draft-ietf-tsvwg-addip-sctp-15.txt   draft-ietf-tsvwg-addip-sctp-16.txt 
Network Working Group R. Stewart Network Working Group R. Stewart
Internet-Draft M. Ramalho Internet-Draft Cisco Systems, Inc.
Expires: December 2, 2006 Cisco Systems, Inc. Intended status: Informational Q. Xie
Q. Xie Expires: April 26, 2007 Motorola, Inc.
Motorola, Inc.
M. Tuexen M. Tuexen
Univ. of Applied Sciences Muenster Univ. of Applied Sciences Muenster
P. Conrad S. Maruyama
University of Delaware M. Kozuka
May 31, 2006 Kyoto University
October 23, 2006
Stream Control Transmission Protocol (SCTP) Dynamic Address Stream Control Transmission Protocol (SCTP) Dynamic Address
Reconfiguration Reconfiguration
draft-ietf-tsvwg-addip-sctp-15.txt draft-ietf-tsvwg-addip-sctp-16.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 41 skipping to change at page 1, line 41
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 2, 2006. This Internet-Draft will expire on April 26, 2007.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
Abstract Abstract
This document describes extensions to the Stream Control Transmission This document describes extensions to the Stream Control Transmission
Protocol (SCTP) [RFC2960] that provides a method to reconfigure IP Protocol (SCTP) [RFC2960] that provides a method to reconfigure IP
address information on an existing association. address information on an existing association.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Additional Chunks and Parameters . . . . . . . . . . . . . . . 4 3. Additional Chunks and Parameters . . . . . . . . . . . . . . . 4
3.1. New Chunk Types . . . . . . . . . . . . . . . . . . . . . 5 3.1. New Chunk Types . . . . . . . . . . . . . . . . . . . . . 5
3.1.1. Address Configuration Change Chunk (ASCONF) . . . . . 5 3.1.1. Address Configuration Change Chunk (ASCONF) . . . . . 5
3.1.2. Address Configuration Acknowledgment Chunk 3.1.2. Address Configuration Acknowledgment Chunk
(ASCONF-ACK) . . . . . . . . . . . . . . . . . . . . . 6 (ASCONF-ACK) . . . . . . . . . . . . . . . . . . . . . 7
3.2. New Parameter Types . . . . . . . . . . . . . . . . . . . 7 3.2. New Parameter Types . . . . . . . . . . . . . . . . . . . 7
3.2.1. Add IP Address . . . . . . . . . . . . . . . . . . . . 8 3.2.1. Add IP Address . . . . . . . . . . . . . . . . . . . . 8
3.2.2. Delete IP Address . . . . . . . . . . . . . . . . . . 9 3.2.2. Delete IP Address . . . . . . . . . . . . . . . . . . 9
3.2.3. Error Cause Indication . . . . . . . . . . . . . . . . 10 3.2.3. Error Cause Indication . . . . . . . . . . . . . . . . 10
3.2.4. Set Primary IP Address . . . . . . . . . . . . . . . . 11 3.2.4. Set Primary IP Address . . . . . . . . . . . . . . . . 11
3.2.5. Success Indication . . . . . . . . . . . . . . . . . . 12 3.2.5. Success Indication . . . . . . . . . . . . . . . . . . 12
3.2.6. Adaptation Layer Indication . . . . . . . . . . . . . 13 3.2.6. Adaptation Layer Indication . . . . . . . . . . . . . 13
3.2.7. Supported Extensions Parameter . . . . . . . . . . . . 13 3.2.7. Supported Extensions Parameter . . . . . . . . . . . . 13
3.3. New Error Causes . . . . . . . . . . . . . . . . . . . . . 14 3.3. New Error Causes . . . . . . . . . . . . . . . . . . . . . 14
3.3.1. Error Cause: Request to Delete Last Remaining IP 3.3.1. Error Cause: Request to Delete Last Remaining IP
Address . . . . . . . . . . . . . . . . . . . . . . . 14 Address . . . . . . . . . . . . . . . . . . . . . . . 15
3.3.2. Error Cause: Operation Refused Due to Resource 3.3.2. Error Cause: Operation Refused Due to Resource
Shortage . . . . . . . . . . . . . . . . . . . . . . . 15 Shortage . . . . . . . . . . . . . . . . . . . . . . . 15
3.3.3. Error Cause: Request to Delete Source IP Address . . . 16 3.3.3. Error Cause: Request to Delete Source IP Address . . . 16
3.3.4. Error Cause: Association Aborted due to illegal 3.3.4. Error Cause: Association Aborted due to illegal
ASCONF-ACK . . . . . . . . . . . . . . . . . . . . . . 17 ASCONF-ACK . . . . . . . . . . . . . . . . . . . . . . 17
3.3.5. Error Cause: Request refused - no authorization. . . . 17 3.3.5. Error Cause: Request refused - no authorization. . . . 17
4. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 18 4. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.1. ASCONF Chunk Procedures . . . . . . . . . . . . . . . . . 18 4.1. ASCONF Chunk Procedures . . . . . . . . . . . . . . . . . 18
4.1.1. Congestion Control of ASCONF Chunks . . . . . . . . . 19 4.1.1. Congestion Control of ASCONF Chunks . . . . . . . . . 20
4.2. Upon reception of an ASCONF Chunk. . . . . . . . . . . . . 20 4.2. Upon reception of an ASCONF Chunk. . . . . . . . . . . . . 21
4.3. General rules for address manipulation . . . . . . . . . . 22 4.3. General rules for address manipulation . . . . . . . . . . 23
4.3.1. A special case for OOTB ABORT chunks . . . . . . . . . 25 4.3.1. A special case for OOTB ABORT Chunks . . . . . . . . . 27
4.3.2. A special case for changing an address. . . . . . . . 26 4.3.2. A special case for changing an address. . . . . . . . 27
4.4. Setting of the primary address . . . . . . . . . . . . . . 26 4.4. Setting of the primary address . . . . . . . . . . . . . . 28
5. Security Considerations . . . . . . . . . . . . . . . . . . . 27 4.5. Bundling of multiple ASCONFs . . . . . . . . . . . . . . . 28
6. IANA considerations . . . . . . . . . . . . . . . . . . . . . 28 5. Security Considerations . . . . . . . . . . . . . . . . . . . 29
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 28 6. IANA considerations . . . . . . . . . . . . . . . . . . . . . 29
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 29 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 30
Appendix A. Abstract Address Handling . . . . . . . . . . . . . . 29 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 31
A.1. General remarks . . . . . . . . . . . . . . . . . . . . . 29 Appendix A. Abstract Address Handling . . . . . . . . . . . . . . 31
A.2. Generalized endpoints . . . . . . . . . . . . . . . . . . 29 A.1. General remarks . . . . . . . . . . . . . . . . . . . . . 31
A.3. Associations . . . . . . . . . . . . . . . . . . . . . . . 30 A.2. Generalized endpoints . . . . . . . . . . . . . . . . . . 31
A.4. Relationship with RFC 2960 . . . . . . . . . . . . . . . . 31 A.3. Associations . . . . . . . . . . . . . . . . . . . . . . . 32
A.5. Rules for address manipulation . . . . . . . . . . . . . . 31 A.4. Relationship with RFC 2960 . . . . . . . . . . . . . . . . 33
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 33 A.5. Rules for address manipulation . . . . . . . . . . . . . . 33
Intellectual Property and Copyright Statements . . . . . . . . . . 35 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 34
Intellectual Property and Copyright Statements . . . . . . . . . . 36
1. Introduction 1. Introduction
To extend the utility and application scenarios of SCTP, this To extend the utility and application scenarios of SCTP, this
document introduces optional extensions that provide SCTP with the document introduces optional extensions that provide SCTP with the
ability to: ability to:
1. reconfigure IP address information on an existing association. 1. reconfigure IP address information on an existing association.
