Sctp protocol details

From: http://wiki.dzsc.com/info/4248.html

 

Sctp is regarded as a Transport Layer Protocol. Its upper layer is sctp user applications, and the lower layer is used as a group network. In the application of the sigtran protocol, the upper-layer sctp user is the adaptation module of SCN signaling (such as m2ua and m3ua), and the lower layer is the IP network.

Directory

• Sctp terminology
• Sctp Functions
• Sctp basic signaling process

Sctp terminology

• 1. Transfer address

  The transfer address is defined by the IP address, transport layer protocol type, and transport layer port number. Because sctp is input and uploaded from an IP address, a sctp transfer address is determined by an IP address and a sctp port number. The sctp port number is used by sctp to identify users at the same address. It is a concept of TCP port number. For example, the IP address 10.105.28.92 and sctp port number 1024 identify a transfer address, while 10.105.28.93 and 1024 identify another transfer address. Similarly, 10.105.28.92 and port number 1023 also identify a different transfer address.

  2. Host and Endpoint

  A host is a typical physical entity with one or more IP addresses.

  Endpoint (sctp endpoint)

  The endpoint is the basic logic concept of sctp. It is the logic sender and receiver of the datagram, and is a typical entity of the collections.

  A transfer address (IP address + sctp port number) uniquely identifies an endpoint. One endpoint can be defined by multiple transfer addresses, but for the same destination endpoint, the IP addresses in these transfer addresses can be configured with multiple, but must use the same sctp port.

  3. even join and stream

  Association coupling is the logical connection or channel for data transmission Established by two sctp endpoints through the 4-step handshake mechanism stipulated by the sctp protocol. The sctp Protocol specifies that only one coupling can be established between two endpoints at any time. Because coupling is defined by the transfer addresses of two endpoints, you can configure the local IP address, local sctp port number, peer IP address, and peer sctp port number through data, it uniquely identifies a sctp coupling. Because of this, in the gtsoftx3000, coupling can be considered as an m2ua link or m3ua link.

  Stream is a special term in sctp. Streams in sctp coupling are used to indicate the sequence of user messages that need to be submitted to the High-layer protocol in sequence. messages in the same stream need to be submitted in their order. Strictly speaking, "stream" is a one-way logical channel from one endpoint to another in sctp coupling. A coupling is composed of multiple unidirectional streams. Each stream is relatively independent and identified by the stream ID. Each stream can send data independently without being affected by other streams.

  4. Path and primary path)

  A path is a route through which an endpoint sends sctp packets to a specific destination address of the Peer vertex. If the group is sent to different destination transfer addresses on the peer end, you do not need to configure a separate path.

  Primary path is the path in which the destination address and source address are sent to the peer point in the sctp group by default.

  If you can use multiple destination addresses as the destination addresses to an endpoint, The sctp endpoint is a multi-attribution. If the destination address and source address are defined when the sctp group endpoint is sent to multiple attribution nodes, the system can better control the paths returned by the response data block and the interfaces sent by the data packet. Two sctp endpoints coupled with one sctp can be configured with multiple IP addresses, so that two coupled endpoints have multiple paths, which is the multi-address nature of sctp coupling. The multi-address nature of sctp coupling is the biggest difference between sctp and TCP.

  One Coupling can include multiple pathways, but only one of them is preferred. 1. MGC (such as gtsoftx3000) has two endpoints (10.11.23.14: 2905 and 10.11.23.15: 2905), while SG has two endpoints (10.11.23.16: 2904 and 10.11.23.17: 2904 ).
  

   

  Figure 1 sctp dual attribution

  The two endpoints determine a coupling. The coupling includes four pathways (path0, path1, path2, and path3 ). Based on the Data configuration, you can determine the selection method of the four channels, as shown in figure 2. Four channels are defined in the figure, and the preferred path is path0: path0: Local transfer address 1 (10.11.23.14: 2905). Send sctp group to peer transfer address 1 (10.11.23.16: 2904 ).

  Path1: The local transfer address 1 (10.11.23.14: 2905) sends the sctp group to the peer transfer address 2 (10.11.23.17: 2904 ).

  Path2: The local IP address 2 (10.11.23.15: 2905) sends the sctp group to the peer IP address 1 (10.11.23.16: 2904 ).

  Path3: The local IP address 2 (10.11.23.15: 2905) sends the sctp group to the peer IP address 2 (10.11.23.17: 2904 ).

  The working principle of sctp sent by the endpoint is: The sctp packet sent by the current endpoint transfer address a is sent to the peer end point through the preferred path. When the first-choice path fails, sctp can automatically switch to another backup path. First, switch the transmission address of the Peer point and switch the transmission address of the local point again.

