WDIFF

draft-ietf-sigtran-sctp-09.txt --> draft-ietf-sigtran-sctp-10.txt

expires in six months April 19,2000 June 16,2000

Stream Control Transmission Protocol
<draft-ietf-sigtran-sctp-09.txt>
<draft-ietf-sigtran-sctp-10.txt>

Status of This Memo

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC 2026. [RFC2026]. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

Stewart, et al [Page 1]

Internet Draft Stream Control Transmission Protocol April June 2000

Abstract

This document describes the Stream Control Transmission Protocol
(SCTP). SCTP is designed to transport PSTN signaling messages over
IP networks, but is capable of broader applications.

SCTP is a reliable datagram transfer transport protocol operating on top of an
unreliable routed a
connectionless packet network such as IP. It offers the following
services to its users:

-- acknowledged error-free non-duplicated transfer of user data,
-- data segmentation fragmentation to conform to discovered path MTU size,
-- sequenced delivery of user messages within multiple streams,
with an option for order-of-arrival delivery of individual
user messages,
-- optional multiplexing bundling of multiple user messages into a single SCTP datagrams,
packet, and
-- network-level fault tolerance through supporting of multi-homing
at either or both ends of an association.

The design of SCTP includes appropriate congestion avoidance behavior
and resistance to flooding and masquerade attacks.

Stewart, et al [Page 2]

Internet Draft Stream Control Transmission Protocol April 2000

TABLE OF CONTENTS

1. Introduction..................................................5 Introduction.................................................. 5
1.1 Motivation..................................................5 Motivation.................................................. 5
1.2 Architectural View of SCTP..................................5 SCTP.................................. 6
1.3 Functional View of SCTP.....................................6 SCTP..................................... 6
1.3.1 Association Startup and Takedown........................7 Takedown........................ 7
1.3.2 Sequenced Delivery within Streams.......................7 Streams....................... 8
1.3.3 User Data Segmentation..................................8 Fragmentation................................. 8
1.3.4 Acknowledgment Acknowledgement and Congestion Avoidance.................8 Avoidance................ 8
1.3.5 Chunk Multiplex.........................................8 Bundling ......................................... 8
1.3.6 Message Validation......................................8 Packet Validation....................................... 9
1.3.7 Path Management.........................................9 Management......................................... 9
1.4 Recapitulation of Key Terms.................................9 Terms................................................... 10
1.5 Abbreviations...............................................11 Abbreviations............................................... 12
1.6 Serial Number Arithmetic.................................... 13
2. Conventions....................................................11 Conventions.................................................... 13
3. SCTP Datagram Format..........................................12 packet Format............................................ 13

Stewart, et al [Page 2]

Internet Draft Stream Control Transmission Protocol June 2000

3.1 SCTP Common Header Field Descriptions.......................12 Descriptions....................... 14
3.2 Chunk Field Descriptions....................................13 Descriptions.................................... 15
3.2.1 Optional/Variable-length Parameter Format...............14
3.2.2 Vendor-Specific Extension Parameter Format..............15 Format............... 17
3.3 SCTP Chunk Definitions......................................17 Definitions...................................... 18
3.3.1 Payload Data (DATA)..................................... 18
3.3.2 Initiation (INIT).......................................17
3.3.1.1 (INIT)....................................... 20
3.3.2.1 Optional or Variable Length Parameters..............19
3.3.2 Parameters.............. 23
3.3.3 Initiation Acknowledgment Acknowledgement (INIT ACK)....................20
3.3.2.1 ACK)................... 25
3.3.3.1 Optional or Variable Length Parameters..............21
3.3.3 Selective Acknowledgment (SACK).........................22 Parameters.............. 28
3.3.4 Selective Acknowledgement (SACK)........................ 28
3.3.5 Heartbeat Request (HEARTBEAT)...........................25
3.3.5 (HEARTBEAT)........................... 31
3.3.6 Heartbeat Acknowledgment Acknowledgement (HEARTBEAT ACK)................26
3.3.6 ACK)............... 32
3.3.7 Abort Association (ABORT)...............................26
3.3.7 (ABORT)............................... 33
3.3.8 Shutdown Association (SHUTDOWN).........................27
3.3.8 (SHUTDOWN)......................... 34
3.3.9 Shutdown Acknowledgment Acknowledgement (SHUTDOWN ACK)..................28
3.3.9 ACK)................. 34
3.3.10 Operation Error (ERROR).................................28
3.3.10 State (ERROR)................................ 35
3.3.10.1 Invalid Stream Identifier.......................... 36
3.3.10.2 Missing Mandatory Parameter........................ 36
3.3.10.3 Stale Cookie Error................................. 37
3.3.10.4 Out of Resource.................................... 37
3.3.10.5 Unresolvable Address............................... 38
3.3.10.6 Unrecognized Chunk Type............................ 38
3.3.10.7 Invalid Mandatory Parameter........................ 38
3.3.10.8 Unrecognized Parameters............................ 39
3.3.10.9 No User Data....................................... 39
3.3.10.10 Cookie (COOKIE)..................................30 Received While Shutting Down............... 39
3.3.11 Cookie Acknowledgment Echo (COOKIE ACK).....................31 ECHO).............................. 40
3.3.12 Payload Data (DATA)....................................31
3.4 Vendor-Specific Chunk Extensions............................33 Cookie Acknowledgement (COOKIE ACK).................... 40
3.3.13 Shutdown Complete (SHUTDOWN COMPLETE).................. 41
4. SCTP Association State Diagram.................................34 Diagram................................. 41
5. Association Initialization.....................................36 Initialization..................................... 44
5.1 Normal Establishment of an Association......................37 Association...................... 45
5.1.1 Handle Stream Parameters................................39 Parameters................................ 46
5.1.2 Handle Address Parameters...............................39 Parameters............................... 47
5.1.3 Generating State Cookie.................................39 Cookie................................. 48
5.1.4 State Cookie Processing.......................................40 Processing................................. 49
5.1.5 State Cookie Authentication...................................40 Authentication............................. 49
5.1.6 An Example of Normal Association Establishment..........41 Establishment.......... 50
5.2 Handle Duplicate or unexpected INIT, INIT ACK, COOKIE, COOKIE ECHO,
and COOKIE ACK.....42 ACK.............................................. 51
5.2.1 Handle Duplicate INIT in COOKIE-WAIT
or COOKIE-SENT States...................................43 COOKIE-ECHOED States................................. 52
5.2.2 Handle Duplicate Unexpected INIT in States Other States...................43 than CLOSED,
COOKIE-ECHOED and COOKIE-WAIT........................... 52
5.2.3 Handle Duplicate Unexpected INIT ACK...............................43 ACK..................................... 53
5.2.4 Handle Duplicate COOKIE.................................43 a COOKIE ECHO when a TCB exists.................. 53
5.2.5 Handle Duplicate COOKIE-ACK.............................45 COOKIE ACK............................. 55
5.2.6 Handle Stale COOKIE Error...............................45
5.3 Other Initialization Issues.................................45 Error............................... 55

Stewart, et al [Page 3]

Internet Draft Stream Control Transmission Protocol April June 2000

5.3 Other Initialization Issues................................. 56
5.3.1 Selection of Tag Value..................................45 Value.................................. 56
6. User Data Transfer.............................................46 Transfer............................................. 56
6.1 Transmission of DATA Chunks.................................47 Chunks................................. 57
6.2 Acknowledgment of Acknowledgement on Reception of DATA Chunks..................48 Chunks................. 59
6.2.1 Tracking Peer's Receive Buffer Space....................49 Space.................... 61
6.3 Management Retransmission Timer.............................50 Timer............................. 62
6.3.1 RTO Calculation.........................................50 Calculation......................................... 63
6.3.2 Retransmission Timer Rules..............................51 Rules.............................. 64
6.3.3 Handle T3-rxt Expiration................................52 T3-rtx Expiration................................ 65
6.4 Multi-homed SCTP Endpoints..................................53 Endpoints.................................. 66
6.4.1 Failover from Inactive Destination Address..............54 Address.............. 66
6.5 Stream Identifier and Stream Sequence Number................54 Number................ 67
6.6 Ordered and Un-ordered Delivery.............................54 Unordered Delivery.............................. 67
6.7 Report Gaps in Received DATA TSNs...........................55 TSNs........................... 68
6.8 Adler-32 Checksum Calculation...............................56 Calculation............................... 69
6.9 Segmentation................................................57 Fragmentation............................................... 70
6.10 Bundling and Multiplexing..................................58 .................................................. 71
7. Congestion Control ..........................................58 .......................................... 71
7.1 SCTP Differences from TCP Congestion Control................59 Control................ 72
7.2 SCTP Slow-Start and Congestion Avoidance....................59 Avoidance.................... 73
7.2.1 Slow-Start..............................................60 Slow-Start.............................................. 73
7.2.2 Congestion Avoidance....................................61 Avoidance.................................... 74
7.2.3 Congestion Control......................................61 Control...................................... 75
7.2.4 Fast Retransmit on Gap Reports..........................62 Reports.......................... 75
7.3 Path MTU Discovery..........................................63 Discovery.......................................... 76
8. Fault Management..............................................64 Management.............................................. 77
8.1 Endpoint Failure Detection..................................64 Detection.................................. 77
8.2 Path Failure Detection......................................64 Detection...................................... 78
8.3 Path Heartbeat..............................................65 Heartbeat.............................................. 78
8.4 Handle "Out of the blue" Packets............................66 Packets............................ 80
8.5 Verification Tag............................................67 Tag............................................ 81
8.5.1 Exceptions in Verification Tag Rules....................67 Rules.................... 81
9. Termination of Association.....................................68 Association..................................... 82
9.1 Close Abort of an Association.....................................68 Association..................................... 82
9.2 Shutdown of an Association..................................68 Association.................................. 83
10. Interface with Upper Layer....................................69 Layer.................................... 85
10.1 ULP-to-SCTP................................................70 ULP-to-SCTP................................................ 85
10.2 SCTP-to-ULP................................................78 SCTP-to-ULP................................................ 94
11. Security Considerations.......................................82 Considerations....................................... 97
11.1 Security Objectives........................................82 Objectives........................................ 97
11.2 SCTP Responses To Potential Threats........................82 Threats........................ 97
11.2.1 Countering Insider Attacks.............................82 Attacks............................. 97
11.2.2 Protecting against Data Corruption in the Network......83 Network...... 97
11.2.3 Protecting Confidentiality.............................83 Confidentiality............................. 98
11.2.4 Protecting against Blind Denial of Service Attacks.....83 Attacks..... 98
11.2.4.1 Flooding...........................................84 Flooding........................................... 98
11.2.4.2 Masquerade.........................................84 Masquerade......................................... 99

Stewart, et al [Page 4]

Internet Draft Stream Control Transmission Protocol June 2000

11.2.4.3 Improper Monopolization of Services................85 Services................100
11.3 Protection against Fraud and Repudiation...................85 Repudiation...................100
12. Recommended Transmission Control Block (TCB) Parameters.......86 Parameters.......101
12.1 Parameters necessary for the SCTP instance.................86 instance.................101
12.2 Parameters necessary per association (i.e. the TCB)........87 TCB)........101
12.3 Per Transport Address Data.................................88 Data.................................103
12.4 General Parameters Needed..................................89 Needed..................................104
13. IANA Consideration............................................89 Consideration............................................104
13.1 IETF-defined Chunk Extension...............................89 Extension...............................104
13.2 IETF-defined Chunk Parameter Extension.....................90
13.3 IETF-defined Additional Error Causes.......................91
13.4 Causes.......................105
13.3 Payload Protocol Identifiers...............................92
Stewart, et al [Page 4]

Internet Draft Stream Control Transmission Protocol April 2000 Identifiers...............................105
14. Suggested SCTP Protocol Parameter Values......................92 Values......................106
15. Acknowledgments...............................................92 Acknowledgements..............................................106
16. Authors' Addresses............................................93 Addresses............................................106
17. References....................................................94 References....................................................107
18. Bibliography..................................................108
Appendix A .......................................................95 .......................................................109
Appendix B .......................................................110

1. Introduction

This section explains the reasoning behind the development of the
Stream Control Transmission Protocol (SCTP), the services it offers,
and the basic concepts needed to understand the detailed description
of the protocol.

1.1 Motivation

TCP [8] [RFC793] has performed immense service as the primary means of
reliable data transfer in IP networks. However, an increasing number of
recent applications have found TCP too limiting, and have incorporated
their own reliable data transfer protocol on top of UDP [9]. [RFC768]. The
limitations which users have wished to bypass include the following:

-- TCP provides both reliable data transfer and strict order-
of-transmission delivery of data. Some applications need reliable
transfer without sequence maintenance, while others would be
satisfied with partial ordering of the data. In both of these
cases the head-of-line blocking offered by TCP causes
unnecessary delay.

-- The stream-oriented nature of TCP is often an inconvenience.
Applications must add their own record marking to delineate
their messages, and must make explicit use of the push facility
to ensure that a complete message is transferred in a
reasonable time.

-- The limited scope of TCP sockets complicates the task of
providing highly-available data transfer capability using
multi-homed hosts.

-- TCP is relatively vulnerable to denial of service attacks,
such as SYN attacks.

Stewart, et al [Page 5]

Internet Draft Stream Control Transmission Protocol June 2000

Transport of PSTN signaling across the IP network is an application
for which all of these limitations of TCP are relevant. While this
application directly motivated the development of SCTP, other
applications may find SCTP a good match to their requirements.

1.2 Architectural View of SCTP

SCTP is viewed as a layer between the SCTP user application ("SCTP
user" for short) and an unreliable routed a connectionless packet network service such
as IP. The remainder of this document assumes SCTP runs on top of IP.
The basic service offered by SCTP is the reliable transfer of
user messages between peer SCTP users. It performs this service

Stewart, et al [Page 5]

Internet Draft Stream Control Transmission Protocol April 2000
within the context of an association between two SCTP nodes. Chapter 9 endpoints.
Section 10 of this document sketches the API which should exist at the
boundary between the SCTP and the SCTP user layers.

SCTP is connection-oriented in nature, but the SCTP association is a
broader concept than the TCP connection. SCTP provides the means for
each SCTP endpoint (Section 1.4) to provide the other during endpoint (during
association startup startup) with a list of transport addresses (e.g. (i.e., multiple
IP addresses in combination with an SCTP port) through which that
endpoint can be reached and from which it will originate messages. SCTP packets.
The association spans transfers over all of the possible
source/destination combinations which may be generated from the two
endpoint each
endpoint's lists.

_____________ _____________
| SCTP User | | SCTP User |
| Application | | Application |
|-------------| |-------------|
| SCTP | | SCTP |
| Transport | | Transport |
| Service | | Service |
|-------------| |-------------|
| |One or more ---- One or more| |
| IP Network |IP address \/ IP address| IP Network |
| Service |appearances /\ appearances| Service |
|_____________| ---- |_____________|

SCTP Node A |<-------- Network transport ------->| SCTP Node B

Figure 1: An SCTP Association

1.3 Functional View of SCTP

The SCTP transport service can be decomposed into a number of
functions. These are depicted in Figure 2 and explained in the
remainder of this section.

Stewart, et al [Page 6]

Internet Draft Stream Control Transmission Protocol June 2000

SCTP User Application

..-----------------------------------------------------
.. _____________ ____________________
| | | Sequenced delivery |
| Association | | within streams |
| | |____________________|
| startup |
..| | ____________________________
| and | | User Data Segmentation Fragmentation |
| | |____________________________|
| takedown |

Stewart, et al [Page 6]

Internet Draft Stream Control Transmission Protocol April 2000
..| | ____________________________
| | | Acknowledgment Acknowledgement |
| | | and |
| | | Congestion Avoidance |
..| | |____________________________|
| |
| | ____________________________
| | | Chunk Multiplex Bundling |
| | |____________________________|
| |
| | ________________________________
| | | Message Packet Validation |
| | |________________________________|
| |
| | ________________________________
| | | Path Management |
|______________ |________________________________|

Figure 2: Functional View of the SCTP Transport Service

1.3.1 Association Startup and Takedown

An association is initiated by a request from the SCTP user (see the
description of the ASSOCIATE (or SEND) primitive in Chapter 9). Section 10).

A cookie mechanism, taken from that devised similar to one described by Karn and Simpson in RFC
2522 [6],
[RFC2522], is employed during the initialization to provide protection
against security attacks. The cookie mechanism uses a four-way
handshaking, but
handshake, the last two legs of which are allowed to carry user
data for fast setup. The startup sequence is described in chapter 4 Section 5 of
this document.

SCTP provides for graceful takedown close (i.e., shutdown) of an active
association on request from the SCTP user. See the description of the TERMINATE
SHUTDOWN primitive in chapter Section 10. SCTP also allows ungraceful takedown, close
(i.e., abort), either on request from the user (ABORT primitive) or as
a result of an error condition detected within the SCTP layer. Chapter 8 Section
9 describes both the graceful and the ungraceful takedown close procedures.

SCTP does not support a half-open state (like TCP) wherein one side
may continue sending data while the other end is closed. When either

Stewart, et al [Page 7]

Internet Draft Stream Control Transmission Protocol June 2000

endpoint performs a shutdown, the association on each peer will stop
accepting new data from its user and only deliver data in queue at the
time of the graceful close (see Section 9).

1.3.2 Sequenced Delivery within Streams

The term "stream" is used in SCTP to refer to a sequence of user
messages.
messages that are to be delivered to the upper-layer protocol in order
with respect to other messages within the same stream. This is in
contrast to its usage in TCP, where it refers to a sequence of bytes. bytes
(in this document a byte is assumed to be eight bits).

The SCTP user can specify at association startup time the number of
streams to be supported by the association. This number is negotiated
with the remote end (see section Section 5.1.1). User messages are associated
with stream numbers (SEND, RECEIVE primitives, Chapter 9). Section 10). Internally,
SCTP assigns a stream sequence number to each message passed to it by

Stewart, et al [Page 7]

Internet Draft Stream Control Transmission Protocol April 2000
the SCTP user. On the receiving side, SCTP ensures that messages are
delivered to the SCTP user in sequence within a given stream. However,
while one stream may be blocked waiting for the next in-sequence user
message, delivery from other streams may proceed.

SCTP provides a mechanism for bypassing the sequenced delivery
service. User messages sent using this mechanism are delivered to the
SCTP user as soon as they are received.

1.3.3 User Data Segmentation Fragmentation

When needed, SCTP can segment fragments user messages to ensure that the SCTP datagram
packet passed to the lower layer conforms to the path MTU. Segments On receipt,
fragments are reassembled into complete messages before being passed to
the SCTP user.

1.3.4 Acknowledgment Acknowledgement and Congestion Avoidance

SCTP assigns a Transmission Sequence Number (TSN) to each user data
segment
fragment or unsegmented unfragmented message. The TSN is independent of any
stream sequence number assigned at the stream level. The receiving end
acknowledges all TSNs received, even if there are gaps in the
sequence. In this way, reliable delivery is kept functionally separate
from sequenced stream delivery.

The Acknowledgment acknowledgement and Congestion Avoidance congestion avoidance function is responsible
for message packet retransmission when timely acknowledgment acknowledgement has not been
received. Message Packet retransmission is conditioned by congestion
avoidance procedures similar to those used for TCP. See Chapters 5
and Sections 6
and 7 for a detailed description of the protocol procedures associated
with this function.

1.3.5 Chunk Multiplex Bundling

As described in Chapter 2, Section 3, the SCTP datagram packet as delivered to the lower
layer consists of a common header followed by one or more chunks. Each
chunk may contain either user data or SCTP control information. The

Stewart, et al [Page 8]

Internet Draft Stream Control Transmission Protocol June 2000

SCTP user has the option to request "bundling", or multiplexing bundling of more than one user
messages into a single SCTP datagram. packet. The chunk
multiplex bundling function of SCTP
is responsible for assembly of the complete SCTP datagram packet and its
disassembly at the receiving end.

1.3.6 Message Validation

A mandatory verification tag and

During times of congestion an Adler-32 checksum [2] fields are
included in SCTP implementation MAY still perform
bundling even if the user has requested that SCTP common header. not bundle. The verification tag value is
chosen by each end
user's disabling of bundling only affects SCTP implementations that may
delay a small period of time before transmission (to attempt to
encourage bundling). When the association during association startup.
Messages received without the verification tag user layer disables bundling, this small
delay is prohibited but not bundling that is performed during
congestion or retransmission.

1.3.6 Packet Validation

A mandatory Verification Tag field and a 32 bit checksum field (see
Appendix B for a description of the Adler-32 checksum) are included in
the SCTP common header. The Verification Tag value expected is chosen by each
end of the
receiver association during association startup. Packets received
without the expected Verification Tag value are discarded, as a
protection against blind masquerade attacks and against stale datagrams SCTP
packets from a previous association.

Stewart, et al [Page 8]

Internet Draft Stream Control Transmission Protocol April 2000 The Adler-32 checksum should be
set by the sender of each SCTP datagram, packet to provide additional protection
against data corruption in the
network beyond that provided by lower layers (e.g. network. The receiver of an SCTP packet
with an invalid Adler-32 checksum silently discards the IP checksum). packet.

1.3.7 Path Management

The sending SCTP user is able to manipulate the set of transport
addresses used as destinations for SCTP datagrams, packets through the
primitives described in Chapter Section 10. The SCTP path management function
chooses the destination transport address for each outgoing SCTP
datagram
packet based on the SCTP user's instructions and the currently
perceived reachability status of the eligible destination set.
The path management function monitors reachability through heartbeat
messages heartbeats
when other message packet traffic is inadequate to provide this
information, information
and advises the SCTP user when reachability of any far-
end far-end transport
address changes. The path management function is also responsible for
reporting the eligible set of local transport addresses to the far end
during association startup, and for reporting the transport addresses
returned from the far end to the SCTP user.

At association start-up, a primary destination transport address path is defined for each SCTP
endpoint, and is used for normal sending of SCTP
datagrams. packets.

On the receiving end, the path management is responsible for verifying
the existence of a valid SCTP association to which the inbound SCTP
datagram
packet belongs before passing it for further processing.

Note: Path Management and Packet Validation are done at the
same time, so although described separately above, in reality they
cannot be performed as separate items.

Stewart, et al [Page 9]

Internet Draft Stream Control Transmission Protocol June 2000

1.4 Recapitulation of Key Terms

The

Some of the language used to describe SCTP has been introduced in the
previous sections. This section provides a consolidated list of the key
terms and their definitions.

o SCTP user application (SCTP user): The logical higher-layer
application entity which uses the services of SCTP, also called
the Upper-layer Protocol (ULP).

o User message: the unit of data delivery across the interface
between SCTP and its user.

o SCTP datagram: the unit of data delivery across the interface
between SCTP and the unreliable packet network (e.g. IP) which
it is using. An SCTP datagram includes the common SCTP header,
possible SCTP control chunks, and user data encapsulated within
SCTP DATA chunks.

o Transport address: an address which serves as a source or Active destination for the unreliable packet transport service used by
SCTP. In IP networks, a address: A transport address is defined by the
combination of an IP address and an SCTP port number.

Stewart, et al [Page 9]

Internet Draft Stream Control Transmission Protocol April 2000

Note, only one SCTP port may be defined for each endpoint,
but each endpoint may have multiple IP addresses.

o SCTP endpoint: the logical sender/receiver of SCTP datagrams. On on a
multi-homed host, an SCTP peer
endpoint is represented to its peers as a
combination of a set of eligible destination transport addresses to
which SCTP datagrams can be sent and a set of eligible source
transport addresses from which SCTP datagrams can be received.

Note, a source or destination transport address can only be
included in one unique SCTP endpoint, i.e., it is NOT allowed to
have the same SCTP source or destination transport address appear
in transmitting endpoint considers available for
receiving user messages.

o Bundling: An optional multiplexing operation, whereby more than one SCTP endpoint.

o SCTP association: a protocol relationship between SCTP endpoints,
comprising
user message may be carried in the two same SCTP endpoints and protocol state information
including verification tags and the currently active set of
Transmission Sequence Numbers (TSNs), etc. packet. Each user
message occupies its own DATA chunk.

o Chunk: a A unit of information within an SCTP datagram, packet, consisting of
a chunk header and chunk-specific content.

o Transmission Sequence Number (TSN): a 32-bit sequence Congestion Window (cwnd): An SCTP variable that limits the data, in
number used
internally by SCTP. One TSN is attached of bytes, a sender can send to each chunk containing
user data to permit the a particular destination
transport address before receiving SCTP endpoint to acknowledge its
receipt and detect duplicate deliveries. an acknowledgement.

o Stream: a uni-directional logical channel established from one to
another associated SCTP endpoints, within which all user messages
are delivered in sequence except for those submitted to the
un-ordered delivery service.

Note: Cumulative TSN Ack Point: The relationship between stream numbers in opposite
directions is strictly a matter TSN of how the applications use
them. It is last DATA chunk
acknowledged via the responsibility Cumulative TSN Ack field of the SCTP user to create and
manage these correlations if they are so desired.

o Stream Sequence Number: a 16-bit sequence number used internally by
SCTP to assure sequenced delivery of the SACK.

o Idle destination address: An address that has not had user messages
sent to it within a
given stream. One stream sequence number some length of time, normally the HEARTBEAT
interval or greater.

o Inactive destination transport address: An address which is attached
considered inactive due to each errors and unavailable to transport user
message.
messages.

o Path: the route taken Message = user message: Data submitted to SCTP by the Upper Layer
Protocol (ULP).

o Message Authentication Code (MAC): An integrity check mechanism
based on cryptographic hash functions using a secret key.
Typically, message authentication codes are used between two
parties that share a secret key in order to validate information
transmitted between these parties. In SCTP datagrams sent it is used by one SCTP an
endpoint to a specific destination transport address of its validate the State Cookie information that is
returned from the peer
SCTP endpoint. Note, sending to in the COOKIE ECHO chunk. The term "MAC"
has different destination transport
addresses does not necessarily guarantee getting separate paths.

o Bundling: an optional multiplexing operation, whereby more than one
user messages may be carried meanings in different contexts. SCTP uses this
term with the same SCTP datagram. Each meaning as in [RFC2104].

o Network Byte Order: Most significant byte first, a.k.a., Big Endian.

o Ordered Message: A user message occupies its own DATA chunk. that is delivered in order with
respect to all previous user messages sent within the stream the
message was sent on.

o Outstanding TSN (at an SCTP endpoint): a A TSN (and the associated
DATA chunk) which have that has been sent by the endpoint but for which it has
not yet received an acknowledgment. acknowledgement.

Stewart, et al [Page 10]

Internet Draft Stream Control Transmission Protocol April June 2000

o Unacknowledged TSN (at an Path: The route taken by the SCTP endpoint): packets sent by one SCTP
endpoint to a TSN (and specific destination transport address of its peer
SCTP endpoint. Sending to different destination transport
addresses does not necessarily guarantee getting separate paths.

o Primary Path: The primary path is the associated DATA
chunk) which have been received by destination and
source address that will be put into a packet outbound
to the peer endpoint but for which by default. The definition includes
the source address since an
acknowledgment has not yet been sent. implementation MAY wish to
specify both destination and source address to better
control the return path taken by reply chunks and on which
interface the packet is transmitted when the data sender
is multi-homed.

o Receiver Window (rwnd): The An SCTP variable a data sender uses to store
the most recently calculated receiver
window, window of its peer, in number
of octets. bytes. This gives the sender an indication of the space available
in the receiver's inbound buffer.

o Congestion Window (cwnd): An SCTP variable that limits the data, in
number association: A protocol relationship between SCTP endpoints,
composed of octets, a sender can send into the network before
receiving an acknowledgment on a particular destination Transport
address.

o Slow Start Threshold (ssthresh): two SCTP endpoints and protocol state information
including Verification Tags and the currently active set of
Transmission Sequence Numbers (TSNs), etc. An association can be
uniquely identified by the transport addresses used by the endpoints
in the association. Two SCTP endpoints MUST NOT have more than one
SCTP association between them at any given time.

o SCTP endpoint: The logical sender/receiver of SCTP packets. On a
multi-homed host, an SCTP endpoint is represented to its peers as a
combination of a set of eligible destination transport addresses to
which SCTP packets can be sent and a set of eligible source
transport addresses from which SCTP packets can be received.
All transport addresses used by an SCTP endpoint must use the
same port number, but can use multiple IP addresses.

o SCTP packet (or packet): The unit of data delivery across the
interface between SCTP and the connectionless packet network (e.g.,
IP). An SCTP packet includes the common SCTP header, possible SCTP
control chunks, and user data encapsulated within SCTP DATA chunks.

o SCTP user application (SCTP user): The logical higher-layer
application entity which uses the services of SCTP, also called
the Upper-layer Protocol (ULP).

o Slow Start Threshold (ssthresh): An SCTP variable. This is the
threshold which the endpoint will use to determine whether to
perform slow start or congestion avoidance on a particular
destination transport address. Ssthresh is in number of octets. bytes.

o Stream: A uni-directional logical channel established from one to
another associated SCTP endpoint, within which all user messages
are delivered in sequence except for those submitted to the
unordered delivery service.

Stewart, et al [Page 11]

Internet Draft Stream Control Transmission Protocol June 2000

Note: The relationship between stream numbers in opposite
directions is strictly a matter of how the applications use
them. It is the responsibility of the SCTP user to create and
manage these correlations if they are so desired.

o Stream Sequence Number: A 16-bit sequence number used internally by
SCTP to assure sequenced delivery of the user messages within a
given stream. One stream sequence number is attached to each user
message.

o Transmission Control Block (TCB): an An internal data structure
created by an SCTP endpoint for each of its existing SCTP
associations to other SCTP endpoints. TCB contains all the status
and operational information for the endpoint to maintain and manage
the corresponding association.

o Transmission Sequence Number (TSN): A 32-bit sequence number used
internally by SCTP. One TSN is attached to each chunk containing
user data to permit the receiving SCTP endpoint to acknowledge its
receipt and detect duplicate deliveries.

o Transport address: A Transport Address is traditionally defined by
Network Byte Order: Most significant byte first, a.k.a Big Endian. Layer address, Transport Layer protocol and Transport Layer
port number. In the case of SCTP running over IP, a transport
address is defined by the combination of an IP address and an SCTP
port number (where SCTP is the Transport protocol).

o Unacknowledged TSN (at an SCTP endpoint): A TSN (and the associated
DATA chunk) which has been received by the endpoint but for which an
acknowledgement has not yet been sent. Or in the opposite case,
for a packet that has been sent but no acknowledgement has
been received.

o Unordered Message: Unordered messages are "unordered" with respect
to any other message, this includes both other unordered messages
as well as other ordered messages. Unordered message might be
delivered prior to or later than ordered messages sent on the
same stream.

o User message: The unit of data delivery across the interface
between SCTP and its user.

1.5. Abbreviations

ICV

MAC - Integrity Check Value [4] Message Authentication Code [RFC2104]

RTO - Retransmission Time-out

RTT - Round-trip Time

RTTVAR - Round-trip Time Variation

SCTP - Stream

Stewart, et al [Page 12]

Internet Draft Stream Control Transmission Protocol June 2000

SCTP - Stream Control Transmission Protocol

SRTT - Smoothed RTT

TCB - Transmission Control Block

TLV - Type-Length-Value Coding Format

TSN - Transmission Sequence Number

ULP - Upper-layer Protocol

1.6 Serial Number Arithmetic

It is essential to remember that the actual Transmission Sequence
Number space is finite, though very large. This space ranges from 0 to
2**32 - 1. Since the space is finite, all arithmetic dealing with
Transmission Sequence Numbers must be performed modulo 2**32. This
unsigned Arithmetic preserves the relationship of sequence numbers as
they cycle From 2**32 - 1 to 0 again. There are some subtleties to
computer modulo arithmetic, so great care should be taken in
programming the comparison of such values. When referring to TSNs, the
symbol "=<" means "less than or equal"(modulo 2**32).