2. set the remote primary path. 2. set the remote primary path.
3. exchange adaptation layer information during association setup. 3. exchange adaptation layer information during association setup.
skipping to change at page 5, line 21 skipping to change at page 5, line 21
Chunk Type Chunk Name Chunk Type Chunk Name
-------------------------------------------------------------- --------------------------------------------------------------
0xC1 Address Configuration Change Chunk (ASCONF) 0xC1 Address Configuration Change Chunk (ASCONF)
0x80 Address Configuration Acknowledgment (ASCONF-ACK) 0x80 Address Configuration Acknowledgment (ASCONF-ACK)
Table 1: Address Configuration Chunks Table 1: Address Configuration Chunks
It should be noted that the ASCONF Chunk format requires the receiver It should be noted that the ASCONF Chunk format requires the receiver
to report to the sender if it does not understand the ASCONF Chunk. to report to the sender if it does not understand the ASCONF Chunk.
This is accomplished by setting the upper bits in the chunk type as This is accomplished by setting the upper bits in the chunk type as
described in RFC2960 [RFC2960] section 3.2. Note that the upper two described in RFC2960 [RFC2960] section 3.2. Note: that the upper two
bits in the ASCONF Chunk are set to one. As defined in RFC2960 bits in the ASCONF Chunk are set to one. As defined in RFC2960
[RFC2960] section 3.2, setting these upper bits in this manner will [RFC2960] section 3.2, setting these upper bits in this manner will
cause the receiver that does not understand this chunk to skip the cause the receiver that does not understand this chunk to skip the
chunk and continue processing, but report in an Operation Error Chunk chunk and continue processing, but report in an Operation Error Chunk
using the 'Unrecognized Chunk Type' cause of error. using the 'Unrecognized Chunk Type' cause of error.
3.1.1. Address Configuration Change Chunk (ASCONF) 3.1.1. Address Configuration Change Chunk (ASCONF)
This chunk is used to communicate to the remote endpoint one of the This chunk is used to communicate to the remote endpoint one of the
configuration change requests that MUST be acknowledged. The configuration change requests that MUST be acknowledged. The
skipping to change at page 6, line 33 skipping to change at page 6, line 33
Serial Number : 32 bits (unsigned integer) Serial Number : 32 bits (unsigned integer)
This value represents a Serial Number for the ASCONF Chunk. The This value represents a Serial Number for the ASCONF Chunk. The
valid range of Serial Number is from 0 to 4294967295 (2**32 - 1). valid range of Serial Number is from 0 to 4294967295 (2**32 - 1).
Serial Numbers wrap back to 0 after reaching 4294967295. Serial Numbers wrap back to 0 after reaching 4294967295.
Address Parameter : 8 or 20 bytes (depending on type) Address Parameter : 8 or 20 bytes (depending on type)
This field contains an address parameter, either IPv6 or IPv4, from This field contains an address parameter, either IPv6 or IPv4, from
RFC2960 [RFC2960]. The address is an address of the sender of the RFC2960 [RFC2960]. The address is an address of the sender of the
ASCONF chunk, the address MUST be considered part of the association ASCONF Chunk, the address MUST be considered part of the association
by the peer endpoint (the receiver of the ASCONF chunk). This field by the peer endpoint (the receiver of the ASCONF Chunk). This field
may be used by the receiver of the ASCONF to help in finding the may be used by the receiver of the ASCONF to help in finding the
association. If the address 0.0.0.0 or ::0 is provided the receiver association. If the address 0.0.0.0 or ::0 is provided the receiver
MAY lookup the association by other information provided in the MAY lookup the association by other information provided in the
packet. This parameter MUST be present in every ASCONF message i.e. packet. This parameter MUST be present in every ASCONF message i.e.
it is a mandatory TLV parameter. it is a mandatory TLV parameter.
Note the host name address parameter is NOT allowed and MUST be Note: the host name address parameter is NOT allowed and MUST be
ignored if received in any ASCONF message. ignored if received in any ASCONF message.
ASCONF Parameter: TLV format ASCONF Parameter: TLV format
Each Address configuration change is represented by a TLV parameter Each Address configuration change is represented by a TLV parameter
as defined in Section 3.2. One or more requests may be present in an as defined in Section 3.2. One or more requests may be present in an
ASCONF Chunk. ASCONF Chunk.
3.1.2. Address Configuration Acknowledgment Chunk (ASCONF-ACK) 3.1.2. Address Configuration Acknowledgment Chunk (ASCONF-ACK)
skipping to change at page 11, line 20 skipping to change at page 11, line 20
When reporting an error this response parameter is used to wrap one When reporting an error this response parameter is used to wrap one
or more standard error causes normally found within an SCTP or more standard error causes normally found within an SCTP
Operational Error or SCTP Abort (as defined in RFC2960 [RFC2960]). Operational Error or SCTP Abort (as defined in RFC2960 [RFC2960]).
The Error Cause(s) follow the format defined in section 3.3.10 of The Error Cause(s) follow the format defined in section 3.3.10 of
RFC2960 [RFC2960]. RFC2960 [RFC2960].
Valid Chunk Appearance Valid Chunk Appearance
The Error Cause Indication parameter may only appear in the ASCONF- The Error Cause Indication parameter may only appear in the ASCONF-
ACK chunk type. ACK Chunk type.
3.2.4. Set Primary IP Address 3.2.4. Set Primary IP Address
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type =0xC004 | Length = Variable | | Type =0xC004 | Length = Variable |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ASCONF-Request Correlation ID | | ASCONF-Request Correlation ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 13, line 35 skipping to change at page 13, line 35
INIT and INIT-ACK. Each adaptation layer that is defined that wishes INIT and INIT-ACK. Each adaptation layer that is defined that wishes
to use this parameter MUST specify a an adaptation code point in an to use this parameter MUST specify a an adaptation code point in an
appropriate RFC defining its use and meaning. This parameter SHOULD appropriate RFC defining its use and meaning. This parameter SHOULD
NOT be examined by the receiving SCTP implementation and should be NOT be examined by the receiving SCTP implementation and should be
passed opaquely to the upper layer protocol. passed opaquely to the upper layer protocol.
Valid Chunk Appearance Valid Chunk Appearance
The Adaptation Layer Indication parameter may appear in INIT or INIT- The Adaptation Layer Indication parameter may appear in INIT or INIT-
ACK chunk and SHOULD be passed to the receivers upper layer protocol. ACK chunk and SHOULD be passed to the receivers upper layer protocol.
This parameter MUST NOT appear in a ASCONF chunk. This parameter MUST NOT appear in an ASCONF Chunk.
3.2.7. Supported Extensions Parameter 3.2.7. Supported Extensions Parameter
This parameter is used at startup to identify any additional This parameter is used at startup to identify any additional
extensions that the sender supports. The sender MUST support both extensions that the sender supports. The sender MUST support both
the sending and the receiving of any chunk types listed within the the sending and the receiving of any chunk types listed within the
Supported Extensions Parameter. Supported Extensions Parameter.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 14, line 20 skipping to change at page 14, line 20
| CHUNK TYPE 1 | CHUNK TYPE 2 | CHUNK TYPE 3 | CHUNK TYPE 4 | | CHUNK TYPE 1 | CHUNK TYPE 2 | CHUNK TYPE 3 | CHUNK TYPE 4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| .... | | .... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| CHUNK TYPE N | PAD | PAD | PAD | | CHUNK TYPE N | PAD | PAD | PAD |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Parameter Type This field holds the IANA defined parameter type for Parameter Type This field holds the IANA defined parameter type for
Supported Extensions Parameter. The suggested value of this field Supported Extensions Parameter. The suggested value of this field
for IANA is 0x8008. for IANA is 0x8008.
