idnits 2.17.1 draft-ietf-tsvwg-rfc4960-bis-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 13, 2020) is 1382 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'ASSOCIATE' is mentioned on line 2383, but not defined == Missing Reference: 'SHUTDOWN' is mentioned on line 2415, but not defined == Missing Reference: 'ABORT' is mentioned on line 2377, but not defined -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.V42.1994' ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) -- Obsolete informational reference (is this intentional?): RFC 4960 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 7053 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 8540 (Obsoleted by RFC 9260) Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. Stewart 3 Internet-Draft Netflix, Inc. 4 Obsoletes: 4960 (if approved) M. Tuexen 5 Intended status: Standards Track Muenster Univ. of Appl. Sciences 6 Expires: January 14, 2021 K. Nielsen 7 Kamstrup A/S 8 July 13, 2020 10 Stream Control Transmission Protocol 11 draft-ietf-tsvwg-rfc4960-bis-07 13 Abstract 15 This document obsoletes RFC 4960, if approved. It describes the 16 Stream Control Transmission Protocol (SCTP). SCTP is designed to 17 transport Public Switched Telephone Network (PSTN) signaling messages 18 over IP networks, but is capable of broader applications. 20 SCTP is a reliable transport protocol operating on top of a 21 connectionless packet network such as IP. It offers the following 22 services to its users: 24 o acknowledged error-free non-duplicated transfer of user data, 26 o data fragmentation to conform to discovered path MTU size, 28 o sequenced delivery of user messages within multiple streams, with 29 an option for order-of-arrival delivery of individual user 30 messages, 32 o optional bundling of multiple user messages into a single SCTP 33 packet, and 35 o network-level fault tolerance through supporting of multi-homing 36 at either or both ends of an association. 38 The design of SCTP includes appropriate congestion avoidance behavior 39 and resistance to flooding and masquerade attacks. 41 Status of This Memo 43 This Internet-Draft is submitted in full conformance with the 44 provisions of BCP 78 and BCP 79. 46 Internet-Drafts are working documents of the Internet Engineering 47 Task Force (IETF). Note that other groups may also distribute 48 working documents as Internet-Drafts. The list of current Internet- 49 Drafts is at https://datatracker.ietf.org/drafts/current/. 51 Internet-Drafts are draft documents valid for a maximum of six months 52 and may be updated, replaced, or obsoleted by other documents at any 53 time. It is inappropriate to use Internet-Drafts as reference 54 material or to cite them other than as "work in progress." 56 This Internet-Draft will expire on January 14, 2021. 58 Copyright Notice 60 Copyright (c) 2020 IETF Trust and the persons identified as the 61 document authors. All rights reserved. 63 This document is subject to BCP 78 and the IETF Trust's Legal 64 Provisions Relating to IETF Documents 65 (https://trustee.ietf.org/license-info) in effect on the date of 66 publication of this document. Please review these documents 67 carefully, as they describe your rights and restrictions with respect 68 to this document. Code Components extracted from this document must 69 include Simplified BSD License text as described in Section 4.e of 70 the Trust Legal Provisions and are provided without warranty as 71 described in the Simplified BSD License. 73 This document may contain material from IETF Documents or IETF 74 Contributions published or made publicly available before November 75 10, 2008. The person(s) controlling the copyright in some of this 76 material may not have granted the IETF Trust the right to allow 77 modifications of such material outside the IETF Standards Process. 78 Without obtaining an adequate license from the person(s) controlling 79 the copyright in such materials, this document may not be modified 80 outside the IETF Standards Process, and derivative works of it may 81 not be created outside the IETF Standards Process, except to format 82 it for publication as an RFC or to translate it into languages other 83 than English. 85 Table of Contents 87 1. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 5 88 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 6 89 2.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . 6 90 2.2. Architectural View of SCTP . . . . . . . . . . . . . . . 7 91 2.3. Key Terms . . . . . . . . . . . . . . . . . . . . . . . . 7 92 2.4. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 11 93 2.5. Functional View of SCTP . . . . . . . . . . . . . . . . . 11 94 2.5.1. Association Startup and Takedown . . . . . . . . . . 12 95 2.5.2. Sequenced Delivery within Streams . . . . . . . . . . 13 96 2.5.3. User Data Fragmentation . . . . . . . . . . . . . . . 13 97 2.5.4. Acknowledgement and Congestion Avoidance . . . . . . 13 98 2.5.5. Chunk Bundling . . . . . . . . . . . . . . . . . . . 14 99 2.5.6. Packet Validation . . . . . . . . . . . . . . . . . . 14 100 2.5.7. Path Management . . . . . . . . . . . . . . . . . . . 14 101 2.6. Serial Number Arithmetic . . . . . . . . . . . . . . . . 15 102 2.7. Changes from RFC 4960 . . . . . . . . . . . . . . . . . . 16 103 3. SCTP Packet Format . . . . . . . . . . . . . . . . . . . . . 16 104 3.1. SCTP Common Header Field Descriptions . . . . . . . . . . 16 105 3.2. Chunk Field Descriptions . . . . . . . . . . . . . . . . 18 106 3.2.1. Optional/Variable-Length Parameter Format . . . . . . 20 107 3.2.2. Reporting of Unrecognized Parameters . . . . . . . . 22 108 3.3. SCTP Chunk Definitions . . . . . . . . . . . . . . . . . 22 109 3.3.1. Payload Data (DATA) (0) . . . . . . . . . . . . . . . 22 110 3.3.2. Initiation (INIT) (1) . . . . . . . . . . . . . . . . 25 111 3.3.2.1. Optional/Variable-Length Parameters in INIT . . . 28 112 3.3.3. Initiation Acknowledgement (INIT ACK) (2) . . . . . . 31 113 3.3.3.1. Optional or Variable-Length Parameters . . . . . 34 114 3.3.4. Selective Acknowledgement (SACK) (3) . . . . . . . . 35 115 3.3.5. Heartbeat Request (HEARTBEAT) (4) . . . . . . . . . . 39 116 3.3.6. Heartbeat Acknowledgement (HEARTBEAT ACK) (5) . . . . 40 117 3.3.7. Abort Association (ABORT) (6) . . . . . . . . . . . . 41 118 3.3.8. Shutdown Association (SHUTDOWN) (7) . . . . . . . . . 42 119 3.3.9. Shutdown Acknowledgement (SHUTDOWN ACK) (8) . . . . . 42 120 3.3.10. Operation Error (ERROR) (9) . . . . . . . . . . . . . 43 121 3.3.10.1. Invalid Stream Identifier (1) . . . . . . . . . 44 122 3.3.10.2. Missing Mandatory Parameter (2) . . . . . . . . 45 123 3.3.10.3. Stale Cookie Error (3) . . . . . . . . . . . . . 45 124 3.3.10.4. Out of Resource (4) . . . . . . . . . . . . . . 46 125 3.3.10.5. Unresolvable Address (5) . . . . . . . . . . . . 46 126 3.3.10.6. Unrecognized Chunk Type (6) . . . . . . . . . . 47 127 3.3.10.7. Invalid Mandatory Parameter (7) . . . . . . . . 47 128 3.3.10.8. Unrecognized Parameters (8) . . . . . . . . . . 47 129 3.3.10.9. No User Data (9) . . . . . . . . . . . . . . . . 48 130 3.3.10.10. Cookie Received While Shutting Down (10) . . . . 48 131 3.3.10.11. Restart of an Association with New Addresses 132 (11) . . . . . . . . . . . . . . . . . . . . . . 49 133 3.3.10.12. User-Initiated Abort (12) . . . . . . . . . . . 49 134 3.3.10.13. Protocol Violation (13) . . . . . . . . . . . . 50 135 3.3.11. Cookie Echo (COOKIE ECHO) (10) . . . . . . . . . . . 50 136 3.3.12. Cookie Acknowledgement (COOKIE ACK) (11) . . . . . . 51 137 3.3.13. Shutdown Complete (SHUTDOWN COMPLETE) (14) . . . . . 51 138 4. SCTP Association State Diagram . . . . . . . . . . . . . . . 52 139 5. Association Initialization . . . . . . . . . . . . . . . . . 55 140 5.1. Normal Establishment of an Association . . . . . . . . . 55 141 5.1.1. Handle Stream Parameters . . . . . . . . . . . . . . 57 142 5.1.2. Handle Address Parameters . . . . . . . . . . . . . . 58 143 5.1.3. Generating State Cookie . . . . . . . . . . . . . . . 59 144 5.1.4. State Cookie Processing . . . . . . . . . . . . . . . 60 145 5.1.5. State Cookie Authentication . . . . . . . . . . . . . 60 146 5.1.6. An Example of Normal Association Establishment . . . 61 147 5.2. Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE 148 ECHO, and COOKIE ACK . . . . . . . . . . . . . . . . . . 63 149 5.2.1. INIT Received in COOKIE-WAIT or COOKIE-ECHOED State 150 (Item B) . . . . . . . . . . . . . . . . . . . . . . 63 151 5.2.2. Unexpected INIT in States Other than CLOSED, COOKIE- 152 ECHOED, COOKIE-WAIT, and SHUTDOWN-ACK-SENT . . . . . 64 153 5.2.3. Unexpected INIT ACK . . . . . . . . . . . . . . . . . 65 154 5.2.4. Handle a COOKIE ECHO when a TCB Exists . . . . . . . 65 155 5.2.4.1. An Example of a Association Restart . . . . . . . 67 156 5.2.5. Handle Duplicate COOKIE ACK . . . . . . . . . . . . . 69 157 5.2.6. Handle Stale COOKIE Error . . . . . . . . . . . . . . 69 158 5.3. Other Initialization Issues . . . . . . . . . . . . . . . 69 159 5.3.1. Selection of Tag Value . . . . . . . . . . . . . . . 69 160 5.4. Path Verification . . . . . . . . . . . . . . . . . . . . 70 161 6. User Data Transfer . . . . . . . . . . . . . . . . . . . . . 71 162 6.1. Transmission of DATA Chunks . . . . . . . . . . . . . . . 73 163 6.2. Acknowledgement on Reception of DATA Chunks . . . . . . . 76 164 6.2.1. Processing a Received SACK . . . . . . . . . . . . . 79 165 6.3. Management of Retransmission Timer . . . . . . . . . . . 81 166 6.3.1. RTO Calculation . . . . . . . . . . . . . . . . . . . 81 167 6.3.2. Retransmission Timer Rules . . . . . . . . . . . . . 82 168 6.3.3. Handle T3-rtx Expiration . . . . . . . . . . . . . . 83 169 6.4. Multi-Homed SCTP Endpoints . . . . . . . . . . . . . . . 84 170 6.4.1. Failover from an Inactive Destination Address . . . . 86 171 6.5. Stream Identifier and Stream Sequence Number . . . . . . 86 172 6.6. Ordered and Unordered Delivery . . . . . . . . . . . . . 86 173 6.7. Report Gaps in Received DATA TSNs . . . . . . . . . . . . 87 174 6.8. CRC32c Checksum Calculation . . . . . . . . . . . . . . . 88 175 6.9. Fragmentation and Reassembly . . . . . . . . . . . . . . 89 176 6.10. Bundling . . . . . . . . . . . . . . . . . . . . . . . . 90 177 7. Congestion Control . . . . . . . . . . . . . . . . . . . . . 91 178 7.1. SCTP Differences from TCP Congestion Control . . . . . . 92 179 7.2. SCTP Slow-Start and Congestion Avoidance . . . . . . . . 93 180 7.2.1. Slow-Start . . . . . . . . . . . . . . . . . . . . . 94 181 7.2.2. Congestion Avoidance . . . . . . . . . . . . . . . . 95 182 7.2.3. Congestion Control . . . . . . . . . . . . . . . . . 96 183 7.2.4. Fast Retransmit on Gap Reports . . . . . . . . . . . 96 184 7.2.5. Making Changes to Differentiated Services Code Points 97 185 7.3. Path MTU Discovery . . . . . . . . . . . . . . . . . . . 98 186 8. Fault Management . . . . . . . . . . . . . . . . . . . . . . 98 187 8.1. Endpoint Failure Detection . . . . . . . . . . . . . . . 98 188 8.2. Path Failure Detection . . . . . . . . . . . . . . . . . 99 189 8.3. Path Heartbeat . . . . . . . . . . . . . . . . . . . . . 100 190 8.4. Handle "Out of the Blue" Packets . . . . . . . . . . . . 102 191 8.5. Verification Tag . . . . . . . . . . . . . . . . . . . . 103 192 8.5.1. Exceptions in Verification Tag Rules . . . . . . . . 103 193 9. Termination of Association . . . . . . . . . . . . . . . . . 104 194 9.1. Abort of an Association . . . . . . . . . . . . . . . . . 105 195 9.2. Shutdown of an Association . . . . . . . . . . . . . . . 105 196 10. ICMP Handling . . . . . . . . . . . . . . . . . . . . . . . . 108 197 11. Interface with Upper Layer . . . . . . . . . . . . . . . . . 109 198 11.1. ULP-to-SCTP . . . . . . . . . . . . . . . . . . . . . . 110 199 11.2. SCTP-to-ULP . . . . . . . . . . . . . . . . . . . . . . 119 200 12. Security Considerations . . . . . . . . . . . . . . . . . . . 121 201 12.1. Security Objectives . . . . . . . . . . . . . . . . . . 121 202 12.2. SCTP Responses to Potential Threats . . . . . . . . . . 121 203 12.2.1. Countering Insider Attacks . . . . . . . . . . . . . 121 204 12.2.2. Protecting against Data Corruption in the Network . 122 205 12.2.3. Protecting Confidentiality . . . . . . . . . . . . . 122 206 12.2.4. Protecting against Blind Denial-of-Service Attacks . 123 207 12.2.4.1. Flooding . . . . . . . . . . . . . . . . . . . . 123 208 12.2.4.2. Blind Masquerade . . . . . . . . . . . . . . . . 124 209 12.2.4.3. Improper Monopolization of Services . . . . . . 125 210 12.3. SCTP Interactions with Firewalls . . . . . . . . . . . . 125 211 12.4. Protection of Non-SCTP-Capable Hosts . . . . . . . . . . 125 212 13. Network Management Considerations . . . . . . . . . . . . . . 126 213 14. Recommended Transmission Control Block (TCB) Parameters . . . 126 214 14.1. Parameters Necessary for the SCTP Instance . . . . . . . 126 215 14.2. Parameters Necessary per Association (i.e., the TCB) . . 127 216 14.3. Per Transport Address Data . . . . . . . . . . . . . . . 128 217 14.4. General Parameters Needed . . . . . . . . . . . . . . . 128 218 15. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 129 219 15.1. IETF-Defined Chunk Extension . . . . . . . . . . . . . . 129 220 15.2. IETF Chunk Flags Registration . . . . . . . . . . . . . 129 221 15.3. IETF-Defined Chunk Parameter Extension . . . . . . . . . 130 222 15.4. IETF-Defined Additional Error Causes . . . . . . . . . . 130 223 15.5. Payload Protocol Identifiers . . . . . . . . . . . . . . 131 224 15.6. Port Numbers Registry . . . . . . . . . . . . . . . . . 131 225 16. Suggested SCTP Protocol Parameter Values . . . . . . . . . . 133 226 17. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 133 227 18. References . . . . . . . . . . . . . . . . . . . . . . . . . 134 228 18.1. Normative References . . . . . . . . . . . . . . . . . . 134 229 18.2. Informative References . . . . . . . . . . . . . . . . . 136 230 Appendix A. Explicit Congestion Notification . . . . . . . . . . 138 231 Appendix B. CRC32c Checksum Calculation . . . . . . . . . . . . 139 232 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 147 234 1. Conventions 236 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 237 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 238 "OPTIONAL" in this document are to be interpreted as described in BCP 239 14 [RFC2119] [RFC8174] when, and only when, they appear in all 240 capitals, as shown here. 242 2. Introduction 244 This section explains the reasoning behind the development of the 245 Stream Control Transmission Protocol (SCTP), the services it offers, 246 and the basic concepts needed to understand the detailed description 247 of the protocol. 249 This document obsoletes [RFC4960], if approved. 251 2.1. Motivation 253 TCP [RFC0793] has performed immense service as the primary means of 254 reliable data transfer in IP networks. However, an increasing number 255 of recent applications have found TCP too limiting, and have 256 incorporated their own reliable data transfer protocol on top of UDP 257 [RFC0768]. The limitations that users have wished to bypass include 258 the following: 260 o TCP provides both reliable data transfer and strict order-of- 261 transmission delivery of data. Some applications need reliable 262 transfer without sequence maintenance, while others would be 263 satisfied with partial ordering of the data. In both of these 264 cases, the head-of-line blocking offered by TCP causes unnecessary 265 delay. 267 o The stream-oriented nature of TCP is often an inconvenience. 268 Applications add their own record marking to delineate their 269 messages, and make explicit use of the push facility to ensure 270 that a complete message is transferred in a reasonable time. 272 o The limited scope of TCP sockets complicates the task of providing 273 highly-available data transfer capability using multi-homed hosts. 275 o TCP is relatively vulnerable to denial-of-service attacks, such as 276 SYN attacks. 278 Transport of PSTN signaling across the IP network is an application 279 for which all of these limitations of TCP are relevant. While this 280 application directly motivated the development of SCTP, other 281 applications might find SCTP a good match to their requirements. 283 2.2. Architectural View of SCTP 285 SCTP is viewed as a layer between the SCTP user application ("SCTP 286 user" for short) and a connectionless packet network service such as 287 IP. The remainder of this document assumes SCTP runs on top of IP. 288 The basic service offered by SCTP is the reliable transfer of user 289 messages between peer SCTP users. It performs this service within 290 the context of an association between two SCTP endpoints. Section 11 291 of this document sketches the API that exists at the boundary between 292 the SCTP and the SCTP user layers. 294 SCTP is connection-oriented in nature, but the SCTP association is a 295 broader concept than the TCP connection. SCTP provides the means for 296 each SCTP endpoint (Section 2.3) to provide the other endpoint 297 (during association startup) with a list of transport addresses 298 (i.e., multiple IP addresses in combination with an SCTP port) 299 through which that endpoint can be reached and from which it will 300 originate SCTP packets. The association spans transfers over all of 301 the possible source/destination combinations that can be generated 302 from each endpoint's lists. 304 _____________ _____________ 305 | SCTP User | | SCTP User | 306 | Application | | Application | 307 |-------------| |-------------| 308 | SCTP | | SCTP | 309 | Transport | | Transport | 310 | Service | | Service | 311 |-------------| |-------------| 312 | |One or more ---- One or more| | 313 | IP Network |IP address \/ IP address| IP Network | 314 | Service |appearances /\ appearances| Service | 315 |_____________| ---- |_____________| 317 SCTP Node A |<-------- Network transport ------->| SCTP Node B 319 Figure 1: An SCTP Association 321 2.3. Key Terms 323 Some of the language used to describe SCTP has been introduced in the 324 previous sections. This section provides a consolidated list of the 325 key terms and their definitions. 327 Active destination transport address: A transport address on a peer 328 endpoint that a transmitting endpoint considers available for 329 receiving user messages. 331 Bundling: An optional multiplexing operation, whereby more than one 332 user message might be carried in the same SCTP packet. Each user 333 message occupies its own DATA chunk. 335 Chunk: A unit of information within an SCTP packet, consisting of a 336 chunk header and chunk-specific content. 338 Congestion window (cwnd): An SCTP variable that limits outstanding 339 data, in number of bytes, that a sender can send to a particular 340 destination transport address before receiving an acknowledgement. 342 Cumulative TSN Ack Point: The Transmission Sequence Number (TSN) of 343 the last DATA chunk acknowledged via the Cumulative TSN Ack field 344 of a SACK. 346 Flightsize: The amount of bytes of outstanding data to a particular 347 destination transport address at any given time. 349 Idle destination address: An address that has not had user messages 350 sent to it within some length of time, normally the HEARTBEAT 351 interval or greater. 353 Inactive destination transport address: An address that is 354 considered inactive due to errors and unavailable to transport 355 user messages. 357 Message = user message: Data submitted to SCTP by the Upper Layer 358 Protocol (ULP). 360 Message Authentication Code (MAC): An integrity check mechanism 361 based on cryptographic hash functions using a secret key. 362 Typically, message authentication codes are used between two 363 parties that share a secret key in order to validate information 364 transmitted between these parties. In SCTP, it is used by an 365 endpoint to validate the State Cookie information that is returned 366 from the peer in the COOKIE ECHO chunk. The term "MAC" has 367 different meanings in different contexts. SCTP uses this term 368 with the same meaning as in [RFC2104]. 370 Network Byte Order: Most significant byte first, a.k.a., big endian. 372 Ordered Message: A user message that is delivered in order with 373 respect to all previous user messages sent within the stream on 374 which the message was sent. 376 Outstanding data (or "data outstanding" or "data in flight"): The 377 total amount of the DATA chunks associated with outstanding TSNs. 378 A retransmitted DATA chunk is counted once in outstanding data. A 379 DATA chunk that is classified as lost but that has not yet been 380 retransmitted is not in outstanding data. 382 Outstanding TSN (at an SCTP endpoint): A TSN (and the associated 383 DATA chunk) that has been sent by the endpoint but for which it 384 has not yet received an acknowledgement. 386 Path: The route taken by the SCTP packets sent by one SCTP endpoint 387 to a specific destination transport address of its peer SCTP 388 endpoint. Sending to different destination transport addresses 389 does not necessarily guarantee getting separate paths. 391 Primary Path: The primary path is the destination and source address 392 that will be put into a packet outbound to the peer endpoint by 393 default. The definition includes the source address since an 394 implementation MAY wish to specify both destination and source 395 address to better control the return path taken by reply chunks 396 and on which interface the packet is transmitted when the data 397 sender is multi-homed. 399 Receiver Window (rwnd): An SCTP variable a data sender uses to store 400 the most recently calculated receiver window of its peer, in 401 number of bytes. This gives the sender an indication of the space 402 available in the receiver's inbound buffer. 404 SCTP association: A protocol relationship between SCTP endpoints, 405 composed of the two SCTP endpoints and protocol state information 406 including Verification Tags and the currently active set of 407 Transmission Sequence Numbers (TSNs), etc. An association can be 408 uniquely identified by the transport addresses used by the 409 endpoints in the association. Two SCTP endpoints MUST NOT have 410 more than one SCTP association between them at any given time. 412 SCTP endpoint: The logical sender/receiver of SCTP packets. On a 413 multi-homed host, an SCTP endpoint is represented to its peers as 414 a combination of a set of eligible destination transport addresses 415 to which SCTP packets can be sent and a set of eligible source 416 transport addresses from which SCTP packets can be received. All 417 transport addresses used by an SCTP endpoint MUST use the same 418 port number, but can use multiple IP addresses. A transport 419 address used by an SCTP endpoint MUST NOT be used by another SCTP 420 endpoint. In other words, a transport address is unique to an 421 SCTP endpoint. 423 SCTP packet (or packet): The unit of data delivery across the 424 interface between SCTP and the connectionless packet network 425 (e.g., IP). An SCTP packet includes the common SCTP header, 426 possible SCTP control chunks, and user data encapsulated within 427 SCTP DATA chunks. 429 SCTP user application (SCTP user): The logical higher-layer 430 application entity which uses the services of SCTP, also called 431 the Upper-Layer Protocol (ULP). 433 Slow-Start Threshold (ssthresh): An SCTP variable. This is the 434 threshold that the endpoint will use to determine whether to 435 perform slow start or congestion avoidance on a particular 436 destination transport address. Ssthresh is in number of bytes. 438 Stream: A unidirectional logical channel established from one to 439 another associated SCTP endpoint, within which all user messages 440 are delivered in sequence except for those submitted to the 441 unordered delivery service. 443 Note: The relationship between stream numbers in opposite 444 directions is strictly a matter of how the applications use them. 445 It is the responsibility of the SCTP user to create and manage 446 these correlations if they are so desired. 448 Stream Sequence Number: A 16-bit sequence number used internally by 449 SCTP to ensure sequenced delivery of the user messages within a 450 given stream. One Stream Sequence Number is attached to each user 451 message. 453 Tie-Tags: Two 32-bit random numbers that together make a 64-bit 454 nonce. These tags are used within a State Cookie and TCB so that 455 a newly restarting association can be linked to the original 456 association within the endpoint that did not restart and yet not 457 reveal the true Verification Tags of an existing association. 459 Transmission Control Block (TCB): An internal data structure created 460 by an SCTP endpoint for each of its existing SCTP associations to 461 other SCTP endpoints. TCB contains all the status and operational 462 information for the endpoint to maintain and manage the 463 corresponding association. 465 Transmission Sequence Number (TSN): A 32-bit sequence number used 466 internally by SCTP. One TSN is attached to each chunk containing 467 user data to permit the receiving SCTP endpoint to acknowledge its 468 receipt and detect duplicate deliveries. 470 Transport address: A transport address is traditionally defined by a 471 network-layer address, a transport-layer protocol, and a 472 transport-layer port number. In the case of SCTP running over IP, 473 a transport address is defined by the combination of an IP address 474 and an SCTP port number (where SCTP is the transport protocol). 476 Unacknowledged TSN (at an SCTP endpoint): A TSN (and the associated 477 DATA chunk) that has been received by the endpoint but for which 478 an acknowledgement has not yet been sent. Or in the opposite 479 case, for a packet that has been sent but no acknowledgement has 480 been received. 482 Unordered Message: Unordered messages are "unordered" with respect 483 to any other message; this includes both other unordered messages 484 as well as other ordered messages. An unordered message might be 485 delivered prior to or later than ordered messages sent on the same 486 stream. 488 User message: The unit of data delivery across the interface between 489 SCTP and its user. 491 Verification Tag: A 32-bit unsigned integer that is randomly 492 generated. The Verification Tag provides a key that allows a 493 receiver to verify that the SCTP packet belongs to the current 494 association and is not an old or stale packet from a previous 495 association. 497 2.4. Abbreviations 499 MAC Message Authentication Code [RFC2104] 500 RTO Retransmission Timeout 501 RTT Round-Trip Time 502 RTTVAR Round-Trip Time Variation 503 SCTP Stream Control Transmission Protocol 504 SRTT Smoothed RTT 505 TCB Transmission Control Block 506 TLV Type-Length-Value coding format 507 TSN Transmission Sequence Number 508 ULP Upper-Layer Protocol 510 2.5. Functional View of SCTP 512 The SCTP transport service can be decomposed into a number of 513 functions. These are depicted in Figure 2 and explained in the 514 remainder of this section. 516 SCTP User Application 518 ----------------------------------------------------- 519 _____________ ____________________ 520 | | | Sequenced Delivery | 521 | Association | | within Streams | 522 | | |____________________| 523 | Startup | 524 | | ____________________________ 525 | and | | User Data Fragmentation | 526 | | |____________________________| 527 | Takedown | 528 | | ____________________________ 529 | | | Acknowledgement | 530 | | | and | 531 | | | Congestion Avoidance | 532 | | |____________________________| 533 | | 534 | | ____________________________ 535 | | | Chunk Bundling | 536 | | |____________________________| 537 | | 538 | | ________________________________ 539 | | | Packet Validation | 540 | | |________________________________| 541 | | 542 | | ________________________________ 543 | | | Path Management | 544 |_____________| |________________________________| 546 Figure 2: Functional View of the SCTP Transport Service 548 2.5.1. Association Startup and Takedown 550 An association is initiated by a request from the SCTP user (see the 551 description of the ASSOCIATE (or SEND) primitive in Section 11). 553 A cookie mechanism, similar to one described by Karn and Simpson in 554 [RFC2522], is employed during the initialization to provide 555 protection against synchronization attacks. The cookie mechanism 556 uses a four-way handshake, the last two legs of which are allowed to 557 carry user data for fast setup. The startup sequence is described in 558 Section 5 of this document. 560 SCTP provides for graceful close (i.e., shutdown) of an active 561 association on request from the SCTP user. See the description of 562 the SHUTDOWN primitive in Section 11. SCTP also allows ungraceful 563 close (i.e., abort), either on request from the user (ABORT 564 primitive) or as a result of an error condition detected within the 565 SCTP layer. Section 9 describes both the graceful and the ungraceful 566 close procedures. 568 SCTP does not support a half-open state (like TCP) wherein one side 569 continues sending data while the other end is closed. When either 570 endpoint performs a shutdown, the association on each peer will stop 571 accepting new data from its user and only deliver data in queue at 572 the time of the graceful close (see Section 9). 574 2.5.2. Sequenced Delivery within Streams 576 The term "stream" is used in SCTP to refer to a sequence of user 577 messages that are to be delivered to the upper-layer protocol in 578 order with respect to other messages within the same stream. This is 579 in contrast to its usage in TCP, where it refers to a sequence of 580 bytes (in this document, a byte is assumed to be 8 bits). 582 The SCTP user can specify at association startup time the number of 583 streams to be supported by the association. This number is 584 negotiated with the remote end (see Section 5.1.1). User messages 585 are associated with stream numbers (SEND, RECEIVE primitives, 586 Section 11). Internally, SCTP assigns a Stream Sequence Number to 587 each message passed to it by the SCTP user. On the receiving side, 588 SCTP ensures that messages are delivered to the SCTP user in sequence 589 within a given stream. However, while one stream might be blocked 590 waiting for the next in-sequence user message, delivery from other 591 streams might proceed. 593 SCTP provides a mechanism for bypassing the sequenced delivery 594 service. User messages sent using this mechanism are delivered to 595 the SCTP user as soon as they are received. 597 2.5.3. User Data Fragmentation 599 When needed, SCTP fragments user messages to ensure that the SCTP 600 packet passed to the lower layer conforms to the path MTU. On 601 receipt, fragments are reassembled into complete messages before 602 being passed to the SCTP user. 604 2.5.4. Acknowledgement and Congestion Avoidance 606 SCTP assigns a Transmission Sequence Number (TSN) to each user data 607 fragment or unfragmented message. The TSN is independent of any 608 Stream Sequence Number assigned at the stream level. The receiving 609 end acknowledges all TSNs received, even if there are gaps in the 610 sequence. In this way, reliable delivery is kept functionally 611 separate from sequenced stream delivery. 613 The acknowledgement and congestion avoidance function is responsible 614 for packet retransmission when timely acknowledgement has not been 615 received. Packet retransmission is conditioned by congestion 616 avoidance procedures similar to those used for TCP. See Section 6 617 and Section 7 for a detailed description of the protocol procedures 618 associated with this function. 620 2.5.5. Chunk Bundling 622 As described in Section 3, the SCTP packet as delivered to the lower 623 layer consists of a common header followed by one or more chunks. 624 Each chunk might contain either user data or SCTP control 625 information. The SCTP user has the option to request bundling of 626 more than one user message into a single SCTP packet. The chunk 627 bundling function of SCTP is responsible for assembly of the complete 628 SCTP packet and its disassembly at the receiving end. 630 During times of congestion, an SCTP implementation MAY still perform 631 bundling even if the user has requested that SCTP not bundle. The 632 user's disabling of bundling only affects SCTP implementations that 633 might delay a small period of time before transmission (to attempt to 634 encourage bundling). When the user layer disables bundling, this 635 small delay is prohibited but not bundling that is performed during 636 congestion or retransmission. 638 2.5.6. Packet Validation 640 A mandatory Verification Tag field and a 32-bit checksum field (see 641 Appendix B for a description of the CRC32c checksum) are included in 642 the SCTP common header. The Verification Tag value is chosen by each 643 end of the association during association startup. Packets received 644 without the expected Verification Tag value are discarded, as a 645 protection against blind masquerade attacks and against stale SCTP 646 packets from a previous association. The CRC32c checksum can be set 647 by the sender of each SCTP packet to provide additional protection 648 against data corruption in the network. The receiver of an SCTP 649 packet with an invalid CRC32c checksum silently discards the packet. 651 2.5.7. Path Management 653 The sending SCTP user is able to manipulate the set of transport 654 addresses used as destinations for SCTP packets through the 655 primitives described in Section 11. The SCTP path management 656 function chooses the destination transport address for each outgoing 657 SCTP packet based on the SCTP user's instructions and the currently 658 perceived reachability status of the eligible destination set. The 659 path management function monitors reachability through heartbeats 660 when other packet traffic is inadequate to provide this information 661 and advises the SCTP user when reachability of any far-end transport 662 address changes. The path management function is also responsible 663 for reporting the eligible set of local transport addresses to the 664 far end during association startup, and for reporting the transport 665 addresses returned from the far end to the SCTP user. 667 At association startup, a primary path is defined for each SCTP 668 endpoint, and is used for normal sending of SCTP packets. 670 On the receiving end, the path management is responsible for 671 verifying the existence of a valid SCTP association to which the 672 inbound SCTP packet belongs before passing it for further processing. 674 Note: Path Management and Packet Validation are done at the same 675 time, so although described separately above, in reality they cannot 676 be performed as separate items. 678 2.6. Serial Number Arithmetic 680 It is essential to remember that the actual Transmission Sequence 681 Number space is finite, though very large. This space ranges from 0 682 to 2**32 - 1. Since the space is finite, all arithmetic dealing with 683 Transmission Sequence Numbers MUST be performed modulo 2**32. This 684 unsigned arithmetic preserves the relationship of sequence numbers as 685 they cycle from 2**32 - 1 to 0 again. There are some subtleties to 686 computer modulo arithmetic, so great care has to be taken in 687 programming the comparison of such values. When referring to TSNs, 688 the symbol "=<" means "less than or equal"(modulo 2**32). 690 Comparisons and arithmetic on TSNs in this document SHOULD use Serial 691 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 32. 693 An endpoint SHOULD NOT transmit a DATA chunk with a TSN that is more 694 than 2**31 - 1 above the beginning TSN of its current send window. 695 Doing so will cause problems in comparing TSNs. 697 Transmission Sequence Numbers wrap around when they reach 2**32 - 1. 698 That is, the next TSN a DATA chunk MUST use after transmitting TSN = 699 2**32 - 1 is TSN = 0. 701 Any arithmetic done on Stream Sequence Numbers SHOULD use Serial 702 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 16. 703 All other arithmetic and comparisons in this document use normal 704 arithmetic. 706 2.7. Changes from RFC 4960 708 SCTP was originally defined in [RFC4960], which this document 709 obsoletes, if approved. Readers interested in the details of the 710 various changes that this document incorporates are asked to consult 711 [RFC8540]. 713 3. SCTP Packet Format 715 An SCTP packet is composed of a common header and chunks. A chunk 716 contains either control information or user data. 718 The SCTP packet format is shown below: 720 0 1 2 3 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | Common Header | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | Chunk #1 | 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | ... | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 729 | Chunk #n | 730 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 732 Multiple chunks can be bundled into one SCTP packet up to the MTU 733 size, except for the INIT, INIT ACK, and SHUTDOWN COMPLETE chunks. 734 These chunks MUST NOT be bundled with any other chunk in a packet. 735 See Section 6.10 for more details on chunk bundling. 737 If a user data message does not fit into one SCTP packet it can be 738 fragmented into multiple chunks using the procedure defined in 739 Section 6.9. 741 All integer fields in an SCTP packet MUST be transmitted in network 742 byte order, unless otherwise stated. 744 3.1. SCTP Common Header Field Descriptions 745 SCTP Common Header Format 747 0 1 2 3 748 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 749 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 750 | Source Port Number | Destination Port Number | 751 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 752 | Verification Tag | 753 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 754 | Checksum | 755 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 757 Source Port Number: 16 bits (unsigned integer) 759 This is the SCTP sender's port number. It can be used by the 760 receiver in combination with the source IP address, the SCTP 761 destination port, and possibly the destination IP address to 762 identify the association to which this packet belongs. The source 763 port number 0 MUST NOT be used. 765 Destination Port Number: 16 bits (unsigned integer) 767 This is the SCTP port number to which this packet is destined. 