transmitted from left to right. 774 Stewart, et al [Page 15] 775 0 1 2 3 776 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 777 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 778 | Parameter Type = 0xFFFE | Parameter Length | 779 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 780 | Vendor-Id | 781 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 782 \ \ 783 / Parameter Value / 784 \ \ 785 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 787 Type: 16 bit u_int 789 0xFFFE for all Vendor-Specific parameters. 791 Length: 16 bit u_int 793 Indicate the size of the parameter in octets, including the 794 Type, Length, Vendor-Id, and Value fields. 796 Vendor-Id: 32 bit u_int 798 The high-order octet is 0 and the low-order 3 octets are the 799 SMI Network Management Private Enterprise Code of the Vendor 800 in network byte order, as defined in the Assigned Numbers (RFC 801 1700). 803 Value: variable length 805 The Value field is one or more octets. The actual format of the 806 information is site or application specific, and a robust 807 implementation SHOULD support the field as undistinguished 808 octets. 810 The codification of the range of allowed usage of this field is 811 outside the scope of this specification. 813 It SHOULD be encoded as a sequence of vendor type / vendor length 814 / value fields, as follows. The parameter field is 815 dependent on the vendor's definition of that attribute. An 816 example encoding of the Vendor-Specific attribute using this 817 method follows: 819 0 1 2 3 820 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 821 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 822 | Parameter Type = 0xFFFE | Parameter Length | 823 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 824 | Vendor-Id | 825 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 826 | VS-Type | VS-Length | 827 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 828 / VS-Value / 829 \ \ 830 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 831 Stewart, et al [Page 16] 832 VS-Type: 16 bit u_int 834 This field identifies the parameter included in the VS-Value field. 835 It is assigned by the vendor. 837 VS-Length: 16 bit u_int 839 This field is the length of the vendor-specific parameter and 840 Includes the VS-Type, VS-Length and VS-Value (if included) fields. 842 VS-Value: Variable Length 844 This field contains the parameter identified by the VS-Type field. 845 It's meaning is identified by the vendor. 847 3.3 SCTP Chunk Definitions 849 This section defines the format of the different SCTP chunk types. 851 3.3.1 Initiation (INIT) (00000001) 853 This chunk is used to initiate a SCTP association between two 854 endpoints. The format of the INIT message is shown below: 856 0 1 2 3 857 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 858 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 859 |0 0 0 0 0 0 0 1| Chunk Flags | Chunk Length | 860 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 861 | Initiate Tag | 862 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 863 | Advertised Receiver Window Credit (a_rwnd) | 864 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 865 | Number of Outbound Streams | Number of Inbound Streams | 866 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 867 | Initial TSN | 868 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 869 \ \ 870 / Optional/Variable-Length Parameters / 871 \ \ 872 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 874 The INIT chunk contains the following parameters. Unless otherwise 875 noted, each parameter MUST only be included once in the INIT chunk. 877 Fixed Parameters Status 878 ---------------------------------------------- 879 Initiate Tag Mandatory 880 Advertised Receiver Window Credit Mandatory 881 Number of Outbound Streams Mandatory 882 Number of Inbound Streams Mandatory 883 Initial TSN Mandatory 885 Stewart, et al [Page 17] 886 Variable Parameters Status Type Value 887 ------------------------------------------------------------- 888 IPv4 Address (Note 1) Optional 0x0005 889 IPv6 Address (Note 1) Optional 0x0006 890 Cookie Preservative Optional 0x0009 891 Reserved for ECN Capable (Note 2) Optional 0x000a 892 Host Name Address (Note 3) Optional 0x000b 893 Supported Address Types (Note 4) Optional 0x000c 895 Note 1: The INIT chunks may contain multiple addresses that may be 896 IPv4 and/or IPv6 in any combination. 898 Note 2: The ECN capable field is reserved for future use of Explicit 899 Congestion Notification. 901 Note 3: The INIT chunks may contain AT MOST one Host Name address 902 parameter. Moreover, the sender of the INIT SHALL not combine any other 903 address types with the Host Name address in the INIT while the receiver 904 of INIT MUST ignore any other address types if the Host Name address 905 parameter is present in the received INIT chunk. 907 Note 4: This parameter, when present, specifies all the address types 908 the sending endpoint can support. The absence of this parameter 909 indicates that the sending endpoint can support any address types. 911 Chunk Flags field in INIT is reserved, and all bits in it should be 912 set to 0 by the sender and ignored by the receiver. The sequence of 913 parameters within an INIT may be processed in any order. 915 Initiate Tag: 32 bit u_int 917 The receiver of the INIT (the responding end) records the value of 918 the Initiate Tag parameter. This value MUST be placed into the 919 Verification Tag field of every SCTP datagram that the responding 920 end transmits within this association. 922 The valid range for Initiate Tag is from 0x1 to 0xffffffff. See 923 Section 5.3.1 for more on the selection of the tag value. 925 If the value of the Initiate Tag in a received INIT chunk is found 926 to be 0x0, the receiver MUST treat it as an error and silently 927 discard the datagram. 929 Advertised Receiver Window Credit (a_rwnd): 32 bit u_int 931 This value represents the dedicated buffer space, in number of 932 octets, the sender of the INIT has placed in association with this 933 window. During the life of the association this buffer space SHOULD 934 not be lessened (i.e. dedicated buffers taken away from this 935 association). 937 Number of Outbound Streams (OS): 16 bit u_int 939 Defines the number of outbound streams the sender of this INIT chunk 940 wishes to create in this association. The value of 0 MUST NOT be 941 used. 943 Number of Inbound Streams (MIS) : 16 bit u_int 945 Defines the MAXIMUM number of streams the sender of this INIT chunk 946 allows the peer end to create in this association. The value 0 MUST 947 NOT be used. 949 Initial TSN (I-TSN) : 32 bit u_int 951 Defines the initial TSN that the sender will use. The valid range is 952 from 0x0 to 0xffffffff. This field MAY be set to the value of the 953 Initiate Tag field. 955 Stewart, et al [Page 18] 956 Vendor-specific parameters are allowed in INIT. However, they MUST be 957 appended to the end of the above INIT chunks. The format of the 958 vendor-specific parameters MUST follow the Type-Length-value format as 959 defined in Section 3.2.2. In case an endpoint does not support the 960 vendor-specific chunks received, it MUST ignore them. 962 3.3.1.1 Optional/Variable Length Parameters in INIT 964 The following parameters follow the Type-Length-Value format as 965 defined in Section 3.2.1. The IP address fields MUST come after 966 the fixed-length fields defined in the previous Section. 968 Any extensions SHOULD come after the IP address fields. 970 IPv4 Address Parameter 972 0 1 2 3 973 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 974 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 975 |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 976 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 977 | IPv4 Address | 978 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 980 IPv4 Address: 32 bit 982 Contains an IPv4 address of the sending endpoint. It is binary 983 encoded. 985 IPv6 Address Parameter 987 0 1 2 3 988 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 989 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 990 |0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0|0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0| 991 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 992 | | 993 | IPv6 Address | 994 | | 995 | | 996 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 998 IPv6 Address: 128 bit 1000 Contains an IPv6 address of the sending endpoint. It is binary 1001 encoded. 1003 Combining with the Source Port Number in the SCTP common header, the 1004 value passed in an IPv4 or IPv6 Address parameter indicates a 1005 transport address the sender of the INIT will support for the 1006 association being initiated. That is, during the lifetime of this 1007 association, this IP address may appear in the source address field 1009 Stewart, et al [Page 19] 1010 of a datagram sent from the sender of the INIT, and may be used as a 1011 destination address of a datagram sent from the receiver of the 1012 INIT. 1014 More than one IP Address parameter can be included in an INIT 1015 chunk when the INIT sender is multi-homed. Moreover, a multi-homed 1016 endpoint may have access to different types of network, thus more 1017 than one address type may be present in one INIT chunk, i.e., IPv4 1018 and IPv6 transport addresses are allowed in the same INIT message. 1020 If the INIT contains at least one IP Address parameter, then only the 1021 transport address(es) provided within the INIT may be used as 1022 destinations by the responding end. If the INIT does not contain any 1023 IP Address parameters, the responding end MUST use the source 1024 address associated with the received SCTP datagram as its sole 1025 destination address for the association. 1027 Cookie Preservative 1029 The sender of the INIT shall use this parameter to suggest to the 1030 receiver of the INIT for a longer life-span of the State Cookie. 1032 0 1 2 3 1033 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1034 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1035 |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 1036 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1037 | Suggested Cookie Life-span Increment (msec.) | 1038 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1040 Suggested Cookie Life-span Increment: 32bit u_int 1042 This parameter indicates to the receiver how much increment the 1043 sender wishes the receiver to add to its default cookie life-span. 1045 This optional parameter should be added to the INIT message by the 1046 sender when it re-attempts establishing an association with a peer 1047 to which its previous attempt of establishing the association failed 1048 due to a Stale COOKIE error. Note, the receiver MAY choose to ignore 1049 the suggested cookie life-span increase for its own security 1050 reasons. 1052 Host Name Address 1054 The sender of INIT uses this parameter to pass its Host Name (in 1055 place of its IP addresses) to its peer. The peer is responsible for 1056 resolving the name. 1058 0 1 2 3 1059 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1060 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1061 |0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1| Length | 1062 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1063 / Host Name / 1064 \ \ 1065 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1067 Host Name: variable length 1069 Defined as a zero terminated ASCII string with a variable 1070 length. The syntax of the host name is out of scope of SCTP. 1072 Supported Address Types 1074 The sender of INIT uses this parameter to list all the address types 1075 it can support. 1077 0 1 2 3 1078 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1079 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1080 |0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0| Length | 1081 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1082 | Address Type #1 | Address Type #2 | 1083 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1084 | ...... 1085 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1087 Address Type: 16 bit u_int 1089 This is filled with the type value of the corresponding address 1090 TLV (e.g., IPv4 = 0x0005, IPv6 = 0x0006). 1092 3.3.2 Initiation Acknowledgment (INIT ACK) (00000010): 1094 The INIT ACK chunk is used to acknowledge the initiation of an SCTP 1095 association. 1097 The parameter part of INIT ACK is formatted similarly to the INIT 1098 chunk. It uses two extra variable parameters: The State Cookie 1099 and the Unrecognized Parameter: 1101 The format of the INIT ACK message is shown below: 1103 Stewart, et al [Page 20] 1104 0 1 2 3 1105 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1106 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1107 |0 0 0 0 0 0 1 0| Chunk Flags | Chunk Length | 1108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1109 | Initiate Tag | 1110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1111 | Advertised Receiver Window Credit | 1112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1113 | Number of Outbound Streams | Number of Inbound Streams | 1114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1115 | Initial TSN | 1116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1117 \ \ 1118 / Optional/Variable-Length Parameters / 1119 \ \ 1120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1122 The INIT ACK contains the following parameters. Unless otherwise 1123 noted, each parameter MUST only be included once in the INIT ACK chunk. 1125 Fixed Parameters Status 1126 ---------------------------------------------- 1127 Initiate Tag Mandatory 1128 Advertised Receiver Window Credit Mandatory 1129 Number of Outbound Streams Mandatory 1130 Number of Inbound Streams Mandatory 1131 Initial TSN Mandatory 1133 Variable Parameters Status Type Value 1134 ------------------------------------------------------------- 1135 State Cookie Mandatory 0x0007 1136 IPv4 Address (Note 1) Optional 0x0005 1137 IPv6 Address (Note 1) Optional 0x0006 1138 Unrecognized Parameters Optional 0x0008 1139 Reserved for ECN Capable (Note 2) Optional 0x000a 1140 Host Name Address (Note 3) Optional 0x000b 1142 Note 1: The INIT ACK chunks may contain any number of IP address 1143 parameters that may be IPv4 and/or IPv6 in any combination. 1145 Note 2: The ECN capable field is reserved for future use of Explicit 1146 Congestion Notification. 1148 Note 3: The INIT ACK chunks may contain AT MOST one Host Name address 1149 parameter. Moreover, the sender of the INIT ACK SHALL not combine any 1150 other address types with the Host Name address in the INIT ACK while 1151 the receiver of the INIT ACK MUST ignore any other address types if 1152 the Host Name address parameter is present. 1154 Same as with INIT, in combination with the Source Port carried in the 1155 SCTP common header, each IP Address parameter in the INIT ACK indicates 1156 to the receiver of the INIT ACK a valid transport address supported by 1157 the sender of the INIT ACK for the lifetime of the association being 1158 initiated. 1160 If the INIT ACK contains at least one IP Address parameter, then only 1161 the transport address(es) explicitly indicated in the INIT ACK may be 1162 used as the destination(s) by the receiver of the INIT ACK. However, 1163 if the INIT ACK contains no IP Address parameter, the receiver of the 1164 INIT ACK MUST take the source IP address associated with this INIT ACK 1165 as its sole destination address for this association. 1167 Stewart, et al [Page 21] 1168 The State Cookie and Unrecognized Parameters use the Type-Length- 1169 Value format as defined in Section 3.2.1 and are described below. The 1170 other fields are defined the same as their counterparts in the INIT 1171 message. 1173 3.3.2.1 Optional or Variable Length Parameters 1175 State Cookie: variable size, depending on Size of Cookie 1177 This field MUST contain all the necessary state and parameter 1178 information required for the sender of this INIT ACK to create the 1179 association, along with an Integrity Check Value (ICV). See 1180 Section 5.1.3 for details on Cookie definition. The Cookie MUST be 1181 padded with '0' to the next 32-bit word boundary. The internal 1182 format of the Cookie is implementation-specific. 1184 Unrecognized Parameters: Variable Size. 1186 This parameter is returned to the originator of the INIT message if 1187 the receiver does not recognize one or more Optional TLV parameters 1188 in the INIT chunk. This parameter field will contain the 1189 unrecognized parameters copied from the INIT message complete 1190 with TLV. 1192 Vendor-Specific parameters are allowed in INIT ACK. However, they 1193 MUST be defined using the format described in Section 3.2.2, and be 1194 appended to the end of the above INIT ACK chunk. In case the receiver 1195 of the INIT ACK does not support the vendor-specific parameters 1196 received, it MUST ignore those fields. 1198 3.3.3 Selective Acknowledgment (SACK) (00000011): 1200 This chunk is sent to the remote endpoint to acknowledge received DATA 1201 chunks and to inform the remote endpoint of gaps in the received 1202 subsequences of DATA chunks as represented by their TSNs. 1204 The SACK MUST contain the Cumulative TSN ACK and Advertised Receiver 1205 Window Credit (a_rwnd) parameters. By definition, the value of the 1206 Cumulative TSN ACK parameter is the last TSN received at the time the 1207 Selective ACK is sent, before a break in the sequence of received TSNs 1208 occurs; the next TSN value following this one has not yet been 1209 received at the reporting end. This parameter therefore acknowledges 1210 receipt of all TSNs up to and including the value given. 1212 The handling of the a_rwnd by the receiver of the SACK is discussed in 1213 detail in Section 6.2.1. 1215 The Selective ACK also contains zero or more fragment reports. Each 1216 fragment report acknowledges a subsequence of TSNs received following 1217 a break in the sequence of received TSNs. By definition, all TSNs 1218 acknowledged by fragment reports are higher than the value of the 1219 Cumulative TSN ACK. 1221 Stewart, et al [Page 22] 1222 0 1 2 3 1223 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1224 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1225 |0 0 0 0 0 0 1 1|Chunk Flags | Chunk Length | 1226 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1227 | Cumulative TSN ACK | 1228 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1229 | Advertised Receiver Window Credit (a_rwnd) | 1230 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1231 | Number of Fragments = N | Number of Duplicate TSNs = X | 1232 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1233 | Fragment #1 Start | Fragment #1 End | 1234 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1235 / / 1236 \ ... \ 1237 / / 1238 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1239 | Fragment #N Start | Fragment #N End | 1240 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1241 | Duplicate TSN 1 | 1242 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1243 / / 1244 \ ... \ 1245 / / 1246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1247 | Duplicate TSN X | 1248 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1250 Chunk Flags: 1252 Set to all zeros on transmit and ignored on receipt. 1254 Cumulative TSN ACK: 32 bit u_int 1256 This parameter contains the TSN of the last DATA chunk received in 1257 sequence before a gap. 1259 Advertised Receiver Window Credit (a_rwnd): 32 bit u_int 1261 This field indicates the updated receive buffer space in octets of 1262 the sender of this SACK, see Section 6.2.1 for details. 1264 Number of Fragments: 16 bit u_int 1266 Indicates the number of TSN fragments included in this Selective 1267 ACK. 1269 Number of Duplicate TSNs: 16 bit 1271 This field contains the number of duplicate TSNs the endpoint 1272 has received. Each duplicate TSN is listed following the fragment 1273 list. 1275 Fragments: 1277 These fields contain the ack fragments. They are repeated for each 1278 fragment up to the number of fragments defined in the Number of 1279 Fragments field. All DATA chunks with TSNs between the (Cumulative 1280 TSN ACK + Fragment Start) and (Cumulative TSN ACK + Fragment End) of 1281 each fragment are assumed to have been received correctly. 1283 Stewart, et al [Page 23] 1284 Fragment Start: 16 bit u_int 1286 Indicates the Start offset TSN for this fragment. To calculate the 1287 actual TSN number the Cumulative TSN ACK is added to this 1288 offset number to yield the TSN. This calculated TSN identifies 1289 the first TSN in this fragment that has been received. 1291 Fragment End: 16 bit u_int 1293 Indicates the End offset TSN for this fragment. To calculate the 1294 actual TSN number the Cumulative TSN ACK is added to this 1295 offset number to yield the TSN. This calculated TSN identifies 1296 the TSN of the last DATA chunk received in this fragment. 1298 Duplicate TSN: 32 bit u_int 1300 Indicates a TSN that was received in duplicate. 1302 For example, assume the receiver has the following datagrams newly 1303 arrived at the time when it decides to send a Selective ACK, 1305 ---------- 1306 | TSN=17 | 1307 ---------- 1308 | | <- still missing 1309 ---------- 1310 | TSN=15 | 1311 ---------- 1312 | TSN=14 | 1313 ---------- 1314 | | <- still missing 1315 ---------- 1316 | TSN=12 | 1317 ---------- 1318 | TSN=11 | 1319 ---------- 1320 | TSN=10 | 1321 ---------- 1323 then, the parameter part of the Selective ACK MUST be constructed as 1324 follows (assuming the new a_rwnd is set to 0x1234 by the sender): 1326 +---------------+--------------+ 1327 | Cumulative TSN ACK = 12 | 1328 ----------------+--------------- 1329 | a_rwnd = 0x1234 | 1330 ----------------+--------------- 1331 | num of frag=2 | num of dup=0 | 1332 ----------------+--------------- 1333 |frag #1 strt=2 |frag #1 end=3 | 1334 ----------------+--------------- 1335 |frag #2 strt=5 |frag #2 end=5 | 1336 -------------------------------- 1338 Stewart, et al [Page 24] 1339 3.3.4 Heartbeat Request (HEARTBEAT) (00000100): 1341 An endpoint should send this chunk to its peer endpoint of the current 1342 association to probe the reachability of a particular destination 1343 transport address defined in the present association. 1345 The parameter field contains the Heartbeat Information which is a 1346 variable length opaque data structure understood only by the sender. 1348 0 1 2 3 1349 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1350 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1351 |0 0 0 0 0 1 0 0| Chunk Flags | Heartbeat Length | 1352 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1353 \ \ 1354 / Heartbeat Information (Variable-Length) / 1355 \ \ 1356 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1358 Chunk Flags: 1360 Set to zero on transmit and ignored on receipt. 