非常好的传输层SCTP协议教程课件.ppt
- 【下载声明】
1. 本站全部试题类文档,若标题没写含答案,则无答案;标题注明含答案的文档,主观题也可能无答案。请谨慎下单,一旦售出,不予退换。
2. 本站全部PPT文档均不含视频和音频,PPT中出现的音频或视频标识(或文字)仅表示流程,实际无音频或视频文件。请谨慎下单,一旦售出,不予退换。
3. 本页资料《非常好的传输层SCTP协议教程课件.ppt》由用户(三亚风情)主动上传,其收益全归该用户。163文库仅提供信息存储空间,仅对该用户上传内容的表现方式做保护处理,对上传内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知163文库(点击联系客服),我们立即给予删除!
4. 请根据预览情况,自愿下载本文。本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
5. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007及以上版本和PDF阅读器,压缩文件请下载最新的WinRAR软件解压。
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 非常好 传输 SCTP 协议 教程 课件
- 资源描述:
-
1、Stream Control Transmission Protocol(SCTP)Where is SCTP in the stack?applicationIPIPIPIPIPapplicationSCTP DCCPUDP liteSCTP DCCPUDP liteIPIPTransportUDP TCPUDP TCPCHAOS!A Brief HistoryPrimary motivation:Transportation of telephony signaling messages over IP networksRFCs RFC 2960 Stream Control Transm
2、ission Protocol RFC 3257-SCTP Applicability Statement RFC 3286-An introduction to SCTP RFC 3309 SCTP Checksum Change RFC 3436 Transport Layer Security over SCTP RFC 3758 SCTP Partial Reliability ExtensionSCTP History Origins:Public Telephone Network SignalingSS7 over IP(IETF Sigtran working group)Cu
3、rrent home:IETF TSVWG(Transport Services Working Group)IETF recognizes broader scope Proposed Standard-RFC2960Supported by industry:Participation in Bakeoffs:ADAX-Cisco HP/Compaq-Data Connection-DataKinetics-Ericsson-Hughes Software-IBM-Motorola Netbricks-Nokia-Open SS7-Performance Technologies-Radi
4、Sys -Siemens Spider-Sun Microsystems-Telesoft Technologies-Toshiba-Ulticom-WiproImplementations:AIX,FreeBSD,Linux,QNX,Solaris,True64,IOS(Cisco Routers),Sony PlayStation II,Mac OS,moreMunich 6/0012Research Triangle Park10/0022Sophia Antipolis 4/0119San Jose(Connectathon)2/026U.of Essen(Germany)9/0220
5、Bakeoffs Date AttendU of Delaware6/03Muenster(Germany)7/0411SCTP Feature SummaryStart with TCP:reliable(retransmissions)congestion controlledconnection orientedAdd:4-way handshaketo reduce vulnerability to DOS attacksframingpreserve message boundaries multistreaminginstead of one ordered stream,up t
6、o 64K independent ordered streams multihoming instead of one IP address per endpointa set of IP addresses per endpoint1RTTSYN-ACKclosedlistent=0SYNSYN sentACKdata establishedestabdABTCP Connection SetupSYN recd(TCB created)SYNvictimFlooded!SYN Flooding AttackTCBTCBTCBTCBTCB There is no ACK in respon
7、se to the SYN-ACK,hence connection remains half-open Other genuine clients cannot open connections to the victim The victim is unable to provide serviceattackers128.3.4.5192.10.2.8221.3.5.10SYNSYN190.13.4.1228.3.14.5130.2.4.15Unavailable,reserved resourcesV:Verification tagI:Initiate tag1RTTINITACK(
8、V=TagA)(I=TagB)(StateCookie)closedclosedt=0INIT(V=0)(I=TagA)cookiewaitCOOKIEECHO(V=TagB)(StateCookie)cookieechoeddata(V=TagB)established2RTTCOOKIEACK(V=TagA)estabdABSCTP Association SetupWhats in a cookie?Information from original INIT Information from current INIT-ACK Timestamp Life span of cookie(
9、Time to live)Signature for authentication(SHA-1,MD5,etc.)Graceful ShutdownSHUTDOWNSHUTDOWN-ACKSHUTDOWN-COMPLETEApp signals shutdownShutdown pending(pending data)Shutdown sent(pending data)Shutdown receivedShutdown-Ack sentClosedClosedABSCTP Feature SummaryStart with TCP:reliable(retransmissions)cong
10、estion controlledconnection orientedAdd:4-way handshaketo reduce vulnerability to DOS attacksframingpreserve message boundaries multistreaminginstead of one ordered stream,up to 64K independent ordered streams multihoming instead of one IP address per endpointa set of IP addresses per endpointMessag
11、e Boundaries UDP honors message boundaries Each app message becomes a datagram TCP does not honor message boundaries App messages become part of a byte stream SCTP maintains message boundaries Each app message is maintained as one or more data chunksChunks in SCTPSource PortDestination PortVerificat
