1.\" Copyright (c) 2006, Randall Stewart. 2.\" 3.\" Redistribution and use in source and binary forms, with or without 4.\" modification, are permitted provided that the following conditions 5.\" are met: 6.\" 1. Redistributions of source code must retain the above copyright 7.\" notice, this list of conditions and the following disclaimer. 8.\" 2. Redistributions in binary form must reproduce the above copyright 9.\" notice, this list of conditions and the following disclaimer in the 10.\" documentation and/or other materials provided with the distribution. 11.\" 3. Neither the name of the University nor the names of its contributors 12.\" may be used to endorse or promote products derived from this software 13.\" without specific prior written permission. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" $FreeBSD$ 28.\" 29.Dd June 21, 2023 30.Dt SCTP 4 31.Os 32.Sh NAME 33.Nm sctp 34.Nd Internet Stream Control Transmission Protocol 35.Sh SYNOPSIS 36.Cd "options SCTP" 37.Cd "options SCTP_SUPPORT" 38.Pp 39.In sys/types.h 40.In sys/socket.h 41.In netinet/sctp.h 42.Ft int 43.Fn socket AF_INET SOCK_STREAM IPPROTO_SCTP 44.Ft int 45.Fn socket AF_INET SOCK_SEQPACKET IPPROTO_SCTP 46.Sh DESCRIPTION 47The 48.Tn SCTP 49protocol provides reliable, flow-controlled, two-way 50transmission of data. 51It is a message oriented protocol and can 52support the 53.Dv SOCK_STREAM 54and 55.Dv SOCK_SEQPACKET 56abstractions. 57.Tn SCTP 58uses the standard 59Internet address format and, in addition, provides a per-host 60collection of 61.Dq "port addresses" . 62Thus, each address is composed of an Internet address specifying 63the host and network, with a specific 64.Tn SCTP 65port on the host identifying the peer entity. 66.Pp 67There are two models of programming in SCTP. 68The first uses the 69.Dv SOCK_STREAM 70abstraction. 71In this abstraction sockets utilizing the 72.Tn SCTP 73protocol are either 74.Dq active 75or 76.Dq passive . 77Active sockets initiate connections to passive 78sockets. 79By default, 80.Tn SCTP 81sockets are created active; to create a 82passive socket, the 83.Xr listen 2 84system call must be used after binding the socket with the 85.Xr bind 2 86or 87.Xr sctp_bindx 3 88system calls. 89Only passive sockets may use the 90.Xr accept 2 91call to accept incoming connections. 92Only active sockets may use the 93.Xr connect 2 94call to initiate connections. 95.Pp 96The other abstraction 97.Dv SOCK_SEQPACKET 98provides a 99.Dq connectionless 100mode of operation in that the user may send to an address 101(using any of the valid send calls that carry a 102socket address) and an association will be setup 103implicitly by the underlying 104.Tn SCTP 105transport stack. 106This abstraction is the only one capable of sending data on the 107third leg of the four-way handshake. 108A user must still call 109.Xr listen 2 110to allow the socket to accept connections. 111Calling 112.Xr listen 2 113however does not restrict the user from still initiating 114implicit connections to other peers. 115.Pp 116The 117.Tn SCTP 118protocol directly supports multi-homing. 119So when binding a socket with the 120.Dq wildcard 121address 122.Dv INADDR_ANY , 123the 124.Tn SCTP 125stack will inform the peer about all of the local addresses 126that are deemed in scope of the peer. 127The peer will then possibly have multiple paths to reach the local host. 128.Pp 129The 130.Tn SCTP 131transport protocol is also multi-streamed. 132Multi-streaming refers to the ability to send sub-ordered flows of 133messages. 134A user performs this by specifying a specific stream in one of the 135extended send calls such as the 136.Xr sctp_send 3 137function call. 138Sending messages on different streams will allow parallel delivery 139of data i.e., a message loss in stream 1 will not block the delivery 140of messages sent in stream 2. 141.Pp 142The 143.Tn SCTP 144transport protocol also provides a unordered service as well. 145The unordered service allows a message to be sent and delivered 146with no regard to the ordering of any other message. 147.Pp 148The 149.Tn SCTP 150kernel implementation may either be compiled into the kernel, or loaded 151dynamically as a module. 152To support dynamic loading of the stack, the kernel must be compiled 153with 154.Cd "options SCTP_SUPPORT" . 