idnits 2.17.1 draft-ietf-tsvwg-rfc4960-bis-17.txt: -(4): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding -(5): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding -(6768): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding -(6868): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 10 instances of lines with non-ascii characters in the document. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document obsoletes RFC6096, but the abstract doesn't seem to directly say this. It does mention RFC6096 though, so this could be OK. -- The draft header indicates that this document obsoletes RFC7053, but the abstract doesn't seem to directly say this. It does mention RFC7053 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (8 November 2021) is 900 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'ASSOCIATE' is mentioned on line 2564, but not defined == Missing Reference: 'SHUTDOWN' is mentioned on line 2594, but not defined == Missing Reference: 'ABORT' is mentioned on line 2557, but not defined -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.V42.1994' -- Obsolete informational reference (is this intentional?): RFC 793 (Obsoleted by RFC 9293) -- Obsolete informational reference (is this intentional?): RFC 2960 (Obsoleted by RFC 4960) -- Obsolete informational reference (is this intentional?): RFC 4460 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 4960 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 6096 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 7053 (Obsoleted by RFC 9260) -- Obsolete informational reference (is this intentional?): RFC 8540 (Obsoleted by RFC 9260) Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 11 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group R. R. Stewart 3 Internet-Draft Netflix, Inc. 4 Obsoletes: 4960, 6096, 7053 (if approved) M. Tüxen 5 Intended status: Standards Track Münster Univ. of Appl. Sciences 6 Expires: 12 May 2022 K. E. E. Nielsen 7 Kamstrup A/S 8 8 November 2021 10 Stream Control Transmission Protocol 11 draft-ietf-tsvwg-rfc4960-bis-17 13 Abstract 15 This document obsoletes RFC 4960, if approved. It describes the 16 Stream Control Transmission Protocol (SCTP) and incorporates the 17 specification of the chunk flags registry from RFC 6096 and the 18 specification of the I bit of DATA chunks from RFC 7053. Therefore, 19 RFC 6096 and RFC 7053 are also obsoleted by this document, if 20 approved. 22 SCTP was originally designed to transport Public Switched Telephone 23 Network (PSTN) signaling messages over IP networks. It is also 24 suited to be used for other applications, for example WebRTC. 26 SCTP is a reliable transport protocol operating on top of a 27 connectionless packet network such as IP. It offers the following 28 services to its users: 30 * acknowledged error-free non-duplicated transfer of user data, 32 * data fragmentation to conform to discovered path maximum 33 transmission unit (PMTU) size, 35 * sequenced delivery of user messages within multiple streams, with 36 an option for order-of-arrival delivery of individual user 37 messages, 39 * optional bundling of multiple user messages into a single SCTP 40 packet, and 42 * network-level fault tolerance through supporting of multi-homing 43 at either or both ends of an association. 45 The design of SCTP includes appropriate congestion avoidance behavior 46 and resistance to flooding and masquerade attacks. 48 Status of This Memo 50 This Internet-Draft is submitted in full conformance with the 51 provisions of BCP 78 and BCP 79. 53 Internet-Drafts are working documents of the Internet Engineering 54 Task Force (IETF). Note that other groups may also distribute 55 working documents as Internet-Drafts. The list of current Internet- 56 Drafts is at https://datatracker.ietf.org/drafts/current/. 58 Internet-Drafts are draft documents valid for a maximum of six months 59 and may be updated, replaced, or obsoleted by other documents at any 60 time. It is inappropriate to use Internet-Drafts as reference 61 material or to cite them other than as "work in progress." 63 This Internet-Draft will expire on 12 May 2022. 65 Copyright Notice 67 Copyright (c) 2021 IETF Trust and the persons identified as the 68 document authors. All rights reserved. 70 This document is subject to BCP 78 and the IETF Trust's Legal 71 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 72 license-info) in effect on the date of publication of this document. 73 Please review these documents carefully, as they describe your rights 74 and restrictions with respect to this document. Code Components 75 extracted from this document must include Simplified BSD License text 76 as described in Section 4.e of the Trust Legal Provisions and are 77 provided without warranty as described in the Simplified BSD License. 79 This document may contain material from IETF Documents or IETF 80 Contributions published or made publicly available before November 81 10, 2008. The person(s) controlling the copyright in some of this 82 material may not have granted the IETF Trust the right to allow 83 modifications of such material outside the IETF Standards Process. 84 Without obtaining an adequate license from the person(s) controlling 85 the copyright in such materials, this document may not be modified 86 outside the IETF Standards Process, and derivative works of it may 87 not be created outside the IETF Standards Process, except to format 88 it for publication as an RFC or to translate it into languages other 89 than English. 91 Table of Contents 93 1. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 6 94 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 6 95 2.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . 7 96 2.2. Architectural View of SCTP . . . . . . . . . . . . . . . 7 97 2.3. Key Terms . . . . . . . . . . . . . . . . . . . . . . . . 8 98 2.4. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 12 99 2.5. Functional View of SCTP . . . . . . . . . . . . . . . . . 12 100 2.5.1. Association Startup and Takedown . . . . . . . . . . 13 101 2.5.2. Sequenced Delivery within Streams . . . . . . . . . . 14 102 2.5.3. User Data Fragmentation . . . . . . . . . . . . . . . 14 103 2.5.4. Acknowledgement and Congestion Avoidance . . . . . . 15 104 2.5.5. Chunk Bundling . . . . . . . . . . . . . . . . . . . 15 105 2.5.6. Packet Validation . . . . . . . . . . . . . . . . . . 15 106 2.5.7. Path Management . . . . . . . . . . . . . . . . . . . 16 107 2.6. Serial Number Arithmetic . . . . . . . . . . . . . . . . 16 108 2.7. Changes from RFC 4960 . . . . . . . . . . . . . . . . . . 17 109 3. SCTP Packet Format . . . . . . . . . . . . . . . . . . . . . 18 110 3.1. SCTP Common Header Field Descriptions . . . . . . . . . . 18 111 3.2. Chunk Field Descriptions . . . . . . . . . . . . . . . . 20 112 3.2.1. Optional/Variable-Length Parameter Format . . . . . . 23 113 3.2.2. Reporting of Unrecognized Parameters . . . . . . . . 24 114 3.3. SCTP Chunk Definitions . . . . . . . . . . . . . . . . . 25 115 3.3.1. Payload Data (DATA) (0) . . . . . . . . . . . . . . . 25 116 3.3.2. Initiation (INIT) (1) . . . . . . . . . . . . . . . . 28 117 3.3.2.1. Optional or Variable-Length Parameters in INIT 118 chunks . . . . . . . . . . . . . . . . . . . . . . 31 119 3.3.3. Initiation Acknowledgement (INIT ACK) (2) . . . . . . 34 120 3.3.3.1. Optional or Variable-Length Parameters in INIT ACK 121 chunks . . . . . . . . . . . . . . . . . . . . . . 38 122 3.3.4. Selective Acknowledgement (SACK) (3) . . . . . . . . 39 123 3.3.5. Heartbeat Request (HEARTBEAT) (4) . . . . . . . . . . 42 124 3.3.6. Heartbeat Acknowledgement (HEARTBEAT ACK) (5) . . . . 43 125 3.3.7. Abort Association (ABORT) (6) . . . . . . . . . . . . 44 126 3.3.8. Shutdown Association (SHUTDOWN) (7) . . . . . . . . . 45 127 3.3.9. Shutdown Acknowledgement (SHUTDOWN ACK) (8) . . . . . 46 128 3.3.10. Operation Error (ERROR) (9) . . . . . . . . . . . . . 46 129 3.3.10.1. Invalid Stream Identifier (1) . . . . . . . . . 48 130 3.3.10.2. Missing Mandatory Parameter (2) . . . . . . . . 49 131 3.3.10.3. Stale Cookie Error (3) . . . . . . . . . . . . . 49 132 3.3.10.4. Out of Resource (4) . . . . . . . . . . . . . . 50 133 3.3.10.5. Unresolvable Address (5) . . . . . . . . . . . . 50 134 3.3.10.6. Unrecognized Chunk Type (6) . . . . . . . . . . 51 135 3.3.10.7. Invalid Mandatory Parameter (7) . . . . . . . . 51 136 3.3.10.8. Unrecognized Parameters (8) . . . . . . . . . . 51 137 3.3.10.9. No User Data (9) . . . . . . . . . . . . . . . . 52 138 3.3.10.10. Cookie Received While Shutting Down (10) . . . . 52 139 3.3.10.11. Restart of an Association with New Addresses 140 (11) . . . . . . . . . . . . . . . . . . . . . . . 53 141 3.3.10.12. User-Initiated Abort (12) . . . . . . . . . . . 53 142 3.3.10.13. Protocol Violation (13) . . . . . . . . . . . . 53 144 3.3.11. Cookie Echo (COOKIE ECHO) (10) . . . . . . . . . . . 54 145 3.3.12. Cookie Acknowledgement (COOKIE ACK) (11) . . . . . . 55 146 3.3.13. Shutdown Complete (SHUTDOWN COMPLETE) (14) . . . . . 55 147 4. SCTP Association State Diagram . . . . . . . . . . . . . . . 56 148 5. Association Initialization . . . . . . . . . . . . . . . . . 59 149 5.1. Normal Establishment of an Association . . . . . . . . . 59 150 5.1.1. Handle Stream Parameters . . . . . . . . . . . . . . 61 151 5.1.2. Handle Address Parameters . . . . . . . . . . . . . . 62 152 5.1.3. Generating State Cookie . . . . . . . . . . . . . . . 63 153 5.1.4. State Cookie Processing . . . . . . . . . . . . . . . 64 154 5.1.5. State Cookie Authentication . . . . . . . . . . . . . 64 155 5.1.6. An Example of Normal Association Establishment . . . 65 156 5.2. Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE ECHO, 157 and COOKIE ACK Chunks . . . . . . . . . . . . . . . . . . 67 158 5.2.1. INIT Chunk Received in COOKIE-WAIT or COOKIE-ECHOED 159 State (Item B) . . . . . . . . . . . . . . . . . . . 67 160 5.2.2. Unexpected INIT Chunk in States Other than CLOSED, 161 COOKIE-ECHOED, COOKIE-WAIT, and SHUTDOWN-ACK-SENT . . 68 162 5.2.3. Unexpected INIT ACK Chunk . . . . . . . . . . . . . . 69 163 5.2.4. Handle a COOKIE ECHO Chunk when a TCB Exists . . . . 69 164 5.2.4.1. An Example of a Association Restart . . . . . . . 72 165 5.2.5. Handle Duplicate COOKIE ACK Chunk . . . . . . . . . . 73 166 5.2.6. Handle Stale Cookie Error . . . . . . . . . . . . . . 73 167 5.3. Other Initialization Issues . . . . . . . . . . . . . . . 73 168 5.3.1. Selection of Tag Value . . . . . . . . . . . . . . . 74 169 5.4. Path Verification . . . . . . . . . . . . . . . . . . . . 74 170 6. User Data Transfer . . . . . . . . . . . . . . . . . . . . . 75 171 6.1. Transmission of DATA Chunks . . . . . . . . . . . . . . . 77 172 6.2. Acknowledgement on Reception of DATA Chunks . . . . . . . 80 173 6.2.1. Processing a Received SACK Chunk . . . . . . . . . . 83 174 6.3. Management of Retransmission Timer . . . . . . . . . . . 85 175 6.3.1. RTO Calculation . . . . . . . . . . . . . . . . . . . 85 176 6.3.2. Retransmission Timer Rules . . . . . . . . . . . . . 87 177 6.3.3. Handle T3-rtx Expiration . . . . . . . . . . . . . . 88 178 6.4. Multi-Homed SCTP Endpoints . . . . . . . . . . . . . . . 89 179 6.4.1. Failover from an Inactive Destination Address . . . . 90 180 6.5. Stream Identifier and Stream Sequence Number . . . . . . 91 181 6.6. Ordered and Unordered Delivery . . . . . . . . . . . . . 91 182 6.7. Report Gaps in Received DATA TSNs . . . . . . . . . . . . 92 183 6.8. CRC32c Checksum Calculation . . . . . . . . . . . . . . . 93 184 6.9. Fragmentation and Reassembly . . . . . . . . . . . . . . 94 185 6.10. Bundling . . . . . . . . . . . . . . . . . . . . . . . . 95 186 7. Congestion Control . . . . . . . . . . . . . . . . . . . . . 96 187 7.1. SCTP Differences from TCP Congestion Control . . . . . . 97 188 7.2. SCTP Slow-Start and Congestion Avoidance . . . . . . . . 98 189 7.2.1. Slow-Start . . . . . . . . . . . . . . . . . . . . . 99 190 7.2.2. Congestion Avoidance . . . . . . . . . . . . . . . . 100 191 7.2.3. Congestion Control . . . . . . . . . . . . . . . . . 101 192 7.2.4. Fast Retransmit on Gap Reports . . . . . . . . . . . 101 193 7.2.5. Reinitialization . . . . . . . . . . . . . . . . . . 103 194 7.2.5.1. Change of Differentiated Services Code Points . . 103 195 7.2.5.2. Change of Routes . . . . . . . . . . . . . . . . 103 196 7.3. PMTU Discovery . . . . . . . . . . . . . . . . . . . . . 103 197 8. Fault Management . . . . . . . . . . . . . . . . . . . . . . 104 198 8.1. Endpoint Failure Detection . . . . . . . . . . . . . . . 104 199 8.2. Path Failure Detection . . . . . . . . . . . . . . . . . 104 200 8.3. Path Heartbeat . . . . . . . . . . . . . . . . . . . . . 105 201 8.4. Handle "Out of the Blue" Packets . . . . . . . . . . . . 108 202 8.5. Verification Tag . . . . . . . . . . . . . . . . . . . . 109 203 8.5.1. Exceptions in Verification Tag Rules . . . . . . . . 109 204 9. Termination of Association . . . . . . . . . . . . . . . . . 110 205 9.1. Abort of an Association . . . . . . . . . . . . . . . . . 111 206 9.2. Shutdown of an Association . . . . . . . . . . . . . . . 111 207 10. ICMP Handling . . . . . . . . . . . . . . . . . . . . . . . . 114 208 11. Interface with Upper Layer . . . . . . . . . . . . . . . . . 115 209 11.1. ULP-to-SCTP . . . . . . . . . . . . . . . . . . . . . . 116 210 11.1.1. Initialize . . . . . . . . . . . . . . . . . . . . . 116 211 11.1.2. Associate . . . . . . . . . . . . . . . . . . . . . 117 212 11.1.3. Shutdown . . . . . . . . . . . . . . . . . . . . . . 118 213 11.1.4. Abort . . . . . . . . . . . . . . . . . . . . . . . 118 214 11.1.5. Send . . . . . . . . . . . . . . . . . . . . . . . . 118 215 11.1.6. Set Primary . . . . . . . . . . . . . . . . . . . . 120 216 11.1.7. Receive . . . . . . . . . . . . . . . . . . . . . . 120 217 11.1.8. Status . . . . . . . . . . . . . . . . . . . . . . . 121 218 11.1.9. Change Heartbeat . . . . . . . . . . . . . . . . . . 122 219 11.1.10. Request Heartbeat . . . . . . . . . . . . . . . . . 123 220 11.1.11. Get SRTT Report . . . . . . . . . . . . . . . . . . 123 221 11.1.12. Set Failure Threshold . . . . . . . . . . . . . . . 123 222 11.1.13. Set Protocol Parameters . . . . . . . . . . . . . . 124 223 11.1.14. Receive Unsent Message . . . . . . . . . . . . . . . 124 224 11.1.15. Receive Unacknowledged Message . . . . . . . . . . . 125 225 11.1.16. Destroy SCTP Instance . . . . . . . . . . . . . . . 126 226 11.2. SCTP-to-ULP . . . . . . . . . . . . . . . . . . . . . . 126 227 11.2.1. DATA ARRIVE Notification . . . . . . . . . . . . . . 126 228 11.2.2. SEND FAILURE Notification . . . . . . . . . . . . . 127 229 11.2.3. NETWORK STATUS CHANGE Notification . . . . . . . . . 127 230 11.2.4. COMMUNICATION UP Notification . . . . . . . . . . . 127 231 11.2.5. COMMUNICATION LOST Notification . . . . . . . . . . 128 232 11.2.6. COMMUNICATION ERROR Notification . . . . . . . . . . 129 233 11.2.7. RESTART Notification . . . . . . . . . . . . . . . . 129 234 11.2.8. SHUTDOWN COMPLETE Notification . . . . . . . . . . . 129 235 12. Security Considerations . . . . . . . . . . . . . . . . . . . 129 236 12.1. Security Objectives . . . . . . . . . . . . . . . . . . 129 237 12.2. SCTP Responses to Potential Threats . . . . . . . . . . 130 238 12.2.1. Countering Insider Attacks . . . . . . . . . . . . . 130 239 12.2.2. Protecting against Data Corruption in the Network . 130 240 12.2.3. Protecting Confidentiality . . . . . . . . . . . . . 130 241 12.2.4. Protecting against Blind Denial-of-Service 242 Attacks . . . . . . . . . . . . . . . . . . . . . . . 131 243 12.2.4.1. Flooding . . . . . . . . . . . . . . . . . . . . 131 244 12.2.4.2. Blind Masquerade . . . . . . . . . . . . . . . . 132 245 12.2.4.3. Improper Monopolization of Services . . . . . . 133 246 12.3. SCTP Interactions with Firewalls . . . . . . . . . . . . 133 247 12.4. Protection of Non-SCTP-Capable Hosts . . . . . . . . . . 134 248 13. Network Management Considerations . . . . . . . . . . . . . . 134 249 14. Recommended Transmission Control Block (TCB) Parameters . . . 134 250 14.1. Parameters Necessary for the SCTP Instance . . . . . . . 135 251 14.2. Parameters Necessary per Association (i.e., the TCB) . . 135 252 14.3. Per Transport Address Data . . . . . . . . . . . . . . . 137 253 14.4. General Parameters Needed . . . . . . . . . . . . . . . 137 254 15. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 138 255 15.1. IETF-Defined Chunk Extension . . . . . . . . . . . . . . 142 256 15.2. IETF Chunk Flags Registration . . . . . . . . . . . . . 142 257 15.3. IETF-Defined Chunk Parameter Extension . . . . . . . . . 143 258 15.4. IETF-Defined Additional Error Causes . . . . . . . . . . 143 259 15.5. Payload Protocol Identifiers . . . . . . . . . . . . . . 144 260 15.6. Port Numbers Registry . . . . . . . . . . . . . . . . . 144 261 16. Suggested SCTP Protocol Parameter Values . . . . . . . . . . 144 262 17. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 145 263 18. Normative References . . . . . . . . . . . . . . . . . . . . 146 264 19. Informative References . . . . . . . . . . . . . . . . . . . 148 265 Appendix A. CRC32c Checksum Calculation . . . . . . . . . . . . 151 266 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 158 268 1. Conventions 270 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 271 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 272 "OPTIONAL" in this document are to be interpreted as described in BCP 273 14 [RFC2119] [RFC8174] when, and only when, they appear in all 274 capitals, as shown here. 276 2. Introduction 278 This section explains the reasoning behind the development of the 279 Stream Control Transmission Protocol (SCTP), the services it offers, 280 and the basic concepts needed to understand the detailed description 281 of the protocol. 283 This document obsoletes [RFC4960], if approved. In addition to that, 284 it incorporates the specification of the chunk flags registry from 285 [RFC6096] and the specification of the I bit of DATA chunks from 286 [RFC7053]. Therefore, [RFC6096] and [RFC7053] are also obsoleted by 287 this document, if approved. 289 2.1. Motivation 291 TCP [RFC0793] has performed immense service as the primary means of 292 reliable data transfer in IP networks. However, an increasing number 293 of recent applications have found TCP too limiting, and have 294 incorporated their own reliable data transfer protocol on top of UDP 295 [RFC0768]. The limitations that users have wished to bypass include 296 the following: 298 * TCP provides both reliable data transfer and strict order-of- 299 transmission delivery of data. Some applications need reliable 300 transfer without sequence maintenance, while others would be 301 satisfied with partial ordering of the data. In both of these 302 cases, the head-of-line blocking offered by TCP causes unnecessary 303 delay. 305 * The stream-oriented nature of TCP is often an inconvenience. 306 Applications add their own record marking to delineate their 307 messages, and make explicit use of the push facility to ensure 308 that a complete message is transferred in a reasonable time. 310 * The limited scope of TCP sockets complicates the task of providing 311 highly-available data transfer capability using multi-homed hosts. 313 * TCP is relatively vulnerable to denial-of-service attacks, such as 314 SYN attacks. 316 Transport of PSTN signaling across the IP network is an application 317 for which all of these limitations of TCP are relevant. While this 318 application directly motivated the development of SCTP, other 319 applications might find SCTP a good match to their requirements. One 320 example for this are datachannels in the WebRTC infrastructure. 322 2.2. Architectural View of SCTP 324 SCTP is viewed as a layer between the SCTP user application ("SCTP 325 user" for short) and a connectionless packet network service such as 326 IP. The remainder of this document assumes SCTP runs on top of IP. 327 The basic service offered by SCTP is the reliable transfer of user 328 messages between peer SCTP users. It performs this service within 329 the context of an association between two SCTP endpoints. Section 11 330 of this document sketches the API that exists at the boundary between 331 the SCTP and the SCTP upper layers. 333 SCTP is connection-oriented in nature, but the SCTP association is a 334 broader concept than the TCP connection. SCTP provides the means for 335 each SCTP endpoint (Section 2.3) to provide the other endpoint 336 (during association startup) with a list of transport addresses 337 (i.e., multiple IP addresses in combination with an SCTP port) 338 through which that endpoint can be reached and from which it will 339 originate SCTP packets. The association spans transfers over all of 340 the possible source/destination combinations that can be generated 341 from each endpoint's lists. 343 _____________ _____________ 344 | SCTP User | | SCTP User | 345 | Application | | Application | 346 |-------------| |-------------| 347 | SCTP | | SCTP | 348 | Transport | | Transport | 349 | Service | | Service | 350 |-------------| |-------------| 351 | |One or more ---- One or more| | 352 | IP Network |IP address \/ IP address| IP Network | 353 | Service |appearances /\ appearances| Service | 354 |_____________| ---- |_____________| 356 SCTP Node A |<-------- Network transport ------->| SCTP Node B 358 Figure 1: An SCTP Association 360 In addition to encapsulating SCTP packets in IPv4 or IPv6, it is also 361 possible to encapsulate SCTP packets in UDP as specified in [RFC6951] 362 or encapsulate them in DTLS as specified in [RFC8261]. 364 2.3. Key Terms 366 Some of the language used to describe SCTP has been introduced in the 367 previous sections. This section provides a consolidated list of the 368 key terms and their definitions. 370 Active destination transport address: A transport address on a peer 371 endpoint that a transmitting endpoint considers available for 372 receiving user messages. 374 Association Maximum DATA Chunk Size (AMDCS): The smallest Path 375 Maximum DATA Chunk Size (PMDCS) of all destination addresses. 377 Bundling: An optional multiplexing operation, whereby more than one 378 user message can be carried in the same SCTP packet. Each user 379 message occupies its own DATA chunk. 381 Chunk: A unit of information within an SCTP packet, consisting of a 382 chunk header and chunk-specific content. 384 Congestion window (cwnd): An SCTP variable that limits outstanding 385 data, in number of bytes, that a sender can send to a particular 386 destination transport address before receiving an acknowledgement. 388 Control chunk: A chunk not being used for transmitting user data, 389 i.e. every chunk which is not a DATA chunk. 391 Cumulative TSN Ack Point: The Transmission Sequence Number (TSN) of 392 the last DATA chunk acknowledged via the Cumulative TSN Ack field 393 of a SACK chunk. 395 Flightsize: The amount of bytes of outstanding data to a particular 396 destination transport address at any given time. 398 Idle destination address: An address that has not had user messages 399 sent to it within some length of time, normally the 'HB.interval' 400 or greater. 402 Inactive destination transport address: An address that is 403 considered inactive due to errors and unavailable to transport 404 user messages. 406 Message (or user message): Data submitted to SCTP by the Upper Layer 407 Protocol (ULP). 409 Network Byte Order: Most significant byte first, a.k.a., big endian. 411 Ordered Message: A user message that is delivered in order with 412 respect to all previous user messages sent within the stream on 413 which the message was sent. 415 Outstanding data (or "data outstanding" or "data in flight"): The 416 total amount of the DATA chunks associated with outstanding TSNs. 417 A retransmitted DATA chunk is counted once in outstanding data. A 418 DATA chunk that is classified as lost but that has not yet been 419 retransmitted is not in outstanding data. 421 Outstanding TSN (at an SCTP endpoint): A TSN (and the associated 422 DATA chunk) that has been sent by the endpoint but for which it 423 has not yet received an acknowledgement. 425 Path: The route taken by the SCTP packets sent by one SCTP endpoint 426 to a specific destination transport address of its peer SCTP 427 endpoint. Sending to different destination transport addresses 428 does not necessarily guarantee getting separate paths. Within 429 this specification, a path is identified by the destination 430 transport address, since the routing is assumed to be stable. 431 This includes in particular the source address being selected when 432 sending packets to the destination address. 434 Path Maximum DATA Chunk Size (PMDCS): The maximum size (including 435 the DATA chunk header) of a DATA chunk which fits into an SCTP 436 packet not exceeding the PMTU of a particular destination address. 438 Path Maximum Transmission Unit (PMTU): The maximum size (including 439 the SCTP common header and all chunks including their paddings) of 440 an SCTP packet which can be sent to a particular destination 441 address without using IP level fragmentation. 443 Primary Path: The primary path is the destination and source address 444 that will be put into a packet outbound to the peer endpoint by 445 default. The definition includes the source address since an 446 implementation MAY wish to specify both destination and source 447 address to better control the return path taken by reply chunks 448 and on which interface the packet is transmitted when the data 449 sender is multi-homed. 451 Receiver Window (rwnd): An SCTP variable a data sender uses to store 452 the most recently calculated receiver window of its peer, in 453 number of bytes. This gives the sender an indication of the space 454 available in the receiver's inbound buffer. 456 SCTP association: A protocol relationship between SCTP endpoints, 457 composed of the two SCTP endpoints and protocol state information 458 including Verification Tags and the currently active set of 459 Transmission Sequence Numbers (TSNs), etc. An association can be 460 uniquely identified by the transport addresses used by the 461 endpoints in the association. Two SCTP endpoints MUST NOT have 462 more than one SCTP association between them at any given time. 464 SCTP endpoint: The logical sender/receiver of SCTP packets. On a 465 multi-homed host, an SCTP endpoint is represented to its peers as 466 a combination of a set of eligible destination transport addresses 467 to which SCTP packets can be sent and a set of eligible source 468 transport addresses from which SCTP packets can be received. All 469 transport addresses used by an SCTP endpoint MUST use the same 470 port number, but can use multiple IP addresses. A transport 471 address used by an SCTP endpoint MUST NOT be used by another SCTP 472 endpoint. In other words, a transport address is unique to an 473 SCTP endpoint. 475 SCTP packet (or packet): The unit of data delivery across the 476 interface between SCTP and the connectionless packet network 477 (e.g., IP). An SCTP packet includes the common SCTP header, 478 possible SCTP control chunks, and user data encapsulated within 479 SCTP DATA chunks. 481 SCTP user application (SCTP user): The logical higher-layer 482 application entity which uses the services of SCTP, also called 483 the Upper-Layer Protocol (ULP). 485 Slow-Start Threshold (ssthresh): An SCTP variable. This is the 486 threshold that the endpoint will use to determine whether to 487 perform slow start or congestion avoidance on a particular 488 destination transport address. Ssthresh is in number of bytes. 490 State Cookie: A container of all information needed to establish an 491 association. 493 Stream: A unidirectional logical channel established from one to 494 another associated SCTP endpoint, within which all user messages 495 are delivered in sequence except for those submitted to the 496 unordered delivery service. 498 Note: The relationship between stream numbers in opposite 499 directions is strictly a matter of how the applications use them. 500 It is the responsibility of the SCTP user to create and manage 501 these correlations if they are so desired. 503 Stream Sequence Number: A 16-bit sequence number used internally by 504 SCTP to ensure sequenced delivery of the user messages within a 505 given stream. One Stream Sequence Number is attached to each user 506 message. 508 Tie-Tags: Two 32-bit random numbers that together make a 64-bit 509 nonce. These tags are used within a State Cookie and TCB so that 510 a newly restarting association can be linked to the original 511 association within the endpoint that did not restart and yet not 512 reveal the true Verification Tags of an existing association. 514 Transmission Control Block (TCB): An internal data structure created 515 by an SCTP endpoint for each of its existing SCTP associations to 516 other SCTP endpoints. TCB contains all the status and operational 517 information for the endpoint to maintain and manage the 518 corresponding association. 520 Transmission Sequence Number (TSN): A 32-bit sequence number used 521 internally by SCTP. One TSN is attached to each chunk containing 522 user data to permit the receiving SCTP endpoint to acknowledge its 523 receipt and detect duplicate deliveries. 525 Transport address: A transport address is traditionally defined by a 526 network-layer address, a transport-layer protocol, and a 527 transport-layer port number. In the case of SCTP running over IP, 528 a transport address is defined by the combination of an IP address 529 and an SCTP port number (where SCTP is the transport protocol). 531 Unordered Message: Unordered messages are "unordered" with respect 532 to any other message; this includes both other unordered messages 533 as well as other ordered messages. An unordered message might be 534 delivered prior to or later than ordered messages sent on the same 535 stream. 537 User message: The unit of data delivery across the interface between 538 SCTP and its user. 540 Verification Tag: A 32-bit unsigned integer that is randomly 541 generated. The Verification Tag provides a key that allows a 542 receiver to verify that the SCTP packet belongs to the current 543 association and is not an old or stale packet from a previous 544 association. 546 2.4. Abbreviations 548 MAC Message Authentication Code [RFC2104] 549 RTO Retransmission Timeout 550 RTT Round-Trip Time 551 RTTVAR Round-Trip Time Variation 552 SCTP Stream Control Transmission Protocol 553 SRTT Smoothed RTT 554 TCB Transmission Control Block 555 TLV Type-Length-Value coding format 556 TSN Transmission Sequence Number 557 ULP Upper-Layer Protocol 559 2.5. Functional View of SCTP 561 The SCTP transport service can be decomposed into a number of 562 functions. These are depicted in Figure 2 and explained in the 563 remainder of this section. 565 SCTP User Application 567 ----------------------------------------------------- 568 _____________ ____________________ 569 | | | Sequenced Delivery | 570 | Association | | within Streams | 571 | | |____________________| 572 | Startup | 573 | | ____________________________ 574 | and | | User Data Fragmentation | 575 | | |____________________________| 576 | Takedown | 577 | | ____________________________ 578 | | | Acknowledgement | 579 | | | and | 580 | | | Congestion Avoidance | 581 | | |____________________________| 582 | | 583 | | ____________________________ 584 | | | Chunk Bundling | 585 | | |____________________________| 586 | | 587 | | ________________________________ 588 | | | Packet Validation | 589 | | |________________________________| 590 | | 591 | | ________________________________ 592 | | | Path Management | 593 |_____________| |________________________________| 595 Figure 2: Functional View of the SCTP Transport Service 597 2.5.1. Association Startup and Takedown 599 An association is initiated by a request from the SCTP user (see the 600 description of the ASSOCIATE (or SEND) primitive in Section 11). 602 A cookie mechanism, similar to one described by Karn and Simpson in 603 [RFC2522], is employed during the initialization to provide 604 protection against synchronization attacks. The cookie mechanism 605 uses a four-way handshake, the last two legs of which are allowed to 606 carry user data for fast setup. The startup sequence is described in 607 Section 5 of this document. 609 SCTP provides for graceful close (i.e., shutdown) of an active 610 association on request from the SCTP user. See the description of 611 the SHUTDOWN primitive in Section 11. SCTP also allows ungraceful 612 close (i.e., abort), either on request from the user (ABORT 613 primitive) or as a result of an error condition detected within the 614 SCTP layer. Section 9 describes both the graceful and the ungraceful 615 close procedures. 617 SCTP does not support a half-open state (like TCP) wherein one side 618 continues sending data while the other end is closed. When either 619 endpoint performs a shutdown, the association on each peer will stop 620 accepting new data from its user and only deliver data in queue at 621 the time of the graceful close (see Section 9). 623 2.5.2. Sequenced Delivery within Streams 625 The term "stream" is used in SCTP to refer to a sequence of user 626 messages that are to be delivered to the upper-layer protocol in 627 order with respect to other messages within the same stream. This is 628 in contrast to its usage in TCP, where it refers to a sequence of 629 bytes (in this document, a byte is assumed to be 8 bits). 631 The SCTP user can specify at association startup time the number of 632 streams to be supported by the association. This number is 633 negotiated with the remote end (see Section 5.1.1). User messages 634 are associated with stream numbers (SEND, RECEIVE primitives, 635 Section 11). Internally, SCTP assigns a Stream Sequence Number to 636 each message passed to it by the SCTP user. On the receiving side, 637 SCTP ensures that messages are delivered to the SCTP user in sequence 638 within a given stream. However, while one stream might be blocked 639 waiting for the next in-sequence user message, delivery from other 640 streams might proceed. 642 SCTP provides a mechanism for bypassing the sequenced delivery 643 service. User messages sent using this mechanism are delivered to 644 the SCTP user as soon as they are received. 646 2.5.3. User Data Fragmentation 648 When needed, SCTP fragments user messages to ensure that the size of 649 the SCTP packet passed to the lower layer does not exceed the PMTU. 650 Once a user message has been fragmented, this fragmentation cannot be 651 changed anymore. On receipt, fragments are reassembled into complete 652 messages before being passed to the SCTP user. 654 2.5.4. Acknowledgement and Congestion Avoidance 656 SCTP assigns a Transmission Sequence Number (TSN) to each user data 657 fragment or unfragmented message. The TSN is independent of any 658 Stream Sequence Number assigned at the stream level. The receiving 659 end acknowledges all TSNs received, even if there are gaps in the 660 sequence. If a user data fragment or unfragmented message needs to 661 be retransmitted, the TSN assigned to it is used. In this way, 662 reliable delivery is kept functionally separate from sequenced stream 663 delivery. 665 The acknowledgement and congestion avoidance function is responsible 666 for packet retransmission when timely acknowledgement has not been 667 received. Packet retransmission is conditioned by congestion 668 avoidance procedures similar to those used for TCP. See Section 6 669 and Section 7 for a detailed description of the protocol procedures 670 associated with this function. 672 2.5.5. Chunk Bundling 674 As described in Section 3, the SCTP packet as delivered to the lower 675 layer consists of a common header followed by one or more chunks. 676 Each chunk contains either user data or SCTP control information. An 677 SCTP implementation supporting bundling on the sender side might 678 delay the sending of user messages to allow the corresponding DATA 679 chunks to be bundled. 681 The SCTP user has the option to request that an SCTP implementation 682 does not delay the sending of a user message just for this purpose. 683 However, even if the SCTP user has chosen this option, the SCTP 684 implementation might delay the sending due to other reasons, for 685 example due to congestion control or flow control, and might also 686 bundle multiple DATA chunks, if possible. 688 2.5.6. Packet Validation 690 A mandatory Verification Tag field and a 32-bit checksum field (see 691 Appendix A for a description of the CRC32c checksum) are included in 692 the SCTP common header. The Verification Tag value is chosen by each 693 end of the association during association startup. Packets received 694 without the expected Verification Tag value are discarded, as a 695 protection against blind masquerade attacks and against stale SCTP 696 packets from a previous association. The CRC32c checksum is set by 697 the sender of each SCTP packet to provide additional protection 698 against data corruption in the network. The receiver of an SCTP 699 packet with an invalid CRC32c checksum silently discards the packet. 701 2.5.7. Path Management 703 The sending SCTP user is able to manipulate the set of transport 704 addresses used as destinations for SCTP packets through the 705 primitives described in Section 11. The SCTP path management 706 function monitors reachability through heartbeats when other packet 707 traffic is inadequate to provide this information and advises the 708 SCTP user when reachability of any transport address of the peer 709 endpoint changes. The path management function chooses the 710 destination transport address for each outgoing SCTP packet based on 711 the SCTP user's instructions and the currently perceived reachability 712 status of the eligible destination set. The path management function 713 is also responsible for reporting the eligible set of local transport 714 addresses to the peer endpoint during association startup, and for 715 reporting the transport addresses returned from the peer endpoint to 716 the SCTP user. 718 At association startup, a primary path is defined for each SCTP 719 endpoint, and is used for normal sending of SCTP packets. 721 On the receiving end, the path management is responsible for 722 verifying the existence of a valid SCTP association to which the 723 inbound SCTP packet belongs before passing it for further processing. 725 Note: Path Management and Packet Validation are done at the same 726 time, so although described separately above, in reality they cannot 727 be performed as separate items. 729 2.6. Serial Number Arithmetic 731 It is essential to remember that the actual Transmission Sequence 732 Number space is finite, though very large. This space ranges from 0 733 to 2^32 - 1. Since the space is finite, all arithmetic dealing with 734 Transmission Sequence Numbers MUST be performed modulo 2^32. This 735 unsigned arithmetic preserves the relationship of sequence numbers as 736 they cycle from 2^32 - 1 to 0 again. There are some subtleties to 737 computer modulo arithmetic, so great care has to be taken in 738 programming the comparison of such values. When referring to TSNs, 739 the symbol "<=" means "less than or equal" (modulo 2^32). 741 Comparisons and arithmetic on TSNs in this document SHOULD use Serial 742 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 32. 744 An endpoint SHOULD NOT transmit a DATA chunk with a TSN that is more 745 than 2^31 - 1 above the beginning TSN of its current send window. 746 Doing so will cause problems in comparing TSNs. 748 Transmission Sequence Numbers wrap around when they reach 2^32 - 1. 749 That is, the next TSN a DATA chunk MUST use after transmitting TSN = 750 2^32 - 1 is TSN = 0. 752 Any arithmetic done on Stream Sequence Numbers SHOULD use Serial 753 Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 16. 754 All other arithmetic and comparisons in this document use normal 755 arithmetic. 757 2.7. Changes from RFC 4960 759 SCTP was originally defined in [RFC4960], which this document 760 obsoletes, if approved. Readers interested in the details of the 761 various changes that this document incorporates are asked to consult 762 [RFC8540]. 764 In addition to these and further editorial changes, the following 765 changes have been incorporated in this document: 767 * Update references. 769 * Improve the language related to requirements levels. 771 * Allow the ASSOCIATE primitive to take multiple remote addresses; 772 also refer to the Socket API specification. 