draft-ietf-tsvwg-addip-sctp-21.txt   draft-ietf-tsvwg-addip-sctp-22.txt 
Network Working Group R. Stewart Network Working Group R. Stewart
Internet-Draft Cisco Systems, Inc. Internet-Draft Cisco Systems, Inc.
Intended status: Standards Track Q. Xie Intended status: Standards Track Q. Xie
Expires: December 14, 2007 Motorola, Inc. Expires: December 21, 2007 Motorola, Inc.
M. Tuexen M. Tuexen
Univ. of Applied Sciences Muenster Univ. of Applied Sciences Muenster
S. Maruyama S. Maruyama
M. Kozuka M. Kozuka
Kyoto University Kyoto University
June 12, 2007 June 19, 2007
Stream Control Transmission Protocol (SCTP) Dynamic Address Stream Control Transmission Protocol (SCTP) Dynamic Address
Reconfiguration Reconfiguration
draft-ietf-tsvwg-addip-sctp-21.txt draft-ietf-tsvwg-addip-sctp-22.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 41 skipping to change at page 1, line 41
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 14, 2007. This Internet-Draft will expire on December 21, 2007.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
A local host may have multiple points of attachment to the Internet, A local host may have multiple points of attachment to the Internet,
giving it a degree of fault tolerance from hardware failures. Stream giving it a degree of fault tolerance from hardware failures. Stream
Control Transmission Protocol (SCTP) SCTP-BIS Control Transmission Protocol (SCTP) [I-D.ietf-tsvwg-2960bis] was
[I-D.ietf-tsvwg-2960bis] was developed to take full advantage of such developed to take full advantage of such a multi-homed host to
a multi-homed host to provide a fast failover and association provide a fast failover and association survivability in the face of
survivability in the face of such hardware failures. This document such hardware failures. This document describes an extension to SCTP
describes an extension to SCTP that will allow an SCTP stack to that will allow an SCTP stack to dynamically add an IP Addresses to
dynamically add an IP Addresses to an SCTP association, dynamically an SCTP association, dynamically delete an IP addresses from an SCTP
delete an IP addresses from an SCTP association, and to request to association, and to request to set the primary address the peer will
set the primary address the peer will use when sending to an use when sending to an endpoint.
endpoint.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Serial Number Arithmetic . . . . . . . . . . . . . . . . . . . 6 3. Serial Number Arithmetic . . . . . . . . . . . . . . . . . . . 6
4. Additional Chunks and Parameters . . . . . . . . . . . . . . . 6 4. Additional Chunks and Parameters . . . . . . . . . . . . . . . 6
4.1. New Chunk Types . . . . . . . . . . . . . . . . . . . . . 6 4.1. New Chunk Types . . . . . . . . . . . . . . . . . . . . . 6
4.1.1. Address Configuration Change Chunk (ASCONF) . . . . . 7 4.1.1. Address Configuration Change Chunk (ASCONF) . . . . . 7
4.1.2. Address Configuration Acknowledgment Chunk 4.1.2. Address Configuration Acknowledgment Chunk
skipping to change at page 3, line 42 skipping to change at page 3, line 42
5. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.1. ASCONF Chunk Procedures . . . . . . . . . . . . . . . . . 20 5.1. ASCONF Chunk Procedures . . . . . . . . . . . . . . . . . 20
5.1.1. Congestion Control of ASCONF Chunks . . . . . . . . . 22 5.1.1. Congestion Control of ASCONF Chunks . . . . . . . . . 22
5.2. Upon reception of an ASCONF Chunk. . . . . . . . . . . . . 23 5.2. Upon reception of an ASCONF Chunk. . . . . . . . . . . . . 23
5.3. General rules for address manipulation . . . . . . . . . . 26 5.3. General rules for address manipulation . . . . . . . . . . 26
5.3.1. A special case for OOTB ABORT Chunks . . . . . . . . . 29 5.3.1. A special case for OOTB ABORT Chunks . . . . . . . . . 29
5.3.2. A special case for changing an address. . . . . . . . 30 5.3.2. A special case for changing an address. . . . . . . . 30
5.4. Setting of the primary address . . . . . . . . . . . . . . 30 5.4. Setting of the primary address . . . . . . . . . . . . . . 30
5.5. Bundling of multiple ASCONFs . . . . . . . . . . . . . . . 31 5.5. Bundling of multiple ASCONFs . . . . . . . . . . . . . . . 31
6. Security Considerations . . . . . . . . . . . . . . . . . . . 31 6. Security Considerations . . . . . . . . . . . . . . . . . . . 31
7. IANA considerations . . . . . . . . . . . . . . . . . . . . . 32 7. IANA considerations . . . . . . . . . . . . . . . . . . . . . 34
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 35
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 34 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 36
9.1. Normative References . . . . . . . . . . . . . . . . . . . 34 9.1. Normative References . . . . . . . . . . . . . . . . . . . 36
9.2. Informative References . . . . . . . . . . . . . . . . . . 35 9.2. Informative References . . . . . . . . . . . . . . . . . . 36
Appendix A. Abstract Address Handling . . . . . . . . . . . . . . 35 Appendix A. Abstract Address Handling . . . . . . . . . . . . . . 37
A.1. General remarks . . . . . . . . . . . . . . . . . . . . . 35 A.1. General remarks . . . . . . . . . . . . . . . . . . . . . 37
A.2. Generalized endpoints . . . . . . . . . . . . . . . . . . 35 A.2. Generalized endpoints . . . . . . . . . . . . . . . . . . 37
A.3. Associations . . . . . . . . . . . . . . . . . . . . . . . 36 A.3. Associations . . . . . . . . . . . . . . . . . . . . . . . 38
A.4. Relationship with RFC 4960 . . . . . . . . . . . . . . . . 37 A.4. Relationship with RFC 4960 . . . . . . . . . . . . . . . . 38
A.5. Rules for address manipulation . . . . . . . . . . . . . . 37 A.5. Rules for address manipulation . . . . . . . . . . . . . . 39
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 38 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 39
Intellectual Property and Copyright Statements . . . . . . . . . . 40 Intellectual Property and Copyright Statements . . . . . . . . . . 41
1. Introduction 1. Introduction
A local host may have multiple points of attachment to the Internet, A local host may have multiple points of attachment to the Internet,
giving it a degree of fault tolerance from hardware failures. SCTP giving it a degree of fault tolerance from hardware failures. SCTP
was developed to take full advantage of such a multi-homed host to was developed to take full advantage of such a multi-homed host to
provide a fast failover and association survivability in the face of provide a fast failover and association survivability in the face of
such hardware failures. However, many modern computers allow for the such hardware failures. However, many modern computers allow for the
dynamic addition and deletion of network cards (sometimes termed a dynamic addition and deletion of network cards (sometimes termed a
hot-pluggable interface). Complicate this with the ability of a hot-pluggable interface). Complicate this with the ability of a
skipping to change at page 5, line 50 skipping to change at page 5, line 50
an adaptation indication, that can be exchanged at startup. This is an adaptation indication, that can be exchanged at startup. This is
useful for applications where there is one or more specific layers useful for applications where there is one or more specific layers
below the application, yet still above SCTP. In such a case the below the application, yet still above SCTP. In such a case the
exchange of this indication can allow the proper layer to be enabled exchange of this indication can allow the proper layer to be enabled
below the application. below the application.
