idnits 2.17.1 draft-ietf-tsvwg-rfc2960-bis-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing document type: Expected "INTERNET-DRAFT" in the upper left hand corner of the first page ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == The page length should not exceed 58 lines per page, but there was 2 longer pages, the longest (page 1) being 68 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 21 instances of too long lines in the document, the longest one being 6 characters in excess of 72. ** There are 5 instances of lines with control characters in the document. -- The abstract seems to indicate that this document obsoletes RFC2960, but the header doesn't have an 'Obsoletes:' line to match this. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 4908 has weird spacing: '...ontains a par...' == Line 4930 has weird spacing: '...mber of unack...' == Line 5069 has weird spacing: '... set to indic...' == Line 5102 has weird spacing: '... set to indic...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: This value represents the dedicated buffer space, in number of bytes, the sender of the INIT has reserved in association with this window. During the life of the association this buffer space SHOULD not be lessened (i.e. dedicated buffers taken away from this association); however, an endpoint MAY change the value of a_rwnd it sends in SACK chunks. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: This value represents the dedicated buffer space, in number of bytes, the sender of the INIT ACK has reserved in association with this window. During the life of the association this buffer space SHOULD not be lessened (i.e. dedicated buffers taken away from this association). == Unrecognized Status in 'Category: Internet Draft', assuming Proposed Standard (Expected one of 'Standards Track', 'Full Standard', 'Draft Standard', 'Proposed Standard', 'Best Current Practice', 'Informational', 'Experimental', 'Informational', 'Historic'.) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2522' is mentioned on line 5967, but not defined == Missing Reference: 'RFC2104' is mentioned on line 5961, but not defined == Missing Reference: 'RFC2373' is mentioned on line 1221, but not defined ** Obsolete undefined reference: RFC 2373 (Obsoleted by RFC 3513) == Missing Reference: 'ASSOCIATE' is mentioned on line 2227, but not defined == Missing Reference: 'SHUTDOWN' is mentioned on line 2260, but not defined == Missing Reference: 'ABORT' is mentioned on line 2221, but not defined == Missing Reference: 'RFC1750' is mentioned on line 5955, but not defined ** Obsolete undefined reference: RFC 1750 (Obsoleted by RFC 4086) == Missing Reference: 'ALLMAN99' is mentioned on line 5948, but not defined == Missing Reference: 'FALL96' is mentioned on line 5951, but not defined == Missing Reference: 'SAVAGE99' is mentioned on line 5970, but not defined == Missing Reference: 'RFC2196' is mentioned on line 5964, but not defined == Missing Reference: 'RFC1950' is mentioned on line 5958, but not defined -- Looks like a reference, but probably isn't: '1' on line 6055 == Missing Reference: 'N' is mentioned on line 6055, but not defined -- Looks like a reference, but probably isn't: '2' on line 6055 -- Looks like a reference, but probably isn't: '8' on line 6088 == Unused Reference: 'RFC1700' is defined on line 5905, but no explicit reference was found in the text == Unused Reference: 'RFC2026' is defined on line 5914, but no explicit reference was found in the text ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 1700 (Obsoleted by RFC 3232) ** Obsolete normative reference: RFC 1981 (Obsoleted by RFC 8201) ** Obsolete normative reference: RFC 2401 (Obsoleted by RFC 4301) ** Obsolete normative reference: RFC 2402 (Obsoleted by RFC 4302, RFC 4305) ** Obsolete normative reference: RFC 2406 (Obsoleted by RFC 4303, RFC 4305) ** Obsolete normative reference: RFC 2408 (Obsoleted by RFC 4306) ** Obsolete normative reference: RFC 2409 (Obsoleted by RFC 4306) ** Obsolete normative reference: RFC 2434 (Obsoleted by RFC 5226) ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 2581 (Obsoleted by RFC 5681) Summary: 20 errors (**), 0 flaws (~~), 25 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group R. Stewart 2 Request for Comments: 2960 Q. Xie 3 Category: Internet Draft Motorola 4 K. Morneault 5 C. Sharp 6 Cisco 7 H. Schwarzbauer 8 Siemens 9 T. Taylor 10 Nortel Networks 11 I. Rytina 12 Ericsson 13 M. Kalla 14 Telcordia 15 L. Zhang 16 UCLA 17 V. Paxson 18 ACIRI 20 May 16 2001 22 Stream Control Transmission Protocol 24 draft-ietf-tsvwg-rfc2960-bis-00.txt 26 Status of this Memo 28 This document is an Internet-Draft and is subject to all provisions 29 of Section 10 of RFC2026. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF), its areas, and its working groups. Note that 33 other groups may also distribute working documents as 34 Internet-Drafts. 36 Internet-Drafts are draft documents valid for a maximum of six 37 months and may be updated, replaced, or obsoleted by other documents 38 at any time. It is inappropriate to use Internet- Drafts as 39 reference material or to cite them other than as "work in progress." 41 The list of current Internet-Drafts can be accessed at 42 http://www.ietf.org/1id-abstracts.html 44 The list of Internet-Draft Shadow Directories can be accessed at 45 http://www.ietf.org/shadow.html 47 Copyright Notice 49 Copyright (C) The Internet Society (2001). All Rights Reserved. 51 Abstract 53 This document describes the Stream Control Transmission Protocol 54 (SCTP). SCTP is designed to transport PSTN signaling messages over 55 IP networks, but is capable of broader applications. 57 SCTP is a reliable transport protocol operating on top of a 58 connectionless packet network such as IP. It offers the following 59 services to its users: 61 -- acknowledged error-free non-duplicated transfer of user data, 62 -- data fragmentation to conform to discovered path MTU size, 63 -- sequenced delivery of user messages within multiple streams, 64 with an option for order-of-arrival delivery of individual user 65 messages, 66 -- optional bundling of multiple user messages into a single SCTP 67 packet, and 68 -- network-level fault tolerance through supporting of multi- 69 homing at either or both ends of an association. 71 The design of SCTP includes appropriate congestion avoidance behavior 72 and resistance to flooding and masquerade attacks. 74 This document obsoletes RFC2960. 76 Table of Contents 78 1. Introduction.................................................. 4 79 1.1 Motivation.................................................. 4 80 1.2 Architectural View of SCTP.................................. 5 81 1.3 Functional View of SCTP..................................... 6 82 1.3.1 Association Startup and Takedown........................ 7 83 1.3.2 Sequenced Delivery within Streams....................... 7 84 1.3.3 User Data Fragmentation................................. 7 85 1.3.4 Acknowledgement and Congestion Avoidance................ 8 86 1.3.5 Chunk Bundling ......................................... 8 87 1.3.6 Packet Validation....................................... 8 88 1.3.7 Path Management......................................... 8 89 1.4 Key Terms................................................... 9 90 1.5 Abbreviations............................................... 12 91 1.6 Serial Number Arithmetic.................................... 12 92 2. Conventions.................................................... 13 93 3. SCTP packet Format............................................ 13 94 3.1 SCTP Common Header Field Descriptions....................... 14 95 3.2 Chunk Field Descriptions.................................... 15 96 3.2.1 Optional/Variable-length Parameter Format............... 17 97 3.3 SCTP Chunk Definitions...................................... 18 98 3.3.1 Payload Data (DATA)..................................... 18 99 3.3.2 Initiation (INIT)....................................... 20 100 3.3.2.1 Optional or Variable Length Parameters.............. 22 101 3.3.3 Initiation Acknowledgement (INIT ACK)................... 25 102 3.3.3.1 Optional or Variable Length Parameters.............. 27 103 3.3.4 Selective Acknowledgement (SACK)........................ 28 104 3.3.5 Heartbeat Request (HEARTBEAT)........................... 31 105 3.3.6 Heartbeat Acknowledgement (HEARTBEAT ACK)............... 32 106 3.3.7 Abort Association (ABORT)............................... 33 107 3.3.8 Shutdown Association (SHUTDOWN)......................... 33 108 3.3.9 Shutdown Acknowledgement (SHUTDOWN ACK)................. 34 109 3.3.10 Operation Error (ERROR)................................ 34 110 3.3.10.1 Invalid Stream Identifier.......................... 36 111 3.3.10.2 Missing Mandatory Parameter........................ 36 112 3.3.10.3 Stale Cookie Error................................. 37 113 3.3.10.4 Out of Resource.................................... 37 114 3.3.10.5 Unresolvable Address............................... 37 115 3.3.10.6 Unrecognized Chunk Type............................ 38 116 3.3.10.7 Invalid Mandatory Parameter........................ 38 117 3.3.10.8 Unrecognized Parameters............................ 38 118 3.3.10.9 No User Data....................................... 39 119 3.3.10.10 Cookie Received While Shutting Down............... 39 120 3.3.10.11 Restart of an association with new addresses...... 39 121 3.3.11 Cookie Echo (COOKIE ECHO).............................. 40 122 3.3.12 Cookie Acknowledgement (COOKIE ACK).................... 40 123 3.3.13 Shutdown Complete (SHUTDOWN COMPLETE).................. 41 124 4. SCTP Association State Diagram................................. 41 125 5. Association Initialization..................................... 44 126 5.1 Normal Establishment of an Association...................... 44 127 5.1.1 Handle Stream Parameters................................ 46 128 5.1.2 Handle Address Parameters............................... 46 129 5.1.3 Generating State Cookie................................. 48 130 5.1.4 State Cookie Processing................................. 49 131 5.1.5 State Cookie Authentication............................. 49 132 5.1.6 An Example of Normal Association Establishment.......... 50 133 5.2 Handle Duplicate or unexpected INIT, INIT ACK, COOKIE ECHO, 134 and COOKIE ACK.............................................. 51 135 5.2.1 Handle Duplicate INIT in COOKIE-WAIT 136 or COOKIE-ECHOED States................................. 52 137 5.2.2 Unexpected INIT in States Other than CLOSED, 138 COOKIE-ECHOED, COOKIE-WAIT and SHUTDOWN-ACK-SENT........ 52 139 5.2.3 Unexpected INIT ACK..................................... 53 140 5.2.4 Handle a COOKIE ECHO when a TCB exists.................. 53 141 5.2.4.1 An Example of a Association Restart................. 55 142 5.2.5 Handle Duplicate COOKIE ACK............................. 56 143 5.2.6 Handle Stale COOKIE Error............................... 57 144 5.3 Other Initialization Issues................................. 57 145 5.3.1 Selection of Tag Value.................................. 57 146 6. User Data Transfer............................................. 57 147 6.1 Transmission of DATA Chunks................................. 59 148 6.2 Acknowledgement on Reception of DATA Chunks................. 60 149 6.2.1 Tracking Peer's Receive Buffer Space.................... 63 150 6.3 Management Retransmission Timer............................. 64 151 6.3.1 RTO Calculation......................................... 65 152 6.3.2 Retransmission Timer Rules.............................. 66 153 6.3.3 Handle T3-rtx Expiration................................ 67 154 6.4 Multi-homed SCTP Endpoints.................................. 68 155 6.4.1 Failover from Inactive Destination Address.............. 69 156 6.5 Stream Identifier and Stream Sequence Number................ 69 157 6.6 Ordered and Unordered Delivery.............................. 69 158 6.7 Report Gaps in Received DATA TSNs........................... 70 159 6.8 Fletcher-16 Checksum Calculation............................ 71 160 6.9 Fragmentation............................................... 72 161 6.10 Bundling .................................................. 73 162 7. Congestion Control .......................................... 73 163 7.1 SCTP Differences from TCP Congestion Control................ 74 164 7.2 SCTP Slow-Start and Congestion Avoidance.................... 75 165 7.2.1 Slow-Start.............................................. 76 166 7.2.2 Congestion Avoidance.................................... 77 167 7.2.3 Congestion Control...................................... 77 168 7.2.4 Fast Retransmit on Gap Reports.......................... 78 170 7.3 Path MTU Discovery.......................................... 79 171 8. Fault Management.............................................. 80 172 8.1 Endpoint Failure Detection.................................. 80 173 8.2 Path Failure Detection...................................... 80 174 8.3 Path Heartbeat.............................................. 81 175 8.4 Handle "Out of the blue" Packets............................ 83 176 8.5 Verification Tag............................................ 84 177 8.5.1 Exceptions in Verification Tag Rules.................... 84 178 9. Termination of Association..................................... 85 179 9.1 Abort of an Association..................................... 85 180 9.2 Shutdown of an Association.................................. 86 181 10. Interface with Upper Layer.................................... 88 182 10.1 ULP-to-SCTP................................................ 88 183 10.2 SCTP-to-ULP................................................ 97 184 11. Security Considerations.......................................100 185 11.1 Security Objectives........................................100 186 11.2 SCTP Responses To Potential Threats........................100 187 11.2.1 Countering Insider Attacks.............................100 188 11.2.2 Protecting against Data Corruption in the Network......100 189 11.2.3 Protecting Confidentiality.............................100 190 11.2.4 Protecting against Blind Denial of Service Attacks.....101 191 11.2.4.1 Flooding...........................................101 192 11.2.4.2 Blind Masquerade...................................102 193 11.2.4.3 Improper Monopolization of Services................103 194 11.3 Protection against Fraud and Repudiation...................103 195 12. Recommended Transmission Control Block (TCB) Parameters.......104 196 12.1 Parameters necessary for the SCTP instance.................104 197 12.2 Parameters necessary per association (i.e. the TCB)........105 198 12.3 Per Transport Address Data.................................106 199 12.4 General Parameters Needed..................................107 200 13. IANA Considerations...........................................107 201 13.1 IETF-defined Chunk Extension...............................107 202 13.2 IETF-defined Chunk Parameter Extension.....................108 203 13.3 IETF-defined Additional Error Causes.......................108 204 13.4 Payload Protocol Identifiers...............................109 205 14. Suggested SCTP Protocol Parameter Values......................109 206 15. Acknowledgements..............................................109 207 16. Authors' Addresses............................................109 208 17. References....................................................111 209 18. Bibliography..................................................112 210 Appendix A .......................................................113 211 Appendix B .......................................................114 212 Full Copyright Statement .........................................116 214 1. Introduction 216 This section explains the reasoning behind the development of the 217 Stream Control Transmission Protocol (SCTP), the services it offers, 218 and the basic concepts needed to understand the detailed description 219 of the protocol. 221 1.1 Motivation 222 TCP [RFC793] has performed immense service as the primary means of 223 reliable data transfer in IP networks. However, an increasing number 224 of recent applications have found TCP too limiting, and have 225 incorporated their own reliable data transfer protocol on top of UDP 226 [RFC768]. The limitations which users have wished to bypass include 227 the following: 229 -- TCP provides both reliable data transfer and strict order-of- 230 transmission delivery of data. Some applications need reliable 231 transfer without sequence maintenance, while others would be 232 satisfied with partial ordering of the data. In both of these 233 cases the head-of-line blocking offered by TCP causes unnecessary 234 delay. 236 -- The stream-oriented nature of TCP is often an inconvenience. 237 Applications must add their own record marking to delineate their 238 messages, and must make explicit use of the push facility to 239 ensure that a complete message is transferred in a reasonable 240 time. 242 -- The limited scope of TCP sockets complicates the task of 243 providing highly-available data transfer capability using multi- 244 homed hosts. 246 -- TCP is relatively vulnerable to denial of service attacks, such 247 as SYN attacks. 249 Transport of PSTN signaling across the IP network is an application 250 for which all of these limitations of TCP are relevant. While this 251 application directly motivated the development of SCTP, other 252 applications may find SCTP a good match to their requirements. 254 1.2 Architectural View of SCTP 256 SCTP is viewed as a layer between the SCTP user application ("SCTP 257 user" for short) and a connectionless packet network service such as 258 IP. The remainder of this document assumes SCTP runs on top of IP. 259 The basic service offered by SCTP is the reliable transfer of user 260 messages between peer SCTP users. It performs this service within 261 the context of an association between two SCTP endpoints. Section 10 262 of this document sketches the API which should exist at the boundary 263 between the SCTP and the SCTP user layers. 265 SCTP is connection-oriented in nature, but the SCTP association is a 266 broader concept than the TCP connection. SCTP provides the means for 267 each SCTP endpoint (Section 1.4) to provide the other endpoint 269 (during association startup) with a list of transport addresses 270 (i.e., multiple IP addresses in combination with an SCTP port) 271 through which that endpoint can be reached and from which it will 272 originate SCTP packets. The association spans transfers over all of 273 the possible source/destination combinations which may be generated 274 from each endpoint's lists. 276 _____________ _____________ 277 | SCTP User | | SCTP User | 278 | Application | | Application | 279 |-------------| |-------------| 280 | SCTP | | SCTP | 281 | Transport | | Transport | 282 | Service | | Service | 283 |-------------| |-------------| 284 | |One or more ---- One or more| | 285 | IP Network |IP address \/ IP address| IP Network | 286 | Service |appearances /\ appearances| Service | 287 |_____________| ---- |_____________| 289 SCTP Node A |<-------- Network transport ------->| SCTP Node B 291 Figure 1: An SCTP Association 293 1.3 Functional View of SCTP 295 The SCTP transport service can be decomposed into a number of 296 functions. These are depicted in Figure 2 and explained in the 297 remainder of this section. 299 SCTP User Application 301 ----------------------------------------------------- 302 _____________ ____________________ 303 | | | Sequenced delivery | 304 | Association | | within streams | 305 | | |____________________| 306 | startup | 307 | | ____________________________ 308 | and | | User Data Fragmentation | 309 | | |____________________________| 310 | takedown | 311 | | ____________________________ 312 | | | Acknowledgement | 313 | | | and | 314 | | | Congestion Avoidance | 315 | | |____________________________| 316 | | 317 | | ____________________________ 318 | | | Chunk Bundling | 319 | | |____________________________| 320 | | 321 | | ________________________________ 322 | | | Packet Validation | 323 | | |________________________________| 324 | | 325 | | ________________________________ 326 | | | Path Management | 327 |_____________| |________________________________| 329 Figure 2: Functional View of the SCTP Transport Service 331 1.3.1 Association Startup and Takedown 333 An association is initiated by a request from the SCTP user (see the 334 description of the ASSOCIATE (or SEND) primitive in Section 10). 336 A cookie mechanism, similar to one described by Karn and Simpson in 337 [RFC2522], is employed during the initialization to provide 338 protection against security attacks. The cookie mechanism uses a 339 four-way handshake, the last two legs of which are allowed to carry 340 user data for fast setup. The startup sequence is described in 341 Section 5 of this document. 343 SCTP provides for graceful close (i.e., shutdown) of an active 344 association on request from the SCTP user. See the description of 345 the SHUTDOWN primitive in Section 10. SCTP also allows ungraceful 346 close (i.e., abort), either on request from the user (ABORT 347 primitive) or as a result of an error condition detected within the 348 SCTP layer. Section 9 describes both the graceful and the ungraceful 349 close procedures. 351 SCTP does not support a half-open state (like TCP) wherein one side 352 may continue sending data while the other end is closed. When either 353 endpoint performs a shutdown, the association on each peer will stop 354 accepting new data from its user and only deliver data in queue at 355 the time of the graceful close (see Section 9). 357 1.3.2 Sequenced Delivery within Streams 359 The term "stream" is used in SCTP to refer to a sequence of user 360 messages that are to be delivered to the upper-layer protocol in 361 order with respect to other messages within the same stream. This is 362 in contrast to its usage in TCP, where it refers to a sequence of 363 bytes (in this document a byte is assumed to be eight bits). 365 The SCTP user can specify at association startup time the number of 366 streams to be supported by the association. This number is 367 negotiated with the remote end (see Section 5.1.1). User messages 368 are associated with stream numbers (SEND, RECEIVE primitives, Section 369 10). Internally, SCTP assigns a stream sequence number to each 370 message passed to it by the SCTP user. On the receiving side, SCTP 371 ensures that messages are delivered to the SCTP user in sequence 372 within a given stream. However, while one stream may be blocked 373 waiting for the next in-sequence user message, delivery from other 374 streams may proceed. 376 SCTP provides a mechanism for bypassing the sequenced delivery 377 service. User messages sent using this mechanism are delivered to 378 the SCTP user as soon as they are received. 380 1.3.3 User Data Fragmentation 382 When needed, SCTP fragments user messages to ensure that the SCTP 383 packet passed to the lower layer conforms to the path MTU. On 384 receipt, fragments are reassembled into complete messages before 385 being passed to the SCTP user. 387 1.3.4 Acknowledgement and Congestion Avoidance 389 SCTP assigns a Transmission Sequence Number (TSN) to each user data 390 fragment or unfragmented message. The TSN is independent of any 391 stream sequence number assigned at the stream level. The receiving 392 end acknowledges all TSNs received, even if there are gaps in the 393 sequence. In this way, reliable delivery is kept functionally 394 separate from sequenced stream delivery. 396 The acknowledgement and congestion avoidance function is responsible 397 for packet retransmission when timely acknowledgement has not been 398 received. Packet retransmission is conditioned by congestion 399 avoidance procedures similar to those used for TCP. See Sections 6 400 and 7 for a detailed description of the protocol procedures 401 associated with this function. 403 1.3.5 Chunk Bundling 405 As described in Section 3, the SCTP packet as delivered to the lower 406 layer consists of a common header followed by one or more chunks. 407 Each chunk may contain either user data or SCTP control information. 408 The SCTP user has the option to request bundling of more than one 409 user messages into a single SCTP packet. The chunk bundling function 410 of SCTP is responsible for assembly of the complete SCTP packet and 411 its disassembly at the receiving end. 413 During times of congestion an SCTP implementation MAY still perform 414 bundling even if the user has requested that SCTP not bundle. The 415 user's disabling of bundling only affects SCTP implementations that 416 may delay a small period of time before transmission (to attempt to 417 encourage bundling). When the user layer disables bundling, this 418 small delay is prohibited but not bundling that is performed during 419 congestion or retransmission. 421 1.3.6 Packet Validation 423 A mandatory Verification Tag field and a 32 bit checksum field (see 424 appendix B for a description of the fletcher-16 checksum) are included 425 in the SCTP common header. The Verification Tag value is chosen by 426 each end of the association during association startup. Packets 427 received without the expected Verification Tag value are discarded, 428 as a protection against blind masquerade attacks and against stale 429 SCTP packets from a previous association. The Fletcher-16 checksum 430 should be set by the sender of each SCTP packet to provide additional 431 protection against data corruption in the network. The receiver of 432 an SCTP packet with an invalid Fletcher-16 checksum silently discards 433 the packet. 435 1.3.7 Path Management 437 The sending SCTP user is able to manipulate the set of transport 438 addresses used as destinations for SCTP packets through the 439 primitives described in Section 10. The SCTP path management 440 function chooses the destination transport address for each outgoing 441 SCTP packet based on the SCTP user's instructions and the currently 442 perceived reachability status of the eligible destination set. The 443 path management function monitors reachability through heartbeats 444 when other packet traffic is inadequate to provide this information 445 and advises the SCTP user when reachability of any far-end transport 446 address changes. The path management function is also responsible 447 for reporting the eligible set of local transport addresses to the 448 far end during association startup, and for reporting the transport 449 addresses returned from the far end to the SCTP user. 451 At association start-up, a primary path is defined for each SCTP 452 endpoint, and is used for normal sending of SCTP packets. 454 On the receiving end, the path management is responsible for 455 verifying the existence of a valid SCTP association to which the 456 inbound SCTP packet belongs before passing it for further processing. 458 Note: Path Management and Packet Validation are done at the same 459 time, so although described separately above, in reality they cannot 460 be performed as separate items. 462 1.4 Key Terms 464 Some of the language used to describe SCTP has been introduced in the 465 previous sections. This section provides a consolidated list of the 466 key terms and their definitions. 468 o Active destination transport address: A transport address on a 469 peer endpoint which a transmitting endpoint considers available 470 for receiving user messages. 472 o Bundling: An optional multiplexing operation, whereby more than 473 one user message may be carried in the same SCTP packet. Each 474 user message occupies its own DATA chunk. 476 o Chunk: A unit of information within an SCTP packet, consisting of 477 a chunk header and chunk-specific content. 479 o Congestion Window (cwnd): An SCTP variable that limits the data, 480 in number of bytes, a sender can send to a particular destination 481 transport address before receiving an acknowledgement. 483 o Cumulative TSN Ack Point: The TSN of the last DATA chunk 484 acknowledged via the Cumulative TSN Ack field of a SACK. 486 o Idle destination address: An address that has not had user 487 messages sent to it within some length of time, normally the 488 HEARTBEAT interval or greater. 490 o Inactive destination transport address: An address which is 491 considered inactive due to errors and unavailable to transport 492 user messages. 494 o Message = user message: Data submitted to SCTP by the Upper Layer 495 Protocol (ULP). 497 o Message Authentication Code (MAC): An integrity check mechanism 498 based on cryptographic hash functions using a secret key. 499 Typically, message authentication codes are used between two 500 parties that share a secret key in order to validate information 501 transmitted between these parties. In SCTP it is used by an 502 endpoint to validate the State Cookie information that is returned 503 from the peer in the COOKIE ECHO chunk. The term "MAC" has 504 different meanings in different contexts. SCTP uses this term 505 with the same meaning as in [RFC2104]. 507 o Network Byte Order: Most significant byte first, a.k.a., Big 508 Endian. 510 o Ordered Message: A user message that is delivered in order with 511 respect to all previous user messages sent within the stream the 512 message was sent on. 514 o Outstanding TSN (at an SCTP endpoint): A TSN (and the associated 515 DATA chunk) that has been sent by the endpoint but for which it 516 has not yet received an acknowledgement. 518 o Path: The route taken by the SCTP packets sent by one SCTP 519 endpoint to a specific destination transport address of its peer 520 SCTP endpoint. Sending to different destination transport 521 addresses does not necessarily guarantee getting separate paths. 523 o Primary Path: The primary path is the destination and source 524 address that will be put into a packet outbound to the peer 525 endpoint by default. The definition includes the source address 526 since an implementation MAY wish to specify both destination and 527 source address to better control the return path taken by reply 528 chunks and on which interface the packet is transmitted when the 529 data sender is multi-homed. 531 o Receiver Window (rwnd): An SCTP variable a data sender uses to 532 store the most recently calculated receiver window of its peer, in 533 number of bytes. This gives the sender an indication of the space 534 available in the receiver's inbound buffer. 536 o SCTP association: A protocol relationship between SCTP endpoints, 537 composed of the two SCTP endpoints and protocol state information 538 including Verification Tags and the currently active set of 539 Transmission Sequence Numbers (TSNs), etc. An association can be 540 uniquely identified by the transport addresses used by the 541 endpoints in the association. Two SCTP endpoints MUST NOT have 542 more than one SCTP association between them at any given time. 544 o SCTP endpoint: The logical sender/receiver of SCTP packets. On a 545 multi-homed host, an SCTP endpoint is represented to its peers as 546 a combination of a set of eligible destination transport addresses 547 to which SCTP packets can be sent and a set of eligible source 548 transport addresses from which SCTP packets can be received. All 549 transport addresses used by an SCTP endpoint must use the same 550 port number, but can use multiple IP addresses. A transport 551 address used by an SCTP endpoint must not be used by another SCTP 552 endpoint. In other words, a transport address is unique to an 553 SCTP endpoint. 555 o SCTP packet (or packet): The unit of data delivery across the 556 interface between SCTP and the connectionless packet network 557 (e.g., IP). An SCTP packet includes the common SCTP header, 558 possible SCTP control chunks, and user data encapsulated within 559 SCTP DATA chunks. 561 o SCTP user application (SCTP user): The logical higher-layer 562 application entity which uses the services of SCTP, also called 563 the Upper-layer Protocol (ULP). 565 o Slow Start Threshold (ssthresh): An SCTP variable. This is the 566 threshold which the endpoint will use to determine whether to 567 perform slow start or congestion avoidance on a particular 568 destination transport address. Ssthresh is in number of bytes. 570 o Stream: A uni-directional logical channel established from one to 571 another associated SCTP endpoint, within which all user messages 572 are delivered in sequence except for those submitted to the 573 unordered delivery service. 575 Note: The relationship between stream numbers in opposite directions 576 is strictly a matter of how the applications use them. It is the 577 responsibility of the SCTP user to create and manage these 578 correlations if they are so desired. 580 o Stream Sequence Number: A 16-bit sequence number used internally 581 by SCTP to assure sequenced delivery of the user messages within a 582 given stream. One stream sequence number is attached to each user 583 message. 