774 * Refer to the PLPMTUD specification for path MTU discovery. 776 * Move the description of ICMP handling from an Appendix to the main 777 text. 779 * Remove the Appendix describing ECN handling from the document. 781 * Describe the packet size handling more precise by introducing 782 PMTU, PMDCS and AMDCS. 784 * Add the definition of control chunk. 786 * Improve the description of the handling of INIT chunks with 787 invalid mandatory parameters. 789 * Allow using L > 1 for Appropriate Byte Counting (ABC) during slow 790 start. 792 * Explicitly describe the reinitialization of the congestion 793 controller on route changes. 795 * Improve the terminology to make clear that this specification does 796 not describe a full mesh architecture. 798 * Improve the description of sequence number generation (TSN and 799 SSN). 801 * Improve the description of reneging. 803 * Don't require the change of the cumulative TSN ACK anymore for 804 increasing the congestion window. This improves the consistency 805 with the handling in congestion avoidance. 807 * Improve the description of the State Cookie. 809 3. SCTP Packet Format 811 An SCTP packet is composed of a common header and chunks. A chunk 812 contains either control information or user data. 814 The SCTP packet format is shown below: 816 0 1 2 3 817 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 818 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 819 | Common Header | 820 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 821 | Chunk #1 | 822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 823 | ... | 824 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 825 | Chunk #n | 826 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 828 INIT, INIT ACK and SHUTDOWN COMPLETE chunks MUST NOT be bundled into 829 one SCTP packet. All other chunks MAY be bundled to form an SCTP 830 packet that does not exceed the PMTU. See Section 6.10 for more 831 details on chunk bundling. 833 If a user data message does not fit into one SCTP packet it can be 834 fragmented into multiple chunks using the procedure defined in 835 Section 6.9. 837 All integer fields in an SCTP packet MUST be transmitted in network 838 byte order, unless otherwise stated. 840 3.1. SCTP Common Header Field Descriptions 841 0 1 2 3 842 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 843 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 844 | Source Port Number | Destination Port Number | 845 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 846 | Verification Tag | 847 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 848 | Checksum | 849 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 851 Source Port Number: 16 bits (unsigned integer) 852 This is the SCTP sender's port number. It can be used by the 853 receiver in combination with the source IP address, the SCTP 854 destination port, and possibly the destination IP address to 855 identify the association to which this packet belongs. The source 856 port number 0 MUST NOT be used. 858 Destination Port Number: 16 bits (unsigned integer) 859 This is the SCTP port number to which this packet is destined. 860 The receiving host will use this port number to de-multiplex the 861 SCTP packet to the correct receiving endpoint/application. The 862 destination port number 0 MUST NOT be used. 864 Verification Tag: 32 bits (unsigned integer) 865 The receiver of an SCTP packet uses the Verification Tag to 866 validate the sender of this packet. On transmit, the value of the 867 Verification Tag MUST be set to the value of the Initiate Tag 868 received from the peer endpoint during the association 869 initialization, with the following exceptions: 871 * A packet containing an INIT chunk MUST have a zero Verification 872 Tag. 874 * A packet containing a SHUTDOWN COMPLETE chunk with the T bit 875 set MUST have the Verification Tag copied from the packet with 876 the SHUTDOWN ACK chunk. 878 * A packet containing an ABORT chunk MAY have the verification 879 tag copied from the packet that caused the ABORT chunk to be 880 sent. For details see Section 8.4 and Section 8.5. 882 Checksum: 32 bits (unsigned integer) 883 This field contains the checksum of the SCTP packet. Its 884 calculation is discussed in Section 6.8. SCTP uses the CRC32c 885 algorithm as described in Appendix A for calculating the checksum. 887 3.2. Chunk Field Descriptions 889 The figure below illustrates the field format for the chunks to be 890 transmitted in the SCTP packet. Each chunk is formatted with a Chunk 891 Type field, a chunk-specific Flag field, a Chunk Length field, and a 892 Value field. 894 0 1 2 3 895 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 896 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 897 | Chunk Type | Chunk Flags | Chunk Length | 898 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 899 \ \ 900 / Chunk Value / 901 \ \ 902 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 904 Chunk Type: 8 bits (unsigned integer) 905 This field identifies the type of information contained in the 906 Chunk Value field. It takes a value from 0 to 254. The value of 907 255 is reserved for future use as an extension field. 909 The values of Chunk Types are defined as follows: 911 +==========+===========================================+ 912 | ID Value | Chunk Type | 913 +==========+===========================================+ 914 | 0 | Payload Data (DATA) | 915 +----------+-------------------------------------------+ 916 | 1 | Initiation (INIT) | 917 +----------+-------------------------------------------+ 918 | 2 | Initiation Acknowledgement (INIT ACK) | 919 +----------+-------------------------------------------+ 920 | 3 | Selective Acknowledgement (SACK) | 921 +----------+-------------------------------------------+ 922 | 4 | Heartbeat Request (HEARTBEAT) | 923 +----------+-------------------------------------------+ 924 | 5 | Heartbeat Acknowledgement (HEARTBEAT ACK) | 925 +----------+-------------------------------------------+ 926 | 6 | Abort (ABORT) | 927 +----------+-------------------------------------------+ 928 | 7 | Shutdown (SHUTDOWN) | 929 +----------+-------------------------------------------+ 930 | 8 | Shutdown Acknowledgement (SHUTDOWN ACK) | 931 +----------+-------------------------------------------+ 932 | 9 | Operation Error (ERROR) | 933 +----------+-------------------------------------------+ 934 | 10 | State Cookie (COOKIE ECHO) | 935 +----------+-------------------------------------------+ 936 | 11 | Cookie Acknowledgement (COOKIE ACK) | 937 +----------+-------------------------------------------+ 938 | 12 | Reserved for Explicit Congestion | 939 | | Notification Echo (ECNE) | 940 +----------+-------------------------------------------+ 941 | 13 | Reserved for Congestion Window Reduced | 942 | | (CWR) | 943 +----------+-------------------------------------------+ 944 | 14 | Shutdown Complete (SHUTDOWN COMPLETE) | 945 +----------+-------------------------------------------+ 946 | 15 to 62 | available | 947 +----------+-------------------------------------------+ 948 | 63 | reserved for IETF-defined Chunk | 949 | | Extensions | 950 +----------+-------------------------------------------+ 951 | 64 to | available | 952 | 126 | | 953 +----------+-------------------------------------------+ 954 | 127 | reserved for IETF-defined Chunk | 955 | | Extensions | 956 +----------+-------------------------------------------+ 957 | 128 to | available | 958 | 190 | | 959 +----------+-------------------------------------------+ 960 | 191 | reserved for IETF-defined Chunk | 961 | | Extensions | 962 +----------+-------------------------------------------+ 963 | 192 to | available | 964 | 254 | | 965 +----------+-------------------------------------------+ 966 | 255 | reserved for IETF-defined Chunk | 967 | | Extensions | 968 +----------+-------------------------------------------+ 970 Table 1: Chunk Types 972 Note: The ECNE and CWR chunk types are reserved for future use of 973 Explicit Congestion Notification (ECN). 975 Chunk Types are encoded such that the highest-order 2 bits specify 976 the action that is taken if the processing endpoint does not 977 recognize the Chunk Type. 979 +----+--------------------------------------------------+ 980 | 00 | Stop processing this SCTP packet; discard the | 981 | | unrecognized chunk and all further chunks. | 982 +----+--------------------------------------------------+ 983 | 01 | Stop processing this SCTP packet, discard the | 984 | | unrecognized chunk and all further chunks, and | 985 | | report the unrecognized chunk in an ERROR chunk | 986 | | using the 'Unrecognized Chunk Type' error cause. | 987 +----+--------------------------------------------------+ 988 | 10 | Skip this chunk and continue processing. | 989 +----+--------------------------------------------------+ 990 | 11 | Skip this chunk and continue processing, but | 991 | | report it in an ERROR chunk using the | 992 | | 'Unrecognized Chunk Type' error cause. | 993 +----+--------------------------------------------------+ 995 Table 2: Processing of Unknown Chunks 997 Chunk Flags: 8 bits 998 The usage of these bits depends on the Chunk type as given by the 999 Chunk Type field. Unless otherwise specified, they are set to 0 1000 on transmit and are ignored on receipt. 1002 Chunk Length: 16 bits (unsigned integer) 1003 This value represents the size of the chunk in bytes, including 1004 the Chunk Type, Chunk Flags, Chunk Length, and Chunk Value fields. 1005 Therefore, if the Chunk Value field is zero-length, the Length 1006 field will be set to 4. The Chunk Length field does not count any 1007 chunk padding. However, it does include padding of any variable- 1008 length parameter except the last parameter in the chunk. 1010 Note: A robust implementation is expected to accept the chunk 1011 whether or not the final padding has been included in the Chunk 1012 Length. 1014 Chunk Value: variable length 1015 The Chunk Value field contains the actual information to be 1016 transferred in the chunk. The usage and format of this field is 1017 dependent on the Chunk Type. 1019 The total length of a chunk (including Type, Length, and Value 1020 fields) MUST be a multiple of 4 bytes. If the length of the chunk is 1021 not a multiple of 4 bytes, the sender MUST pad the chunk with all 1022 zero bytes, and this padding is not included in the Chunk Length 1023 field. The sender MUST NOT pad with more than 3 bytes. The receiver 1024 MUST ignore the padding bytes. 1026 SCTP-defined chunks are described in detail in Section 3.3. The 1027 guidelines for IETF-defined chunk extensions can be found in 1028 Section 15.1 of this document. 1030 3.2.1. Optional/Variable-Length Parameter Format 1032 Chunk values of SCTP control chunks consist of a chunk-type-specific 1033 header of required fields, followed by zero or more parameters. The 1034 optional and variable-length parameters contained in a chunk are 1035 defined in a Type-Length-Value format as shown below. 1037 0 1 2 3 1038 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1039 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1040 | Parameter Type | Parameter Length | 1041 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1042 \ \ 1043 / Parameter Value / 1044 \ \ 1045 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1047 Parameter Type: 16 bits (unsigned integer) 1048 The Type field is a 16-bit identifier of the type of parameter. 1049 It takes a value of 0 to 65534. 1051 The value of 65535 is reserved for IETF-defined extensions. 1052 Values other than those defined in specific SCTP chunk 1053 descriptions are reserved for use by IETF. 1055 Parameter Length: 16 bits (unsigned integer) 1056 The Parameter Length field contains the size of the parameter in 1057 bytes, including the Parameter Type, Parameter Length, and 1058 Parameter Value fields. Thus, a parameter with a zero-length 1059 Parameter Value field would have a Parameter Length field of 4. 1060 The Parameter Length does not include any padding bytes. 1062 Parameter Value: variable length 1063 The Parameter Value field contains the actual information to be 1064 transferred in the parameter. 1066 The total length of a parameter (including Parameter Type, Parameter 1067 Length, and Parameter Value fields) MUST be a multiple of 4 bytes. 1068 If the length of the parameter is not a multiple of 4 bytes, the 1069 sender pads the parameter at the end (i.e., after the Parameter Value 1070 field) with all zero bytes. The length of the padding is not 1071 included in the Parameter Length field. A sender MUST NOT pad with 1072 more than 3 bytes. The receiver MUST ignore the padding bytes. 1074 The Parameter Types are encoded such that the highest-order 2 bits 1075 specify the action that is taken if the processing endpoint does not 1076 recognize the Parameter Type. 1078 +----+-------------------------------------------------------+ 1079 | 00 | Stop processing this parameter; do not process any | 1080 | | further parameters within this chunk. | 1081 +----+-------------------------------------------------------+ 1082 | 01 | Stop processing this parameter, do not process any | 1083 | | further parameters within this chunk, and report the | 1084 | | unrecognized parameter as described in Section 3.2.2. | 1085 +----+-------------------------------------------------------+ 1086 | 10 | Skip this parameter and continue processing. | 1087 +----+-------------------------------------------------------+ 1088 | 11 | Skip this parameter and continue processing but | 1089 | | report the unrecognized parameter as described in | 1090 | | Section 3.2.2. | 1091 +----+-------------------------------------------------------+ 1093 Table 3: Processing of Unknown Parameters 1095 Please note that, when an INIT or INIT ACK chunk is received, in all 1096 four cases, an INIT ACK or COOKIE ECHO chunk is sent in response, 1097 respectively. In the 00 or 01 case, the processing of the parameters 1098 after the unknown parameter is canceled, but no processing already 1099 done is rolled back. 1101 The actual SCTP parameters are defined in the specific SCTP chunk 1102 sections. The rules for IETF-defined parameter extensions are 1103 defined in Section 15.3. Parameter types MUST be unique across all 1104 chunks. For example, the parameter type '5' is used to represent an 1105 IPv4 address (see Section 3.3.2.1). The value '5' then is reserved 1106 across all chunks to represent an IPv4 address and MUST NOT be reused 1107 with a different meaning in any other chunk. 1109 3.2.2. Reporting of Unrecognized Parameters 1111 If the receiver of an INIT chunk detects unrecognized parameters and 1112 has to report them according to Section 3.2.1, it MUST put the 1113 "Unrecognized Parameter" parameter(s) in the INIT ACK chunk sent in 1114 response to the INIT chunk. Note that if the receiver of the INIT 1115 chunk is not going to establish an association (e.g., due to lack of 1116 resources), an "Unrecognized Parameter" error cause would not be 1117 included with any ABORT chunk being sent to the sender of the INIT 1118 chunk. 1120 If the receiver of any other chunk (e.g., INIT ACK) detects 1121 unrecognized parameters and has to report them according to 1122 Section 3.2.1, it SHOULD bundle the ERROR chunk containing the 1123 "Unrecognized Parameters" error cause with the chunk sent in response 1124 (e.g., COOKIE ECHO). If the receiver of the INIT ACK chunk cannot 1125 bundle the COOKIE ECHO chunk with the ERROR chunk, the ERROR chunk 1126 MAY be sent separately but not before the COOKIE ACK chunk has been 1127 received. 1129 Any time a COOKIE ECHO chunk is sent in a packet, it MUST be the 1130 first chunk. 1132 3.3. SCTP Chunk Definitions 1134 This section defines the format of the different SCTP chunk types. 1136 3.3.1. Payload Data (DATA) (0) 1138 The following format MUST be used for the DATA chunk: 1140 0 1 2 3 1141 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1142 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1143 | Type = 0 | Res |I|U|B|E| Length | 1144 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1145 | TSN | 1146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1147 | Stream Identifier S | Stream Sequence Number n | 1148 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1149 | Payload Protocol Identifier | 1150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1151 \ \ 1152 / User Data (seq n of Stream S) / 1153 \ \ 1154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1156 Res: 4 bits 1157 All set to 0 on transmit and ignored on receipt. 1159 I bit: 1 bit 1160 The (I)mmediate bit MAY be set by the sender whenever the sender 1161 of a DATA chunk can benefit from the corresponding SACK chunk 1162 being sent back without delay. See Section 4 of [RFC7053] for a 1163 discussion of the benefits. 1165 U bit: 1 bit 1166 The (U)nordered bit, if set to 1, indicates that this is an 1167 unordered DATA chunk, and there is no Stream Sequence Number 1168 assigned to this DATA chunk. Therefore, the receiver MUST ignore 1169 the Stream Sequence Number field. 1171 After reassembly (if necessary), unordered DATA chunks MUST be 1172 dispatched to the upper layer by the receiver without any attempt 1173 to reorder. 1175 If an unordered user message is fragmented, each fragment of the 1176 message MUST have its U bit set to 1. 1178 B bit: 1 bit 1179 The (B)eginning fragment bit, if set, indicates the first fragment 1180 of a user message. 1182 E bit: 1 bit 1183 The (E)nding fragment bit, if set, indicates the last fragment of 1184 a user message. 1186 Length: 16 bits (unsigned integer) 1187 This field indicates the length of the DATA chunk in bytes from 1188 the beginning of the type field to the end of the User Data field 1189 excluding any padding. A DATA chunk with one byte of user data 1190 will have Length set to 17 (indicating 17 bytes). 1192 A DATA chunk with a User Data field of length L will have the 1193 Length field set to (16 + L) (indicating 16 + L bytes) where L 1194 MUST be greater than 0. 1196 TSN: 32 bits (unsigned integer) 1197 This value represents the TSN for this DATA chunk. The valid 1198 range of TSN is from 0 to 4294967295 (2^32 - 1). TSN wraps back 1199 to 0 after reaching 4294967295. 1201 Stream Identifier S: 16 bits (unsigned integer) 1202 Identifies the stream to which the following user data belongs. 1204 Stream Sequence Number n: 16 bits (unsigned integer) 1205 This value represents the Stream Sequence Number of the following 1206 user data within the stream S. Valid range is 0 to 65535. 1208 When a user message is fragmented by SCTP for transport, the same 1209 Stream Sequence Number MUST be carried in each of the fragments of 1210 the message. 1212 Payload Protocol Identifier: 32 bits (unsigned integer) 1213 This value represents an application (or upper layer) specified 1214 protocol identifier. This value is passed to SCTP by its upper 1215 layer and sent to its peer. This identifier is not used by SCTP 1216 but can be used by certain network entities, as well as by the 1217 peer application, to identify the type of information being 1218 carried in this DATA chunk. This field MUST be sent even in 1219 fragmented DATA chunks (to make sure it is available for agents in 1220 the middle of the network). Note that this field is not touched 1221 by an SCTP implementation; therefore, its byte order is not 1222 necessarily big endian. The upper layer is responsible for any 1223 byte order conversions to this field. 1225 The value 0 indicates that no application identifier is specified 1226 by the upper layer for this payload data. 1228 User Data: variable length 1229 This is the payload user data. The implementation MUST pad the 1230 end of the data to a 4-byte boundary with all-zero bytes. Any 1231 padding MUST NOT be included in the Length field. A sender MUST 1232 never add more than 3 bytes of padding. 1234 An unfragmented user message MUST have both the B and E bits set to 1235 1. Setting both B and E bits to 0 indicates a middle fragment of a 1236 multi-fragment user message, as summarized in the following table: 1238 +---+---+-------------------------------------------+ 1239 | B | E | Description | 1240 +---+---+-------------------------------------------+ 1241 | 1 | 0 | First piece of a fragmented user message | 1242 +---+---+-------------------------------------------+ 1243 | 0 | 0 | Middle piece of a fragmented user message | 1244 +---+---+-------------------------------------------+ 1245 | 0 | 1 | Last piece of a fragmented user message | 1246 +---+---+-------------------------------------------+ 1247 | 1 | 1 | Unfragmented message | 1248 +---+---+-------------------------------------------+ 1250 Table 4: Fragment Description Flags 1252 When a user message is fragmented into multiple chunks, the TSNs are 1253 used by the receiver to reassemble the message. This means that the 1254 TSNs for each fragment of a fragmented user message MUST be strictly 1255 sequential. 1257 The TSNs of DATA chunks sent SHOULD be strictly sequential. 1259 Note: The extension described in [RFC8260] can be used to mitigate 1260 the head of line blocking when transferring large user messages. 1262 3.3.2. Initiation (INIT) (1) 1264 This chunk is used to initiate an SCTP association between two 1265 endpoints. The format of the INIT chunk is shown below: 1267 0 1 2 3 1268 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1269 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1270 | Type = 1 | Chunk Flags | Chunk Length | 1271 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1272 | Initiate Tag | 1273 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1274 | Advertised Receiver Window Credit (a_rwnd) | 1275 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1276 | Number of Outbound Streams | Number of Inbound Streams | 1277 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1278 | Initial TSN | 1279 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1280 \ \ 1281 / Optional/Variable-Length Parameters / 1282 \ \ 1283 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1285 The following parameters are specified for the INIT chunk. Unless 1286 otherwise noted, each parameter MUST only be included once in the 1287 INIT chunk. 1289 +-----------------------------------+-----------+ 1290 | Fixed Length Parameter | Status | 1291 +-----------------------------------+-----------+ 1292 | Initiate Tag | Mandatory | 1293 +-----------------------------------+-----------+ 1294 | Advertised Receiver Window Credit | Mandatory | 1295 +-----------------------------------+-----------+ 1296 | Number of Outbound Streams | Mandatory | 1297 +-----------------------------------+-----------+ 1298 | Number of Inbound Streams | Mandatory | 1299 +-----------------------------------+-----------+ 1300 | Initial TSN | Mandatory | 1301 +-----------------------------------+-----------+ 1303 Table 5: Fixed Length Parameters of INIT Chunks 1305 +-----------------------------------+------------+----------------+ 1306 | Variable Length Parameter | Status | Type Value | 1307 +-----------------------------------+------------+----------------+ 1308 | IPv4 Address (Note 1) | Optional | 5 | 1309 +-----------------------------------+------------+----------------+ 1310 | IPv6 Address (Note 1) | Optional | 6 | 1311 +-----------------------------------+------------+----------------+ 1312 | Cookie Preservative | Optional | 9 | 1313 +-----------------------------------+------------+----------------+ 1314 | Reserved for ECN Capable (Note 2) | Optional | 32768 (0x8000) | 1315 +-----------------------------------+------------+----------------+ 1316 | Host Name Address (Note 3) | Deprecated | 11 | 1317 +-----------------------------------+------------+----------------+ 1318 | Supported Address Types (Note 4) | Optional | 12 | 1319 +-----------------------------------+------------+----------------+ 1321 Table 6: Variable Length Parameters of INIT Chunks 1323 Note 1: The INIT chunks can contain multiple addresses that can be 1324 IPv4 and/or IPv6 in any combination. 1326 Note 2: The ECN Capable field is reserved for future use of Explicit 1327 Congestion Notification. 1329 Note 3: An INIT chunk MUST NOT contain the Host Name Address 1330 parameter. The receiver of an INIT chunk containing a Host Name 1331 Address parameter MUST send an ABORT chunk and MAY include an 1332 "Unresolvable Address" error cause. 1334 Note 4: This parameter, when present, specifies all the address types 1335 the sending endpoint can support. The absence of this parameter 1336 indicates that the sending endpoint can support any address type. 1338 If an INIT chunk is received with all mandatory parameters that are 1339 specified for the INIT chunk, then the receiver SHOULD process the 1340 INIT chunk and send back an INIT ACK. The receiver of the INIT chunk 1341 MAY bundle an ERROR chunk with the COOKIE ACK chunk later. However, 1342 restrictive implementations MAY send back an ABORT chunk in response 1343 to the INIT chunk. 1345 The Chunk Flags field in INIT chunks is reserved, and all bits in it 1346 SHOULD be set to 0 by the sender and ignored by the receiver. The 1347 sequence of parameters within an INIT chunk can be processed in any 1348 order. 1350 Initiate Tag: 32 bits (unsigned integer) 1351 The receiver of the INIT chunk (the responding end) records the 1352 value of the Initiate Tag parameter. This value MUST be placed 1353 into the Verification Tag field of every SCTP packet that the 1354 receiver of the INIT chunk transmits within this association. 1356 The Initiate Tag is allowed to have any value except 0. See 1357 Section 5.3.1 for more on the selection of the tag value. 1359 If the value of the Initiate Tag in a received INIT chunk is found 1360 to be 0, the receiver MUST silently discard the packet. 1362 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1363 integer) 1364 This value represents the dedicated buffer space, in number of 1365 bytes, the sender of the INIT chunk has reserved in association 1366 with this window. 1368 The Advertised Receiver Window Credit MUST NOT be smaller than 1369 1500. 1371 A receiver of an INIT chunk with the a_rwnd value set to a value 1372 smaller than 1500 MUST discard the packet, SHOULD send a packet in 1373 response containing an ABORT chunk and using the Initiate Tag as 1374 the Verification Tag, and MUST NOT change the state of any 1375 existing association. 1377 During the life of the association, this buffer space SHOULD NOT 1378 be reduced (i.e., dedicated buffers ought not to be taken away 1379 from this association); however, an endpoint MAY change the value 1380 of a_rwnd it sends in SACK chunks. 1382 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1383 Defines the number of outbound streams the sender of this INIT 1384 chunk wishes to create in this association. The value of 0 MUST 1385 NOT be used. 1387 A receiver of an INIT chunk with the OS value set to 0 MUST 1388 discard the packet, SHOULD send a packet in response containing an 1389 ABORT chunk and using the Initiate Tag as the Verification Tag, 1390 and MUST NOT change the state of any existing association. 1392 Number of Inbound Streams (MIS): 16 bits (unsigned integer) 1393 Defines the maximum number of streams the sender of this INIT 1394 chunk allows the peer end to create in this association. The 1395 value 0 MUST NOT be used. 1397 Note: There is no negotiation of the actual number of streams but 1398 instead the two endpoints will use the min(requested, offered). 1399 See Section 5.1.1 for details. 1401 A receiver of an INIT chunk with the MIS value set to 0 MUST 1402 discard the packet, SHOULD send a packet in response containing an 1403 ABORT chunk and using the Initiate Tag as the Verification Tag, 1404 and MUST NOT change the state of any existing association. 1406 Initial TSN (I-TSN): 32 bits (unsigned integer) 1407 Defines the initial TSN that the sender will use. The valid range 1408 is from 0 to 4294967295. This field MAY be set to the value of 1409 the Initiate Tag field. 1411 3.3.2.1. Optional or Variable-Length Parameters in INIT chunks 1413 The following parameters follow the Type-Length-Value format as 1414 defined in Section 3.2.1. Any Type-Length-Value fields MUST be 1415 placed after the fixed-length fields. (The fixed-length fields are 1416 defined in the previous section.) 1418 3.3.2.1.1. IPv4 Address (5) 1420 0 1 2 3 1421 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1422 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1423 | Type = 5 | Length = 8 | 1424 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1425 | IPv4 Address | 1426 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1428 IPv4 Address: 32 bits (unsigned integer) 1429 Contains an IPv4 address of the sending endpoint. It is binary 1430 encoded. 1432 3.3.2.1.2. IPv6 Address (6) 1434 0 1 2 3 1435 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1436 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1437 | Type = 6 | Length = 20 | 1438 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1439 | | 1440 | IPv6 Address | 1441 | | 1442 | | 1443 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1445 IPv6 Address: 128 bits (unsigned integer) 1446 Contains an IPv6 [RFC8200] address of the sending endpoint. It is 1447 binary encoded. 1449 A sender MUST NOT use an IPv4-mapped IPv6 address [RFC4291], but 1450 SHOULD instead use an IPv4 Address parameter for an IPv4 address. 1452 Combined with the Source Port Number in the SCTP common header, the 1453 value passed in an IPv4 or IPv6 Address parameter indicates a 1454 transport address the sender of the INIT chunk will support for the 1455 association being initiated. That is, during the life time of this 1456 association, this IP address can appear in the source address field 1457 of an IP datagram sent from the sender of the INIT chunk, and can be 1458 used as a destination address of an IP datagram sent from the 1459 receiver of the INIT chunk. 1461 More than one IP Address parameter can be included in an INIT chunk 1462 when the sender of the INIT chunk is multi-homed. Moreover, a multi- 1463 homed endpoint might have access to different types of network; thus, 1464 more than one address type can be present in one INIT chunk, i.e., 1465 IPv4 and IPv6 addresses are allowed in the same INIT chunk. 1467 If the INIT chunk contains at least one IP Address parameter, then 1468 the source address of the IP datagram containing the INIT chunk and 1469 any additional address(es) provided within the INIT can be used as 1470 destinations by the endpoint receiving the INIT chunk. If the INIT 1471 chunk does not contain any IP Address parameters, the endpoint 1472 receiving the INIT chunk MUST use the source address associated with 1473 the received IP datagram as its sole destination address for the 1474 association. 1476 Note that not using any IP Address parameters in the INIT and INIT 1477 ACK chunk is a way to make an association more likely to work in 1478 combination with Network Address Translation (NAT). 1480 3.3.2.1.3. Cookie Preservative (9) 1482 The sender of the INIT chunk SHOULD use this parameter to suggest to 1483 the receiver of the INIT chunk for a longer life-span of the State 1484 Cookie. 1486 0 1 2 3 1487 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1488 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1489 | Type = 9 | Length = 8 | 1490 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1491 | Suggested Cookie Life-Span Increment (msec.) | 1492 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1494 Suggested Cookie Life-Span Increment: 32 bits (unsigned integer) 1495 This parameter indicates to the receiver how much increment in 1496 milliseconds the sender wishes the receiver to add to its default 1497 cookie life-span. 1499 This optional parameter MAY be added to the INIT chunk by the 1500 sender when it reattempts establishing an association with a peer 1501 to which its previous attempt of establishing the association 1502 failed due to a stale cookie operation error. The receiver MAY 1503 choose to ignore the suggested cookie life-span increase for its 1504 own security reasons. 1506 3.3.2.1.4. Host Name Address (11) 1508 The sender of an INIT chunk or INIT ACK chunk MUST NOT include this 1509 parameter. The usage of the Host Name Address parameter is 1510 deprecated. The receiver of an INIT chunk or an INIT ACK containing 1511 a Host Name Address parameter MUST send an ABORT chunk and MAY 1512 include an "Unresolvable Address" error cause. 1514 0 1 2 3 1515 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1517 | Type = 11 | Length | 1518 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1519 / Host Name / 1520 \ \ 1521 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1523 Host Name: variable length 1524 This field contains a host name in "host name syntax" per 1525 Section 2.1 of [RFC1123]. The method for resolving the host name 1526 is out of scope of SCTP. 1528 At least one null terminator is included in the Host Name string 1529 and MUST be included in the length. 1531 3.3.2.1.5. Supported Address Types (12) 1533 The sender of INIT chunk uses this parameter to list all the address 1534 types it can support. 1536 0 1 2 3 1537 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1538 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1539 | Type = 12 | Length | 1540 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1541 | Address Type #1 | Address Type #2 | 1542 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1543 | ...... | 1544 +-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+ 1546 Address Type: 16 bits (unsigned integer) 1547 This is filled with the type value of the corresponding address 1548 TLV (e.g., 5 for indicating IPv4, 6 for indicating IPv6). The 1549 value indicating the Host Name Address parameter MUST NOT be used 1550 when sending this parameter and MUST be ignored when receiving 1551 this parameter. 1553 3.3.3. Initiation Acknowledgement (INIT ACK) (2) 1555 The INIT ACK chunk is used to acknowledge the initiation of an SCTP 1556 association. The format of the INIT ACK chunk is shown below: 1558 0 1 2 3 1559 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1560 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1561 | Type = 2 | Chunk Flags | Chunk Length | 1562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1563 | Initiate Tag | 1564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1565 | Advertised Receiver Window Credit | 1566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1567 | Number of Outbound Streams | Number of Inbound Streams | 1568 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1569 | Initial TSN | 1570 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1571 \ \ 1572 / Optional/Variable-Length Parameters / 1573 \ \ 1574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1576 The parameter part of INIT ACK is formatted similarly to the INIT 1577 chunk. The following parameters are specified for the INIT ACK 1578 chunk: 1580 +-----------------------------------+-----------+ 1581 | Fixed Length Parameter | Status | 1582 +-----------------------------------+-----------+ 1583 | Initiate Tag | Mandatory | 1584 +-----------------------------------+-----------+ 1585 | Advertised Receiver Window Credit | Mandatory | 1586 +-----------------------------------+-----------+ 1587 | Number of Outbound Streams | Mandatory | 1588 +-----------------------------------+-----------+ 1589 | Number of Inbound Streams | Mandatory | 1590 +-----------------------------------+-----------+ 1591 | Initial TSN | Mandatory | 1592 +-----------------------------------+-----------+ 1594 Table 7: Fixed Length Parameters of INIT ACK 1595 Chunks 1597 It uses two extra variable parameters: The State Cookie and the 1598 Unrecognized Parameter: 1600 +-----------------------------------+------------+----------------+ 1601 | Variable Length Parameter | Status | Type Value | 1602 +-----------------------------------+------------+----------------+ 1603 | State Cookie | Mandatory | 7 | 1604 +-----------------------------------+------------+----------------+ 1605 | IPv4 Address (Note 1) | Optional | 5 | 1606 +-----------------------------------+------------+----------------+ 1607 | IPv6 Address (Note 1) | Optional | 6 | 1608 +-----------------------------------+------------+----------------+ 1609 | Unrecognized Parameter | Optional | 8 | 1610 +-----------------------------------+------------+----------------+ 1611 | Reserved for ECN Capable (Note 2) | Optional | 32768 (0x8000) | 1612 +-----------------------------------+------------+----------------+ 1613 | Host Name Address (Note 3) | Deprecated | 11 | 1614 +-----------------------------------+------------+----------------+ 1616 Table 8: Variable Length Parameters of INIT ACK Chunks 1618 Note 1: The INIT ACK chunks can contain any number of IP address 1619 parameters that can be IPv4 and/or IPv6 in any combination. 1621 Note 2: The ECN Capable field is reserved for future use of Explicit 1622 Congestion Notification. 1624 Note 3: An INIT ACK chunk MUST NOT contain the Host Name Address 1625 parameter. The receiver of INIT ACK chunks containing a Host Name 1626 Address parameter MUST send an ABORT chunk and MAY include an 1627 "Unresolvable Address" error cause. 1629 Initiate Tag: 32 bits (unsigned integer) 1630 The receiver of the INIT ACK chunk records the value of the 1631 Initiate Tag parameter. This value MUST be placed into the 1632 Verification Tag field of every SCTP packet that the receiver of 1633 the INIT ACK chunk transmits within this association. 1635 The Initiate Tag MUST NOT take the value 0. See Section 5.3.1 for 1636 more on the selection of the Initiate Tag value. 1638 If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk 1639 with the Initiate Tag set to 0, it MUST destroy the TCB and SHOULD 1640 send an ABORT chunk with the T bit set. If such an INIT-ACK chunk 1641 is received in any state other than CLOSED or COOKIE-WAIT, it 1642 SHOULD be discarded silently (see Section 5.2.3). 1644 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1645 integer) 1646 This value represents the dedicated buffer space, in number of 1647 bytes, the sender of the INIT ACK chunk has reserved in 1648 association with this window. 1650 The Advertised Receiver Window Credit MUST NOT be smaller than 1651 1500. 1653 A receiver of an INIT ACK chunk with the a_rwnd value set to a 1654 value smaller than 1500 MUST discard the packet, SHOULD send a 1655 packet in response containing an ABORT chunk and using the 1656 Initiate Tag as the Verification Tag, and MUST NOT change the 1657 state of any existing association. 1659 During the life of the association, this buffer space SHOULD NOT 1660 be reduced (i.e., dedicated buffers ought not to be taken away 1661 from this association); however, an endpoint MAY change the value 1662 of a_rwnd it sends in SACK chunks. 1664 Number of Outbound Streams (OS): 16 bits (unsigned integer) 1665 Defines the number of outbound streams the sender of this INIT ACK 1666 chunk wishes to create in this association. The value of 0 MUST 1667 NOT be used, and the value MUST NOT be greater than the MIS value 1668 sent in the INIT chunk. 1670 If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk 1671 with the OS value set to 0, it MUST destroy the TCB and SHOULD 1672 send an ABORT chunk. If such an INIT-ACK chunk is received in any 1673 state other than CLOSED or COOKIE-WAIT, it SHOULD be discarded 1674 silently (see Section 5.2.3). 1676 Number of Inbound Streams (MIS): 16 bits (unsigned integer) 1677 Defines the maximum number of streams the sender of this INIT ACK 1678 chunk allows the peer end to create in this association. The 1679 value 0 MUST NOT be used. 1681 Note: There is no negotiation of the actual number of streams but 1682 instead the two endpoints will use the min(requested, offered). 1683 See Section 5.1.1 for details. 1685 If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk 1686 with the MIS value set to 0, it MUST destroy the TCB and SHOULD 1687 send an ABORT chunk. If such an INIT-ACK chunk is received in any 1688 state other than CLOSED or COOKIE-WAIT, it SHOULD be discarded 1689 silently (see Section 5.2.3). 1691 Initial TSN (I-TSN): 32 bits (unsigned integer) 1692 Defines the initial TSN that the sender of the INIT ACK chunk will 1693 use. The valid range is from 0 to 4294967295. This field MAY be 1694 set to the value of the Initiate Tag field. 