2. Conventions 2. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC2119 [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Serial Number Arithmetic 3. Serial Number Arithmetic
It is essential to remember that the actual ASCONF Sequence Number It is essential to remember that the actual ASCONF Sequence Number
space is finite, though very large. This space ranges from 0 to space is finite, though very large. This space ranges from 0 to
2**32 - 1. Since the space is finite, all arithmetic dealing with 2**32 - 1. Since the space is finite, all arithmetic dealing with
ASCONF Sequence Numbers MUST be performed modulo 2**32. This ASCONF Sequence Numbers MUST be performed modulo 2**32. This
unsigned arithmetic preserves the relationship of sequence numbers as unsigned arithmetic preserves the relationship of sequence numbers as
they cycle from 2**32 - 1 to 0 again. There are some subtleties to they cycle from 2**32 - 1 to 0 again. There are some subtleties to
computer modulo arithmetic, so great care should be taken in computer modulo arithmetic, so great care should be taken in
skipping to change at page 7, line 18 skipping to change at page 7, line 18
0x80 Address Configuration Acknowledgment (ASCONF-ACK) 0x80 Address Configuration Acknowledgment (ASCONF-ACK)
Table 1: Address Configuration Chunks Table 1: Address Configuration Chunks
4.1.1. Address Configuration Change Chunk (ASCONF) 4.1.1. Address Configuration Change Chunk (ASCONF)
This chunk is used to communicate to the remote endpoint one of the This chunk is used to communicate to the remote endpoint one of the
configuration change requests that MUST be acknowledged. The configuration change requests that MUST be acknowledged. The
information carried in the ASCONF Chunk uses the form of a Type- information carried in the ASCONF Chunk uses the form of a Type-
Length-Value (TLV), as described in "3.2.1 Optional/Variable-length Length-Value (TLV), as described in "3.2.1 Optional/Variable-length
Parameter Format" in SCTP-BIS [I-D.ietf-tsvwg-2960bis] for all Parameter Format" in [I-D.ietf-tsvwg-2960bis] for all variable
variable parameters. This chunk MUST be sent in an authenticated way parameters. This chunk MUST be sent in an authenticated way by using
by using the mechanism defined in SCTP-AUTH the mechanism defined in [I-D.ietf-tsvwg-sctp-auth]. If this chunk
[I-D.ietf-tsvwg-sctp-auth]. If this chunk is received is received unauthenticated it MUST be silently discarded as
unauthenticated it MUST be silently discarded as described in SCTP- described in [I-D.ietf-tsvwg-sctp-auth].
AUTH [I-D.ietf-tsvwg-sctp-auth].
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 0xC1 | Chunk Flags | Chunk Length | | Type = 0xC1 | Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number | | Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Address Parameter | | Address Parameter |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 7, line 52 skipping to change at page 7, line 51
Sequence Number : 32 bits (unsigned integer) Sequence Number : 32 bits (unsigned integer)
This value represents a Sequence Number for the ASCONF Chunk. The This value represents a Sequence Number for the ASCONF Chunk. The
valid range of Sequence Number is from 0 to 4294967295 (2**32 - 1). valid range of Sequence Number is from 0 to 4294967295 (2**32 - 1).
Sequence Numbers wrap back to 0 after reaching 4294967295. Sequence Numbers wrap back to 0 after reaching 4294967295.
Address Parameter : 8 or 20 bytes (depending on the address type) Address Parameter : 8 or 20 bytes (depending on the address type)
This field contains an address parameter, either IPv6 or IPv4, from This field contains an address parameter, either IPv6 or IPv4, from
SCTP-BIS [I-D.ietf-tsvwg-2960bis]. The address is an address of the [I-D.ietf-tsvwg-2960bis]. The address is an address of the sender of
sender of the ASCONF Chunk, the address MUST be considered part of the ASCONF Chunk, the address MUST be considered part of the
the association by the peer endpoint (the receiver of the ASCONF association by the peer endpoint (the receiver of the ASCONF Chunk).
Chunk). This field may be used by the receiver of the ASCONF to help This field may be used by the receiver of the ASCONF to help in
in finding the association. If the address 0.0.0.0 or ::0 is finding the association. If the address 0.0.0.0 or ::0 is provided
provided the receiver MAY lookup the association by other information the receiver MAY lookup the association by other information provided
provided in the packet. This parameter MUST be present in every in the packet. This parameter MUST be present in every ASCONF
ASCONF message, i.e. it is a mandatory TLV parameter. message, i.e. it is a mandatory TLV parameter.
Note: the host name address MUST NOT be sent and MUST be ignored if Note: the host name address MUST NOT be sent and MUST be ignored if
received in any ASCONF message. received in any ASCONF message.
It should be noted that the ASCONF Chunk format requires the receiver It should be noted that the ASCONF Chunk format requires the receiver
to report to the sender if it does not understand the ASCONF Chunk. to report to the sender if it does not understand the ASCONF Chunk.
This is accomplished by setting the upper bits in the chunk type as This is accomplished by setting the upper bits in the chunk type as
described in SCTP-BIS [I-D.ietf-tsvwg-2960bis]. section 3.2. Note described in [I-D.ietf-tsvwg-2960bis]. section 3.2. Note that the
that the upper two bits in the ASCONF Chunk are set to one. As upper two bits in the ASCONF Chunk are set to one. As defined in
defined in SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 3.2, when [I-D.ietf-tsvwg-2960bis] section 3.2, when setting these upper bits
setting these upper bits in this manner the receiver that does not in this manner the receiver that does not understand this chunk MUST
understand this chunk MUST skip the chunk and continue processing, skip the chunk and continue processing, and report in an Operation
and report in an Operation Error Chunk using the 'Unrecognized Chunk Error Chunk using the 'Unrecognized Chunk Type' cause of error. This
Type' cause of error. This will NOT abort the association but will NOT abort the association but indicates to the sender that it
indicates to the sender that it MUST not send any further ASCONF MUST not send any further ASCONF chunks.
chunks.
ASCONF Parameter: TLV format ASCONF Parameter: TLV format
Each Address configuration change is represented by a TLV parameter Each Address configuration change is represented by a TLV parameter
as defined in Section 4.2. One or more requests may be present in an as defined in Section 4.2. One or more requests may be present in an
ASCONF Chunk. ASCONF Chunk.
4.1.2. Address Configuration Acknowledgment Chunk (ASCONF-ACK) 4.1.2. Address Configuration Acknowledgment Chunk (ASCONF-ACK)
This chunk is used by the receiver of an ASCONF Chunk to acknowledge This chunk is used by the receiver of an ASCONF Chunk to acknowledge
the reception. It carries zero or more results for any ASCONF the reception. It carries zero or more results for any ASCONF
Parameters that were processed by the receiver. This chunk MUST be Parameters that were processed by the receiver. This chunk MUST be
sent in an authenticated way by using the mechanism defined in SCTP- sent in an authenticated way by using the mechanism defined in
AUTH [I-D.ietf-tsvwg-sctp-auth]. If this chunk is received [I-D.ietf-tsvwg-sctp-auth]. If this chunk is received
unauthenticated it MUST be silently discarded as described in SCTP- unauthenticated it MUST be silently discarded as described in
AUTH [I-D.ietf-tsvwg-sctp-auth]. [I-D.ietf-tsvwg-sctp-auth].
