UNIT-4 Transport Layer protocols

The transport layer is represented by two protocols: TCP and UDP.

o The IP protocol in the network layer delivers a datagram from a source

host to the destination host.
o Nowadays, the operating system supports multiuser and
multiprocessing environments, an executing program is called a process.
When a host sends a message to other host means that source process
is sending a process to a destination process. The transport layer
protocols define some connections to individual ports known as
protocol ports.
o An IP protocol is a host-to-host protocol used to deliver a packet from
source host to the destination host while transport layer protocols are
port-to-port protocols that work on the top of the IP protocols to
deliver the packet from the originating port to the IP services, and from
IP services to the destination port.
o Each port is defined by a positive integer address, and it is of 16 bits.
UDP

o UDP stands for User Datagram Protocol.

o UDP is a simple protocol and it provides nonsequenced transport
functionality.
o UDP is a connectionless protocol.
o This type of protocol is used when reliability and security are less
important than speed and size.
o UDP is an end-to-end transport level protocol that adds transport-level
addresses, checksum error control, and length information to the data
from the upper layer.
o The packet produced by the UDP protocol is known as a user datagram.

User Datagram Format

The user datagram has a 16-byte header which is shown below:

Where,

o Source port address: It defines the address of the application process

that has delivered a message. The source port address is of 16 bits
address.
o Destination port address: It defines the address of the application
process that will receive the message. The destination port address is of
a 16-bit address.
o Total length: It defines the total length of the user datagram in bytes. It
is a 16-bit field.
o Checksum: The checksum is a 16-bit field which is used in error
detection.

Disadvantages of UDP protocol

o UDP provides basic functions needed for the end-to-end delivery of a

transmission.
o It does not provide any sequencing or reordering functions and does
not specify the damaged packet when reporting an error.
o UDP can discover that an error has occurred, but it does not specify
which packet has been lost as it does not contain an ID or sequencing
number of a particular data segment.

TCP

o TCP stands for Transmission Control Protocol.

o It provides full transport layer services to applications.
o It is a connection-oriented protocol means the connection established
between both the ends of the transmission. For creating the connection,
TCP generates a virtual circuit between sender and receiver for the
duration of a transmission.

Features Of TCP protocol

o Stream data transfer: TCP protocol transfers the data in the form of
contiguous stream of bytes. TCP group the bytes in the form of TCP
segments and then passed it to the IP layer for transmission to the
destination. TCP itself segments the data and forward to the IP.
 o Reliability: TCP assigns a sequence number to each byte transmitted
and expects a positive acknowledgement from the receiving TCP. If ACK
is not received within a timeout interval, then the data is retransmitted
to the destination.
The receiving TCP uses the sequence number to reassemble the
segments if they arrive out of order or to eliminate the duplicate
segments.
o Flow Control: When receiving TCP sends an acknowledgement back to
the sender indicating the number the bytes it can receive without
overflowing its internal buffer. The number of bytes is sent in ACK in the
form of the highest sequence number that it can receive without any
problem. This mechanism is also referred to as a window mechanism.
o Multiplexing: Multiplexing is a process of accepting the data from
different applications and forwarding to the different applications on
different computers. At the receiving end, the data is forwarded to the
correct application. This process is known as demultiplexing. TCP
transmits the packet to the correct application by using the logical
channels known as ports.
o Logical Connections: The combination of sockets, sequence numbers,
and window sizes, is called a logical connection. Each connection is
identified by the pair of sockets used by sending and receiving
processes.
o Full Duplex: TCP provides Full Duplex service, i.e., the data flow in both
the directions at the same time. To achieve Full Duplex service, each TCP
should have sending and receiving buffers so that the segments can
flow in both the directions. TCP is a connection-oriented protocol.
Suppose the process A wants to send and receive the data from process
B. The following steps occur:
o Establish a connection between two TCPs.
o Data is exchanged in both the directions.
o The Connection is terminated.

Functions of Transport Layer

 The process to process delivery
 End-to-end connection between devices
 Multiplexing and Demultiplexing
 Data integrity and error Correction
 Congestion Control
 Flow Control

Characteristics of Transport Layer Protocol

 The two protocols that make up the transport layer are TCP and UDP.
 A datagram is sent by the IP protocol at the network layer from a source
host to a destination host.
 These days, an operating system can support environments with multiple
users and processes; a programme under execution is referred to as a
process.
 A source process is transmitting a process to a destination process when a
host sends a message to another host. Certain connections to certain
ports, referred to as protocol ports, are defined by the transport layer
protocols.
 A positive integer address, consisting of 16 bits, defines each port.

