03a sigtran

1 © Nokia Siemens Networks CN3203EN01GLN00

SIGTRAN


Objectives

On completion of this module the student will be able to:

• Draw SIGTRAN protocol stack and explain the role of each layer

• Describe the function and structure of SCTP messages

• Monitor and explain SIGTRAN messages from signalling monitoring tool (Wireshark)


SS7 and Iu control plane protocol stacks in NSN SGSNs


SIGTRAN Protocol stack options

IP IP

SCTP SCTP

M3UA SUA

SCCP TCAP

TCAP MAP

MAPSS7 MTP3 – User Adaption layer

SS7 SCCP – User Adaption layer


SCTP Functions

association startup and shutdown

sequenced delivery within Streams

user data fragmentation

acknowledgement and congestion avoidance

chunk bundling

packet validation

path management


Key Terms

SCTP Association A protocol relationship between two endpoints

SCTP endpoint The logical sender/receiver of SCTP packets.

SCTP packet The unit of data delivery across the interface between SCTP and the connectionless packet network (e.g. IP)

SCTP user application

The logical higher-layer application entity which uses the services of SCTP, also called the Upper-Layer Protocol.

Chunk A unit of information within an SCTP packet, consisting of a chunk header and chunk-specific content

Bundling An optional multiplexing operation, whereby more than one user message may be carried in the same SCTP packet


Key Terms (cont.)

Message (User Message)

Data submitted to SCTP by the Upper Layer Protocol.

Stream A unidirectional logical channel established from one to another associated SCTP endpoint

Transmission Sequence Number (TSN)

A 32-bit sequence number used internally by SCTP.

Verification Tag An integer used to verify that the SCTP packet belongs to the current association and is not an old or stale packet from a previous association.

Transport address The combination of an IP address and an SCTP port number.

Congestion Window

An SCTP variable that limits the data, in number of bytes, a sender can send to a particular destination transport address before receiving an acknowledgement


SCTP message structure


SCTP Chunk Types -1-

ID Chunk Type Description

0 DATA Data – Used to deliver user data

1 INIT Initiation – This chunk is used to initiate SCTP association between two endpoints.

2 INIT ACK Initiation Acknowledgement – This chunk is used to acknowledge the initiation of an SCTP association.

3 SACK Selective Acknowledge – This chunk is sent to peer endpoint to acknowledge received DATA chunks and to inform the peer endpoint of gaps in the received subsequences of DATA chunks as represented by their TSNs

4 HEARTBEAT Heartbeat Request – An endpoint should send this chunk to its peer endpoint to probe the reachibility of a particular destination transport address defined in the present association.

5 HEARTBEAT ACK

Heartbeat acknowledge – An endpoint should sent this chunk to its peer endpoint as a response to a HEARTBEAT chunk.

6 ABORT Abort – The ABORT chunk is sent to the peer of an association to close the association. This chunk may contain Cause parameter to inform the receiver the reason of the abort.


SCTP Chunk Types -2-

ID Chunk Type Description

7 SHUTDOWN Shutdown – An endpoint in an association must use this chunk to initiate a graceful close of the association with its peer.

8 SHUTDOWN ACK

Shutdown Acknowledgement – This chunk must be used to acknowledge the receipt of the SHUTDOWN chunk at the completion of the shutdown process.

9 ERROR Operational Error – An endpoint sends this chunk to its peer endpoint to notify it of certain error conditions.

10 COOKIE ECHO Cookie Echo – This chunk is used only during the initialization of an association. It is sent by the initiator of an association to its peer to complete the initialization process.

11 COOKIE ACK Cookie Acknowledgement – This chunk is used only during the initialization of an association. It is used to acknowledge the receipt of a COOKIE ECHO chunk.

14 SHUTDOWN COMPLETE

Shutdown Complete – This chunk must be used to acknowledge the receipt of the SHUTDOWN ACK chunk at the completion of the shutdown process.


Association Establishment : Problem with TCP

SYN Request

SYN ACK

ACK

A B

Resource allocated Connection in partial state

SYN Requests

SYN ACK

Attacker Server

Resources allocated Connections in partial state

ACK

Connection established Attacker never sends “ACK” Server overloaded

normal connection establishment „denial of service“ attack


Association Establishment : SCTP mechanism

- Cookie mechanism can prevent denial-of-service attack problem

INIT

INIT ACK

COOKIE ECHO

COOKIE ACK

(Initialisation Tag : Tag_A)

(Initialisation Tag : Tag_B, state cookie)

(state cookie)

Resource

reservation

SCTP client/HLR

SCTP server/SGSN

Resource

reservation


INIT and INIT_ack Chunk

Initial TSN

Number of Inbound Streams Number of Outbound Streams

Advertised Receiver Window Credit

Initiate tag

Optional/Variable-length Parameters

Chunk Length Chunk Flags Type = 1

Initial TSN

Number of Inbound Streams Number of Outbound Streams


Initiate tag

Optional/Variable-length Parameters (state cookie)