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 0x80 | Chunk Flags | Chunk Length | | Type = 0x80 | Chunk Flags | Chunk Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number | | Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ASCONF Parameter Response#1 | | ASCONF Parameter Response#1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 9, line 39 skipping to change at page 9, line 39
The ASCONF Parameter Response is used in the ASCONF-ACK to report The ASCONF Parameter Response is used in the ASCONF-ACK to report
status of ASCONF processing. By default, if a responding endpoint status of ASCONF processing. By default, if a responding endpoint
does not include any Error Cause, a success is indicated. Thus a does not include any Error Cause, a success is indicated. Thus a
sender of an ASCONF-ACK MAY indicate complete success of all TLVs in sender of an ASCONF-ACK MAY indicate complete success of all TLVs in
an ASCONF by returning only the Chunk Type, Chunk Flags, Chunk Length an ASCONF by returning only the Chunk Type, Chunk Flags, Chunk Length
(set to 8) and the Sequence Number. (set to 8) and the Sequence Number.
4.2. New Parameter Types 4.2. New Parameter Types
The seven new parameters added follow the format defined in section The seven new parameters added follow the format defined in section
3.2.1 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]. Tables 2, 3 and 4 3.2.1 of [I-D.ietf-tsvwg-2960bis]. Tables 2, 3 and 4 describe the
describe the parameters. parameters.
Address Configuration Parameters Parameter Type Address Configuration Parameters Parameter Type
------------------------------------------------- -------------------------------------------------
Set Primary Address 0xC004 Set Primary Address 0xC004
Adaptation Layer Indication 0xC006 Adaptation Layer Indication 0xC006
Supported Extensions 0x8008 Supported Extensions 0x8008
Table 2: Parameters that can be used in INIT/INIT-ACK chunk Table 2: Parameters that can be used in INIT/INIT-ACK chunk
Address Configuration Parameters Parameter Type Address Configuration Parameters Parameter Type
------------------------------------------------- -------------------------------------------------
skipping to change at page 11, line 4 skipping to change at page 11, line 4
This is an opaque integer assigned by the sender to identify each This is an opaque integer assigned by the sender to identify each
request parameter. The receiver of the ASCONF Chunk will copy this request parameter. The receiver of the ASCONF Chunk will copy this
32 bit value into the ASCONF Response Correlation ID field of the 32 bit value into the ASCONF Response Correlation ID field of the
ASCONF-ACK response parameter. The sender of the ASCONF can use this ASCONF-ACK response parameter. The sender of the ASCONF can use this
same value in the ASCONF-ACK to find which request the response is same value in the ASCONF-ACK to find which request the response is
for. Note that the receiver MUST NOT change this 32 bit value. for. Note that the receiver MUST NOT change this 32 bit value.
Address Parameter: TLV Address Parameter: TLV
This field contains an IPv4 or IPv6 address parameter as described in This field contains an IPv4 or IPv6 address parameter as described in
3.3.2.1 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]. The complete TLV is 3.3.2.1 of [I-D.ietf-tsvwg-2960bis]. The complete TLV is wrapped
wrapped within this parameter. It informs the receiver that the within this parameter. It informs the receiver that the address
address specified is to be added to the existing association. This specified is to be added to the existing association. This parameter
parameter MUST NOT contain a broadcast or multicast address. If the MUST NOT contain a broadcast or multicast address. If the address
address 0.0.0.0 or ::0 is provided, the source address of the packet 0.0.0.0 or ::0 is provided, the source address of the packet MUST be
MUST be added. added.
An example TLV requesting that the IPv4 address 192.0.2.1 be added to An example TLV requesting that the IPv4 address 192.0.2.1 be added to
the association would look as follows: the association would look as follows:
+--------------------------------+ +--------------------------------+
| Type=0xC001 | Length = 16 | | Type=0xC001 | Length = 16 |
+--------------------------------+ +--------------------------------+
| C-ID = 0x01023474 | | C-ID = 0x01023474 |
+--------------------------------+ +--------------------------------+
| Type=5 | Length = 8 | | Type=5 | Length = 8 |
skipping to change at page 12, line 5 skipping to change at page 12, line 5
This is an opaque integer assigned by the sender to identify each This is an opaque integer assigned by the sender to identify each
request parameter. The receiver of the ASCONF Chunk will copy this request parameter. The receiver of the ASCONF Chunk will copy this
32 bit value into the ASCONF Response Correlation ID field of the 32 bit value into the ASCONF Response Correlation ID field of the
ASCONF-ACK response parameter. The sender of the ASCONF can use this ASCONF-ACK response parameter. The sender of the ASCONF can use this
same value in the ASCONF-ACK to find which request the response is same value in the ASCONF-ACK to find which request the response is
for. Note that the receiver MUST NOT change this 32 bit value. for. Note that the receiver MUST NOT change this 32 bit value.
Address Parameter: TLV Address Parameter: TLV
This field contains an IPv4 or IPv6 address parameter as described in This field contains an IPv4 or IPv6 address parameter as described in
3.3.2.1 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]. The complete TLV is 3.3.2.1 of [I-D.ietf-tsvwg-2960bis]. The complete TLV is wrapped
wrapped within this parameter. It informs the receiver that the within this parameter. It informs the receiver that the address
address specified is to be removed from the existing association. specified is to be removed from the existing association. This
This parameter MUST NOT contain a broadcast or multicast address. If parameter MUST NOT contain a broadcast or multicast address. If the
the address 0.0.0.0 or ::0 is provided, all addresses of the peer address 0.0.0.0 or ::0 is provided, all addresses of the peer except
except the source address of the packet MUST be deleted. the source address of the packet MUST be deleted.
An example TLV deleting the IPv4 address 192.0.2.1 from an existing An example TLV deleting the IPv4 address 192.0.2.1 from an existing
association would look as follows: association would look as follows:
+--------------------------------+ +--------------------------------+
| Type=0xC002 | Length = 16 | | Type=0xC002 | Length = 16 |
+--------------------------------+ +--------------------------------+
| C-ID = 0x01023476 | | C-ID = 0x01023476 |
+--------------------------------+ +--------------------------------+
| Type=5 | Length = 8 | | Type=5 | Length = 8 |
skipping to change at page 13, line 6 skipping to change at page 13, line 6
This is an opaque integer assigned by the sender to identify each This is an opaque integer assigned by the sender to identify each
request parameter. The receiver of the ASCONF Chunk will copy this request parameter. The receiver of the ASCONF Chunk will copy this
32 bit value from the ASCONF-Request Correlation ID into the ASCONF 32 bit value from the ASCONF-Request Correlation ID into the ASCONF
Response Correlation ID field so the peer can easily correlate the Response Correlation ID field so the peer can easily correlate the
request to this response. Note that the receiver MUST NOT change request to this response. Note that the receiver MUST NOT change
this 32 bit value. this 32 bit value.
