SCTP Multi-Streaming Feature

The term “Stream” in SCTP is derived from the multi-streaming function provided by SCTP. The feature also helps in dividing the data into multiple streams that do not have a limitation to be delivered sequentially. This is also effective in case there is a loss of information in a specific stream the data can be delivered through other streams. This helps in avoiding unwanted delay because of the sequencing (which as a property of the TCP).

This property of SCTP is very helpful in telecom signalling which does not require sequencing.
Another example of possible use of multi-streaming is the delivery of multimedia documents, such as a web page, when done over a single session. Since multimedia documents consist of objects of different sizes and types, multi-streaming allows transport of these components to be partially ordered rather than strictly ordered, and may result
in improved user perception of transport.
SCTP accomplishes multi-streaming by creating independence between data transmission and data delivery. In particular, each payload DATA “chunk” in the protocol uses two sets of sequence numbers, a Transmission Sequence Number that governs the transmission of messages and the detection of message loss, and the Stream ID/Stream
Sequence Number pair, which is used to determine the sequence of delivery of received data.

If a message is received within the affected stream, there will be a corresponding gap in the Stream Sequence Number, while messages from other streams will not show a gap. The receiver can therefore continue to deliver messages to the unaffected streams while buffering messages in the affected stream until retransmission occurs.

Why SCTP is not widely used other than telecom domain?

SCTP is not very much known and not used/deployed a lot because:

  • Widespread: Not widely integrated in TCP/IP stacks (in 2013: still missing natively in latest Mac OSX and Windows)
  • Libraries: Few high level bindings in easy to use languages
  • NAT: Doesn’t cross NAT very well/at all (less than 1% internet home & enterprise routers do NAT on SCTP).
  • Popularity: No general public app use it
  • Programming paradigm: it changed a bit: it’s still a socket, but you can connect many hosts to many hosts (multihoming), datagram is ordered and reliable, erc…
  • Complexity: SCTP stack is complex to implement (due to above)
  • Competition: Multipath TCP is coming and should address multihoming needs / capabilities so people refrain from implementing SCTP if possible, waiting for MTCP
  • Niche: Needs SCTP fills are very peculiar (ordered reliable datagrams, multistream) and not needed by much applications
  • Security: SCTP evades security controls (some firewalls, most IDSes, all DLPs, does not appear on netstat except CentOS/Redhat/Fedora…)
  • Audit-ability: Something like 3 companies in the world routinely do audits of SCTP security (Disclaimer: I work in one of them)
  • Learning curve: Not much toolchain to play with SCTP (check the excellent withsctp that combines nicely with netcat or use socat )

Reference

How SCTP association is created?

In order to transfer the data between 2 SCTP hosts, the both should negotiate and create an association.The SCTP user at an endpoint should use the ASSOCIATE primitive to initialize an SCTP association to another SCTP endpoint. Lets see this flow of information from two hosts (A and B).

SCTP association flow and states
SCTP association flow and states

Flow of information for SCTP Association

  1.  A sends INIT chunk to B – The INIT chunk contains the following information
    • Source Address
    • Destination Address
    • Verification Tag ( A random number marked as TAG_A  ranging from 1 to 4294967295).
  2. After sending the INIT chunk , A starts a timer T1-INIT and enters a COOKIE-WAIT state
  3. B responds with an INIT-ACK chunk
    • Source Address
    • Destination Address
    • Verification Tag (Contains TAG_A and a generated TAG_B)
    • STATE_COOKIE (at this stage B does not accept or respond to any other requests)
  4. When INIT-ACK is received at A, it stops the T1-INIT timer and leaves the COOKIE-WAIT state and then A sends the STATE-COOKIE to the B in the COOKIE-ECHO chunk. A starts the T1-COOKIE timer and enters the COOKIE-ECHOED state
  5. After receiving the COOKIE-ECHO chunk , B replies with the COOKIE-ACK chunk and moves to the ESTABLISHED state
  6. Upon receiving the COOKIE-ACK , A stops the T1-COOKIE timer and will move from COOKIE-ECHOED state to ESTABLISHED state

Why choose SCTP over TCP?

  1. Strict-Ordering : TCP orders the data strictly , which is not required by some of the applications and hence it adds to unwanted delay
  2. Stream Oriented nature : The stream oriented nature of TCP is sometimes unwanted as application might be able to do this on its own.
  3. Limited number of Ports : The port numbers in TCP can create a complicated task to provide high-availability data on the multi-homed hosts.
  4. DOS attacks : TCP is vulnerable to Denial of Service attacks