xref: /freebsd/share/man/man4/sctp.4 (revision 32100375a661c1e16588ddfa7b90ca8d26cb9786)
1.\" Copyright (c) 2006, Randall Stewart.
2.\"
3.\" Redistribution and use in source and binary forms, with or without
4.\" modification, are permitted provided that the following conditions
5.\" are met:
6.\" 1. Redistributions of source code must retain the above copyright
7.\"    notice, this list of conditions and the following disclaimer.
8.\" 2. Redistributions in binary form must reproduce the above copyright
9.\"    notice, this list of conditions and the following disclaimer in the
10.\"    documentation and/or other materials provided with the distribution.
11.\" 3. Neither the name of the University nor the names of its contributors
12.\"    may be used to endorse or promote products derived from this software
13.\"    without specific prior written permission.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25.\" SUCH DAMAGE.
26.\"
27.\" $FreeBSD$
28.\"
29.Dd June 18, 2020
30.Dt SCTP 4
31.Os
32.Sh NAME
33.Nm sctp
34.Nd Internet Stream Control Transmission Protocol
35.Sh SYNOPSIS
36.Cd "options SCTP"
37.Cd "options SCTP_SUPPORT"
38.Pp
39.In sys/types.h
40.In sys/socket.h
41.In netinet/sctp.h
42.Ft int
43.Fn socket AF_INET SOCK_STREAM IPPROTO_SCTP
44.Ft int
45.Fn socket AF_INET SOCK_SEQPACKET IPPROTO_SCTP
46.Sh DESCRIPTION
47The
48.Tn SCTP
49protocol provides reliable, flow-controlled, two-way
50transmission of data.
51It is a message oriented protocol and can
52support the
53.Dv SOCK_STREAM
54and
55.Dv SOCK_SEQPACKET
56abstractions.
57.Tn SCTP
58uses the standard
59Internet address format and, in addition, provides a per-host
60collection of
61.Dq "port addresses" .
62Thus, each address is composed of an Internet address specifying
63the host and network, with a specific
64.Tn SCTP
65port on the host identifying the peer entity.
66.Pp
67There are two models of programming in SCTP.
68The first uses the
69.Dv SOCK_STREAM
70abstraction.
71In this abstraction sockets utilizing the
72.Tn SCTP
73protocol are either
74.Dq active
75or
76.Dq passive .
77Active sockets initiate connections to passive
78sockets.
79By default,
80.Tn SCTP
81sockets are created active; to create a
82passive socket, the
83.Xr listen 2
84system call must be used after binding the socket with the
85.Xr bind 2
86or
87.Xr sctp_bindx 3
88system calls.
89Only passive sockets may use the
90.Xr accept 2
91call to accept incoming connections.
92Only active sockets may use the
93.Xr connect 2
94call to initiate connections.
95.Pp
96The other abstraction
97.Dv SOCK_SEQPACKET
98provides a
99.Dq connectionless
100mode of operation in that the user may send to an address
101(using any of the valid send calls that carry a
102socket address) and an association will be setup
103implicitly by the underlying
104.Tn SCTP
105transport stack.
106This abstraction is the only one capable of sending data on the
107third leg of the four-way handshake.
108A user must still call
109.Xr listen 2
110to allow the socket to accept connections.
111Calling
112.Xr listen 2
113however does not restrict the user from still initiating
114implicit connections to other peers.
115.Pp
116The
117.Tn SCTP
118protocol directly supports multi-homing.
119So when binding a socket with the
120.Dq wildcard
121address
122.Dv INADDR_ANY ,
123the
124.Tn SCTP
125stack will inform the peer about all of the local addresses
126that are deemed in scope of the peer.
127The peer will then possibly have multiple paths to reach the local host.
128.Pp
129The
130.Tn SCTP
131transport protocol is also multi-streamed.
132Multi-streaming refers to the ability to send sub-ordered flows of
133messages.
134A user performs this by specifying a specific stream in one of the
135extended send calls such as the
136.Xr sctp_send 3
137function call.
138Sending messages on different streams will allow parallel delivery
139of data i.e., a message loss in stream 1 will not block the delivery
140of messages sent in stream 2.
141.Pp
142The
143.Tn SCTP
144transport protocol also provides a unordered service as well.
145The unordered service allows a message to be sent and delivered
146with no regard to the ordering of any other message.