Error Cause(s): TLV(s) Error Cause(s): TLV(s)
When reporting an error this response parameter is used to wrap one When reporting an error this response parameter is used to wrap one
or more standard error causes normally found within an SCTP or more standard error causes normally found within an SCTP
Operational Error or SCTP Abort (as defined in SCTP-BIS Operational Error or SCTP Abort (as defined in
[I-D.ietf-tsvwg-2960bis]). The Error Cause(s) follow the format [I-D.ietf-tsvwg-2960bis]). The Error Cause(s) follow the format
defined in section 3.3.10 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]. defined in section 3.3.10 of [I-D.ietf-tsvwg-2960bis].
Valid Chunk Appearance Valid Chunk Appearance
The Error Cause Indication parameter may only appear in the ASCONF- The Error Cause Indication parameter may only appear in the ASCONF-
ACK Chunk type. ACK Chunk type.
4.2.4. Set Primary IP Address 4.2.4. Set Primary IP Address
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
skipping to change at page 13, line 39 skipping to change at page 13, line 39
This is an opaque integer assigned by the sender to identify each This is an opaque integer assigned by the sender to identify each
request parameter. The receiver of the ASCONF Chunk will copy this request parameter. The receiver of the ASCONF Chunk will copy this
32 bit value into the ASCONF Response Correlation ID field of the 32 bit value into the ASCONF Response Correlation ID field of the
ASCONF-ACK response parameter. The sender of the ASCONF can use this ASCONF-ACK response parameter. The sender of the ASCONF can use this
same value in the ASCONF-ACK to find which request the response is same value in the ASCONF-ACK to find which request the response is
for. Note that the receiver MUST NOT change this 32 bit value. for. Note that the receiver MUST NOT change this 32 bit value.
Address Parameter: TLV Address Parameter: TLV
This field contains an IPv4 or IPv6 address parameter as described in This field contains an IPv4 or IPv6 address parameter as described in
3.3.2.1 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]. The complete TLV is 3.3.2.1 of [I-D.ietf-tsvwg-2960bis]. The complete TLV is wrapped
wrapped within this parameter. It requests the receiver to mark the within this parameter. It requests the receiver to mark the
specified address as the primary address to send data to (see section specified address as the primary address to send data to (see section
5.1.2 of SCTP-BIS [I-D.ietf-tsvwg-2960bis]). The receiver MAY mark 5.1.2 of [I-D.ietf-tsvwg-2960bis]). The receiver MAY mark this as
this as its primary upon receiving this request. If the address its primary upon receiving this request. If the address 0.0.0.0 or
0.0.0.0 or ::0 is provided, the receiver MAY mark the source address ::0 is provided, the receiver MAY mark the source address of the
of the packet as its primary. packet as its primary.
An example TLV requesting that the IPv4 address 192.0.2.1 be made the An example TLV requesting that the IPv4 address 192.0.2.1 be made the
primary destination address would look as follows: primary destination address would look as follows:
+--------------------------------+ +--------------------------------+
| Type=0xC004 | Length = 16 | | Type=0xC004 | Length = 16 |
+--------------------------------+ +--------------------------------+
| C-ID = 0x01023479 | | C-ID = 0x01023479 |
+--------------------------------+ +--------------------------------+
| Type=5 | Length = 8 | | Type=5 | Length = 8 |
skipping to change at page 20, line 45 skipping to change at page 20, line 45
A3) If no SCTP packet with one or more ASCONF Chunk(s) is A3) If no SCTP packet with one or more ASCONF Chunk(s) is
outstanding (un-acknowledged) with the remote peer, send the chunk outstanding (un-acknowledged) with the remote peer, send the chunk
and proceed to step A4. If an ASCONF chunk is outstanding, then and proceed to step A4. If an ASCONF chunk is outstanding, then
the ASCONF chunk should be queued for later transmission and no the ASCONF chunk should be queued for later transmission and no
further action should be taken until the previous ASCONF is further action should be taken until the previous ASCONF is
acknowledged or a time out occurs. acknowledged or a time out occurs.
A4) The sender MUST Start a T-4 RTO timer, using the RTO value of A4) The sender MUST Start a T-4 RTO timer, using the RTO value of
the selected destination address (normally the primary path; see the selected destination address (normally the primary path; see
SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 6.4 for details). [I-D.ietf-tsvwg-2960bis] section 6.4 for details).
A5) When the ASCONF-ACK that acknowledges the sequence number last A5) When the ASCONF-ACK that acknowledges the sequence number last
sent arrives, the sender MUST stop the T-4 RTO timer, and clear sent arrives, the sender MUST stop the T-4 RTO timer, and clear
the appropriate association and destination error counters as the appropriate association and destination error counters as
defined in SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2. defined in [I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2.
A6) The endpoint MUST process all of the TLVs within the ASCONF- A6) The endpoint MUST process all of the TLVs within the ASCONF-
ACK(s) to find out particular status information returned to the ACK(s) to find out particular status information returned to the
various requests that were sent. Use the Correlation IDs to various requests that were sent. Use the Correlation IDs to
correlate the request and the responses. correlate the request and the responses.
A7) If an error response is received for a TLV parameter, all TLVs A7) If an error response is received for a TLV parameter, all TLVs
with no response before the failed TLV are considered successful with no response before the failed TLV are considered successful
if not reported. All TLVs after the failed response are if not reported. All TLVs after the failed response are
considered unsuccessful unless a specific success indication is considered unsuccessful unless a specific success indication is
skipping to change at page 21, line 28 skipping to change at page 21, line 28
successful. successful.
A9) If the peer responds to an ASCONF with an ERROR chunk reporting A9) If the peer responds to an ASCONF with an ERROR chunk reporting
that it did not recognize the ASCONF Chunk type, the sender of the that it did not recognize the ASCONF Chunk type, the sender of the
ASCONF MUST NOT send any further ASCONF Chunks and MUST stop its ASCONF MUST NOT send any further ASCONF Chunks and MUST stop its
T-4 timer. T-4 timer.
If the T-4 RTO timer expires the endpoint MUST do the following: If the T-4 RTO timer expires the endpoint MUST do the following:
B1) Increment the error counters and perform path failure detection B1) Increment the error counters and perform path failure detection
on the appropriate destination address as defined in SCTP-BIS on the appropriate destination address as defined in
[I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2. [I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2.
B2) Increment the association error counters and perform endpoint B2) Increment the association error counters and perform endpoint
failure detection on the association as defined in SCTP-BIS failure detection on the association as defined in
[I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2. [I-D.ietf-tsvwg-2960bis] section 8.1 and 8.2.
B3) Back-off the destination address RTO value to which the ASCONF B3) Back-off the destination address RTO value to which the ASCONF
chunk was sent by doubling the RTO timer value. chunk was sent by doubling the RTO timer value.
Note: The RTO value is used in the setting of all timer types for Note: The RTO value is used in the setting of all timer types for
SCTP. Each destination address has a single RTO estimate. SCTP. Each destination address has a single RTO estimate.