Parameter Type Length This field holds the length of the parameter, Parameter Type Length This field holds the length of the parameter,
including the Parameter Type, Parameter Length and any addition including the Parameter Type, Parameter Length and any addition
supported extensions. Note the length MUST NOT include any supported extensions. Note: the length MUST NOT include any
padding. padding.
CHUNK TYPE X This field(s) hold the chunk type of any SCTP CHUNK TYPE X This field(s) hold the chunk type of any SCTP
extension(s) that are currently supported by the sending SCTP. extension(s) that are currently supported by the sending SCTP.
Multiple chunk types may be defined listing each additional Multiple chunk types may be defined listing each additional
feature that the sender supports. The sender MUST NOT include feature that the sender supports. The sender MUST NOT include
multiple Supported Extensions Parameter within any chunk. multiple Supported Extensions Parameter within any chunk.
Parameter Appearance This parameter may appear in the INIT or INIT- Parameter Appearance This parameter may appear in the INIT or INIT-
ACK chunk. This parameter MUST NOT appear in any other chunk. ACK chunk. This parameter MUST NOT appear in any other chunk.
3.3. New Error Causes 3.3. New Error Causes
Five new Error Causes are added to the SCTP Operational Errors, Five new Error Causes are added to the SCTP Operational Errors,
primarily for use in the ASCONF-ACK chunk. primarily for use in the ASCONF-ACK Chunk.
Cause Code Cause Code
Value Cause Code Value Cause Code
--------- ---------------- --------- ----------------
0x0100 Request to Delete Last Remaining IP Address. 0x0100 Request to Delete Last Remaining IP Address.
0x0101 Operation Refused Due to Resource Shortage. 0x0101 Operation Refused Due to Resource Shortage.
0x0102 Request to Delete Source IP Address. 0x0102 Request to Delete Source IP Address.
0x0103 Association Aborted due to illegal ASCONF-ACK 0x0103 Association Aborted due to illegal ASCONF-ACK
0x0104 Request refused - no authorization. 0x0104 Request refused - no authorization.
skipping to change at page 17, line 29 skipping to change at page 17, line 29
+----------------+---------------+ +----------------+---------------+
IMPLEMENTATION NOTE: It is unlikely that an endpoint would source a IMPLEMENTATION NOTE: It is unlikely that an endpoint would source a
packet from the address being deleted, unless the endpoint does not packet from the address being deleted, unless the endpoint does not
do proper source address selection. do proper source address selection.
3.3.4. Error Cause: Association Aborted due to illegal ASCONF-ACK 3.3.4. Error Cause: Association Aborted due to illegal ASCONF-ACK
This error is to be included in an ABORT that is generated due to the This error is to be included in an ABORT that is generated due to the
reception of an ASCONF-ACK that was not expected but is larger than reception of an ASCONF-ACK that was not expected but is larger than
the current sequence number (see Section 4.3 Rule D0 ). Note that a the current sequence number (see Section 4.3 Rule D0 ). Note: that a
sequence number is larger than the last acked sequence number if it sequence number is larger than the last acked sequence number if it
is either the next sequence or no more than 2^^31-1 greater than the is either the next sequence or no more than 2^^31-1 greater than the
current sequence number. current sequence number.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cause Code=0x0103 | Cause Length=4 | | Cause Code=0x0103 | Cause Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 18, line 28 skipping to change at page 18, line 28
4.1. ASCONF Chunk Procedures 4.1. ASCONF Chunk Procedures
When an endpoint has an ASCONF signaled change to be sent to the When an endpoint has an ASCONF signaled change to be sent to the
remote endpoint it should do the following: remote endpoint it should do the following:
A1) Create an ASCONF Chunk as defined in Section 3.1.1. The chunk A1) Create an ASCONF Chunk as defined in Section 3.1.1. The chunk
should contain all of the TLV(s) of information necessary to be should contain all of the TLV(s) of information necessary to be
sent to the remote endpoint, and unique correlation identities for sent to the remote endpoint, and unique correlation identities for
each request. each request.
A2) A serial number should be assigned to the Chunk. The serial A2) A serial number should be assigned to the Chunk. The serial
number should be a monotonically increasing number. The serial number should be a monotonically increasing number. The serial
number MUST be initialized at the start of the association to the number MUST be initialized at the start of the association to the
same value as the Initial TSN and every time a new ASCONF chunk is same value as the Initial TSN and every time a new ASCONF Chunk is
created it is incremented by one after assigning the serial number created it is incremented by one after assigning the serial number
to the newly created chunk . to the newly created chunk .
A3) If no ASCONF Chunk is outstanding (un-acknowledged) with the
remote peer, send the chunk. A3) If no SCTP packet with one or more ASCONF Chunk(s) is
outstanding (un-acknowledged) with the remote peer, send the
chunk.
A4) Start a T-4 RTO timer, using the RTO value of the selected A4) Start a T-4 RTO timer, using the RTO value of the selected
destination address (normally the primary path; see RFC2960 destination address (normally the primary path; see RFC2960
[RFC2960] section 6.4 for details). [RFC2960] section 6.4 for details).
A5) When the ASCONF-ACK that acknowledges the serial number last sent
arrives, stop the T-4 RTO timer, and clear the appropriate A5) When the ASCONF-ACK that acknowledges the serial number last
sent arrives, stop the T-4 RTO timer, and clear the appropriate
association and destination error counters as defined in RFC2960 association and destination error counters as defined in RFC2960
[RFC2960] section 8.1 and 8.2. [RFC2960] section 8.1 and 8.2.
A6) Process all of the TLVs within the ASCONF-ACK to find out
A6) Process all of the TLVs within the ASCONF-ACK(s) to find out
particular status information returned to the various requests particular status information returned to the various requests
that were sent. Use the Correlation IDs to correlate the request that were sent. Use the Correlation IDs to correlate the request
and the responses. and the responses.
A7) If an error response is received for a TLV parameter, all TLVs A7) If an error response is received for a TLV parameter, all TLVs
with no response before the failed TLV are considered successful with no response before the failed TLV are considered successful
if not reported. All TLVs after the failed response are if not reported. All TLVs after the failed response are
considered unsuccessful unless a specific success indication is considered unsuccessful unless a specific success indication is
present for the parameter. present for the parameter.
A8) If there is no response(s) to specific TLV parameter(s), and no A8) If there is no response(s) to specific TLV parameter(s), and no
failures are indicated, then all request(s) are considered failures are indicated, then all request(s) are considered
successful. successful.
A9) If the peer responds to an ASCONF with an ERROR chunk reporting A9) If the peer responds to an ASCONF with an ERROR chunk reporting
that it did not recognize the ASCONF chunk type, the sender of the that it did not recognize the ASCONF Chunk type, the sender of the
ASCONF MUST NOT send any further ASCONF chunks and MUST stop its ASCONF MUST NOT send any further ASCONF Chunks and MUST stop its
T-4 timer. T-4 timer.
If the T-4 RTO timer expires the endpoint should do the following: If the T-4 RTO timer expires the endpoint should do the following:
B1) Increment the error counters and perform path failure detection B1) Increment the error counters and perform path failure detection
on the appropriate destination address as defined in RFC2960 on the appropriate destination address as defined in RFC2960
[RFC2960] section 8.1 and 8.2. [RFC2960] section 8.1 and 8.2.