1696 Implementation Note: An implementation MUST be prepared to receive an 1697 INIT ACK chunk that is quite large (more than 1500 bytes) due to the 1698 variable size of the State Cookie and the variable address list. For 1699 example if a responder to the INIT chunk has 1000 IPv4 addresses it 1700 wishes to send, it would need at least 8,000 bytes to encode this in 1701 the INIT ACK chunk. 1703 If an INIT ACK chunk is received with all mandatory parameters that 1704 are specified for the INIT ACK chunk, then the receiver SHOULD 1705 process the INIT ACK chunk and send back a COOKIE ECHO chunk. The 1706 receiver of the INIT ACK chunk MAY bundle an ERROR chunk with the 1707 COOKIE ECHO chunk. However, restrictive implementations MAY send 1708 back an ABORT chunk in response to the INIT ACK chunk. 1710 In combination with the Source Port carried in the SCTP common 1711 header, each IP Address parameter in the INIT ACK chunk indicates to 1712 the receiver of the INIT ACK chunk a valid transport address 1713 supported by the sender of the INIT ACK chunk for the life time of 1714 the association being initiated. 1716 If the INIT ACK chunk contains at least one IP Address parameter, 1717 then the source address of the IP datagram containing the INIT ACK 1718 chunk and any additional address(es) provided within the INIT ACK 1719 chunk MAY be used as destinations by the receiver of the INIT ACK 1720 chunk. If the INIT ACK chunk does not contain any IP Address 1721 parameters, the receiver of the INIT ACK chunk MUST use the source 1722 address associated with the received IP datagram as its sole 1723 destination address for the association. 1725 The State Cookie and Unrecognized Parameters use the Type-Length- 1726 Value format as defined in Section 3.2.1 and are described below. 1727 The other fields are defined the same as their counterparts in the 1728 INIT chunk. 1730 3.3.3.1. Optional or Variable-Length Parameters in INIT ACK chunks 1732 The State Cookie and Unrecognized Parameters use the Type-Length- 1733 Value format as defined in Section 3.2.1 and are described below. 1734 The IPv4 Address Parameter is described in Section 3.3.2.1.1, and the 1735 IPv6 Address Parameter is described in Section 3.3.2.1.2. The Host 1736 Name Address Parameter is described in Section 3.3.2.1.4 and MUST NOT 1737 be included in an INIT ACK chunk. Any Type-Length-Value fields MUST 1738 be placed after the fixed-length fields. (The fixed-length fields 1739 are defined in the previous section.) 1741 3.3.3.1.1. State Cookie (7) 1743 0 1 2 3 1744 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1745 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1746 | Type = 7 | Length | 1747 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1748 / Cookie / 1749 \ \ 1750 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1752 Cookie: variable length 1753 This parameter value MUST contain all the necessary state and 1754 parameter information required for the sender of this INIT ACK 1755 chunk to create the association, along with a Message 1756 Authentication Code (MAC). See Section 5.1.3 for details on State 1757 Cookie definition. 1759 3.3.3.1.2. Unrecognized Parameter (8) 1761 This parameter is returned to the originator of the INIT chunk when 1762 the INIT chunk contains an unrecognized parameter that has a type 1763 that indicates it SHOULD be reported to the sender. 1765 0 1 2 3 1766 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1767 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1768 | Type = 8 | Length | 1769 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1770 / Unrecognized Parameter / 1771 \ \ 1772 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1774 Unrecognized Parameter: variable length 1775 The parameter value field will contain an unrecognized parameter 1776 copied from the INIT chunk complete with Parameter Type, Length, 1777 and Value fields. 1779 3.3.4. Selective Acknowledgement (SACK) (3) 1781 This chunk is sent to the peer endpoint to acknowledge received DATA 1782 chunks and to inform the peer endpoint of gaps in the received 1783 subsequences of DATA chunks as represented by their TSNs. 1785 The SACK chunk MUST contain the Cumulative TSN Ack, Advertised 1786 Receiver Window Credit (a_rwnd), Number of Gap Ack Blocks, and Number 1787 of Duplicate TSNs fields. 1789 By definition, the value of the Cumulative TSN Ack parameter is the 1790 last TSN received before a break in the sequence of received TSNs 1791 occurs; the next TSN value following this one has not yet been 1792 received at the endpoint sending the SACK chunk. This parameter 1793 therefore acknowledges receipt of all TSNs less than or equal to its 1794 value. 1796 The handling of a_rwnd by the receiver of the SACK chunk is discussed 1797 in detail in Section 6.2.1. 1799 The SACK chunk also contains zero or more Gap Ack Blocks. Each Gap 1800 Ack Block acknowledges a subsequence of TSNs received following a 1801 break in the sequence of received TSNs. The Gap Ack Blocks SHOULD be 1802 isolated. This means that the TSN just before each Gap Ack Block and 1803 the TSN just after each Gap Ack Block have not been received. By 1804 definition, all TSNs acknowledged by Gap Ack Blocks are greater than 1805 the value of the Cumulative TSN Ack. 1807 0 1 2 3 1808 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1809 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1810 | Type = 3 | Chunk Flags | Chunk Length | 1811 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1812 | Cumulative TSN Ack | 1813 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1814 | Advertised Receiver Window Credit (a_rwnd) | 1815 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1816 | Number of Gap Ack Blocks = N | Number of Duplicate TSNs = M | 1817 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1818 | Gap Ack Block #1 Start | Gap Ack Block #1 End | 1819 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1820 / / 1821 \ ... \ 1822 / / 1823 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1824 | Gap Ack Block #N Start | Gap Ack Block #N End | 1825 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1826 | Duplicate TSN 1 | 1827 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1828 / / 1829 \ ... \ 1830 / / 1831 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1832 | Duplicate TSN M | 1833 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1835 Chunk Flags: 8 bits 1836 All set to 0 on transmit and ignored on receipt. 1838 Cumulative TSN Ack: 32 bits (unsigned integer) 1839 The largest TSN, such that all TSNs smaller than or equal to it 1840 have been received and the next one has not been received. In the 1841 case where no DATA chunk has been received, this value is set to 1842 the peer's Initial TSN minus one. 1844 Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned 1845 integer) 1846 This field indicates the updated receive buffer space in bytes of 1847 the sender of this SACK chunk; see Section 6.2.1 for details. 1849 Number of Gap Ack Blocks: 16 bits (unsigned integer) 1850 Indicates the number of Gap Ack Blocks included in this SACK 1851 chunk. 1853 Number of Duplicate TSNs: 16 bit 1854 This field contains the number of duplicate TSNs the endpoint has 1855 received. Each duplicate TSN is listed following the Gap Ack 1856 Block list. 1858 Gap Ack Blocks: 1859 These fields contain the Gap Ack Blocks. They are repeated for 1860 each Gap Ack Block up to the number of Gap Ack Blocks defined in 1861 the Number of Gap Ack Blocks field. All DATA chunks with TSNs 1862 greater than or equal to (Cumulative TSN Ack + Gap Ack Block 1863 Start) and less than or equal to (Cumulative TSN Ack + Gap Ack 1864 Block End) of each Gap Ack Block are assumed to have been received 1865 correctly. 1867 Gap Ack Block Start: 16 bits (unsigned integer) 1868 Indicates the Start offset TSN for this Gap Ack Block. To 1869 calculate the actual TSN number the Cumulative TSN Ack is added to 1870 this offset number. This calculated TSN identifies the lowest TSN 1871 in this Gap Ack Block that has been received. 1873 Gap Ack Block End: 16 bits (unsigned integer) 1874 Indicates the End offset TSN for this Gap Ack Block. To calculate 1875 the actual TSN number, the Cumulative TSN Ack is added to this 1876 offset number. This calculated TSN identifies the highest TSN in 1877 this Gap Ack Block that has been received. 1879 For example, assume that the receiver has the following DATA 1880 chunks newly arrived at the time when it decides to send a 1881 Selective ACK, 1883 ------------ 1884 | TSN = 17 | 1885 ------------ 1886 | | <- still missing 1887 ------------ 1888 | TSN = 15 | 1889 ------------ 1890 | TSN = 14 | 1891 ------------ 1892 | | <- still missing 1893 ------------ 1894 | TSN = 12 | 1895 ------------ 1896 | TSN = 11 | 1897 ------------ 1898 | TSN = 10 | 1899 ------------ 1901 then the parameter part of the SACK chunk MUST be constructed as 1902 follows (assuming the new a_rwnd is set to 4660 by the sender): 1904 +-------------------+-------------------+ 1905 | Cumulative TSN Ack = 12 | 1906 +-------------------+-------------------+ 1907 | a_rwnd = 4660 | 1908 +-------------------+-------------------+ 1909 | num of block = 2 | num of dup = 0 | 1910 +-------------------+-------------------+ 1911 |block #1 start = 2 | block #1 end = 3 | 1912 +-------------------+-------------------+ 1913 |block #2 start = 5 | block #2 end = 5 | 1914 +-------------------+-------------------+ 1916 Duplicate TSN: 32 bits (unsigned integer) 1917 Indicates the number of times a TSN was received in duplicate 1918 since the last SACK chunk was sent. Every time a receiver gets a 1919 duplicate TSN (before sending the SACK chunk), it adds it to the 1920 list of duplicates. The duplicate count is reinitialized to zero 1921 after sending each SACK chunk. 1923 For example, if a receiver were to get the TSN 19 three times it 1924 would list 19 twice in the outbound SACK chunk. After sending the 1925 SACK chunk, if it received yet one more TSN 19 it would list 19 as 1926 a duplicate once in the next outgoing SACK chunk. 1928 3.3.5. Heartbeat Request (HEARTBEAT) (4) 1930 An endpoint SHOULD send a HEARTBEAT (HB) chunk to its peer endpoint 1931 to probe the reachability of a particular destination transport 1932 address defined in the present association. 1934 The parameter field contains the Heartbeat Information, which is a 1935 variable-length opaque data structure understood only by the sender. 1937 0 1 2 3 1938 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1939 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1940 | Type = 4 | Chunk Flags | Heartbeat Length | 1941 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1942 \ \ 1943 / Heartbeat Information TLV (Variable-Length) / 1944 \ \ 1945 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1947 Chunk Flags: 8 bits 1948 Set to 0 on transmit and ignored on receipt. 1950 Heartbeat Length: 16 bits (unsigned integer) 1951 Set to the size of the chunk in bytes, including the chunk header 1952 and the Heartbeat Information field. 1954 Heartbeat Information: variable length 1955 Defined as a variable-length parameter using the format described 1956 in Section 3.2.1, i.e.: 1958 +---------------------+-----------+------------+ 1959 | Variable Parameters | Status | Type Value | 1960 +---------------------+-----------+------------+ 1961 | Heartbeat Info | Mandatory | 1 | 1962 +---------------------+-----------+------------+ 1964 Table 9: Variable Length Parameters of 1965 HEARTBEAT Chunks 1967 0 1 2 3 1968 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1969 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1970 | Heartbeat Info Type = 1 | HB Info Length | 1971 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1972 / Sender-Specific Heartbeat Info / 1973 \ \ 1974 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1976 The Sender-Specific Heartbeat Info field SHOULD include 1977 information about the sender's current time when this HEARTBEAT 1978 chunk is sent and the destination transport address to which this 1979 HEARTBEAT chunk is sent (see Section 8.3). This information is 1980 simply reflected back by the receiver in the HEARTBEAT ACK chunk 1981 (see Section 3.3.6). Note also that the HEARTBEAT chunk is both 1982 for reachability checking and for path verification (see 1983 Section 5.4). When a HEARTBEAT chunk is being used for path 1984 verification purposes, it MUST hold a random nonce of length 1985 64-bit or longer ([RFC4086] provides some information on 1986 randomness guidelines). 1988 3.3.6. Heartbeat Acknowledgement (HEARTBEAT ACK) (5) 1990 An endpoint MUST send this chunk to its peer endpoint as a response 1991 to a HEARTBEAT chunk (see Section 8.3). A packet containing the 1992 HEARTBEAT ACK chunk is always sent to the source IP address of the IP 1993 datagram containing the HEARTBEAT chunk to which this HEARTBEAT ACK 1994 chunk is responding. 1996 The parameter field contains a variable-length opaque data structure. 1998 0 1 2 3 1999 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2000 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2001 | Type = 5 | Chunk Flags | Heartbeat Ack Length | 2002 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2003 \ \ 2004 / Heartbeat Information TLV (Variable-Length) / 2005 \ \ 2006 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2008 Chunk Flags: 8 bits 2009 Set to 0 on transmit and ignored on receipt. 2011 Heartbeat Ack Length: 16 bits (unsigned integer) 2012 Set to the size of the chunk in bytes, including the chunk header 2013 and the Heartbeat Information field. 2015 Heartbeat Information: variable length 2016 This field MUST contain the Heartbeat Info parameter (as defined 2017 in Section 3.3.5) of the Heartbeat Request to which this Heartbeat 2018 Acknowledgement is responding. 2020 +---------------------+-----------+------------+ 2021 | Variable Parameters | Status | Type Value | 2022 +---------------------+-----------+------------+ 2023 | Heartbeat Info | Mandatory | 1 | 2024 +---------------------+-----------+------------+ 2026 Table 10: Variable Length Parameters of 2027 HEARTBEAT ACK Chunks 2029 3.3.7. Abort Association (ABORT) (6) 2031 The ABORT chunk is sent to the peer of an association to close the 2032 association. The ABORT chunk MAY contain Cause Parameters to inform 2033 the receiver about the reason of the abort. DATA chunks MUST NOT be 2034 bundled with ABORT chunks. Control chunks (except for INIT, INIT 2035 ACK, and SHUTDOWN COMPLETE) MAY be bundled with an ABORT chunk, but 2036 they MUST be placed before the ABORT chunk in the SCTP packet, 2037 otherwise they will be ignored by the receiver. 2039 If an endpoint receives an ABORT chunk with a format error or no TCB 2040 is found, it MUST silently discard it. Moreover, under any 2041 circumstances, an endpoint that receives an ABORT chunk MUST NOT 2042 respond to that ABORT chunk by sending an ABORT chunk of its own. 2044 0 1 2 3 2045 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2046 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2047 | Type = 6 | Reserved |T| Length | 2048 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2049 \ \ 2050 / zero or more Error Causes / 2051 \ \ 2052 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2054 Chunk Flags: 8 bits 2055 Reserved: 7 bits 2056 Set to 0 on transmit and ignored on receipt. 2058 T bit: 1 bit 2059 The T bit is set to 0 if the sender filled in the Verification 2060 Tag expected by the peer. If the Verification Tag is 2061 reflected, the T bit MUST be set to 1. Reflecting means that 2062 the sent Verification Tag is the same as the received one. 2064 Length: 16 bits (unsigned integer) 2065 Set to the size of the chunk in bytes, including the chunk header 2066 and all the Error Cause fields present. 2068 See Section 3.3.10 for Error Cause definitions. 2070 Note: Special rules apply to this chunk for verification; please see 2071 Section 8.5.1 for details. 2073 3.3.8. Shutdown Association (SHUTDOWN) (7) 2075 An endpoint in an association MUST use this chunk to initiate a 2076 graceful close of the association with its peer. This chunk has the 2077 following format. 2079 0 1 2 3 2080 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2081 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2082 | Type = 7 | Chunk Flags | Length = 8 | 2083 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2084 | Cumulative TSN Ack | 2085 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2087 Chunk Flags: 8 bits 2088 Set to 0 on transmit and ignored on receipt. 2090 Length: 16 bits (unsigned integer) 2091 Indicates the length of the parameter. Set to 8. 2093 Cumulative TSN Ack: 32 bits (unsigned integer) 2094 The largest TSN, such that all TSNs smaller than or equal to it 2095 have been received and the next one has not been received. 2097 Note: Since the SHUTDOWN chunk does not contain Gap Ack Blocks, it 2098 cannot be used to acknowledge TSNs received out of order. In a SACK 2099 chunk, lack of Gap Ack Blocks that were previously included indicates 2100 that the data receiver reneged on the associated DATA chunks. 2102 Since the SHUTDOWN chunk does not contain Gap Ack Blocks, the 2103 receiver of the SHUTDOWN chunk MUST NOT interpret the lack of a Gap 2104 Ack Block as a renege. (See Section 6.2 for information on 2105 reneging.) 2107 The sender of the SHUTDOWN chunk MAY bundle a SACK chunk to indicate 2108 any gaps in the received TSNs. 2110 3.3.9. Shutdown Acknowledgement (SHUTDOWN ACK) (8) 2112 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 2113 chunk at the completion of the shutdown process; see Section 9.2 for 2114 details. 2116 The SHUTDOWN ACK chunk has no parameters. 2118 0 1 2 3 2119 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2121 | Type = 8 | Chunk Flags | Length = 4 | 2122 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2124 Chunk Flags: 8 bits 2125 Set to 0 on transmit and ignored on receipt. 2127 3.3.10. Operation Error (ERROR) (9) 2129 An endpoint sends this chunk to its peer endpoint to notify it of 2130 certain error conditions. It contains one or more error causes. An 2131 Operation Error is not considered fatal in and of itself, but the 2132 corresponding error cause MAY be used with an ABORT chunk to report a 2133 fatal condition. An ERROR chunk has the following format: 2135 0 1 2 3 2136 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2137 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2138 | Type = 9 | Chunk Flags | Length | 2139 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2140 \ \ 2141 / one or more Error Causes / 2142 \ \ 2143 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2145 Chunk Flags: 8 bits 2146 Set to 0 on transmit and ignored on receipt. 2148 Length: 16 bits (unsigned integer) 2149 Set to the size of the chunk in bytes, including the chunk header 2150 and all the Error Cause fields present. 2152 Error causes are defined as variable-length parameters using the 2153 format described in Section 3.2.1, that is: 2155 0 1 2 3 2156 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2158 | Cause Code | Cause Length | 2159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2160 / Cause-Specific Information / 2161 \ \ 2162 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2164 Cause Code: 16 bits (unsigned integer) 2165 Defines the type of error conditions being reported. 2167 +-------+----------------------------------------------+ 2168 | Value | Cause Code | 2169 +-------+----------------------------------------------+ 2170 | 1 | Invalid Stream Identifier | 2171 +-------+----------------------------------------------+ 2172 | 2 | Missing Mandatory Parameter | 2173 +-------+----------------------------------------------+ 2174 | 3 | Stale Cookie Error | 2175 +-------+----------------------------------------------+ 2176 | 4 | Out of Resource | 2177 +-------+----------------------------------------------+ 2178 | 5 | Unresolvable Address | 2179 +-------+----------------------------------------------+ 2180 | 6 | Unrecognized Chunk Type | 2181 +-------+----------------------------------------------+ 2182 | 7 | Invalid Mandatory Parameter | 2183 +-------+----------------------------------------------+ 2184 | 8 | Unrecognized Parameters | 2185 +-------+----------------------------------------------+ 2186 | 9 | No User Data | 2187 +-------+----------------------------------------------+ 2188 | 10 | Cookie Received While Shutting Down | 2189 +-------+----------------------------------------------+ 2190 | 11 | Restart of an Association with New Addresses | 2191 +-------+----------------------------------------------+ 2192 | 12 | User Initiated Abort | 2193 +-------+----------------------------------------------+ 2194 | 13 | Protocol Violation | 2195 +-------+----------------------------------------------+ 2197 Table 11: Cause Code 2199 Cause Length: 16 bits (unsigned integer) 2200 Set to the size of the parameter in bytes, including the Cause 2201 Code, Cause Length, and Cause-Specific Information fields. 2203 Cause-Specific Information: variable length 2204 This field carries the details of the error condition. 2206 Section 3.3.10.1 - Section 3.3.10.13 define error causes for SCTP. 2207 Guidelines for the IETF to define new error cause values are 2208 discussed in Section 15.4. 2210 3.3.10.1. Invalid Stream Identifier (1) 2212 Indicates that the endpoint received a DATA chunk sent using a 2213 nonexistent stream. 2215 0 1 2 3 2216 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2217 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2218 | Cause Code = 1 | Cause Length = 8 | 2219 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2220 | Stream Identifier | (Reserved) | 2221 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2223 Stream Identifier: 16 bits (unsigned integer) 2224 Contains the Stream Identifier of the DATA chunk received in 2225 error. 2227 Reserved: 16 bits 2228 This field is reserved. It is set to all 0's on transmit and 2229 ignored on receipt. 2231 3.3.10.2. Missing Mandatory Parameter (2) 2233 Indicates that one or more mandatory TLV parameters are missing in a 2234 received INIT or INIT ACK chunk. 2236 0 1 2 3 2237 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2238 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2239 | Cause Code = 2 | Cause Length = 8 + N * 2 | 2240 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2241 | Number of missing params = N | 2242 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2243 | Missing Param Type #1 | Missing Param Type #2 | 2244 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2245 | Missing Param Type #N-1 | Missing Param Type #N | 2246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2248 Number of Missing params: 32 bits (unsigned integer) 2249 This field contains the number of parameters contained in the 2250 Cause-Specific Information field. 2252 Missing Param Type: 16 bits (unsigned integer) 2253 Each field will contain the missing mandatory parameter number. 2255 3.3.10.3. Stale Cookie Error (3) 2257 Indicates the receipt of a valid State Cookie that has expired. 2259 0 1 2 3 2260 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2262 | Cause Code = 3 | Cause Length = 8 | 2263 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2264 | Measure of Staleness (usec.) | 2265 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2267 Measure of Staleness: 32 bits (unsigned integer) 2268 This field contains the difference, rounded up in microseconds, 2269 between the current time and the time the State Cookie expired. 2271 The sender of this error cause MAY choose to report how long past 2272 expiration the State Cookie is by including a non-zero value in 2273 the Measure of Staleness field. If the sender does not wish to 2274 provide the Measure of Staleness, it SHOULD set this field to the 2275 value of zero. 2277 3.3.10.4. Out of Resource (4) 2279 Indicates that the sender is out of resource. This is usually sent 2280 in combination with or within an ABORT chunk. 2282 0 1 2 3 2283 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2284 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2285 | Cause Code = 4 | Cause Length = 4 | 2286 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2288 3.3.10.5. Unresolvable Address (5) 2290 Indicates that the sender is not able to resolve the specified 2291 address parameter (e.g., type of address is not supported by the 2292 sender). This is usually sent in combination with or within an ABORT 2293 chunk. 2295 0 1 2 3 2296 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2297 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2298 | Cause Code = 5 | Cause Length | 2299 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2300 / Unresolvable Address / 2301 \ \ 2302 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2304 Unresolvable Address: variable length 2305 The Unresolvable Address field contains the complete Type, Length, 2306 and Value of the address parameter (or Host Name parameter) that 2307 contains the unresolvable address or host name. 2309 3.3.10.6. Unrecognized Chunk Type (6) 2311 This error cause is returned to the originator of the chunk if the 2312 receiver does not understand the chunk and the upper bits of the 2313 'Chunk Type' are set to 01 or 11. 2315 0 1 2 3 2316 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2317 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2318 | Cause Code = 6 | Cause Length | 2319 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2320 / Unrecognized Chunk / 2321 \ \ 2322 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2324 Unrecognized Chunk: variable length 2325 The Unrecognized Chunk field contains the unrecognized chunk from 2326 the SCTP packet complete with Chunk Type, Chunk Flags, and Chunk 2327 Length. 2329 3.3.10.7. Invalid Mandatory Parameter (7) 2331 This error cause is returned to the originator of an INIT or INIT ACK 2332 chunk when one of the mandatory parameters is set to an invalid 2333 value. 2335 0 1 2 3 2336 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2337 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2338 | Cause Code = 7 | Cause Length = 4 | 2339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2341 3.3.10.8. Unrecognized Parameters (8) 2343 This error cause is returned to the originator of the INIT ACK chunk 2344 if the receiver does not recognize one or more Optional TLV 2345 parameters in the INIT ACK chunk. 2347 0 1 2 3 2348 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2349 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2350 | Cause Code = 8 | Cause Length | 2351 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2352 / Unrecognized Parameters / 2353 \ \ 2354 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2356 Unrecognized Parameters: variable length 2357 The Unrecognized Parameters field contains the unrecognized 2358 parameters copied from the INIT ACK chunk complete with TLV. This 2359 error cause is normally contained in an ERROR chunk bundled with 2360 the COOKIE ECHO chunk when responding to the INIT ACK chunk, when 2361 the sender of the COOKIE ECHO chunk wishes to report unrecognized 2362 parameters. 2364 3.3.10.9. No User Data (9) 2366 This error cause is returned to the originator of a DATA chunk if a 2367 received DATA chunk has no user data. 2369 0 1 2 3 2370 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2371 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2372 | Cause Code = 9 | Cause Length = 8 | 2373 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2374 | TSN | 2375 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2377 TSN: 32 bits (unsigned integer) 2378 This parameter contains the TSN of the DATA chunk received with no 2379 user data field. 2381 This cause code is normally returned in an ABORT chunk (see 2382 Section 6.2). 2384 3.3.10.10. Cookie Received While Shutting Down (10) 2386 A COOKIE ECHO chunk was received while the endpoint was in the 2387 SHUTDOWN-ACK-SENT state. This error is usually returned in an ERROR 2388 chunk bundled with the retransmitted SHUTDOWN ACK chunk. 2390 0 1 2 3 2391 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2392 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2393 | Cause Code = 10 | Cause Length = 4 | 2394 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2396 3.3.10.11. Restart of an Association with New Addresses (11) 2398 An INIT chunk was received on an existing association. But the INIT 2399 chunk added addresses to the association that were previously not 2400 part of the association. The new addresses are listed in the error 2401 cause. This error cause is normally sent as part of an ABORT chunk 2402 refusing the INIT chunk (see Section 5.2). 2404 0 1 2 3 2405 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2406 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2407 | Cause Code = 11 | Cause Length | 2408 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2409 / New Address TLVs / 2410 \ \ 2411 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2413 Note: Each New Address TLV is an exact copy of the TLV that was found 2414 in the INIT chunk that was new, including the Parameter Type and the 2415 Parameter Length. 2417 3.3.10.12. User-Initiated Abort (12) 2419 This error cause MAY be included in ABORT chunks that are sent 2420 because of an upper-layer request. The upper layer can specify an 2421 Upper Layer Abort Reason that is transported by SCTP transparently 2422 and MAY be delivered to the upper-layer protocol at the peer. 2424 0 1 2 3 2425 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2426 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2427 | Cause Code = 12 | Cause Length | 2428 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2429 / Upper Layer Abort Reason / 2430 \ \ 2431 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2433 3.3.10.13. Protocol Violation (13) 2435 This error cause MAY be included in ABORT chunks that are sent 2436 because an SCTP endpoint detects a protocol violation of the peer 2437 that is not covered by the error causes described in Section 3.3.10.1 2438 to Section 3.3.10.12. An implementation MAY provide additional 2439 information specifying what kind of protocol violation has been 2440 detected. 2442 0 1 2 3 2443 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2444 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2445 | Cause Code = 13 | Cause Length | 2446 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2447 / Additional Information / 2448 \ \ 2449 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2451 3.3.11. Cookie Echo (COOKIE ECHO) (10) 2453 This chunk is used only during the initialization of an association. 2454 It is sent by the initiator of an association to its peer to complete 2455 the initialization process. This chunk MUST precede any DATA chunk 2456 sent within the association, but MAY be bundled with one or more DATA 2457 chunks in the same packet. 2459 0 1 2 3 2460 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2461 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2462 | Type = 10 | Chunk Flags | Length | 2463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2464 / Cookie / 2465 \ \ 2466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2468 Chunk Flags: 8 bits 2469 Set to 0 on transmit and ignored on receipt. 2471 Length: 16 bits (unsigned integer) 2472 Set to the size of the chunk in bytes, including the 4 bytes of 2473 the chunk header and the size of the cookie. 2475 Cookie: variable size 2476 This field MUST contain the exact cookie received in the State 2477 Cookie parameter from the previous INIT ACK chunk. 2479 An implementation SHOULD make the cookie as small as possible to 2480 ensure interoperability. 2482 Note: A Cookie Echo does not contain a State Cookie parameter; 2483 instead, the data within the State Cookie's Parameter Value 2484 becomes the data within the Cookie Echo's Chunk Value. This 2485 allows an implementation to change only the first 2 bytes of the 2486 State Cookie parameter to become a COOKIE ECHO chunk. 2488 3.3.12. Cookie Acknowledgement (COOKIE ACK) (11) 2490 This chunk is used only during the initialization of an association. 2491 It is used to acknowledge the receipt of a COOKIE ECHO chunk. This 2492 chunk MUST precede any DATA or SACK chunk sent within the 2493 association, but MAY be bundled with one or more DATA chunks or SACK 2494 chunk's in the same SCTP packet. 2496 0 1 2 3 2497 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2498 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2499 | Type = 11 | Chunk Flags | Length = 4 | 2500 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2502 Chunk Flags: 8 bits 2503 Set to 0 on transmit and ignored on receipt. 2505 3.3.13. Shutdown Complete (SHUTDOWN COMPLETE) (14) 2507 This chunk MUST be used to acknowledge the receipt of the SHUTDOWN 2508 ACK chunk at the completion of the shutdown process; see Section 9.2 2509 for details. 2511 The SHUTDOWN COMPLETE chunk has no parameters. 2513 0 1 2 3 2514 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2515 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2516 | Type = 14 | Reserved |T| Length = 4 | 2517 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2519 Chunk Flags: 8 bits 2520 Reserved: 7 bits 2521 Set to 0 on transmit and ignored on receipt. 2523 T bit: 1 bit 2524 The T bit is set to 0 if the sender filled in the Verification 2525 Tag expected by the peer. If the Verification Tag is 2526 reflected, the T bit MUST be set to 1. Reflecting means that 2527 the sent Verification Tag is the same as the received one. 2529 Note: Special rules apply to this chunk for verification, please see 2530 Section 8.5.1 for details. 2532 4. SCTP Association State Diagram 2534 During the life time of an SCTP association, the SCTP endpoint's 2535 association progresses from one state to another in response to 2536 various events. The events that might potentially advance an 2537 association's state include: 2539 * SCTP user primitive calls, e.g., [ASSOCIATE], [SHUTDOWN], [ABORT], 2541 * Reception of INIT, COOKIE ECHO, ABORT, SHUTDOWN, etc., control 2542 chunks, or 2544 * Some timeout events. 2546 The state diagram in the figures below illustrates state changes, 2547 together with the causing events and resulting actions. Note that 2548 some of the error conditions are not shown in the state diagram. 2549 Full descriptions of all special cases are found in the text. 2551 Note: Chunk names are given in all capital letters, while parameter 2552 names have the first letter capitalized, e.g., COOKIE ECHO chunk type 2553 vs. State Cookie parameter. If more than one event/message can occur 2554 that causes a state transition, it is labeled (A), (B). 2556 ----- -------- (from any state) 2557 / \ /receive ABORT [ABORT] 2558 receive INIT | | |-------------- or ---------- 2559 ---------------------| v v delete TCB send ABORT 2560 generate State Cookie \ +---------+ delete TCB 2561 send INIT ACK ---| CLOSED | 2562 +---------+ 2563 / \ 2564 / \ [ASSOCIATE] 2565 | |----------------- 2566 | | create TCB 2567 | | send INIT 2568 receive valid | | start T1-init timer 2569 COOKIE ECHO | v 2570 (1) -----------------| +-----------+ 2571 create TCB | |COOKIE-WAIT| (2) 2572 send COOKIE ACK | +-----------+ 2573 | | 2574 | | receive INIT ACK 2575 | |------------------- 2576 | | send COOKIE ECHO 2577 | | stop T1-init timer 2578 | | start T1-cookie timer 2579 | v 2580 | +-------------+ 2581 | |COOKIE-ECHOED| (3) 2582 | +-------------+ 2583 | | 2584 | | receive COOKIE ACK 2585 | |------------------- 2586 | | stop T1-cookie timer 2587 v v 2588 +---------------+ 2589 | ESTABLISHED | 2590 +---------------+ 2591 | 2592 | 2593 /--------+--------\ 2594 [SHUTDOWN] / \ 2595 -------------------| | 2596 check outstanding | | 2597 DATA chunks | | 2598 v | 2599 +----------------+ | 2600 |SHUTDOWN-PENDING| | receive SHUTDOWN 2601 +----------------+ |------------------ 2602 | check outstanding 2603 | | DATA chunks 2604 No more outstanding | | 2605 -----------------------| | 2606 send SHUTDOWN | | 2607 start T2-shutdown timer| | 2608 v v 2609 +-------------+ +-----------------+ 2610 (4) |SHUTDOWN-SENT| |SHUTDOWN-RECEIVED| (5,6) 2611 +-------------+ +-----------------+ 2612 | \ | 2613 receive SHUTDOWN ACK | \ | 2614 -----------------------| \ | 2615 stop T2-shutdown timer | \ | 2616 send SHUTDOWN COMPLETE | \ | 2617 delete TCB | \ | 2618 | \ | No more outstanding 2619 | \ |-------------------- 2620 | \ | send SHUTDOWN ACK 2621 receive SHUTDOWN -|- \ | start T2-shutdown timer 2622 --------------------/ | \----------\ | 2623 send SHUTDOWN ACK | \ | 2624 start T2-shutdown timer| \ | 2625 | \ | 2626 | | | 2627 | v v 2628 | +-----------------+ 2629 | |SHUTDOWN-ACK-SENT| (7) 2630 | +-----------------+ 2631 | | (A) 2632 | |receive SHUTDOWN COMPLETE 2633 | |------------------------- 2634 | | stop T2-shutdown timer 2635 | | delete TCB 2636 | | 2637 | | (B) 2638 | | receive SHUTDOWN ACK 2639 | |----------------------- 2640 | | stop T2-shutdown timer 2641 | | send SHUTDOWN COMPLETE 2642 | | delete TCB 2643 | | 2644 \ +---------+ / 2645 \-->| CLOSED |<--/ 2646 +---------+ 2648 Figure 3: State Transition Diagram of SCTP 2650 The following applies: 2652 1) If the State Cookie in the received COOKIE ECHO chunk is invalid 2653 (i.e., failed to pass the integrity check), the receiver MUST 2654 silently discard the packet. Or, if the received State Cookie is 2655 expired (see Section 5.1.5), the receiver MUST send back an ERROR 2656 chunk. In either case, the receiver stays in the CLOSED state. 2658 2) If the T1-init timer expires, the endpoint MUST retransmit the 2659 INIT chunk and restart the T1-init timer without changing state. 2660 This MUST be repeated up to 'Max.Init.Retransmits' times. After 2661 that, the endpoint MUST abort the initialization process and 2662 report the error to the SCTP user. 2664 3) If the T1-cookie timer expires, the endpoint MUST retransmit 2665 COOKIE ECHO chunk and restart the T1-cookie timer without 2666 changing state. This MUST be repeated up to 2667 'Max.Init.Retransmits' times. After that, the endpoint MUST 2668 abort the initialization process and report the error to the SCTP 2669 user. 2671 4) In the SHUTDOWN-SENT state, the endpoint MUST acknowledge any 2672 received DATA chunks without delay. 2674 5) In the SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any 2675 new send requests from its SCTP user. 2677 6) In the SHUTDOWN-RECEIVED state, the endpoint MUST transmit or 2678 retransmit data and leave this state when all data in queue is 2679 transmitted. 2681 7) In the SHUTDOWN-ACK-SENT state, the endpoint MUST NOT accept any 2682 new send requests from its SCTP user. 2684 The CLOSED state is used to indicate that an association is not 2685 created (i.e., does not exist). 2687 5. Association Initialization 2689 Before the first data transmission can take place from one SCTP 2690 endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints MUST 2691 complete an initialization process in order to set up an SCTP 2692 association between them. 2694 The SCTP user at an endpoint can use the ASSOCIATE primitive to 2695 initialize an SCTP association to another SCTP endpoint. 2697 Implementation Note: From an SCTP user's point of view, an 2698 association might be implicitly opened, without an ASSOCIATE 2699 primitive (see Section 11.1.2) being invoked, by the initiating 2700 endpoint's sending of the first user data to the destination 2701 endpoint. The initiating SCTP will assume default values for all 2702 mandatory and optional parameters for the INIT/INIT ACK chunk. 2704 Once the association is established, unidirectional streams are open 2705 for data transfer on both ends (see Section 5.1.1). 2707 5.1. Normal Establishment of an Association 2709 The initialization process consists of the following steps (assuming 2710 that SCTP endpoint "A" tries to set up an association with SCTP 2711 endpoint "Z" and "Z" accepts the new association): 2713 A) "A" first builds a TCB and sends an INIT chunk to "Z". In the 2714 INIT chunk, "A" MUST provide its Verification Tag (Tag_A) in the 2715 Initiate Tag field. Tag_A SHOULD be a random number in the range 2716 of 1 to 4294967295 (see Section 5.3.1 for Tag value selection). 2717 After sending the INIT chunk, "A" starts the T1-init timer and 2718 enters the COOKIE-WAIT state. 2720 B) "Z" responds immediately with an INIT ACK chunk. The destination 2721 IP address of the INIT ACK chunk MUST be set to the source IP 2722 address of the INIT chunk to which this INIT ACK chunk is 2723 responding. In the response, besides filling in other 2724 parameters, "Z" MUST set the Verification Tag field to Tag_A, and 2725 also provide its own Verification Tag (Tag_Z) in the Initiate Tag 2726 field. 