1 / 40

SCTP: Stream Control Transfer Protocol

SCTP: Stream Control Transfer Protocol. Naveen Kumar Department of Computer and Information Sciences *Some slides have been taken from Prof. Amer. TCP Limitations. Head-of-Line blocking Strict ordering of data Doesn’t preserve boundaries Limited scope of TCP sockets

kellsie
Download Presentation

SCTP: Stream Control Transfer Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SCTP: Stream Control Transfer Protocol Naveen Kumar Department of Computer and Information Sciences *Some slides have been taken from Prof. Amer

  2. TCP Limitations • Head-of-Line blocking • Strict ordering of data • Doesn’t preserve boundaries • Limited scope of TCP sockets • Vulnerable to SYN attacks

  3. SCTP: Transport Layer HOST 1 HOST 2 network

  4. Features of SCTP • Multi streaming • Multi homing • Connection oriented • Immune to denial of service attacks • Message framing

  5. Multi Streaming

  6. TCP: Multiple connections file transfer text voice video sender receiver Efficient..? voice text file transfer video TCP buffers TCP buffers transport IP data link physical 4 independent connections

  7. SCTP: Multi streaming file transfer text voice video sender receiver • SCTP Packet File text transfer chunk chunk video text voice file transfer transport stream buffers stream buffers IP data link physical 1 association w/4 streams

  8. SCTP: Multi streaming • A stream is Uni-directional • SCTP makes no correlation between an inbound and outbound stream • An association may have more streams travelling in one direction than the other. Stream 0 Stream 1 Stream 2 Stream n

  9. Multi-homing

  10. SCTP: Association • An association in SCTP is analogous to connection in TCP • An SCTP association can be represented as a pair of SCTP endpoints: association = { [10.1.61.11 : 2223], [161.10.8.221, 120.1.1.5 : 80] }

  11. Multi-homing Network 1 IP=128.33.6.12 IP=123.45.17.9 IP=19.234.45.5 Network 2 IP=42.45.78.12 IP=10.13.56.9 Network n sender=[128.33.6.12, 198.3.69.5: 6590] receiver=[123.45.17.9, 19.234.45.5, 42.45.78.12: 80]

  12. TCP data transfer without loss data data sent by application delivered to application data to be sent receive buffer (6) 6 5 6 5 4 6 6 5 4 3 5 4 6 3 2 6 4 3 1 2 5 6 5 4 3 2 1 A1 B1 6 1 5 3 4 2 2 3 5 4 6 1 A2 B2

  13. TCP data transfer with loss data data sent from application delivered to application data to be sent receive buffer (6) 6 5 6 4 5 3 4 2 3 1 2 6 5 4 3 1 2 retransmission loss A1 B1 3 2 6 4 1 5 4 5 1 6 2 3 A2 B2

  14. SCTP data transfer without loss data data sent by application delivered to application data to be sent receive buffer (6) 6 6 5 5 4 6 4 5 6 3 6 3 4 5 2 1 6 5 2 4 3 2 3 4 5 6 1 A1 B1 3 4 1 6 5 2 2 4 5 6 3 1 A2 B2

  15. SCTP data transfer with loss data data sent from application delivered to application data to be sent receive buffer (6) 6 6 5 4 5 4 3 2 3 6 1 2 5 4 3 6 1 2 loss A1 B1 3 2 1 5 4 6 3 1 5 6 4 A2 B2 2 2 retransmission

  16. TCP data transfer single path failure data data sent by application delivered to application data to be sent receive buffer (6) 6 5 6 4 5 6 6 5 3 4 2 3 4 5 1 3 4 2 connection fails! 3 1 2 A1 B1 4 2 6 5 3 6 5 4 1 6 5 4 1 3 6 4 2 5 A2 B2

  17. SCTP data transfer with single path failure data data sent by application delivered to application data to be sent receive buffer (6) 6 6 5 6 5 4 4 5 6 3 4 6 5 2 3 5 2 1 3 6 4 5 3 4 2 1 6 A1 B1 6 3 4 5 1 2 1 2 5 4 3 6 A2 B2 6 5 6 5 4 4 retransmission