585 o Tie-Tags: Verification Tags from a previous association. These 586 Tags are used within a State Cookie so that the newly restarting 587 association can be linked to the original association within the 588 endpoint that did not restart. 590 o Transmission Control Block (TCB): An internal data structure 591 created by an SCTP endpoint for each of its existing SCTP 592 associations to other SCTP endpoints. TCB contains all the status 593 and operational information for the endpoint to maintain and 594 manage the corresponding association. 596 o Transmission Sequence Number (TSN): A 32-bit sequence number used 597 internally by SCTP. One TSN is attached to each chunk containing 598 user data to permit the receiving SCTP endpoint to acknowledge its 599 receipt and detect duplicate deliveries. 601 o Transport address: A Transport Address is traditionally defined 602 by Network Layer address, Transport Layer protocol and Transport 603 Layer port number. In the case of SCTP running over IP, a 604 transport address is defined by the combination of an IP address 605 and an SCTP port number (where SCTP is the Transport protocol). 607 o Unacknowledged TSN (at an SCTP endpoint): A TSN (and the associated 608 DATA chunk) which has been received by the endpoint but for which 609 an acknowledgement has not yet been sent. Or in the opposite case, 610 for a packet that has been sent but no acknowledgement has been 611 received. 613 o Unordered Message: Unordered messages are "unordered" with respect 614 to any other message, this includes both other unordered messages 615 as well as other ordered messages. Unordered message might be 616 delivered prior to or later than ordered messages sent on the same 617 stream. 619 o User message: The unit of data delivery across the interface 620 between SCTP and its user. 622 o Verification Tag: A 32 bit unsigned integer that is randomly 623 generated. The Verification Tag provides a key that allows a 624 receiver to verify that the SCTP packet belongs to the current 625 association and is not an old or stale packet from a previous 626 association. 628 1.5. Abbreviations 630 MAC - Message Authentication Code [RFC2104] 632 RTO - Retransmission Time-out 634 RTT - Round-trip Time 636 RTTVAR - Round-trip Time Variation 638 SCTP - Stream Control Transmission Protocol 640 SRTT - Smoothed RTT 642 TCB - Transmission Control Block 644 TLV - Type-Length-Value Coding Format 646 TSN - Transmission Sequence Number 648 ULP - Upper-layer Protocol 650 1.6 Serial Number Arithmetic 652 It is essential to remember that the actual Transmission Sequence 653 Number space is finite, though very large. This space ranges from 0 654 to 2**32 - 1. Since the space is finite, all arithmetic dealing with 655 Transmission Sequence Numbers must be performed modulo 2**32. This 656 unsigned arithmetic preserves the relationship of sequence numbers as 657 they cycle from 2**32 - 1 to 0 again. There are some subtleties to 658 computer modulo arithmetic, so great care should be taken in 659 programming the comparison of such values. When referring to TSNs, 660 the symbol "=<" means "less than or equal"(modulo 2**32). 662 Comparisons and arithmetic on TSNs in this document SHOULD use Serial 663 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 32. 665 An endpoint SHOULD NOT transmit a DATA chunk with a TSN that is more 666 than 2**31 - 1 above the beginning TSN of its current send window. 667 Doing so will cause problems in comparing TSNs. 669 Transmission Sequence Numbers wrap around when they reach 2**32 - 1. 670 That is, the next TSN a DATA chunk MUST use after transmitting TSN = 671 2*32 - 1 is TSN = 0. 673 Any arithmetic done on Stream Sequence Numbers SHOULD use Serial 674 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 16. 675 All other arithmetic and comparisons in this document uses normal 676 arithmetic. 678 2. Conventions 680 The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, 681 SHOULD NOT, RECOMMENDED, NOT RECOMMENDED, MAY, and OPTIONAL, when 682 they appear in this document, are to be interpreted as described in 683 [RFC2119]. 685 3. SCTP packet Format 687 An SCTP packet is composed of a common header and chunks. A chunk 688 contains either control information or user data. 690 The SCTP packet format is shown below: 692 0 1 2 3 693 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 694 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 695 | Common Header | 696 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 697 | Chunk #1 | 698 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 699 | ... | 700 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 701 | Chunk #n | 702 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 704 Multiple chunks can be bundled into one SCTP packet up to the MTU 705 size, except for the INIT, INIT ACK, and SHUTDOWN COMPLETE chunks. 706 These chunks MUST NOT be bundled with any other chunk in a packet. 707 See Section 6.10 for more details on chunk bundling. 709 If a user data message doesn't fit into one SCTP packet it can be 710 fragmented into multiple chunks using the procedure defined in 711 Section 6.9. 713 All integer fields in an SCTP packet MUST be transmitted in network 714 byte order, unless otherwise stated. 716 3.1 SCTP Common Header Field Descriptions 718 SCTP Common Header Format 720 0 1 2 3 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | Source Port Number | Destination Port Number | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | Verification Tag | 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | Checksum | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 730 Source Port Number: 16 bits (unsigned integer) 732 This is the SCTP sender's port number. It can be used by the 733 receiver in combination with the source IP address, the SCTP 734 destination port and possibly the destination IP address to 735 identify the association to which this packet belongs. 737 Destination Port Number: 16 bits (unsigned integer) 739 This is the SCTP port number to which this packet is destined. 740 The receiving host will use this port number to de-multiplex the 741 SCTP packet to the correct receiving endpoint/application. 743 Verification Tag: 32 bits (unsigned integer) 745 The receiver of this packet uses the Verification Tag to validate 746 the sender of this SCTP packet. On transmit, the value of this 747 Verification Tag MUST be set to the value of the Initiate Tag 748 received from the peer endpoint during the association 749 initialization, with the following exceptions: 751 - A packet containing an INIT chunk MUST have a zero Verification 752 Tag. 753 - A packet containing a SHUTDOWN-COMPLETE chunk with the T-bit 754 set MUST have the Verification Tag copied from the packet with 755 the SHUTDOWN-ACK chunk. 756 - A packet containing an ABORT chunk may have the verification 757 tag copied from the packet which caused the ABORT to be sent. 758 For details see Section 8.4 and 8.5. 760 An INIT chunk MUST be the only chunk in the SCTP packet carrying it. 762 Checksum: 32 bits (unsigned integer) 764 This field contains the checksum of this SCTP packet. Its 765 calculation is discussed in Section 6.8. SCTP uses the Fletcher- 766 16 algorithm as described in Appendix B for calculating the 767 checksum 769 3.2 Chunk Field Descriptions 771 The figure below illustrates the field format for the chunks to be 772 transmitted in the SCTP packet. Each chunk is formatted with a Chunk 773 Type field, a chunk-specific Flag field, a Chunk Length field, and a 774 Value field. 776 0 1 2 3 777 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 778 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 779 | Chunk Type | Chunk Flags | Chunk Length | 780 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 781 \ \ 782 / Chunk Value / 783 \ \ 784 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 786 Chunk Type: 8 bits (unsigned integer) 788 This field identifies the type of information contained in the 789 Chunk Value field. It takes a value from 0 to 254. The value of 790 255 is reserved for future use as an extension field. 792 The values of Chunk Types are defined as follows: 794 ID Value Chunk Type 795 ----- ---------- 796 0 - Payload Data (DATA) 797 1 - Initiation (INIT) 798 2 - Initiation Acknowledgement (INIT ACK) 799 3 - Selective Acknowledgement (SACK) 800 4 - Heartbeat Request (HEARTBEAT) 801 5 - Heartbeat Acknowledgement (HEARTBEAT ACK) 802 6 - Abort (ABORT) 803 7 - Shutdown (SHUTDOWN) 804 8 - Shutdown Acknowledgement (SHUTDOWN ACK) 805 9 - Operation Error (ERROR) 806 10 - State Cookie (COOKIE ECHO) 807 11 - Cookie Acknowledgement (COOKIE ACK) 808 12 - Reserved for Explicit Congestion Notification Echo (ECNE) 809 13 - Reserved for Congestion Window Reduced (CWR) 810 14 - Shutdown Complete (SHUTDOWN COMPLETE) 811 15 to 62 - reserved by IETF 812 63 - IETF-defined Chunk Extensions 813 64 to 126 - reserved by IETF 814 127 - IETF-defined Chunk Extensions 815 128 to 190 - reserved by IETF 816 191 - IETF-defined Chunk Extensions 817 192 to 254 - reserved by IETF 818 255 - IETF-defined Chunk Extensions 820 Chunk Types are encoded such that the highest-order two bits specify 821 the action that must be taken if the processing endpoint does not 822 recognize the Chunk Type. 824 00 - Stop processing this SCTP packet and discard it, do not process 825 any further chunks within it. 827 01 - Stop processing this SCTP packet and discard it, do not process 828 any further chunks within it, and report the unrecognized 829 parameter in an 'Unrecognized Chunk Type' (in either an 830 ERROR or in the INIT ACK). 832 10 - Skip this chunk and continue processing. 834 11 - Skip this chunk and continue processing, but report in an ERROR 835 Chunk using the 'Unrecognized Chunk Type' cause of error. 837 Note: The ECNE and CWR chunk types are reserved for future use of 838 Explicit Congestion Notification (ECN). 840 Chunk Flags: 8 bits 842 The usage of these bits depends on the chunk type as given by the 843 Chunk Type. Unless otherwise specified, they are set to zero on 844 transmit and are ignored on receipt. 846 Chunk Length: 16 bits (unsigned integer) 848 This value represents the size of the chunk in bytes including the 849 Chunk Type, Chunk Flags, Chunk Length, and Chunk Value fields. 850 Therefore, if the Chunk Value field is zero-length, the Length 851 field will be set to 4. The Chunk Length field does not count any 852 padding. 854 Chunks (including Type, Length and Value fields) are padded out 855 by the sender with all zero bytes to be a multiple of 4 bytes 856 long. This padding MUST NOT be more than 3 bytes in total. 857 The Chunk Length value does not include terminating padding 858 of the Chunk. However, it does include padding of any variable 859 length parameter except the last parameter in the Chunk. The 860 receiver MUST ignore the padding. 862 Note: A robust implementation should accept the Chunk whether 863 or not the final padding has been included in the Chunk Length. 865 Chunk Value: variable length 867 The Chunk Value field contains the actual information to be 868 transferred in the chunk. The usage and format of this field is 869 dependent on the Chunk Type. 871 SCTP defined chunks are described in detail in Section 3.3. The 872 guidelines for IETF-defined chunk extensions can be found in Section 873 13.1 of this document. 875 3.2.1 Optional/Variable-length Parameter Format 877 Chunk values of SCTP control chunks consist of a chunk-type-specific 878 header of required fields, followed by zero or more parameters. The 879 optional and variable-length parameters contained in a chunk are 880 defined in a Type-Length-Value format as shown below. 882 0 1 2 3 883 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 885 | Parameter Type | Parameter Length | 886 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 887 \ \ 888 / Parameter Value / 889 \ \ 890 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 892 Chunk Parameter Type: 16 bits (unsigned integer) 894 The Type field is a 16 bit identifier of the type of parameter. 895 It takes a value of 0 to 65534. 897 The value of 65535 is reserved for IETF-defined extensions. Values 898 other than those defined in specific SCTP chunk description are 899 reserved for use by IETF. 901 Chunk Parameter Length: 16 bits (unsigned integer) 903 The Parameter Length field contains the size of the parameter in 904 bytes, including the Parameter Type, Parameter Length, and 905 Parameter Value fields. Thus, a parameter with a zero-length 906 Parameter Value field would have a Length field of 4. The 907 Parameter Length does not include any padding bytes. 909 Chunk Parameter Value: variable-length. 911 The Parameter Value field contains the actual information to be 912 transferred in the parameter. 914 The total length of a parameter (including Type, Parameter Length and 915 Value fields) MUST be a multiple of 4 bytes. If the length of the 916 parameter is not a multiple of 4 bytes, the sender pads the Parameter 917 at the end (i.e., after the Parameter Value field) with all zero 918 bytes. The length of the padding is not included in the parameter 919 length field. A sender SHOULD NOT pad with more than 3 bytes. The 920 receiver MUST ignore the padding bytes. 922 The Parameter Types are encoded such that the highest-order two bits 923 specify the action that must be taken if the processing endpoint does 924 not recognize the Parameter Type. 926 00 - Stop processing this SCTP chunk and discard it, do not process 927 any further parmameters within this chunk. 929 01 - Stop processing this SCTP chunk and discard it, do not process 930 any further parameters within this chunks, and report the unrecognized 931 parameter in an 'Unrecognized Parameter Type' (in either an 932 ERROR or in the INIT ACK). 934 10 - Skip this parameter and continue processing. 936 11 - Skip this parameter and continue processing but report the 937 unrecognized parameter in an 'Unrecognized Parameter Type' (in 938 either an ERROR or in the INIT ACK). 940 The actual SCTP parameters are defined in the specific SCTP chunk 941 sections. The rules for IETF-defined parameter extensions are 942 defined in Section 13.2. Note that a parameter value MUST be unique 943 across all chunks. For example, the parameter value '5' is used to 944 represent an IPv4 address (see section 3.3.2). The value '5' then 945 is reserved across all chunks to represent an IPv4 address and 946 MUST NOT be reused with a different meaning in any other chunk. 948 3.3 SCTP Chunk Definitions 950 This section defines the format of the different SCTP chunk types. 952 3.3.1 Payload Data (DATA) (0) 954 The following format MUST be used for the DATA chunk: 956 0 1 2 3 957 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 958 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 959 | Type = 0 | Reserved|U|B|E| Length | 960 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 961 | TSN | 962 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 963 | Stream Identifier S | Stream Sequence Number n | 964 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 965 | Payload Protocol Identifier | 966 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 967 \ \ 968 / User Data (seq n of Stream S) / 969 \ \ 970 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 972 Reserved: 5 bits 974 Should be set to all '0's and ignored by the receiver. 976 U bit: 1 bit 977 The (U)nordered bit, if set to '1', indicates that this is an 978 unordered DATA chunk, and there is no Stream Sequence Number 979 assigned to this DATA chunk. Therefore, the receiver MUST ignore 980 the Stream Sequence Number field. 982 After re-assembly (if necessary), unordered DATA chunks MUST be 983 dispatched to the upper layer by the receiver without any attempt 984 to re-order. 986 If an unordered user message is fragmented, each fragment of the 987 message MUST have its U bit set to '1'. 989 B bit: 1 bit 991 The (B)eginning fragment bit, if set, indicates the first fragment 992 of a user message. 994 E bit: 1 bit 996 The (E)nding fragment bit, if set, indicates the last fragment of 997 a user message. 999 An unfragmented user message shall have both the B and E bits set to 1000 '1'. Setting both B and E bits to '0' indicates a middle fragment of 1001 a multi-fragment user message, as summarized in the following table: 1003 B E Description 1004 ============================================================ 1005 | 1 0 | First piece of a fragmented user message | 1006 +----------------------------------------------------------+ 1007 | 0 0 | Middle piece of a fragmented user message | 1008 +----------------------------------------------------------+ 1009 | 0 1 | Last piece of a fragmented user message | 1010 +----------------------------------------------------------+ 1011 | 1 1 | Unfragmented Message | 1012 ============================================================ 1013 | Table 1: Fragment Description Flags | 1014 ============================================================ 1016 When a user message is fragmented into multiple chunks, the TSNs are 1017 used by the receiver to reassemble the message. This means that the 1018 TSNs for each fragment of a fragmented user message MUST be strictly 1019 sequential. 1021 Length: 16 bits (unsigned integer) 1023 This field indicates the length of the DATA chunk in bytes from 1024 the beginning of the type field to the end of the user data field 1025 excluding any padding. A DATA chunk with no user data field will 1026 have Length set to 16 (indicating 16 bytes). 1028 TSN : 32 bits (unsigned integer) 1030 This value represents the TSN for this DATA chunk. The valid 1031 range of TSN is from 0 to 4294967295 (2**32 - 1). TSN wraps back 1032 to 0 after reaching 4294967295. 1034 Stream Identifier S: 16 bits (unsigned integer) 1036 Identifies the stream to which the following user data belongs. 1038 Stream Sequence Number n: 16 bits (unsigned integer) 1040 This value represents the stream sequence number of the following 1041 user data within the stream S. Valid range is 0 to 65535. 1043 When a user message is fragmented by SCTP for transport, the same 1044 stream sequence number MUST be carried in each of the fragments of 1045 the message. 1047 Payload Protocol Identifier: 32 bits (unsigned integer) 1049 This value represents an application (or upper layer) specified 1050 protocol identifier. This value is passed to SCTP by its upper 1051 layer and sent to its peer. This identifier is not used by SCTP 1052 but can be used by certain network entities as well as the peer 1053 application to identify the type of information being carried in 1054 this DATA chunk. This field must be sent even in fragmented DATA 1055 chunks (to make sure it is available for agents in the middle of 1056 the network). 1058 The value 0 indicates no application identifier is specified by 1059 the upper layer for this payload data. 1061 User Data: variable length 1063 This is the payload user data. The implementation MUST pad the 1064 end of the data to a 4 byte boundary with all-zero bytes. Any 1065 padding MUST NOT be included in the length field. A sender MUST 1066 never add more than 3 bytes of padding. 1068 3.3.2 Initiation (INIT) (1) 1070 This chunk is used to initiate a SCTP association between two 1071 endpoints. The format of the INIT chunk is shown below: 1073 0 1 2 3 1074 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1075 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1076 | Type = 1 | Chunk Flags | Chunk Length | 1077 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1078 | Initiate Tag | 1079 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1080 | Advertised Receiver Window Credit (a_rwnd) | 1081 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1082 | Number of Outbound Streams | Number of Inbound Streams | 1083 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1084 | Initial TSN | 1085 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1086 \ \ 1087 / Optional/Variable-Length Parameters / 1088 \ \ 1089 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1091 The INIT chunk contains the following parameters. Unless otherwise 1092 noted, each parameter MUST only be included once in the INIT chunk. 1094 Fixed Parameters Status 1095 ---------------------------------------------- 1096 Initiate Tag Mandatory 1097 Advertised Receiver Window Credit Mandatory 1098 Number of Outbound Streams Mandatory 1099 Number of Inbound Streams Mandatory 1100 Initial TSN Mandatory 1102 Variable Parameters Status Type Value 1103 ------------------------------------------------------------- 1104 IPv4 Address (Note 1) Optional 5 1105 IPv6 Address (Note 1) Optional 6 1106 Cookie Preservative Optional 9 1107 Reserved for ECN Capable (Note 2) Optional 32768 (0x8000) 1108 Host Name Address (Note 3) Optional 11 1109 Supported Address Types (Note 4) Optional 12 1111 Note 1: The INIT chunks can contain multiple addresses that can be 1112 IPv4 and/or IPv6 in any combination. 1114 Note 2: The ECN capable field is reserved for future use of Explicit 1115 Congestion Notification. 1117 Note 3: An INIT chunk MUST NOT contain more than one Host Name 1118 address parameter. Moreover, the sender of the INIT MUST NOT combine 1119 any other address types with the Host Name address in the INIT. The 1120 receiver of INIT MUST ignore any other address types if the Host Name 1121 address parameter is present in the received INIT chunk. 1123 Note 4: This parameter, when present, specifies all the address types 1124 the sending endpoint can support. The absence of this parameter 1125 indicates that the sending endpoint can support any address type. 1127 The Chunk Flags field in INIT is reserved and all bits in it should 1128 be set to 0 by the sender and ignored by the receiver. The sequence 1129 of parameters within an INIT can be processed in any order. 1131 Initiate Tag: 32 bits (unsigned integer) 1133 The receiver of the INIT (the responding end) records the value of 1134 the Initiate Tag parameter. This value MUST be placed into the 1135 Verification Tag field of every SCTP packet that the receiver of 1136 the INIT transmits within this association. 1138 The Initiate Tag is allowed to have any value except 0. See 1139 Section 5.3.1 for more on the selection of the tag value. 1140 If the value of the Initiate Tag in a received INIT chunk is found 1141 to be 0, the receiver MUST treat it as an error and close the 1142 association by transmitting an ABORT. 1144 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1145 integer) 1147 This value represents the dedicated buffer space, in number of 1148 bytes, the sender of the INIT has reserved in association with 1149 this window. During the life of the association this buffer space 1150 SHOULD not be lessened (i.e. dedicated buffers taken away from 1151 this association); however, an endpoint MAY change the value of 1152 a_rwnd it sends in SACK chunks. 1154 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1156 Defines the number of outbound streams the sender of this INIT 1157 chunk wishes to create in this association. The value of 0 MUST 1158 NOT be used. 1160 Note: A receiver of an INIT with the OS value set to 0 SHOULD 1161 abort the association. 1163 Number of Inbound Streams (MIS) : 16 bits (unsigned integer) 1165 Defines the maximum number of streams the sender of this INIT 1166 chunk allows the peer end to create in this association. The 1167 value 0 MUST NOT be used. 1169 Note: There is no negotiation of the actual number of streams but 1170 instead the two endpoints will use the min(requested, offered). 1171 See Section 5.1.1 for details. 1173 Note: A receiver of an INIT with the MIS value of 0 SHOULD abort 1174 the association. 1176 Initial TSN (I-TSN) : 32 bits (unsigned integer) 1178 Defines the initial TSN that the sender will use. The valid range 1179 is from 0 to 4294967295. This field MAY be set to the value of 1180 the Initiate Tag field. 1182 3.3.2.1 Optional/Variable Length Parameters in INIT 1184 The following parameters follow the Type-Length-Value format as 1185 defined in Section 3.2.1. Any Type-Length-Value fields MUST come 1186 after the fixed-length fields defined in the previous section. 1188 IPv4 Address Parameter (5) 1190 0 1 2 3 1191 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1192 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1193 | Type = 5 | Length = 8 | 1194 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1195 | IPv4 Address | 1196 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1198 IPv4 Address: 32 bits (unsigned integer) 1200 Contains an IPv4 address of the sending endpoint. It is binary 1201 encoded. 1203 IPv6 Address Parameter (6) 1205 0 1 2 3 1206 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1207 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1208 | Type = 6 | Length = 20 | 1209 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1210 | | 1211 | IPv6 Address | 1212 | | 1213 | | 1214 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1216 IPv6 Address: 128 bit (unsigned integer) 1218 Contains an IPv6 address of the sending endpoint. It is binary 1219 encoded. 1221 Note: A sender MUST NOT use an IPv4-mapped IPv6 address [RFC2373] 1222 but should instead use an IPv4 Address Parameter for an IPv4 1223 address. 1225 Combined with the Source Port Number in the SCTP common header, 1226 the value passed in an IPv4 or IPv6 Address parameter indicates a 1227 transport address the sender of the INIT will support for the 1228 association being initiated. That is, during the lifetime of this 1229 association, this IP address can appear in the source address 1230 field of an IP datagram sent from the sender of the INIT, and can 1231 be used as a destination address of an IP datagram sent from the 1232 receiver of the INIT. 1234 More than one IP Address parameter can be included in an INIT 1235 chunk when the INIT sender is multi-homed. Moreover, a multi- 1236 homed endpoint may have access to different types of network, thus 1237 more than one address type can be present in one INIT chunk, i.e., 1238 IPv4 and IPv6 addresses are allowed in the same INIT chunk. 1240 If the INIT contains at least one IP Address parameter, then the 1241 source address of the IP datagram containing the INIT chunk and 1242 any additional address(es) provided within the INIT can be used as 1243 destinations by the endpoint receiving the INIT. If the INIT does 1244 not contain any IP Address parameters, the endpoint receiving the 1245 INIT MUST use the source address associated with the received IP 1246 datagram as its sole destination address for the association. 1248 Note that not using any IP address parameters in the INIT and 1249 INIT-ACK is an alternative to make an association more likely to 1250 work across a NAT box. 1252 Cookie Preservative (9) 1254 The sender of the INIT shall use this parameter to suggest to the 1255 receiver of the INIT for a longer life-span of the State Cookie. 1257 0 1 2 3 1258 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1259 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1260 | Type = 9 | Length = 8 | 1261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1262 | Suggested Cookie Life-span Increment (msec.) | 1263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1265 Suggested Cookie Life-span Increment: 32 bits (unsigned integer) 1267 This parameter indicates to the receiver how much increment in 1268 milliseconds the sender wishes the receiver to add to its default 1269 cookie life-span. 1271 This optional parameter should be added to the INIT chunk by the 1272 sender when it re-attempts establishing an association with a peer 1273 to which its previous attempt of establishing the association failed 1274 due to a stale cookie operation error. The receiver MAY choose to 1275 ignore the suggested cookie life-span increase for its own security 1276 reasons. 1278 Host Name Address (11) 1280 The sender of INIT uses this parameter to pass its Host Name (in 1281 place of its IP addresses) to its peer. The peer is responsible 1282 for resolving the name. Using this parameter might make it more 1283 likely for the association to work across a NAT box. 1285 0 1 2 3 1286 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1287 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1288 | Type = 11 | Length | 1289 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1290 / Host Name / 1291 \ \ 1292 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1294 Host Name: variable length 1296 This field contains a host name in "host name syntax" per RFC1123 1297 Section 2.1 [RFC1123]. The method for resolving the host name is 1298 out of scope of SCTP. 1300 Note: At least one null terminator is included in the Host Name 1301 string and must be included in the length. 1303 Supported Address Types (12) 1305 The sender of INIT uses this parameter to list all the address 1306 types it can support. 1308 0 1 2 3 1309 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1310 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1311 | Type = 12 | Length | 1312 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1313 | Address Type #1 | Address Type #2 | 1314 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1315 | ...... 1316 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1318 Address Type: 16 bits (unsigned integer) 1320 This is filled with the type value of the corresponding address 1321 TLV (e.g., IPv4 = 5, IPv6 = 6, Hostname = 11). 1323 3.3.3 Initiation Acknowledgement (INIT ACK) (2): 1325 The INIT ACK chunk is used to acknowledge the initiation of an SCTP 1326 association. 1328 The parameter part of INIT ACK is formatted similarly to the INIT 1329 chunk. It uses two extra variable parameters: The State Cookie and 1330 the Unrecognized Parameter: 1332 The format of the INIT ACK chunk is shown below: 1334 0 1 2 3 1335 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1336 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1337 | Type = 2 | Chunk Flags | Chunk Length | 1338 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1339 | Initiate Tag | 1340 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1341 | Advertised Receiver Window Credit | 1342 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1343 | Number of Outbound Streams | Number of Inbound Streams | 1344 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1345 | Initial TSN | 1346 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1347 \ \ 1348 / Optional/Variable-Length Parameters / 1349 \ \ 1350 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1352 Initiate Tag: 32 bits (unsigned integer) 1353 The receiver of the INIT ACK records the value of the Initiate Tag 1354 parameter. This value MUST be placed into the Verification Tag 1355 field of every SCTP packet that the INIT ACK receiver transmits 1356 within this association. 1358 The Initiate Tag MUST NOT take the value 0. See Section 5.3.1 for 1359 more on the selection of the Initiate Tag value. 1361 If the value of the Initiate Tag in a received INIT ACK chunk is 1362 found to be 0, the receiver MUST treat it as an error and close 1363 the association by transmitting an ABORT. 1365 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1366 integer) 1368 This value represents the dedicated buffer space, in number of 1369 bytes, the sender of the INIT ACK has reserved in association with 1370 this window. During the life of the association this buffer space 1371 SHOULD not be lessened (i.e. dedicated buffers taken away from 1372 this association). 1374 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1376 Defines the number of outbound streams the sender of this INIT ACK 1377 chunk wishes to create in this association. The value of 0 MUST 1378 NOT be used. 1380 Note: A receiver of an INIT ACK with the OS value set to 0 SHOULD 1381 destroy the association discarding its TCB. 1383 Number of Inbound Streams (MIS) : 16 bits (unsigned integer) 1385 Defines the maximum number of streams the sender of this INIT ACK 1386 chunk allows the peer end to create in this association. The 1387 value 0 MUST NOT be used. 1389 Note: There is no negotiation of the actual number of streams but 1390 instead the two endpoints will use the min(requested, offered). 1391 See Section 5.1.1 for details. The Number of Inbound Streams 1392 sent in the INIT-ACK MUST NOT be greater than the value found 1393 in the number of outbound streams received in the INIT. 1395 Note: A receiver of an INIT ACK with the MIS value set to 0 1396 SHOULD destroy the association discarding its TCB. 1398 Initial TSN (I-TSN) : 32 bits (unsigned integer) 1400 Defines the initial TSN that the INIT-ACK sender will use. The 1401 valid range is from 0 to 4294967295. This field MAY be set to the 1402 value of the Initiate Tag field. 1404 Fixed Parameters Status 1405 ---------------------------------------------- 1406 Initiate Tag Mandatory 1407 Advertised Receiver Window Credit Mandatory 1408 Number of Outbound Streams Mandatory 1409 Number of Inbound Streams Mandatory 1410 Initial TSN Mandatory 1412 Variable Parameters Status Type Value 1413 ------------------------------------------------------------- 1414 State Cookie Mandatory 7 1415 IPv4 Address (Note 1) Optional 5 1416 IPv6 Address (Note 1) Optional 6 1417 Unrecognized Parameters Optional 8 1418 Reserved for ECN Capable (Note 2) Optional 32768 (0x8000) 1419 Host Name Address (Note 3) Optional 11 1421 Note 1: The INIT ACK chunks can contain any number of IP address 1422 parameters that can be IPv4 and/or IPv6 in any combination. 