2728 Moreover, "Z" MUST generate and send along with the INIT ACK 2729 chunk a State Cookie. See Section 5.1.3 for State Cookie 2730 generation. 2732 After sending an INIT ACK chunk with the State Cookie parameter, 2733 "Z" MUST NOT allocate any resources or keep any states for the 2734 new association. Otherwise, "Z" will be vulnerable to resource 2735 attacks. 2737 C) Upon reception of the INIT ACK chunk from "Z", "A" stops the 2738 T1-init timer and leaves the COOKIE-WAIT state. "A" then sends 2739 the State Cookie received in the INIT ACK chunk in a COOKIE ECHO 2740 chunk, starts the T1-cookie timer, and enters the COOKIE-ECHOED 2741 state. 2743 The COOKIE ECHO chunk MAY be bundled with any pending outbound 2744 DATA chunks, but it MUST be the first chunk in the packet and 2745 until the COOKIE ACK chunk is returned the sender MUST NOT send 2746 any other packets to the peer. 2748 D) Upon reception of the COOKIE ECHO chunk, endpoint "Z" replies 2749 with a COOKIE ACK chunk after building a TCB and moving to the 2750 ESTABLISHED state. A COOKIE ACK chunk MAY be bundled with any 2751 pending DATA chunks (and/or SACK chunks), but the COOKIE ACK 2752 chunk MUST be the first chunk in the packet. 2754 Implementation Note: An implementation can choose to send the 2755 Communication Up notification to the SCTP user upon reception of 2756 a valid COOKIE ECHO chunk. 2758 E) Upon reception of the COOKIE ACK chunk, endpoint "A" moves from 2759 the COOKIE-ECHOED state to the ESTABLISHED state, stopping the 2760 T1-cookie timer. It can also notify its ULP about the successful 2761 establishment of the association with a Communication Up 2762 notification (see Section 11). 2764 An INIT or INIT ACK chunk MUST NOT be bundled with any other chunk. 2765 They MUST be the only chunks present in the SCTP packets that carry 2766 them. 2768 An endpoint MUST send the INIT ACK chunk to the IP address from which 2769 it received the INIT chunk. 2771 T1-init timer and T1-cookie timer SHOULD follow the same rules given 2772 in Section 6.3. If the application provided multiple IP addresses of 2773 the peer, there SHOULD be a T1-init and T1-cookie timer for each 2774 address of the peer. Retransmissions of INIT chunks and COOKIE ECHO 2775 chunks SHOULD use all addresses of the peer similar to 2776 retransmissions of DATA chunks. 2778 If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but 2779 decides not to establish the new association due to missing mandatory 2780 parameters in the received INIT or INIT ACK chunk, invalid parameter 2781 values, or lack of local resources, it SHOULD respond with an ABORT 2782 chunk. It SHOULD also specify the cause of abort, such as the type 2783 of the missing mandatory parameters, etc., by including the error 2784 cause parameters with the ABORT chunk. The Verification Tag field in 2785 the common header of the outbound SCTP packet containing the ABORT 2786 chunk MUST be set to the Initiate Tag value of the received INIT or 2787 INIT ACK chunk this ABORT chunk is responding to. 2789 Note that a COOKIE ECHO chunk that does not pass the integrity check 2790 is not considered an 'invalid mandatory parameter' and requires 2791 special handling; see Section 5.1.5. 2793 After the reception of the first DATA chunk in an association the 2794 endpoint MUST immediately respond with a SACK chunk to acknowledge 2795 the DATA chunk. Subsequent acknowledgements SHOULD be done as 2796 described in Section 6.2. 2798 When the TCB is created, each endpoint MUST set its internal 2799 Cumulative TSN Ack Point to the value of its transmitted Initial TSN 2800 minus one. 2802 Implementation Note: The IP addresses and SCTP port are generally 2803 used as the key to find the TCB within an SCTP instance. 2805 5.1.1. Handle Stream Parameters 2807 In the INIT and INIT ACK chunks, the sender of the chunk MUST 2808 indicate the number of outbound streams (OSs) it wishes to have in 2809 the association, as well as the maximum inbound streams (MISs) it 2810 will accept from the other endpoint. 2812 After receiving the stream configuration information from the other 2813 side, each endpoint MUST perform the following check: If the peer's 2814 MIS is less than the endpoint's OS, meaning that the peer is 2815 incapable of supporting all the outbound streams the endpoint wants 2816 to configure, the endpoint MUST use MIS outbound streams and MAY 2817 report any shortage to the upper layer. The upper layer can then 2818 choose to abort the association if the resource shortage is 2819 unacceptable. 2821 After the association is initialized, the valid outbound stream 2822 identifier range for either endpoint MUST be 0 to min(local OS, 2823 remote MIS) - 1. 2825 5.1.2. Handle Address Parameters 2827 During the association initialization, an endpoint uses the following 2828 rules to discover and collect the destination transport address(es) 2829 of its peer. 2831 A) If there are no address parameters present in the received INIT 2832 or INIT ACK chunk, the endpoint MUST take the source IP address 2833 from which the chunk arrives and record it, in combination with 2834 the SCTP source port number, as the only destination transport 2835 address for this peer. 2837 B) If there is a Host Name Address parameter present in the received 2838 INIT or INIT ACK chunk, the endpoint MUST immediately send an 2839 ABORT chunk and MAY include an "Unresolvable Address" error cause 2840 to its peer. The ABORT chunk SHOULD be sent to the source IP 2841 address from which the last peer packet was received. 2843 C) If there are only IPv4/IPv6 addresses present in the received 2844 INIT or INIT ACK chunk, the receiver MUST derive and record all 2845 the transport addresses from the received chunk AND the source IP 2846 address that sent the INIT or INIT ACK chunk. The transport 2847 addresses are derived by the combination of SCTP source port 2848 (from the common header) and the IP Address parameter(s) carried 2849 in the INIT or INIT ACK chunk and the source IP address of the IP 2850 datagram. The receiver SHOULD use only these transport addresses 2851 as destination transport addresses when sending subsequent 2852 packets to its peer. 2854 D) An INIT or INIT ACK chunk MUST be treated as belonging to an 2855 already established association (or one in the process of being 2856 established) if the use of any of the valid address parameters 2857 contained within the chunk would identify an existing TCB. 2859 Implementation Note: In some cases (e.g., when the implementation 2860 does not control the source IP address that is used for 2861 transmitting), an endpoint might need to include in its INIT or INIT 2862 ACK chunk all possible IP addresses from which packets to the peer 2863 could be transmitted. 2865 After all transport addresses are derived from the INIT or INIT ACK 2866 chunk using the above rules, the endpoint selects one of the 2867 transport addresses as the initial primary path. 2869 The packet containing the INIT ACK chunk MUST be sent to the source 2870 address of the packet containing the INIT chunk. 2872 The sender of INIT chunks MAY include a 'Supported Address Types' 2873 parameter in the INIT chunk to indicate what types of addresses are 2874 acceptable. 2876 Implementation Note: In the case that the receiver of an INIT ACK 2877 chunk fails to resolve the address parameter due to an unsupported 2878 type, it can abort the initiation process and then attempt a 2879 reinitiation by using a 'Supported Address Types' parameter in the 2880 new INIT chunk to indicate what types of address it prefers. 2882 If an SCTP endpoint that only supports either IPv4 or IPv6 receives 2883 IPv4 and IPv6 addresses in an INIT or INIT ACK chunk from its peer, 2884 it MUST use all the addresses belonging to the supported address 2885 family. The other addresses MAY be ignored. The endpoint SHOULD NOT 2886 respond with any kind of error indication. 2888 If an SCTP endpoint lists in the 'Supported Address Types' parameter 2889 either IPv4 or IPv6, but uses the other family for sending the packet 2890 containing the INIT chunk, or if it also lists addresses of the other 2891 family in the INIT chunk, then the address family that is not listed 2892 in the 'Supported Address Types' parameter SHOULD also be considered 2893 as supported by the receiver of the INIT chunk. The receiver of the 2894 INIT chunk SHOULD NOT respond with any kind of error indication. 2896 5.1.3. Generating State Cookie 2898 When sending an INIT ACK chunk as a response to an INIT chunk, the 2899 sender of INIT ACK chunk creates a State Cookie and sends it in the 2900 State Cookie parameter of the INIT ACK chunk. Inside this State 2901 Cookie, the sender SHOULD include a MAC (see [RFC2104] for an 2902 example), a timestamp on when the State Cookie is created, and the 2903 lifespan of the State Cookie, along with all the information 2904 necessary for it to establish the association including the port 2905 numbers and the verification tags. 2907 The method used to generate the MAC is strictly a private matter for 2908 the receiver of the INIT chunk. The use of a MAC is mandatory to 2909 prevent denial-of-service attacks. MAC algorithms can have different 2910 performance depending on the platform. Choosing a high performance 2911 MAC algorithm increases the resistance against cookie flooding 2912 attacks. A MAC with acceptable security properties SHOULD be used. 2914 The secret key SHOULD be random ([RFC4086] provides some information 2915 on randomness guidelines). The secret keys need to have an 2916 appropriate size. The secret key SHOULD be changed reasonably 2917 frequently (e.g., hourly), and the timestamp in the State Cookie MAY 2918 be used to determine which key is used to verify the MAC. 2920 Since the State Cookie is not encrypted, it MUST NOT contain 2921 information which is not being envisioned to be shared. 2923 An implementation SHOULD make the cookie as small as possible to 2924 ensure interoperability. 2926 5.1.4. State Cookie Processing 2928 When an endpoint (in the COOKIE-WAIT state) receives an INIT ACK 2929 chunk with a State Cookie parameter, it MUST immediately send a 2930 COOKIE ECHO chunk to its peer with the received State Cookie. The 2931 sender MAY also add any pending DATA chunks to the packet after the 2932 COOKIE ECHO chunk. 2934 The endpoint MUST also start the T1-cookie timer after sending the 2935 COOKIE ECHO chunk. If the timer expires, the endpoint MUST 2936 retransmit the COOKIE ECHO chunk and restart the T1-cookie timer. 2937 This is repeated until either a COOKIE ACK chunk is received or 2938 'Max.Init.Retransmits' (see Section 16) is reached causing the peer 2939 endpoint to be marked unreachable (and thus the association enters 2940 the CLOSED state). 2942 5.1.5. State Cookie Authentication 2944 When an endpoint receives a COOKIE ECHO chunk from another endpoint 2945 with which it has no association, it takes the following actions: 2947 1) Compute a MAC using the information carried in the State Cookie 2948 and the secret key. The timestamp in the State Cookie MAY be 2949 used to determine which secret key to use. If secrets are kept 2950 only for a limited amount of time and the secret key to use is 2951 not available anymore, the packet containing the COOKIE ECHO 2952 chunk MUST be silently discarded. [RFC2104] can be used as a 2953 guideline for generating the MAC, 2955 2) Authenticate the State Cookie as one that it previously generated 2956 by comparing the computed MAC against the one carried in the 2957 State Cookie. If this comparison fails, the SCTP packet, 2958 including the COOKIE ECHO chunk and any DATA chunks, SHOULD be 2959 silently discarded, 2961 3) Compare the port numbers and the Verification Tag contained 2962 within the COOKIE ECHO chunk to the actual port numbers and the 2963 Verification Tag within the SCTP common header of the received 2964 packet. If these values do not match, the packet MUST be 2965 silently discarded. 2967 4) Compare the creation timestamp in the State Cookie to the current 2968 local time. If the elapsed time is longer than the lifespan 2969 carried in the State Cookie, then the packet, including the 2970 COOKIE ECHO chunk and any attached DATA chunks, SHOULD be 2971 discarded, and the endpoint MUST transmit an ERROR chunk with a 2972 "Stale Cookie" error cause to the peer endpoint. 2974 5) If the State Cookie is valid, create an association to the sender 2975 of the COOKIE ECHO chunk with the information in the State Cookie 2976 carried in the COOKIE ECHO chunk and enter the ESTABLISHED state. 2978 6) Send a COOKIE ACK chunk to the peer acknowledging receipt of the 2979 COOKIE ECHO chunk. The COOKIE ACK chunk MAY be bundled with an 2980 outbound DATA chunk or SACK chunk; however, the COOKIE ACK chunk 2981 MUST be the first chunk in the SCTP packet. 2983 7) Immediately acknowledge any DATA chunk bundled with the COOKIE 2984 ECHO chunk with a SACK chunk (subsequent DATA chunk 2985 acknowledgement SHOULD follow the rules defined in Section 6.2). 2986 As mentioned in step 6, if the SACK chunk is bundled with the 2987 COOKIE ACK chunk, the COOKIE ACK chunk MUST appear first in the 2988 SCTP packet. 2990 If a COOKIE ECHO chunk is received from an endpoint with which the 2991 receiver of the COOKIE ECHO chunk has an existing association, the 2992 procedures in Section 5.2 SHOULD be followed. 2994 5.1.6. An Example of Normal Association Establishment 2996 In the following example, "A" initiates the association and then 2997 sends a user message to "Z", then "Z" sends two user messages to "A" 2998 later (assuming no bundling or fragmentation occurs): 3000 Endpoint A Endpoint Z 3001 {app sets association with Z} 3002 (build TCB) 3003 INIT [I-Tag=Tag_A 3004 & other info] ------\ 3005 (Start T1-init timer) \ 3006 (Enter COOKIE-WAIT state) \---> (compose Cookie_Z) 3007 /-- INIT ACK [Veri Tag=Tag_A, 3008 / I-Tag=Tag_Z, 3009 (Cancel T1-init timer) <------/ Cookie_Z, & other info] 3011 COOKIE ECHO [Cookie_Z] ------\ 3012 (Start T1-cookie timer) \ 3013 (Enter COOKIE-ECHOED state) \---> (build TCB, enter ESTABLISHED 3014 state) 3015 /---- COOKIE ACK 3016 / 3017 (Cancel T1-cookie timer, <---/ 3018 enter ESTABLISHED state) 3019 {app sends 1st user data; strm 0} 3020 DATA [TSN=init TSN_A 3021 Strm=0,Seq=0 & user data]--\ 3022 (Start T3-rtx timer) \ 3023 \-> 3024 /----- SACK [TSN Ack=init TSN_A, 3025 Block=0] 3026 (Cancel T3-rtx timer) <------/ 3027 ... 3028 {app sends 2 messages;strm 0} 3029 /---- DATA 3030 / [TSN=init TSN_Z, 3031 <--/ Strm=0,Seq=0 & user data 1] 3032 SACK [TSN Ack=init TSN_Z, /---- DATA 3033 Block=0] --------\ / [TSN=init TSN_Z +1, 3034 \/ Strm=0,Seq=1 & user data 2] 3035 <------/\ 3036 \ 3037 \------> 3039 Figure 4: A Setup Example 3041 If the T1-init timer expires at "A" after the INIT or COOKIE ECHO 3042 chunks are sent, the same INIT or COOKIE ECHO chunk with the same 3043 Initiate Tag (i.e., Tag_A) or State Cookie is retransmitted and the 3044 timer restarted. This is repeated 'Max.Init.Retransmits' times 3045 before "A" considers "Z" unreachable and reports the failure to its 3046 upper layer (and thus the association enters the CLOSED state). 3048 When retransmitting the INIT chunk, the endpoint MUST follow the 3049 rules defined in Section 6.3 to determine the proper timer value. 3051 5.2. Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE ECHO, and 3052 COOKIE ACK Chunks 3054 During the life time of an association (in one of the possible 3055 states), an endpoint can receive from its peer endpoint one of the 3056 setup chunks (INIT, INIT ACK, COOKIE ECHO, and COOKIE ACK). The 3057 receiver treats such a setup chunk as a duplicate and process it as 3058 described in this section. 3060 Note: An endpoint will not receive the chunk unless the chunk was 3061 sent to an SCTP transport address and is from an SCTP transport 3062 address associated with this endpoint. Therefore, the endpoint 3063 processes such a chunk as part of its current association. 3065 The following scenarios can cause duplicated or unexpected chunks: 3067 A) The peer has crashed without being detected, restarted itself, 3068 and sent a new INIT chunk trying to restore the association, 3070 B) Both sides are trying to initialize the association at about the 3071 same time, 3073 C) The chunk is from a stale packet that was used to establish the 3074 present association or a past association that is no longer in 3075 existence, 3077 D) The chunk is a false packet generated by an attacker, or 3079 E) The peer never received the COOKIE ACK chunk and is 3080 retransmitting its COOKIE ECHO chunk. 3082 The rules in the following sections are applied in order to identify 3083 and correctly handle these cases. 3085 5.2.1. INIT Chunk Received in COOKIE-WAIT or COOKIE-ECHOED State (Item 3086 B) 3088 This usually indicates an initialization collision, i.e., each 3089 endpoint is attempting, at about the same time, to establish an 3090 association with the other endpoint. 3092 Upon receipt of an INIT chunk in the COOKIE-WAIT state, an endpoint 3093 MUST respond with an INIT ACK chunk using the same parameters it sent 3094 in its original INIT chunk (including its Initiate Tag, unchanged). 3095 When responding, the following rules MUST be applied: 3097 1) The packet containing the INIT ACK chunk MUST only be sent to an 3098 address passed by the upper layer in the request to initialize 3099 the association. 3101 2) The packet containing the INIT ACK chunk MUST only be sent to an 3102 address reported in the incoming INIT chunk. 3104 3) The packet containing the INIT ACK chunk SHOULD be sent to the 3105 source address of the received packet containing the INIT chunk. 3107 Upon receipt of an INIT chunk in the COOKIE-ECHOED state, an endpoint 3108 MUST respond with an INIT ACK chunk using the same parameters it sent 3109 in its original INIT chunk (including its Initiate Tag, unchanged), 3110 provided that no NEW address has been added to the forming 3111 association. If the INIT chunk indicates that a new address has been 3112 added to the association, then the entire INIT chunk MUST be 3113 discarded, and SHOULD NOT do any changes to the existing association. 3114 An ABORT chunk SHOULD be sent in response that MAY include the error 3115 'Restart of an association with new addresses'. The error SHOULD 3116 list the addresses that were added to the restarting association. 3118 When responding in either state (COOKIE-WAIT or COOKIE-ECHOED) with 3119 an INIT ACK chunk, the original parameters are combined with those 3120 from the newly received INIT chunk. The endpoint MUST also generate 3121 a State Cookie with the INIT ACK chunk. The endpoint uses the 3122 parameters sent in its INIT chunk to calculate the State Cookie. 3124 After that, the endpoint MUST NOT change its state, the T1-init timer 3125 MUST be left running, and the corresponding TCB MUST NOT be 3126 destroyed. The normal procedures for handling State Cookies when a 3127 TCB exists will resolve the duplicate INIT chunks to a single 3128 association. 3130 For an endpoint that is in the COOKIE-ECHOED state, it MUST populate 3131 its Tie-Tags within both the association TCB and inside the State 3132 Cookie (see Section 5.2.2 for a description of the Tie-Tags). 3134 5.2.2. Unexpected INIT Chunk in States Other than CLOSED, COOKIE- 3135 ECHOED, COOKIE-WAIT, and SHUTDOWN-ACK-SENT 3137 Unless otherwise stated, upon receipt of an unexpected INIT chunk for 3138 this association, the endpoint MUST generate an INIT ACK chunk with a 3139 State Cookie. Before responding, the endpoint MUST check to see if 3140 the unexpected INIT chunk adds new addresses to the association. If 3141 new addresses are added to the association, the endpoint MUST respond 3142 with an ABORT chunk, copying the 'Initiate Tag' of the unexpected 3143 INIT chunk into the 'Verification Tag' of the outbound packet 3144 carrying the ABORT chunk. In the ABORT chunk, the error cause MAY be 3145 set to 'restart of an association with new addresses'. The error 3146 SHOULD list the addresses that were added to the restarting 3147 association. If no new addresses are added, when responding to the 3148 INIT chunk in the outbound INIT ACK chunk, the endpoint MUST copy its 3149 current Tie-Tags to a reserved place within the State Cookie and the 3150 association's TCB. We refer to these locations inside the cookie as 3151 the Peer's-Tie-Tag and the Local-Tie-Tag. We will refer to the copy 3152 within an association's TCB as the Local Tag and Peer's Tag. The 3153 outbound SCTP packet containing this INIT ACK chunk MUST carry a 3154 Verification Tag value equal to the Initiate Tag found in the 3155 unexpected INIT chunk. And the INIT ACK chunk MUST contain a new 3156 Initiate Tag (randomly generated; see Section 5.3.1). Other 3157 parameters for the endpoint SHOULD be copied from the existing 3158 parameters of the association (e.g., number of outbound streams) into 3159 the INIT ACK chunk and cookie. 3161 After sending the INIT ACK or ABORT chunk, the endpoint MUST take no 3162 further actions; i.e., the existing association, including its 3163 current state, and the corresponding TCB MUST NOT be changed. 3165 Only when a TCB exists and the association is not in a COOKIE-WAIT or 3166 SHUTDOWN-ACK-SENT state are the Tie-Tags populated with a random 3167 value other than 0. For a normal association INIT chunk (i.e., the 3168 endpoint is in the CLOSED state), the Tie-Tags MUST be set to 0 3169 (indicating that no previous TCB existed). 3171 5.2.3. Unexpected INIT ACK Chunk 3173 If an INIT ACK chunk is received by an endpoint in any state other 3174 than the COOKIE-WAIT or CLOSED state, the endpoint SHOULD discard the 3175 INIT ACK chunk. An unexpected INIT ACK chunk usually indicates the 3176 processing of an old or duplicated INIT chunk. 3178 5.2.4. Handle a COOKIE ECHO Chunk when a TCB Exists 3180 When a COOKIE ECHO chunk is received by an endpoint in any state for 3181 an existing association (i.e., not in the CLOSED state) the following 3182 rules are applied: 3184 1) Compute a MAC as described in step 1 of Section 5.1.5, 3186 2) Authenticate the State Cookie as described in step 2 of 3187 Section 5.1.5 (this is case C or D above). 3189 3) Compare the timestamp in the State Cookie to the current time. 3190 If the State Cookie is older than the lifespan carried in the 3191 State Cookie and the Verification Tags contained in the State 3192 Cookie do not match the current association's Verification Tags, 3193 the packet, including the COOKIE ECHO chunk and any DATA chunks, 3194 SHOULD be discarded. The endpoint also MUST transmit an ERROR 3195 chunk with a "Stale Cookie" error cause to the peer endpoint 3196 (this is case C or D in Section 5.2). 3198 If both Verification Tags in the State Cookie match the 3199 Verification Tags of the current association, consider the State 3200 Cookie valid (this is case E in Section 5.2) even if the lifespan 3201 is exceeded. 3203 4) If the State Cookie proves to be valid, unpack the TCB into a 3204 temporary TCB. 3206 5) Refer to Table 12 to determine the correct action to be taken. 3208 +-----------+------------+---------------+----------------+--------+ 3209 | Local Tag | Peer's Tag | Local-Tie-Tag | Peer's-Tie-Tag | Action | 3210 +-----------+------------+---------------+----------------+--------+ 3211 | X | X | M | M | (A) | 3212 +-----------+------------+---------------+----------------+--------+ 3213 | M | X | A | A | (B) | 3214 +-----------+------------+---------------+----------------+--------+ 3215 | M | 0 | A | A | (B) | 3216 +-----------+------------+---------------+----------------+--------+ 3217 | X | M | 0 | 0 | (C) | 3218 +-----------+------------+---------------+----------------+--------+ 3219 | M | M | A | A | (D) | 3220 +-----------+------------+---------------+----------------+--------+ 3222 Table 12: Handling of a COOKIE ECHO Chunk when a TCB Exists 3224 Legend: 3226 X - Tag does not match the existing TCB. 3227 M - Tag matches the existing TCB. 3228 0 - Tag unknown (Peer's Tag not known yet / No tie-tag in cookie). 3229 A - All cases, i.e., M, X, or 0. 3231 For any case not shown in Table 12, the cookie SHOULD be silently 3232 discarded. 3234 Action 3236 A) In this case, the peer might have restarted. When the endpoint 3237 recognizes this potential 'restart', the existing session is 3238 treated the same as if it received an ABORT chunk followed by a 3239 new COOKIE ECHO chunk with the following exceptions: 3241 * Any SCTP DATA chunks MAY be retained (this is an 3242 implementation-specific option). 3244 * A notification of RESTART SHOULD be sent to the ULP instead of 3245 a "COMMUNICATION LOST" notification. 3247 All the congestion control parameters (e.g., cwnd, ssthresh) 3248 related to this peer MUST be reset to their initial values (see 3249 Section 6.2.1). 3251 After this, the endpoint enters the ESTABLISHED state. 3253 If the endpoint is in the SHUTDOWN-ACK-SENT state and recognizes 3254 that the peer has restarted (Action A), it MUST NOT set up a new 3255 association but instead resend the SHUTDOWN ACK chunk and send an 3256 ERROR chunk with a "Cookie Received While Shutting Down" error 3257 cause to its peer. 3259 B) In this case, both sides might be attempting to start an 3260 association at about the same time, but the peer endpoint sent 3261 its INIT chunk after responding to the local endpoint's INIT 3262 chunk. Thus, it might have picked a new Verification Tag, not 3263 being aware of the previous tag it had sent this endpoint. The 3264 endpoint SHOULD stay in or enter the ESTABLISHED state, but it 3265 MUST update its peer's Verification Tag from the State Cookie, 3266 stop any T1-init or T1-cookie timers that might be running, and 3267 send a COOKIE ACK chunk. 3269 C) In this case, the local endpoint's cookie has arrived late. 3270 Before it arrived, the local endpoint sent an INIT chunk and 3271 received an INIT ACK chunk and finally sent a COOKIE ECHO chunk 3272 with the peer's same tag but a new tag of its own. The cookie 3273 SHOULD be silently discarded. The endpoint SHOULD NOT change 3274 states and SHOULD leave any timers running. 3276 D) When both local and remote tags match, the endpoint SHOULD enter 3277 the ESTABLISHED state, if it is in the COOKIE-ECHOED state. It 3278 SHOULD stop any T1-cookie timer that is running and send a COOKIE 3279 ACK chunk. 3281 Note: The "peer's Verification Tag" is the tag received in the 3282 Initiate Tag field of the INIT or INIT ACK chunk. 3284 5.2.4.1. An Example of a Association Restart 3286 In the following example, "A" initiates the association after a 3287 restart has occurred. Endpoint "Z" had no knowledge of the restart 3288 until the exchange (i.e., Heartbeats had not yet detected the failure 3289 of "A") (assuming no bundling or fragmentation occurs): 3291 Endpoint A Endpoint Z 3292 <-------------- Association is established----------------------> 3293 Tag=Tag_A Tag=Tag_Z 3294 <---------------------------------------------------------------> 3295 {A crashes and restarts} 3296 {app sets up a association with Z} 3297 (build TCB) 3298 INIT [I-Tag=Tag_A' 3299 & other info] --------\ 3300 (Start T1-init timer) \ 3301 (Enter COOKIE-WAIT state) \---> (find an existing TCB, 3302 populate TieTags if needed, 3303 compose Cookie_Z with Tie-Tags 3304 and other info) 3305 /--- INIT ACK [Veri Tag=Tag_A', 3306 / I-Tag=Tag_Z', 3307 (Cancel T1-init timer) <------/ Cookie_Z] 3308 (leave original TCB in place) 3309 COOKIE ECHO [Veri=Tag_Z', 3310 Cookie_Z]-------\ 3311 (Start T1-init timer) \ 3312 (Enter COOKIE-ECHOED state) \---> (Find existing association, 3313 Tie-Tags in Cookie_Z match 3314 Tie-Tags in TCB, 3315 Tags do not match, i.e., 3316 case X X M M above, 3317 Announce Restart to ULP 3318 and reset association). 3319 /---- COOKIE ACK 3320 (Cancel T1-init timer, <------/ 3321 Enter ESTABLISHED state) 3322 {app sends 1st user data; strm 0} 3323 DATA [TSN=initial TSN_A 3324 Strm=0,Seq=0 & user data]--\ 3325 (Start T3-rtx timer) \ 3326 \-> 3327 /--- SACK [TSN Ack=init TSN_A,Block=0] 3328 (Cancel T3-rtx timer) <------/ 3330 Figure 5: A Restart Example 3332 5.2.5. Handle Duplicate COOKIE ACK Chunk 3334 At any state other than COOKIE-ECHOED, an endpoint SHOULD silently 3335 discard a received COOKIE ACK chunk. 3337 5.2.6. Handle Stale Cookie Error 3339 Receipt of an ERROR chunk with a "Stale Cookie" error cause indicates 3340 one of a number of possible events: 3342 A) The association failed to completely setup before the State 3343 Cookie issued by the sender was processed. 3345 B) An old State Cookie was processed after setup completed. 3347 C) An old State Cookie is received from someone that the receiver is 3348 not interested in having an association with and the ABORT chunk 3349 was lost. 3351 When processing an ERROR chunk with a "Stale Cookie" error cause an 3352 endpoint SHOULD first examine if an association is in the process of 3353 being set up, i.e., the association is in the COOKIE-ECHOED state. 3354 In all cases, if the association is not in the COOKIE-ECHOED state, 3355 the ERROR chunk SHOULD be silently discarded. 3357 If the association is in the COOKIE-ECHOED state, the endpoint MAY 3358 elect one of the following three alternatives. 3360 1) Send a new INIT chunk to the endpoint to generate a new State 3361 Cookie and reattempt the setup procedure. 3363 2) Discard the TCB and report to the upper layer the inability to 3364 set up the association. 3366 3) Send a new INIT chunk to the endpoint, adding a Cookie 3367 Preservative parameter requesting an extension to the life time 3368 of the State Cookie. When calculating the time extension, an 3369 implementation SHOULD use the RTT information measured based on 3370 the previous COOKIE ECHO / ERROR chunk exchange, and SHOULD add 3371 no more than 1 second beyond the measured RTT, due to long State 3372 Cookie life times making the endpoint more subject to a replay 3373 attack. 3375 5.3. Other Initialization Issues 3376 5.3.1. Selection of Tag Value 3378 Initiate Tag values SHOULD be selected from the range of 1 to 2^32 - 3379 1. It is very important that the Initiate Tag value be randomized to 3380 help protect against "man in the middle" and "sequence number" 3381 attacks. The methods described in [RFC4086] can be used for the 3382 Initiate Tag randomization. Careful selection of Initiate Tags is 3383 also necessary to prevent old duplicate packets from previous 3384 associations being mistakenly processed as belonging to the current 3385 association. 3387 Moreover, the Verification Tag value used by either endpoint in a 3388 given association MUST NOT change during the life time of an 3389 association. A new Verification Tag value MUST be used each time the 3390 endpoint tears down and then reestablishes an association to the same 3391 peer. 3393 5.4. Path Verification 3395 During association establishment, the two peers exchange a list of 3396 addresses. In the predominant case, these lists accurately represent 3397 the addresses owned by each peer. However, a misbehaving peer might 3398 supply addresses that it does not own. To prevent this, the 3399 following rules are applied to all addresses of the new association: 3401 1) Any addresses passed to the sender of the INIT chunk by its upper 3402 layer in the request to initialize an association are 3403 automatically considered to be CONFIRMED. 3405 2) For the receiver of the COOKIE ECHO chunk, the only CONFIRMED 3406 address is the address to which the packet containing the INIT 3407 ACK chunk was sent. 3409 3) All other addresses not covered by rules 1 and 2 are considered 3410 UNCONFIRMED and are subject to probing for verification. 3412 To probe an address for verification, an endpoint will send HEARTBEAT 3413 chunks including a 64-bit random nonce and a path indicator (to 3414 identify the address that the HEARTBEAT chunk is sent to) within the 3415 Heartbeat Info parameter. 3417 Upon receipt of the HEARTBEAT ACK chunk, a verification is made that 3418 the nonce included in the Heartbeat Info parameter is the one sent to 3419 the address indicated inside the Heartbeat Info parameter. When this 3420 match occurs, the address that the original HEARTBEAT was sent to is 3421 now considered CONFIRMED and available for normal data transfer. 3423 These probing procedures are started when an association moves to the 3424 ESTABLISHED state and are ended when all paths are confirmed. 3426 In each RTO, a probe MAY be sent on an active UNCONFIRMED path in an 3427 attempt to move it to the CONFIRMED state. If during this probing 3428 the path becomes inactive, this rate is lowered to the normal 3429 HEARTBEAT rate. At the expiration of the RTO timer, the error 3430 counter of any path that was probed but not CONFIRMED is incremented 3431 by one and subjected to path failure detection, as defined in 3432 Section 8.2. When probing UNCONFIRMED addresses, however, the 3433 association overall error count is not incremented. 3435 The number of packets containing HEARTBEAT chunks sent at each RTO 3436 SHOULD be limited by the 'HB.Max.Burst' parameter. It is an 3437 implementation decision as to how to distribute packets containing 3438 HEARTBEAT chunks to the peer's addresses for path verification. 3440 Whenever a path is confirmed, an indication MAY be given to the upper 3441 layer. 3443 An endpoint MUST NOT send any chunks to an UNCONFIRMED address, with 3444 the following exceptions: 3446 * A HEARTBEAT chunk including a nonce MAY be sent to an UNCONFIRMED 3447 address. 3449 * A HEARTBEAT ACK chunk MAY be sent to an UNCONFIRMED address. 3451 * A COOKIE ACK chunk MAY be sent to an UNCONFIRMED address, but it 3452 MUST be bundled with a HEARTBEAT chunk including a nonce. An 3453 implementation that does not support bundling MUST NOT send a 3454 COOKIE ACK chunk to an UNCONFIRMED address. 3456 * A COOKIE ECHO chunk MAY be sent to an UNCONFIRMED address, but it 3457 MUST be bundled with a HEARTBEAT chunk including a nonce, and the 3458 size of the SCTP packet MUST NOT exceed the PMTU. If the 3459 implementation does not support bundling or if the bundled COOKIE 3460 ECHO chunk plus HEARTBEAT chunk (including nonce) would result in 3461 an SCTP packet larger than the PMTU, then the implementation MUST 3462 NOT send a COOKIE ECHO chunk to an UNCONFIRMED address. 3464 6. User Data Transfer 3466 Data transmission MUST only happen in the ESTABLISHED, SHUTDOWN- 3467 PENDING, and SHUTDOWN-RECEIVED states. The only exception to this is 3468 that DATA chunks are allowed to be bundled with an outbound COOKIE 3469 ECHO chunk when in the COOKIE-WAIT state. 3471 DATA chunks MUST only be received according to the rules below in 3472 ESTABLISHED, SHUTDOWN-PENDING, and SHUTDOWN-SENT states. A DATA 3473 chunk received in CLOSED is out of the blue and SHOULD be handled per 3474 Section 8.4. A DATA chunk received in any other state SHOULD be 3475 discarded. 3477 A SACK chunk MUST be processed in ESTABLISHED, SHUTDOWN-PENDING, and 3478 SHUTDOWN-RECEIVED states. An incoming SACK chunk MAY be processed in 3479 COOKIE-ECHOED. A SACK chunk in the CLOSED state is out of the blue 3480 and SHOULD be processed according to the rules in Section 8.4. A 3481 SACK chunk received in any other state SHOULD be discarded. 3483 For transmission efficiency, SCTP defines mechanisms for bundling of 3484 small user messages and fragmentation of large user messages. The 3485 following diagram depicts the flow of user messages through SCTP. 3487 In this section, the term "data sender" refers to the endpoint that 3488 transmits a DATA chunk and the term "data receiver" refers to the 3489 endpoint that receives a DATA chunk. A data receiver will transmit 3490 SACK chunks. 3492 +-------------------------+ 3493 | User Messages | 3494 +-------------------------+ 3495 SCTP user ^ | 3496 ==================|==|======================================= 3497 | v (1) 3498 +------------------+ +---------------------+ 3499 | SCTP DATA Chunks | | SCTP Control Chunks | 3500 +------------------+ +---------------------+ 3501 ^ | ^ | 3502 | v (2) | v (2) 3503 +--------------------------+ 3504 | SCTP packets | 3505 +--------------------------+ 3506 SCTP ^ | 3507 ===========================|==|=========================== 3508 | v 3509 Connectionless Packet Transfer Service (e.g., IP) 3511 Figure 6: Illustration of User Data Transfer 3513 The following applies: 3515 1) When converting user messages into DATA chunks, an endpoint MUST 3516 fragment large user messages into multiple DATA chunks. The size 3517 of each DATA chunk SHOULD be smaller than or equal to the 3518 Association Maximum DATA Chunk Size (AMDCS). The data receiver 3519 will normally reassemble the fragmented message from DATA chunks 3520 before delivery to the user (see Section 6.9 for details). 3522 2) Multiple DATA and control chunks MAY be bundled by the sender 3523 into a single SCTP packet for transmission, as long as the final 3524 size of the SCTP packet does not exceed the current PMTU. The 3525 receiver will unbundle the packet back into the original chunks. 3526 Control chunks MUST come before DATA chunks in the packet. 3528 The fragmentation and bundling mechanisms, as detailed in Section 6.9 3529 and Section 6.10, are OPTIONAL to implement by the data sender, but 3530 they MUST be implemented by the data receiver, i.e., an endpoint MUST 3531 properly receive and process bundled or fragmented data. 3533 6.1. Transmission of DATA Chunks 3535 This section specifies the rules for sending DATA chunks. In 3536 particular, it defines zero window probing, which is required to 3537 avoid the indefinite stalling of an association in case of a loss of 3538 packets containing SACK chunks performing window updates. 3540 This document is specified as if there is a single retransmission 3541 timer per destination transport address, but implementations MAY have 3542 a retransmission timer for each DATA chunk. 3544 The following general rules MUST be applied by the data sender for 3545 transmission and/or retransmission of outbound DATA chunks: 3547 A) At any given time, the data sender MUST NOT transmit new data to 3548 any destination transport address if its peer's rwnd indicates 3549 that the peer has no buffer space (i.e., rwnd is smaller than the 3550 size of the next DATA chunk; see Section 6.2.1), except for zero 3551 window probes. 3553 A zero window probe is a DATA chunk sent when the receiver has no 3554 buffer space. This rule allows the sender to probe for a change 3555 in rwnd that the sender missed due to the SACK chunks having been 3556 lost in transit from the data receiver to the data sender. A 3557 zero window probe MUST only be sent when the cwnd allows (see 3558 Rule B below). A zero window probe SHOULD only be sent when all 3559 outstanding DATA chunks have been cumulatively acknowledged and 3560 no DATA chunks are in flight. Senders MUST support zero window 3561 probing. 3563 If the sender continues to receive SACK chunks from the peer 3564 while doing zero window probing, the unacknowledged window probes 3565 SHOULD NOT increment the error counter for the association or any 3566 destination transport address. This is because the receiver 3567 could keep its window closed for an indefinite time. Section 6.2 3568 describes the receiver behavior when it advertises a zero window. 3569 The sender SHOULD send the first zero window probe after 1 RTO 3570 when it detects that the receiver has closed its window and 3571 SHOULD increase the probe interval exponentially afterwards. 3572 Also note that the cwnd SHOULD be adjusted according to 3573 Section 7.2.1. Zero window probing does not affect the 3574 calculation of cwnd. 3576 The sender MUST also have an algorithm for sending new DATA 3577 chunks to avoid silly window syndrome (SWS) as described in 3578 [RFC1122]. The algorithm can be similar to the one described in 3579 Section 4.2.3.4 of [RFC1122]. 3581 B) At any given time, the sender MUST NOT transmit new data to a 3582 given transport address if it has cwnd + (PMDCS - 1) or more 3583 bytes of data outstanding to that transport address. If data is 3584 available, the sender SHOULD exceed cwnd by up to (PMDCS - 1) 3585 bytes on a new data transmission if the flightsize does not 3586 currently reach cwnd. The breach of cwnd MUST constitute one 3587 packet only. 3589 C) When the time comes for the sender to transmit, before sending 3590 new DATA chunks, the sender MUST first transmit any DATA chunks 3591 that are marked for retransmission (limited by the current cwnd). 