B4) Re-transmit the ASCONF Chunk last sent and if possible choose an B4) Re-transmit the ASCONF Chunk last sent and if possible choose an
alternate destination address (please refer to SCTP-BIS alternate destination address (please refer to
[I-D.ietf-tsvwg-2960bis] section 6.4.1). An endpoint MUST NOT add [I-D.ietf-tsvwg-2960bis] section 6.4.1). An endpoint MUST NOT add
new parameters to this chunk, it MUST be the same (including its new parameters to this chunk, it MUST be the same (including its
sequence number) as the last ASCONF sent. An endpoint MAY, sequence number) as the last ASCONF sent. An endpoint MAY,
however, bundle an additional ASCONF with new ASCONF parameters however, bundle an additional ASCONF with new ASCONF parameters
with the next sequence number. For details see Section 5.5 with the next sequence number. For details see Section 5.5
B5) Restart the T-4 RTO timer. Note: that if a different B5) Restart the T-4 RTO timer. Note: that if a different
destination is selected, then the RTO used will be that of the new destination is selected, then the RTO used will be that of the new
destination address. destination address.
Note: the total number of re-transmissions is limited by B2 above. Note: the total number of re-transmissions is limited by B2 above.
If the maximum is reached, the association will fail and enter into If the maximum is reached, the association will fail and enter into
the CLOSED state (see SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 6.4.1 the CLOSED state (see [I-D.ietf-tsvwg-2960bis] section 6.4.1 for
for details). details).
5.1.1. Congestion Control of ASCONF Chunks 5.1.1. Congestion Control of ASCONF Chunks
In defining the ASCONF Chunk transfer procedures, it is essential In defining the ASCONF Chunk transfer procedures, it is essential
that these transfers MUST NOT cause congestion within the network. that these transfers MUST NOT cause congestion within the network.
To achieve this, we place these restrictions on the transfer of To achieve this, we place these restrictions on the transfer of
ASCONF Chunks: ASCONF Chunks:
C1) One and only one SCTP packet holding ASCONF Chunk(s) MAY be in C1) One and only one SCTP packet holding ASCONF Chunk(s) MAY be in
transit and unacknowledged at any one time. If a sender, after transit and unacknowledged at any one time. If a sender, after
skipping to change at page 22, line 49 skipping to change at page 22, line 49
respect to their Sequence Number. respect to their Sequence Number.
C4) Both ASCONF and ASCONF-ACK Chunks MUST NOT be sent in any SCTP C4) Both ASCONF and ASCONF-ACK Chunks MUST NOT be sent in any SCTP
state except ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-RECEIVED and state except ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-RECEIVED and
SHUTDOWN-SENT. SHUTDOWN-SENT.
C5) An ASCONF Chunk and an ASCONF-ACK Chunk SHOULD not be larger C5) An ASCONF Chunk and an ASCONF-ACK Chunk SHOULD not be larger
than the PMTU. If the PMTU is unknown, then the PMTU should be than the PMTU. If the PMTU is unknown, then the PMTU should be
set to the minimum PMTU. The minimum PMTU depends on the IP set to the minimum PMTU. The minimum PMTU depends on the IP
version used for transmission, and is the lesser of 576 octets and version used for transmission, and is the lesser of 576 octets and
the first-hop MTU for IPv4 RFC1122 [RFC1122] and 1280 octets for the first-hop MTU for IPv4 [RFC1122] and 1280 octets for IPv6
IPv6 RFC2460 [RFC2460]. [RFC2460].
An ASCONF sender without these restrictions could possibly flood the An ASCONF sender without these restrictions could possibly flood the
network with a large number of separate address change operations network with a large number of separate address change operations
thus causing network congestion. thus causing network congestion.
If the sender of an ASCONF Chunk receives an Operational Error If the sender of an ASCONF Chunk receives an Operational Error
indicating that the ASCONF Chunk type is not understood, then the indicating that the ASCONF Chunk type is not understood, then the
sender MUST NOT send subsequent ASCONF Chunks to the peer. The sender MUST NOT send subsequent ASCONF Chunks to the peer. The
endpoint should also inform the upper layer application that the peer endpoint should also inform the upper layer application that the peer
endpoint does not support any of the extensions detailed in this endpoint does not support any of the extensions detailed in this
skipping to change at page 23, line 25 skipping to change at page 23, line 25
5.2. Upon reception of an ASCONF Chunk. 5.2. Upon reception of an ASCONF Chunk.
When an endpoint receives an ASCONF Chunk from the remote peer When an endpoint receives an ASCONF Chunk from the remote peer
special procedures may be needed to identify the association the special procedures may be needed to identify the association the
ASCONF Chunk is associated with. To properly find the association ASCONF Chunk is associated with. To properly find the association
the following procedures SHOULD be followed: the following procedures SHOULD be followed:
D1) Use the source address and port number of the sender to attempt D1) Use the source address and port number of the sender to attempt
to identify the association (i.e., use the same method defined in to identify the association (i.e., use the same method defined in
SCTP-BIS [I-D.ietf-tsvwg-2960bis] used for all other SCTP Chunks). [I-D.ietf-tsvwg-2960bis] used for all other SCTP Chunks). If
If found proceed to rule D4. found proceed to rule D4.
D2) If the association is not found, use the address found in the D2) If the association is not found, use the address found in the
Address Parameter TLV combined with the port number found in the Address Parameter TLV combined with the port number found in the
SCTP common header. If found proceed to rule D4. SCTP common header. If found proceed to rule D4.
D2-ext) If more than one ASCONF Chunks are packed together, use the D2-ext) If more than one ASCONF Chunks are packed together, use the
address found in the ASCONF Address Parameter TLV of each of the address found in the ASCONF Address Parameter TLV of each of the
subsequent ASCONF Chunks. If found, proceed to rule D4. subsequent ASCONF Chunks. If found, proceed to rule D4.
D3) If neither D1, D2 nor D2-ext locates the association, treat the D3) If neither D1, D2 nor D2-ext locates the association, treat the
chunk as an Out Of The Blue packet as defined in SCTP-BIS chunk as an Out Of The Blue packet as defined in
[I-D.ietf-tsvwg-2960bis]. [I-D.ietf-tsvwg-2960bis].
D4) Follow the normal rules to validate the SCTP verification tag D4) Follow the normal rules to validate the SCTP verification tag
found in SCTP-BIS [I-D.ietf-tsvwg-2960bis]. found in [I-D.ietf-tsvwg-2960bis].
D5) After the verification tag has been validated, normal chunk D5) After the verification tag has been validated, normal chunk
processing should occur. Prior to finding the ASCONF chunk the processing should occur. Prior to finding the ASCONF chunk the
receiver MUST encounter an AUTH chunk as described in SCTP-AUTH receiver MUST encounter an AUTH chunk as described in
[I-D.ietf-tsvwg-sctp-auth]. If either authentication fails, or [I-D.ietf-tsvwg-sctp-auth]. If either authentication fails, or
the AUTH chunk is missing, the receiver MUST silently discard this the AUTH chunk is missing, the receiver MUST silently discard this
chunk and the rest of the packet. chunk and the rest of the packet.
After identification and verification of the association, the After identification and verification of the association, the
following should be performed to properly process the ASCONF Chunk: following should be performed to properly process the ASCONF Chunk:
E1) E1)
If the value found in the sequence number of the ASCONF Chunk is If the value found in the sequence number of the ASCONF Chunk is
skipping to change at page 25, line 9 skipping to change at page 25, line 9
the sender puts 3 TLVs in one chunk, the first TLV (the one the sender puts 3 TLVs in one chunk, the first TLV (the one
closest to the Chunk Header) in the Chunk MUST be processed closest to the Chunk Header) in the Chunk MUST be processed
first. The next TLV in the chunk (the middle one) MUST be first. The next TLV in the chunk (the middle one) MUST be
processed second and finally the last TLV in the Chunk MUST be processed second and finally the last TLV in the Chunk MUST be
processed last. processed last.
