<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent"> [
 <!ENTITY nbsp    "&#160;">
 <!ENTITY zwsp   "&#8203;">
 <!ENTITY nbhy   "&#8209;">
 <!ENTITY wj     "&#8288;">
]>

<rfc xmlns:xi="http://www.w3.org/2001/XInclude"
     xml:lang="en"
     ipr="pre5378Trust200902"
     submissionType="IETF"
     consensus="true"
     category="std"
     docName="draft-ietf-tsvwg-rfc4960-bis-19"
     obsoletes="4460,4960,6096,7053,8540"
     obsoletes="4460, 4960, 6096, 7053, 8540"
     version="3"
     tocDepth="4">
     tocInclude="true"
     tocDepth="4"
     number="9260"
     sortRefs="false"
     symRefs="true">

<front>
<title>Stream Control Transmission Protocol</title>
<seriesInfo name="Internet-Draft" value="draft-ietf-tsvwg-rfc4960-bis-19"/>

<!-- *************** RANDALL STEWART *************** --> name="RFC" value="9260"/>
<author initials="R. R." initials="R." surname="Stewart" fullname="Randall R. Stewart">
<organization>Netflix, Inc.</organization>
<address>
    <postal>
        <street>2455 Heritage Green Ave</street>
        <city>Davenport</city>
        <region>FL</region>
        <code>33837</code>
        <country>United States</country> States of America</country>
    </postal>
    <email>randall@lakerest.net</email>
</address>
</author>

<!-- ************** MICHAEL TUEXEN *************** -->
<author initials="M." surname="Tüxen" fullname="Michael Tüxen">
<organization abbrev='Münster Univ. of Appl. Sciences'>
              Münster University of Applied Sciences</organization>
<address>
    <postal>
        <street>Stegerwaldstrasse 39</street>
        <code>48565</code>
        <city>Steinfurt</city>
        <country>Germany</country>
    </postal>
    <email>tuexen@fh-muenster.de</email>
</address>
</author>

<!-- ************** KAREN NIELSEN *************** -->
<author initials="K. E. E." initials="K." surname="Nielsen" fullname="Karen E. E. Nielsen">
<organization>Kamstrup A/S</organization>
<address>
    <postal>
        <street>Industrivej 28</street>
        <code>DK-8660</code>
        <city>Skanderborg</city>
        <country>Denmark</country>
    </postal>
    <email>kee@kamstrup.com</email>
</address>
</author>

<date /> month="May" year="2022"/>
<abstract>
<t>This document obsoletes RFC 4960, if approved.
It describes the Stream Control Transmission Protocol (SCTP) and obsoletes RFC 4960.  It incorporates the specification of the chunk flags registry from RFC 6096 and the
specification of the I bit of DATA chunks from RFC 7053.
Therefore, RFC RFCs 6096 and RFC 7053 are also obsoleted by this document, if approved. document.
In addition to that, the Errata documents RFC addition, RFCs 4460 and RFC 8540 8540, which describe errata for SCTP, are also obsoleted by this document, if approved.</t> document.
</t>
<t>SCTP was originally designed to transport Public Switched Telephone
Network (PSTN) signaling messages over IP networks.
It is also suited to be used for other applications, for example example, WebRTC.</t>
<t>SCTP is a reliable transport protocol operating on top of a
connectionless packet network network, such as IP.
It offers the following services to its users:</t>
<ul>
<li><t>acknowledged error-free error-free, non-duplicated transfer of user data,</t></li>
<li><t>data fragmentation to conform to discovered path maximum transmission
unit Path Maximum Transmission Unit (PMTU) size,</t></li>
<li><t>sequenced delivery of user messages within multiple streams, with
an option for order-of-arrival delivery of individual user messages,</t></li>
<li><t>optional bundling of multiple user messages into a single SCTP packet, and</t></li>
<li><t>network-level fault tolerance through supporting of multi-homing
at either or both ends of an association.</t></li>
</ul>
<t>The design of SCTP includes appropriate congestion avoidance behavior
and resistance to flooding and masquerade attacks.</t>
</abstract>

</front>

<middle>
<section>
<name>Conventions</name>

<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when,
and only when, they appear in all capitals, as shown here.</t>
</section>

<section>
<name>Introduction</name>

<t>This section explains the reasoning behind the development of the
Stream Control Transmission Protocol (SCTP), the services it offers,
and the basic concepts needed to understand the detailed description
of the protocol.</t>

<t>This document obsoletes <xref target="RFC4960"/>, if approved. target="RFC4960"/>.
In addition to that, it incorporates the specification of the chunk flags
registry from <xref target="RFC6096"/> and the specification of the I bit of
DATA chunks from <xref target="RFC7053"/>.
Therefore, <xref target="RFC6096"/> and <xref target="RFC7053"/> are also
obsoleted by this document, if approved.</t> document.</t>
<section>
<name>Motivation</name>

<t>TCP <xref target="RFC0793"/> has performed immense service as the primary
means of reliable data transfer in IP networks.
However, an increasing number of recent applications have found TCP too
limiting,
limiting and have incorporated their own reliable data transfer protocol
on top of UDP <xref target="RFC0768"/>.
The limitations that users have wished to bypass include the following:</t>
<ul>
<li><t>TCP provides both reliable data transfer and strict
order-of-transmission delivery of data.
Some applications need reliable transfer without sequence maintenance,
while others would be satisfied with partial ordering of the data.
In both of these cases, the head-of-line blocking offered by TCP causes
unnecessary delay.</t></li>
<li><t>The stream-oriented nature of TCP is often an inconvenience.
Applications add their own record marking to delineate their
messages,
messages and make explicit use of the push facility to
ensure that a complete message is transferred in a reasonable
time.</t></li>
<li><t>The limited scope of TCP sockets complicates the task of providing
highly-available
highly available data transfer capability using multi-homed hosts.</t></li>
<li><t>TCP is relatively vulnerable to denial-of-service attacks, such
as SYN attacks.</t></li>
</ul>
<t>Transport of PSTN signaling across the IP network is an application
for which all of these limitations of TCP are relevant.
While this application directly motivated the development of SCTP, other
applications might find SCTP a good match to their requirements.
One example of this is the use of datachannels data channels in the WebRTC infrastructure.</t>
</section>

<section>
<name>Architectural View of SCTP</name>

<t>SCTP is viewed as a layer between the SCTP user application ("SCTP
user" for short) and a connectionless packet network service service, such as
IP.
The remainder of this document assumes SCTP runs on top of IP.
The basic service offered by SCTP is the reliable transfer of user
messages between peer SCTP users.
It performs this service within the context of an association between
two SCTP endpoints.
<xref target='sec_api'/> of this document sketches the API that exists
at the boundary between the SCTP and the SCTP upper layers.</t>
<t>SCTP is connection-oriented connection oriented in nature, but the SCTP association is a
broader concept than the TCP connection.
SCTP provides the means for each SCTP endpoint (<xref target="sec_key_terms"/>)
to provide the other endpoint (during association startup) with a list of
transport addresses (i.e., multiple IP addresses in combination with an SCTP
port) through which that endpoint can be reached and from which it will
originate SCTP packets.
The association spans transfers over all of the possible source/destination
combinations that can be generated from each endpoint's lists.</t>
<figure anchor='fig_association'
        title='An SCTP Association'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
 _____________                                      _____________
|  SCTP User  |                                    |  SCTP User  |
| Application |                                    | Application |
|-------------|                                    |-------------|
|    SCTP     |                                    |    SCTP     |
|  Transport  |                                    |  Transport  |
|   Service   |                                    |   Service   |
|-------------|                                    |-------------|
|             |One or more    ----      One or more|             |
| IP Network  |IP address      \/        IP address| IP Network  |
|   Service   |appearances     /\       appearances|   Service   |
|_____________|               ----                 |_____________|

  SCTP Node A |<-------- Network transport ------->| SCTP Node B
]]>
</artwork>
</figure>
<t>In addition to encapsulating SCTP packets in IPv4 or IPv6, it is also possible
to encapsulate SCTP packets in UDP as specified in <xref target='RFC6951'/> target="RFC6951"/>
or encapsulate them in DTLS as specified in <xref target='RFC8261'/>.</t> target="RFC8261"/>.</t>
</section>

<section anchor='sec_key_terms'>
<name>Key Terms</name>

<t>Some of the language used to describe SCTP has been introduced in the
previous sections. This section provides a consolidated list of the
key terms and their definitions.</t>

<dl>

<dl newline="false">
<dt>Active Destination Transport Address:</dt>
<dd>
<t>A
<dd>A transport address on a peer endpoint that a transmitting endpoint considers
available for receiving user messages.</t>
</dd> messages.</dd>
<dt>Association Maximum DATA Chunk Size (AMDCS):</dt>
<dd>
<t>The
<dd>The smallest Path Maximum DATA Chunk Size (PMDCS) of all destination
addresses.</t>
</dd>
addresses.</dd>
<dt>Bundling Of of Chunks:</dt>
<dd>
<t>An
<dd>An optional multiplexing operation, whereby more than one chunk can
be carried in the same SCTP packet.</t>
</dd> packet.</dd>
<dt>Bundling Of of User Messages:</dt>
<dd>
<t>An
<dd>An optional multiplexing operation, whereby more than one user message can
be carried in the same SCTP packet. Each user message occupies its own DATA chunk.</t>
</dd> chunk.</dd>
<dt>Chunk:</dt>
<dd>
<t>A
<dd>A unit of information within an SCTP packet, consisting of a chunk header
and chunk-specific content.</t>
</dd> content.</dd>
<dt>Congestion Window (cwnd):</dt>
<dd>
<t>An
<dd>An SCTP variable that limits outstanding data, in number of bytes,
that a sender can send to a particular destination transport address before
receiving an acknowledgement.</t>
</dd> acknowledgement.</dd>
<dt>Control Chunk:</dt>
<dd>
<t>A
<dd>A chunk not being used for transmitting user data, i.e. i.e., every chunk which that
is not a DATA chunk.</t>
</dd> chunk.</dd>
<dt>Cumulative TSN Ack Point:</dt>
<dd>
<t>The
<dd>The Transmission Sequence Number (TSN) of the last DATA chunk acknowledged via
the Cumulative TSN Ack field of a SACK chunk.</t>
</dd> chunk.</dd>
<dt>Flightsize:</dt>
<dd>
<t>The
<dd>The number of bytes of outstanding data to a particular destination transport
address at any given time.</t>
</dd> time.</dd>
<dt>Idle Destination Address:</dt>
<dd>
<t>An
<dd>An address that has not had user messages sent to it within some length
of time, normally the 'HB.interval' or greater.</t>
</dd> greater.</dd>
<dt>Inactive Destination Transport Address:</dt>
<dd>
<t>An
<dd>An address that is considered inactive due to errors and unavailable to
transport user messages.</t>
</dd> messages.</dd>
<dt>Message (or User Message):</dt>
<dd>
<t>Data
<dd>Data submitted to SCTP by the Upper Layer Upper-Layer Protocol (ULP).</t>
</dd> (ULP).</dd>
<dt>Network Byte Order:</dt>
<dd>
<t>Most
<dd>Most significant byte first, a.k.a., big endian.</t>
</dd> endian.</dd>
<dt>Ordered Message:</dt>
<dd>
<t>A
<dd>A user message that is delivered in order with respect to all previous user
messages sent within the stream on which the message was sent.</t>
</dd> sent.</dd>
<dt>Outstanding Data (or Data Outstanding or Data In Flight):</dt>
<dd>
<t>The
<dd>The total size of the DATA chunks associated with outstanding TSNs.
A retransmitted DATA chunk is counted once in outstanding data.
A DATA chunk that is classified as lost but that has not yet been
retransmitted is not in outstanding data.</t>
</dd> data.</dd>
<dt>Outstanding TSN (at an SCTP Endpoint):</dt>
<dd>
<t>A
<dd>A TSN (and the associated DATA chunk) that has been sent by the endpoint
but for which it has not yet received an acknowledgement.</t>
</dd>
<dt>Out Of The Blue acknowledgement.</dd>
<dt>"Out of the Blue" (OOTB) Packet:</dt>
<dd>
<t>A
<dd>A correctly formed packet, for which the receiver can not cannot identify the
association it belongs to. See <xref target='sec_handle_out_of_the_blue_packets'/>.</t>
</dd> target='sec_handle_out_of_the_blue_packets'/>.</dd>
<dt>Path:</dt>
<dd>
<t>The
<dd>The route taken by the SCTP packets sent by one SCTP endpoint to a specific
destination transport address of its peer SCTP endpoint.
Sending to different destination transport addresses does not necessarily
guarantee getting separate paths.
Within this specification, a path is identified by the destination transport
address, since the routing is assumed to be stable.
This includes includes, in particular particular, the source address being selected when sending
packets to the destination address.</t>
</dd> address.</dd>
<dt>Path Maximum DATA Chunk Size (PMDCS):</dt>
<dd>
<t>The
<dd>The maximum size (including the DATA chunk header) of a DATA chunk which that fits
into an SCTP packet not exceeding the PMTU of a particular destination address.</t>
</dd> address.</dd>
<dt>Path Maximum Transmission Unit (PMTU):</dt>
<dd>
<t>The
<dd>The maximum size (including the SCTP common header and all chunks including
their paddings) of an SCTP packet which that can be sent to a particular
destination address without using IP level fragmentation.</t>
</dd> IP-level fragmentation.</dd>
<dt>Primary Path:</dt>
<dd>
<t>The primary path is the
<dd>The destination and source address that will be put into
a packet outbound to the peer endpoint by default.
The definition includes the source address since an implementation MAY <bcp14>MAY</bcp14> wish
to specify both destination and source address to better control the return
path taken by reply chunks and on which interface the packet is transmitted
when the data sender is multi-homed.</t>
</dd> multi-homed.</dd>
<dt>Receiver Window (rwnd):</dt>
<dd>
<t>An
<dd>An SCTP variable a data sender uses to store the most recently calculated
receiver window of its peer, in number of bytes.
This gives the sender an indication of the space available in the receiver's
inbound buffer.</t>
</dd> buffer.</dd>
<dt>SCTP Association:</dt>
<dd>
<t>A
<dd>A protocol relationship between SCTP endpoints, composed of the two SCTP
endpoints and protocol state information information, including Verification Tags and the
currently active set of Transmission Sequence Numbers (TSNs), etc.
An association can be uniquely identified by the transport addresses used by the
endpoints in the association.
Two SCTP endpoints MUST NOT <bcp14>MUST NOT</bcp14> have more than one SCTP association between
them at any given time.</t>
</dd> time.</dd>
<dt>SCTP Endpoint:</dt>
<dd>
<t>The
<dd>The logical sender/receiver of SCTP packets.
On a multi-homed host, an SCTP endpoint is represented to its peers as
a combination of a set of eligible destination transport addresses
to which SCTP packets can be sent and a set of eligible source
transport addresses from which SCTP packets can be received.
All transport addresses used by an SCTP endpoint MUST <bcp14>MUST</bcp14> use the same
port number, number but can use multiple IP addresses.
A transport address used by an SCTP endpoint MUST NOT <bcp14>MUST NOT</bcp14> be used by another SCTP
endpoint.
In other words, a transport address is unique to an SCTP endpoint.</t>
</dd> endpoint.</dd>
<dt>SCTP Packet (or Packet):</dt>
<dd>
<t>The
<dd>The unit of data delivery across the interface between SCTP and the
connectionless packet network (e.g., IP).
An SCTP packet includes the common SCTP header, possible SCTP control chunks,
and user data encapsulated within SCTP DATA chunks.</t>
</dd> chunks.</dd>
<dt>SCTP User Application (or SCTP User):</dt>
<dd>
<t>The
<dd>The logical higher-layer application entity which that uses the services of SCTP,
also called the Upper-Layer Protocol (ULP).</t>
</dd> (ULP).</dd>
<dt>Slow-Start Threshold (ssthresh):</dt>
<dd>
<t>An
<dd>An SCTP variable.
This is the threshold that the endpoint will use to determine whether to
perform slow start slow-start or congestion avoidance on a particular destination
transport address. Ssthresh is in number of bytes.</t>
</dd> bytes.</dd>
<dt>State Cookie:</dt>
<dd>
<t>A
<dd>A container of all information needed to establish an association.</t>
</dd> association.</dd>
<dt>Stream:</dt>
<dd>
<t>A unidirectional logical channel established from one to
another associated SCTP endpoint, within which all user messages
are delivered in sequence sequence, except for those submitted to the
unordered delivery service.</t>

<t>Note: The relationship between stream numbers in opposite directions
is strictly a matter of how the applications use them. It is the
responsibility of the SCTP user to create and manage these
correlations if they are so desired.</t>
</dd>
<dt>Stream Sequence Number:</dt>
<dd>
<t>A
<dd>A 16-bit sequence number used internally by SCTP to ensure sequenced delivery
of the user messages within a given stream.
One Stream Sequence Number is attached to each ordered user message.</t>
</dd> message.</dd>
<dt>Tie-Tags:</dt>
<dd>
<t>Two
<dd>Two 32-bit random numbers that together make a 64-bit nonce.
These tags are used within a State Cookie and TCB so that a newly restarting
association can be linked to the original association within the endpoint
that did not restart and yet not reveal the true Verification Tags of an
existing association.</t>
</dd> association.</dd>
<dt>Transmission Control Block (TCB):</dt>
<dd>
<t>An
<dd>An internal data structure created by an SCTP endpoint for each of its
existing SCTP associations to other SCTP endpoints.
TCB contains all the status and operational information for the endpoint
to maintain and manage the corresponding association.</t>
</dd> association.</dd>
<dt>Transmission Sequence Number (TSN):</dt>
<dd>
<t>A
<dd>A 32-bit sequence number used internally by SCTP.
One TSN is attached to each chunk containing user data to permit the
receiving SCTP endpoint to acknowledge its receipt and detect duplicate
deliveries.</t>
</dd>
deliveries.</dd>
<dt>Transport Address:</dt>
<dd>
<t>A
<dd>A transport address is traditionally typically defined by a network-layer address,
a transport-layer protocol, and a transport-layer port number.
In the case of SCTP running over IP, a transport address is defined by
the combination of an IP address and an SCTP port number (where SCTP is the
transport protocol).</t>
</dd> protocol).</dd>
<dt>Unordered Message:</dt>
<dd>
<t>Unordered
<dd>Unordered messages are "unordered" with respect to any other message;
this includes both other unordered messages as well as other ordered messages.
An unordered message might be delivered prior to or later than ordered messages
sent on the same stream.</t>
</dd> stream.</dd>
<dt>User Message:</dt>
<dd>
<t>The
<dd>The unit of data delivery across the interface between SCTP and its user.</t>
</dd> user.</dd>
<dt>Verification Tag:</dt>
<dd>
<t>A
<dd>A 32-bit unsigned integer that is randomly generated.
The Verification Tag provides a key that allows a receiver to verify that the
SCTP packet belongs to the current association and is not an old or stale
packet from a previous association.</t>
</dd> association.</dd>
</dl>
</section>

<section>
  <name>Abbreviations</name>
  <dl spacing='compact'>
<dt>MAC</dt><dd><t>Message newline= "false" spacing='normal' indent="8">
    <dt>MAC</dt>
    <dd>Message Authentication Code <xref target="RFC2104"/></t></dd>
<dt>RTO</dt><dd><t>Retransmission Timeout</t></dd>
<dt>RTT</dt><dd><t>Round-Trip Time</t></dd>
<dt>RTTVAR</dt><dd><t>Round-Trip target="RFC2104"/></dd>
    <dt>RTO</dt>
    <dd>Retransmission Timeout</dd>
    <dt>RTT</dt>
    <dd>Round-Trip Time</dd>
    <dt>RTTVAR</dt>
    <dd>Round-Trip Time Variation</t></dd>
<dt>SCTP</dt><dd><t>Stream Variation</dd>
    <dt>SCTP</dt>
    <dd>Stream Control Transmission Protocol</t></dd>
<dt>SRTT</dt><dd><t>Smoothed RTT</t></dd>
<dt>TCB</dt><dd><t>Transmission Protocol</dd>
    <dt>SRTT</dt>
    <dd>Smoothed RTT</dd>
    <dt>TCB</dt>
    <dd>Transmission Control Block</t></dd>
<dt>TLV</dt><dd><t>Type-Length-Value Block</dd>
    <dt>TLV</dt>
    <dd>Type-Length-Value coding format</t></dd>
<dt>TSN</dt><dd><t>Transmission format</dd>
    <dt>TSN</dt>
    <dd>Transmission Sequence Number</t></dd>
<dt>ULP</dt><dd><t>Upper-Layer Protocol</t></dd> Number</dd>
    <dt>ULP</dt>
    <dd>Upper-Layer Protocol</dd>
  </dl>
</section>

<section>
  <name>Functional View of SCTP</name>
<t>The SCTP transport service can be decomposed into a number of functions.
These are depicted in <xref target='fig_functional_view'/> and explained
in the remainder of this section.</t>

<figure anchor='fig_functional_view'
        title='Functional View of the SCTP Transport Service'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
                SCTP User Application

-----------------------------------------------------
 _____________                  ____________________
|             |                | Sequenced Delivery |
| Association |                |   within Streams   |
|             |                |____________________|
|   Startup   |
|             |         ____________________________
|     and     |        |  User Data Fragmentation   |
|             |        |____________________________|
|  Takedown   |
|             |         ____________________________
|             |        |      Acknowledgement       |
|             |        |            and             |
|             |        |    Congestion Avoidance    |
|             |        |____________________________|
|             |
|             |         ____________________________
|             |        |       Chunk Bundling       |
|             |        |____________________________|
|             |
|             |     ________________________________
|             |    |       Packet Validation        |
|             |    |________________________________|
|             |
|             |     ________________________________
|             |    |        Path Management         |
|_____________|    |________________________________|
]]>
</artwork>
</figure>

<section>
<name>Association Startup and Takedown</name>

<t>An association is initiated by a request from the SCTP user (see the
description of the ASSOCIATE (or SEND) primitive in <xref target='sec_api'/>).</t> target="sec_api"/>).</t>

<t>A cookie mechanism, similar to one described by Karn and Simpson in
<xref target='RFC2522'/>, target="RFC2522"/>, is employed during the initialization to provide
protection against synchronization attacks.
The cookie mechanism uses a four-way handshake, the last two legs of which
are allowed to carry user data for fast setup.
The startup sequence is described in <xref target='sec_assoc_initialization'/>
of this document.</t>
<t>SCTP provides for graceful close (i.e., shutdown) of an active
association on request from the SCTP user.
See the description of the SHUTDOWN primitive in <xref target='sec_api'/>.
SCTP also allows ungraceful close (i.e., abort), either on request from the
user (ABORT primitive) or as a result of an error condition detected within
the SCTP layer.
<xref target='sec_assoc_termination'/> describes both the graceful and the
ungraceful close procedures.</t>

<t>SCTP does not support a half-open state (like TCP) wherein one side
continues sending data while the other end is closed.
When either endpoint performs a shutdown, the association on each peer will
stop accepting new data from its user and only deliver data in queue at
the time of the graceful close (see <xref target='sec_assoc_termination'/>).</t>
</section>

<section>
<name>Sequenced Delivery within Streams</name>

<t>The term "stream" is used in SCTP to refer to a sequence of user
messages that are to be delivered to the upper-layer protocol in
order with respect to other messages within the same stream.
This is in contrast to its usage in TCP, where it refers to a sequence of
bytes (in this document, a byte is assumed to be 8 bits).</t>
<t>The
<t>At association startup time, the SCTP user can specify at association startup time the number of
streams to be supported by the association.
This number is negotiated with the remote end
(see <xref target='sec_handle_stream_parameters'/>).
User messages are associated with stream numbers (SEND, RECEIVE primitives, primitives;
<xref target='sec_api'/>).
Internally, SCTP assigns a Stream Sequence Number to each message passed to
it by the SCTP user.
On the receiving side, SCTP ensures that messages are delivered to the SCTP
user in sequence within a given stream.
However, while one stream might be blocked waiting for the next in-sequence
user message, delivery from other streams might proceed.</t>
<t>SCTP provides a mechanism for bypassing the sequenced delivery
service.
User messages sent using this mechanism are delivered to the SCTP user as
soon as they are received.</t>
</section>

<section>
<name>User Data Fragmentation</name>

<t>When needed, SCTP fragments user messages to ensure that the size of the SCTP
packet passed to the lower layer does not exceed the PMTU.
Once a user message has been fragmented, this fragmentation cannot be changed
anymore.
On receipt, fragments are reassembled into complete messages before
being passed to the SCTP user.</t>
</section>

<section>
<name>Acknowledgement and Congestion Avoidance</name>

<t>SCTP assigns a Transmission Sequence Number (TSN) to each user data
fragment or unfragmented message.
The TSN is independent of any Stream Sequence Number assigned at the
stream level.
The receiving end acknowledges all TSNs received, even if there are gaps in the
sequence.
If a user data fragment or unfragmented message needs to be retransmitted,
the TSN assigned to it is used.
In this way, reliable delivery is kept functionally separate from sequenced
stream delivery.</t>
<t>The acknowledgement and congestion avoidance function is responsible
for packet retransmission when timely acknowledgement has not been
received.
Packet retransmission is conditioned by congestion avoidance procedures
similar to those used for TCP. See Sections <xref target='sec_user_data_transfer'/> target='sec_user_data_transfer' format='counter'/> and
<xref target='sec_congestion_control'/> target='sec_congestion_control' format='counter'/> for a detailed description descriptions of the
protocol procedures associated with this function.</t>
</section>

<section>
<name>Chunk Bundling</name>

<t>As described in <xref target='sec_sctp_packet_format'/>, the SCTP packet
as delivered to the lower layer consists of a common header followed by one
or more chunks.
Each chunk contains either user data or SCTP control information.
An SCTP implementation supporting bundling on the sender side might
delay the sending of user messages to allow the corresponding DATA
chunks to be bundled.</t>
<t>The SCTP user has the option to request that an SCTP implementation does not
delay the sending of a user message just for this purpose.
However, even if the SCTP user has chosen this option, the SCTP implementation
might delay the sending due to other reasons, for example reasons (for example, due to congestion
control or flow control, control) and might also bundle multiple DATA chunks, if
possible.</t>
</section>

<section>
<name>Packet Validation</name>

<t>A mandatory Verification Tag field and a 32-bit checksum field (see
<xref target='sec_crc32c'/> for a description of the CRC32c 32-bit Cyclic Redundancy Check (CRC32c) checksum)
are included in the SCTP common header.
The Verification Tag value is chosen by each end of the association during
association startup.
Packets received without the expected Verification Tag value are discarded,
as a protection against blind masquerade attacks and against stale SCTP
packets from a previous association.
The CRC32c checksum is set by the sender of each SCTP packet to
provide additional protection against data corruption in the network.
The receiver of an SCTP packet with an invalid CRC32c checksum silently
discards the packet.</t>
</section>

<section>
<name>Path Management</name>

<t>The sending SCTP user is able to manipulate the set of transport
addresses used as destinations for SCTP packets through the
primitives described in <xref target='sec_api'/>.
The SCTP path management function monitors reachability through heartbeats
when other packet traffic is inadequate to provide this information and advises
the SCTP user when reachability of any transport address of the peer endpoint
changes.
The path management function chooses the destination transport address
for each outgoing SCTP packet based on the SCTP user's instructions and the
currently perceived reachability status of the eligible destination set.
The path management function is also responsible for reporting the eligible
set of local transport addresses to the peer endpoint during association startup, startup
and for reporting the transport addresses returned from the peer endpoint to the
SCTP user.</t>

<t>At association startup, a primary path is defined for each SCTP
endpoint,
endpoint and is used for normal sending of to send SCTP packets.</t> packets normally.</t>
<t>On the receiving end, the path management is responsible for
verifying the existence of a valid SCTP association to which the
inbound SCTP packet belongs before passing it for further processing.</t>

<t>Note: Path Management and Packet Validation are done at the same
time, so
time; although described separately above, in reality reality, they cannot
be performed as separate items.</t>
</section>
</section>

<section>
<name>Serial Number Arithmetic</name>

<t>It is essential to remember that the actual Transmission Sequence
Number space is finite, though very large.
This space ranges from 0 to 2<sup>32</sup> - 1.
Since the space is finite, all arithmetic dealing with Transmission Sequence
Numbers MUST <bcp14>MUST</bcp14> be performed modulo 2<sup>32</sup>.
This unsigned arithmetic preserves the relationship of sequence numbers as
they cycle from 2<sup>32</sup> - 1 to 0 again.
There are some subtleties to computer modulo arithmetic, so great care has to
be taken in programming the comparison of such values.
When referring to TSNs, the symbol "&lt;=" means
"less than or equal" (modulo 2<sup>32</sup>).</t>
<t>Comparisons and arithmetic on TSNs in this document SHOULD <bcp14>SHOULD</bcp14> use Serial
Number Arithmetic Arithmetic, as defined in <xref target="RFC1982"/> target="RFC1982"/>,
where SERIAL_BITS = 32.</t>
<t>An endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> transmit a DATA chunk with a TSN that is more
than 2<sup>31</sup> - 1 above the beginning TSN of its current send window.
Doing so will cause problems in comparing TSNs.</t>
<t>Transmission Sequence Numbers wrap around when they reach 2<sup>32</sup> - 1.
That is, the next TSN a DATA chunk MUST <bcp14>MUST</bcp14> use after transmitting TSN =
2<sup>32</sup> - 1 is TSN = 0.</t>
<t>Any arithmetic done on Stream Sequence Numbers SHOULD <bcp14>SHOULD</bcp14> use Serial
Number Arithmetic Arithmetic, as defined in <xref target="RFC1982"/> target="RFC1982"/>, where SERIAL_BITS = 16.
All other arithmetic and comparisons in this document use normal
arithmetic.</t>
</section>

<section>
<name>Changes from RFC 4960</name>

<t>SCTP was originally defined in <xref target="RFC4960"/>, which this document
obsoletes, if approved.
obsoletes.
Readers interested in the details of the various changes that this document
incorporates are asked to consult <xref target="RFC8540"/>.</t>
<t>In addition to these and further editorial changes, the following changes
have been incorporated in this document:</t>
<ul>
<li><t>Update references.</t></li>
<li><t>Improve the language related to requirements levels.</t></li>
<li><t>Allow the ASSOCIATE primitive to take multiple remote addresses;
       also refer to the Socket socket API specification.</t></li>
<li><t>Refer to the PLPMTUD Packetization Layer Path MTU Discovery (PLPMTUD) specification for path MTU discovery.</t></li>
<li><t>Move the description of ICMP handling from an the Appendix to the main
       text.</t></li>
<li><t>Remove the Appendix describing ECN Explicit Congestion Notification (ECN) handling from the document.</t></li>
<li><t>Describe the packet size handling more precisely by introducing PMTU,
       PMDCS
       PMDCS, and AMDCS.</t></li>
<li><t>Add the definition of control chunk.</t></li>
<li><t>Improve the description of the handling of INIT and INIT ACK chunks with
       invalid mandatory parameters.</t></li>
<li><t>Allow using L > 1 for Appropriate Byte Counting (ABC) during
       slow start.</t></li>
<li><t>Explicitly describe the reinitialization of the congestion controller on
       route changes.</t></li>
<li><t>Improve the terminology to make it clear that this specification does not
       describe a full mesh architecture.</t></li>
<li><t>Improve the description of sequence number generation
       (Transmission Sequence Number and Stream Sequence Number).</t></li>
<li><t>Improve the description of reneging.</t></li>
<li><t>Don't require the change of the cumulative Cumulative TSN ACK Ack anymore for increasing
       the congestion window.
       This improves the consistency with the handling in congestion
       avoidance.</t></li>
<li><t>Improve the description of the State Cookie.</t></li>
<li><t>Fix the API for retrieving messages in case of association failures.</t></li>
</ul>
</section>
</section>
<section>
<name>Conventions</name>

<t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>",
"<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and
"<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described in
BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when,
and only when, they appear in all capitals, as shown here.</t>
</section>

<section anchor='sec_sctp_packet_format'>
<name>SCTP Packet Format</name>

<t>An SCTP packet is composed of a common header and chunks.
A chunk contains either control information or user data.</t>

<t>The SCTP packet format is shown below:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         Common Header                         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                           Chunk #1                            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                              ...                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                           Chunk #n                            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<t>INIT, INIT ACK ACK, and SHUTDOWN COMPLETE chunks MUST NOT <bcp14>MUST NOT</bcp14> be bundled
with any other chunk into an SCTP packet.
All other chunks MAY <bcp14>MAY</bcp14> be bundled to form an SCTP packet that does not exceed
the PMTU.
See <xref target='sec_bundling'/> for more details on chunk bundling.</t>
<t>If a user data message does not fit into one SCTP packet packet, it can be
fragmented into multiple chunks using the procedure defined in
<xref target='sec_frag_reass'/>.</t>
<t>All integer fields in an SCTP packet MUST <bcp14>MUST</bcp14> be transmitted in network
byte order, unless otherwise stated.</t>

<section anchor='sec_sctp_common_header_field_desriptions'>
<name>SCTP Common Header Field Descriptions</name>

<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      Source Port Number       |    Destination Port Number    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                       Verification Tag                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                           Checksum                            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Source Port Number: 16 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This is the SCTP sender's port number.
It can be used by the receiver in combination with the source IP address,
the SCTP destination port, Destination Port Number, and possibly the destination IP address to
identify the association to which this packet belongs.
The source port number Source Port Number 0 MUST NOT <bcp14>MUST NOT</bcp14> be used.</t>
</dd> used.</dd>
<dt>Destination Port Number: 16 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This is the SCTP port number to which this packet is destined.
The receiving host will use this port number to de-multiplex the
SCTP packet to the correct receiving endpoint/application.
The destination port number Destination Port Number 0 MUST NOT <bcp14>MUST NOT</bcp14> be used.</t>
</dd> used.</dd>
<dt>Verification Tag: 32 bits (unsigned integer)</dt>
<dd>
<t>The receiver of an SCTP packet uses the Verification Tag to validate
the sender of this packet.
On transmit, the value of the Verification Tag MUST <bcp14>MUST</bcp14> be set to the value of
the Initiate Tag received from the peer endpoint during the association
initialization, with the following exceptions:</t>
<ul>
<li><t>A
<li>A packet containing an INIT chunk MUST <bcp14>MUST</bcp14> have a zero Verification Tag.</t></li>
<li><t>A Tag.</li>
<li>A packet containing a SHUTDOWN COMPLETE chunk with the T bit set MUST <bcp14>MUST</bcp14> have
the Verification Tag copied from the packet with the SHUTDOWN ACK chunk.</t></li>
<li><t>A chunk.</li>
<li>A packet containing an ABORT chunk MAY <bcp14>MAY</bcp14> have the verification tag Verification Tag copied
from the packet that caused the ABORT chunk to be sent.
For details details, see Sections <xref target='sec_handle_out_of_the_blue_packets'/> target='sec_handle_out_of_the_blue_packets' format='counter'/> and
<xref target='sec_verification_tag'/>.</t></li> target='sec_verification_tag' format='counter'/>.</li>
</ul>
</dd>
<dt>Checksum: 32 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This field contains the checksum of the SCTP packet.
Its calculation is discussed in
<xref target='sec_crc32c_checksum_calculation'/>.
SCTP uses the CRC32c algorithm as described in <xref target='sec_crc32c'/> for
calculating the checksum.</t>
</dd> checksum.</dd>
</dl>
</section>

<section anchor='sec_chunk_field_descriptions'>
<name>Chunk Field Descriptions</name>

<t>The figure below illustrates the field format for the chunks to be
transmitted in the SCTP packet.
Each chunk is formatted with a Chunk Type field, a chunk-specific Flag Chunk Flags field,
a Chunk Length field, and a Chunk Value field.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Chunk Type   |  Chunk Flags  |         Chunk Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/                          Chunk Value                          /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Type: 8 bits (unsigned integer)</dt>
<dd>
<t>This field identifies the type of information contained in the Chunk Value
field. It takes a value from 0 to 254.
The value of 255 is reserved for future use as an extension field.</t>
<t>The values of Chunk Types are defined in this document are as follows:</t>
<table>
<name>Chunk Types</name>
<thead>
<tr><th>ID Value  </th> Value</th>   <th>Chunk Type                                               </th></tr> Type</th></tr>
</thead>
<tbody>
<tr><td>0         </td> <td>Payload Data (DATA)                                      </td></tr>
<tr><td>1         </td> <td>Initiation (INIT)                                        </td></tr>
<tr><td>2         </td> <td>Initiation Acknowledgement (INIT ACK)                    </td></tr>
<tr><td>3         </td> <td>Selective Acknowledgement (SACK)                         </td></tr>
<tr><td>4         </td> <td>Heartbeat Request (HEARTBEAT)                            </td></tr>
<tr><td>5         </td> <td>Heartbeat Acknowledgement (HEARTBEAT ACK)                </td></tr>
<tr><td>6         </td> <td>Abort (ABORT)                                            </td></tr>
<tr><td>7         </td> <td>Shutdown (SHUTDOWN)                                      </td></tr>
<tr><td>8         </td> <td>Shutdown Acknowledgement (SHUTDOWN ACK)                  </td></tr>
<tr><td>9         </td> <td>Operation Error (ERROR)                                  </td></tr>
<tr><td>10        </td> <td>State Cookie (COOKIE ECHO)                               </td></tr>
<tr><td>11        </td> <td>Cookie Acknowledgement (COOKIE ACK)                      </td></tr>
<tr><td>12        </td> <td>Reserved for Explicit Congestion Notification Echo (ECNE)</td></tr>
<tr><td>13        </td> <td>Reserved for Congestion Window Reduced (CWR)             </td></tr>
<tr><td>14        </td> <td>Shutdown Complete (SHUTDOWN COMPLETE)                    </td></tr>

<tr><td>15 to 62  </td> <td>available <td>Unassigned                                                </td></tr>
<tr><td>63        </td> <td>reserved <td>Reserved for IETF-defined Chunk Extensions               </td></tr>
<tr><td>64 to 126 </td> <td>available <td>Unassigned                                                </td></tr>
<tr><td>127       </td> <td>reserved <td>Reserved for IETF-defined Chunk Extensions               </td></tr>
<tr><td>128 to 190</td> <td>available <td>Unassigned                                                </td></tr>
<tr><td>191       </td> <td>reserved <td>Reserved for IETF-defined Chunk Extensions               </td></tr>
<tr><td>192 to 254</td> <td>available <td>Unassigned                                                </td></tr>
<tr><td>255       </td> <td>reserved <td>Reserved for IETF-defined Chunk Extensions               </td></tr>
</tbody>
</table>
<t>Note: The ECNE and CWR chunk types are reserved for future use of Explicit
Congestion Notification (ECN).</t>
<t>Chunk Types are encoded such that the highest-order 2 bits specify the action
that is taken if the processing endpoint does not recognize the Chunk Type.</t>
<table>
<name>Processing of Unknown Chunks</name>
<tbody>
<tr><td>00</td><td><t>Stop processing this SCTP packet; packet and
                   discard the unrecognized chunk and all further chunks.</t></td></tr>
<tr><td>01</td><td><t>Stop processing this SCTP packet, discard the unrecognized
                   chunk and all further chunks, and report the unrecognized
                   chunk in an ERROR chunk using the 'Unrecognized Chunk Type'
                   error cause.</t></td></tr>
<tr><td>10</td><td><t>Skip this chunk and continue processing.</t></td></tr>
<tr><td>11</td><td><t>Skip this chunk and continue processing, but report it in
                   an ERROR chunk using the 'Unrecognized Chunk Type' error
                   cause.</t></td></tr>
</tbody>
</table>
</dd>
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>The usage of these bits depends on the Chunk type Type, as given by the Chunk Type
field.
Unless otherwise specified, they are set to 0 on transmit and are ignored
on receipt.</t>
</dd>
<dt>Chunk Length: 16 bits (unsigned integer)</dt>
<dd>
<t>This value represents the size of the chunk in bytes, including the Chunk Type,
Chunk Flags, Chunk Length, and Chunk Value fields.
Therefore, if the Chunk Value field is zero-length, the Length field will be
set to 4.
The Chunk Length field does not count any chunk padding.
However, it does include any padding of variable-length parameters other than
the last parameter in the chunk.</t>
<t>Note: A robust implementation is expected to accept the chunk whether or not
the final padding has been included in the Chunk Length.</t>
</dd>
<dt>Chunk Value: variable length</dt>
<dd>
<t>The Chunk Value field contains the actual information to be transferred in the
chunk.
The usage and format of this field is dependent on the Chunk Type.</t>
</dd>
</dl>
<t>The total length of a chunk (including Type, Length, and Value fields) MUST <bcp14>MUST</bcp14>
be a multiple of 4 bytes.
If the length of the chunk is not a multiple of 4 bytes, the sender MUST <bcp14>MUST</bcp14> pad
the chunk with all zero bytes, and this padding is not included in the
Chunk Length field.
The sender MUST NOT <bcp14>MUST NOT</bcp14> pad with more than 3 bytes.
The receiver MUST <bcp14>MUST</bcp14> ignore the padding bytes.</t>
<t>SCTP-defined chunks are described in detail in
<xref target='sec_sctp_chunk_definitions'/>.
The guidelines for IETF-defined chunk extensions can be found in
<xref target='sec_ietf_defined_chunks_extension'/> of this document.</t>

<section anchor='sec_parameter_format'>
<name>Optional/Variable-Length Parameter Format</name>

<t>Chunk values of SCTP control chunks consist of a chunk-type-specific
header of required fields, followed by zero or more parameters.
The optional and variable-length parameters contained in a chunk are
defined in a Type-Length-Value format format, as shown below.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Parameter Type         |       Parameter Length        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/                        Parameter Value                        /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Parameter Type: 16 bits (unsigned integer)</dt>
<dd>
<t>The Type field is a 16-bit identifier of the type of parameter.
It takes a value of 0 to 65534.</t>

<t>The value of 65535 is reserved for IETF-defined extensions.
Values other than those defined in specific SCTP chunk descriptions are
reserved for use by IETF.</t>
</dd>
<dt>Parameter Length: 16 bits (unsigned integer)</dt>
<dd>
<t>The
<dd>The Parameter Length field contains the size of the parameter in
bytes, including the Parameter Type, Parameter Length, and Parameter Value
fields. Thus, a parameter with a zero-length Parameter Value field would have a
Parameter Length field of 4.
The Parameter Length does not include any padding bytes.</t>
</dd> bytes.</dd>
<dt>Parameter Value: variable length</dt>
<dd>
<t>The Parameter Value field contains the actual information to be transferred in
the parameter.</t>
</dd>
</dl>
<t>The total length of a parameter (including Parameter Type, Parameter Length,
and Parameter Value fields) MUST <bcp14>MUST</bcp14> be a multiple of 4 bytes.
If the length of the parameter is not a multiple of 4 bytes, the sender pads the
parameter at the end (i.e., after the Parameter Value field) with all zero
bytes.
The length of the padding is not included in the Parameter Length field.
A sender MUST NOT <bcp14>MUST NOT</bcp14> pad with more than 3 bytes.
The receiver MUST <bcp14>MUST</bcp14> ignore the padding bytes.</t>
<t>The Parameter Types are encoded such that the highest-order 2 bits specify the
action that is taken if the processing endpoint does not recognize the
Parameter Type.</t>
<table>
<name>Processing of Unknown Parameters</name>
<tbody>
<tr><td>00</td><td><t>Stop processing this parameter; parameter and do not process any
                   further parameters within this chunk.</t></td></tr>
<tr><td>01</td><td><t>Stop processing this parameter, do not process any
                   further parameters within this chunk, and report the
                   unrecognized parameter parameter, as described in
                   <xref target='sec_reporting_of_unrecognized_parameters'/>.</t></td></tr>
<tr><td>10</td><td><t>Skip this parameter and continue processing.</t></td></tr>
<tr><td>11</td><td><t>Skip this parameter and continue processing processing, but report
                   the unrecognized parameter parameter, as described in
                   <xref target='sec_reporting_of_unrecognized_parameters'/>.</t></td></tr>
</tbody>
</table>
<t>Please note that, when an INIT or INIT ACK chunk is received, in all
four cases, an INIT ACK or COOKIE ECHO chunk is sent in response, respectively.
In the 00 or 01 case, the processing of the parameters after the unknown
parameter is canceled, but no processing already done is rolled back.</t>
<t>The actual SCTP parameters are defined in the specific SCTP chunk sections.
The rules for IETF-defined parameter extensions are defined in
<xref target='sec_ietf_defined_chunk_parameter_extension'/>.
Parameter types MUST <bcp14>MUST</bcp14> be unique across all chunks.
For example, the parameter type '5' is used to represent an IPv4 address
(see <xref target='sec_optional_variable_length_parameters_in_init'/>). target='sec_ipv4_address_parameter'/>).
The value '5' then is reserved across all chunks to represent an IPv4 address
and MUST NOT <bcp14>MUST NOT</bcp14> be reused with a different meaning in any other chunk.</t>
</section>