B2) Increment the association error counters and perform endpoint B2) Increment the association error counters and perform endpoint
failure detection on the association as defined in RFC2960 failure detection on the association as defined in RFC2960
[RFC2960] section 8.1 and 8.2. [RFC2960] section 8.1 and 8.2.
B3) Back-off the destination address RTO value to which the ASCONF B3) Back-off the destination address RTO value to which the ASCONF
chunk was sent by doubling the RTO timer value. chunk was sent by doubling the RTO timer value.
Note: The RTO value is used in the setting of all timer types for Note: The RTO value is used in the setting of all timer types for
SCTP. Each destination address has a single RTO estimate. SCTP. Each destination address has a single RTO estimate.
B4) Re-transmit the ASCONF Chunk last sent and if possible choose an B4) Re-transmit the ASCONF Chunk last sent and if possible choose an
alternate destination address (please refer to RFC2960 [RFC2960] alternate destination address (please refer to RFC2960 [RFC2960]
section 6.4.1). An endpoint MUST NOT add new parameters to this section 6.4.1). An endpoint MUST NOT add new parameters to this
chunk, it MUST be the same (including its serial number) as the chunk, it MUST be the same (including its serial number) as the
last ASCONF sent. last ASCONF sent. An endpoint can, however, bundle an additional
B5) Restart the T-4 RTO timer. Note that if a different destination ASCONF with new ASCONF parameters with the next sequence number.
is selected, then the RTO used will be that of the new destination For details see Section 4.5
address. B5) Restart the T-4 RTO timer. Note: that if a different
destination is selected, then the RTO used will be that of the new
destination address.
Note: the total number of re-transmissions is limited by B2 above. Note: the total number of re-transmissions is limited by B2 above.
If the maximum is reached, the association will fail and enter into If the maximum is reached, the association will fail and enter into
the CLOSED state (see RFC2960 [RFC2960] section 6.4.1 for details). the CLOSED state (see RFC2960 [RFC2960] section 6.4.1 for details).
4.1.1. Congestion Control of ASCONF Chunks 4.1.1. Congestion Control of ASCONF Chunks
In defining the ASCONF Chunk transfer procedures, it is essential In defining the ASCONF Chunk transfer procedures, it is essential
that these transfers MUST NOT cause congestion within the network. that these transfers MUST NOT cause congestion within the network.
To achieve this, we place these restrictions on the transfer of To achieve this, we place these restrictions on the transfer of
ASCONF Chunks: ASCONF Chunks:
R1) One and only one ASCONF Chunk MAY be in transit and C1) One and only one SCTP packet holding ASCONF Chunk(s) MAY be in
unacknowledged at any one time. If a sender, after sending an transit and unacknowledged at any one time. If a sender, after
ASCONF chunk, decides it needs to transfer another ASCONF Chunk, sending an ASCONF chunk, decides it needs to transfer another
it MUST wait until the ASCONF-ACK Chunk returns from the previous ASCONF Chunk, it MUST wait until the ASCONF-ACK Chunk returns from
ASCONF Chunk before sending a subsequent ASCONF. Note this the previous ASCONF Chunk before sending a subsequent ASCONF.
restriction binds each side, so at any time two ASCONF may be in- Note: this restriction binds each side, so at any time two ASCONF
transit on any given association (one sent from each endpoint). may be in-transit on any given association (one sent from each
endpoint). However when an ASCONF Chunk is retransmitted due to a
time-out, the additional held ASCONF Chunks can be bundled into
the retransmission packet as described in Section 4.5.
R2) An ASCONF may be bundled with any other chunk type (except other C2) An ASCONF Chunk may be bundled with any other chunk type
ASCONF Chunks). including other ASCONF Chunks. If bundled with other ASCONF
R3) An ASCONF-ACK may be bundled with any other chunk type except Chunks, the chunks MUST appear in sequential order with respect to
other ASCONF-ACKs. their Serial Number.
R4) Both ASCONF and ASCONF-ACK chunks MUST NOT be sent in any SCTP
C3) An ASCONF-ACK Chunk may be bundled with any other chunk type
including other ASCONF-ACK Chunks. If bundled with other ASCONF-
ACK Chunks, the chunks MUST appear in sequential order with
respect to their Serial Number.
C4) Both ASCONF and ASCONF-ACK Chunks MUST NOT be sent in any SCTP
state except ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-RECEIVED and state except ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-RECEIVED and
SHUTDOWN-SENT. SHUTDOWN-SENT.
R5) An ASCONF MUST NOT be larger than the path MTU of the
destination. C5) An ASCONF Chunk and an ASCONF-ACK Chunk SHOULD not be larger
R6) An ASCONF-ACK SHOULD not be larger than the path MTU. In some than the path MTU.
circumstances an ASCONF-ACK may exceed the path MTU and in such a
case IP fragmentation should be used to transmit the chunk.
If the sender of an ASCONF Chunk receives an Operational Error If the sender of an ASCONF Chunk receives an Operational Error
indicating that the ASCONF chunk type is not understood, then the indicating that the ASCONF Chunk type is not understood, then the
sender MUST NOT send subsequent ASCONF Chunks to the peer. The sender MUST NOT send subsequent ASCONF Chunks to the peer. The
endpoint should also inform the upper layer application that the peer endpoint should also inform the upper layer application that the peer
endpoint does not support any of the extensions detailed in this endpoint does not support any of the extensions detailed in this
document. document.
4.2. Upon reception of an ASCONF Chunk. 4.2. Upon reception of an ASCONF Chunk.
When an endpoint receives an ASCONF Chunk from the remote peer When an endpoint receives an ASCONF Chunk from the remote peer
special procedures MAY be needed to identify the association the special procedures MAY be needed to identify the association the
ASCONF Chunk is associated with. To properly find the association ASCONF Chunk is associated with. To properly find the association
the following procedures should be followed: the following procedures should be followed:
L1) Use the source address and port number of the sender to attempt D1) Use the source address and port number of the sender to attempt
to identify the association (i.e. use the same method defined in to identify the association (i.e. use the same method defined in
RFC2960 [RFC2960] used for all other SCTP chunks). If found RFC2960 [RFC2960] used for all other SCTP Chunks). If found
proceed to rule L4. proceed to rule D4.
L2) If the association is not found, use the address found in the
D2) If the association is not found, use the address found in the
Address Parameter TLV combined with the port number found in the Address Parameter TLV combined with the port number found in the
SCTP common header. If found proceed to rule L4. SCTP common header. If found proceed to rule D4.
L3) If neither L1 or L2 locates the association, treat the chunk as
an Out Of The Blue chunk as defined in RFC2960 [RFC2960]. D2-ext) If more than one ASCONF Chunks are packed together, use the
L4) Follow the normal rules to validate the SCTP verification tag address found in the ASCONF Address Parameter TLV of the each of
the subsequent ASCONF Chunks. If found, proceed to rule D4.
D3) If neither D1, D2 nor D2-ext locates the association, treat the
chunk as an Out Of The Blue packet as defined in RFC2960
[RFC2960].
D4) Follow the normal rules to validate the SCTP verification tag
found in RFC2960 [RFC2960]. found in RFC2960 [RFC2960].
After identification and verification of the association, the After identification and verification of the association, the
following should be performed to properly process the ASCONF Chunk: following should be performed to properly process the ASCONF Chunk:
E1) If the value found in the serial number of the ASCONF Chunk is
equal to the ('Peer-Serial-Number' + 1) and the Serial Number of
the ASCONF Chunk is the first in the SCTP Packet, the endpoint MAY
clean any old cached ASCONF-ACK up to the 'Peer-Serial-Number' and
then proceed to rule E4.
