SCTP(7P)SCTP(7P)NAME
sctp, SCTP - Stream Control Transmission Protocol
SYNOPSIS
#include <sys/socket.h>
#include <netinet/in.h>
s = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP);
s = socket(AF_INET, SOCK_SEQPACKET, IPPROTO_SCTP);
s = socket(AF_INET6, SOCK_STREAM, IPPROTO_SCTP);
s = socket(AF_INET6, SOCK_SEQPACKET, IPPROTO_SCTP);
DESCRIPTIONSCTP is a transport protocol layered above the Internet Protocol (IP),
or the Internet Protocol Version 6 (IPv6). SCTP provides a reliable,
session oriented, flow-controlled, two-way transmission of data. It is
a message- oriented protocol and supports framing of individual mes‐
sages boundaries. An SCTP association is created between two endpoints
for data transfer which is maintained during the lifetime of the trans‐
fer. An SCTP association is setup between two endpoints using a four-
way handshake mechanism with the use of a cookie to guard against some
types of denial of service (DoS) attacks. These endpoints may be repre‐
sented by multiple IP addresses.
An SCTP message includes a common SCTP header followed by one or more
chunks. Included in the common header is a 32-bit field which contains
the checksum (computed using CRC-32c polynomial) of the entire SCTP
packet.
SCTP transfers data payloads in the form of DATA chunks. Each DATA
chunk contains a Transmission Sequence Number (TSN), which governs the
transmission of messages and detection of loss. DATA chunk exchanges
follow the Transmission Control Protocol's (TCP) Selective ACK (SACK)
mechanism. The receiver acknowledges data by sending SACK chunks, which
not only indicate the cumulative TSN range received, but also non-cumu‐
lative TSNs received, implying gaps in the received TSN sequence. SACKs
are sent using the delayed acknowledgment method similar to TCP, that
is, one SCTP per every other received packet with an upper bound on the
delay (when there are gaps detected the frequency is increased to one
every received packet). Flow and congestion control follow TCP algo‐
rithms: Slow Start, Congestion Avoidance, Fast Recovery and Fast
retransmit. But unlike TCP, SCTP does not support half-close connection
and "urgent" data.
SCTP is designed to support a number of functions that are critical for
telephony signalling transport, including multi-streaming. SCTP allows
data to be partitioned into multiple streams that have the property of
independent sequenced delivery so that message loss in any one stream
only affects delivery within that stream. In many applications (partic‐
ularly telephony signalling), it is only necessary to maintain sequenc‐
ing of messages that affect some resource. Other messages may be deliv‐
ered without having to maintain overall sequence integrity. A DATA
chunk on an SCTP association contains the Stream Id/Stream Sequence
Number pair, in addition to the TSN, which is used for sequenced deliv‐
ery within a stream.
SCTP uses IP's host level addressing and adds its own per-host collec‐
tion of port addresses. The endpoints of an SCTP association are iden‐
tified by the combination of IP address(es) and an SCTP port number. By
providing the ability for an endpoint to have multiple IP addresses,
SCTP supports multi-homing, which makes an SCTP association more
resilient in the presence of network failures (assuming the network is
constructed to provided redundancy). For a multi-homed SCTP associa‐
tion, a single address is used as the primary address, which is used as
the destination address for normal DATA chunk transfers. Retransmitted
DATA chunks are sent over alternate address(es) to increase the proba‐
bility of reaching the remote endpoint. Continued failure to send DATA
chunks over the primary address results in selecting an alternate
address as the primary address. Additionally, SCTP monitors the acces‐
sibility of all alternate addresses by sending periodic "heartbeats"
chunks. An SCTP association supports multi-homing by exchanging the
available list of addresses during association setup (as part of its
four-way handshake mechanism). An SCTP endpoint is associated with a
local address using the bind(3SOCKET) call. Subsequently, the endpoint
can be associated with additional addresses using sctp_bindx(3SOCKET).
By using a special value of INADDR_ANY with IP or the unspecified
address (all zeros) with IPv6 in the bind() or sctp_bindx() calls, an
endpoint can be bound to all available IP or IPv6 addresses on the sys‐
tem.
SCTP uses a three-way mechanism to allow graceful shutdown, where each
endpoint has confirmation of the DATA chunks received by the remote
endpoint prior to completion of the shutdown. An Abort is provided for
error cases when an immediate shutdown is needed.