Comparisons and arithmetic on TSNs in this document SHOULD use Serial
Number Arithmetic as defined in [RFC1982] where SERIAL_BITS = 32.

An endpoint SHOULD NOT transmit a DATA chunk with a TSN that is more
than 2**31 - 1 above the beginning TSN of its current send window.
Doing so will cause problems in comparing TSNs.

Transmission Sequence Numbers wrap around when they reach 2**32 - 1.
That is, the next TSN a DATA chunk MUST use after transmitting TSN =
2*32 - 1 is TSN = 0.

Any arithmetic done on Stream Sequence Numbers SHOULD use Serial Number
Arithmetic as defined in [RFC1982] where SERIAL_BITS = 16.

All other arithmetic and comparisons in this document uses normal
arithmetic.

2. Conventions

The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD,
SHOULD NOT, RECOMMENDED, NOT RECOMMENDED, MAY, and OPTIONAL, when
they appear in this document, are to be interpreted as described in
RFC 2119 [18].

Stewart, et al [Page 11]

Internet Draft Stream Control Transmission Protocol April 2000
[RFC2119].

3. SCTP Datagram packet Format

An SCTP datagram packet is composed of a common header and chunks. A chunk
contains either control information or user data.

Stewart, et al [Page 13]

Internet Draft Stream Control Transmission Protocol June 2000

The SCTP datagram packet format is shown below:

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Common Header |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk #1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk #n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Multiple chunks can be multiplexed bundled into one SCTP datagram packet up to
the MTU size, except for the INIT, INIT ACK, and SHUTDOWN ACK COMPLETE
chunks. These chunks MUST NOT be multiplexed bundled with any other chunk in a
datagram.
packet. See Section 6.10 for more details on chunk multiplexing. bundling.

If an a user data message doesn't fit into one SCTP datagram packet it can be
segmented
fragmented into multiple chunks using the procedure defined in
Section 6.9.

All integer fields in an SCTP datagram packet MUST be transmitted in the
network byte order, unless otherwise stated.

3.1 SCTP Common Header Field Descriptions

SCTP Common Header Format

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port Number | Destination Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Verification Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Adler-32 Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Source Port Number: 16 bit u_int bits (unsigned integer)

This is the SCTP sender's senders port number. It can be used by the
receiver,
receiver in combination with the source IP address, the
SCTP destination port and possibly the destination IP address
to identify the association to which this datagram packet belongs.

Destination Port Number: 16 bit u_int bits (unsigned integer)

This is the SCTP port number to which this datagram packet is destined. The
receiving host will use this port number to de-multiplex the
SCTP datagram packet to the correct receiving endpoint/application.

Stewart, et al [Page 12] 14]

Internet Draft Stream Control Transmission Protocol April June 2000

Verification Tag: 32 bit u_int bits (unsigned integer)

The receiver of this datagram packet uses the Verification Tag to validate
the sender of this SCTP datagram. packet. On transmit, the value of this
Verification Tag MUST be set to the value of the Initiate Tag
received from the peer endpoint during the association
initialization.

For datagrams carrying
initialization, with the following exceptions:
- A packet containing an INIT chunk, the transmitter chunk MUST set the have a zero
Verification Tag to all 0's. If the receiver receives Tag.
- A packet containing a datagram SHUTDOWN-COMPLETE chunk with an all-zeros Verification Tag field, it checks the Chunk ID
immediately following the common header. If the Chunk Type is
neither INIT nor SHUTDOWN ACK or ABORT, the receiver MUST drop
the datagram. For datagrams carrying the SHUTDOWN ACK chunk, the
transmitter SHOULD T-bit
set MUST have the Verification Tag to the Initiate Tag
received copied from the peer endpoint during packet
with the association
initialization, if known. Otherwise, SHUTDOWN-ACK chunk.
- A packet containing an ABORT chunk may have the Verification Tag
MUST be set to all 0's.

Note: Special rules apply to verification
tag copied from the packet which caused the ABORT message to be sent.
For details see Section 8.4 and 8.5.

Adler-32

An INIT chunk MUST be the only chunk in the SCTP packet carrying it.

Checksum: 32 bit u_int bits (unsigned integer)

This field MUST contain an Adler-32 contains the checksum of this SCTP
datagram. packet. Its calculation
is discussed in Section 6.8. SCTP uses the Adler-32 algorithm as
described in Appendix B for calculating the checksum

3.2 Chunk Field Descriptions

The figure below illustrates the field format for the chunks to be
transmitted in the SCTP datagram. packet. Each chunk is formatted with a Chunk
ID
Type field, a chunk-specific Flag field, a Chunk Length field, and a
Value field.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Chunk ID Type | Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Chunk Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk ID: Type: 8 bits, u_int bits (unsigned integer)

This field identifies the type of information contained in the Chunk
Value field. It takes a value from 0x00 0 to 0xFF. 254. The value of 0xFE
is reserved for vendor-specific extensions. The value of 0xFF 255 is
reserved for future use as an extension field. Procedures for
extending this field by vendors are defined in Section 3.4.

The values of Chunk ID Types are defined as follows:

ID Value Chunk Type
----- ----------

Stewart, et al [Page 13] 15]

Internet Draft Stream Control Transmission Protocol April June 2000

ID Value Chunk Type
----- ----------
00000000

0 - Payload Data (DATA)
00000001
1 - Initiation (INIT)
00000010
2 - Initiation Acknowledgment Acknowledgement (INIT ACK)
00000011
3 - Selective Acknowledgment Acknowledgement (SACK)
00000100
4 - Heartbeat Request (HEARTBEAT)
00000101
5 - Heartbeat Acknowledgment Acknowledgement (HEARTBEAT ACK)
00000110
6 - Abort (ABORT)
00000111
7 - Shutdown (SHUTDOWN)
00001000
8 - Shutdown Acknowledgment Acknowledgement (SHUTDOWN ACK)
00001001
9 - Operation Error (ERROR)
00001010
10 - State Cookie (COOKIE)
00001011 (COOKIE ECHO)
11 - Cookie Acknowledgment Acknowledgement (COOKIE ACK)
00001100
12 - Reserved for Explicit Congestion Notification Echo (ECNE)
00001101
13 - Reserved for Congestion Window Reduced (CWR)
00001110
14 - Shutdown Complete (SHUTDOWN COMPLETE)
15 to 11111101 63 - reserved by IETF
11111110
63 - Vendor-specific IETF-defined Chunk Extensions
11111111
64 to 126 - reserved by IETF
127 - IETF-defined Chunk Extensions

Note: The ECNE and CWR chunk types are
128 to 190 - reserved for by IETF
191 - IETF-defined Chunk Extensions
192 to 254 - reserved by IETF
255 - IETF-defined Chunk Extensions

Chunk Types are encoded such that the highest-order two bits
specify the action that must be taken if the processing
endpoint does not recognize the Chunk Type.

00 - Stop processing this SCTP packet and discard it, do NOT process any
further chunks within it.

01 - Stop processing this SCTP packet and discard it, do NOT process any
further chunks within it, and report in an Operation Error Chunk
using the 'Unrecognized Chunk Type' cause of error.

10 - Skip this chunk and continue processing.

11 - Skip this chunk and continue processing, but report in an
Operation Error Chunk using the 'Unrecognized Chunk Type'
cause of error.

Note: The ECNE and CWR chunk types are reserved for future use of
Explicit Congestion Notification (ECN).

Chunk Flags: 8 bits

The usage of these bits depends on the chunk type as given by the
Chunk ID. Type. Unless otherwise specified, they are set to zero on
transmit and are ignored on receipt.

Chunk Length: 16 bits (u_int) (unsigned integer)

Stewart, et al [Page 16]

Internet Draft Stream Control Transmission Protocol June 2000

This value represents the size of the chunk in octets bytes including the
Chunk ID, Type, Chunk Flags, Chunk Length, and Chunk Value fields.
Therefore, if the Chunk Value field is zero-length, the Length
field will be set to 0x0004. 4. The Chunk Length field does not count
any padding.

Chunk Value: variable length

The Chunk Value field contains the actual information to be
transferred in the chunk. The usage and format of this field is
dependent on the Chunk ID. Type.

The Chunk total length of a chunk (including Type, Length and Value field fields)
MUST be aligned on
32-bit boundaries. a multiple of 4 bytes. If the length of the chunk does not align on
32-bit boundaries, it is padded at not a
multiple of 4 bytes, the end sender MUST pad the chunk with all zero octets. bytes
and this padding is NOT included in the chunk length field. The sender
should never pad with more than 3 bytes. The receiver MUST ignore the
padding bytes.

SCTP defined chunks are described in detail in Section 3.3. The
guideline for vendor-specific chunk extensions is discussed in Section
3.4. And the
guidelines for IETF-defined chunk extensions can be found in Section
13.1 of this document.

3.2.1 Optional/Variable-length Parameter Format

Chunk values of SCTP control chunks consist of a chunk-type-specific
header of required fields, followed by zero or more parameters. The
optional and variable-length parameters contained in a chunk are
defined in a Type-Length-Value format as shown below.

Stewart, et al [Page 14]

Internet Draft Stream Control Transmission Protocol April 2000

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type | Parameter Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Parameter Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Parameter Type: 16 bit u_int bits (unsigned integer)

The Type field is a 16 bit identifier of the type of parameter. It
takes a value of 0x0000 0 to 0xFFFF.

The value of 0xFFFE is reserved for vendor-specific extensions if
the specific chunk allows such extensions. 65534.

The value of 0xFFFF 65535 is reserved for IETF-defined extensions.
Values other than those defined in specific SCTP chunk
description are reserved for use by IETF.

Chunk Parameter Length: 16 bit u_int bits (unsigned integer)

The Parameter Length field contains the size of the parameter in octets, bytes,
including the Parameter Type, Parameter Length, and Parameter

Stewart, et al [Page 17]

Internet Draft Stream Control Transmission Protocol June 2000

Value fields. Thus, a parameter with a zero-length Parameter
Value field would have a Length field of
0x0004. 4. The Parameter Length
does not include any padding octets. bytes.

Chunk Parameter Value: variable-length.

The Parameter Value is dependent on field contains the value of actual information to be
transferred in the Type field. parameter.

The value
field total length of a parameter (including Type, Parameter Length and
Value fields) MUST be aligned on 32-bit boundaries. a multiple of 4 bytes. If the value field length of the
parameter is not aligned on 32-bit boundaries it is padded a multiple of 4 bytes, the sender pads the Parameter
at the end (i.e., after the Parameter Value field) with all zero octets.
bytes. The value field length of the padding is NOT included in the parameter
length field. A sender should NEVER pad with more than 3 bytes. The
receiver MUST ignore the padding bytes.

The Parameter Types are encoded such that the highest-order two bits
specify the action that must be taken if the processing
endpoint does not recognize the Parameter Type.

00 - Stop processing this SCTP packet and discard it, do NOT process any
further chunks within it.

01 - Stop processing this SCTP packet and discard it, do NOT process any
further chunks within it, and report the unrecognized parameter in
an integer number of octets. 'Unrecognized Parameter Type' (in either a Operational Error or
in the INIT ACK).

10 - Skip this parameter and continue processing.

11 - Skip this parameter and continue processing but report the
the unrecognized parameter in an 'Unrecognized Parameter Type'
(in either a Operational Error or in the INIT ACK).

The actual SCTP parameters are defined in the specific SCTP chunk
sections. The guidelines for vendor-specific parameter extensions
are discussed in Section 3.2.2. And the rules for IETF-defined parameter extensions are
defined in Section 13.2.

3.2.2 Vendor-Specific Extension Parameter Format

3.3 SCTP Chunk Definitions

This is to allow vendors to support their own extended parameters not
defined by the IETF. It MUST not affect section defines the operation format of SCTP.

Endpoints not equipped to interpret the vendor-specific information
sent by a remote endpoint different SCTP chunk types.

3.3.1 Payload Data (DATA) (0)

The following format MUST ignore it (although it may be
reported). Endpoints that do not receive desired vendor-specific
information SHOULD make an attempt to operate without it, although
they may do so (and report they are doing so) in a degraded mode.

A summary of used for the Vendor-specific extension format is shown below. The
fields are transmitted from left to right.

Stewart, et al [Page 15]

Internet Draft Stream Control Transmission Protocol April 2000 DATA chunk:

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type = 0xFFFE 0 | Parameter Reserved|U|B|E| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Id TSN |

Stewart, et al [Page 18]

Internet Draft Stream Control Transmission Protocol June 2000

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Stream Identifier S | Stream Sequence Number n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Protocol Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Parameter Value User Data (seq n of Stream S) /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type: 16 bit u_int

0xFFFE for

Reserved: 5 bits
Should be set to all Vendor-Specific parameters.

Length: 16 bit u_int

Indicate the size of the parameter in octets, including the
Type, Length, Vendor-Id, '0's and Value fields.

Vendor-Id: 32 ignored by the receiver.

U bit: 1 bit u_int
The high-order octet (U)nordered bit, if set to '1', indicates that this is 0 an
unordered DATA chunk, and there is no Stream Sequence Number assigned
to this DATA chunk. Therefore, the low-order 3 octets are receiver MUST ignore the
SMI Network Management Private Enterprise Code of Stream
Sequence Number field.

After re-assembly (if necessary), unordered DATA chunks MUST be
dispatched to the Vendor
in network byte order, as defined in upper layer by the Assigned Numbers (RFC
1700).

Value: variable length

The Value field receiver without any attempt to
re-order.

If an unordered user message is one or more octets. The actual format fragmented, each fragment of the
information is site or application specific, and a robust
implementation SHOULD support the field as undistinguished
octets.
message MUST have its U bit set to '1'.

B bit: 1 bit

The codification of the range of allowed usage of this field is
outside (B)eginning fragment bit, if set, indicates the scope first fragment of this specification.

It SHOULD be encoded as
a sequence of vendor type / vendor length
/ value fields, as follows. user message.

E bit: 1 bit
The parameter field is
dependent on (E)nding fragment bit, if set, indicates the vendor's definition last fragment of that attribute. a
user message.

An
example encoding unfragmented user message shall have both the B and E bits set
to '1'. Setting both B and E bits to '0' indicates a middle fragment of
a multi-fragment user message, as summarized in the Vendor-Specific attribute using this
method follows:

0 following table:

B E Description
============================================================
| 1 2 3 0 1 2 3 4 5 6 7 8 9 | First piece of a fragmented user message |
+----------------------------------------------------------+
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 | Middle piece of a fragmented user message |
+----------------------------------------------------------+
| 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Parameter Type = 0xFFFE | Parameter Length Last piece of a fragmented user message |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+----------------------------------------------------------+
| Vendor-Id 1 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Unfragmented Message | VS-Type
============================================================
| VS-Length Table 1: Fragment Description Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ VS-Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
============================================================

When a user message is fragmented into multiple chunks, the TSNs are

Stewart, et al [Page 16] 19]

Internet Draft Stream Control Transmission Protocol April June 2000

VS-Type: 16 bit u_int

This field identifies the parameter included in the VS-Value field.
It is assigned

used by the vendor.

VS-Length: 16 bit u_int

This field is receiver to reassemble the length of message. This means that the vendor-specific parameter and
Includes
TSNs for each fragment of a fragmented user message MUST be strictly
sequential.

Length: 16 bits (unsigned integer)

This field indicates the VS-Type, VS-Length and VS-Value (if included) fields.

VS-Value: Variable length of the DATA chunk in bytes from the
beginning of the type field to the end of the user data field
excluding any padding. A DATA chunk with no user data field will
have Length set to 16 (indicating 16 bytes).

TSN : 32 bits (unsigned integer)

This field contains value represents the parameter identified by TSN for this DATA chunk. The valid range
of TSN is from 0 to 4294967295 (2**32 - 1). TSN wraps back to 0
after reaching 4294967295.

Stream Identifier S: 16 bits (unsigned integer)

Identifies the VS-Type field.
It's meaning stream to which the following user data belongs.

Stream Sequence Number n: 16 bits (unsigned integer)

This value represents the stream sequence number of the following
user data within the stream S. Valid range is identified 0 to 65535.

When a user message is fragmented by SCTP for transport, the vendor.

3.3
same stream sequence number MUST be carried in each of the fragments
of the message.

Payload Protocol Identifier: 32 bits (unsigned integer)

This value represents an application (or upper layer) specified
protocol identifier. This value is passed to SCTP Chunk Definitions by its upper layer
and sent to its peer. This section defines identifier is not used by SCTP but can be
used by certain network entities as well as the format peer application to
identify the type of information being carried in this DATA chunk.
This field must be sent even in fragmented DATA chunks (to make
sure it is available for agents in the middle of the different SCTP chunk types.

3.3.1 network).

The value 0 indicates no application identifier is specified by
the upper layer for this payload data.

User Data: variable length

This is the payload user data. The implementation MUST pad the end
of the data to a 4 byte boundary with all-zero bytes. Any padding
MUST NOT be included in the length field. A sender MUST never add
more than 3 bytes of padding.

3.3.2 Initiation (INIT) (00000001) (1)

Stewart, et al [Page 20]

Internet Draft Stream Control Transmission Protocol June 2000

This chunk is used to initiate a SCTP association between two
endpoints. The format of the INIT message chunk is shown below:

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 1|
| Type = 1 | Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initiate Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Advertised Receiver Window Credit (a_rwnd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Outbound Streams | Number of Inbound Streams |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initial TSN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Optional/Variable-Length Parameters /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The INIT chunk contains the following parameters. Unless otherwise
noted, each parameter MUST only be included once in the INIT chunk.

Fixed Parameters Status
----------------------------------------------
Initiate Tag Mandatory
Advertised Receiver Window Credit Mandatory
Number of Outbound Streams Mandatory
Number of Inbound Streams Mandatory
Initial TSN Mandatory

Stewart, et al [Page 17]

Internet Draft Stream Control Transmission Protocol April 2000

Variable Parameters Status Type Value
-------------------------------------------------------------
IPv4 Address (Note 1) Optional 0x0005 5
IPv6 Address (Note 1) Optional 0x0006 6
Cookie Preservative Optional 0x0009 9
Reserved for ECN Capable (Note 2) Optional 0x000a 32768 (0x8000)
Host Name Address (Note 3) Optional 0x000b 11
Supported Address Types (Note 4) Optional 0x000c 12

Note 1: The INIT chunks may can contain multiple addresses that may can be
IPv4 and/or IPv6 in any combination.

Note 2: The ECN capable field is reserved for future use of Explicit
Congestion Notification.

Note 3: The An INIT chunks may chunk MUST NOT contain AT MOST more than one Host Name address
parameter. Moreover, the sender of the INIT SHALL not MUST NOT combine any other
address types with the Host Name address in the INIT while the INIT. The receiver
of INIT MUST ignore any other address types if the Host Name address

Stewart, et al [Page 21]

Internet Draft Stream Control Transmission Protocol June 2000

parameter is present in the received INIT chunk.

Note 4: This parameter, when present, specifies all the address types
the sending endpoint can support. The absence of this parameter
indicates that the sending endpoint can support any address types. type.

The Chunk Flags field in INIT is reserved, reserved and all bits in it should be
set to 0 by the sender and ignored by the receiver. The sequence of
parameters within an INIT may can be processed in any order.

Initiate Tag: 32 bit u_int bits (unsigned integer)

The receiver of the INIT (the responding end) records the value of
the Initiate Tag parameter. This value MUST be placed into the
Verification Tag field of every SCTP datagram packet that the responding
end receiver of the
INIT transmits within this association.

The valid range for Initiate Tag is from 0x1 allowed to 0xffffffff. have any value except 0. See
Section 5.3.1 for more on the selection of the tag value.

If the value of the Initiate Tag in a received INIT chunk is found
to be 0x0, 0, the receiver MUST treat it as an error and silently
discard close
the datagram. association by transmitting an ABORT.

Advertised Receiver Window Credit (a_rwnd): 32 bit u_int bits (unsigned integer)

This value represents the dedicated buffer space, in number of
octets,
bytes, the sender of the INIT has placed reserved in association with this
window. During the life of the association this buffer space SHOULD
not be lessened (i.e. dedicated buffers taken away from this
association).
association); however, an endpoint MAY change the value of a_rwnd
it sends in SACK chunks.

Number of Outbound Streams (OS): 16 bit u_int bits (unsigned integer)

Defines the number of outbound streams the sender of this INIT chunk
wishes to create in this association. The value of 0 MUST NOT be
used.

Note: A receiver of an INIT with the OS value set to 0 SHOULD ABORT
the association.

Number of Inbound Streams (MIS) : 16 bit u_int bits (unsigned integer)

Defines the MAXIMUM maximum number of streams the sender of this INIT chunk
allows the peer end to create in this association. The value 0 MUST
NOT be used.

Initial TSN (I-TSN) : 32 bit u_int

Defines the initial TSN that the sender will use. The valid range

Note: There is
from 0x0 to 0xffffffff. This field MAY be set to no negotiation of the value actual number of streams
but instead the
Initiate Tag field.

Stewart, et al [Page 18] two endpoints will use the min(requested,
offered). See Section 5.1.1 for details.

Note: A receiver of an INIT with the MIS value of 0 SHOULD ABORT

Stewart, et al [Page 22]

Internet Draft Stream Control Transmission Protocol April June 2000

Vendor-specific parameters are allowed in INIT. However, they MUST be
appended to

the end of association.

Initial TSN (I-TSN) : 32 bits (unsigned integer)

Defines the above INIT chunks. The format of initial TSN that the
vendor-specific parameters MUST follow sender will use. The valid range is
from 0 to 4294967295. This field MAY be set to the Type-Length-value format as
defined in Section 3.2.2. In case an endpoint does not support value of the
vendor-specific chunks received, it MUST ignore them.

3.3.1.1
Initiate Tag field.

3.3.2.1 Optional/Variable Length Parameters in INIT

The following parameters follow the Type-Length-Value format as
defined in Section 3.2.1. The IP address Any Type-Length-Value fields MUST come
after the fixed-length fields defined in the previous Section.

Any extensions SHOULD come after the IP address fields. section.

IPv4 Address Parameter (5)

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0|
| Type = 5 | Length = 8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

IPv4 Address: 32 bit bits (unsigned integer)

Contains an IPv4 address of the sending endpoint. It is binary
encoded.

IPv6 Address Parameter (6)

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0|0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0|
| Type = 6 | Length = 20 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| IPv6 Address |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

IPv6 Address: 128 bit (unsigned integer)

Contains an IPv6 address of the sending endpoint. It is binary
encoded.

Combining

Note: A sender MUST NOT use an IPv4-mapped IPv6 address [RFC2373]
but should instead use an IPv4 Address Parameter for an IPv4 address.

Combined with the Source Port Number in the SCTP common header, the
value passed in an IPv4 or IPv6 Address parameter indicates a

Stewart, et al [Page 23]

Internet Draft Stream Control Transmission Protocol June 2000

transport address the sender of the INIT will support for the
association being initiated. That is, during the lifetime of this
association, this IP address may can appear in the source address field

Stewart, et al [Page 19]

Internet Draft Stream Control Transmission Protocol April 2000
of a an IP datagram sent from the sender of the INIT, and may can be used
as a destination address of a an IP datagram sent from the receiver of
the INIT.

More than one IP Address parameter can be included in an INIT
chunk when the INIT sender is multi-homed. Moreover, a multi-homed
endpoint may have access to different types of network, thus more
than one address type may can be present in one INIT chunk, i.e., IPv4
and IPv6 transport addresses are allowed in the same INIT message. chunk.

If the INIT contains at least one IP Address parameter, then only the
transport
source address of the IP datagram containing the INIT chunk and any
additional address(es) provided within the INIT may can be used as
destinations by the responding end. endpoint receiving the INIT. If the INIT does
not contain any IP Address parameters, the responding end endpoint receiving the
INIT MUST use the source address associated with the received SCTP IP
datagram as its sole destination address for the association.

Note that not using any IP address parameters in the INIT and INIT-ACK
is an alternative to make an association more likely to work across
a NAT box.

Cookie Preservative (9)

The sender of the INIT shall use this parameter to suggest to the
receiver of the INIT for a longer life-span of the State Cookie.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1|0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0|
| Type = 9 | Length = 8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Suggested Cookie Life-span Increment (msec.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Suggested Cookie Life-span Increment: 32bit u_int 32 bits (unsigned integer)

This parameter indicates to the receiver how much increment in
milliseconds the sender wishes the receiver to add to its default
cookie life-span.

This optional parameter should be added to the INIT message chunk by the
sender when it re-attempts establishing an association with a peer
to which its previous attempt of establishing the association failed
due to a Stale COOKIE stale cookie operation error. Note, the The receiver MAY choose to
ignore the suggested cookie life-span increase for its own security
reasons.

Host Name Address (11)

Stewart, et al [Page 24]

Internet Draft Stream Control Transmission Protocol June 2000

The sender of INIT uses this parameter to pass its Host Name (in
place of its IP addresses) to its peer. The peer is responsible for
resolving the name. Using this parameter might make it more likely
for the association to work across a NAT box.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1|
| Type = 11 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Host Name /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Host Name: variable length

Defined as a zero terminated ASCII string with

This field contains a variable
length. host name in "host name syntax" per RFC1123
Section 2.1 [RFC1123]. The syntax of method for resolving the host name is
out of scope of SCTP.

Note: At least one null terminator is included in the Host Name
string and must be included in the length.

Supported Address Types (12)

The sender of INIT uses this parameter to list all the address types
it can support.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0|
| Type = 12 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Address Type #1 | Address Type #2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ......
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Address Type: 16 bit u_int bits (unsigned integer)

This is filled with the type value of the corresponding address
TLV (e.g., IPv4 = 0x0005, 5, IPv6 = 0x0006).

3.3.2 6, Hostname = 11).

3.3.3 Initiation Acknowledgment Acknowledgement (INIT ACK) (00000010): (2):

The INIT ACK chunk is used to acknowledge the initiation of an SCTP
association.

The parameter part of INIT ACK is formatted similarly to the INIT
chunk. It uses two extra variable parameters: The State Cookie
and the Unrecognized Parameter:

The format of the INIT ACK message chunk is shown below:

Stewart, et al [Page 20] 25]

Internet Draft Stream Control Transmission Protocol April June 2000

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 1 0|
| Type = 2 | Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initiate Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Advertised Receiver Window Credit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Outbound Streams | Number of Inbound Streams |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initial TSN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Optional/Variable-Length Parameters /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Initiate Tag: 32 bits (unsigned integer)

The INIT ACK contains the following parameters. Unless otherwise
noted, each parameter MUST only be included once in receiver of the INIT ACK chunk.

Fixed (the responding end) records the value
of the Initiate Tag parameter. This value MUST be placed into the
Verification Tag field of every SCTP packet that the INIT ACK
receiver transmits within this association.

The Initiate Tag MUST NOT take the value 0. See Section 5.3.1 for
more on the selection of the Initiate Tag value.

If the value of the Initiate Tag in a received INIT ACK chunk is
found to be 0, the receiver MUST treat it as an error and close the
association by transmitting an ABORT.

Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned integer)

This value represents the dedicated buffer space, in number of
bytes, the sender of the INIT ACK has reserved in association with
this window. During the life of the association this buffer space
SHOULD not be lessened (i.e. dedicated buffers taken away from this
association).

Number of Outbound Streams (OS): 16 bits (unsigned integer)

Defines the number of outbound streams the sender of this INIT ACK
chunk wishes to create in this association. The value of 0 MUST NOT
be used.

Note: A receiver of an INIT ACK with the OS value set to 0 SHOULD destroy
the association discarding its TCB.

Stewart, et al [Page 26]

Internet Draft Stream Control Transmission Protocol June 2000

Number of Inbound Streams (MIS) : 16 bits (unsigned integer)

Defines the maximum number of streams the sender of this INIT ACK
chunk allows the peer end to create in this association. The value 0
MUST NOT be used.

Note: There is no negotiation of the actual number of streams but
instead the two endpoints will use the min(requested,
offered). See Section 5.1.1 for details.

Note: A receiver of an INIT ACK with the MIS value set to 0 SHOULD destroy
the association discarding its TCB.

Initial TSN (I-TSN) : 32 bits (unsigned integer)

Defines the initial TSN that the INIT-ACK sender will use. The valid
range is from 0 to 4294967295. This field MAY be set to the value
of the Initiate Tag field.

Variable Parameters Status Type Value
-------------------------------------------------------------
State Cookie Mandatory 0x0007 7
IPv4 Address (Note 1) Optional 0x0005 5
IPv6 Address (Note 1) Optional 0x0006 6
Unrecognized Parameters Optional 0x0008 8
Reserved for ECN Capable (Note 2) Optional 0x000a 32768 (0x8000)
Host Name Address (Note 3) Optional 0x000b 11

Note 1: The INIT ACK chunks may can contain any number of IP address
parameters that may can be IPv4 and/or IPv6 in any combination.

Note 2: The ECN capable field is reserved for future use of Explicit
Congestion Notification.

Note 3: The INIT ACK chunks may MUST NOT contain AT MOST more than one Host Name
address parameter. Moreover, the sender of the INIT ACK SHALL not MUST NOT
combine any other address types with the Host Name address in the
INIT ACK while
the ACK. The receiver of the INIT ACK MUST ignore any other
address types if the Host Name address parameter is present.

Same as with INIT,

IMPLEMENTATION NOTE: An implementation MUST be prepared to receive
a INIT ACK that is quite large (more than 1500 bytes) due to
the variable size of the state cookie AND the variable address
list. For example if a responder to the INIT has 1000 IPv4
addresses it wishes to send, it would need at least 8,000 bytes

Stewart, et al [Page 27]

Internet Draft Stream Control Transmission Protocol June 2000

to encode this in the INIT ACK.

In combination with the Source Port carried in the SCTP common header,
each IP Address parameter in the INIT ACK indicates to the receiver of
the INIT ACK a valid transport address supported by the sender of the
INIT ACK for the lifetime of the association being initiated.

If the INIT ACK contains at least one IP Address parameter, then only the transport
source address of the IP datagram containing the INIT ACK and any
additional address(es) explicitly indicated in provided within the INIT ACK may be used as the destination(s)
destinations by the receiver of the INIT ACK. However,
if INIT-ACK. If the INIT ACK contains no does not
contain any IP Address parameter, parameters, the receiver of the
INIT ACK INIT-ACK MUST take
use the source IP address associated with this INIT ACK the received IP datagram as its
sole destination address for this the association.

Stewart, et al [Page 21]

Internet Draft Stream Control Transmission Protocol April 2000

The State Cookie and Unrecognized Parameters use the Type-Length-
Value format as defined in Section 3.2.1 and are described below. The
other fields are defined the same as their counterparts in the INIT
message.

3.3.2.1
chunk.

3.3.3.1 Optional or Variable Length Parameters

State Cookie: Cookie
Parameter Type Value: 7

Parameter Length: variable size, depending on Size of Cookie

Parameter Value:
This field parameter value MUST contain all the necessary state and
parameter information required for the sender of this INIT ACK to
create the association, along with an Integrity Check Value (ICV). Message Authentication Code
(MAC). See Section 5.1.3 for details on State Cookie definition. The Cookie MUST be
padded with '0' to the next 32-bit word boundary. The internal
format of the Cookie is implementation-specific.

Unrecognized Parameters:
Parameter Type Value: 8

Parameter Length: Variable Size.

