Stream Control Transmission Protocol

The Stream Control Transmission Protocol (SCTP) is a computer networking communications protocol in the transport layer of the Internet protocol suite. Originally intended for Signaling System 7 (SS7) message transport in telecommunication, the protocol provides the message-oriented feature of the User Datagram Protocol (UDP), while ensuring reliable, in-sequence transport of messages with congestion control like the Transmission Control Protocol (TCP). Unlike UDP and TCP, the protocol supports multihoming and redundant paths to increase resilience and reliability.

SCTP is standardized by the Internet Engineering Task Force (IETF) in. The SCTP reference implementation was released as part of FreeBSD version 7, and has since been widely ported to other platforms.

Formal oversight
The IETF Signaling Transport (SIGTRAN) working group defined the protocol (number 132 ) in October 2000, and the IETF Transport Area (TSVWG) working group maintains it. defines the protocol. provides an introduction.

Message-based multi-streaming
SCTP applications submit data for transmission in messages (groups of bytes) to the SCTP transport layer. SCTP places messages and control information into separate chunks (data chunks and control chunks), each identified by a chunk header. The protocol can fragment a message into multiple data chunks, but each data chunk contains data from only one user message. SCTP bundles the chunks into SCTP packets. The SCTP packet, which is submitted to the Internet Protocol, consists of a packet header, SCTP control chunks (when necessary), followed by SCTP data chunks (when available).

SCTP may be characterized as message-oriented, meaning it transports a sequence of messages (each being a group of bytes), rather than transporting an unbroken stream of bytes as in TCP. As in UDP, in SCTP a sender sends a message in one operation, and that exact message is passed to the receiving application process in one operation. In contrast, TCP is a stream-oriented protocol, transporting streams of bytes reliably and in order. However TCP does not allow the receiver to know how many times the sender application called on the TCP transport passing it groups of bytes to be sent out. At the sender, TCP simply appends more bytes to a queue of bytes waiting to go out over the network, rather than having to keep a queue of individual separate outbound messages which must be preserved as such.

The term multi-streaming refers to the capability of SCTP to transmit several independent streams of chunks in parallel, for example transmitting web page images simultaneously with the web page text. In essence, it involves bundling several connections into a single SCTP association, operating on messages (or chunks) rather than bytes.

TCP preserves byte order in the stream by including a byte sequence number with each segment. SCTP, on the other hand, assigns a sequence number or a message-id to each message sent in a stream. This allows independent ordering of messages in different streams. However, message ordering is optional in SCTP; a receiving application may choose to process messages in the order of receipt instead of in the order of sending.

Features
Features of SCTP include:
 * Reliable transmission of both ordered and unordered data streams
 * Multihoming support in which one or both endpoints of a connection can consist of more than one IP address, enabling transparent fail-over between redundant network paths
 * Delivery of chunks within independent streams eliminates unnecessary head-of-line blocking, as opposed to TCP byte-stream delivery.
 * Explicit partial reliability
 * Path selection and monitoring to select a primary data transmission path and test the connectivity of the transmission path
 * Validation and acknowledgment mechanisms protect against flooding attacks and provide notification of duplicated or missing data chunks.
 * Improved error detection suitable for Ethernet jumbo frames

The designers of SCTP originally intended it for the transport of telephony (i.e. Signaling System 7) over Internet Protocol, with the goal of duplicating some of the reliability attributes of the SS7 signaling network in IP. This IETF effort is known as SIGTRAN. In the meantime, other uses have been proposed, for example, the Diameter protocol and Reliable Server Pooling (RSerPool).

Motivation and adoption
TCP has provided the primary means to transfer data reliably across the Internet. However, TCP has imposed limitations on several applications. From :
 * TCP provides both reliable data transfer and strict order-of-transmission delivery of data. Some applications need reliable transfer without sequence maintenance, while others would be satisfied with partial ordering of the data. In both of these cases, the head-of-line blocking property of TCP causes unnecessary delay.
 * For applications exchanging distinct records or messages, the stream-oriented nature of TCP requires the addition of explicit markers or other encoding to delineate the individual records.
 * In order to avoid sending many small IP packets where one single larger packet would have sufficed, the TCP implementation may delay transmitting data while waiting for possibly more data being queued by the application (Nagle's algorithm). If and when such a small delay is undesirable, the application must explicitly request undelayed transmission on a case-by-case basis using the push facility (i.e. by setting the PSH flag in the TCP packet header). SCTP on the other hand allows undelayed transmission to be configured as a default for an association, eliminating any undesired delays, but at the cost of higher transfer overhead.
 * The limited scope of TCP sockets complicates the task of providing highly-available data transfer capability using multihomed hosts.
 * TCP is relatively vulnerable to denial-of-service attacks, such as SYN attacks.

Adoption has been slowed by lack of awareness, lack of implementations (particularly in Microsoft Windows), lack of application support and lack of network support.

SCTP has seen adoption in the mobile telephony space as the transport protocol for several core network interfaces.

Multihoming
SCTP provides redundant paths to increase reliability.

Each SCTP end point needs to check reachability of the primary and redundant addresses of the remote end point using a heartbeat. Each SCTP end point needs to acknowledge the heartbeats it receives from the remote end point.

When SCTP sends a message to a remote address, the source interface will only be decided by the routing table of the host (and not by SCTP).