155.Ss Extensions 156The 157.Fx 158implementation of 159.Tn SCTP 160also supports the following extensions: 161.Bl -tag -width "sctp partial reliability" 162.It "sctp partial reliability" 163This extension allows one to have message be skipped and 164not delivered based on some user specified parameters. 165.It "sctp dynamic addressing" 166This extension allows addresses to be added and deleted 167dynamically from an existing association. 168.It "sctp authentication" 169This extension allows the user to authenticate specific 170peer chunks (including data) to validate that the peer 171who sent the message is in fact the peer who setup the 172association. 173A shared key option is also provided for 174so that two stacks can pre-share keys. 175.It "packet drop" 176Some routers support a special satellite protocol that 177will report losses due to corruption. 178This allows retransmissions without subsequent loss in bandwidth 179utilization. 180.It "stream reset" 181This extension allows a user on either side to reset the 182stream sequence numbers used by any or all streams. 183.El 184.Ss Socket Options 185.Tn SCTP 186supports a number of socket options which can be set with 187.Xr setsockopt 2 188and tested with 189.Xr getsockopt 2 190or 191.Xr sctp_opt_info 3 : 192.Bl -tag -width indent 193.It Dv SCTP_NODELAY 194Under most circumstances, 195.Tn SCTP 196sends data when it is presented; when outstanding data has not 197yet been acknowledged, it gathers small amounts of output to be 198sent in a single packet once an acknowledgement is received. 199For some clients, such as window systems that send a stream of 200mouse events which receive no replies, this packetization may 201cause significant delays. 202The boolean option 203.Dv SCTP_NODELAY 204defeats this algorithm. 205.It Dv SCTP_RTOINFO 206This option returns specific information about an associations 207.Dq "Retransmission Time Out" . 208It can also be used to change the default values. 209.It Dv SCTP_ASSOCINFO 210This option returns specific information about the requested 211association. 212.It Dv SCTP_INITMSG 213This option allows you to get or set the default sending 214parameters when an association is implicitly setup. 215It allows you to change such things as the maximum number of 216streams allowed inbound and the number of streams requested 217of the peer. 218.It Dv SCTP_AUTOCLOSE 219For the one-to-many model 220.Dv ( SOCK_SEQPACKET ) 221associations are setup implicitly. 222This option allows the user to specify a default number of idle 223seconds to allow the association be maintained. 224After the idle timer (where no user message have been sent or have 225been received from the peer) the association will be gracefully 226closed. 227The default for this value is 0, or unlimited (i.e., no automatic 228close). 229.It Dv SCTP_SET_PEER_PRIMARY_ADDR 230The dynamic address extension allows a peer to also request a 231particular address of its be made into the primary address. 232This option allows the caller to make such a request to a peer. 233Note that if the peer does not also support the dynamic address 234extension, this call will fail. 235Note the caller must provide a valid local address that the peer has 236been told about during association setup or dynamically. 237.It Dv SCTP_PRIMARY_ADDR 238This option allows the setting of the primary address 239that the caller wishes to send to. 240The caller provides the address of a peer that is to be made primary. 241.It Dv SCTP_ADAPTATION_LAYER 242The dynamic address extension also allows a user to 243pass a 32 bit opaque value upon association setup. 244This option allows a user to set or get this value. 245.It Dv SCTP_DISABLE_FRAGMENTS 246By default 247.Tn SCTP 248will fragment user messages into multiple pieces that 249will fit on the network and then later, upon reception, reassemble 250the pieces into a single user message. 251If this option is enabled instead, any send that exceeds the path 252maximum transfer unit (P-MTU) will fail and the message will NOT be 253sent. 254.It Dv SCTP_PEER_ADDR_PARAMS 255This option will allow a user to set or get specific 256peer address parameters. 257.It Dv SCTP_DEFAULT_SEND_PARAM 258When a user does not use one of the extended send 259calls (e.g., 260.Xr sctp_sendmsg 3 ) 261a set of default values apply to each send. 262These values include things like the stream number to send 263to as well as the per-protocol id. 264This option lets a caller both get and set these values. 