1424 Note 2: The ECN capable field is reserved for future use of Explicit 1425 Congestion Notification. 1427 Note 3: The INIT ACK chunks MUST NOT contain more than one Host Name 1428 address parameter. Moreover, the sender of the INIT ACK MUST NOT 1429 combine any other address types with the Host Name address in the 1430 INIT ACK. The receiver of the INIT ACK MUST ignore any other address 1431 types if the Host Name address parameter is present. 1433 IMPLEMENTATION NOTE: An implementation MUST be prepared to receive a 1434 INIT ACK that is quite large (more than 1500 bytes) due to the 1435 variable size of the state cookie AND the variable address list. For 1436 example if a responder to the INIT has 1000 IPv4 addresses it wishes 1437 to send, it would need at least 8,000 bytes to encode this in the 1438 INIT ACK. 1440 In combination with the Source Port carried in the SCTP common 1441 header, each IP Address parameter in the INIT ACK indicates to the 1442 receiver of the INIT ACK a valid transport address supported by the 1443 sender of the INIT ACK for the lifetime of the association being 1444 initiated. 1446 If the INIT ACK contains at least one IP Address parameter, then the 1447 source address of the IP datagram containing the INIT ACK and any 1448 additional address(es) provided within the INIT ACK may be used as 1449 destinations by the receiver of the INIT-ACK. If the INIT ACK does 1450 not contain any IP Address parameters, the receiver of the INIT-ACK 1451 MUST use the source address associated with the received IP datagram 1452 as its sole destination address for the association. 1454 The State Cookie and Unrecognized Parameters use the Type-Length- 1455 Value format as defined in Section 3.2.1 and are described below. 1456 The other fields are defined the same as their counterparts in the 1457 INIT chunk. 1459 3.3.3.1 Optional or Variable Length Parameters 1461 State Cookie 1463 Parameter Type Value: 7 1465 Parameter Length: variable size, depending on Size of Cookie 1467 Parameter Value: 1469 This parameter value MUST contain all the necessary state and 1470 parameter information required for the sender of this INIT ACK 1471 to create the association, along with a Message Authentication 1472 Code (MAC). See Section 5.1.3 for details on State Cookie 1473 definition. 1475 Unrecognized Parameters: 1477 Parameter Type Value: 8 1479 Parameter Length: Variable Size. 1481 Parameter Value: 1483 This parameter is returned to the originator of the INIT chunk 1484 when the INIT contains an unrecognized parameter which has a 1485 value that indicates that it should be reported to the sender. 1486 This parameter value field will contain unrecognized parameters 1487 copied from the INIT chunk complete with Parameter Type, Length 1488 and Value fields. 1490 3.3.4 Selective Acknowledgement (SACK) (3): 1492 This chunk is sent to the peer endpoint to acknowledge received DATA 1493 chunks and to inform the peer endpoint of gaps in the received 1494 subsequences of DATA chunks as represented by their TSNs. 1496 The SACK MUST contain the Cumulative TSN Ack and Advertised Receiver 1497 Window Credit (a_rwnd) parameters. 1499 By definition, the value of the Cumulative TSN Ack parameter is the 1500 last TSN received before a break in the sequence of received TSNs 1501 occurs; the next TSN value following this one has not yet been 1502 received at the endpoint sending the SACK. This parameter therefore 1503 acknowledges receipt of all TSNs less than or equal to its value. 1505 The handling of a_rwnd by the receiver of the SACK is discussed in 1506 detail in Section 6.2.1. 1508 The SACK also contains zero or more Gap Ack Blocks. Each Gap Ack 1509 Block acknowledges a subsequence of TSNs received following a break 1510 in the sequence of received TSNs. By definition, all TSNs 1511 acknowledged by Gap Ack Blocks are greater than the value of the 1512 Cumulative TSN Ack. 1514 0 1 2 3 1515 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1517 | Type = 3 |Chunk Flags | Chunk Length | 1518 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1519 | Cumulative TSN Ack | 1520 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1521 | Advertised Receiver Window Credit (a_rwnd) | 1522 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1523 | Number of Gap Ack Blocks = N | Number of Duplicate TSNs = X | 1524 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1525 | Gap Ack Block #1 Start | Gap Ack Block #1 End | 1526 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1527 / / 1528 \ ... \ 1529 / / 1530 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1531 | Gap Ack Block #N Start | Gap Ack Block #N End | 1532 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1533 | Duplicate TSN 1 | 1534 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1535 / / 1536 \ ... \ 1537 / / 1538 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1539 | Duplicate TSN X | 1540 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1542 Chunk Flags: 8 bits 1544 Set to all zeros on transmit and ignored on receipt. 1546 Cumulative TSN Ack: 32 bits (unsigned integer) 1548 This parameter contains the TSN of the last DATA chunk received in 1549 sequence before a gap. 1551 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1552 integer) 1554 This field indicates the updated receive buffer space in bytes of 1555 the sender of this SACK, see Section 6.2.1 for details. 1557 Number of Gap Ack Blocks: 16 bits (unsigned integer) 1559 Indicates the number of Gap Ack Blocks included in this SACK. 1561 Number of Duplicate TSNs: 16 bit 1563 This field contains the number of duplicate TSNs the endpoint has 1564 received. Each duplicate TSN is listed following the Gap Ack 1565 Block list. 1567 Gap Ack Blocks: 1569 These fields contain the Gap Ack Blocks. They are repeated for 1570 each Gap Ack Block up to the number of Gap Ack Blocks defined in 1571 the Number of Gap Ack Blocks field. All DATA chunks with TSNs 1572 greater than or equal to (Cumulative TSN Ack + Gap Ack Block 1573 Start) and less than or equal to (Cumulative TSN Ack + Gap Ack 1574 Block End) of each Gap Ack Block are assumed to have been received 1575 correctly. 1577 Gap Ack Block Start: 16 bits (unsigned integer) 1579 Indicates the Start offset TSN for this Gap Ack Block. To 1580 calculate the actual TSN number the Cumulative TSN Ack is added to 1581 this offset number. This calculated TSN identifies the first TSN 1582 in this Gap Ack Block that has been received. 1584 Gap Ack Block End: 16 bits (unsigned integer) 1586 Indicates the End offset TSN for this Gap Ack Block. To calculate 1587 the actual TSN number the Cumulative TSN Ack is added to this 1588 offset number. This calculated TSN identifies the TSN of the last 1589 DATA chunk received in this Gap Ack Block. 1591 For example, assume the receiver has the following DATA chunks newly 1592 arrived at the time when it decides to send a Selective ACK, 1594 ---------- 1595 | TSN=17 | 1596 ---------- 1597 | | <- still missing 1598 ---------- 1599 | TSN=15 | 1600 ---------- 1601 | TSN=14 | 1602 ---------- 1603 | | <- still missing 1604 ---------- 1605 | TSN=12 | 1606 ---------- 1607 | TSN=11 | 1608 ---------- 1609 | TSN=10 | 1610 ---------- 1612 then, the parameter part of the SACK MUST be constructed as follows 1613 (assuming the new a_rwnd is set to 4660 by the sender): 1615 +--------------------------------+ 1616 | Cumulative TSN Ack = 12 | 1617 +--------------------------------+ 1618 | a_rwnd = 4660 | 1619 +----------------+---------------+ 1620 | num of block=2 | num of dup=0 | 1621 +----------------+---------------+ 1622 |block #1 strt=2 |block #1 end=3 | 1623 +----------------+---------------+ 1624 |block #2 strt=5 |block #2 end=5 | 1625 +----------------+---------------+ 1627 Duplicate TSN: 32 bits (unsigned integer) 1629 Indicates the number of times a TSN was received in duplicate 1630 since the last SACK was sent. Every time a receiver gets a 1631 duplicate TSN (before sending the SACK) it adds it to the list of 1632 duplicates. The duplicate count is re-initialized to zero after 1633 sending each SACK. 1635 For example, if a receiver were to get the TSN 19 three times it 1636 would list 19 twice in the outbound SACK. After sending the SACK 1637 if it received yet one more TSN 19 it would list 19 as a duplicate 1638 once in the next outgoing SACK. 1640 3.3.5 Heartbeat Request (HEARTBEAT) (4): 1642 An endpoint should send this chunk to its peer endpoint to probe the 1643 reachability of a particular destination transport address defined in 1644 the present association. 1646 The parameter field contains the Heartbeat Information which is a 1647 variable length opaque data structure understood only by the sender. 1649 0 1 2 3 1650 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1651 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1652 | Type = 4 | Chunk Flags | Heartbeat Length | 1653 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1654 \ \ 1655 / Heartbeat Information TLV (Variable-Length) / 1656 \ \ 1657 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1659 Chunk Flags: 8 bits 1661 Set to zero on transmit and ignored on receipt. 1663 Heartbeat Length: 16 bits (unsigned integer) 1665 Set to the size of the chunk in bytes, including the chunk header 1666 and the Heartbeat Information field. 1668 Heartbeat Information: variable length 1670 Defined as a variable-length parameter using the format described 1671 in Section 3.2.1, i.e.: 1673 Variable Parameters Status Type Value 1674 ------------------------------------------------------------- 1675 Heartbeat Info Mandatory 1 1677 0 1 2 3 1678 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1679 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1680 | Heartbeat Info Type=1 | HB Info Length | 1681 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1682 / Sender-specific Heartbeat Info / 1683 \ \ 1684 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1686 The Sender-specific Heartbeat Info field should normally include 1687 information about the sender's current time when this HEARTBEAT 1688 chunk is sent and the destination transport address to which this 1689 HEARTBEAT is sent (see Section 8.3). 1691 3.3.6 Heartbeat Acknowledgement (HEARTBEAT ACK) (5): 1693 An endpoint should send this chunk to its peer endpoint as a response 1694 to a HEARTBEAT chunk (see Section 8.3). A HEARTBEAT ACK is always 1695 sent to the source IP address of the IP datagram containing the 1696 HEARTBEAT chunk to which this ack is responding. 1698 The parameter field contains a variable length opaque data structure. 1700 0 1 2 3 1701 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1702 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1703 | Type = 5 | Chunk Flags | Heartbeat Ack Length | 1704 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1705 \ \ 1706 / Heartbeat Information TLV (Variable-Length) / 1707 \ \ 1708 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1710 Chunk Flags: 8 bits 1712 Set to zero on transmit and ignored on receipt. 1714 Heartbeat Ack Length: 16 bits (unsigned integer) 1716 Set to the size of the chunk in bytes, including the chunk header 1717 and the Heartbeat Information field. 1719 Heartbeat Information: variable length 1721 This field MUST contain the Heartbeat Information parameter of 1722 the Heartbeat Request to which this Heartbeat Acknowledgement is 1723 responding. 1725 Variable Parameters Status Type Value 1726 ------------------------------------------------------------- 1727 Heartbeat Info Mandatory 1 1729 3.3.7 Abort Association (ABORT) (6): 1731 The ABORT chunk is sent to the peer of an association to close the 1732 association. The ABORT chunk may contain Cause Parameters to inform 1733 the receiver the reason of the abort. DATA chunks MUST NOT be 1734 bundled with ABORT. Control chunks (except for INIT, INIT ACK and 1735 SHUTDOWN COMPLETE) MAY be bundled with an ABORT but they MUST be 1736 placed before the ABORT in the SCTP packet, or they will be ignored 1737 by the receiver. 1739 If an endpoint receives an ABORT with a format error or for an 1740 association that doesn't exist, it MUST silently discard it. 1741 Moreover, under any circumstances, an endpoint that receives an ABORT 1742 MUST NOT respond to that ABORT by sending an ABORT of its own. 1744 0 1 2 3 1745 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1746 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1747 | Type = 6 |Reserved |T| Length | 1748 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1749 \ \ 1750 / zero or more Error Causes / 1751 \ \ 1752 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1754 Chunk Flags: 8 bits 1756 Reserved: 7 bits 1758 Set to 0 on transmit and ignored on receipt. 1760 T bit: 1 bit 1762 The T bit is set to 0 if the sender had a TCB that it destroyed. 1763 If the sender did not have a TCB it should set this bit to 1. 1765 Note: Special rules apply to this chunk for verification, please see 1766 Section 8.5.1 for details. 1768 Length: 16 bits (unsigned integer) 1770 Set to the size of the chunk in bytes, including the chunk header 1771 and all the Error Cause fields present. 1773 See Section 3.3.10 for Error Cause definitions. 1775 3.3.8 Shutdown Association (SHUTDOWN) (7): 1777 An endpoint in an association MUST use this chunk to initiate a 1778 graceful close of the association with its peer. This chunk has the 1779 following format. 1781 0 1 2 3 1782 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1783 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1784 | Type = 7 | Chunk Flags | Length = 8 | 1785 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1786 | Cumulative TSN Ack | 1787 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1789 Chunk Flags: 8 bits 1791 Set to zero on transmit and ignored on receipt. 1793 Length: 16 bits (unsigned integer) 1795 Indicates the length of the parameter. Set to 8. 1797 Cumulative TSN Ack: 32 bits (unsigned integer) 1799 This parameter contains the TSN of the last chunk received in 1800 sequence before any gaps. 1802 Note: Since the SHUTDOWN message does not contain Gap Ack Blocks, 1803 it cannot be used to acknowledge TSNs received out of order. In a 1804 SACK, lack of Gap Ack Blocks that were previously included 1805 indicates that the data receiver reneged on the associated DATA 1806 chunks. Since SHUTDOWN does not contain Gap Ack Blocks, the 1807 receiver of the SHUTDOWN shouldn't interpret the lack of a Gap Ack 1808 Block as a renege. (see Section 6.2 for information on reneging) 1810 3.3.9 Shutdown Acknowledgement (SHUTDOWN ACK) (8): 1812 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 1813 chunk at the completion of the shutdown process, see Section 9.2 for 1814 details. 1816 The SHUTDOWN ACK chunk has no parameters. 1818 0 1 2 3 1819 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1820 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1821 | Type = 8 |Chunk Flags | Length = 4 | 1822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1824 Chunk Flags: 8 bits 1826 Set to zero on transmit and ignored on receipt. 1828 3.3.10 Operation Error (ERROR) (9): 1830 An endpoint sends this chunk to its peer endpoint to notify it of 1831 certain error conditions. It contains one or more error causes. An 1832 Operation Error is not considered fatal in and of itself, but may be 1833 used with an ABORT chunk to report a fatal condition. It has the 1834 following parameters: 1836 0 1 2 3 1837 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1838 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1839 | Type = 9 | Chunk Flags | Length | 1840 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1841 \ \ 1842 / one or more Error Causes / 1843 \ \ 1844 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1846 Chunk Flags: 8 bits 1848 Set to zero on transmit and ignored on receipt. 1850 Length: 16 bits (unsigned integer) 1852 Set to the size of the chunk in bytes, including the chunk header 1853 and all the Error Cause fields present. 1855 Error causes are defined as variable-length parameters using the 1856 format described in 3.2.1, i.e.: 1858 0 1 2 3 1859 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1860 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1861 | Cause Code | Cause Length | 1862 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1863 / Cause-specific Information / 1864 \ \ 1865 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1867 Cause Code: 16 bits (unsigned integer) 1869 Defines the type of error conditions being reported. 1871 Cause Code 1872 Value Cause Code 1873 --------- ---------------- 1874 1 Invalid Stream Identifier 1875 2 Missing Mandatory Parameter 1876 3 Stale Cookie Error 1877 4 Out of Resource 1878 5 Unresolvable Address 1879 6 Unrecognized Chunk Type 1880 7 Invalid Mandatory Parameter 1881 8 Unrecognized Parameters 1882 9 No User Data 1883 10 Cookie Received While Shutting Down 1884 11 Restart of an association with new addresses 1886 Cause Length: 16 bits (unsigned integer) 1888 Set to the size of the parameter in bytes, including the Cause 1889 Code, Cause Length, and Cause-Specific Information fields 1891 Cause-specific Information: variable length 1893 This field carries the details of the error condition. 1895 Sections 3.3.10.1 - 3.3.10.11 define error causes for SCTP. 1896 Guidelines for the IETF to define new error cause values are 1897 discussed in Section 13.3. 1899 3.3.10.1 Invalid Stream Identifier (1) 1901 Cause of error 1902 --------------- 1903 Invalid Stream Identifier: Indicates endpoint received a DATA chunk 1904 sent to a nonexistent stream. 1906 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1907 | Cause Code=1 | Cause Length=8 | 1908 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1909 | Stream Identifier | (Reserved) | 1910 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1912 Stream Identifier: 16 bits (unsigned integer) 1914 Contains the Stream Identifier of the DATA chunk received in 1915 error. 1917 Reserved: 16 bits 1919 This field is reserved. It is set to all 0's on transmit and 1920 Ignored on receipt. 1922 3.3.10.2 Missing Mandatory Parameter (2) 1924 Cause of error 1925 --------------- 1926 Missing Mandatory Parameter: Indicates that one or more mandatory 1927 TLV parameters are missing in a received INIT or INIT ACK. 1929 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1930 | Cause Code=2 | Cause Length=8+N*2 | 1931 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1932 | Number of missing params=N | 1933 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1934 | Missing Param Type #1 | Missing Param Type #2 | 1935 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1936 | Missing Param Type #N-1 | Missing Param Type #N | 1937 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1939 Number of Missing params: 32 bits (unsigned integer) 1941 This field contains the number of parameters contained in the 1942 Cause-specific Information field. 1944 Missing Param Type: 16 bits (unsigned integer) 1946 Each field will contain the missing mandatory parameter number. 1948 3.3.10.3 Stale Cookie Error (3) 1950 Cause of error 1951 -------------- 1952 Stale Cookie Error: Indicates the receipt of a valid State Cookie 1953 that has expired. 1955 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1956 | Cause Code=3 | Cause Length=8 | 1957 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1958 | Measure of Staleness (usec.) | 1959 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1961 Measure of Staleness: 32 bits (unsigned integer) 1963 This field contains the difference, in microseconds, between the 1964 current time and the time the State Cookie expired. 1966 The sender of this error cause MAY choose to report how long past 1967 expiration the State Cookie is by including a non-zero value in 1968 the Measure of Staleness field. If the sender does not wish to 1969 provide this information it should set the Measure of Staleness 1970 field to the value of zero. 1972 3.3.10.4 Out of Resource (4) 1974 Cause of error 1975 --------------- 1976 Out of Resource: Indicates that the sender is out of resource. This 1977 is usually sent in combination with or within an ABORT. 1979 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1980 | Cause Code=4 | Cause Length=4 | 1981 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1983 3.3.10.5 Unresolvable Address (5) 1985 Cause of error 1986 --------------- 1987 Unresolvable Address: Indicates that the sender is not able to 1988 resolve the specified address parameter (e.g., type of address is not 1989 supported by the sender). This is usually sent in combination with 1990 or within an ABORT. 1992 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1993 | Cause Code=5 | Cause Length | 1994 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1995 / Unresolvable Address / 1996 \ \ 1997 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1999 Unresolvable Address: variable length 2001 The unresolvable address field contains the complete Type, Length 2002 and Value of the address parameter (or Host Name parameter) that 2003 contains the unresolvable address or host name. 2005 3.3.10.6 Unrecognized Chunk Type (6) 2007 Cause of error 2008 --------------- 2009 Unrecognized Chunk Type: This error cause is returned to the 2010 originator of the chunk if the receiver does not understand the chunk 2011 and the upper bits of the 'Chunk Type' are set to 01 or 11. 2013 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2014 | Cause Code=6 | Cause Length | 2015 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2016 / Unrecognized Chunk / 2017 \ \ 2018 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2020 Unrecognized Chunk: variable length 2022 The Unrecognized Chunk field contains the unrecognized Chunk from 2023 the SCTP packet complete with Chunk Type, Chunk Flags and Chunk 2024 Length. 2026 3.3.10.7 Invalid Mandatory Parameter (7) 2028 Cause of error 2029 --------------- 2030 Invalid Mandatory Parameter: This error cause is returned to the 2031 originator of an INIT or INIT ACK chunk when one of the mandatory 2032 parameters is set to an invalid value. 2034 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2035 | Cause Code=7 | Cause Length=4 | 2036 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2038 3.3.10.8 Unrecognized Parameters (8) 2040 Cause of error 2041 --------------- 2042 Unrecognized Parameters: This error cause is returned to the 2043 originator of the INIT ACK chunk if the receiver does not recognize 2044 one or more Optional TLV parameters in the INIT ACK chunk. 2046 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2047 | Cause Code=8 | Cause Length | 2048 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2049 / Unrecognized Parameters / 2050 \ \ 2051 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2053 Unrecognized Parameters: variable length 2055 The Unrecognized Parameters field contains the unrecognized 2056 parameters copied from the INIT ACK chunk complete with TLV. This 2057 error cause is normally contained in an ERROR chunk bundled with 2058 the COOKIE ECHO chunk when responding to the INIT ACK, when the 2059 sender of the COOKIE ECHO chunk wishes to report unrecognized 2060 parameters. 2062 3.3.10.9 No User Data (9) 2064 Cause of error 2065 --------------- 2066 No User Data: This error cause is returned to the originator of a 2067 DATA chunk if a received DATA chunk has no user data. 2069 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2070 | Cause Code=9 | Cause Length=8 | 2071 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2072 / TSN value / 2073 \ \ 2074 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2076 TSN value: 32 bits (+unsigned integer) 2078 The TSN value field contains the TSN of the DATA chunk received 2079 with no user data field. 2081 This cause code is normally returned in an ABORT chunk (see 2082 Section 6.2) 2084 3.3.10.10 Cookie Received While Shutting Down (10) 2086 Cause of error 2087 --------------- 2088 Cookie Received While Shutting Down: A COOKIE ECHO was received 2089 While the endpoint was in SHUTDOWN-ACK-SENT state. This error is 2090 usually returned in an ERROR chunk bundled with the retransmitted 2091 SHUTDOWN ACK. 2093 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2094 | Cause Code=10 | Cause Length=4 | 2095 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2097 3.3.10.11 Restart of an association with new addresses (11) 2099 Cause of error 2100 -------------- 2101 Restart of an association with new addresses: A COOKIE ECHO was 2102 received on an existing association. But the COOKIE ECHO added 2103 addresses to the association that were previously NOT part 2104 of the association. The New addresses are listed in the 2105 error code. This ERROR is normally sent as part of an ABORT 2106 refusing the Cookie Echo (see section 5.2.4). 2108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2109 | Cause Code=11 | Cause Length=Variable | 2110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2111 / New Address TLVs / 2112 \ \ 2113 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2115 3.3.11 Cookie Echo (COOKIE ECHO) (10): 2117 This chunk is used only during the initialization of an association. 2118 It is sent by the initiator of an association to its peer to complete 2119 the initialization process. This chunk MUST precede any DATA chunk 2120 sent within the association, but MAY be bundled with one or more DATA 2121 chunks in the same packet. 2123 0 1 2 3 2124 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2125 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2126 | Type = 10 |Chunk Flags | Length | 2127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2128 / Cookie / 2129 \ \ 2130 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2132 Chunk Flags: 8 bit 2134 Set to zero on transmit and ignored on receipt. 2136 Length: 16 bits (unsigned integer) 2138 Set to the size of the chunk in bytes, including the 4 bytes of 2139 the chunk header and the size of the Cookie. 2141 Cookie: variable size 2143 This field must contain the exact cookie received in the State 2144 Cookie parameter from the previous INIT ACK. 2146 An implementation SHOULD make the cookie as small as possible to 2147 insure interoperability. 2149 3.3.12 Cookie Acknowledgement (COOKIE ACK) (11): 2151 This chunk is used only during the initialization of an association. 2152 It is used to acknowledge the receipt of a COOKIE ECHO chunk. This 2153 chunk MUST precede any DATA or SACK chunk sent within the 2154 association, but MAY be bundled with one or more DATA chunks or SACK 2155 chunk in the same SCTP packet. 2157 0 1 2 3 2158 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2160 | Type = 11 |Chunk Flags | Length = 4 | 2161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2163 Chunk Flags: 8 bits 2165 Set to zero on transmit and ignored on receipt. 2167 3.3.13 Shutdown Complete (SHUTDOWN COMPLETE) (14): 2169 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 2170 ACK chunk at the completion of the shutdown process, see Section 9.2 2171 for details. 2173 The SHUTDOWN COMPLETE chunk has no parameters. 2175 0 1 2 3 2176 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2177 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2178 | Type = 14 |Reserved |T| Length = 4 | 2179 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2181 Chunk Flags: 8 bits 2183 Reserved: 7 bits 2185 Set to 0 on transmit and ignored on receipt. 2187 T bit: 1 bit 2189 The T bit is set to 0 if the sender had a TCB that it destroyed. 2190 If the sender did not have a TCB it should set this bit to 1. 2192 Note: Special rules apply to this chunk for verification, please see 2193 Section 8.5.1 for details. 2195 4. SCTP Association State Diagram 2197 During the lifetime of an SCTP association, the SCTP endpoint's 2198 association progress from one state to another in response to various 2199 events. The events that may potentially advance an association's 2200 state include: 2202 o SCTP user primitive calls, e.g., [ASSOCIATE], [SHUTDOWN], [ABORT], 2204 o Reception of INIT, COOKIE ECHO, ABORT, SHUTDOWN, etc., control 2205 chunks, or 2207 o Some timeout events. 2209 The state diagram in the figures below illustrates state changes, 2210 together with the causing events and resulting actions. Note that 2211 some of the error conditions are not shown in the state diagram. 2213 Full description of all special cases should be found in the text. 2215 Note: Chunk names are given in all capital letters, while parameter 2216 names have the first letter capitalized, e.g., COOKIE ECHO chunk type 2217 vs. State Cookie parameter. If more than one event/message can occur 2218 which causes a state transition it is labeled (A), (B) etc. 2220 ----- -------- (frm any state) 2221 / \ / rcv ABORT [ABORT] 2222 rcv INIT | | | ---------- or ---------- 2223 --------------- | v v delete TCB snd ABORT 2224 generate Cookie \ +---------+ delete TCB 2225 snd INIT ACK ---| CLOSED | 2226 +---------+ 2227 / \ [ASSOCIATE] 2228 / \ --------------- 2229 | | create TCB 2230 | | snd INIT 2231 | | strt init timer 2232 rcv valid | | 2233 COOKIE ECHO | v 2234 (1) ---------------- | +------------+ 2235 create TCB | | COOKIE-WAIT| (2) 2236 snd COOKIE ACK | +------------+ 2237 | | 2238 | | rcv INIT ACK 2239 | | ----------------- 2240 | | snd COOKIE ECHO 2241 | | stop init timer 2242 | | strt cookie timer 2243 | v 2244 | +--------------+ 2245 | | COOKIE-ECHOED| (3) 2246 | +--------------+ 2247 | | 2248 | | rcv COOKIE ACK 2249 | | ----------------- 2250 | | stop cookie timer 2251 v v 2252 +---------------+ 2253 | ESTABLISHED | 2254 +---------------+ 2256 (from the ESTABLISHED state only) 2257 | 2258 | 2259 /--------+--------\ 2260 [SHUTDOWN] / \ 2261 -------------------| | 2262 check outstanding | | 2263 DATA chunks | | 2264 v | 2265 +---------+ | 2266 |SHUTDOWN-| | rcv SHUTDOWN/check 2267 |PENDING | | outstanding DATA 2268 +---------+ | chunks 2269 | |------------------ 2270 No more outstanding | | 2271 ---------------------| | 2272 snd SHUTDOWN | | 2273 strt shutdown timer | | 2274 v v 2275 +---------+ +-----------+ 2276 (4) |SHUTDOWN-| | SHUTDOWN- | (5,6) 2277 |SENT | | RECEIVED | 2278 +---------+ +-----------+ 2279 | \ | 2280 (A) rcv SHUTDOWN ACK | \ | 2281 ----------------------| \ | 2282 stop shutdown timer | \rcv:SHUTDOWN | 2283 send SHUTDOWN COMPLETE| \ (B) | 2284 delete TCB | \ | 2285 | \ | No more outstanding 2286 | \ |----------------- 2287 | \ | send SHUTDOWN ACK 2288 (B)rcv SHUTDOWN | \ | strt shutdown timer 2289 ----------------------| \ | 2290 send SHUTDOWN ACK | \ | 2291 start shutdown timer | \ | 2292 move to SHUTDOWN- | \ | 2293 ACK-SENT | | | 2294 | v | 2295 | +-----------+ 2296 | | SHUTDOWN- | (7) 2297 | | ACK-SENT | 2298 | +----------+- 2299 | | (C)rcv SHUTDOWN COMPLETE 2300 | |----------------- 2301 | | stop shutdown timer 2302 | | delete TCB 2303 | | 2304 | | (D)rcv SHUTDOWN ACK 2305 | |-------------- 2306 | | stop shutdown timer 2307 | | send SHUTDOWN COMPLETE 2308 | | delete TCB 2309 | | 2310 \ +---------+ / 2311 \-->| CLOSED |<--/ 2312 +---------+ 2314 Figure 3: State Transition Diagram of SCTP 2316 Notes: 2318 1) If the State Cookie in the received COOKIE ECHO is invalid (i.e., 2319 failed to pass the integrity check), the receiver MUST silently 2320 discard the packet. Or, if the received State Cookie is expired 2321 (see Section 5.1.5), the receiver MUST send back an ERROR chunk. 2322 In either case, the receiver stays in the CLOSED state. 2324 2) If the T1-init timer expires, the endpoint MUST retransmit INIT 2325 and re-start the T1-init timer without changing state. This MUST 2326 be repeated up to 'Max.Init.Retransmits' times. After that, the 2327 endpoint MUST abort the initialization process and report the 2328 error to SCTP user. 2330 3) If the T1-cookie timer expires, the endpoint MUST retransmit 2331 COOKIE ECHO and re-start the T1-cookie timer without changing 2332 state. This MUST be repeated up to 'Max.Init.Retransmits' times. 2333 After that, the endpoint MUST abort the initialization process and 2334 report the error to SCTP user. 2336 4) In SHUTDOWN-SENT state the endpoint MUST acknowledge any received 2337 DATA chunks without delay. 2339 5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new 2340 send request from its SCTP user. 2342 6) In SHUTDOWN-RECEIVED state, the endpoint MUST transmit or 2343 retransmit data and leave this state when all data in queue is 2344 transmitted. 2346 7) In SHUTDOWN-ACK-SENT state, the endpoint MUST NOT accept any new 2347 send request from its SCTP user. 2349 The CLOSED state is used to indicate that an association is not 2350 created (i.e., doesn't exist). 2352 5. Association Initialization 2354 Before the first data transmission can take place from one SCTP 2355 endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must 2356 complete an initialization process in order to set up an SCTP 2357 association between them. 2359 The SCTP user at an endpoint should use the ASSOCIATE primitive to 2360 initialize an SCTP association to another SCTP endpoint. 