For Session Initiation Protocol (News - Alert) (SIP), the advantages of Stream Control Transmission Protocol (SCTP) include increased congestion, multi-streaming and multi-homing.

 

In an animated tutorial (http://www.techtionary.com) a chart lists the other advantages and differences between TCP and UDP (News - Alert). SCTP was created to overcome Transmission Control Protocol (TCP) limitations with respect to TCP "sawtoothing" (send-wait-send) transmission on voice signals. SCTP also adds multi-homing where there is more than one path between hosts for resilience.

 

In SCTP, data content is organized into "chunks" overcoming TCP limitations of a single byte stream, Head-Of-Line (HOL) problems and Denial-Of-Service (DOS) attacks. Shown in the animated tutorial, HOL blocking is caused when there are many discrete transactions and during the connection setup, subsequent messages are held until the lost message is retransmitted and understood. That is, all messages are not passed to Upper Layer Applications until the previous messages sent prior are accepted. This may not be a problem in many applications, but it can be in telephony and streaming.

 

SCTP provides other features such as multi-streaming, which supports independent transport and delivery of multiple streams between two communications host servers. In addition, SCTP adds multi-homing (via different AS-Autonomous Systems) where there are multiple paths between hosts for resilience.

 

Shown here are the four types of pathways that are supported by SCTP and the failover/resiliency that occurs if there is a loss of connection. Multi-homing allows each of the two endpoints during an SCTP connection to setup and specify multiple IP address endpoints. With multiple interfaces, this allows data to be automatically redirected to alternate IP addresses when failures occur. A feature not found in TCP is that redirection can occur without knowledge of or involvement with the ULP-Upper Layer Protocol application. TCP connections are also bound to a single interface. 

 

SIGTRAN (Signaling Transport) is IETF's working group related to the transmission of packet-based signaling over IP networks. SCTP is critical to bridging SS7 to SIP protocol. In other words, how do you transport ISUP-ISDN User Part signaling through MTUA-MTP(Message Transport Part) level 3 User Adaption Layer? One of the purposes of this tutorial is to show how SCTP provides support for SS7-Signaling System 7. MTPUA-MTP level 3 User Adaptation Layer, as show here, along with M2UA-MTP level 2 and M2PA-MTP level 2 Peer-to-peer Adaptation Layer are transported via SCTP-IP. 

 

It is way beyond the scope of this presentation to explore all the security ramifications of SCTP because of its multi-homing and multi-streaming features which offer additional layers of protection from blind DOS attacks, such as flooding, masquerading, and improper port access.

 

In addition, the SIGTRAN specification, in conjunction with SCTP, requires the use of security schemes IP Sec-IP Security, TLS-Transport Layer Security and IKE- IKE-Internet Key Exchange or SKIP-Simple Key exchange. IP Sec is a Layer 3 Network service. In comparison, SSL-Secure Sockets Layer is a Layer 7 Application service which uses digital certificate to provide a means of secure authentication/authorization. In IP Sec, there are two types. In IP Sec TRANSPORT MODE, only the user data is encrypted. In IP Sec TUNNEL MODE, both the user data and the IP Packet are encrypted.

 

Internet Key Exchange (IKE) or Simple Key exchange IP (SKIP) support numerous encryption standards such as Diffie-Hellman key exchange, public key cryptography, DES-Data Encryption Standard and 3DES-triple DES, digital certificates and others. Please refer to www.ietf.org for more.

 

Shown in the animated tutorial - TCP relies on a sliding-window approach for congestion control. TCP connections provide end-to-end flow control to limit the number of packets in the network. The flow control is enforced by two windows: Sender Congestion WiNDow (CWMD) and ReCeiVer WiNDow (RCVWND) enforced by the Receiver as measure of its buffering capacity.

 

The CWND is maintained by the Sender as a means and measure of the capacity of the network. The Sender transmits data packets one window at a time, and cannot send more than the minimum of RCVWND and CWND into the network.

 

Slow Start (SS) is a control method of managing TCP error and congestion control. The CWND is doubled every round trip time during the Slow Start phase. The Slow Start phase continues until CWND reaches Slow Start THRESHold (SSTHRESH) and then the congestion avoidance phase begins. 

 

During the congestion avoidance phase, the Sender increases it’s CWND (by 1/CWND) every time a segment is acknowledged. The Slow Start and the congestion avoidance phases correspond to an exponential increase and a linear increase of the congestion window every round trip time, respectively.

 

In the event of a failure, Retransmission TimeOut (RTO), also called Fast Retransmit, provides if the TCP Receiver receives a packet out-of-order to respond to the Sender with a duplicate ACKnowledgement. In addition, Fast Recovery allows the Sender to increase the CWND to allow more packets to be sent. Fast Retransmit is designed to improve recovery by avoiding Slow Start, keep "pipes" (bandwidth) in maximum use, and recover from packet losses as fast as possible.

 

Fast Recovery (deflate/reduce CWND) is also a means of Selectively transmit ACKnowledgement (SACK) based on Receiver response. Inflate the CWND to allow more packets to enter the network during Fast Retransmit process.

 

Called Extended Entry, the TCP or User Datagram Protocol Port (UDP) number is added to the router translation table. Extended Entry addressing could allow up to 4,000 different hosts to share the same IP addresses by using different TCP-UDP Port numbers.

 

Overloading also known as Port Address Translation (PAT) is the process of re-using the same IP address by internal users to access different Internet hosts using Extended Entries. Distant hosts think they are communicating with a single IP address. 

 
This presentation is also included in a Technology Marketing Corporation (TMC) University special course on Microsoft (News - Alert) OCS-Office Communications Server at ITexpo.com. For more information, please visit: http://www.tmcnet.com/voip/conference/west-08/tmc-university-microsoft-ocs.htm.

 

This presentation is also included in the online/onsite courses SIP 2.0c and for OCS-101 Office Communications Server per person (volume and site license discounts available).  Discounts are also available to members of the SIP Forum (News - Alert) and MS Partners. For customizing, special discounts, Web site animations, technical/sales training, technical writing and other services, visit: http://www.techtionary.com. Interested parties can also contact Tom Cross (News - Alert) at 303-594-1694 or cross@gocross.com. 

The animated “pictutorial” is available at and http://blog.tmcnet.com/cross-talk/.