265If the user changes these default values, then these new values will 266be used as the default whenever no information is provided by the 267sender (i.e., the non-extended API is used). 268.It Dv SCTP_EVENTS 269.Tn SCTP 270has non-data events that it can communicate 271to its application. 272By default these are all disabled since they arrive in the data path 273with a special flag 274.Dv MSG_NOTIFICATION 275set upon the received message. 276This option lets a caller 277both get what events are current being received 278as well as set different events that they may be interested 279in receiving. 280.It Dv SCTP_I_WANT_MAPPED_V4_ADDR 281.Tn SCTP 282supports both IPV4 and IPV6. 283An association may span both IPV4 and IPV6 addresses since 284.Tn SCTP 285is multi-homed. 286By default, when opening an IPV6 socket, when 287data arrives on the socket from a peer's 288V4 address the V4 address will be presented with an address family 289of AF_INET. 290If this is undesirable, then this option 291can be enabled which will then convert all V4 addresses 292into mapped V6 representations. 293.It Dv SCTP_MAXSEG 294By default 295.Tn SCTP 296chooses its message fragmentation point 297based upon the smallest P-MTU of the peer. 298This option lets the caller set it to a smaller value. 299Note that while the user can change this value, if the P-MTU 300is smaller than the value set by the user, then the P-MTU 301value will override any user setting. 302.It Dv SCTP_DELAYED_SACK 303This option lets the user both set and get the 304delayed ack time (in milliseconds) and the ack frequency that 305.Tn SCTP 306is using. 307The default delayed ack time is 200 milliseconds and the default 308ack frequency is 2. 309.It Dv SCTP_PARTIAL_DELIVERY_POINT 310.Tn SCTP 311at times may need to start delivery of a 312very large message before the entire message has 313arrived. 314By default SCTP waits until the incoming 315message is larger than one fourth of the receive 316buffer. 317This option allows the stacks value 318to be overridden with a smaller value. 319.It Dv SCTP_FRAGMENT_INTERLEAVE 320.Tn SCTP 321at times will start partial delivery (as mentioned above). 322In the normal case successive reads will continue to return 323the rest of the message, blocking if needed, until all of 324that message is read. 325However this means other messages may have arrived and be ready 326for delivery and be blocked behind the message being partially 327delivered. 328If this option is enabled, when a partial delivery 329message has no more data to be received, then a subsequent 330read may return a different message that is ready for delivery. 331By default this option is off since the user must be using the 332extended API's to be able to tell the difference between 333messages (via the stream and stream sequence number). 334.It Dv SCTP_AUTH_CHUNK 335By default only the dynamic addressing chunks are 336authenticated. 337This option lets a user request an 338additional chunk be authenticated as well. 339Note that successive calls to this option will work and continue 340to add more chunks that require authentication. 341Note that this option only effects future associations and 342not existing ones. 343.It Dv SCTP_AUTH_KEY 344This option allows a user to specify a shared 345key that can be later used to authenticate 346a peer. 347.It Dv SCTP_HMAC_IDENT 348This option will let you get or set the list of 349HMAC algorithms used to authenticate peers. 350Note that the HMAC values are in priority order where 351the first HMAC identifier is the most preferred 352and the last is the least preferred. 353.It Dv SCTP_AUTH_ACTIVE_KEY 354This option allows you to make a key active for 355the generation of authentication information. 356Note that the peer must have the same key or else the 357data will be discarded. 358.It Dv SCTP_AUTH_DELETE_KEY 359This option allows you to delete an old key. 360.It Dv SCTP_USE_EXT_RECVINFO 361The sockets api document allows an extended 362send/receive information structure to be used. 363The extended structure includes additional fields 364related to the next message to be received (after the 365current receive completes) if such information is known. 366By default the system will not pass this information. 367This option allows the user to request this information. 