2362 IMPLEMENTATION NOTE: From an SCTP-user's point of view, an 2363 association may be implicitly opened, without an ASSOCIATE primitive 2364 (see 10.1 B) being invoked, by the initiating endpoint's sending of 2365 the first user data to the destination endpoint. The initiating SCTP 2366 will assume default values for all mandatory and optional parameters 2367 for the INIT/INIT ACK. 2369 Once the association is established, unidirectional streams are open 2370 for data transfer on both ends (see Section 5.1.1). 2372 5.1 Normal Establishment of an Association 2373 The initialization process consists of the following steps (assuming 2374 that SCTP endpoint "A" tries to set up an association with SCTP 2375 endpoint "Z" and "Z" accepts the new association): 2377 A) "A" first sends an INIT chunk to "Z". In the INIT, "A" must 2378 provide its Verification Tag (Tag_A) in the Initiate Tag field. 2379 Tag_A SHOULD be a random number in the range of 1 to 4294967295 2380 (see 5.3.1 for Tag value selection). After sending the INIT, "A" 2381 starts the T1-init timer and enters the COOKIE-WAIT state. 2383 B) "Z" shall respond immediately with an INIT ACK chunk. The 2384 destination IP address of the INIT ACK MUST be set to the source 2385 IP address of the INIT to which this INIT ACK is responding. In 2386 the response, besides filling in other parameters, "Z" must set 2387 the Verification Tag field to Tag_A, and also provide its own 2388 Verification Tag (Tag_Z) in the Initiate Tag field. 2390 Moreover, "Z" MUST generate and send along with the INIT ACK a 2391 State Cookie. See Section 5.1.3 for State Cookie generation. 2393 Note: After sending out INIT ACK with the State Cookie parameter, 2394 "Z" MUST NOT allocate any resources, nor keep any states for the 2395 new association. Otherwise, "Z" will be vulnerable to resource 2396 attacks. 2398 C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1- 2399 init timer and leave COOKIE-WAIT state. "A" shall then send the 2400 State Cookie received in the INIT ACK chunk in a COOKIE ECHO 2401 chunk, start the T1-cookie timer, and enter the COOKIE-ECHOED 2402 state. 2404 Note: The COOKIE ECHO chunk can be bundled with any pending 2405 outbound DATA chunks, but it MUST be the first chunk in the packet 2406 and until the COOKIE ACK is returned the sender MUST NOT send any 2407 other packets to the peer. 2409 D) Upon reception of the COOKIE ECHO chunk, Endpoint "Z" will reply 2410 with a COOKIE ACK chunk after building a TCB and moving to the 2411 ESTABLISHED state. A COOKIE ACK chunk may be bundled with any 2412 pending DATA chunks (and/or SACK chunks), but the COOKIE ACK chunk 2413 MUST be the first chunk in the packet. 2415 IMPLEMENTATION NOTE: An implementation may choose to send the 2416 Communication Up notification to the SCTP user upon reception of a 2417 valid COOKIE ECHO chunk. 2419 E) Upon reception of the COOKIE ACK, endpoint "A" will move from the 2420 COOKIE-ECHOED state to the ESTABLISHED state, stopping the T1- 2421 cookie timer. It may also notify its ULP about the successful 2422 establishment of the association with a Communication Up 2423 notification (see Section 10). 2425 An INIT or INIT ACK chunk MUST NOT be bundled with any other chunk. 2426 They MUST be the only chunks present in the SCTP packets that carry 2427 them. 2429 An endpoint MUST send the INIT ACK to the IP address from which it 2430 received the INIT. 2432 Note: T1-init timer and T1-cookie timer shall follow the same rules 2433 given in Section 6.3. 2435 If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but 2436 decides not to establish the new association due to missing mandatory 2437 parameters in the received INIT or INIT ACK, invalid parameter 2438 values, or lack of local resources, it MUST respond with an ABORT 2439 chunk. It SHOULD also specify the cause of abort, such as the type 2440 of the missing mandatory parameters, etc., by including the error 2441 cause parameters with the ABORT chunk. The Verification Tag field in 2442 the common header of the outbound SCTP packet containing the ABORT 2443 chunk MUST be set to the Initiate Tag value of the peer. 2445 After the reception of the first DATA chunk in an association the 2446 endpoint MUST immediately respond with a SACK to acknowledge the DATA 2447 chunk. Subsequent acknowledgements should be done as described in 2448 Section 6.2. 2450 When the TCB is created, each endpoint MUST set its internal 2451 Cumulative TSN Ack Point to the value of its transmitted Initial TSN 2452 minus one. 2454 IMPLEMENTATION NOTE: The IP addresses and SCTP port are generally 2455 used as the key to find the TCB within an SCTP instance. 2457 5.1.1 Handle Stream Parameters 2459 In the INIT and INIT ACK chunks, the sender of the chunk shall 2460 indicate the number of outbound streams (OS) it wishes to have in the 2461 association, as well as the maximum inbound streams (MIS) it will 2462 accept from the other endpoint. 2464 After receiving the stream configuration information from the other 2465 side, each endpoint shall perform the following check: If the peer's 2466 MIS is less than the endpoint's OS, meaning that the peer is 2467 incapable of supporting all the outbound streams the endpoint wants 2468 to configure, the endpoint MUST either use MIS outbound streams, or 2469 abort the association and report to its upper layer the resources 2470 shortage at its peer. 2472 After the association is initialized, the valid outbound stream 2473 identifier range for either endpoint shall be 0 to min(local OS, 2474 remote MIS)-1. 2476 5.1.2 Handle Address Parameters 2478 During the association initialization, an endpoint shall use the 2479 following rules to discover and collect the destination transport 2480 address(es) of its peer. 2482 A) If there are no address parameters present in the received INIT or 2483 INIT ACK chunk, the endpoint shall take the source IP address from 2484 which the chunk arrives and record it, in combination with the 2485 SCTP source port number, as the only destination transport address 2486 for this peer. 2488 B) If there is a Host Name parameter present in the received INIT or 2489 INIT ACK chunk, the endpoint shall resolve that host name to a 2490 list of IP address(es) and derive the transport address(es) of 2491 this peer by combining the resolved IP address(es) with the SCTP 2492 source port. 2494 The endpoint MUST ignore any other IP address parameters if they 2495 are also present in the received INIT or INIT ACK chunk. 2497 The time at which the receiver of an INIT resolves the host name 2498 has potential security implications to SCTP. If the receiver of 2499 an INIT resolves the host name upon the reception of the chunk, 2500 and the mechanism the receiver uses to resolve the host name 2501 involves potential long delay (e.g. DNS query), the receiver may 2502 open itself up to resource attacks for the period of time while it 2503 is waiting for the name resolution results before it can build the 2504 State Cookie and release local resources. 2506 Therefore, in cases where the name translation involves potential 2507 long delay, the receiver of the INIT MUST postpone the name 2508 resolution till the reception of the COOKIE ECHO chunk from the 2509 peer. In such a case, the receiver of the INIT SHOULD build the 2510 State Cookie using the received Host Name (instead of destination 2511 transport addresses) and send the INIT ACK to the source IP 2512 address from which the INIT was received. 2514 The receiver of an INIT ACK shall always immediately attempt to 2515 resolve the name upon the reception of the chunk. 2517 The receiver of the INIT or INIT ACK MUST NOT send user data 2518 (piggy-backed or stand-alone) to its peer until the host name is 2519 successfully resolved. 2521 If the name resolution is not successful, the endpoint MUST 2522 immediately send an ABORT with "Unresolvable Address" error cause 2523 to its peer. The ABORT shall be sent to the source IP address 2524 from which the last peer packet was received. 2526 C) If there are only IPv4/IPv6 addresses present in the received INIT 2527 or INIT ACK chunk, the receiver shall derive and record all the 2528 transport address(es) from the received chunk AND the source IP 2529 address that sent the INIT or INIT ACK. The transport address(es) 2530 are derived by the combination of SCTP source port (from the 2531 common header) and the IP address parameter(s) carried in the INIT 2532 or INIT ACK chunk and the source IP address of the IP datagram. 2533 The receiver should use only these transport addresses as 2534 destination transport addresses when sending subsequent packets to 2535 its peer. 2537 IMPLEMENTATION NOTE: In some cases (e.g., when the implementation 2538 doesn't control the source IP address that is used for 2539 transmitting), an endpoint might need to include in its INIT or 2540 INIT ACK all possible IP addresses from which packets to the peer 2541 could be transmitted. 2543 After all transport addresses are derived from the INIT or INIT ACK 2544 chunk using the above rules, the endpoint shall select one of the 2545 transport addresses as the initial primary path. 2547 Note: The INIT-ACK MUST be sent to the source address of the INIT. 2549 The sender of INIT may include a 'Supported Address Types' parameter 2550 in the INIT to indicate what types of address are acceptable. When 2551 this parameter is present, the receiver of INIT (initiatee) MUST 2552 either use one of the address types indicated in the Supported 2553 Address Types parameter when responding to the INIT, or abort the 2554 association with an "Unresolvable Address" error cause if it is 2555 unwilling or incapable of using any of the address types indicated by 2556 its peer. 2558 IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK 2559 fails to resolve the address parameter due to an unsupported type, it 2560 can abort the initiation process and then attempt a re-initiation by 2561 using a 'Supported Address Types' parameter in the new INIT to 2562 indicate what types of address it prefers. 2564 5.1.3 Generating State Cookie 2566 When sending an INIT ACK as a response to an INIT chunk, the sender 2567 of INIT ACK creates a State Cookie and sends it in the State Cookie 2568 parameter of the INIT ACK. Inside this State Cookie, the sender 2569 should include a MAC (see [RFC2104] for an example), a time stamp on 2570 when the State Cookie is created, and the lifespan of the State 2571 Cookie, along with all the information necessary for it to establish 2572 the association. 2574 The following steps SHOULD be taken to generate the State Cookie: 2576 1) Create an association TCB using information from both the received 2577 INIT and the outgoing INIT ACK chunk, 2579 2) In the TCB, set the creation time to the current time of day, and 2580 the lifespan to the protocol parameter 'Valid.Cookie.Life', 2582 3) From the TCB, identify and collect the minimal subset of 2583 information needed to re-create the TCB, and generate a MAC using 2584 this subset of information and a secret key (see [RFC2104] for an 2585 example of generating a MAC), and 2587 4) Generate the State Cookie by combining this subset of information 2588 and the resultant MAC. 2590 After sending the INIT ACK with the State Cookie parameter, the 2591 sender SHOULD delete the TCB and any other local resource related to 2592 the new association, so as to prevent resource attacks. 2594 The hashing method used to generate the MAC is strictly a private 2595 matter for the receiver of the INIT chunk. The use of a MAC is 2596 mandatory to prevent denial of service attacks. The secret key 2597 SHOULD be random ([RFC1750] provides some information on randomness 2598 guidelines); it SHOULD be changed reasonably frequently, and the 2599 timestamp in the State Cookie MAY be used to determine which key 2600 should be used to verify the MAC. 2602 An implementation SHOULD make the cookie as small as possible to 2603 insure interoperability. 2605 5.1.4 State Cookie Processing 2607 When an endpoint (in the COOKIE WAIT state) receives an INIT ACK 2608 chunk with a State Cookie parameter, it MUST immediately send a 2609 COOKIE ECHO chunk to its peer with the received State Cookie. The 2610 sender MAY also add any pending DATA chunks to the packet after the 2611 COOKIE ECHO chunk. 2613 The endpoint shall also start the T1-cookie timer after sending out 2614 the COOKIE ECHO chunk. If the timer expires, the endpoint shall 2615 retransmit the COOKIE ECHO chunk and restart the T1-cookie timer. 2616 This is repeated until either a COOKIE ACK is received or ' 2617 Max.Init.Retransmits' is reached causing the peer endpoint to be 2618 marked unreachable (and thus the association enters the CLOSED 2619 state). 2621 5.1.5 State Cookie Authentication 2623 When an endpoint receives a COOKIE ECHO chunk from another endpoint 2624 with which it has no association, it shall take the following 2625 actions: 2627 1) Compute a MAC using the TCB data carried in the State Cookie and 2628 the secret key (note the timestamp in the State Cookie MAY be used 2629 to determine which secret key to use). Reference [RFC2104] can be 2630 used as a guideline for generating the MAC, 2632 2) Authenticate the State Cookie as one that it previously generated 2633 by comparing the computed MAC against the one carried in the State 2634 Cookie. If this comparison fails, the SCTP packet, including the 2635 COOKIE ECHO and any DATA chunks, should be silently discarded, 2637 3) Compare the creation timestamp in the State Cookie to the current 2638 local time. If the elapsed time is longer than the lifespan 2639 carried in the State Cookie, then the packet, including the COOKIE 2640 ECHO and any attached DATA chunks, SHOULD be discarded and the 2641 endpoint MUST transmit an ERROR chunk with a "Stale Cookie" error 2642 cause to the peer endpoint, 2644 4) If the State Cookie is valid, create an association to the sender 2645 of the COOKIE ECHO chunk with the information in the TCB data 2646 carried in the COOKIE ECHO, and enter the ESTABLISHED state, 2648 5) Send a COOKIE ACK chunk to the peer acknowledging reception of the 2649 COOKIE ECHO. The COOKIE ACK MAY be bundled with an outbound DATA 2650 chunk or SACK chunk; however, the COOKIE ACK MUST be the first 2651 chunk in the SCTP packet. 2653 6) Immediately acknowledge any DATA chunk bundled with the COOKIE 2654 ECHO with a SACK (subsequent DATA chunk acknowledgement should 2655 follow the rules defined in Section 6.2). As mentioned in step 2656 5), if the SACK is bundled with the COOKIE ACK, the COOKIE ACK 2657 MUST appear first in the SCTP packet. 2659 If a COOKIE ECHO is received from an endpoint with which the receiver 2660 of the COOKIE ECHO has an existing association, the procedures in 2661 Section 5.2 should be followed. 2663 5.1.6 An Example of Normal Association Establishment 2665 In the following example, "A" initiates the association and then 2666 sends a user message to "Z", then "Z" sends two user messages to "A" 2667 later (assuming no bundling or fragmentation occurs): 2669 Endpoint A Endpoint Z 2670 {app sets association with Z} 2671 (build TCB) 2672 INIT [I-Tag=Tag_A 2673 & other info] --------\ 2674 (Start T1-init timer) \ 2675 (Enter COOKIE-WAIT state) \---> (compose temp TCB and Cookie_Z) 2676 /--- INIT ACK [Veri Tag=Tag_A, 2677 / I-Tag=Tag_Z, 2678 (Cancel T1-init timer) <------/ Cookie_Z, & other info] 2679 (destroy temp TCB) 2680 COOKIE ECHO [Cookie_Z] ------\ 2681 (Start T1-init timer) \ 2682 (Enter COOKIE-ECHOED state) \---> (build TCB enter ESTABLISHED 2683 state) 2685 /---- COOKIE-ACK 2686 / 2687 (Cancel T1-init timer, <-----/ 2688 Enter ESTABLISHED state) 2689 {app sends 1st user data; strm 0} 2690 DATA [TSN=initial TSN_A 2691 Strm=0,Seq=1 & user data]--\ 2692 (Start T3-rtx timer) \ 2693 \-> 2694 /----- SACK [TSN Ack=init 2695 TSN_A,Block=0] 2696 (Cancel T3-rtx timer) <------/ 2698 ... 2699 {app sends 2 messages;strm 0} 2700 /---- DATA 2701 / [TSN=init TSN_Z 2702 <--/ Strm=0,Seq=1 & user data 1] 2703 SACK [TSN Ack=init TSN_Z, /---- DATA 2704 Block=0] --------\ / [TSN=init TSN_Z +1, 2705 \/ Strm=0,Seq=2 & user data 2] 2706 <------/\ 2707 \ 2708 \------> 2710 Figure 4: INITiation Example 2712 If the T1-init timer expires at "A" after the INIT or COOKIE ECHO 2713 chunks are sent, the same INIT or COOKIE ECHO chunk with the same 2714 Initiate Tag (i.e., Tag_A) or State Cookie shall be retransmitted and 2715 the timer restarted. This shall be repeated Max.Init.Retransmits 2716 times before "A" considers "Z" unreachable and reports the failure to 2717 its upper layer (and thus the association enters the CLOSED state). 2718 When retransmitting the INIT, the endpoint MUST follow the rules 2719 defined in 6.3 to determine the proper timer value. 2721 5.2 Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE ECHO, and 2722 COOKIE ACK 2724 During the lifetime of an association (in one of the possible 2725 states), an endpoint may receive from its peer endpoint one of the 2726 setup chunks (INIT, INIT ACK, COOKIE ECHO, and COOKIE ACK). The 2727 receiver shall treat such a setup chunk as a duplicate and process it 2728 as described in this section. 2730 Note: An endpoint will not receive the chunk unless the chunk was 2731 sent to a SCTP transport address and is from a SCTP transport address 2732 associated with this endpoint. Therefore, the endpoint processes 2733 such a chunk as part of its current association. 2735 The following scenarios can cause duplicated or unexpected chunks: 2737 A) The peer has crashed without being detected, re-started itself and 2738 sent out a new INIT chunk trying to restore the association, 2740 B) Both sides are trying to initialize the association at about the 2741 same time, 2743 C) The chunk is from a stale packet that was used to establish the 2744 present association or a past association that is no longer in 2745 existence, 2747 D) The chunk is a false packet generated by an attacker, or 2749 E) The peer never received the COOKIE ACK and is retransmitting its 2750 COOKIE ECHO. 2752 The rules in the following sections shall be applied in order to 2753 identify and correctly handle these cases. 2755 5.2.1 INIT received in COOKIE-WAIT or COOKIE-ECHOED State (Item B) 2757 This usually indicates an initialization collision, i.e., each 2758 endpoint is attempting, at about the same time, to establish an 2759 association with the other endpoint. 2761 Upon receipt of an INIT in the COOKIE-WAIT or COOKIE-ECHOED state, an 2762 endpoint MUST respond with an INIT ACK using the same parameters it 2763 sent in its original INIT chunk (including its Initiation Tag, 2764 unchanged). These original parameters are combined with those from 2765 the newly received INIT chunk. The endpoint shall also generate a 2766 State Cookie with the INIT ACK. The endpoint uses the parameters 2767 sent in its INIT to calculate the State Cookie. 2769 After that, the endpoint MUST NOT change its state, the T1-init timer 2770 shall be left running and the corresponding TCB MUST NOT be 2771 destroyed. The normal procedures for handling State Cookies when a 2772 TCB exists will resolve the duplicate INITs to a single association. 2774 For an endpoint that is in the COOKIE-ECHOED state it MUST populate 2775 its Tie-Tags with the Tag information of itself and its peer (see 2776 section 5.2.2 for a description of the Tie-Tags). 2778 5.2.2 Unexpected INIT in States Other than CLOSED, COOKIE-ECHOED, 2779 COOKIE-WAIT and SHUTDOWN-ACK-SENT 2781 Unless otherwise stated, upon reception of an unexpected INIT for 2782 this association, the endpoint shall generate an INIT ACK with a 2783 State Cookie. In the outbound INIT ACK the endpoint MUST copy its 2784 current Verification Tag and peer's Verification Tag into a reserved 2785 place within the state cookie. We shall refer to these locations as 2786 the Peer's-Tie-Tag and the Local-Tie-Tag. The outbound SCTP packet 2787 containing this INIT ACK MUST carry a Verification Tag value equal to 2788 the Initiation Tag found in the unexpected INIT. And the INIT ACK 2789 MUST contain a new Initiation Tag (randomly generated see Section 2790 5.3.1). Other parameters for the endpoint SHOULD be copied from the 2791 existing parameters of the association (e.g. number of outbound 2792 streams) into the INIT ACK and cookie. 2794 After sending out the INIT ACK, the endpoint shall take no further 2795 actions, i.e., the existing association, including its current state, 2796 and the corresponding TCB MUST NOT be changed. 2798 Note: Only when a TCB exists and the association is not in a COOKIE- 2799 WAIT state are the Tie-Tags populated. For a normal association INIT 2800 (i.e. the endpoint is in a COOKIE-WAIT state), the Tie-Tags MUST be 2801 set to 0 (indicating that no previous TCB existed). The INIT ACK and 2802 State Cookie are populated as specified in section 5.2.1. 2804 5.2.3 Unexpected INIT ACK 2806 If an INIT ACK is received by an endpoint in any state other than the 2807 COOKIE-WAIT state, the endpoint should discard the INIT ACK chunk. 2808 An unexpected INIT ACK usually indicates the processing of an old or 2809 duplicated INIT chunk. 2811 5.2.4 Handle a COOKIE ECHO when a TCB exists 2813 When a COOKIE ECHO chunk is received by an endpoint in any state for 2814 an existing association (i.e., not in the CLOSED state) the following 2815 rules shall be applied: 2817 1) Compute a MAC as described in Step 1 of Section 5.1.5, 2819 2) Authenticate the State Cookie as described in Step 2 of Section 2820 5.1.5 (this is case C or D above). 2822 3) Compare the timestamp in the State Cookie to the current time. If 2823 the State Cookie is older than the lifespan carried in the State 2824 Cookie and the Verification Tags contained in the State Cookie do 2825 not match the current association's Verification Tags, the packet, 2826 including the COOKIE ECHO and any DATA chunks, should be 2827 discarded. The endpoint also MUST transmit an ERROR chunk with a 2828 "Stale Cookie" error cause to the peer endpoint (this is case C or 2829 D in section 5.2). 2831 If both Verification Tags in the State Cookie match the 2832 Verification Tags of the current association, consider the State 2833 Cookie valid (this is case E of section 5.2) even if the lifespan 2834 is exceeded. 2836 4) If the State Cookie proves to be valid, unpack the TCB into a 2837 temporary TCB. 2839 5) Refer to Table 2 to determine the correct action to be taken. 2841 +------------+------------+---------------+--------------+-------------+ 2842 | Local Tag | Peer's Tag | Local-Tie-Tag |Peer's-Tie-Tag| Action/ | 2843 | | | | | Description | 2844 +------------+------------+---------------+--------------+-------------+ 2845 | X | X | M | M | (A) | 2846 +------------+------------+---------------+--------------+-------------+ 2847 | M | X | A | A | (B) | 2848 +------------+------------+---------------+--------------+-------------+ 2849 | M | 0 | A | A | (B) | 2850 +------------+------------+---------------+--------------+-------------+ 2851 | X | M | 0 | 0 | (C) | 2852 +------------+------------+---------------+--------------+-------------+ 2853 | M | M | A | A | (D) | 2854 +======================================================================+ 2855 | Table 2: Handling of a COOKIE ECHO when a TCB exists | 2856 +======================================================================+ 2858 Legend: 2860 X - Tag does not match the existing TCB 2861 M - Tag matches the existing TCB. 2862 0 - No Tie-Tag in Cookie (unknown). 2863 A - All cases, i.e. M, X or 0. 2865 Note: For any case not shown in Table 2, the cookie should be 2866 silently discarded. 2868 Action 2870 A) In this case, the peer may have restarted. When the endpoint 2871 recognizes this potential 'restart', the existing session is 2872 treated the same as if it received an ABORT followed by a new 2873 COOKIE ECHO with the following exceptions: 2875 - Any SCTP DATA Chunks MAY be retained (this is an implementation 2876 specific option). 2878 - A notification of RESTART SHOULD be sent to the ULP instead of 2879 a "COMMUNICATION LOST" notification. 2881 All the congestion control parameters (e.g., cwnd, ssthresh) 2882 related to this peer MUST be reset to their initial values (see 2883 Section 6.2.1). 2885 If the cookie indicates that a new address(es) have been added 2886 to a restarting association, then the entire cookie MUST be discarded. 2887 An ABORT MUST be sent that SHOULD include the error 'restart 2888 of an association with new addresses'. The error SHOULD list the 2889 addresses that were added to the restarting assocation. 2891 This error should also list the TLV(s) with the new address(es) 2892 that was/were not present in the old association. This would allow 2893 a true restarting association to go through a recovery procedure 2894 (if it desired) to bring back the association. 2896 After this the endpoint shall enter the ESTABLISHED state. 2898 If the endpoint is in the SHUTDOWN-ACK-SENT state and recognizes 2899 the peer has restarted (Action A), it MUST NOT setup a new 2900 association but instead resend the SHUTDOWN ACK and send an ERROR 2901 chunk with a "Cookie Received while Shutting Down" error cause to 2902 its peer. 2904 B) In this case, both sides may be attempting to start an association 2905 at about the same time but the peer endpoint started its INIT 2906 after responding to the local endpoint's INIT. Thus it may have 2907 picked a new Verification Tag not being aware of the previous Tag 2908 it had sent this endpoint. The endpoint should stay in or enter 2909 the ESTABLISHED state but it MUST update its peer's Verification 2910 Tag from the State Cookie, stop any init or cookie timers that may 2911 running and send a COOKIE ACK. 2913 C) In this case, the local endpoint's cookie has arrived late. 2914 Before it arrived, the local endpoint sent an INIT and received an 2915 INIT-ACK and finally sent a COOKIE ECHO with the peer's same tag 2916 but a new tag of its own. The cookie should be silently 2917 discarded. The endpoint SHOULD NOT change states and should leave 2918 any timers running. 2920 D) When both local and remote tags match the endpoint should always 2921 enter the ESTABLISHED state, if it has not already done so. It 2922 should stop any init or cookie timers that may be running and send 2923 a COOKIE ACK. 2925 Note: The "peer's Verification Tag" is the tag received in the 2926 Initiate Tag field of the INIT or INIT ACK chunk. 2928 5.2.4.1 An Example of an Association Restart 2930 In the following example, "A" initiates the association after a 2931 restart has occurred. Endpoint "Z" had no knowledge of the restart 2932 until the exchange (i.e. Heartbeats had not yet detected the failure 2933 of "A"). (assuming no bundling or fragmentation occurs): 2935 Endpoint A Endpoint Z 2936 <-------------- Association is established----------------------> 2937 Tag=Tag_A Tag=Tag_Z 2938 <---------------------------------------------------------------> 2939 {A crashes and restarts} 2940 {app sets up an association with Z} 2941 (build TCB) 2942 INIT [I-Tag=Tag_A' 2943 & other info] --------\ 2944 (Start T1-init timer) \ 2945 (Enter COOKIE-WAIT state) \---> (find an existing TCB 2946 compose temp TCB and Cookie_Z 2947 with Tie-Tags to previous 2948 association) 2949 /--- INIT ACK [Veri Tag=Tag_A', 2950 / I-Tag=Tag_Z', 2951 (Cancel T1-init timer) <------/ Cookie_Z[TieTags= 2952 Tag_A,Tag_Z 2953 & other info] 2954 (destroy temp TCB,leave original 2955 in place) 2956 COOKIE ECHO [Veri=Tag_Z', 2957 Cookie_Z 2958 Tie=Tag_A, 2959 Tag_Z]----------\ 2960 (Start T1-init timer) \ 2961 (Enter COOKIE-ECHOED state) \---> (Find existing association, 2962 Tie-Tags match old tags, 2963 Tags do not match i.e. 2964 case X X M M above, 2965 Announce Restart to ULP 2966 and reset association). 2967 /---- COOKIE-ACK 2968 / 2969 (Cancel T1-init timer, <-----/ 2970 Enter ESTABLISHED state) 2971 {app sends 1st user data; strm 0} 2972 DATA [TSN=initial TSN_A 2973 Strm=0,Seq=1 & user data]--\ 2974 (Start T3-rtx timer) \ 2975 \-> 2976 /----- SACK [TSN Ack=init TSN_A,Block=0] 2977 (Cancel T3-rtx timer) <------/ 2979 Figure 5: A Restart Example 2981 5.2.5 Handle Duplicate COOKIE-ACK. 2983 At any state other than COOKIE-ECHOED, an endpoint should silently 2984 discard a received COOKIE ACK chunk. 2986 5.2.6 Handle Stale COOKIE Error 2988 Receipt of an ERROR chunk with a "Stale Cookie" error cause indicates 2989 one of a number of possible events: 2991 A) That the association failed to completely setup before the State 2992 Cookie issued by the sender was processed. 2994 B) An old State Cookie was processed after setup completed. 2996 C) An old State Cookie is received from someone that the receiver is 2997 not interested in having an association with and the ABORT chunk 2998 was lost. 3000 When processing an ERROR chunk with a "Stale Cookie" error cause an 3001 endpoint should first examine if an association is in the process of 3002 being setup, i.e. the association is in the COOKIE-ECHOED state. In 3003 all cases if the association is not in the COOKIE-ECHOED state, the 3004 ERROR chunk should be silently discarded. 3006 If the association is in the COOKIE-ECHOED state, the endpoint may 3007 elect one of the following three alternatives. 3009 1) Send a new INIT chunk to the endpoint to generate a new State 3010 Cookie and re-attempt the setup procedure. 3012 2) Discard the TCB and report to the upper layer the inability to 3013 setup the association. 3015 3) Send a new INIT chunk to the endpoint, adding a Cookie 3016 Preservative parameter requesting an extension to the lifetime of 3017 the State Cookie. When calculating the time extension, an 3018 implementation SHOULD use the RTT information measured based on 3019 the previous COOKIE ECHO / ERROR exchange, and should add no more 3020 than 1 second beyond the measured RTT, due to long State Cookie 3021 lifetimes making the endpoint more subject to a replay attack. 3023 5.3 Other Initialization Issues 3024 5.3.1 Selection of Tag Value 3026 Initiate Tag values should be selected from the range of 1 to 2**32 - 3027 1. It is very important that the Initiate Tag value be randomized to 3028 help protect against "man in the middle" and "sequence number" 3029 attacks. The methods described in [RFC1750] can be used for the 3030 Initiate Tag randomization. Careful selection of Initiate Tags is 3031 also necessary to prevent old duplicate packets from previous 3032 associations being mistakenly processed as belonging to the current 3033 association. 3035 Moreover, the Verification Tag value used by either endpoint in a 3036 given association MUST NOT change during the lifetime of an 3037 association. A new Verification Tag value MUST be used each time the 3038 endpoint tears-down and then re-establishes an association to the 3039 same peer. 3041 6. User Data Transfer 3043 Data transmission MUST only happen in the ESTABLISHED, SHUTDOWN- 3044 PENDING, and SHUTDOWN-RECEIVED states. The only exception to this is 3045 that DATA chunks are allowed to be bundled with an outbound COOKIE 3046 ECHO chunk when in COOKIE-WAIT state. 3048 DATA chunks MUST only be received according to the rules below in 3049 ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-SENT. A DATA chunk received 3050 in CLOSED is out of the blue and SHOULD be handled per 8.4. A DATA 3051 chunk received in any other state SHOULD be discarded. 3053 A SACK MUST be processed in ESTABLISHED, SHUTDOWN-PENDING, and 3054 SHUTDOWN-RECEIVED. An incoming SACK MAY be processed in COOKIE- 3055 ECHOED. A SACK in the CLOSED state is out of the blue and SHOULD be 3056 processed according to the rules in 8.4. A SACK chunk received in 3057 any other state SHOULD be discarded. 3059 A SCTP receiver MUST be able to receive a minimum of 1500 bytes in 3060 one SCTP packet. This means that a SCTP endpoint MUST NOT indicate 3061 less than 1500 bytes in its Initial a_rwnd sent in the INIT or INIT 3062 ACK. 3064 For transmission efficiency, SCTP defines mechanisms for bundling of 3065 small user messages and fragmentation of large user messages. The 3066 following diagram depicts the flow of user messages through SCTP. 3068 In this section the term "data sender" refers to the endpoint that 3069 transmits a DATA chunk and the term "data receiver" refers to the 3070 endpoint that receives a DATA chunk. A data receiver will transmit 3071 SACK chunks. 3073 +--------------------------+ 3074 | User Messages | 3075 +--------------------------+ 3077 SCTP user ^ | 3078 ==================|==|======================================= 3079 | v (1) 3080 +------------------+ +--------------------+ 3081 | SCTP DATA Chunks | |SCTP Control Chunks | 3082 +------------------+ +--------------------+ 3083 ^ | ^ | 3084 | v (2) | v (2) 3085 +--------------------------+ 3086 | SCTP packets | 3087 +--------------------------+ 3088 SCTP ^ | 3089 ===========================|==|=========================== 3090 | v 3091 Connectionless Packet Transfer Service (e.g., IP) 3093 Notes: 3095 1) When converting user messages into DATA chunks, an endpoint 3096 will fragment user messages larger than the current association 3097 path MTU into multiple DATA chunks. The data receiver will 3098 normally reassemble the fragmented message from DATA chunks 3099 before delivery to the user (see Section 6.9 for details). 