3593 D) When the time comes for the sender to transmit new DATA chunks, 3594 the protocol parameter 'Max.Burst' SHOULD be used to limit the 3595 number of packets sent. The limit MAY be applied by adjusting 3596 cwnd temporarily, as follows: 3598 if ((flightsize + Max.Burst * PMDCS) < cwnd) 3599 cwnd = flightsize + Max.Burst * PMDCS; 3601 Or, it MAY be applied by strictly limiting the number of packets 3602 emitted by the output routine. When calculating the number of 3603 packets to transmit, and particularly when using the formula 3604 above, cwnd SHOULD NOT be changed permanently. 3606 E) Then, the sender can send as many new DATA chunks as rule A and 3607 rule B allow. 3609 Multiple DATA chunks committed for transmission MAY be bundled in a 3610 single packet. Furthermore, DATA chunks being retransmitted MAY be 3611 bundled with new DATA chunks, as long as the resulting SCTP packet 3612 size does not exceed the PMTU. A ULP can request that no bundling is 3613 performed, but this only turns off any delays that an SCTP 3614 implementation might be using to increase bundling efficiency. It 3615 does not in itself stop all bundling from occurring (i.e., in case of 3616 congestion or retransmission). 3618 Before an endpoint transmits a DATA chunk, if any received DATA 3619 chunks have not been acknowledged (e.g., due to delayed ack), the 3620 sender SHOULD create a SACK chunk and bundle it with the outbound 3621 DATA chunk, as long as the size of the final SCTP packet does not 3622 exceed the current PMTU. See Section 6.2. 3624 When the window is full (i.e., transmission is disallowed by rule A 3625 and/or rule B), the sender MAY still accept send requests from its 3626 upper layer, but MUST transmit no more DATA chunks until some or all 3627 of the outstanding DATA chunks are acknowledged and transmission is 3628 allowed by rule A and rule B again. 3630 Whenever a transmission or retransmission is made to any address, if 3631 the T3-rtx timer of that address is not currently running, the sender 3632 MUST start that timer. If the timer for that address is already 3633 running, the sender MUST restart the timer if the earliest (i.e., 3634 lowest TSN) outstanding DATA chunk sent to that address is being 3635 retransmitted. Otherwise, the data sender MUST NOT restart the 3636 timer. 3638 When starting or restarting the T3-rtx timer, the timer value SHOULD 3639 be adjusted according to the timer rules defined in Section 6.3.2 and 3640 Section 6.3.3. 3642 The data sender MUST NOT use a TSN that is more than 2^31 - 1 above 3643 the beginning TSN of the current send window. 3645 For each stream, the data sender MUST NOT have more than 2^16 - 1 3646 ordered user messages in the current send window. 3648 Whenever the sender of a DATA chunk can benefit from the 3649 corresponding SACK chunk being sent back without delay, the sender 3650 MAY set the I bit in the DATA chunk header. Please note that why the 3651 sender has set the I bit is irrelevant to the receiver. 3653 Reasons for setting the I bit include, but are not limited to, the 3654 following (see Section 4 of [RFC7053] for a discussion of the 3655 benefits): 3657 * The application requests that the I bit of the last DATA chunk of 3658 a user message be set when providing the user message to the SCTP 3659 implementation (see Section 11.1). 3661 * The sender is in the SHUTDOWN-PENDING state. 3663 * The sending of a DATA chunk fills the congestion or receiver 3664 window. 3666 6.2. Acknowledgement on Reception of DATA Chunks 3668 The SCTP endpoint MUST always acknowledge the reception of each valid 3669 DATA chunk when the DATA chunk received is inside its receive window. 3671 When the receiver's advertised window is 0, the receiver MUST drop 3672 any new incoming DATA chunk with a TSN larger than the largest TSN 3673 received so far. Also, if the new incoming DATA chunk holds a TSN 3674 value less than the largest TSN received so far, then the receiver 3675 SHOULD drop the largest TSN held for reordering and accept the new 3676 incoming DATA chunk. In either case, if such a DATA chunk is 3677 dropped, the receiver MUST immediately send back a SACK chunk with 3678 the current receive window showing only DATA chunks received and 3679 accepted so far. The dropped DATA chunk(s) MUST NOT be included in 3680 the SACK chunk, as they were not accepted. The receiver MUST also 3681 have an algorithm for advertising its receive window to avoid 3682 receiver silly window syndrome (SWS), as described in [RFC1122]. The 3683 algorithm can be similar to the one described in Section 4.2.3.3 of 3684 [RFC1122]. 3686 The guidelines on delayed acknowledgement algorithm specified in 3687 Section 4.2 of [RFC5681] SHOULD be followed. Specifically, an 3688 acknowledgement SHOULD be generated for at least every second packet 3689 (not every second DATA chunk) received, and SHOULD be generated 3690 within 200 ms of the arrival of any unacknowledged DATA chunk. In 3691 some situations, it might be beneficial for an SCTP transmitter to be 3692 more conservative than the algorithms detailed in this document 3693 allow. However, an SCTP transmitter MUST NOT be more aggressive in 3694 sending SACK chunks than the following algorithms allow. 3696 An SCTP receiver MUST NOT generate more than one SACK chunk for every 3697 incoming packet, other than to update the offered window as the 3698 receiving application consumes new data. When the window opens up, 3699 an SCTP receiver SHOULD send additional SACK chunks to update the 3700 window even if no new data is received. The receiver MUST avoid 3701 sending a large number of window updates -- in particular, large 3702 bursts of them. One way to achieve this is to send a window update 3703 only if the window can be increased by at least a quarter of the 3704 receive buffer size of the association. 3706 Implementation Note: The maximum delay for generating an 3707 acknowledgement MAY be configured by the SCTP administrator, either 3708 statically or dynamically, in order to meet the specific timing 3709 requirement of the protocol being carried. 3711 An implementation MUST NOT allow the maximum delay (protocol 3712 parameter 'SACK.Delay') to be configured to be more than 500 ms. In 3713 other words, an implementation MAY lower the value of 'SACK.Delay' 3714 below 500 ms but MUST NOT raise it above 500 ms. 3716 Acknowledgements MUST be sent in SACK chunks unless shutdown was 3717 requested by the ULP, in which case an endpoint MAY send an 3718 acknowledgement in the SHUTDOWN chunk. A SACK chunk can acknowledge 3719 the reception of multiple DATA chunks. See Section 3.3.4 for SACK 3720 chunk format. In particular, the SCTP endpoint MUST fill in the 3721 Cumulative TSN Ack field to indicate the latest sequential TSN (of a 3722 valid DATA chunk) it has received. Any received DATA chunks with TSN 3723 greater than the value in the Cumulative TSN Ack field are reported 3724 in the Gap Ack Block fields. The SCTP endpoint MUST report as many 3725 Gap Ack Blocks as can fit in a single SACK chunk such that the size 3726 of the SCTP packet does not exceed the current PMTU. 3728 The SHUTDOWN chunk does not contain Gap Ack Block fields. Therefore, 3729 the endpoint SHOULD use a SACK chunk instead of the SHUTDOWN chunk to 3730 acknowledge DATA chunks received out of order. 3732 Upon receipt of an SCTP packet containing a DATA chunk with the I bit 3733 set, the receiver SHOULD NOT delay the sending of the corresponding 3734 SACK chunk, i.e., the receiver SHOULD immediately respond with the 3735 corresponding SACK chunk. 3737 When a packet arrives with duplicate DATA chunk(s) and with no new 3738 DATA chunk(s), the endpoint MUST immediately send a SACK chunk with 3739 no delay. If a packet arrives with duplicate DATA chunk(s) bundled 3740 with new DATA chunks, the endpoint MAY immediately send a SACK chunk. 3741 Normally, receipt of duplicate DATA chunks will occur when the 3742 original SACK chunk was lost and the peer's RTO has expired. The 3743 duplicate TSN number(s) SHOULD be reported in the SACK chunk as 3744 duplicate. 3746 When an endpoint receives a SACK chunk, it MAY use the duplicate TSN 3747 information to determine if SACK chunk loss is occurring. Further 3748 use of this data is for future study. 3750 The data receiver is responsible for maintaining its receive buffers. 3751 The data receiver SHOULD notify the data sender in a timely manner of 3752 changes in its ability to receive data. How an implementation 3753 manages its receive buffers is dependent on many factors (e.g., 3754 operating system, memory management system, amount of memory, etc.). 3755 However, the data sender strategy defined in Section 6.2.1 is based 3756 on the assumption of receiver operation similar to the following: 3758 A) At initialization of the association, the endpoint tells the peer 3759 how much receive buffer space it has allocated to the association 3760 in the INIT or INIT ACK chunk. The endpoint sets a_rwnd to this 3761 value. 3763 B) As DATA chunks are received and buffered, decrement a_rwnd by the 3764 number of bytes received and buffered. This is, in effect, 3765 closing rwnd at the data sender and restricting the amount of 3766 data it can transmit. 3768 C) As DATA chunks are delivered to the ULP and released from the 3769 receive buffers, increment a_rwnd by the number of bytes 3770 delivered to the upper layer. This is, in effect, opening up 3771 rwnd on the data sender and allowing it to send more data. The 3772 data receiver SHOULD NOT increment a_rwnd unless it has released 3773 bytes from its receive buffer. For example, if the receiver is 3774 holding fragmented DATA chunks in a reassembly queue, it SHOULD 3775 NOT increment a_rwnd. 3777 D) When sending a SACK chunk, the data receiver SHOULD place the 3778 current value of a_rwnd into the a_rwnd field. The data receiver 3779 SHOULD take into account that the data sender will not retransmit 3780 DATA chunks that are acked via the Cumulative TSN Ack (i.e., will 3781 drop from its retransmit queue). 3783 Under certain circumstances, the data receiver MAY drop DATA chunks 3784 that it has received but has not released from its receive buffers 3785 (i.e., delivered to the ULP). These DATA chunks might have been 3786 acked in Gap Ack Blocks. For example, the data receiver might be 3787 holding data in its receive buffers while reassembling a fragmented 3788 user message from its peer when it runs out of receive buffer space. 3789 It MAY drop these DATA chunks even though it has acknowledged them in 3790 Gap Ack Blocks. If a data receiver drops DATA chunks, it MUST NOT 3791 include them in Gap Ack Blocks in subsequent SACK chunks until they 3792 are received again via retransmission. In addition, the endpoint 3793 SHOULD take into account the dropped data when calculating its 3794 a_rwnd. 3796 An endpoint SHOULD NOT revoke a SACK chunk and discard data. Only in 3797 extreme circumstances might an endpoint use this procedure (such as 3798 out of buffer space). The data receiver SHOULD take into account 3799 that dropping data that has been acked in Gap Ack Blocks can result 3800 in suboptimal retransmission strategies in the data sender and thus 3801 in suboptimal performance. 3803 The following example illustrates the use of delayed 3804 acknowledgements: 3806 Endpoint A Endpoint Z 3808 {App sends 3 messages; strm 0} 3809 DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 3810 (Start T3-rtx timer) 3812 DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack) 3813 /------- SACK [TSN Ack=8,block=0] 3814 (cancel T3-rtx timer) <-----/ 3816 DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed) 3817 (Start T3-rtx timer) 3818 ... 3819 {App sends 1 message; strm 1} 3820 (bundle SACK with DATA) 3821 /----- SACK [TSN Ack=9,block=0] \ 3822 / DATA [TSN=6,Strm=1,Seq=2] 3823 (cancel T3-rtx timer) <------/ (Start T3-rtx timer) 3825 (ack delayed) 3826 (send ack) 3827 SACK [TSN Ack=6,block=0] -------------> (cancel T3-rtx timer) 3829 Figure 7: Delayed Acknowledgement Example 3831 If an endpoint receives a DATA chunk with no user data (i.e., the 3832 Length field is set to 16), it MUST send an ABORT chunk with a "No 3833 User Data" error cause. 3835 An endpoint SHOULD NOT send a DATA chunk with no user data part. 3836 This avoids the need to be able to return a zero-length user message 3837 in the API, especially in the socket API as specified in [RFC6458] 3838 for details. 3840 6.2.1. Processing a Received SACK Chunk 3842 Each SACK chunk an endpoint receives contains an a_rwnd value. This 3843 value represents the amount of buffer space the data receiver, at the 3844 time of transmitting the SACK chunk, has left of its total receive 3845 buffer space (as specified in the INIT/INIT ACK chunk). Using 3846 a_rwnd, Cumulative TSN Ack, and Gap Ack Blocks, the data sender can 3847 develop a representation of the peer's receive buffer space. 3849 One of the problems the data sender takes into account when 3850 processing a SACK chunk is that a SACK chunk can be received out of 3851 order. That is, a SACK chunk sent by the data receiver can pass an 3852 earlier SACK chunk and be received first by the data sender. If a 3853 SACK chunk is received out of order, the data sender can develop an 3854 incorrect view of the peer's receive buffer space. 3856 Since there is no explicit identifier that can be used to detect out- 3857 of-order SACK chunks, the data sender uses heuristics to determine if 3858 a SACK chunk is new. 3860 An endpoint SHOULD use the following rules to calculate the rwnd, 3861 using the a_rwnd value, the Cumulative TSN Ack, and Gap Ack Blocks in 3862 a received SACK chunk. 3864 A) At the establishment of the association, the endpoint initializes 3865 the rwnd to the Advertised Receiver Window Credit (a_rwnd) the 3866 peer specified in the INIT or INIT ACK chunk. 3868 B) Any time a DATA chunk is transmitted (or retransmitted) to a 3869 peer, the endpoint subtracts the data size of the chunk from the 3870 rwnd of that peer. 3872 C) Any time a DATA chunk is marked for retransmission, either via 3873 T3-rtx timer expiration (Section 6.3.3) or via Fast Retransmit 3874 (Section 7.2.4), add the data size of those chunks to the rwnd. 3876 D) Any time a SACK chunk arrives, the endpoint performs the 3877 following: 3879 i) If Cumulative TSN Ack is less than the Cumulative TSN Ack 3880 Point, then drop the SACK chunk. Since Cumulative TSN Ack 3881 is monotonically increasing, a SACK chunk whose Cumulative 3882 TSN Ack is less than the Cumulative TSN Ack Point indicates 3883 an out-of-order SACK chunk. 3885 ii) Set rwnd equal to the newly received a_rwnd minus the 3886 number of bytes still outstanding after processing the 3887 Cumulative TSN Ack and the Gap Ack Blocks. 3889 iii) If the SACK chunk is missing a TSN that was previously 3890 acknowledged via a Gap Ack Block (e.g., the data receiver 3891 reneged on the data), then consider the corresponding DATA 3892 that might be possibly missing: Count one miss indication 3893 towards Fast Retransmit as described in Section 7.2.4, and 3894 if no retransmit timer is running for the destination 3895 address to which the DATA chunk was originally transmitted, 3896 then T3-rtx is started for that destination address. 3898 iv) If the Cumulative TSN Ack matches or exceeds the Fast 3899 Recovery exitpoint (Section 7.2.4), Fast Recovery is 3900 exited. 3902 6.3. Management of Retransmission Timer 3904 An SCTP endpoint uses a retransmission timer T3-rtx to ensure data 3905 delivery in the absence of any feedback from its peer. The duration 3906 of this timer is referred to as RTO (retransmission timeout). 3908 When an endpoint's peer is multi-homed, the endpoint will calculate a 3909 separate RTO for each different destination transport address of its 3910 peer endpoint. 3912 The computation and management of RTO in SCTP follow closely how TCP 3913 manages its retransmission timer. To compute the current RTO, an 3914 endpoint maintains two state variables per destination transport 3915 address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time 3916 variation). 3918 6.3.1. RTO Calculation 3920 The rules governing the computation of SRTT, RTTVAR, and RTO are as 3921 follows: 3923 C1) Until an RTT measurement has been made for a packet sent to the 3924 given destination transport address, set RTO to the protocol 3925 parameter 'RTO.Initial'. 3927 C2) When the first RTT measurement R is made, perform 3929 SRTT = R; 3930 RTTVAR = R/2; 3931 RTO = SRTT + 4 * RTTVAR; 3933 C3) When a new RTT measurement R' is made, perform: 3935 RTTVAR = (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|; 3936 SRTT = (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'; 3938 Note: The value of SRTT used in the update to RTTVAR is its 3939 value before updating SRTT itself using the second assignment. 3941 After the computation, update 3943 RTO = SRTT + 4 * RTTVAR; 3945 C4) When data is in flight and when allowed by rule C5 below, a new 3946 RTT measurement MUST be made each round trip. Furthermore, new 3947 RTT measurements SHOULD be made no more than once per round trip 3948 for a given destination transport address. There are two 3949 reasons for this recommendation: First, it appears that 3950 measuring more frequently often does not in practice yield any 3951 significant benefit [ALLMAN99]; second, if measurements are made 3952 more often, then the values of 'RTO.Alpha' and 'RTO.Beta' in 3953 rule C3 above SHOULD be adjusted so that SRTT and RTTVAR still 3954 adjust to changes at roughly the same rate (in terms of how many 3955 round trips it takes them to reflect new values) as they would 3956 if making only one measurement per round-trip and using 3957 'RTO.Alpha' and 'RTO.Beta' as given in rule C3. However, the 3958 exact nature of these adjustments remains a research issue. 3960 C5) Karn's algorithm: RTT measurements MUST NOT be made using chunks 3961 that were retransmitted (and thus for which it is ambiguous 3962 whether the reply was for the first instance of the chunk or for 3963 a later instance). 3965 RTT measurements SHOULD only be made using a DATA chunk with TSN 3966 r, if no DATA chunk with TSN less than or equal to r was 3967 retransmitted since the DATA chunk with TSN r was sent first. 3969 C6) Whenever RTO is computed, if it is less than 'RTO.Min' seconds 3970 then it is rounded up to 'RTO.Min' seconds. The reason for this 3971 rule is that RTOs that do not have a high minimum value are 3972 susceptible to unnecessary timeouts [ALLMAN99]. 3974 C7) A maximum value MAY be placed on RTO provided it is at least 3975 'RTO.max' seconds. 3977 There is no requirement for the clock granularity G used for 3978 computing RTT measurements and the different state variables, other 3979 than: 3981 G1) Whenever RTTVAR is computed, if RTTVAR == 0, then adjust RTTVAR 3982 = G. 3984 Experience [ALLMAN99] has shown that finer clock granularities (less 3985 than 100 msec) perform somewhat better than more coarse 3986 granularities. 3988 See Section 16 for suggested parameter values. 3990 6.3.2. Retransmission Timer Rules 3992 The rules for managing the retransmission timer are as follows: 3994 R1) Every time a DATA chunk is sent to any address (including a 3995 retransmission), if the T3-rtx timer of that address is not 3996 running, start it running so that it will expire after the RTO 3997 of that address. The RTO used here is that obtained after any 3998 doubling due to previous T3-rtx timer expirations on the 3999 corresponding destination address as discussed in rule E2 below. 4001 R2) Whenever all outstanding data sent to an address have been 4002 acknowledged, turn off the T3-rtx timer of that address. 4004 R3) Whenever a SACK chunk is received that acknowledges the DATA 4005 chunk with the earliest outstanding TSN for that address, 4006 restart the T3-rtx timer for that address with its current RTO 4007 (if there is still outstanding data on that address). 4009 R4) Whenever a SACK chunk is received missing a TSN that was 4010 previously acknowledged via a Gap Ack Block, start the T3-rtx 4011 for the destination address to which the DATA chunk was 4012 originally transmitted if it is not already running. 4014 The following example shows the use of various timer rules (assuming 4015 that the receiver uses delayed acks). 4017 Endpoint A Endpoint Z 4018 {App begins to send} 4019 Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed) 4020 (Start T3-rtx timer) 4021 {App sends 1 message; strm 1} 4022 (bundle ack with data) 4023 DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN Ack=7,Block=0] 4024 \ / DATA [TSN=6,Strm=1,Seq=2] 4025 \ / (Start T3-rtx timer) 4026 \ 4027 / \ 4028 (Restart T3-rtx timer) <------/ \--> (ack delayed) 4029 (ack delayed) 4030 {send ack} 4031 SACK [TSN Ack=6,Block=0] --------------> (Cancel T3-rtx timer) 4032 .. 4033 (send ack) 4034 (Cancel T3-rtx timer) <-------------- SACK [TSN Ack=8,Block=0] 4036 Figure 8: Timer Rule Examples 4038 6.3.3. Handle T3-rtx Expiration 4040 Whenever the retransmission timer T3-rtx expires for a destination 4041 address, do the following: 4043 E1) For the destination address for which the timer expires, adjust 4044 its ssthresh with rules defined in Section 7.2.3 and set the 4045 cwnd = PMDCS. 4047 E2) For the destination address for which the timer expires, set RTO 4048 = RTO * 2 ("back off the timer"). The maximum value discussed 4049 in rule C7 above ('RTO.max') MAY be used to provide an upper 4050 bound to this doubling operation. 4052 E3) Determine how many of the earliest (i.e., lowest TSN) 4053 outstanding DATA chunks for the address for which the T3-rtx has 4054 expired will fit into a single SCTP packet, subject to the PMTU 4055 corresponding to the destination transport address to which the 4056 retransmission is being sent (this might be different from the 4057 address for which the timer expires; see Section 6.4). Call 4058 this value K. Bundle and retransmit those K DATA chunks in a 4059 single packet to the destination endpoint. 4061 E4) Start the retransmission timer T3-rtx on the destination address 4062 to which the retransmission is sent, if rule R1 above indicates 4063 to do so. The RTO to be used for starting T3-rtx SHOULD be the 4064 one for the destination address to which the retransmission is 4065 sent, which, when the receiver is multi-homed, might be 4066 different from the destination address for which the timer 4067 expired (see Section 6.4 below). 4069 After retransmitting, once a new RTT measurement is obtained (which 4070 can happen only when new data has been sent and acknowledged, per 4071 rule C5, or for a measurement made from a HEARTBEAT chunk; see 4072 Section 8.3), the computation in rule C3 is performed, including the 4073 computation of RTO, which might result in "collapsing" RTO back down 4074 after it has been subject to doubling (rule E2). 4076 Any DATA chunks that were sent to the address for which the T3-rtx 4077 timer expired but did not fit in an SCTP packet of size smaller than 4078 or equal to the PMTU (rule E3 above) SHOULD be marked for 4079 retransmission and sent as soon as cwnd allows (normally, when a SACK 4080 chunk arrives). 4082 The final rule for managing the retransmission timer concerns 4083 failover (see Section 6.4.1): 4085 F1) Whenever an endpoint switches from the current destination 4086 transport address to a different one, the current retransmission 4087 timers are left running. As soon as the endpoint transmits a 4088 packet containing DATA chunk(s) to the new transport address, 4089 start the timer on that transport address, using the RTO value 4090 of the destination address to which the data is being sent, if 4091 rule R1 indicates to do so. 4093 6.4. Multi-Homed SCTP Endpoints 4095 An SCTP endpoint is considered multi-homed if there is more than one 4096 transport address that can be used as a destination address to reach 4097 that endpoint. 4099 Moreover, the ULP of an endpoint selects one of the multiple 4100 destination addresses of a multi-homed peer endpoint as the primary 4101 path (see Section 5.1.2 and Section 11.1 for details). 4103 By default, an endpoint SHOULD always transmit to the primary path, 4104 unless the SCTP user explicitly specifies the destination transport 4105 address (and possibly source transport address) to use. 4107 An endpoint SHOULD transmit reply chunks (e.g., INIT ACK, COOKIE ACK, 4108 HEARTBEAT ACK) in response to control chunks to the same destination 4109 transport address from which it received the control chunk to which 4110 it is replying. 4112 The selection of the destination transport address for packets 4113 containing SACK chunks is implementation dependent. However, an 4114 endpoint SHOULD NOT vary the destination transport address of a SACK 4115 chunk when it receives DATA chunks coming from the same source 4116 address. 4118 When acknowledging multiple DATA chunks received in packets from 4119 different source addresses in a single SACK chunk, the SACK chunk MAY 4120 be transmitted to one of the destination transport addresses from 4121 which the DATA or control chunks being acknowledged were received. 4123 When a receiver of a duplicate DATA chunk sends a SACK chunk to a 4124 multi-homed endpoint, it MAY be beneficial to vary the destination 4125 address and not use the source address of the DATA chunk. The reason 4126 is that receiving a duplicate from a multi-homed endpoint might 4127 indicate that the return path (as specified in the source address of 4128 the DATA chunk) for the SACK chunk is broken. 4130 Furthermore, when its peer is multi-homed, an endpoint SHOULD try to 4131 retransmit a chunk that timed out to an active destination transport 4132 address that is different from the last destination address to which 4133 the chunk was sent. 4135 When its peer is multi-homed, an endpoint SHOULD send fast 4136 retransmissions to the same destination transport address to which 4137 the original data was sent. If the primary path has been changed and 4138 the original data was sent to the old primary path before the Fast 4139 Retransmit, the implementation MAY send it to the new primary path. 4141 Retransmissions do not affect the total outstanding data count. 4142 However, if the DATA chunk is retransmitted onto a different 4143 destination address, both the outstanding data counts on the new 4144 destination address and the old destination address to which the data 4145 chunk was last sent is adjusted accordingly. 4147 6.4.1. Failover from an Inactive Destination Address 4149 Some of the transport addresses of a multi-homed SCTP endpoint might 4150 become inactive due to either the occurrence of certain error 4151 conditions (see Section 8.2) or adjustments from the SCTP user. 4153 When there is outbound data to send and the primary path becomes 4154 inactive (e.g., due to failures), or where the SCTP user explicitly 4155 requests to send data to an inactive destination transport address, 4156 before reporting an error to its ULP, the SCTP endpoint SHOULD try to 4157 send the data to an alternate active destination transport address if 4158 one exists. 4160 When retransmitting data that timed out, if the endpoint is multi- 4161 homed, it needs to consider each source-destination address pair in 4162 its retransmission selection policy. When retransmitting timed-out 4163 data, the endpoint SHOULD attempt to pick the most divergent source- 4164 destination pair from the original source-destination pair to which 4165 the packet was transmitted. 4167 Note: Rules for picking the most divergent source-destination pair 4168 are an implementation decision and are not specified within this 4169 document. 4171 6.5. Stream Identifier and Stream Sequence Number 4173 Every DATA chunk MUST carry a valid stream identifier. If an 4174 endpoint receives a DATA chunk with an invalid stream identifier, it 4175 SHOULD acknowledge the reception of the DATA chunk following the 4176 normal procedure, immediately send an ERROR chunk with cause set to 4177 "Invalid Stream Identifier" (see Section 3.3.10), and discard the 4178 DATA chunk. The endpoint MAY bundle the ERROR chunk and the SACK 4179 chunk in the same packet. 4181 The Stream Sequence Number in all the outgoing streams MUST start 4182 from 0 when the association is established. The Stream Sequence 4183 Number of an outgoing stream MUST be incremented by 1 for each 4184 ordered user message sent on that outgoing stream. In particular, 4185 when the Stream Sequence Number reaches the value 65535 the next 4186 Stream Sequence Number MUST be set to 0. For unordered user messages 4187 the Stream Sequence Number MUST NOT be changed. 4189 6.6. Ordered and Unordered Delivery 4191 Within a stream, an endpoint MUST deliver DATA chunks received with 4192 the U flag set to 0 to the upper layer according to the order of 4193 their Stream Sequence Number. If DATA chunks arrive out of order of 4194 their Stream Sequence Number, the endpoint MUST hold the received 4195 DATA chunks from delivery to the ULP until they are reordered. 4197 However, an SCTP endpoint can indicate that no ordered delivery is 4198 required for a particular DATA chunk transmitted within the stream by 4199 setting the U flag of the DATA chunk to 1. 4201 When an endpoint receives a DATA chunk with the U flag set to 1, it 4202 bypasses the ordering mechanism and immediately deliver the data to 4203 the upper layer (after reassembly if the user data is fragmented by 4204 the data sender). 4206 This provides an effective way of transmitting "out-of-band" data in 4207 a given stream. Also, a stream can be used as an "unordered" stream 4208 by simply setting the U flag to 1 in all DATA chunks sent through 4209 that stream. 4211 Implementation Note: When sending an unordered DATA chunk, an 4212 implementation MAY choose to place the DATA chunk in an outbound 4213 packet that is at the head of the outbound transmission queue if 4214 possible. 4216 The 'Stream Sequence Number' field in a DATA chunk with U flag set to 4217 1 has no significance. The sender can fill the 'Stream Sequence 4218 Number' with arbitrary value, but the receiver MUST ignore the field. 4220 Note: When transmitting ordered and unordered data, an endpoint does 4221 not increment its Stream Sequence Number when transmitting a DATA 4222 chunk with U flag set to 1. 4224 6.7. Report Gaps in Received DATA TSNs 4226 Upon the reception of a new DATA chunk, an endpoint examines the 4227 continuity of the TSNs received. If the endpoint detects a gap in 4228 the received DATA chunk sequence, it SHOULD send a SACK chunk with 4229 Gap Ack Blocks immediately. The data receiver continues sending a 4230 SACK chunk after receipt of each SCTP packet that does not fill the 4231 gap. 4233 Based on the Gap Ack Block from the received SACK chunk, the endpoint 4234 can calculate the missing DATA chunks and make decisions on whether 4235 to retransmit them (see Section 6.2.1 for details). 4237 Multiple gaps can be reported in one single SACK chunk (see 4238 Section 3.3.4). 4240 When its peer is multi-homed, the SCTP endpoint SHOULD always try to 4241 send the SACK chunk to the same destination address from which the 4242 last DATA chunk was received. 4244 Upon the reception of a SACK chunk, the endpoint MUST remove all DATA 4245 chunks that have been acknowledged by the SACK chunk's Cumulative TSN 4246 Ack from its transmit queue. All DATA chunks with TSNs not included 4247 in the Gap Ack Blocks that are smaller than the highest acknowledged 4248 TSN reported in the SACK chunk MUST be treated as "missing" by the 4249 sending endpoint. The number of "missing" reports for each 4250 outstanding DATA chunk MUST be recorded by the data sender to make 4251 retransmission decisions. See Section 7.2.4 for details. 4253 The following example shows the use of SACK chunk to report a gap. 4255 Endpoint A Endpoint Z 4256 {App sends 3 messages; strm 0} 4257 DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed) 4258 (Start T3-rtx timer) 4260 DATA [TSN=7,Strm=0,Seq=3] --------> X (lost) 4262 DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected, 4263 immediately send ack) 4264 /----- SACK [TSN Ack=6,Block=1, 4265 / Start=2,End=2] 4266 <-----/ 4267 (remove 6 from out-queue, 4268 and mark 7 as "1" missing report) 4270 Figure 9: Reporting a Gap using SACK Chunk 4272 The maximum number of Gap Ack Blocks that can be reported within a 4273 single SACK chunk is limited by the current PMTU. When a single SACK 4274 chunk cannot cover all the Gap Ack Blocks needed to be reported due 4275 to the PMTU limitation, the endpoint MUST send only one SACK chunk. 4276 This single SACK chunk MUST report the Gap Ack Blocks from the lowest 4277 to highest TSNs, within the size limit set by the PMTU, and leave the 4278 remaining highest TSN numbers unacknowledged. 4280 6.8. CRC32c Checksum Calculation 4282 When sending an SCTP packet, the endpoint MUST strengthen the data 4283 integrity of the transmission by including the CRC32c checksum value 4284 calculated on the packet, as described below. 4286 After the packet is constructed (containing the SCTP common header 4287 and one or more control or DATA chunks), the transmitter MUST 4289 1) fill in the proper Verification Tag in the SCTP common header and 4290 initialize the checksum field to 0, 4292 2) calculate the CRC32c checksum of the whole packet, including the 4293 SCTP common header and all the chunks (refer to Appendix A for 4294 details of the CRC32c algorithm); and 4296 3) put the resultant value into the checksum field in the common 4297 header, and leave the rest of the bits unchanged. 4299 When an SCTP packet is received, the receiver MUST first check the 4300 CRC32c checksum as follows: 4302 1) Store the received CRC32c checksum value aside. 4304 2) Replace the 32 bits of the checksum field in the received SCTP 4305 packet with 0 and calculate a CRC32c checksum value of the whole 4306 received packet. 4308 3) Verify that the calculated CRC32c checksum is the same as the 4309 received CRC32c checksum. If it is not, the receiver MUST treat 4310 the packet as an invalid SCTP packet. 4312 The default procedure for handling invalid SCTP packets is to 4313 silently discard them. 4315 Any hardware implementation SHOULD permit alternative verification of 4316 the CRC in software. 4318 6.9. Fragmentation and Reassembly 4320 An endpoint MAY support fragmentation when sending DATA chunks, but 4321 it MUST support reassembly when receiving DATA chunks. If an 4322 endpoint supports fragmentation, it MUST fragment a user message if 4323 the size of the user message to be sent causes the outbound SCTP 4324 packet size to exceed the current PMTU. An endpoint that does not 4325 support fragmentation and is requested to send a user message such 4326 that the outbound SCTP packet size would exceed the current PMTU MUST 4327 return an error to its upper layer and MUST NOT attempt to send the 4328 user message. 4330 An SCTP implementation MAY provide a mechanism to the upper layer 4331 that disables fragmentation when sending DATA chunks. When 4332 fragmentation of DATA chunks is disabeled, the SCTP implementation 4333 MUST behave in the same way an implementation that does not support 4334 fragmentation, i.e., it rejects calls that would result in sending 4335 SCTP packets that exceed the current PMTU. 4337 Implementation Note: In this error case, the SEND primitive discussed 4338 in Section 11.1 would need to return an error to the upper layer. 4340 If its peer is multi-homed, the endpoint SHOULD choose a DATA chunk 4341 size smaller than or equal to the AMDCS. 4343 Once a user message is fragmented, it cannot be re-fragmented. 4344 Instead, if the PMTU has been reduced, then IP fragmentation MUST be 4345 used. Therefore, an SCTP association can fail if IP fragmentation is 4346 not working on any path. Please see Section 7.3 for details of PMTU 4347 discovery. 4349 When determining when to fragment, the SCTP implementation MUST take 4350 into account the SCTP packet header as well as the DATA chunk 4351 header(s). The implementation MUST also take into account the space 4352 required for a SACK chunk if bundling a SACK chunk with the DATA 4353 chunk. 4355 Fragmentation takes the following steps: 4357 1) The data sender MUST break the user message into a series of DATA 4358 chunks. The sender SHOULD choose a size of DATA chunks that is 4359 smaller than or equal to the AMDCS. 4361 2) The transmitter MUST then assign, in sequence, a separate TSN to 4362 each of the DATA chunks in the series. The transmitter assigns 4363 the same Stream Sequence Number to each of the DATA chunks. If 4364 the user indicates that the user message is to be delivered using 4365 unordered delivery, then the U flag of each DATA chunk of the 4366 user message MUST be set to 1. 4368 3) The transmitter MUST also set the B/E bits of the first DATA 4369 chunk in the series to '10', the B/E bits of the last DATA chunk 4370 in the series to '01', and the B/E bits of all other DATA chunks 4371 in the series to '00'. 4373 An endpoint MUST recognize fragmented DATA chunks by examining the B/ 4374 E bits in each of the received DATA chunks, and queue the fragmented 4375 DATA chunks for reassembly. Once the user message is reassembled, 4376 SCTP passes the reassembled user message to the specific stream for 4377 possible reordering and final dispatching. 4379 If the data receiver runs out of buffer space while still waiting for 4380 more fragments to complete the reassembly of the message, it SHOULD 4381 dispatch part of its inbound message through a partial delivery API 4382 (see Section 11), freeing some of its receive buffer space so that 4383 the rest of the message can be received. 4385 6.10. Bundling 4387 An endpoint bundles chunks by simply including multiple chunks in one 4388 outbound SCTP packet. The total size of the resultant SCTP packet 4389 MUST be less that or equal to the current PMTU. 4391 If its peer endpoint is multi-homed, the sending endpoint SHOULD 4392 choose a size no larger than the PMTU of the current primary path. 4394 When bundling control chunks with DATA chunks, an endpoint MUST place 4395 control chunks first in the outbound SCTP packet. The transmitter 4396 MUST transmit DATA chunks within an SCTP packet in increasing order 4397 of TSN. 4399 Note: Since control chunks are placed first in a packet and since 4400 DATA chunks are transmitted before SHUTDOWN or SHUTDOWN ACK chunks, 4401 DATA chunks cannot be bundled with SHUTDOWN or SHUTDOWN ACK chunks. 4403 Partial chunks MUST NOT be placed in an SCTP packet. A partial chunk 4404 is a chunk that is not completely contained in the SCTP packet; i.e., 4405 the SCTP packet is too short to contain all the bytes of the chunk as 4406 indicated by the chunk length. 4408 An endpoint MUST process received chunks in their order in the 4409 packet. The receiver uses the Chunk Length field to determine the 4410 end of a chunk and beginning of the next chunk taking account of the 4411 fact that all chunks end on a 4-byte boundary. If the receiver 4412 detects a partial chunk, it MUST drop the chunk. 4414 An endpoint MUST NOT bundle INIT, INIT ACK, or SHUTDOWN COMPLETE 4415 chunks with any other chunks. 4417 7. Congestion Control 4419 Congestion control is one of the basic functions in SCTP. To manage 4420 congestion, the mechanisms and algorithms in this section are to be 4421 employed. 4423 Implementation Note: As far as its specific performance requirements 4424 are met, an implementation is always allowed to adopt a more 4425 conservative congestion control algorithm than the one defined below. 4427 The congestion control algorithms used by SCTP are based on 4428 [RFC5681]. This section describes how the algorithms defined in 4429 [RFC5681] are adapted for use in SCTP. We first list differences in 4430 protocol designs between TCP and SCTP, and then describe SCTP's 4431 congestion control scheme. The description will use the same 4432 terminology as in TCP congestion control whenever appropriate. 4434 SCTP congestion control is always applied to the entire association, 4435 and not to individual streams. 