368.It Dv SCTP_AUTO_ASCONF 369By default when bound to all address and the system administrator has 370enables automatic dynamic addresses, the 371.Tn SCTP 372stack will automatically generate address changes into add and 373delete requests to any peers by setting this option to 374true. 375This option allows an endpoint to disable that behavior. 376.It Dv SCTP_MAXBURST 377By default 378.Tn SCTP 379implements micro-burst control so that as the congestion window 380opens up no large burst of packets can be generated. 381The default burst limit is four. 382This option lets the user change this value. 383.It Dv SCTP_CONTEXT 384Many sctp extended calls have a context field. 385The context field is a 32 bit opaque value that will be returned in 386send failures. 387This option lets the caller set the default 388context value to use when none is provided by the user. 389.It Dv SCTP_EXPLICIT_EOR 390By default, a single send is a complete message. 391.Tn SCTP 392generates an implied record boundary. 393If this option is enabled, then all sends are part of the same message 394until the user indicates an end of record with the 395special flag 396.Dv SCTP_EOR 397passed in the sctp_sndrcvinfo flags field. 398This effectively makes all sends part of the same message 399until the user specifies differently. 400This means that a caller must NOT change the stream number until 401after the 402.Dv SCTP_EOR 403is passed to 404.Tn SCTP 405else an error will be returned. 406.It Dv SCTP_STATUS 407This option is a read-only option that returns 408various status information about the specified association. 409.It Dv SCTP_GET_PEER_ADDR_INFO 410This read-only option returns information about a peer 411address. 412.It Dv SCTP_PEER_AUTH_CHUNKS 413This read-only option returns a list of the chunks 414the peer requires to be authenticated. 415.It Dv SCTP_LOCAL_AUTH_CHUNKS 416This read-only option returns a list of the locally 417required chunks that must be authenticated. 418.It Dv SCTP_RESET_STREAMS 419This socket option is used to cause a stream sequence 420number or all stream sequence numbers to be reset. 421Note that the peer 422.Tn SCTP 423endpoint must also support the stream reset extension 424as well. 425.El 426.Ss MIB Variables 427The 428.Tn SCTP 429protocol implements a number of variables in the 430.Va net.inet.sctp 431branch of the 432.Xr sysctl 3 433MIB. 434.Bl -ohang 435.It Sy Congestion Control 436.Bl -tag -width indent 437.It Va default_cc_module 438Default congestion control module. 439Default value is 0. 440The minimum is 0, and the maximum is 3. 441A value of 0 enables the default congestion control algorithm. 442A value of 1 enables the High Speed congestion control algorithm. 443A value of 2 enables the HTCP congestion control algorithm. 444A value of 3 enables the data center congestion control (DCCC) algorithm. 445.It Va initial_cwnd 446Defines the initial congestion window size in MTUs. 447.It Va cwnd_maxburst 448Use congestion control instead of 'blind' logic to limit maximum burst when sending. 449Default value is 1. May be set to 0 or 1. 450.It Va ecn_enable 451Enable Explicit Congestion Notification (ECN). 452Default value is 1. May be set to 0 or 1. 453.It Va rttvar_steady_step 454Number of identical bandwidth measurements DCCC takes to try step down the congestion window. 455Default value is 20. 456The minimum is 0, and the maximum is 65535. 457.It Va rttvar_eqret 458Whether DCCC reduces the congestion window size when round-trip time and bandwidth remain unchanged. 459Default value is 0. 460May be set to 0 or 1. 461.It Va rttvar_bw 462Shift amount DCCC uses for bandwidth smoothing on round-trip-time calculation. 463Default value is 4. 464The minimum is 0, and the maximum is 32. 465.It Va rttvar_rtt 466Shift amount DCCC uses for round-trip-time smoothing on round-trip-time calculation. 467Default value is 5. 468The minimum is 0, and the maximum is 32. 469.It Va use_dcccecn 470Enable ECN when using DCCC. 471Default value is 1. 472May be set to 0 or 1. 473.El 474.It Sy Misc 475.Bl -tag -width indent 476.It Va getcred 477Get the ucred of a SCTP connection. 478.It Va assoclist 479List of active SCTP associations. 480.It Va stats 481SCTP statistics (struct sctp_stat). 482.It Va diag_info_code 483Diagnostic information error cause code. 484.It Va blackhole 485Enable SCTP blackholing. 486See 487.Xr blackhole 4 488for more details. 