3101 2) Multiple DATA and control chunks may be bundled by the sender 3102 into a single SCTP packet for transmission, as long as the 3103 final size of the packet does not exceed the current path MTU. 3104 The receiver will unbundle the packet back into the original 3105 chunks. Control chunks MUST come before DATA chunks in the 3106 packet. 3108 Figure 6: Illustration of User Data Transfer 3110 The fragmentation and bundling mechanisms, as detailed in Sections 3111 6.9 and 6.10, are OPTIONAL to implement by the data sender, but they 3112 MUST be implemented by the data receiver, i.e., an endpoint MUST 3113 properly receive and process bundled or fragmented data. 3115 6.1 Transmission of DATA Chunks 3117 This document is specified as if there is a single retransmission 3118 timer per destination transport address, but implementations MAY have 3119 a retransmission timer for each DATA chunk. 3121 The following general rules MUST be applied by the data sender for 3122 transmission and/or retransmission of outbound DATA chunks: 3124 A) At any given time, the data sender MUST NOT transmit new data to 3125 any destination transport address if its peer's rwnd indicates 3126 that the peer has no buffer space (i.e. rwnd is 0, see Section 3127 6.2.1). However, regardless of the value of rwnd (including if it 3128 is 0), the data sender can always have one DATA chunk in flight to 3129 the receiver if allowed by cwnd (see rule B below). This rule 3130 allows the sender to probe for a change in rwnd that the sender 3131 missed due to the SACK having been lost in transit from the data 3132 receiver to the data sender. 3134 B) At any given time, the sender MUST NOT transmit new data to a 3135 given transport address if it has cwnd or more bytes of data 3136 outstanding to that transport address. The sender may exceed 3137 cwnd by up to (PMTU-1) bytes on a new transmission if the cwnd 3138 is not currently exceeded. 3140 C) When the time comes for the sender to transmit, before sending new 3141 DATA chunks, the sender MUST first transmit any outstanding DATA 3142 chunks which are marked for retransmission (limited by the current 3143 cwnd). 3145 D) Then, the sender can send out as many new DATA chunks as Rule A 3146 and Rule B above allow. 3148 Multiple DATA chunks committed for transmission MAY be bundled in a 3149 single packet. Furthermore, DATA chunks being retransmitted MAY be 3150 bundled with new DATA chunks, as long as the resulting packet size 3151 does not exceed the path MTU. An ULP may request that no bundling is 3152 performed but this should only turn off any delays that a SCTP 3153 implementation may be using to increase bundling efficiency. It does 3154 not in itself stop all bundling from occurring (i.e. in case of 3155 congestion or retransmission). 3157 Before an endpoint transmits a DATA chunk, if any received DATA 3158 chunks have not been acknowledged (e.g., due to delayed ack), the 3159 sender should create a SACK and bundle it with the outbound DATA 3160 chunk, as long as the size of the final SCTP packet does not exceed 3161 the current MTU. See Section 6.2. 3163 IMPLEMENTATION NOTE: When the window is full (i.e., transmission is 3164 disallowed by Rule A and/or Rule B), the sender MAY still accept send 3165 requests from its upper layer, but MUST transmit no more DATA chunks 3166 until some or all of the outstanding DATA chunks are acknowledged and 3167 transmission is allowed by Rule A and Rule B again. 3169 Whenever a transmission or retransmission is made to any address, if 3170 the T3-rtx timer of that address is not currently running, the sender 3171 MUST start that timer. If the timer for that address is already 3172 running, the sender MUST restart the timer if the earliest (i.e., 3173 lowest TSN) outstanding DATA chunk sent to that address is being 3174 retransmitted. Otherwise, the data sender MUST NOT restart the 3175 timer. 3177 When starting or restarting the T3-rtx timer, the timer value must be 3178 adjusted according to the timer rules defined in Sections 6.3.2, and 3179 6.3.3. 3181 Note: The data sender SHOULD NOT use a TSN that is more than 2**31 - 3182 1 above the beginning TSN of the current send window. 3184 6.2 Acknowledgement on Reception of DATA Chunks 3186 The SCTP endpoint MUST always acknowledge the reception of each valid 3187 DATA chunk. 3189 The guidelines on delayed acknowledgement algorithm specified in 3190 Section 4.2 of [RFC2581] SHOULD be followed. Specifically, an 3191 acknowledgement SHOULD be generated for at least every second packet 3192 (not every second DATA chunk) received, and SHOULD be generated 3193 within 200 ms of the arrival of any unacknowledged DATA chunk. In 3194 some situations it may be beneficial for an SCTP transmitter to be 3195 more conservative than the algorithms detailed in this document 3196 allow. However, an SCTP transmitter MUST NOT be more aggressive than 3197 the following algorithms allow. 3199 A SCTP receiver MUST NOT generate more than one SACK for every 3200 incoming packet, other than to update the offered window as the 3201 receiving application consumes new data. 3203 IMPLEMENTATION NOTE: The maximum delay for generating an 3204 acknowledgement may be configured by the SCTP administrator, either 3205 statically or dynamically, in order to meet the specific timing 3206 requirement of the protocol being carried. 3208 An implementation MUST NOT allow the maximum delay to be configured 3209 to be more than 500 ms. In other words an implementation MAY lower 3210 this value below 500ms but MUST NOT raise it above 500ms. 3212 Acknowledgements MUST be sent in SACK chunks unless shutdown was 3213 requested by the ULP in which case an endpoint MAY send an 3214 acknowledgement in the SHUTDOWN chunk. A SACK chunk can acknowledge 3215 the reception of multiple DATA chunks. See Section 3.3.4 for SACK 3216 chunk format. In particular, the SCTP endpoint MUST fill in the 3217 Cumulative TSN Ack field to indicate the latest sequential TSN (of a 3218 valid DATA chunk) it has received. Any received DATA chunks with TSN 3219 greater than the value in the Cumulative TSN Ack field MUST also be 3220 reported in the Gap Ack Block fields. 3222 Note: The SHUTDOWN chunk does not contain Gap Ack Block fields. 3223 Therefore, the endpoint should use a SACK instead of the SHUTDOWN 3224 chunk to acknowledge DATA chunks received out of order . 3226 When a packet arrives with duplicate DATA chunk(s) and with no new 3227 DATA chunk(s), the endpoint MUST immediately send a SACK with no 3228 delay. If a packet arrives with duplicate DATA chunk(s) bundled with 3229 new DATA chunks, the endpoint MAY immediately send a SACK. Normally 3230 receipt of duplicate DATA chunks will occur when the original SACK 3231 chunk was lost and the peer's RTO has expired. The duplicate TSN 3232 number(s) SHOULD be reported in the SACK as duplicate. 3234 When an endpoint receives a SACK, it MAY use the Duplicate TSN 3235 information to determine if SACK loss is occurring. Further use of 3236 this data is for future study. 3238 The data receiver is responsible for maintaining its receive buffers. 3239 The data receiver SHOULD notify the data sender in a timely manner of 3240 changes in its ability to receive data. How an implementation 3241 manages its receive buffers is dependent on many factors (e.g., 3242 Operating System, memory management system, amount of memory, etc.). 3243 However, the data sender strategy defined in Section 6.2.1 is based 3244 on the assumption of receiver operation similar to the following: 3246 A) At initialization of the association, the endpoint tells the 3247 peer how much receive buffer space it has allocated to the 3248 association in the INIT or INIT ACK. The endpoint sets a_rwnd 3249 to this value. 3251 B) As DATA chunks are received and buffered, decrement a_rwnd by 3252 the number of bytes received and buffered. This is, in effect, 3253 closing rwnd at the data sender and restricting the amount of 3254 data it can transmit. 3256 C) As DATA chunks are delivered to the ULP and released from the 3257 receive buffers, increment a_rwnd by the number of bytes 3258 delivered to the upper layer. This is, in effect, opening up 3259 rwnd on the data sender and allowing it to send more data. The 3260 data receiver SHOULD NOT increment a_rwnd unless it has 3261 released bytes from its receive buffer. For example, if the 3262 receiver is holding fragmented DATA chunks in a reassembly 3263 queue, it should not increment a_rwnd. 3265 D) When sending a SACK, the data receiver SHOULD place the current 3266 value of a_rwnd into the a_rwnd field. The data receiver 3267 SHOULD take into account that the data sender will not 3268 retransmit DATA chunks that are acked via the Cumulative TSN 3269 Ack (i.e., will drop from its retransmit queue). 3271 Under certain circumstances, the data receiver may need to drop DATA 3272 chunks that it has received but hasn't released from its receive 3273 buffers (i.e., delivered to the ULP). These DATA chunks may have 3274 been acked in Gap Ack Blocks. For example, the data receiver may be 3275 holding data in its receive buffers while reassembling a fragmented 3276 user message from its peer when it runs out of receive buffer space. 3277 It may drop these DATA chunks even though it has acknowledged them in 3278 Gap Ack Blocks. If a data receiver drops DATA chunks, it MUST NOT 3279 include them in Gap Ack Blocks in subsequent SACKs until they are 3280 received again via retransmission. In addition, the endpoint should 3281 take into account the dropped data when calculating its a_rwnd. 3283 An endpoint SHOULD NOT revoke a SACK and discard data. Only in 3284 extreme circumstance should an endpoint use this procedure (such as 3285 out of buffer space). The data receiver should take into account 3286 that dropping data that has been acked in Gap Ack Blocks can result 3287 in suboptimal retransmission strategies in the data sender and thus 3288 in suboptimal performance. 3290 The following example illustrates the use of delayed 3291 acknowledgements: 3293 Endpoint A Endpoint Z 3295 {App sends 3 messages; strm 0} 3296 DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 3297 (Start T3-rtx timer) 3299 DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) 3300 /------- SACK [TSN Ack=8,block=0] 3301 (cancel T3-rtx timer) <-----/ 3303 DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) 3304 (Start T3-rtx timer) 3305 ... 3306 {App sends 1 message; strm 1} 3307 (bundle SACK with DATA) 3308 /----- SACK [TSN Ack=9,block=0] \ 3309 / DATA [TSN=6,Strm=1,Seq=2] 3310 (cancel T3-rtx timer) <------/ (Start T3-rtx timer) 3312 (ack delayed) 3313 (send ack) 3314 SACK [TSN Ack=6,block=0] -------------> (cancel T3-rtx timer) 3316 Figure 7: Delayed Acknowledgment Example 3318 If an endpoint receives a DATA chunk with no user data (i.e., the 3319 Length field is set to 16) it MUST send an ABORT with error cause set 3320 to "No User Data". 3322 An endpoint SHOULD NOT send a DATA chunk with no user data part. 3324 6.2.1 Processing a Received SACK 3326 Each SACK an endpoint receives contains an a_rwnd value. This value 3327 represents the amount of buffer space the data receiver, at the time 3328 of transmitting the SACK, has left of its total receive buffer space 3329 (as specified in the INIT/INIT ACK). Using a_rwnd, Cumulative TSN 3330 Ack and Gap Ack Blocks, the data sender can develop a representation 3331 of the peer's receive buffer space. 3333 One of the problems the data sender must take into account when 3334 processing a SACK is that a SACK can be received out of order. That 3335 is, a SACK sent by the data receiver can pass an earlier SACK and be 3336 received first by the data sender. If a SACK is received out of 3337 order, the data sender can develop an incorrect view of the peer's 3338 receive buffer space. 3340 Since there is no explicit identifier that can be used to detect 3341 out-of-order SACKs, the data sender must use heuristics to determine 3342 if a SACK is new. 3344 An endpoint SHOULD use the following rules to calculate the rwnd, 3345 using the a_rwnd value, the Cumulative TSN Ack and Gap Ack Blocks in 3346 a received SACK. 3348 A) At the establishment of the association, the endpoint initializes 3349 the rwnd to the Advertised Receiver Window Credit (a_rwnd) the 3350 peer specified in the INIT or INIT ACK. 3352 B) Any time a DATA chunk is transmitted (or retransmitted) to a peer, 3353 the endpoint subtracts the data size of the chunk from the rwnd of 3354 that peer. 3356 C) Any time a DATA chunk is marked for retransmission (via either 3357 T3-rtx timer expiration (Section 6.3.3)or via fast retransmit 3358 (Section 7.2.4)), add the data size of those chunks to the rwnd. 3360 Note: If the implementation is maintaining a timer on each DATA 3361 chunk then only DATA chunks whose timer expired would be marked 3362 for retransmission. 3364 D) Any time a SACK arrives, the endpoint performs the following: 3366 i) If Cumulative TSN Ack is less than the Cumulative TSN Ack 3367 Point, then drop the SACK. Since Cumulative TSN Ack is 3368 monotonically increasing, a SACK whose Cumulative TSN Ack is 3369 less than the Cumulative TSN Ack Point indicates an out-of- 3370 order SACK. 3372 ii) Set rwnd equal to the newly received a_rwnd minus the 3373 number of bytes still outstanding after processing the 3374 Cumulative TSN Ack and the Gap Ack Blocks. 3376 iii) If the SACK is missing a TSN that was previously 3377 acknowledged via a Gap Ack Block (e.g., the data receiver 3378 reneged on the data), then mark the corresponding DATA chunk as 3379 available for retransmit: Mark it as missing for fast 3380 retransmit as described in Section 7.2.4 and if no retransmit 3381 timer is running for the destination address to which the DATA 3382 chunk was originally transmitted, then T3-rtx is started for 3383 that destination address. 3385 6.3 Management of Retransmission Timer 3387 An SCTP endpoint uses a retransmission timer T3-rtx to ensure data 3388 delivery in the absence of any feedback from its peer. The duration 3389 of this timer is referred to as RTO (retransmission timeout). 3391 When an endpoint's peer is multi-homed, the endpoint will calculate a 3392 separate RTO for each different destination transport address of its 3393 peer endpoint. 3395 The computation and management of RTO in SCTP follows closely how TCP 3396 manages its retransmission timer. To compute the current RTO, an 3397 endpoint maintains two state variables per destination transport 3398 address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time 3399 variation). 3401 6.3.1 RTO Calculation 3403 The rules governing the computation of SRTT, RTTVAR, and RTO are as 3404 follows: 3406 C1) Until an RTT measurement has been made for a packet sent to the 3407 given destination transport address, set RTO to the protocol 3408 parameter 'RTO.Initial'. 3410 C2) When the first RTT measurement R is made, set SRTT <- R, RTTVAR 3411 <- R/2, and RTO <- SRTT + 4 * RTTVAR. 3413 C3) When a new RTT measurement R' is made, set 3415 RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| SRTT 3416 <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 3418 Note: The value of SRTT used in the update to RTTVAR is its value 3419 before updating SRTT itself using the second assignment. 3421 After the computation, update RTO <- SRTT + 4 * RTTVAR. 3423 C4) When data is in flight and when allowed by rule C5 below, a new 3424 RTT measurement MUST be made each round trip. Furthermore, new 3425 RTT measurements SHOULD be made no more than once per round-trip 3426 for a given destination transport address. There are two reasons 3427 for this recommendation: First, it appears that measuring more 3428 frequently often does not in practice yield any significant 3429 benefit [ALLMAN99]; second, if measurements are made more often, 3430 then the values of RTO.Alpha and RTO.Beta in rule C3 above should 3431 be adjusted so that SRTT and RTTVAR still adjust to changes at 3432 roughly the same rate (in terms of how many round trips it takes 3433 them to reflect new values) as they would if making only one 3434 measurement per round-trip and using RTO.Alpha and RTO.Beta as 3435 given in rule C3. However, the exact nature of these adjustments 3436 remains a research issue. 3438 C5) Karn's algorithm: RTT measurements MUST NOT be made using packets 3439 that were retransmitted (and thus for which it is ambiguous 3440 whether the reply was for the first instance of the packet or a 3441 later instance). 3443 C6) Whenever RTO is computed, if it is less than RTO.Min seconds then 3444 it is rounded up to RTO.Min seconds. The reason for this rule is 3445 that RTOs that do not have a high minimum value are susceptible 3446 to unnecessary timeouts [ALLMAN99]. 3448 C7) A maximum value may be placed on RTO provided it is at least 3449 RTO.max seconds. 3451 There is no requirement for the clock granularity G used for 3452 computing RTT measurements and the different state variables, other 3453 than: 3455 G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust RTTVAR <- 3456 G. 3458 Experience [ALLMAN99] has shown that finer clock granularities (<= 3459 100 msec) perform somewhat better than more coarse granularities. 3461 6.3.2 Retransmission Timer Rules 3463 The rules for managing the retransmission timer are as follows: 3465 R1) Every time a DATA chunk is sent to any address (including a 3466 retransmission), if the T3-rtx timer of that address is not 3467 running, start it running so that it will expire after the RTO of 3468 that address. The RTO used here is that obtained after any 3469 doubling due to previous T3-rtx timer expirations on the 3470 corresponding destination address as discussed in rule E2 below. 3472 R2) Whenever all outstanding data sent to an address have been 3473 acknowledged, turn off the T3-rtx timer of that address. 3475 R3) Whenever a SACK is received that acknowledges the DATA chunk with 3476 the earliest outstanding TSN for that address, restart T3-rtx 3477 timer for that address with its current RTO (if there is still 3478 outstanding data on that address). 3480 R4) Whenever a SACK is received missing a TSN that was previously 3481 acknowledged via a Gap Ack Block, start T3-rtx for the 3482 destination address to which the DATA chunk was originally 3483 transmitted if it is not already running. 3485 The following example shows the use of various timer rules (assuming 3486 the receiver uses delayed acks). 3488 Endpoint A Endpoint Z 3489 {App begins to send} 3490 Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 3491 (Start T3-rtx timer) 3492 {App sends 1 message; strm 1} 3493 (bundle ack with data) 3494 DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN Ack=7,Block=0] 3495 \ / DATA [TSN=6,Strm=1,Seq=2] 3496 \ / (Start T3-rtx timer) 3497 \ 3498 / \ 3499 (Re-start T3-rtx timer) <------/ \--> (ack delayed) 3500 (ack delayed) 3501 {send ack} 3502 SACK [TSN Ack=6,Block=0] --------------> (Cancel T3-rtx timer) 3503 .. 3504 (send ack) 3505 (Cancel T3-rtx timer) <-------------- SACK [TSN Ack=8,Block=0] 3507 Figure 8 - Timer Rule Examples 3509 6.3.3 Handle T3-rtx Expiration 3511 Whenever the retransmission timer T3-rtx expires for a destination 3512 address, do the following: 3514 E1) For the destination address for which the timer expires, adjust 3515 its ssthresh with rules defined in Section 7.2.3 and set the cwnd 3516 <- MTU. 3518 E2) For the destination address for which the timer expires, set RTO 3519 <- RTO * 2 ("back off the timer"). The maximum value discussed 3520 in rule C7 above (RTO.max) may be used to provide an upper bound 3521 to this doubling operation. 3523 E3) Determine how many of the earliest (i.e., lowest TSN) outstanding 3524 DATA chunks for the address for which the T3-rtx has expired will 3525 fit into a single packet, subject to the MTU constraint for the 3526 path corresponding to the destination transport address to which 3527 the retransmission is being sent (this may be different from the 3528 address for which the timer expires [see Section 6.4]). Call 3529 this value K. Bundle and retransmit those K DATA chunks in a 3530 single packet to the destination endpoint. 3532 E4) Start the retransmission timer T3-rtx on the destination address 3533 to which the retransmission is sent, if rule R1 above indicates 3534 to do so. The RTO to be used for starting T3-rtx should be the 3535 one for the destination address to which the retransmission is 3536 sent, which, when the receiver is multi-homed, may be different 3537 from the destination address for which the timer expired (see 3538 Section 6.4 below). 3540 After retransmitting, once a new RTT measurement is obtained (which 3541 can happen only when new data has been sent and acknowledged, per 3542 rule C5, or for a measurement made from a HEARTBEAT [see Section 3543 8.3]), the computation in rule C3 is performed, including the 3544 computation of RTO, which may result in "collapsing" RTO back down 3545 after it has been subject to doubling (rule E2). 3547 Note: Any DATA chunks that were sent to the address for which the 3548 T3-rtx timer expired but did not fit in one MTU (rule E3 above), 3549 should be marked for retransmission and sent as soon as cwnd allows 3550 (normally when a SACK arrives). 3552 The final rule for managing the retransmission timer concerns 3553 failover (see Section 6.4.1): 3555 F1) Whenever an endpoint switches from the current destination 3556 transport address to a different one, the current retransmission 3557 timers are left running. As soon as the endpoint transmits a 3558 packet containing DATA chunk(s) to the new transport address, 3559 start the timer on that transport address, using the RTO value of 3560 the destination address to which the data is being sent, if rule 3561 R1 indicates to do so. 3563 6.4 Multi-homed SCTP Endpoints 3565 An SCTP endpoint is considered multi-homed if there are more than one 3566 transport address that can be used as a destination address to reach 3567 that endpoint. 3569 Moreover, the ULP of an endpoint shall select one of the multiple 3570 destination addresses of a multi-homed peer endpoint as the primary 3571 path (see Sections 5.1.2 and 10.1 for details). 3573 By default, an endpoint SHOULD always transmit to the primary path, 3574 unless the SCTP user explicitly specifies the destination transport 3575 address (and possibly source transport address) to use. 3576 An endpoint SHOULD transmit reply chunks (e.g., SACK, HEARTBEAT ACK, 3577 etc.) to the same destination transport address from which it 3578 received the DATA or control chunk to which it is replying. This 3579 rule should also be followed if the endpoint is bundling DATA chunks 3580 together with the reply chunk. 3582 However, when acknowledging multiple DATA chunks received in packets 3583 from different source addresses in a single SACK, the SACK chunk may 3584 be transmitted to one of the destination transport addresses from 3585 which the DATA or control chunks being acknowledged were received. 3587 When a receiver of a duplicate DATA chunk sends a SACK to a multi- 3588 homed endpoint it MAY be beneficial to vary the destination address 3589 and not use the source address of the DATA chunk. The reason being 3590 that receiving a duplicate from a multi-homed endpoint might indicate 3591 that the return path (as specified in the source address of the DATA 3592 chunk) for the SACK is broken. 3594 Furthermore, when its peer is multi-homed, an endpoint SHOULD try to 3595 retransmit a chunk to an active destination transport address that is 3596 different from the last destination address to which the DATA chunk 3597 was sent. 3599 Retransmissions do not affect the total outstanding data count. 3600 However, if the DATA chunk is retransmitted onto a different 3601 destination address, both the outstanding data counts on the new 3602 destination address and the old destination address to which the data 3603 chunk was last sent shall be adjusted accordingly. 3605 6.4.1 Failover from Inactive Destination Address 3607 Some of the transport addresses of a multi-homed SCTP endpoint may 3608 become inactive due to either the occurrence of certain error 3609 conditions (see Section 8.2) or adjustments from SCTP user. 3611 When there is outbound data to send and the primary path becomes 3612 inactive (e.g., due to failures), or where the SCTP user explicitly 3613 requests to send data to an inactive destination transport address, 3614 before reporting an error to its ULP, the SCTP endpoint should try to 3615 send the data to an alternate active destination transport address if 3616 one exists. 3618 When retransmitting data, if the endpoint is multi-homed, it should 3619 consider each source-destination address pair in its retransmission 3620 selection policy. When retransmitting the endpoint should attempt to 3621 pick the most divergent source-destination pair from the original 3622 source-destination pair to which the packet was transmitted. 3624 Note: Rules for picking the most divergent source-destination pair 3625 are an implementation decision and is not specified within this 3626 document. 3628 6.5 Stream Identifier and Stream Sequence Number 3630 Every DATA chunk MUST carry a valid stream identifier. If an 3631 endpoint receives a DATA chunk with an invalid stream identifier, it 3632 shall acknowledge the reception of the DATA chunk following the 3633 normal procedure, immediately send an ERROR chunk with cause set to 3634 "Invalid Stream Identifier" (see Section 3.3.10) and discard the DATA 3635 chunk. The endpoint may bundle the ERROR chunk in the same packet as 3636 the SACK as long as the ERROR follows the SACK. 3638 The stream sequence number in all the streams shall start from 0 when 3639 the association is established. Also, when the stream sequence 3640 number reaches the value 65535 the next stream sequence number shall 3641 be set to 0. 3643 6.6 Ordered and Unordered Delivery 3645 Within a stream, an endpoint MUST deliver DATA chunks received with 3646 the U flag set to 0 to the upper layer according to the order of 3647 their stream sequence number. If DATA chunks arrive out of order of 3648 their stream sequence number, the endpoint MUST hold the received 3649 DATA chunks from delivery to the ULP until they are re-ordered. 3651 However, an SCTP endpoint can indicate that no ordered delivery is 3652 required for a particular DATA chunk transmitted within the stream by 3653 setting the U flag of the DATA chunk to 1. 3655 When an endpoint receives a DATA chunk with the U flag set to 1, it 3656 must bypass the ordering mechanism and immediately deliver the data 3657 to the upper layer (after re-assembly if the user data is fragmented 3658 by the data sender). 3660 This provides an effective way of transmitting "out-of-band" data in 3661 a given stream. Also, a stream can be used as an "unordered" stream 3662 by simply setting the U flag to 1 in all DATA chunks sent through 3663 that stream. 3665 IMPLEMENTATION NOTE: When sending an unordered DATA chunk, an 3666 implementation may choose to place the DATA chunk in an outbound 3667 packet that is at the head of the outbound transmission queue if 3668 possible. 3670 The 'Stream Sequence Number' field in a DATA chunk with U flag set to 3671 1 has no significance. The sender can fill it with arbitrary value, 3672 but the receiver MUST ignore the field. 3674 Note: When transmitting ordered and unordered data, an endpoint does 3675 not increment its Stream Sequence Number when transmitting a DATA 3676 chunk with U flag set to 1. 3678 6.7 Report Gaps in Received DATA TSNs 3680 Upon the reception of a new DATA chunk, an endpoint shall examine the 3681 continuity of the TSNs received. If the endpoint detects a gap in 3682 the received DATA chunk sequence, it SHOULD send a SACK with Gap Ack 3683 Blocks immediately. The data receiver continues sending a SACK after 3684 receipt of each SCTP packet that doesn't fill the gap. 3686 Based on the Gap Ack Block from the received SACK, the endpoint can 3687 calculate the missing DATA chunks and make decisions on whether to 3688 retransmit them (see Section 6.2.1 for details). 3690 Multiple gaps can be reported in one single SACK (see Section 3.3.4). 3692 When its peer is multi-homed, the SCTP endpoint SHOULD always try to 3693 send the SACK to the same destination address from which the last 3694 DATA chunk was received. 3696 Upon the reception of a SACK, the endpoint MUST remove all DATA 3697 chunks which have been acknowledged by the SACK's Cumulative TSN Ack 3698 from its transmit queue. The endpoint MUST also treat all the DATA 3699 chunks with TSNs not included in the Gap Ack Blocks reported by the 3700 SACK as "missing". The number of "missing" reports for each 3701 outstanding DATA chunk MUST be recorded by the data sender in order 3702 to make retransmission decisions. See Section 7.2.4 for details. 3704 The following example shows the use of SACK to report a gap. 3706 Endpoint A Endpoint Z 3707 {App sends 3 messages; strm 0} 3708 DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) 3709 (Start T3-rtx timer) 3711 DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) 3713 DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, 3714 immediately send ack) 3715 /----- SACK [TSN Ack=6,Block=1, 3716 / Strt=2,End=2] 3717 <-----/ 3718 (remove 6 from out-queue, 3719 and mark 7 as "1" missing report) 3721 Figure 9 - Reporting a Gap using SACK 3723 The maximum number of Gap Ack Blocks that can be reported within a 3724 single SACK chunk is limited by the current path MTU. When a single 3725 SACK can not cover all the Gap Ack Blocks needed to be reported due 3726 to the MTU limitation, the endpoint MUST send only one SACK, 3727 reporting the Gap Ack Blocks from the lowest to highest TSNs, within 3728 the size limit set by the MTU, and leave the remaining highest TSN 3729 numbers unacknowledged. 3731 6.8 Fletcher-32 Checksum Calculation 3733 When sending an SCTP packet, the endpoint MUST strengthen the data 3734 integrity of the transmission by including the Fletcher-16 checksum 3735 value calculated on the packet, as described below. 3737 After the packet is constructed (containing the SCTP common header 3738 and one or more control or DATA chunks), the transmitter shall: 3740 1) Fill in the proper Verification Tag in the SCTP common header and 3741 initialize the checksum field to 0's. 3743 2) Calculate the Fletcher-16 checksum of the whole packet, including the 3744 SCTP common header and all the chunks. Refer to appendix B for 3745 details of the Fletcher-16 algorithm. And, 3747 3) Put the resultant value into the checksum field in the common 3748 header, and leave the rest of the bits unchanged. 3750 When an SCTP packet is received, the receiver MUST first check the 3751 Fletcher-16 checksum: 3753 1) Store the received Fletcher-16 checksum value aside, 3755 2) Replace the 32 bits of the checksum field in the received SCTP 3756 packet with all '0's and calculate an Fletcher-16 checksum value of 3757 the whole received packet. And, 3759 3) Verify that the calculated Fletcher-16 checksum is the same as the 3760 received Fletcher-16 checksum. If not, the receiver MUST treat the 3761 packet as an invalid SCTP packet. 3763 The default procedure for handling invalid SCTP packets is to 3764 silently discard them. 3766 6.9 Fragmentation and Reassembly 3768 An endpoint MAY support fragmentation when sending DATA chunks, but 3769 MUST support reassembly when receiving DATA chunks. If an endpoint 3770 supports fragmentation, it MUST fragment a user message if the size 3771 of the user message to be sent causes the outbound SCTP packet size 3772 to exceed the current MTU. If an implementation does not support 3773 fragmentation of outbound user messages, the endpoint must return an 3774 error to its upper layer and not attempt to send the user message. 3776 IMPLEMENTATION NOTE: In this error case, the Send primitive 3777 discussed in Section 10.1 would need to return an error to the upper 3778 layer. 3780 If its peer is multi-homed, the endpoint shall choose a size no 3781 larger than the association Path MTU. The association Path MTU is 3782 the smallest Path MTU of all destination addresses. 3784 Note: Once a message is fragmented it cannot be re-fragmented. 3785 Instead if the PMTU has been reduced, then IP fragmentation must be 3786 used. Please see Section 7.3 for details of PMTU discovery. 3788 When determining when to fragment, the SCTP implementation MUST take 3789 into account the SCTP packet header as well as the DATA chunk 3790 header(s). The implementation MUST also take into account the space 3791 required for a SACK chunk if bundling a SACK chunk with the DATA 3792 chunk. 