768 The receiving host will use this port number to de-multiplex the 769 SCTP packet to the correct receiving endpoint/application. The 770 destination port number 0 MUST NOT be used. 772 Verification Tag: 32 bits (unsigned integer) 774 The receiver of this packet uses the Verification Tag to validate 775 the sender of this SCTP packet. On transmit, the value of this 776 Verification Tag MUST be set to the value of the Initiate Tag 777 received from the peer endpoint during the association 778 initialization, with the following exceptions: 780 * A packet containing an INIT chunk MUST have a zero Verification 781 Tag. 783 * A packet containing a SHUTDOWN COMPLETE chunk with the T bit 784 set MUST have the Verification Tag copied from the packet with 785 the SHUTDOWN ACK chunk. 787 * A packet containing an ABORT chunk MAY have the verification 788 tag copied from the packet that caused the ABORT to be sent. 789 For details see Section 8.4 and Section 8.5. 791 Checksum: 32 bits (unsigned integer) 792 This field contains the checksum of this SCTP packet. Its 793 calculation is discussed in Section 6.8. SCTP uses the CRC32c 794 algorithm as described in Appendix B for calculating the checksum. 796 3.2. Chunk Field Descriptions 798 The figure below illustrates the field format for the chunks to be 799 transmitted in the SCTP packet. Each chunk is formatted with a Chunk 800 Type field, a chunk-specific Flag field, a Chunk Length field, and a 801 Value field. 803 0 1 2 3 804 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 805 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 806 | Chunk Type | Chunk Flags | Chunk Length | 807 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 808 \ \ 809 / Chunk Value / 810 \ \ 811 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 813 Chunk Type: 8 bits (unsigned integer) 815 This field identifies the type of information contained in the 816 Chunk Value field. It takes a value from 0 to 254. The value of 817 255 is reserved for future use as an extension field. 819 The values of Chunk Types are defined as follows: 821 ID Value Chunk Type 822 ----- ---------- 823 0 - Payload Data (DATA) 824 1 - Initiation (INIT) 825 2 - Initiation Acknowledgement (INIT ACK) 826 3 - Selective Acknowledgement (SACK) 827 4 - Heartbeat Request (HEARTBEAT) 828 5 - Heartbeat Acknowledgement (HEARTBEAT ACK) 829 6 - Abort (ABORT) 830 7 - Shutdown (SHUTDOWN) 831 8 - Shutdown Acknowledgement (SHUTDOWN ACK) 832 9 - Operation Error (ERROR) 833 10 - State Cookie (COOKIE ECHO) 834 11 - Cookie Acknowledgement (COOKIE ACK) 835 12 - Reserved for Explicit Congestion Notification Echo 836 (ECNE) 837 13 - Reserved for Congestion Window Reduced (CWR) 838 14 - Shutdown Complete (SHUTDOWN COMPLETE) 839 15 to 62 - available 840 63 - reserved for IETF-defined Chunk Extensions 841 64 to 126 - available 842 127 - reserved for IETF-defined Chunk Extensions 843 128 to 190 - available 844 191 - reserved for IETF-defined Chunk Extensions 845 192 to 254 - available 846 255 - reserved for IETF-defined Chunk Extensions 848 Chunk Types are encoded such that the highest-order 2 bits specify 849 the action that is taken if the processing endpoint does not 850 recognize the Chunk Type. 852 00 - Stop processing this SCTP packet; discard the unrecognized 853 chunk and all further chunks. 855 01 - Stop processing this SCTP packet, discard the unrecognized 856 chunk and all further chunks, and report the unrecognized 857 chunk in an 'Unrecognized Chunk Type'. 859 10 - Skip this chunk and continue processing. 861 11 - Skip this chunk and continue processing, but report in an 862 ERROR chunk using the 'Unrecognized Chunk Type' cause of 863 error. 865 Note: The ECNE and CWR chunk types are reserved for future use of 866 Explicit Congestion Notification (ECN); see Appendix A. 868 Chunk Flags: 8 bits 870 The usage of these bits depends on the Chunk type as given by the 871 Chunk Type field. Unless otherwise specified, they are set to 0 872 on transmit and are ignored on receipt. 874 Chunk Length: 16 bits (unsigned integer) 876 This value represents the size of the chunk in bytes, including 877 the Chunk Type, Chunk Flags, Chunk Length, and Chunk Value fields. 878 Therefore, if the Chunk Value field is zero-length, the Length 879 field will be set to 4. The Chunk Length field does not count any 880 chunk padding. 882 Chunks (including Type, Length, and Value fields) are padded out 883 by the sender with all zero bytes to be a multiple of 4 bytes 884 long. This padding MUST NOT be more than 3 bytes in total. The 885 Chunk Length value does not include terminating padding of the 886 chunk. However, it does include padding of any variable-length 887 parameter except the last parameter in the chunk. The receiver 888 MUST ignore the padding. 890 Note: A robust implementation is expected to accept the chunk 891 whether or not the final padding has been included in the Chunk 892 Length. 894 Chunk Value: variable length 896 The Chunk Value field contains the actual information to be 897 transferred in the chunk. The usage and format of this field is 898 dependent on the Chunk Type. 900 The total length of a chunk (including Type, Length, and Value 901 fields) MUST be a multiple of 4 bytes. If the length of the chunk is 902 not a multiple of 4 bytes, the sender MUST pad the chunk with all 903 zero bytes, and this padding is not included in the Chunk Length 904 field. The sender MUST NOT pad with more than 3 bytes. The receiver 905 MUST ignore the padding bytes. 907 SCTP-defined chunks are described in detail in Section 3.3. The 908 guidelines for IETF-defined chunk extensions can be found in 909 Section 15.1 of this document. 911 3.2.1. Optional/Variable-Length Parameter Format 913 Chunk values of SCTP control chunks consist of a chunk-type-specific 914 header of required fields, followed by zero or more parameters. The 915 optional and variable-length parameters contained in a chunk are 916 defined in a Type-Length-Value format as shown below. 918 0 1 2 3 919 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 920 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 921 | Parameter Type | Parameter Length | 922 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 923 \ \ 924 / Parameter Value / 925 \ \ 926 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 928 Chunk Parameter Type: 16 bits (unsigned integer) 930 The Type field is a 16-bit identifier of the type of parameter. 931 It takes a value of 0 to 65534. 933 The value of 65535 is reserved for IETF-defined extensions. 934 Values other than those defined in specific SCTP chunk 935 descriptions are reserved for use by IETF. 937 Chunk Parameter Length: 16 bits (unsigned integer) 939 The Parameter Length field contains the size of the parameter in 940 bytes, including the Parameter Type, Parameter Length, and 941 Parameter Value fields. Thus, a parameter with a zero-length 942 Parameter Value field would have a Length field of 4. The 943 Parameter Length does not include any padding bytes. 945 Chunk Parameter Value: variable length 947 The Parameter Value field contains the actual information to be 948 transferred in the parameter. 950 The total length of a parameter (including Type, Parameter Length, 951 and Value fields) MUST be a multiple of 4 bytes. If the length of 952 the parameter is not a multiple of 4 bytes, the sender pads the 953 parameter at the end (i.e., after the Parameter Value field) with all 954 zero bytes. The length of the padding is not included in the 955 Parameter Length field. A sender MUST NOT pad with more than 3 956 bytes. The receiver MUST ignore the padding bytes. 958 The Parameter Types are encoded such that the highest-order 2 bits 959 specify the action that is taken if the processing endpoint does not 960 recognize the Parameter Type. 962 00 - Stop processing this parameter; do not process any further 963 parameters within this chunk. 965 01 - Stop processing this parameter, do not process any further 966 parameters within this chunk, and report the unrecognized 967 parameter in an 'Unrecognized Parameter', as described in 968 Section 3.2.2. 970 10 - Skip this parameter and continue processing. 972 11 - Skip this parameter and continue processing but report the 973 unrecognized parameter in an 'Unrecognized Parameter', as 974 described in Section 3.2.2. 976 Please note that in all four cases, an INIT ACK or COOKIE ECHO chunk 977 is sent. In the 00 or 01 case, the processing of the parameters 978 after the unknown parameter is canceled, but no processing already 979 done is rolled back. 981 The actual SCTP parameters are defined in the specific SCTP chunk 982 sections. The rules for IETF-defined parameter extensions are 983 defined in Section 15.3. Parameter types MUST be unique across all 984 chunks. For example, the parameter type '5' is used to represent an 985 IPv4 address (see Section 3.3.2.1). The value '5' then is reserved 986 across all chunks to represent an IPv4 address and MUST NOT be reused 987 with a different meaning in any other chunk. 989 3.2.2. Reporting of Unrecognized Parameters 991 If the receiver of an INIT chunk detects unrecognized parameters and 992 has to report them according to Section 3.2.1, it MUST put the 993 'Unrecognized Parameter' parameter(s) in the INIT ACK chunk sent in 994 response to the INIT chunk. Note that if the receiver of the INIT 995 chunk is not going to establish an association (e.g., due to lack of 996 resources), an 'Unrecognized Parameter' would not be included with 997 any ABORT being sent to the sender of the INIT. 999 If the receiver of an INIT ACK chunk detects unrecognized parameters 1000 and has to report them according to Section 3.2.1, it SHOULD bundle 1001 the ERROR chunk containing the 'Unrecognized Parameters' error cause 1002 with the COOKIE ECHO chunk sent in response to the INIT ACK chunk. 1003 If the receiver of the INIT ACK cannot bundle the COOKIE ECHO chunk 1004 with the ERROR chunk, the ERROR chunk MAY be sent separately but not 1005 before the COOKIE ACK has been received. 1007 Any time a COOKIE ECHO is sent in a packet, it MUST be the first 1008 chunk. 1010 3.3. SCTP Chunk Definitions 1012 This section defines the format of the different SCTP chunk types. 1014 3.3.1. Payload Data (DATA) (0) 1016 The following format MUST be used for the DATA chunk: 1018 0 1 2 3 1019 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1020 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1021 | Type = 0 | Res |I|U|B|E| Length | 1022 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1023 | TSN | 1024 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1025 | Stream Identifier S | Stream Sequence Number n | 1026 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1027 | Payload Protocol Identifier | 1028 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1029 \ \ 1030 / User Data (seq n of Stream S) / 1031 \ \ 1032 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1034 Res: 4 bits 1036 Set to all '0's on transmit and ignored on receipt. 1038 I bit: 1 bit 1040 The (I)mmediate bit MAY be set by the sender whenever the sender 1041 of a DATA chunk can benefit from the corresponding SACK chunk 1042 being sent back without delay. See Section 4 of [RFC7053] for a 1043 discussion of the benefits. 1045 U bit: 1 bit 1047 The (U)nordered bit, if set to '1', indicates that this is an 1048 unordered DATA chunk, and there is no Stream Sequence Number 1049 assigned to this DATA chunk. Therefore, the receiver MUST ignore 1050 the Stream Sequence Number field. 1052 After reassembly (if necessary), unordered DATA chunks MUST be 1053 dispatched to the upper layer by the receiver without any attempt 1054 to reorder. 1056 If an unordered user message is fragmented, each fragment of the 1057 message MUST have its U bit set to '1'. 1059 B bit: 1 bit 1061 The (B)eginning fragment bit, if set, indicates the first fragment 1062 of a user message. 1064 E bit: 1 bit 1065 The (E)nding fragment bit, if set, indicates the last fragment of 1066 a user message. 1068 An unfragmented user message MUST have both the B and E bits set to 1069 '1'. Setting both B and E bits to '0' indicates a middle fragment of 1070 a multi-fragment user message, as summarized in the following table: 1072 +---+---+-------------------------------------------+ 1073 | B | E | Description | 1074 +---+---+-------------------------------------------+ 1075 | 1 | 0 | First piece of a fragmented user message | 1076 +---+---+-------------------------------------------+ 1077 | 0 | 0 | Middle piece of a fragmented user message | 1078 +---+---+-------------------------------------------+ 1079 | 0 | 1 | Last piece of a fragmented user message | 1080 +---+---+-------------------------------------------+ 1081 | 1 | 1 | Unfragmented message | 1082 +---+---+-------------------------------------------+ 1084 Table 1: Fragment Description Flags 1086 When a user message is fragmented into multiple chunks, the TSNs are 1087 used by the receiver to reassemble the message. This means that the 1088 TSNs for each fragment of a fragmented user message MUST be strictly 1089 sequential. 1091 Length: 16 bits (unsigned integer) 1093 This field indicates the length of the DATA chunk in bytes from 1094 the beginning of the type field to the end of the User Data field 1095 excluding any padding. A DATA chunk with one byte of user data 1096 will have Length set to 17 (indicating 17 bytes). 1098 A DATA chunk with a User Data field of length L will have the 1099 Length field set to (16 + L) (indicating 16+L bytes) where L MUST 1100 be greater than 0. 1102 TSN: 32 bits (unsigned integer) 1104 This value represents the TSN for this DATA chunk. The valid 1105 range of TSN is from 0 to 4294967295 (2**32 - 1). TSN wraps back 1106 to 0 after reaching 4294967295. 1108 Stream Identifier S: 16 bits (unsigned integer) 1110 Identifies the stream to which the following user data belongs. 1112 Stream Sequence Number n: 16 bits (unsigned integer) 1113 This value represents the Stream Sequence Number of the following 1114 user data within the stream S. Valid range is 0 to 65535. 1116 When a user message is fragmented by SCTP for transport, the same 1117 Stream Sequence Number MUST be carried in each of the fragments of 1118 the message. 1120 Payload Protocol Identifier: 32 bits (unsigned integer) 1122 This value represents an application (or upper layer) specified 1123 protocol identifier. This value is passed to SCTP by its upper 1124 layer and sent to its peer. This identifier is not used by SCTP 1125 but can be used by certain network entities, as well as by the 1126 peer application, to identify the type of information being 1127 carried in this DATA chunk. This field MUST be sent even in 1128 fragmented DATA chunks (to make sure it is available for agents in 1129 the middle of the network). Note that this field is not touched 1130 by an SCTP implementation; therefore, its byte order is not 1131 necessarily big endian. The upper layer is responsible for any 1132 byte order conversions to this field. 1134 The value 0 indicates that no application identifier is specified 1135 by the upper layer for this payload data. 1137 User Data: variable length 1139 This is the payload user data. The implementation MUST pad the 1140 end of the data to a 4-byte boundary with all-zero bytes. Any 1141 padding MUST NOT be included in the Length field. A sender MUST 1142 never add more than 3 bytes of padding. 1144 3.3.2. Initiation (INIT) (1) 1146 This chunk is used to initiate an SCTP association between two 1147 endpoints. The format of the INIT chunk is shown below: 1149 0 1 2 3 1150 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1151 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1152 | Type = 1 | Chunk Flags | Chunk Length | 1153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1154 | Initiate Tag | 1155 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1156 | Advertised Receiver Window Credit (a_rwnd) | 1157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1158 | Number of Outbound Streams | Number of Inbound Streams | 1159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1160 | Initial TSN | 1161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1162 \ \ 1163 / Optional/Variable-Length Parameters / 1164 \ \ 1165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1167 The INIT chunk contains the following parameters. Unless otherwise 1168 noted, each parameter MUST only be included once in the INIT chunk. 1170 Fixed Parameters Status 1171 ---------------------------------------------- 1172 Initiate Tag Mandatory 1173 Advertised Receiver Window Credit Mandatory 1174 Number of Outbound Streams Mandatory 1175 Number of Inbound Streams Mandatory 1176 Initial TSN Mandatory 1178 Variable Parameters Status Type Value 1179 ------------------------------------------------------------- 1180 IPv4 Address (Note 1) Optional 5 1181 IPv6 Address (Note 1) Optional 6 1182 Cookie Preservative Optional 9 1183 Reserved for ECN Capable (Note 2) Optional 32768 (0x8000) 1184 Host Name Address Optional 11 1185 Supported Address Types (Note 3) Optional 12 1187 An INIT chunk MUST NOT contain the Host Name Address parameter. The 1188 receiver of an INIT chunk containing a Host Name Address parameter 1189 MUST send an ABORT and MAY include an "Unresolvable Address" error 1190 cause. 1192 Note 1: The INIT chunks can contain multiple addresses that can be 1193 IPv4 and/or IPv6 in any combination. 1195 Note 2: The ECN Capable field is reserved for future use of Explicit 1196 Congestion Notification. 1198 Note 3: This parameter, when present, specifies all the address types 1199 the sending endpoint can support. The absence of this parameter 1200 indicates that the sending endpoint can support any address type. 1202 If an INIT chunk is received with known parameters that are not 1203 optional parameters of the INIT chunk, then the receiver SHOULD 1204 process the INIT chunk and send back an INIT ACK. The receiver of 1205 the INIT chunk MAY bundle an ERROR chunk with the COOKIE ACK chunk 1206 later. However, restrictive implementations MAY send back an ABORT 1207 chunk in response to the INIT chunk. 1209 The Chunk Flags field in INIT is reserved, and all bits in it SHOULD 1210 be set to 0 by the sender and ignored by the receiver. The sequence 1211 of parameters within an INIT can be processed in any order. 1213 Initiate Tag: 32 bits (unsigned integer) 1215 The receiver of the INIT (the responding end) records the value of 1216 the Initiate Tag parameter. This value MUST be placed into the 1217 Verification Tag field of every SCTP packet that the receiver of 1218 the INIT transmits within this association. 1220 The Initiate Tag is allowed to have any value except 0. See 1221 Section 5.3.1 for more on the selection of the tag value. 1223 If the value of the Initiate Tag in a received INIT chunk is found 1224 to be 0, the receiver MUST treat it as an error and close the 1225 association by transmitting an ABORT. 1227 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1228 integer) 1230 This value represents the dedicated buffer space, in number of 1231 bytes, the sender of the INIT has reserved in association with 1232 this window. During the life of the association, this buffer 1233 space SHOULD NOT be lessened (i.e., dedicated buffers taken away 1234 from this association); however, an endpoint MAY change the value 1235 of a_rwnd it sends in SACK chunks. 1237 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1239 Defines the number of outbound streams the sender of this INIT 1240 chunk wishes to create in this association. The value of 0 MUST 1241 NOT be used. 1243 A receiver of an INIT with the OS value set to 0 SHOULD abort the 1244 association. 1246 Number of Inbound Streams (MIS): 16 bits (unsigned integer) 1248 Defines the maximum number of streams the sender of this INIT 1249 chunk allows the peer end to create in this association. The 1250 value 0 MUST NOT be used. 1252 Note: There is no negotiation of the actual number of streams but 1253 instead the two endpoints will use the min(requested, offered). 1254 See Section 5.1.1 for details. 1256 A receiver of an INIT with the MIS value of 0 SHOULD abort the 1257 association. 1259 Initial TSN (I-TSN): 32 bits (unsigned integer) 1261 Defines the initial TSN that the sender will use. The valid range 1262 is from 0 to 4294967295. This field MAY be set to the value of 1263 the Initiate Tag field. 1265 3.3.2.1. Optional/Variable-Length Parameters in INIT 1267 The following parameters follow the Type-Length-Value format as 1268 defined in Section 3.2.1. Any Type-Length-Value fields MUST come 1269 after the fixed-length fields defined in the previous section. 1271 IPv4 Address Parameter (5) 1273 0 1 2 3 1274 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1275 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1276 | Type = 5 | Length = 8 | 1277 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1278 | IPv4 Address | 1279 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1281 IPv4 Address: 32 bits (unsigned integer) 1283 Contains an IPv4 address of the sending endpoint. It is binary 1284 encoded. 1286 IPv6 Address Parameter (6) 1287 0 1 2 3 1288 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1289 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1290 | Type = 6 | Length = 20 | 1291 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1292 | | 1293 | IPv6 Address | 1294 | | 1295 | | 1296 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1298 IPv6 Address: 128 bits (unsigned integer) 1300 Contains an IPv6 [RFC8200] address of the sending endpoint. It is 1301 binary encoded. 1303 A sender MUST NOT use an IPv4-mapped IPv6 address [RFC4291], but 1304 SHOULD instead use an IPv4 Address parameter for an IPv4 address. 1306 Combined with the Source Port Number in the SCTP common header, the 1307 value passed in an IPv4 or IPv6 Address parameter indicates a 1308 transport address the sender of the INIT will support for the 1309 association being initiated. That is, during the life time of this 1310 association, this IP address can appear in the source address field 1311 of an IP datagram sent from the sender of the INIT, and can be used 1312 as a destination address of an IP datagram sent from the receiver of 1313 the INIT. 1315 More than one IP Address parameter can be included in an INIT chunk 1316 when the INIT sender is multi-homed. Moreover, a multi-homed 1317 endpoint might have access to different types of network; thus, more 1318 than one address type can be present in one INIT chunk, i.e., IPv4 1319 and IPv6 addresses are allowed in the same INIT chunk. 1321 If the INIT contains at least one IP Address parameter, then the 1322 source address of the IP datagram containing the INIT chunk and any 1323 additional address(es) provided within the INIT can be used as 1324 destinations by the endpoint receiving the INIT. If the INIT does 1325 not contain any IP Address parameters, the endpoint receiving the 1326 INIT MUST use the source address associated with the received IP 1327 datagram as its sole destination address for the association. 1329 Note that not using any IP Address parameters in the INIT and INIT 1330 ACK is an alternative to make an association more likely to work 1331 across a NAT box. 1333 Cookie Preservative (9) 1334 The sender of the INIT SHOULD use this parameter to suggest to the 1335 receiver of the INIT for a longer life-span of the State Cookie. 1337 0 1 2 3 1338 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1340 | Type = 9 | Length = 8 | 1341 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1342 | Suggested Cookie Life-Span Increment (msec.) | 1343 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1345 Suggested Cookie Life-Span Increment: 32 bits (unsigned integer) 1347 This parameter indicates to the receiver how much increment in 1348 milliseconds the sender wishes the receiver to add to its default 1349 cookie life-span. 1351 This optional parameter MAY be added to the INIT chunk by the 1352 sender when it reattempts establishing an association with a peer 1353 to which its previous attempt of establishing the association 1354 failed due to a stale cookie operation error. The receiver MAY 1355 choose to ignore the suggested cookie life-span increase for its 1356 own security reasons. 1358 Host Name Address (11) 1360 The sender of an INIT chunk MUST NOT include this parameter. The 1361 usage of the Host Name Address parameter is deprecated. 1363 0 1 2 3 1364 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1365 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1366 | Type = 11 | Length | 1367 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1368 / Host Name / 1369 \ \ 1370 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1372 Host Name: variable length 1374 This field contains a host name in "host name syntax" per RFC 1123 1375 Section 2.1 [RFC1123]. The method for resolving the host name is 1376 out of scope of SCTP. 1378 At least one null terminator is included in the Host Name string 1379 and MUST be included in the length. 1381 Supported Address Types (12) 1382 The sender of INIT uses this parameter to list all the address types 1383 it can support. 1385 0 1 2 3 1386 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1387 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1388 | Type = 12 | Length | 1389 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1390 | Address Type #1 | Address Type #2 | 1391 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1392 | ...... | 1393 +-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+ 1395 Address Type: 16 bits (unsigned integer) 1397 This is filled with the type value of the corresponding address 1398 TLV (e.g., IPv4 = 5, IPv6 = 6). The value indicating the Host 1399 Name Address parameter (Host name = 11) MUST NOT be used. 1401 3.3.3. Initiation Acknowledgement (INIT ACK) (2) 1403 The INIT ACK chunk is used to acknowledge the initiation of an SCTP 1404 association. 1406 The parameter part of INIT ACK is formatted similarly to the INIT 1407 chunk. It uses two extra variable parameters: The State Cookie and 1408 the Unrecognized Parameter: 1410 The format of the INIT ACK chunk is shown below: 1412 0 1 2 3 1413 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1414 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1415 | Type = 2 | Chunk Flags | Chunk Length | 1416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1417 | Initiate Tag | 1418 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1419 | Advertised Receiver Window Credit | 1420 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1421 | Number of Outbound Streams | Number of Inbound Streams | 1422 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1423 | Initial TSN | 1424 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1425 \ \ 1426 / Optional/Variable-Length Parameters / 1427 \ \ 1428 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1430 Initiate Tag: 32 bits (unsigned integer) 1432 The receiver of the INIT ACK records the value of the Initiate Tag 1433 parameter. This value MUST be placed into the Verification Tag 1434 field of every SCTP packet that the INIT ACK receiver transmits 1435 within this association. 1437 The Initiate Tag MUST NOT take the value 0. See Section 5.3.1 for 1438 more on the selection of the Initiate Tag value. 1440 If the value of the Initiate Tag in a received INIT ACK chunk is 1441 found to be 0, the receiver MUST destroy the association 1442 discarding its TCB. The receiver MAY send an ABORT for debugging 1443 purpose. 1445 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1446 integer) 1448 This value represents the dedicated buffer space, in number of 1449 bytes, the sender of the INIT ACK has reserved in association with 1450 this window. During the life of the association, this buffer 1451 space SHOULD NOT be lessened (i.e., dedicated buffers taken away 1452 from this association). 1454 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1456 Defines the number of outbound streams the sender of this INIT ACK 1457 chunk wishes to create in this association. The value of 0 MUST 1458 NOT be used, and the value MUST NOT be greater than the MIS value 1459 sent in the INIT chunk. 1461 A receiver of an INIT ACK with the OS value set to 0 SHOULD 1462 destroy the association discarding its TCB. 1464 Number of Inbound Streams (MIS): 16 bits (unsigned integer) 1466 Defines the maximum number of streams the sender of this INIT ACK 1467 chunk allows the peer end to create in this association. The 1468 value 0 MUST NOT be used. 1470 Note: There is no negotiation of the actual number of streams but 1471 instead the two endpoints will use the min(requested, offered). 1472 See Section 5.1.1 for details. 1474 A receiver of an INIT ACK with the MIS value set to 0 SHOULD 1475 destroy the association discarding its TCB. 1477 Initial TSN (I-TSN): 32 bits (unsigned integer) 1478 Defines the initial TSN that the INIT ACK sender will use. The 1479 valid range is from 0 to 4294967295. This field MAY be set to the 1480 value of the Initiate Tag field. 1482 Fixed Parameters Status 1483 ---------------------------------------------- 1484 Initiate Tag Mandatory 1485 Advertised Receiver Window Credit Mandatory 1486 Number of Outbound Streams Mandatory 1487 Number of Inbound Streams Mandatory 1488 Initial TSN Mandatory 1490 Variable Parameters Status Type Value 1491 ------------------------------------------------------------- 1492 State Cookie Mandatory 7 1493 IPv4 Address (Note 1) Optional 5 1494 IPv6 Address (Note 1) Optional 6 1495 Unrecognized Parameter Optional 8 1496 Reserved for ECN Capable (Note 2) Optional 32768 (0x8000) 1497 Host Name Address (Note 3) Optional 11 1499 Note 1: The INIT ACK chunks can contain any number of IP address 1500 parameters that can be IPv4 and/or IPv6 in any combination. 1502 Note 2: The ECN Capable field is reserved for future use of Explicit 1503 Congestion Notification. 1505 Note 3: An INIT ACK chunk MUST NOT contain the Host Name Address 1506 parameter. The receiver of INIT ACK chunks containing a Host Name 1507 Address parameter MUST send an ABORT and MAY include an "Unresolvable 1508 Address" error cause. 1510 IMPLEMENTATION NOTE: An implementation MUST be prepared to receive an 1511 INIT ACK that is quite large (more than 1500 bytes) due to the 1512 variable size of the State Cookie AND the variable address list. For 1513 example if a responder to the INIT has 1000 IPv4 addresses it wishes 1514 to send, it would need at least 8,000 bytes to encode this in the 1515 INIT ACK. 1517 If an INIT ACK chunk is received with known parameters that are not 1518 optional parameters of the INIT ACK chunk, then the receiver SHOULD 1519 process the INIT ACK chunk and send back a COOKIE ECHO. The receiver 1520 of the INIT ACK chunk MAY bundle an ERROR chunk with the COOKIE ECHO 1521 chunk. However, restrictive implementations MAY send back an ABORT 1522 chunk in response to the INIT ACK chunk. 1524 In combination with the Source Port carried in the SCTP common 1525 header, each IP Address parameter in the INIT ACK indicates to the 1526 receiver of the INIT ACK a valid transport address supported by the 1527 sender of the INIT ACK for the life time of the association being 1528 initiated. 1530 If the INIT ACK contains at least one IP Address parameter, then the 1531 source address of the IP datagram containing the INIT ACK and any 1532 additional address(es) provided within the INIT ACK MAY be used as 1533 destinations by the receiver of the INIT ACK. If the INIT ACK does 1534 not contain any IP Address parameters, the receiver of the INIT ACK 1535 MUST use the source address associated with the received IP datagram 1536 as its sole destination address for the association. 1538 The State Cookie and Unrecognized Parameters use the Type-Length- 1539 Value format as defined in Section 3.2.1 and are described below. 1540 The other fields are defined the same as their counterparts in the 1541 INIT chunk. 1543 3.3.3.1. Optional or Variable-Length Parameters 1545 State Cookie 1547 Parameter Type Value: 7 1549 Parameter Length: Variable size, depending on size of Cookie. 1551 Parameter Value: 1553 This parameter value MUST contain all the necessary state and 1554 parameter information required for the sender of this INIT ACK to 1555 create the association, along with a Message Authentication Code 1556 (MAC). See Section 5.1.3 for details on State Cookie definition. 1558 Unrecognized Parameter: 1560 Parameter Type Value: 8 1562 Parameter Length: Variable size. 1564 Parameter Value: 1566 This parameter is returned to the originator of the INIT chunk 1567 when the INIT contains an unrecognized parameter that has a value 1568 that indicates it SHOULD be reported to the sender. This 1569 parameter value field will contain unrecognized parameters copied 1570 from the INIT chunk complete with Parameter Type, Length, and 1571 Value fields. 1573 3.3.4. Selective Acknowledgement (SACK) (3) 1575 This chunk is sent to the peer endpoint to acknowledge received DATA 1576 chunks and to inform the peer endpoint of gaps in the received 1577 subsequences of DATA chunks as represented by their TSNs. 1579 The SACK MUST contain the Cumulative TSN Ack, Advertised Receiver 1580 Window Credit (a_rwnd), Number of Gap Ack Blocks, and Number of 1581 Duplicate TSNs fields. 1583 By definition, the value of the Cumulative TSN Ack parameter is the 1584 last TSN received before a break in the sequence of received TSNs 1585 occurs; the next TSN value following this one has not yet been 1586 received at the endpoint sending the SACK. This parameter therefore 1587 acknowledges receipt of all TSNs less than or equal to its value. 1589 The handling of a_rwnd by the receiver of the SACK is discussed in 1590 detail in Section 6.2.1. 1592 The SACK also contains zero or more Gap Ack Blocks. Each Gap Ack 1593 Block acknowledges a subsequence of TSNs received following a break 1594 in the sequence of received TSNs. The Gap Ack Blocks SHOULD be 1595 isolated. This means that the TSN just before each Gap Ack Block and 1596 the TSN just after each Gap Ack Block have not been received. By 1597 definition, all TSNs acknowledged by Gap Ack Blocks are greater than 1598 the value of the Cumulative TSN Ack. 1600 0 1 2 3 1601 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1602 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1603 | Type = 3 |Chunk Flags | Chunk Length | 1604 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1605 | Cumulative TSN Ack | 1606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1607 | Advertised Receiver Window Credit (a_rwnd) | 1608 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1609 | Number of Gap Ack Blocks = N | Number of Duplicate TSNs = X | 1610 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1611 | Gap Ack Block #1 Start | Gap Ack Block #1 End | 1612 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1613 / / 1614 \ ... \ 1615 / / 1616 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1617 | Gap Ack Block #N Start | Gap Ack Block #N End | 1618 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1619 | Duplicate TSN 1 | 1620 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1621 / / 1622 \ ... \ 1623 / / 1624 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1625 | Duplicate TSN X | 1626 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1628 Chunk Flags: 8 bits 1630 Set to all '0's on transmit and ignored on receipt. 1632 Cumulative TSN Ack: 32 bits (unsigned integer) 1634 This parameter contains the TSN of the last DATA chunk received in 1635 sequence before a gap. In the case where no DATA chunk has been 1636 received, this value is set to the peer's Initial TSN minus one. 1638 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1639 integer) 1641 This field indicates the updated receive buffer space in bytes of 1642 the sender of this SACK; see Section 6.2.1 for details. 1644 Number of Gap Ack Blocks: 16 bits (unsigned integer) 1646 Indicates the number of Gap Ack Blocks included in this SACK. 1648 Number of Duplicate TSNs: 16 bit 1650 This field contains the number of duplicate TSNs the endpoint has 1651 received. Each duplicate TSN is listed following the Gap Ack 1652 Block list. 1654 Gap Ack Blocks: 1656 These fields contain the Gap Ack Blocks. They are repeated for 1657 each Gap Ack Block up to the number of Gap Ack Blocks defined in 1658 the Number of Gap Ack Blocks field. All DATA chunks with TSNs 1659 greater than or equal to (Cumulative TSN Ack + Gap Ack Block 1660 Start) and less than or equal to (Cumulative TSN Ack + Gap Ack 1661 Block End) of each Gap Ack Block are assumed to have been received 1662 correctly. Gap Ack Blocks SHOULD be isolated. This means that 1663 the DATA chunks with TSNs equal to (Cumulative TSN Ack + Gap Ack 1664 Block Start - 1) and (Cumulative TSN Ack + Gap Ack Block End + 1) 1665 have not been received. 1667 Gap Ack Block Start: 16 bits (unsigned integer) 1669 Indicates the Start offset TSN for this Gap Ack Block. To 1670 calculate the actual TSN number the Cumulative TSN Ack is added to 1671 this offset number. This calculated TSN identifies the first TSN 1672 in this Gap Ack Block that has been received. 1674 Gap Ack Block End: 16 bits (unsigned integer) 1676 Indicates the End offset TSN for this Gap Ack Block. To calculate 1677 the actual TSN number, the Cumulative TSN Ack is added to this 1678 offset number. This calculated TSN identifies the TSN of the last 1679 DATA chunk received in this Gap Ack Block. 