xref: /freebsd/share/man/man4/sctp.4 (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1.\" Copyright (c) 2006, Randall Stewart.
2.\"
3.\" Redistribution and use in source and binary forms, with or without
4.\" modification, are permitted provided that the following conditions
5.\" are met:
6.\" 1. Redistributions of source code must retain the above copyright
7.\"    notice, this list of conditions and the following disclaimer.
8.\" 2. Redistributions in binary form must reproduce the above copyright
9.\"    notice, this list of conditions and the following disclaimer in the
10.\"    documentation and/or other materials provided with the distribution.
11.\" 3. Neither the name of the University nor the names of its contributors
12.\"    may be used to endorse or promote products derived from this software
13.\"    without specific prior written permission.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25.\" SUCH DAMAGE.
26.\"
27.Dd June 21, 2023
28.Dt SCTP 4
29.Os
30.Sh NAME
31.Nm sctp
32.Nd Internet Stream Control Transmission Protocol
33.Sh SYNOPSIS
34.Cd "options SCTP"
35.Cd "options SCTP_SUPPORT"
36.Pp
37.In sys/types.h
38.In sys/socket.h
39.In netinet/sctp.h
40.Ft int
41.Fn socket AF_INET SOCK_STREAM IPPROTO_SCTP
42.Ft int
43.Fn socket AF_INET SOCK_SEQPACKET IPPROTO_SCTP
44.Sh DESCRIPTION
45The
46.Tn SCTP
47protocol provides reliable, flow-controlled, two-way
48transmission of data.
49It is a message oriented protocol and can
50support the
51.Dv SOCK_STREAM
52and
53.Dv SOCK_SEQPACKET
54abstractions.
55.Tn SCTP
56uses the standard
57Internet address format and, in addition, provides a per-host
58collection of
59.Dq "port addresses" .
60Thus, each address is composed of an Internet address specifying
61the host and network, with a specific
62.Tn SCTP
63port on the host identifying the peer entity.
64.Pp
65There are two models of programming in SCTP.
66The first uses the
67.Dv SOCK_STREAM
68abstraction.
69In this abstraction sockets utilizing the
70.Tn SCTP
71protocol are either
72.Dq active
73or
74.Dq passive .
75Active sockets initiate connections to passive
76sockets.
77By default,
78.Tn SCTP
79sockets are created active; to create a
80passive socket, the
81.Xr listen 2
82system call must be used after binding the socket with the
83.Xr bind 2
84or
85.Xr sctp_bindx 3
86system calls.
87Only passive sockets may use the
88.Xr accept 2
89call to accept incoming connections.
90Only active sockets may use the
91.Xr connect 2
92call to initiate connections.
93.Pp
94The other abstraction
95.Dv SOCK_SEQPACKET
96provides a
97.Dq connectionless
98mode of operation in that the user may send to an address
99(using any of the valid send calls that carry a
100socket address) and an association will be setup
101implicitly by the underlying
102.Tn SCTP
103transport stack.
104This abstraction is the only one capable of sending data on the
105third leg of the four-way handshake.
106A user must still call
107.Xr listen 2
108to allow the socket to accept connections.
109Calling
110.Xr listen 2
111however does not restrict the user from still initiating
112implicit connections to other peers.
113.Pp
114The
115.Tn SCTP
116protocol directly supports multi-homing.
117So when binding a socket with the
118.Dq wildcard
119address
120.Dv INADDR_ANY ,
121the
122.Tn SCTP
123stack will inform the peer about all of the local addresses
124that are deemed in scope of the peer.
125The peer will then possibly have multiple paths to reach the local host.
126.Pp
127The
128.Tn SCTP
129transport protocol is also multi-streamed.
130Multi-streaming refers to the ability to send sub-ordered flows of
131messages.
132A user performs this by specifying a specific stream in one of the
133extended send calls such as the
134.Xr sctp_send 3
135function call.
136Sending messages on different streams will allow parallel delivery
137of data i.e., a message loss in stream 1 will not block the delivery
138of messages sent in stream 2.
139.Pp
140The
141.Tn SCTP
142transport protocol also provides a unordered service as well.
143The unordered service allows a message to be sent and delivered
144with no regard to the ordering of any other message.
145.Pp
146The
147.Tn SCTP
148kernel implementation may either be compiled into the kernel, or loaded
149dynamically as a module.