3794 Fragmentation takes the following steps: 3796 1) The data sender MUST break the user message into a series of DATA 3797 chunks such that each chunk plus SCTP overhead fits into an IP 3798 datagram smaller than or equal to the association Path MTU. 3800 2) The transmitter MUST then assign, in sequence, a separate TSN to 3801 each of the DATA chunks in the series. The transmitter assigns 3802 the same SSN to each of the DATA chunks. If the user indicates 3803 that the user message is to be delivered using unordered delivery, 3804 then the U flag of each DATA chunk of the user message MUST be set 3805 to 1. 3807 3) The transmitter MUST also set the B/E bits of the first DATA chunk 3808 in the series to '10', the B/E bits of the last DATA chunk in the 3809 series to '01', and the B/E bits of all other DATA chunks in the 3810 series to '00'. 3812 An endpoint MUST recognize fragmented DATA chunks by examining the 3813 B/E bits in each of the received DATA chunks, and queue the 3814 fragmented DATA chunks for re-assembly. Once the user message is 3815 reassembled, SCTP shall pass the re-assembled user message to the 3816 specific stream for possible re-ordering and final dispatching. 3818 Note: If the data receiver runs out of buffer space while still 3819 waiting for more fragments to complete the re-assembly of the 3820 message, it should dispatch part of its inbound message through a 3821 partial delivery API (see Section 10), freeing some of its receive 3822 buffer space so that the rest of the message may be received. 3824 6.10 Bundling 3826 An endpoint bundles chunks by simply including multiple chunks in one 3827 outbound SCTP packet. The total size of the resultant IP datagram, 3828 including the SCTP packet and IP headers, MUST be less or equal to 3829 the current Path MTU. 3831 If its peer endpoint is multi-homed, the sending endpoint shall 3832 choose a size no larger than the latest MTU of the current primary 3833 path. 3835 When bundling control chunks with DATA chunks, an endpoint MUST place 3836 control chunks first in the outbound SCTP packet. The transmitter 3837 MUST transmit DATA chunks within a SCTP packet in increasing order of 3838 TSN. 3840 Note: Since control chunks must be placed first in a packet and 3841 since DATA chunks must be transmitted before SHUTDOWN or SHUTDOWN ACK 3842 chunks, DATA chunks cannot be bundled with SHUTDOWN or SHUTDOWN ACK 3843 chunks. 3845 Partial chunks MUST NOT be placed in an SCTP packet. 3847 An endpoint MUST process received chunks in their order in the 3848 packet. The receiver uses the chunk length field to determine the end 3849 of a chunk and beginning of the next chunk taking account of the fact 3850 that all chunks end on a 4 byte boundary. If the receiver detects a 3851 partial chunk, it MUST drop the chunk. 3853 An endpoint MUST NOT bundle INIT, INIT ACK or SHUTDOWN COMPLETE with 3854 any other chunks. 3856 7. Congestion control 3858 Congestion control is one of the basic functions in SCTP. For some 3859 applications, it may be likely that adequate resources will be 3860 allocated to SCTP traffic to assure prompt delivery of time-critical 3861 data - thus it would appear to be unlikely, during normal operations, 3862 that transmissions encounter severe congestion conditions. However 3863 SCTP must operate under adverse operational conditions, which can 3864 develop upon partial network failures or unexpected traffic surges. 3865 In such situations SCTP must follow correct congestion control steps 3866 to recover from congestion quickly in order to get data delivered as 3867 soon as possible. In the absence of network congestion, these 3868 preventive congestion control algorithms should show no impact on the 3869 protocol performance. 3871 IMPLEMENTATION NOTE: As far as its specific performance requirements 3872 are met, an implementation is always allowed to adopt a more 3873 conservative congestion control algorithm than the one defined below. 3875 The congestion control algorithms used by SCTP are based on 3876 [RFC2581]. This section describes how the algorithms defined in 3877 RFC2581 are adapted for use in SCTP. We first list differences in 3878 protocol designs between TCP and SCTP, and then describe SCTP's 3879 congestion control scheme. The description will use the same 3880 terminology as in TCP congestion control whenever appropriate. 3882 SCTP congestion control is always applied to the entire association, 3883 and not to individual streams. 3885 7.1 SCTP Differences from TCP Congestion control 3887 Gap Ack Blocks in the SCTP SACK carry the same semantic meaning as 3888 the TCP SACK. TCP considers the information carried in the SACK as 3889 advisory information only. SCTP considers the information carried in 3890 the Gap Ack Blocks in the SACK chunk as advisory. In SCTP, any DATA 3891 chunk that has been acknowledged by SACK, including DATA that arrived 3892 at the receiving end out of order, are not considered fully delivered 3893 until the Cumulative TSN Ack Point passes the TSN of the DATA chunk 3894 (i.e., the DATA chunk has been acknowledged by the Cumulative TSN Ack 3895 field in the SACK). Consequently, the value of cwnd controls the 3896 amount of outstanding data, rather than (as in the case of non-SACK 3897 TCP) the upper bound between the highest acknowledged sequence number 3898 and the latest DATA chunk that can be sent within the congestion 3899 window. SCTP SACK leads to different implementations of fast- 3900 retransmit and fast-recovery than non-SACK TCP. As an example see 3901 [FALL96]. 3903 The biggest difference between SCTP and TCP, however, is multi- 3904 homing. SCTP is designed to establish robust communication 3905 associations between two endpoints each of which may be reachable by 3906 more than one transport address. Potentially different addresses may 3907 lead to different data paths between the two endpoints, thus ideally 3908 one may need a separate set of congestion control parameters for each 3909 of the paths. The treatment here of congestion control for multi- 3910 homed receivers is new with SCTP and may require refinement in the 3911 future. The current algorithms make the following assumptions: 3913 o The sender usually uses the same destination address until being 3914 instructed by the upper layer otherwise; however, SCTP may change 3915 to an alternate destination in the event an address is marked 3916 inactive (see Section 8.2). Also, SCTP may retransmit to a 3917 different transport address than the original transmission. 3919 o The sender keeps a separate congestion control parameter set for 3920 each of the destination addresses it can send to (not each 3921 source-destination pair but for each destination). The parameters 3922 should decay if the address is not used for a long enough time 3923 period. 3925 o For each of the destination addresses, an endpoint does slow-start 3926 upon the first transmission to that address. 3928 Note: TCP guarantees in-sequence delivery of data to its upper-layer 3929 protocol within a single TCP session. This means that when TCP 3930 notices a gap in the received sequence number, it waits until the gap 3931 is filled before delivering the data that was received with sequence 3932 numbers higher than that of the missing data. On the other hand, 3933 SCTP can deliver data to its upper-layer protocol even if there is a 3934 gap in TSN if the Stream Sequence Numbers are in sequence for a 3935 particular stream (i.e., the missing DATA chunks are for a different 3936 stream) or if unordered delivery is indicated. Although this does 3937 not affect cwnd, it might affect rwnd calculation. 3939 7.2 SCTP Slow-Start and Congestion Avoidance 3941 The slow start and congestion avoidance algorithms MUST be used by an 3942 endpoint to control the amount of data being injected into the 3943 network. The congestion control in SCTP is employed in regard to the 3944 association, not to an individual stream. In some situations it may 3945 be beneficial for an SCTP sender to be more conservative than the 3946 algorithms allow; however, an SCTP sender MUST NOT be more aggressive 3947 than the following algorithms allow. 3949 Like TCP, an SCTP endpoint uses the following three control variables 3950 to regulate its transmission rate. 3952 o Receiver advertised window size (rwnd, in bytes), which is set by 3953 the receiver based on its available buffer space for incoming 3954 packets. 3956 Note: This variable is kept on the entire association. 3958 o Congestion control window (cwnd, in bytes), which is adjusted by 3959 the sender based on observed network conditions. 3961 Note: This variable is maintained on a per-destination address 3962 basis. 3964 o Slow-start threshold (ssthresh, in bytes), which is used by the 3965 sender to distinguish slow start and congestion avoidance phases. 3967 Note: This variable is maintained on a per-destination address 3968 basis. 3970 SCTP also requires one additional control variable, 3971 partial_bytes_acked, which is used during congestion avoidance phase 3972 to facilitate cwnd adjustment. 3974 Unlike TCP, an SCTP sender MUST keep a set of these control variables 3975 cwnd, ssthresh and partial_bytes_acked for EACH destination address 3976 of its peer (when its peer is multi-homed). Only one rwnd is kept 3977 for the whole association (no matter if the peer is multi-homed or 3978 has a single address). 3980 7.2.1 Slow-Start 3982 Beginning data transmission into a network with unknown conditions or 3983 after a sufficiently long idle period requires SCTP to probe the 3984 network to determine the available capacity. The slow start 3985 algorithm is used for this purpose at the beginning of a transfer, or 3986 after repairing loss detected by the retransmission timer. 3988 o The initial cwnd before DATA transmission or after a sufficiently 3989 long idle period MUST be <= 2*MTU. 3991 o The initial cwnd after a retransmission timeout MUST be no more 3992 than 1*MTU. 3994 o The initial value of ssthresh MAY be arbitrarily high (for 3995 example, implementations MAY use the size of the receiver 3996 advertised window). 3998 o Whenever cwnd is greater than zero, the endpoint is allowed to 3999 have cwnd bytes of data outstanding on that transport address. 4001 o When cwnd is less than or equal to ssthresh an SCTP endpoint MUST 4002 use the slow start algorithm to increase cwnd (assuming the 4003 current congestion window is being fully utilized). If an 4004 incoming SACK advances the Cumulative TSN Ack Point, cwnd MUST be 4005 increased by at most the lesser of 1) the total size of the 4006 previously outstanding DATA chunk(s) acknowledged, and 2) the 4007 destination's path MTU. This protects against the ACK-Splitting 4008 attack outlined in [SAVAGE99]. 4010 In instances where its peer endpoint is multi-homed, if an endpoint 4011 receives a SACK that advances its Cumulative TSN Ack Point, then it 4012 should update its cwnd (or cwnds) apportioned to the destination 4013 addresses to which it transmitted the acknowledged data. However if 4014 the received SACK does not advance the Cumulative TSN Ack Point, the 4015 endpoint MUST NOT adjust the cwnd of any of the destination 4016 addresses. 4018 Because an endpoint's cwnd is not tied to its Cumulative TSN Ack 4019 Point, as duplicate SACKs come in, even though they may not advance 4020 the Cumulative TSN Ack Point an endpoint can still use them to clock 4021 out new data. That is, the data newly acknowledged by the SACK 4022 diminishes the amount of data now in flight to less than cwnd; and so 4023 the current, unchanged value of cwnd now allows new data to be sent. 4024 On the other hand, the increase of cwnd must be tied to the 4025 Cumulative TSN Ack Point advancement as specified above. Otherwise 4026 the duplicate SACKs will not only clock out new data, but also will 4027 adversely clock out more new data than what has just left the 4028 network, during a time of possible congestion. 4030 o When the endpoint does not transmit data on a given transport 4031 address, the cwnd of the transport address should be adjusted to 4032 max(cwnd/2, 2*MTU) per RTO. 4034 7.2.2 Congestion Avoidance 4036 When cwnd is greater than ssthresh, cwnd should be incremented by 4037 1*MTU per RTT if the sender has cwnd or more bytes of data 4038 outstanding for the corresponding transport address. 4040 In practice an implementation can achieve this goal in the following 4041 way: 4043 o partial_bytes_acked is initialized to 0. 4045 o Whenever cwnd is greater than ssthresh, upon each SACK arrival 4046 that advances the Cumulative TSN Ack Point, increase 4047 partial_bytes_acked by the total number of bytes of all new chunks 4048 acknowledged in that SACK including chunks acknowledged by the new 4049 Cumulative TSN Ack and by Gap Ack Blocks. 4051 o When partial_bytes_acked is equal to or greater than cwnd and 4052 before the arrival of the SACK the sender had cwnd or more bytes 4053 of data outstanding (i.e., before arrival of the SACK, flightsize 4054 was greater than or equal to cwnd), increase cwnd by MTU, and 4055 reset partial_bytes_acked to (partial_bytes_acked - cwnd). 4057 o Same as in the slow start, when the sender does not transmit DATA 4058 on a given transport address, the cwnd of the transport address 4059 should be adjusted to max(cwnd / 2, 2*MTU) per RTO. 4061 o When all of the data transmitted by the sender has been 4062 acknowledged by the receiver, partial_bytes_acked is initialized 4063 to 0. 4065 7.2.3 Congestion Control 4067 Upon detection of packet losses from SACK (see Section 7.2.4), An 4068 endpoint should do the following: 4070 ssthresh = max(cwnd/2, 2*MTU) 4071 cwnd = ssthresh 4073 Basically, a packet loss causes cwnd to be cut in half. 4075 When the T3-rtx timer expires on an address, SCTP should perform slow 4076 start by: 4078 ssthresh = max(cwnd/2, 2*MTU) 4079 cwnd = 1*MTU 4081 and assure that no more than one SCTP packet will be in flight for 4082 that address until the endpoint receives acknowledgement for 4083 successful delivery of data to that address. 4085 7.2.4 Fast Retransmit on Gap Reports 4087 In the absence of data loss, an endpoint performs delayed 4088 acknowledgement. However, whenever an endpoint notices a hole in the 4089 arriving TSN sequence, it SHOULD start sending a SACK back every time 4090 a packet arrives carrying data until the hole is filled. 4092 Whenever an endpoint receives a SACK that indicates some TSN(s) 4093 missing, it SHOULD wait for 3 further miss indications (via 4094 subsequent SACK's) on the same TSN(s) before taking action with 4095 regard to Fast Retransmit. 4097 When the TSN(s) is reported as missing in the fourth consecutive 4098 SACK, the data sender shall: 4100 1) Mark the missing DATA chunk(s) for retransmission, 4102 2) Adjust the ssthresh and cwnd of the destination address(es) to 4103 which the missing DATA chunks were last sent, according to the 4104 formula described in Section 7.2.3. 4106 3) Determine how many of the earliest (i.e., lowest TSN) DATA chunks 4107 marked for retransmission will fit into a single packet, subject 4108 to constraint of the path MTU of the destination transport address 4109 to which the packet is being sent. Call this value K. Retransmit 4110 those K DATA chunks in a single packet. When a Fast Retransmit 4111 is being performed the sender SHOULD ignore the value of cwnd and 4112 SHOULD NOT delay retransmission. 4114 4) Restart T3-rtx timer only if the last SACK acknowledged the lowest 4115 outstanding TSN number sent to that address, or the endpoint is 4116 retransmitting the first outstanding DATA chunk sent to that 4117 address. 4119 5) Mark the DATA chunk(s) as being fast retransmitted and thus 4120 ineligible for a subsequent fast retransmit until after the 4121 T3-rxt timer expires. 4123 Note: Before the above adjustments, if the received SACK also 4124 acknowledges new DATA chunks and advances the Cumulative TSN Ack 4125 Point, the cwnd adjustment rules defined in Sections 7.2.1 and 7.2.2 4126 must be applied first. 4128 A straightforward implementation of the above keeps a counter for 4129 each TSN hole reported by a SACK. The counter increments for each 4130 consecutive SACK reporting the TSN hole. After reaching 4 and 4131 starting the fast retransmit procedure, the counter resets to 0. 4132 Because cwnd in SCTP indirectly bounds the number of outstanding 4133 TSN's, the effect of TCP fast-recovery is achieved automatically with 4134 no adjustment to the congestion control window size. 4136 Upon acknowledgement of a DATA chunk that has been fast retransmitted, 4137 the protocol parameter 'Max.Burst' MUST be applied to limit 4138 how many SCTP packets may be sent upon the completion of SACK 4139 processing. 4141 7.3 Path MTU Discovery 4143 [RFC1191] specifies "Path MTU Discovery", whereby an endpoint 4144 maintains an estimate of the maximum transmission unit (MTU) along a 4145 given Internet path and refrains from sending packets along that path 4146 which exceed the MTU, other than occasional attempts to probe for a 4147 change in the Path MTU (PMTU). RFC 1191 is thorough in its 4148 discussion of the MTU discovery mechanism and strategies for 4149 determining the current end-to-end MTU setting as well as detecting 4150 changes in this value. [RFC1981] specifies the same mechanisms for 4151 IPv6. An SCTP sender using IPv6 MUST use Path MTU Discovery unless 4152 all packets are less than the minimum IPv6 MTU [RFC2460]. 4154 An endpoint SHOULD apply these techniques, and SHOULD do so on a 4155 per-destination-address basis. 4157 There are 4 ways in which SCTP differs from the description in RFC 4158 1191 of applying MTU discovery to TCP: 4160 1) SCTP associations can span multiple addresses. An endpoint MUST 4161 maintain separate MTU estimates for each destination address of 4162 its peer. 4164 2) Elsewhere in this document, when the term "MTU" is discussed, it 4165 refers to the MTU associated with the destination address 4166 corresponding to the context of the discussion. 4168 3) Unlike TCP, SCTP does not have a notion of "Maximum Segment Size". 4169 Accordingly, the MTU for each destination address SHOULD be 4170 initialized to a value no larger than the link MTU for the local 4171 interface to which packets for that remote destination address 4172 will be routed. 4174 4) Since data transmission in SCTP is naturally structured in terms 4175 of TSNs rather than bytes (as is the case for TCP), the discussion 4176 in Section 6.5 of RFC 1191 applies: When retransmitting an IP 4177 datagram to a remote address for which the IP datagram appears too 4178 large for the path MTU to that address, the IP datagram SHOULD be 4179 retransmitted without the DF bit set, allowing it to possibly be 4180 fragmented. Transmissions of new IP datagrams MUST have DF set. 4182 5) The sender should track an association PMTU which will be the 4183 smallest PMTU discovered for all of the peer's destination 4184 addresses. When fragmenting messages into multiple parts this 4185 association PMTU should be used to calculate the size of each 4186 fragment. This will allow retransmissions to be seamlessly sent 4187 to an alternate address without encountering IP fragmentation. 4189 Other than these differences, the discussion of TCP's use of MTU 4190 discovery in RFCs 1191 and 1981 applies to SCTP on a per- 4191 destination-address basis. 4193 Note: For IPv6 destination addresses the DF bit does not exist, 4194 instead the IP datagram must be fragmented as described in [RFC2460]. 4196 8. Fault Management 4198 8.1 Endpoint Failure Detection 4200 An endpoint shall keep a counter on the total number of consecutive 4201 retransmissions to its peer (including retransmissions to all the 4202 destination transport addresses of the peer if it is multi-homed, 4203 and unacknowledged HEARTBEAT Chunks). If the value of this counter 4204 exceeds the limit indicated in the protocol parameter 4205 'Association.Max.Retrans', the endpoint shall consider the peer 4206 endpoint unreachable and shall stop transmitting any more data to it 4207 (and thus the association enters the CLOSED state). In addition, 4208 the endpoint shall report the failure to the upper layer, and 4209 optionally report back all outstanding user data remaining in its 4210 outbound queue. The association is automatically closed when the 4211 peer endpoint becomes unreachable. 4213 The counter shall be reset each time a DATA chunk sent to that peer 4214 endpoint is acknowledged (by the reception of a SACK), or a 4215 HEARTBEAT-ACK is received from the peer endpoint. 4217 8.2 Path Failure Detection 4219 When its peer endpoint is multi-homed, an endpoint should keep a 4220 error counter for each of the destination transport addresses of the 4221 peer endpoint. 4223 Each time the T3-rtx timer expires on any address, or when a 4224 HEARTBEAT sent to an idle address is not acknowledged within a RTO, 4225 the error counter of that destination address will be incremented. 4226 When the value in the error counter exceeds the protocol parameter 4227 'Path.Max.Retrans' of that destination address, the endpoint should 4228 mark the destination transport address as inactive, and a 4229 notification SHOULD be sent to the upper layer. 4231 When an outstanding TSN is acknowledged or a HEARTBEAT sent to that 4232 address is acknowledged with a HEARTBEAT ACK, the endpoint shall 4233 clear the error counter of the destination transport address to which 4234 the DATA chunk was last sent (or HEARTBEAT was sent). When the peer 4235 endpoint is multi-homed and the last chunk sent to it was a 4236 retransmission to an alternate address, there exists an ambiguity as 4237 to whether or not the acknowledgement should be credited to the 4238 address of the last chunk sent. However, this ambiguity does not 4239 seem to bear any significant consequence to SCTP behavior. If this 4240 ambiguity is undesirable, the transmitter may choose not to clear the 4241 error counter if the last chunk sent was a retransmission. 4243 Note: When configuring the SCTP endpoint, the user should avoid 4244 having the value of 'Association.Max.Retrans' larger than the 4245 summation of the 'Path.Max.Retrans' of all the destination addresses 4246 for the remote endpoint. Otherwise, all the destination addresses 4247 may become inactive while the endpoint still considers the peer 4248 endpoint reachable. When this condition occurs, how the SCTP chooses 4249 to function is implementation specific. 4251 When the primary path is marked inactive (due to excessive 4252 retransmissions, for instance), the sender MAY automatically transmit 4253 new packets to an alternate destination address if one exists and is 4254 active. If more than one alternate address is active when the 4255 primary path is marked inactive only ONE transport address SHOULD be 4256 chosen and used as the new destination transport address. 4258 8.3 Path Heartbeat 4260 By default, an SCTP endpoint shall monitor the reachability of the 4261 idle destination transport address(es) of its peer by sending a 4262 HEARTBEAT chunk periodically to the destination transport 4263 address(es). HEARTBEAT sending MAY begin upon reaching the 4264 ESTABLISHED state, and is discontinued after sending either 4265 SHUTDOWN or SHUTDOWN-ACK. A receiver of a HEARTBEAT MUST 4266 respond to a HEARTBEAT with a HEARTBEAT-ACK after entering 4267 the COOKIE-SENT state up until reaching the CLOSED state. 4269 A destination transport address is considered "idle" if no new chunk 4270 which can be used for updating path RTT (usually including first 4271 transmission DATA, INIT, COOKIE ECHO, HEARTBEAT etc.) and no 4272 HEARTBEAT has been sent to it within the current heartbeat period of 4273 that address. This applies to both active and inactive destination 4274 addresses. 4276 The upper layer can optionally initiate the following functions: 4278 A) Disable heartbeat on a specific destination transport address of a 4279 given association, 4281 B) Change the HB.interval, 4283 C) Re-enable heartbeat on a specific destination transport address of 4284 a given association, and, 4286 D) Request an on-demand HEARTBEAT on a specific destination transport 4287 address of a given association. 4289 The endpoint should increment the respective error counter of the 4290 destination transport address each time a HEARTBEAT is sent to that 4291 address and not acknowledged within one RTO. 4293 When the value of this counter reaches the protocol parameter ' 4294 Path.Max.Retrans', the endpoint should mark the corresponding 4295 destination address as inactive if it is not so marked, and may also 4296 optionally report to the upper layer the change of reachability of 4297 this destination address. After this, the endpoint should continue 4298 HEARTBEAT on this destination address but should stop increasing the 4299 counter. 4301 The sender of the HEARTBEAT chunk should include in the Heartbeat 4302 Information field of the chunk the current time when the packet is 4303 sent out and the destination address to which the packet is sent. 4305 IMPLEMENTATION NOTE: An alternative implementation of the heartbeat 4306 mechanism that can be used is to increment the error counter variable 4307 every time a HEARTBEAT is sent to a destination. Whenever a 4308 HEARTBEAT ACK arrives, the sender SHOULD clear the error counter of 4309 the destination that the HEARTBEAT was sent to. This in effect would 4310 clear the previously stroked error (and any other error counts as 4311 well). 4313 The receiver of the HEARTBEAT should immediately respond with a 4314 HEARTBEAT ACK that contains the Heartbeat Information TLV, together 4315 with any other received TLVs, copied unchanged from the received 4316 HEARTBEAT chunk. 4318 Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT 4319 should clear the error counter of the destination transport address 4320 to which the HEARTBEAT was sent, and mark the destination transport 4321 address as active if it is not so marked. The endpoint may 4322 optionally report to the upper layer when an inactive destination 4323 address is marked as active due to the reception of the latest 4324 HEARTBEAT ACK. The receiver of the HEARTBEAT ACK must also clear the 4325 association overall error count as well (as defined in section 8.1). 4327 The receiver of the HEARTBEAT ACK should also perform an RTT 4328 measurement for that destination transport address using the time 4329 value carried in the HEARTBEAT ACK chunk. 4331 On an idle destination address that is allowed to heartbeat, a 4332 HEARTBEAT chunk is RECOMMENDED to be sent once per RTO of that 4333 destination address plus the protocol parameter 'HB.interval' , with 4334 jittering of +/- 50%, and exponential back-off of the RTO if the 4335 previous HEARTBEAT is unanswered. 4337 A primitive is provided for the SCTP user to change the HB.interval 4338 and turn on or off the heartbeat on a given destination address. The 4339 heartbeat interval set by the SCTP user is added to the RTO of that 4340 destination (including any exponential backoff). Only one heartbeat 4341 should be sent each time the heartbeat timer expires (if multiple 4342 destinations are idle). It is an implementation decision on how to 4343 choose which of the candidate idle destinations to heartbeat to (if 4344 more than one destination is idle). 4346 Note: When tuning the heartbeat interval, there is a side effect that 4347 SHOULD be taken into account. When this value is increased, i.e. 4348 the HEARTBEAT takes longer, the detection of lost ABORT messages 4349 takes longer as well. If a peer endpoint ABORTs the association for 4350 any reason and the ABORT chunk is lost, the local endpoint will only 4351 discover the lost ABORT by sending a DATA chunk or HEARTBEAT chunk 4352 (thus causing the peer to send another ABORT). This must be 4353 considered when tuning the HEARTBEAT timer. If the HEARTBEAT is 4354 disabled only sending DATA to the association will discover a lost 4355 ABORT from the peer. 4357 8.4 Handle "Out of the blue" Packets 4359 An SCTP packet is called an "out of the blue" (OOTB) packet if it is 4360 correctly formed, i.e., passed the receiver's Fletcher-16 check (see 4361 Section 6.8), but the receiver is not able to identify the 4362 association to which this packet belongs. 4364 The receiver of an OOTB packet MUST do the following: 4366 1) If the OOTB packet is to or from a non-unicast address, silently 4367 discard the packet. Otherwise, 4369 2) If the OOTB packet contains an ABORT chunk, the receiver MUST 4370 silently discard the OOTB packet and take no further action. 4371 Otherwise, 4373 3) If the packet contains an INIT chunk with a Verification Tag set 4374 to '0', process it as described in Section 5.1. Otherwise, 4376 4) If the packet contains a COOKIE ECHO in the first chunk, process 4377 it as described in Section 5.1. Otherwise, 4379 5) If the packet contains a SHUTDOWN ACK chunk, the receiver should 4380 respond to the sender of the OOTB packet with a SHUTDOWN COMPLETE. 4381 When sending the SHUTDOWN COMPLETE, the receiver of the OOTB 4382 packet must fill in the Verification Tag field of the outbound 4383 packet with the Verification Tag received in the SHUTDOWN ACK and 4384 set the T-bit in the Chunk Flags to indicate that no TCB was 4385 found. Otherwise, 4387 6) If the packet contains a SHUTDOWN COMPLETE chunk, the receiver 4388 should silently discard the packet and take no further action. 4389 Otherwise, 4391 7) If the packet contains a "Stale cookie" ERROR or a COOKIE ACK the 4392 SCTP Packet should be silently discarded. Otherwise, 4394 8) The receiver should respond to the sender of the OOTB packet with 4395 an ABORT. When sending the ABORT, the receiver of the OOTB packet 4396 MUST fill in the Verification Tag field of the outbound packet 4397 with the value found in the Verification Tag field of the OOTB 4398 packet and set the T-bit in the Chunk Flags to indicate that no 4399 TCB was found. After sending this ABORT, the receiver of the OOTB 4400 packet shall discard the OOTB packet and take no further action. 4402 8.5 Verification Tag 4404 The Verification Tag rules defined in this section apply when sending 4405 or receiving SCTP packets which do not contain an INIT, SHUTDOWN 4406 COMPLETE, COOKIE ECHO (see Section 5.1), ABORT or SHUTDOWN ACK chunk. 4407 The rules for sending and receiving SCTP packets containing one of 4408 these chunk types are discussed separately in Section 8.5.1. 4410 When sending an SCTP packet, the endpoint MUST fill in the 4411 Verification Tag field of the outbound packet with the tag value in 4412 the Initiate Tag parameter of the INIT or INIT ACK received from its 4413 peer. 4415 When receiving an SCTP packet, the endpoint MUST ensure that the 4416 value in the Verification Tag field of the received SCTP packet 4417 matches its own Tag. If the received Verification Tag value does not 4418 match the receiver's own tag value, the receiver shall silently 4419 discard the packet and shall not process it any further except for 4420 those cases listed in Section 8.5.1 below. 4422 8.5.1 Exceptions in Verification Tag Rules 4424 A) Rules for packet carrying INIT: 4426 - The sender MUST set the Verification Tag of the packet to 0. 4428 - When an endpoint receives an SCTP packet with the Verification 4429 Tag set to 0, it should verify that the packet contains only an 4430 INIT chunk. Otherwise, the receiver MUST silently discard the 4431 packet. 4433 B) Rules for packet carrying ABORT: 4435 - The endpoint shall always fill in the Verification Tag field of 4436 the outbound packet with the destination endpoint's tag value 4437 if it is known. 4439 - If the ABORT is sent in response to an OOTB packet, the 4440 endpoint MUST follow the procedure described in Section 8.4. 4442 - The receiver MUST accept the packet if the Verification Tag 4443 matches either its own tag, OR the tag of its peer. Otherwise, 4444 the receiver MUST silently discard the packet and take no 4445 further action. 4447 C) Rules for packet carrying SHUTDOWN COMPLETE: 4449 - When sending a SHUTDOWN COMPLETE, if the receiver of the 4450 SHUTDOWN ACK has a TCB then the destination endpoint's tag MUST 4451 be used. Only where no TCB exists should the sender use the 4452 Verification Tag from the SHUTDOWN ACK. 4454 - The receiver of a SHUTDOWN COMPLETE shall accept the packet if 4455 the Verification Tag field of the packet matches its own tag OR 4456 it is set to its peer's tag and the T bit is set in the Chunk 4457 Flags. Otherwise, the receiver MUST silently discard the packet 4458 and take no further action. An endpoint MUST ignore the 4459 SHUTDOWN COMPLETE if it is not in the SHUTDOWN-ACK-SENT state. 4461 D) Rules for packet carrying a COOKIE ECHO 4463 - When sending a COOKIE ECHO, the endpoint MUST use the value of 4464 the Initial Tag received in the INIT ACK. 4466 - The receiver of a COOKIE ECHO follows the procedures in Section 4467 5. 4469 E) Rules for packet carrying a SHUTDOWN ACK 4471 - If the receiver is in COOKIE-ECHOED or COOKIE-WAIT state the 4472 procedures in section 8.4 SHOULD be followed, in other words it 4473 should be treated as an Out Of The Blue packet. 