Tech-invite   3GPPspecs   Glossaries   IETFRFCs   Groups   SIP   ABNFs   Ti+   Search in Tech-invite

in Index   Prev   Next
in Index   Prev   None  Group: TSVWG

RFC 8540

Stream Control Transmission Protocol: Errata and Issues in RFC 4960

Pages: 94
Informational
Part 5 of 7 – Pages 55 to 69
First   Prev   Next

Top   ToC   Page 55   prevText
3.36.  Inconsistent Handling of ICMPv4 and ICMPv6 Messages

3.36.1.  Description of the Problem

   Appendix C of [RFC4960] describes the handling of ICMPv4 and ICMPv6
   messages.  The handling of ICMP messages indicating that the port
   number is unreachable, as described in the enumerated procedures, is
   not consistent with the description given in [RFC4960] after the
   procedures.  Furthermore, the text explicitly describes the handling
   of ICMPv6 packets indicating reachability problems but does not do
   the same for the corresponding ICMPv4 packets.

3.36.2.  Text Changes to the Document

   ---------
   Old text: (Appendix C)
   ---------

   ICMP3) An implementation MAY ignore any ICMPv4 messages where the
          code does not indicate "Protocol Unreachable" or
          "Fragmentation Needed".

   ---------
   New text: (Appendix C)
   ---------

   ICMP3) An implementation SHOULD ignore any ICMP messages where the
          code indicates "Port Unreachable".

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Appendix C)
   ---------

   ICMP9) If the ICMPv6 code is "Destination Unreachable", the
          implementation MAY mark the destination into the unreachable
          state or alternatively increment the path error counter.
Top   ToC   Page 56
   ---------
   New text: (Appendix C)
   ---------

   ICMP9) If the ICMP type is "Destination Unreachable", the
          implementation MAY move the destination to the unreachable
          state or, alternatively, increment the path error counter.

   This text has been modified by multiple errata.  It is further
   updated in Section 3.37.

3.36.3.  Solution Description

   The text has been changed to describe the intended handling of ICMP
   messages indicating that the port number is unreachable by replacing
   the third rule.  Also, the limitation to ICMPv6 in the ninth rule has
   been removed.

3.37.  Handling of Soft Errors

3.37.1.  Description of the Problem

   [RFC1122] defines the handling of soft errors and hard errors for
   TCP.  Appendix C of [RFC4960] only deals with hard errors.

3.37.2.  Text Changes to the Document

   ---------
   Old text: (Appendix C)
   ---------

   ICMP9) If the ICMPv6 code is "Destination Unreachable", the
          implementation MAY mark the destination into the unreachable
          state or alternatively increment the path error counter.

   ---------
   New text: (Appendix C)
   ---------

   ICMP9) If the ICMP type is "Destination Unreachable", the
          implementation MAY move the destination to the unreachable
          state or, alternatively, increment the path error counter.
          SCTP MAY provide information to the upper layer indicating
          the reception of ICMP messages when reporting a network status
          change.
Top   ToC   Page 57
   This text has been modified by multiple errata.  It includes
   modifications from Section 3.36.  It is in final form and is not
   further updated in this document.

3.37.3.  Solution Description

   Text has been added allowing SCTP to notify the application in the
   case of soft errors.

3.38.  Honoring cwnd

3.38.1.  Description of the Problem

   When using the slow start algorithm, SCTP increases the congestion
   window only when it is being fully utilized.  Since SCTP uses DATA
   chunks and does not use the congestion window to fragment user
   messages, this requires that some overbooking of the congestion
   window be allowed.

3.38.2.  Text Changes to the Document

   ---------
   Old text: (Section 6.1)
   ---------

   B) At any given time, the sender MUST NOT transmit new data to a
      given transport address if it has cwnd or more bytes of data
      outstanding to that transport address.

   ---------
   New text: (Section 6.1)
   ---------

   B) At any given time, the sender MUST NOT transmit new data to a
      given transport address if it has cwnd + (PMTU - 1) or more bytes
      of data outstanding to that transport address.  If data is
      available, the sender SHOULD exceed cwnd by up to (PMTU - 1) bytes
      on a new data transmission if the flightsize does not currently
      reach cwnd.  The breach of cwnd MUST constitute one packet only.

