Why SCTP is not widely used other than telecom domain?

SCTP is not very much known and not used/deployed a lot because:

  • Widespread: Not widely integrated in TCP/IP stacks (in 2013: still missing natively in latest Mac OSX and Windows)
  • Libraries: Few high level bindings in easy to use languages
  • NAT: Doesn’t cross NAT very well/at all (less than 1% internet home & enterprise routers do NAT on SCTP).
  • Popularity: No general public app use it
  • Programming paradigm: it changed a bit: it’s still a socket, but you can connect many hosts to many hosts (multihoming), datagram is ordered and reliable, erc…
  • Complexity: SCTP stack is complex to implement (due to above)
  • Competition: Multipath TCP is coming and should address multihoming needs / capabilities so people refrain from implementing SCTP if possible, waiting for MTCP
  • Niche: Needs SCTP fills are very peculiar (ordered reliable datagrams, multistream) and not needed by much applications
  • Security: SCTP evades security controls (some firewalls, most IDSes, all DLPs, does not appear on netstat except CentOS/Redhat/Fedora…)
  • Audit-ability: Something like 3 companies in the world routinely do audits of SCTP security (Disclaimer: I work in one of them)
  • Learning curve: Not much toolchain to play with SCTP (check the excellent withsctp that combines nicely with netcat or use socat )

Reference

How SCTP association is created?

In order to transfer the data between 2 SCTP hosts, the both should negotiate and create an association.The SCTP user at an endpoint should use the ASSOCIATE primitive to initialize an SCTP association to another SCTP endpoint. Lets see this flow of information from two hosts (A and B).

SCTP association flow and states
SCTP association flow and states

Flow of information for SCTP Association

  1.  A sends INIT chunk to B – The INIT chunk contains the following information
    • Source Address
    • Destination Address
    • Verification Tag ( A random number marked as TAG_A  ranging from 1 to 4294967295).
  2. After sending the INIT chunk , A starts a timer T1-INIT and enters a COOKIE-WAIT state
  3. B responds with an INIT-ACK chunk
    • Source Address
    • Destination Address
    • Verification Tag (Contains TAG_A and a generated TAG_B)
    • STATE_COOKIE (at this stage B does not accept or respond to any other requests)
  4. When INIT-ACK is received at A, it stops the T1-INIT timer and leaves the COOKIE-WAIT state and then A sends the STATE-COOKIE to the B in the COOKIE-ECHO chunk. A starts the T1-COOKIE timer and enters the COOKIE-ECHOED state
  5. After receiving the COOKIE-ECHO chunk , B replies with the COOKIE-ACK chunk and moves to the ESTABLISHED state
  6. Upon receiving the COOKIE-ACK , A stops the T1-COOKIE timer and will move from COOKIE-ECHOED state to ESTABLISHED state

Why choose SCTP over TCP?

  1. Strict-Ordering : TCP orders the data strictly , which is not required by some of the applications and hence it adds to unwanted delay
  2. Stream Oriented nature : The stream oriented nature of TCP is sometimes unwanted as application might be able to do this on its own.
  3. Limited number of Ports : The port numbers in TCP can create a complicated task to provide high-availability data on the multi-homed hosts.
  4. DOS attacks : TCP is vulnerable to Denial of Service attacks

Multihoming

What is Multihoming?

In the IP terminology, a host is called multi-homed if it can be addressed by multiple IP addresses. Multihoming is used only for recovering from network failures  and is not used, for example, for load balancing.

SCTP Association explaining multihoming
SCTP Association explaining multihoming

How multihoming is used in SCTP?

To make full use of the SCTP multi-homing, the host also needs to support multiple network interfaces,each of which has to be configured to work in a different sub-network.The SCTP implementation supports two paths per association. Normally data is sent through the primary path. If a network failure occurs in the primary network, SCTP resends unacknowledged data through the secondary path automatically. The application cannot see which path is used and it does not affect sending of data traffic in application level either. In this case, the SCTP stack takes care of all the details.The SCTP association works normally so that data runs through the primary path and SCTP heart beat runs through the secondary path . If something unexpected happens in the primary path, the SCTP usually has an alternative path available. The SCTP monitors a condition of the secondary
path all the time by using a heartbeat message. The following figure describes how the SCTP re-transmission works when both the primary and the secondary paths failed. The retransmission procedure starts always the same way; the first retransmission is done through the secondary path. The example above is based on the following SCTP parameters

SCTP : Introduction

What is SCTP?

SCTP – Stream control transport protocol is a transport layer protocol just like TCP and UDP.

The protocol was defined by the IETF Signaling Transport (SIGTRAN) working group in 2000,and is maintained by the IETF Transport Area (TSVWG) working group.

  1. SCTP is a unicast protocol, and supports data exchange between exactly 2 endpoints, although these may be represented by multiple IP addresses.
  2. SCTP provides reliable transmission, detecting when data is discarded, reordered, duplicated or corrupted, and retransmitting damaged data as necessary.
  3. SCTP transmission is full duplex.
  4. SCTP is message oriented and supports framing of individual message boundaries. In comparison, TCP is byte oriented and does not preserve any implicit structure within a transmitted byte stream without enhancement.
  5. SCTP is rate adaptive similar to TCP, and will scale back data transfer to the prevailing load conditions in the network. It is designed to behave cooperatively with TCP sessions attempting to use the same bandwidth.