Advantages of TCP
 TCP supports multiple routing protocols.
 TCP protocol operates independently of that of the operating system.
 TCP protocol provides the features of error control and flow control.
 TCP provides a connection-oriented protocol and provides the delivery of
data.
Disadvantages of TCP
 TCP protocol cannot be used for broadcast or multicast transmission.
 TCP protocol has no block boundaries.
 No clear separation is being offered by TCP protocol between its
interface, services, and protocols.
 In TCP/IP replacement of protocol is difficult.

TCP Segment Format

Where,

o Source port address: It is used to define the address of the application

program in a source computer. It is a 16-bit field.
o Destination port address: It is used to define the address of the
application program in a destination computer. It is a 16-bit field.
o Sequence number: A stream of data is divided into two or more TCP
segments. The 32-bit sequence number field represents the position of
the data in an original data stream.
o Acknowledgement number: A 32-field acknowledgement number
acknowledge the data from other communicating devices. If ACK field is
set to 1, then it specifies the sequence number that the receiver is
expecting to receive.
o Header Length (HLEN): It specifies the size of the TCP header in 32-bit
words. The minimum size of the header is 5 words, and the maximum
size of the header is 15 words. Therefore, the maximum size of the TCP
header is 60 bytes, and the minimum size of the TCP header is 20 bytes.
o Reserved: It is a six-bit field which is reserved for future use.
o Control bits: Each bit of a control field functions individually and
independently. A control bit defines the use of a segment or serves as a
validity check for other fields.

There are total six types of flags in control field:

o URG: The URG field indicates that the data in a segment is urgent.
 o ACK: When ACK field is set, then it validates the acknowledgement
number.
o PSH: The PSH field is used to inform the sender that higher throughput
is needed so if possible, data must be pushed with higher throughput.
o RST: The reset bit is used to reset the TCP connection when there is any
confusion occurs in the sequence numbers.
o SYN: The SYN field is used to synchronize the sequence numbers in
three types of segments: connection request, connection confirmation
( with the ACK bit set ), and confirmation acknowledgement.
o FIN: The FIN field is used to inform the receiving TCP module that the
sender has finished sending data. It is used in connection termination in
three types of segments: termination request, termination confirmation,
and acknowledgement of termination confirmation.
o Window Size: The window is a 16-bit field that defines the size of
the window.
o Checksum: The checksum is a 16-bit field used in error detection.
o Urgent pointer: If URG flag is set to 1, then this 16-bit field is an
offset from the sequence number indicating that it is a last urgent
data byte.
o Options and padding: It defines the optional fields that convey
the additional information to the receiver.

Differences b/w TCP & UDP

Basis for TCP UDP

Comparison

Definition TCP establishes a virtual circuit UDP transmits the data directly
before transmitting the data. to the destination computer
without verifying whether the
receiver is ready to receive or
not.

Connection Type It is a Connection-Oriented It is a Connectionless protocol

protocol
Speed slow high

Reliability It is a reliable protocol. It is an unreliable protocol.

Header size 20 bytes 8 bytes

acknowledgement It waits for the It neither takes the

acknowledgement of data and acknowledgement, nor it
has the ability to resend the retransmits the damaged frame.
lost packets.

SCTP

SCTP stands for Stream Control Transmission Protocol . SCTP is a connection-

oriented protocol. Stream Control Transmission Protocol transmits the data
from sender to receiver in full duplex mode. SCTP is a unicast protocol that
provides with point to point-to-point connection and uses different hosts for
reaching the destination. SCTP protocol provides a simpler way to build a
connection over a wireless network. SCTP protocol provides a reliable
transmission of data. SCTP provides a reliable and easier telephone
conversation over the internet. SCTP protocol supports the feature of
multihoming ie. it can establish more than one connection path between the
two points of communication and does not depend on the IP layer. SCTP
protocol also ensures security by not allowing the half-open connections.
Advantages of SCTP
 SCTP provides a full duplex connection. It can send and receive the data
simultaneously.
 SCTP protocol possesses the properties of both TCP and UDP protocol.
 SCTP protocol does not depend on the IP layer.
 SCTP is a secure protocol.