147.Ss Extensions
148The FreeBSD implementation of
149.Tn SCTP
150also supports the following extensions:
151.Bl -tag -width "sctp partial reliability"
152.It "sctp partial reliability"
153This extension allows one to have message be skipped and
154not delivered based on some user specified parameters.
155.It "sctp dynamic addressing"
156This extension allows addresses to be added and deleted
157dynamically from an existing association.
158.It "sctp authentication"
159This extension allows the user to authenticate specific
160peer chunks (including data) to validate that the peer
161who sent the message is in fact the peer who setup the
162association.
163A shared key option is also provided for
164so that two stacks can pre-share keys.
165.It "packet drop"
166Some routers support a special satellite protocol that
167will report losses due to corruption.
168This allows retransmissions without subsequent loss in bandwidth
169utilization.
170.It "stream reset"
171This extension allows a user on either side to reset the
172stream sequence numbers used by any or all streams.
173.El
174.Ss Socket Options
175.Tn SCTP
176supports a number of socket options which can be set with
177.Xr setsockopt 2
178and tested with
179.Xr getsockopt 2
180or
181.Xr sctp_opt_info 3 :
182.Bl -tag -width indent
183.It Dv SCTP_NODELAY
184Under most circumstances,
185.Tn SCTP
186sends data when it is presented; when outstanding data has not
187yet been acknowledged, it gathers small amounts of output to be
188sent in a single packet once an acknowledgement is received.
189For some clients, such as window systems that send a stream of
190mouse events which receive no replies, this packetization may
191cause significant delays.
192The boolean option
193.Dv SCTP_NODELAY
194defeats this algorithm.
195.It Dv SCTP_RTOINFO
196This option returns specific information about an associations
197.Dq "Retransmission Time Out" .
198It can also be used to change the default values.
199.It Dv SCTP_ASSOCINFO
200This option returns specific information about the requested
201association.
202.It Dv SCTP_INITMSG
203This option allows you to get or set the default sending
204parameters when an association is implicitly setup.
205It allows you to change such things as the maximum number of
206streams allowed inbound and the number of streams requested
207of the peer.
208.It Dv SCTP_AUTOCLOSE
209For the one-to-many model
210.Dv ( SOCK_SEQPACKET )
211associations are setup implicitly.
212This option allows the user to specify a default number of idle
213seconds to allow the association be maintained.
214After the idle timer (where no user message have been sent or have
215been received from the peer) the association will be gracefully
216closed.
217The default for this value is 0, or unlimited (i.e., no automatic
218close).
219.It Dv SCTP_SET_PEER_PRIMARY_ADDR
220The dynamic address extension allows a peer to also request a
221particular address of its be made into the primary address.
222This option allows the caller to make such a request to a peer.
223Note that if the peer does not also support the dynamic address
224extension, this call will fail.
225Note the caller must provide a valid local address that the peer has
226been told about during association setup or dynamically.
227.It Dv SCTP_PRIMARY_ADDR
228This option allows the setting of the primary address
229that the caller wishes to send to.
230The caller provides the address of a peer that is to be made primary.
231.It Dv SCTP_ADAPTATION_LAYER
232The dynamic address extension also allows a user to
233pass a 32 bit opaque value upon association setup.
234This option allows a user to set or get this value.
235.It Dv SCTP_DISABLE_FRAGMENTS
236By default
237.Tn SCTP
238will fragment user messages into multiple pieces that
239will fit on the network and then later, upon reception, reassemble
240the pieces into a single user message.
241If this option is enabled instead, any send that exceeds the path
242maximum transfer unit (P-MTU) will fail and the message will NOT be
243sent.
244.It Dv SCTP_PEER_ADDR_PARAMS
245This option will allow a user to set or get specific
246peer address parameters.
247.It Dv SCTP_DEFAULT_SEND_PARAM
248When a user does not use one of the extended send
249calls (e.g.,
250.Xr sctp_sendmsg 3 )
251a set of default values apply to each send.
252These values include things like the stream number to send
253to as well as the per-protocol id.
254This option lets a caller both get and set these values.
255If the user changes these default values, then these new values will
256be used as the default whenever no information is provided by the
257sender (i.e., the non-extended API is used).
258.It Dv SCTP_EVENTS
259.Tn SCTP
260has non-data events that it can communicate
261to its application.