V2) In processing the chunk, the receiver should build a response V2) In processing the chunk, the receiver should build a response
message with the appropriate error TLVs, as specified in the message with the appropriate error TLVs, as specified in the
Parameter type bits for any ASCONF Parameter it does not Parameter type bits for any ASCONF Parameter it does not
understand. To indicate an unrecognized parameter, cause type understand. To indicate an unrecognized parameter, cause type
8 as defined in the ERROR in 3.3.10.8 of SCTP-BIS 8 as defined in the ERROR in 3.3.10.8 of
[I-D.ietf-tsvwg-2960bis] should be used. The endpoint may also [I-D.ietf-tsvwg-2960bis] should be used. The endpoint may also
use the response to carry rejections for other reasons such as use the response to carry rejections for other reasons such as
resource shortages etc, using the Error Cause TLV and an resource shortages etc, using the Error Cause TLV and an
appropriate error condition. appropriate error condition.
Note: a positive response is implied if no error is indicated Note: a positive response is implied if no error is indicated
by the sender. by the sender.
V3) V3)
All responses MUST copy the ASCONF-Request Correlation ID field All responses MUST copy the ASCONF-Request Correlation ID field
skipping to change at page 28, line 31 skipping to change at page 28, line 31
association to that address and it MUST treat subsequent packets association to that address and it MUST treat subsequent packets
received from that address as Out Of The Blue. received from that address as Out Of The Blue.
During the time interval between sending out the ASCONF and During the time interval between sending out the ASCONF and
receiving the ASCONF-ACK it MAY be possible to receive DATA Chunks receiving the ASCONF-ACK it MAY be possible to receive DATA Chunks
out of order. The following examples illustrate these problems: out of order. The following examples illustrate these problems:
F14) All addresses added by the reception of an ASCONF chunk MUST be F14) All addresses added by the reception of an ASCONF chunk MUST be
put into the unconfirmed state and MUST have path verification put into the unconfirmed state and MUST have path verification
performed on them before the address can be used as described in performed on them before the address can be used as described in
SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 5.4. [I-D.ietf-tsvwg-2960bis] section 5.4.
Endpoint-A Endpoint-Z Endpoint-A Endpoint-Z
---------- ---------- ---------- ----------
ASCONF[Add-IP:X]------------------------------> ASCONF[Add-IP:X]------------------------------>
/--ASCONF-ACK /--ASCONF-ACK
/ /
/--------/---New DATA: /--------/---New DATA:
/ / Destination / / Destination
<-------------------/ / IP:X <-------------------/ / IP:X
/ /
skipping to change at page 29, line 26 skipping to change at page 29, line 26
/ /
<-------------/ <-------------/
In this example we see a DATA chunk destined to the IP:X (which is In this example we see a DATA chunk destined to the IP:X (which is
about to be deleted) arriving after the deletion is complete. For about to be deleted) arriving after the deletion is complete. For
the ADD case an endpoint SHOULD consider the newly adding IP address the ADD case an endpoint SHOULD consider the newly adding IP address
valid for the association to receive data from during the interval valid for the association to receive data from during the interval
when awaiting the ASCONF-ACK. The endpoint MUST NOT source data from when awaiting the ASCONF-ACK. The endpoint MUST NOT source data from
this new address until the ASCONF-ACK arrives but it may receive out this new address until the ASCONF-ACK arrives but it may receive out
of order data as illustrated and MUST NOT treat this data as an OOTB of order data as illustrated and MUST NOT treat this data as an OOTB
datagram (please see SCTP-BIS [I-D.ietf-tsvwg-2960bis] section 8.4). datagram (please see [I-D.ietf-tsvwg-2960bis] section 8.4). It MAY
It MAY drop the data silently or it MAY consider it part of the drop the data silently or it MAY consider it part of the association
association but it MUST NOT respond with an ABORT. but it MUST NOT respond with an ABORT.
For the DELETE case, an endpoint MAY respond to the late arriving For the DELETE case, an endpoint MAY respond to the late arriving
DATA packet as an OOTB datagram or it MAY hold the deleting IP DATA packet as an OOTB datagram or it MAY hold the deleting IP
address for a small period of time as still valid. If it treats the address for a small period of time as still valid. If it treats the
DATA packet as an OOTB the peer will silently discard the ABORT DATA packet as an OOTB the peer will silently discard the ABORT
(since by the time the ABORT is sent the peer will have removed the (since by the time the ABORT is sent the peer will have removed the
IP address from this association). If the endpoint elects to hold IP address from this association). If the endpoint elects to hold
the IP address valid for a period of time, it MUST NOT hold it valid the IP address valid for a period of time, it MUST NOT hold it valid
longer than 2 RTO intervals for the destination being removed. longer than 2 RTO intervals for the destination being removed.
skipping to change at page 31, line 41 skipping to change at page 31, line 41
3. All ASCONFs within the packet MUST be adjacent to each other 3. All ASCONFs within the packet MUST be adjacent to each other
i.e., no other chunk type must separate the ASCONFs. i.e., no other chunk type must separate the ASCONFs.
4. Each new ASCONF lookup address MUST be populated as if the 4. Each new ASCONF lookup address MUST be populated as if the
previous ASCONFs had been processed and accepted. previous ASCONFs had been processed and accepted.
6. Security Considerations 6. Security Considerations
The addition and or deletion of an IP address to an existing The addition and or deletion of an IP address to an existing
association does provide an additional mechanism by which existing association does provide an additional mechanism by which existing
associations can be hijacked. Therefore this document requires the associations can be hijacked. Therefore this document requires the
use of the authentication mechanism defined in SCTP-AUTH use of the authentication mechanism defined in
[I-D.ietf-tsvwg-sctp-auth] to limit the ability of an attacker to [I-D.ietf-tsvwg-sctp-auth] to limit the ability of an attacker to
hijack an association. hijack an association.
Hijacking an association by using the addition and deletion of an IP Hijacking an association by using the addition and deletion of an IP
address is only possible for an attacker who is able to intercept the address is only possible for an attacker who is able to intercept the
initial two packets of the association setup when the SCTP-AUTH initial two packets of the association setup when the SCTP-AUTH
extension is used without pre-shared keys. If such a threat is extension is used without pre-shared keys. If such a threat is
considered a possibility, then the SCTP-AUTH considered a possibility, then the [I-D.ietf-tsvwg-sctp-auth]
[I-D.ietf-tsvwg-sctp-auth] extension MUST be used with a extension MUST be used with a preconfigured shared end-point pair key
preconfigured shared end-point pair key to mitigate this threat. For to mitigate this threat. For a more detailed analysis see
a more detailed analysis see SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth]. [I-D.ietf-tsvwg-sctp-auth].