<section anchor='sec_reporting_of_unrecognized_parameters'>
<name>Reporting of Unrecognized Parameters</name>

<t>If the receiver of an INIT chunk detects unrecognized parameters and
has to report them according to <xref target='sec_parameter_format'/>,
it MUST <bcp14>MUST</bcp14> put the "Unrecognized Parameter" parameter(s) in the INIT ACK chunk
sent in response to the INIT chunk.
Note that that, if the receiver of the INIT chunk is not going to establish an
association (e.g., due to lack of resources), an "Unrecognized Parameter" Parameters"
error cause would not be included with any ABORT chunk being sent to the sender
of the INIT chunk.</t>
<t>If the receiver of any other chunk (e.g., INIT ACK) detects unrecognized
parameters and has to report them according to
<xref target='sec_parameter_format'/>, it SHOULD <bcp14>SHOULD</bcp14> bundle the ERROR chunk
containing the "Unrecognized Parameters" error cause with the chunk sent
in response (e.g., COOKIE ECHO).
If the receiver of an INIT ACK chunk cannot bundle the COOKIE ECHO chunk with
the ERROR chunk, the ERROR chunk MAY <bcp14>MAY</bcp14> be sent separately but not before the
COOKIE ACK chunk has been received.</t>
<t>Any time a COOKIE ECHO chunk is sent in a packet, it MUST <bcp14>MUST</bcp14> be the first
chunk.</t>
</section>
</section>

<section anchor='sec_sctp_chunk_definitions'>
<name>SCTP Chunk Definitions</name>

<t>This section defines the format of the different SCTP chunk types.</t>

<section anchor='sec_data_chunk'>
<name>Payload Data (DATA) (0)</name>

<t>The following format MUST <bcp14>MUST</bcp14> be used for the DATA chunk:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 0    |  Res  |I|U|B|E|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                              TSN                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|      Stream Identifier S      |   Stream Sequence Number n    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                  Payload Protocol Identifier                  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/                 User Data (seq n of Stream S)                 /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Res: 4 bits</dt>
<dd>
<t>All
<dd>All set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>I bit: 1 bit</dt>
<dd>
<t>The
<dd>The (I)mmediate bit MAY <bcp14>MAY</bcp14> be set by the sender whenever the sender of a DATA
chunk can benefit from the corresponding SACK chunk being sent back without delay.
See Section 4 of <xref target='RFC7053'/> target="RFC7053" section="4" sectionFormat="of" /> for a discussion of the benefits.</t>
</dd> benefits.</dd>
<dt>U bit: 1 bit</dt>
<dd>
<t>The (U)nordered bit, if set to 1, indicates that this is an unordered
DATA chunk, and there is no Stream Sequence Number assigned to this DATA chunk.
Therefore, the receiver MUST <bcp14>MUST</bcp14> ignore the Stream Sequence Number field.</t>
<t>After reassembly (if necessary), unordered DATA chunks MUST <bcp14>MUST</bcp14> be dispatched to
the upper layer by the receiver without any attempt to reorder.</t>
<t>If an unordered user message is fragmented, each fragment of the message MUST <bcp14>MUST</bcp14>
have its U bit set to 1.</t>
</dd>
<dt>B bit: 1 bit</dt>
<dd>
<t>The
<dd>The (B)eginning fragment bit, if set, indicates the first fragment of a
user message.</t>
</dd> message.</dd>
<dt>E bit: 1 bit</dt>
<dd>
<t>The
<dd>The (E)nding fragment bit, if set, indicates the last fragment of
a user message.</t>
</dd> message.</dd>
<dt>Length: 16 bits (unsigned integer)</dt>
<dd>
<t>This field indicates the length of the DATA chunk in bytes from
the beginning of the type field to the end of the User Data field
excluding any padding.
A DATA chunk with one byte of user data will have the Length field set to 17
(indicating 17 bytes).</t>
<t>A DATA chunk with a User Data field of length L will have the Length field set
to (16 + L) (indicating 16 + L bytes) where L MUST <bcp14>MUST</bcp14> be greater than 0.</t>
</dd>
<dt>TSN: 32 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This value represents the TSN for this DATA chunk.
The valid range of TSN is from 0 to 4294967295 (2<sup>32</sup> - 1).
TSN wraps back to 0 after reaching 4294967295.</t>
</dd> 4294967295.</dd>
<dt>Stream Identifier S: 16 bits (unsigned integer)</dt>
<dd>
<t>Identifies
<dd>Identifies the stream to which the following user data belongs.</t>
</dd> belongs.</dd>
<dt>Stream Sequence Number n: 16 bits (unsigned integer)</dt>
<dd>
<t>This value represents the Stream Sequence Number of the following user data
within the stream S.
Valid range is 0 to 65535.</t>
<t>When a user message is fragmented by SCTP for transport, the same
Stream Sequence Number MUST <bcp14>MUST</bcp14> be carried in each of the fragments of the message.</t>
</dd>
<dt>Payload Protocol Identifier: 32 bits (unsigned integer)</dt>
<dd>
<t>This value represents an application (or upper layer) specified protocol
identifier.
This value is passed to SCTP by its upper layer and sent to its peer.
This identifier is not used by SCTP but can be used by certain network entities,
as well as by the peer application, to identify the type of information being
carried in this DATA chunk.
This field MUST <bcp14>MUST</bcp14> be sent even in fragmented DATA chunks (to make sure it is
available for agents in the middle of the network).
Note that this field is not touched by an SCTP implementation;
The
the upper layer is responsible for the host to network byte order conversion of
this field.</t>
<t>The value 0 indicates that no application identifier is specified by the upper
layer for this payload data.</t>
</dd>
<dt>User Data: variable length</dt>
<dd>
<t>This
<dd>This is the payload user data.
The implementation MUST <bcp14>MUST</bcp14> pad the end of the data to a 4-byte boundary with
all-zero
all zero bytes.
Any padding MUST NOT <bcp14>MUST NOT</bcp14> be included in the Length field.
A sender MUST <bcp14>MUST</bcp14> never add more than 3 bytes of padding.</t>
</dd> padding.</dd>
</dl>
<t>An unfragmented user message MUST <bcp14>MUST</bcp14> have both the B and E bits set to 1.
Setting both B and E bits to 0 indicates a middle fragment of a multi-fragment
user message, as summarized in the following table:</t>
<table anchor='table_fragment_description_flags'>
<name>Fragment Description Flags</name>
<thead>
<tr><td align='center'>B</td><td align='center'>E</td><td align='center'>Description</td></tr>
<tr><th align='center'>B</th><th align='center'>E</th><th align='center'>Description</th></tr>
</thead>
<tbody>
<tr><td align='center'>1</td><td align='center'>0</td><td align='center'>First piece of a fragmented user message</td></tr>
<tr><td align='center'>0</td><td align='center'>0</td><td align='center'>Middle piece of a fragmented user message</td></tr>
<tr><td align='center'>0</td><td align='center'>1</td><td align='center'>Last piece of a fragmented user message</td></tr>
<tr><td align='center'>1</td><td align='center'>1</td><td align='center'>Unfragmented message</td></tr>
</tbody>
</table>
<t>When a user message is fragmented into multiple chunks, the TSNs are
used by the receiver to reassemble the message. This means that the
TSNs for each fragment of a fragmented user message MUST <bcp14>MUST</bcp14> be strictly
sequential.</t>
<t>The TSNs of DATA chunks sent SHOULD <bcp14>SHOULD</bcp14> be strictly sequential.</t>
<t>Note: The extension described in <xref target='RFC8260'/> target="RFC8260"/> can be used
to mitigate the head of line blocking when transferring large user messages.</t>
</section>

<section anchor='sec_init_chunk'>
<name>Initiation (INIT) (1)</name>

<t>This chunk is used to initiate an SCTP association between two endpoints.
The format of the INIT chunk is shown below:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 1    |  Chunk Flags  |      Chunk Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         Initiate Tag                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Advertised Receiver Window Credit (a_rwnd)           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Number of Outbound Streams   |   Number of Inbound Streams   |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          Initial TSN                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/              Optional/Variable-Length Parameters              /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<t>The following parameters are specified for the INIT chunk.
Unless otherwise noted, each parameter MUST <bcp14>MUST</bcp14> only be included once in the
INIT chunk.</t>
<table>
<name>Fixed Length
<name>Fixed-Length Parameters of INIT Chunks</name>
<thead>
<tr><td>Fixed Length Parameter</td>           <td>Status</td></tr>
<tr><th>Fixed-Length Parameter</th>           <th>Status</th></tr>
</thead>
<tbody>
<tr><td>Initiate Tag</td>                     <td>Mandatory</td></tr>
<tr><td>Advertised Receiver Window Credit</td><td>Mandatory</td></tr>
<tr><td>Number of Outbound Streams</td>       <td>Mandatory</td></tr>
<tr><td>Number of Inbound Streams</td>        <td>Mandatory</td></tr>
<tr><td>Initial TSN</td>                      <td>Mandatory</td></tr>
</tbody>
</table>
<table>
<name>Variable Length
<name>Variable-Length Parameters of INIT Chunks</name>
<thead>
<tr><td>Variable Length Parameter</td>        <td>Status</td>  <td>Type Value</td></tr>
<tr><th>Variable-Length Parameter</th>        <th>Status</th>  <th>Type Value</th></tr>
</thead>
<tbody>
<tr><td>IPv4 Address (Note 1)</td>            <td>Optional</td>  <td>5</td></tr>
<tr><td>IPv6 Address (Note 1)</td>            <td>Optional</td>  <td>6</td></tr>
<tr><td>Cookie Preservative</td>              <td>Optional</td>  <td>9</td></tr>
<tr><td>Reserved for ECN Capable (Note 2)</td><td>Optional</td>  <td>32768 (0x8000)</td></tr>
<tr><td>Host Name Address (Note 3)</td>       <td>Deprecated</td><td>11</td></tr>
<tr><td>Supported Address Types (Note 4)</td> <td>Optional</td>  <td>12</td></tr>
</tbody>
</table>
<t>Note 1:
The INIT chunks can contain multiple addresses that can be IPv4 and/or IPv6
in any combination.</t>
<t>Note 2:
The ECN Capable field is reserved for future use of Explicit Congestion
Notification.</t>
<t>Note 3:
An INIT chunk MUST NOT <bcp14>MUST NOT</bcp14> contain the Host Name Address parameter.
The receiver of an INIT chunk containing a Host Name Address parameter MUST <bcp14>MUST</bcp14>
send an ABORT chunk and MAY <bcp14>MAY</bcp14> include an "Unresolvable Address" error cause.</t>
<t>Note 4:
This parameter, when present, specifies all the address types the sending
endpoint can support.
The absence of this parameter indicates that the sending endpoint can support
any address type.</t>
<t>If an INIT chunk is received with all mandatory parameters that are
specified for the INIT chunk, then the receiver SHOULD <bcp14>SHOULD</bcp14> process the INIT chunk
and send back an INIT ACK.
The receiver of the INIT chunk MAY <bcp14>MAY</bcp14> bundle an ERROR chunk with the COOKIE ACK
chunk later.
However, restrictive implementations MAY <bcp14>MAY</bcp14> send back an ABORT chunk in response
to the INIT chunk.</t>
<t>The Chunk Flags field in INIT chunks is reserved, and all bits in it SHOULD <bcp14>SHOULD</bcp14>
be set to 0 by the sender and ignored by the receiver.</t>
<dl newline="true">
<dt>Initiate Tag: 32 bits (unsigned integer)</dt>
<dd>
<t>The receiver of the INIT chunk (the responding end) records the value of the
Initiate Tag parameter.
This value MUST <bcp14>MUST</bcp14> be placed into the Verification Tag field of every SCTP packet
that the receiver of the INIT chunk transmits within this association.</t>
<t>The Initiate Tag is allowed to have any value except 0.
See <xref target='sec_selection_of_tag_value'/> for more on the selection of
the tag value.</t>
<t>If the value of the Initiate Tag in a received INIT chunk is found to be 0,
the receiver MUST <bcp14>MUST</bcp14> silently discard the packet.</t>
</dd>
<dt>Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned integer)</dt>
<dd>
<t>This value represents the dedicated buffer space, in number of bytes,
the sender of the INIT chunk has reserved in association with this window.</t>
<t>The Advertised Receiver Window Credit MUST NOT <bcp14>MUST NOT</bcp14> be smaller than 1500.</t>
<t>A receiver of an INIT chunk with the a_rwnd value set to a value smaller than
1500 MUST <bcp14>MUST</bcp14> discard the packet, SHOULD <bcp14>SHOULD</bcp14> send a packet in response containing
an ABORT chunk and using the Initiate Tag as the Verification Tag, and MUST NOT <bcp14>MUST NOT</bcp14>
change the state of any existing association.</t>
<t>During the life of the association, this buffer space SHOULD NOT <bcp14>SHOULD NOT</bcp14> be reduced
(i.e., dedicated buffers ought not to be taken away from this association);
however, an endpoint MAY <bcp14>MAY</bcp14> change the value of a_rwnd it sends in SACK chunks.</t>
</dd>
<dt>Number of Outbound Streams (OS): 16 bits (unsigned integer)</dt>
<dd>
<t>Defines the number of outbound streams the sender of this INIT chunk wishes
to create in this association.
The value of 0 MUST NOT <bcp14>MUST NOT</bcp14> be used.</t>
<t>A receiver of an INIT chunk with the OS value set to 0 MUST <bcp14>MUST</bcp14> discard the
packet, SHOULD <bcp14>SHOULD</bcp14> send a packet in response containing an ABORT chunk and using
the Initiate Tag as the Verification Tag, and MUST NOT <bcp14>MUST NOT</bcp14> change the state of any
existing association.</t>
</dd>
<dt>Number of Inbound Streams (MIS): 16 bits (unsigned integer)</dt>
<dd>
<t>Defines the maximum number of streams the sender of this INIT chunk allows
the peer end to create in this association.
The value 0 MUST NOT <bcp14>MUST NOT</bcp14> be used.</t>
<t>Note: There is no negotiation of the actual number of streams but instead streams; instead, the
two endpoints will use the min(requested, offered).
See <xref target='sec_handle_stream_parameters'/> for details.</t>
<t>A receiver of an INIT chunk with the MIS value set to 0 MUST <bcp14>MUST</bcp14> discard the
packet, SHOULD <bcp14>SHOULD</bcp14> send a packet in response containing an ABORT chunk and using
the Initiate Tag as the Verification Tag, and MUST NOT <bcp14>MUST NOT</bcp14> change the state of any
existing association.</t>
</dd>
<dt>Initial TSN (I-TSN): 32 bits (unsigned integer)</dt>
<dd>
<t>Defines
<dd>Defines the initial TSN that the sender of the INIT chunk will use. use initially.
The valid range is from 0 to 4294967295 and the Initial TSN SHOULD <bcp14>SHOULD</bcp14> be set to a
random value in that range.
The methods described in <xref target='RFC4086'/> target="RFC4086"/> can be used for the
Initial TSN randomization.</t>
</dd> randomization.</dd>
</dl>

<section anchor='sec_optional_variable_length_parameters_in_init'>
<name>Optional or Variable-Length Parameters in INIT chunks</name>

<t>The following parameters follow the Type-Length-Value format as defined in
<xref target='sec_parameter_format'/>.
Any Type-Length-Value fields MUST <bcp14>MUST</bcp14> be placed after the fixed-length fields.
(The fixed-length fields are defined in the previous section.)</t>

<section anchor='sec_ipv4_address_parameter'>
<name>IPv4 Address (5)</name>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 5            |          Length = 8           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         IPv4 Address                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>IPv4 Address: 32 bits (unsigned integer)</dt>
<dd>
<t>Contains
<dd>Contains an IPv4 address of the sending endpoint.
It is binary encoded.</t>
</dd> encoded.</dd>
</dl>
</section>

<section anchor='sec_ipv6_address_parameter'>
<name>IPv6 Address (6)</name>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 6            |          Length = 20          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
|                         IPv6 Address                          |
|                                                               |
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>IPv6 Address: 128 bits (unsigned integer)</dt>
<dd>
<t>Contains an IPv6 <xref target='RFC8200'/> target="RFC8200"/> address of the sending endpoint.
It is binary encoded.</t>
<t>A sender MUST NOT <bcp14>MUST NOT</bcp14> use an IPv4-mapped IPv6 address <xref target='RFC4291'/>, target="RFC4291"/>
but SHOULD <bcp14>SHOULD</bcp14> instead use an IPv4 Address parameter for an IPv4 address.</t>
</dd>
</dl>
<t>Combined with the Source Port Number in the SCTP common header, the value
passed in an IPv4 or IPv6 Address parameter indicates a transport address the
sender of the INIT chunk will support for the association being initiated.
That is, during the life time of this association, this IP address can appear
in the source address field of an IP datagram sent from the sender of the INIT
chunk,
chunk and can be used as a destination address of an IP datagram sent from the
receiver of the INIT chunk.</t>
<t>More than one IP Address parameter can be included in an INIT chunk when the
sender of the INIT chunk is multi-homed.
Moreover, a multi-homed endpoint might have access to different types of network;
thus, more than one address type can be present in one INIT chunk, i.e.,
IPv4 and IPv6 addresses are allowed in the same INIT chunk.</t>
<t>If the INIT chunk contains at least one IP Address parameter, then the
source address of the IP datagram containing the INIT chunk and any additional
address(es) provided within the INIT can be used as destinations by the endpoint
receiving the INIT chunk.
If the INIT chunk does not contain any IP Address parameters, the endpoint
receiving the INIT chunk MUST <bcp14>MUST</bcp14> use the source address associated with the
received IP datagram as its sole destination address for the association.</t>
<t>Note that not using any IP Address parameters in the INIT and INIT ACK chunk
is a way to make an association more likely to work in combination with Network
Address Translation (NAT).</t>
</section>

<section>
<name>Cookie Preservative (9)</name>
<t>The sender of the INIT chunk uses this parameter to suggest to the
receiver of the INIT chunk a longer life-span life span for the State Cookie.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 9            |          Length = 8           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Suggested Cookie Life-Span Increment (msec.)          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Suggested Cookie Life-Span Increment: 32 bits (unsigned integer)</dt>
<dd>
<t>This parameter indicates to the receiver how much increment in milliseconds
the sender wishes the receiver to add to its default cookie life-span.</t> life span.</t>
<t>This optional parameter MAY <bcp14>MAY</bcp14> be added to the INIT chunk by the sender when
it reattempts establishing an association with a peer to which its previous
attempt of establishing the association failed due to a stale cookie operation
error.
The receiver MAY <bcp14>MAY</bcp14> choose to ignore the suggested cookie life-span life span increase for
its own security reasons.</t>
</dd>
</dl>
</section>

<section anchor='sec_host_name_address_parameter'>
<name>Host Name Address (11)</name>
<t>The sender of an INIT chunk or INIT ACK chunk MUST NOT <bcp14>MUST NOT</bcp14> include this parameter.
The usage of the Host Name Address parameter is deprecated.
The receiver of an INIT chunk or an INIT ACK containing a Host Name Address
parameter MUST <bcp14>MUST</bcp14> send an ABORT chunk and MAY <bcp14>MAY</bcp14> include an "Unresolvable Address"
error cause.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 11           |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                           Host Name                           /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Host Name: variable length</dt>
<dd>
<t>This field contains a host name in "host name syntax" per Section 2.1 of <xref target='RFC1123'/>. target="RFC1123" section="2.1" sectionFormat="of" />.
The method for resolving the host name is out of scope of SCTP.</t>
<t>At least one null terminator is included in the Host Name string and MUST <bcp14>MUST</bcp14> be
included in the length.</t>
</dd>
</dl>
</section>

<section>
<name>Supported Address Types (12)</name>
<t>The sender of the INIT chunk uses this parameter to list all the address types
it can support.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 12           |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Address Type #1        |        Address Type #2        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                            ......                             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+
</artwork>
<dl newline="true">
<dt>Address Type: 16 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This is filled with the type value of the corresponding address
TLV (e.g., 5 for indicating IPv4, and 6 for indicating IPv6).
The value indicating the Host Name Address parameter MUST NOT <bcp14>MUST NOT</bcp14> be used
when sending this parameter and MUST <bcp14>MUST</bcp14> be ignored when receiving this
parameter.</t>
</dd>
parameter.</dd>
</dl>
</section>
</section>
</section>

<section anchor='sec_init_ack_chunk'>
<name>Initiation Acknowledgement (INIT ACK) (2)</name>

<t>The INIT ACK chunk is used to acknowledge the initiation of an SCTP
association.
The format of the INIT ACK chunk is shown below:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 2    |  Chunk Flags  |         Chunk Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         Initiate Tag                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               Advertised Receiver Window Credit               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Number of Outbound Streams   |   Number of Inbound Streams   |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          Initial TSN                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/              Optional/Variable-Length Parameters              /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<t>The parameter part of INIT ACK is formatted similarly to the INIT chunk.
The following parameters are specified for the INIT ACK chunk:</t>
<table>
<name>Fixed Length
<name>Fixed-Length Parameters of INIT ACK Chunks</name>
<thead>
<tr><td>Fixed Length Parameter</td>           <td>Status</td></tr>
<tr><th>Fixed-Length Parameter</th>           <th>Status</th></tr>
</thead>
<tbody>
<tr><td>Initiate Tag</td>                     <td>Mandatory</td></tr>
<tr><td>Advertised Receiver Window Credit</td><td>Mandatory</td></tr>
<tr><td>Number of Outbound Streams</td>       <td>Mandatory</td></tr>
<tr><td>Number of Inbound Streams</td>        <td>Mandatory</td></tr>
<tr><td>Initial TSN</td>                      <td>Mandatory</td></tr>
</tbody>
</table>
<t>It uses two extra variable parameters: The the State Cookie and the Unrecognized
Parameter:</t>
Parameter. </t>
<table>
<name>Variable Length
<name>Variable-Length Parameters of INIT ACK Chunks</name>
<thead>
<tr><td>Variable Length Parameter</td>        <td>Status</td>  <td>Type Value</td></tr>
<tr><th>Variable-Length Parameter</th>        <th>Status</th>    <th>Type Value</th></tr>
</thead>
<tbody>
<tr><td>State Cookie</td>                     <td>Mandatory</td> <td>7</td></tr>
<tr><td>IPv4 Address (Note 1)</td>            <td>Optional</td>  <td>5</td></tr>
<tr><td>IPv6 Address (Note 1)</td>            <td>Optional</td>  <td>6</td></tr>
<tr><td>Unrecognized Parameter</td>           <td>Optional</td>  <td>8</td></tr>
<tr><td>Reserved for ECN Capable (Note 2)</td><td>Optional</td>  <td>32768 (0x8000)</td></tr>
<tr><td>Host Name Address (Note 3)</td>       <td>Deprecated</td><td>11</td></tr>
</tbody>
</table>

<t>Note 1:
The INIT ACK chunks can contain any number of IP address Address parameters that
can be IPv4 and/or IPv6 in any combination.</t>
<t>Note 2:
The ECN Capable field is reserved for future use of Explicit Congestion
Notification.</t>
<t>Note 3:
An INIT ACK chunk MUST NOT <bcp14>MUST NOT</bcp14> contain the Host Name Address parameter.
The receiver of INIT ACK chunks containing a Host Name Address parameter
MUST
<bcp14>MUST</bcp14> send an ABORT chunk and MAY <bcp14>MAY</bcp14> include an "Unresolvable Address" error cause.</t>
<t>The Chunk Flags field in INIT ACK chunks is reserved, and all bits in it
SHOULD
<bcp14>SHOULD</bcp14> be set to 0 by the sender and ignored by the receiver.</t>
<dl newline="true">
<dt>Initiate Tag: 32 bits (unsigned integer)</dt>
<dd>
<t>The receiver of the INIT ACK chunk records the value of the Initiate Tag
parameter.
This value MUST <bcp14>MUST</bcp14> be placed into the Verification Tag field of every SCTP packet
that the receiver of the INIT ACK chunk transmits within this association.</t>
<t>The Initiate Tag MUST NOT <bcp14>MUST NOT</bcp14> take the value 0.
See <xref target='sec_selection_of_tag_value'/> for more on the selection of
the Initiate Tag value.</t>
<t>If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk with the
Initiate Tag set to 0, it MUST <bcp14>MUST</bcp14> destroy the TCB and SHOULD <bcp14>SHOULD</bcp14> send an ABORT chunk
with the T bit set.
If such an INIT-ACK INIT ACK chunk is received in any state other than CLOSED or
COOKIE-WAIT, it SHOULD <bcp14>SHOULD</bcp14> be discarded silently
(see <xref target='sec_unexpected_init_ack'/>).</t>
</dd>
<dt>Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned integer)</dt>
<dd>
<t>This value represents the dedicated buffer space, in number of bytes, the
sender of the INIT ACK chunk has reserved in association with this window.</t>
<t>The Advertised Receiver Window Credit MUST NOT <bcp14>MUST NOT</bcp14> be smaller than 1500.</t>
<t>A receiver of an INIT ACK chunk with the a_rwnd value set to a value smaller
than 1500 MUST <bcp14>MUST</bcp14> discard the packet, SHOULD <bcp14>SHOULD</bcp14> send a packet in response
containing an ABORT chunk and using the Initiate Tag as the Verification Tag,
and MUST NOT <bcp14>MUST NOT</bcp14> change the state of any existing association.</t>
<t>During the life of the association, this buffer space SHOULD NOT <bcp14>SHOULD NOT</bcp14> be reduced
(i.e., dedicated buffers ought not to be taken away from this association);
however, an endpoint MAY <bcp14>MAY</bcp14> change the value of a_rwnd it sends in SACK chunks.</t>
</dd>
<dt>Number of Outbound Streams (OS): 16 bits (unsigned integer)</dt>
<dd>
<t>Defines the number of outbound streams the sender of this INIT ACK chunk
wishes to create in this association.
The value of 0 MUST NOT <bcp14>MUST NOT</bcp14> be used, and the value MUST NOT <bcp14>MUST NOT</bcp14> be greater than the
MIS value sent in the INIT chunk.</t>
<t>If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk with the
OS value set to 0, it MUST <bcp14>MUST</bcp14> destroy the TCB and SHOULD <bcp14>SHOULD</bcp14> send an ABORT chunk.
If such an INIT-ACK INIT ACK chunk is received in any state other than CLOSED or
COOKIE-WAIT, it SHOULD <bcp14>SHOULD</bcp14> be discarded silently
(see <xref target='sec_unexpected_init_ack'/>).</t>
</dd>
<dt>Number of Inbound Streams (MIS): 16 bits (unsigned integer)</dt>
<dd>
<t>Defines the maximum number of streams the sender of this INIT ACK chunk
allows the peer end to create in this association.
The value 0 MUST NOT <bcp14>MUST NOT</bcp14> be used.</t>
<t>Note:
There is no negotiation of the actual number of streams streams, but instead the two
endpoints will use the min(requested, offered).
See <xref target='sec_handle_stream_parameters'/> for details.</t>
<t>If an endpoint in the COOKIE-WAIT state receives an INIT ACK chunk with the
MIS value set to 0, it MUST <bcp14>MUST</bcp14> destroy the TCB and SHOULD <bcp14>SHOULD</bcp14> send an ABORT chunk.
If such an INIT-ACK INIT ACK chunk is received in any state other than CLOSED or
COOKIE-WAIT, it SHOULD <bcp14>SHOULD</bcp14> be discarded silently
(see <xref target='sec_unexpected_init_ack'/>).</t>
</dd>
<dt>Initial TSN (I-TSN): 32 bits (unsigned integer)</dt>
<dd>
<t>Defines
<dd>Defines the initial TSN that the sender of the INIT ACK chunk will use. use initially.
The valid range is from 0 to 4294967295 and the Initial TSN SHOULD <bcp14>SHOULD</bcp14> be set to a
random value in that range.
The methods described in <xref target='RFC4086'/> target="RFC4086"/> can be used for the
Initial TSN randomization.</t>
</dd> randomization.</dd>
</dl>
<t>Implementation Note:
An implementation MUST <bcp14>MUST</bcp14> be prepared to receive an INIT ACK chunk that is quite
large (more than 1500 bytes) due to the variable size of the State Cookie and
the variable address list.
For example example, if a responder to the INIT chunk has 1000 IPv4 addresses it wishes
to send, it would need at least 8,000 bytes to encode this in the
INIT ACK chunk.</t>
<t>If an INIT ACK chunk is received with all mandatory parameters that are
specified for the INIT ACK chunk, then the receiver SHOULD <bcp14>SHOULD</bcp14> process the
INIT ACK chunk and send back a COOKIE ECHO chunk.
The receiver of the INIT ACK chunk MAY <bcp14>MAY</bcp14> bundle an ERROR chunk with the
COOKIE ECHO chunk.
However, restrictive implementations MAY <bcp14>MAY</bcp14> send back an ABORT chunk in
response to the INIT ACK chunk.</t>
<t>In combination with the Source Port Number carried in the SCTP common header,
each IP Address parameter in the INIT ACK chunk indicates to the receiver of
the INIT ACK chunk a valid transport address supported by the sender of the
INIT ACK chunk for the life time of the association being initiated.</t>
<t>If the INIT ACK chunk contains at least one IP Address parameter, then the
source address of the IP datagram containing the INIT ACK chunk and any
additional address(es) provided within the INIT ACK chunk MAY <bcp14>MAY</bcp14> be used as
destinations by the receiver of the INIT ACK chunk.
If the INIT ACK chunk does not contain any IP Address parameters, the receiver
of the INIT ACK chunk MUST <bcp14>MUST</bcp14> use the source address associated with the received
IP datagram as its sole destination address for the association.</t>
<t>The State Cookie and Unrecognized Parameters use the Type-Length-Value format
as defined in <xref target='sec_parameter_format'/> and are described below.
The other fields are defined in the same way as their counterparts in the
INIT chunk.</t>

<section anchor='sec_optional_variable_length_parameters_in_init_ack'>
<name>Optional or Variable-Length Parameters in INIT ACK chunks</name> Chunks</name>
<t>The State Cookie and Unrecognized Parameters use the Type-Length-Value format format,
as defined in <xref target='sec_parameter_format'/> target='sec_parameter_format'/>, and are described below.
The IPv4 Address Parameter parameter is described in <xref target='sec_ipv4_address_parameter'/>, and
the IPv6 Address Parameter parameter is described in <xref target='sec_ipv6_address_parameter'/>.
The Host Name Address Parameter parameter is described in <xref target='sec_host_name_address_parameter'/>
and MUST NOT <bcp14>MUST NOT</bcp14> be included in an INIT ACK chunk.
Any Type-Length-Value fields MUST <bcp14>MUST</bcp14> be placed after the fixed-length fields.
(The fixed-length fields are defined in the previous section.)</t>

<section>
<name>State Cookie (7)</name>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 7            |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                            Cookie                             /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Cookie: variable length</dt>
<dd>
<t>This
<dd>This parameter value MUST <bcp14>MUST</bcp14> contain all the necessary state and parameter
information required for the sender of this INIT ACK chunk to create the
association, along with a Message Authentication Code (MAC).
See <xref target='sec_generating_state_cookie'/> for details on
State Cookie definition.</t>
</dd> definition.</dd>
</dl>
</section>

<section>
<name>Unrecognized Parameter (8)</name>
<t>This parameter is returned to the originator of the INIT chunk when the INIT
chunk contains an unrecognized parameter that has a type that indicates it
SHOULD
<bcp14>SHOULD</bcp14> be reported to the sender.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Type = 8            |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                    Unrecognized Parameter                     /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Unrecognized Parameter: variable length</dt>
<dd>
<t>The parameter value
<dd>The Parameter Value field will contain an unrecognized parameter copied from
the INIT chunk complete with Parameter Type, Length, and Value fields.</t>
</dd> fields.</dd>
</dl>
</section>
</section>
</section>

<section anchor='sec_sack_chunk'>
<name>Selective Acknowledgement (SACK) (3)</name>

<t>This chunk is sent to the peer endpoint to acknowledge received DATA chunks
and to inform the peer endpoint of gaps in the received subsequences of DATA
chunks as represented by their TSNs.</t>
<t>The SACK chunk MUST <bcp14>MUST</bcp14> contain the Cumulative TSN Ack, Advertised Receiver
Window Credit (a_rwnd), Number of Gap Ack Blocks, and Number of Duplicate TSNs
fields.</t>
<t>By definition, the value of the Cumulative TSN Ack parameter is the
last TSN received before a break in the sequence of received TSNs
occurs;
the next TSN value following this one has not yet been received at the endpoint
sending the SACK chunk.
This parameter therefore acknowledges receipt of all TSNs less than or equal to
its value.</t>
<t>The handling of a_rwnd by the receiver of the SACK chunk is discussed in
detail in <xref target='sec_processing_of_received_sack'/>.</t>
<t>The SACK chunk also contains zero or more Gap Ack Blocks.
Each Gap Ack Block acknowledges a subsequence of TSNs received following a break
in the sequence of received TSNs.
The Gap Ack Blocks SHOULD <bcp14>SHOULD</bcp14> be isolated.
This means that the TSN just before each Gap Ack Block and the TSN just after
each Gap Ack Block have not been received.
By definition, all TSNs acknowledged by Gap Ack Blocks are greater than the
value of the Cumulative TSN Ack.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 3    |  Chunk Flags  |         Chunk Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                      Cumulative TSN Ack                       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Advertised Receiver Window Credit (a_rwnd)           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Number of Gap Ack Blocks = N  |  Number of Duplicate TSNs = M |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    Gap Ack Block #1 Start     |     Gap Ack Block #1 End      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                                                               /
\                              ...                              \
/                                                               /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    Gap Ack Block #N Start     |     Gap Ack Block #N End      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Duplicate TSN 1                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                                                               /
\                              ...                              \
/                                                               /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Duplicate TSN M                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>All
<dd>All set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Cumulative TSN Ack: 32 bits (unsigned integer)</dt>
<dd>
<t>The
<dd>The largest TSN, such that all TSNs smaller than or equal to it have been
received and the next one has not been received.
In the case where no DATA chunk has been received, this value is set to the
peer's Initial TSN minus one.</t>
</dd> one.</dd>
<dt>Advertised Receiver Window Credit (a_rwnd): 32 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This field indicates the updated receive buffer space in bytes of the sender
of this SACK chunk; see <xref target='sec_processing_of_received_sack'/> for details.</t>
</dd> details.</dd>
<dt>Number of Gap Ack Blocks: 16 bits (unsigned integer)</dt>
<dd>
<t>Indicates
<dd>Indicates the number of Gap Ack Blocks included in this SACK chunk.</t>
</dd> chunk.</dd>
<dt>Number of Duplicate TSNs: 16 bit</dt>
<dd>
<t>This
<dd>This field contains the number of duplicate TSNs the endpoint has received.
Each duplicate TSN is listed following the Gap Ack Block list.</t>
</dd> list.</dd>
<dt>Gap Ack Blocks:</dt>
<dd>
<t>These
<dd>These fields contain the Gap Ack Blocks.
They are repeated for each Gap Ack Block up to the number of Gap Ack Blocks
defined in the Number of Gap Ack Blocks field.
All DATA chunks with TSNs greater than or equal to (Cumulative TSN Ack +
Gap Ack Block Start) and less than or equal to (Cumulative TSN Ack +
Gap Ack Block End) of each Gap Ack Block are assumed to have been received
correctly.</t>
</dd>
correctly.</dd>
<dt>Gap Ack Block Start: 16 bits (unsigned integer)</dt>
<dd>
<t>Indicates
<dd>Indicates the Start offset TSN for this Gap Ack Block.
To calculate the actual TSN number number, the Cumulative TSN Ack is added to
this offset number.
This calculated TSN identifies the lowest TSN in this Gap Ack Block that has
been received.</t>
</dd> received.</dd>
<dt>Gap Ack Block End: 16 bits (unsigned integer)</dt>
<dd>
<t>Indicates the End offset TSN for this Gap Ack Block.
To calculate the actual TSN number, the Cumulative TSN Ack is added to this
offset number.
This calculated TSN identifies the highest TSN in this Gap Ack Block that has
been received.</t>
<t>For example, assume that the receiver has the following DATA chunks newly
arrived at the time when it decides to send a Selective ACK,</t> ACK:</t>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
------------
| TSN = 17 |
------------
|          | <- still missing
------------
| TSN = 15 |
------------
| TSN = 14 |
------------
|          | <- still missing
------------
| TSN = 12 |
------------
| TSN = 11 |
------------
| TSN = 10 |
------------
]]>
</artwork>
<t>then
]]></artwork>
<t>Then, the parameter part of the SACK chunk MUST <bcp14>MUST</bcp14> be constructed as follows
(assuming the new a_rwnd is set to 4660 by the sender):</t>
<artwork align='center'>
+-------------------+-------------------+
|        Cumulative TSN Ack = 12        |
+-------------------+-------------------+
|             a_rwnd = 4660             |
+-------------------+-------------------+
| num of block = 2  |  num of dup = 0   |
+-------------------+-------------------+
|block #1 start = 2 | block #1 end = 3  |
+-------------------+-------------------+
|block #2 start = 5 | block #2 end = 5  |
+-------------------+-------------------+
</artwork>
</dd>
<dt>Duplicate TSN: 32 bits (unsigned integer)</dt>
<dd>
<t>Indicates the number of times a TSN was received in duplicate since the last
SACK chunk was sent.
Every time a receiver gets a duplicate TSN (before sending the SACK chunk), it
adds it to the list of duplicates.
The duplicate count is reinitialized to zero after sending each SACK chunk.</t>
<t>For example, if a receiver were to get the TSN 19 three times times, it
would list 19 twice in the outbound SACK chunk.
After sending the SACK chunk, if it received yet one more TSN 19 19, it would list
19 as a duplicate once in the next outgoing SACK chunk.</t>
</dd>
</dl>
</section>

<section anchor='sec_heartbeat_chunk'>
<name>Heartbeat Request (HEARTBEAT) (4)</name>

<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> send a HEARTBEAT (HB) chunk to its peer endpoint to probe
the reachability of a particular destination transport address defined in the
present association.</t>
<t>The parameter field contains the Heartbeat Information, which is a
variable-length opaque data structure understood only by the sender.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 4    |  Chunk Flags  |       Heartbeat Length        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/          Heartbeat Information TLV (Variable-Length)          /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Heartbeat Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the chunk in bytes, including the chunk header and the
Heartbeat Information field.</t>
</dd> field.</dd>
<dt>Heartbeat Information: variable length</dt>
<dd>
<t>Defined as a variable-length parameter using the format described
in <xref target='sec_parameter_format'/>, i.e.:</t> that is:</t>
<table>
<name>Variable Length
<name>Variable-Length Parameters of HEARTBEAT Chunks</name>
<thead>
<tr><td>Variable Parameters</td><td>Status</td>   <td>Type Value</td></tr>
<tr><th>Variable Parameters</th> <th>Status</th>    <th>Type Value</th></tr>
</thead>
<tbody>
<tr><td>Heartbeat Info</td>     <td>Mandatory</td><td>1</td></tr>      <td>Mandatory</td> <td>1</td></tr>
</tbody>
</table>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    Heartbeat Info Type = 1    |        HB Info Length         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                Sender-Specific Heartbeat Info                 /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<t>The Sender-Specific Heartbeat Info field SHOULD <bcp14>SHOULD</bcp14> include
information about the sender's current time when this HEARTBEAT
chunk is sent and the destination transport address to which this
HEARTBEAT chunk is sent (see <xref target='sec_path_heartbeat'/>).
This information is simply reflected back by the receiver in the HEARTBEAT ACK
chunk (see <xref target='sec_heartbeat_ack_chunk'/>).
Note also that the HEARTBEAT chunk is both for reachability checking and for
path verification (see <xref target='sec_path_verifiation'/>).
When a HEARTBEAT chunk is being used for path verification purposes, it MUST <bcp14>MUST</bcp14>
include a random nonce of length 64-bit 64 bits or longer (<xref target='RFC4086'/> target="RFC4086"/>
provides some information on randomness guidelines).</t>
</dd>
</dl>
</section>

<section anchor='sec_heartbeat_ack_chunk'>
<name>Heartbeat Acknowledgement (HEARTBEAT ACK) (5)</name>

<t>An endpoint MUST <bcp14>MUST</bcp14> send this chunk to its peer endpoint as a response
to a HEARTBEAT chunk (see <xref target='sec_path_heartbeat'/>).
A packet containing the HEARTBEAT ACK chunk is always sent to the source
IP address of the IP datagram containing the HEARTBEAT chunk to which this
HEARTBEAT ACK chunk is responding.</t>
<t>The parameter field contains a variable-length opaque data structure.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 5    |  Chunk Flags  |     Heartbeat Ack Length      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/          Heartbeat Information TLV (Variable-Length)          /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Heartbeat Ack Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the chunk in bytes, including the chunk header and the
Heartbeat Information field.</t>
</dd> field.</dd>
<dt>Heartbeat Information: variable length</dt>
<dd>
<t>This field MUST <bcp14>MUST</bcp14> contain the Heartbeat Info parameter (as defined in
<xref target='sec_heartbeat_chunk'/>) of the Heartbeat Request to which this
Heartbeat Acknowledgement is responding.</t>
<table>
<name>Variable Length
<name>Variable-Length Parameters of HEARTBEAT ACK Chunks</name>
<thead>
<tr><td>Variable Parameters</td><td>Status</td>   <td>Type Value</td></tr>
<tr><th>Variable Parameters</th><th>Status</th>   <th>Type Value</th></tr>
</thead>
<tbody>
<tr><td>Heartbeat Info</td>     <td>Mandatory</td><td>1</td></tr>
</tbody>
</table>
</dd>
</dl>
</section>

<section anchor='sec_abort_chunk'>
<name>Abort Association (ABORT) (6)</name>

<t>The ABORT chunk is sent to the peer of an association to close the
association.
The ABORT chunk MAY <bcp14>MAY</bcp14> contain Cause Parameters error causes to inform the receiver about the
reason of the abort.
DATA chunks MUST NOT <bcp14>MUST NOT</bcp14> be bundled with ABORT chunks.
Control chunks (except for INIT, INIT ACK, and SHUTDOWN COMPLETE) MAY <bcp14>MAY</bcp14> be
bundled with an ABORT chunk, but they MUST <bcp14>MUST</bcp14> be placed before the ABORT chunk
in the SCTP packet, otherwise packet; otherwise, they will be ignored by the receiver.</t>
<t>If an endpoint receives an ABORT chunk with a format error or no TCB is
found, it MUST <bcp14>MUST</bcp14> silently discard it.
Moreover, under any circumstances, an endpoint that receives an ABORT chunk
MUST NOT
<bcp14>MUST NOT</bcp14> respond to that ABORT chunk by sending an ABORT chunk of its own.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 6    |  Reserved   |T|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/                   zero or more Error Causes                   /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<dl newline="true">
<dt>Reserved: 7 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>T bit: 1 bit</dt>
<dd>
<t>The
<dd>The T bit is set to 0 if the sender filled in the Verification Tag
expected by the peer.
If the Verification Tag is reflected, the T bit MUST <bcp14>MUST</bcp14> be set to 1.
Reflecting means that the sent Verification Tag is the same as the received one.</t>
</dd> one.</dd>
</dl>
</dd>
<dt>Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the chunk in bytes, including the chunk header and all the
Error Cause fields present.</t>
</dd> present.</dd>
</dl>
<t>See <xref target='sec_error_chunk'/> for Error Cause definitions.</t>
<t>Note: Special rules apply to this chunk for verification;
please see <xref target='sec_exceptions_in_verification_tag_rules'/> for
details.</t>
</section>

<section anchor='sec_shutdown_chunk'>
<name>Shutdown Association (SHUTDOWN) (7)</name>

