1.\" Copyright (c) 2006, Randall Stewart. 2.\" 3.\" Redistribution and use in source and binary forms, with or without 4.\" modification, are permitted provided that the following conditions 5.\" are met: 6.\" 1. Redistributions of source code must retain the above copyright 7.\" notice, this list of conditions and the following disclaimer. 8.\" 2. Redistributions in binary form must reproduce the above copyright 9.\" notice, this list of conditions and the following disclaimer in the 10.\" documentation and/or other materials provided with the distribution. 11.\" 3. Neither the name of the University nor the names of its contributors 12.\" may be used to endorse or promote products derived from this software 13.\" without specific prior written permission. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" $FreeBSD$ 28.\" 29.Dd June 18, 2020 30.Dt SCTP 4 31.Os 32.Sh NAME 33.Nm sctp 34.Nd Internet Stream Control Transmission Protocol 35.Sh SYNOPSIS 36.Cd "options SCTP" 37.Cd "options SCTP_SUPPORT" 38.Pp 39.In sys/types.h 40.In sys/socket.h 41.In netinet/sctp.h 42.Ft int 43.Fn socket AF_INET SOCK_STREAM IPPROTO_SCTP 44.Ft int 45.Fn socket AF_INET SOCK_SEQPACKET IPPROTO_SCTP 46.Sh DESCRIPTION 47The 48.Tn SCTP 49protocol provides reliable, flow-controlled, two-way 50transmission of data. 51It is a message oriented protocol and can 52support the 53.Dv SOCK_STREAM 54and 55.Dv SOCK_SEQPACKET 56abstractions. 57.Tn SCTP 58uses the standard 59Internet address format and, in addition, provides a per-host 60collection of 61.Dq "port addresses" . 62Thus, each address is composed of an Internet address specifying 63the host and network, with a specific 64.Tn SCTP 65port on the host identifying the peer entity. 66.Pp 67There are two models of programming in SCTP. 68The first uses the 69.Dv SOCK_STREAM 70abstraction. 71In this abstraction sockets utilizing the 72.Tn SCTP 73protocol are either 74.Dq active 75or 76.Dq passive . 77Active sockets initiate connections to passive 78sockets. 79By default, 80.Tn SCTP 81sockets are created active; to create a 82passive socket, the 83.Xr listen 2 84system call must be used after binding the socket with the 85.Xr bind 2 86or 87.Xr sctp_bindx 3 88system calls. 89Only passive sockets may use the 90.Xr accept 2 91call to accept incoming connections. 92Only active sockets may use the 93.Xr connect 2 94call to initiate connections. 95.Pp 96The other abstraction 97.Dv SOCK_SEQPACKET 98provides a 99.Dq connectionless 100mode of operation in that the user may send to an address 101(using any of the valid send calls that carry a 102socket address) and an association will be setup 103implicitly by the underlying 104.Tn SCTP 105transport stack. 106This abstraction is the only one capable of sending data on the 107third leg of the four-way handshake. 108A user must still call 109.Xr listen 2 110to allow the socket to accept connections. 111Calling 112.Xr listen 2 113however does not restrict the user from still initiating 114implicit connections to other peers. 115.Pp 116The 117.Tn SCTP 118protocol directly supports multi-homing. 119So when binding a socket with the 120.Dq wildcard 121address 122.Dv INADDR_ANY , 123the 124.Tn SCTP 125stack will inform the peer about all of the local addresses 126that are deemed in scope of the peer. 127The peer will then possibly have multiple paths to reach the local host. 128.Pp 129The 130.Tn SCTP 131transport protocol is also multi-streamed. 132Multi-streaming refers to the ability to send sub-ordered flows of 133messages. 134A user performs this by specifying a specific stream in one of the 135extended send calls such as the 136.Xr sctp_send 3 137function call. 138Sending messages on different streams will allow parallel delivery 139of data i.e., a message loss in stream 1 will not block the delivery 140of messages sent in stream 2. 141.Pp 142The 143.Tn SCTP 144transport protocol also provides a unordered service as well. 145The unordered service allows a message to be sent and delivered 146with no regard to the ordering of any other message. 147.Ss Extensions 148The FreeBSD implementation of 149.Tn SCTP 150also supports the following extensions: 151.Bl -tag -width "sctp partial reliability" 152.It "sctp partial reliability" 153This extension allows one to have message be skipped and 154not delivered based on some user specified parameters. 