640 likes | 870 Views
SCTP Stream Control Transmission Protocol. Ramakrishna Velagapudi Sudheer kumar Adumulla Karthik Dhoopati. SCTP-Outline. Motivation Overview of SCTP Architectural View of SCTP Functional View of SCTP Features of SCTP Message Formats Comparison with other protocols Security issues
E N D
SCTPStream Control Transmission Protocol Ramakrishna Velagapudi Sudheer kumar Adumulla Karthik Dhoopati
SCTP-Outline • Motivation • Overview of SCTP • Architectural View of SCTP • Functional View of SCTP • Features of SCTP • Message Formats • Comparison with other protocols • Security issues • Performance issues • Current Implementations • Conclusions
Network-level architecture IP reference model
SCTP – Motivation (contd …) • New applications • Migration from PSTN to Packet based Internet • Telephony signaling messages • Shortcomings of existing protocols • TCP • “head-of-line blocking” • Byte-oriented, not message-oriented • Multi-homing support not built in • DoS attack prone • UDP • No Reliability • Absence of congestion control • Absence of flow control
SCTP – Motivation (contd …) • Many applications need reliable message delivery – they do so by delineating a TCP stream • TCP provides both strict-ordering and reliability – many applications may not need both • HTTP is one such application • While transferring multiple embedded files we only want • Reliable file transfer for each file • Partial ordering for the packets of each file but not total ordering amongst all the packets • TCP provides more than this (but overhead?) • SCTP may help (how? – later)
Client Server Request file Send file SCTP-Motivation HTTP Server Architecture Single File Transfer ( Both TCP and SCTP are similar) Child process
Client Server Request file 0 Send file 0 Request file 1..N Send file 1,2,…N SCTP-Motivation HTTP Server Architecture Multiple File Transfer (Embedded files)- TCP Child process
Client Server Request file 0 Send file 0 – stream 0 Request files 1..N Send file 1 – stream 1 Send file N – stream N SCTP-Motivation HTTP Server Architecture Multiple Files Transfer (Embedded Files) SCTP Child process
What is SCTP?- Overview • Originally designed to support PSTN signaling messages over IP Networks • It is a reliable transport protocol operating on top of a connectionless packet network such as IP (same level as TCP)
SCTP – Overview (contd …) • “SCTP is a reliable transport protocol operating on top of a connectionless packet network such as IP. …” – RFC 2960 • Has built-in support for multi-homed hosts • Is message-based – conserves the message boundaries. • Classifies messages as: • sequenced delivery of user messages within multiple streams • with an option for un-ordered delivery of individual user messages • Additional security mechanisms
Architectural View of SCTP • The basic service offered by SCTP is reliable transfer of user messages between peer SCTP users. • Each end point provides a list of transport addresses to the other end point (i.e., multiple IP addresses in combination with an SCTP port).
Architectural View of SCTP The association spans transfers over all of the possible source/destination combinations which may be generated from each endpoint's lists.
Functional View of SCTP • Association startup and takedown. • Sequenced delivery within streams. • User data fragmentation. • Acknowledgement and congestion avoidance. • Chunk bundling. • Packet validation. • Path management.
Functional View of SCTP:Association startup and takedown. • An association is initiated by a request from the SCTP user. • A cookie mechanism is employed during the initialization to provide protection against security attacks. • SCTP provides a graceful (with the SHUTDOWN primitive) ,as well as an ungraceful close (i.e., abort). • SCTP does not support a half-open state (like TCP) wherein one side may continue sending data while the other is closed.
Functional View of SCTP: Sequenced delivery within streams • Stream– Sequence of user messages. • SCTP user can specify at association startup time the number of streams to be supported. • SCTP assigns a stream sequence number to each message. • In the receiving side, it ensures that messages are delivered in sequence with in a given stream. • While one stream may be blocked waiting for the next in-sequence user message, delivery from other streams may proceed.
Functional View of SCTP: User data fragmentation. • SCTP can fragment user messages to ensure that the SCTP packet passed to the lower layer confirms to the path MTU. • On receipt, fragments are reassembled into complete messages before being passed to the SCTP user.
Functional View of SCTP: ACK and congestion avoidance. • SCTP assigns a Transmission Sequence Number (TSN, independent of stream sequence number) to each user data fragment or unfragmented message. • The receiving end acknowledges all TSNs. • The acknowledgement and congestion avoidance function is responsible for packet retransmission when timely ACK is not received. • Congestion avoidance procedures similar to those used for TCP are used.
Functional View of SCTP: Chunk bundling • Each chunk may contain either user data or SCTP control information. • Chunk bundling function is responsible for the assembly of the complete SCTP packet and its disassembly at the receiving end.