12、ion TagChecksumChunk 1Chunk NCommon Header Building blocks of an SCTP PDU Two kinds control chunks and data chunks data chunks are smallest atomic data unitsChunksSCTPPDUSCTP Chunk FormatTypeFlagsLengthChunk DataType e.g.Data,Init,SACKFlags bit meanings depend on typeLength includes type,flags,lengt
13、h,and data/parametersSome Chunk Types0 x00DATAUser data0 x01INIT SYN0 x02INIT-ACK0 x03SACKSelective ACK0 x04HEARTBEATKeep-alive message0 x05HEARTBEAT-ACK0 x07SHUTDOWNFIN0 x08SHUTDOWN-ACKExample INIT ChunkChunk Type 0 x01Flags=0Length=0 x14Initiation TagReceiver WindowOutbound StreamsMaximum Inbound
14、StreamsInitial Transmission Sequence Number(TSN)Parameter type 0 x05Parameter Length=0 x0008IPv4 AddressParameter type 0 x06Parameter Length=0 x0014IPv6 AddressPermanent parameters for INITSome possible optional parameters for INIT.Length of options limited only by path MTU size.(0 x30)031Data Chunk
15、Type=0 x00Flags=UBELengthTransmission Sequence Number(TSN)Stream Identifier(SID)Stream Seq.Num.(SSN)User supplied Payload Protocol IdentifierUser Data031SACK ChunkType=0 x3Flags=0Length=variableCumulative TSN acknowledgementAdvertised receiver windowNum.Gap ACK blocks=NNum.duplicates=XGap ACK blk#1
16、start TSN offsetGap ACK blk#1 end TSN offset.Gap ACK blk#N start TSN offsetGap ACK blk#N end TSN offsetDuplicate TSN 1.Duplicate TSN XOffset is relative to cumulative TSN.GAP ACK blocks are blocks received after cum TSN.031Chunk Bundling in SCTP Multiple chunks in one SCTP PDU Control chunks bundled
17、 before data chunks Chunk boundary cannot cross SCTP PDU boundary Optional at sender,but receiver has to supportSource PortDestination PortVerification TagChecksumChunk 1Chunk NCommon HeaderBundlingSCTPPDUSCTP PDUMessage 1Message 2SCTP Common HeaderSCTP Control ChunksData Chunk HeadersData ChunksSCT
18、P PDUFragmentation/Reassembly in SCTPUBEDescription*10(Begin)First Piece of fragmented message*00Middle piece of fragmented message*01(End)Last piece of fragmented message*11Non-fragmented message*U set to 1 specifies unordered messageNote:Fragmentation req.sequential TSNsLarge messages are fragment
19、ed and encapsulated into several data chunksReassembled before delivery to receiving appFragmentation ExampleStream 2 messageU=0,B=1,E=0TSN=6SID=2SSN=1 First data frag.U=0,B=0,E=0TSN=7SID=2SSN=1 Second data frag.E.g.Message for Stream 2 from app exceeds PMTU.U=0,B=0,E=1TSN=8SID=2SSN=1 Last data frag
20、.Part of Data Chunk HeaderUpon completion,Stream Sequence Number incrementsUnordered delivery Streams by definition are ordered Unordered data may be sent in a stream(U bit=1)SSN is ignored for U=1 Unordered messages should be processed firstSCTP Feature SummaryStart with TCP:reliable(retransmission
21、s)congestion controlledconnection orientedAdd:4-way handshaketo reduce vulnerability to DOS attacksframingpreserve message boundaries multistreaminginstead of one ordered stream,up to 64K independent ordered streams multihoming instead of one IP address per endpointa set of IP addresses per endpoint
22、Head-of-Line Blocking in TCPSRACK 2123456ACK 3ACK 3ACK 3PDU 3 is blocking the head of the line.12Rs AppACK 3Head-of-line Blocking TCP provides a single data stream When a segment is lost,subsequent segments must wait to be processed.Problem for some applications(telephony)SCTP provides multiple inde
23、pendent streams per associationSCTP Multistreaming Logical separation of data within an assoc Designed to prevent head-of-line blocking Can be used to deliver multiple objects belonging to the same assoc Eg:objects on a webpage,multimedia streams(audio/video/text),files in an FTP mgetHead-of-Line Bl
展开阅读全文