Lecture 9 SCTP Sockets - PowerPoint PPT Presentation

1 / 46
About This Presentation
Title:

Lecture 9 SCTP Sockets

Description:

Initial Transmission Sequence Number (TSN) Number of Outbound Streams. INIT Chunk. SCTP ... DATA chunk TSN=116. SACK chunk Cumulative TSN=113. Gap Ack Block #1 ... – PowerPoint PPT presentation

Number of Views:402
Avg rating:3.0/5.0
Slides: 47
Provided by: mgu8
Category:
Tags: sctp | lecture | sockets | tsn

less

Transcript and Presenter's Notes

Title: Lecture 9 SCTP Sockets


1
Lecture 9SCTP Sockets
  • CPE 401 / 601Computer Network Systems

slides are modified from Janardhan Iyengar, John
Rumsey, Nimish Vartak
2
Where is SCTP in the stack?
Application
Application
Socket API
Socket API
UDP
TCP
UDP
TCP
3
SCTP Motivation
  • New applications
  • Migration from PSTN to Packet based Internet
  • Telephony signaling messages
  • Shortcomings of existing protocols
  • TCP
  • head-of-line blocking
  • Byte-oriented, not message-oriented
  • Multi-homing support not built in
  • DoS attack prone
  • UDP
  • No Reliability
  • Absence of congestion control
  • Absence of flow control

4
SCTP Overview
  • SCTP is a reliable transport protocol operating
    on top of a connectionless packet network such as
    IP.
  • RFC 2960
  • Has built-in support for multi-homed hosts
  • Is message-based conserves the message
    boundaries.
  • Classifies messages as
  • sequenced delivery of user messages within
    multiple streams
  • with an option for un-ordered delivery of
    individual user messages
  • Additional security mechanisms

5
SCTP Feature Summary
  • Start with TCP
  • reliable (retransmissions)
  • congestion controlled
  • connection oriented
  • Add
  • 4-way handshake
  • to reduce vulnerability to DOS attacks
  • framing
  • preserve message boundaries
  • multistreaming
  • instead of one ordered stream, up to 64K
    independent ordered streams
  • multihoming
  • instead of one IP address per endpoint a set
    of IP addresses per endpoint

6
TCP Connection Setup
A
B
closed
t0
listen
SYN
SYN sent
SYN-ACK
1RTT
SYN recd (TCB created)
ACK
data
established
estabd
7
SYN Flooding Attack
attackers
Flooded!!
victim
130.2.4.15
128.3.4.5
TCB
SYN
TCB
228.3.14.5
192.10.2.8
SYN
TCB
TCB
190.13.4.1
SYN
TCB
221.3.5.10
Unavailable, reserved resources
  • There is no ACK in response to the SYN-ACK,
    hence connection
  • remains half-open
  • Other genuine clients cannot open connections
    to the victim
  • The victim is unable to provide service

8
SCTP Features (contd )
  • Connection setup

(SYN) INIT
(SYN-ACK) INIT-ACK
COOKIE-ECHO
COOKIE-ACK
End-Point A
End-Point Z
9
Whats in a cookie?
  • Information from original INIT
  • Information from current INIT-ACK
  • Timestamp
  • Life span of cookie (Time to live)
  • Signature for authentication (SHA-1, MD5, etc.)

10
SCTP Association Setup
V Verification tag I Initiate tag
closed
A
B
t0
INIT (V0) (ITagA)
cookie wait
INITACK (VTagA) (ITagB) (StateCookie)
closed
1RTT
COOKIEECHO (VTagB) (StateCookie)
cookie echoed
COOKIEACK (VTagA)
2RTT
estabd
data (VTagB)
established
11
SCTP Features (contd )
  • Connection close

SHUTDOWN
SHUTDOWN-ACK
SHUTDOWN-CMPL
End-Point A
End-Point Z
No Half Closed State
12
Graceful Shutdown
A
B
App signals shutdown
(pending data)
Shutdown pending
SHUTDOWN
Shutdown received
Shutdown sent
(pending data)
SHUTDOWN-ACK
Shutdown-Ack sent
SHUTDOWN-COMPLETE
Closed
Closed
13
SCTP state diagram
14
SCTP Feature Summary
  • Start with TCP
  • reliable (retransmissions)
  • congestion controlled
  • connection oriented
  • Add
  • 4-way handshake
  • to reduce vulnerability to DOS attacks
  • framing
  • preserve message boundaries
  • multistreaming
  • instead of one ordered stream, up to 64K
    independent ordered streams
  • multihoming
  • instead of one IP address per endpoint a set
    of IP addresses per endpoint

15
Message Boundaries
  • UDP honors message boundaries
  • Each app message becomes a datagram
  • TCP does not honor message boundaries
  • App messages become part of a byte stream
  • SCTP maintains message boundaries
  • Each app message is maintained as one or more
    data chunks