1362 Heartbeat Length: 1364 Set to the size of the chunk in octets, including the chunk header 1365 and the Heartbeat Information field. 1367 Heartbeat Information: 1369 defined as a variable-length parameter using the format described in 1370 Section 3.2.1, i.e.: 1372 0 1 2 3 1373 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1374 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1375 | Heartbeat Info Type=1 | HB Info Length | 1376 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1377 / Sender-specific Heartbeat Info / 1378 \ \ 1379 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1381 The Sender-specific Heartbeat Info field should normally include 1382 information about the sender's current time when this HEARTBEAT 1383 message is sent and the destination transport address to which this 1384 HEARTBEAT is sent (see Section 8.3). 1386 Stewart, et al [Page 25] 1387 3.3.5 Heartbeat Acknowledgment (HEARTBEAT ACK) (00000101): 1389 An endpoint should send this chunk to its peer endpoint as a response 1390 to a Heartbeat Request (see Section 8.3). 1392 The parameter field contains a variable length opaque data structure. 1394 0 1 2 3 1395 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1396 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1397 |0 0 0 0 0 1 0 1| Chunk Flags | Heartbeat Ack Length | 1398 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1399 \ \ 1400 / Heartbeat Information (Variable-Length) / 1401 \ \ 1402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1404 Chunk Flags: 1406 Set to zero on transmit and ignored on receipt. 1408 Heartbeat Ack Length: 1410 Set to the size of the chunk in octets, including the chunk header 1411 and the Heartbeat Information field. 1413 Heartbeat Information: 1415 The values of this field SHALL be copied from the Heartbeat 1416 Information field found in the Heartbeat Request to which this 1417 Heartbeat Acknowledgment is responding. 1419 3.3.6 Abort Association (ABORT) (00000110): 1421 The ABORT chunk is sent to the peer of an association to terminate the 1422 association. The ABORT chunk may contain cause parameters to inform 1423 the receiver the reason of the abort. DATA chunks MUST not be bundled 1424 with ABORT. Control chunks MAY be bundled with an ABORT but they MUST 1425 be placed before the ABORT in the SCTP datagram, or they will be 1426 ignored by the receiver. 1428 If an endpoint receives an ABORT with a format error or for an 1429 association that doesn't exist, it MUST silently discard it. 1430 Moreover, under any circumstances, an endpoint that receives an ABORT 1431 MUST never respond to that ABORT by sending an ABORT of its own. 1433 0 1 2 3 1434 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1435 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1436 |0 0 0 0 0 1 1 0| Chunk Flags | Length | 1437 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1438 \ \ 1439 / zero or more Error Causes / 1440 \ \ 1441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1443 Stewart, et al [Page 26] 1444 Chunk Flags: 1446 Set to zero on transmit and ignored on receipt. 1448 Length: 1450 Set to the size of the chunk in octets, including the chunk header 1451 and all the Error Cause fields present. 1453 See Section 3.3.9 for Error Cause definitions. 1455 Note: Special rules apply to the Verification Tag field of SCTP 1456 datagrams which carry an ABORT, see Section 8.5.1 for details. 1458 3.3.7 SHUTDOWN (00000111): 1460 An endpoint in an association MUST use this chunk to initiate a 1461 graceful termination of the association with its peer. This chunk has 1462 the following format. 1464 0 1 2 3 1465 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1467 |0 0 0 0 0 1 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| 1468 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1469 | Cumulative TSN ACK | 1470 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1472 Chunk Flags: 1474 Set to zero on transmit and ignored on receipt. 1476 Cumulative TSN ACK: 32 bit u_int 1478 This parameter contains the TSN of the last chunk received in 1479 sequence before any gaps. 1481 Stewart, et al [Page 27] 1482 3.3.8 Shutdown Acknowledgment (SHUTDOWN ACK) (00001000): 1484 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 1485 chunk at the completion of the shutdown process, see Section 9.2 for 1486 details. 1488 The SHUTDOWN ACK chunk has no parameters. 1490 0 1 2 3 1491 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1492 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1493 |0 0 0 0 1 0 0 0|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| 1494 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1496 Chunk Flags: 1498 Set to zero on transmit and ignored on receipt. 1500 Note: if the endpoint that receives the SHUTDOWN message does not have 1501 a TCB or tag for the sender of the SHUTDOWN, the receiver MUST still 1502 respond. In such cases, the receiver MUST send back a stand-alone 1503 SHUTDOWN ACK chunk in an SCTP datagram with the Verification Tag field 1504 of the common header filled with all '0's. 1506 3.3.9 Operation Error (ERROR) (00001001): 1508 This chunk is sent to the other endpoint in the association to notify 1509 certain error conditions. It contains one or more error causes. It has 1510 the following parameters: 1512 0 1 2 3 1513 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1514 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1515 |0 0 0 0 1 0 0 1| Chunk Flags | Length | 1516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1517 \ \ 1518 / one or more Error Causes / 1519 \ \ 1520 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1522 Chunk Flags: 1524 Set to zero on transmit and ignored on receipt. 1526 Length: 1528 Set to the size of the chunk in octets, including the chunk header 1529 and all the Error Cause fields present. 1531 Error causes are defined as variable-length parameters using the 1532 format described in 3.2.1, i.e.: 1534 Stewart, et al [Page 28] 1535 0 1 2 3 1536 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1537 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1538 | Cause Code | Cause Length | 1539 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1540 / Cause-specific Information / 1541 \ \ 1542 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1544 Cause Code: 16 bit u_int 1546 Defines the type of error conditions being reported. 1548 Cause Length: 16 bit u_int 1550 Set to the size of the parameter in octets, including the Cause Code, 1551 Cause Length, and Cause-Specific Information fields 1553 Cause-specific Information: variable length 1555 This field carries the details of the error condition. 1557 Currently SCTP defines the following error causes: 1559 Cause of error 1560 --------------- 1561 Invalid Stream Identifier: indicating receiving a DATA sent to a 1562 nonexistent stream. 1564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1565 | Cause Code=1 | Cause Length=8 | 1566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1567 | Stream Identifier | (Reserved) | 1568 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1570 Cause of error 1571 --------------- 1572 Missing Mandatory Parameter: indicating that mandatory one or more 1573 TLV parameters are missing in a received INIT or INIT ACK. 1575 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1576 | Cause Code=2 | Cause Length=8+N*2 | 1577 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1578 | Number of missing params=N | 1579 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1580 | Missing Param Type #1 | Missing Param Type #2 | 1581 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1582 | Missing Param Type #N-1 | Missing Param Type #N | 1583 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1585 Each missing mandatory parameter type should be specified. 1587 Stewart, et al [Page 29] 1588 Cause of error 1589 -------------- 1590 Stale Cookie Error: indicating the receiving of a valid cookie 1591 which is however expired. 1593 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1594 | Cause Code=3 | Cause Length=8 | 1595 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1596 | Measure of Staleness (usec.) | 1597 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1599 The sender of this error cause MAY choose to report how long past 1600 expiration the cookie is, by putting in the Measure of Staleness 1601 field the difference, in microseconds, between the current time and 1602 the time the cookie expired. If the sender does not wish to provide 1603 this information it should set Measure of staleness to 0. 1605 Cause of error 1606 --------------- 1607 Out of Resource: indicating that the sender is out of resource. This 1608 is usually sent in combination with or within an ABORT. 1610 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1611 | Cause Code=4 | Cause Length=4 | 1612 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1614 Cause of error 1615 --------------- 1616 Unresolvable Address: indicating that the sender is not able to 1617 resolve the specified address parameter (e.g., type of address is 1618 not supported by the sender). This is sent within an ABORT. 1620 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1621 | Cause Code=5 | Cause Length | 1622 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1623 / The Unresolvable Address / 1624 \ \ 1625 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1627 The parameter field contains the complete TLV of the unresolvable 1628 address. 1630 Cause of error 1631 --------------- 1632 Unrecognized Parameters: This error cause is returned to the 1633 originator of the INIT ACK message if the receiver does not 1634 recognize one or more Optional TLV parameters in the INIT ACK chunk. 1636 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1637 | Cause Code=8 | Cause Length | 1638 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1639 / The Unrecognized Parameters / 1640 \ \ 1641 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1643 The error field will contain the unrecognized parameters copied 1644 from the INIT ACK message complete with TLV. This error is normally 1645 bundled with the Cookie chunk when responding to the INIT ACK, when 1646 the sender of the Cookie wishes to report unrecognized parameters. 1648 Guidelines for IETF-defined Error Cause extensions are discussed in 1649 Section 13.3 of this document. 1651 3.3.10 State Cookie (COOKIE) (00001010): 1653 This chunk is used only during the initialization of an association. 1654 It is sent by the initiator of an association to its peer to complete 1655 the initialization process. This chunk MUST precede any chunk 1656 sent within the association, but MAY be bundled with one or more DATA 1657 chunks in the same datagram. 1659 0 1 2 3 1660 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1661 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1662 |0 0 0 0 1 0 1 0|Chunk Flags | Length | 1663 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1664 | Cookie | 1665 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1667 Chunk Flags: 8 bit 1669 Set to zero on transmit and ignored on receipt. 1671 Length: 16 bit u_int 1673 Set to the size of the chunk in octets, including the 4 octets of 1674 the chunk header and the size of the Cookie. 1676 Stewart, et al [Page 30] 1677 Cookie: variable size 1679 This field must contain the exact cookie received in the 1680 State Cookie parameter from a previous INIT ACK. 1682 3.3.11 Cookie Acknowledgment (COOKIE ACK) (00001011): 1684 This chunk is used only during the initialization of an association. 1685 It is used to acknowledge the receipt of a COOKIE chunk. This chunk 1686 MUST precede any chunk sent within the association, but MAY be 1687 bundled with one or more DATA chunks in the same SCTP datagram. 1689 0 1 2 3 1690 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1691 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1692 |0 0 0 0 1 0 1 1|Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| 1693 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1695 Chunk Flags: 1697 Set to zero on transmit and ignored on receipt. 1699 3.3.12 Payload Data (DATA) (00000000): 1701 The following format MUST be used for the DATA chunk: 1703 0 1 2 3 1704 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1705 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1706 |0 0 0 0 0 0 0 0| Reserved|U|B|E| Length | 1707 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1708 | TSN | 1709 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1710 | Stream Identifier S | Stream Sequence Number n | 1711 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1712 | Payload Protocol Identifier | 1713 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1714 \ \ 1715 / User Data (seq n of Stream S) / 1716 \ \ 1717 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1719 Reserved: 5 bits 1720 should be set to all '0's and ignored by the receiver. 1722 U bit: 1 bit 1723 The (U)nordered bit, if set, indicates that this is an unordered 1724 data chunk, and there is NO Stream Sequence Number assigned to this 1725 DATA chunk. Therefore, the receiver MUST ignore the Stream Sequence 1726 Number field. 1728 Stewart, et al [Page 31] 1729 After re-assembly (if necessary), unordered data chunks MUST be 1730 dispatched to the upper layer by the receiver without any attempt of 1731 re-ordering. 1733 Note, if an unordered user message is segmented, each segment of the 1734 message MUST have its U bit set to 1. 1736 B bit: 1 bit 1738 The (B)eginning segment bit, if set, indicates the first segment of 1739 a user message. 1741 E bit: 1 bit 1742 The (E)nding segment bit, if set, indicates the last segment of a 1743 user message. 1745 A non-segmented user message shall have both the B and E bits set 1746 to 1. Setting both B and E bits to 0 indicates a middle segment of a 1747 multi-segment user message, as summarized in the following table: 1749 B E Description 1750 ============================================================ 1751 | 1 0 | First piece of a segmented user message | 1752 +----------------------------------------------------------+ 1753 | 0 0 | Middle piece of a segmented user message | 1754 +----------------------------------------------------------+ 1755 | 0 1 | Last piece of a segmented user message | 1756 +----------------------------------------------------------+ 1757 | 1 1 | Un-segmented Message | 1758 ============================================================ 1760 Length: 16 bits (16 bit u_int) 1762 This field indicates the length of the DATA chunk in octets. It 1763 includes the Type field, the Reserved field, the U and B/E bits, the 1764 Length field, TSN, the Stream Identifier, the Stream Sequence 1765 Number, and the User Data fields. It does not include any padding. 1767 TSN : 32 bits (32 bit u_int) 1769 This value represents the TSN for this DATA chunk. The valid range 1770 of TSN is from 0x0 to 0xffffffff. 1772 Stream Identifier S: 16 bit u_int 1774 Identifies the stream to which the following user data belongs. 1776 Stream Sequence Number n: 16 bit u_int 1778 This value presents the stream sequence number of the following user 1779 data within the stream S. Valid range is 0x0 to 0xFFFF. 1781 Note, when a user message is segmented by SCTP for transport, the 1782 same stream sequence number MUST be carried in each of the segments of 1783 the message. 1785 Stewart, et al [Page 32] 1786 Payload Protocol Identifier: 32 bits (32 bit u_int) 1788 This value represents an application (or upper layer) specified 1789 protocol identifier. This value is passed to SCTP by its upper layer 1790 and sent to its peer. This identifier is not used by SCTP but may be 1791 used by certain network entities as well as the peer application to 1792 identify the type of information being carried in this DATA chunk. 1794 The value 0x0 indicates no application identifier is specified by 1795 the upper layer for this payload data. 1797 User Data: variable length 1799 This is the payload user data. The implementation MUST pad the end 1800 of the data to a 32 bit boundary with 0 octets. Any padding MUST 1801 NOT be included in the length field. 1803 3.4 Vendor-Specific Chunk Extensions 1805 This Chunk type is available to allow vendors to support their own 1806 extended data formats not defined by the IETF. It MUST not affect the 1807 operation of SCTP. In particular, when adding a Vendor Specific chunk 1808 type, the vendor defined chunks MUST obey the congestion avoidance 1809 rules defined in this document if they carry user data. User data is 1810 defined as any data transported over the association that is delivered 1811 to the upper layer of the receiver. 1813 Endpoints not equipped to interpret the vendor-specific chunk sent by 1814 a remote endpoint MUST ignore it. Endpoints that do not receive 1815 desired vendor specific information SHOULD make an attempt to operate 1816 without it, although they may do so (and report they are doing so) in 1817 a degraded mode. 1819 A summary of the Vendor-Specific Chunk format is shown below. The 1820 fields are transmitted from left to right. 1822 0 1 2 3 1823 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1824 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1825 | Type | Flags | Length | 1826 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1827 | Vendor-Id | 1828 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1829 \ \ 1830 / Value / 1831 \ \ 1832 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1834 Type: 8 bit u_int 1836 0xFE for all Vendor-Specific chunks. 1838 Stewart, et al [Page 33] 1839 Flags: 8 bit u_int 1841 Vendor specific flags. 1843 Length: 16 bit u_int 1845 Size of this Vendor-Specific chunks in octets, including the Type, 1846 Flags, Length, Vendor-Id, and Value fields. 1848 Vendor-Id: 32 bit u_int 1850 The high-order octet is 0 and the low-order 3 octets are the SMI 1851 Network Management Private Enterprise Code of the Vendor in 1852 network byte order, as defined in the Assigned Numbers (RFC 1700). 1854 Value: Variable length 1856 The Value field is one or more octets. The actual format of the 1857 information is site or application specific, and a robust 1858 implementation SHOULD support the field as undistinguished 1859 octets. 1861 The codification of the range of allowed usage of this field is 1862 outside the scope of this specification. 1864 4. SCTP Association State Diagram 1866 During the lifetime of an SCTP association, the SCTP endpoints 1867 progress from one state to another in response to various events. The 1868 events that may potentially advance an endpoint's state include: 1870 o SCTP user primitive calls, e.g., [ASSOCIATE], [TERMINATE], [ABORT], 1872 o reception of INIT, COOKIE, ABORT, SHUTDOWN, etc. control 1873 chunks, or 1875 o some timeout events. 1877 The state diagram in the figures below illustrates state changes, 1878 together with the causing events and resulting actions. Note that some 1879 of the error conditions are not shown in the state diagram. Full 1880 description of all special cases should be found in the text. 1882 Note, chunk names are given in all capital letters, while parameter 1883 names have the first letter capitalized, e.g., COOKIE chunk type vs. 1884 Cookie parameter. 1886 Stewart, et al [Page 34] 1887 ----- -------- (frm any state) 1888 / \ / rcv ABORT [ABORT] 1889 rcv INIT | | | ---------- or ---------- 1890 --------------- | v v delete TCB snd ABORT 1891 generate Cookie \ +---------+ delete TCB 1892 snd INIT.ACK ---| CLOSED | 1893 +---------+ 1894 / \ [ASSOCIATE] 1895 / \ --------------- 1896 | | create TCB 1897 | | snd INIT 1898 | | strt init timer 1899 rcv valid COOKIE | v 1900 (1) ---------------- | +------------+ 1901 create TCB | | COOKIE_WAIT| (2) 1902 snd COOKIE.ACK | +------------+ 1903 | | 1904 | | rcv INIT.ACK 1905 | | ----------------- 1906 | | snd COOKIE 1907 | | stop init timer 1908 | | strt cookie timer 1909 | v 1910 | +------------+ 1911 | | COOKIE_SENT| (3) 1912 | +------------+ 1913 | | 1914 | | rcv COOKIE.ACK 1915 | | ----------------- 1916 | | stop cookie timer 1917 v v 1918 +---------------+ 1919 | ESTABLISHED | 1920 +---------------+ 1922 (from the ESTABLISHED state only) 1923 | 1924 | 1925 /--------+--------\ 1926 [TERMINATE] / \ 1927 ----------------- | | 1928 check outstanding | | 1929 data chunks | | 1930 v | 1931 +---------+ | 1932 |SHUTDOWN | | rcv SHUTDOWN 1933 |PENDING | | ---------------- 1934 +---------+ | x 1935 | | 1936 No more outstanding | | 1937 ------------------- | | 1938 snd SHUTDOWN | | 1939 strt shutdown timer | | 1940 v v 1942 Stewart, et al [Page 35] 1943 +---------+ +-----------+ 1944 (4) |SHUTDOWN | | SHUTDOWN | (5) 1945 |SENT | | RECEIVED | 1946 +---------+ +-----------+ 1947 | | 1948 rcv SHUTDOWN.ACK | | x 1949 ------------------- | |----------------- 1950 stop shutdown timer | | retransmit missing DATA 1951 delete TCB | | send SHUTDOWN.ACK 1952 | | delete TCB 1953 | | 1954 \ +---------+ / 1955 \-->| CLOSED |<--/ 1956 +---------+ 1958 Note: 1960 (1) If the received COOKIE is invalid (i.e., failed to pass the 1961 authentication check), the receiver MUST silently discard the 1962 datagram. Or, if the received COOKIE is expired (see Section 1963 5.1.5), the receiver SHALL send back an ERROR chunk. In either 1964 case, the receiver stays in the CLOSED state. 1966 (2) If the init timer expires, the endpoint SHALL retransmit INIT 1967 and re-start the init timer without changing state. This SHALL be 1968 repeated up to 'Max.Init.Retransmits' times. After that, the 1969 endpoint SHALL abort the initialization process and report the 1970 error to SCTP user. 1972 (3) If the T1-cookie timer expires, the endpoint SHALL retransmit 1973 COOKIE and re-start the T1-cookie timer without changing 1974 state. This SHALL be repeated up to 'Max.Init.Retransmits' 1975 times. After that, the endpoint SHALL abort the initialization 1976 process and report the error to SCTP user. 1978 (4) In SHUTDOWN-SENT state the endpoint SHALL acknowledge any received 1979 DATA chunks without delay 1981 (5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new 1982 send request from its SCTP user. 1984 5. Association Initialization 1986 Before the first data transmission can take place from one SCTP 1987 endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must 1988 complete an initialization process in order to set up an SCTP 1989 association between them. 1991 The SCTP user at an endpoint should use the ASSOCIATE primitive to 1992 initialize an SCTP association to another SCTP endpoint. 