<t>An endpoint in an association MUST <bcp14>MUST</bcp14> use this chunk to initiate a graceful
close of the association with its peer.
This chunk has the following format.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 7    |  Chunk Flags  |          Length = 8           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                      Cumulative TSN Ack                       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Indicates
<dd>Indicates the length of the parameter. Set to 8.</t>
</dd> 8.</dd>
<dt>Cumulative TSN Ack: 32 bits (unsigned integer)</dt>
<dd>
<t>The
<dd>The largest TSN, such that all TSNs smaller than or equal to it have been
received and the next one has not been received.</t>
</dd> received.</dd>
</dl>
<t>Note: Since the SHUTDOWN chunk does not contain Gap Ack Blocks,
it cannot be used to acknowledge TSNs received out of order.
In a SACK chunk, lack of Gap Ack Blocks that were previously included indicates
that the data receiver reneged on the associated DATA chunks.</t>
<t>Since the SHUTDOWN chunk does not contain Gap Ack Blocks, the receiver of
the SHUTDOWN chunk MUST NOT <bcp14>MUST NOT</bcp14> interpret the lack of a Gap Ack Block as a renege.
(See <xref target='sec_acknowledgements_of_reception_of_data_chunks'/> for
information on reneging.)</t>
<t>The sender of the SHUTDOWN chunk MAY <bcp14>MAY</bcp14> bundle a SACK chunk to indicate any
gaps in the received TSNs.</t>
</section>

<section anchor='sec_shutdown_ack_chunk'>
<name>Shutdown Acknowledgement (SHUTDOWN ACK) (8)</name>

<t>This chunk MUST <bcp14>MUST</bcp14> be used to acknowledge the receipt of the SHUTDOWN chunk at
the completion of the shutdown process;
see <xref target='sec_shutdown_of_an_association'/> for details.</t>
<t>The SHUTDOWN ACK chunk has no parameters.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 8    |  Chunk Flags  |          Length = 4           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
</dl>
</section>

<section anchor='sec_error_chunk'>
<name>Operation Error (ERROR) (9)</name>

<t>An endpoint sends this chunk to its peer endpoint to notify it of
certain error conditions.
It contains one or more error causes.
An Operation Error is not considered fatal in and of itself, but the
corresponding error cause MAY <bcp14>MAY</bcp14> be used with an ABORT chunk to report a fatal
condition.
An ERROR chunk has the following format:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 9    |  Chunk Flags  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\                                                               \
/                   one or more Error Causes                    /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the chunk in bytes, including the chunk header and all the
Error Cause fields present.</t>
</dd> present.</dd>
</dl>
<t>Error causes are defined as variable-length parameters using the
format described in <xref target='sec_parameter_format'/>, that is:</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Cause Code           |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                  Cause-Specific Information                   /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Cause Code: 16 bits (unsigned integer)</dt>
<dd>
<t>Defines the type of error conditions being reported.</t>
<table>
<name>Cause Code</name>
<thead>
<tr><td>Value</td><td>Cause Code</td></tr>
<tr><th>Value</th><th>Cause Code</th></tr>
</thead>
<tbody>
<tr><td> 1</td>   <td>Invalid Stream Identifier</td></tr>
<tr><td> 2</td>   <td>Missing Mandatory Parameter</td></tr>
<tr><td> 3</td>   <td>Stale Cookie Error</td></tr> Cookie</td></tr>
<tr><td> 4</td>   <td>Out of Resource</td></tr>
<tr><td> 5</td>   <td>Unresolvable Address</td></tr>
<tr><td> 6</td>   <td>Unrecognized Chunk Type</td></tr>
<tr><td> 7</td>   <td>Invalid Mandatory Parameter</td></tr>
<tr><td> 8</td>   <td>Unrecognized Parameters</td></tr>
<tr><td> 9</td>   <td>No User Data</td></tr>
<tr><td>10</td>   <td>Cookie Received While Shutting Down</td></tr>
<tr><td>11</td>   <td>Restart of an Association with New Addresses</td></tr>
<tr><td>12</td>   <td>User Initiated   <td>User-Initiated Abort</td></tr>
<tr><td>13</td>   <td>Protocol Violation</td></tr>
</tbody>
</table>
</dd>
<dt>Cause Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the parameter in bytes, including the Cause Code,
Cause Length, and Cause-Specific Information fields.</t>
</dd> fields.</dd>
<dt>Cause-Specific Information: variable length</dt>
<dd>
<t>This
<dd>This field carries the details of the error condition.</t>
</dd> condition.</dd>
</dl>
<t><xref target='sec_invalid_stream_identifier_cause'/>
<t>Sections <xref target='sec_invalid_stream_identifier_cause' format='counter'/> -
<xref target='sec_protocol_violation_cause'/> target='sec_protocol_violation_cause' format='counter'/> define error causes for SCTP.
Guidelines for the IETF to define new error cause values are discussed in
<xref target='sec_ietf_defined_additional_error_causes'/>.</t>
<section anchor='sec_invalid_stream_identifier_cause'>
<name>Invalid Stream Identifier (1)</name>

<t>Indicates that the endpoint received a DATA chunk sent using a nonexistent
stream.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 1         |       Cause Length = 8        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|       Stream Identifier       |          (Reserved)           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Stream Identifier: 16 bits (unsigned integer)</dt>
<dd>
<t>Contains
<dd>Contains the Stream Identifier of the DATA chunk received in error.</t>
</dd> error.</dd>
<dt>Reserved: 16 bits</dt>
<dd>
<t>This
<dd>This field is reserved.
It is set to all 0's on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
</dl>
</section>

<section anchor='sec_missing_mandatory_parameter_cause'>
<name>Missing Mandatory Parameter (2)</name>

<t>Indicates that one or more mandatory TLV
parameters are missing in a received INIT or INIT ACK chunk.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 2         |   Cause Length = 8 + N * 2    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                 Number of missing params = N                  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Missing Param Type #1     |     Missing Param Type #2     |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    Missing Param Type #N-1    |     Missing Param Type #N     |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Number of Missing params: 32 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This field contains the number of parameters contained in the Cause-Specific
Information field.</t>
</dd> field.</dd>
<dt>Missing Param Type: 16 bits (unsigned integer)</dt>
<dd>
<t>Each
<dd>Each field will contain the missing mandatory parameter number.</t>
</dd> number.</dd>
</dl>
</section>

<section anchor='sec_stale_cookie_error_cause'>
<name>Stale Cookie Error (3)</name>

<t>Indicates the receipt of a valid State Cookie that has expired.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 3         |       Cause Length = 8        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                 Measure of Staleness (usec.)                  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Measure of Staleness: 32 bits (unsigned integer)</dt>
<dd>
<t>This field contains the difference, rounded up in microseconds, between the
current time and the time the State Cookie expired.</t>
<t>The sender of this error cause MAY <bcp14>MAY</bcp14> choose to report how long past
expiration the State Cookie is by including a non-zero value in
the Measure of Staleness field.
If the sender does not wish to provide the Measure of Staleness, it SHOULD <bcp14>SHOULD</bcp14> set
this field to the value of zero.</t>
</dd>
</dl>
</section>

<section anchor='sec_out_of_resource_cause'>
<name>Out of Resource (4)</name>

<t>Indicates that the sender is out of resource.
This is usually sent in combination with or within an ABORT chunk.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 4         |       Cause Length = 4        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</section>

<section anchor='sec_unresolvable_address_cause'>
<name>Unresolvable Address (5)</name>

<t>Indicates that the sender is not able to resolve the specified address
parameter (e.g., type of address is not supported by the sender).
This is usually sent in combination with or within an ABORT chunk.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 5         |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                     Unresolvable Address                      /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Unresolvable Address: variable length</dt>
<dd>
<t>The
<dd>The Unresolvable Address field contains the complete Type, Length, and Value
of the address parameter (or Host Name parameter) that contains the
unresolvable address or host name.</t>
</dd> name.</dd>
</dl>
</section>

<section anchor='sec_unrecognized_chunk_type_cause'>
<name>Unrecognized Chunk Type (6)</name>

<t>This error cause is returned to the originator of the chunk if the receiver
does not understand the chunk and the upper bits of the 'Chunk Type' are set
to 01 or 11.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 6         |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                      Unrecognized Chunk                       /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Unrecognized Chunk: variable length</dt>
<dd>
<t>The
<dd>The Unrecognized Chunk field contains the unrecognized chunk from the
SCTP packet complete with Chunk Type, Chunk Flags, and Chunk Length.</t>
</dd> Length.</dd>
</dl>
</section>

<section anchor='sec_invalid_mandatory_parameter_cause'>
<name>Invalid Mandatory Parameter (7)</name>

<t>This error cause is returned to the originator of an INIT or INIT ACK chunk
when one of the mandatory parameters is set to an invalid value.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 7         |       Cause Length = 4        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</section>

<section anchor='sec_unrecongnized_parameters'>
<name>Unrecognized Parameters (8)</name>

<t>This error cause is returned to the originator of the INIT ACK chunk if the
receiver does not recognize one or more Optional TLV parameters in the
INIT ACK chunk.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 8         |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                    Unrecognized Parameters                    /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Unrecognized Parameters: variable length</dt>
<dd>
<t>The
<dd>The Unrecognized Parameters field contains the unrecognized parameters copied
from the INIT ACK chunk complete with TLV.
This error cause is normally contained in an ERROR chunk bundled with
the COOKIE ECHO chunk when responding to the INIT ACK chunk, when the
sender of the COOKIE ECHO chunk wishes to report unrecognized parameters.</t>
</dd> parameters.</dd>
</dl>
</section>

<section anchor='sec_no_user_data_cause'>
<name>No User Data (9)</name>

<t>This error cause is returned to the originator of a DATA chunk if a
received DATA chunk has no user data.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 9         |       Cause Length = 8        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                              TSN                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>TSN: 32 bits (unsigned integer)</dt>
<dd>
<t>This
<dd>This parameter contains the TSN of the DATA chunk received with no user
data field.</t>
</dd> User
Data field.</dd>
</dl>
<t>This cause code is normally returned in an ABORT chunk
(see <xref target='sec_acknowledgements_of_reception_of_data_chunks'/>).</t>
</section>

<section anchor='sec_cookie_received_while_shutting_down_cause'>
<name>Cookie Received While Shutting Down (10)</name>

<t>A COOKIE ECHO chunk was received while the endpoint was in the
SHUTDOWN-ACK-SENT state.
This error is usually returned in an ERROR chunk bundled with the
retransmitted SHUTDOWN ACK chunk.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 10        |       Cause Length = 4        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</section>

<section anchor='sec_restart_with_new_addresses_cause'>
<name>Restart of an Association with New Addresses (11)</name>

<t>An INIT chunk was received on an existing association.
But the INIT chunk added addresses to the association that were previously
not part of the association.
The new addresses are listed in the error cause.
This error cause is normally sent as part of an ABORT chunk refusing the
INIT chunk
(see <xref target='sec_handle_duplicate_or_unexpected_chunks'/>).</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 11        |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                       New Address TLVs                        /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<t>Note: Each New Address TLV is an exact copy of the TLV that was found
in the INIT chunk that was new, including the Parameter Type and the
Parameter Length.</t>
</section>
<section anchor='sec_user_initiated_abort_cause'>
<name>User-Initiated Abort (12)</name>

<t>This error cause MAY <bcp14>MAY</bcp14> be included in ABORT chunks that are sent
because of an upper-layer request.
The upper layer can specify an Upper Layer Abort Reason that is transported by
SCTP transparently and MAY <bcp14>MAY</bcp14> be delivered to the upper-layer protocol at the peer.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        Cause Code = 12        |         Cause Length          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                   Upper Layer Abort Reason                    /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</section>

<section anchor='sec_protocol_violation_cause'>
<name>Protocol Violation (13)</name>

<t>This error cause MAY <bcp14>MAY</bcp14> be included in ABORT chunks that are sent
because an SCTP endpoint detects a protocol violation of the peer
that is not covered by the error causes described in Sections
<xref target='sec_invalid_stream_identifier_cause'/> to target='sec_invalid_stream_identifier_cause' format='counter'/> -
<xref target='sec_user_initiated_abort_cause'/>. target='sec_user_initiated_abort_cause' format='counter'/>.
An implementation MAY <bcp14>MAY</bcp14> provide additional information specifying what kind of
protocol violation has been detected.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Cause Code = 13         |        Cause Length         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                    Additional Information                     /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</section>
</section>

<section anchor='sec_cookie_echo_chunk'>
<name>Cookie Echo (COOKIE ECHO) (10)</name>

<t>This chunk is used only during the initialization of an association.
It is sent by the initiator of an association to its peer to complete
the initialization process.
This chunk MUST <bcp14>MUST</bcp14> precede any DATA chunk sent within the association, association but MAY <bcp14>MAY</bcp14> be
bundled with one or more DATA chunks in the same packet.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 10   |  Chunk Flags  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
/                            Cookie                             /
\                                                               \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>Length: 16 bits (unsigned integer)</dt>
<dd>
<t>Set
<dd>Set to the size of the chunk in bytes, including the 4 bytes of the
chunk header and the size of the cookie.</t>
</dd> cookie.</dd>
<dt>Cookie: variable size</dt>
<dd>
<t>This field MUST <bcp14>MUST</bcp14> contain the exact cookie received in the State Cookie parameter
from the previous INIT ACK chunk.</t>
<t>An implementation SHOULD <bcp14>SHOULD</bcp14> make the cookie as small as possible to ensure
interoperability.</t>
<t>Note: A Cookie Echo does not contain a State Cookie parameter;
instead, the data within the State Cookie's Parameter Value becomes the data
within the Cookie Echo's Chunk Value.
This allows an implementation to change only the first 2 bytes of the
State Cookie parameter to become a COOKIE ECHO chunk.</t>
</dd>
</dl>
</section>

<section anchor='sec_cookie_ack_chunk'>
<name>Cookie Acknowledgement (COOKIE ACK) (11)</name>

<t>This chunk is used only during the initialization of an association.
It is used to acknowledge the receipt of a COOKIE ECHO chunk.
This chunk MUST <bcp14>MUST</bcp14> precede any DATA or SACK chunk sent within the
association,
association but MAY <bcp14>MAY</bcp14> be bundled with one or more DATA chunks or SACK
chunk's in the same SCTP packet.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 11   |  Chunk Flags  |          Length = 4           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
</dl>
</section>

<section anchor='sec_shutdown_complete_chunk'>
<name>Shutdown Complete (SHUTDOWN COMPLETE) (14)</name>

<t>This chunk MUST <bcp14>MUST</bcp14> be used to acknowledge the receipt of the SHUTDOWN ACK chunk
at the completion of the shutdown process;
see <xref target='sec_shutdown_of_an_association'/> for details.</t>
<t>The SHUTDOWN COMPLETE chunk has no parameters.</t>
<artwork align='center'>
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   Type = 14   |  Reserved   |T|          Length = 4           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
<dl newline="true">
<dt>Chunk Flags: 8 bits</dt>
<dd>
<dl newline="true">
<dt>Reserved: 7 bits</dt>
<dd>
<t>Set
<dd>Set to 0 on transmit and ignored on receipt.</t>
</dd> receipt.</dd>
<dt>T bit: 1 bit</dt>
<dd>
<t>The
<dd>The T bit is set to 0 if the sender filled in the Verification Tag
expected by the peer.
If the Verification Tag is reflected, the T bit MUST <bcp14>MUST</bcp14> be set to 1.
Reflecting means that the sent Verification Tag is the same as the
received one.</t>
</dd> one.</dd>
</dl>
</dd>
</dl>
<t>Note: Special rules apply to this chunk for verification, verification; please see
<xref target='sec_exceptions_in_verification_tag_rules'/> for details.</t>
</section>
</section>
</section>

<section anchor='sec_sctp_assoc_diagram'>
<name>SCTP Association State Diagram</name>

<t>During the life time of an SCTP association, the SCTP endpoint's
association progresses from one state to another in response to
various events.
The events that might potentially advance an association's state include:</t>
<ul>
<li><t>SCTP user primitive calls, e.g., [ASSOCIATE], [SHUTDOWN], or [ABORT],</t></li>
<li><t>Reception
<li><t>reception of INIT, COOKIE ECHO, ABORT, SHUTDOWN, etc., and control chunks, or</t></li>
<li><t>Some
<li><t>some timeout events.</t></li>
</ul>
<t>The state diagram in the figures below illustrates state changes, together
with the causing events and resulting actions.
Note that some of the error conditions are not shown in the state diagram.
Full descriptions of all special cases are found in the text.</t>
<t>Note: Chunk names are given in all capital letters, while parameter
names have the first letter capitalized, e.g., COOKIE ECHO chunk type
vs. State Cookie parameter.
If more than one event/message can occur that causes a state transition, it
is labeled (A), (A) or (B).</t>
<figure anchor='fig_state_diagram'
        title='State Transition Diagram of SCTP'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
                        -----          -------- (from any state)
                      /       \      /receive ABORT      [ABORT]
        receive INIT |         |    |--------------  or ----------
---------------------|         v    v    delete TCB     send ABORT
generate State Cookie \    +---------+                  delete TCB
        send INIT ACK   ---|  CLOSED |
                           +---------+
                             /      \
                            /        \  [ASSOCIATE]
                           |          |-----------------
                           |          | create TCB
                           |          | send INIT
          receive valid    |          | start T1-init timer
          COOKIE  ECHO     |          v
      (1) -----------------|    +-----------+
          create TCB       |    |COOKIE-WAIT| (2)
          send COOKIE ACK  |    +-----------+
                           |          |
                           |          | receive INIT ACK
                           |          |-------------------
                           |          | send COOKIE ECHO
                           |          | stop T1-init timer
                           |          | start T1-cookie timer
                           |          v
                           |   +-------------+
                           |   |COOKIE-ECHOED| (3)
                           |   +-------------+
                           |          |
                           |          | receive COOKIE ACK
                           |          |-------------------
                           |          | stop T1-cookie timer
                           v          v
                         +---------------+
                         |  ESTABLISHED  |
                         +---------------+
                                 |
                                 |
                        /--------+--------\
    [SHUTDOWN]         /                   \
    -------------------|                   |
    check outstanding  |                   |
    DATA chunks        |                   |
                       v                   |
              +----------------+           |
              |SHUTDOWN-PENDING|           | receive SHUTDOWN
              +----------------+           |------------------
                                           | check outstanding
                       |                   | DATA chunks
No more outstanding    |                   |
-----------------------|                   |
send SHUTDOWN          |                   |
start T2-shutdown timer|                   |
                       v                   v
                +-------------+   +-----------------+
            (4) |SHUTDOWN-SENT|   |SHUTDOWN-RECEIVED| (5,6)
                +-------------+   +-----------------+
                       |  \                |
receive SHUTDOWN ACK   |   \               |
-----------------------|    \              |
stop T2-shutdown timer |     \             |
send SHUTDOWN COMPLETE |      \            |
delete TCB             |       \           |
                       |        \          | No more outstanding
                       |         \         |--------------------
                       |          \        | send SHUTDOWN ACK
receive SHUTDOWN      -|-          \       | start T2-shutdown timer
--------------------/  | \----------\      |
send SHUTDOWN ACK      |             \     |
start T2-shutdown timer|              \    |
                       |               \   |
                       |                |  |
                       |                v  v
                       |          +-----------------+
                       |          |SHUTDOWN-ACK-SENT| (7)
                       |          +-----------------+
                       |                   | (A)
                       |                   |receive SHUTDOWN COMPLETE
                       |                   |-------------------------
                       |                   | stop T2-shutdown timer
                       |                   | delete TCB
                       |                   |
                       |                   | (B)
                       |                   | receive SHUTDOWN ACK
                       |                   |-----------------------
                       |                   | stop T2-shutdown timer
                       |                   | send SHUTDOWN COMPLETE
                       |                   | delete TCB
                       |                   |
                       \    +---------+    /
                        \-->| CLOSED  |<--/
                            +---------+
]]>
</artwork>
]]></artwork>
</figure>
<t>The following applies:</t>
<ol type='%d)'>
<li><t>If the State Cookie in the received COOKIE ECHO chunk is invalid (i.e.,
failed to pass the integrity check), the receiver MUST <bcp14>MUST</bcp14> silently discard
the packet.
Or, if the received State Cookie is expired (see
<xref target='sec_state_coockie_authentication'/>), the receiver MUST <bcp14>MUST</bcp14> send back
an ERROR chunk.
In either case, the receiver stays in the CLOSED state.</t></li>

<li><t>If the T1-init timer expires, the endpoint MUST <bcp14>MUST</bcp14>
retransmit the INIT chunk and restart the T1-init timer without changing timer.
The endpoint stays in the COOKIE-WAIT state.
This MUST <bcp14>MUST</bcp14> be repeated up to 'Max.Init.Retransmits' times.
After that, the endpoint MUST <bcp14>MUST</bcp14> abort the initialization process and report the
error to the SCTP user.</t></li>

<li><t>If the T1-cookie timer expires, the endpoint MUST <bcp14>MUST</bcp14>
retransmit COOKIE ECHO chunk and restart the T1-cookie timer without changing timer.
The endpoint stays in the COOKIE-ECHOED state.
This MUST <bcp14>MUST</bcp14> be repeated up to 'Max.Init.Retransmits' times.
After that, the endpoint MUST <bcp14>MUST</bcp14> abort the initialization process and report the
error to the SCTP user.</t></li>
<li><t>In the SHUTDOWN-SENT state, the endpoint MUST <bcp14>MUST</bcp14> acknowledge any
received DATA chunks without delay.</t></li>
<li><t>In the SHUTDOWN-RECEIVED state, the endpoint MUST NOT <bcp14>MUST NOT</bcp14> accept any
new send requests from its SCTP user.</t></li>
<li><t>In the SHUTDOWN-RECEIVED state, the endpoint MUST <bcp14>MUST</bcp14> transmit or retransmit
data and leave this state when all data in queue is transmitted.</t></li>
<li><t>In the SHUTDOWN-ACK-SENT state, the endpoint MUST NOT <bcp14>MUST NOT</bcp14> accept any new send
requests from its SCTP user.</t></li>
</ol>
<t>The CLOSED state is used to indicate that an association is not created
(i.e., does not exist).</t>
</section>

<section anchor='sec_assoc_initialization'>
<name>Association Initialization</name>

<t>Before the first data transmission can take place from one SCTP
endpoint ("A") to another SCTP endpoint ("Z"), the two endpoints MUST <bcp14>MUST</bcp14>
complete an initialization process in order to set up an SCTP
association between them.</t>
<t>The SCTP user at an endpoint can use the ASSOCIATE primitive to
initialize an SCTP association to another SCTP endpoint.</t>
<t>Implementation Note: From an SCTP user's point of view, an
association might be implicitly opened, without an ASSOCIATE primitive
(see <xref target='sec_associate'/>) being invoked, by the initiating
endpoint's sending of the first user data to the destination endpoint.
The initiating SCTP will assume default values for all mandatory and
optional parameters for the INIT/INIT ACK chunk.</t>
<t>Once the association is established, unidirectional streams are open
for data transfer on both ends
(see <xref target='sec_handle_stream_parameters'/>).</t>

<section anchor='sec_normal_establishment'>
<name>Normal Establishment of an Association</name>

<t>The initialization process consists of the following steps (assuming that
SCTP endpoint "A" tries to set up an association with SCTP endpoint "Z" and
"Z" accepts the new association):</t>
<ol type='%C)'>
<li><t>"A" first builds a TCB and sends an INIT chunk to "Z".
In the INIT chunk, "A" MUST <bcp14>MUST</bcp14> provide its Verification Tag (Tag_A) in the
Initiate Tag field.
Tag_A SHOULD <bcp14>SHOULD</bcp14> be a random number in the range of 1 to 4294967295
(see <xref target='sec_selection_of_tag_value'/> for Tag value selection).
After sending the INIT chunk, "A" starts the T1-init timer and enters the
COOKIE-WAIT state.</t></li>
<li><t>"Z" responds immediately with an INIT ACK chunk.
The destination IP address of the INIT ACK chunk MUST <bcp14>MUST</bcp14> be set to the source
IP address of the INIT chunk to which this INIT ACK chunk is responding.
In the response, besides filling in other parameters, "Z" MUST <bcp14>MUST</bcp14> set the
Verification Tag field to Tag_A, Tag_A and also provide its own
Verification Tag (Tag_Z) in the Initiate Tag field.</t>
<t>Moreover, "Z" MUST <bcp14>MUST</bcp14> generate and send along with the INIT ACK chunk a
State Cookie.
See <xref target='sec_generating_state_cookie'/> for State Cookie generation.</t>
<t>After sending an INIT ACK chunk with the State Cookie parameter,
"Z" MUST NOT <bcp14>MUST NOT</bcp14> allocate any resources or keep any states for the new
association.
Otherwise, "Z" will be vulnerable to resource attacks.</t></li>
<li><t>Upon reception of the INIT ACK chunk from "Z", "A" stops the T1-init
timer and leaves the COOKIE-WAIT state.
"A" then sends the State Cookie received in the INIT ACK chunk in a
COOKIE ECHO chunk, starts the T1-cookie timer, and enters the COOKIE-ECHOED
state.</t>
<t>The COOKIE ECHO chunk MAY <bcp14>MAY</bcp14> be bundled with any pending outbound DATA
chunks, but it MUST <bcp14>MUST</bcp14> be the first chunk in the packet and and, until the COOKIE ACK
chunk is returned returned, the sender MUST NOT <bcp14>MUST NOT</bcp14> send any other packets to the peer.</t></li>
<li><t>Upon reception of the COOKIE ECHO chunk, endpoint "Z" replies
with a COOKIE ACK chunk after building a TCB and moving to the
ESTABLISHED state.
A COOKIE ACK chunk MAY <bcp14>MAY</bcp14> be bundled with any pending DATA chunks
(and/or SACK chunks), but the COOKIE ACK chunk MUST <bcp14>MUST</bcp14> be the first chunk in
the packet.</t>
<t>Implementation Note: An implementation can choose to send the
Communication Up
COMMUNICATION UP notification to the SCTP user upon reception of a
valid COOKIE ECHO chunk.</t></li>
<li><t>Upon reception of the COOKIE ACK chunk, endpoint "A" moves from the
COOKIE-ECHOED state to the ESTABLISHED state, stopping the T1-cookie timer.
It can also notify its ULP about the successful establishment of the
association with a Communication Up COMMUNICATION UP notification
(see <xref target='sec_api'/>).</t></li>
</ol>
<t>An INIT or INIT ACK chunk MUST NOT <bcp14>MUST NOT</bcp14> be bundled with any other chunk.
They MUST <bcp14>MUST</bcp14> be the only chunks present in the SCTP packets that carry them.</t>
<t>An endpoint MUST <bcp14>MUST</bcp14> send the INIT ACK chunk to the IP address from which it
received the INIT chunk.</t>
<t>T1-init
<t>The T1-init timer and T1-cookie timer SHOULD <bcp14>SHOULD</bcp14> follow the same rules
given in <xref target='sec_management_of_retransission_timer'/>.
If the application provided multiple IP addresses of the peer, there SHOULD <bcp14>SHOULD</bcp14>
be a T1-init and T1-cookie timer for each address of the peer. Retransmissions
of INIT chunks and COOKIE ECHO chunks SHOULD <bcp14>SHOULD</bcp14> use all addresses of the peer
similar to retransmissions of DATA chunks.</t>
<t>If an endpoint receives an INIT, INIT ACK, or COOKIE ECHO chunk but decides
not to establish the new association due to missing mandatory parameters in the
received INIT or INIT ACK chunk, invalid parameter values, or lack of local
resources, it SHOULD <bcp14>SHOULD</bcp14> respond with an ABORT chunk.
It SHOULD <bcp14>SHOULD</bcp14> also specify the cause of abort, such as the type of the missing
mandatory parameters, etc., by including the an error cause parameters with in the ABORT chunk.
The Verification Tag field in the common header of the outbound SCTP packet
containing the ABORT chunk MUST <bcp14>MUST</bcp14> be set to the Initiate Tag value of the
received INIT or INIT ACK chunk this ABORT chunk is responding to.</t>
<t>Note that a COOKIE ECHO chunk that does not pass the integrity check
is not considered an 'invalid mandatory parameter' and requires special
handling; see <xref target='sec_state_coockie_authentication'/>.</t>
<t>After the reception of the first DATA chunk in an association association, the
endpoint MUST <bcp14>MUST</bcp14> immediately respond with a SACK chunk to acknowledge the DATA
chunk.
Subsequent acknowledgements SHOULD <bcp14>SHOULD</bcp14> be done as described in
<xref target='sec_acknowledgements_of_reception_of_data_chunks'/>.</t>
<t>When the TCB is created, each endpoint MUST <bcp14>MUST</bcp14> set its internal
Cumulative TSN Ack Point to the value of its transmitted Initial TSN
minus one.</t>
<t>Implementation Note: The IP addresses and SCTP port are generally
used as the key to find the TCB within an SCTP instance.</t>

<section anchor='sec_handle_stream_parameters'>
<name>Handle Stream Parameters</name>

<t>In the INIT and INIT ACK chunks, the sender of the chunk MUST <bcp14>MUST</bcp14>
indicate the number of outbound streams (OSs) (OS) it wishes to have in
the association, as well as the maximum inbound streams (MISs) (MIS) it
will accept from the other endpoint.</t>
<t>After receiving the stream configuration information from the other
side, each endpoint MUST <bcp14>MUST</bcp14> perform the following check:
If the peer's MIS is less than the endpoint's OS, meaning that the peer is
incapable of supporting all the outbound streams the endpoint wants
to configure, the endpoint MUST <bcp14>MUST</bcp14> use MIS outbound streams and MAY <bcp14>MAY</bcp14>
report any shortage to the upper layer.
The upper layer can then choose to abort the association if the resource
shortage is unacceptable.</t>
<t>After the association is initialized, the valid outbound stream identifier
range for either endpoint MUST <bcp14>MUST</bcp14> be 0 to min(local OS, remote MIS) - 1.</t>
</section>
<section anchor='sec_handle_address_parameters'>
<name>Handle Address Parameters</name>

<t>During the association initialization, an endpoint uses the
following rules to discover and collect the destination transport address(es)
of its peer.</t>
<ol type='%C)'>
<li><t>If there are no address parameters present in the received INIT or
INIT ACK chunk, the endpoint MUST <bcp14>MUST</bcp14> take the source IP address from
which the chunk arrives and record it, in combination with the
SCTP source port number, Source Port Number, as the only destination transport address
for this peer.</t></li>
<li><t>If there is a Host Name Address parameter present in the received INIT or
INIT ACK chunk, the endpoint MUST <bcp14>MUST</bcp14> immediately send an ABORT chunk and MAY <bcp14>MAY</bcp14>
include an "Unresolvable Address" error cause to its peer.
The ABORT chunk SHOULD <bcp14>SHOULD</bcp14> be sent to the source IP address from which the last peer
packet was received.</t></li>
<li><t>If there are only IPv4/IPv6 addresses present in the received INIT or
INIT ACK chunk, the receiver MUST <bcp14>MUST</bcp14> derive and record all the transport addresses
from the received chunk AND the source IP address that sent the INIT or
INIT ACK chunk.
The transport addresses are derived by the combination of SCTP source port Source Port Number
(from the common header) and the IP Address parameter(s) carried in the INIT
or INIT ACK chunk and the source IP address of the IP datagram.
The receiver SHOULD <bcp14>SHOULD</bcp14> use only these transport addresses as destination
transport addresses when sending subsequent packets to its peer.</t></li>
<li><t>An INIT or INIT ACK chunk MUST <bcp14>MUST</bcp14> be treated as belonging to an already
established association (or one in the process of being established) if the
use of any of the valid address parameters contained within the chunk would
identify an existing TCB.</t></li>
</ol>
<t>Implementation Note: In some cases (e.g., when the implementation does not
control the source IP address that is used for transmitting), an endpoint
might need to include in its INIT or INIT ACK chunk all possible IP addresses
from which packets to the peer could be transmitted.</t>
<t>After all transport addresses are derived from the INIT or INIT ACK chunk
using the above rules, the endpoint selects one of the transport addresses
as the initial primary path.</t>
<t>The packet containing the INIT ACK chunk MUST <bcp14>MUST</bcp14> be sent to the source address
of the packet containing the INIT chunk.</t>
<t>The sender of INIT chunks MAY <bcp14>MAY</bcp14> include a 'Supported Address Types' parameter
in the INIT chunk to indicate what types of addresses are acceptable.</t>
<t>Implementation Note: In the case that the receiver of an INIT ACK chunk
fails to resolve the address parameter due to an unsupported type, it
can abort the initiation process and then attempt a reinitiation by
using a 'Supported Address Types' parameter in the new INIT chunk to indicate
what types of address it prefers.</t>
<t>If an SCTP endpoint that only supports either IPv4 or
IPv6 receives IPv4 and IPv6 addresses in an INIT or INIT ACK chunk from its
peer, it MUST <bcp14>MUST</bcp14> use all the addresses belonging to the supported address family.
The other addresses MAY <bcp14>MAY</bcp14> be ignored.
The endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> respond with any kind of error indication.</t>

<t>If an SCTP endpoint lists in the 'Supported Address
Types' parameter either IPv4 or IPv6, IPv6 but uses the other family for sending
the packet containing the INIT chunk, or if it also lists addresses of the
other family in the INIT chunk, then the address family that is not listed
in the 'Supported Address Types' parameter SHOULD <bcp14>SHOULD</bcp14> also be considered as
supported by the receiver of the INIT chunk.
The receiver of the INIT chunk SHOULD NOT <bcp14>SHOULD NOT</bcp14> respond with any kind of error
indication.</t>
</section>

<section anchor='sec_generating_state_cookie'>
<name>Generating State Cookie</name>

<t>When sending an INIT ACK chunk as a response to an INIT chunk, the sender
of the INIT ACK chunk creates a State Cookie and sends it in the State Cookie
parameter of the INIT ACK chunk.
Inside this State Cookie, the sender MUST <bcp14>MUST</bcp14> include a MAC
(see <xref target='RFC2104'/> target="RFC2104"/> for an example) to provide integrity protection
on the State Cookie.
The State Cookie SHOULD <bcp14>SHOULD</bcp14> also contain a timestamp on when the
State Cookie is created, created and the lifespan of the State Cookie, along with all
the information necessary for it to establish the association association, including
the port numbers and the verification tags.</t> Verification Tags.</t>
<t>The method used to generate the MAC is strictly a private matter for the
receiver of the INIT chunk.
The use of a MAC is mandatory to prevent denial-of-service attacks.
MAC algorithms can have different performance performances depending on the platform.
Choosing a high performance high-performance MAC algorithm increases the resistance against
cookie flooding attacks.
A MAC with acceptable security properties SHOULD <bcp14>SHOULD</bcp14> be used.
The secret key SHOULD <bcp14>SHOULD</bcp14> be random (<xref target='RFC4086'/> target="RFC4086"/> provides some
information on randomness guidelines).
The secret keys need to have an appropriate size.
The secret key SHOULD <bcp14>SHOULD</bcp14> be changed reasonably frequently (e.g., hourly), and the
timestamp in the State Cookie MAY <bcp14>MAY</bcp14> be used to determine which key is used to
verify the MAC.</t>
<t>If the State Cookie is not encrypted, it MUST NOT <bcp14>MUST NOT</bcp14> contain information
which
that is not being envisioned to be shared.</t>
<t>An implementation SHOULD <bcp14>SHOULD</bcp14> make the cookie as small as possible to
ensure interoperability.</t>
</section>

<section anchor='sec_state_coockie_processing'>
<name>State Cookie Processing</name>

<t>When an endpoint (in the COOKIE-WAIT state) receives an INIT ACK
chunk with a State Cookie parameter, it MUST <bcp14>MUST</bcp14> immediately send a
COOKIE ECHO chunk to its peer with the received State Cookie.
The sender MAY <bcp14>MAY</bcp14> also add any pending DATA chunks to the packet after the
COOKIE ECHO chunk.</t>
<t>The endpoint MUST <bcp14>MUST</bcp14> also start the T1-cookie timer after sending the
COOKIE ECHO chunk.
If the timer expires, the endpoint MUST <bcp14>MUST</bcp14> retransmit the COOKIE ECHO chunk and
restart the T1-cookie timer.
This is repeated until either a COOKIE ACK chunk is received or
'Max.Init.Retransmits' (see <xref target='sec_parameter_values'/>) is reached reached,
causing the peer endpoint to be marked unreachable (and thus the association
enters the CLOSED state).</t>
</section>

<section anchor='sec_state_coockie_authentication'>
<name>State Cookie Authentication</name>

<t>When an endpoint receives a COOKIE ECHO chunk from another endpoint
with which it has no association, it takes the following actions:</t>
<ol type='%d)'>
<li><t>Compute a MAC using the information carried in the State Cookie and
the secret key.
The timestamp in the State Cookie MAY <bcp14>MAY</bcp14> be used to determine which secret key to
use.
If secrets are kept only for a limited amount of time and the secret key to use
is not available anymore, the packet containing the COOKIE ECHO chunk MUST <bcp14>MUST</bcp14> be
silently discarded.
<xref target='RFC2104'/> target="RFC2104"/> can be used as a guideline for generating the MAC,</t></li> MAC.</t></li>
<li><t>Authenticate the State Cookie as one that it previously generated
by comparing the computed MAC against the one carried in the State Cookie.
If this comparison fails, the SCTP packet, including the COOKIE ECHO chunk and
any DATA chunks, MUST <bcp14>MUST</bcp14> be silently discarded,</t></li> discarded.</t></li>
<li><t>Compare the port numbers and the Verification Tag contained within the
COOKIE ECHO chunk to the actual port numbers and the Verification Tag within
the SCTP common header of the received packet.
If these values do not match, the packet MUST <bcp14>MUST</bcp14> be silently discarded.</t></li>
<li><t>Compare the creation timestamp in the State Cookie to the current local
time.
If the elapsed time is longer than the lifespan carried in the State Cookie,
then the packet, including the COOKIE ECHO chunk and any attached DATA chunks,
SHOULD
<bcp14>SHOULD</bcp14> be discarded, and the endpoint MUST <bcp14>MUST</bcp14> transmit an ERROR chunk with a
"Stale Cookie" error cause to the peer endpoint.</t></li>
<li><t>If the State Cookie is valid, create an association to the sender
of the COOKIE ECHO chunk with the information in the State Cookie
carried in the COOKIE ECHO chunk and enter the ESTABLISHED state.</t></li>
<li><t>Send a COOKIE ACK chunk to the peer acknowledging receipt of the
COOKIE ECHO chunk.
The COOKIE ACK chunk MAY <bcp14>MAY</bcp14> be bundled with an outbound DATA chunk or SACK chunk;
however, the COOKIE ACK chunk MUST <bcp14>MUST</bcp14> be the first chunk in the SCTP packet.</t></li>
<li><t>Immediately acknowledge any DATA chunk bundled with the COOKIE ECHO chunk
with a SACK chunk (subsequent DATA chunk acknowledgement SHOULD <bcp14>SHOULD</bcp14> follow the rules
defined in <xref target='sec_acknowledgements_of_reception_of_data_chunks'/>).
As mentioned in step 6, if the SACK chunk is bundled with the COOKIE ACK chunk,
the COOKIE ACK chunk MUST <bcp14>MUST</bcp14> appear first in the SCTP packet.</t></li>
</ol>
<t>If a COOKIE ECHO chunk is received from an endpoint with which the receiver
of the COOKIE ECHO chunk has an existing association, the procedures in
<xref target='sec_handle_duplicate_or_unexpected_chunks'/> SHOULD <bcp14>SHOULD</bcp14> be
followed.</t>
</section>

<section anchor='sec_example_of_normal_association_establishment'>
<name>An Example of Normal Association Establishment</name>

<t>In the following example, "A" initiates the association and then sends a
user message to "Z", then "Z"; then, "Z" sends two user messages to "A" later
(assuming no bundling or fragmentation occurs):</t>
<figure anchor='fig_initiation_example'
        title='A Setup Example'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
Endpoint A                                          Endpoint Z
{app sets association with Z}
(build TCB)
INIT [I-Tag=Tag_A
      & other info]  ------\
(Start T1-init timer)       \
(Enter COOKIE-WAIT state)    \---> (compose Cookie_Z)
                                /-- INIT ACK [Veri Tag=Tag_A,
                               /             I-Tag=Tag_Z,
(Cancel T1-init timer) <------/              Cookie_Z, & other info]

COOKIE ECHO [Cookie_Z] ------\
(Start T1-cookie timer)       \
(Enter COOKIE-ECHOED state)    \---> (build TCB, enter ESTABLISHED
                                      state)
                               /---- COOKIE ACK
                              /
(Cancel T1-cookie timer, <---/
 enter ESTABLISHED state)
{app sends 1st user data; strm 0}
DATA [TSN=init TSN_A
    Strm=0,Seq=0 & user data]--\
(Start T3-rtx timer)            \
                                 \->
                               /----- SACK [TSN Ack=init TSN_A,
                                            Block=0]
(Cancel T3-rtx timer) <------/
                                      ...
                                     {app sends 2 messages;strm 0}
                               /---- DATA
                              /        [TSN=init TSN_Z,
                          <--/          Strm=0,Seq=0 & user data 1]
SACK [TSN Ack=init TSN_Z,      /---- DATA
      Block=0]     --------\  /        [TSN=init TSN_Z +1,
                            \/          Strm=0,Seq=1 & user data 2]
                     <------/\
                              \
                               \------>
]]>
</artwork>
]]></artwork>
</figure>
<t>If the T1-init timer expires at "A" after the INIT or COOKIE ECHO chunks
are sent, the same INIT or COOKIE ECHO chunk with the same Initiate Tag
(i.e., Tag_A) or State Cookie is retransmitted and the timer is restarted.
This is repeated 'Max.Init.Retransmits' times before "A" considers "Z"
unreachable and reports the failure to its upper layer (and thus the
association enters the CLOSED state).</t>
<t>When retransmitting the INIT chunk, the endpoint MUST <bcp14>MUST</bcp14> follow the rules
defined in <xref target='sec_management_of_retransission_timer'/> to determine
the proper timer value.</t>
</section>
</section>

<section anchor='sec_handle_duplicate_or_unexpected_chunks'>
<name>Handle Duplicate or Unexpected INIT, INIT ACK, COOKIE ECHO, and COOKIE ACK Chunks</name>

<t>During the life time of an association (in one of the possible states),
an endpoint can receive from its peer endpoint one of the setup chunks (INIT,
INIT ACK, COOKIE ECHO, and or COOKIE ACK).
The receiver treats such a setup chunk as a duplicate and process it
as described in this section.</t>
<t>Note: An endpoint will not receive the chunk unless the chunk was sent to
an SCTP transport address and is from an SCTP transport address associated
with this endpoint.
Therefore, the endpoint processes such a chunk as part of its current
association.</t>
<t>The following scenarios can cause duplicated or unexpected chunks:</t>
<ol type='%C)'>
<li><t>The
<li><t>the peer has crashed without being detected, restarted itself, and
sent a new INIT chunk trying to restore the association,</t></li>
<li><t>Both
<li><t>both sides are trying to initialize the association at about the same
time,</t></li>
<li><t>The
<li><t>the chunk is from a stale packet that was used to establish the present
association or a past association that is no longer in existence,</t></li>
<li><t>The
<li><t>the chunk is a false packet generated by an attacker, or</t></li>
<li><t>The
<li><t>the peer never received the COOKIE ACK chunk and is retransmitting its
COOKIE ECHO chunk.</t></li>
</ol>
<t>The rules in the following sections are applied in order to identify
and correctly handle these cases.</t>

<section>
<name>INIT Chunk Received in COOKIE-WAIT or COOKIE-ECHOED State (Item B)</name>