4437 7.1. SCTP Differences from TCP Congestion Control 4439 Gap Ack Blocks in the SCTP SACK chunk carry the same semantic meaning 4440 as the TCP SACK. TCP considers the information carried in the SACK 4441 as advisory information only. SCTP considers the information carried 4442 in the Gap Ack Blocks in the SACK chunk as advisory. In SCTP, any 4443 DATA chunk that has been acknowledged by a SACK chunk, including DATA 4444 that arrived at the receiving end out of order, is not considered 4445 fully delivered until the Cumulative TSN Ack Point passes the TSN of 4446 the DATA chunk (i.e., the DATA chunk has been acknowledged by the 4447 Cumulative TSN Ack field in the SACK chunk). Consequently, the value 4448 of cwnd controls the amount of outstanding data, rather than (as in 4449 the case of non-SACK TCP) the upper bound between the highest 4450 acknowledged sequence number and the latest DATA chunk that can be 4451 sent within the congestion window. SCTP SACK leads to different 4452 implementations of Fast Retransmit and Fast Recovery than non-SACK 4453 TCP. As an example, see [FALL96]. 4455 The biggest difference between SCTP and TCP, however, is multi- 4456 homing. SCTP is designed to establish robust communication 4457 associations between two endpoints each of which might be reachable 4458 by more than one transport address. Potentially different addresses 4459 might lead to different data paths between the two endpoints; thus, 4460 ideally one needs a separate set of congestion control parameters for 4461 each of the paths. The treatment here of congestion control for 4462 multi-homed receivers is new with SCTP and might require refinement 4463 in the future. The current algorithms make the following 4464 assumptions: 4466 * The sender usually uses the same destination address until being 4467 instructed by the upper layer to do otherwise; however, SCTP MAY 4468 change to an alternate destination in the event an address is 4469 marked inactive (see Section 8.2). Also, SCTP MAY retransmit to a 4470 different transport address than the original transmission. 4472 * The sender keeps a separate congestion control parameter set for 4473 each of the destination addresses it can send to (not each source- 4474 destination pair but for each destination). The parameters SHOULD 4475 decay if the address is not used for a long enough time period. 4476 [RFC5681] specifies this long enough time as a retransmission 4477 timeout. 4479 * For each of the destination addresses, an endpoint does slow start 4480 upon the first transmission to that address. 4482 Note: TCP guarantees in-sequence delivery of data to its upper-layer 4483 protocol within a single TCP session. This means that when TCP 4484 notices a gap in the received sequence number, it waits until the gap 4485 is filled before delivering the data that was received with sequence 4486 numbers higher than that of the missing data. On the other hand, 4487 SCTP can deliver data to its upper-layer protocol even if there is a 4488 gap in TSN if the Stream Sequence Numbers are in sequence for a 4489 particular stream (i.e., the missing DATA chunks are for a different 4490 stream) or if unordered delivery is indicated. Although this does 4491 not affect cwnd, it might affect rwnd calculation. 4493 7.2. SCTP Slow-Start and Congestion Avoidance 4495 The slow-start and congestion avoidance algorithms MUST be used by an 4496 endpoint to control the amount of data being injected into the 4497 network. The congestion control in SCTP is employed in regard to the 4498 association, not to an individual stream. In some situations, it 4499 might be beneficial for an SCTP sender to be more conservative than 4500 the algorithms allow; however, an SCTP sender MUST NOT be more 4501 aggressive than the following algorithms allow. 4503 Like TCP, an SCTP endpoint uses the following three control variables 4504 to regulate its transmission rate. 4506 * Receiver advertised window size (rwnd, in bytes), which is set by 4507 the receiver based on its available buffer space for incoming 4508 packets. 4510 Note: This variable is kept on the entire association. 4512 * Congestion control window (cwnd, in bytes), which is adjusted by 4513 the sender based on observed network conditions. 4515 Note: This variable is maintained on a per-destination-address 4516 basis. 4518 * Slow-start threshold (ssthresh, in bytes), which is used by the 4519 sender to distinguish slow-start and congestion avoidance phases. 4521 Note: This variable is maintained on a per-destination-address 4522 basis. 4524 SCTP also requires one additional control variable, 4525 partial_bytes_acked, which is used during congestion avoidance phase 4526 to facilitate cwnd adjustment. 4528 Unlike TCP, an SCTP sender MUST keep a set of these control variables 4529 cwnd, ssthresh, and partial_bytes_acked for EACH destination address 4530 of its peer (when its peer is multi-homed). When calculating one of 4531 these variables, the length of the DATA chunk including the padding 4532 SHOULD be used. 4534 Only one rwnd is kept for the whole association (no matter if the 4535 peer is multi-homed or has a single address). 4537 7.2.1. Slow-Start 4539 Beginning data transmission into a network with unknown conditions or 4540 after a sufficiently long idle period requires SCTP to probe the 4541 network to determine the available capacity. The slow-start 4542 algorithm is used for this purpose at the beginning of a transfer, or 4543 after repairing loss detected by the retransmission timer. 4545 * The initial cwnd before data transmission MUST be set to min(4 * 4546 PMDCS, max(2 * PMDCS, 4404)) bytes if the peer address is an IPv4 4547 address and to min(4 * PMDCS, max(2 * PMDCS, 4344)) bytes if the 4548 peer address is an IPv6 address. 4550 * The initial cwnd after a retransmission timeout MUST be no more 4551 than PMDCS, and only one packet is allowed to be in flight until 4552 successful acknowledgement. 4554 * The initial value of ssthresh SHOULD be arbitrarily high (e.g., 4555 the size of the largest possible advertised window). 4557 * Whenever cwnd is greater than zero, the endpoint is allowed to 4558 have cwnd bytes of data outstanding on that transport address. A 4559 limited overbooking as described in Section 6.1 B) SHOULD be 4560 supported. 4562 * When cwnd is less than or equal to ssthresh, an SCTP endpoint MUST 4563 use the slow-start algorithm to increase cwnd only if the current 4564 congestion window is being fully utilized, and the data sender is 4565 not in Fast Recovery. Only when these two conditions are met can 4566 the cwnd be increased; otherwise, the cwnd MUST NOT be increased. 4567 If these conditions are met, then cwnd MUST be increased by, at 4568 most, the lesser of 4570 1. the total size of the previously outstanding DATA chunk(s) 4571 acknowledged, and 4573 2. L times the destination's PMDCS. 4575 The first upper bound protects against the ACK-Splitting attack 4576 outlined in [SAVAGE99]. The positive integer L SHOULD be 1, and 4577 MAY be larger than 1. See [RFC3465] for details of choosing L. 4579 In instances where its peer endpoint is multi-homed, if an 4580 endpoint receives a SACK chunk that results in updating the cwnd, 4581 then it SHOULD update its cwnd (or cwnds) apportioned to the 4582 destination addresses to which it transmitted the acknowledged 4583 data. 4585 * While the endpoint does not transmit data on a given transport 4586 address, the cwnd of the transport address SHOULD be adjusted to 4587 max(cwnd / 2, 4 * PMDCS) once per RTO. Before the first cwnd 4588 adjustment, the ssthresh of the transport address SHOULD be set to 4589 the cwnd. 4591 7.2.2. Congestion Avoidance 4593 When cwnd is greater than ssthresh, cwnd SHOULD be incremented by 4594 PMDCS per RTT if the sender has cwnd or more bytes of data 4595 outstanding for the corresponding transport address. The basic 4596 recommendations for incrementing cwnd during congestion avoidance are 4597 as follows: 4599 * SCTP MAY increment cwnd by PMDCS. 4601 * SCTP SHOULD increment cwnd by PMDCS once per RTT when the sender 4602 has cwnd or more bytes of data outstanding for the corresponding 4603 transport address. 4605 * SCTP MUST NOT increment cwnd by more than PMDCS per RTT. 4607 In practice, an implementation can achieve this goal in the following 4608 way: 4610 * partial_bytes_acked is initialized to 0. 4612 * Whenever cwnd is greater than ssthresh, upon each SACK chunk 4613 arrival, increase partial_bytes_acked by the total number of bytes 4614 (including the chunk header and the padding) of all new DATA 4615 chunks acknowledged in that SACK chunk, including chunks 4616 acknowledged by the new Cumulative TSN Ack, by Gap Ack Blocks, and 4617 by the number of bytes of duplicated chunks reported in Duplicate 4618 TSNs. 4620 * When (1) partial_bytes_acked is greater than cwnd and (2) before 4621 the arrival of the SACK chunk the sender had less than cwnd bytes 4622 of data outstanding (i.e., before the arrival of the SACK chunk, 4623 flightsize was less than cwnd), reset partial_bytes_acked to cwnd. 4625 * When (1) partial_bytes_acked is equal to or greater than cwnd and 4626 (2) before the arrival of the SACK chunk the sender had cwnd or 4627 more bytes of data outstanding (i.e., before the arrival of the 4628 SACK chunk, flightsize was greater than or equal to cwnd), 4629 partial_bytes_acked is reset to (partial_bytes_acked - cwnd). 4630 Next, cwnd is increased by PMDCS. 4632 * Same as in the slow start, when the sender does not transmit DATA 4633 chunks on a given transport address, the cwnd of the transport 4634 address SHOULD be adjusted to max(cwnd / 2, 4 * PMDCS) per RTO. 4636 * When all of the data transmitted by the sender has been 4637 acknowledged by the receiver, partial_bytes_acked is initialized 4638 to 0. 4640 7.2.3. Congestion Control 4642 Upon detection of packet losses from SACK chunks (see Section 7.2.4), 4643 an endpoint SHOULD do the following: 4645 ssthresh = max(cwnd / 2, 4 * PMDCS) 4646 cwnd = ssthresh 4647 partial_bytes_acked = 0 4649 Basically, a packet loss causes cwnd to be cut in half. 4651 When the T3-rtx timer expires on an address, SCTP SHOULD perform slow 4652 start by: 4654 ssthresh = max(cwnd / 2, 4 * PMDCS) 4655 cwnd = PMDCS 4656 partial_bytes_acked = 0 4658 and ensure that no more than one SCTP packet will be in flight for 4659 that address until the endpoint receives acknowledgement for 4660 successful delivery of data to that address. 4662 7.2.4. Fast Retransmit on Gap Reports 4664 In the absence of data loss, an endpoint performs delayed 4665 acknowledgement. However, whenever an endpoint notices a hole in the 4666 arriving TSN sequence, it SHOULD start sending a SACK chunk back 4667 every time a packet arrives carrying data until the hole is filled. 4669 Whenever an endpoint receives a SACK chunk that indicates that some 4670 TSNs are missing, it SHOULD wait for two further miss indications 4671 (via subsequent SACK chunks for a total of three missing reports) on 4672 the same TSNs before taking action with regard to Fast Retransmit. 4674 Miss indications SHOULD follow the HTNA (Highest TSN Newly 4675 Acknowledged) algorithm. For each incoming SACK chunk, miss 4676 indications are incremented only for missing TSNs prior to the 4677 highest TSN newly acknowledged in the SACK chunk. A newly 4678 acknowledged DATA chunk is one not previously acknowledged in a SACK 4679 chunk. If an endpoint is in Fast Recovery and a SACK chunks arrives 4680 that advances the Cumulative TSN Ack Point, the miss indications are 4681 incremented for all TSNs reported missing in the SACK chunk. 4683 When the third consecutive miss indication is received for a TSN(s), 4684 the data sender does the following: 4686 1) Mark the DATA chunk(s) with three miss indications for 4687 retransmission. 4689 2) If not in Fast Recovery, adjust the ssthresh and cwnd of the 4690 destination address(es) to which the missing DATA chunks were 4691 last sent, according to the formula described in Section 7.2.3. 4693 3) If not in Fast Recovery, determine how many of the earliest 4694 (i.e., lowest TSN) DATA chunks marked for retransmission will fit 4695 into a single packet, subject to constraint of the PMTU of the 4696 destination transport address to which the packet is being sent. 4697 Call this value K. Retransmit those K DATA chunks in a single 4698 packet. When a Fast Retransmit is being performed, the sender 4699 SHOULD ignore the value of cwnd and SHOULD NOT delay 4700 retransmission for this single packet. 4702 4) Restart the T3-rtx timer only if the last SACK chunk acknowledged 4703 the lowest outstanding TSN number sent to that address, or the 4704 endpoint is retransmitting the first outstanding DATA chunk sent 4705 to that address. 4707 5) Mark the DATA chunk(s) as being fast retransmitted and thus 4708 ineligible for a subsequent Fast Retransmit. Those TSNs marked 4709 for retransmission due to the Fast-Retransmit algorithm that did 4710 not fit in the sent datagram carrying K other TSNs are also 4711 marked as ineligible for a subsequent Fast Retransmit. However, 4712 as they are marked for retransmission they will be retransmitted 4713 later on as soon as cwnd allows. 4715 6) If not in Fast Recovery, enter Fast Recovery and mark the highest 4716 outstanding TSN as the Fast Recovery exit point. When a SACK 4717 chunk acknowledges all TSNs up to and including this exit point, 4718 Fast Recovery is exited. While in Fast Recovery, the ssthresh 4719 and cwnd SHOULD NOT change for any destinations due to a 4720 subsequent Fast Recovery event (i.e., one SHOULD NOT reduce the 4721 cwnd further due to a subsequent Fast Retransmit). 4723 Note: Before the above adjustments, if the received SACK chunk also 4724 acknowledges new DATA chunks and advances the Cumulative TSN Ack 4725 Point, the cwnd adjustment rules defined in Section 7.2.1 and 4726 Section 7.2.2 MUST be applied first. 4728 7.2.5. Reinitialization 4730 During the lifetime of an SCTP association events can happen, which 4731 result in using the network under unknown new conditions. When 4732 detected by an SCTP implementation, the congestion control MUST be 4733 reinitialized. 4735 7.2.5.1. Change of Differentiated Services Code Points 4737 SCTP implementations MAY allow an application to configure the 4738 Differentiated Services Code Point (DSCP) used for sending packets. 4739 If a DSCP change might result in outgoing packets being queued in 4740 different queues, the congestion control parameters for all affected 4741 destination addresses MUST be reset to their initial values. 4743 7.2.5.2. Change of Routes 4745 SCTP implementations MAY be aware of routing changes affecting 4746 packets sent to a destination address. In particular, this includes 4747 the selection of a different source address used for sending packets 4748 to a destination address. If such a routing change happens, the 4749 congestion control parameters for the affected destination addresses 4750 MUST be reset to their initial values. 4752 7.3. PMTU Discovery 4754 [RFC8899], [RFC8201], and [RFC1191] specify "Packetization Layer Path 4755 MTU Discovery", whereby an endpoint maintains an estimate of PMTU 4756 along a given Internet path and refrains from sending packets along 4757 that path that exceed the PMTU, other than occasional attempts to 4758 probe for a change in the PMTU. [RFC8899] is thorough in its 4759 discussion of the PMTU discovery mechanism and strategies for 4760 determining the current end-to-end PMTU setting as well as detecting 4761 changes in this value. 4763 An endpoint SHOULD apply these techniques, and SHOULD do so on a per- 4764 destination-address basis. 4766 There are two important SCTP-specific points regarding PMTU 4767 discovery: 4769 1) SCTP associations can span multiple addresses. An endpoint MUST 4770 maintain separate PMTU estimates for each destination address of 4771 its peer. 4773 2) The sender SHOULD track an AMDCS that will be the smallest PMDCS 4774 discovered for all of the peer's destination addresses. When 4775 fragmenting messages into multiple parts this AMDCS SHOULD be 4776 used to calculate the size of each DATA chunk. This will allow 4777 retransmissions to be seamlessly sent to an alternate address 4778 without encountering IP fragmentation. 4780 8. Fault Management 4782 8.1. Endpoint Failure Detection 4784 An endpoint SHOULD keep a counter on the total number of consecutive 4785 retransmissions to its peer (this includes data retransmissions to 4786 all the destination transport addresses of the peer if it is multi- 4787 homed), including the number of unacknowledged HEARTBEAT chunks 4788 observed on the path that is currently used for data transfer. 4789 Unacknowledged HEARTBEAT chunks observed on paths different from the 4790 path currently used for data transfer SHOULD NOT increment the 4791 association error counter, as this could lead to association closure 4792 even if the path that is currently used for data transfer is 4793 available (but idle). If the value of this counter exceeds the limit 4794 indicated in the protocol parameter 'Association.Max.Retrans', the 4795 endpoint SHOULD consider the peer endpoint unreachable and SHALL stop 4796 transmitting any more data to it (and thus the association enters the 4797 CLOSED state). In addition, the endpoint SHOULD report the failure 4798 to the upper layer and optionally report back all outstanding user 4799 data remaining in its outbound queue. The association is 4800 automatically closed when the peer endpoint becomes unreachable. 4802 The counter used for endpoint failure detection MUST be reset each 4803 time a DATA chunk sent to that peer endpoint is acknowledged (by the 4804 reception of a SACK chunk). When a HEARTBEAT ACK chunk is received 4805 from the peer endpoint, the counter SHOULD also be reset. The 4806 receiver of the HEARTBEAT ACK chunk MAY choose not to clear the 4807 counter if there is outstanding data on the association. This allows 4808 for handling the possible difference in reachability based on DATA 4809 chunks and HEARTBEAT chunks. 4811 8.2. Path Failure Detection 4813 When its peer endpoint is multi-homed, an endpoint SHOULD keep an 4814 error counter for each of the destination transport addresses of the 4815 peer endpoint. 4817 Each time the T3-rtx timer expires on any address, or when a 4818 HEARTBEAT chunk sent to an idle address is not acknowledged within an 4819 RTO, the error counter of that destination address will be 4820 incremented. When the value in the error counter exceeds the 4821 protocol parameter 'Path.Max.Retrans' of that destination address, 4822 the endpoint SHOULD mark the destination transport address as 4823 inactive, and a notification SHOULD be sent to the upper layer. 4825 When an outstanding TSN is acknowledged or a HEARTBEAT chunk sent to 4826 that address is acknowledged with a HEARTBEAT ACK chunk, the endpoint 4827 SHOULD clear the error counter of the destination transport address 4828 to which the DATA chunk was last sent (or HEARTBEAT chunk was sent) 4829 and SHOULD also report to the upper layer when an inactive 4830 destination address is marked as active. When the peer endpoint is 4831 multi-homed and the last chunk sent to it was a retransmission to an 4832 alternate address, there exists an ambiguity as to whether or not the 4833 acknowledgement could be credited to the address of the last chunk 4834 sent. However, this ambiguity does not seem to have significant 4835 consequences for SCTP behavior. If this ambiguity is undesirable, 4836 the transmitter MAY choose not to clear the error counter if the last 4837 chunk sent was a retransmission. 4839 Note: When configuring the SCTP endpoint, the user ought avoid having 4840 the value of 'Association.Max.Retrans' larger than the summation of 4841 the 'Path.Max.Retrans' of all the destination addresses for the 4842 remote endpoint. Otherwise, all the destination addresses might 4843 become inactive while the endpoint still considers the peer endpoint 4844 reachable. When this condition occurs, how SCTP chooses to function 4845 is implementation specific. 4847 When the primary path is marked inactive (due to excessive 4848 retransmissions, for instance), the sender MAY automatically transmit 4849 new packets to an alternate destination address if one exists and is 4850 active. If more than one alternate address is active when the 4851 primary path is marked inactive, only ONE transport address SHOULD be 4852 chosen and used as the new destination transport address. 4854 8.3. Path Heartbeat 4856 By default, an SCTP endpoint SHOULD monitor the reachability of the 4857 idle destination transport address(es) of its peer by sending a 4858 HEARTBEAT chunk periodically to the destination transport 4859 address(es). The sending of HEARTBEAT chunks MAY begin upon reaching 4860 the ESTABLISHED state and is discontinued after sending either a 4861 SHUTDOWN chunk or SHUTDOWN ACK chunk. A receiver of a HEARTBEAT 4862 chunks MUST respond to a HEARTBEAT chunk with a HEARTBEAT ACK chunk 4863 after entering the COOKIE-ECHOED state (sender of the INIT chunk) or 4864 the ESTABLISHED state (receiver of the INIT chunk), up until reaching 4865 the SHUTDOWN-SENT state (sender of the SHUTDOWN chunk) or the 4866 SHUTDOWN-ACK-SENT state (receiver of the SHUTDOWN chunk). 4868 A destination transport address is considered "idle" if no new chunk 4869 that can be used for updating path RTT (usually including first 4870 transmission DATA, INIT, COOKIE ECHO, or HEARTBEAT chunks, etc.) and 4871 no HEARTBEAT chunk has been sent to it within the current heartbeat 4872 period of that address. This applies to both active and inactive 4873 destination addresses. 4875 The upper layer can optionally initiate the following functions: 4877 A) Disable heartbeat on a specific destination transport address of 4878 a given association, 4880 B) Change the 'HB.interval', 4882 C) Re-enable heartbeat on a specific destination transport address 4883 of a given association, and 4885 D) Request the sending of an on-demand HEARTBEAT chunk on a specific 4886 destination transport address of a given association. 4888 The endpoint SHOULD increment the respective error counter of the 4889 destination transport address each time a HEARTBEAT chunk is sent to 4890 that address and not acknowledged within one RTO. 4892 When the value of this counter exceeds the protocol parameter 4893 'Path.Max.Retrans', the endpoint SHOULD mark the corresponding 4894 destination address as inactive if it is not so marked and SHOULD 4895 also report to the upper layer the change in reachability of this 4896 destination address. After this, the endpoint SHOULD continue 4897 sending HEARTBEAT chunks on this destination address but SHOULD stop 4898 increasing the counter. 4900 The sender of the HEARTBEAT chunk SHOULD include in the Heartbeat 4901 Information field of the chunk the current time when the packet is 4902 sent and the destination address to which the packet is sent. 4904 Implementation Note: An alternative implementation of the heartbeat 4905 mechanism that can be used is to increment the error counter variable 4906 every time a HEARTBEAT chunk is sent to a destination. Whenever a 4907 HEARTBEAT ACK chunk arrives, the sender SHOULD clear the error 4908 counter of the destination that the HEARTBEAT chunk was sent to. 4909 This in effect would clear the previously stroked error (and any 4910 other error counts as well). 4912 The receiver of the HEARTBEAT chunk SHOULD immediately respond with a 4913 HEARTBEAT ACK chunk that contains the Heartbeat Information TLV, 4914 together with any other received TLVs, copied unchanged from the 4915 received HEARTBEAT chunk. 4917 Upon the receipt of the HEARTBEAT ACK chunk, the sender of the 4918 HEARTBEAT chunk SHOULD clear the error counter of the destination 4919 transport address to which the HEARTBEAT chunk was sent and mark the 4920 destination transport address as active if it is not so marked. The 4921 endpoint SHOULD report to the upper layer when an inactive 4922 destination address is marked as active due to the reception of the 4923 latest HEARTBEAT ACK chunk. The receiver of the HEARTBEAT ACK chunk 4924 SHOULD also clear the association overall error count (as defined in 4925 Section 8.1). 4927 The receiver of the HEARTBEAT ACK chunk SHOULD also perform an RTT 4928 measurement for that destination transport address using the time 4929 value carried in the HEARTBEAT ACK chunk. 4931 On an idle destination address that is allowed to heartbeat, it is 4932 RECOMMENDED that a HEARTBEAT chunk is sent once per RTO of that 4933 destination address plus the protocol parameter 'HB.interval', with 4934 jittering of +/- 50% of the RTO value, and exponential backoff of the 4935 RTO if the previous HEARTBEAT chunk is unanswered. 4937 A primitive is provided for the SCTP user to change the 'HB.interval' 4938 and turn on or off the heartbeat on a given destination address. The 4939 'HB.interval' set by the SCTP user is added to the RTO of that 4940 destination (including any exponential backoff). Only one heartbeat 4941 SHOULD be sent each time the heartbeat timer expires (if multiple 4942 destinations are idle). It is an implementation decision on how to 4943 choose which of the candidate idle destinations to heartbeat to (if 4944 more than one destination is idle). 4946 When tuning the 'HB.interval', there is a side effect that SHOULD be 4947 taken into account. When this value is increased, i.e., the time 4948 between the sending of HEARTBEAT chunks is longer, the detection of 4949 lost ABORT chunks takes longer as well. If a peer endpoint sends an 4950 ABORT chunk for any reason and the ABORT chunk is lost, the local 4951 endpoint will only discover the lost ABORT chunk by sending a DATA 4952 chunk or HEARTBEAT chunk (thus causing the peer to send another ABORT 4953 chunk). This is to be considered when tuning the heartbeat timer. 4954 If the sending of HEARTBEAT chunks is disabled, only sending DATA 4955 chunks to the association will discover a lost ABORT chunk from the 4956 peer. 4958 8.4. Handle "Out of the Blue" Packets 4960 An SCTP packet is called an "out of the blue" (OOTB) packet if it is 4961 correctly formed (i.e., passed the receiver's CRC32c check; see 4962 Section 6.8), but the receiver is not able to identify the 4963 association to which this packet belongs. 4965 The receiver of an OOTB packet does the following: 4967 1) If the OOTB packet is to or from a non-unicast address, a 4968 receiver SHOULD silently discard the packet. Otherwise, 4970 2) If the OOTB packet contains an ABORT chunk, the receiver MUST 4971 silently discard the OOTB packet and take no further action. 4972 Otherwise, 4974 3) If the packet contains an INIT chunk with a Verification Tag set 4975 to 0, it SHOULD be processed as described in Section 5.1. If, 4976 for whatever reason, the INIT chunk cannot be processed normally 4977 and an ABORT chunk has to be sent in response, the Verification 4978 Tag of the packet containing the ABORT chunk MUST be the Initiate 4979 Tag of the received INIT chunk, and the T bit of the ABORT chunk 4980 has to be set to 0, indicating that the Verification Tag is not 4981 reflected. Otherwise, 4983 4) If the packet contains a COOKIE ECHO chunk as the first chunk, it 4984 MUST be processed as described in Section 5.1. Otherwise, 4986 5) If the packet contains a SHUTDOWN ACK chunk, the receiver SHOULD 4987 respond to the sender of the OOTB packet with a SHUTDOWN COMPLETE 4988 chunk. When sending the SHUTDOWN COMPLETE chunk, the receiver of 4989 the OOTB packet MUST fill in the Verification Tag field of the 4990 outbound packet with the Verification Tag received in the 4991 SHUTDOWN ACK chunk and set the T bit in the Chunk Flags to 4992 indicate that the Verification Tag is reflected. Otherwise, 4994 6) If the packet contains a SHUTDOWN COMPLETE chunk, the receiver 4995 SHOULD silently discard the packet and take no further action. 4996 Otherwise, 4998 7) If the packet contains a ERROR chunk with the "Stale Cookie" 4999 error cause or a COOKIE ACK chunk, the SCTP packet SHOULD be 5000 silently discarded. Otherwise, 5002 8) The receiver SHOULD respond to the sender of the OOTB packet with 5003 an ABORT chunk. When sending the ABORT chunk, the receiver of 5004 the OOTB packet MUST fill in the Verification Tag field of the 5005 outbound packet with the value found in the Verification Tag 5006 field of the OOTB packet and set the T bit in the Chunk Flags to 5007 indicate that the Verification Tag is reflected. After sending 5008 this ABORT chunk, the receiver of the OOTB packet MUST discard 5009 the OOTB packet and MUST NOT take any further action. 5011 8.5. Verification Tag 5013 The Verification Tag rules defined in this section apply when sending 5014 or receiving SCTP packets that do not contain an INIT, SHUTDOWN 5015 COMPLETE, COOKIE ECHO (see Section 5.1), ABORT, or SHUTDOWN ACK 5016 chunk. The rules for sending and receiving SCTP packets containing 5017 one of these chunk types are discussed separately in Section 8.5.1. 5019 When sending an SCTP packet, the endpoint MUST fill in the 5020 Verification Tag field of the outbound packet with the tag value in 5021 the Initiate Tag parameter of the INIT or INIT ACK chunk received 5022 from its peer. 5024 When receiving an SCTP packet, the endpoint MUST ensure that the 5025 value in the Verification Tag field of the received SCTP packet 5026 matches its own tag. If the received Verification Tag value does not 5027 match the receiver's own tag value, the receiver MUST silently 5028 discard the packet and MUST NOT process it any further except for 5029 those cases listed in Section 8.5.1 below. 5031 8.5.1. Exceptions in Verification Tag Rules 5033 A) Rules for packets carrying an INIT chunk: 5034 * The sender MUST set the Verification Tag of the packet to 0. 5036 * When an endpoint receives an SCTP packet with the Verification 5037 Tag set to 0, it SHOULD verify that the packet contains only an 5038 INIT chunk. Otherwise, the receiver MUST silently discard the 5039 packet. 5041 B) Rules for packets carrying an ABORT chunk: 5042 * The endpoint MUST always fill in the Verification Tag field of 5043 the outbound packet with the destination endpoint's tag value, 5044 if it is known. 5046 * If the ABORT chunk is sent in response to an OOTB packet, the 5047 endpoint MUST follow the procedure described in Section 8.4. 5049 * The receiver of an ABORT chunk MUST accept the packet if the 5050 Verification Tag field of the packet matches its own tag and 5051 the T bit is not set OR if it is set to its peer's tag and the 5052 T bit is set in the Chunk Flags. Otherwise, the receiver MUST 5053 silently discard the packet and take no further action. 5055 C) Rules for packets carrying a SHUTDOWN COMPLETE chunk: 5056 * When sending a SHUTDOWN COMPLETE chunk, if the receiver of the 5057 SHUTDOWN ACK chunk has a TCB, then the destination endpoint's 5058 tag MUST be used, and the T bit MUST NOT be set. Only where no 5059 TCB exists SHOULD the sender use the Verification Tag from the 5060 SHUTDOWN ACK chunk, and MUST set the T bit. 5062 * The receiver of a SHUTDOWN COMPLETE chunk accepts the packet if 5063 the Verification Tag field of the packet matches its own tag 5064 and the T bit is not set OR if it is set to its peer's tag and 5065 the T bit is set in the Chunk Flags. Otherwise, the receiver 5066 MUST silently discard the packet and take no further action. 5067 An endpoint MUST ignore the SHUTDOWN COMPLETE chunk if it is 5068 not in the SHUTDOWN-ACK-SENT state. 5070 D) Rules for packets carrying a COOKIE ECHO chunk: 5071 * When sending a COOKIE ECHO chunk, the endpoint MUST use the 5072 value of the Initiate Tag received in the INIT ACK chunk. 5074 * The receiver of a COOKIE ECHO chunk follows the procedures in 5075 Section 5. 5077 E) Rules for packets carrying a SHUTDOWN ACK chunk: 5078 * If the receiver is in COOKIE-ECHOED or COOKIE-WAIT state the 5079 procedures in Section 8.4 SHOULD be followed; in other words, 5080 it is treated as an OOTB packet. 5082 9. Termination of Association 5084 An endpoint SHOULD terminate its association when it exits from 5085 service. An association can be terminated by either abort or 5086 shutdown. An abort of an association is abortive by definition in 5087 that any data pending on either end of the association is discarded 5088 and not delivered to the peer. A shutdown of an association is 5089 considered a graceful close where all data in queue by either 5090 endpoint is delivered to the respective peers. However, in the case 5091 of a shutdown, SCTP does not support a half-open state (like TCP) 5092 wherein one side might continue sending data while the other end is 5093 closed. When either endpoint performs a shutdown, the association on 5094 each peer will stop accepting new data from its user and only deliver 5095 data in queue at the time of sending or receiving the SHUTDOWN chunk. 5097 9.1. Abort of an Association 5099 When an endpoint decides to abort an existing association, it MUST 5100 send an ABORT chunk to its peer endpoint. The sender MUST fill in 5101 the peer's Verification Tag in the outbound packet and MUST NOT 5102 bundle any DATA chunk with the ABORT chunk. If the association is 5103 aborted on request of the upper layer, a "User-Initiated Abort" error 5104 cause (see Section 3.3.10.12) SHOULD be present in the ABORT chunk. 5106 An endpoint MUST NOT respond to any received packet that contains an 5107 ABORT chunk (also see Section 8.4). 5109 An endpoint receiving an ABORT chunk MUST apply the special 5110 Verification Tag check rules described in Section 8.5.1. 5112 After checking the Verification Tag, the receiving endpoint MUST 5113 remove the association from its record and SHOULD report the 5114 termination to its upper layer. If a "User-Initiated Abort" error 5115 cause is present in the ABORT chunk, the Upper Layer Abort Reason 5116 SHOULD be made available to the upper layer. 5118 9.2. Shutdown of an Association 5120 Using the SHUTDOWN primitive (see Section 11.1), the upper layer of 5121 an endpoint in an association can gracefully close the association. 5122 This will allow all outstanding DATA chunks from the peer of the 5123 shutdown initiator to be delivered before the association terminates. 5125 Upon receipt of the SHUTDOWN primitive from its upper layer, the 5126 endpoint enters the SHUTDOWN-PENDING state and remains there until 5127 all outstanding data has been acknowledged by its peer. The endpoint 5128 accepts no new data from its upper layer, but retransmits data to the 5129 peer endpoint if necessary to fill gaps. 5131 Once all its outstanding data has been acknowledged, the endpoint 5132 sends a SHUTDOWN chunk to its peer including in the Cumulative TSN 5133 Ack field the last sequential TSN it has received from the peer. It 5134 SHOULD then start the T2-shutdown timer and enter the SHUTDOWN-SENT 5135 state. If the timer expires, the endpoint MUST resend the SHUTDOWN 5136 chunk with the updated last sequential TSN received from its peer. 5138 The rules in Section 6.3 MUST be followed to determine the proper 5139 timer value for T2-shutdown. To indicate any gaps in TSN, the 5140 endpoint MAY also bundle a SACK chunk with the SHUTDOWN chunk in the 5141 same SCTP packet. 5143 An endpoint SHOULD limit the number of retransmissions of the 5144 SHUTDOWN chunk to the protocol parameter 'Association.Max.Retrans'. 5145 If this threshold is exceeded, the endpoint SHOULD destroy the TCB 5146 and SHOULD report the peer endpoint unreachable to the upper layer 5147 (and thus the association enters the CLOSED state). The reception of 5148 any packet from its peer (i.e., as the peer sends all of its queued 5149 DATA chunks) SHOULD clear the endpoint's retransmission count and 5150 restart the T2-shutdown timer, giving its peer ample opportunity to 5151 transmit all of its queued DATA chunks that have not yet been sent. 5153 Upon reception of the SHUTDOWN chunk, the peer endpoint does the 5154 following: 5156 * enter the SHUTDOWN-RECEIVED state, 5158 * stop accepting new data from its SCTP user, and 5160 * verify, by checking the Cumulative TSN Ack field of the chunk, 5161 that all its outstanding DATA chunks have been received by the 5162 SHUTDOWN chunk sender. 5164 Once an endpoint has reached the SHUTDOWN-RECEIVED state, it MUST 5165 ignore ULP shutdown requests but MUST continue responding to SHUTDOWN 5166 chunks from its peer. 5168 If there are still outstanding DATA chunks left, the SHUTDOWN chunk 5169 receiver MUST continue to follow normal data transmission procedures 5170 defined in Section 6, until all outstanding DATA chunks are 5171 acknowledged; however, the SHUTDOWN chunk receiver MUST NOT accept 5172 new data from its SCTP user. 5174 While in the SHUTDOWN-SENT state, the SHUTDOWN chunk sender MUST 5175 immediately respond to each received packet containing one or more 5176 DATA chunks with a SHUTDOWN chunk and restart the T2-shutdown timer. 5177 If a SHUTDOWN chunk by itself cannot acknowledge all of the received 5178 DATA chunks (i.e., there are TSNs that can be acknowledged that are 5179 larger than the cumulative TSN, and thus gaps exist in the TSN 5180 sequence), or if duplicate TSNs have been received, then a SACK chunk 5181 MUST also be sent. 5183 The sender of the SHUTDOWN chunk MAY also start an overall guard 5184 timer T5-shutdown-guard to bound the overall time for the shutdown 5185 sequence. At the expiration of this timer, the sender SHOULD abort 5186 the association by sending an ABORT chunk. If the T5-shutdown-guard 5187 timer is used, it SHOULD be set to the RECOMMENDED value of 5 times 5188 'RTO.Max'. 5190 If the receiver of the SHUTDOWN chunk has no more outstanding DATA 5191 chunks, the SHUTDOWN chunk receiver MUST send a SHUTDOWN ACK chunk 5192 and start a T2-shutdown timer of its own, entering the SHUTDOWN-ACK- 5193 SENT state. If the timer expires, the endpoint MUST resend the 5194 SHUTDOWN ACK chunk. 5196 The sender of the SHUTDOWN ACK chunk SHOULD limit the number of 5197 retransmissions of the SHUTDOWN ACK chunk to the protocol parameter 5198 'Association.Max.Retrans'. If this threshold is exceeded, the 5199 endpoint SHOULD destroy the TCB and SHOULD report the peer endpoint 5200 unreachable to the upper layer (and thus the association enters the 5201 CLOSED state). 5203 Upon the receipt of the SHUTDOWN ACK chunk, the sender of the 5204 SHUTDOWN chunk MUST stop the T2-shutdown timer, send a SHUTDOWN 5205 COMPLETE chunk to its peer, and remove all record of the association. 5207 Upon reception of the SHUTDOWN COMPLETE chunk, the endpoint verifies 5208 that it is in the SHUTDOWN-ACK-SENT state; if it is not, the chunk 5209 SHOULD be discarded. If the endpoint is in the SHUTDOWN-ACK-SENT 5210 state, the endpoint SHOULD stop the T2-shutdown timer and remove all 5211 knowledge of the association (and thus the association enters the 5212 CLOSED state). 5214 An endpoint SHOULD ensure that all its outstanding DATA chunks have 5215 been acknowledged before initiating the shutdown procedure. 5217 An endpoint SHOULD reject any new data request from its upper layer 5218 if it is in the SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, 5219 or SHUTDOWN-ACK-SENT state. 5221 If an endpoint is in the SHUTDOWN-ACK-SENT state and receives an INIT 5222 chunk (e.g., if the SHUTDOWN COMPLETE chunk was lost) with source and 5223 destination transport addresses (either in the IP addresses or in the 5224 INIT chunk) that belong to this association, it SHOULD discard the 5225 INIT chunk and retransmit the SHUTDOWN ACK chunk. 5227 Note: Receipt of a packet containing an INIT chunk with the same 5228 source and destination IP addresses as used in transport addresses 5229 assigned to an endpoint but with a different port number indicates 5230 the initialization of a separate association. 5232 The sender of the INIT or COOKIE ECHO chunk SHOULD respond to the 5233 receipt of a SHUTDOWN ACK chunk with a stand-alone SHUTDOWN COMPLETE 5234 chunk in an SCTP packet with the Verification Tag field of its common 5235 header set to the same tag that was received in the packet containing 5236 the SHUTDOWN ACK chunk. This is considered an OOTB packet as defined 5237 in Section 8.4. The sender of the INIT chunk lets T1-init continue 5238 running and remains in the COOKIE-WAIT or COOKIE-ECHOED state. 5239 Normal T1-init timer expiration will cause the INIT or COOKIE chunk 5240 to be retransmitted and thus start a new association. 5242 If a SHUTDOWN chunk is received in the COOKIE-WAIT or COOKIE ECHOED 5243 state, the SHUTDOWN chunk SHOULD be silently discarded. 5245 If an endpoint is in the SHUTDOWN-SENT state and receives a SHUTDOWN 5246 chunk from its peer, the endpoint SHOULD respond immediately with a 5247 SHUTDOWN ACK chunk to its peer, and move into the SHUTDOWN-ACK-SENT 5248 state restarting its T2-shutdown timer. 