Disadvantages of SCTP
 To handle multiple streams simultaneously the applications need to be
modified accordingly.
 The transport stack on the node needs to be changed for the SCTP
protocol.
 Modification is required in applications if SCTP is used instead of TCP or
UDP protocol.

What are the advantages of SCTP over TCP protocol?

The advantages of SCTP over TCP are SCTP has a fault tolerance mechanism
and provides with protection against the attacks such as SYN flooding, man
in the middle etc.

Comparing TCP and UDP which protocol is faster?

Comparing TCP and UDP, UDP protocol is more faster and efficient as
compared to TCP. UDP protocol is a connectionless protocol and does not
need to establish any connection for transmission of data.

What is the use of a port in IP?

Port number is used to identify a specific service or application on the
system.

How TCP ensures reliability?

TCP ensures reliability through a mechanism called three-way Handshakeing
mechanism.

Transport Layer Securities (TLS) are designed to provide security at the

transport layer. TLS was derived from a security protocol called Secure Socket
Layer (SSL). TLS ensures that no third party may eavesdrop or tampers with
any message.
There are several benefits of TLS:
  Encryption:
TLS/SSL can help to secure transmitted data using encryption.
 Interoperability:
TLS/SSL works with most web browsers, including Microsoft Internet
Explorer and on most operating systems and web servers.
 Algorithm flexibility:
TLS/SSL provides operations for authentication mechanism, encryption
algorithms and hashing algorithm that are used during the secure session.
 Ease of Deployment:
Many applications TLS/SSL temporarily on a windows server 2003
operating systems.
 Ease of Use:
Because we implement TLS/SSL beneath the application layer, most of its
operations are completely invisible to client.

Working of TLS:
The client connect to server (using TCP), the client will be something. The
client sends number of specification:
1. Version of SSL/TLS.
2. which cipher suites, compression method it wants to use.

The server checks what the highest SSL/TLS version is that is supported by
them both, picks a cipher suite from one of the clients option (if it supports
one) and optionally picks a compression method. After this the basic setup is
done, the server provides its certificate. This certificate must be trusted either
by the client itself or a party that the client trusts. Having verified the
certificate and being certain this server really is who he claims to be (and not
a man in the middle), a key is exchanged. This can be a public key,
“PreMasterSecret” or simply nothing depending upon cipher suite.
Both the server and client can now compute the key for symmetric
encryption. The handshake is finished and the two hosts can communicate
securely. To close a connection by finishing. TCP connection both sides will
know the connection was improperly terminated. The connection cannot be
compromised by this through, merely interrupted.
Transport Layer Security (TLS) Handshake



TLS is a data privacy and security protocol implemented for secure
communication over internet. It usually encrypts communication between
server and clients. TLS is a successor to Secure Socket Layer (SSL) protocol. SSL
v3.0 and TLS v1.0 were very similar but it was replaced with TLS. You can also
refer to Transport Layer Security (TLS).
A Transport Layer Security (TLS) connection is established via handshake.
TLS Handshake in action :

Figure – TLS Handshake

1. With a TLS enabled service, a sender sends a ClientHello (as referred in

protocol). This includes information about Client.
2. Then server responds with ServerHello message (selecting highest version
of TLS supported by Client) and then chooses a cipher suite from list in
ClientHello message. The server also transmits its Digital certificate and a
final ServerHelloDone message.
3. Client validates certificate. Client then sends ClientKeyExchange message.
Here client chooses a key exchange mechanism to securely establish a
shared secret with server. Client also needs to send ChangeCipherSpec
indicating that it is switching to secure communication now, which is finally
followed by Finished message for indicating a successful handshake.
4. Server replies with ChangeCipherSpec and an encrypted Finished message
once shared secret is received.
 Session key is Shared Symmetric Encryption Key used in TLS sessions to
encrypt data being sent back and forth.
What is SSL/TLS Handshake?