Parameter Value:
This parameter is returned to the originator of the INIT message if
the receiver does not recognize one or more Optional TLV parameters
in chunk
when the INIT chunk. contains an unrecognized parameter which has a value
that indicates that it should be reported to the sender. This parameter
value field will contain the unrecognized parameters copied from
the INIT message chunk complete with TLV.

Vendor-Specific parameters are allowed in INIT ACK. However, they
MUST be defined using the format described in Section 3.2.2, Parameter Type, Length and be
appended to the end of the above INIT ACK chunk. In case the receiver
of the INIT ACK does not support the vendor-specific parameters
received, it MUST ignore those Value fields.

3.3.3

3.3.4 Selective Acknowledgment Acknowledgement (SACK) (00000011): (3):

This chunk is sent to the remote peer endpoint to acknowledge received DATA
chunks and to inform the remote peer endpoint of gaps in the received
subsequences of DATA chunks as represented by their TSNs.

Stewart, et al [Page 28]

Internet Draft Stream Control Transmission Protocol June 2000

The SACK MUST contain the Cumulative TSN ACK Ack and Advertised Receiver
Window Credit (a_rwnd) parameters.

By definition, the value of the Cumulative TSN ACK Ack parameter is the
last TSN received at the time the
Selective ACK is sent, before a break in the sequence of received TSNs
occurs; the next TSN value following this one has not yet been received
at the reporting end. endpoint sending the SACK. This parameter therefore acknowledges
receipt of all TSNs up less than or equal to and including the value given. its value.

The handling of the a_rwnd by the receiver of the SACK is discussed in
detail in Section 6.2.1.

The Selective ACK SACK also contains zero or more fragment reports. Gap Ack Blocks. Each
fragment report
Gap Ack Block acknowledges a subsequence of TSNs received following
a break in the sequence of received TSNs. By definition, all TSNs
acknowledged by fragment reports Gap Ack Blocks are higher greater than the value of the
Cumulative TSN ACK.

Stewart, et al [Page 22]

Internet Draft Stream Control Transmission Protocol April 2000 Ack.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 1 1|Chunk
| Type = 3 |Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cumulative TSN ACK Ack |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Advertised Receiver Window Credit (a_rwnd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Fragments Gap Ack Blocks = N | Number of Duplicate TSNs = X |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fragment Gap Ack Block #1 Start | Fragment Gap Ack Block #1 End |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ /
\ ... \
/ /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fragment Gap Ack Block #N Start | Fragment Gap Ack Block #N End |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Duplicate TSN 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ /
\ ... \
/ /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Duplicate TSN X |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Set to all zeros on transmit and ignored on receipt.

Cumulative TSN ACK: Ack: 32 bit u_int bits (unsigned integer)

This parameter contains the TSN of the last DATA chunk received in
sequence before a gap.

Stewart, et al [Page 29]

Internet Draft Stream Control Transmission Protocol June 2000

Advertised Receiver Window Credit (a_rwnd): 32 bit u_int bits (unsigned integer)

This field indicates the updated receive buffer space in octets bytes of
the sender of this SACK, see Section 6.2.1 for details.

Number of Fragments: Gap Ack Blocks: 16 bit u_int bits (unsigned integer)

Indicates the number of TSN fragments Gap Ack Blocks included in this Selective
ACK. SACK.

Number of Duplicate TSNs: 16 bit

This field contains the number of duplicate TSNs the endpoint
has received. Each duplicate TSN is listed following the fragment Gap Ack
Block list.

Fragments:

Gap Ack Blocks:

These fields contain the ack fragments. Gap Ack Blocks. They are repeated for each
fragment
Gap Ack Block up to the number of fragments Gap Ack Blocks defined in the
Number of
Fragments Gap Ack Blocks field. All DATA chunks with TSNs between the greater
than or equal to (Cumulative TSN ACK Ack + Fragment Gap Ack Block Start) and less
than or equal to (Cumulative TSN ACK Ack + Fragment Gap Ack Block End) of each fragment Gap
Ack Block are assumed to have been received correctly.

Stewart, et al [Page 23]

Internet Draft Stream Control Transmission Protocol April 2000

Fragment

Gap Ack Block Start: 16 bit u_int bits (unsigned integer)

Indicates the Start offset TSN for this fragment. Gap Ack Block. To calculate
the actual TSN number the Cumulative TSN ACK Ack is added to this
offset number to yield the TSN. number. This calculated TSN identifies the first TSN in this fragment
Gap Ack Block that has been received.

Fragment

Gap Ack Block End: 16 bit u_int bits (unsigned integer)

Indicates the End offset TSN for this fragment. Gap Ack Block. To calculate the
actual TSN number the Cumulative TSN ACK Ack is added to this
offset number to yield the TSN. number. This calculated TSN identifies the TSN of the last
DATA chunk received in this fragment.

Duplicate TSN: 32 bit u_int

Indicates a TSN that was received in duplicate. Gap Ack Block.

For example, assume the receiver has the following datagrams DATA chunks newly
arrived at the time when it decides to send a Selective ACK,

----------
| TSN=17 |
----------
| | <- still missing
----------
| TSN=15 |
----------
| TSN=14 |
----------
| | <- still missing
----------
| TSN=12 |

Stewart, et al [Page 30]

Internet Draft Stream Control Transmission Protocol June 2000

----------
| TSN=11 |
----------
| TSN=10 |
----------

then, the parameter part of the Selective ACK SACK MUST be constructed as
follows (assuming the new a_rwnd is set to 0x1234 4660 by the sender):

+---------------+--------------+

Stewart, et al [Page 24]

Internet Draft Stream Control Transmission Protocol April 2000

3.3.4
+----------------+---------------+

Duplicate TSN: 32 bits (unsigned integer)

Indicates the number of times a TSN was received in duplicate since
the last SACK was sent. Every time a receiver gets a duplicate TSN
(before sending the SACK) it adds it to the list of duplicates. The
duplicate count is re-initialized to zero after sending each SACK.

For example, if a receiver were to get the TSN 19 three times
it would list 19 twice in the outbound SACK. After sending the
SACK if it received yet one more TSN 19 it would list 19 as a
duplicate once in the next outgoing SACK.

3.3.5 Heartbeat Request (HEARTBEAT) (00000100): (4):

An endpoint should send this chunk to its peer endpoint of the current
association to probe the
reachability of a particular destination transport address defined in
the present association.

The parameter field contains the Heartbeat Information which is a
variable length opaque data structure understood only by the sender.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 0 0|
| Type = 4 | Chunk Flags | Heartbeat Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Heartbeat Information TLV (Variable-Length) /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags:

Set to zero on transmit and ignored on receipt.

Heartbeat 8 bits

Stewart, et al [Page 31]

Internet Draft Stream Control Transmission Protocol June 2000

Set to zero on transmit and ignored on receipt.

Heartbeat Length: 16 bits (unsigned integer)

Set to the size of the chunk in octets, bytes, including the chunk header
and the Heartbeat Information field.

Heartbeat Information:

defined variable length

Defined as a variable-length parameter using the format described in
Section 3.2.1, i.e.:

Variable Parameters Status Type Value
-------------------------------------------------------------
Heartbeat Info Mandatory 1

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Heartbeat Info Type=1 | HB Info Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Sender-specific Heartbeat Info /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The Sender-specific Heartbeat Info field should normally include
information about the sender's senders current time when this HEARTBEAT
message
chunk is sent and the destination transport address to which this
HEARTBEAT is sent (see Section 8.3).

Stewart, et al [Page 25]

Internet Draft Stream Control Transmission Protocol April 2000

3.3.5

3.3.6 Heartbeat Acknowledgment Acknowledgement (HEARTBEAT ACK) (00000101): (5):

An endpoint should send this chunk to its peer endpoint as a response
to a Heartbeat Request HEARTBEAT chunk (see Section 8.3). A HEARTBEAT ACK is always
sent to the source IP address of the IP datagram containing the
HEARTBEAT chunk to which this ack is responding.

The parameter field contains a variable length opaque data structure.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 0 1|
| Type = 5 | Chunk Flags | Heartbeat Ack Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Heartbeat Information TLV (Variable-Length) /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Stewart, et al [Page 32]

Internet Draft Stream Control Transmission Protocol June 2000

Set to zero on transmit and ignored on receipt.

Heartbeat Ack Length: 16 bits (unsigned integer)

Set to the size of the chunk in octets, bytes, including the chunk header
and the Heartbeat Information field.

Heartbeat Information:

The values of this variable length

This field SHALL be copied from MUST contain the Heartbeat Information field found in parameter of
the Heartbeat Request to which this Heartbeat Acknowledgment Acknowledgement is
responding.

3.3.6

Variable Parameters Status Type Value
-------------------------------------------------------------
Heartbeat Info Mandatory 1

3.3.7 Abort Association (ABORT) (00000110): (6):

The ABORT chunk is sent to the peer of an association to terminate close the
association. The ABORT chunk may contain cause parameters Cause Parameters to inform
the receiver the reason of the abort. DATA chunks MUST not NOT be bundled
with ABORT. Control chunks (except for INIT, INIT ACK and SHUTDOWN
COMPLETE) MAY be bundled with an ABORT but they MUST be placed before
the ABORT in the SCTP datagram, packet, or they will be ignored by the receiver.

If an endpoint receives an ABORT with a format error or for an
association that doesn't exist, it MUST silently discard it.
Moreover, under any circumstances, an endpoint that receives an ABORT
MUST never NOT respond to that ABORT by sending an ABORT of its own.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 1 0| Chunk Flags
| Type = 6 |Reserved |T| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ zero or more Error Causes /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Reserved: 7 bits
Set to 0 on transmit and ignored on receipt.

T bit: 1 bit
The T bit is set to 0 if the sender had a TCB that it destroyed. If
the sender did NOT have a TCB it should set this bit to 1.

Note: Special rules apply to this chunk for verification, please

Stewart, et al [Page 26] 33]

Internet Draft Stream Control Transmission Protocol April June 2000

Chunk Flags:

Set to zero on transmit and ignored on receipt.

see Section 8.5.1 for details.

Length: 16 bits (unsigned integer)

Set to the size of the chunk in octets, bytes, including the chunk header
and all the Error Cause fields present.

See Section 3.3.9 3.3.10 for Error Cause definitions.

Note: Special rules apply to the Verification Tag field of SCTP
datagrams which carry an ABORT, see Section 8.5.1 for details.

3.3.7 SHUTDOWN (00000111):

3.3.8 Shutdown Association (SHUTDOWN) (7):

An endpoint in an association MUST use this chunk to initiate a
graceful termination close of the association with its peer. This chunk has
the following format.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 1 1 1|Chunk
| Type = 7 | Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0| | Length = 8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cumulative TSN ACK Ack |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Set to zero on transmit and ignored on receipt.

Length: 16 bits (unsigned integer)
Indicates the length of the parameter. Set to 8.

Cumulative TSN ACK: Ack: 32 bit u_int bits (unsigned integer)

This parameter contains the TSN of the last chunk received in
sequence before any gaps.

Stewart, et al [Page 27]

Internet Draft Stream Control Transmission Protocol April 2000

3.3.8

Note: Since the SHUTDOWN message does not contain Gap Ack Blocks, it
cannot be used to acknowledge TSNs received out of order. In a SACK,
lack of Gap Ack Blocks that were previously included indicates that
the data receiver reneged on the associated DATA chunks. Since
SHUTDOWN does not contain Gap Ack Blocks, the receiver of the
SHUTDOWN shouldn't interpret the lack of a Gap Ack Block as a renege.
(see Section 6.2 for information on reneging)

3.3.9 Shutdown Acknowledgment Acknowledgement (SHUTDOWN ACK) (00001000): (8):

This chunk MUST be used to acknowledge the receipt of the SHUTDOWN
chunk at the completion of the shutdown process, see Section 9.2 for
details.

The SHUTDOWN ACK chunk has no parameters.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Stewart, et al [Page 34]

Internet Draft Stream Control Transmission Protocol June 2000

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 0 0|Chunk
| Type = 8 |Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| | Length = 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Set to zero on transmit and ignored on receipt.

Note: if the

3.3.10 Operation Error (ERROR) (9):

An endpoint that receives the SHUTDOWN message does not have
a TCB sends this chunk to its peer endpoint to notify it of
certain error conditions. It contains one or tag for the sender more error causes. An
Operation Error is not considered fatal in and of the SHUTDOWN, the receiver MUST still
respond. In such cases, the receiver MUST send back a stand-alone
SHUTDOWN ACK chunk in an SCTP datagram with the Verification Tag field
of the common header filled itself, but may be
used with all '0's.

3.3.9 Operation Error (ERROR) (00001001):

This an ABORT chunk is sent to the other endpoint in the association to notify
certain error conditions. It contains one or more error causes. report a fatal condition. It has the
following parameters:

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 0 1|
| Type = 9 | Chunk Flags | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ one or more Error Causes /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Set to zero on transmit and ignored on receipt.

Length: 16 bits (unsigned integer)

Set to the size of the chunk in octets, bytes, including the chunk header
and all the Error Cause fields present.

Error causes are defined as variable-length parameters using the
format described in 3.2.1, i.e.:

Stewart, et al [Page 28]

Internet Draft Stream Control Transmission Protocol April 2000

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code | Cause Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Cause-specific Information /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Cause Code: 16 bit u_int bits (unsigned integer)

Defines the type of error conditions being reported.

Cause Code
Value Cause Code

Stewart, et al [Page 35]

Internet Draft Stream Control Transmission Protocol June 2000

--------- ----------------
1 Invalid Stream Identifier
2 Missing Mandatory Parameter
3 Stale Cookie Error
4 Out of Resource
5 Unresolvable Address
6 Unrecognized Chunk Type
7 Invalid Mandatory Parameter
8 Unrecognized Parameters
9 No User Data
10 Cookie Received While Shutting Down

Cause Length: 16 bit u_int bits (unsigned integer)

Set to the size of the parameter in octets, bytes, including the Cause Code,
Cause Length, and Cause-Specific Information fields

Cause-specific Information: variable length

This field carries the details of the error condition.

Currently SCTP defines

Sections 3.3.10.1 - 3.3.10.8 define error causes for SCTP. Guidelines
for the following IETF to define new error causes: cause values are discussed in Section
13.3.

3.3.10.1 Invalid Stream Identifier (1)

Cause of error
---------------
Invalid Stream Identifier: indicating receiving Indicates endpoint received a DATA chunk
sent to a nonexistent stream.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=1 | Cause Length=8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Stream Identifier | (Reserved) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Stream Identifier: 16 bits (unsigned integer)
Contains the Stream Identifier of the DATA chunk received in
error.

Reserved: 16 bits
This field is reserved. It is set to all 0's on transmit and
Ignored on receipt.

3.3.10.2 Missing Mandatory Parameter (2)

Cause of error
---------------
Missing Mandatory Parameter: indicating Indicates that mandatory one or more

Stewart, et al [Page 36]

Internet Draft Stream Control Transmission Protocol June 2000

mandatory TLV parameters are missing in a received INIT or INIT ACK.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=2 | Cause Length=8+N*2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of missing params=N |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Missing Param Type #1 | Missing Param Type #2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Missing Param Type #N-1 | Missing Param Type #N |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Each missing

Number of Missing params: 32 bits (unsigned integer)

This field contains the number of parameters contained in the
Cause-specific Information field.

Missing Param Type: 16 bits (unsigned integer)

This field contains a mandatory parameter type should be specified.

Stewart, et al [Page 29]

Internet Draft Stream Control Transmission Protocol April 2000 that was missing in the
INIT or INIT ACK message. This field contains the complete
Parameter, including Type, Length and Value fields.

3.3.10.3 Stale Cookie Error (3)

Cause of error
--------------
Stale Cookie Error: indicating Indicates the receiving receipt of a valid cookie
which is however State Cookie
that has expired.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=3 | Cause Length=8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Measure of Staleness (usec.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Measure of Staleness: 32 bits (unsigned integer)
This field contains the difference, in microseconds, between
The current time and the time the State Cookie expired.

The sender of this error cause MAY choose to report how long past
expiration the cookie is, State Cookie is by putting including a non-zero value in the
Measure of Staleness
field the difference, in microseconds, between the current time and
the time the cookie expired. field. If the sender does not wish to provide
this information it should set the Measure of staleness Staleness field to 0. the
value of zero.

3.3.10.4 Out of Resource (4)

Cause of error
---------------
Out of Resource: indicating Indicates that the sender is out of resource. This
is usually sent in combination with or within an ABORT.

Stewart, et al [Page 37]

Internet Draft Stream Control Transmission Protocol June 2000

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=4 | Cause Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

3.3.10.5 Unresolvable Address (5)

Cause of error
---------------
Unresolvable Address: indicating Indicates that the sender is not able to
resolve the specified address parameter (e.g., type of address is
not supported by the sender). This is usually sent in combination
with or within an ABORT.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=5 | Cause Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ The Unresolvable Address /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Unresolvable Address: variable length
The parameter unresolvable address field contains the complete TLV Type, Length
and Value of the address parameter (or Host Name parameter) that
contains the unresolvable
address. address or host name.

3.3.10.6 Unrecognized Chunk Type (6)

Cause of error
---------------
Unrecognized Parameters: Chunk Type: This error cause is returned to the
originator of the INIT ACK message chunk if the receiver does not
recognize one or more Optional TLV parameters in understand
the INIT ACK chunk. chunk and the upper bit of the 'Chunk Type' is set to one.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=8 Code=6 | Cause Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ The Unrecognized Parameters Chunk /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Unrecognized Chunk: variable length

The error Unrecognized Chunk field will contain contains the unrecognized parameters copied
Chunk from the INIT ACK message SCTP packet complete with TLV. Chunk Type,
Chunk Flags and Chunk Length.

3.3.10.7 Invalid Mandatory Parameter (7)

Cause of error
---------------
Invalid Mandatory Parameter: This error cause is normally
bundled with the Cookie chunk when responding returned to the INIT ACK, when
the sender
originator of an INIT or INIT ACK chunk when one of the Cookie mandatory
parameters is set to a invalid value.

Stewart, et al [Page 38]

Internet Draft Stream Control Transmission Protocol June 2000

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=7 | Cause Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

3.3.10.8 Unrecognized Parameters (8)

Cause of error
---------------
Unrecognized Parameters: This error cause is returned to the
originator of the INIT ACK chunk if the receiver does not
recognize one or more Optional TLV parameters in the INIT ACK chunk.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=8 | Cause Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ Unrecognized Parameters /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Unrecognized Parameters: variable length
The Unrecognized Parameters field contains the unrecognized
parameters copied from the INIT ACK chunk complete with TLV. This
error cause is normally contained in an ERROR chunk bundled with
the COOKIE ECHO chunk when responding to the INIT ACK, when the
sender of the COOKIE ECHO chunk wishes to report unrecognized
parameters.

Guidelines for IETF-defined Error

3.3.10.9 No User Data (9)

Cause extensions are discussed of error
---------------
No User Data: This error cause is returned to the
originator of a DATA chunk if a received DATA chunk has no user data.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=9 | Cause Length=8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/ TSN value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

TSN value: 32 bits (+unsigned integer)
The TSN value field contains the TSN of the DATA chunk received
with no user data field.

This cause code is normally returned in an ABORT chunk
(see Section 13.3 6.2)

3.3.10.10 Cookie Received While Shutting Down (10)

Cause of this document.

3.3.10 State error
---------------

Stewart, et al [Page 39]

Internet Draft Stream Control Transmission Protocol June 2000

Cookie Received While Shutting Down: A COOKIE ECHO was received
While the endpoint was in SHUTDOWN-ACK-SENT state. This error is
usually returned in an ERROR chunk bundled with the retransmitted
SHUTDOWN ACK.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=10 | Cause Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

3.3.11 Cookie (COOKIE) (00001010): Echo (COOKIE ECHO) (10):

This chunk is used only during the initialization of an association.
It is sent by the initiator of an association to its peer to complete
the initialization process. This chunk MUST precede any DATA chunk
sent within the association, but MAY be bundled with one or more DATA
chunks in the same datagram. packet.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 1 0|Chunk
| Type = 10 |Chunk Flags | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bit

Set to zero on transmit and ignored on receipt.

Length: 16 bit u_int bits (unsigned integer)

Set to the size of the chunk in octets, bytes, including the 4 octets bytes of
the chunk header and the size of the Cookie.

Stewart, et al [Page 30]

Internet Draft Stream Control Transmission Protocol April 2000

Cookie: variable size

This field must contain the exact cookie received in the
State Cookie parameter from a the previous INIT ACK.

3.3.11

An implementation SHOULD make the cookie as small as possible
to insure interoperability.

3.3.12 Cookie Acknowledgment Acknowledgement (COOKIE ACK) (00001011): (11):

This chunk is used only during the initialization of an association.
It is used to acknowledge the receipt of a COOKIE ECHO chunk. This
chunk MUST precede any DATA or SACK chunk sent within the association,
but MAY be bundled with one or more DATA chunks or SACK chunk in the
same SCTP datagram. packet.

Stewart, et al [Page 40]

Internet Draft Stream Control Transmission Protocol June 2000

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 1 0 1 1|Chunk
| Type = 11 |Chunk Flags |0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0| | Length = 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Set to zero on transmit and ignored on receipt.

3.3.12 Payload Data (DATA) (00000000):

The following format

3.3.13 Shutdown Complete (SHUTDOWN COMPLETE) (12):

This chunk MUST be used for to acknowledge the DATA chunk: receipt of the SHUTDOWN ACK
chunk at the completion of the shutdown process, see Section 9.2 for
details.

The SHUTDOWN COMPLETE chunk has no parameters.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 0 0 0 0 0| Reserved|U|B|E| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TSN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Stream Identifier S | Stream Sequence Number n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Protocol Identifier Type = 12 |Reserved |T| Length = 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ User Data (seq n of Stream S) /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Chunk Flags: 8 bits

Reserved: 5 7 bits
should be set
Set to all '0's 0 on transmit and ignored by the receiver.

U on receipt.

T bit: 1 bit
The (U)nordered bit, if set, indicates that this is an unordered
data chunk, and there T bit is NO Stream Sequence Number assigned set to this
DATA chunk. Therefore, the receiver MUST ignore the Stream Sequence
Number field.

Stewart, et al [Page 31]

Internet Draft Stream Control Transmission Protocol April 2000

After re-assembly (if necessary), unordered data chunks MUST be
dispatched to the upper layer by the receiver without any attempt of
re-ordering.

Note, if an unordered user message is segmented, each segment of the
message MUST have its U bit set to 1.

B bit: 1 bit

The (B)eginning segment bit, if set, indicates the first segment of
a user message.

E bit: 1 bit
The (E)nding segment bit, if set, indicates the last segment of a
user message.

A non-segmented user message shall have both the B and E bits set
to 1. Setting both B and E bits to 0 indicates a middle segment of a
multi-segment user message, as summarized in the following table:

B E Description
============================================================
| 1 0 | First piece of a segmented user message |
+----------------------------------------------------------+
| 0 0 | Middle piece of a segmented user message |
+----------------------------------------------------------+
| 0 1 | Last piece of a segmented user message |
+----------------------------------------------------------+
| 1 1 | Un-segmented Message |
============================================================

Length: 16 bits (16 bit u_int)

This field indicates the length of the DATA chunk in octets. It
includes the Type field, the Reserved field, the U and B/E bits, the
Length field, TSN, the Stream Identifier, the Stream Sequence
Number, and the User Data fields. It does not include any padding.

TSN : 32 bits (32 bit u_int)

This value represents the TSN for this DATA chunk. The valid range
of TSN is from 0x0 to 0xffffffff.

Stream Identifier S: 16 bit u_int

Identifies the stream to which the following user data belongs.

Stream Sequence Number n: 16 bit u_int

This value presents the stream sequence number of the following user
data within the stream S. Valid range is 0x0 to 0xFFFF.

Note, when a user message is segmented by SCTP for transport, the
same stream sequence number MUST be carried in each of the segments of
the message.

Stewart, et al [Page 32]

Internet Draft Stream Control Transmission Protocol April 2000

Payload Protocol Identifier: 32 bits (32 bit u_int)

This value represents an application (or upper layer) specified
protocol identifier. This value is passed to SCTP by its upper layer
and sent to its peer. This identifier is not used by SCTP but may be
used by certain network entities as well as the peer application to
identify the type of information being carried in this DATA chunk.

The value 0x0 indicates no application identifier is specified by
the upper layer for this payload data.

User Data: variable length

This is the payload user data. The implementation MUST pad the end
of the data to a 32 bit boundary with 0 octets. Any padding MUST
NOT be included in the length field.

3.4 Vendor-Specific Chunk Extensions

This Chunk type is available to allow vendors to support their own
extended data formats not defined by the IETF. It MUST not affect the
operation of SCTP. In particular, when adding a Vendor Specific chunk
type, the vendor defined chunks MUST obey the congestion avoidance
rules defined in this document if they carry user data. User data is
defined as any data transported over the association that is delivered
to the upper layer of the receiver.

Endpoints not equipped to interpret the vendor-specific chunk sent by
a remote endpoint MUST ignore it. Endpoints that do not receive
desired vendor specific information SHOULD make an attempt to operate
without it, although they may do so (and report they are doing so) in
a degraded mode.

A summary of the Vendor-Specific Chunk format is shown below. The
fields are transmitted from left to right.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Flags | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-Id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type: 8 bit u_int

0xFE for all Vendor-Specific chunks.

Stewart, et al [Page 33]

Internet Draft Stream Control Transmission Protocol April 2000

Flags: 8 bit u_int

Vendor specific flags.

Length: 16 bit u_int

Size of this Vendor-Specific chunks in octets, including the Type,
Flags, Length, Vendor-Id, and Value fields.

Vendor-Id: 32 bit u_int

The high-order octet is 0 and the low-order 3 octets are the SMI
Network Management Private Enterprise Code of the Vendor in
network byte order, as defined in the Assigned Numbers (RFC 1700).

Value: Variable length

The Value field is one or more octets. The actual format of if the
information is site or application specific, and sender had a robust
implementation SHOULD support the field as undistinguished
octets.

The codification of TCB that it destroyed. If
the range of allowed usage of sender did NOT have a TCB it should set this field is
outside the scope of bit to 1.

Note: Special rules apply to this specification. chunk for verification, please
see Section 8.5.1 for details.

4. SCTP Association State Diagram

During the lifetime of an SCTP association, the SCTP endpoints association
progress from one state to another in response to various events. The
events that may potentially advance an endpoint's association's state include:

o SCTP user primitive calls, e.g., [ASSOCIATE], [TERMINATE], [SHUTDOWN], [ABORT],

o reception Reception of INIT, COOKIE, COOKIE ECHO, ABORT, SHUTDOWN, etc. control
chunks, or

o some Some timeout events.

Stewart, et al [Page 41]

Internet Draft Stream Control Transmission Protocol June 2000

The state diagram in the figures below illustrates state changes,
together with the causing events and resulting actions. Note that some
of the error conditions are not shown in the state diagram. Full
description of all special cases should be found in the text.

Note, chunk

Note: Chunk names are given in all capital letters, while parameter
names have the first letter capitalized, e.g., COOKIE ECHO chunk type
vs. State Cookie parameter.

Stewart, et al [Page 34]

Internet Draft Stream Control Transmission Protocol April 2000 If more than one event/message can occur
which causes a state transition it is labeled (A), (B) etc.

----- -------- (frm any state)
/ \ / rcv ABORT [ABORT]
rcv INIT | | | ---------- or ----------
--------------- | v v delete TCB snd ABORT
generate Cookie \ +---------+ delete TCB
snd INIT.ACK INIT ACK ---| CLOSED |
+---------+
/ \ [ASSOCIATE]
/ \ ---------------
| | create TCB
| | snd INIT
| | strt init timer
rcv valid | |
COOKIE ECHO | v
(1) ---------------- | +------------+
create TCB | | COOKIE_WAIT| COOKIE-WAIT| (2)
snd COOKIE.ACK COOKIE ACK | +------------+
| |
| | rcv INIT.ACK INIT ACK
| | -----------------
| | snd COOKIE ECHO
| | stop init timer
| | strt cookie timer
| v
| +------------+ +--------------+
| | COOKIE_SENT| COOKIE-ECHOED| (3)
| +------------+ +--------------+
| |
| | rcv COOKIE.ACK COOKIE ACK
| | -----------------
| | stop cookie timer
v v
+---------------+
| ESTABLISHED |
+---------------+

(from the ESTABLISHED state only)
|
|
/--------+--------\
[TERMINATE]
[SHUTDOWN] / \
----------------- |
-------------------| |
check outstanding | |
data

Stewart, et al [Page 42]

Internet Draft Stream Control Transmission Protocol June 2000

DATA chunks | |
v |
+---------+ |
|SHUTDOWN |
|SHUTDOWN-| | rcv SHUTDOWN SHUTDOWN/check
|PENDING | | ---------------- outstanding DATA
+---------+ | x
| chunks
| |------------------
No more outstanding | |
------------------- |
---------------------| |
snd SHUTDOWN | |
strt shutdown timer | |
v v

Stewart, et al [Page 35]

Internet Draft Stream Control Transmission Protocol April 2000
+---------+ +-----------+
(4) |SHUTDOWN | |SHUTDOWN-| | SHUTDOWN SHUTDOWN- | (5) (5,6)
|SENT | | RECEIVED |
+---------+ +-----------+
| \ |
(A) rcv SHUTDOWN.ACK SHUTDOWN ACK | \ |
----------------------| \ |
stop shutdown timer | \rcv:SHUTDOWN |
send SHUTDOWN COMPLETE| \ (B) |
delete TCB | \ |
| \ | No more outstanding
| \ |-----------------
| \ | send SHUTDOWN ACK
(B)rcv SHUTDOWN | \ | strt shutdown timer
----------------------| \ |
send SHUTDOWN ACK | \ |
start shutdown timer | \ |
move to SHUTDOWN- | \ |
ACK-SENT | | |
| v | x
-------------------
| +-----------+
| | SHUTDOWN- | (7)
| | ACK-SENT |
| +-----------+
| | (C)rcv SHUTDOWN COMPLETE
| |-----------------
| | stop shutdown timer
| | retransmit missing DATA delete TCB
| |
| | (D)rcv SHUTDOWN ACK
| |--------------
| | stop shutdown timer
| | send SHUTDOWN.ACK SHUTDOWN COMPLETE
| | delete TCB
| |
\ +---------+ /
\-->| CLOSED |<--/
+---------+

Note:

Figure 3: State Transition Diagram of SCTP

Notes:

Stewart, et al [Page 43]

Internet Draft Stream Control Transmission Protocol June 2000

(1) If the State Cookie in the received COOKIE ECHO is invalid (i.e.,
failed to pass the
authentication integrity check), the receiver MUST silently
discard the
datagram. packet. Or, if the received COOKIE State Cookie is expired
(see Section 5.1.5), the receiver SHALL MUST send back an ERROR chunk.
In either case, the receiver stays in the CLOSED state.

(2) If the init T1-init timer expires, the endpoint SHALL MUST retransmit INIT
and re-start the init T1-init timer without changing state. This SHALL MUST be
repeated up to 'Max.Init.Retransmits' times. After that, the
endpoint SHALL MUST abort the initialization process and report the
error to SCTP user.

(3) If the T1-cookie timer expires, the endpoint SHALL MUST retransmit
COOKIE ECHO and re-start the T1-cookie timer without changing
state. This SHALL MUST be repeated up to 'Max.Init.Retransmits'
times. After that, the endpoint SHALL MUST abort the initialization
process and report the error to SCTP user.

(4) In SHUTDOWN-SENT state the endpoint SHALL MUST acknowledge any received
DATA chunks without delay delay.

(5) In SHUTDOWN-RECEIVED state, the endpoint MUST NOT accept any new
send request from its SCTP user.