1681 For example, assume that the receiver has the following DATA 1682 chunks newly arrived at the time when it decides to send a 1683 Selective ACK, 1684 ---------- 1685 | TSN=17 | 1686 ---------- 1687 | | <- still missing 1688 ---------- 1689 | TSN=15 | 1690 ---------- 1691 | TSN=14 | 1692 ---------- 1693 | | <- still missing 1694 ---------- 1695 | TSN=12 | 1696 ---------- 1697 | TSN=11 | 1698 ---------- 1699 | TSN=10 | 1700 ---------- 1702 then the parameter part of the SACK MUST be constructed as follows 1703 (assuming the new a_rwnd is set to 4660 by the sender): 1705 +--------------------------------+ 1706 | Cumulative TSN Ack = 12 | 1707 +--------------------------------+ 1708 | a_rwnd = 4660 | 1709 +----------------+---------------+ 1710 | num of block=2 | num of dup=0 | 1711 +----------------+---------------+ 1712 |block #1 strt=2 |block #1 end=3 | 1713 +----------------+---------------+ 1714 |block #2 strt=5 |block #2 end=5 | 1715 +----------------+---------------+ 1717 Duplicate TSN: 32 bits (unsigned integer) 1719 Indicates the number of times a TSN was received in duplicate 1720 since the last SACK was sent. Every time a receiver gets a 1721 duplicate TSN (before sending the SACK), it adds it to the list of 1722 duplicates. The duplicate count is reinitialized to zero after 1723 sending each SACK. 1725 For example, if a receiver were to get the TSN 19 three times it 1726 would list 19 twice in the outbound SACK. After sending the SACK, if 1727 it received yet one more TSN 19 it would list 19 as a duplicate once 1728 in the next outgoing SACK. 1730 3.3.5. Heartbeat Request (HEARTBEAT) (4) 1732 An endpoint SHOULD send a HEARTBEAT chunk to its peer endpoint to 1733 probe the reachability of a particular destination transport address 1734 defined in the present association. 1736 The parameter field contains the Heartbeat Information, which is a 1737 variable-length opaque data structure understood only by the sender. 1739 0 1 2 3 1740 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1741 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1742 | Type = 4 | Chunk Flags | Heartbeat Length | 1743 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1744 \ \ 1745 / Heartbeat Information TLV (Variable-Length) / 1746 \ \ 1747 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1749 Chunk Flags: 8 bits 1751 Set to 0 on transmit and ignored on receipt. 1753 Heartbeat Length: 16 bits (unsigned integer) 1755 Set to the size of the chunk in bytes, including the chunk header 1756 and the Heartbeat Information field. 1758 Heartbeat Information: variable length 1760 Defined as a variable-length parameter using the format described 1761 in Section 3.2.1, i.e.: 1763 Variable Parameters Status Type Value 1764 ------------------------------------------------------------- 1765 Heartbeat Info Mandatory 1 1767 0 1 2 3 1768 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1769 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1770 | Heartbeat Info Type=1 | HB Info Length | 1771 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1772 / Sender-Specific Heartbeat Info / 1773 \ \ 1774 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1776 The Sender-Specific Heartbeat Info field SHOULD include 1777 information about the sender's current time when this HEARTBEAT 1778 chunk is sent and the destination transport address to which this 1779 HEARTBEAT is sent (see Section 8.3). This information is simply 1780 reflected back by the receiver in the HEARTBEAT ACK message (see 1781 Section 3.3.6). Note also that the HEARTBEAT message is both for 1782 reachability checking and for path verification (see Section 5.4). 1783 When a HEARTBEAT chunk is being used for path verification 1784 purposes, it MUST hold a 64-bit random nonce. 1786 3.3.6. Heartbeat Acknowledgement (HEARTBEAT ACK) (5) 1788 An endpoint MUST send this chunk to its peer endpoint as a response 1789 to a HEARTBEAT chunk (see Section 8.3). A HEARTBEAT ACK is always 1790 sent to the source IP address of the IP datagram containing the 1791 HEARTBEAT chunk to which this ack is responding. 1793 The parameter field contains a variable-length opaque data structure. 1795 0 1 2 3 1796 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1797 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1798 | Type = 5 | Chunk Flags | Heartbeat Ack Length | 1799 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1800 \ \ 1801 / Heartbeat Information TLV (Variable-Length) / 1802 \ \ 1803 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1805 Chunk Flags: 8 bits 1807 Set to 0 on transmit and ignored on receipt. 1809 Heartbeat Ack Length: 16 bits (unsigned integer) 1811 Set to the size of the chunk in bytes, including the chunk header 1812 and the Heartbeat Information field. 1814 Heartbeat Information: variable length 1816 This field MUST contain the Heartbeat Information parameter of the 1817 Heartbeat Request to which this Heartbeat Acknowledgement is 1818 responding. 1820 Variable Parameters Status Type Value 1821 ------------------------------------------------------------- 1822 Heartbeat Info Mandatory 1 1824 3.3.7. Abort Association (ABORT) (6) 1826 The ABORT chunk is sent to the peer of an association to close the 1827 association. The ABORT chunk MAY contain Cause Parameters to inform 1828 the receiver about the reason of the abort. DATA chunks MUST NOT be 1829 bundled with ABORT. Control chunks (except for INIT, INIT ACK, and 1830 SHUTDOWN COMPLETE) MAY be bundled with an ABORT, but they MUST be 1831 placed before the ABORT in the SCTP packet or they will be ignored by 1832 the receiver. 1834 If an endpoint receives an ABORT with a format error or no TCB is 1835 found, it MUST silently discard it. Moreover, under any 1836 circumstances, an endpoint that receives an ABORT MUST NOT respond to 1837 that ABORT by sending an ABORT of its own. 1839 0 1 2 3 1840 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1841 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1842 | Type = 6 |Reserved |T| Length | 1843 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1844 \ \ 1845 / zero or more Error Causes / 1846 \ \ 1847 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1849 Chunk Flags: 8 bits 1851 Reserved: 7 bits 1853 Set to 0 on transmit and ignored on receipt. 1855 T bit: 1 bit 1857 The T bit is set to 0 if the sender filled in the Verification 1858 Tag expected by the peer. If the Verification Tag is 1859 reflected, the T bit MUST be set to 1. Reflecting means that 1860 the sent Verification Tag is the same as the received one. 1862 Length: 16 bits (unsigned integer) 1864 Set to the size of the chunk in bytes, including the chunk header 1865 and all the Error Cause fields present. 1867 See Section 3.3.10 for Error Cause definitions. 1869 Note: Special rules apply to this chunk for verification; please see 1870 Section 8.5.1 for details. 1872 3.3.8. Shutdown Association (SHUTDOWN) (7) 1874 An endpoint in an association MUST use this chunk to initiate a 1875 graceful close of the association with its peer. This chunk has the 1876 following format. 1878 0 1 2 3 1879 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1880 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1881 | Type = 7 | Chunk Flags | Length = 8 | 1882 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1883 | Cumulative TSN Ack | 1884 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1886 Chunk Flags: 8 bits 1888 Set to 0 on transmit and ignored on receipt. 1890 Length: 16 bits (unsigned integer) 1892 Indicates the length of the parameter. Set to 8. 1894 Cumulative TSN Ack: 32 bits (unsigned integer) 1896 This parameter contains the TSN of the last chunk received in 1897 sequence before any gaps. 1899 Note: Since the SHUTDOWN message does not contain Gap Ack Blocks, 1900 it cannot be used to acknowledge TSNs received out of order. In a 1901 SACK, lack of Gap Ack Blocks that were previously included 1902 indicates that the data receiver reneged on the associated DATA 1903 chunks. 1904 Since SHUTDOWN does not contain Gap Ack Blocks, the receiver of 1905 the SHUTDOWN MUST NOT interpret the lack of a Gap Ack Block as a 1906 renege. (See Section 6.2 for information on reneging.) 1908 3.3.9. Shutdown Acknowledgement (SHUTDOWN ACK) (8) 1910 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 1911 chunk at the completion of the shutdown process; see Section 9.2 for 1912 details. 1914 The SHUTDOWN ACK chunk has no parameters. 1916 0 1 2 3 1917 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1918 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1919 | Type = 8 |Chunk Flags | Length = 4 | 1920 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1922 Chunk Flags: 8 bits 1924 Set to 0 on transmit and ignored on receipt. 1926 3.3.10. Operation Error (ERROR) (9) 1928 An endpoint sends this chunk to its peer endpoint to notify it of 1929 certain error conditions. It contains one or more error causes. An 1930 Operation Error is not considered fatal in and of itself, but MAY be 1931 used with an ABORT chunk to report a fatal condition. It has the 1932 following parameters: 1934 0 1 2 3 1935 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1936 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1937 | Type = 9 | Chunk Flags | Length | 1938 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1939 \ \ 1940 / one or more Error Causes / 1941 \ \ 1942 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1944 Chunk Flags: 8 bits 1946 Set to 0 on transmit and ignored on receipt. 1948 Length: 16 bits (unsigned integer) 1950 Set to the size of the chunk in bytes, including the chunk header 1951 and all the Error Cause fields present. 1953 Error causes are defined as variable-length parameters using the 1954 format described in Section 3.2.1, that is: 1956 0 1 2 3 1957 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1958 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1959 | Cause Code | Cause Length | 1960 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1961 / Cause-Specific Information / 1962 \ \ 1963 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1965 Cause Code: 16 bits (unsigned integer) 1967 Defines the type of error conditions being reported. 1969 Cause Code 1970 Value Cause Code 1971 --------- ---------------- 1972 1 Invalid Stream Identifier 1973 2 Missing Mandatory Parameter 1974 3 Stale Cookie Error 1975 4 Out of Resource 1976 5 Unresolvable Address 1977 6 Unrecognized Chunk Type 1978 7 Invalid Mandatory Parameter 1979 8 Unrecognized Parameters 1980 9 No User Data 1981 10 Cookie Received While Shutting Down 1982 11 Restart of an Association with New Addresses 1983 12 User Initiated Abort 1984 13 Protocol Violation 1985 Cause Length: 16 bits (unsigned integer) 1987 Set to the size of the parameter in bytes, including the Cause 1988 Code, Cause Length, and Cause-Specific Information fields. 1989 Cause-Specific Information: variable length 1991 This field carries the details of the error condition. 1993 Section 3.3.10.1 - Section 3.3.10.13 define error causes for SCTP. 1994 Guidelines for the IETF to define new error cause values are 1995 discussed in Section 15.4. 1997 3.3.10.1. Invalid Stream Identifier (1) 1999 Cause of error 2000 --------------- 2002 Invalid Stream Identifier: Indicates endpoint received a DATA chunk 2003 sent to a nonexistent stream. 2005 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2006 | Cause Code=1 | Cause Length=8 | 2007 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2008 | Stream Identifier | (Reserved) | 2009 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2011 Stream Identifier: 16 bits (unsigned integer) 2012 Contains the Stream Identifier of the DATA chunk received in 2013 error. 2015 Reserved: 16 bits 2017 This field is reserved. It is set to all 0's on transmit and 2018 ignored on receipt. 2020 3.3.10.2. Missing Mandatory Parameter (2) 2022 Cause of error 2023 --------------- 2025 Missing Mandatory Parameter: Indicates that one or more mandatory TLV 2026 parameters are missing in a received INIT or INIT ACK. 2028 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2029 | Cause Code=2 | Cause Length=8+N*2 | 2030 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2031 | Number of missing params=N | 2032 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2033 | Missing Param Type #1 | Missing Param Type #2 | 2034 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2035 | Missing Param Type #N-1 | Missing Param Type #N | 2036 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2038 Number of Missing params: 32 bits (unsigned integer) 2040 This field contains the number of parameters contained in the 2041 Cause-Specific Information field. 2043 Missing Param Type: 16 bits (unsigned integer) 2045 Each field will contain the missing mandatory parameter number. 2047 3.3.10.3. Stale Cookie Error (3) 2049 Cause of error 2050 -------------- 2052 Stale Cookie Error: Indicates the receipt of a valid State Cookie 2053 that has expired. 2055 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2056 | Cause Code=3 | Cause Length=8 | 2057 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2058 | Measure of Staleness (usec.) | 2059 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2061 Measure of Staleness: 32 bits (unsigned integer) 2063 This field contains the difference, in microseconds, between the 2064 current time and the time the State Cookie expired. 2066 The sender of this error cause MAY choose to report how long past 2067 expiration the State Cookie is by including a non-zero value in 2068 the Measure of Staleness field. If the sender does not wish to 2069 provide the Measure of Staleness, it SHOULD set this field to the 2070 value of zero. 2072 3.3.10.4. Out of Resource (4) 2074 Cause of error 2075 --------------- 2077 Out of Resource: Indicates that the sender is out of resource. This 2078 is usually sent in combination with or within an ABORT. 2080 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2081 | Cause Code=4 | Cause Length=4 | 2082 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2084 3.3.10.5. Unresolvable Address (5) 2086 Cause of error 2087 --------------- 2089 Unresolvable Address: Indicates that the sender is not able to 2090 resolve the specified address parameter (e.g., type of address is not 2091 supported by the sender). This is usually sent in combination with 2092 or within an ABORT. 2094 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2095 | Cause Code=5 | Cause Length | 2096 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2097 / Unresolvable Address / 2098 \ \ 2099 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2101 Unresolvable Address: variable length 2103 The Unresolvable Address field contains the complete Type, Length, 2104 and Value of the address parameter (or Host Name parameter) that 2105 contains the unresolvable address or host name. 2107 3.3.10.6. Unrecognized Chunk Type (6) 2109 Cause of error 2110 --------------- 2112 Unrecognized Chunk Type: This error cause is returned to the 2113 originator of the chunk if the receiver does not understand the chunk 2114 and the upper bits of the 'Chunk Type' are set to 01 or 11. 2116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2117 | Cause Code=6 | Cause Length | 2118 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2119 / Unrecognized Chunk / 2120 \ \ 2121 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2123 Unrecognized Chunk: variable length 2125 The Unrecognized Chunk field contains the unrecognized chunk from 2126 the SCTP packet complete with Chunk Type, Chunk Flags, and Chunk 2127 Length. 2129 3.3.10.7. Invalid Mandatory Parameter (7) 2131 Cause of error 2132 --------------- 2134 Invalid Mandatory Parameter: This error cause is returned to the 2135 originator of an INIT or INIT ACK chunk when one of the mandatory 2136 parameters is set to an invalid value. 2138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2139 | Cause Code=7 | Cause Length=4 | 2140 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2142 3.3.10.8. Unrecognized Parameters (8) 2144 Cause of error 2145 --------------- 2147 Unrecognized Parameters: This error cause is returned to the 2148 originator of the INIT ACK chunk if the receiver does not recognize 2149 one or more Optional TLV parameters in the INIT ACK chunk. 2151 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2152 | Cause Code=8 | Cause Length | 2153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2154 / Unrecognized Parameters / 2155 \ \ 2156 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2158 Unrecognized Parameters: variable length 2160 The Unrecognized Parameters field contains the unrecognized 2161 parameters copied from the INIT ACK chunk complete with TLV. This 2162 error cause is normally contained in an ERROR chunk bundled with 2163 the COOKIE ECHO chunk when responding to the INIT ACK, when the 2164 sender of the COOKIE ECHO chunk wishes to report unrecognized 2165 parameters. 2167 3.3.10.9. No User Data (9) 2169 Cause of error 2170 --------------- 2172 No User Data: This error cause is returned to the originator of a 2173 DATA chunk if a received DATA chunk has no user data. 2175 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2176 | Cause Code=9 | Cause Length=8 | 2177 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2178 / TSN value / 2179 \ \ 2180 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2182 TSN value: 32 bits (unsigned integer) 2184 The TSN value field contains the TSN of the DATA chunk received 2185 with no user data field. 2187 This cause code is normally returned in an ABORT chunk (see 2188 Section 6.2). 2190 3.3.10.10. Cookie Received While Shutting Down (10) 2192 Cause of error 2193 --------------- 2195 Cookie Received While Shutting Down: A COOKIE ECHO was received while 2196 the endpoint was in the SHUTDOWN-ACK-SENT state. This error is 2197 usually returned in an ERROR chunk bundled with the retransmitted 2198 SHUTDOWN ACK. 2200 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2201 | Cause Code=10 | Cause Length=4 | 2202 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2204 3.3.10.11. Restart of an Association with New Addresses (11) 2206 Cause of error 2207 -------------- 2209 Restart of an association with new addresses: An INIT was received on 2210 an existing association. But the INIT added addresses to the 2211 association that were previously not part of the association. The 2212 new addresses are listed in the error code. This ERROR is normally 2213 sent as part of an ABORT refusing the INIT (see Section 5.2). 2215 0 1 2 3 2216 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2217 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2218 | Cause Code=11 | Cause Length=Variable | 2219 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2220 / New Address TLVs / 2221 \ \ 2222 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2224 Note: Each New Address TLV is an exact copy of the TLV that was found 2225 in the INIT chunk that was new, including the Parameter Type and the 2226 Parameter Length. 2228 3.3.10.12. User-Initiated Abort (12) 2230 Cause of error 2231 -------------- 2233 This error cause MAY be included in ABORT chunks that are sent 2234 because of an upper-layer request. The upper layer can specify an 2235 Upper Layer Abort Reason that is transported by SCTP transparently 2236 and MAY be delivered to the upper-layer protocol at the peer. 2238 0 1 2 3 2239 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2240 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2241 | Cause Code=12 | Cause Length=Variable | 2242 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2243 / Upper Layer Abort Reason / 2244 \ \ 2245 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2247 3.3.10.13. Protocol Violation (13) 2249 Cause of error 2250 -------------- 2252 This error cause MAY be included in ABORT chunks that are sent 2253 because an SCTP endpoint detects a protocol violation of the peer 2254 that is not covered by the error causes described in Section 3.3.10.1 2255 to Section 3.3.10.12. An implementation MAY provide additional 2256 information specifying what kind of protocol violation has been 2257 detected. 2259 0 1 2 3 2260 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2262 | Cause Code=13 | Cause Length=Variable | 2263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2264 / Additional Information / 2265 \ \ 2266 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2268 3.3.11. Cookie Echo (COOKIE ECHO) (10) 2270 This chunk is used only during the initialization of an association. 2271 It is sent by the initiator of an association to its peer to complete 2272 the initialization process. This chunk MUST precede any DATA chunk 2273 sent within the association, but MAY be bundled with one or more DATA 2274 chunks in the same packet. 2276 0 1 2 3 2277 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2278 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2279 | Type = 10 |Chunk Flags | Length | 2280 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2281 / Cookie / 2282 \ \ 2283 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2285 Chunk Flags: 8 bits 2287 Set to 0 on transmit and ignored on receipt. 2289 Length: 16 bits (unsigned integer) 2291 Set to the size of the chunk in bytes, including the 4 bytes of 2292 the chunk header and the size of the cookie. 2294 Cookie: variable size 2295 This field MUST contain the exact cookie received in the State 2296 Cookie parameter from the previous INIT ACK. 2298 An implementation SHOULD make the cookie as small as possible to 2299 ensure interoperability. 2301 Note: A Cookie Echo does not contain a State Cookie parameter; 2302 instead, the data within the State Cookie's Parameter Value 2303 becomes the data within the Cookie Echo's Chunk Value. This 2304 allows an implementation to change only the first 2 bytes of the 2305 State Cookie parameter to become a COOKIE ECHO chunk. 2307 3.3.12. Cookie Acknowledgement (COOKIE ACK) (11) 2309 This chunk is used only during the initialization of an association. 2310 It is used to acknowledge the receipt of a COOKIE ECHO chunk. This 2311 chunk MUST precede any DATA or SACK chunk sent within the 2312 association, but MAY be bundled with one or more DATA chunks or SACK 2313 chunk's in the same SCTP packet. 2315 0 1 2 3 2316 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2317 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2318 | Type = 11 |Chunk Flags | Length = 4 | 2319 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2321 Chunk Flags: 8 bits 2323 Set to 0 on transmit and ignored on receipt. 2325 3.3.13. Shutdown Complete (SHUTDOWN COMPLETE) (14) 2327 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 2328 ACK chunk at the completion of the shutdown process; see Section 9.2 2329 for details. 2331 The SHUTDOWN COMPLETE chunk has no parameters. 2333 0 1 2 3 2334 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2335 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2336 | Type = 14 |Reserved |T| Length = 4 | 2337 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2339 Chunk Flags: 8 bits 2341 Reserved: 7 bits 2342 Set to 0 on transmit and ignored on receipt. 2344 T bit: 1 bit 2346 The T bit is set to 0 if the sender filled in the Verification 2347 Tag expected by the peer. If the Verification Tag is 2348 reflected, the T bit MUST be set to 1. Reflecting means that 2349 the sent Verification Tag is the same as the received one. 2351 Note: Special rules apply to this chunk for verification, please see 2352 Section 8.5.1 for details. 2354 4. SCTP Association State Diagram 2356 During the life time of an SCTP association, the SCTP endpoint's 2357 association progresses from one state to another in response to 2358 various events. The events that might potentially advance an 2359 association's state include: 2361 o SCTP user primitive calls, e.g., [ASSOCIATE], [SHUTDOWN], [ABORT], 2362 o Reception of INIT, COOKIE ECHO, ABORT, SHUTDOWN, etc., control 2363 chunks, or 2364 o Some timeout events. 2366 The state diagram in the figures below illustrates state changes, 2367 together with the causing events and resulting actions. Note that 2368 some of the error conditions are not shown in the state diagram. 2369 Full descriptions of all special cases are found in the text. 2371 Note: Chunk names are given in all capital letters, while parameter 2372 names have the first letter capitalized, e.g., COOKIE ECHO chunk type 2373 vs. State Cookie parameter. If more than one event/message can occur 2374 that causes a state transition, it is labeled (A), (B), etc. 2376 ----- -------- (from any state) 2377 / \ / rcv ABORT [ABORT] 2378 rcv INIT | | | ---------- or ---------- 2379 --------------- | v v delete TCB snd ABORT 2380 generate Cookie \ +---------+ delete TCB 2381 snd INIT ACK ---| CLOSED | 2382 +---------+ 2383 / \ [ASSOCIATE] 2384 / \ --------------- 2385 | | create TCB 2386 | | snd INIT 2387 | | strt init timer 2388 rcv valid | | 2390 COOKIE ECHO | v 2391 (1) ---------------- | +------------+ 2392 create TCB | | COOKIE-WAIT| (2) 2393 snd COOKIE ACK | +------------+ 2394 | | 2395 | | rcv INIT ACK 2396 | | ----------------- 2397 | | snd COOKIE ECHO 2398 | | stop init timer 2399 | | strt cookie timer 2400 | v 2401 | +--------------+ 2402 | | COOKIE-ECHOED| (3) 2403 | +--------------+ 2404 | | 2405 | | rcv COOKIE ACK 2406 | | ----------------- 2407 | | stop cookie timer 2408 v v 2409 +---------------+ 2410 | ESTABLISHED | 2411 +---------------+ 2412 | 2413 | 2414 /----+------------\ 2415 [SHUTDOWN] / \ 2416 -------------------| | 2417 check outstanding | | 2418 DATA chunks | | 2419 v | 2420 +---------+ | 2421 |SHUTDOWN-| | rcv SHUTDOWN 2422 |PENDING | |------------------ 2423 +---------+ | check outstanding 2424 | | DATA chunks 2425 No more outstanding | | 2426 ---------------------| | 2427 snd SHUTDOWN | | 2428 strt shutdown timer | | 2429 v v 2430 +---------+ +-----------+ 2431 (4) |SHUTDOWN-| | SHUTDOWN- | (5,6) 2432 |SENT | | RECEIVED | 2433 +---------+ +-----------+ 2434 | \ | 2435 (A) rcv SHUTDOWN ACK | \ | 2436 ----------------------| \ | 2437 stop shutdown timer | \rcv:SHUTDOWN | 2438 send SHUTDOWN COMPLETE| \ (B) | 2439 delete TCB | \ | 2440 | \ | No more outstanding 2441 | \ |----------------- 2442 | \ | send SHUTDOWN ACK 2443 (B)rcv SHUTDOWN | \ | strt shutdown timer 2444 ----------------------| \ | 2445 send SHUTDOWN ACK | \ | 2446 start shutdown timer | \ | 2447 move to SHUTDOWN- | \ | 2448 ACK-SENT | | | 2449 | v | 2450 | +-----------+ 2451 | | SHUTDOWN- | (7) 2452 | | ACK-SENT | 2453 | +----------+- 2454 | | (C)rcv SHUTDOWN COMPLETE 2455 | |----------------- 2456 | | stop shutdown timer 2457 | | delete TCB 2458 | | 2459 | | (D)rcv SHUTDOWN ACK 2460 | |-------------- 2461 | | stop shutdown timer 2462 | | send SHUTDOWN COMPLETE 2463 | | delete TCB 2464 | | 2465 \ +---------+ / 2466 \-->| CLOSED |<--/ 2467 +---------+ 2469 Figure 3: State Transition Diagram of SCTP 2471 The following applies: 2473 1) If the State Cookie in the received COOKIE ECHO is invalid (i.e., 2474 failed to pass the integrity check), the receiver MUST silently 2475 discard the packet. Or, if the received State Cookie is expired 2476 (see Section 5.1.5), the receiver MUST send back an ERROR chunk. 2477 In either case, the receiver stays in the CLOSED state. 2478 2) If the T1-init timer expires, the endpoint MUST retransmit INIT 2479 and restart the T1-init timer without changing state. This MUST 2480 be repeated up to 'Max.Init.Retransmits' times. After that, the 2481 endpoint MUST abort the initialization process and report the 2482 error to the SCTP user. 2483 3) If the T1-cookie timer expires, the endpoint MUST retransmit 2484 COOKIE ECHO and restart the T1-cookie timer without changing 2485 state. This MUST be repeated up to 'Max.Init.Retransmits' times. 2486 After that, the endpoint MUST abort the initialization process 2487 and report the error to the SCTP user. 2488 4) In the SHUTDOWN-SENT state, the endpoint MUST acknowledge any 2489 received DATA chunks without delay. 2490 5) In the SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any 2491 new send requests from its SCTP user. 2492 6) In the SHUTDOWN-RECEIVED state, the endpoint MUST transmit or 2493 retransmit data and leave this state when all data in queue is 2494 transmitted. 2495 7) In the SHUTDOWN-ACK-SENT state, the endpoint MUST NOT accept any 2496 new send requests from its SCTP user. 2498 The CLOSED state is used to indicate that an association is not 2499 created (i.e., does not exist). 2501 5. Association Initialization 2503 Before the first data transmission can take place from one SCTP 2504 endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints MUST 2505 complete an initialization process in order to set up an SCTP 2506 association between them. 2508 The SCTP user at an endpoint can use the ASSOCIATE primitive to 2509 initialize an SCTP association to another SCTP endpoint. 2511 IMPLEMENTATION NOTE: From an SCTP user's point of view, an 2512 association might be implicitly opened, without an ASSOCIATE 2513 primitive (see Section 11.1 B) being invoked, by the initiating 2514 endpoint's sending of the first user data to the destination 2515 endpoint. The initiating SCTP will assume default values for all 2516 mandatory and optional parameters for the INIT/INIT ACK. 2518 Once the association is established, unidirectional streams are open 2519 for data transfer on both ends (see Section 5.1.1). 2521 5.1. Normal Establishment of an Association 2523 The initialization process consists of the following steps (assuming 2524 that SCTP endpoint "A" tries to set up an association with SCTP 2525 endpoint "Z" and "Z" accepts the new association): 2527 A) "A" first sends an INIT chunk to "Z". In the INIT, "A" MUST 2528 provide its Verification Tag (Tag_A) in the Initiate Tag field. 2529 Tag_A SHOULD be a random number in the range of 1 to 4294967295 2530 (see Section 5.3.1 for Tag value selection). After sending the 2531 INIT, "A" starts the T1-init timer and enters the COOKIE-WAIT 2532 state. 2534 B) "Z" responds immediately with an INIT ACK chunk. The destination 2535 IP address of the INIT ACK MUST be set to the source IP address 2536 of the INIT to which this INIT ACK is responding. In the 2537 response, besides filling in other parameters, "Z" MUST set the 2538 Verification Tag field to Tag_A, and also provide its own 2539 Verification Tag (Tag_Z) in the Initiate Tag field. 2541 Moreover, "Z" MUST generate and send along with the INIT ACK a 2542 State Cookie. See Section 5.1.3 for State Cookie generation. 2544 After sending out INIT ACK with the State Cookie parameter, "Z" 2545 MUST NOT allocate any resources or keep any states for the new 2546 association. Otherwise, "Z" will be vulnerable to resource 2547 attacks. 2549 C) Upon reception of the INIT ACK from "Z", "A" stops the T1-init 2550 timer and leaves the COOKIE-WAIT state. "A" then sends the State 2551 Cookie received in the INIT ACK chunk in a COOKIE ECHO chunk, 2552 starts the T1-cookie timer, and enters the COOKIE-ECHOED state. 2554 The COOKIE ECHO chunk MAY be bundled with any pending outbound 2555 DATA chunks, but it MUST be the first chunk in the packet and 2556 until the COOKIE ACK is returned the sender MUST NOT send any 2557 other packets to the peer. 2559 D) Upon reception of the COOKIE ECHO chunk, endpoint "Z" replies 2560 with a COOKIE ACK chunk after building a TCB and moving to the 2561 ESTABLISHED state. A COOKIE ACK chunk MAY be bundled with any 2562 pending DATA chunks (and/or SACK chunks), but the COOKIE ACK 2563 chunk MUST be the first chunk in the packet. 2565 IMPLEMENTATION NOTE: An implementation can choose to send the 2566 Communication Up notification to the SCTP user upon reception of 2567 a valid COOKIE ECHO chunk. 2569 E) Upon reception of the COOKIE ACK, endpoint "A" moves from the 2570 COOKIE-ECHOED state to the ESTABLISHED state, stopping the 2571 T1-cookie timer. It can also notify its ULP about the successful 2572 establishment of the association with a Communication Up 2573 notification (see Section 11). 2575 An INIT or INIT ACK chunk MUST NOT be bundled with any other chunk. 2576 They MUST be the only chunks present in the SCTP packets that carry 2577 them. 2579 An endpoint MUST send the INIT ACK to the IP address from which it 2580 received the INIT. 2582 T1-init timer and T1-cookie timer SHOULD follow the same rules given 2583 in Section 6.3. If the application provided multiple IP addresses of 2584 the peer, there SHOULD be a T1-init and T1-cookie timer for each 2585 address of the peer. Retransmissions of INIT chunks and COOKIE ECHO 2586 chunks SHOULD use all addresses of the peer similar to 2587 retransmissions of DATA chunks. 2589 If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but 2590 decides not to establish the new association due to missing mandatory 2591 parameters in the received INIT or INIT ACK, invalid parameter 2592 values, or lack of local resources, it SHOULD respond with an ABORT 2593 chunk. It SHOULD also specify the cause of abort, such as the type 2594 of the missing mandatory parameters, etc., by including the error 2595 cause parameters with the ABORT chunk. The Verification Tag field in 2596 the common header of the outbound SCTP packet containing the ABORT 2597 chunk MUST be set to the Initiate Tag value of the peer. 2599 Note that a COOKIE ECHO chunk that does not pass the integrity check 2600 is not considered an 'invalid parameter' and requires special 2601 handling; see Section 5.1.5. 2603 After the reception of the first DATA chunk in an association the 2604 endpoint MUST immediately respond with a SACK to acknowledge the DATA 2605 chunk. Subsequent acknowledgements SHOULD be done as described in 2606 Section 6.2. 2608 When the TCB is created, each endpoint MUST set its internal 2609 Cumulative TSN Ack Point to the value of its transmitted Initial TSN 2610 minus one. 2612 IMPLEMENTATION NOTE: The IP addresses and SCTP port are generally 2613 used as the key to find the TCB within an SCTP instance. 2615 5.1.1. Handle Stream Parameters 2617 In the INIT and INIT ACK chunks, the sender of the chunk MUST 2618 indicate the number of outbound streams (OSs) it wishes to have in 2619 the association, as well as the maximum inbound streams (MISs) it 2620 will accept from the other endpoint. 2622 After receiving the stream configuration information from the other 2623 side, each endpoint MUST perform the following check: If the peer's 2624 MIS is less than the endpoint's OS, meaning that the peer is 2625 incapable of supporting all the outbound streams the endpoint wants 2626 to configure, the endpoint MUST use MIS outbound streams and MAY 2627 report any shortage to the upper layer. The upper layer can then 2628 choose to abort the association if the resource shortage is 2629 unacceptable. 2631 After the association is initialized, the valid outbound stream 2632 identifier range for either endpoint MUST be 0 to min(local OS, 2633 remote MIS)-1. 2635 5.1.2. Handle Address Parameters 2637 During the association initialization, an endpoint uses the following 2638 rules to discover and collect the destination transport address(es) 2639 of its peer. 2641 A) If there are no address parameters present in the received INIT 2642 or INIT ACK chunk, the endpoint MUST take the source IP address 2643 from which the chunk arrives and record it, in combination with 2644 the SCTP source port number, as the only destination transport 2645 address for this peer. 2647 B) If there is a Host Name Address parameter present in the received 2648 INIT or INIT ACK chunk, the endpoint MUST immediately send an 2649 ABORT and MAY include an "Unresolvable Address" error cause to 2650 its peer. The ABORT SHOULD be sent to the source IP address from 2651 which the last peer packet was received. 2653 C) If there are only IPv4/IPv6 addresses present in the received 2654 INIT or INIT ACK chunk, the receiver MUST derive and record all 2655 the transport addresses from the received chunk AND the source IP 2656 address that sent the INIT or INIT ACK. The transport addresses 2657 are derived by the combination of SCTP source port (from the 2658 common header) and the IP Address parameter(s) carried in the 2659 INIT or INIT ACK chunk and the source IP address of the IP 2660 datagram. The receiver SHOULD use only these transport addresses 2661 as destination transport addresses when sending subsequent 2662 packets to its peer. 2664 D) An INIT or INIT ACK chunk MUST be treated as belonging to an 2665 already established association (or one in the process of being 2666 established) if the use of any of the valid address parameters 2667 contained within the chunk would identify an existing TCB. 2669 IMPLEMENTATION NOTE: In some cases (e.g., when the implementation 2670 does not control the source IP address that is used for 2671 transmitting), an endpoint might need to include in its INIT or INIT 2672 ACK all possible IP addresses from which packets to the peer could be 2673 transmitted. 2675 After all transport addresses are derived from the INIT or INIT ACK 2676 chunk using the above rules, the endpoint selects one of the 2677 transport addresses as the initial primary path. 2679 The INIT ACK MUST be sent to the source address of the INIT. 2681 The sender of INIT chunks MAY include a 'Supported Address Types' 2682 parameter in the INIT to indicate what types of addresses are 2683 acceptable. 2685 IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK 2686 fails to resolve the address parameter due to an unsupported type, it 2687 can abort the initiation process and then attempt a reinitiation by 2688 using a 'Supported Address Types' parameter in the new INIT to 2689 indicate what types of address it prefers. 2691 If an SCTP endpoint that only supports either IPv4 or IPv6 receives 2692 IPv4 and IPv6 addresses in an INIT or INIT ACK chunk from its peer, 2693 it MUST use all the addresses belonging to the supported address 2694 family. The other addresses MAY be ignored. The endpoint SHOULD NOT 2695 respond with any kind of error indication. 