Transcript document
SCTP Stream Control Transmission Protocol Ramakrishna Velagapudi Sudheer kumar Adumulla Karthik Dhoopati SCTP-Outline Motivation Overview of SCTP Architectural View of SCTP Functional View of SCTP Features of SCTP Message Formats Comparison with other protocols Security issues Performance issues Current Implementations Conclusions Network-level architecture IP reference model SCTP – Motivation (contd …) New applications Migration from PSTN to Packet based Internet Telephony signaling messages Shortcomings of existing protocols TCP “head-of-line blocking” Byte-oriented, not message-oriented Multi-homing support not built in DoS attack prone UDP No Reliability Absence of congestion control Absence of flow control SCTP – Motivation (contd …) Many applications need reliable message delivery – they do so by delineating a TCP stream TCP provides both strict-ordering and reliability – many applications may not need both HTTP is one such application While transferring multiple embedded files we only want Reliable file transfer for each file Partial ordering for the packets of each file but not total ordering amongst all the packets TCP provides more than this (but overhead?) SCTP may help (how? – later) SCTP-Motivation HTTP Server Architecture Single File Transfer ( Both TCP and SCTP are similar) Request file Server Client Send file Child process SCTP-Motivation HTTP Server Architecture Multiple File Transfer (Embedded files)- TCP Request file 0 Client Server Send file 0 Request file 1..N Send file 1,2,…N Child process SCTP-Motivation HTTP Server Architecture Multiple Files Transfer (Embedded Files) SCTP Request file 0 Client Server Send file 0 – stream 0 Request files 1..N Send file 1 – stream 1 Send file N – stream N Child process What is SCTP?- Overview Originally designed to support PSTN signaling messages over IP Networks It is a reliable transport protocol operating on top of a connectionless packet network such as IP (same level as TCP) SCTP – Overview (contd …) “SCTP is a reliable transport protocol operating on top of a connectionless packet network such as IP. …” – RFC 2960 Has built-in support for multi-homed hosts Is message-based – conserves the message boundaries. Classifies messages as: sequenced delivery of user messages within multiple streams with an option for un-ordered delivery of individual user messages Additional security mechanisms Architectural View of SCTP The basic service offered by SCTP is reliable transfer of user messages between peer SCTP users. Each end point provides a list of transport addresses to the other end point (i.e., multiple IP addresses in combination with an SCTP port). Architectural View of SCTP The association spans transfers over all of the possible source/destination combinations which may be generated from each endpoint's lists. Functional View of SCTP Association startup and takedown. Sequenced delivery within streams. User data fragmentation. Acknowledgement and congestion avoidance. Chunk bundling. Packet validation. Path management. Functional View of SCTP: Association startup and takedown. An association is initiated by a request from the SCTP user. A cookie mechanism is employed during the initialization to provide protection against security attacks. SCTP provides a graceful (with the SHUTDOWN primitive) ,as well as an ungraceful close (i.e., abort). SCTP does not support a half-open state (like TCP) wherein one side may continue sending data while the other is closed. Functional View of SCTP: Sequenced delivery within streams Stream– Sequence of user messages. SCTP user can specify at association startup time the number of streams to be supported. SCTP assigns a stream sequence number to each message. In the receiving side, it ensures that messages are delivered in sequence with in a given stream. While one stream may be blocked waiting for the next in-sequence user message, delivery from other streams may proceed. Functional View of SCTP: User data fragmentation. SCTP can fragment user messages to ensure that the SCTP packet passed to the lower layer confirms to the path MTU. On receipt, fragments are reassembled into complete messages before being passed to the SCTP user. Functional View of SCTP: ACK and congestion avoidance. SCTP assigns a Transmission Sequence Number (TSN, independent of stream sequence number) to each user data fragment or unfragmented message. The receiving end acknowledges all TSNs. The acknowledgement and congestion avoidance function is responsible for packet retransmission when timely ACK is not received. Congestion avoidance procedures similar to those used for TCP are used. Functional View of SCTP: Chunk bundling Each chunk