  18. Packet Format

  19. SCTP Packet Format Common Header Control Chunk • Data Chunk COMMON HEADER CHUNK # 1 CHUNK # 2 …………….. CHUNK # n

  20. SCTP Chunk Types

  21. Association Setup

  22. SCTP: Four-way Association Setup V: Verification tag I : Initiate tag closed t=0 INIT(V=0) (I=TagA) cookie wait INIT–ACK(V=TagA) (I=TagB)(State Cookie) closed 1RTT COOKIE–ECHO(V=TagB) (State Cookie) cookie echoed COOKIE–ACK(V=TagA) 2RTT estab’d data (V=TagB) established

  23. What is in the COOKIE ? • Information from original INIT • Information from current INIT-ACK • Timestamp • Life span of cookie (Time to Live) • Signature for authentication (MD5)

  24. Data Transfer

  25. SCTP: Data Transfer

  26. SCTP: Packet Parameters • TSN(32 bits) : A 32-bit sequence number attached to each chunk containing user data to permit the receiving SCTP endpoint to acknowledge its receipt and detect duplicate deliveries. • SI(16 bits): Identifies the stream to which the following user data belongs. • SSN(16 bits) : A sequence number to assure sequenced delivery of the user messages within a given stream.

  27. SCTP: Packets, Data, Chunk and Streams

  28. SCTP: Data Transfer

  29. Association Shutdown

  30. SCTP: Graceful Shutdown Upper layer invokes SHUTDOWN estbl’d estbl’d DATA DATA shutdown_pending SACK SHUTDOWN stop accepting data shutdown_sent

  31. shutdown_pending SHUTDOWN stop accepting data DATA shutdown_sent shutdown_received SHUTDOWN + SACK SHUTDOWN_ACK shutdown_ack_sent SHUTDOWN_COMPLETE closed (delete TCB)‏ closed (delete TCB)‏

  32. Message Framing

  33. A-PDU 3 • TCP does not preserve • message boundaries A-PDU 2 A-PDU 1 bytes 201 - 300 Web client bytes 101 - 200 bytes 1 – 75 bytes 1 - 100 bytes 76 – 175 bytes 176 – 230 TCP connection bytes 231 – 300 Web server

  34. SCTP preserves • message boundaries A-PDU 3 A-PDU 1 A-PDU 2 A-PDU 2 A-PDU 3 A-PDU 1 bytes 201 - 300 bytes 1 - 100 bytes 101 - 200 bytes 101 - 200 bytes 1 - 100 bytes 201 - 300 SCTP association Web client Web server

  35. Immune to attacks

  36. SYN 130.2.4.15 TCB TCB 228.3.14.5 SYN SYN 190.13.4.1 TCB SYN SYN SYN 190.13.4.1 228.3.14.5 130.2.4.15 TCP Flooding Attack process SYN (victim) TCP-based web server (attackers) spoofed SYN’s Internet 128.3.4.5 192.10.2.8 221.3.5.10 flooded!! TCB = Transport Control Block

  37. INIT 130.2.4.15 228.3.14.5 INIT INIT 190.13.4.1 INIT-ACK INIT-ACK INIT-ACK 190.13.4.1 130.2.4.15 228.3.14.5 The SCTP Way: 4-way handshake limits attack process INIT (victim) SCTP-based web server (attackers) spoofed INIT’s Internet 128.3.4.5 192.10.2.8 221.3.5.10 No reserved resources No flooding!!

  38. SCTP Implementations • COMPANY IMPLEMENTATION OS TYPE Open-Source Kernel FreeBSD/Net BSD • Continuos Computing User space UNIX/LINUX/ • VxWorks/ Windows Ulticom Kernel Solaris and Linux Sun Microsystems Kernel SolarisSparc/X86 IBM Kernel AIX CISCO Proprietary IOS

  39. SCTP VS TCP VS UDP

  40. Any Questions ?

More Related