(6) In SHUTDOWN-RECEIVED state, the endpoint MUST transmit or retransmit
data and leave this state when all data inqueue is transmitted.

(7 In SHUTDOWN-ACK-SENT state, the endpoint MUST NOT accept any new
send request from its SCTP user.

The CLOSED state is used to indicate that an association is not
created (i.e., doesn't exist).

5. Association Initialization

Before the first data transmission can take place from one SCTP
endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints must
complete an initialization process in order to set up an SCTP
association between them.

The SCTP user at an endpoint should use the ASSOCIATE primitive to
initialize an SCTP association to another SCTP endpoint.

Stewart, et al [Page 36]

Internet Draft Stream Control Transmission Protocol April 2000

IMPLEMENTATION NOTE: From an SCTP-user's point of view, an
association may be implicitly opened, without an ASSOCIATE primitive
(see 10.1 B) being invoked, by the initiating endpoint's sending of
the first user data to the destination endpoint. The initiating SCTP
will assume default values for all mandatory and optional parameters
for the INIT/INIT ACK.

Once the association is established, unidirectional streams will be are
open for data transfer on both ends (see Section 5.1.1).

Stewart, et al [Page 44]

Internet Draft Stream Control Transmission Protocol June 2000

5.1 Normal Establishment of an Association

The initialization process consists of the following steps (assuming
that SCTP endpoint "A" tries to set up an association with SCTP
endpoint "Z" and "Z" accepts the new association):

A) "A" shall first send sends an INIT message chunk to "Z". In the INIT, "A" must
provide its security tag "Tag_A" Verification Tag (Tag_A) in the Initiate Tag field.
Tag_A SHOULD be a random number in the range of 0x1 1 to 0xffffffff 4294967295
(see 5.3.1 for Tag value selection). After sending the INIT, "A"
starts the T1-init timer and enters the COOKIE-WAIT state.

B) "Z" shall respond immediately with an INIT ACK message. chunk. The
destination IP address of the INIT ACK MUST be set to the source
IP address of the INIT to which this INIT ACK is responding. In
the
message, response, besides filling in other parameters, "Z" must set the
Verification Tag field to Tag_A, and also provide its own security
tag "Tag_Z"
Verification Tag (Tag_Z) in the Initiate Tag field.

Moreover, "Z" MUST generate and send along with the INIT ACK an a
State Cookie. See Section 5.1.3 for State Cookie generation.

Note: after After sending out INIT ACK with the cookie, State Cookie parameter,
"Z" MUST not NOT allocate any resources, nor keep any states for the new
association. Otherwise, "Z" will be vulnerable to resource attacks.

C) Upon reception of the INIT ACK from "Z", "A" shall stop the T1-init
timer and leave COOKIE-WAIT state. "A" shall then send the cookie State
Cookie received in the INIT ACK message chunk in a cookie COOKIE ECHO chunk, start
the T1-cookie timer, and enter the COOKIE-SENT COOKIE-ECHOED state.

Note, the cookie

Note: The COOKIE ECHO chunk can be bundled with any pending outbound
DATA chunks, but it MUST be the first chunk in the datagram AND packet and
until the COOKIE ACK is returned the sender MUST NOT send any
other datagrams packets to the peer.

D) Upon reception of the COOKIE ECHO chunk, Endpoint "Z" will reply
with a COOKIE ACK chunk after building a TCB and marking itself moving to
the ESTABLISHED state. A COOKIE ACK chunk may be combined bundled with
any pending DATA chunks (and/or SACK chunks), but the COOKIE ACK
chunk MUST be the first chunk in the datagram. packet.

IMPLEMENTATION NOTE: an An implementation may choose to send the
Communication Up notification to the SCTP user upon reception
of a valid COOKIE.

Stewart, et al [Page 37]

Internet Draft Stream Control Transmission Protocol April 2000 COOKIE ECHO chunk.

E) Upon reception of the COOKIE ACK, endpoint "A" will move from the
COOKIE-SENT
COOKIE-ECHOED state to the ESTABLISHED state, stopping the T1-cookie
timer, and it
timer. It may also notify its ULP about the successful
establishment of the associate association with a Communication Up
notification (see Section 10).

Note: A DATA

An INIT or INIT ACK chunk MUST NOT be carried bundled with any other chunk.

Stewart, et al [Page 45]

Internet Draft Stream Control Transmission Protocol June 2000

They MUST be the only chunks present in the SCTP packets that carry
them.

IMPLEMENTATION NOTE: In some cases (e.g., when the implementation
doesn't control the source IP address that is used for transmitting),
an endpoint might need to include in its INIT or INIT ACK message. all possible
IP addresses from which packets to the peer could be transmitted.

An endpoint MUST send the INIT ACK to the IP address from which it
received the INIT.

Note: T1-init timer and T1-cookie timer shall follow the same rules
given in Section 6.3.

Note: if

If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but
decides not to establish the new association due to missing mandatory
parameters in the received INIT or INIT ACK, invalid parameter values,
or,
or lack of local resources, it SHALL MUST respond with an ABORT chunk. It
SHOULD also specify the cause of abort, such as the type of the
missing mandatory parameters, etc., by either including the error cause
parameters or bundling with the ABORT one or more Operational ERROR
chunks. chunk. The Verification Tag field in the
common header of the outbound abort datagram SCTP packet containing the ABORT chunk
MUST be set to equal the Initiate Tag value of the peer.

Note:

After the reception of the first data DATA chunk in an association
the receiver endpoint MUST immediately respond with a SACK to acknowledge
the data chunk, subsequent acknowledgments DATA chunk. Subsequent acknowledgements should be done as
described in section Section 6.2.

Note:

When an SCTP endpoint sends an INIT or INIT ACK it SHOULD
include all of its transport addresses in the parameter section. This
is because it may NOT be possible to control the "sending" address
that a receiver of an SCTP datagram sees. A receiver thus MUST know
every address that may be a source address for a peer SCTP endpoint,
this assures that the inbound SCTP datagram can be matched to the
proper association.

Note: At the time when the TCB is created, either end each endpoint MUST set its internal cumulative Cumulative
TSN acknowledgment point Ack Point to the value of its peer's transmitted Initial TSN minus one.

IMPLEMENTATION Note: NOTE: The IP address addresses and SCTP port(s) port are generally
used as the key to find the TCB within an SCTP instance.

5.1.1 Handle Stream Parameters

In the INIT and INIT ACK messages, chunks, the sender of the message chunk shall
indicate the number of outbound streams (OS) it wishes to have in the
association, as well as the maximal maximum inbound streams (MIS) it will
accept from the other endpoint.

After receiving these the stream configuration information from the other
side, each endpoint shall perform the following check: if If the peer's
MIS is less than the endpoint's OS, meaning that the peer is incapable
of supporting all the outbound streams the endpoint wants to
configure, the endpoint MUST either settle with use MIS outbound streams,
or abort the association and report to its upper layer the resources
shortage at its peer.

Stewart, et al [Page 38]

Internet Draft Stream Control Transmission Protocol April 2000

After the association is initialized, the valid outbound stream
identifier range for either endpoint shall be 0 to
min(local OS, remote MIS)-1.

Stewart, et al [Page 46]

Internet Draft Stream Control Transmission Protocol June 2000

5.1.2 Handle Address Parameters

During the association initialization, an endpoint shall use the
following rules to discover and collect the destination transport
address(es) of its peer.

A) If there are no address parameters present in the received INIT
or INIT ACK message, chunk, the receiver endpoint shall take the source IP address
from which the message chunk arrives and record it, in combination with
the SCTP source port number, as the only destination transport
address for this peer.

B) If there is a Host Name parameter present in the received INIT or
INIT ACK message, chunk, the receiver endpoint shall resolve that host name to a
list of IP address(es) and derive the transport address(es) of this
peer by combining the resolved IP address(es) with the SCTP source
port.

Note: the receiver

The endpoint MUST ignore any other IP address parameters if
they are also present in the received INIT or INIT ACK message.

Note: when chunk.

The time at which the receiver of an INIT resolves the host
name may have has potential security implications to SCTP. If the receiver of
an INIT resolves the host name upon the reception of the message, chunk, and
the mechanism the receiver uses to resolve the host name involves
potential long delay (e.g. DNS query), the receiver may open itself
up to resource attacks for the period of time while it is waiting for
the name resolution results before it can build the cookie State Cookie and
release local resource. resources.

Therefore, in cases where the name translation involves potential
long delay, the receiver of the INIT SHOULD MUST postpone the name
resolution till the reception of the COOKIE message ECHO chunk from the
peer. In such a case, the receiver of the INIT SHOULD build the
cookie
State Cookie using the received Host Name (instead of destination
transport addresses) and send the INIT ACK to the source IP
address from where which the INIT is was received.

The receiver of an INIT ACK shall always immediately attempt to
resolve the name upon the reception of the message. chunk.

The receiver of the INIT or INIT ACK MUST NOT send user data
(piggy-backed or stand-alone) to its peer until the host name is
successfully resolved.

If the name resolution is not successful, the endpoint SHALL MUST
immediately send an ABORT with Unresolvable Address "Unresolvable Address" error cause to
its peer. The ABORT shall be sent to the source IP address from where which
the last peer message packet was received.

C) If there are only IPv4/IPv6 addresses present in the received

Stewart, et al [Page 47]

Internet Draft Stream Control Transmission Protocol June 2000

INIT or INIT ACK message, chunk, the receiver shall derive and record all
the transport address(es) from the received message. chunk AND the
source IP address that sent the INIT or INIT ACK. The transport
address(es) are derived by the combination of SCTP source port (from
the common header) and the IP address parameter(s) carried in the
INIT or INIT ACK message. chunk and the source IP address of the IP datagram.
The receiver should use only these transport addresses as
destination transport addresses when sending subsequent datagrams packets
to its peer.

After all transport addresses are derived from the INIT or INIT ACK
message
chunk using the above rules, the endpoint shall select one of the
transport addresses as the initial primary destination transport
address. path.

Note: The INIT-ACK MUST be sent to the source address of the INIT.

The sender of INIT may include a 'Supported Address Types'
parameter in the INIT to indicate what types of address are
acceptable. When this parameter is present, the receiver of INIT
(initiatee) SHALL MUST either use one of the address types indicated in the
'Supported
Supported Address Types' Types parameter when responding to the INIT, or
abort the association with an Unresolvable Address "Unresolvable Address" error cause if it
is unwilling or incapable of using any of the address types indicated
by its peer.

IMPLEMENTATION NOTE: In the case that the receiver of an INIT ACK
fails to resolve the address parameter due to an unsupported type,
it can abort the initiation process and then attempt a re-initiation
by using a 'Supported Address Types' parameter in the new INIT to
indicate what types of address it prefers.

5.1.3 Generating State Cookie

When sending an INIT ACK as a response to an INIT message, chunk, the sender
of INIT ACK should create an creates a State Cookie and send sends it as part in the State Cookie
parameter of the INIT ACK. Inside this State Cookie, the sender should
include a ICV
security signature or MAC (message Authentication code) [4], (see [RFC2104] for an example), a time stamp on when the cookie
State Cookie is created, and the lifespan of the cookie, State Cookie, along
with all the information necessary for it to establish the association.

The following steps SHOULD be taken to generate the cookie: State Cookie:

1) create Create an association TCB using information from both the received
INIT and the outgoing INIT ACK messages, chunk,

2) in In the TCB, set the creation time to the current time of day, and
the lifespan to the protocol parameter 'Valid.Cookie.Life',

3) Generate a MAC signature using the TCB and a Private Key secret key (see [4] [RFC2104] for
details on an
example of generating the a MAC), and

Stewart, et al [Page 39]

Internet Draft Stream Control Transmission Protocol April 2000

4) generate Generate the State Cookie by combining the smallest amount of
information needed to generate a TCB and the resultant ICV signature. MAC.

Stewart, et al [Page 48]

Internet Draft Stream Control Transmission Protocol June 2000

After sending the INIT ACK with the cookie, State Cookie parameter, the sender
SHOULD delete the TCB and any other local resource related to the new
association, so as to prevent resource attacks.

The ICV and hashing method used to generate the MAC is strictly a
private matter for the receiver of the INIT message. chunk. The use of a MAC
is mandatory to prevent denial of service attacks. The Private Key
MUST secret key
SHOULD be random per RFC1750 [1]; ([RFC1750] provides some information on randomness
guidelines); it SHOULD be changed reasonably frequently, and the
timestamp in the cookie State Cookie MAY be used to determine which key should
be used to verify the MAC.

An implementation SHOULD make the cookie as small as possible to
insure interoperability.

5.1.4 State Cookie Processing

When an endpoint receives an INIT ACK chunk with a State Cookie
parameter, it MUST immediately send a COOKIE ECHO chunk to its peer
with the received cookie. State Cookie. The sender MAY also add any pending
DATA chunks to the message. packet after the COOKIE ECHO chunk.

The sender endpoint shall also start the T1-cookie timer after sending out the
COOKIE ECHO chunk. If the timer expires, the sender endpoint shall retransmit
the COOKIE ECHO chunk and restart the T1-cookie timer. This is repeated
until either a COOKIE ACK is received or 'Max.Init.Retransmits' is
reached causing the peer endpoint to be marked unreachable (and thus
the association enters the CLOSED state).

5.1.5 State Cookie Authentication

When an endpoint receives a COOKIE ECHO chunk from another endpoint
with which it has no association, it shall take the following actions:

1) compute Compute a MAC signature using the TCB data carried in the cookie State
Cookie and the Private Key secret key (note the timestamp in the cookie State Cookie
MAY be used to determine which Private Key secret key to use) reference [4] SHOULD use). Reference
[RFC2104] can be used has as a guideline for generating the MAC,

2) authenticate Authenticate the cookie State Cookie as one that it previously generated by
comparing the computed MAC signature against the one carried in the
cookie.
State Cookie. If this comparison fails, the datagram, SCTP packet, including
the
COOKIE and the attached user data, COOKIE ECHO and any DATA chunks, should be silently discarded,

3) compare Compare the creation time stamp timestamp in the cookie State Cookie to the current
local
time, if time. If the elapsed time is longer than the lifespan carried
in the cookie, State Cookie, then the datagram, packet, including the COOKIE ECHO and the
any attached user data, DATA chunks, SHOULD be discarded and the endpoint MUST
transmit an ERROR chunk with a stale cookie operational "Stale Cookie" error cause to the sending
peer endpoint,

4) if If the cookie State Cookie is valid, create an association to the sender of

Stewart, et al [Page 49]

Internet Draft Stream Control Transmission Protocol June 2000

the COOKIE message ECHO chunk with the information in the TCB data carried
in the
COOKIE, COOKIE ECHO, and enter the ESTABLISHED state,

5) immediately acknowledge any DATA chunk in the datagram with a SACK
(subsequent datagram acknowledgment should follow the rules defined
in Section 6.2), and,

Stewart, et al [Page 40]

Internet Draft Stream Control Transmission Protocol April 2000

6) send Send a COOKIE ACK chunk to the sender peer acknowledging reception of
the cookie. COOKIE ECHO. The COOKIE ACK MAY be piggy-backed bundled with any an outbound
DATA chunk or SACK chunk.

Note that chunk; however, the COOKIE ACK MUST be the first
chunk in the SCTP packet.

6) Immediately acknowledge any DATA chunk bundled with the COOKIE ECHO
with a SACK (subsequent DATA chunk acknowledgement should follow the
rules defined in Section 6.2). As mentioned in step 5), if the SACK
is bundled with the COOKIE ACK, the COOKIE ACK MUST appear first in
the SCTP packet.

If a COOKIE ECHO is received from an endpoint with which the
receiver of the COOKIE ECHO has an existing association, the procedures
in
section Section 5.2 should be followed.

5.1.6 An Example of Normal Association Establishment

In the following example, "A" initiates the association and then sends
a user message to "Z", then "Z" sends two user messages to "A" later
(assuming no bundling or segmentation fragmentation occurs):

Endpoint A Endpoint Z
x
{app sets association with Z}
(build TCB)
INIT [INIT Tag=Tag_A [I-Tag=Tag_A
& other info] --------\
(Start T1-init timer) \
(Enter COOKIE-WAIT state) \---> (compose temp TCB and Cookie_Z)

/--- INIT ACK [Veri Tag=Tag_A,
/ INIT Tag=Tag_Z, I-Tag=Tag_Z,
(Cancel T1-init timer) <------/ Cookie_Z, & other info]
(destroy temp TCB)
COOKIE ECHO [Cookie_Z] -----------\ ------\
(Start T1-init timer) \
(Enter COOKIE-SENT COOKIE-ECHOED state) \---> (build TCB enter ESTABLISHED
state)

/---- COOKIE-ACK
/
(Cancel T1-init timer, <-----/
Enter established ESTABLISHED state)
...
{app sends 1st user data; strm 0}
DATA [TSN=initial TSN_A
Strm=0,Seq=1 & user data]--\
(Start T3-rxt T3-rtx timer) \
\->

/----- SACK [TSN ACK=init TSN_A,Frag=0]
(Cancel T3-rxt timer) <------/
...

Stewart, et al [Page 41] 50]

Internet Draft Stream Control Transmission Protocol April June 2000

/----- SACK [TSN Ack=init TSN_A,Block=0]
(Cancel T3-rtx timer) <------/
...

...
{app sends 2 datagrams;strm messages;strm 0}
/---- DATA
/ [TSN=init TSN_Z
<--/ Strm=0,Seq=1 & user data 1]
SACK [TSN ACK=init Ack=init TSN_Z, /---- DATA
Frag=0]
Block=0] --------\ / [TSN=init TSN_Z +1,
\/ Strm=0,Seq=2 & user data 2]
<------/\
\
\------>

Note that

Figure 4: INITiation Example

If the T1-init timer expires at "A" after the INIT or COOKIE ECHO
chunks are sent, the same INIT or cookie COOKIE ECHO chunk with the same
Initiate Tag (i.e., Tag_A) or cookie State Cookie shall be retransmitted and
the timer restarted. This shall be repeated Max.Init.Retransmits times
before "A" considers "Z" unreachable and reports the failure to its
upper layer (and thus the association enters the CLOSED state). When
retransmitting the INIT, the endpoint SHALL following MUST follow the rules
defined in 6.3 to determine the proper timer value.

5.2 Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE, COOKIE ECHO, and
COOKIE ACK

During the life time lifetime of an association (in one of the possible
states), an endpoint may receive from its peer endpoint one of the
setup chunks (INIT, INIT ACK, COOKIE, COOKIE ECHO, and COOKIE ACK). The
receiver shall treat such a setup chuck chunk as a duplicate and process it
as described in this section.
Note: An endpoint will not receive the chunk unless the chunk was
sent to a SCTP transport address and is from a SCTP transport address
associated with this endpoint. Therefore, the endpoint processes
such a chunk as part of its current association.

The following scenarios can cause duplicated or unexpected chunks:

A) The peer has crashed without being detected, and re-started
itself and sent out a new INIT Chunk chunk trying to restore the
association,

B) Both sides are trying to initialize the association at about the
same time,

C) The chunk is from a staled datagram stale packet that was used to establish
the present association or a past association which that is no
longer in existence,

Stewart, et al [Page 51]

Internet Draft Stream Control Transmission Protocol June 2000

D) The chunk is a false message packet generated by an attacker, or

E) The peer never received the COOKIE ACK and is retransmitting its
COOKIE.

In case A), the endpoint shall reset the present association and set a
new association with its peer. Case B) is unique and is discussed in
Section 5.2.1. However, in cases C), D) and E), the endpoint must retain
the present association.
COOKIE ECHO.

The rules in the following sections shall be applied in order to
identify and correctly handle these cases.

Stewart, et al [Page 42]

Internet Draft Stream Control Transmission Protocol April 2000

5.2.1 Handle Duplicate INIT received in COOKIE-WAIT or COOKIE-SENT COOKIE-ECHOED State (Item B)

This usually indicates an initialization collision, i.e., both
endpoints are attempting each
endpoint is attempting, at about the same time time, to establish an
association with the other endpoint.

In such a case, each

Upon receipt of an INIT in the two side shall COOKIE-WAIT or COOKIE-ECHOED state, an
endpoint MUST respond to the other side with an INIT ACK, with the Verification Tag field of the common header
set to the tag value received from the INIT message, and ACK using the Initiate
Tag field set to its own tag value (the same tag used parameters it
sent in its original INIT chunk (including its Verification Tag,
unchanged). These original parameters are combined with those from the
newly received INIT
message sent out by itself). Each responder chunk. The endpoint shall also generate a
cookie State
Cookie with the INIT ACK. The endpoint uses the parameters sent in its
INIT to calculate the State Cookie.

After that, no other actions shall be taken by either side, i.e., the endpoint shall MUST not change its state, and the T1-init
timer shall be left running. running and the corresponding TCB MUST NOT be
destroyed. The normal procedures for handling cookies State Cookies when
a TCB exists will resolve the duplicate INITs to a single association.

5.2.2 Handle Duplicate Unexpected INIT in Other States

Upon Other than CLOSED, COOKIE-ECHOED and
COOKIE-WAIT

Unless otherwise stated, upon reception of an unexpected INIT for this
association, the duplicated INIT, the receiver endpoint shall generate an INIT ACK with an a State
Cookie. In the outbound INIT ACK, the endpoint shall set the Verification Tag
field in the common header to the peer's new tag value (from the
duplicated INIT message), and ACK the Initiate Tag field to endpoint MUST copy its own current
Verification Tag and Peers Verification tag
value (unchanged from into a reserved place
within the existing association). The included
State Cookie state cookie. We shall be generated using refer to these locations as the current time
Peers-Tie-Tag and a
temporary TCB constructed with the information provided in the
duplicated Local-Tie-Tag. The INIT message (see Section 5.1.3). This temporary TCB ACK MUST contain a new
Verification Tag (randomly generated see Section 5.3.1). Other
parameters for the endpoint SHOULD be destroyed after copied from the existing
parameters of the association (e.g. number of outbound streams) into
the INIT ACK is built. and cookie.

After sending out the INIT ACK, the endpoint shall take no further
actions, i.e., the existing association, including its current state,
and the corresponding TCB MUST not NOT be changed.

Note: Only when a TCB exists and the association is NOT in a
COOKIE-ECHOED or COOKIE-WAIT state are the Tie-Tags populated. For a
normal association INIT (i.e. the endpoint ARE in a COOKIE-ECHOED or
COOKIE-WAIT state), the Tie-Tags MUST be set to 0 (indicating that no
previous TCB existed). The INIT ACK and State Cookie are populated
as specified in section 5.2.1.

Stewart, et al [Page 52]

Internet Draft Stream Control Transmission Protocol June 2000

5.2.3 Handle Duplicate Unexpected INIT ACK

If an INIT ACK is received by an endpoint in any state
other than the COOKIE-WAIT state, the endpoint should discard
the INIT ACK message. A duplicate chunk. An unexpected INIT ACK usually indicates the
processing of an old INIT or duplicated INIT message. chunk.

5.2.4 Handle Duplicate Cookie a COOKIE ECHO when a TCB exists

When a duplicated COOKIE ECHO chunk is received by an endpoint in any state for an
existing association (i.e., not in the CLOSED state) the following
rules shall be applied:

1) compute Compute a MAC signature using the TCB data carried as described in the cookie
along with the receiver's private security key,

Stewart, et al [Page 43]

Internet Draft Stream Control Transmission Protocol April 2000 Step 1 of Section 5.1.5,

2) authenticate the cookie by comparing the computed MAC signature
against Authenticate the one carried State Cookie as described in the cookie. If this comparison fails,
the datagram, including the COOKIE and the attached user data,
should be silently discarded Step 2 of Section
5.1.5 (this is case C or D above).

3) compare Compare the timestamp in the cookie State Cookie to the current time, if time. If
the cookie State Cookie is older than the lifespan carried in the cookie, State
Cookie and the datagram, Verification Tags contained in the State Cookie do
not match the current association's Verification Tags, the packet,
including the COOKIE ECHO and the attached user data, any DATA chunks, should be discarded and the discarded.
The endpoint also MUST transmit an ERROR chunk with a stale cookie "Stale Cookie"
error cause to the sending peer endpoint only if the Verification tags of the
cookie's TCB does NOT match the current tag values in the association (this is case C or D above).

If both Verification tags do Tags in the State Cookie match the Verification
Tags of the current association, consider the cookie State Cookie valid
(this is case E). E) even if the lifespan is exceeded.

4) If the cookie State Cookie proves to be valid, unpack the TCB into a
temporary TCB.

5) If the Verification Tags in the Temporary TCB matches match the
Verification Tags in the existing TCB, the cookie State Cookie is a
duplicate cookie. A cookie ack COOKIE ACK should be sent to the peer
endpoint but NO no update should be made to the existing
TCB.

6) If the
TCB (only the local Verification Tag in the temporary TCB
does not match needs to be compared if
the local peer's Verification Tag in the existing
TCB, then the cookie is an old stale cookie and does not correspond to the existing association (case C above). yet available).

The datagram should be silently discarded.

7) endpoint doesn't leave the current state and all timers
remain running.

6) If either of the peer's Verification Tags do NOT match, refer to the following
table to determine the correct action to be taken.

+------------+------------+---------------+--------------+-------------+
| Local Tag | Peers Tag | Local-Tie-Tag | Peers-Tie-Tag| Action/ |
| | | | | Description |
+------------+------------+---------------+--------------+-------------+
| X | X | M | M | (A) |
+------------+------------+---------------+--------------+-------------+
| X | M | M | M | (B) |

Stewart, et al [Page 53]

Internet Draft Stream Control Transmission Protocol June 2000

+------------+------------+---------------+--------------+-------------+
| X | M | M | X | (C) |
+------------+------------+---------------+--------------+-------------+
| M | X | X | M | (D) |
+------------+------------+---------------+--------------+-------------+
| M | X | M | M | (E) |
+------------+------------+---------------+--------------+-------------+
| X | X | X | X | (F) |
+======================================================================+
| Table 2: Handling of a Cookie when a TCB exists |
+======================================================================+

Legend:
X - Tag in the temporary TCB does not match the peer's Verification existing TCB
M - Tag in matches the existing TCB,
then a restart of TCB.

Actions

(A)In this case, the peer has occurred (case A above).
In such a case, may have restarted. When the endpoint should report
recognizes this potential 'restart', the restart to its ULP
and respond existing session is
treated the peer with same as if it received an ABORT followed by a COOKIE ACK message. It shall also
update the Verification Tag, initial TSN, and the destination
address list of the existing TCB new
Cookie Echo with the information from the
temporary TCB. After that the temporary TCB can following exceptions:

- Any SCTP Data Chunks MAY be discarded.

Furthermore, all retained (this is an implementation
specific option).

- A notification of RESTART SHOULD be sent to the ULP instead
of a "COMMUNICATION LOST" notification.

All the congestion control parameters (e.g., cwnd, ssthresh) related
to this peer shall MUST be reset to their initial values (see Section
6.2.1).

IMPLEMENTATION NOTE: It

After this the endpoint shall enter the ESTABLISHED state.

If the endpoint is in the SHUTDOWN-ACK-SENT state and recognizes
the peer has restarted (Action A), it MUST NOT setup a new
association but instead resend the SHUTDOWN ACK and send an implementation decision on how ERROR
chunk with a "Cookie Received while Shutting Down" error cause to handle any pending datagrams. The implementation
its peer.

(B)In this case, both sides may elect be attempting to either A) start an
association at about the same time but the INIT-Ack of one side
was lost, and the other side completed the INIT sequence.
In this case, the endpoint MUST update the Local Verification
Tag from the Cookie, stay in or move to the Established State,
stop any init or cookie timers that may be running and
send all messages back a Cookie Ack.

(C)In this case, a software error may have occurred in the peer. The
peer changed its Verification Tag while it was in the Cookie Sent
state. The endpoint MAY stay in or move to the Established state,
but it must stop any init or cookie timers that may be running,

Stewart, et al [Page 54]

Internet Draft Stream Control Transmission Protocol June 2000

update its upper layer with Verification Tag from the
restart report, Cookie and send a
Cookie Ack.

(D)In this case, a software error may have occurred in the local
endpoint. The Verification Tag has been changed when in
the COOKIE-ECHOED state. The endpoint MAY stay in or B) automatically re-queue enter the
Established state but it MUST update its peers Verification
Tag from the Cookie, stop any datagrams
pending by marking all of them as never-sent init or cookie timers that may
be running and assigning
new TSN's send a Cookie Ack.

(E)In this case, both sides may be attempting to start an
association at about the same time but the peer endpoint
started its INIT after responding to the local endpoints
INIT. Thus it picked a new Verification Tag not being aware
of their initial transmissions based upon the updated starting TSN (as defined previous Tag it had sent this endpoint. The endpoint
should stay in section 5). or enter the Established state but it MUST update
its peers Verification Tag from the Cookie, stop any init
or cookie timers that may running and send a Cookie Ack.

(F)In this case, an invalid cookie has been sent. The Cookie
MUST be silently discarded.

Note: The "peer's Verification Tag" is the tag received in the
Initiate Tag field of the INIT or INIT ACK chunk.

Stewart, et al [Page 44]

Internet Draft Stream Control Transmission Protocol April 2000

5.2.5 Handle Duplicate COOKIE-ACK.

At any state other than COOKIE-SENT, COOKIE-ECHOED, an endpoint may receive should silently
discard a
duplicated received COOKIE ACK chunk. If so, the chunk should be silently
discarded.

5.2.6 Handle Stale COOKIE Error

A stale cookie COOKIE Error

Receipt of an Operational ERROR chunk with a "Stale Cookie" error
cause indicates one of a number of possible events:

A) that That the association failed to completely setup before the
cookie
State Cookie issued by the sender was processed.

B) an An old cookie State Cookie was processed after setup completed.

C) an An old cookie State Cookie is received from someone that the receiver is
not interested in having an association with and the ABORT
message
chunk was lost.

When processing an Operational ERROR chunk with a stale cookie "Stale Cookie" error cause an
endpoint should first examine if an association is in the process of
being setup, i.e. the association is in the COOKIE-SENT COOKIE-ECHOED state. In all
cases if the association is NOT in the COOKIE-SENT COOKIE-ECHOED state, the stale
cookie message ERROR
chunk should be silently discarded.

If the association is in the COOKIE-SENT COOKIE-ECHOED state, the endpoint may elect
one of the following three alternatives.

1) Send a new INIT message chunk to the endpoint, endpoint to generate a new cookie State

Stewart, et al [Page 55]

Internet Draft Stream Control Transmission Protocol June 2000

Cookie and re-attempt the setup procedure.

2) Discard the TCB and report to the upper layer the inability of
setting-up to
setup the association.

3) Send a new INIT message chunk to the endpoint, adding a cookie
preservative Cookie
Preservative parameter requesting an extension on to the life time lifetime of
the cookie. State Cookie. When calculating the time extension, an
implementation SHOULD use the RTT information measured based on the
previous COOKIE ECHO / Stale COOKIE message ERROR exchange, and should add no more
than 1 second beyond the measured RTT, due to a long cookie life
time makes State Cookie
lifetimes making the endpoint more subject to a replay attack.

5.3 Other Initialization Issues

5.3.1 Selection of Tag Value

Initiate Tag values should be selected from the range of 0x1 1 to
0xffffffff.
2**32 - 1. It is very important that the Initiate Tag value be
randomized to help protect against "man in the middle" and "sequence
number" attacks.
It is suggested that RFC 1750 [1] The methods described in [RFC1750] can be used for
the Initiate Tag randomization.

