资源描述
TCP/IP Protocol Suite,*,Chapter 13,Upon completion you will be able to:,Stream ControlTransmission Protocol,Be able to name and understand the services offered by SCTP,Understand,SCTPs,flow and error control and congestion control,Be familiar with the fields in a SCTP segment,Understand the phases in an SCTP association,Understand the SCTP state transition diagram,Objectives,1,TCP/IP Protocol Suite,Figure 13.1,TCP/IP protocol suite,2,TCP/IP Protocol Suite,SCTP is a message-oriented,reliable,protocol that combines the,good features of UDP and TCP.,Note:,3,TCP/IP Protocol Suite,13.1 SCTP SERVICES,We explain the services offered by SCTP to the application layer processes.,The topics discussed in this section include:,Process-to-Process Communication,进程到进程的通信,Multiple Streams,多重流,Multihoming,多归属,Full-Duplex Communication,全双工,Connection-Oriented Service,面向连接,Reliable Service,可靠的,4,TCP/IP Protocol Suite,Table 13.1,Some SCTP applications,5,TCP/IP Protocol Suite,Figure 13.2,Multiple-stream concept,6,TCP/IP Protocol Suite,An association in SCTP can involve multiple streams.,Note:,7,TCP/IP Protocol Suite,Figure 13.3,Multihoming,concept,8,TCP/IP Protocol Suite,SCTP association allows multiple IP addresses for each end.,SCTP,关联允许每一端使用多个,IP,地址,Note:,9,TCP/IP Protocol Suite,全双工通信,面向连接的服务,面向连接强调建立关联(,/,协商),数据传送,关联终止。,无连接。,可靠的服务,确认机制,可靠也是面向连接的一个特点。,10,TCP/IP Protocol Suite,13.2 SCTP FEATURES,We discuss the general features of SCTP and then compare them with those of TCP.,The topics discussed in this section include:,Transmission Sequence Number(TSN),Stream Identifier(SI),Stream Sequence Number(SSN),Packets,Acknowledgment Number,Flow Control,Error Control,Congestion Control,11,TCP/IP Protocol Suite,In SCTP,a data chunk is numbered using a TSN.,传输序号,不考虑传输层分片,从进程来的报文跟,SCTP,分组的数据块可以是一一对应的。,Note:,12,TCP/IP Protocol Suite,To distinguish between different streams,SCTP uses a SI.,流标识符,Note:,13,TCP/IP Protocol Suite,To distinguish between different data chunks belonging to the same stream,SCTP uses,SSNs,.,流序号,Note:,14,TCP/IP Protocol Suite,Figure 13.4,Comparison between a TCP segment and an SCTP packet,TCP,中,首部含有控制信息;,SCTP,中数据由数据块携带,控制信息由控制块携带;,15,TCP/IP Protocol Suite,TCP has segments;,报文段,SCTP has packets.,分组,Note:,16,TCP/IP Protocol Suite,In SCTP,control information and data information are carried in separate chunks.,Note:,17,TCP/IP Protocol Suite,Figure 13.5,Packet,data chunks,and streams,18,TCP/IP Protocol Suite,Data chunks are identified by three identifiers:TSN,SI,and SSN.,TSN is a cumulative number identifying the association;SI defines the stream;SSN defines the chunk in a stream.,Note:,19,TCP/IP Protocol Suite,In SCTP,acknowledgment numbers are used to acknowledge only data chunks;control chunks are acknowledged by other control chunks if necessary.,Note:,20,TCP/IP Protocol Suite,13.3 PACKET FORMAT,We show the format of a packet and different types of chunks.An SCTP packet has a mandatory general header