   This text is in final form and is not further updated in this
   document.
Top   ToC   Page 58
   ---------
   Old text: (Section 7.2.1)
   ---------

   o  Whenever cwnd is greater than zero, the endpoint is allowed to
      have cwnd bytes of data outstanding on that transport address.

   ---------
   New text: (Section 7.2.1)
   ---------

   o  Whenever cwnd is greater than zero, the endpoint is allowed to
      have cwnd bytes of data outstanding on that transport address.  A
      limited overbooking as described in Section 6.1 B) SHOULD be
      supported.

   This text is in final form and is not further updated in this
   document.

3.38.3.  Solution Description

   Text was added to clarify how the cwnd limit should be handled.

3.39.  Zero Window Probing

3.39.1.  Description of the Problem

   The text in Section 6.1 of [RFC4960] that describes zero window
   probing does not clearly address the case where the window is not
   zero but is too small for the next DATA chunk to be transmitted.
   Even in this case, zero window probing has to be performed to avoid
   deadlocks.
Top   ToC   Page 59
3.39.2.  Text Changes to the Document

   ---------
   Old text: (Section 6.1)
   ---------

   A) At any given time, the data sender MUST NOT transmit new data to
      any destination transport address if its peer's rwnd indicates
      that the peer has no buffer space (i.e., rwnd is 0; see Section
      6.2.1).  However, regardless of the value of rwnd (including if it
      is 0), the data sender can always have one DATA chunk in flight to
      the receiver if allowed by cwnd (see rule B, below).  This rule
      allows the sender to probe for a change in rwnd that the sender
      missed due to the SACK's having been lost in transit from the data
      receiver to the data sender.

      When the receiver's advertised window is zero, this probe is
      called a zero window probe.  Note that a zero window probe SHOULD
      only be sent when all outstanding DATA chunks have been
      cumulatively acknowledged and no DATA chunks are in flight.  Zero
      window probing MUST be supported.

   ---------
   New text: (Section 6.1)
   ---------

   A) At any given time, the data sender MUST NOT transmit new data to
      any destination transport address if its peer's rwnd indicates
      that the peer has no buffer space (i.e., rwnd is smaller than the
      size of the next DATA chunk; see Section 6.2.1).  However,
      regardless of the value of rwnd (including if it is 0), the data
      sender can always have one DATA chunk in flight to the receiver
      if allowed by cwnd (see rule B, below).  This rule allows the
      sender to probe for a change in rwnd that the sender missed
      due to the SACK's having been lost in transit from the data
      receiver to the data sender.

      When the receiver has no buffer space, this probe is called a
      zero window probe.  Note that a zero window probe SHOULD only be
      sent when all outstanding DATA chunks have been cumulatively
      acknowledged and no DATA chunks are in flight.  Zero window
      probing MUST be supported.

   This text is in final form and is not further updated in this
   document.
Top   ToC   Page 60
3.39.3.  Solution Description

   The terminology is used in a cleaner way.

3.40.  Updating References regarding ECN

3.40.1.  Description of the Problem

   For Explicit Congestion Notification (ECN), [RFC4960] refers only to
   [RFC3168], which has been updated by [RFC8311].  This needs to be
   reflected in the text when referring to ECN.

3.40.2.  Text Changes to the Document

   ---------
   Old text: (Appendix A)
   ---------

   ECN [RFC3168] describes a proposed extension to IP that details a
   method to become aware of congestion outside of datagram loss.

   ---------
   New text: (Appendix A)
   ---------

   ECN as specified in [RFC3168] (updated by [RFC8311]) describes an
   extension to IP that details a method for becoming aware of
   congestion outside of datagram loss.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Appendix A)
   ---------

   In general, [RFC3168] should be followed with the following
   exceptions.

   ---------
   New text: (Appendix A)
   ---------

   In general, [RFC3168] (updated by [RFC8311]) SHOULD be followed, with
   the following exceptions.