155.It "sctp dynamic addressing" 156This extension allows addresses to be added and deleted 157dynamically from an existing association. 158.It "sctp authentication" 159This extension allows the user to authenticate specific 160peer chunks (including data) to validate that the peer 161who sent the message is in fact the peer who setup the 162association. 163A shared key option is also provided for 164so that two stacks can pre-share keys. 165.It "packet drop" 166Some routers support a special satellite protocol that 167will report losses due to corruption. 168This allows retransmissions without subsequent loss in bandwidth 169utilization. 170.It "stream reset" 171This extension allows a user on either side to reset the 172stream sequence numbers used by any or all streams. 173.El 174.Ss Socket Options 175.Tn SCTP 176supports a number of socket options which can be set with 177.Xr setsockopt 2 178and tested with 179.Xr getsockopt 2 180or 181.Xr sctp_opt_info 3 : 182.Bl -tag -width indent 183.It Dv SCTP_NODELAY 184Under most circumstances, 185.Tn SCTP 186sends data when it is presented; when outstanding data has not 187yet been acknowledged, it gathers small amounts of output to be 188sent in a single packet once an acknowledgement is received. 189For some clients, such as window systems that send a stream of 190mouse events which receive no replies, this packetization may 191cause significant delays. 192The boolean option 193.Dv SCTP_NODELAY 194defeats this algorithm. 195.It Dv SCTP_RTOINFO 196This option returns specific information about an associations 197.Dq "Retransmission Time Out" . 198It can also be used to change the default values. 199.It Dv SCTP_ASSOCINFO 200This option returns specific information about the requested 201association. 202.It Dv SCTP_INITMSG 203This option allows you to get or set the default sending 204parameters when an association is implicitly setup. 205It allows you to change such things as the maximum number of 206streams allowed inbound and the number of streams requested 207of the peer. 208.It Dv SCTP_AUTOCLOSE 209For the one-to-many model 210.Dv ( SOCK_SEQPACKET ) 211associations are setup implicitly. 212This option allows the user to specify a default number of idle 213seconds to allow the association be maintained. 214After the idle timer (where no user message have been sent or have 215been received from the peer) the association will be gracefully 216closed. 217The default for this value is 0, or unlimited (i.e., no automatic 218close). 219.It Dv SCTP_SET_PEER_PRIMARY_ADDR 220The dynamic address extension allows a peer to also request a 221particular address of its be made into the primary address. 222This option allows the caller to make such a request to a peer. 223Note that if the peer does not also support the dynamic address 224extension, this call will fail. 225Note the caller must provide a valid local address that the peer has 226been told about during association setup or dynamically. 227.It Dv SCTP_PRIMARY_ADDR 228This option allows the setting of the primary address 229that the caller wishes to send to. 230The caller provides the address of a peer that is to be made primary. 231.It Dv SCTP_ADAPTATION_LAYER 232The dynamic address extension also allows a user to 233pass a 32 bit opaque value upon association setup. 234This option allows a user to set or get this value. 235.It Dv SCTP_DISABLE_FRAGMENTS 236By default 237.Tn SCTP 238will fragment user messages into multiple pieces that 239will fit on the network and then later, upon reception, reassemble 240the pieces into a single user message. 241If this option is enabled instead, any send that exceeds the path 242maximum transfer unit (P-MTU) will fail and the message will NOT be 243sent. 244.It Dv SCTP_PEER_ADDR_PARAMS 245This option will allow a user to set or get specific 246peer address parameters. 247.It Dv SCTP_DEFAULT_SEND_PARAM 248When a user does not use one of the extended send 249calls (e.g., 250.Xr sctp_sendmsg 3 ) 251a set of default values apply to each send. 252These values include things like the stream number to send 253to as well as the per-protocol id. 254This option lets a caller both get and set these values. 