Network security is important for office, home, and business networks. The
problem is at the utmost places wireless communication is used or we can say
the wireless network is used which are effortlessly hackable and the router can
be freely exploited if not secured rightly. So there’s a need for security in the
network. To fulfill this need we can use security protocols or cryptographic
protocols to deliver authentication and data security.
Secure Socket Layer(SSL):
It provides protection to the data that’s aligned between the web browser and
server. SSL encrypts the link between a web server and a browser which
ensures that all data passed between them stay private and separate from
attack.
Secure Socket Layer Protocols:
 SSL record protocol
 Handshake protocol
 Change-cipher spec protocol
 Alert protocol
Transport Layer Securities (TLS):
Transport Layer Securities (TLS) are aimed to give security at the transport
layer. TLS was concluded from a security protocol called Secure Socket Layer
(SSL). TLS ensures that no third affair may overhear or tampers with any
communication.

What is the difference between SSL and TLS protocols?

There are always security issues between client and host so Secure Socket
Layer and Transport Layer Security are the cryptographic protocols used to
provide authentication and data security between the web browser and web
server and it encrypts the communication between a client and server, mainly
between web browsers and web applications.
There are many differences between SSL and TLS protocols.
Secure Socket Protocol supports Fortezza Algorithms where Transport layer
Protocol do not, also the versions of both protocols are very different SSL is
version 3.0 and TLS is version 1.0 protocol.
The difference between SSL and TLS is that. In SSL the Message digest is used
to create a master secret and provides the security services in communication.
which are Authentication and confidentiality. While in TLS a randomly
generated Pseudo function is used to create a master secret which provides
higher security as compared to SSL.

What is SSL/TLS Handshake?

The SSL and TLS handshake establishes a system for SSL/TLS clients and
servers to start communication between them in other words it is a
negotiation between two parties on a network. Handshake Protocol is used to
establish sessions. This protocol allows the client and server to verify each
other by transferring a series of messages to each distance. Handshake
protocol uses four phases to finalize its circle.
Steps enable the SSL or TLS client and server to communicate with each other:

Phase-1: Deciding which version of the Protocol to use. The system decides
which protocol to use. Client and Server exchange hello-packets with each
other to confirm. In this IP session, cipher suite, and Agree on which version of
the protocol to use.
Phase-2: Server sends his certificate and Server-key-exchange. The server end
phase-2 by exchanging the hello packet.
Phase-3: Verification, in this phase, the Client replies to the server by sending
his certificate and Client-exchange-key.
Phase-4: In this phase, the Change Cipher suite is passed and all the
verifications and security checks are done after this Handshake Protocol ends.

What is Cipher Suite?

A Cipher suite is a set of encryption rules that decides how the TLS handshake
works. TLS/SSL protocols use some algorithms from a cipher suite to generate
keys and encrypt information so that the communication is end-to-end
encrypted.
A cipher Suite specifies one algorithm for each of the following tasks

 Key Exchange Algorithms: This algorithm protects the information

required to create shared keys.
 Bulk Encryption Algorithms: Bulk encryption algorithms are those
algorithms that encrypt the messages exchanged between clients and
servers.
 Message Authentication Algorithms: Message authentication algorithms
generate messages and signatures that ensure the Combination of a
message.

What is DCCP (Datagram Congestion Control Protocol)?

Congestion in a network means deterioration of network or services which are
caused due to overloading of network nodes, basically, this problem is
primarily associated with large networks, in which a large amount of data and
information is being transmitted. Congestion can be caused by several
reasons: either the routers which are being used are not fast enough, the CPUs
which are being used are not fast enough and they do not manage to quit
queues in OS in a timely manner, buffers are not large enough as our
requirements or they are lost from the packets. Also in the case of very high
traffic, the situation can be worse enough that no packages are delivered at all.
DCCP is basically a message-based transport-level protocol. The setting of a
secure connection is easily maintained using it, its closure i.e. ECN (Explicit
Congestion Notification), congestion control, and negotiation of features.
DCCP is a great technique to access congestion control mechanisms, also we
don’t need to implement them at the application level also.
DCCP basically allows similar Transfer Control Protocol feeds also, but
delivery in the order of transmission cannot be done. Sequential delivery of
multiple streams (as in SCTP- Stream Control Transmission Protocol ) is not
available in DCCP.
DCCP is widely used in applications package delivery is composed of time
constraints. The examples that come under this category include multiplayer
online games, internet telephony, streaming media (video, audio), etc. The
most important feature of these applications is that old messages quickly
become expired automatically, lose their usefulness by default.
DCCP connection setup can be explained through the below image, it is
basically similar to TCP connection setup :
DCCP Connection setup

On the other hand, the higher priority is given to new messages, so to resend
the packets is not very much useful here, it would eventually consume time
and unnecessary network resources as well. Datagram Congestion Control
Protocol can also be used as a general congestion control technique for
those types of applications that are based on the UDP protocol as well. A
safety mechanism can also be added and possibly one for packet delivery in
the order of transmission. In other cases, DCCP helps to use various
congestion control mechanisms, generally Transmission Control Protocol-
friendly. Confirmation traffic and data traffic are both contained in a DCCP
connection.
The transmitter gets to know with the help of confirmations that his
packages have arrived at the destination or have been marked by ECN.
Confirmations are used with the purpose of safety demanded by the
congestion control mechanism. Its primary aim is to reach 100% safely.