may contain either user data or SCTP control information. Chunk bundling function is responsible for the assembly of the complete SCTP packet and its disassembly at the receiving end. Functional View of SCTP: Packet validation A mandatory verification tag field and a 32 bit checksum field are included in the SCTP common header. Packets received without the expected Verification Tag value are discarded (as a protection against blind masquerade attacks). ckecksum provides protection against data corruption in the network. Functional View of SCTP: Path management Monitors Reachability. Responsible for reporting the eligible set local transport addresses.. At association start-up, a primary path is defined for each SCTP end point. On the receiving end, the path management is responsible for verifying the existence of a valid SCTP association to which the inbound SCTP packet belongs before passing it for further processing. SCTP – Key Features Connection set-up Multi-homing Data sending Multi-streaming Connection shut-down SCTP – Connection setup (SYN) INIT (SYN-ACK) INIT-ACK COOKIE-ECHO COOKIE-ACK End-Point A End-Point Z Hand Shake TCB-Transmission control block SCTP – Multi-homing Internet End-Point A End-Point Z SCTP Multi-Homing SCTP endpoints exchange the lists of IP addresses used at the remote endpoint. One of the listed IP addresses will be designed as the primary address. If the primary address repeatedly drops chunks, however, all chunks will be transmitted to an alternate address. SCTP – Data sending Data Delivery:TCP Data transmission in TCP is byte-stream oriented; in SCTP, it is message-oriented. In TCP, data is transported as a consecutive stream of bytes between two endpoints. The receiving application will need to do some complex buffering and framing to reconstruct the messages. Data Delivery:SCTP SCTP: Each message is delivered as a complete read, which lifts a lot of the work off the application layer. Unordered Delivery: SCTP allows for data to be sent reliably but unordered. SACKs All acknowledgements in SCTP are with SACKs. They are useful as they indicate if there are any gaps in the transmission. TCP can only report four missing data packets in a SACK, SCTP allows for much larger amounts to be reported. Congestion Control This is a critical element in any transport protocol. It regulates the flow of data entering the network, limiting it to accommodate for occurrences of congestion. SCTP and TCP hold the same congestion control mechanism- Additive Increase, Multiplicative Decrease (AIMD) congestion window management. SCTP – Multi-streaming SCTP Multistreaming What about multistreaming in TCP? Multistreaming can be achieved in TCP, however it involves opening multiple TCP connections which each act as a stream to send data. Opening multiple TCP connections is TCP-unfriendly, which means that a pair of communicating nodes will obtain a larger proportion of the available channel bandwidth. SCTP Multi-Streaming The Stream Sequence Number (SSN) SCTP – Message Format SCTP – Connection close SHUTDOWN SHUTDOWN-ACK SHUTDOWN-CMPL End-Point A End-Point Z No Half Closed State Comparison between SCTP, TCP and UDP Feature SCTP TCP UDP Reliable Data Transfer Yes Yes No Multi-homed Host Support Yes No No Multi-Stream Support Yes No No Security against SYN attacks Yes No No Unordered Data Delivery Yes No Yes Key Issues Differences between TCP and SCTP. Security Issues Performance Analysis Implementations Conclusion and references Major Differences from TCP SCTP is message oriented as opposed to being byte stream oriented SCTP has the concept of an association instead of a connection Each association can have multiple streams SCTP separates reliable transfer of datagrams from the delivery mechanism SCTP supports multihoming Security issue in TCP Some TCP implementations have been known to be vulnerable to blind denial of service attacks, i.e., attacks that had been executed by an attacker that could not see most of the traffic to or from the target host. Blind connection forgery is another potential threat to TCP. By guessing valid sequence numbers, an attacker would be able to forge a connection. Hand Shake TCB-Transmission control block Security issues in SCTP To make it hard for blind attackers to inject forged SCTP datagrams into existing associations, each side of an SCTP association uses a 32 bit value called "Verification Tag" to ensure that a datagram really belongs to the existing association. Unlike in TCP, usage of cookie in association establishment is made mandatory in SCTP. It is important to note that neither TCP nor SCTP protect itself from man-in-the-middle attacks where an established session might be