150To support dynamic loading of the stack, the kernel must be compiled
151with
152.Cd "options SCTP_SUPPORT" .
153.Ss Extensions
154The
155.Fx
156implementation of
157.Tn SCTP
158also supports the following extensions:
159.Bl -tag -width "sctp partial reliability"
160.It "sctp partial reliability"
161This extension allows one to have message be skipped and
162not delivered based on some user specified parameters.
163.It "sctp dynamic addressing"
164This extension allows addresses to be added and deleted
165dynamically from an existing association.
166.It "sctp authentication"
167This extension allows the user to authenticate specific
168peer chunks (including data) to validate that the peer
169who sent the message is in fact the peer who setup the
170association.
171A shared key option is also provided for
172so that two stacks can pre-share keys.
173.It "packet drop"
174Some routers support a special satellite protocol that
175will report losses due to corruption.
176This allows retransmissions without subsequent loss in bandwidth
177utilization.
178.It "stream reset"
179This extension allows a user on either side to reset the
180stream sequence numbers used by any or all streams.
181.El
182.Ss Socket Options
183.Tn SCTP
184supports a number of socket options which can be set with
185.Xr setsockopt 2
186and tested with
187.Xr getsockopt 2
188or
189.Xr sctp_opt_info 3 :
190.Bl -tag -width indent
191.It Dv SCTP_NODELAY
192Under most circumstances,
193.Tn SCTP
194sends data when it is presented; when outstanding data has not
195yet been acknowledged, it gathers small amounts of output to be
196sent in a single packet once an acknowledgement is received.
197For some clients, such as window systems that send a stream of
198mouse events which receive no replies, this packetization may
199cause significant delays.
200The boolean option
201.Dv SCTP_NODELAY
202defeats this algorithm.
203.It Dv SCTP_RTOINFO
204This option returns specific information about an associations
205.Dq "Retransmission Time Out" .
206It can also be used to change the default values.
207.It Dv SCTP_ASSOCINFO
208This option returns specific information about the requested
209association.
210.It Dv SCTP_INITMSG
211This option allows you to get or set the default sending
212parameters when an association is implicitly setup.
213It allows you to change such things as the maximum number of
214streams allowed inbound and the number of streams requested
215of the peer.
216.It Dv SCTP_AUTOCLOSE
217For the one-to-many model
218.Dv ( SOCK_SEQPACKET )
219associations are setup implicitly.
220This option allows the user to specify a default number of idle
221seconds to allow the association be maintained.
222After the idle timer (where no user message have been sent or have
223been received from the peer) the association will be gracefully
224closed.
225The default for this value is 0, or unlimited (i.e., no automatic
226close).
227.It Dv SCTP_SET_PEER_PRIMARY_ADDR
228The dynamic address extension allows a peer to also request a
229particular address of its be made into the primary address.
230This option allows the caller to make such a request to a peer.
231Note that if the peer does not also support the dynamic address
232extension, this call will fail.
233Note the caller must provide a valid local address that the peer has
234been told about during association setup or dynamically.
235.It Dv SCTP_PRIMARY_ADDR
236This option allows the setting of the primary address
237that the caller wishes to send to.
238The caller provides the address of a peer that is to be made primary.
239.It Dv SCTP_ADAPTATION_LAYER
240The dynamic address extension also allows a user to
241pass a 32 bit opaque value upon association setup.
242This option allows a user to set or get this value.
243.It Dv SCTP_DISABLE_FRAGMENTS
244By default
245.Tn SCTP
246will fragment user messages into multiple pieces that
247will fit on the network and then later, upon reception, reassemble
248the pieces into a single user message.
249If this option is enabled instead, any send that exceeds the path
250maximum transfer unit (P-MTU) will fail and the message will NOT be
251sent.
252.It Dv SCTP_PEER_ADDR_PARAMS
253This option will allow a user to set or get specific
254peer address parameters.
255.It Dv SCTP_DEFAULT_SEND_PARAM
256When a user does not use one of the extended send
257calls (e.g.,
258.Xr sctp_sendmsg 3 )
259a set of default values apply to each send.
260These values include things like the stream number to send
261to as well as the per-protocol id.
262This option lets a caller both get and set these values.
263If the user changes these default values, then these new values will
264be used as the default whenever no information is provided by the
265sender (i.e., the non-extended API is used).
266.It Dv SCTP_EVENTS
267.Tn SCTP
268has non-data events that it can communicate
269to its application.