   This text is in final form and is not further updated in this
   document.
Top   ToC   Page 61
   ---------
   Old text: (Appendix A)
   ---------

   [RFC3168] details negotiation of ECN during the SYN and SYN-ACK
   stages of a TCP connection.

   ---------
   New text: (Appendix A)
   ---------

   [RFC3168] (updated by [RFC8311]) details the negotiation of ECN
   during the SYN and SYN-ACK stages of a TCP connection.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Appendix A)
   ---------

   [RFC3168] details a specific bit for a receiver to send back in its
   TCP acknowledgements to notify the sender of the Congestion
   Experienced (CE) bit having arrived from the network.

   ---------
   New text: (Appendix A)
   ---------

   [RFC3168] (updated by [RFC8311]) details a specific bit for a
   receiver to send back in its TCP acknowledgements to notify the
   sender of the Congestion Experienced (CE) bit that the CE bit has
   arrived from the network.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Appendix A)
   ---------

   [RFC3168] details a specific bit for a sender to send in the header
   of its next outbound TCP segment to indicate to its peer that it has
   reduced its congestion window.
Top   ToC   Page 62
   ---------
   New text: (Appendix A)
   ---------

   [RFC3168] (updated by [RFC8311]) details a specific bit for a sender
   to send in the header of its next outbound TCP segment to indicate to
   its peer that it has reduced its congestion window.

   This text is in final form and is not further updated in this
   document.

3.40.3.  Solution Description

   References to [RFC8311] have been added.  Some wordsmithing was also
   done while making those updates.

3.41.  Host Name Address Parameter Deprecated

3.41.1.  Description of the Problem

   [RFC4960] defines three types of address parameters to be used with
   INIT and INIT ACK chunks:

   1.  IPv4 Address parameters.

   2.  IPv6 Address parameters.

   3.  Host Name Address parameters.

   The first two parameter types are supported by the SCTP kernel
   implementations of FreeBSD, Linux, and Solaris, but the third is not.
   In addition, the first two were successfully tested in all nine
   interoperability tests for SCTP, but the third has never been
   successfully tested.  Therefore, the Host Name Address parameter
   should be deprecated.

3.41.2.  Text Changes to the Document

   ---------
   Old text: (Section 3.3.2)
   ---------

   Note 3: An INIT chunk MUST NOT contain more than one Host Name
   Address parameter.  Moreover, the sender of the INIT MUST NOT combine
   any other address types with the Host Name Address in the INIT.  The
   receiver of INIT MUST ignore any other address types if the Host Name
   Address parameter is present in the received INIT chunk.
Top   ToC   Page 63
   ---------
   New text: (Section 3.3.2)
   ---------

   Note 3: An INIT chunk MUST NOT contain the Host Name Address
   parameter.  The receiver of an INIT chunk containing a Host Name
   Address parameter MUST send an ABORT and MAY include an "Unresolvable
   Address" error cause.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Section 3.3.2.1)
   ---------

   The sender of INIT uses this parameter to pass its Host Name (in
   place of its IP addresses) to its peer.  The peer is responsible for
   resolving the name.  Using this parameter might make it more likely
   for the association to work across a NAT box.

   ---------
   New text: (Section 3.3.2.1)
   ---------

   The sender of an INIT chunk MUST NOT include this parameter.  The
   usage of the Host Name Address parameter is deprecated.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Section 3.3.2.1)
   ---------

   Address Type: 16 bits (unsigned integer)

      This is filled with the type value of the corresponding address
      TLV (e.g., IPv4 = 5, IPv6 = 6, Host name = 11).
Top   ToC   Page 64
   ---------
   New text: (Section 3.3.2.1)
   ---------

   Address Type: 16 bits (unsigned integer)

      This is filled with the type value of the corresponding address
      TLV (e.g., IPv4 = 5, IPv6 = 6).  The value indicating the Host
      Name Address parameter (Host name = 11) MUST NOT be used.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Section 3.3.3)
   ---------

   Note 3: The INIT ACK chunks MUST NOT contain more than one Host Name
   Address parameter.  Moreover, the sender of the INIT ACK MUST NOT
   combine any other address types with the Host Name Address in the
   INIT ACK.  The receiver of the INIT ACK MUST ignore any other address
   types if the Host Name Address parameter is present.