16
Chunks in SCTP
17
SCTP Header
  • Source Port Destination Port
  • Uses same port concept as TCP and UDP
  • Verification Tag
  • Exchanged between endpoints at startup
  • To Validate the sender
  • Checksum
  • Protected by 32 bit checksum (CRC32 algorithm)

SCTP Header
Source Port
Destination Port
Verification Tag
Checksum
4 4 2 2
18
SCTP Chunks
  • Type
  • Used to distinguish data chunks and different
    types of control chunks
  • Flags
  • Usage depends on Chunk type
  • Length
  • Required because chunks have a variable length
  • Value
  • Payload field

Chunk
Flags
Type
Value
Length
N 2 1 1
19
INIT Chunk
20
Data Chunk
21
Selective Acknowledgement
22
SACK Chunk
23
SCTP Feature Summary
  • Start with TCP
  • reliable (retransmissions)
  • congestion controlled
  • connection oriented
  • Add
  • 4-way handshake
  • to reduce vulnerability to DOS attacks
  • framing
  • preserve message boundaries
  • multistreaming
  • instead of one ordered stream, up to 64K
    independent ordered streams
  • multihoming
  • instead of one IP address per endpoint a set
    of IP addresses per endpoint

24
Multi-streaming
  • A.k.a. partial ordering. Eliminates Head of Line
    (HOL) blocking
  • In TCP, all data must be sent in order loss at
    head of line delays delivery of subsequent data
  • In SCTP, you can send over up to 64K independent
    streams, each ordered independently
  • A loss on one stream does not delay the delivery
    on other streams i.e. multi-streaming eliminates
    HOL blocking

25
Head-of-Line Blocking in TCP
S
Rs App
R
1
2
ACK 2
3
1
4
ACK 3
2
5
ACK 3
6
ACK 3
ACK 3
PDU 3 is blocking the head of the line.
26
Head-of-line Blocking
  • TCP provides a single data stream
  • When a segment is lost, subsequent segments must
    wait to be processed.
  • Problem for some applications (telephony)
  • SCTP provides multiple independent streams per
    association

27
SCTP Multistreaming
  • Logical separation of data within an assoc
  • Designed to prevent head-of-line blocking
  • Can be used to deliver multiple objects belonging
    to the same assoc
  • Eg objects on a webpage, multimedia streams
    (audio/video/text), files in an FTP mget

28
SCTP Feature Summary
  • Start with TCP
  • reliable (retransmissions)
  • congestion controlled
  • connection oriented
  • Add
  • 4-way handshake
  • to reduce vulnerability to DOS attacks
  • framing
  • preserve message boundaries
  • multistreaming
  • instead of one ordered stream, up to 64K
    independent ordered streams
  • multihoming
  • instead of one IP address per endpoint a set
    of IP addresses per endpoint

29
Multi-homing
Internet
End-Point A
End-Point Z
  • In TCP, connections made between
    and
  • If a host is multi-homed, you have to choose ONE
    IP Addr only, at each end
  • If that interface goes down, so does the
    connection
  • With SCTP, you can list as many IP addresses per
    endpoint as you like
  • If host is still reachable through ANY of those
    addresses, connection stays up.

30
SCTP Multi-Homing
  • Multiple src/dest ip addresses
  • Use of different physical paths not guaranteed
  • Peer reachability and path status are monitored
    (heartbeat)
  • One selectable default destination
  • Parameters per path (cwnd, ssthresh, RTT)

31
What is SCTP Multihoming?
  • Hosts pick 1 of 4 possible TCP connections
  • (A1, B1), (A1, B2), (A2, B1), (A2, B2)
  • Hosts use 1 SCTP association
  • (A1,A2, B1,B2)
  • Selectable primary dest Host A ? B1 Host B ?
    A1
  • New data sent only to primary destination

32
Multihoming Operation
SACK
33
SCTP Summary
Well suited for Multimedia
  • Like TCP
  • Provides connection establishment
  • Ensures Reliability
  • Provisions for ordered and un-ordered data
  • Provides Congestion Control
  • In addition to TCP features
  • Provides multi-homing
  • Provides multi-streaming
  • Has security features

34
(No Transcript)
35
SCTP Socket Types
  • SCTP socket API comes in two forms one-to-one
    and one-to-many.
  • The one-to-many at one time was known by the UDP
    style socket. The one-to-one used to be called
    the a TCP style socket.
  • So what is the purpose of each socket style and
    how can it be used?

36
One-to-One style
  • The purpose of the one-to-one style socket is to
    provide a smooth transition mechanism for those
    applications running on TCP and wishing to move
    to SCTP.
  • The same semantics used in TCP are used with this
    style.
  • A server will typically open the socket, make a
    call to listen (to accept associations), and call
    accept, blocking upon the arrival of a new
    association.
  • The only notable difference between a TCP socket
    and a SCTP socket is the socket call uses
    IPPROTO_SCTP instead of IPPROTO_TCP (or 0).