INIT Chunk

INIT ACK Chunk


Cookie Echo and Cookie_ack Chunk

Cookie


Chunk Length = 4 Chunk Flags Type = 11

Cookie Echo Chunk

Cookie-ack Chunk

Data in Cookie = Data in the State Cookie parameter value of INIT-ack Chunk


Association Termination: graceful shutdown

SHUTDOWN

SHUTDOWN ACK

SHUTDOWN COMPLETE

SCTP client/HLR

SCTP server/SGSN

(cumulative TSN acknowledgement)

send outstanding data chunks

acknowledge outstanding data chunks

with shutdown-chunk


ABORT, Shutdown, Shutdown_ack, and Shutdown_Complete Chunks

Cumulative TSN Ack



T Chunk Length = 4 Reserved Type = 14

Error Causes

Chunk Length = 8 T Reserved Type = 6

Shutdown_ack Chunk

Shutdown Chunk

Shutdown Complete Chunk

ABORT Chunk


SCTP Streams

- Multiple streams prevent head of line blocking if one SCTP association is used

- Alternatively prevented by using multiple associations

- Stream #0: used for management messages in M3UA

- M3UA supports ≤ 16 data streams, system will use less streams as negotiated by either side

one SCTP association - multiple SCTP streams

Stream #0

Stream #1

Stream #2


Data Transfer : SCTP Multi Streaming and Head of Line Blocking problem in TCP

SCTP Association : SCTP Streams

TCP Connection: TCP Stream

Packet loss in the stream causes all data packet to be blocked. This is called head of line blocking.

Packets are blocked only in one stream. Other streams can sent data normally.

Stream #1

Stream #2

Stream #3


Data Transfer : numbering of DATA chunks in a SCTP association

SCTP association

Stream #1

Stream #2

SSN=4

SSN=3 SSN=2 SSN=1

SSN=3 SSN=2 SSN=1

TSN=7

TSN=6 TSN=5 TSN=3

TSN=4 TSN=2 TSN=1


DATA Chunk

Payload Protocol Identifier

TSN

User Data ( sequence of streams)

Stream Sequence Number SSN

Stream Identifier SI

Length Reserved Type = 0 U B E

U : 1 = unordered message/ 0 = ordered message

B : 1 = Beginning of Fragment/ 0 = Not beginning of Fragment

E : 1 = End of Fragment / 0 = Not End of Fragment

TSN used for Acknowledgement

Stream ID& Stream Seq. No. used for ordered delivery within stream


SACK Chunk

…………………….

…………………………

Duplicate TSN 1

Gap Ack Block # N End

Gap Ack Block #1 End Gap Ack Block#1 Start

Gap Ack Block # N Start

Number of Duplicate TSNs = X Number of Gap Ack Blocks = N


Cumulative TSN Ack

Duplicate TSN X



DATA transfer example

DATA (TSN=7, STRM=0, SEQ=3)

Error free

Error recovery

SCTP SCTP

DATA(TSN=8, SRTM=0, SEQ=4)

SACK (TSN ACK=8, Block=0)




SACK (TSN ACK=9, Block=1, Start=2, End=2)


Sigtran Terms and Concepts

DX200

Association Set (up to 16 associations)

SCTP Association

Signaling Link Set can only contain one "Sigtran link".

"Sigtran link" consists of one SCTP association set.

Signalling point B

IP

Signalling point A

SGSN (Server) HLR (Client)

SMMU_0

SMMU_1

SMMU_2

MCHU

SPC_1

SIGU_0

SIGU_1

SIGU_2

CM

IP Addresses SPC_2

Association is identified by the computer unit and

destination address. Only one association allowed

per computer unit.

Addressing based on SPCs!


SIGTRAN message structure

DATA chunk

Message Type Reserved Message Class

Stream Sequence Number

TSN

Stream Identifier

Payload Protocol Identifier = 3

Version = 1

Chunk Length Chunk Flags Chunk Type = 0

Message Length

Destination Port Number

Protocol Checksum

Fragment Offset Flags

HeaderLength

Type of Service Total length Ver.

Identification

Time to live

Source IP address

Destination IP address

Options (variable length, usually this field is not used)

Source Port Number=2905

Verification Tag

Checksum

Message specific parameters

IPv

4 h

eader

SC

TP

com

mon h

eader

and P

ayl

oad d

ata

M

3U

A c

om

mon h

eader

and p

aylo

ad

data

M3UA

M3UA


M3UA DATA message format example

-DATA message (Class 1 Type 1)

-to transmit MTP3-user payload

Message Type =1 Reserved Message Class=1 Version = 1

Message Length

SLS NI MP

Length

Length = 8 Tag= 0x200

Network Appearance

Tag=0x210

Originating Point Code

Destination Point Code

SI

User Protocol Data


M3UA DUNA and DAVA message format example

-DUNA (Class 2 Type 1)

-Send from SGP to ASP to indicate that SS7 destination are unreachable (“TFP”)

-DAVA (Class 2 Type 2)

-Send from SGP to ASP to indicate that SS7 destinations are now reachable (”TFA”)

Message Type =1 Reserved Message Class = 2 Version = 1

Message Length

Affected PC

Length


Network Appearance

Tag=0x0012

Mask


Message Length

Affected PC

Length


Network Appearance

Tag=0x0012

Mask


M3UA DAUD message format example

-DAUD (Class 2 Type 3)

-Send from ASP to SGP to audit availability/congestion of SS7 routes from SG to affected destinations (“RST”)


Message Length

Affected PC

Length


Network Appearance

Tag=0x0012

Mask


Narrowband SS7 over IP Protocol Stack


Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Update GPRS Location message (1/3)


Example trace of Update GPRS Location Procedure messages in SS7 over IP interface MAP Insert Subscriber Data message (1/4)

03a sigtran

Documents

services of sctp

sctp variable

endpoints sctp endpoint

data data

heartbeat chunk

sctp port number

ip sctp user application

abort chunk