Applications can access SCTP using the socket interface as a
SOCK_STREAM (one-to-one style) or SOCK_SEQPACKET (one-to-many style)
socket type.
One-to-one style socket interface supports similar semantics as sockets
for connection oriented protocols, such as TCP. Thus, a passive socket
is created by calling the listen(3SOCKET) function after binding the
socket using bind(). Associations to this passive socket can be
received using accept(3SOCKET) function. Active sockets use the con‐
nect(3SOCKET) function after binding to initiate an association. If an
active socket is not explicitly bound, an implicit binding is per‐
formed. If an application wants to exchange data during the association
setup phase, it should not call connect(), but use
sendto(3SOCKET)/sendmsg(3SOCKET) to implicitly initiate an association.
Once an association has been established, read(2) and write(2) can used
to exchange data. Additionally, send(3SOCKET), recv(3SOCKET), sendto(),
recvfrom(3SOCKET), sendmsg(), and recvmsg(3SOCKET) can be used.
One-to-many socket interface supports similar semantics as sockets for
connection less protocols, such as UDP (however, unlike UDP, it does
not support broadcast or multicast communications). A passive socket
is created using the listen() function after binding the socket using
bind(). An accept() call is not needed to receive associations to this
passive socket (in fact, an accept() on a one-to-many socket will
fail). Associations are accepted automatically and notifications of
new associations are delivered in recvmsg() provided notifications are
enabled. Active sockets after binding (implicitly or explicitly) need
not call connect() to establish an association, implicit associations
can be created using sendmsg()/recvmsg() or sendto()/recvfrom() calls.
Such implicit associations cannot be created using send() and recv()
calls. On an SCTP socket (one-to-one or one-to-many), an association
may be established using sendmsg(). However, if an association already
exists for the destination address specified in the msg_name member of
the msg parameter, sendmsg() must include the association id in msg_iov
member of the msg parameter (using sctp_sndrcvinfo structure) for a
one-to-many SCTP socket. If the association id is not provided,
sendmsg() fails with EADDRINUSE. On a one-to-one socket the destination
information in the msg parameter is ignored for an established associa‐
tion.
A one-to-one style association can be created from a one-to-many asso‐
ciation by branching it off using the sctp_peeloff(3SOCKET) call;
send() and recv() can be used on such peeled off associations. Calling
close(2) on a one-to-many socket will gracefully shutdown all the asso‐
ciations represented by that one-to-many socket.
The sctp_sendmsg(3SOCKET) and sctp_recvmsg(3SOCKET) functions can be
used to access advanced features provided by SCTP.
SCTP provides the following socket options which are set using setsock‐
opt(3SOCKET) and read using getsockopt(3SOCKET). The option level is
the protocol number for SCTP, available from getprotobyname(3SOCKET).
SCTP_NODELAY
Turn on/off any Nagle-like algorithm (similar to TCP_NODELAY).
SO_RCVBUF
Set the receive buffer.
SO_SNDBUF
Set the send buffer.
SCTP_AUTOCLOSE
For one-to-many style socket, automatically close any association
that has been idle for more than the specified number of seconds. A
value of '0' indicates that no associations should be closed auto‐
matically.
SCTP_EVENTS
Specify various notifications and ancillary data the user wants to
receive.
SCTP_STATUS
Retrieve current status information about an SCTP association.
SCTP_GET_ASSOC_STATS
Gather and reset per endpoint association statistics.
Example Usage:
#include <netinet/sctp.h>
struct sctp_assoc_stats stat;
int rc;
int32_t len = sizeof (stat);
/*
* Per endpoint stats use the socket descriptor for sctp association.
*/
/* Gather per endpoint association statistics */
rc = getsockopt(sd, IPPROTO_SCTP, SCTP_GET_ASSOC_STATS, &stat, &len);
Extract from the modified header file:
sctp.h
/*
* SCTP socket option used to read per endpoint association statistics.
*/
#define SCTP_GET_ASSOC_STATS 24
/*
* A socket user request reads local per endpoint association stats.
* All stats are counts except sas_maxrto, which is the max value
* since the last user request for stats on this endpoint.