262By default these are all disabled since they arrive in the data path
263with a special flag
264.Dv MSG_NOTIFICATION
265set upon the received message.
266This option lets a caller
267both get what events are current being received
268as well as set different events that they may be interested
269in receiving.
270.It Dv SCTP_I_WANT_MAPPED_V4_ADDR
271.Tn SCTP
272supports both IPV4 and IPV6.
273An association may span both IPV4 and IPV6 addresses since
274.Tn SCTP
275is multi-homed.
276By default, when opening an IPV6 socket, when
277data arrives on the socket from a peer's
278V4 address the V4 address  will be presented with an address family
279of AF_INET.
280If this is undesirable, then this option
281can be enabled which will then convert all V4 addresses
282into mapped V6 representations.
283.It Dv SCTP_MAXSEG
284By default
285.Tn SCTP
286chooses its message fragmentation point
287based upon the smallest P-MTU of the peer.
288This option lets the caller set it to a smaller value.
289Note that while the user can change this value, if the P-MTU
290is smaller than the value set by the user, then the P-MTU
291value will override any user setting.
292.It Dv SCTP_DELAYED_ACK_TIME
293This option lets the user both set and get the
294delayed ack time (in milliseconds) that
295.Tn SCTP
296is using.
297The default is 200 milliseconds.
298.It Dv SCTP_PARTIAL_DELIVERY_POINT
299.Tn SCTP
300at times may need to start delivery of a
301very large message before the entire message has
302arrived.
303By default SCTP waits until the incoming
304message is larger than one fourth of the receive
305buffer.
306This option allows the stacks value
307to be overridden with a smaller value.
308.It Dv SCTP_FRAGMENT_INTERLEAVE
309.Tn SCTP
310at times will start partial delivery (as mentioned above).
311In the normal case successive reads will continue to return
312the rest of the message, blocking if needed, until all of
313that message is read.
314However this means other messages may have arrived and be ready
315for delivery and be blocked behind the message being partially
316delivered.
317If this option is enabled, when a partial delivery
318message has no more data to be received, then a subsequent
319read may return a different message that is ready for delivery.
320By default this option is off since the user must be using the
321extended API's to be able to tell the difference between
322messages (via the stream and stream sequence number).
323.It Dv SCTP_AUTH_CHUNK
324By default only the dynamic addressing chunks are
325authenticated.
326This option lets a user request an
327additional chunk be authenticated as well.
328Note that successive calls to this option will work and continue
329to add more chunks that require authentication.
330Note that this option only effects future associations and
331not existing ones.
332.It Dv SCTP_AUTH_KEY
333This option allows a user to specify a shared
334key that can be later used to authenticate
335a peer.
336.It Dv SCTP_HMAC_IDENT
337This option will let you get or set the list of
338HMAC algorithms used to authenticate peers.
339Note that the HMAC values are in priority order where
340the first HMAC identifier is the most preferred
341and the last is the least preferred.
342.It Dv SCTP_AUTH_ACTIVE_KEY
343This option allows you to make a key active for
344the generation of authentication information.
345Note that the peer must have the same key or else the
346data will be discarded.
347.It Dv SCTP_AUTH_DELETE_KEY
348This option allows you to delete an old key.
349.It Dv SCTP_USE_EXT_RECVINFO
350The sockets api document allows an extended
351send/receive information structure to be used.
352The extended structure includes additional fields
353related to the next message to be received (after the
354current receive completes) if such information is known.
355By default the system will not pass this information.
356This option allows the user to request this information.
357.It Dv SCTP_AUTO_ASCONF
358By default when bound to all address and the system administrator has
359enables automatic dynamic addresses, the
360.Tn SCTP
361stack will automatically generate address changes into add and
362delete requests to any peers by setting this option to
363true.
364This option allows an endpoint to disable that behavior.
365.It Dv SCTP_MAXBURST
366By default
367.Tn SCTP
368implements micro-burst control so that as the congestion window
369opens up no large burst of packets can be generated.
370The default burst limit is four.
371This option lets the user change this value.
372.It Dv SCTP_CONTEXT
373Many sctp extended calls have a context field.
374The context field is a 32 bit opaque value that will be returned in
375send failures.
376This option lets the caller set the default
377context value to use when none is provided by the user.
378.It Dv SCTP_EXPLICIT_EOR
379By default, a single send is a complete message.