5250 If an endpoint is in the SHUTDOWN-ACK-SENT state and receives a 5251 SHUTDOWN ACK, it MUST stop the T2-shutdown timer, send a SHUTDOWN 5252 COMPLETE chunk to its peer, and remove all record of the association. 5254 10. ICMP Handling 5256 Whenever an ICMP message is received by an SCTP endpoint, the 5257 following procedures MUST be followed to ensure proper utilization of 5258 the information being provided by layer 3. 5260 ICMP1) An implementation MAY ignore all ICMPv4 messages where the 5261 type field is not set to "Destination Unreachable". 5263 ICMP2) An implementation MAY ignore all ICMPv6 messages where the 5264 type field is not "Destination Unreachable", "Parameter 5265 Problem", or "Packet Too Big". 5267 ICMP3) An implementation SHOULD ignore any ICMP messages where the 5268 code indicates "Port Unreachable". 5270 ICMP4) An implementation MAY ignore all ICMPv6 messages of type 5271 "Parameter Problem" if the code is not "Unrecognized Next 5272 Header Type Encountered". 5274 ICMP5) An implementation MUST use the payload of the ICMP message 5275 (v4 or v6) to locate the association that sent the message to 5276 which ICMP is responding. If the association cannot be 5277 found, an implementation SHOULD ignore the ICMP message. 5279 ICMP6) An implementation MUST validate that the Verification Tag 5280 contained in the ICMP message matches the Verification Tag of 5281 the peer. If the Verification Tag is not 0 and does not 5282 match, discard the ICMP message. If it is 0 and the ICMP 5283 message contains enough bytes to verify that the chunk type 5284 is an INIT chunk and that the Initiate Tag matches the tag of 5285 the peer, continue with ICMP7. If the ICMP message is too 5286 short or the chunk type or the Initiate Tag does not match, 5287 silently discard the packet. 5289 ICMP7) If the ICMP message is either a v6 "Packet Too Big" or a v4 5290 "Fragmentation Needed", an implementation MAY process this 5291 information as defined for PMTU discovery. 5293 ICMP8) If the ICMP code is an "Unrecognized Next Header Type 5294 Encountered" or a "Protocol Unreachable", an implementation 5295 MUST treat this message as an abort with the T bit set if it 5296 does not contain an INIT chunk. If it does contain an INIT 5297 chunk and the association is in the COOKIE-WAIT state, handle 5298 the ICMP message like an ABORT chunk. 5300 ICMP9) If the ICMP type is "Destination Unreachable", the 5301 implementation MAY move the destination to the unreachable 5302 state or, alternatively, increment the path error counter. 5303 SCTP MAY provide information to the upper layer indicating 5304 the reception of ICMP messages when reporting a network 5305 status change. 5307 These procedures differ from [RFC1122] and from its requirements for 5308 processing of port-unreachable messages and the requirements that an 5309 implementation MUST abort associations in response to a "protocol 5310 unreachable" message. Port-unreachable messages are not processed, 5311 since an implementation will send an ABORT chunk, not a port 5312 unreachable. The stricter handling of the "protocol unreachable" 5313 message is due to security concerns for hosts that do not support 5314 SCTP. 5316 11. Interface with Upper Layer 5318 The Upper Layer Protocols (ULPs) request services by passing 5319 primitives to SCTP and receive notifications from SCTP for various 5320 events. 5322 The primitives and notifications described in this section can be 5323 used as a guideline for implementing SCTP. The following functional 5324 description of ULP interface primitives is shown for illustrative 5325 purposes. Different SCTP implementations can have different ULP 5326 interfaces. However, all SCTP implementations are expected to 5327 provide a certain minimum set of services to guarantee that all SCTP 5328 implementations can support the same protocol hierarchy. 5330 Please note that this section is informational only. 5332 [RFC6458] and the Socket API Considerations section of [RFC7053] 5333 define an extension of the socket API for SCTP as described in this 5334 document. 5336 11.1. ULP-to-SCTP 5338 The following sections functionally characterize a ULP/SCTP 5339 interface. The notation used is similar to most procedure or 5340 function calls in high-level languages. 5342 The ULP primitives described below specify the basic functions that 5343 SCTP performs to support inter-process communication. Individual 5344 implementations define their own exact format, and provide 5345 combinations or subsets of the basic functions in single calls. 5347 11.1.1. Initialize 5349 INITIALIZE ([local port],[local eligible address list]) 5350 -> local SCTP instance name 5352 This primitive allows SCTP to initialize its internal data structures 5353 and allocate necessary resources for setting up its operation 5354 environment. Once SCTP is initialized, ULP can communicate directly 5355 with other endpoints without re-invoking this primitive. 5357 SCTP will return a local SCTP instance name to the ULP. 5359 Mandatory attributes: 5360 None. 5362 Optional attributes: 5363 local port: SCTP port number, if ULP wants it to be specified. 5365 local eligible address list: an address list that the local SCTP 5366 endpoint binds. By default, if an address list is not 5367 included, all IP addresses assigned to the host are used by the 5368 local endpoint. 5370 Implementation Note: If this optional attribute is supported by an 5371 implementation, it will be the responsibility of the implementation 5372 to enforce that the IP source address field of any SCTP packets sent 5373 by this endpoint contains one of the IP addresses indicated in the 5374 local eligible address list. 5376 11.1.2. Associate 5378 ASSOCIATE(local SCTP instance name, 5379 initial destination transport addr list, outbound stream count) 5380 -> association id [,destination transport addr list] 5381 [,outbound stream count] 5383 This primitive allows the upper layer to initiate an association to a 5384 specific peer endpoint. 5386 The peer endpoint is specified by one or more of the transport 5387 addresses that defines the endpoint (see Section 2.3). If the local 5388 SCTP instance has not been initialized, the ASSOCIATE is considered 5389 an error. 5391 An association id, which is a local handle to the SCTP association, 5392 will be returned on successful establishment of the association. If 5393 SCTP is not able to open an SCTP association with the peer endpoint, 5394 an error is returned. 5396 Other association parameters can be returned, including the complete 5397 destination transport addresses of the peer as well as the outbound 5398 stream count of the local endpoint. One of the transport addresses 5399 from the returned destination addresses will be selected by the local 5400 endpoint as default primary path for sending SCTP packets to this 5401 peer. The returned "destination transport addr list" can be used by 5402 the ULP to change the default primary path or to force sending a 5403 packet to a specific transport address. 5405 Implementation Note: If ASSOCIATE primitive is implemented as a 5406 blocking function call, the ASSOCIATE primitive can return 5407 association parameters in addition to the association id upon 5408 successful establishment. If ASSOCIATE primitive is implemented as a 5409 non-blocking call, only the association id is returned and 5410 association parameters are passed using the COMMUNICATION UP 5411 notification. 5413 Mandatory attributes: 5414 local SCTP instance name: obtained from the INITIALIZE operation. 5416 initial destination transport addr list: a non-empty list of 5417 transport addresses of the peer endpoint with which the 5418 association is to be established. 5420 outbound stream count: the number of outbound streams the ULP 5421 would like to open towards this peer endpoint. 5423 Optional attributes: 5424 None. 5426 11.1.3. Shutdown 5428 SHUTDOWN(association id) -> result 5430 Gracefully closes an association. Any locally queued user data will 5431 be delivered to the peer. The association will be terminated only 5432 after the peer acknowledges all the SCTP packets sent. A success 5433 code will be returned on successful termination of the association. 5434 If attempting to terminate the association results in a failure, an 5435 error code is returned. 5437 Mandatory attributes: 5438 association id: local handle to the SCTP association. 5440 Optional attributes: 5441 None. 5443 11.1.4. Abort 5445 ABORT(association id [, Upper Layer Abort Reason]) -> result 5447 Ungracefully closes an association. Any locally queued user data 5448 will be discarded, and an ABORT chunk is sent to the peer. A success 5449 code will be returned on successful abort of the association. If 5450 attempting to abort the association results in a failure, an error 5451 code is returned. 5453 Mandatory attributes: 5454 association id: local handle to the SCTP association. 5456 Optional attributes: 5457 Upper Layer Abort Reason: reason of the abort to be passed to the 5458 peer. 5460 11.1.5. Send 5461 SEND(association id, buffer address, byte count [,context] 5462 [,stream id] [,life time] [,destination transport address] 5463 [,unordered flag] [,no-bundle flag] [,payload protocol-id] 5464 [,sack-immediately flag]) -> result 5466 This is the main method to send user data via SCTP. 5468 Mandatory attributes: 5469 association id: local handle to the SCTP association. 5471 buffer address: the location where the user message to be 5472 transmitted is stored. 5474 byte count: the size of the user data in number of bytes. 5476 Optional attributes: 5477 context: an optional information provided that will be carried in 5478 the sending failure notification to the ULP if the 5479 transportation of this user message fails. 5481 stream id: to indicate which stream to send the data on. If not 5482 specified, stream 0 will be used. 5484 life time: specifies the life time of the user data. The user 5485 data will not be sent by SCTP after the life time expires. 5486 This parameter can be used to avoid efforts to transmit stale 5487 user messages. SCTP notifies the ULP if the data cannot be 5488 initiated to transport (i.e., sent to the destination via 5489 SCTP's SEND primitive) within the life time variable. However, 5490 the user data will be transmitted if SCTP has attempted to 5491 transmit a chunk before the life time expired. 5493 Implementation Note: In order to better support the data life 5494 time option, the transmitter can hold back the assigning of the 5495 TSN number to an outbound DATA chunk to the last moment. And, 5496 for implementation simplicity, once a TSN number has been 5497 assigned the sender considers the send of this DATA chunk as 5498 committed, overriding any life time option attached to the DATA 5499 chunk. 5501 destination transport address: specified as one of the 5502 destination transport addresses of the peer endpoint to which 5503 this packet is sent. Whenever possible, SCTP uses this 5504 destination transport address for sending the packets, instead 5505 of the current primary path. 5507 unordered flag: this flag, if present, indicates that the user 5508 would like the data delivered in an unordered fashion to the 5509 peer (i.e., the U flag is set to 1 on all DATA chunks carrying 5510 this message). 5512 no-bundle flag: instructs SCTP not to delay the sending of DATA 5513 chunks for this user data just to allow it to be bundled with 5514 other outbound DATA chunks. When faced with network 5515 congestion, SCTP might still bundle the data, even when this 5516 flag is present. 5518 payload protocol-id: a 32-bit unsigned integer that is to be 5519 passed to the peer indicating the type of payload protocol data 5520 being transmitted. This value is passed as opaque data by 5521 SCTP. 5523 sack-immediately flag: set the I bit on the last DATA chunk used 5524 for the user message to be transmitted. 5526 11.1.6. Set Primary 5528 SETPRIMARY(association id, destination transport address, 5529 [source transport address]) -> result 5531 Instructs the local SCTP to use the specified destination transport 5532 address as the primary path for sending packets. 5534 The result of attempting this operation is returned. If the 5535 specified destination transport address is not present in the 5536 "destination transport address list" returned earlier in an associate 5537 command or communication up notification, an error is returned. 5539 Mandatory attributes: 5540 association id: local handle to the SCTP association. 5542 destination transport address: specified as one of the transport 5543 addresses of the peer endpoint, which is used as the primary 5544 address for sending packets. This overrides the current 5545 primary address information maintained by the local SCTP 5546 endpoint. 5548 Optional attributes: 5549 source transport address: optionally, some implementations can 5550 allow you to set the default source address placed in all 5551 outgoing IP datagrams. 5553 11.1.7. Receive 5554 RECEIVE(association id, buffer address, buffer size [,stream id]) 5555 -> byte count [,transport address] [,stream id] 5556 [,stream sequence number] [,partial flag] [,payload protocol-id] 5558 This primitive reads the first user message in the SCTP in-queue into 5559 the buffer specified by ULP, if there is one available. The size of 5560 the message read, in bytes, will be returned. It might, depending on 5561 the specific implementation, also return other information such as 5562 the sender's address, the stream id on which it is received, whether 5563 there are more messages available for retrieval, etc. For ordered 5564 messages, their Stream Sequence Number might also be returned. 5566 Depending upon the implementation, if this primitive is invoked when 5567 no message is available the implementation returns an indication of 5568 this condition or blocks the invoking process until data does become 5569 available. 5571 Mandatory attributes: 5572 association id: local handle to the SCTP association 5574 buffer address: the memory location indicated by the ULP to store 5575 the received message. 5577 buffer size: the maximum size of data to be received, in bytes. 5579 Optional attributes: 5580 stream id: to indicate which stream to receive the data on. 5582 stream sequence number: the Stream Sequence Number assigned by 5583 the sending SCTP peer. 5585 partial flag: if this returned flag is set to 1, then this 5586 primitive contains a partial delivery of the whole message. 5587 When this flag is set, the stream id and stream sequence number 5588 accompanies this primitive. When this flag is set to 0, it 5589 indicates that no more deliveries will be received for this 5590 stream sequence number. 5592 payload protocol-id: a 32-bit unsigned integer that is received 5593 from the peer indicating the type of payload protocol of the 5594 received data. This value is passed as opaque data by SCTP. 5596 11.1.8. Status 5598 STATUS(association id) -> status data 5600 This primitive returns a data block containing the following 5601 information: 5603 * association connection state, 5605 * destination transport address list, 5607 * destination transport address reachability states, 5609 * current receiver window size, 5611 * current congestion window sizes, 5613 * number of unacknowledged DATA chunks, 5615 * number of DATA chunks pending receipt, 5617 * primary path, 5619 * most recent SRTT on primary path, 5621 * RTO on primary path, 5623 * SRTT and RTO on other destination addresses, etc. 5625 Mandatory attributes: 5626 association id: local handle to the SCTP association. 5628 Optional attributes: 5629 None. 5631 11.1.9. Change Heartbeat 5633 CHANGE HEARTBEAT(association id, destination transport address, 5634 new state [,interval]) -> result 5636 Instructs the local endpoint to enable or disable heartbeat on the 5637 specified destination transport address. 5639 The result of attempting this operation is returned. 5641 Note: Even when enabled, heartbeat will not take place if the 5642 destination transport address is not idle. 5644 Mandatory attributes: 5645 association id: local handle to the SCTP association. 5647 destination transport address: specified as one of the transport 5648 addresses of the peer endpoint. 5650 new state: the new state of heartbeat for this destination 5651 transport address (either enabled or disabled). 5653 Optional attributes: 5654 interval: if present, indicates the frequency of the heartbeat if 5655 this is to enable heartbeat on a destination transport address. 5656 This value is added to the RTO of the destination transport 5657 address. This value, if present, affects all destinations. 5659 11.1.10. Request Heartbeat 5661 REQUESTHEARTBEAT(association id, destination transport address) 5662 -> result 5664 Instructs the local endpoint to perform a heartbeat on the specified 5665 destination transport address of the given association. The returned 5666 result indicates whether the transmission of the HEARTBEAT chunk 5667 chunk to the destination address is successful. 5669 Mandatory attributes: 5670 association id: local handle to the SCTP association. 5672 destination transport address: the transport address of the 5673 association on which a heartbeat is issued. 5675 Optional attributes: 5676 None. 5678 11.1.11. Get SRTT Report 5680 GETSRTTREPORT(association id, destination transport address) 5681 -> srtt result 5683 Instructs the local SCTP to report the current SRTT measurement on 5684 the specified destination transport address of the given association. 5685 The returned result can be an integer containing the most recent SRTT 5686 in milliseconds. 5688 Mandatory attributes: 5689 association id: local handle to the SCTP association. 5691 destination transport address: the transport address of the 5692 association on which the SRTT measurement is to be reported. 5694 Optional attributes: 5695 None. 5697 11.1.12. Set Failure Threshold 5698 SETFAILURETHRESHOLD(association id, destination transport address, 5699 failure threshold) -> result 5701 This primitive allows the local SCTP to customize the reachability 5702 failure detection threshold 'Path.Max.Retrans' for the specified 5703 destination address. Note that this can also be done using the 5704 SETPROTOCOLPARAMETERS primitive (Section 11.1.13). 5706 Mandatory attributes: 5707 association id: local handle to the SCTP association. 5709 destination transport address: the transport address of the 5710 association on which the failure detection threshold is to be 5711 set. 5713 failure threshold: the new value of 'Path.Max.Retrans' for the 5714 destination address. 5716 Optional attributes: 5717 None. 5719 11.1.13. Set Protocol Parameters 5721 SETPROTOCOLPARAMETERS(association id, 5722 [destination transport address,] protocol parameter list) 5723 -> result 5725 This primitive allows the local SCTP to customize the protocol 5726 parameters. 5728 Mandatory attributes: 5729 association id: local handle to the SCTP association. 5731 protocol parameter list: the specific names and values of the 5732 protocol parameters (e.g., 'Association.Max.Retrans' (see 5733 Section 16), or other parameters like the DSCP) that the SCTP 5734 user wishes to customize. 5736 Optional attributes: 5737 destination transport address: some of the protocol parameters 5738 might be set on a per destination transport address basis. 5740 11.1.14. Receive Unsent Message 5742 RECEIVE_UNSENT(data retrieval id, buffer address, buffer size 5743 [,stream id] [, stream sequence number] [,partial flag] 5744 [,payload protocol-id]) 5745 This primitive reads a user message, which has never been sent, into 5746 the buffer specified by ULP. 5748 Mandatory attributes: 5749 data retrieval id: the identification passed to the ULP in the 5750 failure notification. 5752 buffer address: the memory location indicated by the ULP to store 5753 the received message. 5755 buffer size: the maximum size of data to be received, in bytes. 5757 Optional attributes: 5758 stream id: this is a return value that is set to indicate which 5759 stream the data was sent to. 5761 stream sequence number: this value is returned indicating the 5762 Stream Sequence Number that was associated with the message. 5764 partial flag: if this returned flag is set to 1, then this 5765 message is a partial delivery of the whole message. When this 5766 flag is set, the stream id and stream sequence number 5767 accompanies this primitive. When this flag is set to 0, it 5768 indicates that no more deliveries will be received for this 5769 stream sequence number. 5771 payload protocol-id: The 32 bit unsigned integer that was set to 5772 be sent to the peer indicating the type of payload protocol of 5773 the received data. 5775 11.1.15. Receive Unacknowledged Message 5777 RECEIVE_UNACKED(data retrieval id, buffer address, buffer size, 5778 [,stream id] [,stream sequence number] [,partial flag] 5779 [,payload protocol-id]) 5781 This primitive reads a user message, which has been sent and has not 5782 been acknowledged by the peer, into the buffer specified by ULP. 5784 Mandatory attributes: 5785 data retrieval id: the identification passed to the ULP in the 5786 failure notification. 5788 buffer address: the memory location indicated by the ULP to store 5789 the received message. 5791 buffer size: the maximum size of data to be received, in bytes. 5793 Optional attributes: 5794 stream id: this is a return value that is set to indicate which 5795 stream the data was sent to. 5797 stream sequence number: this value is returned indicating the 5798 Stream Sequence Number that was associated with the message. 5800 partial flag: if this returned flag is set to 1, then this 5801 message is a partial delivery of the whole message. When this 5802 flag is set, the stream id and stream sequence number 5803 accompanies this primitive. When this flag is set to 0, it 5804 indicates that no more deliveries will be received for this 5805 stream sequence number. 5807 payload protocol-id: the 32-bit unsigned integer that was sent to 5808 the peer indicating the type of payload protocol of the 5809 received data. 5811 11.1.16. Destroy SCTP Instance 5813 DESTROY(local SCTP instance name) 5815 Mandatory attributes: 5816 local SCTP instance name: this is the value that was passed to 5817 the application in the initialize primitive and it indicates 5818 which SCTP instance is to be destroyed. 5820 Optional attributes: 5821 None. 5823 11.2. SCTP-to-ULP 5825 It is assumed that the operating system or application environment 5826 provides a means for the SCTP to asynchronously signal the ULP 5827 process. When SCTP does signal a ULP process, certain information is 5828 passed to the ULP. 5830 Implementation Note: In some cases, this might be done through a 5831 separate socket or error channel. 5833 11.2.1. DATA ARRIVE Notification 5835 SCTP invokes this notification on the ULP when a user message is 5836 successfully received and ready for retrieval. 5838 The following might optionally be passed with the notification: 5840 association id: local handle to the SCTP association. 5842 stream id: to indicate which stream the data is received on. 5844 11.2.2. SEND FAILURE Notification 5846 If a message cannot be delivered, SCTP invokes this notification on 5847 the ULP. 5849 The following might optionally be passed with the notification: 5851 association id: local handle to the SCTP association. 5853 data retrieval id: an identification used to retrieve unsent and 5854 unacknowledged data. 5856 mode: Indicate whether no part of the message never has been sent or 5857 if at least part of it has been sent but it is not completely 5858 acknowledged. 5860 cause code: indicating the reason of the failure, e.g., size too 5861 large, message life time expiration, etc. 5863 context: optional information associated with this message (see 5864 Section 11.1.5). 5866 11.2.3. NETWORK STATUS CHANGE Notification 5868 When a destination transport address is marked inactive (e.g., when 5869 SCTP detects a failure) or marked active (e.g., when SCTP detects a 5870 recovery), SCTP invokes this notification on the ULP. 5872 The following is passed with the notification: 5874 association id: local handle to the SCTP association. 5876 destination transport address: this indicates the destination 5877 transport address of the peer endpoint affected by the change. 5879 new-status: this indicates the new status. 5881 11.2.4. COMMUNICATION UP Notification 5883 This notification is used when SCTP becomes ready to send or receive 5884 user messages, or when a lost communication to an endpoint is 5885 restored. 5887 Implementation Note: If the ASSOCIATE primitive is implemented as a 5888 blocking function call, the association parameters are returned as a 5889 result of the ASSOCIATE primitive itself. In that case, 5890 COMMUNICATION UP notification is optional at the association 5891 initiator's side. 5893 The following is passed with the notification: 5895 association id: local handle to the SCTP association. 5897 status: This indicates what type of event has occurred. 5899 destination transport address list: the complete set of transport 5900 addresses of the peer. 5902 outbound stream count: the maximum number of streams allowed to be 5903 used in this association by the ULP. 5905 inbound stream count: the number of streams the peer endpoint has 5906 requested with this association (this might not be the same number 5907 as 'outbound stream count'). 5909 11.2.5. COMMUNICATION LOST Notification 5911 When SCTP loses communication to an endpoint completely (e.g., via 5912 Heartbeats) or detects that the endpoint has performed an abort 5913 operation, it invokes this notification on the ULP. 5915 The following is passed with the notification: 5917 association id: local handle to the SCTP association. 5919 status: this indicates what type of event has occurred; the status 5920 might indicate that a failure OR a normal termination event 5921 occurred in response to a shutdown or abort request. 5923 The following might be passed with the notification: 5925 last-acked: the TSN last acked by that peer endpoint. 5927 last-sent: the TSN last sent to that peer endpoint. 5929 Upper Layer Abort Reason: the abort reason specified in case of a 5930 user-initiated abort. 5932 11.2.6. COMMUNICATION ERROR Notification 5934 When SCTP receives an ERROR chunk from its peer and decides to notify 5935 its ULP, it can invoke this notification on the ULP. 5937 The following can be passed with the notification: 5939 association id: local handle to the SCTP association. 5941 error info: this indicates the type of error and optionally some 5942 additional information received through the ERROR chunk. 5944 11.2.7. RESTART Notification 5946 When SCTP detects that the peer has restarted, it might send this 5947 notification to its ULP. 5949 The following can be passed with the notification: 5951 association id: local handle to the SCTP association. 5953 11.2.8. SHUTDOWN COMPLETE Notification 5955 When SCTP completes the shutdown procedures (Section 9.2), this 5956 notification is passed to the upper layer. 5958 The following can be passed with the notification: 5960 association id: local handle to the SCTP association. 5962 12. Security Considerations 5964 12.1. Security Objectives 5966 As a common transport protocol designed to reliably carry time- 5967 sensitive user messages, such as billing or signaling messages for 5968 telephony services, between two networked endpoints, SCTP has the 5969 following security objectives. 5971 * availability of reliable and timely data transport services 5973 * integrity of the user-to-user information carried by SCTP 5975 12.2. SCTP Responses to Potential Threats 5977 SCTP could potentially be used in a wide variety of risk situations. 5978 It is important for operators of systems running SCTP to analyze 5979 their particular situations and decide on the appropriate counter- 5980 measures. 5982 Operators of systems running SCTP might consult [RFC2196] for 5983 guidance in securing their site. 5985 12.2.1. Countering Insider Attacks 5987 The principles of [RFC2196] might be applied to minimize the risk of 5988 theft of information or sabotage by insiders. Such procedures 5989 include publication of security policies, control of access at the 5990 physical, software, and network levels, and separation of services. 5992 12.2.2. Protecting against Data Corruption in the Network 5994 Where the risk of undetected errors in datagrams delivered by the 5995 lower-layer transport services is considered to be too great, 5996 additional integrity protection is required. If this additional 5997 protection were provided in the application layer, the SCTP header 5998 would remain vulnerable to deliberate integrity attacks. While the 5999 existing SCTP mechanisms for detection of packet replays are 6000 considered sufficient for normal operation, stronger protections are 6001 needed to protect SCTP when the operating environment contains 6002 significant risk of deliberate attacks from a sophisticated 6003 adversary. 6005 The SCTP Authentication extension SCTP-AUTH [RFC4895] MAY be used 6006 when the threat environment requires stronger integrity protections, 6007 but does not require confidentiality. 6009 12.2.3. Protecting Confidentiality 6011 In most cases, the risk of breach of confidentiality applies to the 6012 signaling data payload, not to the SCTP or lower-layer protocol 6013 overheads. If that is true, encryption of the SCTP user data only 6014 might be considered. As with the supplementary checksum service, 6015 user data encryption MAY be performed by the SCTP user application. 6016 [RFC6083] MAY be used for this. Alternately, the user application 6017 MAY use an implementation-specific API to request that the IP 6018 Encapsulating Security Payload (ESP) [RFC4303] be used to provide 6019 confidentiality and integrity. 6021 Particularly for mobile users, the requirement for confidentiality 6022 might include the masking of IP addresses and ports. In this case, 6023 ESP SHOULD be used instead of application-level confidentiality. If 6024 ESP is used to protect confidentiality of SCTP traffic, an ESP 6025 cryptographic transform that includes cryptographic integrity 6026 protection MUST be used, because if there is a confidentiality threat 6027 there will also be a strong integrity threat. 6029 Whenever ESP is in use, application-level encryption is not generally 6030 required. 6032 Regardless of where confidentiality is provided, the Internet Key 6033 Exchange Protocol version 2 (IKEv2) [RFC7296] SHOULD be used for key 6034 management of ESP. 6036 Operators might consult [RFC4301] for more information on the 6037 security services available at and immediately above the Internet 6038 Protocol layer. 6040 12.2.4. Protecting against Blind Denial-of-Service Attacks 6042 A blind attack is one where the attacker is unable to intercept or 6043 otherwise see the content of data flows passing to and from the 6044 target SCTP node. Blind denial-of-service attacks can take the form 6045 of flooding, masquerade, or improper monopolization of services. 6047 12.2.4.1. Flooding 6049 The objective of flooding is to cause loss of service and incorrect 6050 behavior at target systems through resource exhaustion, interference 6051 with legitimate transactions, and exploitation of buffer-related 6052 software bugs. Flooding can be directed either at the SCTP node or 6053 at resources in the intervening IP Access Links or the Internet. 6054 Where the latter entities are the target, flooding will manifest 6055 itself as loss of network services, including potentially the breach 6056 of any firewalls in place. 6058 In general, protection against flooding begins at the equipment 6059 design level, where it includes measures such as: 6061 * avoiding commitment of limited resources before determining that 6062 the request for service is legitimate. 6064 * giving priority to completion of processing in progress over the 6065 acceptance of new work. 6067 * identification and removal of duplicate or stale queued requests 6068 for service. 6070 * not responding to unexpected packets sent to non-unicast 6071 addresses. 6073 Network equipment is expected to be capable of generating an alarm 6074 and log if a suspicious increase in traffic occurs. The log provides 6075 information such as the identity of the incoming link and source 6076 address(es) used, which will help the network or SCTP system operator 6077 to take protective measures. Procedures are expected to be in place 6078 for the operator to act on such alarms if a clear pattern of abuse 6079 emerges. 6081 The design of SCTP is resistant to flooding attacks, particularly in 6082 its use of a four-way startup handshake, its use of a cookie to defer 6083 commitment of resources at the responding SCTP node until the 6084 handshake is completed, and its use of a Verification Tag to prevent 6085 insertion of extraneous packets into the flow of an established 6086 association. 6088 The IP Authentication Header and Encapsulating Security Payload might 6089 be useful in reducing the risk of certain kinds of denial-of-service 6090 attacks. 6092 Support for the Host Name Address parameter has been removed from the 6093 protocol. Endpoints receiving INIT or INIT ACK chunks containing the 6094 Host Name Address parameter MUST send an ABORT chunk in response and 6095 MAY include an "Unresolvable Address" error cause. 6097 12.2.4.2. Blind Masquerade 6099 Masquerade can be used to deny service in several ways: 6101 * by tying up resources at the target SCTP node to which the 6102 impersonated node has limited access. For example, the target 6103 node can by policy permit a maximum of one SCTP association with 6104 the impersonated SCTP node. The masquerading attacker can attempt 6105 to establish an association purporting to come from the 6106 impersonated node so that the latter cannot do so when it requires 6107 it. 6109 * by deliberately allowing the impersonation to be detected, thereby 6110 provoking counter-measures that cause the impersonated node to be 6111 locked out of the target SCTP node. 6113 * by interfering with an established association by inserting 6114 extraneous content such as a SHUTDOWN chunk. 6116 SCTP reduces the risk of blind masquerade attacks through IP spoofing 6117 by use of the four-way startup handshake. Because the initial 6118 exchange is memory-less, no lockout mechanism is triggered by blind 6119 masquerade attacks. In addition, the packet containing the INIT ACK 6120 chunk with the State Cookie is transmitted back to the IP address 6121 from which it received the packet containing the INIT chunk. Thus, 6122 the attacker would not receive the INIT ACK chunk containing the 6123 State Cookie. SCTP protects against insertion of extraneous packets 6124 into the flow of an established association by use of the 6125 Verification Tag. 6127 Logging of received INIT chunks and abnormalities such as unexpected 6128 INIT ACK chunks might be considered as a way to detect patterns of 6129 hostile activity. However, the potential usefulness of such logging 6130 has to be weighed against the increased SCTP startup processing it 6131 implies, rendering the SCTP node more vulnerable to flooding attacks. 6132 Logging is pointless without the establishment of operating 6133 procedures to review and analyze the logs on a routine basis. 6135 12.2.4.3. Improper Monopolization of Services 6137 Attacks under this heading are performed openly and legitimately by 6138 the attacker. They are directed against fellow users of the target 6139 SCTP node or of the shared resources between the attacker and the 6140 target node. Possible attacks include the opening of a large number 6141 of associations between the attacker's node and the target, or 6142 transfer of large volumes of information within a legitimately 6143 established association. 6145 Policy limits are expected to be placed on the number of associations 6146 per adjoining SCTP node. SCTP user applications are expected to be 6147 capable of detecting large volumes of illegitimate or "no-op" 6148 messages within a given association and either logging or terminating 6149 the association as a result, based on local policy. 6151 12.3. SCTP Interactions with Firewalls 6153 It is helpful for some firewalls if they can inspect just the first 6154 fragment of a fragmented SCTP packet and unambiguously determine 6155 whether it corresponds to an INIT chunk (for further information, 6156 please refer to [RFC1858]). Accordingly, we stress the requirements, 6157 as stated in Section 3.1, that (1) an INIT chunk MUST NOT be bundled 6158 with any other chunk in a packet and (2) a packet containing an INIT 6159 chunk MUST have a zero Verification Tag. The receiver of an INIT 6160 chunk MUST silently discard the INIT chunk and all further chunks if 6161 the INIT chunk is bundled with other chunks or the packet has a non- 6162 zero Verification Tag. 6164 12.4. Protection of Non-SCTP-Capable Hosts 6166 To provide a non-SCTP-capable host with the same level of protection 6167 against attacks as for SCTP-capable ones, all SCTP implementations 6168 MUST implement the ICMP handling described in Section 10. 6170 When an SCTP implementation receives a packet containing multiple 6171 control or DATA chunks and the processing of the packet would result 6172 in sending multiple chunks in response, the sender of the response 6173 chunk(s) MUST NOT send more than one packet containing chunks other 6174 than DATA chunks. This requirement protects the network for 6175 triggering a packet burst in response to a single packet. If 6176 bundling is supported, multiple response chunks that fit into a 6177 single packet MAY be bundled together into one single response 6178 packet. If bundling is not supported, then the sender MUST NOT send 6179 more than one response chunk and MUST discard all other responses. 6180 Note that this rule does not apply to a SACK chunk, since a SACK 6181 chunk is, in itself, a response to DATA chunks and a SACK chunk does 6182 not require a response of more DATA chunks. 6184 An SCTP implementation SHOULD abort the association if it receives a 6185 SACK chunk acknowledging a TSN that has not been sent. 6187 An SCTP implementation that receives an INIT chunk that would require 6188 a large packet in response, due to the inclusion of multiple 6189 "Unrecognized Parameter" parameters, MAY (at its discretion) elect to 6190 omit some or all of the "Unrecognized Parameter" parameters to reduce 6191 the size of the INIT ACK chunk. Due to a combination of the size of 6192 the State Cookie parameter and the number of addresses a receiver of 6193 an INIT chunk indicates to a peer, it is always possible that the 6194 INIT ACK chunk will be larger than the original INIT chunk. An SCTP 6195 implementation SHOULD attempt to make the INIT ACK chunk as small as 6196 possible to reduce the possibility of byte amplification attacks. 6198 13. Network Management Considerations 6200 The MIB module for SCTP defined in [RFC3873] applies for the version 6201 of the protocol specified in this document. 6203 14. Recommended Transmission Control Block (TCB) Parameters 6205 This section details a set of parameters that are expected to be 6206 contained within the TCB for an implementation. This section is for 6207 illustrative purposes and is not considered to be requirements on an 6208 implementation or as an exhaustive list of all parameters inside an 6209 SCTP TCB. Each implementation might need its own additional 6210 parameters for optimization. 6212 14.1. Parameters Necessary for the SCTP Instance 6214 Associations: A list of current associations and mappings to the 6215 data consumers for each association. This might be in the form of 6216 a hash table or other implementation-dependent structure. The 6217 data consumers might be process identification information such as 6218 file descriptors, named pipe pointer, or table pointers dependent 6219 on how SCTP is implemented. 6221 Secret Key: A secret key used by this endpoint to compute the MAC. 6222 This SHOULD be a cryptographic quality random number with a 6223 sufficient length. Discussion in [RFC4086] can be helpful in 6224 selection of the key. 6226 Address List: The list of IP addresses that this instance has bound. 6227 This information is passed to one's peer(s) in INIT and INIT ACK 6228 chunks. 6230 SCTP Port: The local SCTP port number to which the endpoint is 6231 bound. 