Stream Control Transmission Protocol (SCTP) is a connection-oriented transport layer protocol used to transmit multiple streams of data between two endpoints. It combines features of TCP (reliability, connection orientation) and UDP (message-oriented transfer), making it ideal for applications like telephony over the Internet and signaling in mobile networks.
Application Of SCTP Protocol
- Telephony Communication: Internet-based telephone signaling.
- Mobile Networks: Transports SS7 messages for 3G/4G/5G via M3UA, M2UA, SUA.
- Roaming & RAN Security: Used in mobile infrastructure for secure signaling.
- Reliable Transport: Suitable for applications needing high reliability and low delay.
Key Features
- Reliable & Secure: Ensures in-order delivery with error detection (CRC32 checksum).
- Message Oriented: Transfers data in discrete messages, unlike TCP’s byte stream.
- Multi-Streaming: Supports multiple independent streams within a single connection to avoid head-of-line blocking.
- Multihoming: Allows endpoints to use multiple IP addresses for fault tolerance and path redundancy.
- Flow & Congestion Control: Prevents overflow and network congestion similar to TCP.
- Security: Provides resistance against blind DoS attacks and masquerades.
SCTP Packet Structure
An SCTP packet has two main parts- Header and Payload. The Header is common but Payload have variable chunks.
The Common SCTP header is 12 byte long and made of the 4 parts:
- Port Number (Source): shows the sending port
- Port Number (Destination): shows the receiving port
- Verification tag: a 32 bit random value which differentiate the packets from the previous connection
- Checksum: a CRC32 algorithm for detection of error.
Multihoming in SCTP
Multihoming allows a host to connect through multiple IP addresses. If the primary path fails, data automatically switches to an alternate path, ensuring continuous communication. Each path’s Round Trip Time (RTT) is monitored for reliability.
Security
This protocol provides certain security features related to transport such as resistance against blind DOS attack (Denial of Service), masquerades and monopolization of any type of service during operation. SIGTRAN (Signaling Transport) protocols does not define any type of new security mechanism as current available security protocols provide necessary steps for securing the transmission of SS7 message over IP networks
SCTP Services
- Aggregate Server Access Protocol (ASAP)
- Bearer-independent Call Control (BICC)
- Direct Data Placement Segment chunk (DDP-segment)
- Direct Data Placement Stream session control (DDP-stream)
- Diameter in a DTLS/SCTP DATA chunk (Diameter-DTLS)
Central Point Architecture Support for SCTP
An SCTP association is a connection between two endpoints identified by unique tags.
- Earlier, sessions using the same port pair were mapped to one SPU, reducing load balancing.
- Since Junos OS 15.1X49-D40 and 17.3R1, tag-based hash distribution uses the verification tag (vtag) to evenly distribute SCTP traffic across multiple SPUs on SRX devices.
History of SCTP Protocol
SCTP was developed by the Transport Area Working Group (TSVWG) of IETF to carry call control signals over IP networks, similar to the Signaling System 7 (SS7) used in telephone switching.
Advantages of SCTP
- Full duplex (send & receive simultaneously).
- Independent, ordered delivery per stream.
- Supports multiple IP paths (multihoming).
- Provides fault tolerance and congestion control.
- Message-oriented, unlike TCP’s byte-oriented approach.
Limitation and Constraints of SCTP Protocol
- Supports max 8 source and 8 destination IPs per association.
- Only static NAT supported.
- Protocol numbers restricted (0–63 range).
- Existing traffic can be impacted by protocol blocking changes.
- Session timeout is 30 minutes by default.