1994 Stewart, et al [Page 36] 1995 IMPLEMENTATION NOTE: From an SCTP-user's point of view, an 1996 association may be implicitly opened, without an ASSOCIATE primitive 1997 (see 10.1 B) being invoked, by the initiating endpoint's sending of 1998 the first user data to the destination endpoint. The initiating SCTP 1999 will assume default values for all mandatory and optional parameters 2000 for the INIT/INIT ACK. 2002 Once the association is established, unidirectional streams will be 2003 open for data transfer on both ends (see Section 5.1.1). 2005 5.1 Normal Establishment of an Association 2007 The initialization process consists of the following steps (assuming 2008 that SCTP endpoint "A" tries to set up an association with SCTP 2009 endpoint "Z" and "Z" accepts the new association): 2011 A) "A" shall first send an INIT message to "Z". In the INIT, "A" must 2012 provide its security tag "Tag_A" in the Initiate Tag field. Tag_A 2013 SHOULD be a random number in the range of 0x1 to 0xffffffff (see 2014 5.3.1 for Tag value selection). After sending the INIT, "A" starts 2015 the T1-init timer and enters the COOKIE-WAIT state. 2017 B) "Z" shall respond immediately with an INIT ACK message. In the 2018 message, besides filling in other parameters, "Z" must set the 2019 Verification Tag field to Tag_A, and also provide its own security 2020 tag "Tag_Z" in the Initiate Tag field. 2022 Moreover, "Z" MUST generate and send along with the INIT ACK an 2023 State Cookie. See Section 5.1.3 for State Cookie generation. 2025 Note: after sending out INIT ACK with the cookie, "Z" MUST not 2026 allocate any resources, nor keep any states for the new 2027 association. Otherwise, "Z" will be vulnerable to resource attacks. 2029 C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init 2030 timer and leave COOKIE-WAIT state. "A" shall then send the cookie 2031 received in the INIT ACK message in a cookie chunk, start the 2032 T1-cookie timer, and enter the COOKIE-SENT state. 2034 Note, the cookie chunk can be bundled with any pending outbound 2035 DATA chunks, but it MUST be the first chunk in the datagram AND 2036 until the COOKIE ACK is returned the sender MUST NOT send any 2037 other datagrams to the peer. 2039 D) Upon reception of the COOKIE chunk, Endpoint "Z" will reply with 2040 a COOKIE ACK chunk after building a TCB and marking itself to 2041 the ESTABLISHED state. A COOKIE ACK chunk may be combined with 2042 any pending DATA chunks (and/or SACK chunks), but the COOKIE ACK 2043 chunk MUST be the first chunk in the datagram. 2045 IMPLEMENTATION NOTE: an implementation may choose to send the 2046 Communication Up notification to the SCTP user upon reception 2047 of a valid COOKIE. 2049 Stewart, et al [Page 37] 2050 E) Upon reception of the COOKIE ACK, endpoint "A" will move from the 2051 COOKIE-SENT state to the ESTABLISHED state, stopping the T1-cookie 2052 timer, and it may also notify its ULP about the successful 2053 establishment of the associate with a Communication Up notification 2054 (see Section 10). 2056 Note: A DATA chunk MUST NOT be carried in the INIT or INIT ACK message. 2058 Note: T1-init timer and T1-cookie timer shall follow the same rules 2059 given in Section 6.3. 2061 Note: if an endpoint receives an INIT, INIT ACK, or COOKIE chunk but 2062 decides not to establish the new association due to missing mandatory 2063 parameters in the received INIT or INIT ACK, invalid parameter values, 2064 or, lack of local resources, it SHALL respond with an ABORT chunk. It 2065 SHOULD also specify the cause of abort, such as the type of the 2066 missing mandatory parameters, etc., by either including cause 2067 parameters or bundling with the ABORT one or more Operational ERROR 2068 chunks. The Verification Tag field in the common header of the 2069 outbound abort datagram MUST be set to equal the Initiate Tag value of 2070 the peer. 2072 Note: After the reception of the first data chunk in an association 2073 the receiver MUST immediately respond with a SACK to acknowledge 2074 the data chunk, subsequent acknowledgments should be done as 2075 described in section 6.2. 2077 Note: When an SCTP endpoint sends an INIT or INIT ACK it SHOULD 2078 include all of its transport addresses in the parameter section. This 2079 is because it may NOT be possible to control the "sending" address 2080 that a receiver of an SCTP datagram sees. A receiver thus MUST know 2081 every address that may be a source address for a peer SCTP endpoint, 2082 this assures that the inbound SCTP datagram can be matched to the 2083 proper association. 2085 Note: At the time when the TCB is created, either end MUST set its 2086 internal cumulative TSN acknowledgment point to its peer's Initial TSN 2087 minus one. 2089 IMPLEMENTATION Note: The IP address and SCTP port(s) are generally 2090 used as the key to find the TCB within an SCTP instance. 2092 5.1.1 Handle Stream Parameters 2094 In the INIT and INIT ACK messages, the sender of the message shall 2095 indicate the number of outbound streams (OS) it wishes to have in the 2096 association, as well as the maximal inbound streams (MIS) it will 2097 accept from the other endpoint. 2099 After receiving these stream configuration information from the other 2100 side, each endpoint shall perform the following check: if the peer's 2101 MIS is less than the endpoint's OS, meaning that the peer is incapable 2102 of supporting all the outbound streams the endpoint wants to 2103 configure, the endpoint MUST either settle with MIS outbound streams, 2104 or abort the association and report to its upper layer the resources 2105 shortage at its peer. 2107 Stewart, et al [Page 38] 2108 After the association is initialized, the valid outbound stream 2109 identifier range for either endpoint shall be 0 to 2110 min(local OS, remote MIS)-1. 2112 5.1.2 Handle Address Parameters 2114 During the association initialization, an endpoint shall use the 2115 following rules to discover and collect the destination transport 2116 address(es) of its peer. 2118 A) If there are no address parameters present in the received INIT 2119 or INIT ACK message, the receiver shall take the source IP address 2120 from which the message arrives and record it, in combination with 2121 the SCTP source port number, as the only destination transport 2122 address for this peer. 2124 B) If there is a Host Name parameter present in the received INIT or 2125 INIT ACK message, the receiver shall resolve that host name to a 2126 list of IP address(es) and derive the transport address(es) of this 2127 peer by combining the resolved IP address(es) with the SCTP source 2128 port. 2130 Note: the receiver MUST ignore any other IP address parameters if 2131 they are also present in the received INIT or INIT ACK message. 2133 Note: when the receiver of an INIT resolves the host name may have 2134 potential security implications to SCTP. If the receiver of an INIT 2135 resolves the host name upon the reception of the message, and the 2136 mechanism the receiver uses to resolve the host name involves 2137 potential long delay (e.g. DNS query), the receiver may open itself 2138 up to resource attacks for the period of time while it is waiting for 2139 the name resolution results before it can build the cookie and 2140 release local resource. 2142 Therefore, in cases where the name translation involves potential 2143 long delay, the receiver of the INIT SHOULD postpone the name 2144 resolution till the reception of the COOKIE message from the 2145 peer. In such a case, the receiver of the INIT SHOULD build the 2146 cookie using the received Host Name (instead of destination 2147 transport addresses) and send the INIT ACK to the source IP 2148 address from where the INIT is received. 2150 The receiver of an INIT ACK shall always immediately attempt to 2151 resolve the name upon the reception of the message. 2153 The receiver of the INIT or INIT ACK MUST NOT send user data 2154 (piggy-backed or stand-alone) to its peer until the host name is 2155 successfully resolved. 2157 If the name resolution is not successful, the endpoint SHALL 2158 immediately send an ABORT with Unresolvable Address error to its 2159 peer. The ABORT shall be sent to the source IP address from where 2160 the last peer message was received. 2162 C) If there are only IPv4/IPv6 addresses present in the received 2163 INIT or INIT ACK message, the receiver shall derive and record all 2164 the transport address(es) from the received message. The transport 2165 address(es) are derived by the combination of SCTP source port (from 2166 the common header) and the IP address parameter(s) carried in the 2167 INIT or INIT ACK message. The receiver should use only these 2168 transport addresses as destination transport addresses when sending 2169 subsequent datagrams to its peer. 2171 After all transport addresses are derived from the INIT or INIT ACK 2172 message using above rules, the endpoint shall select one of the 2173 transport addresses as the initial primary destination transport 2174 address. 2176 Note: the sender of INIT may include a 'Supported Address Types' 2177 parameter in the INIT to indicate what types of address are 2178 acceptable. When this parameter is present, the receiver of INIT 2179 (initiatee) SHALL either use one of the address types indicated in the 2180 'Supported Address Types' parameter when responding to the INIT, or 2181 abort the association with an Unresolvable Address error if it is 2182 unwilling or incapable of using any of the address types indicated by 2183 its peer. 2185 IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK 2186 fails to resolve the address parameter due to an unsupported type, 2187 it can abort the initiation process and then attempt a re-initiation 2188 by using a 'Supported Address Types' parameter in the new INIT to 2189 indicate what types of address it prefers. 2191 5.1.3 Generating State Cookie 2193 When sending an INIT ACK as a response to an INIT message, the sender 2194 of INIT ACK should create an State Cookie and send it as part of the 2195 INIT ACK. Inside this State Cookie, the sender should include a ICV 2196 security signature or MAC (message Authentication code) [4], a time 2197 stamp on when the cookie is created, and the lifespan of the cookie, 2198 along with all the information necessary for it to establish the 2199 association. 2201 The following steps SHOULD be taken to generate the cookie: 2203 1) create an association TCB using information from both the received 2204 INIT and the outgoing INIT ACK messages, 2206 2) in the TCB, set the creation time to the current time of day, and 2207 the lifespan to the protocol parameter 'Valid.Cookie.Life', 2209 3) Generate a MAC signature using the TCB and a Private Key (see [4] for 2210 details on generating the MAC), and 2212 Stewart, et al [Page 39] 2213 4) generate the State Cookie by combining the TCB and the 2214 resultant ICV signature. 2216 After sending the INIT ACK with the cookie, the sender SHOULD delete 2217 the TCB and any other local resource related to the new association, 2218 so as to prevent resource attacks. 2220 The ICV and hashing method used to generate the MAC is strictly a 2221 private matter for the receiver of the INIT message. The use of a MAC 2222 is mandatory to prevent denial of service attacks. The Private Key 2223 MUST be random per RFC1750 [1]; it SHOULD be changed reasonably 2224 frequently, and the timestamp in the cookie MAY be used to determine 2225 which key should be used to verify the MAC. 2227 5.1.4 Cookie Processing 2229 When an endpoint receives an INIT ACK chunk with a State Cookie 2230 parameter, it MUST immediately send a COOKIE chunk to its peer with 2231 the received cookie. The sender MAY also add any pending DATA chunks 2232 to the message. 2234 The sender shall also start the T1-cookie timer after sending out 2235 the COOKIE chunk. If the timer expires, the sender shall retransmit 2236 the COOKIE chunk and restart the T1-cookie timer. This is repeated until 2237 either a COOKIE ACK is received or 'Max.Init.Retransmits' is reached 2238 causing the endpoint to be marked unreachable (and thus the association 2239 enters the CLOSED state). 2241 5.1.5 Cookie Authentication 2243 When an endpoint receives a COOKIE chunk from another endpoint with 2244 which it has no association, it shall take the following actions: 2246 1) compute a MAC signature using the TCB data carried in the cookie 2247 and the Private Key (note the timestamp in the cookie MAY be 2248 used to determine which Private Key to use) reference [4] SHOULD 2249 be used has a guideline for generating the MAC, 2251 2) authenticate the cookie as one that it previously generated by 2252 comparing the computed MAC signature against the one carried in the 2253 cookie. If this comparison fails, the datagram, including the 2254 COOKIE and the attached user data, should be silently discarded, 2256 3) compare the creation time stamp in the cookie to the current local 2257 time, if the elapsed time is longer than the lifespan carried in 2258 the cookie, then the datagram, including the COOKIE and the 2259 attached user data, SHOULD be discarded and the endpoint MUST 2260 transmit a stale cookie operational error to the sending endpoint, 2262 4) if the cookie is valid, create an association to the sender of the 2263 COOKIE message with the information in the TCB data carried in the 2264 COOKIE, and enter the ESTABLISHED state, 2266 5) immediately acknowledge any DATA chunk in the datagram with a SACK 2267 (subsequent datagram acknowledgment should follow the rules defined 2268 in Section 6.2), and, 2270 Stewart, et al [Page 40] 2271 6) send a COOKIE ACK chunk to the sender acknowledging reception of 2272 the cookie. The COOKIE ACK MAY be piggy-backed with any outbound 2273 DATA chunk or SACK chunk. 2275 Note that if a COOKIE is received from an endpoint with which the 2276 receiver of the COOKIE has an existing association, the procedures in 2277 section 5.2 should be followed. 2279 5.1.6 An Example of Normal Association Establishment 2281 In the following example, "A" initiates the association and then sends 2282 a user message to "Z", then "Z" sends two user messages to "A" later 2283 (assuming no bundling or segmentation occurs): 2285 Endpoint A Endpoint Z 2287 {app sets association with Z} 2288 (build TCB) 2289 INIT [INIT Tag=Tag_A 2290 & other info] --------\ 2291 (Start T1-init timer) \ 2292 (Enter COOKIE-WAIT state) \---> (compose temp TCB and Cookie_Z) 2294 /--- INIT ACK [Veri Tag=Tag_A, 2295 / INIT Tag=Tag_Z, 2296 (Cancel T1-init timer) <------/ Cookie_Z, & other info] 2297 (destroy temp TCB) 2298 COOKIE [Cookie_Z] -----------\ 2299 (Start T1-init timer) \ 2300 (Enter COOKIE-SENT state) \---> (build TCB enter ESTABLISHED state) 2302 /---- COOKIE-ACK 2303 / 2304 (Cancel T1-init timer, <-----/ 2305 Enter established state) 2306 ... 2307 {app sends 1st user data; strm 0} 2308 DATA [TSN=initial TSN_A 2309 Strm=0,Seq=1 & user data]--\ 2310 (Start T3-rxt timer) \ 2311 \-> 2313 /----- SACK [TSN ACK=init TSN_A,Frag=0] 2314 (Cancel T3-rxt timer) <------/ 2315 ... 2317 Stewart, et al [Page 41] 2318 ... 2319 {app sends 2 datagrams;strm 0} 2320 /---- DATA 2321 / [TSN=init TSN_Z 2322 <--/ Strm=0,Seq=1 & user data 1] 2323 SACK [TSN ACK=init TSN_Z, /---- DATA 2324 Frag=0] --------\ / [TSN=init TSN_Z +1, 2325 \/ Strm=0,Seq=2 & user data 2] 2326 <------/\ 2327 \ 2328 \------> 2330 Note that If T1-init timer expires at "A" after the INIT or COOKIE 2331 chunks are sent, the same INIT or cookie chunk with the same Initiate 2332 Tag (i.e., Tag_A) or cookie shall be retransmitted and the timer 2333 restarted. This shall be repeated Max.Init.Retransmits times before "A" 2334 considers "Z" unreachable and reports the failure to its upper layer 2335 (and thus the association enters the CLOSED state). When 2336 retransmitting the INIT, the endpoint SHALL following the rules 2337 defined in 6.3 to determine the proper timer value. 2339 5.2 Handle Duplicate INIT, INIT ACK, COOKIE, and COOKIE ACK 2341 During the life time of an association (in one of the possible 2342 states), an endpoint may receive from its peer endpoint one of the 2343 setup chunks (INIT, INIT ACK, COOKIE, and COOKIE ACK). The receiver 2344 shall treat such a setup chuck as a duplicate and process it as 2345 described in this section. 2347 The following scenarios can cause duplicated chunks: 2349 A) The peer has crashed without being detected, and re-started itself 2350 and sent out a new INIT Chunk trying to restore the association, 2352 B) Both sides are trying to initialize the association at about the 2353 same time, 2355 C) The chunk is from a staled datagram that was used to establish 2356 the present association or a past association which is no longer in 2357 existence, 2359 D) The chunk is a false message generated by an attacker, or 2361 E) The peer never received the COOKIE ACK and is retransmitting its 2362 COOKIE. 2364 In case A), the endpoint shall reset the present association and set a 2365 new association with its peer. Case B) is unique and is discussed in 2366 Section 5.2.1. However, in cases C), D) and E), the endpoint must retain 2367 the present association. 2369 The rules in the following sections shall be applied in order to 2370 identify and correctly handle these cases. 2372 Stewart, et al [Page 42] 2373 5.2.1 Handle Duplicate INIT in COOKIE-WAIT or COOKIE-SENT State 2375 This usually indicates an initialization collision, i.e., both 2376 endpoints are attempting at about the same time to establish an 2377 association with the other endpoint. 2379 In such a case, each of the two side shall respond to the other side 2380 with an INIT ACK, with the Verification Tag field of the common header 2381 set to the tag value received from the INIT message, and the Initiate 2382 Tag field set to its own tag value (the same tag used in the INIT 2383 message sent out by itself). Each responder shall also generate a 2384 cookie with the INIT ACK. 2386 After that, no other actions shall be taken by either side, i.e., the 2387 endpoint shall not change its state, and the T1-init timer shall be 2388 left running. The normal procedures for handling cookies will 2389 resolve the duplicate INITs to a single association. 2391 5.2.2 Handle Duplicate INIT in Other States 2393 Upon reception of the duplicated INIT, the receiver shall generate an 2394 INIT ACK with an State Cookie. 2396 In the outbound INIT ACK, the endpoint shall set the Verification Tag 2397 field in the common header to the peer's new tag value (from the 2398 duplicated INIT message), and the Initiate Tag field to its own tag 2399 value (unchanged from the existing association). The included 2400 State Cookie shall be generated using the current time and a 2401 temporary TCB constructed with the information provided in the 2402 duplicated INIT message (see Section 5.1.3). This temporary TCB MUST 2403 be destroyed after the outbound INIT ACK is built. 2405 After sending out the INIT ACK, the endpoint shall take no further 2406 actions, i.e., the existing association, including its current state, 2407 and the corresponding TCB MUST not be changed. 2409 5.2.3 Handle Duplicate INIT ACK 2411 If an INIT ACK is received by an endpoint in any state 2412 other than the COOKIE-WAIT state, the endpoint should discard 2413 the INIT ACK message. A duplicate INIT ACK usually indicates the 2414 processing of an old INIT or duplicated INIT message. 2416 5.2.4 Handle Duplicate Cookie 2418 When a duplicated COOKIE chunk is received in any state for an 2419 existing association the following rules shall be applied: 2421 1) compute a MAC signature using the TCB data carried in the cookie 2422 along with the receiver's private security key, 2424 Stewart, et al [Page 43] 2425 2) authenticate the cookie by comparing the computed MAC signature 2426 against the one carried in the cookie. If this comparison fails, 2427 the datagram, including the COOKIE and the attached user data, 2428 should be silently discarded (this is case C or D above). 2430 3) compare the timestamp in the cookie to the current time, if 2431 the cookie is older than the lifespan carried in the cookie, 2432 the datagram, including the COOKIE and the attached user data, 2433 should be discarded and the endpoint MUST transmit a stale cookie 2434 error to the sending endpoint only if the Verification tags of the 2435 cookie's TCB does NOT match the current tag values in the association 2436 (this is case C or D above). If both Verification tags do match 2437 consider the cookie valid (this is case E). 2439 4) If the cookie proves to be valid, unpack the TCB into a 2440 temporary TCB. 2442 5) If the Verification Tags in the Temporary TCB matches the 2443 Verification Tags in the existing TCB, the cookie is a 2444 duplicate cookie. A cookie ack should be sent to the peer 2445 endpoint but NO update should be made to the existing 2446 TCB. 2448 6) If the the local Verification Tag in the temporary TCB 2449 does not match the local Verification Tag in the existing 2450 TCB, then the cookie is an old stale cookie and does 2451 not correspond to the existing association (case C above). 2452 The datagram should be silently discarded. 2454 7) If the peer's Verification Tag in the temporary TCB does not 2455 match the peer's Verification Tag in the existing TCB, 2456 then a restart of the peer has occurred (case A above). 2457 In such a case, the endpoint should report the restart to its ULP 2458 and respond the peer with a COOKIE ACK message. It shall also 2459 update the Verification Tag, initial TSN, and the destination 2460 address list of the existing TCB with the information from the 2461 temporary TCB. After that the temporary TCB can be discarded. 2463 Furthermore, all the congestion control parameters (e.g., cwnd, 2464 ssthresh) related to this peer shall be reset to their initial 2465 values (see Section 6.2.1). 2467 IMPLEMENTATION NOTE: It is an implementation decision on how 2468 to handle any pending datagrams. The implementation may elect 2469 to either A) send all messages back to its upper layer with the 2470 restart report, or B) automatically re-queue any datagrams 2471 pending by marking all of them as never-sent and assigning 2472 new TSN's at the time of their initial transmissions based upon 2473 the updated starting TSN (as defined in section 5). 2475 Note: The "peer's Verification Tag" is the tag received in the INIT 2476 or INIT ACK chunk. 