489.It Va sendall_limit 490Maximum message size (in bytes) that can be transmitted with SCTP_SENDALL flags set. 491.It Va buffer_splitting 492Enable send/receive buffer splitting. 493.It Va vtag_time_wait 494Vtag wait time in seconds, 0 to disable. 495.It Va nat_friendly_init 496Enable sending of the NAT-friendly SCTP option on INITs. 497.It Va enable_sack_immediately 498Enable sending of the SACK-IMMEDIATELY bit. 499.It Va udp_tunneling_port 500Set the SCTP/UDP tunneling port. 501.It Va mobility_fasthandoff 502Enable SCTP fast handoff. 503.It Va mobility_base 504Enable SCTP base mobility 505.It Va default_frag_interleave 506Default fragment interleave level. 507.It Va default_ss_module 508Default stream scheduling module. 509.It Va log_level 510Ltrace/KTR trace logging level. 511.It Va max_retran_chunk 512Number of retransmissions of a DATA chunk before an association is aborted. 513.It Va min_residual 514Minimum residual data chunk in second part of split. 515.It Va strict_data_order 516Enforce strict data ordering, abort if control inside data. 517.It Va abort_at_limit 518Abort when one-to-one hits qlimit. 519.It Va hb_max_burst 520Confirmation heartbeat max burst. 521.It Va do_sctp_drain 522Flush chunks in receive queues with TSN higher than the cumulative TSN if the 523system is low on mbufs. 524.It Va max_chained_mbufs 525Default max number of small mbufs on a chain. 526.It Va abc_l_var 527SCTP ABC max increase per SACK (L). 528.It Va nat_friendly 529SCTP NAT friendly operation. 530.It Va cmt_use_dac 531CMT DAC on/off flag. 532.It Va cmt_on_off 533CMT settings. 534.It Va outgoing_streams 535Default number of outgoing streams. 536.It Va incoming_streams 537Default number of incoming streams. 538.It Va add_more_on_output 539When space-wise is it worthwhile to try to add more to a socket send buffer. 540.It Va path_pf_threshold 541Default potentially failed threshold. 542.It Va path_rtx_max 543Default maximum of retransmissions per path. 544.It Va assoc_rtx_max 545Default maximum number of retransmissions per association. 546.It Va init_rtx_max 547Default maximum number of retransmissions for INIT chunks. 548.It Va valid_cookie_life 549Default cookie lifetime in seconds. 550.It Va init_rto_max 551Default maximum retransmission timeout during association setup in ms. 552.It Va rto_initial 553Default initial retransmission timeout in ms. 554.It Va rto_min 555Default minimum retransmission timeout in ms. 556.It Va rto_max 557Default maximum retransmission timeout in ms. 558.It Va secret_lifetime 559Default secret lifetime in seconds. 560.It Va shutdown_guard_time 561Shutdown guard timer in seconds (0 means 5 times RTO.Max). 562.It Va pmtu_raise_time 563Default PMTU raise timer in seconds. 564.It Va heartbeat_interval 565Default heartbeat interval in ms. 566.It Va asoc_resource 567Max number of cached resources in an association. 568.It Va sys_resource 569Max number of cached resources in the system. 570.It Va sack_freq 571Default SACK frequency. 572.It Va delayed_sack_time 573Default delayed SACK timer in ms. 574.It Va chunkscale 575Tunable for scaling of number of chunks and messages. 576.It Va min_split_point 577Minimum size when splitting a chunk. 578.It Va pcbhashsize 579Tunable for PCB hash table sizes. 580.It Va tcbhashsize 581Tunable for TCB hash table sizes. 582.It Va maxchunks 583Default max chunks on queue per association. 584.It Va fr_maxburst 585Default max burst for SCTP endpoints when fast retransmitting. 586.It Va maxburst 587Default max burst for SCTP endpoints. 588.It Va peer_chkoh 589Amount to debit peers rwnd per chunk sent. 590.It Va strict_sacks 591Enable SCTP Strict SACK checking. 592.It Va pktdrop_enable 593Enable SCTP PKTDROP. 594.It Va nrsack_enable 595Enable SCTP NR-SACK. 596.It Va reconfig_enable 597Enable SCTP RE-CONFIG. 598.It Va asconf_enable 599Enable SCTP ASCONF. 600.It Va auth_enable 601Enable SCTP AUTH. 602.It Va pr_enable 603Enable PR-SCTP. 604.It Va auto_asconf 605Enable SCTP Auto-ASCONF. 606.It Va recvspace 607Maximum incoming SCTP buffer size. 608.It Va sendspace 609Maximum outgoing SCTP buffer size. 610.El 611.El 612.Sh SEE ALSO 613.Xr accept 2 , 614.Xr bind 2 , 615.Xr connect 2 , 616.Xr listen 2 , 617.Xr sctp_bindx 3 , 618.Xr sctp_connectx 3 , 619.Xr sctp_opt_info 3 , 620.Xr sctp_recvmsg 3 , 621.Xr sctp_sendmsg 3 , 622.Xr blackhole 4 623.Sh BUGS 624The 625.Nm 626kernel module cannot be unloaded. 627