DCCP Packet structure:

The DCCP generic header has various forms according to the value given to X
i.e. the Extended Sequence Numbers bit.
Let X = 1,
the Sequence Number field is 48 bits long, and the generic header takes 16
bytes, which is clearly explained in the below image.

DCCP generic header when X=1

If we change the value of X = 0, only the low 24 bits of the Sequence

Number are transmitted, and the generic header is 12 bytes long which is
shown in the below image :
DCCP generic header when X=0

Features of DCCP:

1. DCCP is a non-reliable datagram stream, with a good feature of

confirmation.
2. DCCP helps to secure negotiation of options, including negotiation of the
most suitable mechanism for congestion control.
3. It provides a secure handshake protocol with the purpose of initializing
and closing the connection of DCCP.
4. It plays a vital role in the discovery of the maximum transmitting unit on
the chosen path by the user.
5. It provides techniques that allow servers to avoid storing states for
attempted unconnected, unconfirmed disconnections, or for already
closed connections as well.
6. Confirmation mechanisms are a very good feature of DCCP which helps to
communicate packet loss and ECN information.
7. Optional mechanisms are also some good techniques that communicate
to the emitting application with high security, which packets have reached
the receiver and which are not, also whether they have been marked by
ECN or not, or they are corrupted or removed in the receiver buffer.
8. DCCP can support multiple concurrent streams within a single connection,
which enables applications to transmit multiple data flows over the same
connection.
9. It provides a mechanism for applications to prioritize their data flows,
which helps in achieving better Quality of Service (QoS).
10.DCCP supports both connection-oriented and connectionless
communication modes.
 11.It offers a congestion control mechanism that is more flexible than the
TCP congestion control mechanism.
12.DCCP can be used over both IP version 4 and IP version 6 networks.
Advantages
 Congestion control: Unlike UDP, which has no built-in mechanism for
controlling congestion, DCCP includes congestion control algorithms that
help to prevent network overload and ensure reliable delivery of data.
 Quality of Service (QoS) support: DCCP provides support for QoS, which
allows network administrators to prioritize different types of traffic based
on their importance. This can be useful for applications such as video
streaming or voice over IP, where low latency and high reliability are
essential.
 Flexibility: DCCP is designed to be a flexible protocol, allowing network
administrators to choose from a variety of congestion control algorithms
based on the specific requirements of their network and applications.
 Compatibility: DCCP is designed to work with existing IP networks and is
compatible with traditional IP protocols like TCP and UDP.
Real-World Applications
 Streaming media: DCCP is often used in streaming media applications,
such as video conferencing, where low latency and high reliability are
important. The congestion control algorithms built into DCCP help to
ensure that these applications can run smoothly and effectively, even in
networks with high levels of congestion.
 Gaming: Some online gaming applications also make use of DCCP, as its
congestion control algorithms can help to prevent network slowdowns
and ensure that game data is delivered quickly and reliably.
 Telemetry: DCCP is also used in telemetry applications, where large
amounts of data need to be transmitted from remote devices back to a
central control center. The congestion control algorithms built into DCCP
help to ensure that this data is delivered reliably and efficiently, even in
congested networks.
 Remote Access: DCCP can be used for remote access applications, as it
provides a reliable and secure connection for remote access to servers
and other resources

What is Signaling Connection Control Part (SCCP)?


The Signaling Connection Control Part (SCCP) is an improvement to the MTP
Level 3 which is known to provide connection-oriented and connectionless
services, and the SCCP also provides an enhancement to address translation
capabilities.
Given Diagram provides a clear view of the improvements that SCCP provides
over MTP services and the SCCP also provides a network service that is
equivalent to the OSI Network third Layer.