6233 14.2. Parameters Necessary per Association (i.e., the TCB) 6235 Peer Verification Tag: Tag value to be sent in every packet and is 6236 received in the INIT or INIT ACK chunk. 6238 My Verification Tag: Tag expected in every inbound packet and sent 6239 in the INIT or INIT ACK chunk. 6241 State: COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED, SHUTDOWN-PENDING, 6242 SHUTDOWN-SENT, SHUTDOWN-RECEIVED, SHUTDOWN-ACK-SENT. 6244 Note: No "CLOSED" state is illustrated since if a association is 6245 "CLOSED" its TCB SHOULD be removed. 6247 Peer Transport Address List: A list of SCTP transport addresses to 6248 which the peer is bound. This information is derived from the 6249 INIT or INIT ACK chunk and is used to associate an inbound packet 6250 with a given association. Normally, this information is hashed or 6251 keyed for quick lookup and access of the TCB. 6253 Primary Path: This is the current primary destination transport 6254 address of the peer endpoint. It might also specify a source 6255 transport address on this endpoint. 6257 Overall Error Count: The overall association error count. 6259 Overall Error Threshold: The threshold for this association that if 6260 the Overall Error Count reaches will cause this association to be 6261 torn down. 6263 Peer Rwnd: Current calculated value of the peer's rwnd. 6265 Next TSN: The next TSN number to be assigned to a new DATA chunk. 6266 This is sent in the INIT or INIT ACK chunk to the peer and 6267 incremented each time a DATA chunk is assigned a TSN (normally 6268 just prior to transmit or during fragmentation). 6270 Last Rcvd TSN: This is the last TSN received in sequence. This 6271 value is set initially by taking the peer's initial TSN, received 6272 in the INIT or INIT ACK chunk, and subtracting one from it. 6274 Mapping Array: An array of bits or bytes indicating which out-of- 6275 order TSNs have been received (relative to the Last Rcvd TSN). If 6276 no gaps exist, i.e., no out-of-order packets have been received, 6277 this array will be set to all zero. This structure might be in 6278 the form of a circular buffer or bit array. 6280 Ack State: This flag indicates if the next received packet is to be 6281 responded to with a SACK chunk. This is initialized to 0. When a 6282 packet is received it is incremented. If this value reaches 2 or 6283 more, a SACK chunk is sent and the value is reset to 0. Note: 6284 This is used only when no DATA chunks are received out of order. 6285 When DATA chunks are out of order, SACK chunks are not delayed 6286 (see Section 6). 6288 Inbound Streams: An array of structures to track the inbound 6289 streams, normally including the next sequence number expected and 6290 possibly the stream number. 6292 Outbound Streams: An array of structures to track the outbound 6293 streams, normally including the next sequence number to be sent on 6294 the stream. 6296 Reasm Queue: A reassembly queue. 6298 Receive Buffer: A buffer to store received user data which has not 6299 been delivered to the upper layer. 6301 Local Transport Address List: The list of local IP addresses bound 6302 in to this association. 6304 Association Maximum DATA Chunk Size: The smallest Path Maximum DATA 6305 Chunk Size of all destination addresses. 6307 14.3. Per Transport Address Data 6309 For each destination transport address in the peer's address list 6310 derived from the INIT or INIT ACK chunk, a number of data elements 6311 need to be maintained including: 6313 Error Count: The current error count for this destination. 6315 Error Threshold: Current error threshold for this destination, i.e., 6316 what value marks the destination down if error count reaches this 6317 value. 6319 cwnd: The current congestion window. 6321 ssthresh: The current ssthresh value. 6323 RTO: The current retransmission timeout value. 6325 SRTT: The current smoothed round-trip time. 6327 RTTVAR: The current RTT variation. 6329 partial bytes acked: The tracking method for increase of cwnd when 6330 in congestion avoidance mode (see Section 7.2.2). 6332 state: The current state of this destination, i.e., DOWN, UP, ALLOW- 6333 HEARTBEAT, NO-HEARTBEAT, etc. 6335 PMTU: The current known PMTU. 6337 PMDCS: The current known PMDCS. 6339 Per Destination Timer: A timer used by each destination. 6341 RTO-Pending: A flag used to track if one of the DATA chunks sent to 6342 this address is currently being used to compute an RTT. If this 6343 flag is 0, the next DATA chunk sent to this destination is 6344 expected to be used to compute an RTT and this flag is expected to 6345 be set. Every time the RTT calculation completes (i.e., the DATA 6346 chunk is acknowledged), clear this flag. 6348 last-time: The time to which this destination was last sent. This 6349 can be to determine if the sending of a HEARTBEAT chunk is needed. 6351 14.4. General Parameters Needed 6353 Out Queue: A queue of outbound DATA chunks. 6355 In Queue: A queue of inbound DATA chunks. 6357 15. IANA Considerations 6359 This document defines five registries that IANA maintains: 6361 * through definition of additional chunk types, 6363 * through definition of additional chunk flags, 6365 * through definition of additional parameter types, 6367 * through definition of additional cause codes within ERROR chunks, 6368 or 6370 * through definition of additional payload protocol identifiers. 6372 IANA is requested to perform the following updates for the above five 6373 registries: 6375 * In the Chunk Types Registry replace in the Reference section the 6376 reference to [RFC4960] and [RFC6096] by a reference to this 6377 document. 6379 Replace in the Notes section the reference to Section 3.2 of 6380 [RFC6096] by a reference to Section 15.2 of this document. 6382 Finally replace each reference to [RFC4960] by a reference to this 6383 document for the following chunk types: 6385 - Payload Data (DATA) 6387 - Initiation (INIT) 6389 - Initiation Acknowledgement (INIT ACK) 6391 - Selective Acknowledgement (SACK) 6393 - Heartbeat Request (HEARTBEAT) 6395 - Heartbeat Acknowledgement (HEARTBEAT ACK) 6397 - Abort (ABORT) 6399 - Shutdown (SHUTDOWN) 6401 - Shutdown Acknowledgement (SHUTDOWN ACK) 6402 - Operation Error (ERROR) 6404 - State Cookie (COOKIE ECHO) 6406 - Cookie Acknowledgement (COOKIE ACK) 6408 - Reserved for Explicit Congestion Notification Echo (ECNE) 6410 - Reserved for Congestion Window Reduced (CWR) 6412 - Shutdown Complete (SHUTDOWN COMPLETE) 6414 - Reserved for IETF-defined Chunk Extensions 6416 * In the Chunk Parameter Types Registry replace in the Reference 6417 section the reference to [RFC4960] by a reference to this 6418 document. 6420 Replace each reference to [RFC4960] by a reference to this 6421 document for the following chunk parameter types: 6423 - Heartbeat Info 6425 - IPv4 Address 6427 - IPv6 Address 6429 - State Cookie 6431 - Unrecognized Parameters 6433 - Cookie Preservative 6435 - Host Name Address 6437 - Supported Address Types 6439 Add a reference to this document for the following chunk parameter 6440 type: 6442 - Reserved for ECN Capable (0x8000) 6444 * In the Chunk Flags Registry replace in the Reference section the 6445 reference to [RFC6096] by a reference to this document. 6447 Replace each reference to [RFC4960] by a reference to this 6448 document for the following DATA chunk flags: 6450 - E bit 6452 - B bit 6454 - U bit 6456 Replace each reference to [RFC4960] by a reference to this 6457 document for the following ABORT chunk flags: 6459 - T bit 6461 Replace each reference to [RFC4960] by a reference to this 6462 document for the following SHUTDOWN COMPLETE chunk flags: 6464 - T bit 6466 * In the Error Cause Codes Registry replace in the Reference section 6467 the reference to [RFC6096] by a reference to this document. 6469 Replace each reference to [RFC4960] by a reference to this 6470 document for the following cause codes: 6472 - Invalid Stream Identifier 6474 - Missing Mandatory Parameter 6476 - Stale Cookie Error 6478 - Out of Resource 6480 - Unresolvable Address 6482 - Unrecognized Chunk Type 6484 - Invalid Mandatory Parameter 6486 - Unrecognized Parameters 6488 - No User Data 6490 - Cookie Received While Shutting Down 6492 - Restart of an Association with New Addressess 6494 Replace each reference to [RFC4460] by a reference to this 6495 document for the following cause codes: 6497 - User Initiated Abort 6498 - Protocol Violation 6500 * In the SCTP Payload Protocol Identifiers Registry replace in the 6501 Reference section the reference to [RFC6096] by a reference to 6502 this document. 6504 Replace each reference to [RFC4960] by a reference to this 6505 document for the following SCTP payload protocol identifiers: 6507 - Reserved by SCTP 6509 SCTP requires that the IANA Port Numbers registry be opened for SCTP 6510 port registrations, Section 15.6 describes how. An IESG-appointed 6511 Expert Reviewer supports IANA in evaluating SCTP port allocation 6512 requests. 6514 IANA is requested to perform the following update for the Port Number 6515 registry. Replace each reference to [RFC4960] by a reference to this 6516 document for the following SCTP port numbers: 6518 * 9 (discard) 6520 * 20 (ftp-data) 6522 * 21 (ftp) 6524 * 22 (ssh) 6526 * 80 (http) 6528 * 179 (bgp) 6530 * 443 (https) 6532 Furthermore, IANA is requested to replace in the HTTP Digest 6533 Algorithm Values registry the reference to Appendix B of [RFC4960] to 6534 Appendix A of this document. 6536 IANA is also requested to replace in the ONC RPC Netids registry, 6537 each of the reference to [RFC4960] by a reference to this document 6538 for the following netids: 6540 * sctp 6542 * sctp6 6543 IANA is finally requested to replace in the IPFIX Information 6544 Elements registry, each of the reference to [RFC4960] by a reference 6545 to this document for the following elements with the name: 6547 * sourceTransportPort 6549 * destinationTransportPort 6551 * collectorTransportPort 6553 * exporterTransportPort 6555 * postNAPTSourceTransportPort 6557 * postNAPTDestinationTransportPort 6559 15.1. IETF-Defined Chunk Extension 6561 The assignment of new chunk type codes is done through an IETF Review 6562 action, as defined in [RFC8126]. Documentation for a new chunk MUST 6563 contain the following information: 6565 a) A long and short name for the new chunk type. 6567 b) A detailed description of the structure of the chunk, which MUST 6568 conform to the basic structure defined in Section 3.2. 6570 c) A detailed definition and description of intended use of each 6571 field within the chunk, including the chunk flags if any. 6572 Defined chunk flags will be used as initial entries in the chunk 6573 flags table for the new chunk type. 6575 d) A detailed procedural description of the use of the new chunk 6576 type within the operation of the protocol. 6578 The last chunk type (255) is reserved for future extension if 6579 necessary. 6581 For each new chunk type, IANA creates a registration table for the 6582 chunk flags of that type. The procedure for registering particular 6583 chunk flags is described in Section 15.2. 6585 15.2. IETF Chunk Flags Registration 6587 The assignment of new chunk flags is done through an RFC Required 6588 action, as defined in [RFC8126]. Documentation for the chunk flags 6589 MUST contain the following information: 6591 a) A name for the new chunk flag. 6593 b) A detailed procedural description of the use of the new chunk 6594 flag within the operation of the protocol. It MUST be considered 6595 that implementations not supporting the flag will send 0 on 6596 transmit and just ignore it on receipt. 6598 IANA selects a chunk flags value. This MUST be one of 0x01, 0x02, 6599 0x04, 0x08, 0x10, 0x20, 0x40, or 0x80, which MUST be unique within 6600 the chunk flag values for the specific chunk type. 6602 15.3. IETF-Defined Chunk Parameter Extension 6604 The assignment of new chunk parameter type codes is done through an 6605 IETF Review action as defined in [RFC8126]. Documentation of the 6606 chunk parameter MUST contain the following information: 6608 a) Name of the parameter type. 6610 b) Detailed description of the structure of the parameter field. 6611 This structure MUST conform to the general Type-Length-Value 6612 format described in Section 3.2.1. 6614 c) Detailed definition of each component of the parameter value. 6616 d) Detailed description of the intended use of this parameter type, 6617 and an indication of whether and under what circumstances 6618 multiple instances of this parameter type can be found within the 6619 same chunk. 6621 e) Each parameter type MUST be unique across all chunks. 6623 15.4. IETF-Defined Additional Error Causes 6625 Additional cause codes can be allocated in the range 11 to 65535 6626 through a Specification Required action as defined in [RFC8126]. 6627 Provided documentation MUST include the following information: 6629 a) Name of the error condition. 6631 b) Detailed description of the conditions under which an SCTP 6632 endpoint issues an ERROR (or ABORT) chunk with this cause code. 6634 c) Expected action by the SCTP endpoint that receives an ERROR (or 6635 ABORT) chunk containing this cause code. 6637 d) Detailed description of the structure and content of data fields 6638 that accompany this cause code. 6640 The initial word (32 bits) of a cause code parameter MUST conform to 6641 the format shown in Section 3.3.10, i.e.: 6643 * first 2 bytes contain the cause code value 6645 * last 2 bytes contain the length of the cause parameter. 6647 15.5. Payload Protocol Identifiers 6649 The assignment of payload protocol identifier is done using the First 6650 Come First Served policy as defined in [RFC8126]. 6652 Except for value 0, which is reserved to indicate an unspecified 6653 payload protocol identifier in a DATA chunk, an SCTP implementation 6654 will not be responsible for standardizing or verifying any payload 6655 protocol identifiers; An SCTP implementation simply receives the 6656 identifier from the upper layer and carries it with the corresponding 6657 payload data. 6659 The upper layer, i.e., the SCTP user, SHOULD standardize any specific 6660 protocol identifier with IANA if it is so desired. The use of any 6661 specific payload protocol identifier is out of the scope of this 6662 specification. 6664 15.6. Port Numbers Registry 6666 SCTP services can use contact port numbers to provide service to 6667 unknown callers, as in TCP and UDP. IANA is requested to open the 6668 existing "Service Name and Transport Protocol Port Number Registry" 6669 for SCTP using the following rules, which we intend to mesh well with 6670 existing port-number registration procedures. An IESG-appointed 6671 expert reviewer supports IANA in evaluating SCTP port allocation 6672 requests, according to the procedure defined in [RFC8126]. The 6673 details of this process are defined in [RFC6335]. 6675 16. Suggested SCTP Protocol Parameter Values 6677 The following protocol parameters are RECOMMENDED: 6679 RTO.Initial: 1 second 6681 RTO.Min: 1 second 6683 RTO.Max: 60 seconds 6685 Max.Burst: 4 6687 RTO.Alpha: 1/8 6688 RTO.Beta: 1/4 6690 Valid.Cookie.Life: 60 seconds 6692 Association.Max.Retrans: 10 attempts 6694 Path.Max.Retrans: 5 attempts (per destination address) 6696 Max.Init.Retransmits: 8 attempts 6698 HB.interval: 30 seconds 6700 HB.Max.Burst: 1 6702 SACK.Delay: 200 milliseconds 6704 Implementation Note: The SCTP implementation can allow ULP to 6705 customize some of these protocol parameters (see Section 11). 6707 'RTO.Min' SHOULD be set as described above in this section. 6709 17. Acknowledgements 6711 An undertaking represented by this updated document is not a small 6712 feat and represents the summation of the initial co-authors of 6713 [RFC2960]: Q. Xie, K. Morneault, C. Sharp, H. Schwarzbauer, 6714 T. Taylor, I. Rytina, M. Kalla, L. Zhang, and V. Paxson. 6716 Add to that, the comments from everyone who contributed to [RFC2960]: 6717 Mark Allman, R. J. Atkinson, Richard Band, Scott Bradner, Steve 6718 Bellovin, Peter Butler, Ram Dantu, R. Ezhirpavai, Mike Fisk, Sally 6719 Floyd, Atsushi Fukumoto, Matt Holdrege, Henry Houh, Christian 6720 Huitema, Gary Lehecka, Jonathan Lee, David Lehmann, John Loughney, 6721 Daniel Luan, Barry Nagelberg, Thomas Narten, Erik Nordmark, Lyndon 6722 Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno Rajahalme, 6723 Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez, A. Sankar, Greg 6724 Sidebottom, Brian Wyld, La Monte Yarroll, and many others for their 6725 invaluable comments. 6727 Then, add the co-authors of [RFC4460]: I. Arias-Rodriguez, K. Poon, 6728 and A. Caro. 6730 Then add to these the efforts of all the subsequent seven SCTP 6731 interoperability tests and those who commented on [RFC4460] as shown 6732 in its acknowledgements: Barry Zuckerman, La Monte Yarroll, Qiaobing 6733 Xie, Wang Xiaopeng, Jonathan Wood, Jeff Waskow, Mike Turner, John 6734 Townsend, Sabina Torrente, Cliff Thomas, Yuji Suzuki, Manoj Solanki, 6735 Sverre Slotte, Keyur Shah, Jan Rovins, Ben Robinson, Renee Revis, Ian 6736 Periam, RC Monee, Sanjay Rao, Sujith Radhakrishnan, Heinz Prantner, 6737 Biren Patel, Nathalie Mouellic, Mitch Miers, Bernward Meyknecht, Stan 6738 McClellan, Oliver Mayor, Tomas Orti Martin, Sandeep Mahajan, David 6739 Lehmann, Jonathan Lee, Philippe Langlois, Karl Knutson, Joe Keller, 6740 Gareth Keily, Andreas Jungmaier, Janardhan Iyengar, Mutsuya Irie, 6741 John Hebert, Kausar Hassan, Fred Hasle, Dan Harrison, Jon Grim, 6742 Laurent Glaude, Steven Furniss, Atsushi Fukumoto, Ken Fujita, Steve 6743 Dimig, Thomas Curran, Serkan Cil, Melissa Campbell, Peter Butler, Rob 6744 Brennan, Harsh Bhondwe, Brian Bidulock, Caitlin Bestler, Jon Berger, 6745 Robby Benedyk, Stephen Baucke, Sandeep Balani, and Ronnie Sellar. 6747 A special thanks to Mark Allman, who should actually be a co-author 6748 for his work on the max-burst, but managed to wiggle out due to a 6749 technicality. 6751 Also, we would like to acknowledge Lyndon Ong and Phil Conrad for 6752 their valuable input and many contributions. 6754 Furthermore, you have [RFC4960], and those who have commented upon 6755 that including Alfred Hönes and Ronnie Sellars. 6757 Then, add the co-author of [RFC8540]: Maksim Proshin. 6759 And people who have commented on [RFC8540]: Pontus Andersson, Eric 6760 W. Biederman, Cedric Bonnet, Spencer Dawkins, Gorry Fairhurst, 6761 Benjamin Kaduk, Mirja Kühlewind, Peter Lei, Gyula Marosi, Lionel 6762 Morand, Jeff Morriss, Tom Petch, Kacheong Poon, Julien Pourtet, Irene 6763 Rüngeler, Michael Welzl, and Qiaobing Xie. 6765 And finally the people who have provided comments for this document 6766 including Gorry Fairhurst, Martin Duke, Tero Kivinen, Eliot Lear, 6767 Marcelo Ricardo Leitner, David Mandelberg, John Mattsson, Claudio 6768 Porfiri, Maksim Proshin, Ines Robles, Timo Völker, Magnus Westerlund, 6769 and Zhouming. 6771 Our thanks cannot be adequately expressed to all of you who have 6772 participated in the coding, testing, and updating process of this 6773 document. All we can say is, Thank You! 6775 18. Normative References 6777 [ITU.V42.1994] 6778 International Telecommunications Union, "Error-correcting 6779 Procedures for DCEs Using Asynchronous-to-Synchronous 6780 Conversion", ITU-T Recommendation V.42, 1994. 6782 [RFC1122] Braden, R., Ed., "Requirements for Internet Hosts - 6783 Communication Layers", STD 3, RFC 1122, 6784 DOI 10.17487/RFC1122, October 1989, 6785 . 6787 [RFC1123] Braden, R., Ed., "Requirements for Internet Hosts - 6788 Application and Support", STD 3, RFC 1123, 6789 DOI 10.17487/RFC1123, October 1989, 6790 . 6792 [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, 6793 DOI 10.17487/RFC1191, November 1990, 6794 . 6796 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 6797 DOI 10.17487/RFC1982, August 1996, 6798 . 6800 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 6801 Requirement Levels", BCP 14, RFC 2119, 6802 DOI 10.17487/RFC2119, March 1997, 6803 . 6805 [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission 6806 Protocol (SCTP) Management Information Base (MIB)", 6807 RFC 3873, DOI 10.17487/RFC3873, September 2004, 6808 . 6810 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 6811 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 6812 2006, . 6814 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 6815 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 6816 December 2005, . 6818 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 6819 RFC 4303, DOI 10.17487/RFC4303, December 2005, 6820 . 6822 [RFC4895] Tuexen, M., Stewart, R., Lei, P., and E. Rescorla, 6823 "Authenticated Chunks for the Stream Control Transmission 6824 Protocol (SCTP)", RFC 4895, DOI 10.17487/RFC4895, August 6825 2007, . 6827 [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion 6828 Control", RFC 5681, DOI 10.17487/RFC5681, September 2009, 6829 . 6831 [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. 6832 Cheshire, "Internet Assigned Numbers Authority (IANA) 6833 Procedures for the Management of the Service Name and 6834 Transport Protocol Port Number Registry", BCP 165, 6835 RFC 6335, DOI 10.17487/RFC6335, August 2011, 6836 . 6838 [RFC6083] Tuexen, M., Seggelmann, R., and E. Rescorla, "Datagram 6839 Transport Layer Security (DTLS) for Stream Control 6840 Transmission Protocol (SCTP)", RFC 6083, 6841 DOI 10.17487/RFC6083, January 2011, 6842 . 6844 [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. 6845 Kivinen, "Internet Key Exchange Protocol Version 2 6846 (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October 6847 2014, . 6849 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 6850 Writing an IANA Considerations Section in RFCs", BCP 26, 6851 RFC 8126, DOI 10.17487/RFC8126, June 2017, 6852 . 6854 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 6855 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 6856 May 2017, . 6858 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 6859 (IPv6) Specification", STD 86, RFC 8200, 6860 DOI 10.17487/RFC8200, July 2017, 6861 . 6863 [RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed., 6864 "Path MTU Discovery for IP version 6", STD 87, RFC 8201, 6865 DOI 10.17487/RFC8201, July 2017, 6866 . 6868 [RFC8899] Fairhurst, G., Jones, T., Tüxen, M., Rüngeler, I., and T. 6869 Völker, "Packetization Layer Path MTU Discovery for 6870 Datagram Transports", RFC 8899, DOI 10.17487/RFC8899, 6871 September 2020, . 6873 19. Informative References 6875 [FALL96] Fall, K. and S. Floyd, "Simulation-based Comparisons of 6876 Tahoe, Reno, and SACK TCP", SIGCOM 99, V. 26, N. 3, 6877 pp 5-21, July 1996. 6879 [SAVAGE99] Savage, S., Cardwell, N., Wetherall, D., and T. Anderson, 6880 "TCP Congestion Control with a Misbehaving Receiver", ACM 6881 Computer Communications Review 29(5), October 1999. 6883 [ALLMAN99] Allman, M. and V. Paxson, "On Estimating End-to-End 6884 Network Path Properties", SIGCOM 99, 1999. 6886 [WILLIAMS93] 6887 Williams, R., "A PAINLESS GUIDE TO CRC ERROR DETECTION 6888 ALGORITHMS", SIGCOM 99, August 1993, 6889 . 6892 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 6893 DOI 10.17487/RFC0768, August 1980, 6894 . 6896 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, 6897 RFC 793, DOI 10.17487/RFC0793, September 1981, 6898 . 6900 [RFC1858] Ziemba, G., Reed, D., and P. Traina, "Security 6901 Considerations for IP Fragment Filtering", RFC 1858, 6902 DOI 10.17487/RFC1858, October 1995, 6903 . 6905 [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- 6906 Hashing for Message Authentication", RFC 2104, 6907 DOI 10.17487/RFC2104, February 1997, 6908 . 6910 [RFC2196] Fraser, B., "Site Security Handbook", FYI 8, RFC 2196, 6911 DOI 10.17487/RFC2196, September 1997, 6912 . 6914 [RFC2522] Karn, P. and W. Simpson, "Photuris: Session-Key Management 6915 Protocol", RFC 2522, DOI 10.17487/RFC2522, March 1999, 6916 . 6918 [RFC2960] Stewart, R., Xie, Q., Morneault, K., Sharp, C., 6919 Schwarzbauer, H., Taylor, T., Rytina, I., Kalla, M., 6920 Zhang, L., and V. Paxson, "Stream Control Transmission 6921 Protocol", RFC 2960, DOI 10.17487/RFC2960, October 2000, 6922 . 6924 [RFC3465] Allman, M., "TCP Congestion Control with Appropriate Byte 6925 Counting (ABC)", RFC 3465, DOI 10.17487/RFC3465, February 6926 2003, . 6928 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 6929 "Randomness Requirements for Security", BCP 106, RFC 4086, 6930 DOI 10.17487/RFC4086, June 2005, 6931 . 6933 [RFC4460] Stewart, R., Arias-Rodriguez, I., Poon, K., Caro, A., and 6934 M. Tuexen, "Stream Control Transmission Protocol (SCTP) 6935 Specification Errata and Issues", RFC 4460, 6936 DOI 10.17487/RFC4460, April 2006, 6937 . 6939 [RFC4960] Stewart, R., Ed., "Stream Control Transmission Protocol", 6940 RFC 4960, DOI 10.17487/RFC4960, September 2007, 6941 . 6943 [RFC6096] Tuexen, M. and R. Stewart, "Stream Control Transmission 6944 Protocol (SCTP) Chunk Flags Registration", RFC 6096, 6945 DOI 10.17487/RFC6096, January 2011, 6946 . 6948 [RFC6458] Stewart, R., Tuexen, M., Poon, K., Lei, P., and V. 6949 Yasevich, "Sockets API Extensions for the Stream Control 6950 Transmission Protocol (SCTP)", RFC 6458, 6951 DOI 10.17487/RFC6458, December 2011, 6952 . 6954 [RFC6951] Tuexen, M. and R. Stewart, "UDP Encapsulation of Stream 6955 Control Transmission Protocol (SCTP) Packets for End-Host 6956 to End-Host Communication", RFC 6951, 6957 DOI 10.17487/RFC6951, May 2013, 6958 . 6960 [RFC7053] Tuexen, M., Ruengeler, I., and R. Stewart, "SACK- 6961 IMMEDIATELY Extension for the Stream Control Transmission 6962 Protocol", RFC 7053, DOI 10.17487/RFC7053, November 2013, 6963 . 6965 [RFC8260] Stewart, R., Tuexen, M., Loreto, S., and R. Seggelmann, 6966 "Stream Schedulers and User Message Interleaving for the 6967 Stream Control Transmission Protocol", RFC 8260, 6968 DOI 10.17487/RFC8260, November 2017, 6969 . 6971 [RFC8261] Tuexen, M., Stewart, R., Jesup, R., and S. Loreto, 6972 "Datagram Transport Layer Security (DTLS) Encapsulation of 6973 SCTP Packets", RFC 8261, DOI 10.17487/RFC8261, November 6974 2017, . 6976 [RFC8540] Stewart, R., Tuexen, M., and M. Proshin, "Stream Control 6977 Transmission Protocol: Errata and Issues in RFC 4960", 6978 RFC 8540, DOI 10.17487/RFC8540, February 2019, 6979 . 6981 Appendix A. CRC32c Checksum Calculation 6983 We define a 'reflected value' as one that is the opposite of the 6984 normal bit order of the machine. The 32-bit CRC (Cyclic Redundancy 6985 Check) is calculated as described for CRC32c and uses the polynomial 6986 code 0x11EDC6F41 (Castagnoli93) or 6987 x^32+x^28+x^27+x^26+x^25+x^23+x^22+x^20+x^19+x^18+ 6988 x^14+x^13+x^11+x^10+x^9+x^8+x^6+x^0. The CRC is computed using a 6989 procedure similar to ETHERNET CRC [ITU.V42.1994], modified to reflect 6990 transport-level usage. 6992 CRC computation uses polynomial division. A message bit-string M is 6993 transformed to a polynomial, M(X), and the CRC is calculated from 6994 M(X) using polynomial arithmetic. 6996 When CRCs are used at the link layer, the polynomial is derived from 6997 on-the-wire bit ordering: the first bit 'on the wire' is the high- 6998 order coefficient. Since SCTP is a transport-level protocol, it 6999 cannot know the actual serial-media bit ordering. Moreover, 7000 different links in the path between SCTP endpoints can use different 7001 link-level bit orders. 7003 A convention therefore is established for mapping SCTP transport 7004 messages to polynomials for purposes of CRC computation. The bit- 7005 ordering for mapping SCTP messages to polynomials is that bytes are 7006 taken most-significant first, but within each byte, bits are taken 7007 least-significant first. The first byte of the message provides the 7008 eight highest coefficients. Within each byte, the least-significant 7009 SCTP bit gives the most-significant polynomial coefficient within 7010 that byte, and the most-significant SCTP bit is the least-significant 7011 polynomial coefficient in that byte. (This bit ordering is sometimes 7012 called 'mirrored' or 'reflected' [WILLIAMS93].) CRC polynomials are 7013 to be transformed back into SCTP transport-level byte values, using a 7014 consistent mapping. 7016 The SCTP transport-level CRC value can be calculated as follows: 7018 * CRC input data are assigned to a byte stream, numbered from 0 to 7019 N-1. 7021 * The transport-level byte stream is mapped to a polynomial value. 7022 An N-byte PDU with j bytes numbered 0 to N-1 is considered as 7023 coefficients of a polynomial M(x) of order 8N-1, with bit 0 of 7024 byte j being coefficient x^(8(N-j)-8), and bit 7 of byte j being 7025 coefficient x^(8(N-j)-1). 7027 * The CRC remainder register is initialized with all 1s and the CRC 7028 is computed with an algorithm that simultaneously multiplies by 7029 x^32 and divides by the CRC polynomial. 7031 * The polynomial is multiplied by x^32 and divided by G(x), the 7032 generator polynomial, producing a remainder R(x) of degree less 7033 than or equal to 31. 7035 * The coefficients of R(x) are considered a 32-bit sequence. 7037 * The bit sequence is complemented. The result is the CRC 7038 polynomial. 7040 * The CRC polynomial is mapped back into SCTP transport-level bytes. 7041 The coefficient of x^31 gives the value of bit 7 of SCTP byte 0, 7042 and the coefficient of x^24 gives the value of bit 0 of byte 0. 7043 The coefficient of x^7 gives bit 7 of byte 3, and the coefficient 7044 of x^0 gives bit 0 of byte 3. The resulting 4-byte transport- 7045 level sequence is the 32-bit SCTP checksum value. 7047 Implementation Note: Standards documents, textbooks, and vendor 7048 literature on CRCs often follow an alternative formulation, in which 7049 the register used to hold the remainder of the long-division 7050 algorithm is initialized to zero rather than all-1s, and instead the 7051 first 32 bits of the message are complemented. The long-division 7052 algorithm used in our formulation is specified such that the initial 7053 multiplication by 2^32 and the long-division are combined into one 7054 simultaneous operation. For such algorithms, and for messages longer 7055 than 64 bits, the two specifications are precisely equivalent. That 7056 equivalence is the intent of this document. 7058 Implementors of SCTP are warned that both specifications are to be 7059 found in the literature, sometimes with no restriction on the long- 7060 division algorithm. The choice of formulation in this document is to 7061 permit non-SCTP usage, where the same CRC algorithm can be used to 7062 protect messages shorter than 64 bits. 7064 There can be a computational advantage in validating the association 7065 against the Verification Tag, prior to performing a checksum, as 7066 invalid tags will result in the same action as a bad checksum in most 7067 cases. The exceptions for this technique would be packets containing 7068 INIT chunks and some SHUTDOWN-COMPLETE chunks, as well as a stale 7069 COOKIE ECHO chunks. These special-case exchanges represent small 7070 packets and will minimize the effect of the checksum calculation. 7072 The following non-normative sample code is taken from an open-source 7073 CRC generator [WILLIAMS93], using the "mirroring" technique and 7074 yielding a lookup table for SCTP CRC32c with 256 entries, each 32 7075 bits wide. While neither especially slow nor especially fast, as 7076 software table-lookup CRCs go, it has the advantage of working on 7077 both big-endian and little-endian CPUs, using the same (host-order) 7078 lookup tables, and using only the predefined ntohl() and htonl() 7079 operations. The code is somewhat modified from [WILLIAMS93], to 7080 ensure portability between big-endian and little-endian 7081 architectures. (Note that if the byte endian-ness of the target 7082 architecture is known to be little-endian, the final bit-reversal and 7083 byte-reversal steps can be folded into a single operation.) 7085 7086 /****************************************************************/ 7087 /* Note: The definitions for Ross Williams's table generator */ 7088 /* would be TB_WIDTH=4, TB_POLY=0x1EDC6F41, TB_REVER=TRUE. */ 7089 /* For Mr. Williams's direct calculation code, use the settings */ 7090 /* cm_width=32, cm_poly=0x1EDC6F41, cm_init=0xFFFFFFFF, */ 7091 /* cm_refin=TRUE, cm_refot=TRUE, cm_xorot=0x00000000. */ 7092 /****************************************************************/ 7094 /* Example of the crc table file */ 7095 #ifndef __crc32cr_h__ 7096 #define __crc32cr_h__ 7098 #define CRC32C_POLY 0x1EDC6F41UL 7099 #define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF]) 7101 uint32_t crc_c[256] = { 7102 0x00000000UL, 0xF26B8303UL, 0xE13B70F7UL, 0x1350F3F4UL, 7103 0xC79A971FUL, 0x35F1141CUL, 0x26A1E7E8UL, 0xD4CA64EBUL, 7104 0x8AD958CFUL, 0x78B2DBCCUL, 0x6BE22838UL, 0x9989AB3BUL, 7105 0x4D43CFD0UL, 0xBF284CD3UL, 0xAC78BF27UL, 0x5E133C24UL, 7106 0x105EC76FUL, 0xE235446CUL, 0xF165B798UL, 0x030E349BUL, 7107 0xD7C45070UL, 0x25AFD373UL, 0x36FF2087UL, 0xC494A384UL, 7108 0x9A879FA0UL, 0x68EC1CA3UL, 0x7BBCEF57UL, 0x89D76C54UL, 7109 0x5D1D08BFUL, 0xAF768BBCUL, 0xBC267848UL, 0x4E4DFB4BUL, 7110 0x20BD8EDEUL, 0xD2D60DDDUL, 0xC186FE29UL, 0x33ED7D2AUL, 7111 0xE72719C1UL, 0x154C9AC2UL, 0x061C6936UL, 0xF477EA35UL, 7112 0xAA64D611UL, 0x580F5512UL, 0x4B5FA6E6UL, 0xB93425E5UL, 7113 0x6DFE410EUL, 0x9F95C20DUL, 0x8CC531F9UL, 0x7EAEB2FAUL, 7114 0x30E349B1UL, 0xC288CAB2UL, 0xD1D83946UL, 0x23B3BA45UL, 7115 0xF779DEAEUL, 0x05125DADUL, 0x1642AE59UL, 0xE4292D5AUL, 7116 0xBA3A117EUL, 0x4851927DUL, 0x5B016189UL, 0xA96AE28AUL, 7117 0x7DA08661UL, 0x8FCB0562UL, 0x9C9BF696UL, 0x6EF07595UL, 7118 0x417B1DBCUL, 0xB3109EBFUL, 0xA0406D4BUL, 0x522BEE48UL, 7119 0x86E18AA3UL, 0x748A09A0UL, 0x67DAFA54UL, 0x95B17957UL, 7120 0xCBA24573UL, 0x39C9C670UL, 0x2A993584UL, 0xD8F2B687UL, 7121 0x0C38D26CUL, 0xFE53516FUL, 0xED03A29BUL, 0x1F682198UL, 7122 0x5125DAD3UL, 0xA34E59D0UL, 0xB01EAA24UL, 0x42752927UL, 7123 0x96BF4DCCUL, 0x64D4CECFUL, 0x77843D3BUL, 0x85EFBE38UL, 7124 0xDBFC821CUL, 0x2997011FUL, 0x3AC7F2EBUL, 0xC8AC71E8UL, 7125 0x1C661503UL, 0xEE0D9600UL, 0xFD5D65F4UL, 0x0F36E6F7UL, 7126 0x61C69362UL, 0x93AD1061UL, 0x80FDE395UL, 0x72966096UL, 7127 0xA65C047DUL, 0x5437877EUL, 0x4767748AUL, 0xB50CF789UL, 7128 0xEB1FCBADUL, 0x197448AEUL, 0x0A24BB5AUL, 0xF84F3859UL, 7129 0x2C855CB2UL, 0xDEEEDFB1UL, 0xCDBE2C45UL, 0x3FD5AF46UL, 7130 0x7198540DUL, 0x83F3D70EUL, 0x90A324FAUL, 0x62C8A7F9UL, 7131 0xB602C312UL, 0x44694011UL, 0x5739B3E5UL, 0xA55230E6UL, 7132 0xFB410CC2UL, 0x092A8FC1UL, 0x1A7A7C35UL, 0xE811FF36UL, 7133 0x3CDB9BDDUL, 0xCEB018DEUL, 0xDDE0EB2AUL, 0x2F8B6829UL, 7134 0x82F63B78UL, 0x709DB87BUL, 0x63CD4B8FUL, 0x91A6C88CUL, 7135 0x456CAC67UL, 0xB7072F64UL, 0xA457DC90UL, 0x563C5F93UL, 7136 0x082F63B7UL, 0xFA44E0B4UL, 0xE9141340UL, 0x1B7F9043UL, 7137 0xCFB5F4A8UL, 0x3DDE77ABUL, 0x2E8E845FUL, 0xDCE5075CUL, 7138 0x92A8FC17UL, 0x60C37F14UL, 0x73938CE0UL, 0x81F80FE3UL, 7139 0x55326B08UL, 0xA759E80BUL, 0xB4091BFFUL, 0x466298FCUL, 7140 0x1871A4D8UL, 0xEA1A27DBUL, 0xF94AD42FUL, 0x0B21572CUL, 7141 0xDFEB33C7UL, 0x2D80B0C4UL, 0x3ED04330UL, 0xCCBBC033UL, 7142 0xA24BB5A6UL, 0x502036A5UL, 0x4370C551UL, 0xB11B4652UL, 7143 0x65D122B9UL, 0x97BAA1BAUL, 0x84EA524EUL, 0x7681D14DUL, 7144 0x2892ED69UL, 0xDAF96E6AUL, 0xC9A99D9EUL, 0x3BC21E9DUL, 7145 0xEF087A76UL, 0x1D63F975UL, 0x0E330A81UL, 0xFC588982UL, 7146 0xB21572C9UL, 0x407EF1CAUL, 0x532E023EUL, 0xA145813DUL, 7147 0x758FE5D6UL, 0x87E466D5UL, 0x94B49521UL, 0x66DF1622UL, 7148 0x38CC2A06UL, 0xCAA7A905UL, 0xD9F75AF1UL, 0x2B9CD9F2UL, 7149 0xFF56BD19UL, 0x0D3D3E1AUL, 0x1E6DCDEEUL, 0xEC064EEDUL, 7150 0xC38D26C4UL, 0x31E6A5C7UL, 0x22B65633UL, 0xD0DDD530UL, 7151 0x0417B1DBUL, 0xF67C32D8UL, 0xE52CC12CUL, 0x1747422FUL, 7152 0x49547E0BUL, 0xBB3FFD08UL, 0xA86F0EFCUL, 0x5A048DFFUL, 7153 0x8ECEE914UL, 0x7CA56A17UL, 0x6FF599E3UL, 0x9D9E1AE0UL, 7154 0xD3D3E1ABUL, 0x21B862A8UL, 0x32E8915CUL, 0xC083125FUL, 7155 0x144976B4UL, 0xE622F5B7UL, 0xF5720643UL, 0x07198540UL, 7156 0x590AB964UL, 0xAB613A67UL, 0xB831C993UL, 0x4A5A4A90UL, 7157 0x9E902E7BUL, 0x6CFBAD78UL, 0x7FAB5E8CUL, 0x8DC0DD8FUL, 7158 0xE330A81AUL, 0x115B2B19UL, 0x020BD8EDUL, 0xF0605BEEUL, 7159 0x24AA3F05UL, 0xD6C1BC06UL, 0xC5914FF2UL, 0x37FACCF1UL, 7160 0x69E9F0D5UL, 0x9B8273D6UL, 0x88D28022UL, 0x7AB90321UL, 7161 0xAE7367CAUL, 0x5C18E4C9UL, 0x4F48173DUL, 0xBD23943EUL, 7162 0xF36E6F75UL, 0x0105EC76UL, 0x12551F82UL, 0xE03E9C81UL, 7163 0x34F4F86AUL, 0xC69F7B69UL, 0xD5CF889DUL, 0x27A40B9EUL, 7164 0x79B737BAUL, 0x8BDCB4B9UL, 0x988C474DUL, 0x6AE7C44EUL, 7165 0xBE2DA0A5UL, 0x4C4623A6UL, 0x5F16D052UL, 0xAD7D5351UL, 7166 }; 7168 #endif 7170 /* Example of table build routine */ 7172 #include 7173 #include 7175 #define OUTPUT_FILE "crc32cr.h" 7176 #define CRC32C_POLY 0x1EDC6F41UL 7178 static FILE *tf; 7180 static uint32_t 7181 reflect_32(uint32_t b) 7182 { 7183 int i; 7184 uint32_t rw = 0UL; 7186 for (i = 0; i < 32; i++) { 7187 if (b & 1) 7188 rw |= 1 << (31 - i); 7189 b >>= 1; 7190 } 7191 return (rw); 7192 } 7194 static uint32_t 7195 build_crc_table (int index) 7196 { 7197 int i; 7198 uint32_t rb; 7200 rb = reflect_32(index); 7202 for (i = 0; i < 8; i++) { 7203 if (rb & 0x80000000UL) 7204 rb = (rb << 1) ^ (uint32_t)CRC32C_POLY; 7205 else 7206 rb <<= 1; 7208 } 7209 return (reflect_32(rb)); 7210 } 7212 int 7213 main (void) 7214 { 7215 int i; 7217 printf("\nGenerating CRC32c table file <%s>.\n", 7218 OUTPUT_FILE); 7219 if ((tf = fopen(OUTPUT_FILE, "w")) == NULL) { 7220 printf("Unable to open %s.\n", OUTPUT_FILE); 7221 exit (1); 7222 } 7223 fprintf(tf, "#ifndef __crc32cr_h__\n"); 7224 fprintf(tf, "#define __crc32cr_h__\n\n"); 7225 fprintf(tf, "#define CRC32C_POLY 0x%08XUL\n", 7226 (uint32_t)CRC32C_POLY); 7227 fprintf(tf, 7228 "#define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF])\n"); 7229 fprintf(tf, "\nuint32_t crc_c[256] =\n{\n"); 7230 for (i = 0; i < 256; i++) { 7231 fprintf(tf, "0x%08XUL,", build_crc_table (i)); 7232 if ((i & 3) == 3) 7233 fprintf(tf, "\n"); 7234 else 7235 fprintf(tf, " "); 7236 } 7237 fprintf(tf, "};\n\n#endif\n"); 7239 if (fclose(tf) != 0) 7240 printf("Unable to close <%s>.\n", OUTPUT_FILE); 7241 else 7242 printf("\nThe CRC32c table has been written to <%s>.\n", 7243 OUTPUT_FILE); 7244 return (0); 7245 } 7247 /* Example of crc insertion */ 7249 #include "crc32cr.h" 7251 uint32_t 7252 generate_crc32c(unsigned char *buffer, unsigned int length) 7253 { 7254 unsigned int i; 7255 uint32_t crc32 = 0xffffffffUL; 7256 uint32_t result; 7257 uint8_t byte0, byte1, byte2, byte3; 7259 for (i = 0; i < length; i++) { 7260 CRC32C(crc32, buffer[i]); 7261 } 7263 result = ~crc32; 7265 /* result now holds the negated polynomial remainder, 7266 * since the table and algorithm are "reflected" [williams95]. 7267 * That is, result has the same value as if we mapped the message 7268 * to a polynomial, computed the host-bit-order polynomial 7269 * remainder, performed final negation, and then did an 7270 * end-for-end bit-reversal. 7271 * Note that a 32-bit bit-reversal is identical to four in-place 7272 * 8-bit bit-reversals followed by an end-for-end byteswap. 7273 * In other words, the bits of each byte are in the right order, 7274 * but the bytes have been byteswapped. So, we now do an explicit 7275 * byteswap. On a little-endian machine, this byteswap and 7276 * the final ntohl cancel out and could be elided. 7277 */ 7279 byte0 = result & 0xff; 7280 byte1 = (result>>8) & 0xff; 7281 byte2 = (result>>16) & 0xff; 7282 byte3 = (result>>24) & 0xff; 7283 crc32 = ((byte0 << 24) | 7284 (byte1 << 16) | 7285 (byte2 << 8) | 7286 byte3); 7287 return (crc32); 7288 } 7290 int 7291 insert_crc32(unsigned char *buffer, unsigned int length) 7292 { 7293 SCTP_message *message; 7294 uint32_t crc32; 7295 message = (SCTP_message *) buffer; 7296 message->common_header.checksum = 0UL; 7297 crc32 = generate_crc32c(buffer,length); 7298 /* and insert it into the message */ 7299 message->common_header.checksum = htonl(crc32); 7300 return (1); 7301 } 7303 int 7304 validate_crc32(unsigned char *buffer, unsigned int length) 7305 { 7306 SCTP_message *message; 7307 unsigned int i; 7308 uint32_t original_crc32; 7309 uint32_t crc32; 7311 /* save and zero checksum */ 7312 message = (SCTP_message *)buffer; 7313 original_crc32 = ntohl(message->common_header.checksum); 7314 message->common_header.checksum = 0L; 7315 crc32 = generate_crc32c(buffer, length); 7316 return ((original_crc32 == crc32) ? 1 : -1); 7317 } 7318 7320 Authors' Addresses 7322 Randall R. Stewart 7323 Netflix, Inc. 7324 2455 Heritage Green Ave 7325 Davenport, FL 33837 7326 United States 7328 Email: randall@lakerest.net 7330 Michael Tüxen 7331 Münster University of Applied Sciences 7332 Stegerwaldstrasse 39 7333 48565 Steinfurt 7334 Germany 7336 Email: tuexen@fh-muenster.de 7338 Karen E. E. Nielsen 7339 Kamstrup A/S 7340 Industrivej 28 7341 DK-8660 Skanderborg 7342 Denmark 7344 Email: kee@kamstrup.com