2697 If an SCTP endpoint lists in the 'Supported Address Types' parameter 2698 either IPv4 or IPv6, but uses the other family for sending the packet 2699 containing the INIT chunk, or if it also lists addresses of the other 2700 family in the INIT chunk, then the address family that is not listed 2701 in the 'Supported Address Types' parameter SHOULD also be considered 2702 as supported by the receiver of the INIT chunk. The receiver of the 2703 INIT chunk SHOULD NOT respond with any kind of error indication. 2705 5.1.3. Generating State Cookie 2707 When sending an INIT ACK as a response to an INIT chunk, the sender 2708 of INIT ACK creates a State Cookie and sends it in the State Cookie 2709 parameter of the INIT ACK. Inside this State Cookie, the sender can 2710 include a MAC (see [RFC2104] for an example), a timestamp on when the 2711 State Cookie is created, and the lifespan of the State Cookie, along 2712 with all the information necessary for it to establish the 2713 association. 2715 The following steps SHOULD be taken to generate the State Cookie: 2717 1) Create an association TCB using information from both the 2718 received INIT and the outgoing INIT ACK chunk, 2719 2) In the TCB, set the creation time to the current time of day, and 2720 the lifespan to the protocol parameter 'Valid.Cookie.Life' (see 2721 Section 16), 2722 3) From the TCB, identify and collect the minimal subset of 2723 information needed to re-create the TCB, and generate a MAC using 2724 this subset of information and a secret key (see [RFC2104] for an 2725 example of generating a MAC), and 2727 4) Generate the State Cookie by combining this subset of information 2728 and the resultant MAC. 2730 After sending the INIT ACK with the State Cookie parameter, the 2731 sender SHOULD delete the TCB and any other local resource related to 2732 the new association, so as to prevent resource attacks. 2734 The hashing method used to generate the MAC is strictly a private 2735 matter for the receiver of the INIT chunk. The use of a MAC is 2736 mandatory to prevent denial-of-service attacks. The secret key 2737 SHOULD be random ([RFC4086] provides some information on randomness 2738 guidelines); it SHOULD be changed reasonably frequently, and the 2739 timestamp in the State Cookie MAY be used to determine which key is 2740 used to verify the MAC. 2742 An implementation SHOULD make the cookie as small as possible to 2743 ensure interoperability. 2745 5.1.4. State Cookie Processing 2747 When an endpoint (in the COOKIE-WAIT state) receives an INIT ACK 2748 chunk with a State Cookie parameter, it MUST immediately send a 2749 COOKIE ECHO chunk to its peer with the received State Cookie. The 2750 sender MAY also add any pending DATA chunks to the packet after the 2751 COOKIE ECHO chunk. 2753 The endpoint MUST also start the T1-cookie timer after sending out 2754 the COOKIE ECHO chunk. If the timer expires, the endpoint MUST 2755 retransmit the COOKIE ECHO chunk and restart the T1-cookie timer. 2756 This is repeated until either a COOKIE ACK is received or 2757 'Max.Init.Retransmits' (see Section 16) is reached causing the peer 2758 endpoint to be marked unreachable (and thus the association enters 2759 the CLOSED state). 2761 5.1.5. State Cookie Authentication 2763 When an endpoint receives a COOKIE ECHO chunk from another endpoint 2764 with which it has no association, it takes the following actions: 2766 1) Compute a MAC using the TCB data carried in the State Cookie and 2767 the secret key (note the timestamp in the State Cookie MAY be 2768 used to determine which secret key to use). [RFC2104] can be 2769 used as a guideline for generating the MAC, 2770 2) Authenticate the State Cookie as one that it previously generated 2771 by comparing the computed MAC against the one carried in the 2772 State Cookie. If this comparison fails, the SCTP packet, 2773 including the COOKIE ECHO and any DATA chunks, SHOULD be silently 2774 discarded, 2776 3) Compare the port numbers and the Verification Tag contained 2777 within the COOKIE ECHO chunk to the actual port numbers and the 2778 Verification Tag within the SCTP common header of the received 2779 packet. If these values do not match, the packet MUST be 2780 silently discarded. 2781 4) Compare the creation timestamp in the State Cookie to the current 2782 local time. If the elapsed time is longer than the lifespan 2783 carried in the State Cookie, then the packet, including the 2784 COOKIE ECHO and any attached DATA chunks, SHOULD be discarded, 2785 and the endpoint MUST transmit an ERROR chunk with a "Stale 2786 Cookie" error cause to the peer endpoint. 2787 5) If the State Cookie is valid, create an association to the sender 2788 of the COOKIE ECHO chunk with the information in the TCB data 2789 carried in the COOKIE ECHO and enter the ESTABLISHED state. 2790 6) Send a COOKIE ACK chunk to the peer acknowledging receipt of the 2791 COOKIE ECHO. The COOKIE ACK MAY be bundled with an outbound DATA 2792 chunk or SACK chunk; however, the COOKIE ACK MUST be the first 2793 chunk in the SCTP packet. 2794 7) Immediately acknowledge any DATA chunk bundled with the COOKIE 2795 ECHO with a SACK (subsequent DATA chunk acknowledgement SHOULD 2796 follow the rules defined in Section 6.2). As mentioned in step 2797 6, if the SACK is bundled with the COOKIE ACK, the COOKIE ACK 2798 MUST appear first in the SCTP packet. 2800 If a COOKIE ECHO is received from an endpoint with which the receiver 2801 of the COOKIE ECHO has an existing association, the procedures in 2802 Section 5.2 SHOULD be followed. 2804 5.1.6. An Example of Normal Association Establishment 2806 In the following example, "A" initiates the association and then 2807 sends a user message to "Z", then "Z" sends two user messages to "A" 2808 later (assuming no bundling or fragmentation occurs): 2810 Endpoint A Endpoint Z 2811 {app sets association with Z} 2812 (build TCB) 2813 INIT [I-Tag=Tag_A 2814 & other info] ------\ 2815 (Start T1-init timer) \ 2816 (Enter COOKIE-WAIT state) \---> (compose temp TCB and Cookie_Z) 2817 /-- INIT ACK [Veri Tag=Tag_A, 2818 / I-Tag=Tag_Z, 2819 (Cancel T1-init timer) <------/ Cookie_Z, & other info] 2820 (destroy temp TCB) 2821 COOKIE ECHO [Cookie_Z] ------\ 2822 (Start T1-cookie timer) \ 2823 (Enter COOKIE-ECHOED state) \---> (build TCB, enter ESTABLISHED 2824 state) 2825 /---- COOKIE ACK 2826 / 2827 (Cancel T1-cookie timer, <---/ 2828 enter ESTABLISHED state) 2829 {app sends 1st user data; strm 0} 2830 DATA [TSN=initial TSN_A 2831 Strm=0,Seq=0 & user data]--\ 2832 (Start T3-rtx timer) \ 2833 \-> 2834 /----- SACK [TSN Ack=init 2835 / TSN_A,Block=0] 2836 (Cancel T3-rtx timer) <------/ 2837 ... 2838 {app sends 2 messages;strm 0} 2839 /---- DATA 2840 / [TSN=init TSN_Z 2841 <--/ Strm=0,Seq=0 & user data 1] 2842 SACK [TSN Ack=init TSN_Z, /---- DATA 2843 Block=0] --------\ / [TSN=init TSN_Z +1, 2844 \/ Strm=0,Seq=1 & user data 2] 2845 <------/\ 2846 \ 2847 \------> 2849 Figure 4: INITIATION Example 2851 If the T1-init timer expires at "A" after the INIT or COOKIE ECHO 2852 chunks are sent, the same INIT or COOKIE ECHO chunk with the same 2853 Initiate Tag (i.e., Tag_A) or State Cookie is retransmitted and the 2854 timer restarted. This is repeated Max.Init.Retransmits times before 2855 "A" considers "Z" unreachable and reports the failure to its upper 2856 layer (and thus the association enters the CLOSED state). 2858 When retransmitting the INIT, the endpoint MUST follow the rules 2859 defined in Section 6.3 to determine the proper timer value. 2861 5.2. Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE ECHO, and 2862 COOKIE ACK 2864 During the life time of an association (in one of the possible 2865 states), an endpoint can receive from its peer endpoint one of the 2866 setup chunks (INIT, INIT ACK, COOKIE ECHO, and COOKIE ACK). The 2867 receiver treats such a setup chunk as a duplicate and process it as 2868 described in this section. 2870 Note: An endpoint will not receive the chunk unless the chunk was 2871 sent to an SCTP transport address and is from an SCTP transport 2872 address associated with this endpoint. Therefore, the endpoint 2873 processes such a chunk as part of its current association. 2875 The following scenarios can cause duplicated or unexpected chunks: 2877 A) The peer has crashed without being detected, restarted itself, 2878 and sent out a new INIT chunk trying to restore the association, 2880 B) Both sides are trying to initialize the association at about the 2881 same time, 2883 C) The chunk is from a stale packet that was used to establish the 2884 present association or a past association that is no longer in 2885 existence, 2887 D) The chunk is a false packet generated by an attacker, or 2889 E) The peer never received the COOKIE ACK and is retransmitting its 2890 COOKIE ECHO. 2892 The rules in the following sections are applied in order to identify 2893 and correctly handle these cases. 2895 5.2.1. INIT Received in COOKIE-WAIT or COOKIE-ECHOED State (Item B) 2897 This usually indicates an initialization collision, i.e., each 2898 endpoint is attempting, at about the same time, to establish an 2899 association with the other endpoint. 2901 Upon receipt of an INIT in the COOKIE-WAIT state, an endpoint MUST 2902 respond with an INIT ACK using the same parameters it sent in its 2903 original INIT chunk (including its Initiate Tag, unchanged). When 2904 responding, the following rules MUST be applied: 2906 1) The INIT ACK MUST only be sent to an address passed by the upper 2907 layer in the request to initialize the association. 2909 2) The INIT ACK MUST only be sent to an address reported in the 2910 incoming INIT. 2912 3) The INIT ACK SHOULD be sent to the source address of the received 2913 INIT. 2915 Upon receipt of an INIT in the COOKIE-ECHOED state, an endpoint MUST 2916 respond with an INIT ACK using the same parameters it sent in its 2917 original INIT chunk (including its Initiate Tag, unchanged), provided 2918 that no NEW address has been added to the forming association. If 2919 the INIT message indicates that a new address has been added to the 2920 association, then the entire INIT MUST be discarded, and SHOULD NOT 2921 do any changes to the existing association. An ABORT SHOULD be sent 2922 in response that MAY include the error 'Restart of an association 2923 with new addresses'. The error SHOULD list the addresses that were 2924 added to the restarting association. 2926 When responding in either state (COOKIE-WAIT or COOKIE-ECHOED) with 2927 an INIT ACK, the original parameters are combined with those from the 2928 newly received INIT chunk. The endpoint MUST also generate a State 2929 Cookie with the INIT ACK. The endpoint uses the parameters sent in 2930 its INIT to calculate the State Cookie. 2932 After that, the endpoint MUST NOT change its state, the T1-init timer 2933 MUST be left running, and the corresponding TCB MUST NOT be 2934 destroyed. The normal procedures for handling State Cookies when a 2935 TCB exists will resolve the duplicate INITs to a single association. 2937 For an endpoint that is in the COOKIE-ECHOED state, it MUST populate 2938 its Tie-Tags within both the association TCB and inside the State 2939 Cookie (see Section 5.2.2 for a description of the Tie-Tags). 2941 5.2.2. Unexpected INIT in States Other than CLOSED, COOKIE-ECHOED, 2942 COOKIE-WAIT, and SHUTDOWN-ACK-SENT 2944 Unless otherwise stated, upon receipt of an unexpected INIT for this 2945 association, the endpoint MUST generate an INIT ACK with a State 2946 Cookie. Before responding, the endpoint MUST check to see if the 2947 unexpected INIT adds new addresses to the association. If new 2948 addresses are added to the association, the endpoint MUST respond 2949 with an ABORT, copying the 'Initiate Tag' of the unexpected INIT into 2950 the 'Verification Tag' of the outbound packet carrying the ABORT. In 2951 the ABORT response, the cause of error MAY be set to 'restart of an 2952 association with new addresses'. The error SHOULD list the addresses 2953 that were added to the restarting association. If no new addresses 2954 are added, when responding to the INIT in the outbound INIT ACK, the 2955 endpoint MUST copy its current Tie-Tags to a reserved place within 2956 the State Cookie and the association's TCB. We refer to these 2957 locations inside the cookie as the Peer's-Tie-Tag and the Local-Tie- 2958 Tag. We will refer to the copy within an association's TCB as the 2959 Local Tag and Peer's Tag. The outbound SCTP packet containing this 2960 INIT ACK MUST carry a Verification Tag value equal to the Initiate 2961 Tag found in the unexpected INIT. And the INIT ACK MUST contain a 2962 new Initiate Tag (randomly generated; see Section 5.3.1). Other 2963 parameters for the endpoint SHOULD be copied from the existing 2964 parameters of the association (e.g., number of outbound streams) into 2965 the INIT ACK and cookie. 2967 After sending out the INIT ACK or ABORT, the endpoint MUST take no 2968 further actions; i.e., the existing association, including its 2969 current state, and the corresponding TCB MUST NOT be changed. 2971 Only when a TCB exists and the association is not in a COOKIE-WAIT or 2972 SHUTDOWN-ACK-SENT state are the Tie-Tags populated with a value other 2973 than 0. For a normal association INIT (i.e., the endpoint is in the 2974 CLOSED state), the Tie-Tags MUST be set to 0 (indicating that no 2975 previous TCB existed). 2977 5.2.3. Unexpected INIT ACK 2979 If an INIT ACK is received by an endpoint in any state other than the 2980 COOKIE-WAIT state, the endpoint SHOULD discard the INIT ACK chunk. 2981 An unexpected INIT ACK usually indicates the processing of an old or 2982 duplicated INIT chunk. 2984 5.2.4. Handle a COOKIE ECHO when a TCB Exists 2986 When a COOKIE ECHO chunk is received by an endpoint in any state for 2987 an existing association (i.e., not in the CLOSED state) the following 2988 rules are applied: 2990 1) Compute a MAC as described in step 1 of Section 5.1.5, 2992 2) Authenticate the State Cookie as described in step 2 of 2993 Section 5.1.5 (this is case C or D above). 2995 3) Compare the timestamp in the State Cookie to the current time. 2996 If the State Cookie is older than the lifespan carried in the 2997 State Cookie and the Verification Tags contained in the State 2998 Cookie do not match the current association's Verification Tags, 2999 the packet, including the COOKIE ECHO and any DATA chunks, SHOULD 3000 be discarded. The endpoint also MUST transmit an ERROR chunk 3001 with a "Stale Cookie" error cause to the peer endpoint (this is 3002 case C or D in Section 5.2). 3004 If both Verification Tags in the State Cookie match the 3005 Verification Tags of the current association, consider the State 3006 Cookie valid (this is case E in Section 5.2) even if the lifespan 3007 is exceeded. 3009 4) If the State Cookie proves to be valid, unpack the TCB into a 3010 temporary TCB. 3012 5) Refer to Table 2 to determine the correct action to be taken. 3014 +-----------+------------+---------------+----------------+--------+ 3015 | Local Tag | Peer's Tag | Local-Tie-Tag | Peer's-Tie-Tag | Action | 3016 +-----------+------------+---------------+----------------+--------+ 3017 | X | X | M | M | (A) | 3018 +-----------+------------+---------------+----------------+--------+ 3019 | M | X | A | A | (B) | 3020 +-----------+------------+---------------+----------------+--------+ 3021 | M | 0 | A | A | (B) | 3022 +-----------+------------+---------------+----------------+--------+ 3023 | X | M | 0 | 0 | (C) | 3024 +-----------+------------+---------------+----------------+--------+ 3025 | M | M | A | A | (D) | 3026 +-----------+------------+---------------+----------------+--------+ 3028 Table 2: Handling of a COOKIE ECHO when a TCB Exists 3030 Legend: 3032 X - Tag does not match the existing TCB. 3033 M - Tag matches the existing TCB. 3034 0 - No Tie-Tag in cookie (unknown). 3035 A - All cases, i.e., M, X, or 0. 3037 For any case not shown in Table 2, the cookie SHOULD be silently 3038 discarded. 3040 Action 3042 A) In this case, the peer might have restarted. When the endpoint 3043 recognizes this potential 'restart', the existing session is 3044 treated the same as if it received an ABORT followed by a new 3045 COOKIE ECHO with the following exceptions: 3047 * Any SCTP DATA chunks MAY be retained (this is an 3048 implementation-specific option). 3050 * A notification of RESTART SHOULD be sent to the ULP instead of 3051 a "COMMUNICATION LOST" notification. 3053 All the congestion control parameters (e.g., cwnd, ssthresh) 3054 related to this peer MUST be reset to their initial values (see 3055 Section 6.2.1). 3057 After this, the endpoint enters the ESTABLISHED state. 3059 If the endpoint is in the SHUTDOWN-ACK-SENT state and recognizes 3060 that the peer has restarted (Action A), it MUST NOT set up a new 3061 association but instead resend the SHUTDOWN ACK and send an ERROR 3062 chunk with a "Cookie Received While Shutting Down" error cause to 3063 its peer. 3065 B) In this case, both sides might be attempting to start an 3066 association at about the same time, but the peer endpoint started 3067 its INIT after responding to the local endpoint's INIT. Thus, it 3068 might have picked a new Verification Tag, not being aware of the 3069 previous tag it had sent this endpoint. The endpoint SHOULD stay 3070 in or enter the ESTABLISHED state, but it MUST update its peer's 3071 Verification Tag from the State Cookie, stop any init or cookie 3072 timers that might be running, and send a COOKIE ACK. 3074 C) In this case, the local endpoint's cookie has arrived late. 3075 Before it arrived, the local endpoint sent an INIT and received 3076 an INIT ACK and finally sent a COOKIE ECHO with the peer's same 3077 tag but a new tag of its own. The cookie SHOULD be silently 3078 discarded. The endpoint SHOULD NOT change states and SHOULD 3079 leave any timers running. 3081 D) When both local and remote tags match, the endpoint SHOULD enter 3082 the ESTABLISHED state, if it is in the COOKIE-ECHOED state. It 3083 SHOULD stop any cookie timer that is running and send a COOKIE 3084 ACK. 3086 Note: The "peer's Verification Tag" is the tag received in the 3087 Initiate Tag field of the INIT or INIT ACK chunk. 3089 5.2.4.1. An Example of a Association Restart 3091 In the following example, "A" initiates the association after a 3092 restart has occurred. Endpoint "Z" had no knowledge of the restart 3093 until the exchange (i.e., Heartbeats had not yet detected the failure 3094 of "A") (assuming no bundling or fragmentation occurs): 3096 Endpoint A Endpoint Z 3097 <-------------- Association is established----------------------> 3098 Tag=Tag_A Tag=Tag_Z 3099 <---------------------------------------------------------------> 3100 {A crashes and restarts} 3101 {app sets up a association with Z} 3102 (build TCB) 3103 INIT [I-Tag=Tag_A' 3104 & other info] --------\ 3105 (Start T1-init timer) \ 3106 (Enter COOKIE-WAIT state) \---> (find an existing TCB 3107 compose temp TCB and Cookie_Z 3108 with Tie-Tags to previous 3109 association) 3110 /--- INIT ACK [Veri Tag=Tag_A', 3111 / I-Tag=Tag_Z', 3112 (Cancel T1-init timer) <------/ Cookie_Z[TieTags= 3113 Tag_A,Tag_Z 3114 & other info] 3115 (destroy temp TCB,leave original 3116 in place) 3117 COOKIE ECHO [Veri=Tag_Z', 3118 Cookie_Z 3119 Tie=Tag_A, 3120 Tag_Z]----------\ 3121 (Start T1-init timer) \ 3122 (Enter COOKIE-ECHOED state) \---> (Find existing association, 3123 Tie-Tags match old tags, 3124 Tags do not match, i.e., 3125 case X X M M above, 3126 Announce Restart to ULP 3127 and reset association). 3128 /---- COOKIE ACK 3129 (Cancel T1-init timer, <------/ 3130 Enter ESTABLISHED state) 3131 {app sends 1st user data; strm 0} 3132 DATA [TSN=initial TSN_A 3133 Strm=0,Seq=0 & user data]--\ 3134 (Start T3-rtx timer) \ 3135 \-> 3136 /--- SACK [TSN Ack=init TSN_A,Block=0] 3137 (Cancel T3-rtx timer) <------/ 3139 Figure 5: A Restart Example 3141 5.2.5. Handle Duplicate COOKIE ACK 3143 At any state other than COOKIE-ECHOED, an endpoint SHOULD silently 3144 discard a received COOKIE ACK chunk. 3146 5.2.6. Handle Stale COOKIE Error 3148 Receipt of an ERROR chunk with a "Stale Cookie" error cause indicates 3149 one of a number of possible events: 3151 A) The association failed to completely setup before the State 3152 Cookie issued by the sender was processed. 3154 B) An old State Cookie was processed after setup completed. 3156 C) An old State Cookie is received from someone that the receiver is 3157 not interested in having an association with and the ABORT chunk 3158 was lost. 3160 When processing an ERROR chunk with a "Stale Cookie" error cause an 3161 endpoint SHOULD first examine if an association is in the process of 3162 being set up, i.e., the association is in the COOKIE-ECHOED state. 3163 In all cases, if the association is not in the COOKIE-ECHOED state, 3164 the ERROR chunk SHOULD be silently discarded. 3166 If the association is in the COOKIE-ECHOED state, the endpoint MAY 3167 elect one of the following three alternatives. 3169 1) Send a new INIT chunk to the endpoint to generate a new State 3170 Cookie and reattempt the setup procedure. 3171 2) Discard the TCB and report to the upper layer the inability to 3172 set up the association. 3173 3) Send a new INIT chunk to the endpoint, adding a Cookie 3174 Preservative parameter requesting an extension to the life time 3175 of the State Cookie. When calculating the time extension, an 3176 implementation SHOULD use the RTT information measured based on 3177 the previous COOKIE ECHO / ERROR exchange, and SHOULD add no more 3178 than 1 second beyond the measured RTT, due to long State Cookie 3179 life times making the endpoint more subject to a replay attack. 3181 5.3. Other Initialization Issues 3183 5.3.1. Selection of Tag Value 3185 Initiate Tag values SHOULD be selected from the range of 1 to 2**32 - 3186 1. It is very important that the Initiate Tag value be randomized to 3187 help protect against "man in the middle" and "sequence number" 3188 attacks. The methods described in [RFC4086] can be used for the 3189 Initiate Tag randomization. Careful selection of Initiate Tags is 3190 also necessary to prevent old duplicate packets from previous 3191 associations being mistakenly processed as belonging to the current 3192 association. 3194 Moreover, the Verification Tag value used by either endpoint in a 3195 given association MUST NOT change during the life time of an 3196 association. A new Verification Tag value MUST be used each time the 3197 endpoint tears down and then reestablishes an association to the same 3198 peer. 3200 5.4. Path Verification 3202 During association establishment, the two peers exchange a list of 3203 addresses. In the predominant case, these lists accurately represent 3204 the addresses owned by each peer. However, it is possible that a 3205 misbehaving peer might supply addresses that it does not own. To 3206 prevent this, the following rules are applied to all addresses of the 3207 new association: 3209 1) Any addresses passed to the sender of the INIT by its upper layer 3210 in the request to initialize an association are automatically 3211 considered to be CONFIRMED. 3213 2) For the receiver of the COOKIE ECHO, the only CONFIRMED address 3214 is the address to which the INIT ACK was sent. 3216 3) All other addresses not covered by rules 1 and 2 are considered 3217 UNCONFIRMED and are subject to probing for verification. 3219 To probe an address for verification, an endpoint will send 3220 HEARTBEATs including a 64-bit random nonce and a path indicator (to 3221 identify the address that the HEARTBEAT is sent to) within the 3222 HEARTBEAT parameter. 3224 Upon receipt of the HEARTBEAT ACK, a verification is made that the 3225 nonce included in the HEARTBEAT parameter is the one sent to the 3226 address indicated inside the HEARTBEAT parameter. When this match 3227 occurs, the address that the original HEARTBEAT was sent to is now 3228 considered CONFIRMED and available for normal data transfer. 3230 These probing procedures are started when an association moves to the 3231 ESTABLISHED state and are ended when all paths are confirmed. 3233 In each RTO, a probe MAY be sent on an active UNCONFIRMED path in an 3234 attempt to move it to the CONFIRMED state. If during this probing 3235 the path becomes inactive, this rate is lowered to the normal 3236 HEARTBEAT rate. At the expiration of the RTO timer, the error 3237 counter of any path that was probed but not CONFIRMED is incremented 3238 by one and subjected to path failure detection, as defined in 3239 Section 8.2. When probing UNCONFIRMED addresses, however, the 3240 association overall error count is not incremented. 3242 The number of HEARTBEATS sent at each RTO SHOULD be limited by the 3243 HB.Max.Burst parameter. It is an implementation decision as to how 3244 to distribute HEARTBEATS to the peer's addresses for path 3245 verification. 3247 Whenever a path is confirmed, an indication MAY be given to the upper 3248 layer. 3250 An endpoint MUST NOT send any chunks to an UNCONFIRMED address, with 3251 the following exceptions: 3253 o A HEARTBEAT including a nonce MAY be sent to an UNCONFIRMED 3254 address. 3256 o A HEARTBEAT ACK MAY be sent to an UNCONFIRMED address. 3258 o A COOKIE ACK MAY be sent to an UNCONFIRMED address, but it MUST be 3259 bundled with a HEARTBEAT including a nonce. An implementation 3260 that does not support bundling MUST NOT send a COOKIE ACK to an 3261 UNCONFIRMED address. 3263 o A COOKIE ECHO MAY be sent to an UNCONFIRMED address, but it MUST 3264 be bundled with a HEARTBEAT including a nonce, and the packet MUST 3265 NOT exceed the path MTU. If the implementation does not support 3266 bundling or if the bundled COOKIE ECHO plus HEARTBEAT (including 3267 nonce) would exceed the path MTU, then the implementation MUST NOT 3268 send a COOKIE ECHO to an UNCONFIRMED address. 3270 6. User Data Transfer 3272 Data transmission MUST only happen in the ESTABLISHED, SHUTDOWN- 3273 PENDING, and SHUTDOWN-RECEIVED states. The only exception to this is 3274 that DATA chunks are allowed to be bundled with an outbound COOKIE 3275 ECHO chunk when in the COOKIE-WAIT state. 3277 DATA chunks MUST only be received according to the rules below in 3278 ESTABLISHED, SHUTDOWN-PENDING, and SHUTDOWN-SENT. A DATA chunk 3279 received in CLOSED is out of the blue and SHOULD be handled per 3280 Section 8.4. A DATA chunk received in any other state SHOULD be 3281 discarded. 3283 A SACK MUST be processed in ESTABLISHED, SHUTDOWN-PENDING, and 3284 SHUTDOWN-RECEIVED. An incoming SACK MAY be processed in COOKIE- 3285 ECHOED. A SACK in the CLOSED state is out of the blue and SHOULD be 3286 processed according to the rules in Section 8.4. A SACK chunk 3287 received in any other state SHOULD be discarded. 3289 An SCTP receiver MUST be able to receive a minimum of 1500 bytes in 3290 one SCTP packet. This means that an SCTP endpoint MUST NOT indicate 3291 less than 1500 bytes in its initial a_rwnd sent in the INIT or INIT 3292 ACK. 3294 For transmission efficiency, SCTP defines mechanisms for bundling of 3295 small user messages and fragmentation of large user messages. The 3296 following diagram depicts the flow of user messages through SCTP. 3298 In this section, the term "data sender" refers to the endpoint that 3299 transmits a DATA chunk and the term "data receiver" refers to the 3300 endpoint that receives a DATA chunk. A data receiver will transmit 3301 SACK chunks. 3303 +--------------------------+ 3304 | User Messages | 3305 +--------------------------+ 3306 SCTP user ^ | 3307 ==================|==|======================================= 3308 | v (1) 3309 +------------------+ +--------------------+ 3310 | SCTP DATA Chunks | |SCTP Control Chunks | 3311 +------------------+ +--------------------+ 3312 ^ | ^ | 3313 | v (2) | v (2) 3314 +--------------------------+ 3315 | SCTP packets | 3316 +--------------------------+ 3317 SCTP ^ | 3318 ===========================|==|=========================== 3319 | v 3320 Connectionless Packet Transfer Service (e.g., IP) 3322 Figure 6: Illustration of User Data Transfer 3324 The following applies: 3326 1) When converting user messages into DATA chunks, an endpoint will 3327 fragment user messages larger than the current association path 3328 MTU into multiple DATA chunks. The data receiver will normally 3329 reassemble the fragmented message from DATA chunks before 3330 delivery to the user (see Section 6.9 for details). 3332 2) Multiple DATA and control chunks MAY be bundled by the sender 3333 into a single SCTP packet for transmission, as long as the final 3334 size of the packet does not exceed the current path MTU. The 3335 receiver will unbundle the packet back into the original chunks. 3336 Control chunks MUST come before DATA chunks in the packet. 3338 The fragmentation and bundling mechanisms, as detailed in Section 6.9 3339 and Section 6.10, are OPTIONAL to implement by the data sender, but 3340 they MUST be implemented by the data receiver, i.e., an endpoint MUST 3341 properly receive and process bundled or fragmented data. 3343 6.1. Transmission of DATA Chunks 3345 This document is specified as if there is a single retransmission 3346 timer per destination transport address, but implementations MAY have 3347 a retransmission timer for each DATA chunk. 3349 The following general rules MUST be applied by the data sender for 3350 transmission and/or retransmission of outbound DATA chunks: 3352 A) At any given time, the data sender MUST NOT transmit new data to 3353 any destination transport address if its peer's rwnd indicates 3354 that the peer has no buffer space (i.e., rwnd is smaller than the 3355 size of the next DATA chunk; see Section 6.2.1). 3357 When the receiver has no buffer space, this probe is called a 3358 zero window probe. A zero window probe SHOULD only be sent when 3359 all outstanding DATA chunks have been cumulatively acknowledged 3360 and no DATA chunks are in flight. Zero window probing MUST be 3361 supported. 3363 If the sender continues to receive SACKs from the peer while 3364 doing zero window probing, the unacknowledged window probes 3365 SHOULD NOT increment the error counter for the association or any 3366 destination transport address. This is because the receiver 3367 could keep its window closed for an indefinite time. Section 6.2 3368 describes the receiver behavior when it advertises a zero window. 3369 The sender SHOULD send the first zero window probe after 1 RTO 3370 when it detects that the receiver has closed its window and 3371 SHOULD increase the probe interval exponentially afterwards. 3372 Also note that the cwnd SHOULD be adjusted according to 3373 Section 7.2.1. Zero window probing does not affect the 3374 calculation of cwnd. 3376 The sender MUST also have an algorithm for sending new DATA 3377 chunks to avoid silly window syndrome (SWS) as described in 3378 [RFC1122]. The algorithm can be similar to the one described in 3379 Section 4.2.3.4 of [RFC1122]. 3381 However, regardless of the value of rwnd (including if it is 0), 3382 the data sender can always have one DATA chunk in flight to the 3383 receiver if allowed by cwnd (see rule B below). This rule allows 3384 the sender to probe for a change in rwnd that the sender missed 3385 due to the SACK having been lost in transit from the data 3386 receiver to the data sender. 3388 B) At any given time, the sender MUST NOT transmit new data to a 3389 given transport address if it has cwnd + (PMTU - 1) or more bytes 3390 of data outstanding to that transport address. If data is 3391 available, the sender SHOULD exceed cwnd by up to (PMTU - 1) 3392 bytes on a new data transmission if the flightsize does not 3393 currently reach cwnd. The breach of cwnd MUST constitute one 3394 packet only. 3396 C) When the time comes for the sender to transmit, before sending 3397 new DATA chunks, the sender MUST first transmit any DATA chunks 3398 that are marked for retransmission (limited by the current cwnd). 3400 D) When the time comes for the sender to transmit new DATA chunks, 3401 the protocol parameter Max.Burst SHOULD be used to limit the 3402 number of packets sent. The limit MAY be applied by adjusting 3403 cwnd temporarily, as follows: 3405 if ((flightsize + Max.Burst * MTU) < cwnd) 3406 cwnd = flightsize + Max.Burst * MTU; 3408 Or, it MAY be applied by strictly limiting the number of packets 3409 emitted by the output routine. When calculating the number of 3410 packets to transmit, and particularly when using the formula 3411 above, cwnd SHOULD NOT be changed permanently. 3413 E) Then, the sender can send out as many new DATA chunks as rule A 3414 and rule B allow. 3416 Multiple DATA chunks committed for transmission MAY be bundled in a 3417 single packet. Furthermore, DATA chunks being retransmitted MAY be 3418 bundled with new DATA chunks, as long as the resulting packet size 3419 does not exceed the path MTU. A ULP can request that no bundling is 3420 performed, but this only turns off any delays that an SCTP 3421 implementation might be using to increase bundling efficiency. It 3422 does not in itself stop all bundling from occurring (i.e., in case of 3423 congestion or retransmission). 3425 Before an endpoint transmits a DATA chunk, if any received DATA 3426 chunks have not been acknowledged (e.g., due to delayed ack), the 3427 sender SHOULD create a SACK and bundle it with the outbound DATA 3428 chunk, as long as the size of the final SCTP packet does not exceed 3429 the current MTU. See Section 6.2. 3431 When the window is full (i.e., transmission is disallowed by rule A 3432 and/or rule B), the sender MAY still accept send requests from its 3433 upper layer, but MUST transmit no more DATA chunks until some or all 3434 of the outstanding DATA chunks are acknowledged and transmission is 3435 allowed by rule A and rule B again. 3437 Whenever a transmission or retransmission is made to any address, if 3438 the T3-rtx timer of that address is not currently running, the sender 3439 MUST start that timer. If the timer for that address is already 3440 running, the sender MUST restart the timer if the earliest (i.e., 3441 lowest TSN) outstanding DATA chunk sent to that address is being 3442 retransmitted. Otherwise, the data sender MUST NOT restart the 3443 timer. 3445 When starting or restarting the T3-rtx timer, the timer value SHOULD 3446 be adjusted according to the timer rules defined in Section 6.3.2 and 3447 Section 6.3.3. 3449 The data sender SHOULD NOT use a TSN that is more than 2**31 - 1 3450 above the beginning TSN of the current send window. 3452 For each stream, the data sender SHOULD NOT have more than 2**16 - 1 3453 ordered user messages in the current send window. 3455 Whenever the sender of a DATA chunk can benefit from the 3456 corresponding SACK chunk being sent back without delay, the sender 3457 MAY set the I bit in the DATA chunk header. Please note that why the 3458 sender has set the I bit is irrelevant to the receiver. 3460 Reasons for setting the I bit include, but are not limited to, the 3461 following (see Section 4 of [RFC7053] for a discussion of the 3462 benefits): 3464 o The application requests that the I bit of the last DATA chunk of 3465 a user message be set when providing the user message to the SCTP 3466 implementation (see Section 11.1). 3467 o The sender is in the SHUTDOWN-PENDING state. 3468 o The sending of a DATA chunk fills the congestion or receiver 3469 window. 3471 / 3473 6.2. Acknowledgement on Reception of DATA Chunks 3475 The SCTP endpoint MUST always acknowledge the reception of each valid 3476 DATA chunk when the DATA chunk received is inside its receive window. 3478 When the receiver's advertised window is 0, the receiver MUST drop 3479 any new incoming DATA chunk with a TSN larger than the largest TSN 3480 received so far. If the new incoming DATA chunk holds a TSN value 3481 less than the largest TSN received so far, then the receiver SHOULD 3482 drop the largest TSN held for reordering and accept the new incoming 3483 DATA chunk. In either case, if such a DATA chunk is dropped, the 3484 receiver MUST immediately send back a SACK with the current receive 3485 window showing only DATA chunks received and accepted so far. The 3486 dropped DATA chunk(s) MUST NOT be included in the SACK, as they were 3487 not accepted. The receiver MUST also have an algorithm for 3488 advertising its receive window to avoid receiver silly window 3489 syndrome (SWS), as described in [RFC1122]. The algorithm can be 3490 similar to the one described in Section 4.2.3.3 of [RFC1122]. 3492 The guidelines on delayed acknowledgement algorithm specified in 3493 Section 4.2 of [RFC5681] SHOULD be followed. Specifically, an 3494 acknowledgement SHOULD be generated for at least every second packet 3495 (not every second DATA chunk) received, and SHOULD be generated 3496 within 200 ms of the arrival of any unacknowledged DATA chunk. In 3497 some situations, it might be beneficial for an SCTP transmitter to be 3498 more conservative than the algorithms detailed in this document 3499 allow. However, an SCTP transmitter MUST NOT be more aggressive than 3500 the following algorithms allow. 3502 An SCTP receiver MUST NOT generate more than one SACK for every 3503 incoming packet, other than to update the offered window as the 3504 receiving application consumes new data. When the window opens up, 3505 an SCTP receiver SHOULD send additional SACK chunks to update the 3506 window even if no new data is received. The receiver MUST avoid 3507 sending a large number of window updates -- in particular, large 3508 bursts of them. One way to achieve this is to send a window update 3509 only if the window can be increased by at least a quarter of the 3510 receive buffer size of the association. 3512 IMPLEMENTATION NOTE: The maximum delay for generating an 3513 acknowledgement MAY be configured by the SCTP administrator, either 3514 statically or dynamically, in order to meet the specific timing 3515 requirement of the protocol being carried. 