<t>This usually indicates an initialization collision, i.e., each endpoint
is attempting, at about the same time, to establish an association with the
other endpoint.</t>
<t>Upon receipt of an INIT chunk in the COOKIE-WAIT state, an endpoint MUST <bcp14>MUST</bcp14>
respond with an INIT ACK chunk using the same parameters it sent in its
original INIT chunk (including its Initiate Tag, unchanged).
When responding, the following rules MUST <bcp14>MUST</bcp14> be applied:</t>
<ol type='%d)'>
<li><t>The packet containing the INIT ACK chunk MUST <bcp14>MUST</bcp14> only be sent to an address
passed by the upper layer in the request to initialize the association.</t></li>
<li><t>The packet containing the INIT ACK chunk MUST <bcp14>MUST</bcp14> only be sent to an address
reported in the incoming INIT chunk.</t></li>
<li><t>The packet containing the INIT ACK chunk SHOULD <bcp14>SHOULD</bcp14> be sent to the source
address of the received packet containing the INIT chunk.</t></li>
</ol>
<t>Upon receipt of an INIT chunk in the COOKIE-ECHOED state, an endpoint MUST <bcp14>MUST</bcp14>
respond with an INIT ACK chunk using the same parameters it sent in its
original INIT chunk (including its Initiate Tag, unchanged), provided
that no NEW new address has been added to the forming association.
If the INIT chunk indicates that a new address has been added to the
association, then the entire INIT chunk MUST <bcp14>MUST</bcp14> be discarded, and the state of
the existing association SHOULD NOT <bcp14>SHOULD NOT</bcp14> be changed.
An ABORT chunk SHOULD <bcp14>SHOULD</bcp14> be sent in a response that MAY <bcp14>MAY</bcp14> include the error
'Restart
"Restart of an association Association with new addresses'. New Addresses" error cause.
The error SHOULD <bcp14>SHOULD</bcp14> list the addresses that were added to the restarting
association.</t>
<t>When responding in either state (COOKIE-WAIT or COOKIE-ECHOED) with
an INIT ACK chunk, the original parameters are combined with those from the
newly received INIT chunk.
The endpoint MUST <bcp14>MUST</bcp14> also generate a State Cookie with the INIT ACK chunk.
The endpoint uses the parameters sent in its INIT chunk to calculate the
State Cookie.</t>
<t>After that, the endpoint MUST NOT <bcp14>MUST NOT</bcp14> change its state, the T1-init timer
MUST
<bcp14>MUST</bcp14> be left running, and the corresponding TCB MUST NOT <bcp14>MUST NOT</bcp14> be destroyed.
The normal procedures for handling State Cookies when a
TCB exists will resolve the duplicate INIT chunks to a single association.</t>
<t>For an endpoint that is in the COOKIE-ECHOED state, it MUST <bcp14>MUST</bcp14> populate
its Tie-Tags within both the association TCB and inside the State Cookie (see
<xref target='sec_unexpected_init_in_states_other_than_closed_cookie_echoed'/>
for a description of the Tie-Tags).</t>
</section>

<section anchor='sec_unexpected_init_in_states_other_than_closed_cookie_echoed'>
<name>Unexpected INIT Chunk in States Other than CLOSED, COOKIE-ECHOED, COOKIE-WAIT, and SHUTDOWN-ACK-SENT</name>

<t>Unless otherwise stated, upon receipt of an unexpected INIT chunk for this
association, the endpoint MUST <bcp14>MUST</bcp14> generate an INIT ACK chunk with a State Cookie.
Before responding, the endpoint MUST <bcp14>MUST</bcp14> check to see if the unexpected INIT chunk
adds new addresses to the association.
If new addresses are added to the association, the endpoint MUST <bcp14>MUST</bcp14> respond with
an ABORT chunk, copying the 'Initiate Tag' of the unexpected INIT chunk into the
'Verification Tag' of the outbound packet carrying the ABORT chunk.
In the ABORT chunk, the error cause MAY <bcp14>MAY</bcp14> be set to 'restart "Restart of an
association
Association with new addresses'. New Addresses".
The error SHOULD <bcp14>SHOULD</bcp14> list the addresses that were added to the restarting
association.
If no new addresses are added, when responding to the INIT chunk in the outbound
INIT ACK chunk, the endpoint MUST <bcp14>MUST</bcp14> copy its current Tie-Tags to a reserved place
within the State Cookie and the association's TCB.
We refer to these locations inside the cookie as the Peer's-Tie-Tag and
the Local-Tie-Tag.
We will refer to the copy within an association's TCB as the Local Tag and
Peer's Tag.
The outbound SCTP packet containing this INIT ACK chunk MUST <bcp14>MUST</bcp14> carry a
Verification Tag value equal to the Initiate Tag found in the unexpected
INIT chunk.
And the INIT ACK chunk MUST <bcp14>MUST</bcp14> contain a new Initiate Tag
(randomly generated; see <xref target='sec_selection_of_tag_value'/>).
Other parameters for the endpoint SHOULD <bcp14>SHOULD</bcp14> be copied from the existing
parameters of the association (e.g., number of outbound streams) into the
INIT ACK chunk and cookie.</t>
<t>After sending the INIT ACK or ABORT chunk, the endpoint MUST <bcp14>MUST</bcp14> take no
further actions; actions,
i.e., the existing association, including its current state, and the
corresponding TCB MUST NOT <bcp14>MUST NOT</bcp14> be changed.</t>
<t>Only when a TCB exists and the association is not in a COOKIE-WAIT
or SHUTDOWN-ACK-SENT state are the Tie-Tags populated with a random value
other than 0.
For a normal association INIT chunk (i.e., the endpoint is in the CLOSED state),
the Tie-Tags MUST <bcp14>MUST</bcp14> be set to 0 (indicating that no previous TCB existed).</t>
</section>

<section anchor='sec_unexpected_init_ack'>
<name>Unexpected INIT ACK Chunk</name>

<t>If an INIT ACK chunk is received by an endpoint in any state other than the
COOKIE-WAIT or CLOSED state, the endpoint SHOULD <bcp14>SHOULD</bcp14> discard the INIT ACK chunk.
An unexpected INIT ACK chunk usually indicates the processing of an old or
duplicated INIT chunk.</t>
</section>

<section anchor='sec_handle_a_cookie_echo_when_a_tcp_exists'>
<name>Handle a COOKIE ECHO Chunk when When a TCB Exists</name>

<t>When a COOKIE ECHO chunk is received by an endpoint in any state for an
existing association (i.e., not in the CLOSED state) state), the following rules
are applied:</t>
<ol type='%d)'>
<li><t>Compute a MAC as described in step 1 of
<xref target='sec_state_coockie_authentication'/>,</t></li> target='sec_state_coockie_authentication'/>.</t></li>
<li><t>Authenticate the State Cookie as described in step 2 of
<xref target='sec_state_coockie_authentication'/>
(this is case C or D above).</t></li>
<li><t>Compare the timestamp in the State Cookie to the current time.
If the State Cookie is older than the lifespan carried in the State Cookie
and the Verification Tags contained in the State Cookie do not match the
current association's Verification Tags, the packet, including the COOKIE ECHO
chunk and any DATA chunks, SHOULD <bcp14>SHOULD</bcp14> be discarded.
The endpoint also MUST <bcp14>MUST</bcp14> transmit an ERROR chunk with a "Stale Cookie" error cause
to the peer endpoint (this is case C or D in
<xref target='sec_handle_duplicate_or_unexpected_chunks'/>).</t>
<t>If both Verification Tags in the State Cookie match the Verification Tags of
the current association, consider the State Cookie valid (this is case E in
<xref target='sec_handle_duplicate_or_unexpected_chunks'/>) target='sec_handle_duplicate_or_unexpected_chunks'/>), even if the
lifespan is exceeded.</t></li>
<li><t>If the State Cookie proves to be valid, unpack the TCB into a
temporary TCB.</t></li>
<li><t>Refer to <xref target='table_handling_of_cookie_echo'/> to determine the
correct action to be taken.</t></li>
</ol>
<table anchor='table_handling_of_cookie_echo'>
<name>Handling of a COOKIE ECHO Chunk when When a TCB Exists</name>
<thead>
<tr><td
<tr><th align='center'>Local Tag</td><td Tag</th><th align='center'>Peer's Tag</td><td align='center'>Local-Tie-Tag</td><td align='center'>Peer's-Tie-Tag</td><td align='center'>Action</td></tr> Tag</th><th align='center'>Local-Tie-Tag</th><th align='center'>Peer's-Tie-Tag</th><th align='center'>Action</th></tr>
</thead>
<tbody>
<tr><td align='center'>X</td><td align='center'>X</td><td align='center'>M</td><td align='center'>M</td><td align='center'>(A)</td></tr>
<tr><td align='center'>M</td><td align='center'>X</td><td align='center'>A</td><td align='center'>A</td><td align='center'>(B)</td></tr>
<tr><td align='center'>M</td><td align='center'>0</td><td align='center'>A</td><td align='center'>A</td><td align='center'>(B)</td></tr>
<tr><td align='center'>X</td><td align='center'>M</td><td align='center'>0</td><td align='center'>0</td><td align='center'>(C)</td></tr>
<tr><td align='center'>M</td><td align='center'>M</td><td align='center'>A</td><td align='center'>A</td><td align='center'>(D)</td></tr>
</tbody>
</table>
<t>Legend:</t>
<dl spacing='compact'>
<dt>X -</dt><dd><t>Tag -</dt><dd>Tag does not match the existing TCB.</t></dd> TCB.</dd>
<dt>M -</dt><dd><t>Tag -</dt><dd>Tag matches the existing TCB.</t></dd> TCB.</dd>
<dt>0 -</dt><dd><t>Tag -</dt><dd>Tag unknown (Peer's Tag not known yet / No tie-tag Tie-Tag in cookie).</t></dd> cookie).</dd>
<dt>A -</dt><dd><t>All -</dt><dd>All cases, i.e., M, X, or 0.</t></dd> 0.</dd>
</dl>
<t>For any case not shown in <xref target='table_handling_of_cookie_echo'/>,
the cookie SHOULD <bcp14>SHOULD</bcp14> be silently discarded.</t>

<t>Action</t>

<t>Action:</t>
<ol type='%C)'>
<li><t>In this case, the peer might have restarted. When the endpoint
recognizes this potential 'restart', the existing session is
treated the same as if it received an ABORT chunk followed by a new
COOKIE ECHO chunk with the following exceptions:</t>
<ul>
<li><t>Any SCTP DATA chunks MAY <bcp14>MAY</bcp14> be retained (this is an implementation-specific
option).</t></li>
<li><t>A notification of RESTART SHOULD notification <bcp14>SHOULD</bcp14> be sent to the ULP instead of a
"COMMUNICATION LOST"
COMMUNICATION LOST notification.</t></li>
</ul>
<t>All the congestion control parameters (e.g., cwnd, ssthresh)
related to this peer MUST <bcp14>MUST</bcp14> be reset to their initial values
(see <xref target='sec_processing_of_received_sack'/>).</t>
<t>After this, the endpoint enters the ESTABLISHED state.</t>
<t>If the endpoint is in the SHUTDOWN-ACK-SENT state and recognizes that the peer
has restarted (Action A), it MUST NOT <bcp14>MUST NOT</bcp14> set up a new association but instead
resend the SHUTDOWN ACK chunk and send an ERROR chunk with a
"Cookie Received While Shutting Down" error cause to its peer.</t></li>
<li><t>In this case, both sides might be attempting to start an association
at about the same time, but the peer endpoint sent its INIT chunk
after responding to the local endpoint's INIT chunk.
Thus, it might have picked a new Verification Tag, not being aware of the
previous tag it had sent this endpoint.
The endpoint SHOULD <bcp14>SHOULD</bcp14> stay in or enter the ESTABLISHED state, but it MUST <bcp14>MUST</bcp14> update
its peer's Verification Tag from the State Cookie, stop any T1-init or
T1-cookie timers that might be running, and send a COOKIE ACK chunk.</t></li>
<li><t>In this case, the local endpoint's cookie has arrived late.
Before it arrived, the local endpoint sent an INIT chunk and received an
INIT ACK chunk and finally sent a COOKIE ECHO chunk with the peer's same tag
but a new tag of its own.
The cookie SHOULD <bcp14>SHOULD</bcp14> be silently discarded.
The endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> change states and SHOULD <bcp14>SHOULD</bcp14> leave any timers running.</t></li>
<li><t>When both local and remote tags match, the endpoint SHOULD <bcp14>SHOULD</bcp14> enter the
ESTABLISHED state, state if it is in the COOKIE-ECHOED state.
It SHOULD <bcp14>SHOULD</bcp14> stop any T1-cookie timer that is running and send a COOKIE ACK chunk.</t></li>
</ol>
<t>Note: The "peer's Verification Tag" is the tag received in the Initiate Tag
field of the INIT or INIT ACK chunk.</t>

<section>
<name>An Example of a an Association Restart</name>

<t>In the following example, "A" initiates the association after a restart
has occurred.
Endpoint "Z" had no knowledge of the restart until the exchange (i.e.,
Heartbeats had not yet detected the failure of "A")
(assuming no bundling or fragmentation occurs):</t>
<figure anchor='fig_restart_example'
        title='A Restart Example'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
Endpoint A                                          Endpoint Z
<-------------- Association is established---------------------->
Tag=Tag_A                                             Tag=Tag_Z
<--------------------------------------------------------------->
{A crashes and restarts}
{app sets up a an association with Z}
(build TCB)
INIT [I-Tag=Tag_A'
      & other info]  --------\
(Start T1-init timer)         \
(Enter COOKIE-WAIT state)      \---> (find an existing TCB,
                                      populate TieTags if needed,
                                      compose Cookie_Z with Tie-Tags
                                      and other info)
                                /--- INIT ACK [Veri Tag=Tag_A',
                               /               I-Tag=Tag_Z',
(Cancel T1-init timer) <------/                Cookie_Z]
                                     (leave original TCB in place)
COOKIE ECHO [Veri=Tag_Z',
             Cookie_Z]-------\
(Start T1-init timer)         \
(Enter COOKIE-ECHOED state)    \---> (Find existing association,
                                      Tie-Tags in Cookie_Z match
                                      Tie-Tags in TCB,
                                      Tags do not match, i.e.,
                                      case X X M M above,
                                      Announce Restart to ULP
                                      and reset association).
                               /---- COOKIE ACK
(Cancel T1-init timer, <------/
 Enter ESTABLISHED state)
{app sends 1st user data; strm 0}
DATA [TSN=initial [TSN=Initial TSN_A
    Strm=0,Seq=0 & user data]--\
(Start T3-rtx timer)            \
                                 \->
                              /--- SACK [TSN Ack=init TSN_A,Block=0]
(Cancel T3-rtx timer) <------/
]]>
</artwork>
]]></artwork>
</figure>
</section>
</section>

<section anchor='sec_handle_duplicate_cookie_ack'>
<name>Handle Duplicate COOKIE ACK Chunk</name>

<t>At any state other than COOKIE-ECHOED, an endpoint SHOULD <bcp14>SHOULD</bcp14> silently
discard a received COOKIE ACK chunk.</t>
</section>

<section anchor='sec_handle_stale_cookie_error'>
<name>Handle Stale Cookie Error</name>

<t>Receipt of an ERROR chunk with a "Stale Cookie" error cause indicates
one of a number of possible events:</t>

<ol type='%C)'>
<li><t>The association failed to completely setup set up before the State Cookie issued by
the sender was processed.</t></li>
<li><t>An old State Cookie was processed after setup completed.</t></li>
<li><t>An old State Cookie is received from someone that the receiver is not
interested in having an association with and the ABORT chunk was lost.</t></li>
</ol>
<t>When processing an ERROR chunk with a "Stale Cookie" error cause cause, an endpoint
SHOULD
<bcp14>SHOULD</bcp14> first examine if an association is in the process of being set up, i.e.,
the association is in the COOKIE-ECHOED state.
In all cases, if the association is not in the COOKIE-ECHOED state, the
ERROR chunk SHOULD <bcp14>SHOULD</bcp14> be silently discarded.</t>
<t>If the association is in the COOKIE-ECHOED state, the endpoint MAY <bcp14>MAY</bcp14> elect
one of the following three alternatives.</t>
<ol type='%d)'>
<li><t>Send a new INIT chunk to the endpoint to generate a new State Cookie and
reattempt the setup procedure.</t></li>
<li><t>Discard the TCB and report to the upper layer the inability to set up
the association.</t></li>
<li><t>Send a new INIT chunk to the endpoint, adding a Cookie Preservative
parameter requesting an extension to the life time of the State Cookie.
When calculating the time extension, an implementation SHOULD <bcp14>SHOULD</bcp14> use the RTT
information measured based on the previous COOKIE ECHO / ERROR ECHO/ERROR chunk exchange, exchange
and SHOULD <bcp14>SHOULD</bcp14> add no more than 1 second beyond the measured RTT, due to long
State Cookie life times making the endpoint more subject to a replay attack.</t></li>
</ol>
</section>
</section>

<section anchor='sec_other_initialization_issues'>
<name>Other Initialization Issues</name>

<section anchor='sec_selection_of_tag_value'>
<name>Selection of Tag Value</name>

<t>Initiate Tag values SHOULD <bcp14>SHOULD</bcp14> be selected from the range of 1 to 2<sup>32</sup> - 1.
It is very important that the Initiate Tag value be randomized to
help protect against "man in the middle" and "sequence number" off-path attacks.
The methods described in <xref target='RFC4086'/> target="RFC4086"/> can be used for the
Initiate Tag randomization.
Careful selection of Initiate Tags is also necessary to prevent old duplicate
packets from previous associations being mistakenly processed as belonging
to the current association.</t>
<t>Moreover, the Verification Tag value used by either endpoint in a
given association MUST NOT <bcp14>MUST NOT</bcp14> change during the life time of an association.
A new Verification Tag value MUST <bcp14>MUST</bcp14> be used each time the endpoint tears down
and then reestablishes an association to the same peer.</t>
</section>
</section>

<section anchor='sec_path_verifiation'>
<name>Path Verification</name>

<t>During association establishment, the two peers exchange a list of
addresses.
In the predominant case, these lists accurately represent the addresses
owned by each peer.
However, a misbehaving peer might supply addresses that it does not own.
To prevent this, the following rules are applied to all addresses of the
new association:</t>
<ol type='%d)'>
<li><t>Any addresses passed to the sender of the INIT chunk by its upper layer
in the request to initialize an association are automatically considered to be
CONFIRMED.</t></li>
<li><t>For the receiver of the COOKIE ECHO chunk, the only CONFIRMED address
is the address to which the packet containing the INIT ACK chunk was sent.</t></li>
<li><t>All other addresses not covered by rules 1 and 2 are considered
UNCONFIRMED and are subject to probing for verification.</t></li>
</ol>
<t>To probe an address for verification, an endpoint will send
HEARTBEAT chunks including a 64-bit random nonce and a path indicator (to
identify the address that the HEARTBEAT chunk is sent to) within the Heartbeat
Info parameter.</t>
<t>Upon receipt of the HEARTBEAT ACK chunk, a verification is made that the
nonce included in the Heartbeat Info parameter is the one sent to the
address indicated inside the Heartbeat Info parameter.
When this match occurs, the address that the original HEARTBEAT was sent to
is now considered CONFIRMED and available for normal data transfer.</t>
<t>These probing procedures are started when an association moves to the
ESTABLISHED state and are ended when all paths are confirmed.</t>

<t>In each RTO, a probe MAY <bcp14>MAY</bcp14> be sent on an active UNCONFIRMED path in an
attempt to move it to the CONFIRMED state.
If during this probing the path becomes inactive, this rate is lowered to the
normal HEARTBEAT rate.
At the expiration of the RTO timer, the error counter of any path that was
probed but not CONFIRMED is incremented by one and subjected to path failure
detection, as defined in <xref target='sec_path_failure_detection'/>.
When probing UNCONFIRMED addresses, however, the association overall error
count is not incremented.</t>

<t>The number of packets containing HEARTBEAT chunks sent at each RTO SHOULD <bcp14>SHOULD</bcp14>
be limited by the 'HB.Max.Burst' parameter.
It is an implementation decision as to how to distribute packets containing
HEARTBEAT chunks to the peer's addresses for path verification.</t>
<t>Whenever a path is confirmed, an indication MAY <bcp14>MAY</bcp14> be given to the upper
layer.</t>
<t>An endpoint MUST NOT <bcp14>MUST NOT</bcp14> send any chunks to an UNCONFIRMED address, with
the following exceptions:</t>
<ul>
<li><t>A HEARTBEAT chunk including a nonce MAY <bcp14>MAY</bcp14> be sent to an UNCONFIRMED address.</t></li>
<li><t>A HEARTBEAT ACK chunk MAY <bcp14>MAY</bcp14> be sent to an UNCONFIRMED address.</t></li>
<li><t>A COOKIE ACK chunk MAY <bcp14>MAY</bcp14> be sent to an UNCONFIRMED address, but it MUST <bcp14>MUST</bcp14> be
bundled with a HEARTBEAT chunk including a nonce.
An implementation that does not support bundling MUST NOT <bcp14>MUST NOT</bcp14> send a COOKIE ACK
chunk to an UNCONFIRMED address.</t></li>
<li><t>A COOKIE ECHO chunk MAY <bcp14>MAY</bcp14> be sent to an UNCONFIRMED address, but it MUST <bcp14>MUST</bcp14>
be bundled with a HEARTBEAT chunk including a nonce, and the size of the
SCTP packet MUST NOT <bcp14>MUST NOT</bcp14> exceed the PMTU.
If the implementation does not support bundling or if the bundled COOKIE ECHO
chunk plus HEARTBEAT chunk (including nonce) would result in an SCTP packet
larger than the PMTU, then the implementation MUST NOT <bcp14>MUST NOT</bcp14> send a COOKIE ECHO chunk
to an UNCONFIRMED address.</t></li>
</ul>
</section>
</section>

<section anchor='sec_user_data_transfer'>
<name>User Data Transfer</name>

<t>Data transmission MUST <bcp14>MUST</bcp14> only happen in the ESTABLISHED, SHUTDOWN-PENDING,
and SHUTDOWN-RECEIVED states.
The only exception to this is that DATA chunks are allowed to be bundled with
an outbound COOKIE ECHO chunk when in the COOKIE-WAIT state.</t>
<t>DATA chunks MUST <bcp14>MUST</bcp14> only be received according to the rules below in
ESTABLISHED, SHUTDOWN-PENDING, and SHUTDOWN-SENT states.
A DATA chunk received in CLOSED is out of the blue and SHOULD <bcp14>SHOULD</bcp14> be handled per
<xref target='sec_handle_out_of_the_blue_packets'/>.
A DATA chunk received in any other state SHOULD <bcp14>SHOULD</bcp14> be discarded.</t>
<t>A SACK chunk MUST <bcp14>MUST</bcp14> be processed in ESTABLISHED, SHUTDOWN-PENDING, and
SHUTDOWN-RECEIVED states.
An incoming SACK chunk MAY <bcp14>MAY</bcp14> be processed in COOKIE-ECHOED.
A SACK chunk in the CLOSED state is out of the blue and SHOULD <bcp14>SHOULD</bcp14> be processed
according to the rules in <xref target='sec_handle_out_of_the_blue_packets'/>.
A SACK chunk received in any other state SHOULD <bcp14>SHOULD</bcp14> be discarded.</t>
<t>For transmission efficiency, SCTP defines mechanisms for bundling of
small user messages and fragmentation of large user messages.
The following diagram depicts the flow of user messages through SCTP.</t>
<t>In this section, the term "data sender" refers to the endpoint that
transmits a DATA chunk chunk, and the term "data receiver" refers to the
endpoint that receives a DATA chunk.
A data receiver will transmit SACK chunks.</t>
<figure anchor='fig_user_data_transfer'
        title='Illustration of User Data Transfer'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
           +-------------------------+
           |      User Messages      |
           +-------------------------+
 SCTP user        ^  |
==================|==|=======================================
                  |  v (1)
       +------------------+    +---------------------+
       | SCTP DATA Chunks |    | SCTP Control Chunks |
       +------------------+    +---------------------+
                  ^  |             ^  |
                  |  v (2)         |  v (2)
               +--------------------------+
               |       SCTP packets       |
               +--------------------------+
 SCTP                      ^  |
===========================|==|===========================
                           |  v
       Connectionless Packet Transfer Service (e.g., IP)
]]>
</artwork>
]]></artwork>
</figure>
<t>The following applies:</t>
<ol type='%d)'>
<li><t>When converting user messages into DATA chunks, an endpoint
MUST
<bcp14>MUST</bcp14> fragment large user messages into multiple DATA chunks.
The size of each DATA chunk SHOULD <bcp14>SHOULD</bcp14> be smaller than or equal to the
Association Maximum DATA Chunk Size (AMDCS).
The data receiver will normally reassemble the fragmented message from DATA
chunks before delivery to the user (see <xref target='sec_frag_reass'/>
for details).</t></li>
<li><t>Multiple DATA and control chunks MAY <bcp14>MAY</bcp14> be bundled by the sender into a single
SCTP packet for transmission, as long as the final size of the SCTP packet does
not exceed the current PMTU.
The receiver will unbundle the packet back into the original chunks.
Control chunks MUST <bcp14>MUST</bcp14> come before DATA chunks in the packet.</t></li>
</ol>
<t>The fragmentation and bundling mechanisms, as detailed in Sections
<xref target='sec_frag_reass'/> target='sec_frag_reass' format='counter'/> and <xref target='sec_bundling'/>, target='sec_bundling' format='counter'/>, are OPTIONAL <bcp14>OPTIONAL</bcp14>
to implement by the data sender, but they MUST <bcp14>MUST</bcp14> be implemented by the data
receiver, i.e., an endpoint MUST <bcp14>MUST</bcp14> properly receive and process bundled or
fragmented data.</t>

<section anchor='sec_transmission_of_data_chunks'>
<name>Transmission of DATA Chunks</name>

<t>This section specifies the rules for sending DATA chunks.
In particular, it defines zero window probing, which is required to
avoid the indefinite stalling of an association in case of a loss of
packets containing SACK chunks performing window updates.</t>
<t>This document is specified as if there is a single retransmission timer
per destination transport address, but implementations MAY <bcp14>MAY</bcp14> have a
retransmission timer for each DATA chunk.</t>
<t>The following general rules MUST <bcp14>MUST</bcp14> be applied by the data sender for
transmission and/or retransmission of outbound DATA chunks:</t>
<ol type='%C)'>
<li>
<t>At any given time, the data sender MUST NOT <bcp14>MUST NOT</bcp14> transmit new data to
any destination transport address if its peer's rwnd indicates
that the peer has no buffer space (i.e., rwnd is smaller than the size of the
next DATA chunk; see <xref target='sec_processing_of_received_sack'/>),
except for zero window probes.</t>
<t>A zero window probe is a DATA chunk sent when the receiver has no buffer
space.
This rule allows the sender to probe for a change in rwnd that the sender
missed due to the SACK chunks having been lost in transit from the data
receiver to the data sender.
A zero window probe MUST <bcp14>MUST</bcp14> only be sent when the cwnd allows (see Rule rule B below).
A zero window probe SHOULD <bcp14>SHOULD</bcp14> only be sent when all outstanding DATA chunks have
been cumulatively acknowledged and no DATA chunks are in flight.
Senders MUST <bcp14>MUST</bcp14> support zero window probing.</t>

<t>If the sender continues to receive SACK chunks from the peer while doing
zero window probing, the unacknowledged window probes SHOULD NOT <bcp14>SHOULD NOT</bcp14> increment the
error counter for the association or any destination transport address.
This is because the receiver could keep its window closed for an indefinite
time.
<xref target='sec_acknowledgements_of_reception_of_data_chunks'/> describes the
receiver behavior when it advertises a zero window.
The sender SHOULD <bcp14>SHOULD</bcp14> send the first zero window probe after 1 RTO when it detects
that the receiver has closed its window and SHOULD <bcp14>SHOULD</bcp14> increase the probe interval
exponentially afterwards.
Also note that the cwnd SHOULD <bcp14>SHOULD</bcp14> be adjusted according to
<xref target='sec_slow_start'/>.
Zero window probing does not affect the calculation of cwnd.</t>
<t>The sender MUST <bcp14>MUST</bcp14> also have an algorithm for sending new DATA chunks to avoid
silly window syndrome (SWS) as described in <xref target='RFC1122'/>. target="RFC1122"/>.
The algorithm can be similar to the one described in Section 4.2.3.4 of <xref target='RFC1122'/>.</t> target="RFC1122" section="4.2.3.4" sectionFormat="of" />.</t>
</li>
<li>
<t>At any given time, the sender MUST NOT <bcp14>MUST NOT</bcp14> transmit new data to a given
transport address if it has cwnd + (PMDCS - 1) or more bytes of data outstanding
to that transport address.
If data is available, the sender SHOULD <bcp14>SHOULD</bcp14> exceed cwnd by up to (PMDCS - 1) bytes
on a new data transmission if the flightsize does not currently reach cwnd.
The breach of cwnd MUST <bcp14>MUST</bcp14> constitute one packet only.</t>
</li>
<li><t>When the time comes for the sender to transmit, before sending new
DATA chunks, the sender MUST <bcp14>MUST</bcp14> first transmit any DATA chunks that are marked
for retransmission (limited by the current cwnd).</t>
</li>
<li><t>When the time comes for the sender to transmit new DATA chunks, the
protocol parameter 'Max.Burst' SHOULD <bcp14>SHOULD</bcp14> be used to limit the number of packets sent.
The limit MAY <bcp14>MAY</bcp14> be applied by adjusting cwnd temporarily, as follows:</t>
<sourcecode>

<sourcecode type="pseudocode">
if ((flightsize + Max.Burst * PMDCS) &lt; cwnd)
    cwnd = flightsize + Max.Burst * PMDCS; PMDCS
</sourcecode>
<t>Or, it MAY <bcp14>MAY</bcp14> be applied by strictly limiting the number of packets emitted by
the output routine.
When calculating the number of packets to transmit, and particularly when
using the formula above, cwnd SHOULD NOT <bcp14>SHOULD NOT</bcp14> be changed permanently.</t>
</li>
<li>
<t>Then, the sender can send as many new DATA chunks as rule A and rule B
allow.</t>
</li>
</ol>
<t>Multiple DATA chunks committed for transmission MAY <bcp14>MAY</bcp14> be bundled in a
single packet.
Furthermore, DATA chunks being retransmitted MAY <bcp14>MAY</bcp14> be bundled with new
DATA chunks, as long as the resulting SCTP packet size does not exceed the PMTU.
A ULP can request that no bundling is performed, but this only turns off
any delays that an SCTP implementation might be using to increase bundling
efficiency.
It does not in itself stop all bundling from occurring (i.e., in case of
congestion or retransmission).</t>
<t>Before an endpoint transmits a DATA chunk, if any received DATA
chunks have not been acknowledged (e.g., due to delayed ack), the
sender SHOULD <bcp14>SHOULD</bcp14> create a SACK chunk and bundle it with the outbound DATA
chunk, as long as the size of the final SCTP packet does not exceed
the current PMTU.
See <xref target='sec_acknowledgements_of_reception_of_data_chunks'/>.</t>
<t>When the window is full (i.e., transmission is
disallowed by rule A and/or rule B), the sender MAY <bcp14>MAY</bcp14> still accept send
requests from its upper layer, layer but MUST <bcp14>MUST</bcp14> transmit no more DATA chunks
until some or all of the outstanding DATA chunks are acknowledged and
transmission is allowed by rule A and rule B again.</t>
<t>Whenever a transmission or retransmission is made to any address, if
the T3-rtx timer of that address is not currently running, the sender
MUST
<bcp14>MUST</bcp14> start that timer.
If the timer for that address is already running, the sender MUST <bcp14>MUST</bcp14> restart
the timer if the earliest (i.e., lowest TSN) outstanding DATA chunk sent to
that address is being retransmitted.
Otherwise, the data sender MUST NOT <bcp14>MUST NOT</bcp14> restart the timer.</t>
<t>When starting or restarting the T3-rtx timer, the timer value SHOULD <bcp14>SHOULD</bcp14> be
adjusted according to the timer rules defined in Sections
<xref target='sec_retransmission_timer_rules'/> target='sec_retransmission_timer_rules' format='counter'/> and
<xref target='sec_handle_t3_rtx_expiration'/>.</t> target='sec_handle_t3_rtx_expiration' format='counter'/>.</t>
<t>The data sender MUST NOT <bcp14>MUST NOT</bcp14> use a TSN that is more than 2<sup>31</sup> - 1 above
the beginning TSN of the current send window.</t>
<t>For each stream, the data sender MUST NOT <bcp14>MUST NOT</bcp14> have more than 2<sup>16</sup> - 1
ordered user messages in the current send window.</t>
<t>Whenever the sender of a DATA chunk can benefit from the corresponding
SACK chunk being sent back without delay, the sender MAY <bcp14>MAY</bcp14> set the I bit in the
DATA chunk header.
Please note that why the sender has set the I bit is irrelevant to the
receiver.</t>
<t>Reasons for setting the I bit include, but are not limited to, the
following (see Section 4 of <xref target='RFC7053'/> target="RFC7053" section="4" sectionFormat="of" /> for a discussion of the
benefits):</t>
<ul>
<li><t>The application requests that the I bit of the last DATA chunk of
a user message be set when providing the user message to the SCTP
implementation (see <xref target='sec_ulp_to_sctp'/>).</t></li>
<li><t>The sender is in the SHUTDOWN-PENDING state.</t></li>
<li><t>The sending of a DATA chunk fills the congestion or receiver window.</t></li>
</ul>
</section>

<section anchor='sec_acknowledgements_of_reception_of_data_chunks'>
<name>Acknowledgement on Reception of DATA Chunks</name>

<t>The SCTP endpoint MUST <bcp14>MUST</bcp14> always acknowledge the reception of each valid
DATA chunk when the DATA chunk received is inside its receive window.</t>
<t>When the receiver's advertised window is 0, the receiver MUST <bcp14>MUST</bcp14> drop
any new incoming DATA chunk with a TSN larger than the largest TSN
received so far.
Also, if the new incoming DATA chunk holds a TSN value less than the largest
TSN received so far, then the receiver SHOULD <bcp14>SHOULD</bcp14> drop the largest TSN held for
reordering and accept the new incoming DATA chunk.
In either case, if such a DATA chunk is dropped, the receiver MUST <bcp14>MUST</bcp14> immediately
send back a SACK chunk with the current receive window showing only DATA chunks
received and accepted so far.
The dropped DATA chunk(s) MUST NOT <bcp14>MUST NOT</bcp14> be included in the SACK chunk, as they were
not accepted.
The receiver MUST <bcp14>MUST</bcp14> also have an algorithm for advertising its receive window
to avoid receiver silly window syndrome (SWS), as described in
<xref target='RFC1122'/>. target="RFC1122"/>.
The algorithm can be similar to the one described in Section 4.2.3.3 of <xref target='RFC1122'/>.</t> target="RFC1122" section="4.2.3.3" sectionFormat="of" />.</t>
<t>The guidelines on the delayed acknowledgement algorithm specified in
Section 4.2 of
<xref target='RFC5681'/> SHOULD target="RFC5681" section="4.2" sectionFormat="of" /> <bcp14>SHOULD</bcp14> be followed.
Specifically, an acknowledgement SHOULD <bcp14>SHOULD</bcp14> be generated for at least every
second packet (not every second DATA chunk) received, received and SHOULD <bcp14>SHOULD</bcp14> be generated
within 200 ms of the arrival of any unacknowledged DATA chunk.
In some situations, it might be beneficial for an SCTP transmitter to be
more conservative than the algorithms detailed in this document allow.
However, an SCTP transmitter MUST NOT <bcp14>MUST NOT</bcp14> be more aggressive in sending SACK chunks
than the following algorithms allow.</t>
<t>An SCTP receiver MUST NOT <bcp14>MUST NOT</bcp14> generate more than one SACK chunk for every
incoming packet, other than to update the offered window as the
receiving application consumes new data.
When the window opens up, an SCTP receiver SHOULD <bcp14>SHOULD</bcp14> send additional SACK chunks
to update the window even if no new data is received.
The receiver MUST <bcp14>MUST</bcp14> avoid sending a large number of window updates -- in
particular, large bursts of them.
One way to achieve this is to send a window update only if the window can be
increased by at least a quarter of the receive buffer size of the
association.</t>
<t>Implementation Note: The maximum delay for generating an acknowledgement
MAY
<bcp14>MAY</bcp14> be configured by the SCTP administrator, either statically or dynamically,
in order to meet the specific timing requirement of the protocol being
carried.</t>
<t>An implementation MUST NOT <bcp14>MUST NOT</bcp14> allow the maximum delay (protocol parameter
'SACK.Delay') to be configured to be more than 500 ms.
In other words, an implementation MAY <bcp14>MAY</bcp14> lower the value of 'SACK.Delay'
below 500 ms but MUST NOT <bcp14>MUST NOT</bcp14> raise it above 500 ms.</t>
<t>Acknowledgements MUST <bcp14>MUST</bcp14> be sent in SACK chunks unless shutdown was
requested by the ULP, in which case an endpoint MAY <bcp14>MAY</bcp14> send an
acknowledgement in the SHUTDOWN chunk.
A SACK chunk can acknowledge the reception of multiple DATA chunks.
See <xref target='sec_sack_chunk'/> for SACK chunk format.
In particular, the SCTP endpoint MUST <bcp14>MUST</bcp14> fill in the Cumulative TSN Ack field to
indicate the latest sequential TSN (of a valid DATA chunk) it has received.
Any received DATA chunks with TSN greater than the value in the
Cumulative TSN Ack field are reported in the Gap Ack Block fields.
The SCTP endpoint MUST <bcp14>MUST</bcp14> report as many Gap Ack Blocks as can fit in a single SACK
chunk such that the size of the SCTP packet does not exceed the current PMTU.</t>
<t>The SHUTDOWN chunk does not contain Gap Ack Block fields.
Therefore, the endpoint SHOULD <bcp14>SHOULD</bcp14> use a SACK chunk instead of the SHUTDOWN
chunk to acknowledge DATA chunks received out of order.</t>
<t>Upon receipt of an SCTP packet containing a DATA chunk with the I bit set,
the receiver SHOULD NOT <bcp14>SHOULD NOT</bcp14> delay the sending of the corresponding SACK chunk, i.e.,
the receiver SHOULD <bcp14>SHOULD</bcp14> immediately respond with the corresponding SACK chunk.</t>
<t>When a packet arrives with duplicate DATA chunk(s) and with no new
DATA chunk(s), the endpoint MUST <bcp14>MUST</bcp14> immediately send a SACK chunk with no
delay.
If a packet arrives with duplicate DATA chunk(s) bundled with
new DATA chunks, the endpoint MAY <bcp14>MAY</bcp14> immediately send a SACK chunk.
Normally, receipt of duplicate DATA chunks will occur when the original SACK
chunk was lost and the peer's RTO has expired.
The duplicate TSN number(s) SHOULD <bcp14>SHOULD</bcp14> be reported in the SACK chunk as duplicate.</t>
<t>When an endpoint receives a SACK chunk, it MAY <bcp14>MAY</bcp14> use the duplicate TSN
information to determine if SACK chunk loss is occurring.
Further use of this data is for future study.</t>
<t>The data receiver is responsible for maintaining its receive buffers.
The data receiver SHOULD <bcp14>SHOULD</bcp14> notify the data sender in a timely manner of
changes in its ability to receive data.
How an implementation manages its receive buffers is dependent on many
factors (e.g., operating system, memory management system, amount of memory,
etc.).
However, the data sender strategy defined in
<xref target='sec_processing_of_received_sack'/> is based on the assumption of
receiver operation similar to the following:</t>
<ol type='%C)'>
<li><t>At initialization of the association, the endpoint tells the peer
how much receive buffer space it has allocated to the association
in the INIT or INIT ACK chunk.
The endpoint sets a_rwnd to this value.</t></li>
<li><t>As DATA chunks are received and buffered, decrement a_rwnd by the
number of bytes received and buffered.
This is, in effect, closing rwnd at the data sender and restricting the amount
of data it can transmit.</t></li>
<li><t>As DATA chunks are delivered to the ULP and released from the
receive buffers, increment a_rwnd by the number of bytes delivered
to the upper layer.
This is, in effect, opening up rwnd on the data sender and allowing it to
send more data.
The data receiver SHOULD NOT <bcp14>SHOULD NOT</bcp14> increment a_rwnd unless it has released bytes
from its receive buffer.
For example, if the receiver is holding fragmented DATA chunks in a reassembly
queue, it SHOULD NOT <bcp14>SHOULD NOT</bcp14> increment a_rwnd.</t></li>
<li><t>When sending a SACK chunk, the data receiver SHOULD <bcp14>SHOULD</bcp14> place the current
value of a_rwnd into the a_rwnd field.
The data receiver SHOULD <bcp14>SHOULD</bcp14> take into account that the data sender will not
retransmit DATA chunks that are acked via the Cumulative TSN Ack (i.e., will
drop from its retransmit queue).</t></li>
</ol>
<t>Under certain circumstances, the data receiver MAY <bcp14>MAY</bcp14> drop DATA
chunks that it has received but has not released from its receive
buffers (i.e., delivered to the ULP).
These DATA chunks might have been acked in Gap Ack Blocks.
For example, the data receiver might be holding data in its receive buffers
while reassembling a fragmented user message from its peer when it runs out of
receive buffer space.
It MAY <bcp14>MAY</bcp14> drop these DATA chunks even though it has acknowledged them in
Gap Ack Blocks.
If a data receiver drops DATA chunks, it MUST NOT <bcp14>MUST NOT</bcp14> include them in Gap Ack Blocks
in subsequent SACK chunks until they are received again via retransmission.
In addition, the endpoint SHOULD <bcp14>SHOULD</bcp14> take into account the dropped data when
calculating its a_rwnd.</t>
<t>An endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> revoke a SACK chunk and discard data.
Only in extreme circumstances might an endpoint use this procedure (such as
out of buffer space).
The data receiver SHOULD <bcp14>SHOULD</bcp14> take into account that dropping data that has been
acked in Gap Ack Blocks can result in suboptimal retransmission strategies in
the data sender and thus in suboptimal performance.</t>
<t>The following example illustrates the use of delayed acknowledgements:</t>
<figure anchor='fig_delayed_ack_example'
        title='Delayed Acknowledgement Example'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
Endpoint A                                      Endpoint Z

{App sends 3 messages; strm 0}
DATA [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
(Start T3-rtx timer)

DATA [TSN=8,Strm=0,Seq=4] ------------> (send ack)
                              /------- SACK [TSN Ack=8,block=0]
(cancel T3-rtx timer)  <-----/

DATA [TSN=9,Strm=0,Seq=5] ------------> (ack delayed)
(Start T3-rtx timer)
                                       ...
                                       {App sends 1 message; strm 1}
                                       (bundle SACK with DATA)
                                /----- SACK [TSN Ack=9,block=0] \
                               /         DATA [TSN=6,Strm=1,Seq=2]
(cancel T3-rtx timer)  <------/        (Start T3-rtx timer)

(ack delayed)
(send ack)
SACK [TSN Ack=6,block=0] -------------> (cancel T3-rtx timer)
]]>
</artwork>
]]></artwork>
</figure>
<t>If an endpoint receives a DATA chunk with no user data (i.e., the
Length field is set to 16), it SHOULD <bcp14>SHOULD</bcp14> send an ABORT chunk with a "No User Data"
error cause.</t>
<t>An endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> send a DATA chunk with no user data part.
This avoids the need to be able to return a zero-length user
message in the API, especially in the socket API as specified in
<xref target='RFC6458'/> target="RFC6458"/> for details.</t>

<section anchor='sec_processing_of_received_sack'>
<name>Processing a Received SACK Chunk</name>

<t>Each SACK chunk an endpoint receives contains an a_rwnd value.
This value represents the amount of buffer space the data receiver, at the time
of transmitting the SACK chunk, has left of its total receive buffer space
(as specified in the INIT/INIT ACK chunk).
Using a_rwnd, Cumulative TSN Ack, and Gap Ack Blocks, the data sender can
develop a representation of the peer's receive buffer space.</t>
<t>One of the problems the data sender takes into account when
processing a SACK chunk is that a SACK chunk can be received out of order.
That is, a SACK chunk sent by the data receiver can pass an earlier SACK chunk
and be received first by the data sender.
If a SACK chunk is received out of order, the data sender can develop an
incorrect view of the peer's receive buffer space.</t>
<t>Since there is no explicit identifier that can be used to detect out-of-order
SACK chunks, the data sender uses heuristics to determine if a SACK chunk is
new.</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> use the following rules to calculate the rwnd,
using the a_rwnd value, the Cumulative TSN Ack, and Gap Ack Blocks in
a received SACK chunk.</t>
<ol type='%C)'>
<li><t>At the establishment of the association, the endpoint initializes
the rwnd to the Advertised Receiver Window Credit (a_rwnd) the peer specified
in the INIT or INIT ACK chunk.</t></li>
<li><t>Any time a DATA chunk is transmitted (or retransmitted) to a peer, the
endpoint subtracts the data size of the chunk from the rwnd of that peer.</t></li>
<li><t>Any time a DATA chunk is marked for retransmission, either via T3-rtx timer
expiration (<xref target='sec_handle_t3_rtx_expiration'/>) or
via Fast Retransmit (<xref target='sec_fast_retransmit_on_gap_reports'/>),
add the data size of those chunks to the rwnd.</t></li>
<li><t>Any time a SACK chunk arrives, the endpoint performs the following:</t>
<ol type='%i)'>
<li><t>If Cumulative TSN Ack is less than the Cumulative TSN Ack Point,
then drop the SACK chunk.
Since Cumulative TSN Ack is monotonically increasing, a SACK chunk whose
Cumulative TSN Ack is less than the Cumulative TSN Ack Point indicates an
out-of-order SACK chunk.</t></li>
<li><t>Set rwnd equal to the newly received a_rwnd minus the number of bytes still
outstanding after processing the Cumulative TSN Ack and the Gap Ack Blocks.</t></li>
<li><t>If the SACK chunk is missing a TSN that was previously acknowledged via
a Gap Ack Block (e.g., the data receiver reneged on the data), then consider
the corresponding DATA that might be possibly missing:
Count one miss indication towards Fast Retransmit as described in
<xref target='sec_fast_retransmit_on_gap_reports'/>,
and if no retransmit timer is running for the destination address to which the
DATA chunk was originally transmitted, then T3-rtx is started for that
destination address.</t></li>
<li><t>If the Cumulative TSN Ack matches or exceeds the Fast Recovery exitpoint exit point
(<xref target='sec_fast_retransmit_on_gap_reports'/>),
Fast Recovery is exited.</t></li>
</ol></li>
</ol>
</section>
</section>