   ---------
   New text: (Section 3.3.3)
   ---------

   Note 3: An INIT ACK chunk MUST NOT contain the Host Name Address
   parameter.  The receiver of INIT ACK chunks containing a Host Name
   Address parameter MUST send an ABORT and MAY include an "Unresolvable
   Address" error cause.

   This text is in final form and is not further updated in this
   document.

   ---------
   Old text: (Section 5.1.2)
   ---------

   B) If there is a Host Name parameter present in the received INIT or
      INIT ACK chunk, the endpoint shall resolve that host name to a
      list of IP address(es) and derive the transport address(es) of
      this peer by combining the resolved IP address(es) with the SCTP
      source port.

      The endpoint MUST ignore any other IP Address parameters if they
      are also present in the received INIT or INIT ACK chunk.
Top   ToC   Page 65
      The time at which the receiver of an INIT resolves the host name
      has potential security implications to SCTP.  If the receiver of
      an INIT resolves the host name upon the reception of the chunk,
      and the mechanism the receiver uses to resolve the host name
      involves potential long delay (e.g., DNS query), the receiver may
      open itself up to resource attacks for the period of time while it
      is waiting for the name resolution results before it can build the
      State Cookie and release local resources.

      Therefore, in cases where the name translation involves potential
      long delay, the receiver of the INIT MUST postpone the name
      resolution till the reception of the COOKIE ECHO chunk from the
      peer.  In such a case, the receiver of the INIT SHOULD build the
      State Cookie using the received Host Name (instead of destination
      transport addresses) and send the INIT ACK to the source IP
      address from which the INIT was received.

      The receiver of an INIT ACK shall always immediately attempt to
      resolve the name upon the reception of the chunk.

      The receiver of the INIT or INIT ACK MUST NOT send user data
      (piggy-backed or stand-alone) to its peer until the host name is
      successfully resolved.

      If the name resolution is not successful, the endpoint MUST
      immediately send an ABORT with "Unresolvable Address" error cause
      to its peer.  The ABORT shall be sent to the source IP address
      from which the last peer packet was received.

   ---------
   New text: (Section 5.1.2)
   ---------

   B) If there is a Host Name Address parameter present in the received
      INIT or INIT ACK chunk, the endpoint MUST immediately send an
      ABORT and MAY include an "Unresolvable Address" error cause
      to its peer.  The ABORT SHALL be sent to the source
      IP address from which the last peer packet was received.

   This text is in final form and is not further updated in this
   document.
Top   ToC   Page 66
   ---------
   Old text: (Section 11.2.4.1)
   ---------

   The use of the host name feature in the INIT chunk could be used to
   flood a target DNS server.  A large backlog of DNS queries, resolving
   the host name received in the INIT chunk to IP addresses, could be
   accomplished by sending INITs to multiple hosts in a given domain.
   In addition, an attacker could use the host name feature in an
   indirect attack on a third party by sending large numbers of INITs to
   random hosts containing the host name of the target.  In addition to
   the strain on DNS resources, this could also result in large numbers
   of INIT ACKs being sent to the target.  One method to protect against
   this type of attack is to verify that the IP addresses received from
   DNS include the source IP address of the original INIT.  If the list
   of IP addresses received from DNS does not include the source IP
   address of the INIT, the endpoint MAY silently discard the INIT.
   This last option will not protect against the attack against the DNS.

   ---------
   New text: (Section 11.2.4.1)
   ---------

   Support for the Host Name Address parameter has been removed from the
   protocol.  Endpoints receiving INIT or INIT ACK chunks containing the
   Host Name Address parameter MUST send an ABORT chunk in response and
   MAY include an "Unresolvable Address" error cause.

   This text is in final form and is not further updated in this
   document.

3.41.3.  Solution Description

   The usage of the Host Name Address parameter has been deprecated.

