stcn presentation
DESCRIPTION
TRANSCRIPT
SCTP
Presented by:Sutanu PaulCSI 13023MTECH(IT)
TEZPUR UNIVERSITY
CONTENTS• What is SCTP?
• Why not TCP?
• SCTP Services
-Multiple Streams
-Multihoming
-Full-Duplex Communication
-Connection-Oriented Service
-Reliable Service
• SCTP Features
• FOUR Way Hand Shake
• Graceful Shutdown
• Flow Control Mechanism in SCTP
• Congestion Control Mechanism in SCTP
Stream Control Transmission Protocol (SCTP) is a new reliable, message-oriented transport-layer protocol. It combines the best features of UDP and TCP.• Why TCP can’t be used as a common Protocol? TCP provides reliable data transfer and strict order-of-transmission delivery. _ The problem of this approach is that a loss at any point in the stream blocks the delivery of the rest of the data.
– some applications(real time data such as audio or video ) need reliable transfer but not sequence maintenance. They suffer head-of-line (HOL) blocking.
• TCP was never designed to be multi-homed– A multi-homed host is one that has several network cards, and can make use of
a number of IP addresses at the same time.• TCP is relatively vulnerable to denial of service attacks.
– This kind of attacks try to make unavailable one service, by exhausting the resources it uses. One of such well-known attacks is the so-called SYN attack.
SCTP
• Multiple Streams
• Multihoming
• Full-Duplex Communication
• Connection-Oriented Service
• Reliable Service
SCTP SERVICES
• SCTP is a message-oriented, reliable protocol that combines the• best features of UDP and TCP.
Multi-stream SCTP allows multistream service in each connection ,which is called association in SCTP terminology. If one of the streams is blocked, the other streams can still deliver their data. The idea is similar to multiple lanes on a highway, each lane can be used for a different type of traffic.
Multihoming
The following figure depicts a typical multi-homed host• A multi-homed host is one that has several network cards, and
can make use of a number of IP addresses at the same time.
NI-1 NI-2 NI-3
160.15.82.20
161.10.8.221
10.1.61.11
OS
App-2
App-1
App-3
Multihoming (contd)
• A TCP connection involves one source and one destination IP address i.e. even if the sender or receiver is a multihomed ,only one of these IP addresses per end can be utilized during the connection.
• An SCTP association on the other hand support multihoming service. The sender and receiver can define multiple IP addresses in each end for an association
• In this fault-tolerant approach ,when one path fails, another interface can be used for data delivery without interruption.
SCTP Endpoint : An SCTP endpoint can be represented as a list of SCTP transport addresses with the same port:
endpoint = [10.1.4.2, 10.1.5.3 : 80]
NI-1 NI-2 NI-3
160.15.82.20
161.10.8.221
10.1.61.11
Application-1
[161.10.8.221 : 2223]
SCTP Endpoint (contd)
• Application-1 has bound one IP address of the host with the port 2223.
• If a new application is started Application-2, it may legally bind [160.15.82.20 : 2223] or [10.1.61.11 : 2223] or even [160.15.82.20, 10.1.61.11 : 2223]
• The new application will NOT be able to bind the existing SCTP Transport address that Application-1 has bound i.e.: [161.10.8.221 : 2223]
10
• Client and server are connected to two networks with two IP addresses each .They can make an association ,using four different pairs of IP address.
• However in current implementations only one pair of IP addresses can be chosen for normal communication ;the alternative is used if the main fails.
i.e. At present, SCTP does not allow load sharing between different path.
Currently, it is only for fault-tolerance.
• Full-Duplex Communication: data can flow in both the directions.
• Connection-Oriented Service: two SCTP’s establish an association between each other.
• Reliable Service: uses acknowledgement mechanism to check the safe and sound arrival of data.
SCTP SERVICES(contd)
SCTP FEATURES
• Transmission Sequence Number (TSN)
• Stream Identifier (SI)
• Stream Sequence Number (SSN)
• Packets
The unit of data in SCTP is called data chunk. In SCTP, a data chunk is numbered
using a TSN.
• To distinguish between different streams, SCTP uses an SI.
To distinguish between different data chunks belonging to the same stream,
SCTP uses SSNs.
• Data chunks are identified by three identifiers: TSN, SI, and SSN.
• TSN is a cumulative number identifying the association
A scenario:Suppose that process A needs to send 11 messages to
process B in three streams, the first four in first stream, the second three in second stream, and last four in third
stream
• An SCTP packet has a mandatory general header and a set of blocks called chunks. There are two types of chunks: control chunks and data chunks.
PACKET FORMAT
Chunks
FOUR- WAY HANDSHAKE
• The client sends the first packet which contain an INIT chunk.
• The server sends the second packet which contains an INIT ACK chunk.
• The client sends the third packet which includes a COOKIE ECHO chunk, this is a simple chunk that echoes without any change to the cookie sent by the server.
• The server sends the fourth packet, which includes the COOKIE ACK CHUNK that acknowledges the receipt of the COOKIE ECHO chunk.
• It prevents Denial Of Service Attack .
An SCTP association: 4 way handshake
1RTT SYN-ACK
closed
listen
t=0
SYN
SYN sent
ACKdata establishe
d
estab’d
A B
3 way handshake inTCP
SYN recd(TCB created)
SYN
victim Flooded!!
Problem in 3 way handshake :SYN Flooding Attack
in TCP
TCB
TCB
TCB
TCB
TCB
• There is no ACK in response to the SYN-ACK, hence connection remains half-open• Other genuine clients cannot open connections to the victim• The victim is unable to provide service
attackers
128.3.4.5
192.10.2.8
221.3.5.10 SYN
SYN
190.13.4.1
228.3.14.5
130.2.4.15
Unavailable, reserved resources
Graceful Shutdown
SHUTDOWN
SHUTDOWN-ACK
SHUTDOWN-COMPLETE
App signals
shutdownShutdow
n pending
(pending data)
Shutdown sent (pending data)
Shutdown
received
Shutdown-Ack sent
Closed
Closed
A B
• Framing : preserve message boundaries
• Flow Control
– SCTP uses an end-to-end window based flow and congestion control mechanism similar to the one that is used in TCP
• Flow Control for Multi-homed Endpoints – By default, all transmission is done to a previously selected
address from the set of destination addresses, which is called the Primary Address.
– Retransmissions should be done on different paths, so that if one path is overloaded, retransmissions do not affect this path.
• Congestion Control– The congestion control mechanisms for SCTP have been
derived from TCP Congestion Control), and been adapted for multi-homing.
• Slow Start and Congestion Avoidance is used with different parameters for different paths.
References
• Data Communication and Networking by Behrouz A. Forouzan (4th edition)
• Wikipedia
THANK YOU