2478 Stewart, et al [Page 44] 2479 5.2.5 Handle Duplicate COOKIE-ACK. 2481 At any state other than COOKIE-SENT, an endpoint may receive a 2482 duplicated COOKIE ACK chunk. If so, the chunk should be silently 2483 discarded. 2485 5.2.6 Handle Stale COOKIE Error 2487 A stale cookie error indicates one of a number of possible events: 2489 A) that the association failed to completely setup before the 2490 cookie issued by the sender was processed. 2492 B) an old cookie was processed after setup completed. 2494 C) an old cookie is received from someone that the receiver is 2495 not interested in having an association with and the ABORT 2496 message was lost. 2498 When processing a stale cookie an endpoint should first examine 2499 if an association is in the process of being setup, i.e. the 2500 association is in the COOKIE-SENT state. In all cases if 2501 the association is NOT in the COOKIE-SENT state, the stale 2502 cookie message should be silently discarded. 2504 If the association is in the COOKIE-SENT state, the endpoint may elect 2505 one of the following three alternatives. 2507 1) Send a new INIT message to the endpoint, to generate a new cookie 2508 and re-attempt the setup procedure. 2510 2) Discard the TCB and report to the upper layer the inability of 2511 setting-up the association. 2513 3) Send a new INIT message to the endpoint, adding a cookie 2514 preservative parameter requesting an extension on the life time of 2515 the cookie. When calculating the time extension, an implementation 2516 SHOULD use the RTT information measured based on the previous 2517 COOKIE / Stale COOKIE message exchange, and should add no more 2518 than 1 second beyond the measured RTT, due to a long cookie life 2519 time makes the endpoint more subject to a replay attack. 2521 5.3 Other Initialization Issues 2523 5.3.1 Selection of Tag Value 2525 Initiate Tag values should be selected from the range of 0x1 to 2526 0xffffffff. It is very important that the Tag value be randomized to 2527 help protect against "man in the middle" and "sequence number" attacks. 2528 It is suggested that RFC 1750 [1] be used for the Tag randomization. 2530 Stewart, et al [Page 45] 2531 Moreover, the tag value used by either endpoint in a given association 2532 MUST never be changed during the lifetime of the association. However, 2533 a new tag value MUST be used each time the endpoint tears-down and 2534 then re-establishes the association to the same peer. 2536 6. User Data Transfer 2538 For transmission efficiency, SCTP defines mechanisms for bundling of 2539 small user messages and segmentation of large user messages. 2540 The following diagram depicts the flow of user messages through SCTP. 2542 +--------------------------+ 2543 | User Messages | 2544 +--------------------------+ 2545 SCTP user ^ | 2546 ==================|==|======================================= 2547 | v (1) 2548 +------------------+ +--------------------+ 2549 | SCTP DATA Chunks | |SCTP Control Chunks | 2550 +------------------+ +--------------------+ 2551 ^ | ^ | 2552 | v (2) | v (2) 2553 +--------------------------+ 2554 | SCTP datagrams | 2555 +--------------------------+ 2556 SCTP ^ | 2557 ===========================|==|=========================== 2558 | v 2559 Unreliable Packet Transfer Service (e.g., IP) 2561 Note: 2562 (1) When converting user messages into Data chunks, SCTP sender 2563 will segment user messages larger than the current path MTU 2564 into multiple data chunks. The segmented message will normally 2565 be reassembled from data chunks before delivery to the user by 2566 the SCTP receiver (see Section 6.9 for details). 2568 (2) Multiple data and control chunks may be multiplexed by the 2569 sender into a single SCTP datagram for transmission, as long as 2570 the final size of the datagram does not exceed the current path 2571 MTU. The receiver will de-multiplex the datagram back into 2572 the original chunks. 2574 The segmentation and bundling mechanisms, as detailed in Sections 6.9 2575 and 6.10, are optional to implement by the data sender, but they MUST 2576 be implemented by the data receiver, i.e., an SCTP receiver MUST be 2577 prepared to receive and process bundled or segmented data. 2579 Stewart, et al [Page 46] 2580 6.1 Transmission of DATA Chunks 2582 The following general rules SHALL be applied by the sender for 2583 transmission and/or retransmission of outbound DATA chunks: 2585 A) At any given time, the sender MUST NOT transmit new data onto any 2586 destination transport address if its peer's rwnd indicates that the 2587 peer has no buffer space (i.e. rwnd is 0, see Section 6.2.1). 2589 However, regardless of the value of rwnd (including if it is 0), 2590 the sender can always have ONE data packet in flight to the 2591 receiver if allowed by cwnd (see rule B below). This rule 2592 allows the sender to probe for a change in rwnd that the sender 2593 missed due to the update having been lost in transmission from 2594 the receiver to the sender. 2596 B) At any given time, the sender MUST NOT transmit new data onto a 2597 given transport address if it has cwnd or more octets of data 2598 outstanding on that transport address. 2600 C) When the time comes for the sender to transmit, before sending 2601 new DATA chunks, the sender MUST first transmit any outstanding 2602 DATA chunks which are marked for retransmission (limited by the 2603 current cwnd). 2605 D) Then, the sender can send out as many new DATA chunks as Rule A and 2606 Rule B above allow. 2608 Note: multiple DATA chunks committed for transmission MAY be 2609 bundled in a single packet, unless bundling is explicitly disallowed 2610 by ULP of the data sender. Furthermore, DATA chunks being 2611 retransmitted MAY be bundled with new DATA chunks, as long as the 2612 resulting packet size does not exceed the path MTU. 2614 Note: before a sender transmits a data packet, if any received DATA 2615 chunks have not been acknowledged (e.g., due to delayed ack), the 2616 sender should create a SACK and bundle it with the outbound DATA 2617 chunk, as long as the size of the final SCTP datagram does not exceed 2618 the current MTU. See Section 6.2. 2620 IMPLEMENTATION Note: when the window is full (i.e., transmission is 2621 disallowed by Rule A and/or Rule B), the sender MAY still accept 2622 send requests from its upper layer, but SHALL transmit no more DATA 2623 chunks until some or all of the outstanding DATA chunks are 2624 acknowledged and transmission is allowed by Rule A and Rule B 2625 again. 2627 Whenever a transmission or retransmission is made to any address, if 2628 the T3-rxt timer of that address is not currently running, the sender 2629 MUST start that timer. However, if the timer of that address is 2630 already running, the sender SHALL restart the timer ONLY IF the 2631 earliest (i.e., lowest TSN) outstanding DATA chunk sent to that 2632 address is being retransmitted. 2634 Stewart, et al [Page 47] 2635 When starting or restarting the T3-rxt timer, the timer value must be 2636 adjusted according to the timer rules defined in Sections 6.3.2, 2637 and 6.3.3. 2639 Note: The sender SHOULD not use a TSN that is more than 2**31 - 1 2640 above the beginning TSN of the current send window. 2642 6.2 Acknowledgment on Reception of DATA Chunks 2644 The SCTP receiver MUST always acknowledge the SCTP sender about the 2645 reception of each DATA chunk. 2647 The guidelines on delayed acknowledgment algorithm specified in 2648 Section 4.2 of RFC 2581 [3] SHOULD be followed. Specifically, an 2649 acknowledgment SHOULD be generated for at least every second datagram 2650 received, and SHOULD be generated within 200 ms of the arrival of any 2651 unacknowledged datagram. 2653 IMPLEMENTATION NOTE: the maximal delay for generating an 2654 acknowledgment may be configured by the SCTP user, either 2655 statically or dynamically, in order to meet the specific 2656 timing requirement of the signaling protocol being carried. 2658 Acknowledgments MUST be sent in SACK control chunks. A SACK chunk can 2659 acknowledge the reception of multiple DATA chunks. See Section 3.3.3 2660 for SACK chunk format. In particular, the SCTP receiver MUST fill in 2661 the Cumulative TSN ACK field to indicate the latest cumulative TSN 2662 number it has received, and any received segments beyond the 2663 Cumulative TSN SHALL also be reported. 2665 Upon reception of the SACK, the data sender MUST adjust its total 2666 outstanding data count and the outstanding data count on those 2667 destination addresses for which one or more data chunks is 2668 acknowledged by the SACK. 2670 Note: When a datagram arrives with duplicate DATA chunk(s) and no new 2671 DATA chunk(s), the receiver MUST immediately send a SACK with no 2672 delay. Normally this will occur when the original SACK was lost, and 2673 the peers RTO has expired. The duplicate TSN number(s) SHOULD be 2674 reported in the SACK as duplicate. 2676 When a receiver prepares a SACK, any duplicate DATA chunks received 2677 SHOULD be reported in the SACK. 2679 When a SACK is received the receiver MAY use the Duplicate TSN 2680 information to determine if SACK loss is occurring. Further use 2681 of this data is for future study. 2683 Note: If a SACK is received that indicates a previously out of order 2684 chunk has been discarded by the receiver (due to a buffer space 2685 shortage), the sender should mark the chunk as having a first strike 2686 for retransmit against the chunk and start a timer on the last 2687 transmitted destination address (if one is not already running on that 2688 destination address). The sender SHOULD not retransmit the chunk until 2689 the fast retransmit algorithm indicates it should. This will allow the 2690 receiver time to clear up the receive buffer problem that caused it to 2691 discard the chunk. 2693 The following example illustrates the use of delayed acknowledgments: 2695 Endpoint A Endpoint Z 2697 {App sends 3 messages; strm 0} 2698 DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 2699 (Start T3-rxt timer) 2701 Stewart, et al [Page 48] 2702 DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) 2703 /------- SACK [TSN ACK=8,Frag=0] 2704 (cancel T3-rxt timer) <-----/ 2705 ... 2706 ... 2708 DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) 2709 (Start T3-rxt timer) 2710 ... 2711 {App sends 1 message; strm 1} 2712 (bundle SACK with DATA) 2713 /----- SACK [TSN Ack=9,Frag=0] \ 2714 / DATA [TSN=6,Strm=1,Seq=2] 2715 (cancel T3-rxt timer) <------/ (Start T3-rxt timer) 2717 (ack delayed) 2718 ... 2719 (send ack) 2720 SACK [TSN ACK=6,Frag=0] -------------> (cancel T3-rxt timer) 2722 Note: If a receiver receives a DATA chunk with 0 length (no user data 2723 part) it MUST follow the normal procedures for handling TSN and stream 2724 sequence number. However, it MAY choose not to deliver the NULL data to 2725 the upper layer. 2727 6.2.1 Tracking Peer's Receive Buffer Space 2729 Whenever a SACK arrives, a new updated a_rwnd arrives with it. This 2730 value represents the amount of buffer space the sender of the SACK, at 2731 the time of transmitting the SACK, has left of its total receive 2732 buffer space (as specified in the INIT/INIT-ACK). After processing the 2733 SACK, the receiver of the SACK SHOULD use the following rules to 2734 re-calculate the rwnd, using the received a_rwnd value. 2736 A) At the establishment of the association, the endpoint initializes 2737 the rwnd to the Advertised Receiver Window Credit (a_rwnd) 2738 the peer specified in the INIT or INIT ACK. 2740 B) Any time a DATA chunk is transmitted to a peer, the endpoint 2741 subtracts the data size of the chunk from the rwnd of that peer. 2743 C) Any time a SACK arrives, the endpoint performs the following: 2745 If all outstanding TSNs are acknowledged by the SACK, adopt 2746 the a_rwnd value in the SACK as the new rwnd. 2748 Otherwise, take the value of the current rwnd, and add to it the 2749 data size of any newly acknowledged TSNs that has its BE bits set 2750 to 11, OR that moved the cumulative TSN point forward. Then, set 2751 the rwnd to the lesser of the calculated value and the a_rwnd carried 2752 in the SACK. 2754 D) Any time the T3-rxt timer expires on any address, causing all 2755 outstanding chunks sent to that address to be marked for 2756 retransmission, add all of the data sizes of those chunks to the rwnd. 2758 Stewart, et al [Page 49] 2759 E) Any time a DATA chunk is marked for retransmission via the 2760 fast retransmit algorithm (section 6.2.4), add the DATA chunks 2761 size to the rwnd. 2763 6.3 Management of Retransmission Timer 2765 SCTP uses a retransmission timer T3-rxt to ensure data delivery in the 2766 absence of any feedback from the remote data receiver. The duration of 2767 this timer is referred to as RTO (retransmission timeout). 2769 When the receiver endpoint is multi-homed, the data sender endpoint 2770 will calculate a separate RTO for each different destination transport 2771 addresses of the receiver endpoint. 2773 The computation and management of RTO in SCTP follows closely with how 2774 TCP manages its retransmission timer. To compute the current RTO, an 2775 SCTP sender maintains two state variables per destination transport 2776 address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time 2777 variation). 2779 6.3.1 RTO Calculation 2781 The rules governing the computation of SRTT, RTTVAR, and RTO are 2782 as follows: 2784 C1) Until an RTT measurement has been made for a packet sent 2785 to the given destination transport address, set RTO to the 2786 protocol parameter 'RTO.Initial'. 2788 C2) When the first RTT measurement R is made, set SRTT <- R, 2789 RTTVAR <- R/2, and RTO <- SRTT + 4 * RTTVAR. 2791 C3) When a new RTT measurement R' is made, set 2793 RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| 2794 SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 2796 Note, the value of SRTT used in the update to RTTVAR is its value 2797 *before* updating SRTT itself using the second assignment. 2799 After the computation, update RTO <- SRTT + 4 * RTTVAR. 2801 Stewart, et al [Page 50] 2802 C4) When data is in flight and when allowed by rule C5 below, a new 2803 RTT measurement MUST be made each round trip. Furthermore, 2804 it is RECOMMENDED that new RTT measurements should be made no 2805 more than once per round-trip for a given destination transport 2806 address. There are two reasons for this recommendation: first, 2807 it appears that measuring more frequently often does not in 2808 practice yield any significant benefit [5]; second, if 2809 measurements are made more often, then the values of RTO.Alpha and 2810 RTO.Beta in rule C3 above should be adjusted so that SRTT and 2811 RTTVAR still adjust to changes at roughly the same rate (in terms 2812 of how many round trips it takes them to reflect new value) as 2813 they would if making only one measurement per round-trip and 2814 using RTO.Alpha and RTO.Beta as given in rule C3. However, the 2815 exact nature of these adjustments remains a research issue. 2817 C5) Karn's algorithm: RTT measurements MUST NOT be made using 2818 packets that were retransmitted (and thus for which it is 2819 ambiguous whether the reply was for the first instance of the 2820 packet or a later instance). 2822 C6) Whenever RTO is computed, if it is less than RTO.Min seconds 2823 then it is rounded up to RTO.Min seconds. The reason for this 2824 rule is that RTOs that do not have a high minimum value are 2825 susceptible to unnecessary timeouts [5]. 2827 C7) A maximum value may be placed on RTO provided it is at least 2828 RTO.max seconds. 2830 There is no requirement for the clock granularity G used for computing 2831 RTT measurements and the different state variables, other than 2833 G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust 2834 RTTVAR <- G. 2836 Experience [5] has shown that finer clock granularities (<= 100 msec) 2837 perform somewhat better than more coarse granularities. 2839 6.3.2 Retransmission Timer Rules 2841 The rules for managing the retransmission timer are as follows: 2843 R1) Every time a packet containing data is sent to any address (including 2844 a retransmission), if the T3-rxt timer of that address is not 2845 running, start it running so that it will expire after the RTO of 2846 that address. The RTO used here is that obtained after any doubling 2847 due to previous T3-rxt timer expirations on the corresponding 2848 destination address as discussed in rule E2 below. 2850 R2) Whenever all outstanding data on an address has been acknowledged, 2851 turn off the T3-rxt timer of that address. 2853 Stewart, et al [Page 51] 2854 R3) Whenever a SACK is received that acknowledges new data chunks 2855 including the one with the earliest outstanding TSN on that address, 2856 restart T3-rxt timer of that address with its current RTO. 2858 The following example shows the use of various timer rules (assuming 2859 the receiver uses delayed acks). 2861 Endpoint A Endpoint Z 2862 {App begins to send} 2863 Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 2864 (Start T3-rxt timer) 2865 {App sends 1 message; strm 1} 2866 (bundle ack with data) 2867 DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN ACK=7,Frag=0] \ 2868 \ / DATA [TSN=6,Strm=1,Seq=2] 2869 \ / (Start T3-rxt timer) 2870 \ 2871 / \ 2872 (Re-start T3-rxt timer) <------/ \--> (ack delayed) 2873 (ack delayed) 2874 ... 2875 {send ack} 2876 SACK [TSN ACK=6,Frag=0] --------------> (Cancel T3-rxt timer) 2877 .. 2878 (send ack) 2879 (Cancel T3-rxt timer) <-------------- SACK [TSN ACK=8,Frag=0] 2881 6.3.3 Handle T3-rxt Expiration 2883 Whenever the retransmission timer T3-rxt expires on a destination 2884 address, do the following: 2886 E1) On the destination address where the timer expires, adjust its 2887 ssthresh with rules defined in Section 7.2.3 and set the 2888 cwnd <- MTU. 2890 E2) On the destination address where the timer expires, set 2891 RTO <- RTO * 2 ("back off the timer"). The maximum value discussed 2892 in rule C7 above (RTO.max) may be used to provide an upper bound 2893 to this doubling operation. 2895 E3) Determine how many of the earliest (i.e., lowest TSN) outstanding 2896 Data chunks on the address where the T3-rxt has expired that will 2897 fit into a single packet, subject to the MTU constraint for the 2898 path corresponding to the destination transport address where the 2899 retransmission is being sent to (this may be different from the 2900 address where the timer expires [see Section 6.4]). Call this 2901 value K. Bundle and retransmit those K data chunks in a single 2902 packet to the address. 2904 Stewart, et al [Page 52] 2905 E4) Start the retransmission timer T3-rxt on the destination address 2906 to where the retransmission is sent, if rule R1 above indicates to 2907 do so. Note, the RTO to be used for starting T3-rxt should be the 2908 one of the destination address to where the retransmission is 2909 sent, which, when the receiver is multi-homed, may be different 2910 from the destination address where the timer expired (see Section 2911 6.4 below). 2913 Note that after retransmitting, once a new RTT measurement is obtained 2914 (which can happen only when new data has been sent and acknowledged, 2915 per rule C5, or for a measurement made from a Heartbeat [see Section 2916 8.3]), the computation in rule C3 is performed, including the 2917 computation of RTO, which may result in "collapsing" RTO back down 2918 after it has been subject to doubling (rule E2). 2920 The final rule for managing the retransmission timer concerns failover 2921 (see Section 6.4.1): 2923 F1) Whenever SCTP switches from the current destination transport 2924 address to a different one, the current retransmission timers are 2925 left running. As soon as SCTP transmits a packet containing data 2926 to the new transport address, start the timer on that transport 2927 address, using the RTO value of the destination address where 2928 the data is being sent, if rule R1 indicates to do so. 2930 6.4 Multi-homed SCTP Endpoints 2932 An SCTP endpoint is considered multi-homed if there are more than one 2933 transport addresses that can be used as a destination address to reach 2934 that endpoint. 2936 Moreover, at the sender side, one of the multiple destination 2937 addresses of the multi-homed receiver endpoint shall be selected as 2938 the primary destination transport address by the UPL (see Sections 2939 5.1.2 and 10.1 for details). 2941 When the SCTP sender is transmitting to the multi-homed receiver, by 2942 default the transmission SHOULD always take place on the primary 2943 transport address, unless the SCTP user explicitly specifies the 2944 destination transport address to use. 2946 The acknowledgment SHOULD be transmitted to the same destination 2947 transport address from which the DATA or control chunk being 2948 acknowledged were received. 2950 However, when acknowledging multiple DATA chunks in a single SACK, the 2951 SACK message may be transmitted to one of the destination transport 2952 addresses from which the DATA or control chunks being acknowledged 2953 were received. 2955 Stewart, et al [Page 53] 2956 Furthermore, when the receiver is multi-homed, the SCTP data sender 2957 SHOULD try to retransmit a chunk to an active destination transport 2958 address that is different from the last destination address where the 2959 data chunk was sent to. 2961 Note, retransmissions do not affect the total outstanding data 2962 count. However, if the data chunk is retransmitted onto a different 2963 destination address, both the outstanding data counts on the new 2964 destination address and the old destination address where the data 2965 chunk was last sent to shall be adjusted accordingly. 2967 6.4.1 Failover from Inactive Destination Address 2969 Some of the destination transport addresses of a multi-homed SCTP data 2970 receiver may become inactive due to either the occurrence of certain 2971 error conditions (see Section 8.2) or adjustments from SCTP user. 2973 When there is outbound data to send and the primary destination 2974 transport address becomes inactive (e.g., due to failures), or where 2975 the SCTP user explicitly requests to send data to an inactive 2976 destination transport address, before reporting an error to its ULP, 2977 the SCTP sender should try to send the data to an alternate active 2978 destination transport address if one exists. 2980 6.5 Stream Identifier and Stream Sequence Number 2982 Every DATA chunk MUST carry a valid stream identifier. If a DATA chunk 2983 with an invalid stream identifier is received, the receiver shall, 2984 after acknowledging the reception of the DATA chunk following the normal 2985 procedure, respond immediately with an ERROR message with cause set to 2986 Invalid Stream Identifier (see Section 3.3.9) and discard the DATA 2987 chunk. 