When using a wildcard address for adding or deleting an address the When the address parameter in ASCONF chunks with Add, IP Delete IP,
source address of the packet is used. This address is not protected or Set Primary IP parameters is a wildcard, the source address of the
by SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] and an attacker can therefore packet is used. This address is not protected by SCTP-AUTH
intercept such a packet and modify the source address. [I-D.ietf-tsvwg-sctp-auth] and an attacker can therefore intercept
such a packet and modify the source address. Even if the source
address is not one presently an alternate for the association, the
identification of the association may rely on the other information
in the packet (perhaps the verification tag, for example). An on-
path attacker can therefore modify the source address to its liking.
If the ASCONF includes an Add IP with a wildcard address, the
attacker can add an address of its liking, which provides little
immediate damage but can set up later attacks.
If the ASCONF includes a Delete IP with a wildcard address, the
attacker can cause all addresses but one of its choosing to be
deleted from an association. The address supplied by the attacker
must already belong to the association, which makes this more
difficult for the attacker. However, the sole remaining address
might be one that the attacker controls, for example, or can monitor,
etc. The least result is the sender and the deceived receiver would
have different ideas of what that sole remaining address would be.
This will eventually cause the association to fail, but in the
meantime, the deceived receiver could be transmitting packets to an
address the sender did not intend.
If the ASCONF includes a Set Primary IP with a wildcard address, then
the attacker can cause an address to be used as a primary address.
This is limited to an address that already belongs to the
association, so the damage is limited. At least, the result would be
that the recipient is using a primary address that the sender did not
intend. However, if both a wildcard Add IP and a wildcard Set
Primary IP are used, then the attacker can modify the source address
to both add an address to its liking to the association and make it
the primary address. Such a combination would present the attacker
with opportunity for more damage.
Note that all these attacks are from an on-path attacker. Endpoints
that believe they face a threat from on-path attackers SHOULD NOT use
wildcard addresses in ASCONF Add IP, Delete IP or Set Primary IP
parameters.
If an SCTP endpoint that supports this extension receives an INIT If an SCTP endpoint that supports this extension receives an INIT
that indicates that the peer supports the ASCONF extension but does that indicates that the peer supports the ASCONF extension but does
NOT support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] extension, the NOT support the [I-D.ietf-tsvwg-sctp-auth] extension, the receiver of
receiver of such an INIT MUST send an ABORT in response to such an such an INIT MUST send an ABORT in response to such an INIT. Note:
INIT. Note: that an implementation is allowed to silently discard
such an INIT as an option as well but under NO circumstance is an that an implementation is allowed to silently discard such an INIT as
implementation allowed to proceed with the association setup by an option as well but under NO circumstance is an implementation
sending an INIT-ACK in response. allowed to proceed with the association setup by sending an INIT-ACK
in response.
An implementation that receives an INIT-ACK that indicates that the An implementation that receives an INIT-ACK that indicates that the
peer does not support the SCTP-AUTH [I-D.ietf-tsvwg-sctp-auth] peer does not support the [I-D.ietf-tsvwg-sctp-auth] extension MUST
extension MUST NOT send the COOKIE-ECHO to establish the association. NOT send the COOKIE-ECHO to establish the association. Instead the
Instead the implementation MUST discard the INIT-ACK and report to implementation MUST discard the INIT-ACK and report to the upper
the upper layer user that an association cannot be established layer user that an association cannot be established destroying the
destroying the TCB. TCB.
Other types of attacks, e.g. bombing, are discussed in detail in Other types of attacks, e.g. bombing, are discussed in detail in
SCTP-THREAT [I-D.ietf-tsvwg-sctpthreat]. The bombing attack, in [I-D.ietf-tsvwg-sctpthreat]. The bombing attack, in particular, is
particular, is countered by the use of a random nonce and is required countered by the use of a random nonce and is required by
by SCTP-BIS [I-D.ietf-tsvwg-2960bis]. [I-D.ietf-tsvwg-2960bis].
An on-path attacker can modify the INIT and INIT-ACK Supported
Extensions parameter (and authentication related parameters) to
produce a denial of service. If the on-path attacker removes the
[I-D.ietf-tsvwg-sctp-auth] related parameters from an INIT that
indicates it supports the ASCONF extension, the association will not
be established. If the on-path attacker adds a Supported Extensions
parameter mentioning the ASCONF type to an INIT or INIT-ACK that does
not carry any AUTH related parameters, the association will not be
established. If the on-path attacker removes the Supported
Extensions parameter (or removes the ASCONF type from that parameter)
from the INIT or the INIT-ACK, then the association will not be able
to use the ADD-IP feature. If the on-path attacker adds the
Supported Extensions parameter listing the ASCONF type to an INIT-ACK
that did not carry one (but did carry AUTH related parameters), then
the INIT sender may use ASCONF where the INIT-ACK sender does not
support it. This would be discovered later if the INIT sender
transmitted an ASCONF, but the INIT sender could have made
configuration choices at that point. As the INIT and INIT-ACK are
not protected by the AUTH feature, there is no way to counter such
attacks. Note however that an on-path attacker capable of modifying
the INIT and INIT-ACK would almost certainly also be able to prevent
the INIT and INIT-ACK from being delivered or modify the verification
tags or checksum to cause the packet to be discarded, so the
Supported Extensions adds little additional vulnerability (with
respect to preventing association formation) to the SCTP protocol.
The ability to prevent the use of this new feature is an additional
vulnerability to SCTP but only for this new feature.
The Adaptation Layer Indication is subject to corruption, insertion
or deletion from the INIT and INIT-ACK chunks by an on-path attacker.
This parameter SHOULD be opaque to the SCTP protocol (see section
4.2.6), and so changes to the parameter will likely not affect the
SCTP protocol. However, any adaptation layer that is defined SHOULD
consider its own vulnerabilities in the security considerations
section of the RFC that defines its adaptation code point.
The Set Primary IP Address parameter is subject to corruption,
insertion or deletion by an on-path attacker when included in the
INIT and INIT-ACK chunks. The attacker could use this to influence
the receiver to choose an address to its own purposes (one over which
it has control, one that would be less desirable for the sender,
etc.). An on-path attacker would also have the ability to include or
remove addresses for the association from the INIT or INIT-ACK, so it
is not limited in the address it can specify in the Set Primary IP
Address. Endpoints that wish to avoid this possible threat MAY defer
sending the initial Set Primary request and wait until the
association is fully established before sending a fully protected
ASCONF with the Set Primary as its single parameter.
7. IANA considerations 7. IANA considerations
This document defines the following new SCTP parameters, chunks and This document defines the following new SCTP parameters, chunks and
errors (http://www.iana.org/assignments/sctp-parameters): errors (http://www.iana.org/assignments/sctp-parameters):
o Two new chunk types, o Two new chunk types,
o Six parameter types, and o Six parameter types, and
o Five new SCTP error causes. o Five new SCTP error causes.
skipping to change at page 33, line 45 skipping to change at page 35, line 34
Value Cause Code Value Cause Code
--------- ---------------- --------- ----------------
0x0100 Request to Delete Last Remaining IP Address. 0x0100 Request to Delete Last Remaining IP Address.
0x0101 Operation Refused Due to Resource Shortage. 0x0101 Operation Refused Due to Resource Shortage.
0x0102 Request to Delete Source IP Address. 0x0102 Request to Delete Source IP Address.