and a set of blocks called chunks.There are two types of chunks:control chunks and data chunks.,The topics discussed in this section include:,General Header,Chunks,21,TCP/IP Protocol Suite,Figure 13.6,SCTP packet format,22,TCP/IP Protocol Suite,In an SCTP packet,control chunks come before data chunks.,Note:,23,TCP/IP Protocol Suite,Figure 13.7,General header,24,TCP/IP Protocol Suite,Figure 13.8,Common layout of a chunk,25,TCP/IP Protocol Suite,Chunks need to terminate on a 32-bit(4 byte)boundary.,Note:,26,TCP/IP Protocol Suite,Table 13.2,Chunks,27,TCP/IP Protocol Suite,The number of padding bytes are not included in the value of the length field.,长度字段值不包含填充的字节数,Note:,28,TCP/IP Protocol Suite,Figure 13.9,DATA chunk,29,TCP/IP Protocol Suite,A DATA chunk cannot carry data belonging to more than one message,but a message can be split into several chunks.The data field of the DATA chunk must carry at least one byte of data,which means the value of length field cannot be less than 17.,Note:,30,TCP/IP Protocol Suite,Figure 13.10,INIT chunk,31,TCP/IP Protocol Suite,No other chunk can be carried in a packet that carries an INIT chunk.,Note:,32,TCP/IP Protocol Suite,Figure 13.11,INIT ACK chunk,33,TCP/IP Protocol Suite,No other chunk can be carried in a packet that carries an INIT ACK chunk.,Note:,34,TCP/IP Protocol Suite,Figure 13.12,COOKIE ECHO chunk,35,TCP/IP Protocol Suite,Figure 13.13,COOKIE ACK,36,TCP/IP Protocol Suite,Figure 13.14,SACK chunk,37,TCP/IP Protocol Suite,Figure 13.15,HEARTBEAT and HEARTBEAT ACK chunks,38,TCP/IP Protocol Suite,Figure 13.16,SHUTDOWN,SHUTDOWN ACK,and SHUTDOWN COMPLETE chunks,39,TCP/IP Protocol Suite,Figure 13.17,ERROR chunk,40,TCP/IP Protocol Suite,Table 13.3,Errors,41,TCP/IP Protocol Suite,Figure 13.18,ABORT chunk,42,TCP/IP Protocol Suite,13.4 AN SCTP ASSOCIATION,SCTP,like TCP,is a connection-oriented protocol.However,a connection in SCTP is called an association to emphasize,multihoming,The topics discussed in this section include:,Association Establishment,Data,Transfer,Association,Termination,Association Abortion,43,TCP/IP Protocol Suite,A connection in SCTP is called an association.,Note:,44,TCP/IP Protocol Suite,Figure 13.19,Four-way handshaking,45,TCP/IP Protocol Suite,Cookie,Cookie,是当你访问某个站点时,随某个,HTML,网页发送到你的浏览器中的一小段信息,.,SCTP,防止,TCP,中出现的泛洪攻击,,DOS,攻击。,46,TCP/IP Protocol Suite,SCTP,建立关联交换的分组数,尽管是,4,次握手,但是在第三个,第四个分组就可以传送数据了。同时在防止,SYN,拒绝服务的攻击方面提供了更高的安全性。,47,TCP/IP Protocol Suite,验证标志,(,TCP,)问题,1.,一个盲目的攻击者可以像我们在,SYN,攻击中一样,使用随机选出的源端口地址和目的端口地址像一个,TCP,服务器发送报文段。,(,TCP,)问题,2.,从前面的连接传过来的延迟的报文段可能在一个新的连接中出现,此报文段使用了同样的源端口地址和目的端口地址。这也是,TCP,在终止连接时需要有,Time-wait,计时器的一个原因。,48,TCP/IP Protocol Suite,No other chunk is allowed in a packet carrying an INIT or INIT ACK chunk.,A COOKIE ECHO or a COOKIE ACK chunk can carry DATA chunks.,Note:,49,TCP/IP Protocol Suite,In SCTP,only DATA chunks consume,TSNs,;,DATA chunks are the only chunks that are acknowledged.,Note:,50,TCP/IP Protocol Suite,Figure 13.20,Simple data transfer,51,TCP/IP Protocol Suite,The acknowledgment in SCTP defines the cumulative TSN,the TSN of the last DATA chunk received in order.,Note:,52,TCP/IP Protocol Suite,多归属数据传送,一个端点关联多个,IP,地址。