255If the user changes these default values, then these new values will 256be used as the default whenever no information is provided by the 257sender (i.e., the non-extended API is used). 258.It Dv SCTP_EVENTS 259.Tn SCTP 260has non-data events that it can communicate 261to its application. 262By default these are all disabled since they arrive in the data path 263with a special flag 264.Dv MSG_NOTIFICATION 265set upon the received message. 266This option lets a caller 267both get what events are current being received 268as well as set different events that they may be interested 269in receiving. 270.It Dv SCTP_I_WANT_MAPPED_V4_ADDR 271.Tn SCTP 272supports both IPV4 and IPV6. 273An association may span both IPV4 and IPV6 addresses since 274.Tn SCTP 275is multi-homed. 276By default, when opening an IPV6 socket, when 277data arrives on the socket from a peer's 278V4 address the V4 address will be presented with an address family 279of AF_INET. 280If this is undesirable, then this option 281can be enabled which will then convert all V4 addresses 282into mapped V6 representations. 283.It Dv SCTP_MAXSEG 284By default 285.Tn SCTP 286chooses its message fragmentation point 287based upon the smallest P-MTU of the peer. 288This option lets the caller set it to a smaller value. 289Note that while the user can change this value, if the P-MTU 290is smaller than the value set by the user, then the P-MTU 291value will override any user setting. 292.It Dv SCTP_DELAYED_ACK_TIME 293This option lets the user both set and get the 294delayed ack time (in milliseconds) that 295.Tn SCTP 296is using. 297The default is 200 milliseconds. 298.It Dv SCTP_PARTIAL_DELIVERY_POINT 299.Tn SCTP 300at times may need to start delivery of a 301very large message before the entire message has 302arrived. 303By default SCTP waits until the incoming 304message is larger than one fourth of the receive 305buffer. 306This option allows the stacks value 307to be overridden with a smaller value. 308.It Dv SCTP_FRAGMENT_INTERLEAVE 309.Tn SCTP 310at times will start partial delivery (as mentioned above). 311In the normal case successive reads will continue to return 312the rest of the message, blocking if needed, until all of 313that message is read. 314However this means other messages may have arrived and be ready 315for delivery and be blocked behind the message being partially 316delivered. 317If this option is enabled, when a partial delivery 318message has no more data to be received, then a subsequent 319read may return a different message that is ready for delivery. 320By default this option is off since the user must be using the 321extended API's to be able to tell the difference between 322messages (via the stream and stream sequence number). 323.It Dv SCTP_AUTH_CHUNK 324By default only the dynamic addressing chunks are 325authenticated. 326This option lets a user request an 327additional chunk be authenticated as well. 328Note that successive calls to this option will work and continue 329to add more chunks that require authentication. 330Note that this option only effects future associations and 331not existing ones. 332.It Dv SCTP_AUTH_KEY 333This option allows a user to specify a shared 334key that can be later used to authenticate 335a peer. 336.It Dv SCTP_HMAC_IDENT 337This option will let you get or set the list of 338HMAC algorithms used to authenticate peers. 339Note that the HMAC values are in priority order where 340the first HMAC identifier is the most preferred 341and the last is the least preferred. 342.It Dv SCTP_AUTH_ACTIVE_KEY 343This option allows you to make a key active for 344the generation of authentication information. 345Note that the peer must have the same key or else the 346data will be discarded. 347.It Dv SCTP_AUTH_DELETE_KEY 348This option allows you to delete an old key. 349.It Dv SCTP_USE_EXT_RECVINFO 350The sockets api document allows an extended 351send/receive information structure to be used. 352The extended structure includes additional fields 353related to the next message to be received (after the 354current receive completes) if such information is known. 355By default the system will not pass this information. 356This option allows the user to request this information. 