270By default these are all disabled since they arrive in the data path
271with a special flag
272.Dv MSG_NOTIFICATION
273set upon the received message.
274This option lets a caller
275both get what events are current being received
276as well as set different events that they may be interested
277in receiving.
278.It Dv SCTP_I_WANT_MAPPED_V4_ADDR
279.Tn SCTP
280supports both IPV4 and IPV6.
281An association may span both IPV4 and IPV6 addresses since
282.Tn SCTP
283is multi-homed.
284By default, when opening an IPV6 socket, when
285data arrives on the socket from a peer's
286V4 address the V4 address  will be presented with an address family
287of AF_INET.
288If this is undesirable, then this option
289can be enabled which will then convert all V4 addresses
290into mapped V6 representations.
291.It Dv SCTP_MAXSEG
292By default
293.Tn SCTP
294chooses its message fragmentation point
295based upon the smallest P-MTU of the peer.
296This option lets the caller set it to a smaller value.
297Note that while the user can change this value, if the P-MTU
298is smaller than the value set by the user, then the P-MTU
299value will override any user setting.
300.It Dv SCTP_DELAYED_SACK
301This option lets the user both set and get the
302delayed ack time (in milliseconds) and the ack frequency that
303.Tn SCTP
304is using.
305The default delayed ack time is 200 milliseconds and the default
306ack frequency is 2.
307.It Dv SCTP_PARTIAL_DELIVERY_POINT
308.Tn SCTP
309at times may need to start delivery of a
310very large message before the entire message has
311arrived.
312By default SCTP waits until the incoming
313message is larger than one fourth of the receive
314buffer.
315This option allows the stacks value
316to be overridden with a smaller value.
317.It Dv SCTP_FRAGMENT_INTERLEAVE
318.Tn SCTP
319at times will start partial delivery (as mentioned above).
320In the normal case successive reads will continue to return
321the rest of the message, blocking if needed, until all of
322that message is read.
323However this means other messages may have arrived and be ready
324for delivery and be blocked behind the message being partially
325delivered.
326If this option is enabled, when a partial delivery
327message has no more data to be received, then a subsequent
328read may return a different message that is ready for delivery.
329By default this option is off since the user must be using the
330extended API's to be able to tell the difference between
331messages (via the stream and stream sequence number).
332.It Dv SCTP_AUTH_CHUNK
333By default only the dynamic addressing chunks are
334authenticated.
335This option lets a user request an
336additional chunk be authenticated as well.
337Note that successive calls to this option will work and continue
338to add more chunks that require authentication.
339Note that this option only effects future associations and
340not existing ones.
341.It Dv SCTP_AUTH_KEY
342This option allows a user to specify a shared
343key that can be later used to authenticate
344a peer.
345.It Dv SCTP_HMAC_IDENT
346This option will let you get or set the list of
347HMAC algorithms used to authenticate peers.
348Note that the HMAC values are in priority order where
349the first HMAC identifier is the most preferred
350and the last is the least preferred.
351.It Dv SCTP_AUTH_ACTIVE_KEY
352This option allows you to make a key active for
353the generation of authentication information.
354Note that the peer must have the same key or else the
355data will be discarded.
356.It Dv SCTP_AUTH_DELETE_KEY
357This option allows you to delete an old key.
358.It Dv SCTP_USE_EXT_RECVINFO
359The sockets api document allows an extended
360send/receive information structure to be used.
361The extended structure includes additional fields
362related to the next message to be received (after the
363current receive completes) if such information is known.
364By default the system will not pass this information.
365This option allows the user to request this information.
366.It Dv SCTP_AUTO_ASCONF
367By default when bound to all address and the system administrator has
368enables automatic dynamic addresses, the
369.Tn SCTP
370stack will automatically generate address changes into add and
371delete requests to any peers by setting this option to
372true.
373This option allows an endpoint to disable that behavior.
374.It Dv SCTP_MAXBURST
375By default
376.Tn SCTP
377implements micro-burst control so that as the congestion window
378opens up no large burst of packets can be generated.
379The default burst limit is four.
380This option lets the user change this value.
381.It Dv SCTP_CONTEXT
382Many sctp extended calls have a context field.
383The context field is a 32 bit opaque value that will be returned in
384send failures.
385This option lets the caller set the default
386context value to use when none is provided by the user.
387.It Dv SCTP_EXPLICIT_EOR
388By default, a single send is a complete message.