Stewart, et al [Page 45]

Internet Draft Stream Control Transmission Protocol April 2000 Careful selection of Initiate Tags is
also necessary to prevent old duplicate packets from previous
associations being mistakenly processed as belonging to the current
association.

Moreover, the tag Verification Tag value used by either endpoint in a given
association MUST never be changed NOT change during the lifetime of the an
association. However,
a A new tag Verification Tag value MUST be used each
time the endpoint tears-down and then re-establishes the an association to
the same peer.

6. User Data Transfer

Data transfer MUST only happen in the ESTABLISHED, SHUTDOWN-PENDING,
and SHUTDOWN-RECEIVED states. The only exception to this is that DATA
chunks are allowed to be bundled with an outbound COOKIE ECHO chunk
when in COOKIE-WAIT state.

A SCTP receiver MUST be able to receive a minimum of 1500 bytes
in one SCTP packet. This means that a SCTP endpoint MUST NOT
indicate less than 1500 bytes in its Initial a_rwnd sent in the
INIT or INIT ACK.

For transmission efficiency, SCTP defines mechanisms for bundling of
small user messages and segmentation fragmentation of large user messages.
The following diagram depicts the flow of user messages through SCTP.

In this section the term "data sender" refers to the endpoint that
transmits a DATA chunk and the term "data receiver" refers to the
endpoint that receives a DATA chunk. A data receiver will transmit
SACK chunks.

Stewart, et al [Page 56]

Internet Draft Stream Control Transmission Protocol June 2000

+--------------------------+
| User Messages |
+--------------------------+
SCTP user ^ |
==================|==|=======================================
| v (1)
+------------------+ +--------------------+
| SCTP DATA Chunks | |SCTP Control Chunks |
+------------------+ +--------------------+
^ | ^ |
| v (2) | v (2)
+--------------------------+
| SCTP datagrams packets |
+--------------------------+
SCTP ^ |
===========================|==|===========================
| v
Unreliable
Connectionless Packet Transfer Service (e.g., IP)

Note:

Notes:
(1) When converting user messages into Data DATA chunks, SCTP sender an endpoint
will segment fragment user messages larger than the current association
path MTU into multiple data DATA chunks. The segmented message data receiver will
normally
be reassembled reassemble the fragmented message from data DATA chunks
before delivery to the user by
the SCTP receiver (see Section 6.9 for details).

(2) Multiple data DATA and control chunks may be multiplexed bundled by the
sender into a single SCTP datagram packet for transmission, as long as
the final size of the datagram packet does not exceed the current path
MTU. The receiver will de-multiplex unbundle the datagram packet back into
the original chunks. Control chunks MUST come before
DATA chunks in the packet.

Figure 5: Illustration of User Data Transfer

The segmentation fragmentation and bundling mechanisms, as detailed in Sections 6.9
and 6.10, are optional OPTIONAL to implement by the data sender, but they MUST
be implemented by the data receiver, i.e., an SCTP receiver endpoint MUST be
prepared to
properly receive and process bundled or segmented fragmented data.

Stewart, et al [Page 46]

Internet Draft Stream Control Transmission Protocol April 2000

6.1 Transmission of DATA Chunks

This document is specified as if there is a single retransmission
timer per destination transport address, but implementations MAY have
a retransmission timer for each DATA chunk.

The following general rules SHALL MUST be applied by the data sender for
transmission and/or retransmission of outbound DATA chunks:

A) At any given time, the data sender MUST NOT transmit new data onto to any
destination transport address if its peer's rwnd indicates that the
peer has no buffer space (i.e. rwnd is 0, see Section 6.2.1).

Stewart, et al [Page 57]

Internet Draft Stream Control Transmission Protocol June 2000

However, regardless of the value of rwnd (including if it is 0),
the data sender can always have ONE data packet one DATA chunk in flight to the
receiver if allowed by cwnd (see rule B below). This rule
allows the sender to probe for a change in rwnd that the sender
missed due to the update SACK having been lost in transmission transit from
the data receiver to the data sender.

B) At any given time, the sender MUST NOT transmit new data onto to a
given transport address if it has cwnd or more octets bytes of data
outstanding on to that transport address.

C) When the time comes for the sender to transmit, before sending
new DATA chunks, the sender MUST first transmit any outstanding
DATA chunks which are marked for retransmission (limited by the
current cwnd).

D) Then, the sender can send out as many new DATA chunks as Rule A and
Rule B above allow.

Note: multiple

Multiple DATA chunks committed for transmission MAY be
bundled in a single packet, unless bundling is explicitly disallowed
by ULP of the data sender. packet. Furthermore, DATA chunks being
retransmitted MAY be bundled with new DATA chunks, as long as the
resulting packet size does not exceed the path MTU.

Note: before A ULP
may request that no bundling is performed but this should only turn off
any delays that a sender SCTP implementation may be using to increase
bundling efficiency. It does not in itself stop all bundling
from occurring (i.e. in case of congestion or retransmission).

Before an endpoint transmits a data packet, DATA chunk, if any received DATA
chunks have not been acknowledged (e.g., due to delayed ack), the
sender should create a SACK and bundle it with the outbound DATA
chunk, as long as the size of the final SCTP datagram packet does not exceed
the current MTU. See Section 6.2.

IMPLEMENTATION Note: when NOTE: When the window is full (i.e., transmission is
disallowed by Rule A and/or Rule B), the sender MAY still accept
send requests from its upper layer, but SHALL MUST transmit no more DATA
chunks until some or all of the outstanding DATA chunks are
acknowledged and transmission is allowed by Rule A and Rule B
again.

Whenever a transmission or retransmission is made to any address, if
the T3-rxt T3-rtx timer of that address is not currently running, the sender
MUST start that timer. However, if If the timer of for that address is already
running, the sender SHALL MUST restart the timer ONLY IF if the earliest
(i.e., lowest TSN) outstanding DATA chunk sent to that address is being
retransmitted.

Stewart, et al [Page 47]

Internet Draft Stream Control Transmission Protocol April 2000 Otherwise, the data sender MUST NOT restart the timer.

When starting or restarting the T3-rxt T3-rtx timer, the timer value must be
adjusted according to the timer rules defined in Sections 6.3.2,
and 6.3.3.

Note: The data sender SHOULD not NOT use a TSN that is more than
2**31 - 1 above the beginning TSN of the current send window.

Stewart, et al [Page 58]

Internet Draft Stream Control Transmission Protocol June 2000

6.2 Acknowledgment Acknowledgement on Reception of DATA Chunks

The SCTP receiver endpoint MUST always acknowledge the SCTP sender about the reception of each valid
DATA chunk.

The guidelines on delayed acknowledgment acknowledgement algorithm specified in
Section 4.2 of RFC 2581 [3] [RFC2581] SHOULD be followed. Specifically, an
acknowledgment
acknowledgement SHOULD be generated for at least every second datagram packet
(not every second DATA chunk) received, and SHOULD be generated within
200 ms of the arrival of any unacknowledged datagram. DATA chunk. In some
situations it may be beneficial for an SCTP transmitter to be more
conservative than the algorithms detailed in this document allow.
However, an SCTP transmitter MUST NOT be more aggressive than the
following algorithms allow.

A SCTP receiver MUST NOT generate more than one SACK for every
incoming packet, other than to update the offered window as the
receiving application consumes new data.

IMPLEMENTATION NOTE: the maximal The maximum delay for generating an
acknowledgment
acknowledgement may be configured by the SCTP user, administrator, either
statically or dynamically, in order to meet the specific
timing requirement of the signaling protocol being carried.

Acknowledgments

An implementation MUST NOT allow the maximum delay to be configured to
be more than 500 ms. In other words an implementation MAY lower this
value below 500ms but MUST NOT raise it above 500ms.

Acknowledgements MUST be sent in SACK control chunks. chunks unless shutdown was
requested by the ULP in which case an endpoint MAY send an
acknowledgement in the SHUTDOWN chunk. A SACK chunk can acknowledge the
reception of multiple DATA chunks. See Section 3.3.3 3.3.4 for SACK chunk
format. In particular, the SCTP receiver endpoint MUST fill in the Cumulative
TSN ACK Ack field to indicate the latest cumulative sequential TSN
number (of a valid DATA
chunk) it has received, and any received. Any received segments beyond DATA chunks with TSN greater than
the value in the Cumulative TSN SHALL Ack field SHOULD also be reported.

Upon reception of reported in
the SACK, Gap Ack Block fields.

Note: The SHUTDOWN chunk does not contain Gap Ack Block fields.
Therefore, the data sender MUST adjust its total
outstanding data count and endpoint should use a SACK instead of the outstanding data count on those
destination addresses for which one or more data SHUTDOWN
chunk to acknowledge DATA chunks is
acknowledged by the SACK.

Note: received out of order .

When a datagram packet arrives with duplicate DATA chunk(s) and with no new
DATA chunk(s), the receiver endpoint MUST immediately send a SACK with no
delay. If a packet arrives with duplicate DATA chunk(s) bundled with
new DATA chunks, the endpoint MAY immediately send a SACK. Normally this
receipt of duplicate DATA chunks will occur when the original SACK
chunk was lost, lost and the peers peer's RTO has expired. The duplicate TSN
number(s) SHOULD be reported in the SACK as duplicate.

When an endpoint receives a SACK, it MAY use the Duplicate TSN

Stewart, et al [Page 59]

Internet Draft Stream Control Transmission Protocol June 2000

information to determine if SACK loss is occurring. Further use of
this data is for future study.

The data receiver is responsible for maintaining its receive buffers.
The data receiver prepares SHOULD notify the data sender in a SACK, any duplicate timely manner of
changes in its ability to receive data. How an implementation manages
its receive buffers is dependent on many factors (e.g., Operating
System, memory management system, amount of memory, etc.). However,
the data sender strategy defined in Section 6.2.1 is based on the
assumption of receiver operation similar to the following:

A) At initialization of the association, the endpoint tells the
peer how much receive buffer space it has allocated to the
association in the INIT or INIT ACK. The endpoint sets a_rwnd
to this value.

B) As DATA chunks are received and buffered, decrement a_rwnd by
the number of bytes received and buffered. This is, in effect,
closing rwnd at the data sender and restricting the amount of
data it can transmit.

C) As DATA chunks are delivered to the ULP and released from the
receive buffers, increment a_rwnd by the number of bytes
delivered to the upper layer. This is, in effect, opening up
rwnd on the data sender and allowing it to send more data. The
data receiver SHOULD NOT increment a_rwnd unless it has released
bytes from its receive buffer. For example, if the receiver is
holding fragmented DATA chunks received
SHOULD be reported in the SACK. a reassembly queue, it should
not increment a_rwnd.

D) When sending a SACK is received SACK, the data receiver MAY use SHOULD place the Duplicate TSN
information to determine if SACK loss is occurring. Further use
of this data is for future study.

Note: If a SACK is received that indicates a previously out
current value of order
chunk has been discarded by a_rwnd into the a_rwnd field. The data
receiver (due to a buffer space
shortage), the sender should mark the chunk as having a first strike
for retransmit against the chunk and start a timer on the last
transmitted destination address (if one is not already running on SHOULD take into account that
destination address). The the data sender SHOULD will not
retransmit DATA chunks that are acked via the chunk until
the fast retransmit algorithm indicates it should. This Cumulative TSN Ack
(i.e., will allow drop from its retransmit queue).

Under certain circumstances, the data receiver time may need to clear up drop
DATA chunks that it has received but hasn't released from its receive
buffers (i.e., delivered to the ULP). These DATA chunks may have
been acked in Gap Ack Blocks. For example, the data receiver may be
holding data in its receive buffers while reassembling a fragmented
user message from its peer when it runs out of receive buffer problem that caused space.
It may drop these DATA chunks even though it to has acknowledged them in
Gap Ack Blocks. If a data receiver drops DATA chunks, it MUST NOT include
them in Gap Ack Blocks in subsequent SACKs until they are received again
via retransmission. In addition, the endpoint should take into account the
dropped data when calculating its a_rwnd.

An endpoint SHOULD NOT revoke a SACK and discard data. Only in extreme
circumstance should an endpoint use this procedure (such as out of buffer
space). The data receiver should take into account that dropping data that
has been acked in Gap Ack Blocks can result in suboptimal retransmission
strategies in the chunk. data sender and thus in suboptimal performance.

Stewart, et al [Page 60]

Internet Draft Stream Control Transmission Protocol June 2000

The following example illustrates the use of delayed acknowledgments: acknowledgements:

Endpoint A Endpoint Z

{App sends 3 messages; strm 0}
DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
(Start T3-rxt T3-rtx timer)

Stewart, et al [Page 48]

Internet Draft Stream Control Transmission Protocol April 2000

DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack)
/------- SACK [TSN ACK=8,Frag=0] Ack=8,block=0]
(cancel T3-rxt T3-rtx timer) <-----/
...
...

DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed)
(Start T3-rxt T3-rtx timer)
...
{App sends 1 message; strm 1}
(bundle SACK with DATA)
/----- SACK [TSN Ack=9,Frag=0] Ack=9,block=0] \
/ DATA [TSN=6,Strm=1,Seq=2]
(cancel T3-rxt T3-rtx timer) <------/ (Start T3-rxt T3-rtx timer)

(ack delayed)
...
(send ack)
SACK [TSN ACK=6,Frag=0] Ack=6,block=0] -------------> (cancel T3-rxt T3-rtx timer)

Note:

Figure 5: Delayed Acknowledgment Example

If a receiver an endpoint receives a DATA chunk with 0 length (no no user data
part) it MUST follow (i.e., the normal procedures for handling TSN and stream
sequence number. However,
Length field is set to 16) it MAY choose not MUST send an ABORT with error cause set
to deliver the NULL "No User Data".

An endpoint SHOULD NOT send a DATA chunk with no user data to
the upper layer. part.

6.2.1 Tracking Peer's Receive Buffer Space

Whenever Processing a Received SACK arrives, a new updated

Each SACK an endpoint receives contains an a_rwnd arrives with it. value. This value
represents the amount of buffer space the sender of the SACK, data receiver, at the time
of transmitting the SACK, has left of its total receive buffer space (as
specified in the INIT/INIT-ACK). After processing INIT/INIT ACK). Using a_rwnd, Cumulative TSN Ack and Gap
Ack Blocks, the
SACK, data sender can develop a representation of the peer's
receive buffer space.

One of the problems the data sender must take into account when processing
a SACK is that a SACK can be received out of order. That is, a SACK sent
by the data receiver can pass an earlier SACK and be received first by the
data sender. If a SACK is received out of order, the data sender can
develop an incorrect view of the peer's receive buffer space.

Since there is no explicit identifier that can be used to detect

Stewart, et al [Page 61]

Internet Draft Stream Control Transmission Protocol June 2000

out-of-order SACKs, the data sender must use heuristics to determine if a
SACK is new.

An endpoint SHOULD use the following rules to
re-calculate calculate the rwnd, using the received
a_rwnd value. value, the Cumulative TSN Ack and Gap Ack Blocks in a received SACK.

A) At the establishment of the association, the endpoint
initializes the rwnd to the Advertised Receiver Window
Credit (a_rwnd) the peer specified in the INIT or INIT ACK.

B) Any time a DATA chunk is transmitted (or retransmitted)
to a peer, the endpoint subtracts the data size of the
chunk from the rwnd of that peer.

C) Any time a DATA chunk is marked for retransmission (via
either T3-rtx timer expiration (Section 6.3.3)or via fast
retransmit (Section 7.2.4)), add the data size of
those chunks to the rwnd.

Note: If the implementation is maintaining a timer on each
DATA chunk then only DATA chunks whose timer expired would
be marked for retransmission.

D) Any time a SACK arrives, the endpoint performs the following:

i) If all outstanding TSNs are acknowledged by the SACK, adopt Cumulative TSN Ack is less than the a_rwnd value in Cumulative TSN Ack Point,
then drop the SACK. Since Cumulative TSN Ack is monotonically
increasing, a SACK as the new rwnd.

Otherwise, take the value of the current rwnd, and add to it the
data size of any newly acknowledged TSNs that has its BE bits set
to 11, OR that moved the cumulative whose Cumulative TSN point forward. Then, set Ack is less than the
Cumulative TSN Ack Point indicates an out-of-order SACK.

ii) Set rwnd equal to the lesser newly received a_rwnd minus the number
of bytes still outstanding after processing the calculated value Cumulative TSN Ack
and the a_rwnd carried
in the SACK.

D) Any time Gap Ack Blocks.

iii) If the T3-rxt timer expires on any address, causing all
outstanding chunks sent to SACK is missing a TSN that address to be marked for
retransmission, add all of was previously
acknowledged via a Gap Ack Block (e.g., the data sizes of those chunks to receiver
reneged on the rwnd.

Stewart, et al [Page 49]

Internet Draft Stream Control Transmission Protocol April 2000

E) Any time a data), then mark the corresponding DATA chunk is marked
as available for retransmit: Mark it as missing for retransmission via the fast
retransmit algorithm (section 6.2.4), add as described in Section 7.2.4 and if no retransmit
timer is running for the DATA chunks
size destination address to which the rwnd. DATA
chunk was originally transmitted, then T3-rtx is started for
that destination address.

6.3 Management of Retransmission Timer

An SCTP endpoint uses a retransmission timer T3-rxt T3-rtx to ensure data
delivery in the absence of any feedback from the remote data receiver. its peer. The duration of
this timer is referred to as RTO (retransmission timeout).

When the receiver endpoint an endpoint's peer is multi-homed, the data sender endpoint will calculate a
separate RTO for each different destination transport
addresses address of the receiver its
peer endpoint.

The computation and management of RTO in SCTP follows closely with how

Stewart, et al [Page 62]

Internet Draft Stream Control Transmission Protocol June 2000

TCP manages its retransmission timer. To compute the current RTO, an
SCTP sender
endpoint maintains two state variables per destination transport
address: SRTT (smoothed round-trip time) and RTTVAR (round-trip time
variation).

6.3.1 RTO Calculation

The rules governing the computation of SRTT, RTTVAR, and RTO are
as follows:

C1) Until an RTT measurement has been made for a packet sent
to the given destination transport address, set RTO to the
protocol parameter 'RTO.Initial'.

C2) When the first RTT measurement R is made, set SRTT <- R,
RTTVAR <- R/2, and RTO <- SRTT + 4 * RTTVAR.

C3) When a new RTT measurement R' is made, set

RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'

Note, the

Note: The value of SRTT used in the update to RTTVAR is its value
*before*
before updating SRTT itself using the second assignment.

After the computation, update RTO <- SRTT + 4 * RTTVAR.

Stewart, et al [Page 50]

Internet Draft Stream Control Transmission Protocol April 2000

C4) When data is in flight and when allowed by rule C5 below, a new
RTT measurement MUST be made each round trip. Furthermore,
it is RECOMMENDED that new RTT
measurements should SHOULD be made no more than once per round-trip for a
given destination transport address. There are two reasons for this
recommendation: first, First, it appears that measuring more frequently
often does not in practice yield any significant benefit [5];
[ALLMAN99]; second, if measurements are made more often, then the
values of RTO.Alpha and RTO.Beta in rule C3 above should be
adjusted so that SRTT and RTTVAR still adjust to changes at roughly
the same rate (in terms of how many round trips it takes them to
reflect new value) values) as they would if making only one measurement
per round-trip and using RTO.Alpha and RTO.Beta as given in rule
C3. However, the exact nature of these adjustments remains a
research issue.

C5) Karn's algorithm: RTT measurements MUST NOT be made using
packets that were retransmitted (and thus for which it is
ambiguous whether the reply was for the first instance of the
packet or a later instance).

C6) Whenever RTO is computed, if it is less than RTO.Min seconds
then it is rounded up to RTO.Min seconds. The reason for this
rule is that RTOs that do not have a high minimum value are
susceptible to unnecessary timeouts [5]. [ALLMAN99].

C7) A maximum value may be placed on RTO provided it is at least

Stewart, et al [Page 63]

Internet Draft Stream Control Transmission Protocol June 2000

RTO.max seconds.

There is no requirement for the clock granularity G used for computing
RTT measurements and the different state variables, other than than:

G1) Whenever RTTVAR is computed, if RTTVAR = 0, then adjust
RTTVAR <- G.

Experience [5] [ALLMAN99] has shown that finer clock granularities
(<= 100 msec) perform somewhat better than more coarse granularities.

6.3.2 Retransmission Timer Rules

The rules for managing the retransmission timer are as follows:

R1) Every time a packet containing data DATA chunk is sent to any address (including
a retransmission), if the T3-rxt T3-rtx timer of that address is not
running, start it running so that it will expire after the RTO of
that address. The RTO used here is that obtained after any doubling
due to previous T3-rxt T3-rtx timer expirations on the corresponding
destination address as discussed in rule E2 below.

R2) Whenever all outstanding data on sent to an address has have been
acknowledged, turn off the T3-rxt T3-rtx timer of that address.

Stewart, et al [Page 51]

Internet Draft Stream Control Transmission Protocol April 2000

R3) Whenever a SACK is received that acknowledges new data chunks
including the one DATA chunk with
the earliest outstanding TSN on for that address, restart T3-rxt T3-rtx timer of
for that address with its current RTO.

(R4) Whenever a SACK is received missing a TSN that was previously acknowledged
via a Gap Ack Block, start T3-rtx for the destination address to which
the DATA chunk was originally transmitted if it is not already running.

The following example shows the use of various timer rules (assuming
the receiver uses delayed acks).

Endpoint A Endpoint Z
{App begins to send}
Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
(Start T3-rxt T3-rtx timer)
{App sends 1 message; strm 1}
(bundle ack with data)
DATA [TSN=8,Strm=0,Seq=4] ----\ /-- SACK [TSN ACK=7,Frag=0] Ack=7,Block=0] \
\ / DATA [TSN=6,Strm=1,Seq=2]
\ / (Start T3-rxt T3-rtx timer)
\
/ \
(Re-start T3-rxt T3-rtx timer) <------/ \--> (ack delayed)
(ack delayed)
...
{send ack}
SACK [TSN ACK=6,Frag=0] Ack=6,Block=0] --------------> (Cancel T3-rxt T3-rtx timer)

Stewart, et al [Page 64]

Internet Draft Stream Control Transmission Protocol June 2000

..
(send ack)
(Cancel T3-rxt T3-rtx timer) <-------------- SACK [TSN ACK=8,Frag=0] Ack=8,Block=0]

Figure 6 - Timer Rule Examples

6.3.3 Handle T3-rxt T3-rtx Expiration

Whenever the retransmission timer T3-rxt T3-rtx expires on for a destination
address, do the following:

E1) On For the destination address where for which the timer expires, adjust its
ssthresh with rules defined in Section 7.2.3 and set the
cwnd <- MTU.

E2) On For the destination address where for which the timer expires, set
RTO <- RTO * 2 ("back off the timer"). The maximum value discussed
in rule C7 above (RTO.max) may be used to provide an upper bound
to this doubling operation.

E3) Determine how many of the earliest (i.e., lowest TSN) outstanding
Data
DATA chunks on for the address where for which the T3-rxt T3-rtx has expired that will
fit into a single packet, subject to the MTU constraint for the
path corresponding to the destination transport address where to which
the retransmission is being sent to (this may be different from the
address where for which the timer expires [see Section 6.4]). Call this
value K. Bundle and retransmit those K data DATA chunks in a single
packet to the address.

Stewart, et al [Page 52]

Internet Draft Stream Control Transmission Protocol April 2000 destination endpoint.

E4) Start the retransmission timer T3-rxt T3-rtx on the destination address
to where which the retransmission is sent, if rule R1 above indicates to
do so. Note, the The RTO to be used for starting T3-rxt T3-rtx should be the
one of for the destination address to where which the retransmission is
sent, which, when the receiver is multi-homed, may be different
from the destination address where for which the timer expired (see
Section 6.4 below).

Note that after

After retransmitting, once a new RTT measurement is obtained
(which can happen only when new data has been sent and acknowledged,
per rule C5, or for a measurement made from a Heartbeat HEARTBEAT [see Section
8.3]), the computation in rule C3 is performed, including the
computation of RTO, which may result in "collapsing" RTO back down
after it has been subject to doubling (rule E2).

Note: Any DATA chunks that were sent to the address for which the
T3-rtx timer expired but did not fit in one MTU (rule E3 above),
should be marked for retransmission and sent as soon as cwnd allows
(normally when a SACK arrives).

The final rule for managing the retransmission timer concerns failover
(see Section 6.4.1):

F1) Whenever SCTP an endpoint switches from the current destination

Stewart, et al [Page 65]

Internet Draft Stream Control Transmission Protocol June 2000

transport address to a different one, the current retransmission
timers are left running. As soon as SCTP the endpoint transmits a packet
containing data DATA chunk(s) to the new transport address, start the
timer on that transport address, using the RTO value of the
destination address where to which the data is being sent, if rule R1
indicates to do so.

6.4 Multi-homed SCTP Endpoints

An SCTP endpoint is considered multi-homed if there are more than one
transport addresses address that can be used as a destination address to reach
that endpoint.

Moreover, at the sender side, ULP of an endpoint shall select one of the multiple
destination addresses of the a multi-homed receiver peer endpoint shall be selected as the primary destination transport address by the UPL
path (see Sections 5.1.2 and 10.1 for details).

When the SCTP sender is transmitting to the multi-homed receiver, by
default the transmission

By default, an endpoint SHOULD always take place on transmit to the primary
transport address,
path, unless the SCTP user explicitly specifies the destination
transport address (and possibly source transport address) to use.

The acknowledgment

An endpoint SHOULD be transmitted transmit reply chunks (e.g., SACK, HEARTBEAT ACK,
etc.) to the same destination transport address from which it received
the DATA or control chunk being
acknowledged were received. to which it is replying. This rule should
also be followed if the endpoint is bundling DATA chunks together
with the reply chunk.

However, when acknowledging multiple DATA chunks received in packets
from different source addresses in a single SACK, the SACK message chunk may be
transmitted to one of the destination transport addresses from which
the DATA or control chunks being acknowledged were received.

Stewart, et al [Page 53]

Internet Draft Stream Control Transmission Protocol April 2000

When a receiver of a duplicate DATA chunk sends a SACK to a multi-homed
endpoint it MAY be beneficial to vary the destination address and not
use the source address of the DATA chunk. The reason being that
receiving a duplicate from a multi-homed endpoint might indicate that
the return path (as specified in the source address of the DATA chunk)
for the SACK is broken.

Furthermore, when the receiver its peer is multi-homed, the SCTP data sender an endpoint SHOULD try to
retransmit a chunk to an active destination transport address that is
different from the last destination address where to which the
data DATA chunk was sent to.

Note, retransmissions
sent.

Retransmissions do not affect the total outstanding data
count. However, if the data DATA chunk is retransmitted onto a different
destination address, both the outstanding data counts on the new
destination address and the old destination address where to which the data
chunk was last sent to shall be adjusted accordingly.

6.4.1 Failover from Inactive Destination Address

Stewart, et al [Page 66]

Internet Draft Stream Control Transmission Protocol June 2000

Some of the destination transport addresses of a multi-homed SCTP data
receiver endpoint may
become inactive due to either the occurrence of certain error
conditions (see Section 8.2) or adjustments from SCTP user.

When there is outbound data to send and the primary destination
transport address path becomes
inactive (e.g., due to failures), or where the SCTP user explicitly
requests to send data to an inactive destination transport address,
before reporting an error to its ULP, the SCTP sender endpoint should try to
send the data to an alternate active destination transport address if
one exists.

When retransmitting data, if the endpoint is multi-homed, it should
consider each source-destination address pair in its retransmission
selection policy. When retransmitting the endpoint should attempt to
pick the most divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.

Note: Rules for picking the most divergent source-destination pair
are an implementation decision and is not specified within this
document.

6.5 Stream Identifier and Stream Sequence Number

Every DATA chunk MUST carry a valid stream identifier. If an endpoint
receives a DATA chunk with an invalid stream identifier is received, the receiver shall,
after acknowledging identifier, it shall
acknowledge the reception of the DATA chunk following the normal
procedure, respond immediately with send an ERROR message chunk with cause set to
Invalid "Invalid
Stream Identifier Identifier" (see Section 3.3.9) 3.3.10) and discard the DATA chunk.
The endpoint may bundle the ERROR chunk in the same packet as the SACK
as long as the ERROR follows the SACK.

The stream sequence number in all the streams shall start from 0x0 0
when the association is established. Also, when the stream sequence
number reaches the value 0xffff 65535 the next stream sequence number shall
be set to 0x0. 0.

6.6 Ordered and Un-ordered Unordered Delivery

By default the SCTP receiver shall ensure the

Within a stream, an endpoint MUST deliver DATA chunks within any
given stream be delivered received with the
U flag set to 0 to the upper layer according to the order of their
stream sequence number. If there are DATA chunks arriving arrive out of order of their
stream sequence number, the receiver endpoint MUST hold the received DATA chunks
from delivery to the ULP until they are re-ordered.

However, an SCTP sender endpoint can indicate that no ordered delivery is
required on for a particular DATA chunk transmitted within the stream by
setting the U flag of the DATA chunk to 1.

Stewart, et al [Page 54]

Internet Draft Stream Control Transmission Protocol April 2000

In this case,

When an endpoint receives a DATA chunk with the receiver U flag set to 1, it
must bypass the ordering mechanism and immediately delivery deliver the data to
the upper layer (after re-assembly if the user data is segmented fragmented by
the data sender).

Stewart, et al [Page 67]

Internet Draft Stream Control Transmission Protocol June 2000

This provides an effective way of transmitting "out-of-band" data in a
given stream. Also, a stream can be used as an "unordered" stream by
simply setting the U flag to 1 in all outbound DATA chunks sent through that
stream.

IMPLEMENTATION NOTE: when When sending an unordered DATA chunk, an
implementation may choose to place the DATA chunk in an outbound
datagram
packet that is at the head of the outbound transmission queue if
possible.

Note that the

The 'Stream Sequence Number' field in an un-ordered data a DATA chunk with U flag set to 1
has no significance; the significance. The sender can fill it with arbitrary value, but
the receiver MUST ignore the field.

Note: When transmitting ordered and unordered data, an endpoint does
not increment its Stream Sequence Number when transmitting a DATA
chunk with U flag set to 1.

6.7 Report Gaps in Received DATA TSNs

Upon the reception of a new DATA chunk, an SCTP receiver endpoint shall examine
the continuity of the TSNs received. If the receiver endpoint detects that gaps
exist a gap
in the received DATA chunk sequence, an it SHOULD send a SACK with fragment
reports shall be sent back Gap Ack
Blocks immediately. The data receiver continues sending a SACK after
receipt of each SCTP packet that doesn't fill the gap.

Based on the segment reports Gap Ack Block from the received SACK, the data sender endpoint
can calculate the missing DATA chunks and make decisions on whether to
retransmit them (see Section 6.3 6.2.1 for details).

Multiple gaps can be reported in one single SACK (see Section 3.3.3).

Note that when the data sender 3.3.4).

When its peer is multi-homed, the SCTP receiver endpoint SHOULD always
try to send the SACK to the same network destination address from where which the
last DATA chunk was received.

Upon the reception of the a SACK, the data sender SHALL endpoint MUST remove all DATA
chunks which have been acknowledged by the SACKs cumulative TSN. SACK's Cumulative TSN Ack
from its transmit queue. The
data sender endpoint MUST also treat all the DATA
chunks which fall into the
gaps between with TSNs not included in the fragments Gap Ack Blocks reported by the
SACK as "missing". The number of "missing" reports for each outstanding
DATA chunk MUST be recorded by the data sender in order to make
retransmission decision,
see decisions. See Section 7.2.4 for details.

The following example shows the use of SACK to report a gap.