SCCP

SCCP Addressing Translation:

MTP has a limited or ranged capability of routing and delivering messages to

the exact signaling point based on the (DPC) destination point code. Once it
has received the message, then the message is forwarded to the user with the
correct MTP user within the signaling point which depends on the value of the
service indicator that is residing within the signal information octet.
The SCCP manages an additional global title address translation function. an
address as dialed digits for voice, data, ISDN, or mobile networks, like the
addresses which cannot be routed directly are known as Global title. This
number is converted into a DPC and sub-system number (SSN) by the SCCP.
SCCP user at a signaling point is identified by the SSN.
The SCCP management, OMAP, and ISDN-UP are examples of SCCP users. A
similarity between the SSN and the service indicator in the MTP routing is
 there but the MTP routing allows for 255 unique sub-systems to be declared
at the signaling point.

Protocol class in SCCP:

SCCP provides four protocol classes which are:

 Class 0: Basic connectionless.
 Class 1: Sequenced connectionless.
 Class 2: Basic connection-oriented.
 Class 3: Flow control connection-oriented.
The connectionless protocol classes are able to provide the capabilities that
are needed to transfer one Network Service Data Unit (NSDU) in the “data”
field of a XUDT, LUDT, or UDT message. When one connectionless message is
not enough to send or transfer the user data which is stored in one NSDU,
then a segmenting/reassembly function for protocol classes 0 and 1 is
enabled.
For exchanging a number of related NSDUs the connection-oriented protocol
classes (protocol classes 2 and 3) provides the facilities to set up the signaling
connection. Reassembling and segmenting capabilities are also provided by
the connection-oriented protocol classes. If the NSDU exceeds 255 octets, it is
split into multiple segments at the corresponding originating node then the
“data” field of DT messages is transferred. Where each segment is equal to or
less than 255 octets. NSDU is reassembled at the destination node.

Stream Control Transmission Protocol (SCTP)





Stream Control Transmission Protocol (SCTP) is a network protocol that is

connection-oriented and used for transmitting multiple streams of data
simultaneously between any two endpoints that have established a connection
in a computer network. SCTP is a transport layer of Internet Protocol (IP).
SCTP support telephone connection over the internet.
History of SCTP Protocol
SCTP is a standard protocol that was coined by The Transport Area Working
Group (TSVWG) of the IETF (Internet Engineering Task Force). The reason for
the development of the protocol is to develop a system that is similar to the
telephone Signaling System 7 (SS7) switching network for carrying call control
signals using networks.

TSVWG and IETF developed SCTP as a standard protocol

The SCTP is similar to TCP protocol but the advantage is that it also provides
message oriented data transfer like User Datagram Protocol (UDP) which
makes it useful for end to end communication over internet. Both TCP and
UPD protocol are based on the concept that made SCTP possible. Unlike TCP
SCTP make ensure that it complete the concurrent transmission over several
streams of data in units called message between the end points which are
connected to each other.
Understanding Stream Control Transmission Protocol
As we know SCTP is an transport layer protocol it exist at an equivalent level
with UDP and TCP which provides the transport layer functions properties to
many other Internet applications. As it is a reliable transport protocol which
operates on top of connectionless packet networks like IP and supports
transfer of data over the network in single or multiple Ip cases.
It transport the signaling message to and from Signaling System (SS7) for 3G
mobiles networks with help of M3UA, M2Ua or SUA. It is a packet based
transport protocol. It is both reliable and secure transport which minimize the
end to end delay.
This protocol is optimized to :-
 It avoids problem related to he multithread infrastructure during the high
traffic.
 It also improves the SCTP association searching rate by SCTP hash table
optimization on the SPU(Services Processing Unit ).
 It improves the FSM for retransmission of cases.
What is Multihoming in SCTP?
First we will understand multihoming so multihoming is the process of
connecting a network or a host to multiple network simultaneously which is
done due to increase reliability or performance.
Telecommunication systems are highly prone to time delays. Multihoming
system enables with multiple interfaces to use one over the other without
waiting. SCTP multihoming means that the endpoints which are connected can
have different IP addresses associated to it. In simpler way multihoming refers
to sending data to an alternate IP address if in case due to any issue the
primary or original IP address is unreachable. Therefore the SCTP can connect
or establish multiple connection paths between two endpoints.
In this there is a original or primary interface or secondary interfaces. So
during establishment of connections a acknowledgment process validates the
IP address and manages the round trip time (RTT) for each individual address.
The RTT calculation enables the communication to migrate to a secondary
interface.
SCTP Packet
SCTP protocol packet consist of two main parts Header and Payload. The
Header is common but Payload have variable chunks.
The Common SCTP header is 12 byte long and made of the 4 parts
 Port Number (Source): shows the sending port
 Port Number (Destination): shows the receiving port
 Verification tag: a 32 bit random value which differentiate the packets
from the previous connection
 Checksum: a CRC32 algorithm for detection of error.
SCTP Packet