C1) Compare the value of the serial number to the value the endpoint E1-ext If the value found in the serial number of the ASCONF Chunk
stored in a new association variable 'Peer-Serial-Number'. This is equal to the ('Peer-Serial-Number' + 1) and the ASCONF chunk is
value MUST be initialized to the Initial TSN value minus 1. NOT the first Serial Number in the SCTP packet proceed to rule E4
but do NOT clear any cached ASCONF-ACK or state information.
C2) If the value found in the serial number is equal to the ('Peer- E2) If the value found in the serial number is less than the ('Peer-
Serial-Number' + 1), the endpoint MUST: Serial-Number' + 1), simply skip to the next ASCONF, and include
in the outbound response packet any previously cached ASCONF-ACK
response that was sent and saved that matches the serial number of
the ASCONF. Note: it is possible that no cached ASCONF-ACK Chunk
exists. This will occur when an older ASCONF arrives out of
order. In such a case the receiver should skip the ASCONF Chunk
and not include ASCONF-ACK Chunk for that chunk.
E3) Then, process each ASCONF one by one as above while the Serial
Number of the ASCONF is less than the ('Peer-Serial-Number' + 1).
E4) When the serial number matches the next one expected, process
the ASCONF as described below and after processing the ASCONF
Chunk, append an ASCONF-ACK Chunk to the response packet and cache
a copy of it (in the event it later needs to be retransmitted).
V1) Process the TLVs contained within the Chunk performing the V1) Process the TLVs contained within the Chunk performing the
appropriate actions as indicated by each TLV type. The TLVs appropriate actions as indicated by each TLV type. The TLVs
MUST be processed in order within the Chunk. For example, if MUST be processed in order within the Chunk. For example, if
the sender puts 3 TLVs in one chunk, the first TLV (the one the sender puts 3 TLVs in one chunk, the first TLV (the one
closest to the Chunk Header) in the Chunk MUST be processed closest to the Chunk Header) in the Chunk MUST be processed
first. The next TLV in the chunk (the middle one) MUST be first. The next TLV in the chunk (the middle one) MUST be
processed second and finally the last TLV in the Chunk MUST be processed second and finally the last TLV in the Chunk MUST be
processed last. If the association was found via L2, the first processed last.
parameter MUST be an Add IP address parameter for the source
address of the packet. If it is not the case the ASCONF is
silently discarded. Please note that this new address can not
be deleted by a later parameter in the chunk because it is the
source address of the packet.
V2) In processing the chunk, the receiver should build a response V2) In processing the chunk, the receiver should build a response
message with the appropriate error TLVs, as specified in the message with the appropriate error TLVs, as specified in the
Parameter type bits for any ASCONF Parameter it does not Parameter type bits for any ASCONF Parameter it does not
understand. To indicate an unrecognized parameter, cause type understand. To indicate an unrecognized parameter, cause type
8 as defined in the ERROR in 3.3.10.8 of RFC2960 [RFC2960] 8 as defined in the ERROR in 3.3.10.8 of RFC2960 [RFC2960]
should be used. The endpoint may also use the response to should be used. The endpoint may also use the response to
carry rejections for other reasons such as resource shortages carry rejections for other reasons such as resource shortages
etc, using the Error Cause TLV and an appropriate error etc, using the Error Cause TLV and an appropriate error
condition. condition.
Note: a positive response is implied if no error is indicated Note: a positive response is implied if no error is indicated
by the sender. by the sender.
V3) All responses MUST copy the ASCONF-Request Correlation ID V3) All responses MUST copy the ASCONF-Request Correlation ID
field received in the ASCONF parameter, from the TLV being field received in the ASCONF parameter, from the TLV being
responded to, into the ASCONF-Request Correlation ID field in responded to, into the ASCONF-Request Correlation ID field in
the response parameter. the response parameter.
V4) After processing the entire Chunk, the receiver of the ASCONF V4) After processing the entire Chunk, the receiver of the ASCONF
MUST send all TLVs for both unrecognized parameters and any MUST queue the response ASCONF-ACK Chunk for transmission after
other status TLVs inside the ASCONF-ACK chunk that acknowledges the rest of the SCTP packet has been processed. This allows
the arrival and processing of the ASCONF Chunk. the ASCONF-ACK Chunk to be bundled with other ASCONF-ACK Chunks
as well as any additional responses e.g. a SACK Chunk.
V5) Update the 'Peer-Serial-Number' to the value found in the V5) Update the 'Peer-Serial-Number' to the value found in the
serial number field. serial number field.
C3) If the value found in the serial number is equal to the value
stored in the 'Peer-Serial-Number', the endpoint should:
X1) Parse the ASCONF Chunk TLVs but the endpoint MUST NOT take any E5) Otherwise, the ASCONF Chunk is discarded since it must be either
action on the TLVs parsed (since it has already performed these
actions).
X2) Build a response message with the appropriate response TLVs as
specified in the ASCONF Parameter type bits, for any parameter
it does not understand or could not process.
X3) After parsing the entire Chunk, it MUST send any response TLV
errors and status with an ASCONF-ACK chunk acknowledging the
arrival and processing of the ASCONF Chunk.
X4) The endpoint MUST NOT update its 'Peer-Serial-Number'.
Note: the response to the retransmitted ASCONF MUST be the same as
the original response. This MAY mean an implementation must keep
state in order to respond with the same exact answer (including
resource considerations that may have made the implementation
refuse a request).
IMPLEMENTATION NOTE: As an optimization a receiver may wish to
save the last ASCONF-ACK for some predetermined period of time and
instead of re-processing the ASCONF (with the same serial number)
it may just re-transmit the ASCONF-ACK. It may wish to use the
arrival of a new serial number to discard the previously saved
ASCONF-ACK or any other means it may choose to expire the saved
ASCONF-ACK.
C4) Otherwise, the ASCONF Chunk is discarded since it must be either
a stale packet or from an attacker. A receiver of such a packet a stale packet or from an attacker. A receiver of such a packet
MAY log the event for security purposes. MAY log the event for security purposes.
C5) In both cases C2 and C3 the ASCONF-ACK MUST be sent back to the
source address contained in the IP header of the ASCONF being E6) When all ASCONF Chunks are processed for this SCTP packet, send
responded to. back the accumulated single response packet with all of the
ASCONF-ACK Chunks. The destination address of the SCTP packet
containing the ASCONF-ACK Chunks MUST be the source address of the
SCTP packet that held the ASCONF Chunks.
E7) While processing the ASCONF Chunks in the SCTP packet, if the
response packet will exceed the PMTU of the return path, the
receiver MUST stop adding addtional ASCONF-ACK's into the response
packet but MUST continue to process all of the ASCONF Chunks,
saving ASCONF-ACK Chunk responses in its cached copy. The sender
of the ASCONF Chunk will later retransmit the ASCONF Chunks that
were not responded to, at which time the cached copies of the
responses that would NOT fit in the PMTU can be sent to the peer.
Note: These rules have been presented with the assumption that the
implementation is caching old ASCONF-ACK's in case of loss of SCTP
packets in the ACK path. It is allowable for an implementation to
maintain this state in another form it deems appropriate, as long as
that form results in the same ASCONF-ACK sequences being returned to
the peer as outlined above.