Endpoint A Endpoint Z
{App sends 3 messages; strm 0}
DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed)
(Start T3-rxt T3-rtx timer)

DATA [TSN=7,Strm=0,Seq=3] --------> X (lost)

Stewart, et al [Page 55] 68]

Internet Draft Stream Control Transmission Protocol April June 2000

DATA [TSN=7,Strm=0,Seq=3] --------> X (lost)

DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected,
immediately send ack)
/----- SACK [TSN ACK=6,Frag=1, Ack=6,Block=1,
/ Strt=2,End=2]
<-----/
(remove 6 and 8 from out-queue,
and strike mark 7 as "1" missing report)

Note: in order to keep the size of the outbound SCTP datagram not to
exceed the current path MTU, the maximal

Figure 8 - Reporting a Gap using SACK

The maximum number of fragments Gap Ack Blocks that can be reported within a
single SACK chunk is limited. limited by the current path MTU. When a single
SACK can not cover all the fragments Gap Ack Blocks needed to be reported due to
the MTU limitation, the endpoint SHALL MUST send only one SACK, reporting the
fragments
Gap Ack Blocks from the lowest to highest TSNs, within the size limit
set by the MTU, and leave the remaining highest TSN fragment numbers
unacknowledged.

6.8 Adler-32 Checksum Calculation

When sending an SCTP datagram, packet, the sender endpoint MUST strengthen the data
integrity of the transmission by including the Adler-32 checksum
value calculated on the datagram, packet, as described below.

After the datagram packet is constructed (containing the SCTP common header
and one or more control or DATA chunks), the sender transmitter shall:

1) fill Fill in the proper Verification Tag in the SCTP common header and
initialize the Adler-32 checksum filed field to 0's.

2) calculate Calculate the Adler-32 checksum of the whole datagram, packet, including the
SCTP common header and all the chunks. Refer to Sections 2.2 and 9
in [2] appendix B
for details of the Adler-32 algorithm. And,

3) put Put the resultant value into the Adler-32 checksum field in the
common header, and leave the rest of the bits unchanged.

When an SCTP datagram packet is received, the receiver MUST first check the
Adler-32 checksum:

1) store Store the received Adler-32 checksum value aside,

2) replace Replace the 32 bits of the Adler-32 checksum field in the received
SCTP datagram packet with all '0's and calculate an Adler-32 checksum
value of the whole received datagram. packet. And,

3) verify Verify that the calculated Adler-32 checksum is the same as the
received Adler-32 checksum, If not, the receiver MUST treat the
datagram
packet as an invalid SCTP datagram. packet.

The default procedure of for handling invalid SCTP datagrams packets is to
silently discard them.

Stewart, et al [Page 56] 69]

Internet Draft Stream Control Transmission Protocol April June 2000

6.9 Segmentation

Segmentation Fragmentation and Reassembly

An endpoint MAY support fragmentation when sending DATA chunks, but
MUST be performed by the data sender support reassembly when receiving DATA chunks. If an endpoint
supports fragmentation, it MUST fragment a user message if the size of
the user message to be sent has a large size that causes the outbound SCTP datagram packet size exceeding to
exceed the current MTU.

Note, if If an implementation does not support
fragmentation of outbound user messages, the data receiver endpoint must return an
error to its upper layer and not attempt to send the user message.

IMPLEMENTATION NOTE: In this error case, the Send primitive
discussed in Section 10.1 would need to return an error to the upper
layer.

If its peer is multi-homed, the sender endpoint shall choose a
size no larger than the latest association Path MTU. The association Path
MTU of is the current primary smallest Path MTU of all destination
address. addresses.

Note: Once a message is fragmented it cannot be re-fragmented.
Instead if the PMTU has been reduced, then IP fragmentation must be
used. Please see Section 7.3 for details of PMTU discovery.

When determining when to segment, fragment, the SCTP implementation MUST take
into account the SCTP datagram packet header as well as the DATA chunk
header.
header(s). The implementation MAY MUST also take into account of the space
required for a SACK chunk.

IMPLEMENTATION NOTE: if segmentation is not support by the sender,
an error should be reported to the sender's SCTP user chunk if the data to
be sent has bundling a size exceeding the current MTU. In such cases the Send
primitive discussed in Section 10.1 would need to return an error
to SACK chunk with the upper layer.

Segmentation DATA chunk.

Fragmentation takes the following steps:

1) the The data sender SHALL MUST break the large user message into a series of
DATA chunks, chunks such that each of the chunks can be fit chunk plus SCTP overhead fits into an IP
datagram smaller than or equal to the current MTU, association Path MTU.

2) the data sender The transmitter MUST then assign, in sequence, a separate TSN to
each of the DATA chunks in the series,

3) series. The transmitter assigns the data sender
same SSN to each of the DATA chunks. If the user indicates that the
user message is to be delivered using unordered delivery, then the U
flag of each DATA chunk of the user message MUST be set to 1.

3) The transmitter MUST also set the B/E bits of the first DATA chunk
in the series to '10', the B/E bits of the last DATA chunk in the
series to '01', and the B/E bits of all other DATA chunks in the
series to '00'.

The data receiver

An endpoint MUST recognize the segmented fragmented DATA chunks, chunks by examining the B/E
bits in each of the received DATA chunks, and queue the segmented fragmented DATA
chunks for re-assembly. Then, it Once the user message is reassembled, SCTP
shall pass the re-assembled user message to the specific stream for
possible re-ordering and final dispatching.

Note, if

Note: If the data receiver runs out of buffer space while still
waiting for more segments fragments to complete the re-assembly of the
message, it should dispatch part of its inbound message through a
partial delivery API (see Section 10), freeing some of its receive

Stewart, et al [Page 70]

Internet Draft Stream Control Transmission Protocol June 2000

buffer space so that the rest of the message may be received.

Stewart, et al [Page 57]

Internet Draft Stream Control Transmission Protocol April 2000

6.10 Bundling and Multiplexing

An SCTP sender achieves data bundling endpoint bundles chunks by simply including multiple
DATA chunks in one
outbound SCTP datagram. Note that the packet. The total size of the resultant IP datagram,
including the SCTP datagram packet and IP headers, MUST be less or equal to the
current Path MTU.

Note, if the data receiver

If its peer endpoint is multi-homed, the sender sending endpoint shall choose
a size no larger than the latest MTU of the current primary destination
address. path.

When multiplexing bundling control chunks with DATA chunks, an endpoint MUST place
control chunks have
the priority and MUST be placed first in the outbound SCTP datagram
and be transmitted first. packet. The transmitter
MUST transmit DATA chunks within a SCTP datagram packet in increasing order of
TSN.
Note: Since control chunks must be placed first in a packet and
since DATA chunks must be transmitted before SHUTDOWN or SHUTDOWN ACK
chunks, DATA chunks cannot be bundled with SHUTDOWN or SHUTDOWN ACK
chunks.

Partial chunks MUST NOT be placed in a an SCTP datagram.

The receiver packet.

An endpoint MUST process the received chunks in their order in the datagram. packet.
The receiver uses the chunk length field to determine the end of a
chunk and beginning of the next chunk taking account of the fact that
all chunks end on a thirty-two-bit word 4 byte boundary. If the receiver detects a partial
chunk, it MUST drop the chunk.

An endpoint MUST NOT bundle INIT, INIT ACK or SHUTDOWN COMPLETE with
any other chunks.

7. Congestion control

Congestion control is one of the basic functions in the SCTP protocol. SCTP.
For some applications, it may be likely that adequate resources will
be allocated to SCTP traffic to assure prompt delivery of
time-critical SCTP data - thus it would appear to be unlikely, during
normal operations, that SCTP transmissions encounter severe congestion
condition.
conditions. However SCTP must prepare itself for operate under adverse operational
conditions, which can develop upon partial network failures or
unexpected traffic surges. In such situations SCTP must follow correct
congestion control steps to recover from congestion quickly in order
to get data delivered as soon as possible. In the absence of network
congestion, these preventive congestion control algorithms should show
no impact on the protocol performance.

IMPLEMENTATION NOTE: as As far as its specific performance requirements
are met, an implementation is always allowed to adopt a more
conservative congestion control algorithm than the one defined
below.

The congestion control algorithms used by SCTP are based on RFC 2581
[3], "TCP Congestion Control".

Stewart, et al [Page 71]

Internet Draft Stream Control Transmission Protocol June 2000

[RFC2581]. This section describes how the algorithms defined in RFC 2581
RFC2581 are adopted adapted for use in SCTP. We first list differences in
protocol designs between TCP and SCTP, and then describe SCTP's
congestion control scheme. The description will use the same
terminology as in TCP congestion control whenever appropriate.

Note:

SCTP congestion control is always applied to the entire association,
and NOT to individual streams.

Stewart, et al [Page 58]

Internet Draft Stream Control Transmission Protocol April 2000

7.1 SCTP Differences from TCP Congestion control

One difference between SCTP and TCP is that the Selective
Acknowledgment function (SACK) is designed into SCTP, rather than an
enhancement that is added to the protocol later as is

Gap Ack Blocks in the case for
TCP. SCTP SACK carries carry the same semantic meaning with that of as the
TCP SACK. TCP and SCTP considers the information carried in the SACK as advisory
information only. SCTP considers the information carried in the Gap Ack
Blocks in the SACK chunk as advisory. In SCTP, any DATA chunk that has
been acknowledged by SACK, including DATA that arrived at the receiving
end out of order, are NOT considered fully delivered until the
Cumulative
Acknowledgment point TSN Ack Point passes the acknowledged TSN of the DATA chunk. chunk (i.e., the
DATA chunk has been acknowledged by the Cumulative TSN Ack field in the
SACK). Consequently, the value of cwnd controls the amount of
outstanding data, rather than (as in the case of non-SACK TCP) the
upper bound between the highest acknowledged sequence number and the
latest DATA chunk that can be sent within the congestion window,
as is the case in non-SACK TCP. window. SCTP
SACK leads to different implementations of fast-retransmit and fast-recovery from that of fast-
recovery than non-SACK TCP. As an example see [16]. [FALL96].

The biggest difference between SCTP and TCP, however, is multi-homing.
SCTP is designed to establish robust communication associations
between two end points endpoints each of which may be reachable by more than one
transport address. Potentially different addresses may lead to
distinguished
different data paths between the two points, endpoints, thus ideally one may
need a separate set of congestion control parameters for each of the
paths. The treatment here of congestion control for multi-homed
receivers is new with SCTP and may require refinement in the
future. The current algorithms make the following assumptions:

o The sender always usually uses the same destination address until being
instructed by the upper layer otherwise. otherwise; however, SCTP may change to
an alternate destination in the event an address is marked inactive
(see Section 8.2). Also, SCTP may retransmit to a different
transport address than the original transmission.

o The sender keeps a separate congestion control parameter set for each
of the destination addresses it can send to (NOT each
source-destination pair but for each destination) . The parameters
should decay if the address is not used for a long enough
time period.

o For each of the destination addresses, do an endpoint does slow-start
upon the first transmission to that address.

Note: TCP guarantees in-sequence delivery of data to its upper-layer
protocol within a single TCP session. This means that when TCP
notices a gap in the received sequence number, it waits until

Stewart, et al [Page 72]

Internet Draft Stream Control Transmission Protocol June 2000

the gap is filled before delivering the data that was received
with sequence numbers higher than that of the missing data. On
the other hand, SCTP can deliver data to its upper-layer
protocol even if there is a gap in TSN if the Stream Sequence
Numbers are in sequence for a particular stream (i.e., the
missing DATA chunks are for a different stream) or if unordered
delivery is indicated. Although this does not affect cwnd, it
might affect rwnd calculation.

7.2 SCTP Slow-Start and Congestion Avoidance

The slow start and congestion avoidance algorithms MUST be used by a
SCTP sender an
endpoint to control the amount of outstanding data being injected into the network.
The congestion control in SCTP is employed in regard to the
association, not to an individual stream. In some situations it
may be beneficial for an SCTP sender to be more conservative than the
algorithms allow, however allow; however, an SCTP sender MUST NOT be more aggressive
than the following algorithms allow.

Like TCP, an SCTP sender endpoint uses the following three control variables
to regulate its transmission rate.

Stewart, et al [Page 59]

Internet Draft Stream Control Transmission Protocol April 2000

o Receiver advertised window size (rwnd, in octets), bytes), which is set by
the receiver based on its available buffer space for incoming
packets.

Note: This variable is kept on the entire association.

o Congestion control window (cwnd, in octets), bytes), which is adjusted by
the sender based on observed network conditions.

Note: This variable is maintained on a per-destination address basis.

o Slow-start threshold (ssthresh, in octets), bytes), which is used by the
sender to distinguish slow start and congestion avoidance phases.

Note: This variable is maintained on a per-destination address basis.

SCTP also requires one additional control variable,
partial_bytes_acked, which is used during congestion avoidance phase to
facilitate cwnd adjustment.

Unlike TCP, an SCTP sender MUST keep a set of these control variables
for EACH destination address of its peer (when its peer is multi-homed). multi-
homed).

7.2.1 Slow-Start

Beginning data transmission into a network with unknown conditions or
after a sufficiently long idle period requires SCTP to probe the
network to determine the available capacity. The slow start algorithm
is used for this purpose at the beginning of a transfer, or after

Stewart, et al [Page 73]

Internet Draft Stream Control Transmission Protocol June 2000

repairing loss detected by the retransmission timer.

o The initial cwnd before data transmission or after a sufficiently
long idle period MUST be <= 2*MTU.

o The initial cwnd after a retransmission timeout MUST be no more
than 1*MTU.

o The initial value of ssthresh MAY be arbitrarily high (for example,
some
implementations MAY use the size of the receiver advertised window).

o Whenever cwnd is greater than zero, the sender endpoint is allowed to have
cwnd
octets bytes of data outstanding on that transport address.

o When cwnd is less than or equal to ssthresh an SCTP sender endpoint MUST use
the slow start algorithm to increase cwnd (assuming the current
congestion window is being fully utilized). If the an incoming SACK
advances the cumulative TSN, Cumulative TSN Ack Point, cwnd MUST be increased by at
most the lesser of 1) the total size of the previously outstanding
DATA chunk(s) acknowledged, and 2) the destinations destination's path MTU.
This prevents protects against the ACK-Splitting attack outlined in [15].

NOTE:
[SAVAGE99].

In instances where the data receiver its peer endpoint is multi-homed, if an endpoint
receives a SACK arrives at the data sender that advances the
sender's cumulative its Cumulative TSN point, Ack Point, then the data sender it
should update its cwnd (or cwnds) apportioned to the destination
addresses where
the data was to which it transmitted to. the acknowledged data. However if
the received SACK does not advance the cumulative Cumulative TSN point, Ack Point, the data sender
endpoint MUST not NOT adjust the cwnd of any of the destination
addresses.

Stewart, et al [Page 60]

Internet Draft Stream Control Transmission Protocol April 2000

NOTE: because

Because an SCTP data sender's endpoint's cwnd is not tied to its
cumulative Cumulative TSN point, Ack
Point, as duplicate SACKs come in, even though they may not advance
the cumulative Cumulative TSN point Ack Point an SCTP sender endpoint can still use them to clock
out new data. That is, the data newly acknowledged by the SACK
diminishes the amount of data now in flight to less than cwnd; and so
the current, unchanged value of cwnd now allows new data to be sent.
On the other hand, the increase of cwnd must be tied to the cumulative
Cumulative TSN Ack Point advancement as specified above. Otherwise
the duplicate SACKs will not only clock out new data, but also will
adversely clock out *more* more new data than what has just left the
network, during a time of possible congestion.

o When the sender endpoint does not transmit data on a given transport
address, the cwnd of the transport address should be adjusted to
max(cwnd / 2,
max(cwnd/2, 2*MTU) per RTO.

7.2.2 Congestion Avoidance

When cwnd is greater than ssthresh, cwnd should be incremented
by 1*MTU per RTT if the sender has cwnd or more octets bytes of data
outstanding on for the corresponding transport address.

Stewart, et al [Page 74]

Internet Draft Stream Control Transmission Protocol June 2000

In practice an implementation can achieve this goal in the
following way:

o partial_bytes_acked is initialized to 0.

o Whenever cwnd is greater than ssthresh, upon each SACK arrival, arrival that
advances the Cumulative TSN Ack Point, increase partial_bytes_acked
by the total number of octets bytes of all new chunks acknowledged in that SACK.
SACK including chunks acknowledged by the new Cumulative TSN Ack and
by Gap Ack Blocks.

o When partial_bytes_acked is equal to or greater than cwnd and before
the arrival of the SACK the sender has had cwnd or more octets bytes of data
outstanding,
outstanding (i.e., before arrival of the SACK, flightsize was greater
than or equal to cwnd), increase cwnd by MTU, and reset
partial_bytes_acked to (partial_bytes_acked - cwnd).

o Same as in the slow start, when the sender does not transmit data on
a given transport address, the cwnd of the transport address should
be adjusted to max(cwnd / 2, 2*MTU) per RTO.

o When all of the data transmitted by the sender has been acknowledged
by the receiver, partial_bytes_acked is initialized to 0.

7.2.3 Congestion Control

Upon detection of packet losses from SACK reports (see section Section 7.2.4),
the sender
An endpoint should do the following:

ssthresh = max(cwnd/2, 2*MTU)
cwnd = ssthresh

Stewart, et al [Page 61]

Internet Draft Stream Control Transmission Protocol April 2000

Basically, a packet loss causes cwnd to be cut in half.

When the T3-rxt T3-rtx timer expires on an address, SCTP should perform
slow start by:

ssthresh = max(cwnd/2, 2*MTU)
cwnd = 1*MTU

and assure that no more than one data packet DATA chunk will be in flight on for that
address until the sender endpoint receives acknowledgment acknowledgement for successful
delivery of data to that address.

7.2.4 Fast Retransmit on Gap Reports

In the absence of data losses, a SCTP receiver loss, an endpoint performs delayed
acknowledgment.
acknowledgement. However, whenever a receiver an endpoint notices a hole in the
arriving TSN sequence, it should SHOULD start sending a SACK back every time
a packet arrives carrying data.

At the sender end, whenever data until the sender hole is filled.

Whenever an endpoint receives a SACK that indicate indicates some TSN(s)

Stewart, et al [Page 75]

Internet Draft Stream Control Transmission Protocol June 2000

missing, it SHOULD wait for 3 further miss indications (via subsequent SACKs)
SACK's) on the same TSN(s) before taking action. action with regard to Fast
Retransmit.

When the TSN(s) is reported as missing in consecutive SACKs for the
4th time, fourth consecutive SACK,
the data sender shall:

1) Mark the missing DATA chunk(s) for retransmission,

2) Adjust the ssthresh and cwnd of the destination address(es) where to which
the missing data DATA chunks were last sent, according to the formula
described in Section 7.2.3.

3) Determine how many of the earliest (i.e., lowest TSN) missing Data DATA
chunks marked for retransmission will fit into a single packet,
subject to constraint of the path MTU of the destination transport
address to which the packet is being sent. Call this value K.
Retransmit those K data DATA chunks in a single packet.

4) Restart T3-rxt T3-rtx timer ONLY IF only if the last SACK acknowledged the lowest
outstanding TSN number sent to that address, or we are the endpoint is
retransmitting the first outstanding Data DATA chunk sent to that
address.

Note, before

Note: Before the above adjustments, if the received SACK also
acknowledges new data DATA chunks and advances the cumulative Cumulative TSN point, Ack
Point, the cwnd adjustment rules defined in Sections 7.2.1 and 7.2.2
must be applied first.

A straightforward implementation of the above requires that the sender keeps a counter for each
TSN hole first reported by a SACK; the SACK. The counter keeps track of whether 3 subsequent SACKs have reported increments for each
consecutive SACK reporting the
same TSN hole.

Stewart, et al [Page 62]

Internet Draft Stream Control Transmission Protocol April 2000 After reaching 4 and starting
the fast retransmit procedure, the counter resets to 0.

Because cwnd in SCTP indirectly bounds the number of outstanding
TSN's, the effect of TCP fast-recovery is achieved automatically with
no adjustment to the congestion control window size.

7.3 Path MTU Discovery

RFC 1191 [11] discusses

[RFC1191] specifies "Path MTU Discovery", whereby a sender an endpoint
maintains an estimate of the maximum transmission unit (MTU) along a
given Internet path and refrains from sending datagrams packets along that path
which exceed the MTU, other than occasional attempts to probe for a
change in the path MTU. Path MTU (PMTU). RFC 1191 is thorough in its discussion
of the MTU discovery mechanism and strategies for determining the
current end-to-end MTU setting as well as detecting changes in this
value.
RFC 1981 [12] discusses applying [RFC1981] specifies the same mechanisms for IPv6. An SCTP
sender using IPv6 MUST use Path MTU Discovery unless all packets are
less than the minimum IPv6 MTU [RFC2460].

An endpoint SHOULD apply these techniques, and SHOULD do so on a
per-destination-address basis.

Stewart, et al [Page 76]

Internet Draft Stream Control Transmission Protocol June 2000

There are 4 ways in which SCTP differs from the description in RFC 1191
of applying MTU discovery to TCP:

1) SCTP associations can span multiple set of addresses.
Per the above comment, an SCTP sender
An endpoint MUST maintain separate MTU estimates for each
destination address of its peer.

2) Elsewhere in this document, when the term "MTU" is discussed,
it refers to the MTU associated with the destination address
corresponding to the context of the discussion.

3) Unlike TCP, SCTP does not have a notion of "Maximum Segment
Size". Accordingly, the MTU for each destination address
SHOULD be initialized to a value no larger than the link MTU
for the local interface to which datagrams packets for that remote
destination address will be routed.

4) Since data transmission in SCTP is naturally structured in
terms of TSNs rather than bytes (as is the case for TCP), the
discussion in section Section 6.5 of RFC 1191 applies: when When retransmitting
a
an IP datagram to a remote address for which the IP datagram
appears too large for the path MTU to that address, the IP datagram
SHOULD be retransmitted without the DF bit set, allowing it to
possibly be fragmented. Transmissions of new IP datagrams MUST have
DF set.

5) The sender should track an association PMTU which will be
the smallest PMTU discovered for all of the peer's destination
addresses. When fragmenting messages into multiple parts this
association PMTU should be used to calculate the size of
each fragment. This will allow retransmissions to be seamlessly
sent to an alternate address without encountering IP fragmentation.

Other than these differences, the discussion of TCP's use of MTU
discovery in RFCs 1191 and 1981 applies to SCTP, too, SCTP on a
per-destination-address basis.

Note: For IPv6 destination addresses the DF bit does not exist,
instead the IP datagram must be fragmented as described in RFC1883 [17].

Stewart, et al [Page 63]

Internet Draft Stream Control Transmission Protocol April 2000 [RFC2460].

8. Fault Management

8.1 Endpoint Failure Detection

The data sender

An endpoint shall keep a counter on the total number of consecutive
retransmissions to its peer (including retransmissions to
ALL all the
destination transport addresses of the peer if it is multi-homed). If
the value of this counter exceeds the limit indicated in the protocol
parameter 'Association.Max.Retrans', the
data sender endpoint shall consider the
peer endpoint unreachable and shall stop transmitting any more data to
it (and thus the association enters the CLOSED state). In addition, the data sender
endpoint shall report the failure to the upper layer, and optionally
report back all outstanding user data remaining in its outbound queue.
The association is automatically terminated closed when the peer endpoint

Stewart, et al [Page 77]

Internet Draft Stream Control Transmission Protocol June 2000

becomes unreachable.

The counter shall be reset each time a datagram DATA chunk sent to that
destination address peer
endpoint is acknowledged by (by the peer endpoint, reception of a SACK), or a HEARTBEAT-ACK HEARTBEAT-
ACK is received from the peer endpoint.

8.2 Path Failure Detection

When the remote its peer endpoint is multi-homed, the data sender an endpoint should keep a
'retrans.count' error
counter for each of the destination transport addresses of the remote peer
endpoint.

Each time the T3-rxt T3-rtx timer expires on any address, or when a HEARTBEAT
sent to an idle address is not acknowledged, acknowledged within a RTO, the 'retrans.count' error
counter of that destination address will be incremented. When the
value in
'retrans.count' the error counter exceeds the protocol parameter
'Path.Max.Retrans' of that destination address, the data sender endpoint should
mark the destination transport address as inactive, and a notification
SHOULD be sent to the upper layer.

When an outstanding TSN is acknowledged or a HEARTBEAT sent to that
address is acknowledged with a HEARTBEAT-ACK, HEARTBEAT ACK, the data sender endpoint shall
clear the 'retrans.count' error counter of the destination transport address
to which the datagram DATA chunk was last sent (or HEARTBEAT was sent). Note,
when When the data receiver
peer endpoint is multi-homed and the last chunk sent to it was a
retransmission to an alternate address of the receiver, address, there exists an ambiguity as to
whether or not the acknowledgment acknowledgement should be credited to the address of
the last chunk sent. However, this ambiguity does not seem to bear any
significant consequence to SCTP behavior. If this ambiguity is
undesirable, the data sender transmitter may choose not to clear the
'retrans.count'
error counter if the last chunk sent was a retransmission.

Stewart, et al [Page 64]

Internet Draft Stream Control Transmission Protocol April 2000

Note, when

Note: When configuring the SCTP endpoint, the user should avoid
having the value of 'Association.Max.Retrans' larger than the
summation of the 'Path.Max.Retrans' of all the destination addresses
for the remote endpoint. Otherwise, all the destination addresses may
become inactive while the endpoint still considers the peer endpoint
reachable. When this condition occurs, how the SCTP chooses to
function is implementation specific.

Note, when

When the primary destination address path is marked inactive (due to excessive
retransmissions, for instance), the sender MAY automatically transmit
new datagrams packets to an alternate destination address if one exists and is
active. This is, however, an implementation option. If more than one alternate address is active when the primary
path is marked inactive only ONE transport address SHOULD be chosen
and used as the new destination transport address.

8.3 Path Heartbeat

By default, an SCTP endpoint shall monitor the reachability of the
idle destination transport address(es) of its peer by sending a
HEARTBEAT messages chunk periodically to the destination transport

Stewart, et al [Page 78]

Internet Draft Stream Control Transmission Protocol June 2000

address(es).

A destination transport address is considered "idle" if no new chunk
which can be used for updating path RTT (usually including first
transmission DATA, INIT, COOKIE, COOKIE ECHO, HEARTBEAT etc.) and no heartbeat
HEARTBEAT has been sent to it within the current heartbeat period of
that address. This applies to both active and inactive destination
addresses.

The upper layer can optionally initiate the following functions:

A) disable heart beat Disable heartbeat on a specific destination transport address of a
given association,
B) re-enable heart beat Change the HB.interval,
C) Re-enable heartbeat on a specific destination transport address of
a given association, and,
C) request
D) Request an on-demand heartbeat HEARTBEAT on a specific destination transport
address of a given association.

The endpoint should increment the respective 'retrans.count' error counter
of the destination transport address each time a HEARTBEAT is sent to
that address and not acknowledged. acknowledged within one RTO.

When the value of this counter reaches the protocol parameter
'Path.Max.Retrans', the endpoint should mark the corresponding
destination address as inactive if it is not so marked, and may also
optionally report to the upper layer the change of reachability of
this destination address. After this, the endpoint should continue
heartbeat
HEARTBEAT on this destination address but should stop increasing the
counter.

The sender of the HEARTBEAT message chunk should include in the Heartbeat
Information field of the message chunk the current time when the message packet is
sent out and the information on the destination address to which the
message packet is sent.

IMPLEMENTATION NOTE: An alternative implementation of the heartbeat
mechanism that can be used is to increment the 'retrans.count' error counter
variable every time a HEARTBEAT is sent to a destination. Whenever
a HEARTBEAT-ACK HEARTBEAT ACK arrives, the sender SHOULD be clearing clear the
'retrans.count'
error counter of the destination that the HEARTBEAT was
sent to. This in effect would clear the previously stroked
error (and any other error counts as well).

Stewart, et al [Page 65]

Internet Draft Stream Control Transmission Protocol April 2000

The receiver of the HEARTBEAT should immediately respond with a
HEARTBEAT ACK that contains the Heartbeat Information field copied out
from the received HEARTBEAT message. chunk.

Upon the receipt of the HEARTBEAT ACK, the sender of the HEARTBEAT
should clear the 'retrans.count' error counter of the destination transport
address to which the HEARTBEAT was sent, and mark the destination
transport address as active if it is not so marked. The endpoint may
optionally report to the upper layer when an inactive destination
address is marked as active due to the reception of the latest
HEARTBEAT ACK. The receiver of the HEARTBEAT ACK must also

Stewart, et al [Page 79]

Internet Draft Stream Control Transmission Protocol June 2000

clear the association overall error count as well (as defined
in section 8.1).

The receiver of the HEARTBEAT ACK should also perform an RTT
measurement for that destination transport address using the time
value carried in the HEARTBEAT ACK message. chunk.

On an idle destination address that is allowed to heartbeat, heartbeat,a HEARTBEAT
messages
chunk is RECOMMENDED to be sent once per RTO of that destination
address,
address plus the protocol parameter 'HB.interval' , with
jittering of +/- 50%, and exponential back-off of the RTO if the
previous HEARTBEAT is unanswered.

A primitive is provided for the SCTP user to change the heart
beat interval HB.interval
and turn on or off the heart beat heartbeat on a given destination address. Note, the The
heartbeat interval set by the SCTP user on is added to the RTO of that
destination (including any exponential backoff). Only one heartbeat
should be sent each time the heartbeat timer expires (if multiple
destinations are idle). It is a implementation decision on how to
choose which of the candidate idle destinations to heartbeat to (if
more than one destination addresses is idle).

Note: When tuning the heartbeat interval, there is a side effect that
SHOULD be no smaller than taken into account. When this value is increased, i.e. the RTO
HEARTBEAT takes longer, the detection of
that destination address. Separate timers may lost ABORT messages takes
longer as well. If a peer endpoint ABORTs the association for
any reason and the ABORT chunk is lost, the local endpoint will only
discover the lost ABORT by sending a DATA chunk or HEARTBEAT chunk
(thus causing the peer to send another ABORT). This must be used considered
when tuning the HEARBEAT timer. If the HEARTBEAT is disabled only
sending DATA to control the
heartbeat transmission for different idle destination addresses. association will discover a lost ABORT from the
peer.

8.4 Handle "Out of the blue" Packets

An SCTP datagram packet is called an "out of the blue" (OOTB) datagram packet if it
is correctly formed, i.e., passed the receiver's Adler-32 check (see
Section 6.8), but the receiver is not able to identify receiver is not able to identify the association
to which this packet belongs.

The receiver of an OOTB packet MUST do the following:

1) If the OOTB packet is to or from a non-unicast address, silently
discard the packet. Otherwise,

2) If the OOTB packet contains an ABORT chunk, the receiver MUST
silently discard the OOTB packet and take no further action.
Otherwise,

3) If the packet contains an INIT chunk with a Verification Tag set to
'0', process it as described in Section 5.1. Otherwise,

4) If the packet contains a COOKIE ECHO in the first chunk, process it

Stewart, et al [Page 80]

Internet Draft Stream Control Transmission Protocol June 2000

as described in Section 5.1. Otherwise,

5) If the packet contains a SHUTDOWN ACK chunk, the receiver should
respond to the sender of the OOTB packet with a SHUTDOWN COMPLETE.
When sending the SHUTDOWN COMPLETE, the receiver of the OOTB packet
must fill in the Verification Tag field of the outbound packet with
the Verification Tag received in the SHUTDOWN ACK and set the association
to which this datagram belongs.