357.It Dv SCTP_AUTO_ASCONF 358By default when bound to all address and the system administrator has 359enables automatic dynamic addresses, the 360.Tn SCTP 361stack will automatically generate address changes into add and 362delete requests to any peers by setting this option to 363true. 364This option allows an endpoint to disable that behavior. 365.It Dv SCTP_MAXBURST 366By default 367.Tn SCTP 368implements micro-burst control so that as the congestion window 369opens up no large burst of packets can be generated. 370The default burst limit is four. 371This option lets the user change this value. 372.It Dv SCTP_CONTEXT 373Many sctp extended calls have a context field. 374The context field is a 32 bit opaque value that will be returned in 375send failures. 376This option lets the caller set the default 377context value to use when none is provided by the user. 378.It Dv SCTP_EXPLICIT_EOR 379By default, a single send is a complete message. 380.Tn SCTP 381generates an implied record boundary. 382If this option is enabled, then all sends are part of the same message 383until the user indicates an end of record with the 384special flag 385.Dv SCTP_EOR 386passed in the sctp_sndrcvinfo flags field. 387This effectively makes all sends part of the same message 388until the user specifies differently. 389This means that a caller must NOT change the stream number until 390after the 391.Dv SCTP_EOR 392is passed to 393.Tn SCTP 394else an error will be returned. 395.It Dv SCTP_STATUS 396This option is a read-only option that returns 397various status information about the specified association. 398.It Dv SCTP_GET_PEER_ADDR_INFO 399This read-only option returns information about a peer 400address. 401.It Dv SCTP_PEER_AUTH_CHUNKS 402This read-only option returns a list of the chunks 403the peer requires to be authenticated. 404.It Dv SCTP_LOCAL_AUTH_CHUNKS 405This read-only option returns a list of the locally 406required chunks that must be authenticated. 407.It Dv SCTP_RESET_STREAMS 408This socket option is used to cause a stream sequence 409number or all stream sequence numbers to be reset. 410Note that the peer 411.Tn SCTP 412endpoint must also support the stream reset extension 413as well. 414.El 415.Ss MIB Variables 416The 417.Tn SCTP 418protocol implements a number of variables in the 419.Va net.inet.sctp 420branch of the 421.Xr sysctl 3 422MIB. 423.Bl -ohang 424.It Sy Congestion Control 425.Bl -tag -width indent 426.It Va default_cc_module 427Default congestion control module. 428Default value is 0. 429The minimum is 0, and the maximum is 3. 430A value of 0 enables the default congestion control algorithm. 431A value of 1 enables the High Speed congestion control algorithm. 432A value of 2 enables the HTCP congestion control algorithm. 433A value of 3 enables the data center congestion control (DCCC) algorithm. 434.It Va initial_cwnd 435Defines the initial congestion window size in MTUs. 436.It Va cwnd_maxburst 437Use congestion control instead of 'blind' logic to limit maximum burst when sending. 438Default value is 1. May be set to 0 or 1. 439.It Va ecn_enable 440Enable Explicit Congestion Notification (ECN). 441Default value is 1. May be set to 0 or 1. 442.It Va rttvar_steady_step 443Number of identical bandwidth measurements DCCC takes to try step down the congestion window. 444Default value is 20. 445The minimum is 0, and the maximum is 65535. 446.It Va rttvar_eqret 447Whether DCCC reduces the congestion window size when round-trip time and bandwidth remain unchanged. 448Default value is 0. 449May be set to 0 or 1. 450.It Va rttvar_bw 451Shift amount DCCC uses for bandwidth smoothing on round-trip-time calculation. 452Default value is 4. 453The minimum is 0, and the maximum is 32. 454.It Va rttvar_rtt 455Shift amount DCCC uses for round-trip-time smoothing on round-trip-time calculation. 456Default value is 5. 457The minimum is 0, and the maximum is 32. 458.It Va use_dcccecn 459Enable ECN when using DCCC. 460Default value is 1. 461May be set to 0 or 1. 462.El 463.It Sy Misc 464.Bl -tag -width indent 465.It Va getcred 466Get the ucred of a SCTP connection. 467.It Va assoclist 468List of active SCTP associations. 469.It Va stats 470SCTP statistics (struct sctp_stat). 471.It Va diag_info_code 472Diagnostic information error cause code. 473.It Va blackhole 474Enable SCTP blackholing. 475See 476.Xr blackhole 4 477for more details. 