0x0103 Association Aborted due to illegal ASCONF-ACK 0x0103 Association Aborted due to illegal ASCONF-ACK
0x0104 Request refused - no authorization. 0x0104 Request refused - no authorization.
This document also defines an Adaptation code point. The adaptation This document also defines an Adaptation code point. The adaptation
code point is a 32 bit integer that is assigned by IANA through an code point is a 32 bit integer that is assigned by IANA through an
IETF Consensus action as defined in RFC2434 [RFC2434]. For this new IETF Consensus action as defined in [RFC2434]. For this new registry
registry no initial values are being added by this document, however no initial values are being added by this document, however
draft-ietf-rddp-sctp will add the first entry. draft-ietf-rddp-sctp will add the first entry.
8. Acknowledgments 8. Acknowledgments
The authors would like to express a special note of thanks to Michael The authors would like to express a special note of thanks to Michael
Ramahlo and Phillip Conrad for their extreme efforts in the early Ramahlo and Phillip Conrad for their extreme efforts in the early
formation of this draft. formation of this draft.
The authors wish to thank Jon Berger, Mark Butler, Lars Eggert, The authors wish to thank Jon Berger, Mark Butler, Lars Eggert,
Janardhan Iyengar, Greg Kendall, Seok Koh, Salvatore Loreto, Peter Janardhan Iyengar, Greg Kendall, Seok Koh, Salvatore Loreto, Peter
Lei, John Loughney, Ivan Arias Rodriguez, Renee Revis, Marshall Rose, Lei, John Loughney, Sandy Murphy, Ivan Arias Rodriguez, Renee Revis,
Ronnie Sellars, Chip Sharp, and Irene Ruengeler for their invaluable Marshall Rose, Ronnie Sellars, Chip Sharp, and Irene Ruengeler for
comments. their invaluable comments.
The authors would also like to give special mention to Maria-Carmen The authors would also like to give special mention to Maria-Carmen
Belinchon and Ian Rytina for there early contributions to this Belinchon and Ian Rytina for there early contributions to this
document and their thoughtful comments. document and their thoughtful comments.
And a special thanks to James Polk, abstract writer to the few but And a special thanks to James Polk, abstract writer to the few but
lucky. lucky.
9. References 9. References
skipping to change at page 34, line 46 skipping to change at page 36, line 36
[RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 2434, IANA Considerations Section in RFCs", BCP 26, RFC 2434,
October 1998. October 1998.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998. (IPv6) Specification", RFC 2460, December 1998.
[I-D.ietf-tsvwg-2960bis] [I-D.ietf-tsvwg-2960bis]
Stewart, R., "Stream Control Transmission Protocol", Stewart, R., "Stream Control Transmission Protocol",
draft-ietf-tsvwg-2960bis-04 (work in progress), draft-ietf-tsvwg-2960bis-05 (work in progress), June 2007.
April 2007.
[I-D.ietf-tsvwg-sctp-auth] [I-D.ietf-tsvwg-sctp-auth]
Tuexen, M., "Authenticated Chunks for Stream Control Tuexen, M., "Authenticated Chunks for Stream Control
Transmission Protocol (SCTP)", Transmission Protocol (SCTP)",
draft-ietf-tsvwg-sctp-auth-08 (work in progress), draft-ietf-tsvwg-sctp-auth-08 (work in progress),
February 2007. February 2007.
9.2. Informative References 9.2. Informative References
[I-D.ietf-tsvwg-sctpthreat] [I-D.ietf-tsvwg-sctpthreat]
Stewart, R., "Security Attacks Found Against SCTP and Stewart, R., "Security Attacks Found Against SCTP and
Current Countermeasures", draft-ietf-tsvwg-sctpthreat-04 Current Countermeasures", draft-ietf-tsvwg-sctpthreat-05
(work in progress), June 2007. (work in progress), June 2007.
Appendix A. Abstract Address Handling Appendix A. Abstract Address Handling
A.1. General remarks A.1. General remarks
This appendix is non-normative. It is present to give the reader a This appendix is non-normative. It is present to give the reader a
concise mathematical definition of an SCTP endpoint. The following concise mathematical definition of an SCTP endpoint. The following
text provides a working definition of the endpoint notion to discuss text provides a working definition of the endpoint notion to discuss
address reconfiguration. It is not intended to restrict address reconfiguration. It is not intended to restrict
skipping to change at page 37, line 4 skipping to change at page 38, line 41
Association establishment between gE' and gE'' can be seen as: Association establishment between gE' and gE'' can be seen as:
1. gE' and gE'' do exist before the association. 1. gE' and gE'' do exist before the association.
2. If an INIT has to be send from gE' to gE'' address scoping rules 2. If an INIT has to be send from gE' to gE'' address scoping rules
and other limitations are applied to calculate the subset S' from and other limitations are applied to calculate the subset S' from
Addr(gE'). The addresses of S' are included in the INIT chunk. Addr(gE'). The addresses of S' are included in the INIT chunk.
3. If an INIT-ACK has to be send from gE'' to gE' address scoping 3. If an INIT-ACK has to be send from gE'' to gE' address scoping
rules and other limitations are applied to calculate the subset rules and other limitations are applied to calculate the subset
S'' from Addr(gE''). The addresses of S'' are included in the S'' from Addr(gE''). The addresses of S'' are included in the
INIT-ACK chunk. INIT-ACK chunk.
4. After the handshake the association A = (gE', S', gE'', S'') has 4. After the handshake the association A = (gE', S', gE'', S'') has
been established. been established.
5. Right after the association establishment Addr(A, gE') and 5. Right after the association establishment Addr(A, gE') and
Addr(A, gE'') are the addresses which have been seen on the wire Addr(A, gE'') are the addresses which have been seen on the wire
during the handshake. during the handshake.
A.4. Relationship with RFC 4960 A.4. Relationship with RFC 4960
SCTP-BIS [I-D.ietf-tsvwg-2960bis] defines the notion of an endpoint. [I-D.ietf-tsvwg-2960bis] defines the notion of an endpoint. This
This subsection will show that these endpoints are also (special) subsection will show that these endpoints are also (special)
generalized endpoints. generalized endpoints.
SCTP-BIS [I-D.ietf-tsvwg-2960bis] has no notion of address scoping or [I-D.ietf-tsvwg-2960bis] has no notion of address scoping or other
other address handling limitations and provides no mechanism to address handling limitations and provides no mechanism to change the
change the addresses of an endpoint. addresses of an endpoint.
This means that an endpoint is simply a generalized endpoint which This means that an endpoint is simply a generalized endpoint which
does not depend on the time. Neither the Port nor the address list does not depend on the time. Neither the Port nor the address list
changes. changes.
During association setup no address scoping rules or other During association setup no address scoping rules or other
limitations will be applied. This means that for an association A limitations will be applied. This means that for an association A
between two endpoints gE' and gE'' the following is true: between two endpoints gE' and gE'' the following is true:
Addr(A, gE') = Addr(gE') and Addr(A, gE'') = Addr(gE''). Addr(A, gE') = Addr(gE') and Addr(A, gE'') = Addr(gE'').
 End of changes. 45 change blocks. 
132 lines changed or deleted 214 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/