4475 9. Termination of Association 4477 An endpoint should terminate its association when it exits from 4478 service. An association can be terminated by either abort or 4479 shutdown. An abort of an association is abortive by definition in 4480 that any data pending on either end of the association is discarded 4481 and not delivered to the peer. A shutdown of an association is 4482 considered a graceful close where all data in queue by either 4483 endpoint is delivered to the respective peers. However, in the case 4484 of a shutdown, SCTP does not support a half-open state (like TCP) 4485 wherein one side may continue sending data while the other end is 4486 closed. When either endpoint performs a shutdown, the association on 4487 each peer will stop accepting new data from its user and only deliver 4488 data in queue at the time of sending or receiving the SHUTDOWN chunk. 4490 9.1 Abort of an Association 4492 When an endpoint decides to abort an existing association, it shall 4493 send an ABORT chunk to its peer endpoint. The sender MUST fill in 4494 the peer's Verification Tag in the outbound packet and MUST NOT 4495 bundle any DATA chunk with the ABORT. 4497 An endpoint MUST NOT respond to any received packet that contains an 4498 ABORT chunk (also see Section 8.4). 4500 An endpoint receiving an ABORT shall apply the special Verification 4501 Tag check rules described in Section 8.5.1. 4503 After checking the Verification Tag, the receiving endpoint shall 4504 remove the association from its record, and shall report the 4505 termination to its upper layer. 4507 9.2 Shutdown of an Association 4509 Using the SHUTDOWN primitive (see Section 10.1), the upper layer of 4510 an endpoint in an association can gracefully close the association. 4511 This will allow all outstanding DATA chunks from the peer of the 4512 shutdown initiator to be delivered before the association terminates. 4514 Upon receipt of the SHUTDOWN primitive from its upper layer, the 4515 endpoint enters SHUTDOWN-PENDING state and remains there until all 4516 outstanding data has been acknowledged by its peer. The endpoint 4517 accepts no new data from its upper layer, but retransmits data to the 4518 far end if necessary to fill gaps. 4520 Once all its outstanding data has been acknowledged, the endpoint 4521 shall send a SHUTDOWN chunk to its peer including in the Cumulative 4522 TSN Ack field the last sequential TSN it has received from the peer. 4523 It shall then start the T2-shutdown timer and enter the SHUTDOWN-SENT 4524 state. If the timer expires, the endpoint must re-send the SHUTDOWN 4525 with the updated last sequential TSN received from its peer. 4527 The rules in Section 6.3 MUST be followed to determine the proper 4528 timer value for T2-shutdown. To indicate any gaps in TSN, the 4529 endpoint may also bundle a SACK with the SHUTDOWN chunk in the same 4530 SCTP packet. 4532 An endpoint should limit the number of retransmissions of the 4533 SHUTDOWN chunk to the protocol parameter 'Association.Max.Retrans'. 4534 If this threshold is exceeded the endpoint should destroy the TCB and 4535 MUST report the peer endpoint unreachable to the upper layer (and 4536 thus the association enters the CLOSED state). The reception of any 4537 packet from its peer (i.e. as the peer sends all of its queued DATA 4538 chunks) should clear the endpoint's retransmission count and restart 4539 the T2-Shutdown timer, giving its peer ample opportunity to transmit 4540 all of its queued DATA chunks that have not yet been sent. 4542 Upon the reception of the SHUTDOWN, the peer endpoint shall 4544 - enter the SHUTDOWN-RECEIVED state, 4546 - stop accepting new data from its SCTP user 4548 - verify, by checking the Cumulative TSN Ack field of the chunk, 4549 that all its outstanding DATA chunks have been received by the 4550 SHUTDOWN sender. 4552 Once an endpoint as reached the SHUTDOWN-RECEIVED state it MUST NOT 4553 send a SHUTDOWN in response to an ULP request, and should discard 4554 subsequent SHUTDOWN chunks. 4556 If there are still outstanding DATA chunks left, the SHUTDOWN 4557 receiver shall continue to follow normal data transmission procedures 4558 defined in Section 6 until all outstanding DATA chunks are 4559 acknowledged; however, the SHUTDOWN receiver MUST NOT accept new data 4560 from its SCTP user. 4562 While in SHUTDOWN-SENT state, the SHUTDOWN sender MUST immediately 4563 respond to each received packet containing one or more DATA chunk(s) 4564 with a SACK, a SHUTDOWN chunk, and restart the T2-shutdown timer. If 4565 it has no more outstanding DATA chunks, the SHUTDOWN receiver shall 4566 send a SHUTDOWN ACK and start a T2-shutdown timer of its own, 4567 entering the SHUTDOWN-ACK-SENT state. If the timer expires, the 4568 endpoint must re-send the SHUTDOWN ACK. 4570 The sender of the SHUTDOWN ACK should limit the number of 4571 retransmissions of the SHUTDOWN ACK chunk to the protocol parameter ' 4572 Association.Max.Retrans'. If this threshold is exceeded the endpoint 4573 should destroy the TCB and may report the peer endpoint unreachable 4574 to the upper layer (and thus the association enters the CLOSED 4575 state). 4577 Upon the receipt of the SHUTDOWN ACK, the SHUTDOWN sender shall stop 4578 the T2-shutdown timer, send a SHUTDOWN COMPLETE chunk to its peer, 4579 and remove all record of the association. 4581 Upon reception of the SHUTDOWN COMPLETE chunk the endpoint will 4582 verify that it is in SHUTDOWN-ACK-SENT state, if it is not the chunk 4583 should be discarded. If the endpoint is in the SHUTDOWN-ACK-SENT 4584 state the endpoint should stop the T2-shutdown timer and remove all 4585 knowledge of the association (and thus the association enters the 4586 CLOSED state). 4588 An endpoint SHOULD assure that all its outstanding DATA chunks have 4589 been acknowledged before initiating the shutdown procedure. 4591 An endpoint should reject any new data request from its upper layer 4592 if it is in SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, or 4593 SHUTDOWN-ACK-SENT state. 4595 If an endpoint is in SHUTDOWN-ACK-SENT state and receives an INIT 4596 chunk (e.g., if the SHUTDOWN COMPLETE was lost) with source and 4597 destination transport addresses (either in the IP addresses or in the 4598 INIT chunk) that belong to this association, it should discard the 4599 INIT chunk and retransmit the SHUTDOWN ACK chunk. 4601 Note: Receipt of an INIT with the same source and destination IP 4602 addresses as used in transport addresses assigned to an endpoint but 4603 with a different port number indicates the initialization of a 4604 separate association. 4606 The sender of the INIT or COOKIE ECHO should respond to the receipt 4607 of a SHUTDOWN-ACK with a stand-alone SHUTDOWN COMPLETE in an SCTP 4608 packet with the Verification Tag field of its common header set to 4609 the same tag that was received in the SHUTDOWN ACK packet. This is 4610 considered an Out of the Blue packet as defined in Section 8.4. The 4611 sender of the INIT lets T1-init continue running and remains in the 4612 COOKIE-WAIT or COOKIE-ECHOED state. Normal T1-init timer expiration 4613 will cause the INIT or COOKIE chunk to be retransmitted and thus 4614 start a new association. 4616 If a SHUTDOWN is received in COOKIE WAIT or COOKIE ECHOED states the 4617 SHUTDOWN chunk SHOULD be silently discarded. 4619 If an endpoint is in SHUTDOWN-SENT state and receives a SHUTDOWN 4620 chunk from its peer, the endpoint shall respond immediately with a 4621 SHUTDOWN ACK to its peer, and move into a SHUTDOWN-ACK-SENT state 4622 restarting its T2-shutdown timer. 4624 If an endpoint is in the SHUTDOWN-ACK-SENT state and receives a 4625 SHUTDOWN ACK, it shall stop the T2-shutdown timer, send a SHUTDOWN 4626 COMPLETE chunk to its peer, and remove all record of the association. 4628 10. Interface with Upper Layer 4630 The Upper Layer Protocols (ULP) shall request for services by passing 4631 primitives to SCTP and shall receive notifications from SCTP for 4632 various events. 4634 The primitives and notifications described in this section should be 4635 used as a guideline for implementing SCTP. The following functional 4636 description of ULP interface primitives is shown for illustrative 4637 purposes. Different SCTP implementations may have different ULP 4638 interfaces. However, all SCTPs must provide a certain minimum set of 4639 services to guarantee that all SCTP implementations can support the 4640 same protocol hierarchy. 4642 10.1 ULP-to-SCTP 4644 The following sections functionally characterize an ULP/SCTP 4645 interface. The notation used is similar to most procedure or 4646 function calls in high level languages. 4648 The ULP primitives described below specify the basic functions the 4649 SCTP must perform to support inter-process communication. Individual 4650 implementations must define their own exact format, and may provide 4651 combinations or subsets of the basic functions in single calls. 4653 A) Initialize 4655 Format: INITIALIZE ([local port], [local eligible address list]) -> 4656 local SCTP instance name 4657 This primitive allows SCTP to initialize its internal data structures 4658 and allocate necessary resources for setting up its operation 4659 environment. Once SCTP is initialized, ULP can communicate directly 4660 with other endpoints without re-invoking this primitive. 4662 SCTP will return a local SCTP instance name to the ULP. 4664 Mandatory attributes: 4666 None. 4668 Optional attributes: 4670 The following types of attributes may be passed along with the 4671 primitive: 4673 o local port - SCTP port number, if ULP wants it to be specified; 4675 o local eligible address list - An address list that the local SCTP 4676 endpoint should bind. By default, if an address list is not 4677 included, all IP addresses assigned to the host should be used by 4678 the local endpoint. 4680 IMPLEMENTATION NOTE: If this optional attribute is supported by an 4681 implementation, it will be the responsibility of the implementation 4682 to enforce that the IP source address field of any SCTP packets sent 4683 out by this endpoint contains one of the IP addresses indicated in 4684 the local eligible address list. 4686 B) Associate 4688 Format: ASSOCIATE(local SCTP instance name, destination transport addr, 4689 outbound stream count) 4690 -> association id [,destination transport addr list] [,outbound stream 4691 count] 4693 This primitive allows the upper layer to initiate an association to a 4694 specific peer endpoint. 4696 The peer endpoint shall be specified by one of the transport 4697 addresses which defines the endpoint (see Section 1.4). If the local 4698 SCTP instance has not been initialized, the ASSOCIATE is considered 4699 an error. 4701 An association id, which is a local handle to the SCTP association, 4702 will be returned on successful establishment of the association. If 4703 SCTP is not able to open an SCTP association with the peer endpoint, 4704 an error is returned. 4706 Other association parameters may be returned, including the complete 4707 destination transport addresses of the peer as well as the outbound 4708 stream count of the local endpoint. One of the transport address 4709 from the returned destination addresses will be selected by the local 4710 endpoint as default primary path for sending SCTP packets to this 4711 peer. The returned "destination transport addr list" can be used by 4712 the ULP to change the default primary path or to force sending a 4713 packet to a specific transport address. 4715 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 4716 blocking function call, the ASSOCIATE primitive can return 4717 association parameters in addition to the association id upon 4718 successful establishment. If ASSOCIATE primitive is implemented as a 4719 non-blocking call, only the association id shall be returned and 4720 association parameters shall be passed using the COMMUNICATION UP 4721 notification. 4723 Mandatory attributes: 4725 o local SCTP instance name - obtained from the INITIALIZE operation. 4727 o destination transport addr - specified as one of the transport 4728 addresses of the peer endpoint with which the association is to be 4729 established. 4731 o outbound stream count - the number of outbound streams the ULP 4732 would like to open towards this peer endpoint. 4734 Optional attributes: 4736 None. 4738 C) Shutdown 4740 Format: SHUTDOWN(association id) 4741 -> result 4743 Gracefully closes an association. Any locally queued user data will 4744 be delivered to the peer. The association will be terminated only 4745 after the peer acknowledges all the SCTP packets sent. A success 4746 code will be returned on successful termination of the association. 4747 If attempting to terminate the association results in a failure, an 4748 error code shall be returned. 4750 Mandatory attributes: 4752 o association id - local handle to the SCTP association 4754 Optional attributes: 4756 None. 4758 D) Abort 4760 Format: ABORT(association id [, cause code]) 4761 -> result 4763 Ungracefully closes an association. Any locally queued user data 4764 will be discarded and an ABORT chunk is sent to the peer. A success 4765 code will be returned on successful abortion of the association. If 4766 attempting to abort the association results in a failure, an error 4767 code shall be returned. 4769 Mandatory attributes: 4771 o association id - local handle to the SCTP association 4773 Optional attributes: 4775 o cause code - reason of the abort to be passed to the peer. 4777 None. 4779 E) Send 4781 Format: SEND(association id, buffer address, byte count [,context] 4782 [,stream id] [,life time] [,destination transport address] 4783 [,unorder flag] [,no-bundle flag] [,payload protocol-id] ) 4784 -> result 4786 This is the main method to send user data via SCTP. 4788 Mandatory attributes: 4790 o association id - local handle to the SCTP association 4792 o buffer address - the location where the user message to be 4793 transmitted is stored; 4795 o byte count - The size of the user data in number of bytes; 4797 Optional attributes: 4799 o context - an optional 32 bit integer that will be carried in the 4800 sending failure notification to the ULP if the transportation of 4801 this User Message fails. 4803 o stream id - to indicate which stream to send the data on. If not 4804 specified, stream 0 will be used. 4806 o life time - specifies the life time of the user data. The user 4807 data will not be sent by SCTP after the life time expires. This 4808 parameter can be used to avoid efforts to transmit stale user 4809 messages. SCTP notifies the ULP if the data cannot be initiated 4810 to transport (i.e. sent to the destination via SCTP's send 4811 primitive) within the life time variable. However, the user data 4812 will be transmitted if SCTP has attempted to transmit a chunk 4813 before the life time expired. 4815 IMPLEMENTATION NOTE: In order to better support the data lifetime 4816 option, the transmitter may hold back the assigning of the TSN number 4817 to an outbound DATA chunk to the last moment. And, for 4818 implementation simplicity, once a TSN number has been assigned the 4819 sender should consider the send of this DATA chunk as committed, 4820 overriding any lifetime option attached to the DATA chunk. 4822 o destination transport address - specified as one of the 4823 destination transport addresses of the peer endpoint to which this 4824 packet should be sent. Whenever possible, SCTP should use this 4825 destination transport address for sending the packets, instead of 4826 the current primary path. 4828 o unorder flag - this flag, if present, indicates that the user 4829 would like the data delivered in an unordered fashion to the peer 4830 (i.e., the U flag is set to 1 on all DATA chunks carrying this 4831 message). 4833 o no-bundle flag - instructs SCTP not to bundle this user data with 4834 other outbound DATA chunks. SCTP MAY still bundle even when this 4835 flag is present, when faced with network congestion. 4837 o payload protocol-id - A 32 bit unsigned integer that is to be 4838 passed to the peer indicating the type of payload protocol data 4839 being transmitted. This value is passed as opaque data by SCTP. 4841 F) Set Primary 4843 Format: SETPRIMARY(association id, destination transport address, 4844 [source transport address] ) 4845 -> result 4847 Instructs the local SCTP to use the specified destination transport 4848 address as primary path for sending packets. 4850 The result of attempting this operation shall be returned. If the 4851 specified destination transport address is not present in the 4852 "destination transport address list" returned earlier in an associate 4853 command or communication up notification, an error shall be returned. 4855 Mandatory attributes: 4857 o association id - local handle to the SCTP association 4859 o destination transport address - specified as one of the transport 4860 addresses of the peer endpoint, which should be used as primary 4861 address for sending packets. This overrides the current primary 4862 address information maintained by the local SCTP endpoint. 4864 Optional attributes: 4866 o source transport address - optionally, some implementations may 4867 allow you to set the default source address placed in all outgoing 4868 IP datagrams. 4870 G) Receive 4872 Format: RECEIVE(association id, buffer address, buffer size 4873 [,stream id]) 4874 -> byte count [,transport address] [,stream id] [,stream sequence 4875 number] [,partial flag] [,delivery number] [,payload protocol-id] 4877 This primitive shall read the first user message in the SCTP in-queue 4878 into the buffer specified by ULP, if there is one available. The 4879 size of the message read, in bytes, will be returned. It may, 4880 depending on the specific implementation, also return other 4881 information such as the sender's address, the stream id on which it 4882 is received, whether there are more messages available for retrieval, 4883 etc. For ordered messages, their stream sequence number may also be 4884 returned. 4886 Depending upon the implementation, if this primitive is invoked when 4887 no message is available the implementation should return an 4888 indication of this condition or should block the invoking process 4889 until data does become available. 4891 Mandatory attributes: 4893 o association id - local handle to the SCTP association 4895 o buffer address - the memory location indicated by the ULP to store 4896 the received message. 4898 o buffer size - the maximum size of data to be received, in bytes. 4900 Optional attributes: 4902 o stream id - to indicate which stream to receive the data on. 4904 o stream sequence number - the stream sequence number assigned by 4905 the sending SCTP peer. 4907 o partial flag - if this returned flag is set to 1, then this 4908 Receive contains a partial delivery of the whole message. When 4909 this flag is set, the stream id and stream sequence number MUST 4910 accompany this receive. When this flag is set to 0, it indicates 4911 that no more deliveries will be received for this stream sequence 4912 number. 4914 o payload protocol-id - A 32 bit unsigned integer that is received 4915 from the peer indicating the type of payload protocol of the 4916 received data. This value is passed as opaque data by SCTP. 4918 H) Status 4920 Format: STATUS(association id) 4921 -> status data 4923 This primitive should return a data block containing the following 4924 information: 4925 association connection state, 4926 destination transport address list, 4927 destination transport address reachability states, 4928 current receiver window size, 4929 current congestion window sizes, 4930 number of unacknowledged DATA chunks, 4931 number of DATA chunks pending receipt, 4932 primary path, 4933 most recent SRTT on primary path, 4934 RTO on primary path, 4935 SRTT and RTO on other destination addresses, etc. 4937 Mandatory attributes: 4939 o association id - local handle to the SCTP association 4941 Optional attributes: 4943 None. 4945 I) Change Heartbeat 4947 Format: CHANGEHEARTBEAT(association id, destination transport address, 4948 new state [,interval]) 4949 -> result 4951 Instructs the local endpoint to enable or disable heartbeat on the 4952 specified destination transport address. 4954 The result of attempting this operation shall be returned. 4956 Note: Even when enabled, heartbeat will not take place if the 4957 destination transport address is not idle. 4959 Mandatory attributes: 4961 o association id - local handle to the SCTP association 4963 o destination transport address - specified as one of the transport 4964 addresses of the peer endpoint. 4966 o new state - the new state of heartbeat for this destination 4967 transport address (either enabled or disabled). 4969 Optional attributes: 4971 o interval - if present, indicates the frequency of the heartbeat if 4972 this is to enable heartbeat on a destination transport address. 4973 This value is added to the RTO of the destination transport 4974 address. This value, if present, effects all destinations. 4976 J) Request HeartBeat 4978 Format: REQUESTHEARTBEAT(association id, destination transport 4979 address) 4980 -> result 4982 Instructs the local endpoint to perform a HeartBeat on the specified 4983 destination transport address of the given association. The returned 4984 result should indicate whether the transmission of the HEARTBEAT 4985 chunk to the destination address is successful. 4987 Mandatory attributes: 4989 o association id - local handle to the SCTP association 4991 o destination transport address - the transport address of the 4992 association on which a heartbeat should be issued. 4994 K) Get SRTT Report 4996 Format: GETSRTTREPORT(association id, destination transport address) 4997 -> srtt result 4999 Instructs the local SCTP to report the current SRTT measurement on 5000 the specified destination transport address of the given association. 5001 The returned result can be an integer containing the most recent SRTT 5002 in milliseconds. 5004 Mandatory attributes: 5006 o association id - local handle to the SCTP association 5008 o destination transport address - the transport address of the 5009 association on which the SRTT measurement is to be reported. 5011 L) Set Failure Threshold 5013 Format: SETFAILURETHRESHOLD(association id, destination transport 5014 address, failure threshold) 5015 -> result 5017 This primitive allows the local SCTP to customize the reachability 5018 failure detection threshold 'Path.Max.Retrans' for the specified 5019 destination address. 5021 Mandatory attributes: 5023 o association id - local handle to the SCTP association 5025 o destination transport address - the transport address of the 5026 association on which the failure detection threshold is to be set. 5028 o failure threshold - the new value of 'Path.Max.Retrans' for the 5029 destination address. 5031 M) Set Protocol Parameters 5033 Format: SETPROTOCOLPARAMETERS(association id, [,destination transport 5034 address,] protocol parameter list) 5035 -> result 5037 This primitive allows the local SCTP to customize the protocol 5038 parameters. 5040 Mandatory attributes: 5042 o association id - local handle to the SCTP association 5044 o protocol parameter list - The specific names and values of the 5045 protocol parameters (e.g., Association.Max.Retrans [see Section 5046 14]) that the SCTP user wishes to customize. 5048 Optional attributes: 5050 o destination transport address - some of the protocol parameters 5051 may be set on a per destination transport address basis. 5053 N) Receive unsent message 5055 Format: RECEIVE_UNSENT(data retrieval id, buffer address, buffer size 5056 [,stream id] [, stream sequence number] [,partial flag] 5057 [,payload protocol-id]) 5059 o data retrieval id - The identification passed to the ULP in the 5060 failure notification. 5062 o buffer address - the memory location indicated by the ULP to store 5063 the received message. 5065 o buffer size - the maximum size of data to be received, in bytes. 5067 Optional attributes: 5069 o stream id - this is a return value that is set to indicate 5070 which stream the data was sent to. 5072 o stream sequence number - this value is returned indicating 5073 the stream sequence number that was associated with the message. 5075 o partial flag - if this returned flag is set to 1, then this 5076 message is a partial delivery of the whole message. When 5077 this flag is set, the stream id and stream sequence number MUST 5078 accompany this receive. When this flag is set to 0, it indicates 5079 that no more deliveries will be received for this stream sequence 5080 number. 5082 o payload protocol-id - The 32 bit unsigned integer that was sent to 5083 be sent to the peer indicating the type of payload protocol of the 5084 received data. 5086 O) Receive unacknowledged message 5088 Format: RECEIVE_UNACKED(data retrieval id, buffer address, buffer size, 5089 [,stream id] [, stream sequence number] [,partial flag] 5090 [,payload protocol-id]) 5092 o data retrieval id - The identification passed to the ULP in the 5093 failure notification. 5095 o buffer address - the memory location indicated by the ULP to store 5096 the received message. 5098 o buffer size - the maximum size of data to be received, in bytes. 5100 Optional attributes: 5102 o stream id - this is a return value that is set to indicate which 5103 stream the data was sent to. 5105 o stream sequence number - this value is returned indicating the 5106 stream sequence number that was associated with the message. 5108 o partial flag - if this returned flag is set to 1, then this 5109 message is a partial delivery of the whole message. When this 5110 flag is set, the stream id and stream sequence number MUST 5111 accompany this receive. When this flag is set to 0, it indicates 5112 that no more deliveries will be received for this stream sequence 5113 number. 5115 o payload protocol-id - The 32 bit unsigned integer that was sent to 5116 be sent to the peer indicating the type of payload protocol of the 5117 received data. 5119 P) Destroy SCTP instance 5121 Format: DESTROY(local SCTP instance name) 5123 o local SCTP instance name - this is the value that was passed to 5124 the application in the initialize primitive and it indicates which 5125 SCTP instance to be destroyed. 5127 10.2 SCTP-to-ULP 5129 It is assumed that the operating system or application environment 5130 provides a means for the SCTP to asynchronously signal the ULP 5131 process. When SCTP does signal an ULP process, certain information 5132 is passed to the ULP. 5134 IMPLEMENTATION NOTE: In some cases this may be done through a 5135 separate socket or error channel. 5137 A) DATA ARRIVE notification 5139 SCTP shall invoke this notification on the ULP when a user message is 5140 successfully received and ready for retrieval. 5142 The following may be optionally be passed with the notification: 5144 o association id - local handle to the SCTP association 5146 o stream id - to indicate which stream the data is received on. 5148 B) SEND FAILURE notification 5150 If a message can not be delivered SCTP shall invoke this notification 5151 on the ULP. 5153 The following may be optionally be passed with the notification: 5155 o association id - local handle to the SCTP association 5157 o data retrieval id - an identification used to retrieve unsent and 5158 unacknowledged data. 5160 o cause code - indicating the reason of the failure, e.g., size too 5161 large, message life-time expiration, etc. 5163 o context - optional information associated with this message (see D 5164 in Section 10.1). 5166 C) NETWORK STATUS CHANGE notification 5168 When a destination transport address is marked inactive (e.g., when 5169 SCTP detects a failure), or marked active (e.g., when SCTP detects a 5170 recovery), SCTP shall invoke this notification on the ULP. 5172 The following shall be passed with the notification: 5174 o association id - local handle to the SCTP association 5176 o destination transport address - This indicates the destination 5177 transport address of the peer endpoint affected by the change; 5179 o new-status - This indicates the new status. 5181 D) COMMUNICATION UP notification 5183 This notification is used when SCTP becomes ready to send or receive 5184 user messages, or when a lost communication to an endpoint is 5185 restored. 5187 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 5188 blocking function call, the association parameters are returned as a 5189 result of the ASSOCIATE primitive itself. In that case, 5190 COMMUNICATION UP notification is optional at the association 5191 initiator's side. 5193 The following shall be passed with the notification: 5195 o association id - local handle to the SCTP association 5197 o status - This indicates what type of event has occurred 5199 o destination transport address list - the complete set of transport 5200 addresses of the peer 5202 o outbound stream count - the maximum number of streams allowed to 5203 be used in this association by the ULP 5205 o inbound stream count - the number of streams the peer endpoint has 5206 requested with this association (this may not be the same number 5207 as 'outbound stream count'). 5209 E) COMMUNICATION LOST notification 5211 When SCTP loses communication to an endpoint completely (e.g., via 5212 Heartbeats) or detects that the endpoint has performed an abort 5213 operation, it shall invoke this notification on the ULP. 5215 The following shall be passed with the notification: 5217 o association id - local handle to the SCTP association 5219 o status - This indicates what type of event has occurred; The status 5220 may indicate a failure OR a normal termination event 5221 occurred in response to a shutdown or abort request. 5223 The following may be passed with the notification: 5225 o data retrieval id - an identification used to retrieve unsent and 5226 unacknowledged data. 5228 o last-acked - the TSN last acked by that peer endpoint; 5230 o last-sent - the TSN last sent to that peer endpoint; 5232 F) COMMUNICATION ERROR notification 5234 When SCTP receives an ERROR chunk from its peer and decides to notify 5235 its ULP, it can invoke this notification on the ULP. 5237 The following can be passed with the notification: 5239 o association id - local handle to the SCTP association 5241 o error info - this indicates the type of error and optionally some 5242 additional information received through the ERROR chunk. 5244 G) RESTART notification 5246 When SCTP detects that the peer has restarted, it may send this 5247 notification to its ULP. 5249 The following can be passed with the notification: 5251 o association id - local handle to the SCTP association 5253 H) SHUTDOWN COMPLETE notification 5255 When SCTP completes the shutdown procedures (section 9.2) this 5256 notification is passed to the upper layer. 5258 The following can be passed with the notification: 5260 o association id - local handle to the SCTP association 5262 11. Security Considerations 5264 11.1 Security Objectives 5266 As a common transport protocol designed to reliably carry time- 5267 sensitive user messages, such as billing or signaling messages for 5268 telephony services, between two networked endpoints, SCTP has the 5269 following security objectives. 5271 - availability of reliable and timely data transport services 5272 - integrity of the user-to-user information carried by SCTP 5274 11.2 SCTP Responses To Potential Threats 5276 SCTP may potentially be used in a wide variety of risk situations. 5277 It is important for operator(s) of systems running SCTP to analyze 5278 their particular situations and decide on the appropriate counter- 5279 measures. 5281 Operators of systems running SCTP should consult [RFC2196] for 5282 guidance in securing their site. 5284 11.2.1 Countering Insider Attacks 5286 The principles of [RFC2196] should be applied to minimize the risk of 5287 theft of information or sabotage by insiders. Such procedures 5288 include publication of security policies, control of access at the 5289 physical, software, and network levels, and separation of services. 5291 11.2.2 Protecting against Data Corruption in the Network 5293 Where the risk of undetected errors in datagrams delivered by the 5294 lower layer transport services is considered to be too great, 5295 additional integrity protection is required. If this additional 5296 protection were provided in the application-layer, the SCTP header 5297 would remain vulnerable to deliberate integrity attacks. While the 5298 existing SCTP mechanisms for detection of packet replays are 5299 considered sufficient for normal operation, stronger protections are 5300 needed to protect SCTP when the operating environment contains 5301 significant risk of deliberate attacks from a sophisticated 5302 adversary. 5304 In order to promote software code-reuse, to avoid re-inventing the 5305 wheel, and to avoid gratuitous complexity to SCTP, the IP 5306 Authentication Header [RFC2402] SHOULD be used when the threat 5307 environment requires stronger integrity protections, but does not 5308 require confidentiality. 5310 A widely implemented BSD Sockets API extension exists for 5311 applications to request IP security services, such as AH or ESP from 5312 an operating system kernel. Applications can use such an API to 5313 request AH whenever AH use is appropriate. 