2989 The stream sequence number in all the streams shall start from 0x0 2990 when the association is established. Also, when the stream sequence 2991 number reaches the value 0xffff the next stream sequence number shall 2992 be set to 0x0. 2994 6.6 Ordered and Un-ordered Delivery 2996 By default the SCTP receiver shall ensure the DATA chunks within any 2997 given stream be delivered to the upper layer according to the order of 2998 their stream sequence number. If there are DATA chunks arriving out of 2999 order of their stream sequence number, the receiver MUST hold the 3000 received DATA chunks from delivery until they are re-ordered. 3002 However, an SCTP sender can indicate that no ordered delivery is 3003 required on a particular DATA chunk within the stream by setting the U 3004 flag of the DATA chunk to 1. 3006 Stewart, et al [Page 54] 3007 In this case, the receiver must bypass the ordering mechanism and 3008 immediately delivery the data to the upper layer (after re-assembly if 3009 the user data is segmented by the sender). 3011 This provides an effective way of transmitting "out-of-band" data in a 3012 given stream. Also, a stream can be used as an "unordered" stream by 3013 simply setting the U flag to 1 in all outbound DATA chunks sent 3014 through that stream. 3016 IMPLEMENTATION NOTE: when sending an unordered DATA chunk, an 3017 implementation may choose to place the DATA chunk in an outbound 3018 datagram that is at the head of the outbound transmission queue if 3019 possible. 3021 Note that the 'Stream Sequence Number' field in an un-ordered data 3022 chunk has no significance; the sender can fill it with arbitrary 3023 value, but the receiver MUST ignore the field. 3025 6.7 Report Gaps in Received DATA TSNs 3027 Upon the reception of a new DATA chunk, an SCTP receiver shall examine 3028 the continuity of the TSNs received. If the receiver detects that gaps 3029 exist in the received DATA chunk sequence, an SACK with fragment 3030 reports shall be sent back immediately. 3032 Based on the segment reports from the SACK, the data sender can 3033 calculate the missing DATA chunks and make decisions on whether to 3034 retransmit them (see Section 6.3 for details). 3036 Multiple gaps can be reported in one single SACK (see Section 3.3.3). 3038 Note that when the data sender is multi-homed, the SCTP receiver 3039 SHOULD always try to send the SACK to the same network from where the 3040 last DATA chunk was received. 3042 Upon the reception of the SACK, the data sender SHALL remove all DATA 3043 chunks which have been acknowledged by the SACKs cumulative TSN. The 3044 data sender MUST also treat all the DATA chunks which fall into the 3045 gaps between the fragments reported by the SACK as "missing". The 3046 number of "missing" reports for each outstanding DATA chunk MUST be 3047 recorded by the data sender in order to make retransmission decision, 3048 see Section 7.2.4 for details. 3050 The following example shows the use of SACK to report a gap. 3052 Endpoint A Endpoint Z 3053 {App sends 3 messages; strm 0} 3054 DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) 3055 (Start T3-rxt timer) 3057 Stewart, et al [Page 55] 3058 DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) 3060 DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, 3061 immediately send ack) 3062 /----- SACK [TSN ACK=6,Frag=1, 3063 / Strt=2,End=2] 3064 <-----/ 3065 (remove 6 and 8 from out-queue, 3066 and strike 7 as "1" missing report) 3068 Note: in order to keep the size of the outbound SCTP datagram not to 3069 exceed the current path MTU, the maximal number of fragments that can 3070 be reported within a single SACK chunk is limited. When a single SACK 3071 can not cover all the fragments needed to be reported due to the MTU 3072 limitation, the endpoint SHALL send only one SACK, reporting the 3073 fragments from the lowest to highest TSNs, within the size limit set 3074 by the MTU, and leave the remaining highest TSN fragment numbers 3075 unacknowledged. 3077 6.8 Adler-32 Checksum Calculation 3079 When sending an SCTP datagram, the sender MUST strengthen the data 3080 integrity of the transmission by including the Adler-32 checksum 3081 value calculated on the datagram, as described below. 3083 After the datagram is constructed (containing the SCTP common header 3084 and one or more control or DATA chunks), the sender shall: 3086 1) fill in the proper Verification Tag in the SCTP common header and 3087 initialize the Adler-32 checksum filed to 0's. 3089 2) calculate the Adler-32 checksum of the whole datagram, including the 3090 SCTP common header and all the chunks. Refer to Sections 2.2 and 9 3091 in [2] for details of the Adler-32 algorithm. And, 3093 3) put the resultant value into the Adler-32 checksum field in the 3094 common header, and leave the rest of the bits unchanged. 3096 When an SCTP datagram is received, the receiver MUST first check the 3097 Adler-32 checksum: 3099 1) store the received Adler-32 checksum value aside, 3101 2) replace the 32 bits of the Adler-32 checksum field in the received 3102 SCTP datagram with all '0's and calculate an Adler-32 checksum 3103 value of the whole received datagram. And, 3105 3) verify that the calculated Adler-32 checksum is the same as the 3106 received Adler-32 checksum, If not, the receiver MUST treat the 3107 datagram as an invalid SCTP datagram. 3109 The default procedure of handling invalid SCTP datagrams is to 3110 silently discard them. 3112 Stewart, et al [Page 56] 3113 6.9 Segmentation 3115 Segmentation MUST be performed by the data sender if the user message 3116 to be sent has a large size that causes the outbound SCTP datagram 3117 size exceeding the current MTU. 3119 Note, if the data receiver is multi-homed, the sender shall choose a 3120 size no larger than the latest MTU of the current primary destination 3121 address. 3123 When determining when to segment, the SCTP implementation MUST take 3124 into account the SCTP datagram header as well as the DATA chunk 3125 header. The implementation MAY also take account of the space required 3126 for a SACK chunk. 3128 IMPLEMENTATION NOTE: if segmentation is not support by the sender, 3129 an error should be reported to the sender's SCTP user if the data to 3130 be sent has a size exceeding the current MTU. In such cases the Send 3131 primitive discussed in Section 10.1 would need to return an error 3132 to the upper layer. 3134 Segmentation takes the following steps: 3136 1) the data sender SHALL break the large user message into a series of 3137 DATA chunks, such that each of the chunks can be fit into an IP 3138 datagram smaller than or equal to the current MTU, 3140 2) the data sender MUST then assign, in sequence, a separate TSN to 3141 each of the DATA chunks in the series, 3143 3) the data sender MUST also set the B/E bits of the first DATA chunk 3144 in the series to '10', the B/E bits of the last DATA chunk in the 3145 series to '01', and the B/E bits of all other DATA chunks in the 3146 series to '00'. 3148 The data receiver MUST recognize the segmented DATA chunks, by 3149 examining the B/E bits in each of the received DATA chunks, and queue 3150 the segmented DATA chunks for re-assembly. Then, it shall pass the 3151 re-assembled user message to the specific stream for possible 3152 re-ordering and final dispatching. 3154 Note, if the data receiver runs out of buffer space while still 3155 waiting for more segments to complete the re-assembly of the message, 3156 it should dispatch part of its inbound message through a partial 3157 delivery API (see Section 10), freeing some of its receive buffer space 3158 so that the rest of the message may be received. 3160 Stewart, et al [Page 57] 3161 6.10 Bundling and Multiplexing 3163 An SCTP sender achieves data bundling by simply including multiple 3164 DATA chunks in one outbound SCTP datagram. Note that the total size of 3165 the resultant IP datagram, including the SCTP datagram and IP headers, 3166 MUST be less or equal to the current MTU. 3168 Note, if the data receiver is multi-homed, the sender shall choose a 3169 size no larger than the latest MTU of the current primary destination 3170 address. 3172 When multiplexing control chunks with DATA chunks, control chunks have 3173 the priority and MUST be placed first in the outbound SCTP datagram 3174 and be transmitted first. The transmitter MUST transmit DATA chunks 3175 within a SCTP datagram in increasing order of TSN. 3177 Partial chunks MUST NOT be placed in a SCTP datagram. 3179 The receiver MUST process the chunks in order in the datagram. The 3180 receiver uses the chunk length field to determine the end of a chunk 3181 and beginning of the next chunk taking account of the fact that all 3182 chunks end on a thirty-two-bit word boundary. If the receiver detects 3183 a partial chunk, it MUST drop the chunk. 3185 7. Congestion control 3187 Congestion control is one of the basic functions in the SCTP protocol. 3188 For some applications, it may be likely that adequate resources will 3189 be allocated to SCTP traffic to assure prompt delivery of 3190 time-critical SCTP data - thus it would appear to be unlikely, during 3191 normal operations, that SCTP transmissions encounter severe congestion 3192 condition. However SCTP must prepare itself for adverse operational 3193 conditions, which can develop upon partial network failures or 3194 unexpected traffic surges. In such situations SCTP must follow correct 3195 congestion control steps to recover from congestion quickly in order 3196 to get data delivered as soon as possible. In the absence of network 3197 congestion, these preventive congestion control algorithms should show 3198 no impact on the protocol performance. 3200 IMPLEMENTATION NOTE: as far as its specific performance requirements 3201 are met, an implementation is always allowed to adopt a more 3202 conservative congestion control algorithm than the one defined 3203 below. 3205 The congestion control algorithms used by SCTP are based on RFC 2581 3206 [3], "TCP Congestion Control". This section describes how the 3207 algorithms defined in RFC 2581 are adopted for use in SCTP. We first 3208 list differences in protocol designs between TCP and SCTP, and then 3209 describe SCTP's congestion control scheme. The description will use 3210 the same terminology as in TCP congestion control whenever 3211 appropriate. 3213 Note: SCTP congestion control is always applied to the entire association, 3214 and NOT to individual streams. 3216 Stewart, et al [Page 58] 3217 7.1 SCTP Differences from TCP Congestion control 3219 One difference between SCTP and TCP is that the Selective 3220 Acknowledgment function (SACK) is designed into SCTP, rather than an 3221 enhancement that is added to the protocol later as is the case for 3222 TCP. SCTP SACK carries the same semantic meaning with that of TCP 3223 SACK. TCP and SCTP considers the information carried in the SACK as 3224 advisory information only. In SCTP, any DATA chunk that has been 3225 acknowledged by SACK, including DATA that arrived at the receiving end 3226 out of order, are NOT considered fully delivered until the Cumulative 3227 Acknowledgment point passes the acknowledged DATA chunk. Consequently, 3228 the value of cwnd controls the amount of outstanding data, rather than 3229 the upper bound between the highest acknowledged sequence number and 3230 the latest DATA chunk that can be sent within the congestion window, 3231 as is the case in non-SACK TCP. SCTP SACK leads to different 3232 implementations of fast-retransmit and fast-recovery from that of 3233 non-SACK TCP. As an example see [16]. 3235 The biggest difference between SCTP and TCP, however, is multi-homing. 3236 SCTP is designed to establish robust communication associations 3237 between two end points each of which may be reachable by more than one 3238 transport address. Potentially different addresses may lead to 3239 distinguished data paths between the two points, thus ideally one may 3240 need a separate set of congestion control parameters for each of the 3241 paths. The treatment here of congestion control for multi-homed 3242 receivers is new with SCTP and may require refinement in the 3243 future. The current algorithms make the following assumptions: 3245 o The sender always uses the same destination address until being 3246 instructed by the upper layer otherwise. 3248 o The sender keeps a separate congestion control parameter set for each 3249 of the destination addresses it can send to (NOT each 3250 source-destination pair but for each destination) . The parameters 3251 should decay if the address is not used for a long enough 3252 time period. 3254 o For each of the destination addresses, do slow-start upon the first 3255 transmission to that address. 3257 7.2 SCTP Slow-Start and Congestion Avoidance 3259 The slow start and congestion avoidance algorithms MUST be used by a 3260 SCTP sender to control the amount of outstanding data being injected 3261 into the network. The congestion control in SCTP is employed in regard 3262 to the association, not to an individual stream. In some situations it 3263 may be beneficial for an SCTP sender to be more conservative than the 3264 algorithms allow, however an SCTP sender MUST NOT be more aggressive 3265 than the following algorithms allow. 3267 Like TCP, an SCTP sender uses the following three control variables 3268 to regulate its transmission rate. 3270 Stewart, et al [Page 59] 3271 o Receiver advertised window size (rwnd, in octets), which is set by 3272 the receiver based on its available buffer space for incoming packets. 3274 Note: This variable is kept on the entire association. 3276 o Congestion control window (cwnd, in octets), which is adjusted by 3277 the sender based on observed network conditions. 3279 Note: This variable is maintained on a per-destination basis. 3281 o Slow-start threshold (ssthresh, in octets), which is used by the 3282 sender to distinguish slow start and congestion avoidance phases. 3284 Note: This variable is maintained on a per-destination basis. 3286 SCTP also requires one additional control variable, partial_bytes_acked, 3287 which is used during congestion avoidance phase to facilitate cwnd 3288 adjustment. 3290 Unlike TCP, an SCTP sender MUST keep a set of these control variables 3291 for EACH destination address of its peer (when its peer is multi-homed). 3293 7.2.1 Slow-Start 3295 Beginning data transmission into a network with unknown conditions 3296 requires SCTP to probe the network to determine the available capacity. 3297 The slow start algorithm is used for this purpose at the beginning of a 3298 transfer, or after repairing loss detected by the retransmission timer. 3300 o The initial cwnd before data transmission or after a sufficiently 3301 long idle period MUST be <= 2*MTU. 3303 o The initial cwnd after a retransmission timeout MUST be no more 3304 than 1*MTU. 3306 o The initial value of ssthresh MAY be arbitrarily high (for example, 3307 some implementations use the size of the receiver advertised window). 3309 o Whenever cwnd is greater than zero, the sender is allowed to have cwnd 3310 octets of data outstanding on that transport address. 3312 o When cwnd is less than or equal to ssthresh an SCTP sender MUST use 3313 the slow start algorithm to increase cwnd (assuming the current 3314 congestion window is being fully utilized). If the incoming SACK 3315 advances the cumulative TSN, cwnd MUST be increased by at most the 3316 lesser of 1) the total size of the previously outstanding DATA 3317 chunk(s) acknowledged, and 2) the destinations path MTU. 3318 This prevents against the ACK-Splitting attack outlined in [15]. 3320 NOTE: In instances where the data receiver endpoint is multi-homed, 3321 if a SACK arrives at the data sender that advances the 3322 sender's cumulative TSN point, then the data sender should update 3323 its cwnd (or cwnds) apportioned to the destination addresses where 3324 the data was transmitted to. However if the SACK does not advance 3325 the cumulative TSN point, the data sender MUST not adjust the cwnd 3326 of any of the destination addresses. 3328 Stewart, et al [Page 60] 3329 NOTE: because an SCTP data sender's cwnd is not tied to its 3330 cumulative TSN point, as duplicate SACKs come in, even though they 3331 may not advance the cumulative TSN point an SCTP sender can still 3332 use them to clock out new data. That is, the data newly 3333 acknowledged by the SACK diminishes the amount of data now in 3334 flight to less than cwnd; and so the current, unchanged value of 3335 cwnd now allows new data to be sent. On the other hand, the 3336 increase of cwnd must be tied to the cumulative TSN advancement as 3337 specified above. Otherwise the duplicate SACKs will not only clock 3338 out new data, but also will adversely clock out *more* new data 3339 than what has just left the network, during a time of possible 3340 congestion. 3342 o When the sender does not transmit data on a given transport address, 3343 the cwnd of the transport address should be adjusted to 3344 max(cwnd / 2, 2*MTU) per RTO. 3346 7.2.2 Congestion Avoidance 3348 When cwnd is greater than ssthresh, cwnd should be incremented 3349 by 1*MTU per RTT if the sender has cwnd or more octets of data 3350 outstanding on the corresponding transport address. 3352 In practice an implementation can achieve this goal in the 3353 following way: 3355 o partial_bytes_acked is initialized to 0. 3357 o Whenever cwnd is greater than ssthresh, upon each SACK arrival, 3358 increase partial_bytes_acked by the total number of octets of all 3359 new chunks acknowledged in that SACK. 3361 o When partial_bytes_acked is equal or greater than cwnd and before 3362 the arrival of the SACK the sender has cwnd or more octets of data 3363 outstanding, increase cwnd by MTU, and reset partial_bytes_acked to 3364 (partial_bytes_acked - cwnd). 3366 o Same as in the slow start, when the sender does not transmit data on 3367 a given transport address, the cwnd of the transport address should 3368 be adjusted to max(cwnd / 2, 2*MTU) per RTO. 3370 o When all of the data transmitted by the sender has been acknowledged 3371 by the receiver, partial_bytes_acked is initialized to 0. 3373 7.2.3 Congestion Control 3375 Upon detection of packet losses from SACK reports (see section 7.2.4), 3376 the sender should do the following: 3378 ssthresh = max(cwnd/2, 2*MTU) 3379 cwnd = ssthresh 3381 Stewart, et al [Page 61] 3382 Basically, a packet loss causes cwnd to be cut in half. 3384 When the T3-rxt timer expires on an address, SCTP should perform 3385 slow start by: 3387 ssthresh = max(cwnd/2, 2*MTU) 3388 cwnd = 1*MTU 3390 and assure that no more than one data packet will be in flight on that 3391 address until the sender receives acknowledgment for successful delivery 3392 of data to that address. 3394 7.2.4 Fast Retransmit on Gap Reports 3396 In the absence of data losses, a SCTP receiver performs delayed 3397 acknowledgment. However, whenever a receiver notices a hole in the 3398 arriving TSN sequence, it should start sending a SACK back every time 3399 a packet arrives carrying data. 3401 At the sender end, whenever the sender receives a SACK that indicate 3402 some TSN(s) missing, it SHOULD wait for 3 further miss indications 3403 (via subsequent SACKs) on the same TSN(s) before taking action. 3405 When the TSN(s) is reported as missing in consecutive SACKs for the 3406 4th time, the sender shall: 3408 1) Mark the missing DATA chunk(s) for retransmission, 3410 2) Adjust the ssthresh and cwnd of the destination address(es) where 3411 the missing data chunks were last sent, according to the formula 3412 described in Section 7.2.3. 3414 3) Determine how many of the earliest (i.e., lowest TSN) missing Data 3415 chunks will fit into a single packet, subject to constraint of the 3416 path MTU of the destination transport address to which the packet 3417 is being sent. Call this value K. Retransmit those K data chunks in 3418 a single packet. 3420 4) Restart T3-rxt timer ONLY IF the last SACK acknowledged the lowest 3421 outstanding TSN number sent to that address, or we are retransmitting 3422 the first outstanding Data chunk sent to that address. 3424 Note, before the above adjustments, if the received SACK also 3425 acknowledges new data chunks and advances the cumulative TSN point, 3426 the cwnd adjustment rules defined in Sections 7.2.1 and 7.2.2 must 3427 be applied first. 3429 A straightforward implementation of the above requires that the sender 3430 keeps a counter for each TSN hole first reported by a SACK; the 3431 counter keeps track of whether 3 subsequent SACKs have reported the 3432 same hole. 3434 Stewart, et al [Page 62] 3435 Because cwnd in SCTP indirectly bounds the number of outstanding 3436 TSN's, the effect of TCP fast-recovery is achieved automatically with 3437 no adjustment to the congestion control window size. 3439 7.3 Path MTU Discovery 3441 RFC 1191 [11] discusses "Path MTU Discovery", whereby a sender 3442 maintains an estimate of the maximum transmission unit (MTU) along a 3443 given Internet path and refrains from sending datagrams along that 3444 path which exceed the MTU, other than occasional attempts to probe for 3445 a change in the path MTU. RFC 1191 is thorough in its discussion of 3446 the MTU discovery mechanism and strategies for determining the current 3447 end-to-end MTU setting as well as detecting changes in this value. 3448 RFC 1981 [12] discusses applying the same mechanisms for IPv6. 3450 An SCTP sender SHOULD apply these techniques, and SHOULD do so on a 3451 per-destination-address basis. 3453 There are 4 ways in which SCTP differs from the description in RFC 1191 3454 of applying MTU discovery to TCP: 3456 1) SCTP associations can span multiple set of addresses. 3457 Per the above comment, an SCTP sender MUST maintain separate 3458 MTU estimates for each destination address of its peer. 3460 2) Elsewhere in this document, when the term "MTU" is discussed, 3461 it refers to the MTU associated with the destination address 3462 corresponding to the context of the discussion. 3464 3) Unlike TCP, SCTP does not have a notion of "Maximum Segment 3465 Size". Accordingly, the MTU for each destination address 3466 SHOULD be initialized to a value no larger than the link MTU 3467 for the local interface to which datagrams for that remote 3468 destination address will be routed. 