The receiver of an OOTB datagram MUST do
T-bit in the following:

1) check if Chunk Flags to indicate that no TCB was found.
Otherwise,

6) If the OOTB datagram packet contains an ABORT chunk. If so, a SHUTDOWN COMPLETE chunk, the receiver MUST
should silently discarded discard the OOTB datagram packet and take no further action.
Otherwise,

2) the

7) The receiver should respond to the sender of the OOTB datagram packet with
an ABORT. When sending the ABORT, the receiver of the OOTB datagram packet
MUST fill in the Verification Tag field of the outbound datagram packet
with the value found in the Verification Tag field of the OOTB
datagram.
packet and set the T-bit in the Chunk Flags to indicate that no
TCB was found. After sending this ABORT, the receiver of the
OOTB
datagram packet shall discard the OOTB datagram packet and take no further
action.

Stewart, et al [Page 66]

Internet Draft Stream Control Transmission Protocol April 2000

8.5 Verification Tag

The Verification Tag rules defined in this section apply when sending
or receiving SCTP datagrams packets which do NOT not contain an INIT, SHUTDOWN
ACK,
COMPLETE, COOKIE ECHO (see Section 5.1) or ABORT chunk. The rules for
sending and receiving SCTP
datagrams packets containing one of these chunk types
are discussed separately in Section 8.5.1.

When sending an SCTP datagram, packet, the sender endpoint MUST fill in the Verification
Tag field of the outbound datagram packet with the tag value in the Initiate Tag
parameter of the peer endpoint to which this SCTP datagram is destined. INIT or INIT ACK received from its peer.

When receiving an SCTP datagram, packet, the receiver endpoint MUST ensure that the
value in the Verification Tag field of the received SCTP datagram packet
matches its own Tag. If the received tag Verification Tag value does not
match the receiver's own tag value, the receiver shall silently
discard the
datagram packet and shall not process it any further. further except for
those cases listed in Section 8.5.1 below.

8.5.1 Exceptions in Verification Tag Rules

A) Rules for datagram packet carrying INIT:

- The sender MUST set the Verification Tag of the datagram packet to 0.

- The receiver, when noticing When an endpoint receives an incoming SCTP datagram packet with the Verification Tag
set to 0, it should continue to process verify that the datagram packet contains only if an INIT chunk is present.
chunk. Otherwise, the receiver MUST silently discard the datagram and take no further action. packet.

B) Rules for datagram packet carrying ABORT:

Stewart, et al [Page 81]

Internet Draft Stream Control Transmission Protocol June 2000

- The sender endpoint shall always fill in the Verification Tag field of the
outbound datagram packet with the destination endpoint's tag value if it
is known.

- If the ABORT is sent in response to an OOTB datagram, packet, the sender endpoint
MUST follow the procedure described in Section 8.4.

- The receiver MUST accept the datagram IF packet if the Verification Tag
matches either its own tag, OR the tag of its peer. Otherwise, the
receiver MUST silently discard the datagram packet and take no further
action.

C) Rules for datagram packet carrying SHUTDOWN ACK: COMPLETE:

- When sending a SHUTDOWN ACK, COMPLETE, if the sender is allowed to either use receiver of the SHUTDOWN
ACK has a TCB then the destination endpoint's tag or set MUST be used. Only
where no TCB exists should the sender use the Verification Tag field
of from
the outbound datagram to 0. SHUTDOWN ACK.

- The receiver of a SHUTDOWN ACK COMPLETE shall accept the datagram IF packet if the
Verification Tag field of the datagram packet matches its own tag OR it is
set to 0. its peer's tag and the T bit is set in the Chunk Flags.
Otherwise, the receiver MUST silently discard the
datagram packet and take
no further action. NOTE: the receiver of the
SHUTDOWN ACK An endpoint MUST ignore the chunk SHUTDOWN COMPLETE if
it is not in the SHUTDOWN
SENT SHUTDOWN-ACK-SENT state.

Stewart, et al [Page 67]

Internet Draft Stream Control Transmission Protocol April 2000

D) Rules for packet carrying a COOKIE ECHO

- When sending a COOKIE ECHO, the endpoint MUST use the value of the
Initial Tag received in the INIT ACK.

- The receiver of a COOKIE ECHO follows the procedures in Section 5.

9. Termination of Association

All existing associations

An endpoint should be terminated terminate its association when an endpoint it exits from
service. An association can be terminated by either close abort or
shutdown. A abort of an association is abortive by definition in that
any data pending on either end of the association is discarded and NOT
delivered to the peer. A shutdown of an association is considered a
graceful close where all data in queue by either endpoint is delivered
to the respective peers. However, in the case of a shutdown, SCTP does
not support a half-open state (like TCP) wherein one side may continue
sending data while the other end is closed. When either endpoint
performs a shutdown, the association on each peer will stop accepting
new data from its user and only deliver data in queue at the time of
sending or receiving the SHUTDOWN chunk.

9.1 Close Abort of an Association

When an endpoint decides to close abort down an existing association, it
shall send an ABORT message chunk to its peer endpoint. The sender MUST fill
in the peer's Verification Tag in the outbound datagram packet and MUST NOT

Stewart, et al [Page 82]

Internet Draft Stream Control Transmission Protocol June 2000

bundle any DATA chunk with the ABORT.

No acknowledgment is required for an ABORT message. In any
circumstances, an

An endpoint MUST NOT respond to any received datagram packet that contains an
ABORT with its own ABORT chunk (also see Section 8.4).

The receiver

An endpoint receiving an ABORT shall apply the special Verification Tag
check rules described in Section 8.5.1 when handling the datagram carrying an
ABORT. 8.5.1.

After checking the Verification Tag, the peer receiving endpoint shall
remove the association from its record, and shall report the
termination to its upper layer.

9.2 Shutdown of an Association

Using the TERMINATE SHUTDOWN primitive (see Section 10.1), the upper layer of an
endpoint in an association can gracefully shutdown close the association.
This will guarantee that allow all outstanding datagrams DATA chunks from the peer of
the shutdown initiator to be delivered before the association
terminates.

Upon receipt of the TERMINATE SHUTDOWN primitive from its upper layer, the
initiator
endpoint enters SHUTDOWN-PENDING state and remains there until all
outstanding TSNs have been acknowledged by the far end. It its peer. The endpoint
accepts no new data from its upper layer, but retransmits data to the
far end if necessary to fill gaps.

Once all its outstanding TSNs have been acknowledged, the initiator endpoint
shall send a SHUTDOWN message chunk to the its peer of including in the association,
and shall include Cumulative
TSN Ack field the last cumulative sequential TSN it has received from the
peer in the 'Cumulative TSN ACK' field. peer.
It shall then start the T2-shutdown timer and enter the Shutdown-sent SHUTDOWN-SENT
state. If the timer expires, the initiator endpoint must re-send the SHUTDOWN
with the updated last sequential TSN received from its peer.

The same rules in Section 6.3 SHALL MUST be followed to determine the proper timer
value for T2-shutdown. The sender of To indicate any gaps in TSN, the SHUTDOWN message endpoint may
also
optionally include bundle a SACK to indicate any gaps by bundling both with the
SACK and SHUTDOWN message together.

Stewart, et al [Page 68]

Internet Draft Stream Control Transmission Protocol April 2000

Note chunk in the sender of a shutdown same SCTP packet.

An endpoint should limit the number of retransmissions of the shutdown message SHUTDOWN
chunk to the protocol parameter 'Association.Max.Retrans'. If this
threshold is exceeded the endpoint should destroy the TCB and may MUST
report the peer endpoint unreachable to the upper layer (and thus the
association enters the CLOSED state). The reception of any packet from
its peer (i.e. as the peer sends all of its queued DATA chunks) should
clear the endpoint's retransmission count and restart the T2-Shutdown
timer, giving its peer ample opportunity to transmit all of its queued
DATA chunks that have not yet been sent.

Upon the reception of the SHUTDOWN, the peer endpoint shall
- enter the
Shutdown-received SHUTDOWN-RECEIVED state, and shall

- stop accepting new data from its SCTP user

- verify, by checking the Cumulative TSN ACK Ack field of the message, chunk, that

Stewart, et al [Page 83]

Internet Draft Stream Control Transmission Protocol June 2000

all its outstanding datagrams DATA chunks have been received by the initiator. SHUTDOWN
sender.

Once a endpoint as reached the SHUTDOWN-RECEIVED state it MUST NOT
send a SHUTDOWN in response to a ULP request.

If there are still outstanding datagrams DATA chunks left, the peer SHUTDOWN receiver
shall mark
them for retransmission and start the retransmit procedure as continue to follow normal data transmission procedures defined in
Section 6.3. 6 until all outstanding DATA chunks are acknowledged; however,
the SHUTDOWN receiver MUST NOT accept new data from its SCTP user.

While in Shutdown-sent SHUTDOWN-SENT state, the initiator SHUTDOWN sender shall immediately
respond to each inbound SCTP datagram containing user data from the peer received DATA chunk with a SACK and restart the
T2-shutdown timer.

If there is it has no more outstanding datagrams, DATA chunks, the peer SHUTDOWN receiver shall
send a SHUTDOWN ACK and then remove all record start a T2-shutdown timer of its own, entering
the SHUTDOWN-ACK-SENT state.

The sender of the association. SHUTDOWN ACK should limit the number of
retransmissions of the SHUTDOWN ACK chunk to the protocol parameter
'Association.Max.Retrans'. If this threshold is exceeded the endpoint
should destroy the TCB and may report the peer endpoint unreachable to
the upper layer (and thus the association enters the CLOSED state).

Upon the receipt of the SHUTDOWN ACK, the initiator SHUTDOWN sender shall stop
the T2-shutdown timer timer, send a SHUTDOWN COMPLETE chunk to its
peer, and remove all record of the association.

Note: that it should be the responsibility of the initiator to

An endpoint SHOULD assure that all the outstanding datagrams on its side outstanding DATA chunks have
been resolved acknowledged before it initiates initiating the shutdown procedure.

Note: an

An endpoint shall should reject any new data request from its upper
layer if it is in Shutdown-sent SHUTDOWN-SENT, SHUTDOWN-RECEIVED, or Shutdown-received state until
completion of the sequence.

Note: if
SHUTDOWN-ACK-SENT state.

If an endpoint is in Shutdown-sent SHUTDOWN-ACK-SENT state and receives an INIT
message from its peer, chunk
(e.g., if the SHUTDOWN COMPLETE was lost) with source and destination
transport addresses (either in the IP addresses or in the INIT chunk)
that belong to this association, it should discard the INIT message chunk and
retransmit the shutdown message. SHUTDOWN ACK chunk.
Note: Receipt of an INIT with the same source and destination IP
addresses as used in transport addresses assigned to an endpoint but
with a different port number indicates the initialization of a
separate association.

The sender of the INIT should respond to the receipt of a SHUTDOWN-ACK
with a stand-alone SHUTDOWN COMPLETE in an SCTP packet with the
Verification Tag field of its common header set to the same tag that
was received in the SHUTDOWN ACK in packet. This is considered an SCTP datagram with Out of
the
Verification Tag field Blue packet as defined in Section 8.4. The sender of its common header set to 0, the INIT lets
T1-init continue running and let remains in the
normal COOKIE-WAIT state. Normal
T1-init timer expiration will cause the INIT message chunk to be retransmitted
and thus restart the start a new association.

Note: if

Stewart, et al [Page 84]

Internet Draft Stream Control Transmission Protocol June 2000

If an endpoint is in Shutdown-sent SHUTDOWN-SENT state and receives a SHUTDOWN message chunk
from its peer, the endpoint shall respond immediately with a SHUTDOWN
ACK to its peer, and move into a SHUTDOWN-ACK-SENT state restarting its
T2-shutdown timer.

If an endpoint is in the SHUTDOWN-ACK-SENT state and receives a
SHUTDOWN ACK, it shall stop the T2-shutdown timer timer, send a
SHUTDOWN COMPLETE chunk to its peer, and remove all record of the
association.

10. Interface with Upper Layer

The Upper Layer Protocols (ULP) shall request for services by passing
primitives to SCTP and shall receive notifications from SCTP for
various events.

Stewart, et al [Page 69]

Internet Draft Stream Control Transmission Protocol April 2000

The primitives and notifications described in this section should be
used as a guideline for implementing SCTP. The following functional
description of ULP interface primitives is shown for illustrative
purposes. We must warn readers that different Different SCTP implementations may have different ULP
interfaces. However, all SCTPs must provide a certain minimum set of
services to guarantee that all SCTP implementations can support the
same protocol hierarchy.

10.1 ULP-to-SCTP

The following sections functionally characterize a ULP/SCTP interface.
The notation used is similar to most procedure or function calls in
high level languages.

The ULP primitives described below specify the basic functions the
SCTP must perform to support inter-process communication. Individual
implementations must define their own exact format, and may provide
combinations or subsets of the basic functions in single calls.

A) Initialize

Format: INITIALIZE ([local port], [local eligible address]) address list])
-> local SCTP instance name

This primitive allows SCTP to initialize its internal data structures
and allocate necessary resources for setting up its operation
environment. Note that once Once SCTP is initialized, ULP can communicate
directly with other endpoints without re-invoking this primitive.

SCTP will return a local SCTP instance name will be returned to the ULP by the SCTP. ULP.

Mandatory attributes:

None.

Optional attributes:

Stewart, et al [Page 85]

Internet Draft Stream Control Transmission Protocol June 2000

The following types of attributes may be passed along with the
primitive:

o local port - SCTP port number, if ULP wants it to be specified;

o local eligible address list - A single An address list that the local SCTP
endpoint should bind. By default default, if an address list is not
included, all transport interface cards IP addresses assigned to the host should be used by
the local endpoint.

IMPLEMENTATION NOTE: if If this optional attribute is supported by an
implementation, it will be the responsibility of the implementation
to enforce that the IP source address field of any SCTP datagrams packets
sent out by this endpoint MUST contain contains one of the IP addresses
indicated in the local eligible address.

Stewart, et al [Page 70]

Internet Draft Stream Control Transmission Protocol April 2000 address list.

B) Associate

Format: ASSOCIATE(local SCTP instance name, destination transport addr,
outbound stream count)
-> association id [,destination transport addr list] [,outbound stream
count]

This primitive allows the upper layer to initiate an association to a
specific peer endpoint.

The peer endpoint shall be specified by one of the transport addresses
which defines the endpoint (see section Section 1.4). If the local SCTP
instance has not been initialized, the ASSOCIATE is considered an
error.

An association id, which is a local handle to the SCTP association,
will be returned on successful establishment of the association. If
SCTP is not able to open an SCTP association with the peer endpoint,
an error is returned.

Other association parameters may be returned, including the complete
destination transport addresses of the peer as well as the outbound
stream count of the local endpoint. One of the transport address from
the returned destination addresses will be selected by the local
endpoint as default primary destination address path for sending SCTP
datagrams
packets to this peer. The returned "destination transport addr
list" can be used by the ULP to change the default primary destination
address path or to
force sending a datagram packet to a specific transport address.

IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a
blocking function call, the ASSOCIATE primitive can return
association parameters in addition to the association id upon
successful establishment. If ASSOCIATE primitive is implemented as a
non-blocking call, only the association id shall be returned and
association parameters shall be passed using the COMMUNICATION UP
notification.

Mandatory attributes:

Stewart, et al [Page 86]

Internet Draft Stream Control Transmission Protocol June 2000

o local SCTP instance name - obtained from the INITIALIZE operation.

o destination transport addr - specified as one of the transport
addresses of the peer endpoint with which the association is to be
established.

o outbound stream count - the number of outbound streams the ULP
would like to open towards this peer endpoint.

Optional attributes:

None.

Stewart, et al [Page 71]

Internet Draft Stream Control Transmission Protocol April 2000

C) Terminate Shutdown

Format: TERMINATE(association SHUTDOWN(association id)
-> result

Gracefully terminates closes an association. Any locally queued user data
will be delivered to the peer. The association will be terminated only
after the peer acknowledges all the messages SCTP packets sent. A success code
will be returned on successful termination of the association. If
attempting to terminate the association results in a failure, an error
code shall be returned.

Mandatory attributes:

o association id - local handle to the SCTP association

Optional attributes:

None.

D) Abort Close

Format: ABORT(association id [, cause code])
-> result

Ungracefully terminates closes an association. Any locally queued user data
will be discarded and an ABORT message chunk is sent to the peer. A success
code will be returned on successful abortion of the association. If
attempting to abort the association results in a failure, an error
code shall be returned.

Note: If possible the SCTP should attempt to return all un-acknowledged
data to the upper layer, however this behavior is implementation
dependent.

Mandatory attributes:

o association id - local handle to the SCTP association

Optional attributes:

o cause code - reason of the abort to be passed to the peer.

None.

Stewart, et al [Page 72] 87]

Internet Draft Stream Control Transmission Protocol April June 2000

E) Send

Format: SEND(association id, buffer address, byte count [,context]
[,stream id] [,life time] [,destination transport address] [,un-order
[,unorder flag] [,no-bundle flag] [,payload protocol-id] )
-> result

This is the main method to send user data via SCTP.

Mandatory attributes:

o association id - local handle to the SCTP association

o buffer address - the location where the user message to be
transmitted is stored;

o byte count - The size of the user data in number of octets; bytes;

Optional attributes:

o context - an optional information 32 bit integer that will be carried in the
sending failure notification to the ULP if the transportation of
this datagram User Message fails.

o stream id - to indicate which stream to send the data on. If not
specified, stream 0 will be used.

o life time - specifies the life time of the user data. The user data
will not be sent by SCTP after the life time expires. This
parameter can be used to avoid efforts to transmit stale
user messages. SCTP notifies the ULP, ULP if the data cannot be
initiated to transport (i.e. sent to the destination via SCTP's
send primitive) within the life time variable. However, the
user data will be transmitted if a chunk SCTP has been attempted to
be transmitted transmit a
chunk before the life time expired.

IMPLEMENTATION NOTE: in In order to better support the data lifetime
option, the data sender MAY transmitter may hold back the assigning of the TSN
number to an outbound data DATA chunk to the last moment. And, for
implementation simplicity, once a TSN number has been assigned the
sender MAY should consider the send of this data DATA chunk as committed,
overriding any lifetime option attached to the data DATA chunk.

o destination transport address - specified as one of the destination
transport addresses of the peer endpoint to which this message packet
should be sent. Whenever possible, SCTP should use this destination
transport address for sending the datagram, packets, instead of the current
primary destination transport address. path.

o un-order unorder flag - this flag, if present, indicates that the user
would like the data delivered in an un-ordered unordered fashion to the peer. peer
(i.e., the U flag is set to 1 on all DATA chunks carrying this
message).

Stewart, et al [Page 88]

Internet Draft Stream Control Transmission Protocol June 2000

o no-bundle flag - instructs SCTP not to bundle the this user data with
other outbound DATA chunks. Note: SCTP may MAY still bundle even when
this flag is present, when faced with network congestion.

o payload protocol-id - A 32 bit u_int unsigned integer that is to be
passed to the peer indicating the type of payload protocol data
being transmitted. This value is passed as opaque data by SCTP.

Stewart, et al [Page 73]

Internet Draft Stream Control Transmission Protocol April 2000

F) Set Primary

Format: SETPRIMARY(association id, destination transport address) address,
[source transport address] )
-> result

Instructs the local SCTP to use the specified destination transport
address as primary destination address path for sending datagrams. packets.

The result of attempting this operation shall be returned. If the
specified destination transport address is not present in the
"destination transport address list" returned earlier in an associate
command or communication up notification, an error shall be returned.

Mandatory attributes:

o association id - local handle to the SCTP association

o destination transport address - specified as one of the transport
addresses of the peer endpoint, which should be used as primary
address for sending datagrams. packets. This overrides the current primary
address information maintained by the local SCTP endpoint.
Stewart, et al [Page 74]

Internet Draft Stream Control Transmission Protocol April 2000

Optional attributes:

o source transport address - optionally, some implementations may
allow you to set the default source address placed in all
outgoing IP datagrams.

G) Receive

Format: RECEIVE(association id, buffer address, buffer size
[,stream id])
-> byte count [,transport address] [,stream id] [,stream sequence
number] [,partial flag] [,delivery number] [,payload protocol-id]

This primitive shall read the first user message in the SCTP in-queue
to
into the buffer specified by ULP, if there is one available, into the specified buffer. available. The size
of the message read, in octets, bytes, will be returned. It may, depending on
the specific implementation, also return other information such as the
sender's
senders address, the stream id on which it is received, whether there
are more messages available for retrieval, etc. For ordered messages,
their stream sequence number may also be returned.

Depending upon the implementation, if this primitive is invoked when

Stewart, et al [Page 89]

Internet Draft Stream Control Transmission Protocol June 2000

no message is available the implementation should return an indication
of this condition or should block the invoking process until data does
become available.

Mandatory attributes:

o association id - local handle to the SCTP association

o buffer address - the memory location indicated by the ULP to store
the received message.

o buffer size - the maximum size of data to be received, in octets. bytes.

Optional attributes:

o stream id - to indicate which stream to receive the data on.

o stream sequence number - the stream sequence number assigned by the
sending SCTP peer.

o partial flag - if this returned flag is set to 1, then this
message is
Receive contains a partial delivery of the whole message. When
this flag is set, the stream id and stream sequence number MUST
accompany this receive. When this flag is set to 0, it indicates
that no more deliveries will be received for this stream sequence
number.

o payload protocol-id - A 32 bit u_int unsigned integer that is received
from the peer indicating the type of payload protocol of the
received data. This value is passed as opaque data by SCTP.

Stewart, et al [Page 75]

Internet Draft Stream Control Transmission Protocol April 2000

H) Status

Format: STATUS(association id)
-> status data

This primitive should return a data block containing the following
information:
association connection state,
destination transport address list,
destination transport address reachability state, states,
current receiver window size,
current congestion window sizes,
number of unacknowledged DATA chunks awaiting acknowledgment, chunks,
number of DATA chunks pending receipt,
primary destination transport address, path,
most recent SRTT on primary destination address, path,
RTO on primary destination address, path,
SRTT and RTO on other destination addresses, etc.

Mandatory attributes:

o association id - local handle to the SCTP association

Stewart, et al [Page 90]

Internet Draft Stream Control Transmission Protocol June 2000

Optional attributes:

None.

I) Change Heartbeat

Format: CHANGEHEARTBEAT(association id, destination transport address,
new state [,interval])
-> result

Instructs the local endpoint to enable or disable heart beat heartbeat on the
specified destination transport address.

The result of attempting this operation shall be returned.
Note, even

Note: Even when enabled, heart beat heartbeat will not take place if the
destination transport address is not idle.

Mandatory attributes:

o association id - local handle to the SCTP association

o destination transport address - specified as one of the transport
addresses of the peer endpoint.

o new state - the new state of heart beat heartbeat for this destination
transport address (either enabled or disabled).

Optional attributes:

o interval - if present, indicates the frequency of the heart beat heartbeat if
this is to enable heart beat heartbeat on a destination transport
address. Default interval is the RTO of the destination address.

Stewart, et al [Page 76]

Internet Draft Stream Control Transmission Protocol April 2000

J) Request HeartBeat

Format: REQUESTHEARTBEAT(association id, destination transport
address)
-> result

Instructs the local endpoint to perform a HeartBeat on the specified
destination transport address of the given association. The returned
result should indicate whether the transmission of the HEARTBEAT
message
chunk to the destination address is successful.

Mandatory attributes:

o association id - local handle to the SCTP association

o destination transport address - the transport address of the
association on which a heartbeat should be issued.

K) Get SRTT Report

Stewart, et al [Page 91]

Internet Draft Stream Control Transmission Protocol June 2000

Format: GETSRTTREPORT(association id, destination transport address)
-> srtt result

Instructs the local SCTP to report the current SRTT measurement on the
specified destination transport address of the given association. The
returned result can be an integer containing the most recent SRTT in
milliseconds.

Mandatory attributes:

o association id - local handle to the SCTP association

o destination transport address - the transport address of the
association on which the SRTT measurement is to be reported.

Stewart, et al [Page 77]

Internet Draft Stream Control Transmission Protocol April 2000 is to be reported.

L) Set Failure Threshold

Format: SETFAILURETHRESHOLD(association id, destination transport
address, failure threshold)
-> result

This primitive allows the local SCTP to customize the reachability
failure detection threshold 'Path.Max.Retrans' for the specified
destination address.

Mandatory attributes:

o association id - local handle to the SCTP association

o destination transport address - the transport address of the
association on which the failure detection threshold is to be set.

o failure threshold - the new value of 'Path.Max.Retrans' for the
destination address.

M) Set Protocol Parameters

Format: SETPROTOCOLPARAMETERS(association id, [,destination transport
address,] protocol parameter list)
-> result

This primitive allows the local SCTP to customize the protocol
parameters.

Mandatory attributes:

o association id - local handle to the SCTP association

o protocol parameter list - The specific names and values of the
protocol parameters (e.g., Association.Max.Retrans [see Section 14])
that the SCTP user wishes to customize.

Optional attributes:

Stewart, et al [Page 92]

Internet Draft Stream Control Transmission Protocol June 2000

o destination transport address - some of the protocol parameters may
be set on a per destination transport address basis.

N) Receive unsent message

Format: RECEIVE_UNSENT(data retrieval id, buffer address, buffer size
[,stream id] [, stream sequence number] [,partial flag]
[,payload protocol-id])

o data retrieval id - The identification passed to the ULP in the
failure notification.

o buffer address - the memory location indicated by the ULP to store
the received message.

o buffer size - the maximum size of data to be received, in bytes.

Optional attributes:

o stream id - this is a return value that is set to indicate
which stream the data was sent to.

o stream sequence number - this value is returned indicating
the stream sequence number that was associated with the message.

o partial flag - if this returned flag is set to 1, then this
message is a partial delivery of the whole message. When
this flag is set, the stream id and stream sequence number MUST
accompany this receive. When this flag is set to 0, it indicates
that no more deliveries will be received for this stream sequence
number.

o payload protocol-id - The 32 bit unsigned integer that was sent to
be sent to the peer indicating the type of payload protocol of the
received data.

O) Receive unacknowledged message

Format: RECEIVE_UNACKED(data retrieval id, buffer address, buffer size,
[,stream id] [, stream sequence number] [,partial flag]
[,payload protocol-id])

o data retrieval id - The identification passed to the ULP in the
failure notification.

o buffer address - the memory location indicated by the ULP to store
the received message.

o buffer size - the maximum size of data to be received, in bytes.

Optional attributes:

o stream id - this is a return value that is set to indicate
which stream the data was sent to.

Stewart, et al [Page 93]

Internet Draft Stream Control Transmission Protocol June 2000

o stream sequence number - this value is returned indicating
the stream sequence number that was associated with the message.

o payload protocol-id - The 32 bit unsigned integer that was sent to
be sent to the peer indicating the type of payload protocol of the
received data.

P) Destroy SCTP instance

Format: DESTROY(local SCTP instance name)

o local SCTP instance name - this is the value that was
passed to the application in the initialize primitive and
it indicates which SCTP instance to be destroyed.

10.2 SCTP-to-ULP

It is assumed that the operating system or application environment
provides a means for the SCTP to asynchronously signal the ULP
process. When SCTP does signal an ULP process, certain information is
passed to the ULP.

IMPLEMENTATION NOTE: in In some cases this may be done through a
seperate
separate socket or error channel.

Stewart, et al [Page 78]

Internet Draft Stream Control Transmission Protocol April 2000

A) DATA ARRIVE notification

SCTP shall invoke this notification on the ULP when a user message is
successfully received and ready for retrieval.

The following may be optionally be passed with the notification:

o association id - local handle to the SCTP association

o stream id - to indicate which stream the data is received on.

B) SEND FAILURE notification

If a message can not be delivered SCTP shall invoke this notification
on the ULP.

The following may be optionally be passed with the notification:

o association id - local handle to the SCTP association

o data retrieval id - the location ULP can find the un-delivered message. an identification used to retrieve

Stewart, et al [Page 94]

Internet Draft Stream Control Transmission Protocol June 2000

unsent and unacknowledged data.

o cause code - indicating the reason of the failure, e.g., size too
large, message life-time expiration, etc.

o context - optional information associated with this message (see
D in section Section 10.1).

C) NETWORK STATUS CHANGE notification

When a destination transport address is marked down inactive (e.g., when
SCTP detects a failure), or marked up active (e.g., when SCTP detects a
recovery), SCTP shall invoke this notification on the ULP.

The following shall be passed with the notification:

o association id - local handle to the SCTP association

o destination transport address - This indicates the destination
transport address of the peer endpoint affected by the change;

o new-status - This indicates the new status.

Stewart, et al [Page 79]

Internet Draft Stream Control Transmission Protocol April 2000 - This indicates the new status.

D) COMMUNICATION UP notification

This notification is used when SCTP becomes ready to send or receive
user messages, or when a lost communication to an endpoint is
restored.

IMPLEMENTATION NOTE: If ASSOCIATE primitive is implemented as a
blocking function call, the association parameters are returned as a
result of the ASSOCIATE primitive itself. In that case,
COMMUNICATION UP notification is optional at the association
initiator's side.

The following shall be passed with the notification:

o association id - local handle to the SCTP association

o status - This indicates what type of event that has occurred

o destination transport address list - the complete set of transport
addresses of the peer

o outbound stream count - the maximum number of streams allowed to be
used in this association by the ULP

o inbound stream count - the number of streams the peer endpoint
has requested with this association (this may not be the same
number has as 'outbound stream count').

Stewart, et al [Page 80]

Internet Draft Stream Control Transmission Protocol April 2000

E) COMMUNICATION LOST notification

When SCTP loses communication to an endpoint completely (via

Stewart, et al [Page 95]

Internet Draft Stream Control Transmission Protocol June 2000

Heartbeats) or detects that the endpoint has performed an abort or graceful shutdown
operation, it shall invoke this notification on the ULP.

The following shall be passed with the notification:

o association id - local handle to the SCTP association

o status - This indicates what type of event that has occurred;
The status may indicate a failure OR a normal
termination event occurred in response to a
shutdown or abort request.

The following may be optionally passed with the notification:

o unsent-messages - The number and location of un-sent messages
still in hold by SCTP;

o unacknowledged-messages data retrieval id - The number and location of messages
that were attempted to be transported an identification used to the destination, but were
not acknowledged when the loss of communication was detected. retrieve
unsent and unacknowledged data.

o last-acked - the sequence number TSN last acked by that peer endpoint;

o last-sent - the sequence number TSN last sent to that peer endpoint;

o received-but-not-delivered - messages that were received by SCTP
but not yet delivered to the ULP.

Note: the un-send data report may not be accurate for those user
messages which are segmented by SCTP during transmission.

F) COMMUNICATION ERROR notification

When SCTP receives an ERROR chunk from its peer and decides to notify
its ULP, it can invoke this notification on the ULP.

The following can be passed with the notification:

o association id - local handle to the SCTP association

o error info - this indicates the type of error and optionally some
additional information received through the ERROR chunk.

G) RESTART notification

When SCTP detects that the peer has restarted, it may send
this notification to its ULP.

The following can be passed with the notification:

o association id - local handle to the SCTP association

H) SHUTDOWN COMPLETE notification

When SCTP completes the shutdown procedures (section 9.2) this
notification is passed to the upper layer.

The following can be passed with the notification:

o association id - local handle to the SCTP association

Stewart, et al [Page 81] 96]

Internet Draft Stream Control Transmission Protocol April June 2000

11. Security Considerations

11.1 Security Objectives

As a common transport protocol designed to reliably carry time-
sensitive user messages, such as billing or signaling messages for
telephony services, between two networked endpoints, SCTP has the
following security objectives.