5315 11.2.3 Protecting Confidentiality 5317 In most cases, the risk of breach of confidentiality applies to the 5318 signaling data payload, not to the SCTP or lower-layer protocol 5319 overheads. If that is true, encryption of the SCTP user data only 5320 might be considered. As with the supplementary checksum service, 5321 user data encryption MAY be performed by the SCTP user application. 5323 Alternately, the user application MAY use an implementation-specific 5324 API to request that the IP Encapsulating Security Payload (ESP) 5325 [RFC2406] be used to provide confidentiality and integrity. 5327 Particularly for mobile users, the requirement for confidentiality 5328 might include the masking of IP addresses and ports. In this case 5329 ESP SHOULD be used instead of application-level confidentiality. If 5330 ESP is used to protect confidentiality of SCTP traffic, an ESP 5331 cryptographic transform that includes cryptographic integrity 5332 protection MUST be used, because if there is a confidentiality threat 5333 there will also be a strong integrity threat. 5335 Whenever ESP is in use, application-level encryption is not generally 5336 required. 5338 Regardless of where confidentiality is provided, the ISAKMP [RFC2408] 5339 and the Internet Key Exchange (IKE) [RFC2409] SHOULD be used for key 5340 management. 5342 Operators should consult [RFC2401] for more information on the 5343 security services available at and immediately above the Internet 5344 Protocol layer. 5346 11.2.4 Protecting against Blind Denial of Service Attacks 5348 A blind attack is one where the attacker is unable to intercept or 5349 otherwise see the content of data flows passing to and from the 5350 target SCTP node. Blind denial of service attacks may take the form 5351 of flooding, masquerade, or improper monopolization of services. 5353 11.2.4.1 Flooding 5355 The objective of flooding is to cause loss of service and incorrect 5356 behavior at target systems through resource exhaustion, interference 5357 with legitimate transactions, and exploitation of buffer-related 5358 software bugs. Flooding may be directed either at the SCTP node or 5359 at resources in the intervening IP Access Links or the Internet. 5360 Where the latter entities are the target, flooding will manifest 5361 itself as loss of network services, including potentially the breach 5362 of any firewalls in place. 5364 In general, protection against flooding begins at the equipment 5365 design level, where it includes measures such as: 5367 - avoiding commitment of limited resources before determining that 5368 the request for service is legitimate 5370 - giving priority to completion of processing in progress over the 5371 acceptance of new work 5373 - identification and removal of duplicate or stale queued requests 5374 for service. 5376 - not responding to unexpected packets sent to non-unicast 5377 addresses. 5379 Network equipment should be capable of generating an alarm and log if 5380 a suspicious increase in traffic occurs. The log should provide 5381 information such as the identity of the incoming link and source 5382 address(es) used which will help the network or SCTP system operator 5383 to take protective measures. Procedures should be in place for the 5384 operator to act on such alarms if a clear pattern of abuse emerges. 5386 The design of SCTP is resistant to flooding attacks, particularly in 5387 its use of a four-way start-up handshake, its use of a cookie to 5388 defer commitment of resources at the responding SCTP node until the 5389 handshake is completed, and its use of a Verification Tag to prevent 5390 insertion of extraneous packets into the flow of an established 5391 association. 5393 The IP Authentication Header and Encapsulating Security Payload might 5394 be useful in reducing the risk of certain kinds of denial of service 5395 attacks." 5397 The use of the Host Name feature in the INIT chunk could be used to 5398 flood a target DNS server. A large backlog of DNS queries, resolving 5399 the Host Name received in the INIT chunk to IP addresses, could be 5400 accomplished by sending INIT's to multiple hosts in a given domain. 5401 In addition, an attacker could use the Host Name feature in an 5402 indirect attack on a third party by sending large numbers of INITs to 5403 random hosts containing the host name of the target. In addition to 5404 the strain on DNS resources, this could also result in large numbers 5405 of INIT ACKs being sent to the target. One method to protect against 5406 this type of attack is to verify that the IP addresses received from 5407 DNS include the source IP address of the original INIT. If the list 5408 of IP addresses received from DNS does not include the source IP 5409 address of the INIT, the endpoint MAY silently discard the INIT. 5410 This last option will not protect against the attack against the DNS. 5412 11.2.4.2 Blind Masquerade 5414 Masquerade can be used to deny service in several ways: 5416 - by tying up resources at the target SCTP node to which the 5417 impersonated node has limited access. For example, the target 5418 node may by policy permit a maximum of one SCTP association with 5419 the impersonated SCTP node. The masquerading attacker may attempt 5420 to establish an association purporting to come from the 5421 impersonated node so that the latter cannot do so when it requires 5422 it. 5424 - by deliberately allowing the impersonation to be detected, thereby 5425 provoking counter-measures which cause the impersonated node to be 5426 locked out of the target SCTP node. 5428 - by interfering with an established association by inserting 5429 extraneous content such as a SHUTDOWN request. 5431 SCTP reduces the risk of blind masquerade attacks through IP spoofing 5432 by use of the four-way startup handshake. Man-in-the-middle 5433 masquerade attacks are discussed in Section 11.3 below. Because the 5434 initial exchange is memoryless, no lockout mechanism is triggered by 5435 blind masquerade attacks. In addition, the INIT ACK containing the 5436 State Cookie is transmitted back to the IP address from which it 5437 received the INIT. Thus the attacker would not receive the INIT ACK 5438 containing the State Cookie. SCTP protects against insertion of 5439 extraneous packets into the flow of an established association by use 5440 of the Verification Tag. 5442 Logging of received INIT requests and abnormalities such as 5443 unexpected INIT ACKs might be considered as a way to detect patterns 5444 of hostile activity. However, the potential usefulness of such 5445 logging must be weighed against the increased SCTP startup processing 5446 it implies, rendering the SCTP node more vulnerable to flooding 5447 attacks. Logging is pointless without the establishment of operating 5448 procedures to review and analyze the logs on a routine basis. 5450 11.2.4.3 Improper Monopolization of Services 5452 Attacks under this heading are performed openly and legitimately by 5453 the attacker. They are directed against fellow users of the target 5454 SCTP node or of the shared resources between the attacker and the 5455 target node. Possible attacks include the opening of a large number 5456 of associations between the attacker's node and the target, or 5457 transfer of large volumes of information within a legitimately- 5458 established association. 5460 Policy limits should be placed on the number of associations per 5461 adjoining SCTP node. SCTP user applications should be capable of 5462 detecting large volumes of illegitimate or "no-op" messages within a 5463 given association and either logging or terminating the association 5464 as a result, based on local policy. 5466 11.3 Protection against Fraud and Repudiation 5468 The objective of fraud is to obtain services without authorization 5469 and specifically without paying for them. In order to achieve this 5470 objective, the attacker must induce the SCTP user application at the 5471 target SCTP node to provide the desired service while accepting 5472 invalid billing data or failing to collect it. Repudiation is a 5473 related problem, since it may occur as a deliberate act of fraud or 5474 simply because the repudiating party kept inadequate records of 5475 service received. 5477 Potential fraudulent attacks include interception and misuse of 5478 authorizing information such as credit card numbers, blind masquerade 5479 and replay, and man-in-the middle attacks which modify the packets 5480 passing through a target SCTP association in real time. 5482 The interception attack is countered by the confidentiality measures 5483 discussed in Section 11.2.3 above. 5485 Section 11.2.4.2 describes how SCTP is resistant to blind masquerade 5486 attacks, as a result of the four-way startup handshake and the 5487 Verification Tag. The Verification Tag and TSN together are 5488 protections against blind replay attacks, where the replay is into an 5489 existing association. 5491 However, SCTP does not protect against man-in-the-middle attacks 5492 where the attacker is able to intercept and alter the packets sent 5493 and received in an association. For example, the INIT ACK will have 5494 sufficient information sent on the wire for an adversary in the 5495 middle to hijack an existing SCTP association. Where a significant 5496 possibility of such attacks is seen to exist, or where possible 5497 repudiation is an issue, the use of the IPSEC AH service is 5498 recommended to ensure both the integrity and the authenticity of the 5499 SCTP packets passed. 5501 SCTP also provides no protection against attacks originating at or 5502 beyond the SCTP node and taking place within the context of an 5503 existing association. Prevention of such attacks should be covered 5504 by appropriate security policies at the host site, as discussed in 5505 Section 11.2.1. 5507 12. Recommended Transmission Control Block (TCB) Parameters 5509 This section details a recommended set of parameters that should be 5510 contained within the TCB for an implementation. This section is for 5511 illustrative purposes and should not be deemed as requirements on an 5512 implementation or as an exhaustive list of all parameters inside an 5513 SCTP TCB. Each implementation may need its own additional parameters 5514 for optimization. 5516 12.1 Parameters necessary for the SCTP instance 5518 Associations: A list of current associations and mappings to the data 5519 consumers for each association. This may be in the 5520 form of a hash table or other implementation dependent 5521 structure. The data consumers may be process 5522 identification information such as file descriptors, 5523 named pipe pointer, or table pointers dependent on how 5524 SCTP is implemented. 5526 Secret Key: A secret key used by this endpoint to compute the MAC. 5527 This SHOULD be a cryptographic quality random number 5528 with a sufficient length. Discussion in [RFC1750] can 5529 be helpful in selection of the key. 5531 Address List: The list of IP addresses that this instance has bound. 5532 This information is passed to one's peer(s) in INIT and 5533 INIT ACK chunks. 5535 SCTP Port: The local SCTP port number the endpoint is bound to. 5537 12.2 Parameters necessary per association (i.e. the TCB) 5539 Peer : Tag value to be sent in every packet and is received 5540 Verification: in the INIT or INIT ACK chunk. 5541 Tag : 5543 My : Tag expected in every inbound packet and sent in the 5544 Verification: INIT or INIT ACK chunk. 5545 Tag : 5547 State : A state variable indicating what state the association 5548 : is in, i.e. COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED, 5549 : SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, 5550 : SHUTDOWN-ACK-SENT. 5552 Note: No "CLOSED" state is illustrated since if a 5553 association is "CLOSED" its TCB SHOULD be removed. 5555 Peer : A list of SCTP transport addresses that the peer is 5556 Transport : bound to. This information is derived from the INIT or 5557 Address : INIT ACK and is used to associate an inbound packet 5558 List : with a given association. Normally this information is 5559 : hashed or keyed for quick lookup and access of the TCB. 5561 Primary : This is the current primary destination transport 5562 Path : address of the peer endpoint. It may also specify a 5563 : source transport address on this endpoint. 5565 Overall : The overall association error count. 5566 Error Count : 5568 Overall : The threshold for this association that if the Overall 5569 Error : Error Count reaches will cause this association to be 5570 Threshold : torn down. 5572 Peer Rwnd : Current calculated value of the peer's rwnd. 5574 Next TSN : The next TSN number to be assigned to a new DATA chunk. 5575 : This is sent in the INIT or INIT ACK chunk to the peer 5576 : and incremented each time a DATA chunk is assigned a 5577 : TSN (normally just prior to transmit or during 5578 : fragmentation). 5580 Last Rcvd : This is the last TSN received in sequence. This value 5581 TSN : is set initially by taking the peer's Initial TSN, 5582 : received in the INIT or INIT ACK chunk, and 5583 : subtracting one from it. 5585 Mapping : An array of bits or bytes indicating which out of 5586 Array : order TSN's have been received (relative to the 5587 : Last Rcvd TSN). If no gaps exist, i.e. no out of order 5588 : packets have been received, this array will be set to 5589 : all zero. This structure may be in the form of a 5590 : circular buffer or bit array. 5592 Ack State : This flag indicates if the next received packet 5593 : is to be responded to with a SACK. This is initialized 5594 : to 0. When a packet is received it is incremented. 5595 : If this value reaches 2 or more, a SACK is sent and the 5596 : value is reset to 0. Note: This is used only when no 5597 : DATA chunks are received out of order. When DATA chunks 5598 : are out of order, SACK's are not delayed (see Section 5599 : 6). 5601 Inbound : An array of structures to track the inbound streams. 5602 Streams : Normally including the next sequence number expected 5603 : and possibly the stream number. 5605 Outbound : An array of structures to track the outbound streams. 5606 Streams : Normally including the next sequence number to 5607 : be sent on the stream. 5609 Reasm Queue : A re-assembly queue. 5611 Local : The list of local IP addresses bound in to this 5612 Transport : association. 5613 Address : 5614 List : 5616 Association : The smallest PMTU discovered for all of the 5617 PMTU : peer's transport addresses. 5619 12.3 Per Transport Address Data 5621 For each destination transport address in the peer's address list 5622 derived from the INIT or INIT ACK chunk, a number of data elements 5623 needs to be maintained including: 5625 Error count : The current error count for this destination. 5627 Error : Current error threshold for this destination i.e. 5628 Threshold : what value marks the destination down if Error count 5629 : reaches this value. 5631 cwnd : The current congestion window. 5633 ssthresh : The current ssthresh value. 5635 RTO : The current retransmission timeout value. 5637 SRTT : The current smoothed round trip time. 5639 RTTVAR : The current RTT variation. 5641 partial : The tracking method for increase of cwnd when in 5642 bytes acked : congestion avoidance mode (see Section 6.2.2) 5644 state : The current state of this destination, i.e. DOWN, UP, 5645 : ALLOW-HB, NO-HEARTBEAT, etc. 5647 PMTU : The current known path MTU. 5649 Per : A timer used by each destination. 5650 Destination : 5651 Timer : 5653 RTO-Pending : A flag used to track if one of the DATA chunks sent to 5654 this address is currently being used to compute a 5655 RTT. If this flag is 0, the next DATA chunk sent to this 5656 destination should be used to compute a RTT and this 5657 flag should be set. Every time the RTT calculation 5658 completes (i.e. the DATA chunk is SACK'd) clear this 5659 flag. 5661 last-time : The time this destination was last sent to. This can be 5662 used : used to determine if a HEARTBEAT is needed. 5664 12.4 General Parameters Needed 5666 Out Queue : A queue of outbound DATA chunks. 5668 In Queue : A queue of inbound DATA chunks. 5670 13. IANA Considerations 5672 This protocol will require port reservation like TCP for the use of 5673 "well known" servers within the Internet. All current TCP ports 5674 shall be automatically reserved in the SCTP port address space. New 5675 requests should follow IANA's current mechanisms for TCP. 5677 This protocol may also be extended through IANA in three ways: 5679 -- through definition of additional chunk types, 5680 -- through definition of additional parameter types, or 5681 -- through definition of additional cause codes within 5682 ERROR chunks 5684 In the case where a particular ULP using SCTP desires to have its own 5685 ports, the ULP should be responsible for registering with IANA for 5686 getting its ports assigned. 5688 13.1 IETF-defined Chunk Extension 5690 The definition and use of new chunk types is an integral part of 5691 SCTP. Thus, new chunk types are assigned by IANA through an IETF 5692 Consensus action as defined in [RFC2434]. 5694 The documentation for a new chunk code type must include the 5695 following information: 5697 a) A long and short name for the new chunk type; 5699 b) A detailed description of the structure of the chunk, which MUST 5700 conform to the basic structure defined in Section 3.2; 5702 c) A detailed definition and description of intended use of each 5703 field within the chunk, including the chunk flags if any; 5705 d) A detailed procedural description of the use of the new chunk type 5706 within the operation of the protocol. 5708 The last chunk type (255) is reserved for future extension if 5709 necessary. 5711 13.2 IETF-defined Chunk Parameter Extension 5713 The assignment of new chunk parameter type codes is done through an 5714 IETF Consensus action as defined in [RFC2434]. Documentation of the 5715 chunk parameter MUST contain the following information: 5717 a) Name of the parameter type. 5719 b) Detailed description of the structure of the parameter field. 5720 This structure MUST conform to the general type-length-value 5721 format described in Section 3.2.1. 5723 c) Detailed definition of each component of the parameter value. 5725 d) Detailed description of the intended use of this parameter type, 5726 and an indication of whether and under what circumstances multiple 5727 instances of this parameter type may be found within the same 5728 chunk. 5730 e) Each parameter type MUST be unique across all chunks. 5732 13.3 IETF-defined Additional Error Causes 5734 Additional cause codes may be allocated in the range 11 to 65535 5735 through a Specification Required action as defined in [RFC2434]. 5736 Provided documentation must include the following information: 5738 a) Name of the error condition. 5740 b) Detailed description of the conditions under which an SCTP 5741 endpoint should issue an ERROR (or ABORT) with this cause code. 5743 c) Expected action by the SCTP endpoint which receives an ERROR (or 5744 ABORT) chunk containing this cause code. 5746 d) Detailed description of the structure and content of data fields 5747 which accompany this cause code. 5749 The initial word (32 bits) of a cause code parameter MUST conform to 5750 the format shown in Section 3.3.10, i.e.: 5752 -- first two bytes contain the cause code value 5753 -- last two bytes contain length of the Cause Parameter. 5755 13.4 Payload Protocol Identifiers 5757 Except for value 0 which is reserved by SCTP to indicate an 5758 unspecified payload protocol identifier in a DATA chunk, SCTP will 5759 not be responsible for standardizing or verifying any payload 5760 protocol identifiers; SCTP simply receives the identifier from the 5761 upper layer and carries it with the corresponding payload data. 5763 The upper layer, i.e., the SCTP user, SHOULD standardize any specific 5764 protocol identifier with IANA if it is so desired. The use of any 5765 specific payload protocol identifier is out of the scope of SCTP. 5767 14. Suggested SCTP Protocol Parameter Values 5769 The following protocol parameters are RECOMMENDED: 5771 RTO.Initial - 3 seconds 5772 RTO.Min - 1 second 5773 RTO.Max - 60 seconds 5774 Max.Burst - 4 packets 5775 RTO.Alpha - 1/8 5776 RTO.Beta - 1/4 5777 Valid.Cookie.Life - 60 seconds 5778 Association.Max.Retrans - 10 attempts 5779 Path.Max.Retrans - 5 attempts (per destination address) 5780 Max.Init.Retransmits - 8 attempts 5781 HB.interval - 30 seconds 5783 IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to 5784 customize some of these protocol parameters (see Section 10). 5786 Note: RTO.Min SHOULD be set as recommended above. 5788 15. Acknowledgements 5790 The authors wish to thank Mark Allman, R.J. Atkinson, Richard Band, 5791 Scott Bradner, Steve Bellovin, Peter Butler, Ram Dantu, R. 5792 Ezhirpavai, Mike Fisk, Sally Floyd, Atsushi Fukumoto, Matt Holdrege, 5793 Henry Houh, Christian Huitema, Gary Lehecka, Jonathan Lee, David 5794 Lehmann, John Loughney, Daniel Luan, Barry Nagelberg, Thomas Narten, 5795 Erik Nordmark, Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz 5796 Prantner, Jarno Rajahalme, Raymond E. Reeves, Renee Revis, Ivan Arias 5797 Rodriguez, A. Sankar, Greg Sidebottom, Brian Wyld, La Monte Yarroll, 5798 and many others for their invaluable comments. 5800 16. Authors' Addresses 5802 Randall R. Stewart 5803 24 Burning Bush Trail. 5804 Crystal Lake, IL 60012 5805 USA 5807 Phone: +1-815-477-2127 5808 EMail: rrs@cisco.com 5810 Qiaobing Xie 5811 Motorola, Inc. 5812 1501 W. Shure Drive, #2309 5813 Arlington Heights, IL 60004 5814 USA 5816 Phone: +1-847-632-3028 5817 EMail: qxie1@email.mot.com 5819 Ken Morneault 5820 Cisco Systems Inc. 5821 13615 Dulles Technology Drive 5822 Herndon, VA. 20171 5823 USA 5825 Phone: +1-703-484-3323 5826 EMail: kmorneau@cisco.com 5828 Chip Sharp 5829 Cisco Systems Inc. 5830 7025 Kit Creek Road 5831 Research Triangle Park, NC 27709 5832 USA 5834 Phone: +1-919-392-3121 5835 EMail: chsharp@cisco.com 5837 Hanns Juergen Schwarzbauer 5838 SIEMENS AG 5839 Hofmannstr. 51 5840 81359 Munich 5841 Germany 5843 Phone: +49-89-722-24236 5844 EMail: HannsJuergen.Schwarzbauer@icn.siemens.de 5845 Tom Taylor 5846 Nortel Networks 5847 1852 Lorraine Ave. 5848 Ottawa, Ontario 5849 Canada K1H 6Z8 5851 Phone: +1-613-736-0961 5852 EMail: taylor@nortelnetworks.com 5854 Ian Rytina 5855 Ericsson Australia 5856 37/360 Elizabeth Street 5857 Melbourne, Victoria 3000 5858 Australia 5860 Phone: +61-3-9301-6164 5861 EMail: ian.rytina@ericsson.com 5863 Malleswar Kalla 5864 Telcordia Technologies 5865 3 Corporate Place 5866 PYA-2J-341 5867 Piscataway, NJ 08854 5868 USA 5870 Phone: +1-732-699-3728 5871 EMail: mkalla@telcordia.com 5873 Lixia Zhang 5874 UCLA Computer Science Department 5875 4531G Boelter Hall 5876 Los Angeles, CA 90095-1596 5877 USA 5879 Phone: +1-310-825-2695 5880 EMail: lixia@cs.ucla.edu 5882 Vern Paxson 5883 ACIRI 5884 1947 Center St., Suite 600, 5885 Berkeley, CA 94704-1198 5886 USA 5888 Phone: +1-510-666-2882 5889 EMail: vern@aciri.org 5891 17. References 5893 [RFC768] Postel, J. (ed.), "User Datagram Protocol", STD 6, RFC 5894 768, August 1980. 5896 [RFC793] Postel, J. (ed.), "Transmission Control Protocol", STD 7, 5897 RFC 793, September 1981. 5899 [RFC1123] Braden, R., "Requirements for Internet hosts - application 5900 and support", STD 3, RFC 1123, October 1989. 5902 [RFC1191] Mogul, J. and S. Deering, "Path MTU Discovery", RFC 1191, 5903 November 1990. 5905 [RFC1700] Reynolds, J. and J. Postel, "Assigned Numbers", STD 2, RFC 5906 1700, October 1994. 5908 [RFC1981] McCann, J., Deering, S. and J. Mogul, "Path MTU Discovery 5909 for IP version 6", RFC 1981, August 1996. 5911 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 5912 August 1996. 5914 [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 5915 3", BCP 9, RFC 2026, October 1996. 5917 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 5918 Requirement Levels", BCP 14, RFC 2119, March 1997. 5920 [RFC2401] Kent, S. and R. Atkinson, "Security Architecture for the 5921 Internet Protocol", RFC 2401, November 1998. 5923 [RFC2402] Kent, S. and R. Atkinson, "IP Authentication Header", RFC 5924 2402, November 1998. 5926 [RFC2406] Kent, S. and R. Atkinson, "IP Encapsulating Security 5927 Payload (ESP)", RFC 2406, November 1998. 5929 [RFC2408] Maughan, D., Schertler, M., Schneider, M. and J. Turner, 5930 "Internet Security Association and Key Management 5931 Protocol", RFC 2408, November 1998. 5933 [RFC2409] Harkins, D. and D. Carrel, "The Internet Key Exchange 5934 (IKE)", RFC 2409, November 1998. 5936 [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an 5937 IANA Considerations Section in RFCs", BCP 26, RFC 2434, 5938 October 1998. 5940 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 5941 (IPv6) Specification", RFC 2460, December 1998. 5943 [RFC2581] Allman, M., Paxson, V. and W. Stevens, "TCP Congestion 5944 Control", RFC 2581, April 1999. 5946 18. Bibliography 5948 [ALLMAN99] Allman, M. and Paxson, V., "On Estimating End-to-End 5949 Network Path Properties", Proc. SIGCOMM'99, 1999. 5951 [FALL96] Fall, K. and Floyd, S., Simulation-based Comparisons of 5952 Tahoe, Reno, and SACK TCP, Computer Communications Review, 5953 V. 26 N. 3, July 1996, pp. 5-21. 5955 [RFC1750] Eastlake, D. (ed.), "Randomness Recommendations for 5956 Security", RFC 1750, December 1994. 5958 [RFC1950] Deutsch P. and J. Gailly, "ZLIB Compressed Data Format 5959 Specification version 3.3", RFC 1950, May 1996. 5961 [RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed- 5962 Hashing for Message Authentication", RFC 2104, March 1997. 5964 [RFC2196] Fraser, B., "Site Security Handbook", FYI 8, RFC 2196, 5965 September 1997. 5967 [RFC2522] Karn, P. and W. Simpson, "Photuris: Session-Key Management 5968 Protocol", RFC 2522, March 1999. 5970 [SAVAGE99] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T., 5971 "TCP Congestion Control with a Misbehaving Receiver", ACM 5972 Computer Communication Review, 29(5), October 1999. 5974 Appendix A: Explicit Congestion Notification 5976 ECN (Ramakrishnan, K., Floyd, S., "Explicit Congestion Notification", 5977 RFC 2481, January 1999) describes a proposed extension to IP that 5978 details a method to become aware of congestion outside of datagram 5979 loss. This is an optional feature that an implementation MAY choose 5980 to add to SCTP. This appendix details the minor differences 5981 implementers will need to be aware of if they choose to implement 5982 this feature. In general RFC 2481 should be followed with the 5983 following exceptions. 5985 Negotiation: 5987 RFC2481 details negotiation of ECN during the SYN and SYN-ACK stages 5988 of a TCP connection. The sender of the SYN sets two bits in the TCP 5989 flags, and the sender of the SYN-ACK sets only 1 bit. The reasoning 5990 behind this is to assure both sides are truly ECN capable. For SCTP 5991 this is not necessary. To indicate that an endpoint is ECN capable 5992 an endpoint SHOULD add to the INIT and or INIT ACK chunk the TLV 5993 reserved for ECN. This TLV contains no parameters, and thus has the 5994 following format: 5996 0 1 2 3 5997 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 5998 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 5999 | Parameter Type = 32768 | Parameter Length = 4 | 6000 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6002 ECN-Echo: 6004 RFC 2481 details a specific bit for a receiver to send back in its 6005 TCP acknowledgements to notify the sender of the Congestion 6006 Experienced (CE) bit having arrived from the network. For SCTP this 6007 same indication is made by including the ECNE chunk. This chunk 6008 contains one data element, i.e. the lowest TSN associated with the IP 6009 datagram marked with the CE bit, and looks as follows: 6011 0 1 2 3 6012 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 6013 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6014 | Chunk Type=12 | Flags=00000000| Chunk Length = 8 | 6015 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6016 | Lowest TSN Number | 6017 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6019 Note: The ECNE is considered a Control chunk. 6021 CWR: 6023 RFC 2481 details a specific bit for a sender to send in the header of 6024 its next outbound TCP segment to indicate to its peer that it has 6025 reduced its congestion window. This is termed the CWR bit. For 6026 SCTP the same indication is made by including the CWR chunk. 6027 This chunk contains one data element, i.e. the TSN number that 6028 was sent in the ECNE chunk. This element represents the lowest 6029 TSN number in the datagram that was originally marked with the 6030 CE bit. 6032 0 1 2 3 6033 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 6034 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6035 | Chunk Type=13 | Flags=00000000| Chunk Length = 8 | 6036 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6037 | Lowest TSN Number | 6038 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6040 Note: The CWR is considered a Control chunk. 6042 Appendix B Fletcher-16 checksum 6044 The 16-bit Fletcher Checksum Algorithm is calculated over a sequence 6045 of 16 bit data quantities (call them D[1] through D[N]) by maintaining 6046 2 unsigned 1's-complement 16-bit accumulators A and B whose contents are 6047 initially zero, and performing the following loop where i ranges from 6048 1 to N: 6050 A := A + D[i] 6051 B := B + A 6053 It can be shown that at the end of the loop A will contain the 16-bit 6054 1's complement sum of all octets in the datagram, and that B will 6055 contain (N)D[1] + (N-1)D[2] + ... + D[N]. 6057 The octets covered by this algorithm should be the entire SCTP 6058 packet including the Common header and all chunks. Note that, 6059 for purposes of the checksum computation, the checksum field 6060 itself must be equal to zero. 6062 The result of the checksum should be placed in the 32-bit checksum 6063 field with B being placed in the most signifigant bit postion and 6064 A being placed in the least signifigant position. 6066 The following C code computes the Fletcher-16 checksum of a data buffer. 6067 It is written for clarity, not for speed. The sample code is in the 6068 ANSI C programming language. Non C users may find it easier to read 6069 with these hints: 6071 & Bitwise AND operator. 6072 >> Bitwise right shift operator. When applied to an 6073 unsigned quantity, as here, right shift inserts zero bit(s) 6074 at the left. 6075 << Bitwise left shift operator. Left shift inserts zero 6076 bit(s) at the right. 6077 ++ "n++" increments the variable n. 6078 % modulo operator: a % b is the remainder of a divided by b. 6080 /* 6081 Update a running Fletcher-16 checksum with the bytes buf[0..len-1] 6082 and return the updated checksum. The checksum should be 6083 initialized to 0. 6085 Usage example (assuming buf is a sctp packet): 6086 unsigned int sum,insum,*inp; 6088 inp = &buf[8]; 6089 insum = *inp; 6090 *inp = 0; 6091 sum = fletcher(buf, length); 6092 if(sum != insum){ 6093 /* drop packet, csum error */ 6094 } 6095 */ 6096 unsigned int fletcher(unsigned char *buf, int len) 6097 { 6098 unsigned long s1 = 0; 6099 unsigned long s2 = 0; 6100 unsigned short *bufp; 6101 int n,nlen; 6102 nlen = len / 2; 6104 bufp = (unsigned short *)buf; 6105 for (n = 0; n < nlen; n++,bufp++) { 6106 s1 = ((s1 + *bufp) & 0x0000ffff); 6107 s2 = ((s2 + s1) & 0x0000ffff); 6108 } 6109 if(len > (nlen *2)){ 6110 /* do the odd byte, we don't 6111 * expect this code to execute, 6112 * since SCTP does NOT have Odd byte 6113 * messages. 6114 */ 6115 unsigned short x; 6116 x = buf[(len-1)] << 8 | 0; 6117 s1 = ((s1 + x) & 0x0000ffff); 6118 s2 = ((s2 + s1) & 0x0000ffff); 6119 } 6120 return ((unsigned int)(s2 << 16) + s1); 6121 } 6123 Full Copyright Statement 6125 Copyright (C) The Internet Society (2001). All Rights Reserved. 6127 This document and translations of it may be copied and furnished to 6128 others, and derivative works that comment on or otherwise explain it 6129 or assist in its implementation may be prepared, copied, published 6130 and distributed, in whole or in part, without restriction of any 6131 kind, provided that the above copyright notice and this paragraph are 6132 included on all such copies and derivative works. However, this 6133 document itself may not be modified in any way, such as by removing 6134 the copyright notice or references to the Internet Society or other 6135 Internet organizations, except as needed for the purpose of 6136 developing Internet standards in which case the procedures for 6137 copyrights defined in the Internet Standards process must be 6138 followed, or as required to translate it into languages other than 6139 English. 6141 The limited permissions granted above are perpetual and will not be 6142 revoked by the Internet Society or its successors or assigns. 6144 This document and the information contained herein is provided on an 6145 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 6146 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 6147 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 6148 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 6149 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 6151 Acknowledgement 6153 Funding for the RFC Editor function is currently provided by the 6154 Internet Society.