<section anchor='sec_management_of_retransission_timer'>
<name>Management of Retransmission Timer</name>

<t>An SCTP endpoint uses a retransmission timer T3-rtx to ensure data
delivery in the absence of any feedback from its peer.
The duration of this timer is referred to as RTO (retransmission timeout).</t>
<t>When an endpoint's peer is multi-homed, the endpoint will calculate a
separate RTO for each different destination transport address of its
peer endpoint.</t>
<t>The computation and management of RTO in SCTP follow closely how TCP
manages its retransmission timer.
To compute the current RTO, an endpoint maintains two state variables per
destination transport address: SRTT (smoothed round-trip time) and
RTTVAR (round-trip time variation).</t>

<section anchor='sec_rto_calculation'>
<name>RTO Calculation</name>

<t>The rules governing the computation of SRTT, RTTVAR, and RTO are as follows:</t>
<ol type='C%d)'>
<li><t>Until an RTT measurement has been made for a packet sent to the given
destination transport address, set RTO to the protocol parameter
'RTO.Initial'.</t></li>
<li><t>When the first RTT measurement R is made, perform</t>
<sourcecode> perform:</t>
<sourcecode type="pseudocode"><![CDATA[
SRTT = R; R
RTTVAR = R/2; R/2
RTO = SRTT + 4 * RTTVAR;
</sourcecode></li> RTTVAR
]]></sourcecode></li>
<li><t>When a new RTT measurement R' is made, perform:</t>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
RTTVAR = (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|; R'|
SRTT = (1 - RTO.Alpha) * SRTT + RTO.Alpha * R';
</sourcecode> R'
]]></sourcecode>
<t>Note: The value of SRTT used in the update to RTTVAR is its
value before updating SRTT itself using the second assignment.</t>
<t>After the computation, update update: </t>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
RTO = SRTT + 4 * RTTVAR;
</sourcecode></li> RTTVAR
]]></sourcecode></li>
<li><t>When data is in flight and when allowed by rule C5 below, a new
RTT measurement MUST <bcp14>MUST</bcp14> be made each round trip.
Furthermore, new RTT measurements SHOULD <bcp14>SHOULD</bcp14> be made no more than once per
round trip for a given destination transport address.
There are two reasons for this recommendation:
First, it appears that measuring more frequently often does not in practice
yield any significant benefit <xref target='ALLMAN99'/>;
second, if measurements are made more often, then the values of 'RTO.Alpha' and
'RTO.Beta' in rule C3 above SHOULD <bcp14>SHOULD</bcp14> be adjusted so that SRTT and RTTVAR still
adjust to changes at roughly the same rate (in terms of how many round
trips it takes them to reflect new values) as they would if making only one
measurement per round-trip round trip and using 'RTO.Alpha' and 'RTO.Beta' as given in rule C3.
However, the exact nature of these adjustments remains a research issue.</t></li>
<li><t>Karn's algorithm: RTT measurements MUST NOT <bcp14>MUST NOT</bcp14> be made using chunks that
were retransmitted (and thus for which it is ambiguous whether the reply was
for the first instance of the chunk or for a later instance).</t>
<t>RTT measurements SHOULD <bcp14>SHOULD</bcp14> only be made using a DATA chunk with TSN r, r if no
DATA chunk with TSN less than or equal to r was retransmitted since the DATA
chunk with TSN r was sent first.</t></li>
<li><t>Whenever RTO is computed, if it is less than 'RTO.Min' seconds seconds, then it is
rounded up to 'RTO.Min' seconds.
The reason for this rule is that RTOs that do not have a high minimum value are
susceptible to unnecessary timeouts <xref target='ALLMAN99'/>.</t></li>
<li><t>A maximum value MAY <bcp14>MAY</bcp14> be placed on RTO RTO, provided it is at least
'RTO.max'
'RTO.Max' seconds.</t></li>
</ol>
<t>There is no requirement for the clock granularity G used for computing
RTT measurements and the different state variables, other than:</t>
<ol type='G%d)'>
<li><t>Whenever RTTVAR is computed, if RTTVAR == 0, then adjust RTTVAR = G.</t></li>
</ol>
<t>Experience <xref target='ALLMAN99'/> has shown that finer clock granularities
(less than 100 msec) perform somewhat better than more coarse granularities.</t>
<t>See <xref target='sec_parameter_values'/> for suggested parameter values.</t>

</section>

<section anchor='sec_retransmission_timer_rules'>
<name>Retransmission Timer Rules</name>

<t>The rules for managing the retransmission timer are as follows:</t>
<ol type='R%d)'>
<li><t>Every time a DATA chunk is sent to any address (including a retransmission),
if the T3-rtx timer of that address is not running, start it running so that
it will expire after the RTO of that address.
 The RTO used here is that obtained after any doubling due to previous
T3-rtx timer expirations on the corresponding destination address as discussed
in rule E2 below.</t></li>
<li><t>Whenever all outstanding data sent to an address have been acknowledged,
turn off the T3-rtx timer of that address.</t></li>
<li><t>Whenever a SACK chunk is received that acknowledges the DATA chunk with
the earliest outstanding TSN for that address, restart the T3-rtx timer for that
address with its current RTO (if there is still outstanding data on that
address).</t></li>
<li><t>Whenever a SACK chunk is received missing a TSN that was previously
acknowledged via a Gap Ack Block, start the T3-rtx for the destination address
to which the DATA chunk was originally transmitted if it is not already
running.</t></li>
</ol>
<t>The following example shows the use of various timer rules (assuming
that the receiver uses delayed acks).</t>
<figure anchor='fig_timer_rule_examples'
        title='Timer Rule Examples'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
Endpoint A                                         Endpoint Z
{App begins to send}
Data [TSN=7,Strm=0,Seq=3] ------------> (ack delayed)
(Start T3-rtx timer)
                                        {App sends 1 message; strm 1}
                                        (bundle ack with data)
DATA [TSN=8,Strm=0,Seq=4] ----\     /-- SACK [TSN Ack=7,Block=0]
                               \   /      DATA [TSN=6,Strm=1,Seq=2]
                                \ /     (Start T3-rtx timer)
                                 \
                                / \
(Restart T3-rtx timer)  <------/   \--> (ack delayed)
(ack delayed)
{send ack}
SACK [TSN Ack=6,Block=0] --------------> (Cancel T3-rtx timer)
                                        ..
                                        (send ack)
(Cancel T3-rtx timer)  <-------------- SACK [TSN Ack=8,Block=0]
]]>
</artwork>
]]></artwork>
</figure>
</section>

<section anchor='sec_handle_t3_rtx_expiration'>
<name>Handle T3-rtx Expiration</name>

<t>Whenever the retransmission timer T3-rtx expires for a destination address,
do the following:</t>
<ol type='E%d)'>
<li><t>For the destination address for which the timer expires, adjust its ssthresh
with rules defined in <xref target='sec_congestion_control_sub'/> and set
the
cwnd = PMDCS.</t></li>
<li><t>For the destination address for which the timer expires, set
RTO = RTO * 2 ("back off the timer").
The maximum value discussed in rule C7 above ('RTO.max') MAY ('RTO.Max') <bcp14>MAY</bcp14> be used to provide
an upper bound to this doubling operation.</t></li>
<li><t>Determine how many of the earliest (i.e., lowest TSN) outstanding
DATA chunks for the address for which the T3-rtx has expired will fit into a
single SCTP packet, subject to the PMTU corresponding to the
destination transport address to which the retransmission is being sent
(this might be different from the address for which the timer expires;
see <xref target='sec_multi_homed_sctp_endpoints'/>).
Call this value K.
Bundle and retransmit those K DATA chunks in a single packet to the destination
endpoint.</t></li>
<li><t>Start the retransmission timer T3-rtx on the destination address to which
the retransmission is sent, sent if rule R1 above indicates to do so.
The RTO to be used for starting T3-rtx SHOULD <bcp14>SHOULD</bcp14> be the one for the destination
address to which the retransmission is sent, which, when the receiver is
multi-homed, might be different from the destination address for which the
timer expired (see <xref target='sec_multi_homed_sctp_endpoints'/> below).</t></li>
</ol>
<t>After retransmitting, once a new RTT measurement is obtained (which can
happen only when new data has been sent and acknowledged, per rule C5,
or for a measurement made from a HEARTBEAT chunk;
see <xref target='sec_path_heartbeat'/>), the computation in rule C3 is
performed, including the computation of RTO, which might result in "collapsing"
RTO back down after it has been subject to doubling (rule E2).</t>
<t>Any DATA chunks that were sent to the address for which the
T3-rtx timer expired but did not fit in an SCTP packet of size smaller than or
equal to the PMTU (rule E3 above) SHOULD <bcp14>SHOULD</bcp14> be marked for retransmission and sent
as soon as cwnd allows (normally, when a SACK chunk arrives).</t>
<t>The final rule for managing the retransmission timer concerns failover
(see <xref target='sec_failover_from_an_inavtive_destination_address'/>):</t>
<ol type='F%d)'>
<li><t>Whenever an endpoint switches from the current destination
transport address to a different one, the current retransmission
timers are left running.
As soon as the endpoint transmits a packet containing DATA chunk(s) to the
new transport address, start the timer on that transport address, using the
RTO value of the destination address to which the data is being sent, if
rule R1 indicates to do so.</t></li>
</ol>
</section>
</section>

<section anchor='sec_multi_homed_sctp_endpoints'>
<name>Multi-Homed SCTP Endpoints</name>

<t>An SCTP endpoint is considered multi-homed if there is more than one
transport address that can be used as a destination address to reach that
endpoint.</t>
<t>Moreover, the ULP of an endpoint selects one of the multiple
destination addresses of a multi-homed peer endpoint as the primary
path (see Sections <xref target='sec_handle_address_parameters'/> target='sec_handle_address_parameters' format='counter'/> and
<xref target='sec_ulp_to_sctp'/> target='sec_ulp_to_sctp' format='counter'/> for details).</t>
<t>By default, an endpoint SHOULD <bcp14>SHOULD</bcp14> always transmit to the primary path,
unless the SCTP user explicitly specifies the destination transport
address (and possibly source transport address) to use.</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> transmit reply chunks (e.g., INIT ACK, COOKIE ACK, and
HEARTBEAT ACK) in response to control chunks to the same destination
transport address from which it received the control chunk to which
it is replying.</t>
<t>The selection of the destination transport address for packets
containing SACK chunks is implementation dependent.
However, an endpoint SHOULD NOT <bcp14>SHOULD NOT</bcp14> vary the destination transport address of
a SACK chunk when it receives DATA chunks coming from the same source
address.</t>
<t>When acknowledging multiple DATA chunks received in packets
from different source addresses in a single SACK chunk, the SACK chunk MAY <bcp14>MAY</bcp14>
be transmitted to one of the destination transport addresses from
which the DATA or control chunks being acknowledged were received.</t>
<t>When a receiver of a duplicate DATA chunk sends a SACK chunk to a multi-homed
endpoint, it MAY <bcp14>MAY</bcp14> be beneficial to vary the destination address
and not use the source address of the DATA chunk.
The reason is that receiving a duplicate from a multi-homed endpoint might
indicate that the return path (as specified in the source address of the DATA
chunk) for the SACK chunk is broken.</t>
<t>Furthermore, when its peer is multi-homed, an endpoint SHOULD <bcp14>SHOULD</bcp14> try to
retransmit a chunk that timed out to an active destination transport
address that is different from the last destination address to which
the chunk was sent.</t>
<t>When its peer is multi-homed, an endpoint SHOULD <bcp14>SHOULD</bcp14> send fast retransmissions
to the same destination transport address to which the original data was sent.
If the primary path has been changed and the original data was sent to the
old primary path before the Fast Retransmit, the implementation MAY <bcp14>MAY</bcp14> send it to
the new primary path.</t>
<t>Retransmissions do not affect the total outstanding data count.
However, if the DATA chunk is retransmitted onto a different destination
address, both the outstanding data counts on the new destination address and
the old destination address to which the data chunk was last sent is
adjusted accordingly.</t>

<section anchor='sec_failover_from_an_inavtive_destination_address'>
<name>Failover from an Inactive Destination Address</name>

<t>Some of the transport addresses of a multi-homed SCTP endpoint might become
inactive due to either the occurrence of certain error conditions
(see <xref target='sec_path_failure_detection'/>) or adjustments from the
SCTP user.</t>
<t>When there is outbound data to send and the primary path becomes inactive
(e.g., due to failures), failures) or where the SCTP user explicitly requests to send data
to an inactive destination transport address, address before reporting an error to its
ULP, the SCTP endpoint SHOULD <bcp14>SHOULD</bcp14> try to send the data to an alternate active
destination transport address if one exists.</t>
<t>When retransmitting data that timed out, if the endpoint is multi-homed,
it needs to consider each source-destination address pair in its
retransmission selection policy.
When retransmitting timed-out data, the endpoint SHOULD <bcp14>SHOULD</bcp14> attempt to pick the
most divergent source-destination pair from the original source-destination
pair to which the packet was transmitted.</t>
<t>Note: Rules for picking the most divergent source-destination pair
are an implementation decision and are not specified within this document.</t>
</section>
</section>

<section anchor='sec_stream_identifier_and_stream_sequence_number'>
<name>Stream Identifier and Stream Sequence Number</name>

<t>Every DATA chunk MUST <bcp14>MUST</bcp14> carry a valid stream identifier.
If an endpoint receives a DATA chunk with an invalid stream identifier, it
SHOULD
<bcp14>SHOULD</bcp14> acknowledge the reception of the DATA chunk following the
normal procedure, immediately send an ERROR chunk with cause set to
"Invalid Stream Identifier" (see <xref target='sec_error_chunk'/>),
and discard the DATA chunk.
The endpoint MAY <bcp14>MAY</bcp14> bundle the ERROR chunk and the SACK chunk in the same
packet.</t>
<t>The Stream Sequence Number in all the outgoing streams MUST <bcp14>MUST</bcp14> start from 0 when
the association is established.
The Stream Sequence Number of an outgoing stream MUST <bcp14>MUST</bcp14> be incremented by 1 for
each ordered user message sent on that outgoing stream.
In particular, when the Stream Sequence Number reaches the value 65535 65535, the
next Stream Sequence Number MUST <bcp14>MUST</bcp14> be set to 0.
For unordered user messages messages, the Stream Sequence Number MUST NOT <bcp14>MUST NOT</bcp14> be changed.</t>
</section>

<section anchor='sec_ordered_and_unordered_delivery'>
<name>Ordered and Unordered Delivery</name>

<t>Within a stream, an endpoint MUST <bcp14>MUST</bcp14> deliver DATA chunks received with
the U flag set to 0 to the upper layer according to the order of
their Stream Sequence Number.
If DATA chunks arrive out of order of their Stream Sequence Number,
the endpoint MUST <bcp14>MUST</bcp14> hold the received DATA chunks from delivery to the ULP until
they are reordered.</t>
<t>However, an SCTP endpoint can indicate that no ordered delivery is
required for a particular DATA chunk transmitted within the stream by
setting the U flag of the DATA chunk to 1.</t>
<t>When an endpoint receives a DATA chunk with the U flag set to 1, it
bypasses the ordering mechanism and immediately deliver the data
to the upper layer (after reassembly if the user data is fragmented
by the data sender).</t>
<t>This provides an effective way of transmitting "out-of-band" data in
a given stream.
Also, a stream can be used as an "unordered" stream by simply setting the
U flag to 1 in all DATA chunks sent through that stream.</t>
<t>Implementation Note: When sending an unordered DATA chunk, an implementation
MAY
<bcp14>MAY</bcp14> choose to place the DATA chunk in an outbound packet that is at the head of
the outbound transmission queue if possible.</t>
<t>The 'Stream Sequence Number' field in a DATA chunk with U flag set to
1 has no significance.
The sender can fill the 'Stream Sequence Number' with arbitrary value, but
the receiver MUST <bcp14>MUST</bcp14> ignore the field.</t>
<t>Note: When transmitting ordered and unordered data, an endpoint does
not increment its Stream Sequence Number when transmitting a DATA chunk with
U flag set to 1.</t>
</section>

<section anchor='sec_report_gaps_in_received_data_tsns'>
<name>Report Gaps in Received DATA TSNs</name>

<t>Upon the reception of a new DATA chunk, an endpoint examines the
continuity of the TSNs received.
If the endpoint detects a gap in the received DATA chunk sequence, it SHOULD <bcp14>SHOULD</bcp14>
send a SACK chunk with Gap Ack Blocks immediately.
The data receiver continues sending a SACK chunk after receipt of each
SCTP packet that does not fill the gap.</t>
<t>Based on the Gap Ack Block from the received SACK chunk, the endpoint can
calculate the missing DATA chunks and make decisions on whether to
retransmit them (see <xref target='sec_processing_of_received_sack'/>
for details).</t>
<t>Multiple gaps can be reported in one single SACK chunk
(see <xref target='sec_sack_chunk'/>).</t>
<t>When its peer is multi-homed, the SCTP endpoint SHOULD <bcp14>SHOULD</bcp14> always try to
send the SACK chunk to the same destination address from which the last
DATA chunk was received.</t>
<t>Upon the reception of a SACK chunk, the endpoint MUST <bcp14>MUST</bcp14> remove all DATA chunks
that have been acknowledged by the SACK chunk's Cumulative TSN Ack from its
transmit queue.
All DATA chunks with TSNs not included in the Gap Ack Blocks that are smaller
than the highest acknowledged highest-acknowledged TSN reported in the SACK chunk MUST <bcp14>MUST</bcp14> be treated as
"missing" by the sending endpoint.
The number of "missing" reports for each outstanding DATA chunk MUST <bcp14>MUST</bcp14> be
recorded by the data sender to make retransmission decisions.
See <xref target='sec_fast_retransmit_on_gap_reports'/> for details.</t>
<t>The following example shows the use of SACK chunk to report a gap.</t>
<figure anchor='fig_report_gap_using_sack'
        title='Reporting a Gap using Using SACK Chunk'>
<artwork align='center'>
<![CDATA[ align='center'><![CDATA[
Endpoint A                                    Endpoint Z
{App sends 3 messages; strm 0}
DATA [TSN=6,Strm=0,Seq=2] ---------------> (ack delayed)
(Start T3-rtx timer)

DATA [TSN=7,Strm=0,Seq=3] --------> X (lost)

DATA [TSN=8,Strm=0,Seq=4] ---------------> (gap detected,
                                            immediately send ack)
                                /----- SACK [TSN Ack=6,Block=1,
                               /             Start=2,End=2]
                        <-----/
(remove 6 from out-queue,
 and mark 7 as "1" missing report)
]]>
</artwork>
]]></artwork>
</figure>
<t>The maximum number of Gap Ack Blocks that can be reported within a
single SACK chunk is limited by the current PMTU.
When a single SACK chunk cannot cover all the Gap Ack Blocks needed to be
reported due to the PMTU limitation, the endpoint MUST <bcp14>MUST</bcp14> send only one SACK chunk.
This single SACK chunk MUST <bcp14>MUST</bcp14> report the Gap Ack Blocks from the lowest to
highest TSNs, within the size limit set by the PMTU, and leave the remaining
highest TSN numbers unacknowledged.</t>
</section>

<section anchor='sec_crc32c_checksum_calculation'>
<name>CRC32c Checksum Calculation</name>

<t>When sending an SCTP packet, the endpoint MUST <bcp14>MUST</bcp14> strengthen the data integrity
of the transmission by including the CRC32c checksum value calculated on the
packet, as described below.</t>
<t>After the packet is constructed (containing the SCTP common header
and one or more control or DATA chunks), the transmitter MUST</t> <bcp14>MUST</bcp14>:</t>
<ol type='%d)'>
<li><t>fill in the proper Verification Tag in the SCTP common header and initialize
the checksum field to 0,</t></li>
<li><t>calculate the CRC32c checksum of the whole packet, including the SCTP common
header and all the chunks (refer to <xref target='sec_crc32c'/> for details of
the CRC32c algorithm); algorithm), and</t></li>
<li><t>put the resultant value into the checksum field in the common header, header and
leave the rest of the bits unchanged.</t></li>
</ol>
<t>When an SCTP packet is received, the receiver MUST <bcp14>MUST</bcp14> first check the CRC32c
checksum as follows:</t>
<ol type='%d)'>
<li><t>Store the received CRC32c checksum value aside.</t></li>
<li><t>Replace the 32 bits of the checksum field in the received SCTP packet with
0 and calculate a CRC32c checksum value of the whole received packet.</t></li>
<li><t>Verify that the calculated CRC32c checksum is the same as the received
CRC32c checksum.
If it is not, the receiver MUST <bcp14>MUST</bcp14> treat the packet as an invalid SCTP packet.</t></li>
</ol>
<t>The default procedure for handling invalid SCTP packets is to silently
discard them.</t>
<t>Any hardware implementation SHOULD <bcp14>SHOULD</bcp14> permit alternative verification of the
CRC in software.</t>
</section>

<section anchor='sec_frag_reass'>
<name>Fragmentation and Reassembly</name>

<t>An endpoint MAY <bcp14>MAY</bcp14> support fragmentation when sending DATA chunks, but
it MUST <bcp14>MUST</bcp14> support reassembly when receiving DATA chunks.
If an endpoint supports fragmentation, it MUST <bcp14>MUST</bcp14> fragment a user message if
the size of the user message to be sent causes the outbound SCTP
packet size to exceed the current PMTU.
An endpoint that does not support fragmentation and is requested to send a
user message such that the outbound SCTP packet size would exceed the
current PMTU MUST <bcp14>MUST</bcp14> return an error to its upper layer and MUST NOT <bcp14>MUST NOT</bcp14> attempt to
send the user message.</t>
<t>An SCTP implementation MAY <bcp14>MAY</bcp14> provide a mechanism to the upper layer that
disables fragmentation when sending DATA chunks.
When fragmentation of DATA chunks is disabeled, disabled, the SCTP implementation MUST <bcp14>MUST</bcp14>
behave in the same way an implementation that does not support fragmentation,
i.e., it  rejects calls that would result in sending SCTP packets that exceed
the current PMTU.</t>
<t>Implementation Note: In this error case, the SEND primitive discussed
in <xref target='sec_ulp_to_sctp'/> target='sec_send'/> would need to return an error to the
upper layer.</t>

<t>If its peer is multi-homed, the endpoint SHOULD <bcp14>SHOULD</bcp14> choose a DATA chunk size
smaller than or equal to the AMDCS.</t>

<t>Once a user message is fragmented, it cannot be re-fragmented.
Instead, if the PMTU has been reduced, then IP fragmentation MUST <bcp14>MUST</bcp14> be used.
Therefore, an SCTP association can fail if IP fragmentation is not working on
any path.
Please see <xref target='sec_path_mtu_discovery'/> for details of
PMTU discovery.</t>

<t>When determining when to fragment, the SCTP implementation MUST <bcp14>MUST</bcp14> take
into account the SCTP packet header as well as the DATA chunk header(s).
The implementation MUST <bcp14>MUST</bcp14> also take into account the space required for a SACK
chunk if bundling a SACK chunk with the DATA chunk.</t>
<t>Fragmentation takes the following steps:</t>
<ol type='%d)'>
<li><t>The data sender MUST <bcp14>MUST</bcp14> break the user message into a series of DATA chunks.
The sender SHOULD <bcp14>SHOULD</bcp14> choose a size of DATA chunks that is smaller than or equal
to the AMDCS.</t></li>
<li><t>The transmitter MUST <bcp14>MUST</bcp14> then assign, in sequence, a separate TSN to each of the
DATA chunks in the series.
The transmitter assigns the same Stream Sequence Number to each of the
DATA chunks.
If the user indicates that the user message is to be delivered using unordered
delivery, then the U flag of each DATA chunk of the user message MUST <bcp14>MUST</bcp14> be set
to 1.</t></li>

<li><t>The transmitter MUST <bcp14>MUST</bcp14> also set the B/E bits of the first DATA chunk in the
series to '10', 10, the B/E bits of the last DATA chunk in the series to '01', 01,
and the B/E bits of all other DATA chunks in the series to '00'.</t></li> 00.</t></li>
</ol>
<t>An endpoint MUST <bcp14>MUST</bcp14> recognize fragmented DATA chunks by examining the B/E bits
in each of the received DATA chunks, chunks and queue the fragmented DATA chunks for
reassembly.
Once the user message is reassembled, SCTP passes the reassembled user
message to the specific stream for possible reordering and final
dispatching.</t>
<t>If the data receiver runs out of buffer space while still waiting for
more fragments to complete the reassembly of the message, it SHOULD <bcp14>SHOULD</bcp14> dispatch
part of its inbound message through a partial delivery API
(see <xref target='sec_api'/>), freeing some of its receive buffer space so
that the rest of the message can be received.</t>
</section>

<section anchor='sec_bundling'>
<name>Bundling</name>

<t>An endpoint bundles chunks by simply including multiple chunks in one
outbound SCTP packet.
The total size of the resultant SCTP packet MUST <bcp14>MUST</bcp14> be less that or equal to the
current PMTU.</t>
<t>If its peer endpoint is multi-homed, the sending endpoint SHOULD <bcp14>SHOULD</bcp14> choose a
size no larger than the PMTU of the current primary path.</t>
<t>When bundling control chunks with DATA chunks, an endpoint MUST <bcp14>MUST</bcp14> place
control chunks first in the outbound SCTP packet.
The transmitter MUST <bcp14>MUST</bcp14> transmit DATA chunks within an SCTP packet in increasing
order of TSN.</t>
<t>Note: Since control chunks are placed first in a packet and since
DATA chunks are transmitted before SHUTDOWN or SHUTDOWN ACK
chunks, DATA chunks cannot be bundled with SHUTDOWN or SHUTDOWN ACK
chunks.</t>
<t>Partial chunks MUST NOT <bcp14>MUST NOT</bcp14> be placed in an SCTP packet.
A partial chunk is a chunk that is not completely contained in the SCTP packet;
i.e., the SCTP packet is too short to contain all the bytes of the chunk as
indicated by the chunk length.</t>
<t>An endpoint MUST <bcp14>MUST</bcp14> process received chunks in their order in the packet.
The receiver uses the Chunk Length field to determine the end of a chunk
and beginning of the next chunk chunk, taking account of the
fact that all chunks end on a 4-byte boundary.
If the receiver detects a partial chunk, it MUST <bcp14>MUST</bcp14> drop the chunk.</t>
<t>An endpoint MUST NOT <bcp14>MUST NOT</bcp14> bundle INIT, INIT ACK, or SHUTDOWN COMPLETE chunks
with any other chunks.</t>
</section>
</section>

<section anchor='sec_congestion_control'>
<name>Congestion Control</name>

<t>Congestion control is one of the basic functions in SCTP.
To manage congestion, the mechanisms and algorithms in this section are to be
employed.</t>
<t>Implementation Note: As far as its specific performance requirements
are met, an implementation is always allowed to adopt a more conservative
congestion control algorithm than the one defined below.</t>
<t>The congestion control algorithms used by SCTP are based on
<xref target='RFC5681'/>. target="RFC5681"/>.
This section describes how the algorithms defined in <xref target='RFC5681'/> target="RFC5681"/>
are adapted for use in SCTP.
We first list differences in protocol designs between TCP and SCTP, SCTP and then
describe SCTP's congestion control scheme.
The description will use the same terminology as in TCP congestion control
whenever appropriate.</t>
<t>SCTP congestion control is always applied to the entire association, association
and not to individual streams.</t>

<section anchor='sec_sctp_differences_from_tcp_congestion_control'>
<name>SCTP Differences from TCP Congestion Control</name>

<t>Gap Ack Blocks in the SCTP SACK chunk carry the same semantic meaning as the
TCP SACK.
TCP considers the information carried in the SACK as advisory information only.
SCTP considers the information carried in the Gap Ack Blocks in the SACK chunk
as advisory.
In SCTP, any DATA chunk that has been acknowledged by a SACK chunk, including
DATA that arrived at the receiving end out of order, is not considered fully
delivered until the Cumulative TSN Ack Point passes the TSN of the DATA chunk
(i.e., the DATA chunk has been acknowledged by the Cumulative TSN Ack
field in the SACK chunk).
Consequently, the value of cwnd controls the amount of outstanding data,
rather than (as in the case of non-SACK TCP) the upper bound between the
highest acknowledged sequence number and the latest DATA chunk that can be
sent within the congestion window.
SCTP SACK leads to different implementations of Fast Retransmit and Fast
Recovery than non-SACK TCP.
As an example, see <xref target='FALL96'/>.</t>
<t>The biggest difference between SCTP and TCP, however, is multi-homing.
SCTP is designed to establish robust communication associations between
two endpoints endpoints, each of which might be reachable by more than one transport address.
Potentially different addresses might lead to different data paths between the
two endpoints;
thus, ideally ideally, one needs a separate set of congestion control parameters for
each of the paths.
The treatment here of congestion control for multi-homed receivers is new with
SCTP and might require refinement in the future.
The current algorithms make the following assumptions:</t>
<ul>
<li><t>The sender usually uses the same destination address until being instructed
by the upper layer to do otherwise; however, SCTP MAY <bcp14>MAY</bcp14> change to an alternate
destination in the event an address is marked inactive
(see <xref target='sec_path_failure_detection'/>).
Also, SCTP MAY <bcp14>MAY</bcp14> retransmit to a different transport address than the original
transmission.</t></li>
<li><t>The sender keeps a separate congestion control parameter set for each of
the destination addresses it can send to (not each source-destination pair but
for each destination).
The parameters SHOULD <bcp14>SHOULD</bcp14> decay if the address is not used for a long enough time
period.
<xref target='RFC5681'/> target="RFC5681"/> specifies this period of time as a retransmission
timeout.</t></li>
<li><t>For each of the destination addresses, an endpoint does slow start upon
the first transmission to that address.</t></li>
</ul>
<t>Note: TCP guarantees in-sequence delivery of data to its upper-layer
protocol within a single TCP session.
This means that when TCP notices a gap in the received sequence number, it
waits until the gap is filled before delivering the data that was received
with sequence numbers higher than that of the missing data.
On the other hand, SCTP can deliver data to its upper-layer protocol protocol, even if
there is a gap in TSN if the Stream Sequence Numbers are in sequence for a
particular stream (i.e., the missing DATA chunks are for a different stream)
or if unordered delivery is indicated.
Although this does not affect cwnd, it might affect rwnd calculation.</t>
</section>

<section anchor='sec_sctp_slow_start_and_congestion_avoidance'>
<name>SCTP Slow-Start and Congestion Avoidance</name>

<t>The slow-start and congestion avoidance algorithms MUST <bcp14>MUST</bcp14> be used by an
endpoint to control the amount of data being injected into the network.
The congestion control in SCTP is employed in regard to the association, not
to an individual stream.
In some situations, it might be beneficial for an SCTP sender to be more
conservative than the algorithms allow;
however, an SCTP sender MUST NOT <bcp14>MUST NOT</bcp14> be more aggressive than the following
algorithms allow.</t>
<t>Like TCP, an SCTP endpoint uses the following three control variables
to regulate its transmission rate.</t>
<ul>
<li><t>Receiver advertised window size (rwnd, in bytes), which is set by the
receiver based on its available buffer space for incoming packets.</t>
<t>Note: This variable is kept on the entire association.</t></li>
<li><t>Congestion control window (cwnd, in bytes), which is adjusted by the sender
based on observed network conditions.</t>
<t>Note: This variable is maintained on a per-destination-address basis.</t></li>
<li><t>Slow-start threshold (ssthresh, in bytes), which is used by the
sender to distinguish slow-start and congestion avoidance phases.</t>
<t>Note: This variable is maintained on a per-destination-address basis.</t></li>
</ul>
<t>SCTP also requires one additional control variable, partial_bytes_acked,
which is used during the congestion avoidance phase to facilitate cwnd
adjustment.</t>

<t>Unlike TCP, an SCTP sender MUST <bcp14>MUST</bcp14> keep a set of these the control variables
cwnd, ssthresh, and partial_bytes_acked for EACH destination address
of its peer (when its peer is multi-homed).
When calculating one of these variables, the length of the DATA chunk chunk, including
the padding SHOULD padding, <bcp14>SHOULD</bcp14> be used.</t>
<t>Only one rwnd is kept for the whole association (no matter if the peer is
multi-homed or has a single address).</t>

<section anchor='sec_slow_start'>
<name>Slow-Start</name>

<t>Beginning data transmission into a network with unknown conditions or
after a sufficiently long idle period requires SCTP to probe the
network to determine the available capacity.
The slow-start algorithm is used for this purpose at the beginning of a
transfer,
transfer or after repairing loss detected by the retransmission timer.</t>
<ul>
<li><t>The initial cwnd before data transmission MUST <bcp14>MUST</bcp14> be set to
min(4 * PMDCS, max(2 * PMDCS, 4404)) bytes if the peer address is an IPv4 address
and to min(4 * PMDCS, max(2 * PMDCS, 4344)) bytes if the peer address is an
IPv6 address.</t></li>
<li><t>The initial cwnd after a retransmission timeout MUST <bcp14>MUST</bcp14> be no more than
PMDCS, and only one packet is allowed to be in flight until successful
acknowledgement.</t></li>
<li><t>The initial value of ssthresh SHOULD <bcp14>SHOULD</bcp14> be arbitrarily high (e.g.,
the size of the largest possible largest-possible advertised window).</t></li>
<li><t>Whenever cwnd is greater than zero, the endpoint is allowed to have cwnd
bytes of data outstanding on that transport address.
A limited overbooking as described in rule B in
<xref target='sec_transmission_of_data_chunks'/> B) SHOULD <bcp14>SHOULD</bcp14> be supported.</t></li>
<li><t>When cwnd is less than or equal to ssthresh, an SCTP endpoint MUST <bcp14>MUST</bcp14>
use the slow-start algorithm to increase cwnd only if the current
congestion window is being fully utilized, utilized and the data sender is not in
Fast Recovery.
Only when these two conditions are met can the cwnd be increased;
otherwise, the cwnd MUST NOT <bcp14>MUST NOT</bcp14> be increased.
If these conditions are met, then cwnd MUST <bcp14>MUST</bcp14> be increased by, at most, the
lesser of</t>
<ol>
<li><t>the total size of the previously outstanding DATA chunk(s) acknowledged, acknowledged and</t></li>
<li><t>L times the destination's PMDCS.</t></li>
</ol>
<t>The first upper bound protects against the ACK-Splitting attack outlined in
<xref target='SAVAGE99'/>.
The positive integer L SHOULD <bcp14>SHOULD</bcp14> be 1, 1 and MAY <bcp14>MAY</bcp14> be larger than 1.
See <xref target='RFC3465'/> target="RFC3465"/> for details of choosing L.
</t>
<t>In instances where its peer endpoint is multi-homed, if an endpoint
receives a SACK chunk that results in updating the cwnd, then it SHOULD <bcp14>SHOULD</bcp14> update
its cwnd (or cwnds) apportioned to the destination addresses to which it
transmitted the acknowledged data.</t></li>
<li><t>While the endpoint does not transmit data on a given transport address,
the cwnd of the transport address SHOULD <bcp14>SHOULD</bcp14> be adjusted to max(cwnd / 2, 4 * PMDCS)
once per RTO.
Before the first cwnd adjustment, the ssthresh of the transport address SHOULD <bcp14>SHOULD</bcp14>
be set to the cwnd.</t></li>
</ul>
</section>

<section anchor='sec_congestion_avoidance'>
<name>Congestion Avoidance</name>

<t>When cwnd is greater than ssthresh, cwnd SHOULD <bcp14>SHOULD</bcp14> be incremented by PMDCS per
RTT if the sender has cwnd or more bytes of data outstanding for the
corresponding transport address.
The basic recommendations for incrementing cwnd during congestion avoidance
are as follows:</t>
<ul>
<li><t>SCTP MAY <bcp14>MAY</bcp14> increment cwnd by PMDCS.</t></li>
<li><t>SCTP SHOULD <bcp14>SHOULD</bcp14> increment cwnd by PMDCS once per RTT when the sender has cwnd
or more bytes of data outstanding for the corresponding transport address.</t></li>
<li><t>SCTP MUST NOT <bcp14>MUST NOT</bcp14> increment cwnd by more than PMDCS per RTT.</t></li>
</ul>
<t>In practice, an implementation can achieve this goal in the following way:</t>
<ul>
<li><t>partial_bytes_acked is initialized to 0.</t></li>
<li><t>Whenever cwnd is greater than ssthresh, upon each SACK chunk arrival,
increase partial_bytes_acked by the total number of bytes (including the chunk
header and the padding) of all new DATA chunks acknowledged in that SACK chunk,
including chunks acknowledged by the new Cumulative TSN Ack, by Gap Ack Blocks,
and by the number of bytes of duplicated chunks reported in
Duplicate TSNs.</t></li>
<li><t>When (1) partial_bytes_acked is greater than cwnd and (2) before the arrival
of the SACK chunk the sender had less than cwnd bytes of data outstanding (i.e.,
before the arrival of the SACK chunk, flightsize was less than cwnd), reset
partial_bytes_acked to cwnd.</t></li>
<li><t>When (1) partial_bytes_acked is equal to or greater than cwnd and (2) before
the arrival of the SACK chunk the sender had cwnd or more bytes of data outstanding
(i.e., before the arrival of the SACK chunk, flightsize was greater than or equal to
cwnd), partial_bytes_acked is reset to (partial_bytes_acked - cwnd).
Next, cwnd is increased by PMDCS.</t></li>
<li><t>Same as in the slow start, when the sender does not transmit DATA chunks
on a given transport address, the cwnd of the transport address SHOULD <bcp14>SHOULD</bcp14> be
adjusted to max(cwnd / 2, 4 * PMDCS) per RTO.</t></li>
<li><t>When all of the data transmitted by the sender has been acknowledged by the
receiver, partial_bytes_acked is initialized to 0.</t></li>
</ul>
</section>

<section anchor='sec_congestion_control_sub'>
<name>Congestion Control</name>

<t>Upon detection of packet losses from SACK chunks
(see <xref target='sec_fast_retransmit_on_gap_reports'/>), an endpoint SHOULD <bcp14>SHOULD</bcp14>
do the following:</t>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
ssthresh = max(cwnd / 2, 4 * PMDCS)
cwnd = ssthresh
partial_bytes_acked = 0
</sourcecode>
]]></sourcecode>
<t>Basically, a packet loss causes cwnd to be cut in half.</t>

<t>When the T3-rtx timer expires on an address, SCTP SHOULD <bcp14>SHOULD</bcp14> perform slow start
by:</t>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
ssthresh = max(cwnd / 2, 4 * PMDCS)
cwnd = PMDCS
partial_bytes_acked = 0
</sourcecode>
]]></sourcecode>
<t>and ensure that no more than one SCTP packet will be in flight for that address
until the endpoint receives acknowledgement for successful delivery of data to
that address.</t>
</section>

<section anchor='sec_fast_retransmit_on_gap_reports'>
<name>Fast Retransmit on Gap Reports</name>

<t>In the absence of data loss, an endpoint performs delayed acknowledgement.
However, whenever an endpoint notices a hole in the arriving TSN sequence, it
SHOULD
<bcp14>SHOULD</bcp14> start sending a SACK chunk back every time a packet arrives carrying data
until the hole is filled.</t>
<t>Whenever an endpoint receives a SACK chunk that indicates that some TSNs are
missing, it SHOULD <bcp14>SHOULD</bcp14> wait for two further miss indications (via subsequent SACK
chunks for a total of three missing reports) on the same TSNs before taking
action with regard to Fast Retransmit.</t>
<t>Miss indications SHOULD <bcp14>SHOULD</bcp14> follow the HTNA (Highest Highest TSN Newly Acknowledged) Acknowledged (HTNA)
algorithm.
For each incoming SACK chunk, miss indications are incremented only for
missing TSNs prior to the highest TSN newly acknowledged HTNA in the SACK chunk.
A newly acknowledged DATA chunk is one not previously acknowledged in a
SACK chunk.
If an endpoint is in Fast Recovery and a SACK chunks arrives that advances the
Cumulative TSN Ack Point, the miss indications are incremented for all TSNs
reported missing in the SACK chunk.</t>

<t>When the third consecutive miss indication is received for a TSN(s), one or more TSNs,
the data sender does the following:</t>
<ol type='%d)'>
<li><t>Mark the DATA chunk(s) with three miss indications for retransmission.</t></li>
<li><t>If not in Fast Recovery, adjust the ssthresh and cwnd of the destination
address(es) to which the missing DATA chunks were last sent, according to the
formula described in <xref target='sec_congestion_control_sub'/>.</t></li>
<li><t>If not in Fast Recovery, determine how many of the earliest
(i.e., lowest TSN) DATA chunks marked for retransmission will fit
into a single packet, subject to constraint of the PMTU of
the destination transport address to which the packet is being sent.
Call this value K.
Retransmit those K DATA chunks in a single packet.
When a Fast Retransmit is being performed, the sender SHOULD <bcp14>SHOULD</bcp14> ignore the value
of cwnd and SHOULD NOT <bcp14>SHOULD NOT</bcp14> delay retransmission for this single packet.</t></li>
<li><t>Restart the T3-rtx timer only if the last SACK chunk acknowledged the
lowest outstanding TSN number sent to that address, address or the endpoint is
retransmitting the first outstanding DATA chunk sent to that address.</t></li>
<li><t>Mark the DATA chunk(s) as being fast retransmitted and thus ineligible for a
subsequent Fast Retransmit.  Those TSNs marked for retransmission due to the Fast-Retransmit algorithm that
did not fit in the sent datagram carrying K other TSNs are also marked as
ineligible for a subsequent Fast Retransmit.
However, as they are marked for retransmission retransmission, they will be retransmitted
later on as soon as cwnd allows.</t></li>
<li><t>If not in Fast Recovery, enter Fast Recovery and mark the highest
outstanding TSN as the Fast Recovery exit point.
When a SACK chunk acknowledges all TSNs up to and including this exit point,
Fast Recovery is exited.
While in Fast Recovery, the ssthresh and cwnd SHOULD NOT <bcp14>SHOULD NOT</bcp14> change for any
destinations due to a subsequent Fast Recovery event (i.e., one SHOULD NOT <bcp14>SHOULD NOT</bcp14>
reduce the cwnd further due to a subsequent Fast Retransmit).</t></li>
</ol>
<t>Note: Before the above adjustments, if the received SACK chunk also
acknowledges new DATA chunks and advances the Cumulative TSN Ack Point,
the cwnd adjustment rules defined in Sections <xref target='sec_slow_start'/> target='sec_slow_start' format='counter'/> and
<xref target='sec_congestion_avoidance'/> MUST target='sec_congestion_avoidance' format ='counter'/> <bcp14>MUST</bcp14> be applied first.</t>
</section>

<section>
<name>Reinitialization</name>

<t>During the lifetime of an SCTP association association, events can happen, which happen that result
in using the network under unknown new conditions.
When detected by an SCTP implementation, the congestion control MUST <bcp14>MUST</bcp14> be
reinitialized.</t>