380.Tn SCTP
381generates an implied record boundary.
382If this option is enabled, then all sends are part of the same message
383until the user indicates an end of record with the
384special flag
385.Dv SCTP_EOR
386passed in the sctp_sndrcvinfo flags field.
387This effectively makes all sends part of the same message
388until the user specifies differently.
389This means that a caller must NOT change the stream number until
390after the
391.Dv SCTP_EOR
392is passed to
393.Tn SCTP
394else an error will be returned.
395.It Dv SCTP_STATUS
396This option is a read-only option that returns
397various status information about the specified association.
398.It Dv SCTP_GET_PEER_ADDR_INFO
399This read-only option returns information about a peer
400address.
401.It Dv SCTP_PEER_AUTH_CHUNKS
402This read-only option returns a list of the chunks
403the peer requires to be authenticated.
404.It Dv SCTP_LOCAL_AUTH_CHUNKS
405This read-only option returns a list of the locally
406required chunks that must be authenticated.
407.It Dv SCTP_RESET_STREAMS
408This socket option is used to cause a stream sequence
409number or all stream sequence numbers to be reset.
410Note that the peer
411.Tn SCTP
412endpoint must also support the stream reset extension
413as well.
414.El
415.Ss MIB Variables
416The
417.Tn SCTP
418protocol implements a number of variables in the
419.Va net.inet.sctp
420branch of the
421.Xr sysctl 3
422MIB.
423.Bl -ohang
424.It Sy Congestion Control
425.Bl -tag -width indent
426.It Va default_cc_module
427Default congestion control module.
428Default value is 0.
429The minimum is 0, and the maximum is 3.
430A value of 0 enables the default congestion control algorithm.
431A value of 1 enables the High Speed congestion control algorithm.
432A value of 2 enables the HTCP congestion control algorithm.
433A value of 3 enables the data center congestion control (DCCC) algorithm.
434.It Va initial_cwnd
435Defines the initial congestion window size in MTUs.
436.It Va cwnd_maxburst
437Use congestion control instead of 'blind' logic to limit maximum burst when sending.
438Default value is 1. May be set to 0 or 1.
439.It Va ecn_enable
440Enable Explicit Congestion Notification (ECN).
441Default value is 1. May be set to 0 or 1.
442.It Va rttvar_steady_step
443Number of identical bandwidth measurements DCCC takes to try step down the congestion window.
444Default value is 20.
445The minimum is 0, and the maximum is 65535.
446.It Va rttvar_eqret
447Whether DCCC reduces the congestion window size when round-trip time and bandwidth remain unchanged.
448Default value is 0.
449May be set to 0 or 1.
450.It Va rttvar_bw
451Shift amount DCCC uses for bandwidth smoothing on round-trip-time calculation.
452Default value is 4.
453The minimum is 0, and the maximum is 32.
454.It Va rttvar_rtt
455Shift amount DCCC uses for round-trip-time smoothing on round-trip-time calculation.
456Default value is 5.
457The minimum is 0, and the maximum is 32.
458.It Va use_dcccecn
459Enable ECN when using DCCC.
460Default value is 1.
461May be set to 0 or 1.
462.El
463.It Sy Misc
464.Bl -tag -width indent
465.It Va getcred
466Get the ucred of a SCTP connection.
467.It Va assoclist
468List of active SCTP associations.
469.It Va stats
470SCTP statistics (struct sctp_stat).
471.It Va diag_info_code
472Diagnostic information error cause code.
473.It Va blackhole
474Enable SCTP blackholing.
475See
476.Xr blackhole 4
477for more details.
478.It Va sendall_limit
479Maximum message size (in bytes) that can be transmitted with SCTP_SENDALL flags set.
480.It Va buffer_splitting
481Enable send/receive buffer splitting.
482.It Va vtag_time_wait
483Vtag wait time in seconds, 0 to disable.
484.It Va nat_friendly_init
485Enable sending of the NAT-friendly SCTP option on INITs.
486.It Va enable_sack_immediately
487Enable sending of the SACK-IMMEDIATELY bit.
488.It Va udp_tunneling_port
489Set the SCTP/UDP tunneling port.
490.It Va mobility_fasthandoff
491Enable SCTP fast handoff.
492.It Va mobility_base
493Enable SCTP base mobility
494.It Va default_frag_interleave
495Default fragment interleave level.