  Sctp defines heart beat ). When a channel is idle, the local sctp user requires sctp to generate a heartbeat message and send it to the peer node through this channel, the peer node must send the corresponding heartbeat confirmation message immediately. This mechanism is used to accurately measure the loop delay RTT (round trip time), and can monitor coupling availability and maintain sctp coupling activation at any time.
  

   

  Figure 2 determine the Data configuration of the Path Selection Method

  5. TSN and SSN

  Transmission sequence number (TSN) (Transmission sequence number) sctp uses the TSN mechanism for data validation transmission. One end of a coupling allocates a 32-bit sequence number based on the initial TSN for each data block sent by the local end, so that the peer can confirm the sequence when receiving the data block. TSN is maintained based on coupling.

  Stream sequence number SSN (Stream sequence number)

  Sctp assigns a 16-bit SSN to each data block sent by this end in order to ensure the sequential transfer in the stream. When an even link is created, the SSN in all streams starts from 0. When the SSN reaches 65535, the next SSN is 0. The allocation of TSN and SSN is independent of each other.

  6. congestion window cwnd (congestion window)

  Sctp is also a sliding window protocol. Congestion windows are maintained for each destination address and are adjusted according to the network conditions. When the length of the unconfirmed message sent to the destination address exceeds its cwnd, the endpoint stops sending data to the address.

  7. Receive window rwnd (receive window)

  Rwnd is used to describe the size of the receiving buffer of a coupling peer. During the establishment of coupling, both parties will exchange the initial rwnd. Rwnd changes instantly based on data transmission and validation. The size of rwnd limits the size of data that sctp can send. When rwnd is equal to 0, sctp can also send a datagram to confirm that the message is aware of the change in the Peer buffer until the limit of cwnd is reached.

  8. Transmission Control Block TCB (Transmission Control Block)

  TCB is an internal data structure that is generated by a sctp endpoint for each coupling that has been initiated between it and other endpoints. TCB includes all the status and operation information of the endpoint, which facilitates maintenance and management of the coupling.

Sctp Functions

• Sctp functions include: establishment and closure of coupling, delivery of messages in the stream, segmentation of user data, confirmation and avoidance of congestion, Message Block binding, validity of grouping, and channel management.

  Figure sctp

  1. Establishment and closure of Coupling

  The establishment of coupling is initiated by sctp users (such as m2ua and m3ua. In addition, the establishment process is more complex than TCP connections. It is a "four-way handshake" process and uses the "cookie" mechanism. Cookie is a data block that contains the initial information and encrypted information of the endpoint. Both parties need to process and exchange the information before the communication is established. This increases the Protocol Security, prevents dos, camouflage, and other potential attacks. Sctp provides a normal closed program for activation coupling, which must be executed according to the requests of sctp users. Of course, sctp also provides an abnormal (that is, abort) program, the execution of the abort program can be started based on the request of the sctp user, or it can be aborted by the sctp protocol check for business trip errors. Sctp does not support semi-open status (that is, one end can send data after the other end ). No matter which endpoint executes the close program, both ends of the coupling should stop accepting request primitives sent from sctp users.

  2. ordered delivery of in-stream messages

  Sctp provides the Sequential transmission of data packets. The data packets transmitted in sequence must be transmitted in a "stream. Stream is the cornerstone of Sequential transmission. Through the stream, sctp divides data validation and ordered delivery into two different mechanisms. Sctp uses the TSN mechanism to confirm data transmission, and uses the stream number and SSN (Stream sequence number) to achieve orderly data delivery. When sctp receives the SSN continuous data, sctp can submit the data to the sctp user, instead of waiting until the TSN of the data is continuous.

  When a stream is blocked, the expected next continuous sctp user message can be delivered from another stream. Sctp also provides services that are submitted in an unordered manner. The received user messages can be submitted to sctp users immediately in this way, without the need to ensure their receipt order.

  3. User data segmentation

  Sctp detects the maximum PMTU (path maximum transmission unit) in the transmission path to package ultra-large user data in the sctp layer, avoiding multiple fragments and restructuring at the IP layer, this reduces the data burden on the IP layer.

  On the sender side, sctp can shard large user datagram to ensure that the MTU (maximum transmission unit) is an appropriate path when the sctp datagram is passed to the lower layer ).

  At the receiving end, sctp reassembles the parts into a complete user datagram, and then transmits it to the sctp user.