3.42.  Conflicting Text regarding the 'Supported Address Types'
       Parameter

3.42.1.  Description of the Problem

   Section 5.1.2 of [RFC4960] contains conflicting text regarding the
   receipt of an SCTP packet containing an INIT chunk sent from an
   address for which the corresponding address type is not listed in the
   'Supported Address Types' parameter.  The text states that the
   association MUST be aborted, but it also states that the association
   SHOULD be established and there SHOULD NOT be any error indication.
Top   ToC   Page 67
3.42.2.  Text Changes to the Document

   ---------
   Old text: (Section 5.1.2)
   ---------

   The sender of INIT may include a 'Supported Address Types' parameter
   in the INIT to indicate what types of address are acceptable.  When
   this parameter is present, the receiver of INIT (initiate) MUST
   either use one of the address types indicated in the Supported
   Address Types parameter when responding to the INIT, or abort the
   association with an "Unresolvable Address" error cause if it is
   unwilling or incapable of using any of the address types indicated by
   its peer.

   ---------
   New text: (Section 5.1.2)
   ---------

   The sender of INIT chunks MAY include a 'Supported Address Types'
   parameter in the INIT to indicate what types of addresses are
   acceptable.

   This text is in final form and is not further updated in this
   document.

3.42.3.  Solution Description

   The conflicting text has been removed.

3.43.  Integration of RFC 6096

3.43.1.  Description of the Problem

   [RFC6096] updates [RFC4960] by adding the "Chunk Flags" registry.
   This should be integrated into the base specification.
Top   ToC   Page 68
3.43.2.  Text Changes to the Document

   ---------
   Old text: (Section 14.1)
   ---------

   14.1.  IETF-Defined Chunk Extension

      The assignment of new chunk parameter type codes is done through
      an IETF Consensus action, as defined in [RFC2434].  Documentation
      of the chunk parameter MUST contain the following information:

      a) A long and short name for the new chunk type.

      b) A detailed description of the structure of the chunk, which
         MUST conform to the basic structure defined in Section 3.2.

      c) A detailed definition and description of the intended use of
         each field within the chunk, including the chunk flags if any.

      d) A detailed procedural description of the use of the new chunk
         type within the operation of the protocol.

      The last chunk type (255) is reserved for future extension if
      necessary.

   ---------
   New text: (Section 14.1)
   ---------

   14.1.  IETF-Defined Chunk Extension

      The assignment of new chunk type codes is done through an IETF
      Review action, as defined in [RFC8126].  Documentation for a new
      chunk MUST contain the following information:

      a)  A long and short name for the new chunk type.

      b)  A detailed description of the structure of the chunk, which
          MUST conform to the basic structure defined in Section 3.2.

      c)  A detailed definition and description of the intended use of
          each field within the chunk, including the chunk flags
          (if any).  Defined chunk flags will be used as initial entries
          in the chunk flags table for the new chunk type.

      d)  A detailed procedural description of the use of the new chunk
          type within the operation of the protocol.
Top   ToC   Page 69
      The last chunk type (255) is reserved for future extension if
      necessary.

      For each new chunk type, IANA creates a registration table for the
      chunk flags of that type.  The procedure for registering
      particular chunk flags is described in Section 14.2.

   This text has been modified by multiple errata.  It includes
   modifications from Section 3.3.  It is in final form and is not
   further updated in this document.

   ---------
   New text: (Section 14.2)
   ---------

   14.2.  New IETF Chunk Flags Registration

      The assignment of new chunk flags is done through an RFC Required
      action, as defined in [RFC8126].  Documentation for the chunk
      flags MUST contain the following information:

      a)  A name for the new chunk flag.

      b)  A detailed procedural description of the use of the new chunk
          flag within the operation of the protocol.  It MUST be
          considered that implementations not supporting the flag will
          send '0' on transmit and just ignore it on receipt.

      IANA selects a chunk flags value.  This MUST be one of 0x01, 0x02,
      0x04, 0x08, 0x10, 0x20, 0x40, or 0x80, which MUST be unique within
      the chunk flag values for the specific chunk type.

   This text is in final form and is not further updated in this
   document.

   Please note that Sections 14.2, 14.3, 14.4, and 14.5 as shown in
   [RFC4960] will need to be renumbered when [RFC4960] is updated.

3.43.3.  Solution Description

   [RFC6096] has been integrated, and the reference has been updated to
   [RFC8126].


Next Section