<section>
<name>Change of Differentiated Services Code Points</name>

<t>SCTP implementations MAY <bcp14>MAY</bcp14> allow an application to configure the
Differentiated Services Code Point (DSCP) used for sending packets.
If a DSCP change might result in outgoing packets being queued in
different queues, the congestion control parameters for all affected
destination addresses MUST <bcp14>MUST</bcp14> be reset to their initial values.</t>
</section>

<section>
<name>Change of Routes</name>
<t>SCTP implementations MAY <bcp14>MAY</bcp14> be aware of routing changes affecting packets
sent to a destination address.
In particular, this includes the selection of a different source address used
for sending packets to a destination address.
If such a routing change happens, the congestion control parameters for the
affected destination addresses MUST <bcp14>MUST</bcp14> be reset to their initial values.</t>
</section>
</section>
</section>

<section anchor='sec_path_mtu_discovery'>
<name>PMTU Discovery</name>

<t><xref target='RFC8899'/>, target="RFC8899"/>,
<xref target='RFC8201'/>, target="RFC8201"/>, and <xref target='RFC1191'/> target="RFC1191"/> specify
"Packetization Layer Path MTU Discovery",
whereby an endpoint maintains an estimate of PMTU along a given Internet path
and refrains from sending packets along that path that exceed the PMTU, other
than occasional attempts to probe for a change in the PMTU.
<xref target='RFC8899'/> target="RFC8899"/> is thorough in its
discussion of the PMTU discovery mechanism and strategies for determining the
current end-to-end PMTU setting as well as detecting changes in this value.</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> apply these techniques, techniques and SHOULD <bcp14>SHOULD</bcp14> do so on a
per-destination-address basis.</t>
<t>There are two important SCTP-specific points regarding PMTU discovery:</t>
<ol type='%d)'>
<li><t>SCTP associations can span multiple addresses.
An endpoint MUST <bcp14>MUST</bcp14> maintain separate PMTU estimates for each destination address
of its peer.</t></li>
<li><t>The sender SHOULD <bcp14>SHOULD</bcp14> track an AMDCS that will be the
smallest PMDCS discovered for all of the peer's destination addresses.
When fragmenting messages into multiple parts parts, this AMDCS SHOULD <bcp14>SHOULD</bcp14>
be used to calculate the size of each DATA chunk.
This will allow retransmissions to be seamlessly sent to an alternate address
without encountering IP fragmentation.</t></li>
</ol>
</section>
</section>

<section anchor='sec_fault_management'>
<name>Fault Management</name>

<section anchor='sec_endpoint_failure_detection'>
<name>Endpoint Failure Detection</name>

<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> keep a counter on the total number of consecutive
retransmissions to its peer (this includes data retransmissions to all the
destination transport addresses of the peer if it is multi-homed), including
the number of unacknowledged HEARTBEAT chunks observed on the path that is
currently used for data transfer.
Unacknowledged HEARTBEAT chunks observed on paths different from the
path currently used for data transfer SHOULD NOT <bcp14>SHOULD NOT</bcp14> increment the association
error counter, as this could lead to association closure even if the path
that is currently used for data transfer is available (but idle).
If the value of this counter exceeds the limit indicated in the protocol
parameter 'Association.Max.Retrans', the endpoint SHOULD <bcp14>SHOULD</bcp14> consider the peer
endpoint unreachable and SHALL <bcp14>SHALL</bcp14> stop transmitting any more data to it
(and thus the association enters the CLOSED state).
In addition, the endpoint SHOULD <bcp14>SHOULD</bcp14> report the failure to the upper layer and
optionally report back all outstanding user data remaining in its outbound
queue.
The association is automatically closed when the peer endpoint becomes
unreachable.</t>
<t>The counter used for endpoint failure detection MUST <bcp14>MUST</bcp14> be reset each time a
DATA chunk sent to that peer endpoint is acknowledged (by the reception of
a SACK chunk).
When a HEARTBEAT ACK chunk is received from the peer endpoint, the counter
SHOULD
<bcp14>SHOULD</bcp14> also be reset.
The receiver of the HEARTBEAT ACK chunk MAY <bcp14>MAY</bcp14> choose not to clear the counter
if there is outstanding data on the association.
This allows for handling the possible difference in reachability based on
DATA chunks and HEARTBEAT chunks.</t>
</section>

<section anchor='sec_path_failure_detection'>
<name>Path Failure Detection</name>

<t>When its peer endpoint is multi-homed, an endpoint SHOULD <bcp14>SHOULD</bcp14> keep an
error counter for each of the destination transport addresses of the
peer endpoint.</t>
<t>Each time the T3-rtx timer expires on any address, or when a
HEARTBEAT chunk sent to an idle address is not acknowledged within an RTO,
the error counter of that destination address will be incremented.
When the value in the error counter exceeds the protocol parameter
'Path.Max.Retrans' of that destination address, the endpoint SHOULD <bcp14>SHOULD</bcp14>
mark the destination transport address as inactive, and a
notification SHOULD <bcp14>SHOULD</bcp14> be sent to the upper layer.</t>
<t>When an outstanding TSN is acknowledged or a HEARTBEAT chunk sent to that
address is acknowledged with a HEARTBEAT ACK chunk, the endpoint SHOULD <bcp14>SHOULD</bcp14>
clear the error counter of the destination transport address to which
the DATA chunk was last sent (or HEARTBEAT chunk was sent) and SHOULD <bcp14>SHOULD</bcp14> also
report to the upper layer when an inactive destination address is
marked as active.
When the peer endpoint is multi-homed and the last chunk sent to it was a
retransmission to an alternate address, there exists an ambiguity as
 to whether or not the acknowledgement could be credited to the
address of the last chunk sent.
However, this ambiguity does not seem to have significant consequences for
SCTP behavior.
If this ambiguity is undesirable, the transmitter MAY <bcp14>MAY</bcp14> choose not to clear the
error counter if the last chunk sent was a retransmission.</t>
<t>Note: When configuring the SCTP endpoint, the user ought to avoid having the
value of 'Association.Max.Retrans' larger than the summation of the
'Path.Max.Retrans' of all the destination addresses for the remote endpoint.
Otherwise, all the destination addresses might become inactive while the endpoint
still considers the peer endpoint reachable.
When this condition occurs, how SCTP chooses to function is implementation
specific.</t>
<t>When the primary path is marked inactive (due to excessive retransmissions,
for instance), the sender MAY <bcp14>MAY</bcp14> automatically transmit new packets to an
alternate destination address if one exists and is active.
If more than one alternate address is active when the primary path is marked
inactive, only ONE transport address SHOULD <bcp14>SHOULD</bcp14> be chosen and used as the new
destination transport address.</t>
</section>

<section anchor='sec_path_heartbeat'>
<name>Path Heartbeat</name>

<t>By default, an SCTP endpoint SHOULD <bcp14>SHOULD</bcp14> monitor the reachability of the
idle destination transport address(es) of its peer by sending a
HEARTBEAT chunk periodically to the destination transport address(es).
The sending of HEARTBEAT chunks MAY <bcp14>MAY</bcp14> begin upon reaching the ESTABLISHED state
and is discontinued after sending either a SHUTDOWN chunk or SHUTDOWN ACK chunk.
A receiver of a HEARTBEAT chunks MUST chunk <bcp14>MUST</bcp14> respond to a HEARTBEAT chunk with a
HEARTBEAT ACK chunk after entering the COOKIE-ECHOED state (sender of the
INIT chunk) or the ESTABLISHED state (receiver of the INIT chunk), up until
reaching the SHUTDOWN-SENT state (sender of the SHUTDOWN chunk)
or the SHUTDOWN-ACK-SENT state (receiver of the SHUTDOWN chunk).</t>
<t>A destination transport address is considered "idle" if no new chunk
that can be used for updating path RTT (usually including first transmission
DATA, INIT, COOKIE ECHO, or HEARTBEAT chunks, etc.) and no HEARTBEAT chunk
has been sent to it within the current heartbeat period of that address.
This applies to both active and inactive destination addresses.</t>
<t>The upper layer can optionally initiate the following functions:</t>
<ol type='%C)'>
<li><t>Disable heartbeat on a specific destination transport address of a
given association,</t></li>
<li><t>Change the 'HB.interval',</t></li>
<li><t>Re-enable heartbeat on a specific destination transport address of a given
association, and</t></li>
<li><t>Request the sending of an on-demand HEARTBEAT chunk on a specific
destination transport address of a given association.</t></li>
</ol>
<t>The endpoint SHOULD <bcp14>SHOULD</bcp14> increment the respective error counter of the destination
transport address each time a HEARTBEAT chunk is sent to that address and not
acknowledged within one RTO.</t>
<t>When the value of this counter exceeds the protocol parameter
'Path.Max.Retrans', the endpoint SHOULD <bcp14>SHOULD</bcp14> mark the corresponding destination
address as inactive if it is not so marked and SHOULD <bcp14>SHOULD</bcp14> also report to
the upper layer the change in reachability of this destination address.
After this, the endpoint SHOULD <bcp14>SHOULD</bcp14> continue sending HEARTBEAT chunks on this
destination address but SHOULD <bcp14>SHOULD</bcp14> stop increasing the counter.</t>
<t>The sender of the HEARTBEAT chunk SHOULD <bcp14>SHOULD</bcp14> include in the Heartbeat Information
field of the chunk the current time when the packet is sent and the
destination address to which the packet is sent.</t>
<t>Implementation Note: An alternative implementation of the heartbeat
mechanism that can be used is to increment the error counter variable every time
a HEARTBEAT chunk is sent to a destination.
Whenever a HEARTBEAT ACK chunk arrives, the sender SHOULD <bcp14>SHOULD</bcp14> clear the error
counter of the destination that the HEARTBEAT chunk was sent to.
This
This, in effect effect, would clear the previously stroked error (and any other error
counts as well).</t>
<t>The receiver of the HEARTBEAT chunk SHOULD <bcp14>SHOULD</bcp14> immediately respond with a
HEARTBEAT ACK chunk that contains the Heartbeat Information TLV, together with
any other received TLVs, copied unchanged from the received HEARTBEAT chunk.</t>
<t>Upon the receipt of the HEARTBEAT ACK chunk, the sender of the HEARTBEAT
chunk SHOULD <bcp14>SHOULD</bcp14> clear the error counter of the destination transport address
to which the HEARTBEAT chunk was sent and mark the destination transport
address as active if it is not so marked.
The endpoint SHOULD <bcp14>SHOULD</bcp14> report to the upper layer when an inactive
destination address is marked as active due to the reception of the latest
HEARTBEAT ACK chunk.
The receiver of the HEARTBEAT ACK chunk SHOULD <bcp14>SHOULD</bcp14> also clear the association
overall error count (as defined in
<xref target='sec_endpoint_failure_detection'/>).</t>
<t>The receiver of the HEARTBEAT ACK chunk SHOULD <bcp14>SHOULD</bcp14> also perform an RTT
measurement for that destination transport address using the time value carried
in the HEARTBEAT ACK chunk.</t>
<t>On an idle destination address that is allowed to heartbeat, it is
RECOMMENDED
<bcp14>RECOMMENDED</bcp14> that a HEARTBEAT chunk is sent once per RTO of that destination
address plus the protocol parameter 'HB.interval', with jittering of +/- 50% of
the RTO value, value and exponential backoff of the RTO if the previous HEARTBEAT
chunk is unanswered.</t>
<t>A primitive is provided for the SCTP user to change the 'HB.interval' and turn
on or off the heartbeat on a given destination address.
The 'HB.interval' set by the SCTP user is added to the RTO of that
destination (including any exponential backoff).
Only one heartbeat SHOULD <bcp14>SHOULD</bcp14> be sent each time the heartbeat timer expires (if
multiple destinations are idle).
It is an implementation decision on how to choose which of the candidate idle
destinations to heartbeat to (if more than one destination is idle).</t>
<t>When tuning the 'HB.interval', there is a side effect that
SHOULD
<bcp14>SHOULD</bcp14> be taken into account.
When this value is increased, i.e., the time between the sending of HEARTBEAT
chunks is longer, the detection of lost ABORT chunks takes longer as well.
If a peer endpoint sends an ABORT chunk for any reason and the ABORT chunk is
lost, the local endpoint will only discover the lost ABORT chunk by sending a
DATA chunk or HEARTBEAT chunk (thus causing the peer to send another ABORT chunk).
This is to be considered when tuning the heartbeat timer.
If the sending of HEARTBEAT chunks is disabled, only sending DATA chunks to the
association will discover a lost ABORT chunk from the peer.</t>
</section>

<section anchor='sec_handle_out_of_the_blue_packets'>
<name>Handle "Out of the Blue" Packets</name>

<t>An SCTP packet is called an "out "Out of the blue" Blue" (OOTB) packet if it is
correctly formed (i.e., passed the receiver's CRC32c check;
see <xref target='sec_crc32c_checksum_calculation'/>),
but the receiver is not able to identify the association to which this
packet belongs.</t>
<t>The receiver of an OOTB packet does the following:</t>
<ol type='%d)'>
<li><t>If the OOTB packet is to or from a non-unicast address, a receiver SHOULD <bcp14>SHOULD</bcp14>
silently discard the packet.
Otherwise,</t></li>
<li><t>If the OOTB packet contains an ABORT chunk, the receiver MUST <bcp14>MUST</bcp14> silently
discard the OOTB packet and take no further action.
Otherwise,</t></li>

<li><t>If the packet contains an INIT chunk with a Verification Tag set
to 0, it SHOULD <bcp14>SHOULD</bcp14> be processed as described in
<xref target='sec_normal_establishment'/>.
If, for whatever reason, the INIT chunk cannot be processed normally and an
ABORT chunk has to be sent in response, the Verification Tag of the packet
containing the ABORT chunk MUST <bcp14>MUST</bcp14> be the Initiate Tag of the received INIT chunk,
and the T bit of the ABORT chunk has to be set to 0, indicating that the
Verification Tag is not reflected.
Otherwise,</t></li>
<li><t>If the packet contains a COOKIE ECHO chunk as the first chunk, it MUST <bcp14>MUST</bcp14> be
processed as described in <xref target='sec_normal_establishment'/>.
Otherwise,</t></li>
<li><t>If the packet contains a SHUTDOWN ACK chunk, the receiver SHOULD <bcp14>SHOULD</bcp14> respond to
the sender of the OOTB packet with a SHUTDOWN COMPLETE chunk.
When sending the SHUTDOWN COMPLETE chunk, the receiver of the OOTB packet MUST <bcp14>MUST</bcp14>
fill in the Verification Tag field of the outbound packet with the
Verification Tag received in the SHUTDOWN ACK chunk and set the T bit in the
Chunk Flags to indicate that the Verification Tag is reflected.
Otherwise,</t></li>
<li><t>If the packet contains a SHUTDOWN COMPLETE chunk, the receiver SHOULD <bcp14>SHOULD</bcp14>
silently discard the packet and take no further action.
Otherwise,</t></li>
<li><t>If the packet contains a an ERROR chunk with the "Stale Cookie" error cause
or a COOKIE ACK chunk, the SCTP packet SHOULD <bcp14>SHOULD</bcp14> be silently discarded.
Otherwise,</t></li>
<li><t>The receiver SHOULD <bcp14>SHOULD</bcp14> respond to the sender of the OOTB packet with an
ABORT chunk.
When sending the ABORT chunk, the receiver of the OOTB packet MUST <bcp14>MUST</bcp14> fill in the
Verification Tag field of the outbound packet with the value found in the
Verification Tag field of the OOTB packet and set the T bit in the Chunk Flags
to indicate that the Verification Tag is reflected.
After sending this ABORT chunk, the receiver of the OOTB packet MUST <bcp14>MUST</bcp14> discard the
OOTB packet and MUST NOT <bcp14>MUST NOT</bcp14> take any further action.</t></li>
</ol>
</section>

<section anchor='sec_verification_tag'>
<name>Verification Tag</name>

<t>The Verification Tag rules defined in this section apply when sending or
receiving SCTP packets that do not contain an INIT, SHUTDOWN COMPLETE,
COOKIE ECHO (see <xref target='sec_normal_establishment'/>),
ABORT, or SHUTDOWN ACK chunk.
The rules for sending and receiving SCTP packets containing one of these chunk
types are discussed separately in
<xref target='sec_exceptions_in_verification_tag_rules'/>.</t>
<t>When sending an SCTP packet, the endpoint MUST <bcp14>MUST</bcp14> fill in the Verification Tag
field of the outbound packet with the tag value in the Initiate Tag parameter
of the INIT or INIT ACK chunk received from its peer.</t>
<t>When receiving an SCTP packet, the endpoint MUST <bcp14>MUST</bcp14> ensure that the value in
the Verification Tag field of the received SCTP packet matches its own tag.
If the received Verification Tag value does not match the receiver's own tag
value, the receiver MUST <bcp14>MUST</bcp14> silently discard the packet and MUST NOT <bcp14>MUST NOT</bcp14> process it
any further further, except for those cases listed in
<xref target='sec_exceptions_in_verification_tag_rules'/> below.</t>

<section anchor='sec_exceptions_in_verification_tag_rules'>
<name>Exceptions in Verification Tag Rules</name>

<dl newline="true">
<dt>A) Rules for packets carrying an INIT chunk:</dt>
<dd>
<ul>
<li><t>The
<li>The sender MUST <bcp14>MUST</bcp14> set the Verification Tag of the packet to 0.</t></li>
<li><t>When 0.</li>
<li>When an endpoint receives an SCTP packet with the Verification Tag set to 0,
it SHOULD <bcp14>SHOULD</bcp14> verify that the packet contains only an INIT chunk.
Otherwise, the receiver MUST <bcp14>MUST</bcp14> silently discard the packet.</t></li> packet.</li>
</ul>
</dd>
<dt>B) Rules for packets carrying an ABORT chunk:</dt>
<dd>
<ul>
<li><t>The
<li>The endpoint MUST <bcp14>MUST</bcp14> always fill in the Verification Tag field of the outbound
packet with the destination endpoint's tag value, value if it is known.</t></li>
<li><t>If known.</li>
<li>If the ABORT chunk is sent in response to an OOTB packet, the endpoint
MUST
<bcp14>MUST</bcp14> follow the procedure described in
<xref target='sec_handle_out_of_the_blue_packets'/>.</t></li>
<li><t>The target='sec_handle_out_of_the_blue_packets'/>.</li>
<li>The receiver of an ABORT chunk MUST <bcp14>MUST</bcp14> accept the packet if the
Verification Tag field of the packet matches its own tag and the T bit is not
set OR if it is set to its peer's tag Peer's Tag and the T bit is set in the Chunk Flags.
Otherwise, the receiver MUST <bcp14>MUST</bcp14> silently discard the packet and take no further
action.</t></li>
action.</li>
</ul>
</dd>
<dt>C) Rules for packets carrying a SHUTDOWN COMPLETE chunk:</dt>
<dd>
<ul>
<li><t>When
<li>When sending a SHUTDOWN COMPLETE chunk, if the receiver of the
SHUTDOWN ACK chunk has a TCB, then the destination endpoint's tag MUST <bcp14>MUST</bcp14> be used, used
and the T bit MUST NOT <bcp14>MUST NOT</bcp14> be set.
Only where no TCB exists SHOULD <bcp14>SHOULD</bcp14> the sender use the Verification Tag from the
SHUTDOWN ACK chunk, chunk and MUST <bcp14>MUST</bcp14> set the T bit.</t></li>
<li><t>The bit.</li>
<li>The receiver of a SHUTDOWN COMPLETE chunk accepts the packet if the
Verification Tag field of the packet matches its own tag and the T bit is not
set OR if it is set to its peer's tag Peer's Tag and the T bit is set in the Chunk Flags.
Otherwise, the receiver MUST <bcp14>MUST</bcp14> silently discard the packet and take no further
action.
An endpoint MUST <bcp14>MUST</bcp14> ignore the SHUTDOWN COMPLETE chunk if it is not in the
SHUTDOWN-ACK-SENT state.</t></li> state.</li>
</ul>
</dd>
<dt>D) Rules for packets carrying a COOKIE ECHO chunk:</dt>
<dd>
<ul>
<li><t>When
<li>When sending a COOKIE ECHO chunk, the endpoint MUST <bcp14>MUST</bcp14> use the value of the
Initiate Tag received in the INIT ACK chunk.</t></li>
<li><t>The chunk.</li>
<li>The receiver of a COOKIE ECHO chunk follows the procedures in
<xref target='sec_assoc_initialization'/>.</t></li> target='sec_assoc_initialization'/>.</li>
</ul>
</dd>
<dt>E) Rules for packets carrying a SHUTDOWN ACK chunk:</dt>
<dd>
<ul>
<li><t>If
<li>If the receiver is in COOKIE-ECHOED or COOKIE-WAIT state state, the procedures
in <xref target='sec_handle_out_of_the_blue_packets'/> SHOULD <bcp14>SHOULD</bcp14> be followed;
in other words, it is treated as an OOTB packet.</t></li> packet.</li>
</ul>
</dd>
</dl>
</section>
</section>
</section>

<section anchor='sec_assoc_termination'>
<name>Termination of Association</name>

<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> terminate its association when it exits from service.
An association can be terminated by either abort or shutdown.
An abort of an association is abortive by definition in that any data pending
on either end of the association is discarded and not delivered to the peer.
A shutdown of an association is considered a graceful close where all data in
queue by either endpoint is delivered to the respective peers.
However, in the case of a shutdown, SCTP does not support a half-open state
(like TCP) TCP), wherein one side might continue sending data while the other end is
closed.
When either endpoint performs a shutdown, the association on each peer will
stop accepting new data from its user and only deliver data in queue at the time
of sending or receiving the SHUTDOWN chunk.</t>

<section anchor='sec_abort_of_an_association'>
<name>Abort of an Association</name>

<t>When an endpoint decides to abort an existing association, it MUST <bcp14>MUST</bcp14> send an
ABORT chunk to its peer endpoint.
The sender MUST <bcp14>MUST</bcp14> fill in the peer's Verification Tag in the outbound packet and
MUST NOT
<bcp14>MUST NOT</bcp14> bundle any DATA chunk with the ABORT chunk.
If the association is aborted on request of the upper layer, a
"User-Initiated Abort" error cause
(see <xref target='sec_user_initiated_abort_cause'/>) SHOULD <bcp14>SHOULD</bcp14> be present in
the ABORT chunk.</t>
<t>An endpoint MUST NOT <bcp14>MUST NOT</bcp14> respond to any received packet that contains an ABORT
chunk (also see <xref target='sec_handle_out_of_the_blue_packets'/>).</t>
<t>An endpoint receiving an ABORT chunk MUST <bcp14>MUST</bcp14> apply the special Verification Tag check
rules described in <xref target='sec_exceptions_in_verification_tag_rules'/>.</t>
<t>After checking the Verification Tag, the receiving endpoint MUST <bcp14>MUST</bcp14> remove the
association from its record and SHOULD <bcp14>SHOULD</bcp14> report the termination to its upper
layer.
If a "User-Initiated Abort" error cause is present in the ABORT chunk, the Upper
Layer Abort Reason SHOULD <bcp14>SHOULD</bcp14> be made available to the upper layer.</t>
</section>

<section anchor='sec_shutdown_of_an_association'>
<name>Shutdown of an Association</name>

<t>Using the SHUTDOWN primitive (see <xref target='sec_ulp_to_sctp'/>), the
upper layer of an endpoint in an association can gracefully close the
association.
This will allow all outstanding DATA chunks from the peer of the
shutdown initiator to be delivered before the association terminates.</t>
<t>Upon receipt of the SHUTDOWN primitive from its upper layer, the endpoint
enters the SHUTDOWN-PENDING state and remains there until all outstanding data
has been acknowledged by its peer.
The endpoint accepts no new data from its upper layer, layer but retransmits data to
the peer endpoint if necessary to fill gaps.</t>
<t>Once all its outstanding data has been acknowledged, the endpoint sends
a SHUTDOWN chunk to its peer peer, including in the Cumulative TSN Ack field the last
sequential TSN it has received from the peer.
It SHOULD <bcp14>SHOULD</bcp14> then start the T2-shutdown timer and enter the SHUTDOWN-SENT state.
If the timer expires, the endpoint MUST <bcp14>MUST</bcp14> resend the SHUTDOWN chunk with the
updated last sequential TSN received from its peer.</t>
<t>The rules in <xref target='sec_management_of_retransission_timer'/> MUST <bcp14>MUST</bcp14> be
followed to determine the proper timer value for T2-shutdown.
To indicate any gaps in TSN, the endpoint MAY <bcp14>MAY</bcp14> also bundle a SACK chunk with the
SHUTDOWN chunk in the same SCTP packet.</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> limit the number of retransmissions of the SHUTDOWN chunk
to the protocol parameter 'Association.Max.Retrans'.
If this threshold is exceeded, the endpoint SHOULD <bcp14>SHOULD</bcp14> destroy the TCB and SHOULD <bcp14>SHOULD</bcp14>
report the peer endpoint unreachable to the upper layer (and thus the
association enters the CLOSED state).
The reception of any packet from its peer (i.e., as the peer sends all of its
queued DATA chunks) SHOULD <bcp14>SHOULD</bcp14> clear the endpoint's retransmission count and restart
the T2-shutdown timer, giving its peer ample opportunity to transmit all of its
queued DATA chunks that have not yet been sent.</t>
<t>Upon reception of the SHUTDOWN chunk, the peer endpoint does the following:</t>
<ul>
<li><t>enter the SHUTDOWN-RECEIVED state,</t></li>
<li><t>stop accepting new data from its SCTP user, and</t></li>
<li><t>verify, by checking the Cumulative TSN Ack field of the chunk, that all its
outstanding DATA chunks have been received by the SHUTDOWN chunk sender.</t></li>
</ul>
<t>Once an endpoint has reached the SHUTDOWN-RECEIVED state, it MUST <bcp14>MUST</bcp14> ignore
ULP shutdown requests but MUST <bcp14>MUST</bcp14> continue responding to SHUTDOWN chunks from its
peer.</t>
<t>If there are still outstanding DATA chunks left, the SHUTDOWN chunk receiver
MUST
<bcp14>MUST</bcp14> continue to follow normal data transmission procedures defined in
<xref target='sec_user_data_transfer'/>, until all outstanding DATA chunks are
acknowledged; however, the SHUTDOWN chunk receiver MUST NOT <bcp14>MUST NOT</bcp14> accept new data
from its SCTP user.</t>
<t>While in the SHUTDOWN-SENT state, the SHUTDOWN chunk sender MUST <bcp14>MUST</bcp14> immediately
respond to each received packet containing one or more DATA chunks with a
SHUTDOWN chunk and restart the T2-shutdown timer.
If a SHUTDOWN chunk by itself cannot acknowledge all of the received DATA chunks
(i.e., there are TSNs that can be acknowledged that are larger than the
cumulative TSN, TSN and thus gaps exist in the TSN sequence), sequence) or  if duplicate TSNs
have been received, then a SACK chunk MUST <bcp14>MUST</bcp14> also be sent.</t>
<t>The sender of the SHUTDOWN chunk MAY <bcp14>MAY</bcp14> also start an overall guard timer
T5-shutdown-guard to bound the overall time for the shutdown sequence.
At the expiration of this timer, the sender SHOULD <bcp14>SHOULD</bcp14> abort the association by
sending an ABORT chunk. If the T5-shutdown-guard timer is used, it SHOULD <bcp14>SHOULD</bcp14>
be set to the RECOMMENDED <bcp14>RECOMMENDED</bcp14> value of 5 times 'RTO.Max'.</t>
<t>If the receiver of the SHUTDOWN chunk has no more outstanding DATA chunks,
the SHUTDOWN chunk receiver MUST <bcp14>MUST</bcp14> send a SHUTDOWN ACK chunk and start a
T2-shutdown timer of its own, entering the SHUTDOWN-ACK-SENT state.
If the timer expires, the endpoint MUST <bcp14>MUST</bcp14> resend the SHUTDOWN ACK chunk.</t>
<t>The sender of the SHUTDOWN ACK chunk SHOULD <bcp14>SHOULD</bcp14> limit the number of
retransmissions of the SHUTDOWN ACK chunk to the protocol parameter
'Association.Max.Retrans'.
If this threshold is exceeded, the endpoint SHOULD <bcp14>SHOULD</bcp14> destroy the TCB and SHOULD <bcp14>SHOULD</bcp14>
report the peer endpoint unreachable to the upper layer (and thus the
association enters the CLOSED state).</t>
<t>Upon the receipt of the SHUTDOWN ACK chunk, the sender of the SHUTDOWN chunk
MUST
<bcp14>MUST</bcp14> stop the T2-shutdown timer, send a SHUTDOWN COMPLETE chunk to its peer, and
remove all record of the association.</t>
<t>Upon reception of the SHUTDOWN COMPLETE chunk, the endpoint verifies that
it is in the SHUTDOWN-ACK-SENT state;
if it is not, the chunk SHOULD <bcp14>SHOULD</bcp14> be discarded.
If the endpoint is in the SHUTDOWN-ACK-SENT state, the endpoint SHOULD <bcp14>SHOULD</bcp14> stop
the T2-shutdown timer and remove all knowledge of the association (and thus the
association enters the CLOSED state).</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> ensure that all its outstanding DATA chunks have been
acknowledged before initiating the shutdown procedure.</t>
<t>An endpoint SHOULD <bcp14>SHOULD</bcp14> reject any new data request from its upper layer if it is
in the SHUTDOWN-PENDING, SHUTDOWN-SENT, SHUTDOWN-RECEIVED, or SHUTDOWN-ACK-SENT
state.</t>
<t>If an endpoint is in the SHUTDOWN-ACK-SENT state and receives an INIT
chunk (e.g., if the SHUTDOWN COMPLETE chunk was lost) with source and destination
transport addresses (either in the IP addresses or in the INIT chunk) that
belong to this association, it SHOULD <bcp14>SHOULD</bcp14> discard the INIT chunk and retransmit
the SHUTDOWN ACK chunk.</t>
<t>Note: Receipt of a packet containing an INIT chunk with the same source and
destination IP addresses as used in transport addresses assigned to an endpoint
but with a different port number indicates the initialization of a separate
association.</t>
<t>The sender of the INIT or COOKIE ECHO chunk SHOULD <bcp14>SHOULD</bcp14> respond to the receipt of
a SHUTDOWN ACK chunk with a stand-alone SHUTDOWN COMPLETE chunk in an
SCTP packet with the Verification Tag field of its common header set to the
same tag that was received in the packet containing the SHUTDOWN ACK chunk.
This is considered an OOTB packet as defined in
<xref target='sec_handle_out_of_the_blue_packets'/>.
The sender of the INIT chunk lets T1-init continue running and remains in the
COOKIE-WAIT or COOKIE-ECHOED state.
Normal T1-init timer expiration will cause the INIT or COOKIE chunk to be
retransmitted and thus start a new association.</t>
<t>If a SHUTDOWN chunk is received in the COOKIE-WAIT or COOKIE ECHOED state,
the SHUTDOWN chunk SHOULD <bcp14>SHOULD</bcp14> be silently discarded.</t>
<t>If an endpoint is in the SHUTDOWN-SENT state and receives a SHUTDOWN chunk
from its peer, the endpoint SHOULD <bcp14>SHOULD</bcp14> respond immediately with a SHUTDOWN ACK chunk
to its peer, peer and move into the SHUTDOWN-ACK-SENT state state, restarting its
T2-shutdown timer.</t>
<t>If an endpoint is in the SHUTDOWN-ACK-SENT state and receives a SHUTDOWN ACK,
it MUST <bcp14>MUST</bcp14> stop the T2-shutdown timer, send a SHUTDOWN COMPLETE chunk to its peer,
and remove all record of the association.</t>
</section>
</section>

<section anchor='sec_icmp'>
<name>ICMP Handling</name>

<t>Whenever an ICMP message is received by an SCTP endpoint, the following
procedures MUST <bcp14>MUST</bcp14> be followed to ensure proper utilization of the information
being provided by layer 3.</t>
<ol type='ICMP%d)'>
<li><t>An implementation MAY <bcp14>MAY</bcp14> ignore all ICMPv4 messages where the type field is not
set to "Destination Unreachable".</t></li>
<li><t>An implementation MAY <bcp14>MAY</bcp14> ignore all ICMPv6 messages where the type field is
not "Destination Unreachable", "Parameter Problem", or "Packet Too Big".</t></li>
<li><t>An implementation SHOULD <bcp14>SHOULD</bcp14> ignore any ICMP messages where the code indicates
"Port Unreachable".</t></li>
<li><t>An implementation MAY <bcp14>MAY</bcp14> ignore all ICMPv6 messages of type "Parameter Problem"
if the code is not "Unrecognized Next Header Type Encountered".</t></li>
<li><t>An implementation MUST <bcp14>MUST</bcp14> use the payload of the ICMP message (v4 or v6) to
locate the association that sent the message to which ICMP is responding.
If the association cannot be found, an implementation SHOULD <bcp14>SHOULD</bcp14> ignore the
ICMP message.</t></li>
<li><t>An implementation MUST <bcp14>MUST</bcp14> validate that the Verification Tag contained in the
ICMP message matches the Verification Tag of the peer.
If the Verification Tag is not 0 and does not match, discard the ICMP message.
If it is 0 and the ICMP message contains enough bytes to verify that the
chunk type is an INIT chunk and that the Initiate Tag matches the tag of the
peer, continue with ICMP7.
If the ICMP message is too short or the chunk type or the Initiate Tag does
not match, silently discard the packet.</t></li>
<li><t>If the ICMP message is either an ICMPv6 message of type "Packet Too Big"
or an ICMPv4 message of type "Destination Unreachable" and code
"Fragmentation Needed", an implementation SHOULD <bcp14>SHOULD</bcp14> process this information as
defined for PMTU discovery.</t></li>
<li><t>If the ICMP code is an "Unrecognized Next Header Type Encountered" or
a
"Protocol Unreachable", an implementation MUST <bcp14>MUST</bcp14> treat this message as an abort
with the T bit set if it does not contain an INIT chunk.
If it does contain an INIT chunk and the association is in the
COOKIE-WAIT state, handle the ICMP message like an ABORT chunk.</t></li>
<li><t>If the ICMP type is "Destination Unreachable", the implementation MAY <bcp14>MAY</bcp14> move
the destination to the unreachable state or, alternatively, increment the
path error counter.
SCTP MAY <bcp14>MAY</bcp14> provide information to the upper layer indicating the reception of
ICMP messages when reporting a network status change.</t></li>
</ol>
<t>These procedures differ from <xref target='RFC1122'/> target="RFC1122"/> and from its
requirements for processing of port-unreachable messages and the requirements
that an implementation MUST <bcp14>MUST</bcp14> abort associations in response to a
"protocol unreachable"
protocol unreachable message.

Port-unreachable messages are not processed, since an implementation will send
an ABORT chunk, not a port unreachable. port-unreachable message. The stricter handling of the
"protocol unreachable"
protocol unreachable message is due to security concerns for hosts that do
not support SCTP.</t>
</section>

<section anchor='sec_api'>
<name>Interface with Upper Layer</name>

<t>The Upper Layer Protocols (ULPs) request services by passing primitives
to SCTP and receive notifications from SCTP for various events.</t>
<t>The primitives and notifications described in this section can be
used as a guideline for implementing SCTP.
The following functional description of ULP interface primitives is shown for
illustrative purposes.
Different SCTP implementations can have different ULP interfaces.
However, all SCTP implementations are expected to provide a certain minimum set
of services to guarantee that all SCTP implementations can support the same
protocol hierarchy.</t>
<t>Please note that this section is informational only.</t>
<t><xref target='RFC6458'/> target="RFC6458"/> and the Socket API Considerations Section <xref target="RFC7053" section ="7" sectionFormat="bare">"Socket API Considerations"</xref> of <xref target='RFC7053'/> target="RFC7053"/> define an extension of the socket API for SCTP as
described in this document.</t>
<section anchor='sec_ulp_to_sctp'>
<name>ULP-to-SCTP</name>

<t>The following sections functionally characterize a ULP/SCTP interface.
The notation used is similar to most procedure or function calls in high-level
languages.</t>
<t>The ULP primitives described below specify the basic functions that
SCTP performs to support inter-process communication.
Individual implementations define their own exact format, format and provide
combinations or subsets of the basic functions in single calls.</t>
<section>
<name>Initialize</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
INITIALIZE ([local port],[local eligible address list])
-> local SCTP instance name
</sourcecode>
]]></sourcecode>
<t>This primitive allows SCTP to initialize its internal data structures
and allocate necessary resources for setting up its operation
environment.
Once SCTP is initialized, ULP can communicate directly with other endpoints
without re-invoking this primitive.</t>
<t>SCTP will return a local SCTP instance name to the ULP.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>local port:</dt>
<dd><t>SCTP
<dd>SCTP port number, if ULP wants it to be specified.</t></dd> specified.</dd>
<dt>local eligible address list:</dt>
<dd><t>an
<dd>an address list that the local SCTP endpoint binds.
By default, if an address list is not included, all IP addresses assigned to
the host are used by the local endpoint.</t></dd> endpoint.</dd>
</dl>
</dd>
</dl>
<t>Implementation Note: If this optional attribute is supported by an
implementation, it will be the responsibility of the implementation
to enforce that the IP source address field of any SCTP packets sent
by this endpoint contains one of the IP addresses indicated in the local
eligible address list.</t>
</section>

<section anchor='sec_associate'>
<name>Associate</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
ASSOCIATE(local SCTP instance name,
initial destination transport addr list, outbound stream count)
-> association id [,destination transport addr list]
[,outbound stream count]
</sourcecode>
]]></sourcecode>
<t>This primitive allows the upper layer to initiate an association to a specific
peer endpoint.</t>
<t>The peer endpoint is specified by one or more of the transport
addresses that defines the endpoint (see <xref target='sec_key_terms'/>).
If the local SCTP instance has not been initialized, the ASSOCIATE is considered
an error.</t>
<t>An association id, which is a local handle to the SCTP association,
will be returned on successful establishment of the association.
If SCTP is not able to open an SCTP association with the peer endpoint,
an error is returned.</t>
<t>Other association parameters can be returned, including the complete
destination transport addresses of the peer as well as the outbound
stream count of the local endpoint.
One of the transport addresses from the returned destination addresses will
be selected by the local endpoint as the default primary path for sending
SCTP packets to this peer.
The returned "destination transport addr list" can be used by the ULP to change
the default primary path or to force sending a packet to a specific
transport address.</t>
<t>Implementation Note: If the ASSOCIATE primitive is implemented as a
blocking function call, the ASSOCIATE primitive can return
association parameters in addition to the association id upon
successful establishment.
If ASSOCIATE primitive is implemented as a non-blocking call, only the
association id is returned and association parameters are passed
using the COMMUNICATION UP notification.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>local SCTP instance name:</dt>
<dd><t>obtained
<dd>obtained from the INITIALIZE operation.</t></dd> operation.</dd>
<dt>initial destination transport addr list:</dt>
<dd><t>a
<dd>a non-empty list of transport addresses of the peer endpoint with which
the association is to be established.</t></dd> established.</dd>
<dt>outbound stream count:</dt>
<dd><t>the
<dd>the number of outbound streams the ULP would like to open towards this
peer endpoint.</t></dd> endpoint.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>

<section>

<section anchor="sec_shutdown">
<name>Shutdown</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
SHUTDOWN(association id) -> result
</sourcecode>
]]></sourcecode>
<t>Gracefully closes an association.
Any locally queued user data will be delivered to the peer.
The association will be terminated only after the peer acknowledges all the
SCTP packets sent.
A success code will be returned on successful termination of the association.
If attempting to terminate the association results in a failure, an error code
is returned.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>

<section>
<name>Abort</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
ABORT(association id [, Upper Layer Abort Reason]) -> result
</sourcecode>
]]></sourcecode>
<t>Ungracefully closes an association.
Any locally queued user data will be discarded, and an ABORT chunk is sent to
the peer.
A success code will be returned on successful abort of the association.
If attempting to abort the association results in a failure, an error code
is returned.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>Upper Layer Abort Reason:</dt>
<dd><t>reason
<dd>reason of the abort to be passed to the peer.</t></dd> peer.</dd>
</dl>
</dd>
</dl>
</section>

<section anchor='sec_send'>
<name>Send</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
SEND(association id, buffer address, byte count [,context]
[,stream id] [,life time] [,destination transport address]
[,unordered flag] [,no-bundle flag] [,payload protocol-id]
[,sack-immediately flag]) -> result
</sourcecode>
]]></sourcecode>
<t>This is the main method to send user data via SCTP.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>buffer address:</dt>
<dd><t>the
<dd>the location where the user message to be transmitted is stored.</t></dd> stored.</dd>
<dt>byte count:</dt>
<dd><t>the
<dd>the size of the user data in number of bytes.</t></dd> bytes.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>context:</dt>
<dd><t>an optional
<dd>optional information provided that will be carried in the sending
failure SEND FAILURE
notification to the ULP if the transportation of this user message
fails.</t></dd> fails.</dd>
<dt>stream id:</dt>
<dd><t>to indicate
<dd>indicates which stream to send the data on.
If not specified, stream 0 will be used.</t></dd> used.</dd>
<dt>life time:</dt>
<dd><t>specifies the life time of the user data.
The user data will not be sent by SCTP after the life time expires.
This parameter can be used to avoid efforts to transmit stale user messages.
SCTP notifies the ULP if the data cannot be initiated to transport (i.e., sent
to the destination via SCTP's SEND primitive) within the life time variable.
However, the user data will be transmitted if SCTP has attempted to transmit
a chunk before the life time expired.</t>
<t>Implementation Note: In order to better support the data life time
option, the transmitter can hold back the assigning of the TSN number
to an outbound DATA chunk to the last moment.
And, for implementation simplicity, once a TSN number has been assigned assigned, the
sender considers the send of this DATA chunk as committed,
overriding any life time option attached to the DATA chunk.</t></dd>
<dt>destination transport address:</dt>
<dd><t>specified
<dd>specified as one of the destination transport addresses of the peer endpoint
to which this packet is sent.
Whenever possible, SCTP uses this destination transport address for
sending the packets, instead of the current primary path.</t></dd> path.</dd>
<dt>unordered flag:</dt>
<dd><t>this
<dd>this flag, if present, indicates that the user would like the data delivered
in an unordered fashion to the peer (i.e., the U flag is set to 1 on all DATA
chunks carrying this message).</t></dd> message).</dd>
<dt>no-bundle flag:</dt>
<dd><t>instructs
<dd>instructs SCTP not to delay the sending of DATA chunks for this user data
just to allow it to be bundled with other outbound DATA chunks.
When faced with network congestion, SCTP might still bundle the data, even when
this flag is present.</t></dd> present.</dd>
<dt>payload protocol-id:</dt>
<dd><t>a
<dd>a 32-bit unsigned integer that is to be passed to the peer peer, indicating the type
of payload protocol data being transmitted.
Note that the upper layer is responsible for the host to network byte order
conversion of this field, which is passed by SCTP as 4 bytes of opaque
data.</t></dd>
data.</dd>
<dt>sack-immediately flag:</dt>
<dd><t>set
<dd>set the I bit on the last DATA chunk used for the user message to be
transmitted.</t></dd>
transmitted.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Set Primary</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
SETPRIMARY(association id, destination transport address,
[source transport address]) -> result
</sourcecode>
]]></sourcecode>
<t>Instructs the local SCTP to use the specified destination transport address as
the primary path for sending packets.</t>
<t>The result of attempting this operation is returned.
If the specified destination transport address is not present in the
"destination transport address list" returned earlier in an associate
command ASSOCIATE
primitive or communication up COMMUNICATION UP notification, an error is returned.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>specified
<dd>specified as one of the transport addresses of the peer endpoint, which is
used as the primary address for sending packets.
This overrides the current primary address information maintained by the
local SCTP endpoint.</t></dd> endpoint.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>source transport address:</dt>
<dd><t>optionally,
<dd>optionally, some implementations can allow you to set the default source address
placed in all outgoing IP datagrams.</t></dd> datagrams.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Receive</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
RECEIVE(association id, buffer address, buffer size [,stream id])
-> byte count [,transport address] [,stream id]
[,stream sequence number] [,partial flag] [,payload protocol-id]
</sourcecode>
]]></sourcecode>
<t>This primitive reads the first user message in the SCTP in-queue
into the buffer specified by ULP, if there is one available.
The size of the message read, in bytes, will be returned.
It might, depending on the specific implementation, also return other
information
information, such as the sender's address, the stream id on which it
is received, whether there are more messages available for retrieval,
etc.
For ordered messages, their Stream Sequence Number might also be returned.</t>
<t>Depending upon the implementation, if this primitive is invoked when no
message is available available, the implementation returns an indication of this condition
or blocks the invoking process until data does become available.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association</t></dd> association.</dd>
<dt>buffer address:</dt>
<dd><t>the
<dd>the memory location indicated by the ULP to store the received message.</t></dd> message.</dd>
<dt>buffer size:</dt>
<dd><t>the
<dd>the maximum size of data to be received, in bytes.</t></dd> bytes.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>stream id:</dt>
<dd><t>to
<dd>to indicate which stream to receive the data on.</t></dd> on.</dd>
<dt>stream sequence number:</dt>
<dd><t>the
<dd>the Stream Sequence Number assigned by the sending SCTP peer.</t></dd> peer.</dd>
<dt>partial flag:</dt>
<dd><t>if
<dd>if this returned flag is set to 1, then this primitive contains a partial
delivery of the whole message.
When this flag is set, the stream id and stream sequence number
accompanies this primitive.
When this flag is set to 0, it indicates that no more deliveries will be
received for this stream sequence number.</t></dd> number.</dd>
<dt>payload protocol-id:</dt>
<dd><t>a
<dd>a 32-bit unsigned integer that is received from the peer indicating the type
of payload protocol of the received data.
Note that the upper layer is responsible for the host to network byte order
conversion of this field, which is passed by SCTP as 4 bytes of opaque
data.</t></dd>
data.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Status</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
STATUS(association id) -> status data
</sourcecode>
]]></sourcecode>
<t>This primitive returns a data block containing the following information:</t>
<ul>
<li><t>association connection state,</t></li>
<li><t>destination transport address list,</t></li>
<li><t>destination transport address reachability states,</t></li>
<li><t>current receiver window size,</t></li>
<li><t>current congestion window sizes,</t></li>
<li><t>number of unacknowledged DATA chunks,</t></li>
<li><t>number of DATA chunks pending receipt,</t></li>
<li><t>primary path,</t></li>
<li><t>most recent SRTT on primary path,</t></li>
<li><t>RTO on primary path,</t></li>
<li><t>SRTT and RTO on other destination addresses, etc.</t></li>
</ul>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>