37
One-to-One Example Server
  • int sd, newfd, sosz
  • struct sockaddr_in6 sin6
  • sosz sizeof(sin6)
  • sd socket(AF_INET6, SOCK_STREAM, IPPROTO_SCTP)
  • listen(sd, 1)
  • while (1)
  • newfd accept(sd, (struct sockaddr )sin6,
    sosz)
  • do_child_stuff(newfd, sin6, sosz)

38
One-to-Many style
  • A typical server using a one-to-many style socket
    will do a socket() call, followed by a listen()
    and recvfrom().
  • A typical client will just sendto() the server of
    his choice.
  • Note that the connect() and accept() call are not
    needed.
  • The connect() call can be done by either side
    (server or client) but it is not needed.
  • Note that this style is more like what a UDP
    client/server would look like thus the previous
    name.

39
One-to-many Example Server
  • int sd, newfd, sosz, msg_flags
  • struct sockaddr_in6 sin6
  • struct sndrcvinfo snd_rcv
  • char buf8000
  • sosz sizeof(sin6)
  • sd socket(AF_INET6, SOCK_SEQPKT, IPPROTO_SCTP)
  • listen(sd, 1)
  • while (1)
  • len sctp_recvmsg(sd, buf, sizeof(buf),
    (sockaddr )sin6, sosz,
    snd_rcv, msg_flags)
  • do_child_stuff(newfd, buf, len, sin6,
    snd_rcv, msg_flags)

40
SCTP Notifications
  • The SCTP stack, at times, has information it may
    wish to share with its application (or Upper
    Layer Protocol ... ULP).
  • The ULP can turn off and on specific
    notifications via a socket options call.
  • By default ALL notifications are off.
  • We can get a notification
  • By reading data and looking at the msg_flags, if
    the message read is a notification, then
    "MSG_NOTIFICATION is contained within the
    msg_flags argument upon return.

41
Deciphering Notifications
  • Every Notification uses a TLV format as
    illustrated below
  • Type of notifications
  • SCTP_ASSOC_CHANGE
  • SCTP_PEER_ADDR_CHANGE
  • SCTP_REMOTE_ERROR
  • SCTP_SEND_FAILED
  • SCTP_SHUTDOWN_EVENT
  • ....

struct sctp_tlv u_int16_t sn_type u_int16_t
sn_flags u_int32_t sn_length
42
Socket Options
  • SCTP provides a host of socket options to perform
    a mirad of operations.
  • Some have unique structures others just turn
    things on and off with boolean's or integers.
  • SCTP_NODELAY
  • SCTP_MAXSEG
  • SCTP_ASSOCINFO
  • SCTP_AUTOCLOSE
  • SCTP_ADAPTION_LAYER
  • SCTP_DEFAULT_SEND_PARAM
  • SCTP_DISABLE_FRAGMENTS
  • ...

43
Extended system calls.
  • sctp_connectx
  • Allows a user to specify multiple address to
    attempt to connect too.
  • sctp_bindx
  • Allows an application to bind a set of addresses
    instead of one or all addresses.
  • sctp_opt_info
  • Some implementations do not support a
    getsockopt() call that allows data to be passed
    both ways. This call is compatible with all
    implementations.
  • sctp_peeloff
  • this call is used to convert a single association
    that is part of a one-to-many socket into an
    individual new socket descriptor that is a
    one-to-one socket.

44
Extended system calls
  • sctp_getpaddrs
  • This call will return a block of memory holding
    the peers addresses currently part of the
    association.
  • sctp_freepaddrs
  • This call is used to release the memory back that
    the sctp_getpaddrs call allocated.
  • sctp_getladdrs
  • This call will return a block of memory holding
    the local addresses bound to an association.
  • sctp_freeladdrs
  • This call should be used to release the memory
    allocated by sctp-getladdrs back to the system.

45
Extended system calls
  • sctp_sendmsg
  • This call will allow the caller to specify on the
    command line things like the stream number and
    other SCTPish information to be sent with a
    message.
  • sctp_send
  • This call has a similar purpose to sctp_sendmsg
    but instead of a large number of command line
    options, a sctp_sendrcvinfo structure is used to
    pass the relevant information.
  • sctp_recvmsg
  • This call (as we saw previously) is used to
    receive a message but also a sctp_sendrcvinfo
    structure with details on the message (e.g. The
    stream number and stream sequence number).

46
Summary
  • SCTP is a new transport protocol
  • available now in bleeding edge Linux and BSD
    kernels,and will make its way into the
    mainstream
  • It has some cool new features
Write a Comment
User Comments (0)
About PowerShow.com