Security
This protocol provides certain security features related to transport such as
resistance against blind DOS attack (Denial of Service), masquerades and
monopolization of any type of service during operation. SIGTRAN (Signaling
Transport) protocols does not define any type of new security mechanism as
current available security protocols provide necessary steps for securing the
transmission of SS7 message over IP networks
SCTP Services
 Aggregate Server Access Protocol (ASAP)
 Bearer-independent Call Control (BICC)
 Direct Data Placement Segment chunk (DDP-segment)
 Direct Data Placement Stream session control (DDP-stream)
 Diameter in a DTLS/SCTP DATA chunk (Diameter-DTLS)
Understanding Central Point Architecture Support for SCTP
As we know that the SCTP association is a connection between two SCTP
endpoints. Each endpoint identifies it’s association with a tag. During it’s setup
the SCTP endpoints exchange their tags for receiving packets. So during the
exchange f packets between two SCTP endpoints the both source and
destination address can change in the association life cycle.
Before the release of Junos OS 15.1X49-D40 all the sessions of the SCTP
association are hashed to the same SPU with the help of the fixed per
association SCTP port pair. In many of the cases multiple SCTP association use
the same port pair, which results a bad load balancing with all the traffic
handled by single SPU. When the version Junos OS release 15.1X49-D40 and
Junos OS Release 17.3R1 to handle load balancing issue, the tag based hash
distribution is used to ensure the even distribution of the traffic of SCTP from
various associations among all the SPU’s. It’s flow session utilizes a connection
tag to more finely distribute SCTP traffic across all the SPU’s on the SRX1500,
SRX4100, SRX4200, SRX5400, SRX600, and SRX800 devices that supports the
SCTP ALG. The decoding of connection tag is from SCTP vtag.
Advantages of SCTP
As SCTP is a full duplex connection, it enables the data to be sent and receive
simultaneously. The data is delivered in chunks and in a ordered way which are
independent to each stream this help in isolating the data from other streams.
Like TCP and unlike UDP the SCTP provides the following advantage
 Flow control: It adjust the data transmission in a particular order and
quantity.
 Congestion control: It checks for network prior transmission to prevent
the congestion over the links.
 Fault tolerance: It uses the IP address from different internet services
providers. So, if in case ISP fails another connection can be used for
establishing the connection.
 It is a message oriented rather than byte oriented as of UDP.
 It provides a path selection functionality to select the primary data
transmission and a monitoring function to test the connectivity of
transmission path.
Limitation and Constraints of SCTP Protocol
 IP address
 In this protocol a maximum of eight IP address and eight
destination IP address are used in communication.
 In this only static IP NAT is supported.
 SCTP Payload Protocol Blocking
 If there is any change in the protocol blocking configuration it
immediately impacts the traffic of existing associations.
 The protocol which is supported is in decimal value ranging from
0 to 63, which includes 48 IANA protocol and 16 unassigned
protocols.
 All the static NAT the interfaces packets (client or server side) should
belong from the same zone.
 The sessions of SCTP are not deleted with associations they have a time out
of 30 min (default).
 Only the Static NAT is supported for SCTP protocol.
Application Of SCTP Protocol
 Telephone Communication: It was developed foe the communication of
telephony over the internet.
 Multihoming Support: It provides multihoming support, in which both
endpoints of the connection can have multiple IP address which help helps
in detection of failure in between the communication path.
 Transport for various Application: It is used in transport signaling messages
to and from SS7(Signaling System 7) on the devices supporting 3G
networks through M3UA , M2UA.
 Roaming Security and RAN Security: In mobile infrastructure it is used in
roaming security and RAN (Radio Access Network) security.
 Reliable and Secure Transport: This protocol provides reliable and highly
secure transport or communication which minimizes the end to end delay.