,53,TCP/IP Protocol Suite,Multi-homed Considerations,When a peer is multi-homed,a“primary destination address”is selected by the SCTP endpoint.,By default,all data is sent to this primary address.,When the primary address fails,the sender selects an alternate primary address until it is restored or the user changes the primary address.,NI-1,NI-2,Endpoint-1,NI-1,NI-2,Endpoint-2,IP Network,IP Network,54,TCP/IP Protocol Suite,Unreachable Destination Address,NI-1,NI-2,Endpoint-1,NI-1,NI-2,Endpoint-2,IP Network,IP Network,X,55,TCP/IP Protocol Suite,Unreachable Peer:Network Failure,NI-1,NI-2,Endpoint-1,NI-1,NI-2,Endpoint-2,IP Network,IP Network,X,X,56,TCP/IP Protocol Suite,Maximum Path Diversity,Endpoint-1,Endpoint-2,57,TCP/IP Protocol Suite,Minimum Path Diversity,Endpoint-1,Endpoint-2,58,TCP/IP Protocol Suite,Now a VERY brief example:daytime client/server(full socket API discussion comes later),Network applications are typically client/server,daytime server,open a socket and bind it to a port,listen for connections,while(1),accept a connection,send a string containing current date/time,close the connection,daytime client,create a socket,open a connection to daytime server,read bytes until EOF(meaning connection was closed),close connection,59,TCP/IP Protocol Suite,A TCP daytime client becomes an SCTP daytime client.,TCP daytime client(many details omitted,including error checking;,),int,sockfd,n;,char,recvlineMAXLINE,+1;/*read buffer*/,struct,sockaddr_in,servaddr,;,sockfd,=,socket(AF_INET,SOCK_STREAM,0);/*create TCP socket*/,/*fill in socket address structure*/,servaddr.sin_family,=AF_INET;,servaddr.sin_port,=htons(13);,inet_pton(AF_INET,argv1,&,servaddr.sin_addr,);/*dot,dec,to,n.b.o,.*/,connect(sockfd,(,struct,sockaddr,*)&,servaddr,sizeof(servaddr,);,while(n=,read(sockfd,recvline,MAXLINE)0),recvlinen,=0;/*null terminate*/,fputs(recvline,stdout,);,close(,sockfd,);,sockfd,=,socket(AF_INET,SOCK_STREAM,IP_PROTO_SCTP);/*SCTP socket*/,Note:0 implies IP_PROTO_TCP,60,TCP/IP Protocol Suite,多重流交付,SI,唯一地定义一个流,紧急数据可以不按序交付,61,TCP/IP Protocol Suite,分片,SCTP,在从一个报文产生,DATA,块时,如果报文长度不超过路径的,MTU,,那么进程到进程都会保留报文的边界。如果总长度超过,MTU,,,SCTP,报文进行分片。,1.,报文划分为更小的分片,以满足长度的需求;,2.,每一个分片必须加上具有不同,TSN,的,DATA,块的首部。,TSN,必须按序。,3.,所有的首部携带同样的流标识符,SI,,同样的流序号,SSN,,同样的有效载荷协议标识符,以及同样的,U,标志。,4.B,和,E,的指派。,62,TCP/IP Protocol Suite,Figure 13.21,Association termination,关联终止,63,TCP/IP Protocol Suite,Figure 13.22,Association abortion,如果一个进程觉得本身有些问题(进入无限循环,从另一端收到错误的数据,等),可以使用关联异常终止。,64,TCP/IP Protocol Suite,13.5 STATE TRANSITION DIAGRAM,To keep track of all the different events happening during association establishment,association termination,and data transfer,the SCTP software,like TCP,is implemented as a finite state machine.,为了掌握在关联建立、关联终止和数据传送时所发生的不同事件,像,TCP,一样,,SCTP,软件也是以有限状态机的方式来实现的。