hijacked Security issues (cont) Also, to prevent blind connection/session setup forgery, both TCP implementations supporting SYN-cookies and SCTP implementations rely on a server-known, secret key to protect the HMAC data. It must be ensured that this key is created subject to the recommendations Reference:-Network working group, Siemens 2002 Performance analysis This experiment was conducted on the Linux implementation of SCTP,LKSCTP. The DataTAG Transatlantic gigabit network extends from Geneva to Chicago. (Approx 4000 miles) On both sides of the link are two dual processor Intel Pentium 4 machines. The link is composed of a 1 Gigabit channel. Cont… Test runs of the 2 protocols (SCTP and then TCP) were done for a being able to make a fair comparison of the two. http://datatag.web.cern.ch/datatag/WP3/sctp/t ests.htm TCP Outperforms SCTP…. Bandwidth for long time intervals Data transfers for long time intervals Data transfers for short time intervals Bandwidth over entire time period Data transfer over entire time period Data Analysis The TCP bandwidth drops for long time intervals, however still maintaining a sizeable gap over SCTP It is evident from these results that TCP provides a significantly higher bandwidth than SCTP, which at times only reaches about 5% of the TCP bandwidth. The tests show that this performance gap exists across a range of various time intervals. Data Analysis SCTP is still a new protocol compared to TCP, which has been around since the early 1980s. A great deal of work has been carried out in regard to performance in TCP. The same degree of performance work has not been undertaken in SCTP yet (although there are plans to do so). A substantial amount of time and effort has been devoted to work on the Linux TCP stack to improve performance; this is not the case with LKSCTP, which is primarily developed on BSD kernels. Data analysis…cont. The priority in the LKSCTP project has been to make SCTP feature complete. Only recently have they been turning their attention to performance issues. The performance gap exists for now, but given time the developers will likely be able to close the gap. The LKSCTP project holds great potential and it is probably just a matter of time before the performance gap is closed and SCTP becomes a real contender with TCP. SCTP – Implementations Implementation The M2PA protocol supports the transport of Signaling System Number 7 (SS7) M2UA is used for backhauling of SS7 MTP2-User signaling messages over IP using the Stream Control Transmission Protocol (SCTP). M3UA supports the transport of any SS7 MTP3User signalling (such as ISUP and SCCP messages) over IP, using the services of the Stream Control Transmission Protocol (SCTP) Alternative Protocols Multi-homed TCP:-by Huitema. This protocol unifies multi homing, mobility and network renumbering support TCP-R By Funato. This protocol implements mobility with TCP options. TCP migrate TCP Multi home options Summary & Conclusion Like TCP • Provides connection establishment • Ensures Reliability • Provisions for ordered and un-ordered data • Provides Congestion Control In addition to TCP features • Provides multi-homing • Provides multi-streaming • Has security features •Well suited for Multimedia but cant replace TCP yet. •Present Implementations of SCTP show promise of improvements. SCTP – References Computer.org (http://www.computer.org/internet/v5n6/w6wire.htm) IETF RFC 2960 (http://www.ietf.org/rfc/rfc2960.txt) Stream Control Transmission Protocol (SCTP): A Reference Guide, R. Stewart and Q. Xie, Addison Wesley IBM.com (http://oss.software.ibm.com/linux/presentations/lwce2002/Chats/SCTP/S CTP-LWE.pdf) 3 questions 1. What are the major differences between TCP and SCTP? Ans:SCTP is message oriented as opposed to being byte stream oriented. SCTP has the concept of an association instead of a connection .Each association can have multiple streams. SCTP separates reliable transfer of Datagram from the delivery mechanism. SCTP supports Multihoming. Ques 2 2. How does Multi streaming work in SCTP? Ans:In SCTP all the streams reside in a single association. For each stream in the association, the SCTP increases the Stream Sequence Number (SSN) for the data chunk generated by the application user .These SSN numbers are used by the receiver to determine the sequence of delivery. The SCTP performs in-sequence delivery per stream. 3. Comparison between SCTP, TCP and UDP. Feature SCTP TCP State required at endpoints Yes Yes Reliable DataTransfer Yes Yes Multi-homed Host Support Yes No Multi-Stream Support Yes No Security against SYN attacks Yes No Unordered Data Delivery Yes No Failure detection (Heartbeat) Yes No UDP No No No No No Yes No