3517 An implementation MUST NOT allow the maximum delay (protocol 3518 parameter 'SACK.Delay') to be configured to be more than 500 ms. In 3519 other words, an implementation MAY lower the value of SACK.Delay 3520 below 500 ms but MUST NOT raise it above 500 ms. 3522 Acknowledgements MUST be sent in SACK chunks unless shutdown was 3523 requested by the ULP, in which case an endpoint MAY send an 3524 acknowledgement in the SHUTDOWN chunk. A SACK chunk can acknowledge 3525 the reception of multiple DATA chunks. See Section 3.3.4 for SACK 3526 chunk format. In particular, the SCTP endpoint MUST fill in the 3527 Cumulative TSN Ack field to indicate the latest sequential TSN (of a 3528 valid DATA chunk) it has received. Any received DATA chunks with TSN 3529 greater than the value in the Cumulative TSN Ack field are reported 3530 in the Gap Ack Block fields. The SCTP endpoint MUST report as many 3531 Gap Ack Blocks as can fit in a single SACK chunk limited by the 3532 current path MTU. 3534 The SHUTDOWN chunk does not contain Gap Ack Block fields. Therefore, 3535 the endpoint SHOULD use a SACK instead of the SHUTDOWN chunk to 3536 acknowledge DATA chunks received out of order. 3538 Upon receipt of an SCTP packet containing a DATA chunk with the I bit 3539 set, the receiver SHOULD NOT delay the sending of the corresponding 3540 SACK chunk, i.e., the receiver SHOULD immediately respond with the 3541 corresponding SACK chunk. 3543 When a packet arrives with duplicate DATA chunk(s) and with no new 3544 DATA chunk(s), the endpoint MUST immediately send a SACK with no 3545 delay. If a packet arrives with duplicate DATA chunk(s) bundled with 3546 new DATA chunks, the endpoint MAY immediately send a SACK. Normally, 3547 receipt of duplicate DATA chunks will occur when the original SACK 3548 chunk was lost and the peer's RTO has expired. The duplicate TSN 3549 number(s) SHOULD be reported in the SACK as duplicate. 3551 When an endpoint receives a SACK, it MAY use the duplicate TSN 3552 information to determine if SACK loss is occurring. Further use of 3553 this data is for future study. 3555 The data receiver is responsible for maintaining its receive buffers. 3556 The data receiver SHOULD notify the data sender in a timely manner of 3557 changes in its ability to receive data. How an implementation 3558 manages its receive buffers is dependent on many factors (e.g., 3559 operating system, memory management system, amount of memory, etc.). 3560 However, the data sender strategy defined in Section 6.2.1 is based 3561 on the assumption of receiver operation similar to the following: 3563 A) At initialization of the association, the endpoint tells the peer 3564 how much receive buffer space it has allocated to the association 3565 in the INIT or INIT ACK. The endpoint sets a_rwnd to this value. 3567 B) As DATA chunks are received and buffered, decrement a_rwnd by the 3568 number of bytes received and buffered. This is, in effect, 3569 closing rwnd at the data sender and restricting the amount of 3570 data it can transmit. 3572 C) As DATA chunks are delivered to the ULP and released from the 3573 receive buffers, increment a_rwnd by the number of bytes 3574 delivered to the upper layer. This is, in effect, opening up 3575 rwnd on the data sender and allowing it to send more data. The 3576 data receiver SHOULD NOT increment a_rwnd unless it has released 3577 bytes from its receive buffer. For example, if the receiver is 3578 holding fragmented DATA chunks in a reassembly queue, it SHOULD 3579 NOT increment a_rwnd. 3581 D) When sending a SACK, the data receiver SHOULD place the current 3582 value of a_rwnd into the a_rwnd field. The data receiver SHOULD 3583 take into account that the data sender will not retransmit DATA 3584 chunks that are acked via the Cumulative TSN Ack (i.e., will drop 3585 from its retransmit queue). 3587 Under certain circumstances, the data receiver MAY drop DATA chunks 3588 that it has received but has not released from its receive buffers 3589 (i.e., delivered to the ULP). These DATA chunks might have been 3590 acked in Gap Ack Blocks. For example, the data receiver might be 3591 holding data in its receive buffers while reassembling a fragmented 3592 user message from its peer when it runs out of receive buffer space. 3593 It MAY drop these DATA chunks even though it has acknowledged them in 3594 Gap Ack Blocks. If a data receiver drops DATA chunks, it MUST NOT 3595 include them in Gap Ack Blocks in subsequent SACKs until they are 3596 received again via retransmission. In addition, the endpoint SHOULD 3597 take into account the dropped data when calculating its a_rwnd. 3599 An endpoint SHOULD NOT revoke a SACK and discard data. Only in 3600 extreme circumstances might an endpoint use this procedure (such as 3601 out of buffer space). The data receiver SHOULD take into account 3602 that dropping data that has been acked in Gap Ack Blocks can result 3603 in suboptimal retransmission strategies in the data sender and thus 3604 in suboptimal performance. 3606 The following example illustrates the use of delayed 3607 acknowledgements: 3609 Endpoint A Endpoint Z 3611 {App sends 3 messages; strm 0} 3612 DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 3613 (Start T3-rtx timer) 3615 DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) 3616 /------- SACK [TSN Ack=8,block=0] 3617 (cancel T3-rtx timer) <-----/ 3619 DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) 3620 (Start T3-rtx timer) 3621 ... 3622 {App sends 1 message; strm 1} 3623 (bundle SACK with DATA) 3624 /----- SACK [TSN Ack=9,block=0] \ 3625 / DATA [TSN=6,Strm=1,Seq=2] 3626 (cancel T3-rtx timer) <------/ (Start T3-rtx timer) 3628 (ack delayed) 3629 (send ack) 3630 SACK [TSN Ack=6,block=0] -------------> (cancel T3-rtx timer) 3632 Figure 7: Delayed Acknowledgement Example 3634 If an endpoint receives a DATA chunk with no user data (i.e., the 3635 Length field is set to 16), it MUST send an ABORT with error cause 3636 set to "No User Data". 3638 An endpoint SHOULD NOT send a DATA chunk with no user data part. 3640 6.2.1. Processing a Received SACK 3642 Each SACK an endpoint receives contains an a_rwnd value. This value 3643 represents the amount of buffer space the data receiver, at the time 3644 of transmitting the SACK, has left of its total receive buffer space 3645 (as specified in the INIT/INIT ACK). Using a_rwnd, Cumulative TSN 3646 Ack, and Gap Ack Blocks, the data sender can develop a representation 3647 of the peer's receive buffer space. 3649 One of the problems the data sender takes into account when 3650 processing a SACK is that a SACK can be received out of order. That 3651 is, a SACK sent by the data receiver can pass an earlier SACK and be 3652 received first by the data sender. If a SACK is received out of 3653 order, the data sender can develop an incorrect view of the peer's 3654 receive buffer space. 3656 Since there is no explicit identifier that can be used to detect out- 3657 of-order SACKs, the data sender uses heuristics to determine if a 3658 SACK is new. 3660 An endpoint SHOULD use the following rules to calculate the rwnd, 3661 using the a_rwnd value, the Cumulative TSN Ack, and Gap Ack Blocks in 3662 a received SACK. 3664 A) At the establishment of the association, the endpoint initializes 3665 the rwnd to the Advertised Receiver Window Credit (a_rwnd) the 3666 peer specified in the INIT or INIT ACK. 3668 B) Any time a DATA chunk is transmitted (or retransmitted) to a 3669 peer, the endpoint subtracts the data size of the chunk from the 3670 rwnd of that peer. 3672 C) Any time a DATA chunk is marked for retransmission, either via 3673 T3-rtx timer expiration (Section 6.3.3) or via Fast Retransmit 3674 (Section 7.2.4), add the data size of those chunks to the rwnd. 3676 Note: If the implementation is maintaining a timer on each DATA 3677 chunk, then only DATA chunks whose timer expired would be marked 3678 for retransmission. 3680 D) Any time a SACK arrives, the endpoint performs the following: 3682 i) If Cumulative TSN Ack is less than the Cumulative TSN Ack 3683 Point, then drop the SACK. Since Cumulative TSN Ack is 3684 monotonically increasing, a SACK whose Cumulative TSN Ack 3685 is less than the Cumulative TSN Ack Point indicates an out- 3686 of-order SACK. 3688 ii) Set rwnd equal to the newly received a_rwnd minus the 3689 number of bytes still outstanding after processing the 3690 Cumulative TSN Ack and the Gap Ack Blocks. 3692 iii) If the SACK is missing a TSN that was previously 3693 acknowledged via a Gap Ack Block (e.g., the data receiver 3694 reneged on the data), then consider the corresponding DATA 3695 that might be possibly missing: Count one miss indication 3696 towards Fast Retransmit as described in Section 7.2.4, and 3697 if no retransmit timer is running for the destination 3698 address to which the DATA chunk was originally transmitted, 3699 then T3-rtx is started for that destination address. 3701 iv) If the Cumulative TSN Ack matches or exceeds the Fast 3702 Recovery exitpoint (Section 7.2.4), Fast Recovery is 3703 exited. 3705 6.3. Management of Retransmission Timer 3707 An SCTP endpoint uses a retransmission timer T3-rtx to ensure data 3708 delivery in the absence of any feedback from its peer. The duration 3709 of this timer is referred to as RTO (retransmission timeout). 3711 When an endpoint's peer is multi-homed, the endpoint will calculate a 3712 separate RTO for each different destination transport address of its 3713 peer endpoint. 3715 The computation and management of RTO in SCTP follow closely how TCP 3716 manages its retransmission timer. To compute the current RTO, an 3717 endpoint maintains two state variables per destination transport 3718 address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time 3719 variation). 3721 6.3.1. RTO Calculation 3723 The rules governing the computation of SRTT, RTTVAR, and RTO are as 3724 follows: 3726 C1) Until an RTT measurement has been made for a packet sent to the 3727 given destination transport address, set RTO to the protocol 3728 parameter 'RTO.Initial'. 3729 C2) When the first RTT measurement R is made, set 3731 SRTT <- R, 3733 RTTVAR <- R/2, and 3735 RTO <- SRTT + 4 * RTTVAR. 3736 C3) When a new RTT measurement R' is made, set 3738 RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'| 3740 and 3742 SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R' 3744 Note: The value of SRTT used in the update to RTTVAR is its 3745 value before updating SRTT itself using the second assignment. 3747 After the computation, update RTO <- SRTT + 4 * RTTVAR. 3748 C4) When data is in flight and when allowed by rule C5 below, a new 3749 RTT measurement MUST be made each round trip. Furthermore, new 3750 RTT measurements SHOULD be made no more than once per round trip 3751 for a given destination transport address. There are two 3752 reasons for this recommendation: First, it appears that 3753 measuring more frequently often does not in practice yield any 3754 significant benefit [ALLMAN99]; second, if measurements are made 3755 more often, then the values of RTO.Alpha and RTO.Beta in rule C3 3756 above SHOULD be adjusted so that SRTT and RTTVAR still adjust to 3757 changes at roughly the same rate (in terms of how many round 3758 trips it takes them to reflect new values) as they would if 3759 making only one measurement per round-trip and using RTO.Alpha 3760 and RTO.Beta as given in rule C3. However, the exact nature of 3761 these adjustments remains a research issue. 3763 C5) Karn's algorithm: RTT measurements MUST NOT be made using 3764 packets that were retransmitted (and thus for which it is 3765 ambiguous whether the reply was for the first instance of the 3766 chunk or for a later instance) 3768 RTT measurements SHOULD only be made using a chunk with TSN r if 3769 no chunk with TSN less than or equal to r is retransmitted since 3770 r is first sent. 3772 C6) Whenever RTO is computed, if it is less than RTO.Min seconds 3773 then it is rounded up to RTO.Min seconds. The reason for this 3774 rule is that RTOs that do not have a high minimum value are 3775 susceptible to unnecessary timeouts [ALLMAN99]. 3777 C7) A maximum value MAY be placed on RTO provided it is at least 3778 RTO.max seconds. 3780 There is no requirement for the clock granularity G used for 3781 computing RTT measurements and the different state variables, other 3782 than: 3784 G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust RTTVAR 3785 <- G. 3787 Experience [ALLMAN99] has shown that finer clock granularities (<= 3788 100 msec) perform somewhat better than more coarse granularities. 3790 6.3.2. Retransmission Timer Rules 3792 The rules for managing the retransmission timer are as follows: 3794 R1) Every time a DATA chunk is sent to any address (including a 3795 retransmission), if the T3-rtx timer of that address is not 3796 running, start it running so that it will expire after the RTO 3797 of that address. The RTO used here is that obtained after any 3798 doubling due to previous T3-rtx timer expirations on the 3799 corresponding destination address as discussed in rule E2 below. 3801 R2) Whenever all outstanding data sent to an address have been 3802 acknowledged, turn off the T3-rtx timer of that address. 3803 R3) Whenever a SACK is received that acknowledges the DATA chunk 3804 with the earliest outstanding TSN for that address, restart the 3805 T3-rtx timer for that address with its current RTO (if there is 3806 still outstanding data on that address). 3807 R4) Whenever a SACK is received missing a TSN that was previously 3808 acknowledged via a Gap Ack Block, start the T3-rtx for the 3809 destination address to which the DATA chunk was originally 3810 transmitted if it is not already running. 3812 The following example shows the use of various timer rules (assuming 3813 that the receiver uses delayed acks). 3815 Endpoint A Endpoint Z 3816 {App begins to send} 3817 Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 3818 (Start T3-rtx timer) 3819 {App sends 1 message; strm 1} 3820 (bundle ack with data) 3821 DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN Ack=7,Block=0] 3822 \ / DATA [TSN=6,Strm=1,Seq=2] 3823 \ / (Start T3-rtx timer) 3824 \ 3825 / \ 3826 (Restart T3-rtx timer) <------/ \--> (ack delayed) 3827 (ack delayed) 3828 {send ack} 3829 SACK [TSN Ack=6,Block=0] --------------> (Cancel T3-rtx timer) 3830 .. 3831 (send ack) 3832 (Cancel T3-rtx timer) <-------------- SACK [TSN Ack=8,Block=0] 3834 Figure 8: Timer Rule Examples 3836 6.3.3. Handle T3-rtx Expiration 3838 Whenever the retransmission timer T3-rtx expires for a destination 3839 address, do the following: 3841 E1) For the destination address for which the timer expires, adjust 3842 its ssthresh with rules defined in Section 7.2.3 and set the 3843 cwnd <- MTU. 3844 E2) For the destination address for which the timer expires, set RTO 3845 <- RTO * 2 ("back off the timer"). The maximum value discussed 3846 in rule C7 above (RTO.max) MAY be used to provide an upper bound 3847 to this doubling operation. 3848 E3) Determine how many of the earliest (i.e., lowest TSN) 3849 outstanding DATA chunks for the address for which the T3-rtx has 3850 expired will fit into a single packet, subject to the MTU 3851 constraint for the path corresponding to the destination 3852 transport address to which the retransmission is being sent 3853 (this might be different from the address for which the timer 3854 expires; see Section 6.4). Call this value K. Bundle and 3855 retransmit those K DATA chunks in a single packet to the 3856 destination endpoint. 3857 E4) Start the retransmission timer T3-rtx on the destination address 3858 to which the retransmission is sent, if rule R1 above indicates 3859 to do so. The RTO to be used for starting T3-rtx SHOULD be the 3860 one for the destination address to which the retransmission is 3861 sent, which, when the receiver is multi-homed, might be 3862 different from the destination address for which the timer 3863 expired (see Section 6.4 below). 3865 After retransmitting, once a new RTT measurement is obtained (which 3866 can happen only when new data has been sent and acknowledged, per 3867 rule C5, or for a measurement made from a HEARTBEAT; see 3868 Section 8.3), the computation in rule C3 is performed, including the 3869 computation of RTO, which might result in "collapsing" RTO back down 3870 after it has been subject to doubling (rule E2). 3872 Any DATA chunks that were sent to the address for which the T3-rtx 3873 timer expired but did not fit in one MTU (rule E3 above) SHOULD be 3874 marked for retransmission and sent as soon as cwnd allows (normally, 3875 when a SACK arrives). 3877 The final rule for managing the retransmission timer concerns 3878 failover (see Section 6.4.1): 3880 F1) Whenever an endpoint switches from the current destination 3881 transport address to a different one, the current retransmission 3882 timers are left running. As soon as the endpoint transmits a 3883 packet containing DATA chunk(s) to the new transport address, 3884 start the timer on that transport address, using the RTO value 3885 of the destination address to which the data is being sent, if 3886 rule R1 indicates to do so. 3888 6.4. Multi-Homed SCTP Endpoints 3890 An SCTP endpoint is considered multi-homed if there are more than one 3891 transport address that can be used as a destination address to reach 3892 that endpoint. 3894 Moreover, the ULP of an endpoint selects one of the multiple 3895 destination addresses of a multi-homed peer endpoint as the primary 3896 path (see Section 5.1.2 and Section 11.1 for details). 3898 By default, an endpoint SHOULD always transmit to the primary path, 3899 unless the SCTP user explicitly specifies the destination transport 3900 address (and possibly source transport address) to use. 3902 An endpoint SHOULD transmit reply chunks (e.g., INIT ACK, COOKIE ACK, 3903 HEARTBEAT ACK) in response to control chunks to the same destination 3904 transport address from which it received the control chunk to which 3905 it is replying. 3907 The selection of the destination transport address for packets 3908 containing SACK chunks is implementation dependent. However, an 3909 endpoint SHOULD NOT vary the destination transport address of a SACK 3910 when it receives DATA chunks coming from the same source address. 3912 When acknowledging multiple DATA chunks received in packets from 3913 different source addresses in a single SACK, the SACK chunk MAY be 3914 transmitted to one of the destination transport addresses from which 3915 the DATA or control chunks being acknowledged were received. 3917 When a receiver of a duplicate DATA chunk sends a SACK to a multi- 3918 homed endpoint, it MAY be beneficial to vary the destination address 3919 and not use the source address of the DATA chunk. The reason is that 3920 receiving a duplicate from a multi-homed endpoint might indicate that 3921 the return path (as specified in the source address of the DATA 3922 chunk) for the SACK is broken. 3924 Furthermore, when its peer is multi-homed, an endpoint SHOULD try to 3925 retransmit a chunk that timed out to an active destination transport 3926 address that is different from the last destination address to which 3927 the chunk was sent. 3929 When its peer is multi-homed, an endpoint SHOULD send fast 3930 retransmissions to the same destination transport address to which 3931 the original data was sent. If the primary path has been changed and 3932 the original data was sent to the old primary path before the Fast 3933 Retransmit, the implementation MAY send it to the new primary path. 3935 Retransmissions do not affect the total outstanding data count. 3936 However, if the DATA chunk is retransmitted onto a different 3937 destination address, both the outstanding data counts on the new 3938 destination address and the old destination address to which the data 3939 chunk was last sent is adjusted accordingly. 3941 6.4.1. Failover from an Inactive Destination Address 3943 Some of the transport addresses of a multi-homed SCTP endpoint might 3944 become inactive due to either the occurrence of certain error 3945 conditions (see Section 8.2) or adjustments from the SCTP user. 3947 When there is outbound data to send and the primary path becomes 3948 inactive (e.g., due to failures), or where the SCTP user explicitly 3949 requests to send data to an inactive destination transport address, 3950 before reporting an error to its ULP, the SCTP endpoint SHOULD try to 3951 send the data to an alternate active destination transport address if 3952 one exists. 3954 When retransmitting data that timed out, if the endpoint is multi- 3955 homed, it needs to consider each source-destination address pair in 3956 its retransmission selection policy. When retransmitting timed-out 3957 data, the endpoint SHOULD attempt to pick the most divergent source- 3958 destination pair from the original source-destination pair to which 3959 the packet was transmitted. 3961 Note: Rules for picking the most divergent source-destination pair 3962 are an implementation decision and are not specified within this 3963 document. 3965 6.5. Stream Identifier and Stream Sequence Number 3967 Every DATA chunk MUST carry a valid stream identifier. If an 3968 endpoint receives a DATA chunk with an invalid stream identifier, it 3969 SHOULD acknowledge the reception of the DATA chunk following the 3970 normal procedure, immediately send an ERROR chunk with cause set to 3971 "Invalid Stream Identifier" (see Section 3.3.10), and discard the 3972 DATA chunk. The endpoint MAY bundle the ERROR chunk and the SACK 3973 chunk in the same packet. 3975 The Stream Sequence Number in all the streams MUST start from 0 when 3976 the association is established. Also, when the Stream Sequence 3977 Number reaches the value 65535 the next Stream Sequence Number MUST 3978 be set to 0. 3980 6.6. Ordered and Unordered Delivery 3982 Within a stream, an endpoint MUST deliver DATA chunks received with 3983 the U flag set to 0 to the upper layer according to the order of 3984 their Stream Sequence Number. If DATA chunks arrive out of order of 3985 their Stream Sequence Number, the endpoint MUST hold the received 3986 DATA chunks from delivery to the ULP until they are reordered. 3988 However, an SCTP endpoint can indicate that no ordered delivery is 3989 required for a particular DATA chunk transmitted within the stream by 3990 setting the U flag of the DATA chunk to 1. 3992 When an endpoint receives a DATA chunk with the U flag set to 1, it 3993 bypasses the ordering mechanism and immediately deliver the data to 3994 the upper layer (after reassembly if the user data is fragmented by 3995 the data sender). 3997 This provides an effective way of transmitting "out-of-band" data in 3998 a given stream. Also, a stream can be used as an "unordered" stream 3999 by simply setting the U flag to 1 in all DATA chunks sent through 4000 that stream. 4002 IMPLEMENTATION NOTE: When sending an unordered DATA chunk, an 4003 implementation MAY choose to place the DATA chunk in an outbound 4004 packet that is at the head of the outbound transmission queue if 4005 possible. 4007 The 'Stream Sequence Number' field in a DATA chunk with U flag set to 4008 1 has no significance. The sender can fill the 'Stream Sequence 4009 Number' with arbitrary value, but the receiver MUST ignore the field. 4011 Note: When transmitting ordered and unordered data, an endpoint does 4012 not increment its Stream Sequence Number when transmitting a DATA 4013 chunk with U flag set to 1. 4015 6.7. Report Gaps in Received DATA TSNs 4017 Upon the reception of a new DATA chunk, an endpoint examines the 4018 continuity of the TSNs received. If the endpoint detects a gap in 4019 the received DATA chunk sequence, it SHOULD send a SACK with Gap Ack 4020 Blocks immediately. The data receiver continues sending a SACK after 4021 receipt of each SCTP packet that does not fill the gap. 4023 Based on the Gap Ack Block from the received SACK, the endpoint can 4024 calculate the missing DATA chunks and make decisions on whether to 4025 retransmit them (see Section 6.2.1 for details). 4027 Multiple gaps can be reported in one single SACK (see Section 3.3.4). 4029 When its peer is multi-homed, the SCTP endpoint SHOULD always try to 4030 send the SACK to the same destination address from which the last 4031 DATA chunk was received. 4033 Upon the reception of a SACK, the endpoint MUST remove all DATA 4034 chunks that have been acknowledged by the SACK's Cumulative TSN Ack 4035 from its transmit queue. All DATA chunks with TSNs not included in 4036 the Gap Ack Blocks reported by a SACK MUST be treated as "missing" by 4037 the sending endpoint. The number of "missing" reports for each 4038 outstanding DATA chunk MUST be recorded by the data sender to make 4039 retransmission decisions. See Section 7.2.4 for details. 4041 The following example shows the use of SACK to report a gap. 4043 Endpoint A Endpoint Z 4044 {App sends 3 messages; strm 0} 4045 DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) 4046 (Start T3-rtx timer) 4048 DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) 4050 DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, 4051 immediately send ack) 4052 /----- SACK [TSN Ack=6,Block=1, 4053 / Start=2,End=2] 4054 <-----/ 4055 (remove 6 from out-queue, 4056 and mark 7 as "1" missing report) 4058 Figure 9: Reporting a Gap using SACK 4060 The maximum number of Gap Ack Blocks that can be reported within a 4061 single SACK chunk is limited by the current path MTU. When a single 4062 SACK cannot cover all the Gap Ack Blocks needed to be reported due to 4063 the MTU limitation, the endpoint MUST send only one SACK. This 4064 single SACK MUST report the Gap Ack Blocks from the lowest to highest 4065 TSNs, within the size limit set by the MTU, and leave the remaining 4066 highest TSN numbers unacknowledged. 4068 6.8. CRC32c Checksum Calculation 4070 When sending an SCTP packet, the endpoint MUST strengthen the data 4071 integrity of the transmission by including the CRC32c checksum value 4072 calculated on the packet, as described below. 4074 After the packet is constructed (containing the SCTP common header 4075 and one or more control or DATA chunks), the transmitter MUST 4077 1) fill in the proper Verification Tag in the SCTP common header and 4078 initialize the checksum field to '0's, 4079 2) calculate the CRC32c checksum of the whole packet, including the 4080 SCTP common header and all the chunks (refer to Appendix B for 4081 details of the CRC32c algorithm); and 4083 3) put the resultant value into the checksum field in the common 4084 header, and leave the rest of the bits unchanged. 4086 When an SCTP packet is received, the receiver MUST first check the 4087 CRC32c checksum as follows: 4089 1) Store the received CRC32c checksum value aside. 4090 2) Replace the 32 bits of the checksum field in the received SCTP 4091 packet with all '0's and calculate a CRC32c checksum value of the 4092 whole received packet. 4093 3) Verify that the calculated CRC32c checksum is the same as the 4094 received CRC32c checksum. If it is not, the receiver MUST treat 4095 the packet as an invalid SCTP packet. 4097 The default procedure for handling invalid SCTP packets is to 4098 silently discard them. 4100 Any hardware implementation SHOULD be done in a way that is 4101 verifiable by the software. 4103 6.9. Fragmentation and Reassembly 4105 An endpoint MAY support fragmentation when sending DATA chunks, but 4106 it MUST support reassembly when receiving DATA chunks. If an 4107 endpoint supports fragmentation, it MUST fragment a user message if 4108 the size of the user message to be sent causes the outbound SCTP 4109 packet size to exceed the current MTU. An endpoint that does not 4110 support fragmentation and is requested to send a user message such 4111 that the outbound SCTP packet size would exceed the current MTU MUST 4112 return an error to its upper layer and MUST NOT attempt to send the 4113 user message. 4115 If an implementation that supports fragmentation makes available to 4116 its upper layer a mechanism to turn off fragmentation, it might do 4117 so. An implementation that disables fragmentation MUST react just 4118 like an implementation that does NOT support fragmentation, i.e., it 4119 MUST reject sends that exceed the current Path MTU (PMTU). 4121 IMPLEMENTATION NOTE: In this error case, the Send primitive discussed 4122 in Section 11.1 would need to return an error to the upper layer. 4124 If its peer is multi-homed, the endpoint SHOULD choose a size no 4125 larger than the association Path MTU. The association Path MTU is 4126 defined as the smallest Path MTU of all destination addresses. 4128 Once a user message is fragmented, it cannot be re-fragmented. 4129 Instead, if the PMTU has been reduced, then IP fragmentation MUST be 4130 used. Please see Section 7.3 for details of PMTU discovery. 4132 When determining when to fragment, the SCTP implementation MUST take 4133 into account the SCTP packet header as well as the DATA chunk 4134 header(s). The implementation MUST also take into account the space 4135 required for a SACK chunk if bundling a SACK chunk with the DATA 4136 chunk. 4138 Fragmentation takes the following steps: 4140 1) The data sender MUST break the user message into a series of DATA 4141 chunks such that each chunk plus SCTP overhead fits into an IP 4142 datagram smaller than or equal to the association Path MTU. 4144 2) The transmitter MUST then assign, in sequence, a separate TSN to 4145 each of the DATA chunks in the series. The transmitter assigns 4146 the same SSN to each of the DATA chunks. If the user indicates 4147 that the user message is to be delivered using unordered 4148 delivery, then the U flag of each DATA chunk of the user message 4149 MUST be set to 1. 4151 3) The transmitter MUST also set the B/E bits of the first DATA 4152 chunk in the series to '10', the B/E bits of the last DATA chunk 4153 in the series to '01', and the B/E bits of all other DATA chunks 4154 in the series to '00'. 4156 An endpoint MUST recognize fragmented DATA chunks by examining the B/ 4157 E bits in each of the received DATA chunks, and queue the fragmented 4158 DATA chunks for reassembly. Once the user message is reassembled, 4159 SCTP passes the reassembled user message to the specific stream for 4160 possible reordering and final dispatching. 4162 If the data receiver runs out of buffer space while still waiting for 4163 more fragments to complete the reassembly of the message, it SHOULD 4164 dispatch part of its inbound message through a partial delivery API 4165 (see Section 11), freeing some of its receive buffer space so that 4166 the rest of the message can be received. 4168 6.10. Bundling 4170 An endpoint bundles chunks by simply including multiple chunks in one 4171 outbound SCTP packet. The total size of the resultant IP datagram, 4172 including the SCTP packet and IP headers, MUST be less that or equal 4173 to the current Path MTU. 4175 If its peer endpoint is multi-homed, the sending endpoint SHOULD 4176 choose a size no larger than the latest MTU of the current primary 4177 path. 4179 When bundling control chunks with DATA chunks, an endpoint MUST place 4180 control chunks first in the outbound SCTP packet. The transmitter 4181 MUST transmit DATA chunks within an SCTP packet in increasing order 4182 of TSN. 4184 Note: Since control chunks are placed first in a packet and since 4185 DATA chunks are transmitted before SHUTDOWN or SHUTDOWN ACK chunks, 4186 DATA chunks cannot be bundled with SHUTDOWN or SHUTDOWN ACK chunks. 4188 Partial chunks MUST NOT be placed in an SCTP packet. A partial chunk 4189 is a chunk that is not completely contained in the SCTP packet; i.e., 4190 the SCTP packet is too short to contain all the bytes of the chunk as 4191 indicated by the chunk length. 4193 An endpoint MUST process received chunks in their order in the 4194 packet. The receiver uses the Chunk Length field to determine the 4195 end of a chunk and beginning of the next chunk taking account of the 4196 fact that all chunks end on a 4-byte boundary. If the receiver 4197 detects a partial chunk, it MUST drop the chunk. 4199 An endpoint MUST NOT bundle INIT, INIT ACK, or SHUTDOWN COMPLETE with 4200 any other chunks. 4202 7. Congestion Control 4204 Congestion control is one of the basic functions in SCTP. For some 4205 applications, it might be likely that adequate resources will be 4206 allocated to SCTP traffic to ensure prompt delivery of time-critical 4207 data -- thus, it would appear to be unlikely, during normal 4208 operations, that transmissions encounter severe congestion 4209 conditions. However, SCTP operates under adverse operational 4210 conditions, which can develop upon partial network failures or 4211 unexpected traffic surges. In such situations, SCTP follows correct 4212 congestion control steps to recover from congestion quickly in order 4213 to get data delivered as soon as possible. In the absence of network 4214 congestion, these preventive congestion control algorithms are 4215 expected to show no impact on the protocol performance. 4217 IMPLEMENTATION NOTE: As far as its specific performance requirements 4218 are met, an implementation is always allowed to adopt a more 4219 conservative congestion control algorithm than the one defined below. 4221 The congestion control algorithms used by SCTP are based on 4222 [RFC5681]. This section describes how the algorithms defined in 4223 [RFC5681] are adapted for use in SCTP. We first list differences in 4224 protocol designs between TCP and SCTP, and then describe SCTP's 4225 congestion control scheme. The description will use the same 4226 terminology as in TCP congestion control whenever appropriate. 4228 SCTP congestion control is always applied to the entire association, 4229 and not to individual streams. 4231 7.1. SCTP Differences from TCP Congestion Control 4233 Gap Ack Blocks in the SCTP SACK carry the same semantic meaning as 4234 the TCP SACK. TCP considers the information carried in the SACK as 4235 advisory information only. SCTP considers the information carried in 4236 the Gap Ack Blocks in the SACK chunk as advisory. In SCTP, any DATA 4237 chunk that has been acknowledged by SACK, including DATA that arrived 4238 at the receiving end out of order, is not considered fully delivered 4239 until the Cumulative TSN Ack Point passes the TSN of the DATA chunk 4240 (i.e., the DATA chunk has been acknowledged by the Cumulative TSN Ack 4241 field in the SACK). Consequently, the value of cwnd controls the 4242 amount of outstanding data, rather than (as in the case of non-SACK 4243 TCP) the upper bound between the highest acknowledged sequence number 4244 and the latest DATA chunk that can be sent within the congestion 4245 window. SCTP SACK leads to different implementations of Fast 4246 Retransmit and Fast Recovery than non-SACK TCP. As an example, see 4247 [FALL96]. 4249 The biggest difference between SCTP and TCP, however, is multi- 4250 homing. SCTP is designed to establish robust communication 4251 associations between two endpoints each of which might be reachable 4252 by more than one transport address. Potentially different addresses 4253 might lead to different data paths between the two endpoints; thus, 4254 ideally one needs a separate set of congestion control parameters for 4255 each of the paths. The treatment here of congestion control for 4256 multi-homed receivers is new with SCTP and might require refinement 4257 in the future. The current algorithms make the following 4258 assumptions: 4260 o The sender usually uses the same destination address until being 4261 instructed by the upper layer to do otherwise; however, SCTP MAY 4262 change to an alternate destination in the event an address is 4263 marked inactive (see Section 8.2). Also, SCTP MAY retransmit to a 4264 different transport address than the original transmission. 4266 o The sender keeps a separate congestion control parameter set for 4267 each of the destination addresses it can send to (not each source- 4268 destination pair but for each destination). The parameters SHOULD 4269 decay if the address is not used for a long enough time period. 4270 [RFC5681] specifies this long enough time as a retransmission 4271 timeout. 4273 o For each of the destination addresses, an endpoint does slow start 4274 upon the first transmission to that address. 4276 Note: TCP guarantees in-sequence delivery of data to its upper-layer 4277 protocol within a single TCP session. This means that when TCP 4278 notices a gap in the received sequence number, it waits until the gap 4279 is filled before delivering the data that was received with sequence 4280 numbers higher than that of the missing data. On the other hand, 4281 SCTP can deliver data to its upper-layer protocol even if there is a 4282 gap in TSN if the Stream Sequence Numbers are in sequence for a 4283 particular stream (i.e., the missing DATA chunks are for a different 4284 stream) or if unordered delivery is indicated. Although this does 4285 not affect cwnd, it might affect rwnd calculation. 4287 7.2. SCTP Slow-Start and Congestion Avoidance 4289 The slow-start and congestion avoidance algorithms MUST be used by an 4290 endpoint to control the amount of data being injected into the 4291 network. The congestion control in SCTP is employed in regard to the 4292 association, not to an individual stream. In some situations, it 4293 might be beneficial for an SCTP sender to be more conservative than 4294 the algorithms allow; however, an SCTP sender MUST NOT be more 4295 aggressive than the following algorithms allow. 4297 Like TCP, an SCTP endpoint uses the following three control variables 4298 to regulate its transmission rate. 4300 o Receiver advertised window size (rwnd, in bytes), which is set by 4301 the receiver based on its available buffer space for incoming 4302 packets. 4303 Note: This variable is kept on the entire association. 