4.3. General rules for address manipulation 4.3. General rules for address manipulation
When building TLV parameters for the ASCONF Chunk that will add or When building TLV parameters for the ASCONF Chunk that will add or
delete IP addresses the following rules should be applied: delete IP addresses the following rules should be applied:
D0) If an endpoint receives an ASCONF-ACK that is greater than or F0) If an endpoint receives an ASCONF-ACK that is greater than or
equal to the next serial number to be used but no ASCONF chunk is equal to the next serial number to be used but no ASCONF Chunk is
outstanding the endpoint MUST ABORT the association. Note that a outstanding the endpoint MUST ABORT the association. Note: that a
sequence number is greater than if it is no more than 2^^31-1 sequence number is greater than if it is no more than 2^^31-1
larger than the current sequence number (using serial arithmetic). larger than the current sequence number (using serial arithmetic).
D1) When adding an IP address to an association, the IP address is
F1) When adding an IP address to an association, the IP address is
NOT considered fully added to the association until the ASCONF-ACK NOT considered fully added to the association until the ASCONF-ACK
arrives. This means that until such time as the ASCONF containing arrives. This means that until such time as the ASCONF containing
the add is acknowledged the sender MUST NOT use the new IP address the add is acknowledged the sender MUST NOT use the new IP address
as a source for ANY SCTP packet except on carrying an ASCONF as a source for ANY SCTP packet except on carrying an ASCONF
chunk. The receiver of the add IP address request may use the Chunk. The receiver of the add IP address request may use the
address as a destination immediately. The receiver MUST use the address as a destination immediately. The receiver MUST use the
path verification procedure for the added address before using path verification procedure for the added address before using
that address. The receiver MUST NOT send packets to the new that address. The receiver MUST NOT send packets to the new
address except for the corresponding ASCONF-ACK chunk or HEARTBEAT address except for the corresponding ASCONF-ACK Chunk or HEARTBEAT
chunks for path verification before the new path is verified. If Chunks for path verification before the new path is verified. If
the ASCONF-ACK is sent to the new address it MAY be bundled with the ASCONF-ACK is sent to the new address it MAY be bundled with
the HEARTBEAT chunk for path verification. the HEARTBEAT chunk for path verification.
D2) After the ASCONF-ACK of an IP address add arrives, the endpoint F2) After the ASCONF-ACK of an IP address add arrives, the endpoint
MAY begin using the added IP address as a source address for any MAY begin using the added IP address as a source address for any
type of SCTP chunk. type of SCTP chunk.
D3a) If an endpoint receives an Error Cause TLV indicating that the
F3a) If an endpoint receives an Error Cause TLV indicating that the
IP address Add or IP address Deletion parameters was not IP address Add or IP address Deletion parameters was not
understood, the endpoint MUST consider the operation failed and understood, the endpoint MUST consider the operation failed and
MUST NOT attempt to send any subsequent Add or Delete requests to MUST NOT attempt to send any subsequent Add or Delete requests to
the peer. the peer.
D3b) If an endpoint receives an Error Cause TLV indicating that the
F3b) If an endpoint receives an Error Cause TLV indicating that the
IP address Set Primary IP Address parameter was not understood, IP address Set Primary IP Address parameter was not understood,
the endpoint MUST consider the operation failed and MUST NOT the endpoint MUST consider the operation failed and MUST NOT
attempt to send any subsequent Set Primary IP Address requests to attempt to send any subsequent Set Primary IP Address requests to
the peer. the peer.
D4) When deleting an IP address from an association, the IP address
F4) When deleting an IP address from an association, the IP address
MUST be considered a valid destination address for the reception MUST be considered a valid destination address for the reception
of SCTP packets until the ASCONF-ACK arrives and MUST NOT be used of SCTP packets until the ASCONF-ACK arrives and MUST NOT be used
as a source address for any subsequent packets. This means that as a source address for any subsequent packets. This means that
any datagrams that arrive before the ASCONF-ACK destined to the IP any datagrams that arrive before the ASCONF-ACK destined to the IP
address being deleted MUST be considered part of the current address being deleted MUST be considered part of the current
association. One special consideration is that ABORT chunks association. One special consideration is that ABORT Chunks
arriving destined to the IP address being deleted MUST be ignored arriving destined to the IP address being deleted MUST be ignored
(see Section 4.3.1 for further details). (see Section 4.3.1 for further details).
D5) An endpoint MUST NOT delete its last remaining IP address from an
association. In other words if an endpoint is NOT multi-homed it F5) An endpoint MUST NOT delete its last remaining IP address from
MUST NOT use the delete IP address without an add IP address an association. In other words if an endpoint is NOT multi-homed
preceding the delete parameter in the ASCONF chunk. Or if an it MUST NOT use the delete IP address without an add IP address
preceding the delete parameter in the ASCONF Chunk. Or if an
endpoint sends multiple requests to delete IP addresses it MUST endpoint sends multiple requests to delete IP addresses it MUST
NOT delete all of the IP addresses that the peer has listed for NOT delete all of the IP addresses that the peer has listed for
the requester. the requester.
D6) An endpoint MUST NOT set an IP header source address for an SCTP
F6) An endpoint MUST NOT set an IP header source address for an SCTP
packet holding the ASCONF Chunk to be the same as an address being packet holding the ASCONF Chunk to be the same as an address being
deleted by the ASCONF Chunk. deleted by the ASCONF Chunk.
D7) If a request is received to delete the last remaining IP address
F7) If a request is received to delete the last remaining IP address
of a peer endpoint, the receiver MUST send an Error Cause TLV with of a peer endpoint, the receiver MUST send an Error Cause TLV with
the error cause set to the new error code 'Request to Delete Last the error cause set to the new error code 'Request to Delete Last
Remaining IP Address'. The requested delete MUST NOT be performed Remaining IP Address'. The requested delete MUST NOT be performed
or acted upon, other than to send the ASCONF-ACK. or acted upon, other than to send the ASCONF-ACK.
D8) If a request is received to delete an IP address which is also
F8) If a request is received to delete an IP address which is also
the source address of the IP packet which contained the ASCONF the source address of the IP packet which contained the ASCONF
chunk, the receiver MUST reject this request. To reject the chunk, the receiver MUST reject this request. To reject the
request the receiver MUST send an Error Cause TLV set to the new request the receiver MUST send an Error Cause TLV set to the new
error code 'Request to Delete Source IP Address' (unless Rule D5 error code 'Request to Delete Source IP Address' (unless Rule F5
has also been violated, in which case the error code 'Request to has also been violated, in which case the error code 'Request to
Delete Last Remaining IP Address' is sent). Delete Last Remaining IP Address' is sent).
D9) If an endpoint receives an ADD IP address request and does not F9) If an endpoint receives an ADD IP address request and does not
have the local resources to add this new address to the have the local resources to add this new address to the
association, it MUST return an Error Cause TLV set to the new association, it MUST return an Error Cause TLV set to the new
error code 'Operation Refused Due to Resource Shortage'. error code 'Operation Refused Due to Resource Shortage'.
D10) If an endpoint receives an 'Out of Resource' error in response
F10) If an endpoint receives an 'Out of Resource' error in response
to its request to ADD an IP address to an association, it must to its request to ADD an IP address to an association, it must
either ABORT the association or not consider the address part of either ABORT the association or not consider the address part of
the association. In other words if the endpoint does not ABORT the association. In other words if the endpoint does not ABORT
the association, it must consider the add attempt failed and NOT the association, it must consider the add attempt failed and NOT
use this address since its peer will treat SCTP packets destined use this address since its peer will treat SCTP packets destined
to the address as Out Of The Blue packets. to the address as Out Of The Blue packets.