<section>
<name>Change Heartbeat</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
CHANGE HEARTBEAT(association id, destination transport address,
new state [,interval]) -> result
</sourcecode>
]]></sourcecode>
<t>Instructs the local endpoint to enable or disable heartbeat on the
specified destination transport address.</t>
<t>The result of attempting this operation is returned.</t>
<t>Note: Even when enabled, heartbeat will not take place if the destination
transport address is not idle.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>specified
<dd>specified as one of the transport addresses of the peer endpoint.</t></dd> endpoint.</dd>
<dt>new state:</dt>
<dd><t>the
<dd>the new state of heartbeat for this destination transport address
(either enabled or disabled).</t></dd> disabled).</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>interval:</dt>
<dd><t>if
<dd>if present, indicates the frequency of the heartbeat if this is to enable
heartbeat on a destination transport address.
This value is added to the RTO of the destination transport address.
This value, if present, affects all destinations.</t></dd> destinations.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Request Heartbeat</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
REQUESTHEARTBEAT(association id, destination transport address)
-> result
</sourcecode>
]]></sourcecode>
<t>Instructs the local endpoint to perform a heartbeat on the specified
destination transport address of the given association.
The returned result indicates whether the transmission of the HEARTBEAT
chunk
chunk to the destination address is successful.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>the
<dd>the transport address of the association on which a heartbeat is issued.</t></dd> issued.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>

<section>
<name>Get SRTT Report</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
GETSRTTREPORT(association id, destination transport address)
-> srtt result
</sourcecode>
]]></sourcecode>
<t>Instructs the local SCTP to report the current SRTT measurement on the
specified destination transport address of the given association.
The returned result can be an integer containing the most recent SRTT in
milliseconds.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>the
<dd>the transport address of the association on which the SRTT measurement is to
be reported.</t></dd> reported.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>

<section>
<name>Set Failure Threshold</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
SETFAILURETHRESHOLD(association id, destination transport address,
failure threshold) -> result
</sourcecode>
]]></sourcecode>
<t>This primitive allows the local SCTP to customize the reachability failure
detection threshold 'Path.Max.Retrans' for the specified destination address.
Note that this can also be done using the SETPROTOCOLPARAMETERS primitive
(<xref target='sec_set_protocol_parameters'/>).</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>the
<dd>the transport address of the association on which the failure detection
threshold is to be set.</t></dd> set.</dd>
<dt>failure threshold:</dt>
<dd><t>the
<dd>the new value of 'Path.Max.Retrans' for the destination address.</t></dd> address.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
</dl>
</section>

<section anchor='sec_set_protocol_parameters'>
<name>Set Protocol Parameters</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
SETPROTOCOLPARAMETERS(association id,
[destination transport address,] protocol parameter list)
-> result
</sourcecode>
]]></sourcecode>
<t>This primitive allows the local SCTP to customize the protocol parameters.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>protocol parameter list:</dt>
<dd><t>the
<dd>the specific names and values of the protocol parameters
(e.g., 'Association.Max.Retrans' (see <xref target='sec_parameter_values'/>), target='sec_parameter_values'/>)
or other parameters like the DSCP) that the SCTP user wishes to customize.</t></dd> customize.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>destination transport address:</dt>
<dd><t>some
<dd>some of the protocol parameters might be set on a per destination transport
address basis.</t></dd> per-destination-transport-address basis.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Receive Unsent Message</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
RECEIVE_UNSENT(data retrieval id, buffer address, buffer size
[,stream id] [, stream sequence number] [,partial flag]
[,payload protocol-id])
</sourcecode>
]]></sourcecode>
<t>This primitive reads a user message, which message that has never been sent, sent
into the buffer specified by ULP.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>data retrieval id:</dt>
<dd><t>the
<dd>the identification passed to the ULP in the failure notification.</t></dd> SEND FAILURE notification.</dd>
<dt>buffer address:</dt>
<dd><t>the
<dd>the memory location indicated by the ULP to store the received message.</t></dd> message.</dd>
<dt>buffer size:</dt>
<dd><t>the
<dd>the maximum size of data to be received, in bytes.</t></dd> bytes.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>stream id:</dt>
<dd><t>this
<dd>this is a return value that is set to indicate which stream the data was
sent to.</t></dd> to.</dd>
<dt>stream sequence number:</dt>
<dd><t>this
<dd>this value is returned returned, indicating the Stream Sequence Number that was
associated with the message.</t></dd> message.</dd>
<dt>partial flag:</dt>
<dd><t>if
<dd>if this returned flag is set to 1, then this message is a partial delivery of
the whole message.
When this flag is set, the stream id and stream sequence number
accompanies this primitive.
When this flag is set to 0, it indicates that no more deliveries will be
received for this stream sequence number.</t></dd> number.</dd>
<dt>payload protocol-id:</dt>
<dd><t>The 32 bit
<dd>The 32-bit unsigned integer that was set to be sent to the peer peer, indicating
the type of payload protocol of the received data.</t></dd> data.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Receive Unacknowledged Message</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
RECEIVE_UNACKED(data retrieval id, buffer address, buffer size,
[,stream id] [,stream sequence number] [,partial flag]
[,payload protocol-id])
</sourcecode>
]]></sourcecode>
<t>This primitive reads a user message, which message that has been sent and has not been
acknowledged by the peer, peer into the buffer specified by ULP.</t>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>data retrieval id:</dt>
<dd><t>the
<dd>the identification passed to the ULP in the failure notification.</t></dd> SEND FAILURE notification.</dd>
<dt>buffer address:</dt>
<dd><t>the
<dd>the memory location indicated by the ULP to store the received message.</t></dd> message.</dd>
<dt>buffer size:</dt>
<dd><t>the
<dd>the maximum size of data to be received, in bytes.</t></dd> bytes.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>stream id:</dt>
<dd><t>this
<dd>this is a return value that is set to indicate which stream the data was sent
to.</t></dd>
to.</dd>
<dt>stream sequence number:</dt>
<dd><t>this
<dd>this value is returned returned, indicating the Stream Sequence Number that was
associated with the message.</t></dd> message.</dd>
<dt>partial flag:</dt>
<dd><t>if
<dd>if this returned flag is set to 1, then this message is a partial delivery of
the whole message.
When this flag is set, the stream id and stream sequence number
accompanies this primitive.
When this flag is set to 0, it indicates that no more deliveries will be
received for this stream sequence number.</t></dd> number.</dd>
<dt>payload protocol-id:</dt>
<dd><t>the
<dd>the 32-bit unsigned integer that was sent to the peer indicating the type of
payload protocol of the received data.</t></dd> data.</dd>
</dl>
</dd>
</dl>
</section>

<section>
<name>Destroy SCTP Instance</name>
<sourcecode>
<sourcecode type="pseudocode"><![CDATA[
DESTROY(local SCTP instance name)
</sourcecode>
]]></sourcecode>
<dl newline="true">
<dt>Mandatory attributes:</dt>
<dd>
<dl>
<dl newline="false">
<dt>local SCTP instance name:</dt>
<dd><t>this
<dd>this is the value that was passed to
the application in the initialize primitive and it indicates which
SCTP instance is to be destroyed.</t></dd> destroyed.</dd>
</dl>
</dd>
<dt>Optional attributes:</dt>
<dd>
<t>None.</t>
</dd>
<dd>None.</dd>
</dl>
</section>
</section>

<section anchor='sec_sctp_to_ulp'>
<name>SCTP-to-ULP</name>

<t>It is assumed that the operating system or application environment
provides a means for the SCTP to asynchronously signal the ULP process.
When SCTP does signal a ULP process, certain information is passed to
the ULP.</t>
<t>Implementation Note: In some cases, this might be done through a separate
socket or error channel.</t>

<section>
<name>DATA ARRIVE Notification</name>
<t>SCTP invokes this notification on the ULP when a user message is
successfully received and ready for retrieval.</t>
<t>The following might optionally be passed with the notification:</t>
<dl>
  <dt>association id:</dt><dd><t>local id:</dt>
  <dd>local handle to the SCTP association.</t></dd> association.</dd>
  <dt>stream id:</dt><dd><t>to id:</dt>
  <dd>to indicate which stream the data is received on.</t></dd> on.</dd>
</dl>
</section>

<section>
<name>SEND FAILURE Notification</name>
<t>If a message cannot be delivered, SCTP invokes this notification
on the ULP.</t>
<t>The following might optionally be passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>data retrieval id:</dt>
<dd><t>an
<dd>an identification used to retrieve unsent and unacknowledged data.</t></dd> data.</dd>
<dt>mode:</dt>
<dd><t>Indicate
<dd>indicates whether no part of the message never has been sent or if at
least part of it has been sent but it is not completely acknowledged.</t></dd> acknowledged.</dd>
<dt>cause code:</dt>
<dd><t>indicating
<dd>indicating the reason of the failure, e.g., size too
large, message life time expiration, etc.</t></dd> etc.</dd>
<dt>context:</dt>
<dd><t>optional
<dd>optional information associated with this message
(see <xref target='sec_send'/>).</t></dd> target='sec_send'/>).</dd>
</dl>
</section>

<section>
<name>NETWORK STATUS CHANGE Notification</name>
<t>When a destination transport address is marked inactive (e.g., when SCTP
detects a failure) or marked active (e.g., when SCTP detects a recovery),
SCTP invokes this notification on the ULP.</t>
<t>The following is passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>destination transport address:</dt>
<dd><t>this
<dd>this indicates the destination
transport address of the peer endpoint affected by the change.</t></dd> change.</dd>
<dt>new-status:</dt>
<dd><t>this
<dd>this indicates the new status.</t></dd> status.</dd>
</dl>
</section>

<section>
<name>COMMUNICATION UP Notification</name>
<t>This notification is used when SCTP becomes ready to send or receive
user messages, messages or when a lost communication to an endpoint is restored.</t>
<t>Implementation Note: If the ASSOCIATE primitive is implemented as a
blocking function call, the association parameters are returned as a
result of the ASSOCIATE primitive itself.
In that case, the COMMUNICATION UP notification is optional at the association
initiator's side.</t>
<t>The following is passed with the notification:</t>
<dl>
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>status:</dt>
<dd><t>This
<dd>this indicates what type of event has occurred.</t></dd> occurred.</dd>
<dt>destination transport address list:</dt>
<dd><t>the
<dd>the complete set of transport addresses of the peer.</t></dd> peer.</dd>
<dt>outbound stream count:</dt>
<dd><t>the
<dd>the maximum number of streams allowed to be used in this association by the ULP.</t></dd> ULP.</dd>
<dt>inbound stream count:</dt>
<dd><t>the
<dd>the number of streams the peer endpoint has requested
with this association (this might not be the same number as
'outbound stream count').</t></dd> count').</dd>
</dl>
</section>

<section>
<name>COMMUNICATION LOST Notification</name>
<t>When SCTP loses communication to an endpoint completely (e.g., via Heartbeats)
or detects that the endpoint has performed an abort operation, it invokes
this notification on the ULP.</t>
<t>The following is passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>status:</dt>
<dd><t>this
<dd>this indicates what type of event has occurred;
the status might indicate that a failure OR a normal termination event occurred
in response to a shutdown or abort request.</t></dd> request.</dd>
</dl>
<t>The following might be passed with the notification:</t>
<dl>
<dl newline="false">
<dt>last-acked:</dt>
<dd><t>the
<dd>the TSN last acked by that peer endpoint.</t></dd> endpoint.</dd>
<dt>last-sent:</dt>
<dd><t>the
<dd>the TSN last sent to that peer endpoint.</t></dd> endpoint.</dd>
<dt>Upper Layer Abort Reason:</dt>
<dd><t>the
<dd>the abort reason specified in case of a
user-initiated abort.</t></dd> abort.</dd>
</dl>
</section>

<section>
<name>COMMUNICATION ERROR Notification</name>
<t>When SCTP receives an ERROR chunk from its peer and decides to notify its ULP,
it can invoke this notification on the ULP.</t>
<t>The following can be passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
<dt>error info:</dt>
<dd><t>this
<dd>this indicates the type of error and optionally some additional
information received through the ERROR chunk.</t></dd> chunk.</dd>
</dl>
</section>

<section>
<name>RESTART Notification</name>
<t>When SCTP detects that the peer has restarted, it might send this notification
to its ULP.</t>
<t>The following can be passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
</dl>
</section>

<section>
<name>SHUTDOWN COMPLETE Notification</name>
<t>When SCTP completes the shutdown procedures
(<xref target='sec_shutdown_of_an_association'/>), this notification is passed
to the upper layer.</t>
<t>The following can be passed with the notification:</t>
<dl>
<dl newline="false">
<dt>association id:</dt>
<dd><t>local
<dd>local handle to the SCTP association.</t></dd> association.</dd>
</dl>
</section>
</section>
</section>

<section anchor='sec_security'>
<name>Security Considerations</name>

<section anchor='sec_security_objectives'>
<name>Security Objectives</name>

<t>As a common transport protocol designed to reliably carry time-sensitive
user messages, such as billing or signaling messages for telephony services,
between two networked endpoints, SCTP has the following security objectives.</t> objectives:</t>
<ul>
<li><t>availability
<li>availability of reliable and timely data transport services</t></li>
<li><t>integrity services</li>
<li>integrity of the user-to-user information carried by SCTP</t></li> SCTP</li>
</ul>
</section>

<section anchor='sctp_responses_to_potential_threats'>
<name>SCTP Responses to Potential Threats</name>

<t>SCTP could potentially be used in a wide variety of risk situations.
It is important for operators of systems running SCTP to analyze
their particular situations and decide on the appropriate counter-measures.</t>
<t>Operators of systems running SCTP might consult <xref target='RFC2196'/> target="RFC2196"/> for
guidance in securing their site.</t>

<section>
<name>Countering Insider Attacks</name>

<t>The principles of <xref target='RFC2196'/> target="RFC2196"/> might be applied to minimize the
risk of theft of information or sabotage by insiders.
Such procedures include publication of security policies, control of access at
the physical, software, and network levels, and separation of services.</t>
</section>

<section>
<name>Protecting against Data Corruption in the Network</name>

<t>Where the risk of undetected errors in datagrams delivered by the lower-layer
transport services is considered to be too great, additional integrity
protection is required.
If this additional protection were provided in the application layer, the
SCTP header would remain vulnerable to deliberate integrity attacks.
While the existing SCTP mechanisms for detection of packet replays are
considered sufficient for normal operation, stronger protections are needed to
protect SCTP when the operating environment contains significant risk of
deliberate attacks from a sophisticated adversary.</t>
<t>The SCTP Authentication extension SCTP-AUTH <xref target='RFC4895'/> MAY target="RFC4895"/> <bcp14>MAY</bcp14> be
used when the threat environment requires stronger integrity protections, protections
but does not require confidentiality.</t>
</section>

<section>
<name>Protecting Confidentiality</name>

<t>In most cases, the risk of breach of confidentiality applies to the
signaling data payload, not to the SCTP or lower-layer protocol overheads.
If that is true, encryption of the SCTP user data only might be considered.
As with the supplementary checksum service, user data encryption MAY <bcp14>MAY</bcp14> be
performed by the SCTP user application.
<xref target='RFC6083'/> MAY target="RFC6083"/> <bcp14>MAY</bcp14> be used for this.
Alternately, the user application MAY <bcp14>MAY</bcp14> use an implementation-specific API to
request that the IP Encapsulating Security Payload (ESP)
<xref target='RFC4303'/> target="RFC4303"/> be used to provide confidentiality and integrity.</t>
<t>Particularly for mobile users, the requirement for confidentiality might
include the masking of IP addresses and ports.
In this case, ESP SHOULD <bcp14>SHOULD</bcp14> be used instead of application-level confidentiality.
If ESP is used to protect confidentiality of SCTP traffic, an ESP cryptographic
transform that includes cryptographic integrity protection MUST <bcp14>MUST</bcp14> be used, because because,
if there is a confidentiality threat threat, there will also be a strong integrity
threat.</t>
<t>Regardless of where confidentiality is provided, the Internet Key
Exchange Protocol version 2 (IKEv2) <xref target='RFC7296'/> SHOULD target="RFC7296"/> <bcp14>SHOULD</bcp14> be used for
key management of ESP.</t>
<t>Operators might consult <xref target='RFC4301'/> target="RFC4301"/> for more information on the
security services available at and immediately above the Internet Protocol
layer.</t>
</section>

<section>
<name>Protecting against Blind Denial-of-Service Attacks</name>

<t>A blind attack is one where the attacker is unable to intercept or otherwise
see the content of data flows passing to and from the target SCTP node.
Blind denial-of-service attacks can take the form of flooding, masquerade,
or improper monopolization of services.</t>

<section>
<name>Flooding</name>

<t>The objective of flooding is to cause loss of service and incorrect
behavior at target systems through resource exhaustion, interference
with legitimate transactions, and exploitation of buffer-related
software bugs.
Flooding can be directed either at the SCTP node or at resources in the
intervening IP Access Links or the Internet.
Where the latter entities are the target, flooding will manifest itself as loss
of network services, including potentially the breach of any firewalls in
place.</t>

<t>In general, protection against flooding begins at the equipment
design level, where it includes measures such as:</t>
<ul>
<li><t>avoiding commitment of limited resources before determining that the request
for service is legitimate.</t></li>
<li><t>giving priority to completion of processing in progress over the acceptance
of new work.</t></li>
<li><t>identification and removal of duplicate or stale queued requests for
service.</t></li>
<li><t>not responding to unexpected packets sent to non-unicast addresses.</t></li>
</ul>
<t>Network equipment is expected to be capable of generating an alarm and log if a
suspicious increase in traffic occurs.
The log provides information information, such as the identity of the incoming link
and source address(es) used, which will help the network or SCTP system operator
to take protective measures.
Procedures are expected to be in place for the operator to act on such alarms if a clear
pattern of abuse emerges.</t>
<t>The design of SCTP is resistant to flooding attacks, particularly in its use
of a four-way startup handshake, its use of a cookie to defer commitment of
resources at the responding SCTP node until the handshake is completed, and its
use of a Verification Tag to prevent insertion of extraneous packets into the
flow of an established association.</t>
<t>ESP might be useful in reducing the risk of certain kinds of
denial-of-service attacks.</t>
<t>Support for the Host Name Address parameter has been removed from the
protocol.
Endpoints receiving INIT or INIT ACK chunks containing the Host Name Address
parameter MUST <bcp14>MUST</bcp14> send an ABORT chunk in response and MAY <bcp14>MAY</bcp14> include an
"Unresolvable Address" error cause.</t>
</section>

<section>
<name>Blind Masquerade</name>

<t>Masquerade can be used to deny service in several ways:</t>
<ul>
<li><t>by tying up resources at the target SCTP node to which the impersonated node
has limited access.
For example, the target node can by policy permit a maximum of one
SCTP association with the impersonated SCTP node.
The masquerading attacker can attempt to establish an association purporting to
come from the impersonated node so that the latter cannot do so when it requires
it.</t></li>
<li><t>by deliberately allowing the impersonation to be detected, thereby
provoking counter-measures that cause the impersonated node to be locked out of
the target SCTP node.</t></li>
<li><t>by interfering with an established association by inserting extraneous
content such as a SHUTDOWN chunk.</t></li>
</ul>
<t>SCTP reduces the risk of blind masquerade attacks through IP spoofing
by use of the four-way startup handshake.
Because the initial exchange is memory-less, memoryless, no lockout mechanism is triggered
by blind masquerade attacks.
In addition, the packet containing the INIT ACK chunk with the State Cookie
is transmitted back to the IP address from which it received the packet
containing the INIT chunk.
Thus, the attacker would not receive the INIT ACK chunk containing the
State Cookie.
SCTP protects against insertion of extraneous packets into the flow of an
established association by use of the Verification Tag.</t>
<t>Logging of received INIT chunks and abnormalities abnormalities, such as unexpected
INIT ACK chunks chunks, might be considered as a way to detect patterns of hostile
activity.
However, the potential usefulness of such logging has to be weighed against the
increased SCTP startup processing it implies, rendering the SCTP node more
vulnerable to flooding attacks.
Logging is pointless without the establishment of operating procedures to
review and analyze the logs on a routine basis.</t>
</section>

<section>
<name>Improper Monopolization of Services</name>

<t>Attacks under this heading are performed openly and legitimately by the
attacker.
They are directed against fellow users of the target SCTP node or of the shared
resources between the attacker and the target node.
Possible attacks include the opening of a large number of associations between
the attacker's node and the target, target or transfer of large volumes of information
within a legitimately established association.</t>
<t>Policy limits are expected to be placed on the number of associations per
adjoining SCTP node.
SCTP user applications are expected to be capable of detecting large volumes of
illegitimate or "no-op" messages within a given association and either logging
or terminating the association as a result, based on local policy.</t>
</section>
</section>
</section>

<section anchor='sec_sctp_interaction_with_firewalls'>
<name>SCTP Interactions with Firewalls</name>

<t>It is helpful for some firewalls if they can inspect just the first
fragment of a fragmented SCTP packet and unambiguously determine whether it
corresponds to an INIT chunk (for further information, please refer to
<xref target='RFC1858'/>). target="RFC1858"/>).
Accordingly, we stress the requirements, as stated in
<xref target='sec_sctp_common_header_field_desriptions'/>, that
(1) an INIT chunk MUST NOT <bcp14>MUST NOT</bcp14> be bundled with any other chunk in a packet and
(2) a packet containing an INIT chunk MUST <bcp14>MUST</bcp14> have a zero Verification Tag.
The receiver of an INIT chunk MUST <bcp14>MUST</bcp14> silently discard the INIT chunk and all
further chunks if the INIT chunk is bundled with other chunks or the packet
has a non-zero Verification Tag.</t>
</section>

<section anchor='sec_protection_of_non_sctp_capable_hosts'>
<name>Protection of Non-SCTP-Capable Non-SCTP-capable Hosts</name>

<t>To provide a non-SCTP-capable host with the same level of protection
against attacks as for SCTP-capable ones, all SCTP implementations MUST <bcp14>MUST</bcp14>
implement the ICMP handling described in <xref target='sec_icmp'/>.</t>
<t>When an SCTP implementation receives a packet containing multiple control or
DATA chunks and the processing of the packet would result in sending multiple
chunks in response, the sender of the response chunk(s) MUST NOT <bcp14>MUST NOT</bcp14> send more than
one packet containing chunks other than DATA chunks.
This requirement protects the network for triggering a packet burst in response
to a single packet.
If bundling is supported, multiple response chunks that fit into a single
packet MAY <bcp14>MAY</bcp14> be bundled together into one single response packet.
If bundling is not supported, then the sender MUST NOT <bcp14>MUST NOT</bcp14> send more than one
response chunk and MUST <bcp14>MUST</bcp14> discard all other responses.
Note that this rule does not apply to a SACK chunk, since a SACK chunk is,
in itself, a response to DATA chunks chunks, and a SACK chunk does not require a
response of more DATA chunks.</t>
<t>An SCTP implementation MUST <bcp14>MUST</bcp14> abort the association if it receives a SACK
chunk acknowledging a TSN that has not been sent.</t>
<t>An SCTP implementation that receives an INIT chunk that would require a large
packet in response, due to the inclusion of multiple "Unrecognized Parameter"
parameters, MAY <bcp14>MAY</bcp14> (at its discretion) elect to omit some or all of the
"Unrecognized Parameter" parameters to reduce the size of the INIT ACK chunk.
Due to a combination of the size of the State Cookie parameter and the number of
addresses a receiver of an INIT chunk indicates to a peer, it is always
possible that the INIT ACK chunk will be larger than the original INIT chunk.
An SCTP implementation SHOULD <bcp14>SHOULD</bcp14> attempt to make the INIT ACK chunk as small as
possible to reduce the possibility of byte amplification attacks.</t>
</section>
</section>

<section anchor='sec_network_management'>
<name>Network Management Considerations</name>

<t>The MIB module for SCTP defined in <xref target='RFC3873'/> target="RFC3873"/> applies for the
version of the protocol specified in this document.</t>
</section>

<section anchor='sec_tcb_parameter'>
<name>Recommended Transmission Control Block (TCB) Parameters</name>

<t>This section details a set of parameters that are expected to be contained
within the TCB for an implementation.
This section is for illustrative purposes and is not considered to be
requirements on an implementation or as an exhaustive list of all parameters
inside an SCTP TCB.
Each implementation might need its own additional parameters for optimization.</t>

<section anchor='sec_parameters_necessary_for_the_sctp_instance'>
<name>Parameters Necessary for the SCTP Instance</name>

<dl>

<dl newline="false" indent="15">
<dt>Associations:</dt>
<dd>
<t>A
<dd>A list of current associations and mappings to the data consumers for each
association.
This might be in the form of a hash table or other implementation-dependent
structure.
The data consumers might be process identification information information, such as file
descriptors, named pipe pointer, or table pointers dependent on how SCTP is
implemented.</t>
</dd>
implemented.</dd>
<dt>Secret Key:</dt>
<dd>
<t>A
<dd>A secret key used by this endpoint to compute the MAC.
This SHOULD <bcp14>SHOULD</bcp14> be a cryptographic quality random number with a sufficient length.
Discussion in <xref target='RFC4086'/> target="RFC4086"/> can be helpful in selection of the
key.</t>
</dd>
key.</dd>
<dt>Address List:</dt>
<dd>
<t>The
<dd>The list of IP addresses that this instance has bound.
This information is passed to one's peer(s) in INIT and INIT ACK chunks.</t>
</dd> chunks.</dd>
<dt>SCTP Port:</dt>
<dd>
<t>The
<dd>The local SCTP port number to which the endpoint is bound.</t>
</dd> bound.</dd>
</dl>
</section>

<section anchor='sec_parameters_necessary_per_association'>
<name>Parameters Necessary per Association (i.e., the TCB)</name>

<dl>

<dl newline="false" indent="15">
<dt>Peer Verification Tag:</dt>
<dd>
<t>Tag
<dd>Tag value to be sent in every packet and is received in the INIT or
INIT ACK chunk.</t>
</dd> chunk.</dd>
<dt>My Verification Tag:</dt>
<dd>
<t>Tag
<dd>Tag expected in every inbound packet and sent in the INIT or INIT ACK chunk.</t>
</dd> chunk.</dd>
<dt>State:</dt>
<dd>
<t>COOKIE-WAIT, COOKIE-ECHOED, ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-SENT,
SHUTDOWN-RECEIVED, SHUTDOWN-ACK-SENT.</t>
<t>Note: No "CLOSED" state is illustrated since illustrated, since, if a an association is "CLOSED" "CLOSED",
its TCB SHOULD <bcp14>SHOULD</bcp14> be removed.</t>
</dd>
<dt>Peer Transport Address List:</dt>
<dd>
<t>A
<dd>A list of SCTP transport addresses to which the peer is bound.
This information is derived from the INIT or INIT ACK chunk and is used to
associate an inbound packet with a given association.
Normally, this information is hashed or keyed for quick lookup and access
of the TCB.</t>
</dd> TCB.</dd>
<dt>Primary Path:</dt>
<dd>
<t>This
<dd>This is the current primary destination transport address of the peer endpoint.
It might also specify a source transport address on this endpoint.</t>
</dd> endpoint.</dd>
<dt>Overall Error Count:</dt>
<dd>
<t>The
<dd>The overall association error count.</t>
</dd> count.</dd>
<dt>Overall Error Threshold:</dt>
<dd>
<t>The
<dd>The threshold for this association that that, if the Overall Error Count reaches reaches, will
cause this association to be torn down.</t>
</dd> down.</dd>
<dt>Peer Rwnd:</dt>
<dd>
<t>Current
<dd>Current calculated value of the peer's rwnd.</t>
</dd> rwnd.</dd>
<dt>Next TSN:</dt>
<dd>
<t>The
<dd>The next TSN number to be assigned to a new DATA chunk.
This is sent in the INIT or INIT ACK chunk to the peer and incremented each
time a DATA chunk is assigned a TSN (normally (normally, just prior to transmit or during
fragmentation).</t>
</dd>
fragmentation).</dd>
<dt>Last Rcvd TSN:</dt>
<dd>
<t>This
<dd>This is the last TSN received in sequence.
This value is set initially by taking the peer's initial Initial TSN, received in the
INIT or INIT ACK chunk, and subtracting one from it.</t>
</dd> it.</dd>
<dt>Mapping Array:</dt>
<dd>
<t>An
<dd>An array of bits or bytes indicating which out-of-order TSNs have been
received (relative to the Last Rcvd TSN).
If no gaps exist, i.e., no out-of-order packets have been received, this
array will be set to all zero.
This structure might be in the form of a circular buffer or bit array.</t>
</dd> array.</dd>
<dt>Ack State:</dt>
<dd>
<t>This
<dd>This flag indicates if the next received packet is to be responded to with
a SACK chunk.
This is initialized to 0.
When a packet is received received, it is incremented.
If this value reaches 2 or more, a SACK chunk is sent and the value is reset
to 0.
Note: This is used only when no DATA chunks are received out of order.
When DATA chunks are out of order, SACK chunks are not delayed
(see <xref target='sec_user_data_transfer'/>).</t>
</dd> target='sec_user_data_transfer'/>).</dd>
<dt>Inbound Streams:</dt>
<dd>
<t>An
<dd>An array of structures to track the inbound streams, normally including the
next sequence number expected and possibly the stream number.</t>
</dd> number.</dd>
<dt>Outbound Streams:</dt>
<dd>
<t>An
<dd>An array of structures to track the outbound streams, normally including the
next sequence number to be sent on the stream.</t>
</dd> stream.</dd>
<dt>Reasm Queue:</dt>
<dd>
<t>A
<dd>A reassembly queue.</t>
</dd> queue.</dd>
<dt>Receive Buffer:</dt>
<dd>
<t>A
<dd>A buffer to store received user data which that has not been delivered to the
upper layer.</t>
</dd> layer.</dd>
<dt>Local Transport Address List:</dt>
<dd>
<t>The
<dd>The list of local IP addresses bound in to this association.</t>
</dd> association.</dd>
<dt>Association Maximum DATA Chunk Size:</dt>
<dd>
<t>The
<dd>The smallest Path Maximum DATA Chunk Size of all destination addresses.</t>
</dd> addresses.</dd>
</dl>
</section>

<section anchor='sec_per_transport_address_data'>
<name>Per Transport Address Data</name>

<t>For each destination transport address in the peer's address list
derived from the INIT or INIT ACK chunk, a number of data elements need to be
maintained
maintained, including:</t>
<dl>
<dl newline="false" indent="15">
<dt>Error Count:</dt>
<dd>
<t>The
<dd>The current error count for this destination.</t>
</dd> destination.</dd>
<dt>Error Threshold:</dt>
<dd>
<t>Current
<dd>Current error threshold for this destination, i.e., what value marks the
destination down if error count reaches this value.</t>
</dd> value.</dd>
<dt>cwnd:</dt>
<dd>
<t>The
<dd>The current congestion window.</t>
</dd> window.</dd>
<dt>ssthresh:</dt>
<dd>
<t>The
<dd>The current ssthresh value.</t>
</dd> value.</dd>
<dt>RTO:</dt>
<dd>
<t>The
<dd>The current retransmission timeout value.</t>
</dd> value.</dd>
<dt>SRTT:</dt>
<dd>
<t>The
<dd>The current smoothed round-trip time.</t>
</dd> time.</dd>
<dt>RTTVAR:</dt>
<dd>
<t>The
<dd>The current RTT variation.</t>
</dd> variation.</dd>
<dt>partial bytes acked:</dt>
<dd>
<t>The
<dd>The tracking method for increase of cwnd when in congestion avoidance mode
(see <xref target='sec_congestion_avoidance'/>).</t>
</dd> target='sec_congestion_avoidance'/>).</dd>
<dt>state:</dt>
<dd>
<t>The
<dd>The current state of this destination, i.e., DOWN, UP, ALLOW-HEARTBEAT,
NO-HEARTBEAT, etc.</t>
</dd> etc.</dd>
<dt>PMTU:</dt>
<dd>
<t>The
<dd>The current known PMTU.</t>
</dd> PMTU.</dd>
<dt>PMDCS:</dt>
<dd>
<t>The
<dd>The current known PMDCS.</t>
</dd> PMDCS.</dd>
<dt>Per Destination Timer:</dt>
<dd>
<t>A
<dd>A timer used by each destination.</t>
</dd> destination.</dd>
<dt>RTO-Pending:</dt>
<dd>
<t>A
<dd>A flag used to track if one of the DATA chunks sent to this address is
currently being used to compute an RTT.
If this flag is 0, the next DATA chunk sent to this destination is expected to
be used to compute an RTT and this flag is expected to be set.
Every time the RTT calculation completes (i.e., the DATA chunk is acknowledged),
clear this flag.</t>
</dd> flag.</dd>
<dt>last-time:</dt>
<dd>
<t>The
<dd>The time to which this destination was last sent.
This can used be used to determine if the sending of a HEARTBEAT chunk is needed.</t>
</dd> needed.</dd>
</dl>
</section>

<section anchor='sec_general_parameters_needed'>
<name>General Parameters Needed</name>

<dl>

<dl newline="false" indent="3">
<dt>Out Queue:</dt>
<dd>
<t>A
<dd>A queue of outbound DATA chunks.</t>
</dd> chunks.</dd>
<dt>In Queue:</dt>
<dd>
<t>A
<dd>A queue of inbound DATA chunks.</t>
</dd> chunks.</dd>
</dl>
</section>
</section>

<section anchor='sec_iana'>
<name>IANA Considerations</name>

<t>This document defines five registries that IANA maintains:</t>
<ul>
<li><t>through definition of additional chunk types,</t></li>
<li><t>through definition of additional chunk flags,</t></li>
<li><t>through definition of additional parameter types,</t></li>
<li><t>through definition of additional cause codes within ERROR chunks, or</t></li>
<li><t>through definition of additional payload protocol identifiers.</t></li>
</ul>
<t>IANA is requested to perform has performed the following updates for the above five
registries:</t>
<ul>
<li><t>In the Chunk Types Registry replace in the Reference section "Chunk Types" registry, IANA has replaced the registry
reference to <xref target='RFC4960'/> target="RFC4960"/> and <xref target='RFC6096'/> by target="RFC6096"/> with a
reference to this document.</t>
<t>Replace
<t>In addition, in the Notes section section, the reference to Section 3.2 of <xref target='RFC6096'/> by target="RFC6096" section="3.2" sectionFormat="of" /> has been updated with a reference to
<xref target='sec_ietf_chunk_flags_registration'/> of this document.</t>
<t>Finally replace
<t>Finally, each reference to <xref target='RFC4960'/> by target="RFC4960"/> has been replaced with a reference to
this document for the following chunk types:</t>
<ul>
<li><t>Payload Data (DATA)</t></li>
<li><t>Initiation (INIT)</t></li>
<li><t>Initiation Acknowledgement (INIT ACK)</t></li>
<li><t>Selective Acknowledgement (SACK)</t></li>
<li><t>Heartbeat Request (HEARTBEAT)</t></li>
<li><t>Heartbeat Acknowledgement (HEARTBEAT ACK)</t></li>
<li><t>Abort (ABORT)</t></li>
<li><t>Shutdown (SHUTDOWN)</t></li>
<li><t>Shutdown Acknowledgement (SHUTDOWN ACK)</t></li>
<li><t>Operation Error (ERROR)</t></li>
<li><t>State Cookie (COOKIE ECHO)</t></li>
<li><t>Cookie Acknowledgement (COOKIE ACK)</t></li>
<li><t>Reserved for Explicit Congestion Notification Echo (ECNE)</t></li>
<li><t>Reserved for Congestion Window Reduced (CWR)</t></li>
<li><t>Shutdown Complete (SHUTDOWN COMPLETE)</t></li>
<li><t>Reserved for IETF-defined Chunk Extensions</t></li>
</ul>
</li>
<li><t>In the Chunk "Chunk Parameter Types Registry replace in the Reference section Types" registry, IANA has replaced
the registry reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to this document.</t>
<t>Replace
<t>IANA has changed the name of the "Unrecognized Parameters" chunk parameter type to
"Unrecognized Parameter" in the "Chunk Parameter Types" registry.</t>
<t>In addition, each reference to <xref target='RFC4960'/> by target="RFC4960"/> has been replaced with a reference to
this document for the following chunk parameter types:</t>
<ul>
<li><t>Heartbeat Info</t></li>
<li><t>IPv4 Address</t></li>
<li><t>IPv6 Address</t></li>
<li><t>State Cookie</t></li>
<li><t>Unrecognized Parameters</t></li> Parameter</t></li>
<li><t>Cookie Preservative</t></li>
<li><t>Host Name Address</t></li>
<li><t>Supported Address Types</t></li>
</ul>
<t>Add

<t>IANA has added a reference to this document for the following chunk parameter type:</t>
<ul>
<li><t>Reserved for ECN Capable (0x8000)</t></li>
</ul>
<t>Also, IANA has added the value 65535 to be reserved for IETF-defined extensions.</t>
</li>
<li><t>In the Chunk Flags Registry replace in the Reference section "Chunk Flags" registry, IANA replaced
the registry reference to <xref target='RFC6096'/> by target="RFC6096"/> with a reference to this document.</t>
<t>Replace
<t>In addition, each reference to <xref target='RFC4960'/> by target="RFC4960"/> has been replaced with a reference to
this document for the following DATA chunk flags:</t>
<ul>
<li><t>E bit</t></li>
<li><t>B bit</t></li>
<li><t>U bit</t></li>
</ul>
<t>Replace each

<t>IANA has also replaced the reference to <xref target='RFC4960'/> by target="RFC7053"/> with a reference to
this document for the following DATA chunk flag:</t>
<ul>
<li><t>I bit</t></li>
</ul>

<t>IANA has replaced the reference to <xref target="RFC4960"/> with a reference to
this document for the following ABORT chunk flags:</t> flag:</t>
<ul>
<li><t>T bit</t></li>
</ul>
<t>Replace each
<t>IANA has replaced the reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to
this document for the following SHUTDOWN COMPLETE chunk flags:</t> flag:</t>
<ul>
<li><t>T bit</t></li>
</ul>
</li>
<li><t>In the Error "Error Cause Codes Registry replace in the Reference section Codes" registry, IANA has replaced
the registry reference to <xref target='RFC6096'/> by target="RFC4960"/> with a reference to this document.</t>
<t>Replace
<t>IANA has changed the name of the "User Initiated Abort" error cause to
"User-Initiated Abort" and the name of the "Stale Cookie Error" error cause
to "Stale Cookie" in the "Error Cause Codes" registry.</t>
<t>In addition, each reference to <xref target='RFC4960'/> by target="RFC4960"/> has been replaced with a reference to
this document for the following cause codes:</t>
<ul>
<li><t>Invalid Stream Identifier</t></li>
<li><t>Missing Mandatory Parameter</t></li>
<li><t>Stale Cookie Error</t></li> Cookie</t></li>
<li><t>Out of Resource</t></li>
<li><t>Unresolvable Address</t></li>
<li><t>Unrecognized Chunk Type</t></li>
<li><t>Invalid Mandatory Parameter</t></li>
<li><t>Unrecognized Parameters</t></li>
<li><t>No User Data</t></li>
<li><t>Cookie Received While Shutting Down</t></li>
<li><t>Restart of an Association with New Addressess</t></li> Addresses</t></li>
</ul>
<t>Replace
<t>IANA has also replaced each reference to <xref target='RFC4460'/> by target="RFC4460"/> with a reference to
this document for the following cause codes:</t>
<ul>
<li><t>User Initiated
<li><t>User-Initiated Abort</t></li>
<li><t>Protocol Violation</t></li>
</ul>
</li>
<li><t>In the SCTP "SCTP Payload Protocol Identifiers Registry replace in the
Reference section Identifiers" registry, IANA has
replaced the registry reference to <xref target='RFC6096'/> by target="RFC4960"/> with a reference
to this document.</t>
<t>Replace each
<t>IANA has replaced the reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to
this document for the following SCTP payload protocol identifiers:</t> identifier:</t>
<ul>
<li><t>Reserved by SCTP</t></li>
</ul>
</li>
</ul>

<t>SCTP requires that the IANA Port Numbers "Port Numbers" registry be opened for SCTP port
registrations,
registrations; <xref target='sec_port_number_registry'/> describes how.
An IESG-appointed Expert Reviewer supports IANA in evaluating SCTP port
allocation requests.</t>
<t>IANA is requested to perform the following update for
<t>In the "Service Name and Transport Protocol Port Number
registry.
Replace Registry", IANA has replaced each reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to
this document for the following SCTP port numbers:</t>
<ul>
<li><t>9 (discard)</t></li>
<li><t>20 (ftp-data)</t></li>
<li><t>21 (ftp)</t></li>
<li><t>22 (ssh)</t></li>
<li><t>80 (http)</t></li>
<li><t>179 (bgp)</t></li>
<li><t>443 (https)</t></li>
</ul>

<t>Furthermore, IANA is requested to replace in the HTTP "Hypertext Transfer Protocol (HTTP) Digest Algorithm Values
registry Values"
registry, IANA has replaced the reference to Appendix B of <xref target='RFC4960'/> target="RFC4960" section="B" sectionFormat="of"/> with a reference to
<xref target='sec_crc32c'/> of this document.</t>
<t>IANA is also requested to replace
<t>In addition, in the ONC "ONC RPC Netids (Standards Action)" registry, IANA has replaced each
of the
reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to
this document for the following netids:</t>
<ul>
<li><t>sctp</t></li>
<li><t>sctp6</t></li>
</ul>
<t>IANA is finally requested to replace in
<t>In the IPFIX "IPFIX Information Elements Elements" registry, IANA has replaced each of the reference to <xref target='RFC4960'/> by target="RFC4960"/> with a reference to
this document for the following elements with the name:</t>
<ul>
<li><t>sourceTransportPort</t></li>
<li><t>destinationTransportPort</t></li>
<li><t>collectorTransportPort</t></li>
<li><t>exporterTransportPort</t></li>
<li><t>postNAPTSourceTransportPort</t></li>
<li><t>postNAPTDestinationTransportPort</t></li>
</ul>

<section anchor='sec_ietf_defined_chunks_extension'>
<name>IETF-Defined Chunk Extension</name>