3470 4) Since data transmission in SCTP is naturally structured in 3471 terms of TSNs rather than bytes (as is the case for TCP), the 3472 discussion in section 6.5 of RFC 1191 applies: when retransmitting 3473 a datagram to a remote address for which the datagram appears 3474 too large for the path MTU to that address, the datagram SHOULD 3475 be retransmitted without the DF bit set, allowing it to possibly 3476 be fragmented. Transmissions of new datagrams MUST have DF set. 3478 Other than these differences, the discussion of TCP's use of MTU 3479 discovery in RFCs 1191 and 1981 applies to SCTP, too, on a 3480 per-destination-address basis. 3482 Note: For IPv6 destination addresses the DF bit does not exist, 3483 instead the datagram must be fragmented as described in RFC1883 [17]. 3485 Stewart, et al [Page 63] 3486 8. Fault Management 3488 8.1 Endpoint Failure Detection 3490 The data sender shall keep a counter on the total number of 3491 consecutive retransmissions to its peer (including retransmissions to 3492 ALL the destination transport addresses of the peer if it is 3493 multi-homed). If the value of this counter exceeds the limit 3494 indicated in the protocol parameter 'Association.Max.Retrans', the 3495 data sender shall consider the peer endpoint unreachable and shall 3496 stop transmitting any more data to it (and thus the association enters 3497 the CLOSED state). In addition, the data sender shall report the 3498 failure to the upper layer, and optionally report back all outstanding 3499 user data remaining in its outbound queue. The association is 3500 automatically terminated when the peer endpoint becomes unreachable. 3502 The counter shall be reset each time a datagram sent to that 3503 destination address is acknowledged by the peer endpoint, or 3504 a HEARTBEAT-ACK is received from the peer endpoint. 3506 8.2 Path Failure Detection 3508 When the remote endpoint is multi-homed, the data sender should keep a 3509 'retrans.count' counter for each of the destination transport 3510 addresses of the remote endpoint. 3512 Each time the T3-rxt timer on any address, or when a HEARTBEAT sent to 3513 an idle address is not acknowledged, the 'retrans.count' counter of 3514 that destination address will be incremented. When the value in 3515 'retrans.count' exceeds the protocol parameter 'Path.Max.Retrans' of 3516 that destination address, the data sender should mark the destination 3517 transport address as inactive, and a notification SHOULD be sent to 3518 the upper layer. 3520 When an outstanding TSN is acknowledged or a HEARTBEAT sent to that 3521 address is acknowledged with a HEARTBEAT-ACK, the data sender shall 3522 clear the 'retrans.count' counter of the destination transport address 3523 to which the datagram was last sent (or HEARTBEAT was sent). Note, 3524 when the data receiver is multi-homed and the last sent was a 3525 retransmission to an alternate address of the receiver, there exists 3526 an ambiguity as to whether or not the acknowledgment should be 3527 credited to the address of the last sent. However, this ambiguity does 3528 not seem to bear any significant consequence to SCTP behavior. If this 3529 ambiguity is undesirable, the data sender may choose not to clear the 3530 'retrans.count' counter if the last sent was a retransmission. 3532 Stewart, et al [Page 64] 3533 Note, when configuring the SCTP endpoint, the user should avoid 3534 having the value of 'Association.Max.Retrans' larger than the 3535 summation of the 'Path.Max.Retrans' of all the destination addresses 3536 for the remote endpoint. Otherwise, all the destination addresses may 3537 become inactive while the endpoint still considers the peer endpoint 3538 reachable. When this condition occurs, how the SCTP chooses to function 3539 is implementation specific. 3541 Note, when the primary destination address is marked inactive (due to 3542 excessive retransmissions, for instance), the sender MAY automatically 3543 transmit new datagrams to an alternate destination address if one 3544 exists and is active. This is, however, an implementation option. 3546 8.3 Path Heartbeat 3548 By default, an SCTP endpoint shall monitor the reachability of the 3549 idle destination transport address(es) of its peer by sending 3550 HEARTBEAT messages periodically to the destination transport 3551 address(es). 3553 A destination transport address is considered "idle" if no new chunk 3554 which can be used for updating path RTT (usually including first 3555 transmission DATA, INIT, COOKIE, etc.) and no heartbeat has been sent 3556 to it within the current heartbeat period of that address. This 3557 applies to both active and inactive destination addresses. 3559 The upper layer can optionally initiate the following functions: 3561 A) disable heart beat on a specific destination transport address of a 3562 given association, 3563 B) re-enable heart beat on a specific destination transport address of 3564 a given association, and, 3565 C) request an on-demand heartbeat on a specific destination transport 3566 address of a given association. 3568 The endpoint should increment the respective 'retrans.count' counter 3569 of the destination transport address each time a HEARTBEAT is sent to 3570 that address and not acknowledged. 3572 When the value of this counter reaches the protocol parameter 3573 'Path.Max.Retrans', the endpoint should mark the corresponding 3574 destination address as inactive if it is not so marked, and may also 3575 optionally report to the upper layer the change of reachability of 3576 this destination address. After this, the endpoint should continue 3577 heartbeat on this destination address but should stop increasing the 3578 counter. 3580 The sender of the HEARTBEAT message should include in the Heartbeat 3581 Information field of the message the current time when the message is 3582 sent out and the information on the destination address to which the 3583 message is sent. 3585 IMPLEMENTATION NOTE: An alternative implementation of the heartbeat 3586 mechanism that can be used is to increment the 'retrans.count' 3587 variable every time a HEARTBEAT is sent to a destination. Whenever 3588 a HEARTBEAT-ACK arrives, the sender SHOULD be clearing the 3589 'retrans.count' of the destination that the HEARTBEAT was 3590 sent to. This in effect would clear the previously stroked 3591 error (and any other error counts as well). 3593 Stewart, et al [Page 65] 3594 The receiver of the HEARTBEAT should immediately respond with a 3595 HEARTBEAT ACK that contains the Heartbeat Information field copied out 3596 from the received HEARTBEAT message. 3598 Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT 3599 should clear the 'retrans.count' counter of the destination transport 3600 address to which the HEARTBEAT was sent, and mark the destination 3601 transport address as active if it is not so marked. The endpoint may 3602 optionally report to the upper layer when an inactive destination 3603 address is marked as active due to the reception of the latest 3604 HEARTBEAT ACK. 3606 The receiver of the HEARTBEAT ACK should also perform an RTT 3607 measurement for that destination transport address using the time 3608 value carried in the HEARTBEAT ACK message. 3610 On an idle destination address that is allowed to heartbeat, HEARTBEAT 3611 messages is RECOMMENDED to be sent once per RTO of that destination 3612 address, with jittering of +/- 50%, and exponential back-off if the 3613 previous HEARTBEAT is unanswered. 3615 A primitive is provided for the SCTP user to change the heart 3616 beat interval and turn on or off the heart beat on a given destination 3617 address. Note, the heartbeat interval set by the SCTP user on any of 3618 the idle destination addresses SHOULD be no smaller than the RTO of 3619 that destination address. Separate timers may be used to control the 3620 heartbeat transmission for different idle destination addresses. 3622 8.4 Handle "Out of the blue" Packets 3624 An SCTP datagram is called an "out of the blue" (OOTB) datagram if it 3625 is correctly formed, i.e., passed the receiver's Adler-32 check (see 3626 Section 6.8), but the receiver is not able to identify the association 3627 to which this datagram belongs. 3629 The receiver of an OOTB datagram MUST do the following: 3631 1) check if the OOTB datagram contains an ABORT chunk. If so, the 3632 receiver MUST silently discarded the OOTB datagram and take no 3633 further action. Otherwise, 3635 2) the receiver should respond the sender of the OOTB datagram with an 3636 ABORT. When sending the ABORT, the receiver of the OOTB datagram 3637 MUST fill in the Verification Tag field of the outbound datagram 3638 with the value found in the Verification Tag field of the OOTB 3639 datagram. After sending this ABORT, the receiver of the OOTB 3640 datagram shall discard the OOTB datagram and take no further 3641 action. 3643 Stewart, et al [Page 66] 3644 8.5 Verification Tag 3646 The Verification Tag rules defined in this section apply when sending 3647 or receiving SCTP datagrams which do NOT contain an INIT, SHUTDOWN 3648 ACK, or ABORT chunk. The rules for sending and receiving SCTP 3649 datagrams containing one of these chunk types are discussed separately 3650 in Section 8.5.1. 3652 When sending an SCTP datagram, the sender MUST fill in the 3653 Verification Tag field of the outbound datagram with the tag value of 3654 the peer endpoint to which this SCTP datagram is destined. 3656 When receiving an SCTP datagram, the receiver MUST ensure that the 3657 value in the Verification Tag field of the received SCTP datagram 3658 matches its own Tag. If the received tag value does not match the 3659 receiver's own tag value, the receiver shall silently discard the 3660 datagram and shall not process it any further. 3662 8.5.1 Exceptions in Verification Tag Rules 3664 A) Rules for datagram carrying INIT: 3666 - The sender MUST set the Verification Tag of the datagram to 0. 3667 - The receiver, when noticing an incoming SCTP datagram with the 3668 Verification Tag set to 0, should continue to process the datagram 3669 only if an INIT chunk is present. Otherwise, the receiver MUST 3670 silently discard the datagram and take no further action. 3672 B) Rules for datagram carrying ABORT: 3674 - The sender shall always fill in the Verification Tag field of the 3675 outbound datagram with the destination endpoint's tag value if it 3676 is known. 3677 - If the ABORT is sent in response to an OOTB datagram, the sender 3678 MUST follow the procedure described in Section 8.4. 3679 - The receiver MUST accept the datagram IF the Verification Tag 3680 matches either its own tag, OR the tag of its peer. Otherwise, the 3681 receiver MUST silently discard the datagram and take no further 3682 action. 3684 C) Rules for datagram carrying SHUTDOWN ACK: 3686 - When sending a SHUTDOWN ACK, the sender is allowed to either use 3687 the destination endpoint's tag or set the Verification Tag field 3688 of the outbound datagram to 0. 3689 - The receiver of a SHUTDOWN ACK shall accept the datagram IF the 3690 Verification Tag field of the datagram matches its own tag OR is 3691 set to 0. Otherwise, the receiver MUST silently discard the 3692 datagram and take no further action. NOTE: the receiver of the 3693 SHUTDOWN ACK MUST ignore the chunk if it is not in the SHUTDOWN 3694 SENT state. 3696 Stewart, et al [Page 67] 3697 9. Termination of Association 3699 All existing associations should be terminated when an endpoint exits 3700 from service. An association can be terminated by either close or 3701 shutdown. 3703 9.1 Close of an Association 3705 When an endpoint decides to close down an existing association, it 3706 shall send an ABORT message to its peer endpoint. The sender MUST fill 3707 in the peer's Verification Tag in the outbound datagram and MUST NOT 3708 bundle any DATA chunk with the ABORT. 3710 No acknowledgment is required for an ABORT message. In any 3711 circumstances, an endpoint MUST NOT respond to any received datagram 3712 that contains an ABORT with its own ABORT (also see Section 8.4). 3714 The receiver shall apply the special Verification Tag check rules 3715 described in Section 8.5.1 when handling the datagram carrying an 3716 ABORT. 3718 After checking the Verification Tag, the peer shall remove the 3719 association from its record, and shall report the termination to its 3720 upper layer. 3722 9.2 Shutdown of an Association 3724 Using the TERMINATE primitive (see Section 10.1), the upper layer of an 3725 endpoint in an association can gracefully shutdown the association. 3726 This will guarantee that all outstanding datagrams from the peer of 3727 the shutdown initiator be delivered before the association 3728 terminates. 3730 Upon receipt of the TERMINATE primitive from its upper layer, the 3731 initiator endpoint enters SHUTDOWN-PENDING state and remains there 3732 until all outstanding TSNs have been acknowledged by the far end. It 3733 accepts no new data from its upper layer, but retransmits data to the 3734 far end if necessary to fill gaps. 3736 Once all outstanding TSNs have been acknowledged, the initiator 3737 endpoint shall send a SHUTDOWN message to the peer of the association, 3738 and shall include the last cumulative TSN it has received from the 3739 peer in the 'Cumulative TSN ACK' field. It shall then start the 3740 T2-shutdown timer and enter the Shutdown-sent state. If the timer 3741 expires, the initiator must re-send the SHUTDOWN with the updated last 3742 TSN received from its peer. 3744 The same rules in 6.3 SHALL be followed to determine the proper timer 3745 value for T2-shutdown. The sender of the SHUTDOWN message may also 3746 optionally include a SACK to indicate any gaps by bundling both the 3747 SACK and SHUTDOWN message together. 3749 Stewart, et al [Page 68] 3750 Note the sender of a shutdown should limit the number of 3751 retransmissions of the shutdown message to the protocol parameter 3752 'Association.Max.Retrans'. If this threshold is exceeded the endpoint 3753 should destroy the TCB and may report the endpoint unreachable to the 3754 upper layer (and thus the association enters the CLOSED state). 3756 Upon the reception of the SHUTDOWN, the peer shall enter the 3757 Shutdown-received state, and shall verify, by checking the TSN ACK 3758 field of the message, that all its outstanding datagrams have been 3759 received by the initiator. 3761 If there are still outstanding datagrams left, the peer shall mark 3762 them for retransmission and start the retransmit procedure as defined 3763 in Section 6.3. 3765 While in Shutdown-sent state, the initiator shall immediately respond 3766 to each inbound SCTP datagram containing user data from the peer with 3767 a SACK and restart the T2-shutdown timer. 3769 If there is no more outstanding datagrams, the peer shall send a 3770 SHUTDOWN ACK and then remove all record of the association. 3772 Upon the receipt of the SHUTDOWN ACK, the initiator shall stop the 3773 T2-shutdown timer and remove all record of the association. 3775 Note: that it should be the responsibility of the initiator to assure 3776 that all the outstanding datagrams on its side have been resolved 3777 before it initiates the shutdown procedure. 3779 Note: an endpoint shall reject any new data request from its upper 3780 layer if it is in Shutdown-sent or Shutdown-received state until 3781 completion of the sequence. 3783 Note: if an endpoint is in Shutdown-sent state and receives an INIT 3784 message from its peer, it should discard the INIT message and 3785 retransmit the shutdown message. The sender of the INIT should respond 3786 with a stand-alone SHUTDOWN ACK in an SCTP datagram with the 3787 Verification Tag field of its common header set to 0, and let the 3788 normal T1-init timer cause the INIT message to be retransmitted and 3789 thus restart the association. 3791 Note: if an endpoint is in Shutdown-sent state and receives a 3792 SHUTDOWN message from its peer, the endpoint shall respond 3793 immediately with a SHUTDOWN ACK and shall stop the T2-shutdown timer 3794 and remove all record of the association. 3796 10. Interface with Upper Layer 3798 The Upper Layer Protocols (ULP) shall request for services by passing 3799 primitives to SCTP and shall receive notifications from SCTP for 3800 various events. 3802 Stewart, et al [Page 69] 3803 The primitives and notifications described in this section should be 3804 used as a guideline for implementing SCTP. The following functional 3805 description of ULP interface primitives is shown for illustrative 3806 purposes. We must warn readers that different SCTP implementations may 3807 have different ULP interfaces. However, all SCTPs must provide a 3808 certain minimum set of services to guarantee that all SCTP 3809 implementations can support the same protocol hierarchy. 3811 10.1 ULP-to-SCTP 3813 The following sections functionally characterize a ULP/SCTP interface. 3814 The notation used is similar to most procedure or function calls in 3815 high level languages. 3817 The ULP primitives described below specify the basic functions the 3818 SCTP must perform to support inter-process communication. Individual 3819 implementations must define their own exact format, and may provide 3820 combinations or subsets of the basic functions in single calls. 3822 A) Initialize 3824 Format: INITIALIZE ([local port], [local eligible address]) 3825 -> local SCTP instance name 3827 This primitive allows SCTP to initialize its internal data structures 3828 and allocate necessary resources for setting up its operation 3829 environment. Note that once SCTP is initialized, ULP can communicate 3830 directly with other endpoints without re-invoking this primitive. 3832 A local SCTP instance name will be returned to the ULP by the SCTP. 3834 Mandatory attributes: 3836 None. 3838 Optional attributes: 3840 The following types of attributes may be passed along with the 3841 primitive: 3843 o local port - SCTP port number, if ULP wants it to be specified; 3845 o local eligible address - A single address that the local SCTP 3846 endpoint should bind. By default all transport interface cards 3847 should be used by the local endpoint. 3849 IMPLEMENTATION NOTE: if this optional attribute is supported by an 3850 implementation, it will be the responsibility of the implementation 3851 to enforce that the IP source address field of any SCTP datagrams 3852 sent out by this endpoint MUST contain the IP addresses 3853 indicated in the local eligible address. 3855 Stewart, et al [Page 70] 3856 B) Associate 3858 Format: ASSOCIATE(local SCTP instance name, destination transport 3859 addr, outbound stream count) 3860 -> association id [,destination transport addr list] [,outbound stream 3861 count] 3863 This primitive allows the upper layer to initiate an association to a 3864 specific peer endpoint. 3866 The peer endpoint shall be specified by one of the transport addresses 3867 which defines the endpoint (see section 1.4). If the local SCTP 3868 instance has not been initialized, the ASSOCIATE is considered an 3869 error. 3871 An association id, which is a local handle to the SCTP association, 3872 will be returned on successful establishment of the association. If 3873 SCTP is not able to open an SCTP association with the peer endpoint, 3874 an error is returned. 3876 Other association parameters may be returned, including the complete 3877 destination transport addresses of the peer as well as the outbound 3878 stream count of the local endpoint. One of the transport address from 3879 the returned destination addresses will be selected by the local 3880 endpoint as default primary destination address for sending SCTP 3881 datagrams to this peer. The returned "destination transport addr 3882 list" can be used by the ULP to change the default primary destination 3883 address or to force sending a datagram to a specific transport address. 3885 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 3886 blocking function call, the ASSOCIATE primitive can return 3887 association parameters in addition to the association id upon 3888 successful establishment. If ASSOCIATE primitive is implemented as a 3889 non-blocking call, only the association id shall be returned and 3890 association parameters shall be passed using the COMMUNICATION UP 3891 notification. 3893 Mandatory attributes: 3895 o local SCTP instance name - obtained from the INITIALIZE operation. 3897 o destination transport addr - specified as one of the transport 3898 addresses of the peer endpoint with which the association is to be 3899 established. 3901 o outbound stream count - the number of outbound streams the ULP 3902 would like to open towards this peer endpoint. 3904 Optional attributes: 3906 None. 3908 Stewart, et al [Page 71] 3909 C) Terminate 3911 Format: TERMINATE(association id) 3912 -> result 3914 Gracefully terminates an association. Any locally queued user data 3915 will be delivered to the peer. The association will be terminated only 3916 after the peer acknowledges all the messages sent. A success code 3917 will be returned on successful termination of the association. If 3918 attempting to terminate the association results in a failure, an error 3919 code shall be returned. 3921 Mandatory attributes: 3923 o association id - local handle to the SCTP association 3925 Optional attributes: 3927 None. 3929 D) Abort 3931 Format: ABORT(association id [, cause code]) 3932 -> result 3934 Ungracefully terminates an association. Any locally queued user data 3935 will be discarded and an ABORT message is sent to the peer. A success 3936 code will be returned on successful abortion of the association. If 3937 attempting to abort the association results in a failure, an error 3938 code shall be returned. 3940 Note: If possible the SCTP should attempt to return all un-acknowledged 3941 data to the upper layer, however this behavior is implementation 3942 dependent. 3944 Mandatory attributes: 3946 o association id - local handle to the SCTP association 3948 Optional attributes: 3950 o cause code - reason of the abort to be passed to the peer. 3952 None. 3954 Stewart, et al [Page 72] 3955 E) Send 3957 Format: SEND(association id, buffer address, byte count [,context] 3958 [,stream id] [,life time] [,destination transport address] [,un-order 3959 flag] [,no-bundle flag] [,payload protocol-id] ) 3960 -> result 3962 This is the main method to send user data via SCTP. 3964 Mandatory attributes: 3966 o association id - local handle to the SCTP association 3968 o buffer address - the location where the user message to be 3969 transmitted is stored; 3971 o byte count - The size of the user data in number of octets; 3973 Optional attributes: 3975 o context - optional information that will be carried in the 3976 sending failure notification to the ULP if the transportation of 3977 this datagram fails. 