  4. Confirm and avoid congestion

  Verification and retransmission are protocols that ensure transmission reliability, and the same applies to sctp. The validation mechanism is the cornerstone of sctp to ensure transmission reliability. To avoid congestion, follow the TCP Window Mechanism for proper traffic control. ??

  Sctp allocates a sequence number (TSN) for data (User Datagram with or without data sharding) before it is sent to the underlying layer ).

  The TSN and SSN are independent of each other. The TSN is used to ensure transmission reliability, and the SSN is used to ensure the ordered transmission of messages in the stream.

  The TSN and SSN feature separates reliable transmission from Sequential transmission. The receiving end confirms all received tsns, even if some of them have not yet been received.

  The re-transmission function is responsible for TSN validation and congestion elimination.

  5. Message Block binding

  If user data with a short length is carried with a large sctp message header, the transmission efficiency is very low. Therefore, sctp binds several user data to a single sctp message for transmission, to improve the bandwidth utilization.

  A sctp group consists of a public group header and one or more information blocks. The information block can be user data or sctp control information.

  Sctp users can use the bundle function to determine whether to bind multiple user datagram to a single sctp group.

  To improve efficiency, the bundling function may still be executed even if the user has disabled bundling.

  6. Group Validity

  The validity of the group is the cornerstone of sctp's error-free transmission. The common grouping header of the sctp group contains a verification tag and an optional 32-bit checksum ). The value of the verification tag is selected at the start of the coupling. If the received group does not have the expected verification tag value, the acceptor discards the group to prevent attacks and invalid sctp groups. The verification code is set by the sender of the sctp group to provide additional protection to avoid data errors caused by the network. The acceptor discards sctp groups that contain invalid verification codes.

  7. Path Management

  The sender sctp user can use a group of shipping addresses as the destination of the sctp group. The sctp management function selects a destination transfer address for each sent sctp group based on the sctp user's instructions and the accessibility status of the currently qualified destination set. When other packets cannot fully indicate accessibility, the path management function can monitor the accessibility of a destination address through heartbeat messages. When the accessibility of any peer transfer address changes, provides sctp users with instructions. The path function is also used to report a set of valid local transfer addresses to the peer end when the peer connection is established, and report the transfer addresses returned from the peer end to the local sctp user. When an even connection is established, a preferred path is defined for each sctp endpoint to send sctp packets normally.

  At the receiving end, the path management function is used to verify the existence of the coupling of the inbound sctp group before processing the sctp group.

Sctp basic signaling process

• 1. Connection establishment and transmission process

  Sctp endpoint A starts to establish coupling and sends a user message to endpoint B. Then, endpoint B sends two user messages to. (Assume that these messages are not bundled and segmented ). The signaling process 1 is shown.
  

   

  Figure 1 process message interaction diagram created by coupling

  (1) Endpoint A creates a Data Structure TCB (Transmission Control Block) to describe the coupling to be initiated (including the basic information of coupling), and then sends the init data block to endpoint B. The following parameters are included in the init data block:

  Initiate Tag: peer verification tag, for example, set to tag_a. Tag_a is a random number from 1 to 4294967295.

  Output stream quantity (OS): the maximum number of outgoing streams expected by the current endpoint.

  Input stream quantity (MIS): the maximum number of inbound streams allowed by this endpoint.

  (2) After receiving the init message, endpoint B immediately responds with the init ack data block. The init ack data block must contain the following parameters:

  Destination IP Address: Set it to the origin IP address of the init data block.

  Initiate Tag: Set to tag_ B.

  State COOKIE: a TCB is generated based on the basic information of the coupling. This TCB is a temporary TCB. After the TCB is generated, it includes the necessary information (including the timestamp generated by a cookie and the life cycle of the cookie) and a local key is calculated into a 32-bit digest Mac using the algorithm described in rfc2401 (this calculation is irreversible ). Combine necessary information and Mac information into the State cookie parameter.

  This endpoint transfer address.

  The maximum number of inbound streams.

  The maximum number of outbound streams.

  (3) After receiving the init ACK, Terminal A First stops the init timer and leaves the cookie-Wait Status. Then, it sends the cookie echo data block and brings back the original state cookie parameter in the init ack data block. End Point A starts the cookie timer and enters the cookie-echoed state.

  (4) After receiving the cookie echo data block, endpoint B performs cookie verification. Calculate the TCB portion of the state cookie and the local key based on the rfc2401 MAC Algorithm, and compare the Mac contained in the obtained Mac and State cookie. If the message is different, the message is discarded. if the message is the same, the time stamp of the TCB part is taken out, which is compared with the current time to check whether the time has exceeded the Cookie's life cycle. If yes, it is also discarded. Otherwise, a coupling with end a is established based on the information in TCB. Endpoint B migrates the status to established and issues the cookie ack data block. Endpoint B sends scommunciation up notifications to sctp users.