<t>The assignment of new chunk type codes is done through an IETF
Review action, as defined in <xref target='RFC8126'/>. target="RFC8126"/>.
Documentation for a new chunk MUST <bcp14>MUST</bcp14> contain the following information:</t>
<ol type='%c)'>
<li><t>A long and short name for the new chunk type.</t></li>
<li><t>A detailed description of the structure of the chunk, which MUST <bcp14>MUST</bcp14> conform to
the basic structure defined in <xref target='sec_chunk_field_descriptions'/>.</t></li>
<li><t>A detailed definition and description of intended use of each field within
the chunk, including the chunk flags if any.
Defined chunk flags will be used as initial entries in the chunk flags table
for the new chunk type.</t></li>
<li><t>A detailed procedural description of the use of the new chunk type within
the operation of the protocol.</t></li>
</ol>
<t>The last chunk type (255) is reserved for future extension if necessary.</t>
<t>For each new chunk type, IANA creates a registration table for the
chunk flags of that type.
The procedure for registering particular chunk flags is described in
<xref target='sec_ietf_chunk_flags_registration'/>.</t>
</section>

<section anchor='sec_ietf_chunk_flags_registration'>
<name>IETF

<name>IETF-Defined Chunk Flags Registration</name>

<t>The assignment of new chunk flags is done through an RFC Required action,
as defined in <xref target='RFC8126'/>. target="RFC8126"/>.
Documentation for the chunk flags MUST <bcp14>MUST</bcp14> contain the following information:</t>
<ol type='%c)'>
<li><t>A name for the new chunk flag.</t></li>
<li><t>A detailed procedural description of the use of the new chunk flag within
the operation of the protocol.
It MUST <bcp14>MUST</bcp14> be considered that implementations not supporting the flag will send 0
on transmit and just ignore it on receipt.</t></li>
</ol>
<t>IANA selects a chunk flags value.
This MUST <bcp14>MUST</bcp14> be one of 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, or 0x80, which
MUST
<bcp14>MUST</bcp14> be unique within the chunk flag values for the specific chunk type.</t>
</section>

<section anchor='sec_ietf_defined_chunk_parameter_extension'>
<name>IETF-Defined Chunk Parameter Extension</name>

<t>The assignment of new chunk parameter type codes is done through an IETF
Review action action, as defined in <xref target='RFC8126'/>. target="RFC8126"/>.
Documentation of the chunk parameter MUST <bcp14>MUST</bcp14> contain the following information:</t>
<ol type='%c)'>
<li><t>Name of the parameter type.</t></li>
<li><t>Detailed description of the structure of the parameter field.
This structure MUST <bcp14>MUST</bcp14> conform to the general Type-Length-Value format described
in <xref target='sec_parameter_format'/>.</t></li>
<li><t>Detailed definition of each component of the parameter value.</t></li>
<li><t>Detailed description of the intended use of this parameter type, type and an
indication of whether and under what circumstances multiple instances of this
parameter type can be found within the same chunk.</t></li>
<li><t>Each parameter type MUST <bcp14>MUST</bcp14> be unique across all chunks.</t></li>
</ol>
</section>

<section anchor='sec_ietf_defined_additional_error_causes'>
<name>IETF-Defined Additional Error Causes</name>

<t>Additional cause codes can be allocated in the range 11 to 65535 through a Specification Required action as defined in <xref target='RFC8126'/>. target="RFC8126"/>.
Provided documentation MUST <bcp14>MUST</bcp14> include the following information:</t>
<ol type='%c)'>
<li><t>Name of the error condition.</t></li>
<li><t>Detailed description of the conditions under which an SCTP endpoint
issues an ERROR (or ABORT) chunk with this cause code.</t></li>
<li><t>Expected action by the SCTP endpoint that receives an ERROR (or ABORT) chunk
containing this cause code.</t></li>
<li><t>Detailed description of the structure and content of data fields that
accompany this cause code.</t></li>
</ol>
<t>The initial word (32 bits) of a cause code parameter MUST <bcp14>MUST</bcp14> conform to the
format shown in <xref target='sec_error_chunk'/>, i.e.:</t> that is:</t>
<ul>
<li><t>first 2 bytes contain the cause code value</t></li>
<li><t>last 2 bytes contain the length of the cause parameter.</t></li> error cause.</t></li>
</ul>
</section>

<section anchor='sec_payload_prototol_identifiers'>
<name>Payload Protocol Identifiers</name>

<t>The assignment of payload protocol identifier identifiers is done using the First Come
First Served policy policy, as defined in <xref target='RFC8126'/>.</t> target="RFC8126"/>.</t>
<t>Except for value 0, which is reserved to indicate an unspecified payload
protocol identifier in a DATA chunk, an SCTP implementation will not be
responsible for standardizing or verifying any payload protocol identifiers; identifiers.
An SCTP implementation simply receives the identifier from the upper layer
and carries it with the corresponding payload data.</t>
<t>The upper layer, i.e., the SCTP user, SHOULD <bcp14>SHOULD</bcp14> standardize any specific
protocol identifier with IANA if it is so desired.
The use of any specific payload protocol identifier is out of the scope of
this specification.</t>
</section>

<section anchor='sec_port_number_registry'>
<name>Port Numbers Registry</name>

<t>SCTP services can use contact port numbers to provide service to unknown
callers, as in TCP and UDP.
An IESG-appointed expert reviewer Expert Reviewer supports IANA in evaluating SCTP port
allocation requests, according to the procedure defined in
<xref target='RFC8126'/>. target="RFC8126"/>.
The details of this process are defined in <xref target='RFC6335'/>.</t> target="RFC6335"/>.</t>
</section>
</section>

<section anchor='sec_parameter_values'>
<name>Suggested SCTP Protocol Parameter Values</name>

<t>The following protocol parameters are RECOMMENDED:</t>
<dl> <bcp14>RECOMMENDED</bcp14>:</t>
<dl newline="false" spacing="compact">
<dt>RTO.Initial:</dt><dd><t>1 second</t></dd>
<dt>RTO.Min:</dt><dd><t>1 second</t></dd>
<dt>RTO.Max:</dt><dd><t>60 seconds</t></dd>
<dt>Max.Burst:</dt><dd><t>4</t></dd>
<dt>RTO.Alpha:</dt><dd><t>1/8</t></dd>
<dt>RTO.Beta:</dt><dd><t>1/4</t></dd>
<dt>Valid.Cookie.Life:</dt><dd><t>60 seconds</t></dd>
<dt>Association.Max.Retrans:</dt><dd><t>10 attempts</t></dd>
<dt>Path.Max.Retrans:</dt><dd><t>5 attempts (per destination address)</t></dd>
<dt>Max.Init.Retransmits:</dt><dd><t>8 attempts</t></dd>
<dt>HB.interval:</dt><dd><t>30 seconds</t></dd>
<dt>HB.Max.Burst:</dt><dd><t>1</t></dd>
<dt>SACK.Delay:</dt><dd><t>200 milliseconds</t></dd>
</dl>
<t>Implementation Note: The SCTP implementation can allow ULP to customize some
of these protocol parameters (see <xref target='sec_api'/>).</t>
<t>'RTO.Min' SHOULD <bcp14>SHOULD</bcp14> be set as described above in this section.</t>
</section>

<section anchor='sec_acknowledgements'>
<name>Acknowledgements</name>

<t>An undertaking represented by this updated document is not a small
feat and represents the summation of the initial co-authors of
<xref target="RFC2960"/>:
<contact fullname="Q. Xie"/>,
<contact fullname="K. Morneault"/>,
<contact fullname="C. Sharp"/>,
<contact fullname="H. Schwarzbauer"/>,
<contact fullname="T. Taylor"/>,
<contact fullname="I. Rytina"/>,
<contact fullname="M. Kalla"/>,
<contact fullname="L. Zhang"/>,
and V.&nbsp;Paxson.</t>
<t>Add to that, the comments from everyone who contributed to
<xref target="RFC2960"/>:
<contact fullname="Mark Allman"/>,
<contact fullname="R. J. Atkinson"/>,
<contact fullname="Richard Band"/>,
<contact fullname="Scott Bradner"/>,
<contact fullname="Steve Bellovin"/>,
<contact fullname="Peter Butler"/>,
<contact fullname="Ram Dantu"/>,
<contact fullname="R. Ezhirpavai"/>,
<contact fullname="Mike Fisk"/>,
<contact fullname="Sally Floyd"/>,
<contact fullname="Atsushi Fukumoto"/>,
<contact fullname="Matt Holdrege"/>,
<contact fullname="Henry Houh"/>,
<contact fullname="Christian Huitema"/>,
<contact fullname="Gary Lehecka"/>,
<contact fullname="Jonathan Lee"/>,
<contact fullname="David Lehmann"/>,
<contact fullname="John Loughney"/>,
<contact fullname="Daniel Luan"/>,
<contact fullname="Barry Nagelberg"/>,
<contact fullname="Thomas Narten"/>,
<contact fullname="Erik Nordmark"/>,
<contact fullname="Lyndon Ong"/>,
<contact fullname="Shyamal Prasad"/>,
<contact fullname="Kelvin Porter"/>,
<contact fullname="Heinz Prantner"/>,
<contact fullname="Jarno Rajahalme"/>,
<contact fullname="Raymond E. Reeves"/>,
<contact fullname="Renee Revis"/>,
<contact fullname="Ivan Arias Rodriguez"/>,
<contact fullname="A. Sankar"/>,
<contact fullname="Greg Sidebottom"/>,
<contact fullname="Brian Wyld"/>,
<contact fullname="La Monte Yarroll"/>,
and many others for their invaluable comments.</t>

<t>Then, add the co-authors of <xref target="RFC4460"/>:
<contact fullname="I. Arias-Rodriguez"/>,
<contact fullname="K. Poon"/>,
and
<contact fullname="A. Caro."/></t>
<t>Then add to these the efforts of all the subsequent seven
SCTP interoperability tests and those who commented on <xref target="RFC4460"/>
as shown in its acknowledgements:
<contact fullname="Barry Zuckerman"/>,
<contact fullname="La Monte Yarroll"/>,
<contact fullname="Qiaobing Xie"/>,
<contact fullname="Wang Xiaopeng"/>,
<contact fullname="Jonathan Wood"/>,
<contact fullname="Jeff Waskow"/>,
<contact fullname="Mike Turner"/>,
<contact fullname="John Townsend"/>,
<contact fullname="Sabina Torrente"/>,
<contact fullname="Cliff Thomas"/>,
<contact fullname="Yuji Suzuki"/>,
<contact fullname="Manoj Solanki"/>,
<contact fullname="Sverre Slotte"/>,
<contact fullname="Keyur Shah"/>,
<contact fullname="Jan Rovins"/>,
<contact fullname="Ben Robinson"/>,
<contact fullname="Renee Revis"/>,
<contact fullname="Ian Periam"/>,
<contact fullname="RC Monee"/>,
<contact fullname="Sanjay Rao"/>,
<contact fullname="Sujith Radhakrishnan"/>,
<contact fullname="Heinz Prantner"/>,
<contact fullname="Biren Patel"/>,
<contact fullname="Nathalie Mouellic"/>,
<contact fullname="Mitch Miers"/>,
<contact fullname="Bernward Meyknecht"/>,
<contact fullname="Stan McClellan"/>,
<contact fullname="Oliver Mayor"/>,
<contact fullname="Tomas Orti Martin"/>,
<contact fullname="Sandeep Mahajan"/>,
<contact fullname="David Lehmann"/>,
<contact fullname="Jonathan Lee"/>,
<contact fullname="Philippe Langlois"/>,
<contact fullname="Karl Knutson"/>,
<contact fullname="Joe Keller"/>,
<contact fullname="Gareth Keily"/>,
<contact fullname="Andreas Jungmaier"/>,
<contact fullname="Janardhan Iyengar"/>,
<contact fullname="Mutsuya Irie"/>,
<contact fullname="John Hebert"/>,
<contact fullname="Kausar Hassan"/>,
<contact fullname="Fred Hasle"/>,
<contact fullname="Dan Harrison"/>,
<contact fullname="Jon Grim"/>,
<contact fullname="Laurent Glaude"/>,
<contact fullname="Steven Furniss"/>,
<contact fullname="Atsushi Fukumoto"/>,
<contact fullname="Ken Fujita"/>,
<contact fullname="Steve Dimig"/>,
<contact fullname="Thomas Curran"/>,
<contact fullname="Serkan Cil"/>,
<contact fullname="Melissa Campbell"/>,
<contact fullname="Peter Butler"/>,
<contact fullname="Rob Brennan"/>,
<contact fullname="Harsh Bhondwe"/>,
<contact fullname="Brian Bidulock"/>,
<contact fullname="Caitlin Bestler"/>,
<contact fullname="Jon Berger"/>,
<contact fullname="Robby Benedyk"/>,
<contact fullname="Stephen Baucke"/>,
<contact fullname="Sandeep Balani"/>,
and
<contact fullname="Ronnie Sellar"/>.</t>
<t>A special thanks to <contact fullname="Mark Allman"/>, who should actually
be a co-author for his work on the max-burst, but managed to wiggle out due to a
technicality.</t>
<t>Also, we would like to acknowledge <contact fullname="Lyndon Ong"/> and
<contact fullname="Phil Conrad"/> for their valuable input and many
contributions.</t>
<t>Furthermore, you have <xref target="RFC4960"/>, and those who have commented
upon that including <contact fullname="Alfred Hönes"/> and
<contact fullname="Ronnie Sellars"/>.</t>

<t>Then, add the co-author of <xref target="RFC8540"/>:
<contact fullname="Maksim Proshin"/>.</t>
<t>And people who have commented on <xref target="RFC8540"/>:
<contact fullname="Pontus Andersson"/>,
<contact fullname="Eric W. Biederman"/>,
<contact fullname="Cedric Bonnet"/>,
<contact fullname="Spencer Dawkins"/>,
<contact fullname="Gorry Fairhurst"/>,
<contact fullname="Benjamin Kaduk"/>,
<contact fullname="Mirja Kühlewind"/>,
<contact fullname="Peter Lei"/>,
<contact fullname="Gyula Marosi"/>,
<contact fullname="Lionel Morand"/>,
<contact fullname="Jeff Morriss"/>,
<contact fullname="Tom Petch"/>,
<contact fullname="Kacheong Poon"/>,
<contact fullname="Julien Pourtet"/>,
<contact fullname="Irene Rüngeler"/>,
<contact fullname="Michael Welzl"/>,
and
<contact fullname="Qiaobing Xie"/>.</t>
<t>And finally the people who have provided comments for this document including
<contact fullname="Gorry Fairhurst"/>,
<contact fullname="Martin Duke"/>,
<contact fullname="Benjamin Kaduk"/>,
<contact fullname="Tero Kivinen"/>,
<contact fullname="Eliot Lear"/>,
<contact fullname="Marcelo Ricardo Leitner"/>,
<contact fullname="David Mandelberg"/>,
<contact fullname="John Mattsson"/>,
<contact fullname="Claudio Porfiri"/>,
<contact fullname="Maksim Proshin"/>,
<contact fullname="Ines Robles"/>,
<contact fullname="Timo Völker"/>,
<contact fullname="Magnus Westerlund"/>,
and
<contact fullname="Zhouming"/>.</t>
<t>Our thanks cannot be adequately expressed to all of you who have participated
in the coding, testing, and updating process of this document.
All we can say is, Thank You!</t>
</section>

</middle>

<back>

<references title='Normative References'>
  <references>
    <name>References</name>
    <references>
      <name>Normative References</name>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml2/reference.ITU.V42.1994.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1122.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1123.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1191.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1982.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4291.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4303.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4895.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5681.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6335.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6083.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7296.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8201.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8899.xml"/>
</references>
<references title='Informative References'>

<references>
  <name>Informative References</name>
<reference anchor="FALL96">
<front>
<title>Simulation-based Comparisons of Tahoe, Reno, and SACK TCP</title>
<author initials="K." surname="Fall" fullname="K. Fall"><organization/></author>
<author initials="S." surname="Floyd" fullname="S. Floyd"><organization/></author>
<date year="1996" month="July"/>
</front>
<seriesInfo name='SIGCOM' value='99'/>
<seriesInfo name='V.' value='26'/>
<seriesInfo name='N.' value='3'/>
<seriesInfo name='pp' value='5-21'/>
<refcontent>SIGCOM 99, V. 26, N. 3, pp 5-21</refcontent>
</reference>

<reference anchor="SAVAGE99">
<front>
<title>TCP Congestion Control with a Misbehaving Receiver</title>
<author initials="S." surname="Savage" fullname="S. Savage"><organization/></author>
<author initials="N." surname="Cardwell" fullname="N. Cardwell"><organization/></author>
<author initials="D." surname="Wetherall" fullname="D. Wetherall"><organization/></author>
<author initials="T." surname="Anderson" fullname="T. Anderson"><organization/></author>
<date year="1999" month="October"/>
</front>
<seriesInfo name='ACM
<refcontent>ACM Computer Communications Review' value='29(5)'/> Review 29(5)</refcontent>
</reference>

<reference anchor="ALLMAN99">
<front>
<title>On Estimating End-to-End Network Path Properties</title>
<author initials="M." surname="Allman" fullname="M. Allman"><organization/></author>
<author initials="V." surname="Paxson" fullname="V. Paxson"><organization/></author>
<date year="1999"/> year="1999" month="October"/>
</front>
<seriesInfo name='SIGCOM' value='99'/>
<refcontent>SIGCOM 99</refcontent>
</reference>

<reference anchor="WILLIAMS93"
           target='http://www.geocities.com/SiliconValley/Pines/8659/crc.htm'>
           target='https://archive.org/stream/PainlessCRC/crc_v3.txt'>
<front>
<title>A PAINLESS GUIDE TO CRC ERROR DETECTION ALGORITHMS</title>
<author initials="R." surname="Williams" fullname="R. Williams"><organization/></author>
<date year="1993" month="August"/>
</front>
<seriesInfo name='SIGCOM' value='99'/>
<refcontent>SIGCOM 99</refcontent>
</reference>

<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.0768.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.0793.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1858.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2104.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2196.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2522.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2960.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3465.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3873.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4086.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4301.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4460.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4960.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6096.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6458.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6951.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7053.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8260.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8261.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8540.xml"/>
</references>
</references>
<section anchor='sec_crc32c'>
<name>CRC32c Checksum Calculation</name>

<t>We define a 'reflected value' as one that is the opposite of the normal
bit order of the machine.
The 32-bit CRC (Cyclic Redundancy Check) is calculated calculated, as described for CRC32c
and uses the polynomial code 0x11EDC6F41 (Castagnoli93) or
x<sup>32</sup>+x<sup>28</sup>+x<sup>27</sup>+x<sup>26</sup>+x<sup>25</sup>+x<sup>23</sup>+x<sup>22</sup>+x<sup>20</sup>+x<sup>19</sup>+x<sup>18</sup>+x<sup>14</sup>+x<sup>13</sup>+x<sup>11</sup>+x<sup>10</sup>+x<sup>9</sup>+x<sup>8</sup>+x<sup>6</sup>+x<sup>0</sup>.
The CRC is computed using a procedure similar to
ETHERNET CRC <xref target='ITU.V42.1994'/>, modified to reflect
transport-level usage.</t>
<t>CRC computation uses polynomial division. A message bit-string M is
transformed to a polynomial, M(X), and the CRC is calculated from M(X) using
polynomial arithmetic.</t>
<t>When CRCs are used at the link layer, the polynomial is derived from
on-the-wire bit ordering: the first bit 'on the wire' is the high-order
coefficient.
Since SCTP is a transport-level protocol, it cannot know the actual
serial-media bit ordering.
Moreover, different links in the path between SCTP endpoints can use different
link-level bit orders.</t>
<t>A convention therefore is established for mapping SCTP transport
messages to polynomials for purposes of CRC computation.
The bit-ordering for mapping SCTP messages to polynomials is that bytes are
taken most-significant first, but but, within each byte, bits are taken
least-significant first.
The first byte of the message provides the eight highest coefficients.
Within each byte, the least-significant SCTP bit gives the most-significant
polynomial coefficient within that byte, and the most-significant SCTP bit is
the least-significant polynomial coefficient in that byte.
(This bit ordering is sometimes called 'mirrored' or 'reflected'
<xref target='WILLIAMS93'/>.)
CRC polynomials are to be transformed back into SCTP transport-level
byte values, using a consistent mapping.</t>
<t>The SCTP transport-level CRC value can be calculated as follows:</t>
<ul>
<li><t>CRC input data are is assigned to a byte stream, numbered from 0 to N-1.</t></li>
<li><t>The transport-level byte stream is mapped to a polynomial value.
An N-byte PDU with j bytes numbered 0 to N-1 is considered as
coefficients of a polynomial M(x) of order 8*N-1, with bit 0 of
byte j being coefficient x<sup>8*(N-j)-8</sup>, x<sup>8*(N-j)-8</sup> and bit 7 of byte j being
coefficient x<sup>8*(N-j)-1</sup>.</t></li>
<li><t>The CRC remainder register is initialized with all 1s and the CRC is computed
with an algorithm that simultaneously multiplies by x<sup>32</sup> and divides by the
CRC polynomial.</t></li>
<li><t>The polynomial is multiplied by x<sup>32</sup> and divided by G(x), the generator
polynomial, producing a remainder R(x) of degree less than or equal to 31.</t></li>
<li><t>The coefficients of R(x) are considered a 32-bit sequence.</t></li>
<li><t>The bit sequence is complemented.
The result is the CRC polynomial.</t></li>
<li><t>The CRC polynomial is mapped back into SCTP transport-level bytes.
The coefficient of x<sup>31</sup> gives the value of bit 7 of SCTP byte 0,
and the coefficient of x<sup>24</sup> gives the value of bit 0 of byte 0.
The coefficient of x<sup>7</sup> gives bit 7 of byte 3, and the coefficient
of x<sup>0</sup> gives bit 0 of byte 3.
The resulting 4-byte transport-level sequence is the 32-bit SCTP checksum
value.</t></li>
</ul>
<t>Implementation Note: Standards documents, textbooks, and vendor
literature on CRCs often follow an alternative formulation, in which the
register used to hold the remainder of the long-division algorithm is
initialized to zero rather than all ones, and instead the first 32 bits of the
message are complemented.
The long-division algorithm used in our formulation is specified such that the
initial multiplication by 2<sup>32</sup> and the long-division are combined into one
simultaneous operation.
For such algorithms, and for messages longer than 64 bits, the two
specifications are precisely equivalent.
That equivalence is the intent of this document.</t>
<t>Implementors of SCTP are warned that both specifications are to be
found in the literature, sometimes with no restriction on the long-division
algorithm.
The choice of formulation in this document is to permit non-SCTP usage, where
the same CRC algorithm can be used to protect messages shorter than 64 bits.</t>
<t>There can be a computational advantage in validating the association
against the Verification Tag, prior to performing a checksum, as invalid tags
will result in the same action as a bad checksum in most cases.
The exceptions for this technique would be packets containing INIT chunks and
some SHUTDOWN-COMPLETE chunks, as well as a stale COOKIE ECHO chunks.
These special-case exchanges represent small packets and will minimize
the effect of the checksum calculation.</t>
<t>The following non-normative sample code is taken from an open-source
CRC generator <xref target='WILLIAMS93'/>, using the "mirroring" technique and
yielding a lookup table for SCTP CRC32c with 256 entries, each 32 bits wide.
While neither especially slow nor especially fast, as software table-lookup
CRCs go, it has the advantage of working on both big-endian and little-endian
CPUs, using the same (host-order) lookup tables, and using only the
predefined ntohl() and htonl() operations.
The code is somewhat modified from <xref target='WILLIAMS93'/>, target='WILLIAMS93'/> to ensure
portability between big-endian and little-endian architectures, use fixed
sized fixed-sized
types to allow portability between 32-bit and 64-bit platforms, and use
general C code improvements.
(Note that that, if the byte endian-ness of the target architecture is known to be
little-endian,
little endian, the final bit-reversal and byte-reversal steps can be folded
into a single operation.)</t>
<artwork align='center'>
<![CDATA[
<sourcecode type="c" ><![CDATA[
<CODE BEGINS>
/****************************************************************/
/* Note: The definitions for Ross Williams's table generator    */
/* would be TB_WIDTH=4, TB_POLY=0x1EDC6F41, TB_REVER=TRUE.      */
/* For Mr. Williams's direct calculation code, use the settings */
/* cm_width=32, cm_poly=0x1EDC6F41, cm_init=0xFFFFFFFF,         */
/* cm_refin=TRUE, cm_refot=TRUE, cm_xorot=0x00000000.           */
/****************************************************************/

/* Example of the crc table file */
#ifndef __crc32cr_h__
#define __crc32cr_h__

#define CRC32C_POLY 0x1EDC6F41UL
#define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF])

uint32_t crc_c[256] = {
  0x00000000UL, 0xF26B8303UL, 0xE13B70F7UL, 0x1350F3F4UL,
  0xC79A971FUL, 0x35F1141CUL, 0x26A1E7E8UL, 0xD4CA64EBUL,
  0x8AD958CFUL, 0x78B2DBCCUL, 0x6BE22838UL, 0x9989AB3BUL,
  0x4D43CFD0UL, 0xBF284CD3UL, 0xAC78BF27UL, 0x5E133C24UL,
  0x105EC76FUL, 0xE235446CUL, 0xF165B798UL, 0x030E349BUL,
  0xD7C45070UL, 0x25AFD373UL, 0x36FF2087UL, 0xC494A384UL,
  0x9A879FA0UL, 0x68EC1CA3UL, 0x7BBCEF57UL, 0x89D76C54UL,
  0x5D1D08BFUL, 0xAF768BBCUL, 0xBC267848UL, 0x4E4DFB4BUL,
  0x20BD8EDEUL, 0xD2D60DDDUL, 0xC186FE29UL, 0x33ED7D2AUL,
  0xE72719C1UL, 0x154C9AC2UL, 0x061C6936UL, 0xF477EA35UL,
  0xAA64D611UL, 0x580F5512UL, 0x4B5FA6E6UL, 0xB93425E5UL,
  0x6DFE410EUL, 0x9F95C20DUL, 0x8CC531F9UL, 0x7EAEB2FAUL,
  0x30E349B1UL, 0xC288CAB2UL, 0xD1D83946UL, 0x23B3BA45UL,
  0xF779DEAEUL, 0x05125DADUL, 0x1642AE59UL, 0xE4292D5AUL,
  0xBA3A117EUL, 0x4851927DUL, 0x5B016189UL, 0xA96AE28AUL,
  0x7DA08661UL, 0x8FCB0562UL, 0x9C9BF696UL, 0x6EF07595UL,
  0x417B1DBCUL, 0xB3109EBFUL, 0xA0406D4BUL, 0x522BEE48UL,
  0x86E18AA3UL, 0x748A09A0UL, 0x67DAFA54UL, 0x95B17957UL,
  0xCBA24573UL, 0x39C9C670UL, 0x2A993584UL, 0xD8F2B687UL,
  0x0C38D26CUL, 0xFE53516FUL, 0xED03A29BUL, 0x1F682198UL,
  0x5125DAD3UL, 0xA34E59D0UL, 0xB01EAA24UL, 0x42752927UL,
  0x96BF4DCCUL, 0x64D4CECFUL, 0x77843D3BUL, 0x85EFBE38UL,
  0xDBFC821CUL, 0x2997011FUL, 0x3AC7F2EBUL, 0xC8AC71E8UL,
  0x1C661503UL, 0xEE0D9600UL, 0xFD5D65F4UL, 0x0F36E6F7UL,
  0x61C69362UL, 0x93AD1061UL, 0x80FDE395UL, 0x72966096UL,
  0xA65C047DUL, 0x5437877EUL, 0x4767748AUL, 0xB50CF789UL,
  0xEB1FCBADUL, 0x197448AEUL, 0x0A24BB5AUL, 0xF84F3859UL,
  0x2C855CB2UL, 0xDEEEDFB1UL, 0xCDBE2C45UL, 0x3FD5AF46UL,
  0x7198540DUL, 0x83F3D70EUL, 0x90A324FAUL, 0x62C8A7F9UL,
  0xB602C312UL, 0x44694011UL, 0x5739B3E5UL, 0xA55230E6UL,
  0xFB410CC2UL, 0x092A8FC1UL, 0x1A7A7C35UL, 0xE811FF36UL,
  0x3CDB9BDDUL, 0xCEB018DEUL, 0xDDE0EB2AUL, 0x2F8B6829UL,
  0x82F63B78UL, 0x709DB87BUL, 0x63CD4B8FUL, 0x91A6C88CUL,
  0x456CAC67UL, 0xB7072F64UL, 0xA457DC90UL, 0x563C5F93UL,
  0x082F63B7UL, 0xFA44E0B4UL, 0xE9141340UL, 0x1B7F9043UL,
  0xCFB5F4A8UL, 0x3DDE77ABUL, 0x2E8E845FUL, 0xDCE5075CUL,
  0x92A8FC17UL, 0x60C37F14UL, 0x73938CE0UL, 0x81F80FE3UL,
  0x55326B08UL, 0xA759E80BUL, 0xB4091BFFUL, 0x466298FCUL,
  0x1871A4D8UL, 0xEA1A27DBUL, 0xF94AD42FUL, 0x0B21572CUL,
  0xDFEB33C7UL, 0x2D80B0C4UL, 0x3ED04330UL, 0xCCBBC033UL,
  0xA24BB5A6UL, 0x502036A5UL, 0x4370C551UL, 0xB11B4652UL,
  0x65D122B9UL, 0x97BAA1BAUL, 0x84EA524EUL, 0x7681D14DUL,
  0x2892ED69UL, 0xDAF96E6AUL, 0xC9A99D9EUL, 0x3BC21E9DUL,
  0xEF087A76UL, 0x1D63F975UL, 0x0E330A81UL, 0xFC588982UL,
  0xB21572C9UL, 0x407EF1CAUL, 0x532E023EUL, 0xA145813DUL,
  0x758FE5D6UL, 0x87E466D5UL, 0x94B49521UL, 0x66DF1622UL,
  0x38CC2A06UL, 0xCAA7A905UL, 0xD9F75AF1UL, 0x2B9CD9F2UL,
  0xFF56BD19UL, 0x0D3D3E1AUL, 0x1E6DCDEEUL, 0xEC064EEDUL,
  0xC38D26C4UL, 0x31E6A5C7UL, 0x22B65633UL, 0xD0DDD530UL,
  0x0417B1DBUL, 0xF67C32D8UL, 0xE52CC12CUL, 0x1747422FUL,
  0x49547E0BUL, 0xBB3FFD08UL, 0xA86F0EFCUL, 0x5A048DFFUL,
  0x8ECEE914UL, 0x7CA56A17UL, 0x6FF599E3UL, 0x9D9E1AE0UL,
  0xD3D3E1ABUL, 0x21B862A8UL, 0x32E8915CUL, 0xC083125FUL,
  0x144976B4UL, 0xE622F5B7UL, 0xF5720643UL, 0x07198540UL,
  0x590AB964UL, 0xAB613A67UL, 0xB831C993UL, 0x4A5A4A90UL,
  0x9E902E7BUL, 0x6CFBAD78UL, 0x7FAB5E8CUL, 0x8DC0DD8FUL,
  0xE330A81AUL, 0x115B2B19UL, 0x020BD8EDUL, 0xF0605BEEUL,
  0x24AA3F05UL, 0xD6C1BC06UL, 0xC5914FF2UL, 0x37FACCF1UL,
  0x69E9F0D5UL, 0x9B8273D6UL, 0x88D28022UL, 0x7AB90321UL,
  0xAE7367CAUL, 0x5C18E4C9UL, 0x4F48173DUL, 0xBD23943EUL,
  0xF36E6F75UL, 0x0105EC76UL, 0x12551F82UL, 0xE03E9C81UL,
  0x34F4F86AUL, 0xC69F7B69UL, 0xD5CF889DUL, 0x27A40B9EUL,
  0x79B737BAUL, 0x8BDCB4B9UL, 0x988C474DUL, 0x6AE7C44EUL,
  0xBE2DA0A5UL, 0x4C4623A6UL, 0x5F16D052UL, 0xAD7D5351UL,
};

#endif

/* Example of table build routine */

#include <stdio.h>
#include <stdlib.h>

#define OUTPUT_FILE   "crc32cr.h"
#define CRC32C_POLY    0x1EDC6F41UL

static FILE *tf;

static uint32_t
reflect_32(uint32_t b)
{
  int i;
  uint32_t rw = 0UL;

  for (i = 0; i < 32; i++) {
    if (b & 1)
      rw |= 1UL << (31 - i);
    b >>= 1;
  }
  return (rw);
}

static uint32_t
build_crc_table (int index)
{
  int i;
  uint32_t rb;

  rb = reflect_32(index);

  for (i = 0; i < 8; i++) {
    if (rb & 0x80000000UL)
      rb = (rb << 1) ^ (uint32_t)CRC32C_POLY;
    else
      rb <<= 1;
  }
  return (reflect_32(rb));
}

int
main (void)
{
  int i;

  printf("\nGenerating CRC32c table file <%s>.\n",
  OUTPUT_FILE);
  if ((tf = fopen(OUTPUT_FILE, "w")) == NULL) {
    printf("Unable to open %s.\n", OUTPUT_FILE);
    exit (1);
  }
  fprintf(tf, "#ifndef __crc32cr_h__\n");
  fprintf(tf, "#define __crc32cr_h__\n\n");
  fprintf(tf, "#define CRC32C_POLY 0x%08XUL\n",
    (uint32_t)CRC32C_POLY);
  fprintf(tf,
    "#define CRC32C(c,d) (c=(c>>8)^crc_c[(c^(d))&0xFF])\n");
  fprintf(tf, "\nuint32_t crc_c[256] =\n{\n");
  for (i = 0; i < 256; i++) {
    fprintf(tf, "0x%08XUL,", build_crc_table (i));
    if ((i & 3) == 3)
      fprintf(tf, "\n");
    else
      fprintf(tf, " ");
  }
  fprintf(tf, "};\n\n#endif\n");

  if (fclose(tf) != 0)
    printf("Unable to close <%s>.\n", OUTPUT_FILE);
  else
    printf("\nThe CRC32c table has been written to <%s>.\n",
      OUTPUT_FILE);
  return (0);
}

/* Example of crc insertion */

#include "crc32cr.h"

uint32_t
generate_crc32c(unsigned char *buffer, unsigned int length)
{
  unsigned int i;
  uint32_t crc32 = 0xffffffffUL;
  uint32_t result;
  uint32_t byte0, byte1, byte2, byte3;

  for (i = 0; i < length; i++) {
    CRC32C(crc32, buffer[i]);
  }

  result = ~crc32;

  /*  result now holds the negated polynomial remainder,
   *  since the table and algorithm are "reflected" [williams95].
   *  That is, result has the same value as if we mapped the message
   *  to a polynomial, computed the host-bit-order polynomial
   *  remainder, performed final negation, and then did an
   *  end-for-end bit-reversal.
   *  Note that a 32-bit bit-reversal is identical to four in-place
   *  8-bit bit-reversals followed by an end-for-end byteswap.
   *  In other words, the bits of each byte are in the right order,
   *  but the bytes have been byteswapped.  So, we now do an explicit
   *  byteswap.  On a little-endian machine, this byteswap and
   *  the final ntohl cancel out and could be elided.
   */

  byte0 = result & 0xff;
  byte1 = (result>>8) & 0xff;
  byte2 = (result>>16) & 0xff;
  byte3 = (result>>24) & 0xff;
  crc32 = ((byte0 << 24) |
           (byte1 << 16) |
           (byte2 << 8)  |
           byte3);
  return (crc32);
}

int
insert_crc32(unsigned char *buffer, unsigned int length)
{
  SCTP_message *message;
  uint32_t crc32;

  message = (SCTP_message *)buffer;
  message->common_header.checksum = 0UL;
  crc32 = generate_crc32c(buffer,length);
  /* and insert it into the message */
  message->common_header.checksum = htonl(crc32);
  return (1);
}

int
validate_crc32(unsigned char *buffer, unsigned int length)
{
  SCTP_message *message;
  unsigned int i;
  uint32_t original_crc32;
  uint32_t crc32;

  /* save and zero checksum */
  message = (SCTP_message *)buffer;
  original_crc32 = ntohl(message->common_header.checksum);
  message->common_header.checksum = 0L;
  crc32 = generate_crc32c(buffer, length);
  return ((original_crc32 == crc32) ? 1 : -1);
}
<CODE ENDS>
]]>
</artwork>
]]></sourcecode>
</section>
<section anchor='sec_acknowledgements' numbered="false">
<name>Acknowledgements</name>

<t>An undertaking represented by this updated document is not a small
feat and represents the summation of the initial coauthors of
<xref target="RFC2960"/>:
<contact fullname="Q. Xie"/>,
<contact fullname="K. Morneault"/>,
<contact fullname="C. Sharp"/>,
<contact fullname="H. Schwarzbauer"/>,
<contact fullname="T. Taylor"/>,
<contact fullname="I. Rytina"/>,
<contact fullname="M. Kalla"/>,
<contact fullname="L. Zhang"/>,
and <contact fullname="V.&nbsp;Paxson"/>.</t>
<t>Add to that, the comments from everyone who contributed to
<xref target="RFC2960"/>:
<contact fullname="Mark Allman"/>,
<contact fullname="R. J. Atkinson"/>,
<contact fullname="Richard Band"/>,
<contact fullname="Scott Bradner"/>,
<contact fullname="Steve Bellovin"/>,
<contact fullname="Peter Butler"/>,
<contact fullname="Ram Dantu"/>,
<contact fullname="R. Ezhirpavai"/>,
<contact fullname="Mike Fisk"/>,
<contact fullname="Sally Floyd"/>,
<contact fullname="Atsushi Fukumoto"/>,
<contact fullname="Matt Holdrege"/>,
<contact fullname="Henry Houh"/>,
<contact fullname="Christian Huitema"/>,
<contact fullname="Gary Lehecka"/>,
<contact fullname="Jonathan Lee"/>,
<contact fullname="David Lehmann"/>,
<contact fullname="John Loughney"/>,
<contact fullname="Daniel Luan"/>,
<contact fullname="Barry Nagelberg"/>,
<contact fullname="Thomas Narten"/>,
<contact fullname="Erik Nordmark"/>,
<contact fullname="Lyndon Ong"/>,
<contact fullname="Shyamal Prasad"/>,
<contact fullname="Kelvin Porter"/>,
<contact fullname="Heinz Prantner"/>,
<contact fullname="Jarno Rajahalme"/>,
<contact fullname="Raymond E. Reeves"/>,
<contact fullname="Renee Revis"/>,
<contact fullname="Ivan Arias Rodriguez"/>,
<contact fullname="A. Sankar"/>,
<contact fullname="Greg Sidebottom"/>,
<contact fullname="Brian Wyld"/>,
<contact fullname="La Monte Yarroll"/>,
and many others for their invaluable comments.</t>

<t>Then, add the coauthors of <xref target="RFC4460"/>:
<contact fullname="I. Arias-Rodriguez"/>,
<contact fullname="K. Poon"/>,
and
<contact fullname="A. Caro."/></t>
<t>Then, add to these the efforts of all the subsequent seven
SCTP interoperability tests and those who commented on <xref target="RFC4460"/>,
as shown in its acknowledgements:
<contact fullname="Barry Zuckerman"/>,
<contact fullname="La Monte Yarroll"/>,
<contact fullname="Qiaobing Xie"/>,
<contact fullname="Wang Xiaopeng"/>,
<contact fullname="Jonathan Wood"/>,
<contact fullname="Jeff Waskow"/>,
<contact fullname="Mike Turner"/>,
<contact fullname="John Townsend"/>,
<contact fullname="Sabina Torrente"/>,
<contact fullname="Cliff Thomas"/>,
<contact fullname="Yuji Suzuki"/>,
<contact fullname="Manoj Solanki"/>,
<contact fullname="Sverre Slotte"/>,
<contact fullname="Keyur Shah"/>,
<contact fullname="Jan Rovins"/>,
<contact fullname="Ben Robinson"/>,
<contact fullname="Renee Revis"/>,
<contact fullname="Ian Periam"/>,
<contact fullname="RC Monee"/>,
<contact fullname="Sanjay Rao"/>,
<contact fullname="Sujith Radhakrishnan"/>,
<contact fullname="Heinz Prantner"/>,
<contact fullname="Biren Patel"/>,
<contact fullname="Nathalie Mouellic"/>,
<contact fullname="Mitch Miers"/>,
<contact fullname="Bernward Meyknecht"/>,
<contact fullname="Stan McClellan"/>,
<contact fullname="Oliver Mayor"/>,
<contact fullname="Tomas Orti Martin"/>,
<contact fullname="Sandeep Mahajan"/>,
<contact fullname="David Lehmann"/>,
<contact fullname="Jonathan Lee"/>,
<contact fullname="Philippe Langlois"/>,
<contact fullname="Karl Knutson"/>,
<contact fullname="Joe Keller"/>,
<contact fullname="Gareth Keily"/>,
<contact fullname="Andreas Jungmaier"/>,
<contact fullname="Janardhan Iyengar"/>,
<contact fullname="Mutsuya Irie"/>,
<contact fullname="John Hebert"/>,
<contact fullname="Kausar Hassan"/>,
<contact fullname="Fred Hasle"/>,
<contact fullname="Dan Harrison"/>,
<contact fullname="Jon Grim"/>,
<contact fullname="Laurent Glaude"/>,
<contact fullname="Steven Furniss"/>,
<contact fullname="Atsushi Fukumoto"/>,
<contact fullname="Ken Fujita"/>,
<contact fullname="Steve Dimig"/>,
<contact fullname="Thomas Curran"/>,
<contact fullname="Serkan Cil"/>,
<contact fullname="Melissa Campbell"/>,
<contact fullname="Peter Butler"/>,
<contact fullname="Rob Brennan"/>,
<contact fullname="Harsh Bhondwe"/>,
<contact fullname="Brian Bidulock"/>,
<contact fullname="Caitlin Bestler"/>,
<contact fullname="Jon Berger"/>,
<contact fullname="Robby Benedyk"/>,
<contact fullname="Stephen Baucke"/>,
<contact fullname="Sandeep Balani"/>,
and
<contact fullname="Ronnie Sellar"/>.</t>

<t>A special thanks to <contact fullname="Mark Allman"/>, who actually should
have been a coauthor of <xref target="RFC4460"/> for his work on the max-burst but managed to wiggle out due to a
technicality.</t>
<t>Also, we would like to acknowledge <contact fullname="Lyndon Ong"/> and
<contact fullname="Phil Conrad"/> for their valuable input and many
contributions.</t>
<t>Furthermore, you have <xref target="RFC4960"/> and those who have commented
upon that, including <contact fullname="Alfred Hönes"/> and
<contact fullname="Ronnie Sellars"/>.</t>

<t>Then, add the coauthor of <xref target="RFC8540"/>:
<contact fullname="Maksim Proshin"/>.</t>
<t>And people who have commented on <xref target="RFC8540"/>:
<contact fullname="Pontus Andersson"/>,
<contact fullname="Eric W. Biederman"/>,
<contact fullname="Cedric Bonnet"/>,
<contact fullname="Spencer Dawkins"/>,
<contact fullname="Gorry Fairhurst"/>,
<contact fullname="Benjamin Kaduk"/>,
<contact fullname="Mirja Kühlewind"/>,
<contact fullname="Peter Lei"/>,
<contact fullname="Gyula Marosi"/>,
<contact fullname="Lionel Morand"/>,
<contact fullname="Jeff Morriss"/>,
<contact fullname="Tom Petch"/>,
<contact fullname="Kacheong Poon"/>,
<contact fullname="Julien Pourtet"/>,
<contact fullname="Irene Rüngeler"/>,
<contact fullname="Michael Welzl"/>,
and
<contact fullname="Qiaobing Xie"/>.</t>
<t>And, finally, the people who have provided comments for this document, including
<contact fullname="Gorry Fairhurst"/>,
<contact fullname="Martin Duke"/>,
<contact fullname="Benjamin Kaduk"/>,
<contact fullname="Tero Kivinen"/>,
<contact fullname="Eliot Lear"/>,
<contact fullname="Marcelo Ricardo Leitner"/>,
<contact fullname="David Mandelberg"/>,
<contact fullname="John Preuß Mattsson"/>,
<contact fullname="Claudio Porfiri"/>,
<contact fullname="Maksim Proshin"/>,
<contact fullname="Ines Robles"/>,
<contact fullname="Timo Völker"/>,
<contact fullname="Magnus Westerlund"/>,
and
<contact fullname="Zhouming"/>.</t>
<t>Our thanks cannot be adequately expressed to all of you who have participated
in the coding, testing, and updating process of this document.
All we can say is, Thank You!</t>
</section>
</back>

</rfc>