3979 o stream id - to indicate which stream to send the data on. If not 3980 specified, stream 0 will be used. 3982 o life time - specifies the life time of the user data. The user data 3983 will not be sent by SCTP after the life time expires. This 3984 parameter can be used to avoid efforts to transmit stale 3985 user messages. SCTP notifies the ULP, if the data cannot be 3986 initiated to transport (i.e. sent to the destination via SCTP's 3987 send primitive) within the life time variable. However, the 3988 user data will be transmitted if a chunk has been attempted to 3989 be transmitted before the life time expired. 3991 IMPLEMENTATION NOTE: in order to better support the data lifetime 3992 option, the data sender MAY hold back the assigning of the TSN number 3993 to an outbound data chunk to the last moment. And, for implementation 3994 simplicity, once a TSN number has been assigned the sender MAY consider 3995 the send of this data chunk as committed, overriding any lifetime option 3996 attached to the data chunk. 3998 o destination transport address - specified as one of the destination 3999 transport addresses of the peer endpoint to which this message 4000 should be sent. Whenever possible, SCTP should use this destination 4001 transport address for sending the datagram, instead of the current 4002 primary destination transport address. 4004 o un-order flag - this flag, if present, indicates that the user 4005 would like the data delivered in an un-ordered fashion to the peer. 4007 o no-bundle flag - instructs SCTP not to bundle the user data with 4008 other outbound DATA chunks. Note: SCTP may still bundle even when 4009 this flag is present, when faced with network congestion. 4011 o payload protocol-id - A 32 bit u_int that is to be passed to the 4012 peer indicating the type of payload protocol data being 4013 transmitted. This value is passed as opaque data by SCTP. 4015 Stewart, et al [Page 73] 4016 F) Set Primary 4018 Format: SETPRIMARY(association id, destination transport address) 4019 -> result 4021 Instructs the local SCTP to use the specified destination transport 4022 address as primary destination address for sending datagrams. 4024 The result of attempting this operation shall be returned. If the 4025 specified destination transport address is not present in the 4026 "destination transport address list" returned earlier in an associate 4027 command or communication up notification, an error shall be returned. 4029 Mandatory attributes: 4031 o association id - local handle to the SCTP association 4033 o destination transport address - specified as one of the transport 4034 addresses of the peer endpoint, which should be used as primary 4035 address for sending datagrams. This overrides the current primary 4036 address information maintained by the local SCTP endpoint. 4037 Stewart, et al [Page 74] 4038 G) Receive 4040 Format: RECEIVE(association id, buffer address, buffer size 4041 [,stream id]) 4042 -> byte count [,transport address] [,stream id] [,stream sequence number] 4043 [,partial flag] [,delivery number] [,payload protocol-id] 4045 This primitive shall read the first user message in the SCTP in-queue 4046 to ULP, if there is one available, into the specified buffer. The size 4047 of the message read, in octets, will be returned. It may, depending on 4048 the specific implementation, also return other information such as the 4049 sender's address, the stream id on which it is received, whether there 4050 are more messages available for retrieval, etc. For ordered messages, 4051 their stream sequence number may also be returned. 4053 Depending upon the implementation, if this primitive is invoked when 4054 no message is available the implementation should return an indication 4055 of this condition or should block the invoking process until data does 4056 become available. 4058 Mandatory attributes: 4060 o association id - local handle to the SCTP association 4062 o buffer address - the memory location indicated by the ULP to store 4063 the received message. 4065 o buffer size - the maximum size of data to be received, in octets. 4067 Optional attributes: 4069 o stream id - to indicate which stream to receive the data on. 4071 o stream sequence number - the stream sequence number assigned by the 4072 sending SCTP peer. 4074 o partial flag - if this returned flag is set to 1, then this 4075 message is a partial delivery of the whole message. When 4076 this flag is set, the stream id and stream sequence number MUST 4077 accompany this receive. When this flag is set to 0, it indicates 4078 that no more deliveries will be received for this stream sequence 4079 number. 4081 o payload protocol-id - A 32 bit u_int that is received from the 4082 peer indicating the type of payload protocol of the received 4083 data. This value is passed as opaque data by SCTP. 4085 Stewart, et al [Page 75] 4086 H) Status 4088 Format: STATUS(association id) 4089 -> status data 4091 This primitive should return a data block containing the following 4092 information: 4093 association connection state, 4094 destination transport address list, 4095 destination transport address reachability state, 4096 current receiver window size, 4097 current congestion window sizes, 4098 number of DATA chunks awaiting acknowledgment, 4099 number of DATA chunks pending receipt, 4100 primary destination transport address, 4101 SRTT on primary destination address, 4102 RTO on primary destination address, 4103 SRTT and RTO on other destination addresses, etc. 4105 Mandatory attributes: 4107 o association id - local handle to the SCTP association 4109 Optional attributes: 4111 None. 4113 I) Change Heartbeat 4115 Format: CHANGEHEARTBEAT(association id, destination transport address, 4116 new state [,interval]) 4117 -> result 4119 Instructs the local endpoint to enable or disable heart beat on the 4120 specified destination transport address. 4122 The result of attempting this operation shall be returned. 4123 Note, even when enabled, heart beat will not take place if the 4124 destination transport address is not idle. 4126 Mandatory attributes: 4128 o association id - local handle to the SCTP association 4130 o destination transport address - specified as one of the transport 4131 addresses of the peer endpoint. 4133 o new state - the new state of heart beat for this destination 4134 transport address (either enabled or disabled). 4136 Optional attributes: 4138 o interval - if present, indicates the frequency of the heart beat if 4139 this is to enable heart beat on a destination transport 4140 address. Default interval is the RTO of the destination address. 4142 Stewart, et al [Page 76] 4143 J) Request HeartBeat 4145 Format: REQUESTHEARTBEAT(association id, destination transport 4146 address) 4147 -> result 4149 Instructs the local endpoint to perform a HeartBeat on the specified 4150 destination transport address of the given association. The returned 4151 result should indicate whether the transmission of the HEARTBEAT 4152 message to the destination address is successful. 4154 Mandatory attributes: 4156 o association id - local handle to the SCTP association 4158 o destination transport address - the transport address of the 4159 association on which a heartbeat should be issued. 4161 K) Get SRTT Report 4163 Format: GETSRTTREPORT(association id, destination transport address) 4164 -> srtt result 4166 Instructs the local SCTP to report the current SRTT measurement on the 4167 specified destination transport address of the given association. The 4168 returned result can be an integer containing the most recent SRTT in 4169 milliseconds. 4171 Mandatory attributes: 4173 o association id - local handle to the SCTP association 4175 o destination transport address - the transport address of the 4176 association on which the SRTT measurement is to be reported. 4178 Stewart, et al [Page 77] 4179 L) Set Failure Threshold 4181 Format: SETFAILURETHRESHOLD(association id, destination transport 4182 address, failure threshold) 4183 -> result 4185 This primitive allows the local SCTP to customize the reachability 4186 failure detection threshold 'Path.Max.Retrans' for the specified 4187 destination address. 4189 Mandatory attributes: 4191 o association id - local handle to the SCTP association 4193 o destination transport address - the transport address of the 4194 association on which the failure detection threshold is to be set. 4196 o failure threshold - the new value of 'Path.Max.Retrans' for the 4197 destination address. 4199 M) Set Protocol Parameters 4201 Format: SETPROTOCOLPARAMETERS(association id, [,destination transport 4202 address,] protocol parameter list) 4203 -> result 4205 This primitive allows the local SCTP to customize the protocol 4206 parameters. 4208 Mandatory attributes: 4210 o association id - local handle to the SCTP association 4212 o protocol parameter list - The specific names and values of the 4213 protocol parameters (e.g., Association.Max.Retrans [see Section 4214 14]) that the SCTP user wishes to customize. 4216 Optional attributes: 4218 o destination transport address - some of the protocol parameters may 4219 be set on a per destination transport address basis. 4221 10.2 SCTP-to-ULP 4223 It is assumed that the operating system or application environment 4224 provides a means for the SCTP to asynchronously signal the ULP 4225 process. When SCTP does signal an ULP process, certain information is 4226 passed to the ULP. 4228 IMPLEMENTATION NOTE: in some cases this may be done through a 4229 seperate socket or error channel. 4231 Stewart, et al [Page 78] 4232 A) DATA ARRIVE notification 4234 SCTP shall invoke this notification on the ULP when a user message is 4235 successfully received and ready for retrieval. 4237 The following may be optionally be passed with the notification: 4239 o association id - local handle to the SCTP association 4241 o stream id - to indicate which stream the data is received on. 4243 B) SEND FAILURE notification 4245 If a message can not be delivered SCTP shall invoke this notification 4246 on the ULP. 4248 The following may be optionally be passed with the notification: 4250 o association id - local handle to the SCTP association 4252 o data - the location ULP can find the un-delivered message. 4254 o cause code - indicating the reason of the failure, e.g., size too 4255 large, message life-time expiration, etc. 4257 o context - optional information associated with this message (see 4258 D in section 10.1). 4260 C) NETWORK STATUS CHANGE notification 4262 When a destination transport address is marked down (e.g., when SCTP 4263 detects a failure), or marked up (e.g., when SCTP detects a recovery), 4264 SCTP shall invoke this notification on the ULP. 4266 The following shall be passed with the notification: 4268 o association id - local handle to the SCTP association 4270 o destination transport address - This indicates the destination 4271 transport address of the peer endpoint affected by the change; 4273 o new-status - This indicates the new status. 4275 Stewart, et al [Page 79] 4276 D) COMMUNICATION UP notification 4278 This notification is used when SCTP becomes ready to send or receive 4279 user messages, or when a lost communication to an endpoint is 4280 restored. 4282 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 4283 blocking function call, the association parameters are returned as a 4284 result of the ASSOCIATE primitive itself. In that case, 4285 COMMUNICATION UP notification is optional at the association 4286 initiator's side. 4288 The following shall be passed with the notification: 4290 o association id - local handle to the SCTP association 4292 o status - This indicates what type of event that has occurred 4294 o destination transport address list - the complete set of transport 4295 addresses of the peer 4297 o outbound stream count - the maximum number of streams allowed to be 4298 used in this association by the ULP 4300 o inbound stream count - the number of streams the peer endpoint 4301 has requested with this association (this may not be the same 4302 number has 'outbound stream count'). 4304 Stewart, et al [Page 80] 4305 E) COMMUNICATION LOST notification 4307 When SCTP loses communication to an endpoint completely or detects 4308 that the endpoint has performed an abort or graceful shutdown 4309 operation, it shall invoke this notification on the ULP. 4311 The following shall be passed with the notification: 4313 o association id - local handle to the SCTP association 4315 o status - This indicates what type of event that has occurred; 4317 The following may be optionally passed with the notification: 4319 o unsent-messages - The number and location of un-sent messages 4320 still in hold by SCTP; 4322 o unacknowledged-messages - The number and location of messages 4323 that were attempted to be transported to the destination, but were 4324 not acknowledged when the loss of communication was detected. 4326 o last-acked - the sequence number last acked by that peer endpoint; 4328 o last-sent - the sequence number last sent to that peer endpoint; 4330 o received-but-not-delivered - messages that were received by SCTP 4331 but not yet delivered to the ULP. 4333 Note: the un-send data report may not be accurate for those user 4334 messages which are segmented by SCTP during transmission. 4336 F) COMMUNICATION ERROR notification 4338 When SCTP receives an ERROR chunk from its peer and decides to notify 4339 its ULP, it can invoke this notification on the ULP. 4341 The following can be passed with the notification: 4343 o association id - local handle to the SCTP association 4345 o error info - this indicates the type of error and optionally some 4346 additional information received through the ERROR chunk. 4348 Stewart, et al [Page 81] 4349 11. Security Considerations 4351 11.1 Security Objectives 4353 As a common transport protocol designed to reliably carry time- 4354 sensitive user messages, such as billing or signaling messages for 4355 telephony services, between two networked endpoints, SCTP has the 4356 following security objectives. 4358 - availability of reliable and timely data transport services 4359 - integrity of the user-to-user information carried by SCTP 4361 11.2 SCTP Responses To Potential Threats 4363 It is clear that SCTP may potentially be used in a wide variety of 4364 risk situations. It is important for operator(s) of the systems 4365 concerned to analyze their particular situations and decide on the 4366 appropriate counter-measures. 4368 Where the SCTP system serves a group of users, it is probably 4369 operating as part of a professionally managed corporate or service 4370 provider network. It is reasonable to expect that this management 4371 includes an appropriate security policy framework. [RFC 2196, "Site 4372 Security Handbook", B. Fraser Ed., September 1997] should be 4373 consulted for guidance. 4375 The case is more difficult where the SCTP system is operated by a 4376 private user. The service provider with whom that user has a 4377 contractual arrangement SHOULD provide help to ensure that the 4378 user's site is secure, ranging from advice on configuration through 4379 downloaded scripts and security software. 4381 11.2.1 Countering Insider Attacks 4383 The principles of the Site Security Handbook [13] should be applied 4384 to minimize the risk of theft of information or sabotage by 4385 insiders. These include publication of security policies, control 4386 of access at the physical, software, and network levels, and 4387 separation of services. 4389 Stewart, et al [Page 82] 4390 11.2.2 Protecting against Data Corruption in the Network 4392 Where the risk of undetected errors in datagrams delivered by the 4393 lower layer transport services is considered to be too great, 4394 additional checksum protection may be required. The question is 4395 whether this is appropriately provided as an SCTP service because it 4396 is needed by most potential users of SCTP, or whether instead it 4397 should be provided by the SCTP user application. (The SCTP protocol 4398 overhead, as opposed to the signaling payload, is protected adequately 4399 by the Adler-32 checksum and measures taken in SCTP to prevent replay 4400 attacks and masquerade.) In any event, the checksum must be 4401 specifically designed to ensure that it detects the errors left behind 4402 by the Adler-32 checksum. 4404 11.2.3 Protecting Confidentiality 4406 In most cases, the risk of breach of confidentiality applies to the 4407 signaling data payload, not to the SCTP or lower-layer protocol 4408 overheads. If that is true, encryption of the SCTP user data only 4409 may be considered. As with the supplementary checksum service, user 4410 data encryption may be performed by the SCTP user application. 4412 Particularly for mobile users, the requirement for confidentiality 4413 may include the masking of IP addresses and ports. In this case 4414 IPSEC ESP should be used instead of application-level encryption. 4415 Similarly, where other reasons prompt the use of the IPSEC ESP 4416 service, application-level encryption is unnecessary. It will be up 4417 to the SCTP system operators to configure the application 4418 appropriately. 4420 Regardless of which level performs the encryption, the IPSEC ISAKMP 4421 service should be used for key management. 4423 Operators should consult [RFC 2401, "Security Architecture for the 4424 Internet Protocol", S. Kent, R. Atkinson, November 1998] for 4425 information on the configuration of IPSEC services between hosts 4426 with and without intervening firewalls. 4428 11.2.4 Protecting against Blind Denial of Service Attacks 4430 A blind attack is one where the attacker is unable to intercept or 4431 otherwise see the content of data flows passing to and from the 4432 target SCTP node where it is not a party to the association. Blind 4433 denial of service attacks may take the form of flooding, masquerade, 4434 or improper monopolization of services. 4436 Stewart, et al [Page 83] 4437 11.2.4.1 Flooding 4439 The objective of flooding is to cause loss of service and incorrect 4440 behavior at target systems through resource exhaustion, interference 4441 with legitimate transactions, and exploitation of buffer-related 4442 software bugs. Flooding may be directed either at the SCTP node or at 4443 resources in the intervening IP Access Links or the Internetwork. 4444 Where the latter entities are the target, flooding will manifest 4445 itself as loss of network services, including potentially the breach 4446 of any firewalls in place. 4448 In general, protection against flooding begins at the equipment 4449 design level, where it includes measures such as: 4451 - avoiding commitment of limited resources before determining that 4452 the request for service is legitimate 4453 - giving priority to completion of processing in progress over the 4454 acceptance of new work 4455 - identification and removal of duplicate or stale queued requests 4456 for service. 4458 Network equipment should be capable of generating an alarm and log 4459 if a suspicious increase in traffic occurs. The log should provide 4460 information such as the identity of the incoming link and source 4461 address(es) used which will help the network or SCTP system operator 4462 to take protective measures. Procedures should be in place for the 4463 operator to act on such alarms if a clear pattern of abuse emerges. 4465 The design of SCTP is resistant to flooding attacks, particularly in 4466 its use of a four-way start-up handshake, its use of a cookie to 4467 defer commitment of resources at the responding SCTP node until the 4468 handshake is completed, and its use of a verification tag to prevent 4469 insertion of extraneous messages into the flow of an established 4470 association. 4472 11.2.4.2 Masquerade 4474 Masquerade can be used to deny service in several ways: 4476 - by tying up resources at the target SCTP node to which the 4477 impersonated node has limited access. For example, the target node 4478 may by policy permit a maximum of one SCTP association with the 4479 impersonated SCTP node. The masquerading attacker may attempt to 4480 establish an association purporting to come from the impersonated 4481 node so that the latter cannot do so when it requires it. 4482 - by deliberately allowing the impersonation to be detected, 4483 thereby provoking counter-measures which cause the impersonated node 4484 to be locked out of the target SCTP node. 4485 - by interfering with an established association by inserting 4486 extraneous content such as a SHUTDOWN request. 4488 Stewart, et al [Page 84] 4489 SCTP prevents masquerade through IP spoofing by use of the four-way 4490 startup handshake. Because the initial exchange is memoryless, no 4491 lockout mechanism is triggered by masquerade attacks. SCTP protects 4492 against insertion of extraneous messages into the flow of an 4493 established association by use of the verification tag. 4495 Logging of received INIT requests and abnormalities such as 4496 unexpected INIT ACKs might be considered as a way to detect patterns 4497 of hostile activity. However, the potential usefulness of such 4498 logging must be weighed against the increased SCTP startup 4499 processing it implies, rendering the SCTP node more vulnerable to 4500 flooding attacks. Logging is pointless without the establishment of 4501 operating procedures to review and analyze the logs on a routine 4502 basis. 4504 11.2.4.3 Improper Monopolization of Services 4506 Attacks under this heading are performed openly and legitimately by 4507 the attacker. They are directed against fellow users of the target 4508 SCTP node or of the shared resources between the attacker and the 4509 target node. Possible attacks include the opening of a large number 4510 of associations between the attacker's node and the target, or 4511 transfer of large volumes of information within a legitimately- 4512 established association. 4514 Such attacks take advantage of policy deficiencies at the target 4515 SCTP node. Defense begins with a contractual prohibition of 4516 behavior directed to denial of service to others. Policy limits 4517 should be placed on the number of associations per adjoining SCTP 4518 node. SCTP user applications should be capable of detecting large 4519 volumes of illegitimate or "no-op" messages within a given 4520 association and either logging or terminating the association as a 4521 result, based on local policy. 