389.Tn SCTP
390generates an implied record boundary.
391If this option is enabled, then all sends are part of the same message
392until the user indicates an end of record with the
393special flag
394.Dv SCTP_EOR
395passed in the sctp_sndrcvinfo flags field.
396This effectively makes all sends part of the same message
397until the user specifies differently.
398This means that a caller must NOT change the stream number until
399after the
400.Dv SCTP_EOR
401is passed to
402.Tn SCTP
403else an error will be returned.
404.It Dv SCTP_STATUS
405This option is a read-only option that returns
406various status information about the specified association.
407.It Dv SCTP_GET_PEER_ADDR_INFO
408This read-only option returns information about a peer
409address.
410.It Dv SCTP_PEER_AUTH_CHUNKS
411This read-only option returns a list of the chunks
412the peer requires to be authenticated.
413.It Dv SCTP_LOCAL_AUTH_CHUNKS
414This read-only option returns a list of the locally
415required chunks that must be authenticated.
416.It Dv SCTP_RESET_STREAMS
417This socket option is used to cause a stream sequence
418number or all stream sequence numbers to be reset.
419Note that the peer
420.Tn SCTP
421endpoint must also support the stream reset extension
422as well.
423.El
424.Ss MIB Variables
425The
426.Tn SCTP
427protocol implements a number of variables in the
428.Va net.inet.sctp
429branch of the
430.Xr sysctl 3
431MIB.
432.Bl -ohang
433.It Sy Congestion Control
434.Bl -tag -width indent
435.It Va default_cc_module
436Default congestion control module.
437Default value is 0.
438The minimum is 0, and the maximum is 3.
439A value of 0 enables the default congestion control algorithm.
440A value of 1 enables the High Speed congestion control algorithm.
441A value of 2 enables the HTCP congestion control algorithm.
442A value of 3 enables the data center congestion control (DCCC) algorithm.
443.It Va initial_cwnd
444Defines the initial congestion window size in MTUs.
445.It Va cwnd_maxburst
446Use congestion control instead of 'blind' logic to limit maximum burst when sending.
447Default value is 1. May be set to 0 or 1.
448.It Va ecn_enable
449Enable Explicit Congestion Notification (ECN).
450Default value is 1. May be set to 0 or 1.
451.It Va rttvar_steady_step
452Number of identical bandwidth measurements DCCC takes to try step down the congestion window.
453Default value is 20.
454The minimum is 0, and the maximum is 65535.
455.It Va rttvar_eqret
456Whether DCCC reduces the congestion window size when round-trip time and bandwidth remain unchanged.
457Default value is 0.
458May be set to 0 or 1.
459.It Va rttvar_bw
460Shift amount DCCC uses for bandwidth smoothing on round-trip-time calculation.
461Default value is 4.
462The minimum is 0, and the maximum is 32.
463.It Va rttvar_rtt
464Shift amount DCCC uses for round-trip-time smoothing on round-trip-time calculation.
465Default value is 5.
466The minimum is 0, and the maximum is 32.
467.It Va use_dcccecn
468Enable ECN when using DCCC.
469Default value is 1.
470May be set to 0 or 1.
471.El
472.It Sy Misc
473.Bl -tag -width indent
474.It Va getcred
475Get the ucred of a SCTP connection.
476.It Va assoclist
477List of active SCTP associations.
478.It Va stats
479SCTP statistics (struct sctp_stat).
480.It Va diag_info_code
481Diagnostic information error cause code.
482.It Va blackhole
483Enable SCTP blackholing.
484See
485.Xr blackhole 4
486for more details.
487.It Va sendall_limit
488Maximum message size (in bytes) that can be transmitted with SCTP_SENDALL flags set.
489.It Va buffer_splitting
490Enable send/receive buffer splitting.
491.It Va vtag_time_wait
492Vtag wait time in seconds, 0 to disable.
493.It Va nat_friendly_init
494Enable sending of the NAT-friendly SCTP option on INITs.
495.It Va enable_sack_immediately
496Enable sending of the SACK-IMMEDIATELY bit.
497.It Va udp_tunneling_port
498Set the SCTP/UDP tunneling port.
499.It Va mobility_fasthandoff
500Enable SCTP fast handoff.
501.It Va mobility_base
502Enable SCTP base mobility
503.It Va default_frag_interleave
504Default fragment interleave level.