4304 o Congestion control window (cwnd, in bytes), which is adjusted by 4305 the sender based on observed network conditions. 4306 Note: This variable is maintained on a per-destination-address 4307 basis. 4308 o Slow-start threshold (ssthresh, in bytes), which is used by the 4309 sender to distinguish slow-start and congestion avoidance phases. 4310 Note: This variable is maintained on a per-destination-address 4311 basis. 4313 SCTP also requires one additional control variable, 4314 partial_bytes_acked, which is used during congestion avoidance phase 4315 to facilitate cwnd adjustment. 4317 Unlike TCP, an SCTP sender MUST keep a set of these control variables 4318 cwnd, ssthresh, and partial_bytes_acked for EACH destination address 4319 of its peer (when its peer is multi-homed). Only one rwnd is kept 4320 for the whole association (no matter if the peer is multi-homed or 4321 has a single address). 4323 7.2.1. Slow-Start 4325 Beginning data transmission into a network with unknown conditions or 4326 after a sufficiently long idle period requires SCTP to probe the 4327 network to determine the available capacity. The slow-start 4328 algorithm is used for this purpose at the beginning of a transfer, or 4329 after repairing loss detected by the retransmission timer. 4331 o The initial cwnd before data transmission MUST be set to 4332 min(4*MTU, max (2*MTU, 4380 bytes)). 4333 o The initial cwnd after a retransmission timeout MUST be no more 4334 than 1*MTU, and only one packet is allowed to be in flight until 4335 successful acknowledgement. 4336 o The initial value of ssthresh SHOULD be arbitrarily high (e.g., 4337 the size of the largest possible advertised window). 4338 o Whenever cwnd is greater than zero, the endpoint is allowed to 4339 have cwnd bytes of data outstanding on that transport address. A 4340 limited overbooking as described in Section 6.1 B) SHOULD be 4341 supported. 4342 o When cwnd is less than or equal to ssthresh, an SCTP endpoint MUST 4343 use the slow-start algorithm to increase cwnd only if the current 4344 congestion window is being fully utilized, an incoming SACK 4345 advances the Cumulative TSN Ack Point, and the data sender is not 4346 in Fast Recovery. Only when these three conditions are met can 4347 the cwnd be increased; otherwise, the cwnd MUST NOT be increased. 4348 If these conditions are met, then cwnd MUST be increased by, at 4349 most, the lesser of 1) the total size of the previously 4350 outstanding DATA chunk(s) acknowledged, and 2) the destination's 4351 path MTU. This upper bound protects against the ACK-Splitting 4352 attack outlined in [SAVAGE99]. 4354 In instances where its peer endpoint is multi-homed, if an endpoint 4355 receives a SACK that advances its Cumulative TSN Ack Point, then it 4356 SHOULD update its cwnd (or cwnds) apportioned to the destination 4357 addresses to which it transmitted the acknowledged data. However, if 4358 the received SACK does not advance the Cumulative TSN Ack Point, the 4359 endpoint MUST NOT adjust the cwnd of any of the destination 4360 addresses. 4362 Because an endpoint's cwnd is not tied to its Cumulative TSN Ack 4363 Point, as duplicate SACKs come in, even though they might not advance 4364 the Cumulative TSN Ack Point an endpoint can still use them to clock 4365 out new data. That is, the data newly acknowledged by the SACK 4366 diminishes the amount of data now in flight to less than cwnd, and so 4367 the current, unchanged value of cwnd now allows new data to be sent. 4368 On the other hand, the increase of cwnd MUST be tied to the 4369 Cumulative TSN Ack Point advancement as specified above. Otherwise, 4370 the duplicate SACKs will not only clock out new data, but also will 4371 adversely clock out more new data than what has just left the 4372 network, during a time of possible congestion. 4374 o While the endpoint does not transmit data on a given transport 4375 address, the cwnd of the transport address SHOULD be adjusted to 4376 max(cwnd/2, 4*MTU) once per RTO. Before the first cwnd 4377 adjustment, the ssthresh of the transport address SHOULD be set to 4378 the cwnd. 4380 7.2.2. Congestion Avoidance 4382 When cwnd is greater than ssthresh, cwnd SHOULD be incremented by 4383 1*MTU per RTT if the sender has cwnd or more bytes of data 4384 outstanding for the corresponding transport address. The basic 4385 recommendations for incrementing cwnd during congestion avoidance are 4386 as follows: 4388 o SCTP MAY increment cwnd by 1*MTU. 4390 o SCTP SHOULD increment cwnd by 1*MTU once per RTT when the sender 4391 has cwnd or more bytes of data outstanding for the corresponding 4392 transport address. 4394 o SCTP MUST NOT increment cwnd by more than 1*MTU per RTT. 4396 In practice, an implementation can achieve this goal in the following 4397 way: 4399 o partial_bytes_acked is initialized to 0. 4400 o Whenever cwnd is greater than ssthresh, upon each SACK arrival, 4401 increase partial_bytes_acked by the total number of bytes of all 4402 new chunks acknowledged in that SACK, including chunks 4403 acknowledged by the new Cumulative TSN Ack, by Gap Ack Blocks, and 4404 by the number of bytes of duplicated chunks reported in Duplicate 4405 TSNs. 4406 o (1) when partial_bytes_acked is greater than cwnd and (2) before 4407 the arrival of the SACK the sender had less than cwnd bytes of 4408 data outstanding (i.e., before the arrival of the SACK, flightsize 4409 was less than cwnd), reset partial_bytes_acked to cwnd. 4410 o (1) when partial_bytes_acked is equal to or greater than cwnd and 4411 (2) before the arrival of the SACK the sender had cwnd or more 4412 bytes of data outstanding (i.e., before the arrival of the SACK, 4413 flightsize was greater than or equal to cwnd), partial_bytes_acked 4414 is reset to (partial_bytes_acked - cwnd). Next, cwnd is increased 4415 by 1*MTU. 4416 o Same as in the slow start, when the sender does not transmit DATA 4417 on a given transport address, the cwnd of the transport address 4418 SHOULD be adjusted to max(cwnd / 2, 4*MTU) per RTO. 4420 o When all of the data transmitted by the sender has been 4421 acknowledged by the receiver, partial_bytes_acked is initialized 4422 to 0. 4424 7.2.3. Congestion Control 4426 Upon detection of packet losses from SACK (see Section 7.2.4), an 4427 endpoint SHOULD do the following: 4429 ssthresh = max(cwnd/2, 4*MTU) 4430 cwnd = ssthresh 4431 partial_bytes_acked = 0 4433 Basically, a packet loss causes cwnd to be cut in half. 4435 When the T3-rtx timer expires on an address, SCTP SHOULD perform slow 4436 start by: 4438 ssthresh = max(cwnd/2, 4*MTU) 4439 cwnd = 1*MTU 4440 partial_bytes_acked = 0 4442 and ensure that no more than one SCTP packet will be in flight for 4443 that address until the endpoint receives acknowledgement for 4444 successful delivery of data to that address. 4446 7.2.4. Fast Retransmit on Gap Reports 4448 In the absence of data loss, an endpoint performs delayed 4449 acknowledgement. However, whenever an endpoint notices a hole in the 4450 arriving TSN sequence, it SHOULD start sending a SACK back every time 4451 a packet arrives carrying data until the hole is filled. 4453 Whenever an endpoint receives a SACK that indicates that some TSNs 4454 are missing, it SHOULD wait for two further miss indications (via 4455 subsequent SACKs for a total of three missing reports) on the same 4456 TSNs before taking action with regard to Fast Retransmit. 4458 Miss indications SHOULD follow the HTNA (Highest TSN Newly 4459 Acknowledged) algorithm. For each incoming SACK, miss indications 4460 are incremented only for missing TSNs prior to the highest TSN newly 4461 acknowledged in the SACK. A newly acknowledged DATA chunk is one not 4462 previously acknowledged in a SACK. If an endpoint is in Fast 4463 Recovery and a SACK arrives that advances the Cumulative TSN Ack 4464 Point, the miss indications are incremented for all TSNs reported 4465 missing in the SACK. 4467 When the third consecutive miss indication is received for a TSN(s), 4468 the data sender does the following: 4470 1) Mark the DATA chunk(s) with three miss indications for 4471 retransmission. 4472 2) If not in Fast Recovery, adjust the ssthresh and cwnd of the 4473 destination address(es) to which the missing DATA chunks were 4474 last sent, according to the formula described in Section 7.2.3. 4475 3) If not in Fast Recovery, determine how many of the earliest 4476 (i.e., lowest TSN) DATA chunks marked for retransmission will fit 4477 into a single packet, subject to constraint of the PMTU of the 4478 destination transport address to which the packet is being sent. 4479 Call this value K. Retransmit those K DATA chunks in a single 4480 packet. When a Fast Retransmit is being performed, the sender 4481 SHOULD ignore the value of cwnd and SHOULD NOT delay 4482 retransmission for this single packet. 4483 4) Restart the T3-rtx timer only if the last SACK acknowledged the 4484 lowest outstanding TSN number sent to that address, or the 4485 endpoint is retransmitting the first outstanding DATA chunk sent 4486 to that address. 4487 5) Mark the DATA chunk(s) as being fast retransmitted and thus 4488 ineligible for a subsequent Fast Retransmit. Those TSNs marked 4489 for retransmission due to the Fast-Retransmit algorithm that did 4490 not fit in the sent datagram carrying K other TSNs are also 4491 marked as ineligible for a subsequent Fast Retransmit. However, 4492 as they are marked for retransmission they will be retransmitted 4493 later on as soon as cwnd allows. 4494 6) If not in Fast Recovery, enter Fast Recovery and mark the highest 4495 outstanding TSN as the Fast Recovery exit point. When a SACK 4496 acknowledges all TSNs up to and including this exit point, Fast 4497 Recovery is exited. While in Fast Recovery, the ssthresh and 4498 cwnd SHOULD NOT change for any destinations due to a subsequent 4499 Fast Recovery event (i.e., one SHOULD NOT reduce the cwnd further 4500 due to a subsequent Fast Retransmit). 4502 Note: Before the above adjustments, if the received SACK also 4503 acknowledges new DATA chunks and advances the Cumulative TSN Ack 4504 Point, the cwnd adjustment rules defined in Section 7.2.1 and 4505 Section 7.2.2 MUST be applied first. 4507 7.2.5. Making Changes to Differentiated Services Code Points 4509 SCTP implementations MAY allow an application to configure the 4510 Differentiated Services Code Point (DSCP) used for sending packets. 4511 If a DSCP change might result in outgoing packets being queued in 4512 different queues, the congestion control parameters for all affected 4513 destination addresses MUST be reset to their initial values. 4515 7.3. Path MTU Discovery 4517 [I-D.ietf-tsvwg-datagram-plpmtud], [RFC8201], and [RFC1191] specify 4518 "Packetization Layer Path MTU Discovery", whereby an endpoint 4519 maintains an estimate of the maximum transmission unit (MTU) along a 4520 given Internet path and refrains from sending packets along that path 4521 that exceed the MTU, other than occasional attempts to probe for a 4522 change in the Path MTU (PMTU). [I-D.ietf-tsvwg-datagram-plpmtud] is 4523 thorough in its discussion of the MTU discovery mechanism and 4524 strategies for determining the current end-to-end MTU setting as well 4525 as detecting changes in this value. 4527 An endpoint SHOULD apply these techniques, and SHOULD do so on a per- 4528 destination-address basis. 4530 There are two important SCTP-specific points regarding Path MTU 4531 discovery: 4533 1) SCTP associations can span multiple addresses. An endpoint MUST 4534 maintain separate PMTU estimates for each destination address of 4535 its peer. 4537 2) The sender SHOULD track an association PMTU that will be the 4538 smallest PMTU discovered for all of the peer's destination 4539 addresses. When fragmenting messages into multiple parts this 4540 association PMTU SHOULD be used to calculate the size of each 4541 fragment. This will allow retransmissions to be seamlessly sent 4542 to an alternate address without encountering IP fragmentation. 4544 8. Fault Management 4546 8.1. Endpoint Failure Detection 4548 An endpoint SHOULD keep a counter on the total number of consecutive 4549 retransmissions to its peer (this includes data retransmissions to 4550 all the destination transport addresses of the peer if it is multi- 4551 homed), including the number of unacknowledged HEARTBEAT chunks 4552 observed on the path that is currently used for data transfer. 4553 Unacknowledged HEARTBEAT chunks observed on paths different from the 4554 path currently used for data transfer SHOULD NOT increment the 4555 association error counter, as this could lead to association closure 4556 even if the path that is currently used for data transfer is 4557 available (but idle). If the value of this counter exceeds the limit 4558 indicated in the protocol parameter 'Association.Max.Retrans', the 4559 endpoint SHOULD consider the peer endpoint unreachable and SHALL stop 4560 transmitting any more data to it (and thus the association enters the 4561 CLOSED state). In addition, the endpoint SHOULD report the failure 4562 to the upper layer and optionally report back all outstanding user 4563 data remaining in its outbound queue. The association is 4564 automatically closed when the peer endpoint becomes unreachable. 4566 The counter used for endpoint failure detection MUST be reset each 4567 time a DATA chunk sent to that peer endpoint is acknowledged (by the 4568 reception of a SACK). When a HEARTBEAT ACK is received from the peer 4569 endpoint, the counter SHOULD also be reset. The receiver of the 4570 HEARTBEAT ACK MAY choose not to clear the counter if there is 4571 outstanding data on the association. This allows for handling the 4572 possible difference in reachability based on DATA chunks and 4573 HEARTBEAT chunks. 4575 8.2. Path Failure Detection 4577 When its peer endpoint is multi-homed, an endpoint SHOULD keep an 4578 error counter for each of the destination transport addresses of the 4579 peer endpoint. 4581 Each time the T3-rtx timer expires on any address, or when a 4582 HEARTBEAT sent to an idle address is not acknowledged within an RTO, 4583 the error counter of that destination address will be incremented. 4584 When the value in the error counter exceeds the protocol parameter 4585 'Path.Max.Retrans' of that destination address, the endpoint SHOULD 4586 mark the destination transport address as inactive, and a 4587 notification SHOULD be sent to the upper layer. 4589 When an outstanding TSN is acknowledged or a HEARTBEAT sent to that 4590 address is acknowledged with a HEARTBEAT ACK, the endpoint SHOULD 4591 clear the error counter of the destination transport address to which 4592 the DATA chunk was last sent (or HEARTBEAT was sent) and SHOULD also 4593 report to the upper layer when an inactive destination address is 4594 marked as active. When the peer endpoint is multi-homed and the last 4595 chunk sent to it was a retransmission to an alternate address, there 4596 exists an ambiguity as to whether or not the acknowledgement could be 4597 credited to the address of the last chunk sent. However, this 4598 ambiguity does not seem to have significant consequences for SCTP 4599 behavior. If this ambiguity is undesirable, the transmitter MAY 4600 choose not to clear the error counter if the last chunk sent was a 4601 retransmission. 4603 Note: When configuring the SCTP endpoint, the user ought avoid having 4604 the value of 'Association.Max.Retrans' larger than the summation of 4605 the 'Path.Max.Retrans' of all the destination addresses for the 4606 remote endpoint. Otherwise, all the destination addresses might 4607 become inactive while the endpoint still considers the peer endpoint 4608 reachable. When this condition occurs, how SCTP chooses to function 4609 is implementation specific. 4611 When the primary path is marked inactive (due to excessive 4612 retransmissions, for instance), the sender MAY automatically transmit 4613 new packets to an alternate destination address if one exists and is 4614 active. If more than one alternate address is active when the 4615 primary path is marked inactive, only ONE transport address SHOULD be 4616 chosen and used as the new destination transport address. 4618 8.3. Path Heartbeat 4620 By default, an SCTP endpoint SHOULD monitor the reachability of the 4621 idle destination transport address(es) of its peer by sending a 4622 HEARTBEAT chunk periodically to the destination transport 4623 address(es). HEARTBEAT sending MAY begin upon reaching the 4624 ESTABLISHED state and is discontinued after sending either SHUTDOWN 4625 or SHUTDOWN ACK. A receiver of a HEARTBEAT MUST respond to a 4626 HEARTBEAT with a HEARTBEAT ACK after entering the COOKIE-ECHOED state 4627 (INIT sender) or the ESTABLISHED state (INIT receiver), up until 4628 reaching the SHUTDOWN-SENT state (SHUTDOWN sender) or the SHUTDOWN- 4629 ACK-SENT state (SHUTDOWN receiver). 4631 A destination transport address is considered "idle" if no new chunk 4632 that can be used for updating path RTT (usually including first 4633 transmission DATA, INIT, COOKIE ECHO, HEARTBEAT, etc.) and no 4634 HEARTBEAT has been sent to it within the current heartbeat period of 4635 that address. This applies to both active and inactive destination 4636 addresses. 4638 The upper layer can optionally initiate the following functions: 4640 A) Disable heartbeat on a specific destination transport address of 4641 a given association, 4643 B) Change the HB.interval, 4645 C) Re-enable heartbeat on a specific destination transport address 4646 of a given association, and 4648 D) Request an on-demand HEARTBEAT on a specific destination 4649 transport address of a given association. 4651 The endpoint SHOULD increment the respective error counter of the 4652 destination transport address each time a HEARTBEAT is sent to that 4653 address and not acknowledged within one RTO. 4655 When the value of this counter exceeds the protocol parameter 4656 'Path.Max.Retrans', the endpoint SHOULD mark the corresponding 4657 destination address as inactive if it is not so marked and SHOULD 4658 also report to the upper layer the change in reachability of this 4659 destination address. After this, the endpoint SHOULD continue 4660 HEARTBEAT on this destination address but SHOULD stop increasing the 4661 counter. 4663 The sender of the HEARTBEAT chunk SHOULD include in the Heartbeat 4664 Information field of the chunk the current time when the packet is 4665 sent out and the destination address to which the packet is sent. 4667 IMPLEMENTATION NOTE: An alternative implementation of the heartbeat 4668 mechanism that can be used is to increment the error counter variable 4669 every time a HEARTBEAT is sent to a destination. Whenever a 4670 HEARTBEAT ACK arrives, the sender SHOULD clear the error counter of 4671 the destination that the HEARTBEAT was sent to. This in effect would 4672 clear the previously stroked error (and any other error counts as 4673 well). 4675 The receiver of the HEARTBEAT SHOULD immediately respond with a 4676 HEARTBEAT ACK that contains the Heartbeat Information TLV, together 4677 with any other received TLVs, copied unchanged from the received 4678 HEARTBEAT chunk. 4680 Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT 4681 SHOULD clear the error counter of the destination transport address 4682 to which the HEARTBEAT was sent and mark the destination transport 4683 address as active if it is not so marked. The endpoint SHOULD report 4684 to the upper layer when an inactive destination address is marked as 4685 active due to the reception of the latest HEARTBEAT ACK. The 4686 receiver of the HEARTBEAT ACK SHOULD also clear the association 4687 overall error count (as defined in Section 8.1). 4689 The receiver of the HEARTBEAT ACK SHOULD also perform an RTT 4690 measurement for that destination transport address using the time 4691 value carried in the HEARTBEAT ACK chunk. 4693 On an idle destination address that is allowed to heartbeat, it is 4694 RECOMMENDED that a HEARTBEAT chunk is sent once per RTO of that 4695 destination address plus the protocol parameter 'HB.interval', with 4696 jittering of +/- 50% of the RTO value, and exponential backoff of the 4697 RTO if the previous HEARTBEAT is unanswered. 4699 A primitive is provided for the SCTP user to change the HB.interval 4700 and turn on or off the heartbeat on a given destination address. The 4701 heartbeat interval set by the SCTP user is added to the RTO of that 4702 destination (including any exponential backoff). Only one heartbeat 4703 SHOULD be sent each time the heartbeat timer expires (if multiple 4704 destinations are idle). It is an implementation decision on how to 4705 choose which of the candidate idle destinations to heartbeat to (if 4706 more than one destination is idle). 4708 When tuning the heartbeat interval, there is a side effect that 4709 SHOULD be taken into account. When this value is increased, i.e., 4710 the HEARTBEAT takes longer, the detection of lost ABORT messages 4711 takes longer as well. If a peer endpoint ABORTs the association for 4712 any reason and the ABORT chunk is lost, the local endpoint will only 4713 discover the lost ABORT by sending a DATA chunk or HEARTBEAT chunk 4714 (thus causing the peer to send another ABORT). This is to be 4715 considered when tuning the HEARTBEAT timer. If the HEARTBEAT is 4716 disabled, only sending DATA to the association will discover a lost 4717 ABORT from the peer. 4719 8.4. Handle "Out of the Blue" Packets 4721 An SCTP packet is called an "out of the blue" (OOTB) packet if it is 4722 correctly formed (i.e., passed the receiver's CRC32c check; see 4723 Section 6.8), but the receiver is not able to identify the 4724 association to which this packet belongs. 4726 The receiver of an OOTB packet does the following: 4728 1) If the OOTB packet is to or from a non-unicast address, a 4729 receiver SHOULD silently discard the packet. Otherwise, 4730 2) If the OOTB packet contains an ABORT chunk, the receiver MUST 4731 silently discard the OOTB packet and take no further action. 4732 Otherwise, 4733 3) If the packet contains an INIT chunk with a Verification Tag set 4734 to '0', it SHOULD be processed as described in Section 5.1. If, 4735 for whatever reason, the INIT cannot be processed normally and an 4736 ABORT has to be sent in response, the Verification Tag of the 4737 packet containing the ABORT chunk MUST be the Initiate Tag of the 4738 received INIT chunk, and the T bit of the ABORT chunk has to be 4739 set to 0, indicating that the Verification Tag is not reflected. 4740 4) If the packet contains a COOKIE ECHO in the first chunk, process 4741 it MUST be processed as described in Section 5.1. Otherwise, 4742 5) If the packet contains a SHUTDOWN ACK chunk, the receiver SHOULD 4743 respond to the sender of the OOTB packet with a SHUTDOWN 4744 COMPLETE. When sending the SHUTDOWN COMPLETE, the receiver of 4745 the OOTB packet MUST fill in the Verification Tag field of the 4746 outbound packet with the Verification Tag received in the 4747 SHUTDOWN ACK and set the T bit in the Chunk Flags to indicate 4748 that the Verification Tag is reflected. Otherwise, 4749 6) If the packet contains a SHUTDOWN COMPLETE chunk, the receiver 4750 SHOULD silently discard the packet and take no further action. 4751 Otherwise, 4752 7) If the packet contains a "Stale Cookie" ERROR or a COOKIE ACK, 4753 the SCTP packet SHOULD be silently discarded. Otherwise, 4754 8) The receiver SHOULD respond to the sender of the OOTB packet with 4755 an ABORT. When sending the ABORT, the receiver of the OOTB 4756 packet MUST fill in the Verification Tag field of the outbound 4757 packet with the value found in the Verification Tag field of the 4758 OOTB packet and set the T bit in the Chunk Flags to indicate that 4759 the Verification Tag is reflected. After sending this ABORT, the 4760 receiver of the OOTB packet MUST discard the OOTB packet and MUST 4761 NOT take any further action. 4763 8.5. Verification Tag 4765 The Verification Tag rules defined in this section apply when sending 4766 or receiving SCTP packets that do not contain an INIT, SHUTDOWN 4767 COMPLETE, COOKIE ECHO (see Section 5.1), ABORT, or SHUTDOWN ACK 4768 chunk. The rules for sending and receiving SCTP packets containing 4769 one of these chunk types are discussed separately in Section 8.5.1. 4771 When sending an SCTP packet, the endpoint MUST fill in the 4772 Verification Tag field of the outbound packet with the tag value in 4773 the Initiate Tag parameter of the INIT or INIT ACK received from its 4774 peer. 4776 When receiving an SCTP packet, the endpoint MUST ensure that the 4777 value in the Verification Tag field of the received SCTP packet 4778 matches its own tag. If the received Verification Tag value does not 4779 match the receiver's own tag value, the receiver MUST silently 4780 discard the packet and MUST NOT process it any further except for 4781 those cases listed in Section 8.5.1 below. 4783 8.5.1. Exceptions in Verification Tag Rules 4785 A) Rules for packet carrying INIT: 4787 * The sender MUST set the Verification Tag of the packet to 0. 4789 * When an endpoint receives an SCTP packet with the Verification 4790 Tag set to 0, it SHOULD verify that the packet contains only an 4791 INIT chunk. Otherwise, the receiver MUST silently discard the 4792 packet. 4794 B) Rules for packet carrying ABORT: 4796 * The endpoint MUST always fill in the Verification Tag field of 4797 the outbound packet with the destination endpoint's tag value, 4798 if it is known. 4800 * If the ABORT is sent in response to an OOTB packet, the 4801 endpoint MUST follow the procedure described in Section 8.4. 4803 * The receiver of an ABORT MUST accept the packet if the 4804 Verification Tag field of the packet matches its own tag and 4805 the T bit is not set OR if it is set to its peer's tag and the 4806 T bit is set in the Chunk Flags. Otherwise, the receiver MUST 4807 silently discard the packet and take no further action. 4809 C) Rules for packet carrying SHUTDOWN COMPLETE: 4811 * When sending a SHUTDOWN COMPLETE, if the receiver of the 4812 SHUTDOWN ACK has a TCB, then the destination endpoint's tag 4813 MUST be used, and the T bit MUST NOT be set. Only where no TCB 4814 exists SHOULD the sender use the Verification Tag from the 4815 SHUTDOWN ACK, and MUST set the T bit. 4817 * The receiver of a SHUTDOWN COMPLETE accepts the packet if the 4818 Verification Tag field of the packet matches its own tag and 4819 the T bit is not set OR if it is set to its peer's tag and the 4820 T bit is set in the Chunk Flags. Otherwise, the receiver MUST 4821 silently discard the packet and take no further action. An 4822 endpoint MUST ignore the SHUTDOWN COMPLETE if it is not in the 4823 SHUTDOWN-ACK-SENT state. 4825 D) Rules for packet carrying a COOKIE ECHO: 4827 * When sending a COOKIE ECHO, the endpoint MUST use the value of 4828 the Initiate Tag received in the INIT ACK. 4830 * The receiver of a COOKIE ECHO follows the procedures in 4831 Section 5. 4833 E) Rules for packet carrying a SHUTDOWN ACK: 4835 * If the receiver is in COOKIE-ECHOED or COOKIE-WAIT state the 4836 procedures in Section 8.4 SHOULD be followed; in other words, 4837 it is treated as an Out Of The Blue packet. 4839 9. Termination of Association 4841 An endpoint SHOULD terminate its association when it exits from 4842 service. An association can be terminated by either abort or 4843 shutdown. An abort of an association is abortive by definition in 4844 that any data pending on either end of the association is discarded 4845 and not delivered to the peer. A shutdown of an association is 4846 considered a graceful close where all data in queue by either 4847 endpoint is delivered to the respective peers. However, in the case 4848 of a shutdown, SCTP does not support a half-open state (like TCP) 4849 wherein one side might continue sending data while the other end is 4850 closed. When either endpoint performs a shutdown, the association on 4851 each peer will stop accepting new data from its user and only deliver 4852 data in queue at the time of sending or receiving the SHUTDOWN chunk. 4854 9.1. Abort of an Association 4856 When an endpoint decides to abort an existing association, it MUST 4857 send an ABORT chunk to its peer endpoint. The sender MUST fill in 4858 the peer's Verification Tag in the outbound packet and MUST NOT 4859 bundle any DATA chunk with the ABORT. If the association is aborted 4860 on request of the upper layer, a User-Initiated Abort error cause 4861 (see Section 3.3.10.12) SHOULD be present in the ABORT chunk. 4863 An endpoint MUST NOT respond to any received packet that contains an 4864 ABORT chunk (also see Section 8.4). 4866 An endpoint receiving an ABORT MUST apply the special Verification 4867 Tag check rules described in Section 8.5.1. 4869 After checking the Verification Tag, the receiving endpoint MUST 4870 remove the association from its record and SHOULD report the 4871 termination to its upper layer. If a User-Initiated Abort error 4872 cause is present in the ABORT chunk, the Upper Layer Abort Reason 4873 SHOULD be made available to the upper layer. 4875 9.2. Shutdown of an Association 4877 Using the SHUTDOWN primitive (see Section 11.1), the upper layer of 4878 an endpoint in an association can gracefully close the association. 4879 This will allow all outstanding DATA chunks from the peer of the 4880 shutdown initiator to be delivered before the association terminates. 4882 Upon receipt of the SHUTDOWN primitive from its upper layer, the 4883 endpoint enters the SHUTDOWN-PENDING state and remains there until 4884 all outstanding data has been acknowledged by its peer. The endpoint 4885 accepts no new data from its upper layer, but retransmits data to the 4886 far end if necessary to fill gaps. 4888 Once all its outstanding data has been acknowledged, the endpoint 4889 sends a SHUTDOWN chunk to its peer including in the Cumulative TSN 4890 Ack field the last sequential TSN it has received from the peer. It 4891 SHOULD then start the T2-shutdown timer and enter the SHUTDOWN-SENT 4892 state. If the timer expires, the endpoint MUST resend the SHUTDOWN 4893 with the updated last sequential TSN received from its peer. 4895 The rules in Section 6.3 MUST be followed to determine the proper 4896 timer value for T2-shutdown. To indicate any gaps in TSN, the 4897 endpoint MAY also bundle a SACK with the SHUTDOWN chunk in the same 4898 SCTP packet. 4900 An endpoint SHOULD limit the number of retransmissions of the 4901 SHUTDOWN chunk to the protocol parameter 'Association.Max.Retrans'. 4902 If this threshold is exceeded, the endpoint SHOULD destroy the TCB 4903 and SHOULD report the peer endpoint unreachable to the upper layer 4904 (and thus the association enters the CLOSED state). The reception of 4905 any packet from its peer (i.e., as the peer sends all of its queued 4906 DATA chunks) SHOULD clear the endpoint's retransmission count and 4907 restart the T2-shutdown timer, giving its peer ample opportunity to 4908 transmit all of its queued DATA chunks that have not yet been sent. 4910 Upon reception of the SHUTDOWN, the peer endpoint does the following: 4912 o enter the SHUTDOWN-RECEIVED state, 4914 o stop accepting new data from its SCTP user, and 4916 o verify, by checking the Cumulative TSN Ack field of the chunk, 4917 that all its outstanding DATA chunks have been received by the 4918 SHUTDOWN sender. 4920 Once an endpoint has reached the SHUTDOWN-RECEIVED state, it MUST 4921 ignore ULP shutdown requests but MUST continue responding to SHUTDOWN 4922 chunks from its peer. 4924 If there are still outstanding DATA chunks left, the SHUTDOWN 4925 receiver MUST continue to follow normal data transmission procedures 4926 defined in Section 6, until all outstanding DATA chunks are 4927 acknowledged; however, the SHUTDOWN receiver MUST NOT accept new data 4928 from its SCTP user. 4930 While in the SHUTDOWN-SENT state, the SHUTDOWN sender MUST 4931 immediately respond to each received packet containing one or more 4932 DATA chunks with a SHUTDOWN chunk and restart the T2-shutdown timer. 4933 If a SHUTDOWN chunk by itself cannot acknowledge all of the received 4934 DATA chunks (i.e., there are TSNs that can be acknowledged that are 4935 larger than the cumulative TSN, and thus gaps exist in the TSN 4936 sequence), or if duplicate TSNs have been received, then a SACK chunk 4937 MUST also be sent. 4939 The sender of the SHUTDOWN MAY also start an overall guard timer 'T5- 4940 shutdown-guard' to bound the overall time for the shutdown sequence. 4941 At the expiration of this timer, the sender SHOULD abort the 4942 association by sending an ABORT chunk. If the 'T5-shutdown-guard' 4943 timer is used, it SHOULD be set to the RECOMMENDED value of 5 times 4944 'RTO.Max'. 4946 If the receiver of the SHUTDOWN has no more outstanding DATA chunks, 4947 the SHUTDOWN receiver MUST send a SHUTDOWN ACK and start a 4948 T2-shutdown timer of its own, entering the SHUTDOWN-ACK-SENT state. 4949 If the timer expires, the endpoint MUST resend the SHUTDOWN ACK. 4951 The sender of the SHUTDOWN ACK SHOULD limit the number of 4952 retransmissions of the SHUTDOWN ACK chunk to the protocol parameter 4953 'Association.Max.Retrans'. If this threshold is exceeded, the 4954 endpoint SHOULD destroy the TCB and SHOULD report the peer endpoint 4955 unreachable to the upper layer (and thus the association enters the 4956 CLOSED state). 4958 Upon the receipt of the SHUTDOWN ACK, the SHUTDOWN sender MUST stop 4959 the T2-shutdown timer, send a SHUTDOWN COMPLETE chunk to its peer, 4960 and remove all record of the association. 4962 Upon reception of the SHUTDOWN COMPLETE chunk, the endpoint verifies 4963 that it is in the SHUTDOWN-ACK-SENT state; if it is not, the chunk 4964 SHOULD be discarded. If the endpoint is in the SHUTDOWN-ACK-SENT 4965 state, the endpoint SHOULD stop the T2-shutdown timer and remove all 4966 knowledge of the association (and thus the association enters the 4967 CLOSED state). 4969 An endpoint SHOULD ensure that all its outstanding DATA chunks have 4970 been acknowledged before initiating the shutdown procedure. 4972 An endpoint SHOULD reject any new data request from its upper layer 4973 if it is in the SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, 4974 or SHUTDOWN-ACK-SENT state. 4976 If an endpoint is in the SHUTDOWN-ACK-SENT state and receives an INIT 4977 chunk (e.g., if the SHUTDOWN COMPLETE was lost) with source and 4978 destination transport addresses (either in the IP addresses or in the 4979 INIT chunk) that belong to this association, it SHOULD discard the 4980 INIT chunk and retransmit the SHUTDOWN ACK chunk. 4982 Note: Receipt of an INIT with the same source and destination IP 4983 addresses as used in transport addresses assigned to an endpoint but 4984 with a different port number indicates the initialization of a 4985 separate association. 4987 The sender of the INIT or COOKIE ECHO SHOULD respond to the receipt 4988 of a SHUTDOWN ACK with a stand-alone SHUTDOWN COMPLETE in an SCTP 4989 packet with the Verification Tag field of its common header set to 4990 the same tag that was received in the SHUTDOWN ACK packet. This is 4991 considered an Out of the Blue packet as defined in Section 8.4. The 4992 sender of the INIT lets T1-init continue running and remains in the 4993 COOKIE-WAIT or COOKIE-ECHOED state. Normal T1-init timer expiration 4994 will cause the INIT or COOKIE chunk to be retransmitted and thus 4995 start a new association. 4997 If a SHUTDOWN is received in the COOKIE-WAIT or COOKIE ECHOED state, 4998 the SHUTDOWN chunk SHOULD be silently discarded. 5000 If an endpoint is in the SHUTDOWN-SENT state and receives a SHUTDOWN 5001 chunk from its peer, the endpoint SHOULD respond immediately with a 5002 SHUTDOWN ACK to its peer, and move into the SHUTDOWN-ACK-SENT state 5003 restarting its T2-shutdown timer. 5005 If an endpoint is in the SHUTDOWN-ACK-SENT state and receives a 5006 SHUTDOWN ACK, it MUST stop the T2-shutdown timer, send a SHUTDOWN 5007 COMPLETE chunk to its peer, and remove all record of the association. 5009 10. ICMP Handling 5011 Whenever an ICMP message is received by an SCTP endpoint, the 5012 following procedures MUST be followed to ensure proper utilization of 5013 the information being provided by layer 3. 5015 ICMP1) An implementation MAY ignore all ICMPv4 messages where the 5016 type field is not set to "Destination Unreachable". 5018 ICMP2) An implementation MAY ignore all ICMPv6 messages where the 5019 type field is not "Destination Unreachable", "Parameter 5020 Problem", or "Packet Too Big". 5022 ICMP3) An implementation SHOULD ignore any ICMP messages where the 5023 code indicates "Port Unreachable". 5025 ICMP4) An implementation MAY ignore all ICMPv6 messages of type 5026 "Parameter Problem" if the code is not "Unrecognized Next 5027 Header Type Encountered". 5029 ICMP5) An implementation MUST use the payload of the ICMP message 5030 (v4 or v6) to locate the association that sent the message to 5031 which ICMP is responding. If the association cannot be 5032 found, an implementation SHOULD ignore the ICMP message. 5034 ICMP6) An implementation MUST validate that the Verification Tag 5035 contained in the ICMP message matches the Verification Tag of 5036 the peer. If the Verification Tag is not 0 and does not 5037 match, discard the ICMP message. If it is 0 and the ICMP 5038 message contains enough bytes to verify that the chunk type 5039 is an INIT chunk and that the Initiate Tag matches the tag of 5040 the peer, continue with ICMP7. If the ICMP message is too 5041 short or the chunk type or the Initiate Tag does not match, 5042 silently discard the packet. 5044 ICMP7) If the ICMP message is either a v6 "Packet Too Big" or a v4 5045 "Fragmentation Needed", an implementation MAY process this 5046 information as defined for PMTU discovery. 