D11) When an endpoint receiving an ASCONF to add an IP address sends
F11) When an endpoint receiving an ASCONF to add an IP address sends
an 'Out of Resource' in its response, it MUST also fail any an 'Out of Resource' in its response, it MUST also fail any
subsequent add or delete requests bundled in the ASCONF. The subsequent add or delete requests bundled in the ASCONF. The
receiver MUST NOT reject an ADD and then accept a subsequent receiver MUST NOT reject an ADD and then accept a subsequent
DELETE of an IP address in the same ASCONF Chunk. In other words, DELETE of an IP address in the same ASCONF Chunk. In other words,
once a receiver begins failing any ADD or DELETE request, it must once a receiver begins failing any ADD or DELETE request, it must
fail all subsequent ADD or DELETE requests contained in that fail all subsequent ADD or DELETE requests contained in that
single ASCONF. single ASCONF.
D12) When an endpoint receives a request to delete an IP address that
is the current primary address, it is an implementation decision F12) When an endpoint receives a request to delete an IP address
as to how that endpoint chooses the new primary address. that is the current primary address, it is an implementation
D13) When an endpoint receives a valid request to DELETE an IP decision as to how that endpoint chooses the new primary address.
F13) When an endpoint receives a valid request to DELETE an IP
address the endpoint MUST consider the address no longer as part address the endpoint MUST consider the address no longer as part
of the association. It MUST NOT send SCTP packets for the of the association. It MUST NOT send SCTP packets for the
association to that address and it MUST treat subsequent packets association to that address and it MUST treat subsequent packets
received from that address as Out Of The Blue. received from that address as Out Of The Blue.
During the time interval between sending out the ASCONF and During the time interval between sending out the ASCONF and
receiving the ASCONF-ACK it MAY be possible to receive DATA chunks receiving the ASCONF-ACK it MAY be possible to receive DATA Chunks
out of order. The following examples illustrate these problems: out of order. The following examples illustrate these problems:
Endpoint-A Endpoint-Z Endpoint-A Endpoint-Z
---------- ---------- ---------- ----------
ASCONF[Add-IP:X]------------------------------> ASCONF[Add-IP:X]------------------------------>
/--ASCONF-ACK /--ASCONF-ACK
/ /
/--------/---New DATA: /--------/---New DATA:
/ / Destination / / Destination
<-------------------/ / IP:X <-------------------/ / IP:X
skipping to change at page 25, line 40 skipping to change at page 27, line 21
For the DELETE case, an endpoint MAY respond to the late arriving For the DELETE case, an endpoint MAY respond to the late arriving
DATA packet as an OOTB datagram or it MAY hold the deleting IP DATA packet as an OOTB datagram or it MAY hold the deleting IP
address for a small period of time as still valid. If it treats the address for a small period of time as still valid. If it treats the
DATA packet as an OOTB the peer will silently discard the ABORT DATA packet as an OOTB the peer will silently discard the ABORT
(since by the time the ABORT is sent the peer will have removed the (since by the time the ABORT is sent the peer will have removed the
IP address from this association). If the endpoint elects to hold IP address from this association). If the endpoint elects to hold
the IP address valid for a period of time, it MUST NOT hold it valid the IP address valid for a period of time, it MUST NOT hold it valid
longer than 2 RTO intervals for the destination being removed. longer than 2 RTO intervals for the destination being removed.
4.3.1. A special case for OOTB ABORT chunks 4.3.1. A special case for OOTB ABORT Chunks
Another case worth mentioning is illustrated below: Another case worth mentioning is illustrated below:
Endpoint-A Endpoint-Z Endpoint-A Endpoint-Z
---------- ---------- ---------- ----------
New DATA:------------\ New DATA:------------\
Source IP:X \ Source IP:X \
\ \
ASCONF-REQ[DEL-IP:X]----\------------------> ASCONF-REQ[DEL-IP:X]----\------------------>
skipping to change at page 27, line 17 skipping to change at page 28, line 38
addresses the sender of the INIT or INIT-ACK would prefer to be used addresses the sender of the INIT or INIT-ACK would prefer to be used
as the primary address. as the primary address.
The request to set an address as the primary path is an option the The request to set an address as the primary path is an option the
receiver SHOULD perform. It is considered advice to the receiver of receiver SHOULD perform. It is considered advice to the receiver of
the best destination address to use in sending SCTP packets (in the the best destination address to use in sending SCTP packets (in the
requesters view). If a request arrives that asks the receiver to set requesters view). If a request arrives that asks the receiver to set
an address as primary that does not exist, the receiver should NOT an address as primary that does not exist, the receiver should NOT
honor the request, leaving its existing primary address unchanged. honor the request, leaving its existing primary address unchanged.
4.5. Bundling of multiple ASCONFs
In the normal case a single ASCONF is sent in a packet and a single
reply ASCONF-ACK is received. However, in the event of the loss of
an SCTP packet containing either an ASCONF or ASCONF-ACK it is
allowable for a sender to bundle additional ASCONF's in the
retransmission. In bundling multiple ASCONF's the following rules
MUST be followed:
1. Previously transmitted ASCONF Chunks MUST be left unchanged.
2. Each SCTP packet containing ASCONF Chunks MUST be bundled
starting with the smallest ASCONF Serial Number first in the
packet (closest to the Chunk header) and preceeding in sequential
order from lowest to highest ASCONF Serial Number.
3. All ASCONF's within the packet MUST be adjacent to each other
i.e. no other chunk type must seperate the ASCONF's.
4. Each new ASCONF's lookup address MUST be populated as if the
previous ASCONF's had been processed and accepted.
5. Security Considerations 5. Security Considerations
The addition and or deletion of an IP address to an existing The addition and or deletion of an IP address to an existing
association does provide an additional mechanism by which existing association does provide an additional mechanism by which existing
associations can be hijacked. Therefore this document requires the associations can be hijacked. Therefore this document requires the
use of the authentication mechanism defined in SCTP-AUTH [I-D.ietf- use of the authentication mechanism defined in SCTP-AUTH
tsvwg-sctp-auth] to limit the ability of an attacker to hijack an [I-D.ietf-tsvwg-sctp-auth] to limit the ability of an attacker to
association. hijack an association.
Hijacking an association by using the addition and deletion of an IP Hijacking an association by using the addition and deletion of an IP
address is only possible for an attacker who is able to intercept the address is only possible for an attacker who is able to intercept the
initial two packets of the association setup when the SCTP-AUTH initial two packets of the association setup when the SCTP-AUTH
extension is used without pre-shared keys.. If such a threat is extension is used without pre-shared keys.. If such a threat is
considered a possibility, then the SCTP-AUTH [I-D.ietf-tsvwg-sctp- considered a possibility, then the SCTP-AUTH
auth] extension MUST be used with a preconfigured shared end-point [I-D.ietf-tsvwg-sctp-auth] extension MUST be used with a
pair key to mitigate this threat. For a more detailed analysis see preconfigured shared end-point pair key to mitigate this threat. For
SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth]. a more detailed analysis see SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth].
If an SCTP endpoint that supports this extension receives an INIT If an SCTP endpoint that supports this extension receives an INIT
that indicates that the peer supports the ASCONF extension but does that indicates that the peer supports the ASCONF extension but does
NOT support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] extension, the NOT support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] extension, the
receiver of such an INIT MUST send an ABORT in response to such an receiver of such an INIT MUST send an ABORT in response to such an
INIT. Note that an implementation is allowed to silently discard INIT. Note: that an implementation is allowed to silently discard
such an INIT as an option as well but under NO circumstance is an such an INIT as an option as well but under NO circumstance is an
implementation allowed to proceed with the association setup by implementation allowed to proceed with the association setup by
sending an INIT-ACK in response. sending an INIT-ACK in response.