Functional View of SCTP: Packet validation • A mandatory verification tag field and a 32 bit checksum field are included in the SCTP common header. • Packets received without the expected Verification Tag value are discarded (as a protection against blind masquerade attacks). • ckecksum provides protection against data corruption in the network.
Functional View of SCTP: Path management • Monitors Reachability. • Responsible for reporting the eligible set local transport addresses.. • At association start-up, a primary path is defined for each SCTP end point. • On the receiving end, the path management is responsible for verifying the existence of a valid SCTP association to which the inbound SCTP packet belongs before passing it for further processing.
SCTP – Key Features • Connection set-up • Multi-homing • Data sending • Multi-streaming • Connection shut-down
SCTP – Connection setup (SYN) INIT (SYN-ACK) INIT-ACK COOKIE-ECHO COOKIE-ACK End-Point A End-Point Z
Hand Shake TCB-Transmission control block
SCTP – Multi-homing Internet End-Point A End-Point Z
SCTP Multi-Homing • SCTP endpoints exchange the lists of IP addresses used at the remote endpoint. One of the listed IP addresses will be designed as the primary address. • If the primary address repeatedly drops chunks, however, all chunks will be transmitted to an alternate address.
Data Delivery:TCP • Data transmission in TCP is byte-stream oriented; in SCTP, it is message-oriented. • In TCP, data is transported as a consecutive stream of bytes between two endpoints. • The receiving application will need to do some complex buffering and framing to reconstruct the messages.
Data Delivery:SCTP • SCTP: Each message is delivered as a complete read, which lifts a lot of the work off the application layer. • Unordered Delivery: SCTP allows for data to be sent reliably but unordered.
SACKs • All acknowledgements in SCTP are with SACKs. They are useful as they indicate if there are any gaps in the transmission. • TCP can only report four missing data packets in a SACK, SCTP allows for much larger amounts to be reported.
Congestion Control • This is a critical element in any transport protocol. • It regulates the flow of data entering the network, limiting it to accommodate for occurrences of congestion. • SCTP and TCP hold the same congestion control mechanism- Additive Increase, Multiplicative Decrease (AIMD) congestion window management.
What about multistreaming in TCP? • Multistreaming can be achieved in TCP, however it involves opening multiple TCP connections which each act as a stream to send data. • Opening multiple TCP connections is TCP-unfriendly, which means that a pair of communicating nodes will obtain a larger proportion of the available channel bandwidth.
SCTP Multi-Streaming • The Stream Sequence Number (SSN)
SCTP – Connection close SHUTDOWN SHUTDOWN-ACK SHUTDOWN-CMPL End-Point A End-Point Z No Half Closed State
Key Issues • Differences between TCP and SCTP. • Security Issues • Performance Analysis • Implementations • Conclusion and references
Major Differences from TCP • SCTP is message oriented as opposed to being byte stream oriented • SCTP has the concept of an association instead of a connection • Each association can have multiple streams • SCTP separates reliable transfer of datagrams from the delivery mechanism • SCTP supports multihoming
Security issue in TCP • Some TCP implementations have been known to be vulnerable to blind denial of service attacks, i.e., attacks that had been executed by an attacker that could not see most of the traffic to or from the target host. • Blind connection forgery is another potential threat to TCP. By guessing valid sequence numbers, an attacker would be able to forge a connection.
Hand Shake TCB-Transmission control block
Security issues in SCTP • To make it hard for blind attackers to inject forged SCTP datagrams into existing associations, each side of an SCTP association uses a 32 bit value called "Verification Tag" to ensure that a datagram really belongs to the existing association. • Unlike in TCP, usage of cookie in association establishment is made mandatory in SCTP. • It is important to note that neither TCP nor SCTP protect itself from man-in-the-middle attacks where an established session might be hijacked
Security issues (cont) • Also, to prevent blind connection/session setup forgery, both TCP implementations supporting SYN-cookies and SCTP implementations rely on a server-known, secret key to protect the HMAC data. It must be ensured that this key is created subject to the recommendations • Reference:-Network working group, Siemens 2002
Performance analysis • This experiment was conducted on the Linux implementation of SCTP,LKSCTP. • The DataTAG Transatlantic gigabit network extends from Geneva to Chicago. (Approx 4000 miles) • On both sides of the link are two dual processor Intel Pentium 4 machines. • The link is composed of a 1 Gigabit channel.
Cont… • Test runs of the 2 protocols (SCTP and then TCP) were done for a being able to make a fair comparison of the two. • http://datatag.web.cern.ch/datatag/WP3/sctp/tests.htm