- availability of reliable and timely data transport services
- integrity of the user-to-user information carried by SCTP

11.2 SCTP Responses To Potential Threats

It is clear that

SCTP may potentially be used in a wide variety of risk situations. It
is important for operator(s) of the systems
concerned running SCTP to analyze their
particular situations and decide on the appropriate counter-measures.

Where the SCTP system serves a group of users, it is probably
operating as part

Operators of a professionally managed corporate or service
provider network. It is reasonable to expect that this management
includes an appropriate security policy framework. [RFC 2196, "Site
Security Handbook", B. Fraser Ed., September 1997] systems running SCTP should be
consulted consult [RFC2196] for guidance.

The case is more difficult where the SCTP system is operated by a
private user. The service provider with whom that user has a
contractual arrangement SHOULD provide help to ensure that the
user's site is secure, ranging from advice on configuration through
downloaded scripts and security software.
guidance in securing their site.

11.2.1 Countering Insider Attacks

The principles of the Site Security Handbook [13] [RFC2196] should be applied to minimize the risk of
theft of information or sabotage by insiders. These Such procedures include
publication of security policies, control of access at the physical,
software, and network levels, and separation of services.

Stewart, et al [Page 82]

Internet Draft Stream Control Transmission Protocol April 2000

11.2.2 Protecting against Data Corruption in the Network

Where the risk of undetected errors in datagrams delivered by the lower
layer transport services is considered to be too great, additional checksum
integrity protection may be required. The question is
whether required. If this is appropriately provided as an SCTP service because it
is needed by most potential users of SCTP, or whether instead it
should be additional protection were
provided by in the application-layer, the SCTP user application. (The SCTP protocol
overhead, as opposed header would remain
vulnerable to deliberate integrity attacks. While the signaling payload, is protected adequately
by the Adler-32 checksum and measures taken in existing SCTP
mechanisms for detection of packet replays are considered sufficient
for normal operation, stronger protections are needed to prevent replay protect SCTP
when the operating environment contains significant risk of deliberate
attacks and masquerade.) from a sophisticated adversary.

In any event, order to promote software code-reuse, to avoid re-inventing the checksum must be
specifically designed
wheel, and to ensure that it detects avoid gratuitous complexity to SCTP, the errors left behind
by IP
Authentication Header [RFC2402] SHOULD be used when the Adler-32 checksum. threat
environment requires stronger integrity protections, but does not
require confidentiality.

A widely implemented BSD Sockets API extension exists for applications
to request IP security services, such as AH or ESP from an operating
system kernel. Applications can use such an API to request AH whenever
AH use is appropriate.

Stewart, et al [Page 97]

Internet Draft Stream Control Transmission Protocol June 2000

11.2.3 Protecting Confidentiality

In most cases, the risk of breach of confidentiality applies to the
signaling data payload, not to the SCTP or lower-layer protocol
overheads. If that is true, encryption of the SCTP user data only
may might
be considered. As with the supplementary checksum service, user data
encryption may MAY be performed by the SCTP user application. SCTP user application. Alternately,
the user application MAY use an implementation-specific API to request
that the IP Encapsulating Security Payload (ESP) [RFC2406] be used to
provide confidentiality and integrity.

Particularly for mobile users, the requirement for confidentiality
may
might include the masking of IP addresses and ports. In this case
IPSEC ESP should
SHOULD be used instead of application-level encryption.
Similarly, where other reasons prompt the use confidentiality. If ESP is
used to protect confidentiality of the IPSEC SCTP traffic, an ESP
service, application-level encryption cryptographic
transform that includes cryptographic integrity protection MUST be
used, because if there is unnecessary. It a confidentiality threat there will also be up
to the SCTP system operators to configure the application
appropriately. a
strong integrity threat.

Whenever ESP is in use, application-level encryption is not generally
required.

Regardless of which level performs the encryption, where confidentiality is provided, the IPSEC ISAKMP
service should [RFC2408]
and the Internet Key Exchange (IKE) [RFC2409] SHOULD be used for key
management.

Operators should consult [RFC 2401, "Security Architecture for the
Internet Protocol", S. Kent, R. Atkinson, November 1998] [RFC2401] for more information on the configuration of IPSEC security
services between hosts
with available at and without intervening firewalls. immediately above the Internet Protocol
layer.

11.2.4 Protecting against Blind Denial of Service Attacks

A blind attack is one where the attacker is unable to intercept or
otherwise see the content of data flows passing to and from the target
SCTP node where it is not a party to the association. node. Blind denial of service attacks may take the form of
flooding, masquerade, or improper monopolization of services.

Stewart, et al [Page 83]

Internet Draft Stream Control Transmission Protocol April 2000

11.2.4.1 Flooding

The objective of flooding is to cause loss of service and incorrect
behavior at target systems through resource exhaustion, interference
with legitimate transactions, and exploitation of buffer-related
software bugs. Flooding may be directed either at the SCTP node or at
resources in the intervening IP Access Links or the Internetwork. Internet.
Where the latter entities are the target, flooding will manifest
itself as loss of network services, including potentially the breach
of any firewalls in place.

In general, protection against flooding begins at the equipment
design level, where it includes measures such as:

- avoiding commitment of limited resources before determining that
the request for service is legitimate

Stewart, et al [Page 98]

Internet Draft Stream Control Transmission Protocol June 2000

- giving priority to completion of processing in progress over the
acceptance of new work
- identification and removal of duplicate or stale queued requests
for service.
- not responding to unexpected packets sent to non-unicast
addresses.

Network equipment should be capable of generating an alarm and log
if a suspicious increase in traffic occurs. The log should provide
information such as the identity of the incoming link and source
address(es) used which will help the network or SCTP system operator
to take protective measures. Procedures should be in place for the
operator to act on such alarms if a clear pattern of abuse emerges.

The design of SCTP is resistant to flooding attacks, particularly in
its use of a four-way start-up handshake, its use of a cookie to
defer commitment of resources at the responding SCTP node until the
handshake is completed, and its use of a verification tag Verification Tag to prevent
insertion of extraneous messages packets into the flow of an established
association.

The IP Authentication Header and Encapsulating Security Payload might
be useful in reducing the risk of certain kinds of denial of service
attacks."

The use of the Host Name feature in the INIT chunk could be used to
flood a target DNS server. A large backlog of DNS queries, resolving
the Host Name received in the INIT chunk to IP addresses, could be
accomplished by sending INIT's to multiple hosts in a given domain.
In addition, an attacker could use the Host Name feature in an indirect
attack on a third party by sending large numbers of INITs to random
hosts containing the host name of the target. In addition to the
strain on DNS resources, this could also result in large numbers of
INIT ACKs being sent to the target. One method to protect against this
type of attack is to verify that the IP addresses received from DNS
include the source IP address of the original INIT. If the list of IP
addresses received from DNS does not include the source IP address of
the INIT, the endpoint MAY silently discard the INIT. This last option
will not protect against the attack against the DNS.

11.2.4.2 Masquerade

Masquerade can be used to deny service in several ways:

- by tying up resources at the target SCTP node to which the
impersonated node has limited access. For example, the target node
may by policy permit a maximum of one SCTP association with the
impersonated SCTP node. The masquerading attacker may attempt to
establish an association purporting to come from the impersonated
node so that the latter cannot do so when it requires it.
- by deliberately allowing the impersonation to be detected,
thereby provoking counter-measures which cause the impersonated node
to be locked out of the target SCTP node.

Stewart, et al [Page 99]

Internet Draft Stream Control Transmission Protocol June 2000

- by interfering with an established association by inserting
extraneous content such as a SHUTDOWN request.

Stewart, et al [Page 84]

Internet Draft Stream Control Transmission Protocol April 2000

SCTP prevents reduces the risk of masquerade attacks through IP spoofing by use
of the four-way startup handshake. Because the initial exchange is
memoryless, no lockout mechanism is triggered by masquerade attacks.
In addition, the INIT ACK containing the State Cookie is transmitted
back to the IP address from which it received the INIT. Thus the
attacker would not receive the INIT ACK containing the State Cookie.
SCTP protects against insertion of extraneous messages packets into the flow of
an established association by use of the verification tag. Verification Tag.

Logging of received INIT requests and abnormalities such as
unexpected INIT ACKs might be considered as a way to detect patterns
of hostile activity. However, the potential usefulness of such
logging must be weighed against the increased SCTP startup
processing it implies, rendering the SCTP node more vulnerable to
flooding attacks. Logging is pointless without the establishment of
operating procedures to review and analyze the logs on a routine
basis.

11.2.4.3 Improper Monopolization of Services

Attacks under this heading are performed openly and legitimately by
the attacker. They are directed against fellow users of the target
SCTP node or of the shared resources between the attacker and the
target node. Possible attacks include the opening of a large number
of associations between the attacker's node and the target, or
transfer of large volumes of information within a legitimately-
established association.

Such attacks take advantage of policy deficiencies at the target
SCTP node. Defense begins with a contractual prohibition of
behavior directed to denial of service to others.

Policy limits should be placed on the number of associations per
adjoining SCTP node. SCTP user applications should be capable of
detecting large volumes of illegitimate or "no-op" messages within a
given association and either logging or terminating the association as
a result, based on local policy.

11.3 Protection against Fraud and Repudiation

The objective of fraud is to obtain services without authorization
and specifically without paying for them. In order to achieve this
objective, the attacker must induce the SCTP user application at the
target SCTP node to provide the desired service while accepting
invalid billing data or failing to collect it. Repudiation is a
related problem, since it may occur as a deliberate act of fraud or
simply because the repudiating party kept inadequate records of
service received.

Potential fraudulent attacks include interception and misuse of
authorizing information such as credit card numbers, blind
masquerade and replay, and man-in-the middle attacks which modify
the messages packets passing through a target SCTP association in real time.

The interception attack is countered by the confidentiality measures

Stewart, et al [Page 85] 100]

Internet Draft Stream Control Transmission Protocol April June 2000

The interception attack is countered by the confidentiality measures

discussed in section Section 11.2.3 above.

Section 11.2.4.2 describes how SCTP is resistant to blind masquerade
attacks, as a result of the four-way startup handshake and the
validation tag.
Verification Tag. The validation tag Verification Tag and TSN together are
protections against blind replay attacks, where the replay is into an
existing association.

However, SCTP does not protect against man-in-the-middle attacks
where the attacker is able to intercept and alter the messages packets sent
and received in an association. Where a significant possibility of
such attacks is seen to exist, or where possible repudiation is an
issue, the use of the IPSEC AH service is recommended to ensure both
the integrity and the authenticity of the messages SCTP packets passed.

SCTP also provides no protection against attacks originating at or
beyond the SCTP node and taking place within the context of an
existing association. Prevention of such attacks should be covered
by appropriate security policies at the host site, as discussed in
section
Section 11.2.1.

12. Recommended Transmission Control Block (TCB) Parameters

This section details a recommended set of parameters that should
be contained within the TCB for an implementation. This section is
for illustrative purposes and should not be deemed as requirements
on an implementation NOR or as an exhaustive list of all parameters
inside an SCTP TCB. Each implementation may need its own additional
parameters to optimize their implementation. for optimization.

12.1 Parameters necessary for the SCTP instance

Associations

Associations: A list of current associations and mappings to the
data consumers for each association. This may be in
the form of a hash table or other implementation
dependent structure. The data consumers may be process
identification information such as file descriptors,
named pipe pointer, or table pointers dependent on how
SCTP is implemented.

Secret Key Key: A secret key used by this endpoint to sign all cookies. compute the MAC.
This SHOULD be a cryptographic quality random number with
a sufficient length. Discussion in RFC 1750 [1] [RFC1750] can be
helpful in selection of the key.

Address List List: The list of IP addresses that this instance has bound.
This information is passed to one's peer(s) in INIT and
INIT-ACK messages.
INIT ACK chunks.

SCTP Por Port: The local SCTP port number the endpoint is bound to.

12.2 Parameters necessary per association (i.e. the TCB)

Stewart, et al [Page 86] 101]

Internet Draft Stream Control Transmission Protocol April June 2000

12.2 Parameters necessary per association (i.e. the TCB)

Peer : Tag value to be sent in every datagram packet and is received
Verification
Verification: in the INIT or INIT ACK message. chunk.
Tag :

My : Tag expected in every inbound datagram packet and sent in the
Verification
Verification: INIT or INIT ACK message. chunk.
Tag :

State : A state variable indicating what state the association is
: in, i.e . COOKIE_WAIT, COOKIE_SENT, i.e. COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED,
SHUTDOWN_PENDING, SHUTDOWN_SENT, SHUTDOWN_RECEIVED.
: SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED,
: SHUTDOWN-ACK-SENT.

Note: No "CLOSED" state is illustrated since if a
association is "CLOSED" its TCB SHOULD be removed.

Peer : A list of SCTP transport addresses that the peer is
Transport : bound to. This information is derived from the INIT or
Address INIT-ACK : INIT ACK and is used to associate an inbound datagram packet
List : with a given association. Normally this information is
: hashed or keyed for quick lookup and access of the TCB.

Primary : This is the current primary destination transport
Destination
Path : address of the peer endpoint. It may also specify a
: source transport address on this endpoint.

Overall : The overall association error count.
Error Count :

Overall : The threshold for this association that if the Overall
Error : Error Count reaches will cause this association to be
Threshold : torn down.

Peer Rwnd : Current calculated value of the peer's rwnd.

Next TSN My : The next TSN number I will assign. to be assigned to a new DATA chunk.
: This is sent in the INIT or INIT-ACK message INIT ACK chunk to the peer
: and incremented each time a DATA chunk is assigned a
: TSN (normally just prior to transmit or during
segmentation).
: fragmentation).

Last Rcvd : This is the last TSN I received and is the
TSN current cumulative TSN point. in sequence. This value is
TSN : set initially by taking the peers initial peer's Initial TSN,
: received in the INIT or INIT-ACK message, INIT ACK chunk, and
: subtracting one from it.

Mapping : An array of bits or bytes indicating which out of
Array : order TSN's have been received (relative to the
cumulative TSN i.e.
: Last Rcvd TSN). If no GAP's gaps exist, i.e. no out of order messages
: packets have been received, this array will be set to all
: zero. This structure may be in the form of a circular
: buffer or bit array.

Stewart, et al [Page 87] 102]

Internet Draft Stream Control Transmission Protocol April June 2000

Ack State : This flag indicates if the next received datagram packet
: is to be responded to with a SACK. This is initialized
: to 0, when 0. When a datagram packet is received it is incremented.
: If this value reaches 2, 2 or more, a SACK is sent and the
: value is reset to 0. Note: this This is used only when no datagrams DATA
: chunks are received out of order, when order. When DATA chunks are
: out of order order, SACK's are not delayed (see Section 6).

Inbound : An array of structures to track the inbound streams.
Streams : Normally including the next sequence number expected
: and possibly the stream number.

Outbound : An array of structures to track the outbound streams.
Streams : Normally including the next sequence number to
: be sent on the stream.

Reasm Queue : A re-assembly queue.

Local : The list of local IP addresses bound in to this
Transport : association.
Address :
List :

Association : The smallest PMTU discovered for all of the
PMTU : peer's transport addresses.

12.3 Per Transport Address Data

For each destination transport address in the peer's address list
derived from the INIT or INIT ACK message, chunk, a number of data elements
needs to be maintained including:

Error count : The current error count for this destination.

Error : Current error threshold for this destination i.e.
Threshold : what value marks the destination down if Error count
: reaches this value.

cwnd : The current congestion window.

ssthresh : The current ssthresh value.

RTO : The current retransmission timeout value.

SRTT : The current smoothed round trip time.

RTTVAR : The current RTT variation.

partial : The tracking method for increase of cwnd when in
bytes acked : congestion avoidance mode (see section Section 6.2.2)

state : The current state of this destination, i.e. DOWN, UP,

Stewart, et al [Page 103]

Internet Draft Stream Control Transmission Protocol June 2000

: ALLOW-HB, NO-HEARTBEAT, etc.

P-MTU

PMTU : The current known path MTU.

Per : A timer used by each destination.
Destination :
Timer

Stewart, et al [Page 88]

Internet Draft Stream Control Transmission Protocol April 2000 :

RTO-Pending : A flag used to track if one of the datagrams DATA chunks sent to
this address is currently being used to compute a RTT. If
this flag is 0, the next datagram DATA chunk sent to this
destination should be used to compute a RTT and this flag
should be set. Every time the RTT calculation
completes (i.e. the datagram DATA chunk is SACK'd) clear this flag.

last-time : The time this destination was last sent to. This can be
used : used to determine if a HEARTBEAT is needed.

12.4 General Parameters Needed

Out Queue : A queue of outbound datagrams. DATA chunks.

In Queue : A queue of inbound datagrams. DATA chunks.

13. IANA Consideration

This protocol will require port reservation like TCP for the use of
"well known" servers within the Internet. It is suggested that all All current TCP ports should shall
be automatically reserved in the SCTP port address space. New requests
should follow IANA's current mechanisms for TCP.

This protocol may also be extended through IANA in three ways:
-- through definition of additional chunk types,
-- through definition of additional parameter types, or
-- through definition of additional cause codes within Operation
Error
ERROR chunks

In the case where a particular ULP using SCTP desires to have its own
ports, the ULP should be responsible for registering with IANA for
getting its ports assigned.

13.1 IETF-defined Chunk Extension

The appropriate definition and use of specific new chunk types is an integral part of the
SCTP protocol. In consequence, the intention is that
SCTP. Thus, new IETF-defined chunk types MUST be supported are assigned by standards-track RFC documentation.
As a transitional step, a new chunk type MAY be introduced in IANA through an
Experimental RFC. Chunk type codes MUST remain permanently associated
with the original documentation on the basis of which they were
allocated. Thus if the RFC supporting a given chunk type is
deprecated in favor of a new document, the corresponding chunk type
code value is also deprecated and a new code value is allocated
IETF Consensus action as defined in
association with the replacement document.

Stewart, et al [Page 89]

Internet Draft Stream Control Transmission Protocol April 2000 [RFC2434].

The documentation for a new chunk code type must include the following
information:
(a) a A long and short name for the new chunk type;
(b) a A detailed description of the structure of the chunk, which MUST
conform to the basic structure defined in section Section 3.2;
(c) a A detailed definition and description of intended use of each field
within the chunk, including the chunk flags if any;
(d) a detailed procedural description of the use of the new chunk type
within the operation of the protocol.

If the primary numbering space reserved for IETF use (0x00 to 0xFD) is
exhausted, new codes shall subsequently be allocated in the extension
range 0x0000 through 0xFFFF. Chunks allocated in this range MUST
conform to the following structure:

First word (32 bits):
as shown in section 3.2, with chunk type code equal to 0xFF.

Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code value.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Stewart, et al [Page 104]

Internet Draft Stream Control Transmission Protocol June 2000

within the chunk, including the chunk flags if any;
(d) A detailed procedural description of the use of the new chunk type
within the operation of the protocol.

The last chunk type (255) is reserved for future extension if
necessary.

13.2 IETF-defined Chunk Parameter Extension

The allocation assignment of a new chunk parameter type code from the IETF
numbering space MUST be supported by RFC documentation. As with chunk
type codes, parameter type codes are uniquely associated with their
supporting document and MUST be replaced if new documentation is
provided. This documentation may be Informational, Experimental, or
standards-track at the discretion done through an
IETF Consensus action as defined in [RFC2434]. Documentation of the IESG. It
chunk parameter MUST contain the following information:

(a) Name of the parameter type.
(b) Detailed description of the structure of the parameter field. This
structure MUST conform to the general type-length-value format
described in section Section 3.2.1.
(c) Detailed definition of each component of the parameter value.
(d) Detailed description of the intended use of this parameter type,
and an indication of whether and under what circumstances
multiple instances of this parameter type may be found within the
same chunk.

Stewart, et al [Page 90]

Internet Draft Stream Control Transmission Protocol April 2000

Additional parameter type codes may be allocated initially from the
range 0x0000 through 0xFFFD. If this space is exhausted, extension
codes shall be allocated in the range 0x0000 through 0xFFFF. Where an
extension code has been allocated, the format of the parameter must
conform to the following structure:

First word (32 bits):
contains the parameter type code 0xFFFF and parameter length as
described in section 3.2.1.

Second word:
first octet MUST be all 1's (0xFF). Next octet MUST be all 0's
(0x00). Final two octets contain the allocated extension code
value.

The Value portion of the parameter, if any, follows the second word.

0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1| Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|1 1 1 1 1 1 1 1|0 0 0 0 0 0 0 0| Extension Type Code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ Value /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

13.3 IETF-defined Additional Error Causes

Additional cause codes may be allocated in the range 0x0004 11 to 0xFFFF
upon receipt of any permanently-available public 65535
through a Specification Required action as defined in [RFC2434].
Provided documentation
containing must include the following information:

(a) Name of the error condition.
(b) Detailed description of the conditions under which an SCTP
endpoint should issue an Operation Error ERROR (or ABORT) with this cause code.
(c) Expected action by the SCTP endpoint which receives an Operation
Error ERROR
(or ABORT) chunk containing this cause code.
(d) Detailed description of the structure and content of data fields
which accompany this cause code.

The initial word (32 bits) of a cause code parameter MUST conform to
the format shown in section 3.3.9, Section 3.3.10, i.e.:
-- first two octets bytes contain the cause code value
-- last two octets bytes contain length of the cause parameter.

Stewart, et al [Page 91]

Internet Draft Stream Control Transmission Protocol April 2000

13.4 Cause Parameter.

13.3 Payload Protocol Identifiers

Except for value 0x00000000 0 which is reserved by SCTP to indicate the
absence of a an
unspecified payload protocol identifier in a DATA chunk, SCTP will
not be responsible for standardizing or verifying any payload protocol
identifiers; SCTP simply receives the identifier from the upper layer
and carries it with the corresponding payload data.

The upper layer, i.e, i.e., the SCTP user, SHOULD standardize any specific
protocol identifier with IANA if it is so desired. The use of any
specific payload protocol identifier is out of the scope of SCTP.

Stewart, et al [Page 105]

Internet Draft Stream Control Transmission Protocol June 2000

14. Suggested SCTP Protocol Parameter Values

The following protocol parameters are RECOMMENDED:

RTO.Initial - 3 seconds
RTO.Min - 1 second
RTO.Max - 60 seconds
RTO.Alpha - 1/8
RTO.Beta - 1/4
Valid.Cookie.Life - 5 60 seconds
Association.Max.Retrans - 10 attempts
Path.Max.Retrans - 5 attempts (per destination address)
Max.Init.Retransmits - 8 attempts

'retrans.count'
HB.interval - counter (per destination address)
'receiver.buffer' - variable (per peer endpoint) 30 seconds

IMPLEMENTATION NOTE: The SCTP implementation may allow ULP to
customize some of these protocol parameters (see Section 10).

Note: RTO.Min SHOULD be set as recommended above.

15. Acknowledgments Acknowledgements

The authors wish to thank Mark Allman, R.J.Atkinson, Richard Band,
Scott Bradner, Steve Bellovin, Ram Dantu, R. Ezhirpavai, Mike Fisk,
Sally Floyd, Matt Holdrege, Henry Houh, Christian Huetima, Huitema, Gary
Lehecka, John Loughney, Daniel Luan, Thomas Narten, Erik Nordmark,
Lyndon Ong, Shyamal Prasad, Kelvin Porter, Heinz Prantner, Jarno
Rajahalme, Raymond E. Reeves, Renee Revis, Ivan Arias Rodriguez,
A. Sankar, Greg Sidebottom, Brian Wyld, and many others for their
invaluable comments.

Stewart, et al [Page 92]

Internet Draft Stream Control Transmission Protocol April 2000

16. Authors' Addresses

Randall R. Stewart Tel: +1-847-632-7438 +1-815-479-8536
Motorola, Inc. EMail: rstewar1@email.mot.com rstewart@flashcom.net
1501 W. Shure Drive, #2315
Arlington Heights, IL 60004
USA

Qiaobing Xie Tel: +1-847-632-3028
Motorola, Inc. EMail: qxie1@email.mot.com
1501 W. Shure Drive, #2309
Arlington Heights, IL 60004
USA

Ken Morneault Tel: +1-703-484-3323
Cisco Systems Inc. EMail: kmorneau@cisco.com
13615 Dulles Technology Drive
Herndon, VA. 20171
USA

Stewart, et al [Page 106]

Internet Draft Stream Control Transmission Protocol June 2000

Chip Sharp Tel: +1-919-392-3121
Cisco Systems Inc. EMail:chsharp@cisco.com
7025 Kit Creek Road
Research Triangle Park, NC 27709
USA

Hanns Juergen Schwarzbauer Tel: +49-89-722-24236
SIEMENS AG
Hofmannstr. 51
81359 Munich
Germany
EMail: HannsJuergen.Schwarzbauer@icn.siemens.de

Tom Taylor Tel: +1-613-736-0961
Nortel Networks
1852 Lorraine Ave.
Ottawa, Ontario
Canada K1H 6Z8
EMail:taylor@nortelnetworks.com

Ian Rytina Tel: +61-3-9301-6164
Ericsson Australia EMail:ian.rytina@ericsson.com
37/360 Elizabeth Street
Melbourne, Victoria 3000
Australia

Malleswar Kalla Tel: +1-973-829-5212
Telcordia Technologies
MCC 1J211R
445 South Street
Morristown, NJ 07960
USA
EMail: kalla@research.telcordia.com

Stewart, et al [Page 93]

Internet Draft Stream Control Transmission Protocol April 2000

Lixia Zhang Tel: +1-310-825-2695
UCLA Computer Science Department EMail: lixia@cs.ucla.edu
4531G Boelter Hall
Los Angeles, CA 90095-1596
USA

Vern Paxson Tel: +1-510-642-4274 x 302
ACIRI EMail: vern@aciri.org
1947 Center St., Suite 600,
Berkeley, CA 94704-1198
USA

17. References

[1] Eastlake , D.

[RFC768] Postel, J. (ed.), "Randomness Recommendations for Security",
RFC 1750, December 1994.

[2] Deutsch, P., and Gailly, J-L., "ZLIB Compressed Data Format
Specification version 3.3", RFC 1950, May 1996.

[3] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion
Control", RFC 2581, April 1999.

[4] Krawczyk, H., Bellare, M., Canetti, R., "HMAC: Keyed-Hashing for
Message Authentication", RFC 2104, March 1997.

[5] Allman, M., and Paxson, V., "On Estimating End-to-End Network
Path Properties", Proc. SIGCOMM'99, 1999.

[6] Karn, P., and Simpson, W., "Photuris: Session-Key Management "User Datagram Protocol", RFC 2522, March 1999.

[7] Bradner, S., "The Internet Standards Process -- Revision 3",
RFC 2026, October 1996.

[8] 768, August
1980.

[RFC793] Postel, J. (ed.), "Transmission Control Protocol", RFC 793,
September 1981.

[9] Postel, J. (ed.), "User Datagram Protocol", RFC 768, August 1980.

[10] Reynolds, J.,

Stewart, et al [Page 107]

Internet Draft Stream Control Transmission Protocol June 2000

[RFC1123] Braden, R., "Requirements for Internet hosts - application
and Postel, J. (ed.), "Assigned Numbers", support.", RFC 1700, 1123, October 1994.

[11] 1989.

[RFC1191] Mogul, J., and Deering, S., "Path MTU Discovery", RFC 1191,
November 1990.

[12]

[RFC1700] Reynolds, J., and Postel, J. (ed.), "Assigned Numbers",
RFC 1700,

[RFC1981] McCann, J., Deering, S., and Mogul, J., "Path MTU Discovery
for IP version 6", RFC 1981, August 1996.

[13] Fraser, B. (ed.), "Site Security Handbook",

[RFC1982] Elz, R., Bush, R., "Serial Number Arithmetic", RFC 2196, September
1997.

Stewart, et al [Page 94] 1982,
August 1996.

[RFC2026] Bradner, S., "The Internet Draft Stream Control Transmission Protocol April 2000

[14] Standards Process -- Revision 3",
RFC 2026, October 1996.

[RFC2119] Bradner, S. "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2401] Kent, S., and Atkinson, R., "Security Architecture for the
Internet Protocol", RFC 2401, November 1998.

[15] Savage,

[RFC2402] S. Kent, R. Atkinson., "IP Authentication Header.",
RFC 2402, November 1998.

[RFC2406] S. Kent, R. Atkinson., "IP Encapsulating Security Payload
(ESP)." RFC-2406, November 1998.

[RFC2408] D. Maughan, M. Schertler, M. Schneider, J. Turner.,
"Internet Security Association and Key Management Protocol"
RFC 2408, November 1998.

[RFC2409] D. Harkins, D. Carrel, "The Internet Key Exchange (IKE)",
RFC 2409, November 1998.

[RFC2434] T. Narten, and H. Avestrand, "Guidelines for Writing an IANA
Considerations Section in RFCs.", RFC2434, October 1998.

[RFC2460] Deering, S., Cardwell, N., Wetherall, D., and Anderson, T., R. Hinden, "Internet Protocol, Version
6 (IPv6) Specification", RFC 2460, December 1998.

[RFC2581] Allman, M., Paxson, V., and Stevens, W., "TCP Congestion Control with a Misbehaving Receiver", ACM
Computer Communication Review, 29(5),
Control", RFC 2581, April 1999. October 1994.

18. Bibliography

[ALLMAN99] Allman, M., and Paxson, V., "On Estimating End-to-End
Network Path Properties", Proc. SIGCOMM'99, 1999.

[16]

[FALL96] Fall, K., and Floyd, S., Simulation-based Comparisons of

Stewart, et al [Page 108]

Internet Draft Stream Control Transmission Protocol June 2000

Tahoe, Reno, and SACK TCP, Computer Communications Review,
V. 26 N. 3, July 1996, pp. 5-21.

[17] Deering, S., and R. Hinden, "Internet Protocol, Version
6 (IPv6) Specification",

[RFC1750] Eastlake , D. (ed.), "Randomness Recommendations for
Security", RFC 1883, 1750, December 1995.

[18] Bradner, S. "Key words 1994.

[RFC1950] Deutsch P., Gailly J-L., "ZLIB Compressed Data Format
Specification version 3.3" , RFC1950, May 1996.

[RFC2104] Krawczyk, H., Bellare, M., Canetti, R., "HMAC: Keyed-Hashing
for use in RFCs to Indicate Requirement
Levels", BCP 14, Message Authentication", RFC 2119, 2104, March 1997.

[RFC2196] Fraser, B. (ed.), "Site Security Handbook", RFC 2196,
September 1997.

[RFC2522] Karn, P., and Simpson, W., "Photuris: Session-Key Management
Protocol", RFC 2522, March 1999.

[SAVAGE99] Savage, S., Cardwell, N., Wetherall, D., and Anderson, T.,
"TCP Congestion Control with a Misbehaving Receiver", ACM
Computer Communication Review, 29(5), October 1999.

Appendix A: Explicit Congestion Notification

ECN (Ramakrishnan, k., Floyd, S., "Explicit Congestion Notification",
RFC 2481, January 1999) describes a proposed extension to IP that
details a method to become aware of congestion outside of datagram
loss. This is an optional feature that an implementation MAY choose to
add to SCTP. This appendix details the minor differences an implementor implementers
will need to be aware of if they choose to implement this feature.
In general RFC 2481 should be followed with the following exceptions.

Negotiation:

RFC2481 details negotiation of ECN during the SYN and SYN-ACK stages
of a TCP connection. The sender of the SYN sets two bits in the
TCP flags, and the sender of the SYN-ACK sets only 1 bit. The reasoning
behind this is to assure both sides are truly ECN capable. For SCTP
this is not necessary. To indicate that an endpoint is ECN capable
a