478.It Va sendall_limit 479Maximum message size (in bytes) that can be transmitted with SCTP_SENDALL flags set. 480.It Va buffer_splitting 481Enable send/receive buffer splitting. 482.It Va vtag_time_wait 483Vtag wait time in seconds, 0 to disable. 484.It Va nat_friendly_init 485Enable sending of the NAT-friendly SCTP option on INITs. 486.It Va enable_sack_immediately 487Enable sending of the SACK-IMMEDIATELY bit. 488.It Va udp_tunneling_port 489Set the SCTP/UDP tunneling port. 490.It Va mobility_fasthandoff 491Enable SCTP fast handoff. 492.It Va mobility_base 493Enable SCTP base mobility 494.It Va default_frag_interleave 495Default fragment interleave level. 496.It Va default_ss_module 497Default stream scheduling module. 498.It Va log_level 499Ltrace/KTR trace logging level. 500.It Va max_retran_chunk 501Number of retransmissions of a DATA chunk before an association is aborted. 502.It Va min_residual 503Minimum residual data chunk in second part of split. 504.It Va strict_data_order 505Enforce strict data ordering, abort if control inside data. 506.It Va abort_at_limit 507Abort when one-to-one hits qlimit. 508.It Va hb_max_burst 509Confirmation heartbeat max burst. 510.It Va do_sctp_drain 511Flush chunks in receive queues with TSN higher than the cumulative TSN if the 512system is low on mbufs. 513.It Va max_chained_mbufs 514Default max number of small mbufs on a chain. 515.It Va abc_l_var 516SCTP ABC max increase per SACK (L). 517.It Va nat_friendly 518SCTP NAT friendly operation. 519.It Va cmt_use_dac 520CMT DAC on/off flag. 521.It Va cmt_on_off 522CMT settings. 523.It Va outgoing_streams 524Default number of outgoing streams. 525.It Va incoming_streams 526Default number of incoming streams. 527.It Va add_more_on_output 528When space-wise is it worthwhile to try to add more to a socket send buffer. 529.It Va path_pf_threshold 530Default potentially failed threshold. 531.It Va path_rtx_max 532Default maximum of retransmissions per path. 533.It Va assoc_rtx_max 534Default maximum number of retransmissions per association. 535.It Va init_rtx_max 536Default maximum number of retransmissions for INIT chunks. 537.It Va valid_cookie_life 538Default cookie lifetime in seconds. 539.It Va init_rto_max 540Default maximum retransmission timeout during association setup in ms. 541.It Va rto_initial 542Default initial retransmission timeout in ms. 543.It Va rto_min 544Default minimum retransmission timeout in ms. 545.It Va rto_max 546Default maximum retransmission timeout in ms. 547.It Va secret_lifetime 548Default secret lifetime in seconds. 549.It Va shutdown_guard_time 550Shutdown guard timer in seconds (0 means 5 times RTO.Max). 551.It Va pmtu_raise_time 552Default PMTU raise timer in seconds. 553.It Va heartbeat_interval 554Default heartbeat interval in ms. 555.It Va asoc_resource 556Max number of cached resources in an association. 557.It Va sys_resource 558Max number of cached resources in the system. 559.It Va sack_freq 560Default SACK frequency. 561.It Va delayed_sack_time 562Default delayed SACK timer in ms. 563.It Va chunkscale 564Tunable for scaling of number of chunks and messages. 565.It Va min_split_point 566Minimum size when splitting a chunk. 567.It Va pcbhashsize 568Tunable for PCB hash table sizes. 569.It Va tcbhashsize 570Tunable for TCB hash table sizes. 571.It Va maxchunks 572Default max chunks on queue per association. 573.It Va fr_maxburst 574Default max burst for SCTP endpoints when fast retransmitting. 575.It Va maxburst 576Default max burst for SCTP endpoints. 577.It Va peer_chkoh 578Amount to debit peers rwnd per chunk sent. 579.It Va strict_sacks 580Enable SCTP Strict SACK checking. 581.It Va pktdrop_enable 582Enable SCTP PKTDROP. 583.It Va nrsack_enable 584Enable SCTP NR-SACK. 585.It Va reconfig_enable 586Enable SCTP RE-CONFIG. 587.It Va asconf_enable 588Enable SCTP ASCONF. 589.It Va auth_enable 590Enable SCTP AUTH. 591.It Va pr_enable 592Enable PR-SCTP. 593.It Va auto_asconf 594Enable SCTP Auto-ASCONF. 595.It Va recvspace 596Maximum incoming SCTP buffer size. 597.It Va sendspace 598Maximum outgoing SCTP buffer size. 599.El 600.El 601.Sh SEE ALSO 602.Xr accept 2 , 603.Xr bind 2 , 604.Xr connect 2 , 605.Xr listen 2 , 606.Xr sctp_bindx 3 , 607.Xr sctp_connectx 3 , 608.Xr sctp_opt_info 3 , 609.Xr sctp_recvmsg 3 , 610.Xr sctp_sendmsg 3 , 611.Xr blackhole 4 612