In asymmetric multihoming, one of the two endpoints does not support multihoming.

In local multihoming and remote single homing, if the remote primary address is not reachable, the SCTP association fails even if an alternate path is possible.

Packet structure
An SCTP packet consists of two basic sections:
 * 1) The common header, which occupies the first 12 bytes and is highlighted in blue.
 * 2) The data chunks, which occupy the remaining portion of the packet.  The first chunk is highlighted in green, and the last of N chunks (Chunk N) is highlighted in red.

Each chunk starts with a one-byte type identifier, with 15 chunk types defined by, and at least 5 more defined by additional RFCs. Eight flag bits, a two-byte length field, and the data compose the remainder of the chunk. If the chunk does not form a multiple of 4 bytes (i.e., the length is not a multiple of 4), then it is padded with zeros, which are not included in the chunk length. The two-byte length field limits each chunk to a 65,535-byte length (including the type, flags and length fields).

Security
Although encryption was not part of the original SCTP design, SCTP was designed with features for improved security, such as 4-way handshake (compared to TCP 3-way handshake) to protect against SYN flooding attacks, and large "cookies" for association verification and authenticity.

Reliability was also a key part of the security design of SCTP. Multihoming enables an association to stay open even when some routes and interfaces are down. This is of particular importance for SIGTRAN as it carries SS7 over an IP network using SCTP, and requires strong resilience during link outages to maintain telecommunication service even when enduring network anomalies.

SCTP is sometimes a good fingerprinting candidate. Some operating systems ship with SCTP support enabled, and, as it is not as well known as TCP or UDP, it is sometimes overlooked in firewall and intrusion detection configurations, thus often permitting probing traffic.

Implementations
The SCTP reference implementation runs on FreeBSD, Mac OS X, Microsoft Windows, and Linux.

The following operating systems implement SCTP:


 * AIX Version 5 and newer
 * NetBSD since 8.0
 * Cisco IOS 12 and above
 * DragonFly BSD since version 1.4, however support is being deprecated in version 4.2
 * FreeBSD, version 7 and above, contains the reference SCTP implementation
 * HP-UX, 11i v2 and above
 * illumos
 * Linux kernel 2.4 and above
 * QNX Neutrino Realtime OS, 6.3.0 to 6.3.2, deprecated since 6.4.0
 * Tru64 with the Compaq SCTP add-on package
 * Sun Solaris 10 and above
 * VxWorks versions 6.2.x to 6.4.x, and 6.7 and newer

Third-party drivers:
 * Microsoft Windows:
 * The SctpDrv kernel driver is a port of the BSD SCTP stack to Windows (Abandoned after 2012)
 * MacOS:
 * SCTP Network Kernel Extension for Mac OS X

Userspace library:
 * Portable SCTP userland stack
 * The SCTP library
 * Windows XP port
 * Oracle Java SE 7
 * Erlang/OTP

The following applications implement SCTP:
 * WebRTC
 * NetFlow

Tunneling over UDP
In the absence of native SCTP support in operating systems, it is possible to tunnel SCTP over UDP, as well as to map TCP API calls to SCTP calls so existing applications can use SCTP without modification.

RFCs

 * Stream Control Transmission Protocol
 * Stream Control Transmission Protocol: Errata and Issues in RFC 4960 (obsoleted by RFC 9260)
 * SCTP-PF: A Quick Failover Algorithm for the Stream Control Transmission Protocol
 * TCP and Stream Control Transmission Protocol (SCTP) RTO Restart
 * Additional Policies for the Partially Reliable Stream Control Transmission Protocol Extension
 * SACK-IMMEDIATELY Extension for the Stream Control Transmission Protocol (obsoleted by RFC 9260)
 * UDP Encapsulation of Stream Control Transmission Protocol (SCTP) Packets for End-Host to End-Host Communication
 * Stream Control Transmission Protocol (SCTP) Stream Reconfiguration
 * Sockets API Extensions for the Stream Control Transmission Protocol (SCTP)
 * Stream Control Transmission Protocol (SCTP) Chunk Flags Registration (obsoleted by RFC 9260)
 * Security Attacks Found Against the Stream Control Transmission Protocol (SCTP) and Current Countermeasures
 * Stream Control Transmission Protocol (SCTP) Dynamic Address Reconfiguration
 * Stream Control Transmission Protocol (SCTP) Direct Data Placement (DDP) Adaptation
 * Stream Control Transmission Protocol (obsoleted by RFC 9260)
 * Authenticated Chunks for the Stream Control Transmission Protocol (SCTP)
 * Padding Chunk and Parameter for the Stream Control Transmission Protocol (SCTP)
 * Stream Control Transmission Protocol (SCTP) Specification Errata and Issues (obsoleted by RFC 9260)
 * Stream Control Transmission Protocol (SCTP) Management Information Base (MIB)
 * Stream Control Transmission Protocol (SCTP) Partial Reliability Extension
 * On the Use of Stream Control Transmission Protocol (SCTP) with IPsec
 * Transport Layer Security over Stream Control Transmission Protocol
 * Stream Control Transmission Protocol (SCTP) Checksum Change (obsoleted by RFC 4960)
 * An Introduction to the Stream Control Transmission Protocol
 * Stream Control Transmission Protocol Applicability Statement
 * Stream Control Transmission Protocol (updated by RFC 3309 and obsoleted by RFC 4960)