4523 11.3 Protection against Fraud and Repudiation 4525 The objective of fraud is to obtain services without authorization 4526 and specifically without paying for them. In order to achieve this 4527 objective, the attacker must induce the SCTP user application at the 4528 target SCTP node to provide the desired service while accepting 4529 invalid billing data or failing to collect it. Repudiation is a 4530 related problem, since it may occur as a deliberate act of fraud or 4531 simply because the repudiating party kept inadequate records of 4532 service received. 4534 Potential fraudulent attacks include interception and misuse of 4535 authorizing information such as credit card numbers, blind 4536 masquerade and replay, and man-in-the middle attacks which modify 4537 the messages passing through a target SCTP association in real time. 4539 Stewart, et al [Page 85] 4540 The interception attack is countered by the confidentiality measures 4541 discussed in section 11.2.3 above. 4543 Section 11.2.4.2 describes how SCTP is resistant to blind masquerade 4544 attacks, as a result of the four-way startup handshake and the 4545 validation tag. The validation tag and TSN together are protections 4546 against blind replay attacks, where the replay is into an existing 4547 association. 4549 However, SCTP does not protect against man-in-the-middle attacks 4550 where the attacker is able to intercept and alter the messages sent 4551 and received in an association. Where a significant possibility of 4552 such attacks is seen to exist, or where possible repudiation is an 4553 issue, the use of the IPSEC AH service is recommended to ensure both 4554 the integrity and the authenticity of the messages passed. 4556 SCTP also provides no protection against attacks originating at or 4557 beyond the SCTP node and taking place within the context of an 4558 existing association. Prevention of such attacks should be covered 4559 by appropriate security policies at the host site, as discussed in 4560 section 11.2.1. 4562 12. Recommended Transmission Control Block (TCB) Parameters 4564 This section details a recommended set of parameters that should 4565 be contained within the TCB for an implementation. This section is 4566 for illustrative purposes and should not be deemed as requirements 4567 on an implementation NOR as an exhaustive list of all parameters 4568 inside an SCTP TCB. Each implementation may need its own additional 4569 parameters to optimize their implementation. 4571 12.1 Parameters necessary for the SCTP instance 4573 Associations A list of current associations and mappings to the 4574 data consumers for each association. This may be in 4575 the form of a hash table or other implementation dependent 4576 structure. The data consumers may be process identification 4577 information such as file descriptors, named pipe pointer, 4578 or table pointers dependent on how SCTP is implemented. 4580 Secret Key A secret key used by this endpoint to sign all cookies. 4581 This SHOULD be a cryptographic quality random number with 4582 a sufficient length. Discussion in RFC 1750 [1] can be 4583 helpful in selection of the key. 4585 Address List The list of IP addresses that this instance has bound. This 4586 information is passed to one's peer(s) in INIT and 4587 INIT-ACK messages. 4589 SCTP Por The local SCTP port number the endpoint is bound to. 4591 Stewart, et al [Page 86] 4592 12.2 Parameters necessary per association (i.e. the TCB) 4594 Peer Tag value to be sent in every datagram and is received 4595 Verification in the INIT or INIT ACK message. 4596 Tag 4598 My Tag expected in every inbound datagram and sent in the 4599 Verification INIT or INIT ACK message. 4600 Tag 4602 State A state variable indicating what state the association is 4603 in, i.e . COOKIE_WAIT, COOKIE_SENT, ESTABLISHED, 4604 SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED. 4605 Note: No "CLOSED" state is illustrated since if a 4606 association is "CLOSED" its TCB SHOULD be removed. 4608 Peer A list of SCTP transport addresses that the peer is 4609 Transport bound to. This information is derived from the INIT or 4610 Address INIT-ACK and is used to associate an inbound datagram 4611 List with a given association. Normally this information is 4612 hashed or keyed for quick lookup and access of the TCB. 4614 Primary This is the current primary destination transport 4615 Destination address of the peer endpoint. 4617 Overall The overall association error count. 4618 Error Count 4620 Overall The threshold for this association that if the Overall 4621 Error Error Count reaches will cause this association to be 4622 Threshold torn down. 4624 Peer Rwnd Current calculated value of the peer's rwnd. 4626 Next TSN My next TSN number I will assign. This is sent in 4627 the INIT or INIT-ACK message to the peer and 4628 incremented each time a DATA chunk is assigned a 4629 TSN (normally just prior to transmit or during 4630 segmentation). 4632 Last Rcvd This is the last TSN I received and is the 4633 TSN current cumulative TSN point. This value is 4634 set initially by taking the peers initial TSN, 4635 received in the INIT or INIT-ACK message, and 4636 subtracting one from it. 4638 Mapping An array of bits or bytes indicating which out of 4639 Array order TSN's have been received (relative to the 4640 cumulative TSN i.e. Last Rcvd TSN). If no GAP's exist, 4641 i.e. no out of order messages have been received, 4642 this array will be set to all zero. This structure 4643 may be in the form of a circular buffer or bit array. 4645 Stewart, et al [Page 87] 4646 Ack State This flag indicates if the next received datagram 4647 is to be responded to with a SACK. This is initialized 4648 to 0, when a datagram is received it is incremented. 4649 If this value reaches 2, a SACK is sent and the value 4650 is reset to 0. Note: this is used only when no datagrams 4651 are received out of order, when DATA chunks are out 4652 of order SACK's are not delayed (see Section 6). 4654 Inbound An array of structures to track the inbound streams. 4655 Streams Normally including the next sequence number expected 4656 and possibly the stream number. 4658 Outbound An array of structures to track the outbound streams. 4659 Streams Normally including the next sequence number to 4660 be sent on the stream. 4662 Reasm Queue A re-assembly queue. 4664 12.3 Per Transport Address Data 4666 For each destination transport address in the peer's address list 4667 derived from the INIT or INIT ACK message, a number of data elements 4668 needs to be maintained including: 4670 Error count The current error count for this destination. 4672 Error Current error threshold for this destination i.e. 4673 Threshold what value marks the destination down if Error count 4674 reaches this value. 4676 cwnd The current congestion window. 4678 ssthresh The current ssthresh value. 4680 RTO The current retransmission timeout value. 4682 SRTT The current smoothed round trip time. 4684 RTTVAR The current RTT variation. 4686 partial The tracking method for increase of cwnd when in 4687 bytes acked congestion avoidance mode (see section 6.2.2) 4689 state The current state of this destination, i.e. DOWN, UP, 4690 ALLOW-HB, NO-HEARTBEAT, etc. 4692 P-MTU The current known path MTU. 4694 Per A timer used by each destination. 4695 Destination 4696 Timer 4698 Stewart, et al [Page 88] 4699 RTO-Pending A flag used to track if one of the datagrams sent to this 4700 address is currently being used to compute a RTT. If this 4701 flag is 0, the next datagram sent to this destination 4702 should be used to compute a RTT and this flag should be 4703 set. Every time the RTT calculation 4704 completes (i.e. the datagram is SACK'd) clear this flag. 4706 last-time The time this destination was last sent to. This can be 4707 used used to determine if a HEARTBEAT is needed. 4709 12.4 General Parameters Needed 4711 Out Queue A queue of outbound datagrams. 4713 In Queue A queue of inbound datagrams. 4715 13. IANA Consideration 4717 This protocol will require port reservation like TCP for the use of 4718 "well known" servers within the Internet. It is suggested that all 4719 current TCP ports should be automatically reserved in the SCTP port 4720 address space. New requests should follow IANA's current mechanisms 4721 for TCP. 4723 This protocol may also be extended through IANA in three ways: 4724 -- through definition of additional chunk types, 4725 -- through definition of additional parameter types, or 4726 -- through definition of additional cause codes within Operation 4727 Error chunks 4729 In the case where a particular ULP using SCTP desires to have its own 4730 ports, the ULP should be responsible for registering with IANA for 4731 getting its ports assigned. 4733 13.1 IETF-defined Chunk Extension 4735 The appropriate use of specific chunk types is an integral part of the 4736 SCTP protocol. In consequence, the intention is that new IETF-defined 4737 chunk types MUST be supported by standards-track RFC documentation. 4738 As a transitional step, a new chunk type MAY be introduced in an 4739 Experimental RFC. Chunk type codes MUST remain permanently associated 4740 with the original documentation on the basis of which they were 4741 allocated. Thus if the RFC supporting a given chunk type is 4742 deprecated in favor of a new document, the corresponding chunk type 4743 code value is also deprecated and a new code value is allocated in 4744 association with the replacement document. 4746 Stewart, et al [Page 89] 4747 The documentation for a new chunk code type must include the following 4748 information: 4749 (a) a long and short name for the new chunk type; 4750 (b) a detailed description of the structure of the chunk, which MUST 4751 conform to the basic structure defined in section 3.2; 4752 (c) a detailed definition and description of intended use of each field 4753 within the chunk, including the chunk flags if any; 4754 (d) a detailed procedural description of the use of the new chunk type 4755 within the operation of the protocol. 4757 If the primary numbering space reserved for IETF use (0x00 to 0xFD) is 4758 exhausted, new codes shall subsequently be allocated in the extension 4759 range 0x0000 through 0xFFFF. Chunks allocated in this range MUST 4760 conform to the following structure: 4762 First word (32 bits): 4763 as shown in section 3.2, with chunk type code equal to 0xFF. 4765 Second word: 4766 first octet MUST be all 1's (0xFF). Next octet MUST be all 0's 4767 (0x00). Final two octets contain the allocated extension code value. 4769 0 1 2 3 4770 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 4771 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4772 |1 1 1 1 1 1 1 1|Chunk Flags | Chunk Length | 4773 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4774 |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | 4775 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4776 \ \ 4777 / Value / 4778 \ \ 4779 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4781 13.2 IETF-defined Chunk Parameter Extension 4783 The allocation of a new chunk parameter type code from the IETF 4784 numbering space MUST be supported by RFC documentation. As with chunk 4785 type codes, parameter type codes are uniquely associated with their 4786 supporting document and MUST be replaced if new documentation is 4787 provided. This documentation may be Informational, Experimental, or 4788 standards-track at the discretion of the IESG. It MUST contain the 4789 following information: 4790 (a) Name of the parameter type. 4791 (b) Detailed description of the structure of the parameter field. This 4792 structure MUST conform to the general type-length-value format 4793 described in section 3.2.1. 4794 (c) Detailed definition of each component of the parameter value. 4795 (d) Detailed description of the intended use of this parameter type, 4796 and an indication of whether and under what circumstances 4797 multiple instances of this parameter type may be found within the 4798 same chunk. 4800 Stewart, et al [Page 90] 4801 Additional parameter type codes may be allocated initially from the 4802 range 0x0000 through 0xFFFD. If this space is exhausted, extension 4803 codes shall be allocated in the range 0x0000 through 0xFFFF. Where an 4804 extension code has been allocated, the format of the parameter must 4805 conform to the following structure: 4807 First word (32 bits): 4808 contains the parameter type code 0xFFFF and parameter length as 4809 described in section 3.2.1. 4811 Second word: 4812 first octet MUST be all 1's (0xFF). Next octet MUST be all 0's 4813 (0x00). Final two octets contain the allocated extension code 4814 value. 4816 The Value portion of the parameter, if any, follows the second word. 4818 0 1 2 3 4819 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 4820 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4821 |1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| Length | 4822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4823 |1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code | 4824 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4825 \ \ 4826 / Value / 4827 \ \ 4828 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4830 13.3 IETF-defined Additional Error Causes 4832 Additional cause codes may be allocated in the range 0x0004 to 0xFFFF 4833 upon receipt of any permanently-available public documentation 4834 containing the following information: 4835 (a) Name of the error condition. 4836 (b) Detailed description of the conditions under which an SCTP 4837 endpoint should issue an Operation Error with this cause code. 4838 (c) Expected action by the SCTP endpoint which receives an Operation 4839 Error chunk containing this cause code. 4840 (d) Detailed description of the structure and content of data fields 4841 which accompany this cause code. 4843 The initial word (32 bits) of a cause code parameter MUST conform to 4844 the format shown in section 3.3.9, i.e.: 4845 -- first two octets contain the cause code value 4846 -- last two octets contain length of the cause parameter. 4848 Stewart, et al [Page 91] 4849 13.4 Payload Protocol Identifiers 4851 Except for value 0x00000000 which is reserved by SCTP to indicate the 4852 absence of a payload protocol identifier in a DATA chunk, SCTP will 4853 not be responsible for standardizing or verifying any payload protocol 4854 identifiers; SCTP simply receives the identifier from the upper layer 4855 and carries it with the corresponding payload data. 4857 The upper layer, i.e, the SCTP user, SHOULD standardize any specific 4858 protocol identifier with IANA if it is so desired. The use of any 4859 specific payload protocol identifier is out of the scope of SCTP. 4861 14. Suggested SCTP Protocol Parameter Values 4863 The following protocol parameters are RECOMMENDED: 4865 RTO.Initial - 3 seconds 4866 RTO.Min - 1 second 4867 RTO.Max - 60 seconds 4868 RTO.Alpha - 1/8 4869 RTO.Beta - 1/4 4870 Valid.Cookie.Life - 5 seconds 4871 Association.Max.Retrans - 10 attempts 4872 Path.Max.Retrans - 5 attempts (per destination address) 4873 Max.Init.Retransmits - 8 attempts 4875 'retrans.count' - counter (per destination address) 4876 'receiver.buffer' - variable (per peer endpoint) 4878 IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to 4879 customize some of these protocol parameters (see Section 10). 4881 15. Acknowledgments 4883 The authors wish to thank Mark Allman, Richard Band, Scott Bradner, 4884 Steve Bellovin, Ram Dantu, R. Ezhirpavai, Sally Floyd, Matt Holdrege, 4885 Henry Houh, Christian Huetima, Gary Lehecka, John Loughney, Daniel 4886 Luan, Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno 4887 Rajahalme, Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez, 4888 A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their 4889 invaluable comments. 4891 Stewart, et al [Page 92] 4892 16. Authors' Addresses 4894 Randall R. Stewart Tel: +1-847-632-7438 4895 Motorola, Inc. EMail: rstewar1@email.mot.com 4896 1501 W. Shure Drive, #2315 4897 Arlington Heights, IL 60004 4898 USA 4900 Qiaobing Xie Tel: +1-847-632-3028 4901 Motorola, Inc. EMail: qxie1@email.mot.com 4902 1501 W. Shure Drive, #2309 4903 Arlington Heights, IL 60004 4904 USA 4906 Ken Morneault Tel: +1-703-484-3323 4907 Cisco Systems Inc. EMail: kmorneau@cisco.com 4908 13615 Dulles Technology Drive 4909 Herndon, VA. 20171 4910 USA 4912 Chip Sharp Tel: +1-919-392-3121 4913 Cisco Systems Inc. EMail:chsharp@cisco.com 4914 7025 Kit Creek Road 4915 Research Triangle Park, NC 27709 4916 USA 4918 Hanns Juergen Schwarzbauer Tel: +49-89-722-24236 4919 SIEMENS AG 4920 Hofmannstr. 51 4921 81359 Munich 4922 Germany 4923 EMail: HannsJuergen.Schwarzbauer@icn.siemens.de 4925 Tom Taylor Tel: +1-613-736-0961 4926 Nortel Networks 4927 1852 Lorraine Ave. 4928 Ottawa, Ontario 4929 Canada K1H 6Z8 4930 EMail:taylor@nortelnetworks.com 4932 Ian Rytina Tel: +61-3-9301-6164 4933 Ericsson Australia EMail:ian.rytina@ericsson.com 4934 37/360 Elizabeth Street 4935 Melbourne, Victoria 3000 4936 Australia 4938 Malleswar Kalla Tel: +1-973-829-5212 4939 Telcordia Technologies 4940 MCC 1J211R 4941 445 South Street 4942 Morristown, NJ 07960 4943 USA 4944 EMail: kalla@research.telcordia.com 4946 Stewart, et al [Page 93] 4947 Lixia Zhang Tel: +1-310-825-2695 4948 UCLA Computer Science Department EMail: lixia@cs.ucla.edu 4949 4531G Boelter Hall 4950 Los Angeles, CA 90095-1596 4951 USA 4953 Vern Paxson Tel: +1-510-642-4274 x 302 4954 ACIRI EMail: vern@aciri.org 4955 1947 Center St., Suite 600, 4956 Berkeley, CA 94704-1198 4957 USA 4959 17. References 4961 [1] Eastlake , D. (ed.), "Randomness Recommendations for Security", 4962 RFC 1750, December 1994. 4964 [2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format 4965 Specification version 3.3", RFC 1950, May 1996. 4967 [3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion 4968 Control", RFC 2581, April 1999. 4970 [4] Krawczyk, H., Bellare, M., Canetti, R., "HMAC: Keyed-Hashing for 4971 Message Authentication", RFC 2104, March 1997. 4973 [5] Allman, M., and Paxson, V., "On Estimating End-to-End Network 4974 Path Properties", Proc. SIGCOMM'99, 1999. 4976 [6] Karn, P., and Simpson, W., "Photuris: Session-Key Management 4977 Protocol", RFC 2522, March 1999. 4979 [7] Bradner, S., "The Internet Standards Process -- Revision 3", 4980 RFC 2026, October 1996. 4982 [8] Postel, J. (ed.), "Transmission Control Protocol", RFC 793, 4983 September 1981. 4985 [9] Postel, J. (ed.), "User Datagram Protocol", RFC 768, August 1980. 4987 [10] Reynolds, J., and Postel, J. (ed.), "Assigned Numbers", RFC 1700, 4988 October 1994. 4990 [11] Mogul, J., and Deering, S., "Path MTU Discovery", RFC 1191, 4991 November 1990. 4993 [12] McCann, J., Deering, S., and Mogul, J., "Path MTU Discovery for 4994 IP version 6", RFC 1981, August 1996. 4996 [13] Fraser, B. (ed.), "Site Security Handbook", RFC 2196, September 4997 1997. 4999 Stewart, et al [Page 94] 5000 [14] Kent, S., and Atkinson, R., "Security Architecture for the 5001 Internet Protocol", RFC 2401, November 1998. 5003 [15] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T., 5004 "TCP Congestion Control with a Misbehaving Receiver", ACM 5005 Computer Communication Review, 29(5), October 1999. 5007 [16] Fall, K., and Floyd, S., Simulation-based Comparisons of Tahoe, 5008 Reno, and SACK TCP, Computer Communications Review, V. 26 N. 3, 5009 July 1996, pp. 5-21. 5011 [17] Deering, S., and R. Hinden, "Internet Protocol, Version 5012 6 (IPv6) Specification", RFC 1883, December 1995. 5014 [18] Bradner, S. "Key words for use in RFCs to Indicate Requirement 5015 Levels", BCP 14, RFC 2119, March 1997. 5017 Appendix A: Explicit Congestion Notification 5019 ECN (Ramakrishnan, k., Floyd, S., "Explicit Congestion Notification", 5020 RFC 2481, January 1999) describes a proposed extension to IP that 5021 details a method to become aware of congestion outside of datagram 5022 loss. This is an optional feature that an implementation MAY choose to 5023 add to SCTP. This appendix details the minor differences an implementor 5024 will need to be aware of if they choose to implement this feature. 5025 In general RFC 2481 should be followed with the following exceptions. 5027 Negotiation: 5029 RFC2481 details negotiation of ECN during the SYN and SYN-ACK stages 5030 of a TCP connection. The sender of the SYN sets two bits in the 5031 TCP flags, and the sender of the SYN-ACK sets only 1 bit. The reasoning 5032 behind this is to assure both sides are truly ECN capable. For SCTP 5033 this is not necessary. To indicate that an endpoint is ECN capable 5034 a endpoint MAY add to the INIT and or INIT-ACK message the TLV 5035 reserved for ECN. This TLV contains no parameters, and thus has 5036 the following format: 5038 0 1 2 3 5039 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 5040 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5041 | Parameter Type = 0x000a | Parameter Length = 0x0004 | 5042 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5044 Stewart, et al [Page 95] 5045 ECN-Echo: 5047 RFC 2481 details a specific bit for a receiver to send back in its 5048 acknowledgments to notify the sender of the Congestion Experienced (CE) 5049 bit having arrived from the network. For SCTP this same indication is 5050 made by including the ECNE chunk. This chunk contains one data 5051 element, i.e. the lowest TSN associated with the datagram marked 5052 with the CE bit, and looks as follows: 5054 0 1 2 3 5055 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 5056 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5057 | ID=00001100 | Flags=00000000| Chunk Length=0008 | 5058 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5059 | Lowest TSN Number | 5060 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5062 Note: The ECNE is considered a Control chunk. 5064 CWR: 5066 RFC 2481 details a specific bit for a sender to send in its 5067 next outbound datagram to indicate to its peer that it has 5068 reduced its congestion window. This is termed the CWR bit. For 5069 SCTP the same indication is made by including the CWR chunk. 5070 This chunk contains one data element, i.e. the TSN number that 5071 was sent in the ECN-Echo. This element represents the lowest 5072 TSN number in the datagram that was originally marked with the 5073 CE bit. 5075 0 1 2 3 5076 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 5077 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5078 | ID=00001101 | Flags=00000000| Chunk Length=0008 | 5079 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5080 | Lowest TSN Number | 5081 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5083 Note: The CWR is considered a Control chunk. 5085 This Internet Draft expires in 6 months from April, 2000 5087 Stewart, et al [Page 96]