SCTP Multi-Streaming Feature

The term “Stream” in SCTP is derived from the multi-streaming function provided by SCTP. The feature also helps in dividing the data into multiple streams that do not have a limitation to be delivered sequentially. This is also effective in case there is a loss of information in a specific stream the data can be delivered through other streams. This helps in avoiding unwanted delay because of the sequencing (which as a property of the TCP).

This property of SCTP is very helpful in telecom signalling which does not require sequencing.
Another example of possible use of multi-streaming is the delivery of multimedia documents, such as a web page, when done over a single session. Since multimedia documents consist of objects of different sizes and types, multi-streaming allows transport of these components to be partially ordered rather than strictly ordered, and may result
in improved user perception of transport.
SCTP accomplishes multi-streaming by creating independence between data transmission and data delivery. In particular, each payload DATA “chunk” in the protocol uses two sets of sequence numbers, a Transmission Sequence Number that governs the transmission of messages and the detection of message loss, and the Stream ID/Stream
Sequence Number pair, which is used to determine the sequence of delivery of received data.

If a message is received within the affected stream, there will be a corresponding gap in the Stream Sequence Number, while messages from other streams will not show a gap. The receiver can therefore continue to deliver messages to the unaffected streams while buffering messages in the affected stream until retransmission occurs.

Why SCTP is not widely used other than telecom domain?

SCTP is not very much known and not used/deployed a lot because:

  • Widespread: Not widely integrated in TCP/IP stacks (in 2013: still missing natively in latest Mac OSX and Windows)
  • Libraries: Few high level bindings in easy to use languages
  • NAT: Doesn’t cross NAT very well/at all (less than 1% internet home & enterprise routers do NAT on SCTP).
  • Popularity: No general public app use it
  • Programming paradigm: it changed a bit: it’s still a socket, but you can connect many hosts to many hosts (multihoming), datagram is ordered and reliable, erc…
  • Complexity: SCTP stack is complex to implement (due to above)
  • Competition: Multipath TCP is coming and should address multihoming needs / capabilities so people refrain from implementing SCTP if possible, waiting for MTCP
  • Niche: Needs SCTP fills are very peculiar (ordered reliable datagrams, multistream) and not needed by much applications
  • Security: SCTP evades security controls (some firewalls, most IDSes, all DLPs, does not appear on netstat except CentOS/Redhat/Fedora…)
  • Audit-ability: Something like 3 companies in the world routinely do audits of SCTP security (Disclaimer: I work in one of them)
  • Learning curve: Not much toolchain to play with SCTP (check the excellent withsctp that combines nicely with netcat or use socat )


How SCTP association is created?

In order to transfer the data between 2 SCTP hosts, the both should negotiate and create an association.The SCTP user at an endpoint should use the ASSOCIATE primitive to initialize an SCTP association to another SCTP endpoint. Lets see this flow of information from two hosts (A and B).

SCTP association flow and states
SCTP association flow and states

Flow of information for SCTP Association

  1.  A sends INIT chunk to B – The INIT chunk contains the following information
    • Source Address
    • Destination Address
    • Verification Tag ( A random number marked as TAG_A  ranging from 1 to 4294967295).
  2. After sending the INIT chunk , A starts a timer T1-INIT and enters a COOKIE-WAIT state
  3. B responds with an INIT-ACK chunk
    • Source Address
    • Destination Address
    • Verification Tag (Contains TAG_A and a generated TAG_B)
    • STATE_COOKIE (at this stage B does not accept or respond to any other requests)
  4. When INIT-ACK is received at A, it stops the T1-INIT timer and leaves the COOKIE-WAIT state and then A sends the STATE-COOKIE to the B in the COOKIE-ECHO chunk. A starts the T1-COOKIE timer and enters the COOKIE-ECHOED state
  5. After receiving the COOKIE-ECHO chunk , B replies with the COOKIE-ACK chunk and moves to the ESTABLISHED state
  6. Upon receiving the COOKIE-ACK , A stops the T1-COOKIE timer and will move from COOKIE-ECHOED state to ESTABLISHED state

Why choose SCTP over TCP?

  1. Strict-Ordering : TCP orders the data strictly , which is not required by some of the applications and hence it adds to unwanted delay
  2. Stream Oriented nature : The stream oriented nature of TCP is sometimes unwanted as application might be able to do this on its own.
  3. Limited number of Ports : The port numbers in TCP can create a complicated task to provide high-availability data on the multi-homed hosts.
  4. DOS attacks : TCP is vulnerable to Denial of Service attacks


What is Multihoming?

In the IP terminology, a host is called multi-homed if it can be addressed by multiple IP addresses. Multihoming is used only for recovering from network failures  and is not used, for example, for load balancing.

SCTP Association explaining multihoming
SCTP Association explaining multihoming

How multihoming is used in SCTP?

To make full use of the SCTP multi-homing, the host also needs to support multiple network interfaces,each of which has to be configured to work in a different sub-network.The SCTP implementation supports two paths per association. Normally data is sent through the primary path. If a network failure occurs in the primary network, SCTP resends unacknowledged data through the secondary path automatically. The application cannot see which path is used and it does not affect sending of data traffic in application level either. In this case, the SCTP stack takes care of all the details.The SCTP association works normally so that data runs through the primary path and SCTP heart beat runs through the secondary path . If something unexpected happens in the primary path, the SCTP usually has an alternative path available. The SCTP monitors a condition of the secondary
path all the time by using a heartbeat message. The following figure describes how the SCTP re-transmission works when both the primary and the secondary paths failed. The retransmission procedure starts always the same way; the first retransmission is done through the secondary path. The example above is based on the following SCTP parameters