505.It Va default_ss_module
506Default stream scheduling module.
507.It Va log_level
508Ltrace/KTR trace logging level.
509.It Va max_retran_chunk
510Number of retransmissions of a DATA chunk before an association is aborted.
511.It Va min_residual
512Minimum residual data chunk in second part of split.
513.It Va strict_data_order
514Enforce strict data ordering, abort if control inside data.
515.It Va abort_at_limit
516Abort when one-to-one hits qlimit.
517.It Va hb_max_burst
518Confirmation heartbeat max burst.
519.It Va do_sctp_drain
520Flush chunks in receive queues with TSN higher than the cumulative TSN if the
521system is low on mbufs.
522.It Va max_chained_mbufs
523Default max number of small mbufs on a chain.
524.It Va abc_l_var
525SCTP ABC max increase per SACK (L).
526.It Va nat_friendly
527SCTP NAT friendly operation.
528.It Va cmt_use_dac
529CMT DAC on/off flag.
530.It Va cmt_on_off
531CMT settings.
532.It Va outgoing_streams
533Default number of outgoing streams.
534.It Va incoming_streams
535Default number of incoming streams.
536.It Va add_more_on_output
537When space-wise is it worthwhile to try to add more to a socket send buffer.
538.It Va path_pf_threshold
539Default potentially failed threshold.
540.It Va path_rtx_max
541Default maximum of retransmissions per path.
542.It Va assoc_rtx_max
543Default maximum number of retransmissions per association.
544.It Va init_rtx_max
545Default maximum number of retransmissions for INIT chunks.
546.It Va valid_cookie_life
547Default cookie lifetime in seconds.
548.It Va init_rto_max
549Default maximum retransmission timeout during association setup in ms.
550.It Va rto_initial
551Default initial retransmission timeout in ms.
552.It Va rto_min
553Default minimum retransmission timeout in ms.
554.It Va rto_max
555Default maximum retransmission timeout in ms.
556.It Va secret_lifetime
557Default secret lifetime in seconds.
558.It Va shutdown_guard_time
559Shutdown guard timer in seconds (0 means 5 times RTO.Max).
560.It Va pmtu_raise_time
561Default PMTU raise timer in seconds.
562.It Va heartbeat_interval
563Default heartbeat interval in ms.
564.It Va asoc_resource
565Max number of cached resources in an association.
566.It Va sys_resource
567Max number of cached resources in the system.
568.It Va sack_freq
569Default SACK frequency.
570.It Va delayed_sack_time
571Default delayed SACK timer in ms.
572.It Va chunkscale
573Tunable for scaling of number of chunks and messages.
574.It Va min_split_point
575Minimum size when splitting a chunk.
576.It Va pcbhashsize
577Tunable for PCB hash table sizes.
578.It Va tcbhashsize
579Tunable for TCB hash table sizes.
580.It Va maxchunks
581Default max chunks on queue per association.
582.It Va fr_maxburst
583Default max burst for SCTP endpoints when fast retransmitting.
584.It Va maxburst
585Default max burst for SCTP endpoints.
586.It Va peer_chkoh
587Amount to debit peers rwnd per chunk sent.
588.It Va strict_sacks
589Enable SCTP Strict SACK checking.
590.It Va pktdrop_enable
591Enable SCTP PKTDROP.
592.It Va nrsack_enable
593Enable SCTP NR-SACK.
594.It Va reconfig_enable
595Enable SCTP RE-CONFIG.
596.It Va asconf_enable
597Enable SCTP ASCONF.
598.It Va auth_enable
599Enable SCTP AUTH.
600.It Va pr_enable
601Enable PR-SCTP.
602.It Va auto_asconf
603Enable SCTP Auto-ASCONF.
604.It Va recvspace
605Maximum incoming SCTP buffer size.
606.It Va sendspace
607Maximum outgoing SCTP buffer size.
608.El
609.El
610.Sh SEE ALSO
611.Xr accept 2 ,
612.Xr bind 2 ,
613.Xr connect 2 ,
614.Xr listen 2 ,
615.Xr sctp_bindx 3 ,
616.Xr sctp_connectx 3 ,
617.Xr sctp_opt_info 3 ,
618.Xr sctp_recvmsg 3 ,
619.Xr sctp_sendmsg 3 ,
620.Xr blackhole 4
621.Sh BUGS
622The
623.Nm
624kernel module cannot be unloaded.
625