,The topics discussed in this section include:,Scenarios,Simultaneous Close,65,TCP/IP Protocol Suite,Figure 13.23,State transition diagram,66,TCP/IP Protocol Suite,Table 13.4,States for SCTP,67,TCP/IP Protocol Suite,Figure 13.24,A common scenario of states,68,TCP/IP Protocol Suite,Figure 13.25,Simultaneous open,69,TCP/IP Protocol Suite,Figure 13.26,Simultaneous close,70,TCP/IP Protocol Suite,13.6 FLOW CONTROL,Flow control in SCTP is similar to that in TCP.In SCTP,we need to handle two units of data,the byte and the chunk.,Rwnd,cwnd,的值用,byte,来表示,TSN,(传输序号)和确认用块来表示,The topics discussed in this section include:,Receiver Site,Sender Site,A Scenario,71,TCP/IP Protocol Suite,Figure 13.27,Flow control,receiver site,72,TCP/IP Protocol Suite,Figure 13.28,Flow control,sender site,73,TCP/IP Protocol Suite,Figure 13.29,Flow control scenario,74,TCP/IP Protocol Suite,13.7 ERROR CONTROL,SCTP uses a SACK chunk to report the state of the receiver buffer to the sender.Each implementation uses a different set of entities and timers for the receiver and sender sites.,SCTP,使用,SACK,块向发送端报告接收端缓存的状态。每一种实现在接收端和发送端使用不同的实体和定时器的集合。,The topics discussed in this section include:,Receiver Site,接收端,Sender Site,发送端,Sending Data Chunks,发送数据块,Generating SACK Chunks,生成,SACK,块,75,TCP/IP Protocol Suite,Figure 13.30,Error control,receiver site,76,TCP/IP Protocol Suite,Figure 13.31,Error control,sender site,77,TCP/IP Protocol Suite,Figure 13.32,New state at the sender site after receiving a SACK chunk,78,TCP/IP Protocol Suite,发送数据块,重传策略,对于每个分组使用重传定时器,收到对,同样的丢失块,的,4,个,SACK,79,TCP/IP Protocol Suite,生成,SACK,块,1.,当一端向另一端发送,DATA,块时,它必须包含一个,SACK,块,用来通知收到的未被确认的,DATA,块;,2.,当一端收到包含数据的分组时,如果它没有数据要发送,它就必须在指明的时刻内(通常是,500ms,)确认收到了这个分组;,3.,一端收到失序数据块分组时,立即发送,SACK,;,4.,一端收到重复数据块分组时,立即发送,SACK,。,80,TCP/IP Protocol Suite,13.8 CONGESTION CONTROL,SCTP uses the same strategies for congestion control as TCP.SCTP uses slow start,congestion avoidance,and congestion detection phases.SCTP also uses fast retransmission and fast recovery.,指数增大,加法增大,乘法减小,The topics discussed in this section include:,Congestion Control and,Multihoming,Explicit Congestion Notification,81,TCP/IP Protocol Suite,拥塞控制与多归属,端点需要为每一个,IP,地址设置不同的,cwnd,值,82,TCP/IP Protocol Suite,显式拥塞通知,如果接收端遇到了很多延迟的或者重复的分组,这就是一种可能发生网络拥塞的指示。,SCTP,可以在,INIT,和,INITACK,中使用一个,ECN,选项,使双方能够协商,ECN,的使用。,83,TCP/IP Protocol Suite,SCTP,协议的应用,软交换网络,84,TCP/IP Protocol Suite,SIGTRAN,协议体系,原则上,SIGTRAN,封装在,IP,中进行传送,协议体系主要由两个部件组成,即信令适配层、信令传送层,底层采用的是标准的,IP,协议。,信令适配层提供,SCN,信令的标准原语接口,而信令传送层则提供,SCN,信令要求的实时和可靠传送。,85,TCP/IP Protocol Suite,将传统交换机的功能模块分离成为独立的网络部件,各个部件可以按相应的功能划分各自独立发展。,部件间的协议接口基于相应的标准。,部件化使得原有的电信网络逐步走向开放,运营商可以根据业务的需要自由组合各部分的功能产品采组建网络;部件间协议接口的标准化可以实现各种异构网的互通。,软交换与,PSTN,交换机的区别,86,TCP/IP Protocol Suite,作业,1.,给出,SCTP,的状态转换图。,2.,简要说明,TCP,、,UDP,、,SCTP,三类传输层协议的差异。,3.,Chapter13.11.1,习题,:5,,,9,87,TCP/IP Protocol Suite,
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