5048 ICMP8) If the ICMP code is an "Unrecognized Next Header Type 5049 Encountered" or a "Protocol Unreachable", an implementation 5050 MUST treat this message as an abort with the T bit set if it 5051 does not contain an INIT chunk. If it does contain an INIT 5052 chunk and the association is in the COOKIE-WAIT state, handle 5053 the ICMP message like an ABORT. 5055 ICMP9) If the ICMP type is "Destination Unreachable", the 5056 implementation MAY move the destination to the unreachable 5057 state or, alternatively, increment the path error counter. 5058 SCTP MAY provide information to the upper layer indicating 5059 the reception of ICMP messages when reporting a network 5060 status change. 5062 These procedures differ from [RFC1122] and from its requirements for 5063 processing of port-unreachable messages and the requirements that an 5064 implementation MUST abort associations in response to a "protocol 5065 unreachable" message. Port-unreachable messages are not processed, 5066 since an implementation will send an ABORT, not a port unreachable. 5067 The stricter handling of the "protocol unreachable" message is due to 5068 security concerns for hosts that do not support SCTP. 5070 11. Interface with Upper Layer 5072 The Upper Layer Protocols (ULPs) request services by passing 5073 primitives to SCTP and receive notifications from SCTP for various 5074 events. 5076 The primitives and notifications described in this section can be 5077 used as a guideline for implementing SCTP. The following functional 5078 description of ULP interface primitives is shown for illustrative 5079 purposes. Different SCTP implementations can have different ULP 5080 interfaces. However, all SCTPs aer expected to provide a certain 5081 minimum set of services to guarantee that all SCTP implementations 5082 can support the same protocol hierarchy. 5084 Please note that this section is informational only. 5086 [RFC6458] and the Socket API Considerations section of [RFC7053] 5087 define an extension of the socket API for SCTP as described in this 5088 document. 5090 11.1. ULP-to-SCTP 5092 The following sections functionally characterize a ULP/SCTP 5093 interface. The notation used is similar to most procedure or 5094 function calls in high-level languages. 5096 The ULP primitives described below specify the basic functions that 5097 SCTP performs to support inter-process communication. Individual 5098 implementations define their own exact format, and provide 5099 combinations or subsets of the basic functions in single calls. 5101 A) Initialize 5103 Format: INITIALIZE ([local port],[local eligible address list]) 5104 -> local SCTP instance name 5106 This primitive allows SCTP to initialize its internal data 5107 structures and allocate necessary resources for setting up its 5108 operation environment. Once SCTP is initialized, ULP can 5109 communicate directly with other endpoints without re-invoking 5110 this primitive. 5111 SCTP will return a local SCTP instance name to the ULP. 5112 Mandatory attributes: 5114 * None. 5116 Optional attributes: 5117 The following types of attributes can be passed along with the 5118 primitive: 5120 * local port - SCTP port number, if ULP wants it to be 5121 specified. 5122 * local eligible address list - an address list that the local 5123 SCTP endpoint binds. By default, if an address list is not 5124 included, all IP addresses assigned to the host are used by 5125 the local endpoint. 5127 IMPLEMENTATION NOTE: If this optional attribute is supported by 5128 an implementation, it will be the responsibility of the 5129 implementation to enforce that the IP source address field of any 5130 SCTP packets sent out by this endpoint contains one of the IP 5131 addresses indicated in the local eligible address list. 5132 B) Associate 5134 Format: ASSOCIATE(local SCTP instance name, initial destination 5135 transport addr list, outbound stream count) -> 5136 association id [,destination transport addr list] 5137 [,outbound stream count] 5139 This primitive allows the upper layer to initiate an association 5140 to a specific peer endpoint. 5141 The peer endpoint is specified by one or more of the transport 5142 addresses that defines the endpoint (see Section 2.3). If the 5143 local SCTP instance has not been initialized, the ASSOCIATE is 5144 considered an error. 5145 An association id, which is a local handle to the SCTP 5146 association, will be returned on successful establishment of the 5147 association. If SCTP is not able to open an SCTP association 5148 with the peer endpoint, an error is returned. 5149 Other association parameters can be returned, including the 5150 complete destination transport addresses of the peer as well as 5151 the outbound stream count of the local endpoint. One of the 5152 transport addresses from the returned destination addresses will 5153 be selected by the local endpoint as default primary path for 5154 sending SCTP packets to this peer. The returned "destination 5155 transport addr list" can be used by the ULP to change the default 5156 primary path or to force sending a packet to a specific transport 5157 address. 5158 IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a 5159 blocking function call, the ASSOCIATE primitive can return 5160 association parameters in addition to the association id upon 5161 successful establishment. If ASSOCIATE primitive is implemented 5162 as a non-blocking call, only the association id is returned and 5163 association parameters are passed using the COMMUNICATION UP 5164 notification. 5165 Mandatory attributes: 5167 * local SCTP instance name - obtained from the INITIALIZE 5168 operation. 5169 * initial destination transport addr list - a non-empty list of 5170 transport addresses of the peer endpoint with which the 5171 association is to be established. 5172 * outbound stream count - the number of outbound streams the ULP 5173 would like to open towards this peer endpoint. 5175 Optional attributes: 5177 * None. 5178 C) Shutdown 5180 Format: SHUTDOWN(association id) -> result 5182 Gracefully closes an association. Any locally queued user data 5183 will be delivered to the peer. The association will be 5184 terminated only after the peer acknowledges all the SCTP packets 5185 sent. A success code will be returned on successful termination 5186 of the association. If attempting to terminate the association 5187 results in a failure, an error code is returned. 5188 Mandatory attributes: 5190 * association id - local handle to the SCTP association. 5192 Optional attributes: 5194 * None. 5195 D) Abort 5197 Format: ABORT(association id [, Upper Layer Abort Reason]) -> 5198 result 5200 Ungracefully closes an association. Any locally queued user data 5201 will be discarded, and an ABORT chunk is sent to the peer. A 5202 success code will be returned on successful abort of the 5203 association. If attempting to abort the association results in a 5204 failure, an error code is returned. 5205 Mandatory attributes: 5207 * association id - local handle to the SCTP association. 5209 Optional attributes: 5211 * Upper Layer Abort Reason - reason of the abort to be passed to 5212 the peer. 5213 E) Send 5215 Format: SEND(association id, buffer address, byte count 5216 [,context] [,stream id] [,life time] [,destination 5217 transport address] [,unordered flag] [,no-bundle flag] 5218 [,payload protocol-id] [,sack-immediately flag] ) -> 5219 result 5221 This is the main method to send user data via SCTP. 5222 Mandatory attributes: 5224 * association id - local handle to the SCTP association. 5225 * buffer address - the location where the user message to be 5226 transmitted is stored. 5227 * byte count - the size of the user data in number of bytes. 5229 Optional attributes: 5231 * context - an optional 32-bit integer that will be carried in 5232 the sending failure notification to the ULP if the 5233 transportation of this user message fails. 5235 * stream id - to indicate which stream to send the data on. If 5236 not specified, stream 0 will be used. 5237 * life time - specifies the life time of the user data. The 5238 user data will not be sent by SCTP after the life time 5239 expires. This parameter can be used to avoid efforts to 5240 transmit stale user messages. SCTP notifies the ULP if the 5241 data cannot be initiated to transport (i.e., sent to the 5242 destination via SCTP's send primitive) within the life time 5243 variable. However, the user data will be transmitted if SCTP 5244 has attempted to transmit a chunk before the life time 5245 expired. 5246 IMPLEMENTATION NOTE: In order to better support the data life 5247 time option, the transmitter can hold back the assigning of 5248 the TSN number to an outbound DATA chunk to the last moment. 5249 And, for implementation simplicity, once a TSN number has been 5250 assigned the sender considers the send of this DATA chunk as 5251 committed, overriding any life time option attached to the 5252 DATA chunk. 5253 * destination transport address - specified as one of the 5254 destination transport addresses of the peer endpoint to which 5255 this packet is sent. Whenever possible, SCTP uses this 5256 destination transport address for sending the packets, instead 5257 of the current primary path. 5258 * unordered flag - this flag, if present, indicates that the 5259 user would like the data delivered in an unordered fashion to 5260 the peer (i.e., the U flag is set to 1 on all DATA chunks 5261 carrying this message). 5262 * no-bundle flag - instructs SCTP not to bundle this user data 5263 with other outbound DATA chunks. When faced with network 5264 congestion, SCTP might still bundle the data, even when this 5265 flag is present. 5266 * payload protocol-id - a 32-bit unsigned integer that is to be 5267 passed to the peer indicating the type of payload protocol 5268 data being transmitted. This value is passed as opaque data 5269 by SCTP. 5270 * sack-immediately flag - set the I bit on the last DATA chunk 5271 used for the user message to be transmitted. 5272 F) Set Primary 5274 Format: SETPRIMARY(association id, destination transport address, 5275 [source transport address]) -> result 5277 Instructs the local SCTP to use the specified destination 5278 transport address as the primary path for sending packets. 5279 The result of attempting this operation is returned. If the 5280 specified destination transport address is not present in the 5281 "destination transport address list" returned earlier in an 5282 associate command or communication up notification, an error is 5283 returned. 5284 Mandatory attributes: 5286 * association id - local handle to the SCTP association. 5287 * destination transport address - specified as one of the 5288 transport addresses of the peer endpoint, which is used as the 5289 primary address for sending packets. This overrides the 5290 current primary address information maintained by the local 5291 SCTP endpoint. 5293 Optional attributes: 5295 * source transport address - optionally, some implementations 5296 can allow you to set the default source address placed in all 5297 outgoing IP datagrams. 5298 G) Receive 5300 Format: RECEIVE(association id, buffer address, buffer size 5301 [,stream id]) -> byte count [,transport address] [,stream 5302 id] [,stream sequence number] [,partial flag] [,payload 5303 protocol-id] 5305 This primitive reads the first user message in the SCTP in-queue 5306 into the buffer specified by ULP, if there is one available. The 5307 size of the message read, in bytes, will be returned. It might, 5308 depending on the specific implementation, also return other 5309 information such as the sender's address, the stream id on which 5310 it is received, whether there are more messages available for 5311 retrieval, etc. For ordered messages, their Stream Sequence 5312 Number might also be returned. 5313 Depending upon the implementation, if this primitive is invoked 5314 when no message is available the implementation returns an 5315 indication of this condition or blocks the invoking process until 5316 data does become available. 5317 Mandatory attributes: 5319 * association id - local handle to the SCTP association 5320 * buffer address - the memory location indicated by the ULP to 5321 store the received message. 5322 * buffer size - the maximum size of data to be received, in 5323 bytes. 5325 Optional attributes: 5327 * stream id - to indicate which stream to receive the data on. 5328 * stream sequence number - the Stream Sequence Number assigned 5329 by the sending SCTP peer. 5331 * partial flag - if this returned flag is set to 1, then this 5332 primitive contains a partial delivery of the whole message. 5333 When this flag is set, the stream id and stream sequence 5334 number accompanies this primitive. When this flag is set to 5335 0, it indicates that no more deliveries will be received for 5336 this stream sequence number. 5337 * payload protocol-id - a 32-bit unsigned integer that is 5338 received from the peer indicating the type of payload protocol 5339 of the received data. This value is passed as opaque data by 5340 SCTP. 5341 H) Status 5343 Format: STATUS(association id) -> status data 5345 This primitive returns a data block containing the following 5346 information: 5348 association connection state, 5349 destination transport address list, 5350 destination transport address reachability states, 5351 current receiver window size, 5352 current congestion window sizes, 5353 number of unacknowledged DATA chunks, 5354 number of DATA chunks pending receipt, 5355 primary path, 5356 most recent SRTT on primary path, 5357 RTO on primary path, 5358 SRTT and RTO on other destination addresses, etc. 5360 Mandatory attributes: 5362 * association id - local handle to the SCTP association. 5364 Optional attributes: 5366 * None. 5367 I) Change Heartbeat 5369 Format: CHANGE HEARTBEAT(association id, destination transport 5370 address, new state [,interval]) -> result 5372 Instructs the local endpoint to enable or disable heartbeat on 5373 the specified destination transport address. 5374 The result of attempting this operation is returned. 5375 Note: Even when enabled, heartbeat will not take place if the 5376 destination transport address is not idle. 5377 Mandatory attributes: 5379 * association id - local handle to the SCTP association. 5380 * destination transport address - specified as one of the 5381 transport addresses of the peer endpoint. 5382 * new state - the new state of heartbeat for this destination 5383 transport address (either enabled or disabled). 5385 Optional attributes: 5387 * interval - if present, indicates the frequency of the 5388 heartbeat if this is to enable heartbeat on a destination 5389 transport address. This value is added to the RTO of the 5390 destination transport address. This value, if present, 5391 affects all destinations. 5392 J) Request HeartBeat 5394 Format: REQUESTHEARTBEAT(association id, destination transport 5395 address) -> result 5397 Instructs the local endpoint to perform a HeartBeat on the 5398 specified destination transport address of the given association. 5399 The returned result indicates whether the transmission of the 5400 HEARTBEAT chunk to the destination address is successful. 5401 Mandatory attributes: 5403 * association id - local handle to the SCTP association. 5404 * destination transport address - the transport address of the 5405 association on which a heartbeat is issued. 5407 Optional attributes: 5409 * None. 5410 K) Get SRTT Report 5412 Format: GETSRTTREPORT(association id, destination transport 5413 address) -> srtt result 5415 Instructs the local SCTP to report the current SRTT measurement 5416 on the specified destination transport address of the given 5417 association. The returned result can be an integer containing 5418 the most recent SRTT in milliseconds. 5419 Mandatory attributes: 5421 * association id - local handle to the SCTP association. 5422 * destination transport address - the transport address of the 5423 association on which the SRTT measurement is to be reported. 5425 Optional attributes: 5427 * None. 5428 L) Set Failure Threshold 5430 Format: SETFAILURETHRESHOLD(association id, destination transport 5431 address, failure threshold) -> result 5433 This primitive allows the local SCTP to customize the 5434 reachability failure detection threshold 'Path.Max.Retrans' for 5435 the specified destination address. 5436 Mandatory attributes: 5438 * association id - local handle to the SCTP association. 5439 * destination transport address - the transport address of the 5440 association on which the failure detection threshold is to be 5441 set. 5442 * failure threshold - the new value of 'Path.Max.Retrans' for 5443 the destination address. 5445 Optional attributes: 5447 * None. 5448 M) Set Protocol Parameters 5450 Format: SETPROTOCOLPARAMETERS(association id, [destination 5451 transport address,] protocol parameter list) -> result 5453 This primitive allows the local SCTP to customize the protocol 5454 parameters. 5455 Mandatory attributes: 5457 * association id - local handle to the SCTP association. 5458 * protocol parameter list - the specific names and values of the 5459 protocol parameters (e.g., Association.Max.Retrans (see 5460 Section 16), or other parameters like the DSCP) that the SCTP 5461 user wishes to customize. 5463 Optional attributes: 5465 * destination transport address - some of the protocol 5466 parameters might be set on a per destination transport address 5467 basis. 5468 N) Receive Unsent Message 5470 Format: RECEIVE_UNSENT(data retrieval id, buffer address, buffer 5471 size [,stream id] [, stream sequence number] [,partial 5472 flag] [,payload protocol-id]) 5473 Mandatory attributes: 5475 * data retrieval id - the identification passed to the ULP in 5476 the failure notification. 5477 * buffer address - the memory location indicated by the ULP to 5478 store the received message. 5479 * buffer size - the maximum size of data to be received, in 5480 bytes. 5482 Optional attributes: 5484 * stream id - this is a return value that is set to indicate 5485 which stream the data was sent to. 5486 * stream sequence number - this value is returned indicating the 5487 Stream Sequence Number that was associated with the message. 5488 * partial flag - if this returned flag is set to 1, then this 5489 message is a partial delivery of the whole message. When this 5490 flag is set, the stream id and stream sequence number 5491 accompanies this primitive. When this flag is set to 0, it 5492 indicates that no more deliveries will be received for this 5493 stream sequence number. 5494 * payload protocol-id - The 32 bit unsigned integer that was 5495 sent to be sent to the peer indicating the type of payload 5496 protocol of the received data. 5497 O) Receive Unacknowledged Message 5499 Format: RECEIVE_UNACKED(data retrieval id, buffer address, buffer 5500 size, [,stream id] [,stream sequence number] [,partial 5501 flag] [,payload protocol-id]) 5502 Mandatory attributes: 5504 * data retrieval id - the identification passed to the ULP in 5505 the failure notification. 5506 * buffer address - the memory location indicated by the ULP to 5507 store the received message. 5508 * buffer size - the maximum size of data to be received, in 5509 bytes. 5511 Optional attributes: 5513 * stream id - this is a return value that is set to indicate 5514 which stream the data was sent to. 5515 * stream sequence number - this value is returned indicating the 5516 Stream Sequence Number that was associated with the message. 5517 * partial flag - if this returned flag is set to 1, then this 5518 message is a partial delivery of the whole message. When this 5519 flag is set, the stream id and stream sequence number 5520 accompanies this primitive. When this flag is set to 0, it 5521 indicates that no more deliveries will be received for this 5522 stream sequence number. 5524 * payload protocol-id - the 32-bit unsigned integer that was 5525 sent to the peer indicating the type of payload protocol of 5526 the received data. 5527 P) Destroy SCTP Instance 5529 Format: DESTROY(local SCTP instance name) 5530 Mandatory attributes: 5532 * local SCTP instance name - this is the value that was passed 5533 to the application in the initialize primitive and it 5534 indicates which SCTP instance is to be destroyed. 5536 Optional attributes: 5538 * None. 5540 11.2. SCTP-to-ULP 5542 It is assumed that the operating system or application environment 5543 provides a means for the SCTP to asynchronously signal the ULP 5544 process. When SCTP does signal a ULP process, certain information is 5545 passed to the ULP. 5547 IMPLEMENTATION NOTE: In some cases, this might be done through a 5548 separate socket or error channel. 5550 A) DATA ARRIVE notification 5551 SCTP invokes this notification on the ULP when a user message is 5552 successfully received and ready for retrieval. 5553 The following might optionally be passed with the notification: 5555 * association id - local handle to the SCTP association. 5556 * stream id - to indicate which stream the data is received on. 5557 B) SEND FAILURE notification 5558 If a message cannot be delivered, SCTP invokes this notification 5559 on the ULP. 5560 The following might optionally be passed with the notification: 5562 * association id - local handle to the SCTP association. 5563 * data retrieval id - an identification used to retrieve unsent 5564 and unacknowledged data. 5565 * cause code - indicating the reason of the failure, e.g., size 5566 too large, message life time expiration, etc. 5567 * context - optional information associated with this message 5568 (see D in Section 11.1). 5569 C) NETWORK STATUS CHANGE notification 5570 When a destination transport address is marked inactive (e.g., 5571 when SCTP detects a failure) or marked active (e.g., when SCTP 5572 detects a recovery), SCTP invokes this notification on the ULP. 5573 The following is passed with the notification: 5575 * association id - local handle to the SCTP association. 5576 * destination transport address - this indicates the destination 5577 transport address of the peer endpoint affected by the change. 5578 * new-status - this indicates the new status. 5579 D) COMMUNICATION UP notification 5580 This notification is used when SCTP becomes ready to send or 5581 receive user messages, or when a lost communication to an 5582 endpoint is restored. 5583 IMPLEMENTATION NOTE: If the ASSOCIATE primitive is implemented as 5584 a blocking function call, the association parameters are returned 5585 as a result of the ASSOCIATE primitive itself. In that case, 5586 COMMUNICATION UP notification is optional at the association 5587 initiator's side. 5588 The following is passed with the notification: 5590 * association id - local handle to the SCTP association. 5591 * status - This indicates what type of event has occurred. 5592 * destination transport address list - the complete set of 5593 transport addresses of the peer. 5594 * outbound stream count - the maximum number of streams allowed 5595 to be used in this association by the ULP. 5596 * inbound stream count - the number of streams the peer endpoint 5597 has requested with this association (this might not be the 5598 same number as 'outbound stream count'). 5599 E) COMMUNICATION LOST notification 5600 When SCTP loses communication to an endpoint completely (e.g., 5601 via Heartbeats) or detects that the endpoint has performed an 5602 abort operation, it invokes this notification on the ULP. 5603 The following is passed with the notification: 5605 * association id - local handle to the SCTP association. 5606 * status - this indicates what type of event has occurred; the 5607 status might indicate that a failure OR a normal termination 5608 event occurred in response to a shutdown or abort request. 5610 The following might be passed with the notification: 5612 * data retrieval id - an identification used to retrieve unsent 5613 and unacknowledged data. 5614 * last-acked - the TSN last acked by that peer endpoint. 5615 * last-sent - the TSN last sent to that peer endpoint. 5616 * Upper Layer Abort Reason - the abort reason specified in case 5617 of a user-initiated abort. 5619 F) COMMUNICATION ERROR notification 5620 When SCTP receives an ERROR chunk from its peer and decides to 5621 notify its ULP, it can invoke this notification on the ULP. 5622 The following can be passed with the notification: 5624 * association id - local handle to the SCTP association. 5625 * error info - this indicates the type of error and optionally 5626 some additional information received through the ERROR chunk. 5627 G) RESTART notification 5628 When SCTP detects that the peer has restarted, it might send this 5629 notification to its ULP. 5630 The following can be passed with the notification: 5632 * association id - local handle to the SCTP association. 5633 H) SHUTDOWN COMPLETE notification 5634 When SCTP completes the shutdown procedures (Section 9.2), this 5635 notification is passed to the upper layer. 5636 The following can be passed with the notification: 5638 * association id - local handle to the SCTP association. 5640 12. Security Considerations 5642 12.1. Security Objectives 5644 As a common transport protocol designed to reliably carry time- 5645 sensitive user messages, such as billing or signaling messages for 5646 telephony services, between two networked endpoints, SCTP has the 5647 following security objectives. 5649 o availability of reliable and timely data transport services 5650 o integrity of the user-to-user information carried by SCTP 5652 12.2. SCTP Responses to Potential Threats 5654 SCTP could potentially be used in a wide variety of risk situations. 5655 It is important for operators of systems running SCTP to analyze 5656 their particular situations and decide on the appropriate counter- 5657 measures. 5659 Operators of systems running SCTP might consult [RFC2196] for 5660 guidance in securing their site. 5662 12.2.1. Countering Insider Attacks 5664 The principles of [RFC2196] might be applied to minimize the risk of 5665 theft of information or sabotage by insiders. Such procedures 5666 include publication of security policies, control of access at the 5667 physical, software, and network levels, and separation of services. 5669 12.2.2. Protecting against Data Corruption in the Network 5671 Where the risk of undetected errors in datagrams delivered by the 5672 lower-layer transport services is considered to be too great, 5673 additional integrity protection is required. If this additional 5674 protection were provided in the application layer, the SCTP header 5675 would remain vulnerable to deliberate integrity attacks. While the 5676 existing SCTP mechanisms for detection of packet replays are 5677 considered sufficient for normal operation, stronger protections are 5678 needed to protect SCTP when the operating environment contains 5679 significant risk of deliberate attacks from a sophisticated 5680 adversary. 5682 The SCTP Authentication extension SCTP-AUTH [RFC4895] MAY be used 5683 when the threat environment requires stronger integrity protections, 5684 but does not require confidentiality. 5686 12.2.3. Protecting Confidentiality 5688 In most cases, the risk of breach of confidentiality applies to the 5689 signaling data payload, not to the SCTP or lower-layer protocol 5690 overheads. If that is true, encryption of the SCTP user data only 5691 might be considered. As with the supplementary checksum service, 5692 user data encryption MAY be performed by the SCTP user application. 5693 Alternately, the user application MAY use an implementation-specific 5694 API to request that the IP Encapsulating Security Payload (ESP) 5695 [RFC4303] be used to provide confidentiality and integrity. 5697 Particularly for mobile users, the requirement for confidentiality 5698 might include the masking of IP addresses and ports. In this case, 5699 ESP SHOULD be used instead of application-level confidentiality. If 5700 ESP is used to protect confidentiality of SCTP traffic, an ESP 5701 cryptographic transform that includes cryptographic integrity 5702 protection MUST be used, because if there is a confidentiality threat 5703 there will also be a strong integrity threat. 5705 Whenever ESP is in use, application-level encryption is not generally 5706 required. 5708 Regardless of where confidentiality is provided, the Internet Key 5709 Exchange Protocol version 2 (IKEv2) [RFC7296] SHOULD be used for key 5710 management. 5712 Operators might consult [RFC4301] for more information on the 5713 security services available at and immediately above the Internet 5714 Protocol layer. 5716 12.2.4. Protecting against Blind Denial-of-Service Attacks 5718 A blind attack is one where the attacker is unable to intercept or 5719 otherwise see the content of data flows passing to and from the 5720 target SCTP node. Blind denial-of-service attacks can take the form 5721 of flooding, masquerade, or improper monopolization of services. 5723 12.2.4.1. Flooding 5725 The objective of flooding is to cause loss of service and incorrect 5726 behavior at target systems through resource exhaustion, interference 5727 with legitimate transactions, and exploitation of buffer-related 5728 software bugs. Flooding can be directed either at the SCTP node or 5729 at resources in the intervening IP Access Links or the Internet. 5730 Where the latter entities are the target, flooding will manifest 5731 itself as loss of network services, including potentially the breach 5732 of any firewalls in place. 5734 In general, protection against flooding begins at the equipment 5735 design level, where it includes measures such as: 5737 o avoiding commitment of limited resources before determining that 5738 the request for service is legitimate. 5740 o giving priority to completion of processing in progress over the 5741 acceptance of new work. 5743 o identification and removal of duplicate or stale queued requests 5744 for service. 5746 o not responding to unexpected packets sent to non-unicast 5747 addresses. 5749 Network equipment is expected to be capable of generating an alarm 5750 and log if a suspicious increase in traffic occurs. The log provides 5751 information such as the identity of the incoming link and source 5752 address(es) used, which will help the network or SCTP system operator 5753 to take protective measures. Procedures are expected to be in place 5754 for the operator to act on such alarms if a clear pattern of abuse 5755 emerges. 5757 The design of SCTP is resistant to flooding attacks, particularly in 5758 its use of a four-way startup handshake, its use of a cookie to defer 5759 commitment of resources at the responding SCTP node until the 5760 handshake is completed, and its use of a Verification Tag to prevent 5761 insertion of extraneous packets into the flow of an established 5762 association. 5764 The IP Authentication Header and Encapsulating Security Payload might 5765 be useful in reducing the risk of certain kinds of denial-of-service 5766 attacks. 5768 Support for the Host Name Address parameter has been removed from the 5769 protocol. Endpoints receiving INIT or INIT ACK chunks containing the 5770 Host Name Address parameter MUST send an ABORT chunk in response and 5771 MAY include an "Unresolvable Address" error cause. 5773 12.2.4.2. Blind Masquerade 5775 Masquerade can be used to deny service in several ways: 5777 o by tying up resources at the target SCTP node to which the 5778 impersonated node has limited access. For example, the target 5779 node can by policy permit a maximum of one SCTP association with 5780 the impersonated SCTP node. The masquerading attacker can attempt 5781 to establish an association purporting to come from the 5782 impersonated node so that the latter cannot do so when it requires 5783 it. 5785 o by deliberately allowing the impersonation to be detected, thereby 5786 provoking counter-measures that cause the impersonated node to be 5787 locked out of the target SCTP node. 5789 o by interfering with an established association by inserting 5790 extraneous content such as a SHUTDOWN request. 5792 SCTP reduces the risk of blind masquerade attacks through IP spoofing 5793 by use of the four-way startup handshake. Because the initial 5794 exchange is memory-less, no lockout mechanism is triggered by blind 5795 masquerade attacks. In addition, the INIT ACK containing the State 5796 Cookie is transmitted back to the IP address from which it received 5797 the INIT. Thus, the attacker would not receive the INIT ACK 5798 containing the State Cookie. SCTP protects against insertion of 5799 extraneous packets into the flow of an established association by use 5800 of the Verification Tag. 5802 Logging of received INIT requests and abnormalities such as 5803 unexpected INIT ACKs might be considered as a way to detect patterns 5804 of hostile activity. However, the potential usefulness of such 5805 logging has to be weighed against the increased SCTP startup 5806 processing it implies, rendering the SCTP node more vulnerable to 5807 flooding attacks. Logging is pointless without the establishment of 5808 operating procedures to review and analyze the logs on a routine 5809 basis. 5811 12.2.4.3. Improper Monopolization of Services 5813 Attacks under this heading are performed openly and legitimately by 5814 the attacker. They are directed against fellow users of the target 5815 SCTP node or of the shared resources between the attacker and the 5816 target node. Possible attacks include the opening of a large number 5817 of associations between the attacker's node and the target, or 5818 transfer of large volumes of information within a legitimately 5819 established association. 5821 Policy limits are expected to be placed on the number of associations 5822 per adjoining SCTP node. SCTP user applications are expected to be 5823 capable of detecting large volumes of illegitimate or "no-op" 5824 messages within a given association and either logging or terminating 5825 the association as a result, based on local policy. 5827 12.3. SCTP Interactions with Firewalls 5829 It is helpful for some firewalls if they can inspect just the first 5830 fragment of a fragmented SCTP packet and unambiguously determine 5831 whether it corresponds to an INIT chunk (for further information, 5832 please refer to [RFC1858]). Accordingly, we stress the requirements, 5833 as stated in Section 3.1, that (1) an INIT chunk MUST NOT be bundled 5834 with any other chunk in a packet and (2) a packet containing an INIT 5835 chunk MUST have a zero Verification Tag. The receiver of an INIT 5836 chunk MUST silently discard the INIT chunk and all further chunks if 5837 the INIT chunk is bundled with other chunks or the packet has a non- 5838 zero Verification Tag. 5840 12.4. Protection of Non-SCTP-Capable Hosts 5842 To provide a non-SCTP-capable host with the same level of protection 5843 against attacks as for SCTP-capable ones, all SCTP stacks MUST 5844 implement the ICMP handling described in Section 10. 5846 When an SCTP stack receives a packet containing multiple control or 5847 DATA chunks and the processing of the packet requires the sending of 5848 multiple chunks in response, the sender of the response chunk(s) MUST 5849 NOT send more than one packet. If bundling is supported, multiple 5850 response chunks that fit into a single packet MAY be bundled together 5851 into one single response packet. If bundling is not supported, then 5852 the sender MUST NOT send more than one response chunk and MUST 5853 discard all other responses. Note that this rule does not apply to a 5854 SACK chunk, since a SACK chunk is, in itself, a response to DATA and 5855 a SACK does not require a response of more DATA. 5857 An SCTP implementation SHOULD abort the association if it receives a 5858 SACK acknowledging a TSN that has not been sent. 5860 An SCTP implementation that receives an INIT that would require a 5861 large packet in response, due to the inclusion of multiple ERROR 5862 parameters, MAY (at its discretion) elect to omit some or all of the 5863 ERROR parameters to reduce the size of the INIT ACK. Due to a 5864 combination of the size of the COOKIE parameter and the number of 5865 addresses a receiver of an INIT indicates to a peer, it is always 5866 possible that the INIT ACK will be larger than the original INIT. An 5867 SCTP implementation SHOULD attempt to make the INIT ACK as small as 5868 possible to reduce the possibility of byte amplification attacks. 5870 13. Network Management Considerations 5872 The MIB module for SCTP defined in [RFC3873] applies for the version 5873 of the protocol specified in this document. 5875 14. Recommended Transmission Control Block (TCB) Parameters 5877 This section details a set of parameters that are expected to be 5878 contained within the TCB for an implementation. This section is for 5879 illustrative purposes and is not considered to be requirements on an 5880 implementation or as an exhaustive list of all parameters inside an 5881 SCTP TCB. Each implementation might need its own additional 5882 parameters for optimization. 5884 14.1. Parameters Necessary for the SCTP Instance 5886 Associations: A list of current associations and mappings to the data 5887 consumers for each association. This might be in the 5888 form of a hash table or other implementation-dependent 5889 structure. The data consumers might be process 5890 identification information such as file descriptors, 5891 named pipe pointer, or table pointers dependent on how 5892 SCTP is implemented. 5893 Secret Key: A secret key used by this endpoint to compute the MAC. 5894 This SHOULD be a cryptographic quality random number 5895 with a sufficient length. Discussion in [RFC4086] can 5896 be helpful in selection of the key. 5897 Address List: The list of IP addresses that this instance has bound. 5898 This information is passed to one's peer(s) in INIT and 5899 INIT ACK chunks. 5900 SCTP Port: The local SCTP port number to which the endpoint is 5901 bound. 5903 14.2. Parameters Necessary per Association (i.e., the TCB) 5905 Peer Verification Tag: Tag value to be sent in every packet and is 5906 received in the INIT or INIT ACK chunk. 