*/
typedef struct sctp_assoc_stats {
uint64_t sas_rtxchunks; /* Retransmitted Chunks */
uint64_t sas_gapcnt; /* Gap Acknowledgements Received */
uint64_t sas_maxrto; /* Maximum Observed RTO this period */
uint64_t sas_outseqtsns; /* TSN received > next expected */
uint64_t sas_osacks; /* SACKs sent */
uint64_t sas_isacks; /* SACKs received */
uint64_t sas_octrlchunks; /* Control chunks sent - no dups */
uint64_t sas_ictrlchunks; /* Control chunks received - no dups */
uint64_t sas_oodchunks; /* Ordered data chunks sent */
uint64_t sas_iodchunks; /* Ordered data chunks received */
uint64_t sas_ouodchunks; /* Unordered data chunks sent */
uint64_t sas_iuodchunks; /* Unordered data chunks received */
uint64_t sas_idupchunks; /* Dups received (ordered+unordered) */
} sctp_assoc_stats_t;
MULTIHOMING
The ability of SCTP to use multiple addresses in an association can
create issues with some network utilities. This requires a system
administrator to be careful in setting up the system.
For example, the tcpd allows an administrator to use a simple form of
address/hostname access control. While tcpd can work with SCTP, the
access control part can have some problems. The tcpd access control is
only based on one of the addresses at association setup time. Once as
association is allowed, no more checking is performed. This means that
during the life time of the association, SCTP packets from different
addresses of the peer host can be received in the system. This may not
be what the system administrator wants as some of the peer's addresses
are supposed to be blocked.
Another example is the use of IP Filter, which provides several func‐
tions such as IP packet filtering (ipf(1M)) and NAT ipnat(1M)). For
packet filtering, one issue is that a filter policy can block packets
from some of the addresses of an association while allowing packets
from other addresses to go through. This can degrade SCTP's performance
when failure occurs. There is a more serious issue with IP address re‐
write by NAT. At association setup time, SCTP endpoints exchange IP
addresses. But IP Filter is not aware of this. So when NAT is done on a
packet, it may change the address to an unacceptable one. Thus the
SCTP association setup may succeed but packets cannot go through after‐
wards when a different IP address is used for the association.
SEE ALSOipf(1M), ipnat(1M), ndd(1M), ioctl(2), close(2), read(2), write(2),
accept(3SOCKET), bind(3SOCKET), connect(3SOCKET), getprotoby‐
name(3SOCKET), getsockopt(3SOCKET), libsctp(3LIB), listen(3SOCKET),
recv(3SOCKET), recvfrom(3SOCKET), recvmsg(3SOCKET),
sctp_bindx(3SOCKET), sctp_getladdrs(3SOCKET), sctp_getpaddrs(3SOCKET),
sctp_freepaddrs(3SOCKET), sctp_opt_info(3SOCKET),
sctp_peeloff(3SOCKET), sctp_recvmsg(3SOCKET), sctp_sendmsg(3SOCKET),
send(3SOCKET), sendmsg(3SOCKET), sendto(3SOCKET), socket(3SOCKET),
ipfilter(5), tcp(7P), udp(7P), inet(7P), inet6(7P), ip(7P), ip6(7P)
R. Stewart, Q. Xie, K. Morneault, C. Sharp, H. Schwarzbauer, T. Taylor,
I. Rytina, M. Kalla, L. Zang, V. Paxson, RFC 2960, Stream Control
Transmission Protocol, October 2000
L. Ong, J. Yoakum, RFC 3286, An Introduction to Stream Control Trans‐
mission Protocol (SCTP), May 2002
J. Stone, R. Stewart, D. Otis, RFC 3309, Stream Control Transmission
Protocol (SCTP) Checksum Change, September 2002.
DIAGNOSTICS
A socket operation may fail if:
EPROTONOSUPPORT
The socket type is other than SOCK_STREAM and
SOCK_SEQPACKET.
ETIMEDOUT
An association was dropped due to excessive retrans‐
missions.
ECONNREFUSED
The remote peer refused establishing an association.
EADDRINUSE
A bind() operation was attempted on a socket with a
network address/port pair that has already been
bound to another socket.
EINVAL
A bind() operation was attempted on a socket with an
invalid network address.
EPERM
A bind() operation was attempted on a socket with a
"reserved" port number and the effective user ID of
the process was not the privileged user.
Jul 30, 2009 SCTP(7P)