496.It Va default_ss_module
497Default stream scheduling module.
498.It Va log_level
499Ltrace/KTR trace logging level.
500.It Va max_retran_chunk
501Number of retransmissions of a DATA chunk before an association is aborted.
502.It Va min_residual
503Minimum residual data chunk in second part of split.
504.It Va strict_data_order
505Enforce strict data ordering, abort if control inside data.
506.It Va abort_at_limit
507Abort when one-to-one hits qlimit.
508.It Va hb_max_burst
509Confirmation heartbeat max burst.
510.It Va do_sctp_drain
511Flush chunks in receive queues with TSN higher than the cumulative TSN if the
512system is low on mbufs.
513.It Va max_chained_mbufs
514Default max number of small mbufs on a chain.
515.It Va abc_l_var
516SCTP ABC max increase per SACK (L).
517.It Va nat_friendly
518SCTP NAT friendly operation.
519.It Va cmt_use_dac
520CMT DAC on/off flag.
521.It Va cmt_on_off
522CMT settings.
523.It Va outgoing_streams
524Default number of outgoing streams.
525.It Va incoming_streams
526Default number of incoming streams.
527.It Va add_more_on_output
528When space-wise is it worthwhile to try to add more to a socket send buffer.
529.It Va path_pf_threshold
530Default potentially failed threshold.
531.It Va path_rtx_max
532Default maximum of retransmissions per path.
533.It Va assoc_rtx_max
534Default maximum number of retransmissions per association.
535.It Va init_rtx_max
536Default maximum number of retransmissions for INIT chunks.
537.It Va valid_cookie_life
538Default cookie lifetime in seconds.
539.It Va init_rto_max
540Default maximum retransmission timeout during association setup in ms.
541.It Va rto_initial
542Default initial retransmission timeout in ms.
543.It Va rto_min
544Default minimum retransmission timeout in ms.
545.It Va rto_max
546Default maximum retransmission timeout in ms.
547.It Va secret_lifetime
548Default secret lifetime in seconds.
549.It Va shutdown_guard_time
550Shutdown guard timer in seconds (0 means 5 times RTO.Max).
551.It Va pmtu_raise_time
552Default PMTU raise timer in seconds.
553.It Va heartbeat_interval
554Default heartbeat interval in ms.
555.It Va asoc_resource
556Max number of cached resources in an association.
557.It Va sys_resource
558Max number of cached resources in the system.
559.It Va sack_freq
560Default SACK frequency.
561.It Va delayed_sack_time
562Default delayed SACK timer in ms.
563.It Va chunkscale
564Tunable for scaling of number of chunks and messages.
565.It Va min_split_point
566Minimum size when splitting a chunk.
567.It Va pcbhashsize
568Tunable for PCB hash table sizes.
569.It Va tcbhashsize
570Tunable for TCB hash table sizes.
571.It Va maxchunks
572Default max chunks on queue per association.
573.It Va fr_maxburst
574Default max burst for SCTP endpoints when fast retransmitting.
575.It Va maxburst
576Default max burst for SCTP endpoints.
577.It Va peer_chkoh
578Amount to debit peers rwnd per chunk sent.
579.It Va strict_sacks
580Enable SCTP Strict SACK checking.
581.It Va pktdrop_enable
582Enable SCTP PKTDROP.
583.It Va nrsack_enable
584Enable SCTP NR-SACK.
585.It Va reconfig_enable
586Enable SCTP RE-CONFIG.
587.It Va asconf_enable
588Enable SCTP ASCONF.
589.It Va auth_enable
590Enable SCTP AUTH.
591.It Va pr_enable
592Enable PR-SCTP.
593.It Va auto_asconf
594Enable SCTP Auto-ASCONF.
595.It Va recvspace
596Maximum incoming SCTP buffer size.
597.It Va sendspace
598Maximum outgoing SCTP buffer size.
599.El
600.El
601.Sh SEE ALSO
602.Xr accept 2 ,
603.Xr bind 2 ,
604.Xr connect 2 ,
605.Xr listen 2 ,
606.Xr sctp_bindx 3 ,
607.Xr sctp_connectx 3 ,
608.Xr sctp_opt_info 3 ,
609.Xr sctp_recvmsg 3 ,
610.Xr sctp_sendmsg 3 ,
611.Xr blackhole 4
612