5907 My Verification Tag: Tag expected in every inbound packet and sent 5908 in the INIT or INIT ACK chunk. 5909 State: A state variable indicating what state the association 5910 is in, i.e., COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED, 5911 SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, 5912 SHUTDOWN-ACK-SENT. 5913 Note: No "CLOSED" state is illustrated since if a 5914 association is "CLOSED" its TCB SHOULD be removed. 5915 Peer Transport Address List: A list of SCTP transport addresses to 5916 which the peer is bound. This information is derived 5917 from the INIT or INIT ACK and is used to associate an 5918 inbound packet with a given association. Normally, 5919 this information is hashed or keyed for quick lookup 5920 and access of the TCB. 5921 Primary Path: This is the current primary destination transport 5922 address of the peer endpoint. It might also specify a 5923 source transport address on this endpoint. 5924 Overall Error Count: The overall association error count. 5925 Overall Error Threshold: The threshold for this association that if 5926 the Overall Error Count reaches will cause this 5927 association to be torn down. 5928 Peer Rwnd: Current calculated value of the peer's rwnd. 5929 Next TSN: The next TSN number to be assigned to a new DATA chunk. 5930 This is sent in the INIT or INIT ACK chunk to the peer 5931 and incremented each time a DATA chunk is assigned a 5932 TSN (normally just prior to transmit or during 5933 fragmentation). 5934 Last Rcvd TSN: This is the last TSN received in sequence. This 5935 value is set initially by taking the peer's initial 5936 TSN, received in the INIT or INIT ACK chunk, and 5937 subtracting one from it. 5938 Mapping Array: An array of bits or bytes indicating which out-of- 5939 order TSNs have been received (relative to the Last 5940 Rcvd TSN). If no gaps exist, i.e., no out-of- order 5941 packets have been received, this array will be set to 5942 all zero. This structure might be in the form of a 5943 circular buffer or bit array. 5944 Ack State: This flag indicates if the next received packet is to 5945 be responded to with a SACK. This is initialized to 0. 5946 When a packet is received it is incremented. If this 5947 value reaches 2 or more, a SACK is sent and the value 5948 is reset to 0. Note: This is used only when no DATA 5949 chunks are received out of order. When DATA chunks are 5950 out of order, SACKs are not delayed (see Section 6). 5952 Inbound Streams: An array of structures to track the inbound 5953 streams, normally including the next sequence number 5954 expected and possibly the stream number. 5955 Outbound Streams: An array of structures to track the outbound 5956 streams, normally including the next sequence number to 5957 be sent on the stream. 5958 Reasm Queue: A reassembly queue. 5959 Local Transport Address List: The list of local IP addresses bound 5960 in to this association. 5961 Association PMTU: The smallest PMTU discovered for all of the peer's 5962 transport addresses. 5964 14.3. Per Transport Address Data 5966 For each destination transport address in the peer's address list 5967 derived from the INIT or INIT ACK chunk, a number of data elements 5968 need to be maintained including: 5970 Error Count: The current error count for this destination. 5971 Error Threshold: Current error threshold for this destination, i.e., 5972 what value marks the destination down if error count 5973 reaches this value. 5974 cwnd: The current congestion window. 5975 ssthresh: The current ssthresh value. 5976 RTO: The current retransmission timeout value. 5977 SRTT: The current smoothed round-trip time. 5978 RTTVAR: The current RTT variation. 5979 partial bytes acked: The tracking method for increase of cwnd when 5980 in congestion avoidance mode (see Section 7.2.2). 5981 state: The current state of this destination, i.e., DOWN, UP, 5982 ALLOW-HB, NO-HEARTBEAT, etc. 5983 PMTU: The current known path MTU. 5984 Per Destination Timer: A timer used by each destination. 5985 RTO-Pending: A flag used to track if one of the DATA chunks sent to 5986 this address is currently being used to compute an RTT. 5987 If this flag is 0, the next DATA chunk sent to this 5988 destination is expected to be used to compute an RTT 5989 and this flag is expected to be set. Every time the 5990 RTT calculation completes (i.e., the DATA chunk is 5991 SACK'd), clear this flag. 5992 last-time: The time to which this destination was last sent. This 5993 can be to determine if a HEARTBEAT is needed. 5995 14.4. General Parameters Needed 5997 Out Queue: A queue of outbound DATA chunks. 5998 In Queue: A queue of inbound DATA chunks. 6000 15. IANA Considerations 6002 SCTP defines three registries that IANA maintains: 6004 o through definition of additional chunk types, 6005 o through definition of additional parameter types, or 6006 o through definition of additional cause codes within ERROR chunks. 6008 SCTP requires that the IANA Port Numbers registry be opened for SCTP 6009 port registrations, Section 15.6 describes how. An IESG-appointed 6010 Expert Reviewer supports IANA in evaluating SCTP port allocation 6011 requests. 6013 15.1. IETF-Defined Chunk Extension 6015 The assignment of new chunk type codes is done through an IETF Review 6016 action, as defined in [RFC8126]. Documentation for a new chunk MUST 6017 contain the following information: 6019 a) A long and short name for the new chunk type. 6021 b) A detailed description of the structure of the chunk, which MUST 6022 conform to the basic structure defined in Section 3.2. 6024 c) A detailed definition and description of intended use of each 6025 field within the chunk, including the chunk flags if any. 6026 Defined chunk flags will be used as initial entries in the chunk 6027 flags table for the new chunk type. 6029 d) A detailed procedural description of the use of the new chunk 6030 type within the operation of the protocol. 6032 The last chunk type (255) is reserved for future extension if 6033 necessary. 6035 For each new chunk type, IANA creates a registration table for the 6036 chunk flags of that type. The procedure for registering particular 6037 chunk flags is described in Section 15.2. 6039 15.2. IETF Chunk Flags Registration 6041 The assignment of new chunk flags is done through an RFC Required 6042 action, as defined in [RFC8126]. Documentation for the chunk flags 6043 MUST contain the following information: 6045 a) A name for the new chunk flag. 6047 b) A detailed procedural description of the use of the new chunk 6048 flag within the operation of the protocol. It MUST be considered 6049 that implementations not supporting the flag will send '0' on 6050 transmit and just ignore it on receipt. 6052 IANA selects a chunk flags value. This MUST be one of 0x01, 0x02, 6053 0x04, 0x08, 0x10, 0x20, 0x40, or 0x80, which MUST be unique within 6054 the chunk flag values for the specific chunk type. 6056 15.3. IETF-Defined Chunk Parameter Extension 6058 The assignment of new chunk parameter type codes is done through an 6059 IETF Review action as defined in [RFC8126]. Documentation of the 6060 chunk parameter MUST contain the following information: 6062 a) Name of the parameter type. 6064 b) Detailed description of the structure of the parameter field. 6065 This structure MUST conform to the general Type-Length-Value 6066 format described in Section 3.2.1. 6068 c) Detailed definition of each component of the parameter value. 6070 d) Detailed description of the intended use of this parameter type, 6071 and an indication of whether and under what circumstances 6072 multiple instances of this parameter type can be found within the 6073 same chunk. 6075 e) Each parameter type MUST be unique across all chunks. 6077 15.4. IETF-Defined Additional Error Causes 6079 Additional cause codes can be allocated in the range 11 to 65535 6080 through a Specification Required action as defined in [RFC8126]. 6081 Provided documentation MUST include the following information: 6083 a) Name of the error condition. 6085 b) Detailed description of the conditions under which an SCTP 6086 endpoint issues an ERROR (or ABORT) with this cause code. 6088 c) Expected action by the SCTP endpoint that receives an ERROR (or 6089 ABORT) chunk containing this cause code. 6091 d) Detailed description of the structure and content of data fields 6092 that accompany this cause code. 6094 The initial word (32 bits) of a cause code parameter MUST conform to 6095 the format shown in Section 3.3.10, i.e.: 6097 o first 2 bytes contain the cause code value 6098 o last 2 bytes contain the length of the cause parameter. 6100 15.5. Payload Protocol Identifiers 6102 Except for value 0, which is reserved by SCTP to indicate an 6103 unspecified payload protocol identifier in a DATA chunk, SCTP will 6104 not be responsible for standardizing or verifying any payload 6105 protocol identifiers; SCTP simply receives the identifier from the 6106 upper layer and carries it with the corresponding payload data. 6108 The upper layer, i.e., the SCTP user, SHOULD standardize any specific 6109 protocol identifier with IANA if it is so desired. The use of any 6110 specific payload protocol identifier is out of the scope of SCTP. 6112 15.6. Port Numbers Registry 6114 SCTP services can use contact port numbers to provide service to 6115 unknown callers, as in TCP and UDP. IANA is therefore requested to 6116 open the existing "Service Name and Transport Protocol Port Number 6117 Registry" for SCTP using the following rules, which we intend to mesh 6118 well with existing port-number registration procedures. An IESG- 6119 appointed expert reviewer supports IANA in evaluating SCTP port 6120 allocation requests, according to the procedure defined in [RFC8126]. 6121 The details of this process are defined in [RFC6335]. 6123 This document registers the following ports. (These registrations 6124 are to be considered models to follow for future allocation 6125 requests.) 6126 discard 9/sctp Discard # IETF TSVWG 6127 # Randall Stewart 6128 # [RFC4960] 6130 The discard service, which accepts SCTP connections on port 6131 9, discards all incoming application data and sends no data 6132 in response. Thus, SCTP's discard port is analogous to 6133 TCP's discard port, and might be used to check the health 6134 of an SCTP stack. 6136 ftp-data 20/sctp FTP # IETF TSVWG 6137 # Randall Stewart 6138 # [RFC4960] 6140 ftp 21/sctp FTP # IETF TSVWG 6141 # Randall Stewart 6142 # [RFC4960] 6144 File Transfer Protocol (FTP) data (20) and control ports 6145 (21). 6147 ssh 22/sctp SSH # IETF TSVWG 6148 # Randall Stewart 6149 # [RFC4960] 6151 The Secure Shell (SSH) remote login service, which allows 6152 secure shell logins to a host. 6154 http 80/sctp HTTP # IETF TSVWG 6155 # Randall Stewart 6156 # [RFC4960] 6158 World Wide Web HTTP over SCTP. 6160 bgp 179/sctp BGP # IETF TSVWG 6161 # Randall Stewart 6162 # [RFC4960] 6164 Border Gateway Protocol over SCTP. 6166 https 443/sctp HTTPS # IETF TSVWG 6167 # Randall Stewart 6168 # [RFC4960] 6170 World Wide Web HTTP over TLS/SSL over SCTP. 6172 16. Suggested SCTP Protocol Parameter Values 6174 The following protocol parameters are RECOMMENDED: 6176 RTO.Initial: 1 second 6177 RTO.Min: 1 second 6178 RTO.Max: 60 seconds 6179 Max.Burst: 4 6180 RTO.Alpha: 1/8 6181 RTO.Beta: 1/4 6182 Valid.Cookie.Life: 60 seconds 6183 Association.Max.Retrans: 10 attempts 6184 Path.Max.Retrans: 5 attempts (per destination address) 6185 Max.Init.Retransmits: 8 attempts 6186 HB.interval: 30 seconds 6187 HB.Max.Burst: 1 6188 SACK.Delay: 200 milliseconds 6190 IMPLEMENTATION NOTE: The SCTP implementation can allow ULP to 6191 customize some of these protocol parameters (see Section 11). 6193 RTO.Min SHOULD be set as described above in this section. 6195 17. Acknowledgements 6197 An undertaking represented by this updated document is not a small 6198 feat and represents the summation of the initial authors of RFC 2960: 6199 Q. Xie, K. Morneault, C. Sharp, H. Schwarzbauer, T. Taylor, 6200 I. Rytina, M. Kalla, L. Zhang, and V. Paxson. 6202 Add to that, the comments from everyone who contributed to the 6203 original RFC: 6205 Mark Allman, R.J. Atkinson, Richard Band, Scott Bradner, Steve 6206 Bellovin, Peter Butler, Ram Dantu, R. Ezhirpavai, Mike Fisk, Sally 6207 Floyd, Atsushi Fukumoto, Matt Holdrege, Henry Houh, Christian 6208 Huitema, Gary Lehecka, Jonathan Lee, David Lehmann, John Loughney, 6209 Daniel Luan, Barry Nagelberg, Thomas Narten, Erik Nordmark, Lyndon 6210 Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno Rajahalme, 6211 Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez, A. Sankar, Greg 6212 Sidebottom, Brian Wyld, La Monte Yarroll, and many others for their 6213 invaluable comments. 6215 Then, add the authors of the SCTP implementor's guide, I. Arias- 6216 Rodriguez, K. Poon, A. Caro, and M. Tuexen. 6218 Then add to these the efforts of all the subsequent seven SCTP 6219 interoperability tests and those who commented on RFC 4460 as shown 6220 in its acknowledgements: 6222 Barry Zuckerman, La Monte Yarroll, Qiaobing Xie, Wang Xiaopeng, 6223 Jonathan Wood, Jeff Waskow, Mike Turner, John Townsend, Sabina 6224 Torrente, Cliff Thomas, Yuji Suzuki, Manoj Solanki, Sverre Slotte, 6225 Keyur Shah, Jan Rovins, Ben Robinson, Renee Revis, Ian Periam, RC 6226 Monee, Sanjay Rao, Sujith Radhakrishnan, Heinz Prantner, Biren Patel, 6227 Nathalie Mouellic, Mitch Miers, Bernward Meyknecht, Stan McClellan, 6228 Oliver Mayor, Tomas Orti Martin, Sandeep Mahajan, David Lehmann, 6229 Jonathan Lee, Philippe Langlois, Karl Knutson, Joe Keller, Gareth 6230 Keily, Andreas Jungmaier, Janardhan Iyengar, Mutsuya Irie, John 6231 Hebert, Kausar Hassan, Fred Hasle, Dan Harrison, Jon Grim, Laurent 6232 Glaude, Steven Furniss, Atsushi Fukumoto, Ken Fujita, Steve Dimig, 6233 Thomas Curran, Serkan Cil, Melissa Campbell, Peter Butler, Rob 6234 Brennan, Harsh Bhondwe, Brian Bidulock, Caitlin Bestler, Jon Berger, 6235 Robby Benedyk, Stephen Baucke, Sandeep Balani, and Ronnie Sellar. 6237 A special thanks to Mark Allman, who should actually be a co-author 6238 for his work on the max-burst, but managed to wiggle out due to a 6239 technicality. Also, we would like to acknowledge Lyndon Ong and Phil 6240 Conrad for their valuable input and many contributions. 6242 And finally, you have this document, and those who have commented 6243 upon that including Alfred Hoenes and Ronnie Sellars. 6245 My thanks cannot be adequately expressed to all of you who have 6246 participated in the coding, testing, and updating process of this 6247 document. All I can say is, Thank You! 6249 Randall Stewart - Editor 6251 18. References 6253 18.1. Normative References 6255 [I-D.ietf-tsvwg-datagram-plpmtud] 6256 Fairhurst, G., Jones, T., Tuexen, M., Ruengeler, I., and 6257 T. Voelker, "Packetization Layer Path MTU Discovery for 6258 Datagram Transports", draft-ietf-tsvwg-datagram-plpmtud-22 6259 (work in progress), June 2020. 6261 [ITU.V42.1994] 6262 International Telecommunications Union, "Error-correcting 6263 Procedures for DCEs Using Asynchronous-to-Synchronous 6264 Conversion", ITU-T Recommendation V.42, 1994. 6266 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 6267 DOI 10.17487/RFC0768, August 1980, 6268 . 6270 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 6271 RFC 793, DOI 10.17487/RFC0793, September 1981, 6272 . 6274 [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - 6275 Communication Layers", STD 3, RFC 1122, 6276 DOI 10.17487/RFC1122, October 1989, 6277 . 6279 [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts - 6280 Application and Support", STD 3, RFC 1123, 6281 DOI 10.17487/RFC1123, October 1989, 6282 . 6284 [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, 6285 DOI 10.17487/RFC1191, November 1990, 6286 . 6288 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 6289 DOI 10.17487/RFC1982, August 1996, 6290 . 6292 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 6293 Requirement Levels", BCP 14, RFC 2119, 6294 DOI 10.17487/RFC2119, March 1997, 6295 . 6297 [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission 6298 Protocol (SCTP) Management Information Base (MIB)", 6299 RFC 3873, DOI 10.17487/RFC3873, September 2004, 6300 . 6302 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 6303 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 6304 2006, . 6306 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 6307 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 6308 December 2005, . 6310 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 6311 RFC 4303, DOI 10.17487/RFC4303, December 2005, 6312 . 6314 [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion 6315 Control", RFC 5681, DOI 10.17487/RFC5681, September 2009, 6316 . 6318 [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. 6319 Cheshire, "Internet Assigned Numbers Authority (IANA) 6320 Procedures for the Management of the Service Name and 6321 Transport Protocol Port Number Registry", BCP 165, 6322 RFC 6335, DOI 10.17487/RFC6335, August 2011, 6323 . 6325 [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. 6326 Kivinen, "Internet Key Exchange Protocol Version 2 6327 (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October 6328 2014, . 6330 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 6331 Writing an IANA Considerations Section in RFCs", BCP 26, 6332 RFC 8126, DOI 10.17487/RFC8126, June 2017, 6333 . 6335 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 6336 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 6337 May 2017, . 6339 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 6340 (IPv6) Specification", STD 86, RFC 8200, 6341 DOI 10.17487/RFC8200, July 2017, 6342 . 6344 [RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed., 6345 "Path MTU Discovery for IP version 6", STD 87, RFC 8201, 6346 DOI 10.17487/RFC8201, July 2017, 6347 . 6349 18.2. Informative References 6351 [ALLMAN99] 6352 Allman, M. and V. Paxson, "On Estimating End-to-End 6353 Network Path Properties", SIGCOM 99, 1999. 6355 [FALL96] Fall, K. and S. Floyd, "Simulation-based Comparisons of 6356 Tahoe, Reno, and SACK TCP", SIGCOM 99, V. 26, N. 3, 6357 pp 5-21, July 1996. 6359 [RFC1858] Ziemba, G., Reed, D., and P. Traina, "Security 6360 Considerations for IP Fragment Filtering", RFC 1858, 6361 DOI 10.17487/RFC1858, October 1995, 6362 . 6364 [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- 6365 Hashing for Message Authentication", RFC 2104, 6366 DOI 10.17487/RFC2104, February 1997, 6367 . 6369 [RFC2196] Fraser, B., "Site Security Handbook", FYI 8, RFC 2196, 6370 DOI 10.17487/RFC2196, September 1997, 6371 . 6373 [RFC2522] Karn, P. and W. Simpson, "Photuris: Session-Key Management 6374 Protocol", RFC 2522, DOI 10.17487/RFC2522, March 1999, 6375 . 6377 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition 6378 of Explicit Congestion Notification (ECN) to IP", 6379 RFC 3168, DOI 10.17487/RFC3168, September 2001, 6380 . 6382 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 6383 "Randomness Requirements for Security", BCP 106, RFC 4086, 6384 DOI 10.17487/RFC4086, June 2005, 6385 . 6387 [RFC4895] Tuexen, M., Stewart, R., Lei, P., and E. Rescorla, 6388 "Authenticated Chunks for the Stream Control Transmission 6389 Protocol (SCTP)", RFC 4895, DOI 10.17487/RFC4895, August 6390 2007, . 6392 [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", 6393 RFC 4960, DOI 10.17487/RFC4960, September 2007, 6394 . 6396 [RFC6458] Stewart, R., Tuexen, M., Poon, K., Lei, P., and V. 6397 Yasevich, "Sockets API Extensions for the Stream Control 6398 Transmission Protocol (SCTP)", RFC 6458, 6399 DOI 10.17487/RFC6458, December 2011, 6400 . 6402 [RFC7053] Tuexen, M., Ruengeler, I., and R. Stewart, "SACK- 6403 IMMEDIATELY Extension for the Stream Control Transmission 6404 Protocol", RFC 7053, DOI 10.17487/RFC7053, November 2013, 6405 . 6407 [RFC8311] Black, D., "Relaxing Restrictions on Explicit Congestion 6408 Notification (ECN) Experimentation", RFC 8311, 6409 DOI 10.17487/RFC8311, January 2018, 6410 . 6412 [RFC8540] Stewart, R., Tuexen, M., and M. Proshin, "Stream Control 6413 Transmission Protocol: Errata and Issues in RFC 4960", 6414 RFC 8540, DOI 10.17487/RFC8540, February 2019, 6415 . 6417 [SAVAGE99] 6418 Savage, S., Cardwell, N., Wetherall, D., and T. Anderson, 6419 "TCP Congestion Control with a Misbehaving Receiver", ACM 6420 Computer Communications Review 29(5), October 1999. 6422 [WILLIAMS93] 6423 Williams, R., "A PAINLESS GUIDE TO CRC ERROR DETECTION 6424 ALGORITHMS", SIGCOM 99, August 1993, 6425 . 6428 Appendix A. Explicit Congestion Notification 6430 ECN as specified in [RFC3168] (updated by [RFC8311]) describes an 6431 extension to IP that details a method for becoming aware of 6432 congestion outside of datagram loss. This is a feature that an 6433 implementation MAY choose to add to SCTP. This appendix details the 6434 minor differences implementers will need to be aware of if they 6435 choose to implement this feature. In general, [RFC3168] (updated by 6436 [RFC8311]) SHOULD be followed, with the following exceptions. 6438 Negotiation: 6440 [RFC3168] (updated by [RFC8311]) details the negotiation of ECN 6441 during the SYN and SYN-ACK stages of a TCP connection. The sender of 6442 the SYN sets 2 bits in the TCP flags, and the sender of the SYN-ACK 6443 sets only 1 bit. The reasoning behind this is to ensure that both 6444 sides are truly ECN capable. For SCTP, this is not necessary. To 6445 indicate that an endpoint is ECN capable, an endpoint SHOULD add to 6446 the INIT and or INIT ACK chunk the TLV reserved for ECN. This TLV 6447 contains no parameters, and thus has the following format: 6449 0 1 2 3 6450 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 6451 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6452 | Parameter Type = 32768 | Parameter Length = 4 | 6453 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6455 ECN-Echo: 6457 [RFC3168] (updated by [RFC8311]) details a specific bit for a 6458 receiver to send back in its TCP acknowledgements to notify the 6459 sender of the Congestion Experienced (CE) bit that the CE bit has 6460 arrived from the network. For SCTP, this same indication is made by 6461 including the ECNE chunk. This chunk contains one data element, 6462 i.e., the lowest TSN associated with the IP datagram marked with the 6463 CE bit, and looks as follows: 6465 0 1 2 3 6466 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 6467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6468 | Chunk Type=12 | Flags=00000000| Chunk Length = 8 | 6469 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6470 | Lowest TSN Number | 6471 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6473 Note: The ECNE is considered a Control chunk. 6475 CWR: 6477 [RFC3168] (updated by [RFC8311]) details a specific bit for a sender 6478 to send in the header of its next outbound TCP segment to indicate to 6479 its peer that it has reduced its congestion window. This is termed 6480 the CWR bit. For SCTP, the same indication is made by including the 6481 CWR chunk. This chunk contains one data element, i.e., the TSN 6482 number that was sent in the ECNE chunk. This element represents the 6483 lowest TSN number in the datagram that was originally marked with the 6484 CE bit. 6486 0 1 2 3 6487 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 6488 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6489 | Chunk Type=13 | Flags=00000000| Chunk Length = 8 | 6490 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6491 | Lowest TSN Number | 6492 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6494 Note: The CWR is considered a Control chunk. 6496 Appendix B. CRC32c Checksum Calculation 6498 We define a 'reflected value' as one that is the opposite of the 6499 normal bit order of the machine. The 32-bit CRC (Cyclic Redundancy 6500 Check) is calculated as described for CRC32c and uses the polynomial 6501 code 0x11EDC6F41 (Castagnoli93) or 6502 x^32+x^28+x^27+x^26+x^25+x^23+x^22+x^20+x^19+x^18+ 6503 x^14+x^13+x^11+x^10+x^9+x^8+x^6+x^0. The CRC is computed using a 6504 procedure similar to ETHERNET CRC [ITU.V42.1994], modified to reflect 6505 transport-level usage. 6507 CRC computation uses polynomial division. A message bit-string M is 6508 transformed to a polynomial, M(X), and the CRC is calculated from 6509 M(X) using polynomial arithmetic. 6511 When CRCs are used at the link layer, the polynomial is derived from 6512 on-the-wire bit ordering: the first bit 'on the wire' is the high- 6513 order coefficient. Since SCTP is a transport-level protocol, it 6514 cannot know the actual serial-media bit ordering. Moreover, 6515 different links in the path between SCTP endpoints can use different 6516 link-level bit orders. 6518 A convention therefore is established for mapping SCTP transport 6519 messages to polynomials for purposes of CRC computation. The bit- 6520 ordering for mapping SCTP messages to polynomials is that bytes are 6521 taken most-significant first, but within each byte, bits are taken 6522 least-significant first. The first byte of the message provides the 6523 eight highest coefficients. Within each byte, the least-significant 6524 SCTP bit gives the most-significant polynomial coefficient within 6525 that byte, and the most-significant SCTP bit is the least-significant 6526 polynomial coefficient in that byte. (This bit ordering is sometimes 6527 called 'mirrored' or 'reflected' [WILLIAMS93].) CRC polynomials are 6528 to be transformed back into SCTP transport-level byte values, using a 6529 consistent mapping. 6531 The SCTP transport-level CRC value can be calculated as follows: 6533 o CRC input data are assigned to a byte stream, numbered from 0 to 6534 N-1. 6536 o The transport-level byte stream is mapped to a polynomial value. 6537 An N-byte PDU with j bytes numbered 0 to N-1 is considered as 6538 coefficients of a polynomial M(x) of order 8N-1, with bit 0 of 6539 byte j being coefficient x^(8(N-j)-8), and bit 7 of byte j being 6540 coefficient x^(8(N-j)-1). 6542 o The CRC remainder register is initialized with all 1s and the CRC 6543 is computed with an algorithm that simultaneously multiplies by 6544 x^32 and divides by the CRC polynomial. 6546 o The polynomial is multiplied by x^32 and divided by G(x), the 6547 generator polynomial, producing a remainder R(x) of degree less 6548 than or equal to 31. 6550 o The coefficients of R(x) are considered a 32-bit sequence. 6552 o The bit sequence is complemented. The result is the CRC 6553 polynomial. 6555 o The CRC polynomial is mapped back into SCTP transport-level bytes. 6556 The coefficient of x^31 gives the value of bit 7 of SCTP byte 0, 6557 and the coefficient of x^24 gives the value of bit 0 of byte 0. 6558 The coefficient of x^7 gives bit 7 of byte 3, and the coefficient 6559 of x^0 gives bit 0 of byte 3. The resulting 4-byte transport- 6560 level sequence is the 32-bit SCTP checksum value. 6562 IMPLEMENTATION NOTE: Standards documents, textbooks, and vendor 6563 literature on CRCs often follow an alternative formulation, in which 6564 the register used to hold the remainder of the long-division 6565 algorithm is initialized to zero rather than all-1s, and instead the 6566 first 32 bits of the message are complemented. The long-division 6567 algorithm used in our formulation is specified such that the initial 6568 multiplication by 2^32 and the long-division are combined into one 6569 simultaneous operation. For such algorithms, and for messages longer 6570 than 64 bits, the two specifications are precisely equivalent. That 6571 equivalence is the intent of this document. 6573 Implementors of SCTP are warned that both specifications are to be 6574 found in the literature, sometimes with no restriction on the long- 6575 division algorithm. The choice of formulation in this document is to 6576 permit non-SCTP usage, where the same CRC algorithm can be used to 6577 protect messages shorter than 64 bits. 6579 There can be a computational advantage in validating the association 6580 against the Verification Tag, prior to performing a checksum, as 6581 invalid tags will result in the same action as a bad checksum in most 6582 cases. The exceptions for this technique would be INIT and some 6583 SHUTDOWN-COMPLETE exchanges, as well as a stale COOKIE ECHO. These 6584 special-case exchanges represent small packets and will minimize the 6585 effect of the checksum calculation. 6587 The following non-normative sample code is taken from an open-source 6588 CRC generator [WILLIAMS93], using the "mirroring" technique and 6589 yielding a lookup table for SCTP CRC32c with 256 entries, each 32 6590 bits wide. While neither especially slow nor especially fast, as 6591 software table-lookup CRCs go, it has the advantage of working on 6592 both big-endian and little-endian CPUs, using the same (host-order) 6593 lookup tables, and using only the predefined ntohl() and htonl() 6594 operations. The code is somewhat modified from [WILLIAMS93], to 6595 ensure portability between big-endian and little-endian 6596 architectures. (Note that if the byte endian-ness of the target 6597 architecture is known to be little-endian, the final bit-reversal and 6598 byte-reversal steps can be folded into a single operation.) 6599 6600 /****************************************************************/ 6601 /* Note: The definitions for Ross Williams's table generator */ 6602 /* would be TB_WIDTH=4, TB_POLY=0x1EDC6F41, TB_REVER=TRUE. */ 6603 /* For Mr. Williams's direct calculation code, use the settings */ 6604 /* cm_width=32, cm_poly=0x1EDC6F41, cm_init=0xFFFFFFFF, */ 6605 /* cm_refin=TRUE, cm_refot=TRUE, cm_xorot=0x00000000. */ 6606 /****************************************************************/ 6608 /* Example of the crc table file */ 6609 #ifndef __crc32cr_h__ 6610 #define __crc32cr_h__ 6612 #define CRC32C_POLY 0x1EDC6F41UL 6613 #define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF]) 6615 uint32_t crc_c[256] = { 6616 0x00000000UL, 0xF26B8303UL, 0xE13B70F7UL, 0x1350F3F4UL, 6617 0xC79A971FUL, 0x35F1141CUL, 0x26A1E7E8UL, 0xD4CA64EBUL, 6618 0x8AD958CFUL, 0x78B2DBCCUL, 0x6BE22838UL, 0x9989AB3BUL, 6619 0x4D43CFD0UL, 0xBF284CD3UL, 0xAC78BF27UL, 0x5E133C24UL, 6620 0x105EC76FUL, 0xE235446CUL, 0xF165B798UL, 0x030E349BUL, 6621 0xD7C45070UL, 0x25AFD373UL, 0x36FF2087UL, 0xC494A384UL, 6622 0x9A879FA0UL, 0x68EC1CA3UL, 0x7BBCEF57UL, 0x89D76C54UL, 6623 0x5D1D08BFUL, 0xAF768BBCUL, 0xBC267848UL, 0x4E4DFB4BUL, 6624 0x20BD8EDEUL, 0xD2D60DDDUL, 0xC186FE29UL, 0x33ED7D2AUL, 6625 0xE72719C1UL, 0x154C9AC2UL, 0x061C6936UL, 0xF477EA35UL, 6626 0xAA64D611UL, 0x580F5512UL, 0x4B5FA6E6UL, 0xB93425E5UL, 6627 0x6DFE410EUL, 0x9F95C20DUL, 0x8CC531F9UL, 0x7EAEB2FAUL, 6628 0x30E349B1UL, 0xC288CAB2UL, 0xD1D83946UL, 0x23B3BA45UL, 6629 0xF779DEAEUL, 0x05125DADUL, 0x1642AE59UL, 0xE4292D5AUL, 6630 0xBA3A117EUL, 0x4851927DUL, 0x5B016189UL, 0xA96AE28AUL, 6631 0x7DA08661UL, 0x8FCB0562UL, 0x9C9BF696UL, 0x6EF07595UL, 6632 0x417B1DBCUL, 0xB3109EBFUL, 0xA0406D4BUL, 0x522BEE48UL, 6633 0x86E18AA3UL, 0x748A09A0UL, 0x67DAFA54UL, 0x95B17957UL, 6634 0xCBA24573UL, 0x39C9C670UL, 0x2A993584UL, 0xD8F2B687UL, 6635 0x0C38D26CUL, 0xFE53516FUL, 0xED03A29BUL, 0x1F682198UL, 6636 0x5125DAD3UL, 0xA34E59D0UL, 0xB01EAA24UL, 0x42752927UL, 6637 0x96BF4DCCUL, 0x64D4CECFUL, 0x77843D3BUL, 0x85EFBE38UL, 6638 0xDBFC821CUL, 0x2997011FUL, 0x3AC7F2EBUL, 0xC8AC71E8UL, 6639 0x1C661503UL, 0xEE0D9600UL, 0xFD5D65F4UL, 0x0F36E6F7UL, 6640 0x61C69362UL, 0x93AD1061UL, 0x80FDE395UL, 0x72966096UL, 6641 0xA65C047DUL, 0x5437877EUL, 0x4767748AUL, 0xB50CF789UL, 6642 0xEB1FCBADUL, 0x197448AEUL, 0x0A24BB5AUL, 0xF84F3859UL, 6643 0x2C855CB2UL, 0xDEEEDFB1UL, 0xCDBE2C45UL, 0x3FD5AF46UL, 6644 0x7198540DUL, 0x83F3D70EUL, 0x90A324FAUL, 0x62C8A7F9UL, 6645 0xB602C312UL, 0x44694011UL, 0x5739B3E5UL, 0xA55230E6UL, 6646 0xFB410CC2UL, 0x092A8FC1UL, 0x1A7A7C35UL, 0xE811FF36UL, 6647 0x3CDB9BDDUL, 0xCEB018DEUL, 0xDDE0EB2AUL, 0x2F8B6829UL, 6648 0x82F63B78UL, 0x709DB87BUL, 0x63CD4B8FUL, 0x91A6C88CUL, 6649 0x456CAC67UL, 0xB7072F64UL, 0xA457DC90UL, 0x563C5F93UL, 6650 0x082F63B7UL, 0xFA44E0B4UL, 0xE9141340UL, 0x1B7F9043UL, 6651 0xCFB5F4A8UL, 0x3DDE77ABUL, 0x2E8E845FUL, 0xDCE5075CUL, 6652 0x92A8FC17UL, 0x60C37F14UL, 0x73938CE0UL, 0x81F80FE3UL, 6653 0x55326B08UL, 0xA759E80BUL, 0xB4091BFFUL, 0x466298FCUL, 6654 0x1871A4D8UL, 0xEA1A27DBUL, 0xF94AD42FUL, 0x0B21572CUL, 6655 0xDFEB33C7UL, 0x2D80B0C4UL, 0x3ED04330UL, 0xCCBBC033UL, 6656 0xA24BB5A6UL, 0x502036A5UL, 0x4370C551UL, 0xB11B4652UL, 6657 0x65D122B9UL, 0x97BAA1BAUL, 0x84EA524EUL, 0x7681D14DUL, 6658 0x2892ED69UL, 0xDAF96E6AUL, 0xC9A99D9EUL, 0x3BC21E9DUL, 6659 0xEF087A76UL, 0x1D63F975UL, 0x0E330A81UL, 0xFC588982UL, 6660 0xB21572C9UL, 0x407EF1CAUL, 0x532E023EUL, 0xA145813DUL, 6661 0x758FE5D6UL, 0x87E466D5UL, 0x94B49521UL, 0x66DF1622UL, 6662 0x38CC2A06UL, 0xCAA7A905UL, 0xD9F75AF1UL, 0x2B9CD9F2UL, 6663 0xFF56BD19UL, 0x0D3D3E1AUL, 0x1E6DCDEEUL, 0xEC064EEDUL, 6664 0xC38D26C4UL, 0x31E6A5C7UL, 0x22B65633UL, 0xD0DDD530UL, 6665 0x0417B1DBUL, 0xF67C32D8UL, 0xE52CC12CUL, 0x1747422FUL, 6666 0x49547E0BUL, 0xBB3FFD08UL, 0xA86F0EFCUL, 0x5A048DFFUL, 6667 0x8ECEE914UL, 0x7CA56A17UL, 0x6FF599E3UL, 0x9D9E1AE0UL, 6668 0xD3D3E1ABUL, 0x21B862A8UL, 0x32E8915CUL, 0xC083125FUL, 6669 0x144976B4UL, 0xE622F5B7UL, 0xF5720643UL, 0x07198540UL, 6670 0x590AB964UL, 0xAB613A67UL, 0xB831C993UL, 0x4A5A4A90UL, 6671 0x9E902E7BUL, 0x6CFBAD78UL, 0x7FAB5E8CUL, 0x8DC0DD8FUL, 6672 0xE330A81AUL, 0x115B2B19UL, 0x020BD8EDUL, 0xF0605BEEUL, 6673 0x24AA3F05UL, 0xD6C1BC06UL, 0xC5914FF2UL, 0x37FACCF1UL, 6674 0x69E9F0D5UL, 0x9B8273D6UL, 0x88D28022UL, 0x7AB90321UL, 6675 0xAE7367CAUL, 0x5C18E4C9UL, 0x4F48173DUL, 0xBD23943EUL, 6676 0xF36E6F75UL, 0x0105EC76UL, 0x12551F82UL, 0xE03E9C81UL, 6677 0x34F4F86AUL, 0xC69F7B69UL, 0xD5CF889DUL, 0x27A40B9EUL, 6678 0x79B737BAUL, 0x8BDCB4B9UL, 0x988C474DUL, 0x6AE7C44EUL, 6679 0xBE2DA0A5UL, 0x4C4623A6UL, 0x5F16D052UL, 0xAD7D5351UL, 6680 }; 6682 #endif 6684 /* Example of table build routine */ 6686 #include 6687 #include 6689 #define OUTPUT_FILE "crc32cr.h" 6690 #define CRC32C_POLY 0x1EDC6F41UL 6692 static FILE *tf; 6693 static uint32_t 6694 reflect_32(uint32_t b) 6695 { 6696 int i; 6697 uint32_t rw = 0UL; 6699 for (i = 0; i < 32; i++) { 6700 if (b & 1) 6701 rw |= 1 << (31 - i); 6702 b >>= 1; 6703 } 6704 return (rw); 6705 } 6707 static uint32_t 6708 build_crc_table (int index) 6709 { 6710 int i; 6711 uint32_t rb; 6713 rb = reflect_32(index); 6715 for (i = 0; i < 8; i++) { 6716 if (rb & 0x80000000UL) 6717 rb = (rb << 1) ^ (uint32_t)CRC32C_POLY; 6718 else 6719 rb <<= 1; 6720 } 6721 return (reflect_32(rb)); 6722 } 6724 int 6725 main (void) 6726 { 6727 int i; 6729 printf("\nGenerating CRC32c table file <%s>.\n", 6730 OUTPUT_FILE); 6731 if ((tf = fopen(OUTPUT_FILE, "w")) == NULL) { 6732 printf("Unable to open %s.\n", OUTPUT_FILE); 6733 exit (1); 6734 } 6735 fprintf(tf, "#ifndef __crc32cr_h__\n"); 6736 fprintf(tf, "#define __crc32cr_h__\n\n"); 6737 fprintf(tf, "#define CRC32C_POLY 0x%08XUL\n", 6738 (uint32_t)CRC32C_POLY); 6739 fprintf(tf, 6740 "#define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF])\n"); 6742 fprintf(tf, "\nuint32_t crc_c[256] =\n{\n"); 6743 for (i = 0; i < 256; i++) { 6744 fprintf(tf, "0x%08XUL,", build_crc_table (i)); 6745 if ((i & 3) == 3) 6746 fprintf(tf, "\n"); 6747 else 6748 fprintf(tf, " "); 6749 } 6750 fprintf(tf, "};\n\n#endif\n"); 6752 if (fclose(tf) != 0) 6753 printf("Unable to close <%s>.\n", OUTPUT_FILE); 6754 else 6755 printf("\nThe CRC32c table has been written to <%s>.\n", 6756 OUTPUT_FILE); 6757 return (0); 6758 } 6760 /* Example of crc insertion */ 6762 #include "crc32cr.h" 6764 uint32_t 6765 generate_crc32c(unsigned char *buffer, unsigned int length) 6766 { 6767 unsigned int i; 6768 uint32_t crc32 = 0xffffffffUL; 6769 uint32_t result; 6770 uint8_t byte0, byte1, byte2, byte3; 6772 for (i = 0; i < length; i++) { 6773 CRC32C(crc32, buffer[i]); 6774 } 6776 result = ~crc32; 6778 /* result now holds the negated polynomial remainder, 6779 * since the table and algorithm are "reflected" [williams95]. 6780 * That is, result has the same value as if we mapped the message 6781 * to a polynomial, computed the host-bit-order polynomial 6782 * remainder, performed final negation, and then did an 6783 * end-for-end bit-reversal. 6784 * Note that a 32-bit bit-reversal is identical to four in-place 6785 * 8-bit bit-reversals followed by an end-for-end byteswap. 6786 * In other words, the bits of each byte are in the right order, 6787 * but the bytes have been byteswapped. So, we now do an explicit 6788 * byteswap. On a little-endian machine, this byteswap and 6789 * the final ntohl cancel out and could be elided. 6791 */ 6793 byte0 = result & 0xff; 6794 byte1 = (result>>8) & 0xff; 6795 byte2 = (result>>16) & 0xff; 6796 byte3 = (result>>24) & 0xff; 6797 crc32 = ((byte0 << 24) | 6798 (byte1 << 16) | 6799 (byte2 << 8) | 6800 byte3); 6801 return (crc32); 6802 } 6804 int 6805 insert_crc32(unsigned char *buffer, unsigned int length) 6806 { 6807 SCTP_message *message; 6808 uint32_t crc32; 6809 message = (SCTP_message *) buffer; 6810 message->common_header.checksum = 0UL; 6811 crc32 = generate_crc32c(buffer,length); 6812 /* and insert it into the message */ 6813 message->common_header.checksum = htonl(crc32); 6814 return (1); 6815 } 6817 int 6818 validate_crc32(unsigned char *buffer, unsigned int length) 6819 { 6820 SCTP_message *message; 6821 unsigned int i; 6822 uint32_t original_crc32; 6823 uint32_t crc32; 6825 /* save and zero checksum */ 6826 message = (SCTP_message *)buffer; 6827 original_crc32 = ntohl(message->common_header.checksum); 6828 message->common_header.checksum = 0L; 6829 crc32 = generate_crc32c(buffer, length); 6830 return ((original_crc32 == crc32) ? 1 : -1); 6831 } 6832 6834 Authors' Addresses 6836 Randall R. Stewart 6837 Netflix, Inc. 6838 2455 Heritage Green Ave 6839 Davenport, FL 33837 6840 United States 6842 Email: randall@lakerest.net 6844 Michael Tuexen 6845 Muenster University of Applied Sciences 6846 Stegerwaldstrasse 39 6847 Steinfurt 48565 6848 Germany 6850 Email: tuexen@fh-muenster.de 6852 Karen E. E. Nielsen 6853 Kamstrup A/S 6854 Industrivej 28 6855 Skanderborg DK-8660 6856 Denmark 6858 Email: kee@kamstrup.com