An implementation that receives an INIT-ACK that indicates that the An implementation that receives an INIT-ACK that indicates that the
peer does not support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] peer does not support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth]
extension MUST NOT send the COOKIE-ECHO to establish the association. extension MUST NOT send the COOKIE-ECHO to establish the association.
Instead the implementation MUST discard the INIT-ACK and report to Instead the implementation MUST discard the INIT-ACK and report to
the upper layer user that an association cannot be established the upper layer user that an association cannot be established
destroying the TCB. destroying the TCB.
skipping to change at page 28, line 25 skipping to change at page 30, line 20
types where the upper two bits are one, we recommend 0xC1 but any types where the upper two bits are one, we recommend 0xC1 but any
other available code point with the upper bits set is also other available code point with the upper bits set is also
acceptable. The second chunk type must come from the range where acceptable. The second chunk type must come from the range where
only the upper bit is set to one. We recommend 0x80 but any other only the upper bit is set to one. We recommend 0x80 but any other
available code point with the upper bit set is also acceptable. The available code point with the upper bit set is also acceptable. The
suggested chunk types are listed in Table 1. suggested chunk types are listed in Table 1.
All but one of the parameter types must come from the range of types All but one of the parameter types must come from the range of types
where the upper two bits are set, we recommend 0xC001 - 0xC006, as where the upper two bits are set, we recommend 0xC001 - 0xC006, as
specified in this document. The other parameter type must come from specified in this document. The other parameter type must come from
the 0x8000 range, we recommend 0x8008. Note that for any of these the 0x8000 range, we recommend 0x8008. Note: that for any of these
values a different unique parameter type may be assigned by IANA as values a different unique parameter type may be assigned by IANA as
long as the upper bits correspond to the ones specified in this long as the upper bits correspond to the ones specified in this
document. The suggested parameter types are listed in Table 2, Table document. The suggested parameter types are listed in Table 2, Table
3, and Table 4. 3, and Table 4.
The five new error causes can be any value, in this document we have The five new error causes can be any value, in this document we have
used 0x0100-0x0104 in an attempt to separate these from the common used 0x0100-0x0104 in an attempt to separate these from the common
ranges of error codes. Any other unassigned values are also ranges of error codes. Any other unassigned values are also
acceptable. The suggested error causes are listed in Table 5. acceptable. The suggested error causes are listed in Table 5.
This document also defines a Adaptation code point. The adaptation This document also defines a Adaptation code point. The adaptation
code point is a 32 bit integer that is assigned by IANA through an code point is a 32 bit integer that is assigned by IANA through an
IETF Consensus action as defined in RFC2434 [RFC2434]. IETF Consensus action as defined in RFC2434 [RFC2434].
7. Acknowledgments 7. Acknowledgments
The authors would like to express a special note of thanks to Michael
Ramahlo and Phillip Conrad for there extreme efforts in the early
formation of this draft.
The authors wish to thank Jon Berger, Greg Kendall, Seok Koh, Peter The authors wish to thank Jon Berger, Greg Kendall, Seok Koh, Peter
Lei, John Loughney, Ivan Arias Rodriguez, Renee Revis, Marshall Rose, Lei, John Loughney, Ivan Arias Rodriguez, Renee Revis, Marshall Rose,
Chip Sharp, and Irene Ruengeler for their invaluable comments. Chip Sharp, and Irene Ruengeler for their invaluable comments.
The authors would also like to give special mention to Maria-Carmen The authors would also like to give special mention to Maria-Carmen
Belinchon and Ian Rytina for there early contributions to this Belinchon and Ian Rytina for there early contributions to this
document and their thoughtful comments. document and their thoughtful comments.
8. References 8. References
skipping to change at page 29, line 31 skipping to change at page 31, line 31
June 1999. June 1999.
[RFC2960] Stewart, R., Xie, Q., Morneault, K., Sharp, C., [RFC2960] Stewart, R., Xie, Q., Morneault, K., Sharp, C.,
Schwarzbauer, H., Taylor, T., Rytina, I., Kalla, M., Schwarzbauer, H., Taylor, T., Rytina, I., Kalla, M.,
Zhang, L., and V. Paxson, "Stream Control Transmission Zhang, L., and V. Paxson, "Stream Control Transmission
Protocol", RFC 2960, October 2000. Protocol", RFC 2960, October 2000.
[I-D.ietf-tsvwg-sctp-auth] [I-D.ietf-tsvwg-sctp-auth]
Tuexen, M., "Authenticated Chunks for Stream Control Tuexen, M., "Authenticated Chunks for Stream Control
Transmission Protocol (SCTP)", Transmission Protocol (SCTP)",
draft-ietf-tsvwg-sctp-auth-02 (work in progress), draft-ietf-tsvwg-sctp-auth-04 (work in progress),
March 2006. September 2006.
Appendix A. Abstract Address Handling Appendix A. Abstract Address Handling
A.1. General remarks A.1. General remarks
The following text provides a working definition of the endpoint The following text provides a working definition of the endpoint
notion to discuss address reconfiguration. It is not intended to notion to discuss address reconfiguration. It is not intended to
restrict implementations in any way, its goal is to provide as set of restrict implementations in any way, its goal is to provide as set of
definitions only. Using these definitions should make a discussion definitions only. Using these definitions should make a discussion
about address issues easier. about address issues easier.
skipping to change at page 33, line 17 skipping to change at page 34, line 32
Randall R. Stewart Randall R. Stewart
Cisco Systems, Inc. Cisco Systems, Inc.
4875 Forest Drive 4875 Forest Drive
Suite 200 Suite 200
Columbia, SC 29206 Columbia, SC 29206
US US
Phone: Phone:
Email: rrs@cisco.com Email: rrs@cisco.com
Michael A. Ramalho
Cisco Systems, Inc.
1802 Rue de la Porte
Wall Township, NJ 07719-3784
USA
Phone: +1.732.449.5762
Email: mramalho@cisco.com
Qiaobing Xie Qiaobing Xie
Motorola, Inc. Motorola, Inc.
1501 W. Shure Drive, #2309 1501 W. Shure Drive, #2309
Arlington Heights, IL 60004 Arlington Heights, IL 60004
USA USA
Phone: +1-847-632-3028 Phone: +1-847-632-3028
Email: qxie1@email.mot.com Email: qxie1@email.mot.com
Michael Tuexen Michael Tuexen
Univ. of Applied Sciences Muenster Univ. of Applied Sciences Muenster
Stegerwaldstr. 39 Stegerwaldstr. 39
48565 Steinfurt 48565 Steinfurt
Germany Germany
Email: tuexen@fh-muenster.de Email: tuexen@fh-muenster.de
Phillip T. Conrad Shin Maruyama
University of Delaware Kyoto University
Department of Computer and Information Sciences Yoshida-Honmachi
Newark, DE 19716 Sakyo-ku
US Kyoto, Kyoto 606-8501
JAPAN
Phone: +1 302 831 8622 Phone: +81-75-753-7468
Email: conrad@acm.org Email: mail@marushin.gr.jp
URI: http://www.cis.udel.edu/~pconrad
Intellectual Property Statement Masahiro Kozuka
Kyoto University
Yoshida-Honmachi
Sakyo-ku
Kyoto, Kyoto 606-8501
JAPAN
Phone: +81-75-753-7468
Email: ma-kun@kozuka.jp
Full Copyright Statement
Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
skipping to change at page 35, line 29 skipping to change at page 36, line 45
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is provided by the IETF
Internet Society. Administrative Support Activity (IASA).
 End of changes. 82 change blocks. 
193 lines changed or deleted 277 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/