  (5) Endpoint A sends a data block to endpoint B and starts the T3-RTS timer. The data block must contain the following parameters:

  TSN: the initial TSN of the data block.

  Stream identifier: the stream of user data. It is assumed that the stream ID is 0.

  Stream sequence number: the sequential number of user data in the stream. This field ranges from 0 to 65535.

  User Data: carries the user data net load.

  (6) After receiving the data block, endpoint B returns the sack data block. The sack data block must contain the following parameters:

  Cumulative TSN ack: the initial TSN of endpoint.

  Gap ack block: The value is 0. When endpoint A receives the sack data block, it stops the T3-RTX timer.

  (7) Endpoint B sends the first data block to endpoint. Data blocks must contain the following parameters:

  TSN: the initial TSN of the data block sent by endpoint B.

  Stream identifier: the stream of user data. It is assumed that the stream ID is 0.

  Stream sequence number: the sequential number of user data in the stream. Assume that the stream sequence code is 0.

  User Data: carries the user data net load.

  (8) Endpoint B sends the second data block to endpoint. Data blocks must contain the following parameters:

  TSN: the initial TSN + 1 of the data block sent by endpoint B.

  Stream identifier: the stream of user data. It is assumed that the stream ID is 0.

  Stream sequence number: the sequential number of user data in the stream. The stream sequence code is 1.

  User Data: carries the user data net load.

  (9) After receiving the data block, endpoint a returns the sack data block. The sack data block must contain the following parameters:

  Cumulative TSN ack: the initial TSN of endpoint B.

  Gap ack block: The value is 0.

  2 coupling close Process

  When an endpoint exits the service, it needs to stop its coupling. The stop of coupling uses two processes: the stop process of coupling (abnormal close) and the normal close process of coupling. The suspension of coupling (abnormal shutdown) can be performed during any unfinished period. both ends of the coupling discard the data and do not submit the data to the peer end. This method does not consider data security. The process for terminating coupling is relatively simple: the initiator sends an abort data block to the peer vertex, and the verification label of the Peer vertex must be filled in the sctp group to be sent, in addition, no data is bound to the abort data block. The receiving endpoint checks the verification label after receiving the abort data block. If the verification label is the same as the local verification label, the receiving endpoint clears the coupling from the recording and reports the end of the coupling to the sctp user.

  Normally Closed coupling: When any endpoint executes a normally closed program, both ends of the coupling stop accepting new data sent from its sctp user, and when the shutdown data block is sent or received, submit the data in the group to the sctp user. The closure of coupling ensures that unsent and unconfirmed data are sent and confirmed at both ends before the coupling ends.
  

   

  Figure 2 disable message interaction after Coupling

  The steps for disabling coupling are as follows:

  (1) The reason why the sctp user of the initiator A sends a shutdown request to sctp is disabled in coupling mode. Sctp coupling is moved from the established state to the shutdown-pending state. In this status, sctp does not accept any data sending requests from sctp users on this coupling. At the same time, wait for all unconfirmed data sent by endpoint A to be confirmed by endpoint B. When unverified data is sent by all endpoint A, the shutdown data block is sent to endpoint B. Endpoint A starts the T2-shutdown timer into shutdown-sent state. The purpose of starting the T2-shutdown timer is to wait for the SHUTDOWN-ACK data block sent back by endpoint B, and if the timer times out, endpoint A Must resend the shutdown data block.

  (2) After receiving the shutdown message, endpoint B enters the SHOUTDOWN-RECEIVED state, no longer receives new data from the sctp user, and checks the accumulated TSN ACK segment of the data block, verify that all unfinished data blocks have been received by the shutdown sender. When all unsent data and unconfirmed data are sent and confirmed by endpoint B, send the shutdown ack data block, start the local T2-SHUTDOWN timer, and enter the SHUTDOWN-ACK-SENT status. If the timer times out, end B resends the shutdown ack data block.

  (3) After receiving the shutdown ACK message, end a stops the T2-shutdown timer, and sends the shutdown complete data block to end B, and clears all records of coupling. After receiving the shutdown complete data block, endpoint B verifies that it is in the SHUTDOWN-ACK-SENT state. If not, the data block is discarded; if the endpoint is in the SHUTDOWN-ACK-SENT state, endpoint B stops the T2-shutdown timer and clears all records of coupling into the closed state.