socketstcpsctptime-wait

Why does SCTP not require a TIME_WAIT state?


I am reading "UNIX Network Programming: The Sockets API" and it mentions that SCTP does not require a TIME_WAIT state as TCP does due to its use of verification tags. Why is this the case? I understand why verification tags fix the issue with duplicate packets, since the receiver can determine whether a packet is part of the current SCTP association or not, but surely the final SCTP SHUTDOWN-COMPLETE packet can be lost just as the final ACK in TCP can be lost, so the peer performing the active close still has to maintain some sort of state to handle this event just as with TCP.


Solution

  • There is no need to maintain state information in this case. RFC 4960 defines a sort of default handling for unknown (out of the blue) packets.

    Let’s say, you have two sides in your association: side A and side B. v1/v2 are verification tags used by these sides. Side A initiated shutdown.

    `
    A                      B
           Shutdown(v1)
      -------------------->
        Shutdown_ack(v2)
      <--------------------
      Shutdown_complete(v1)
      -------------------->
    `
    

    When side A sends SHUTDOWN COMPLETE it deallocates all the resources used by this association. As far as side A concerns the association is gone.

    If for some reasons SHUTDOWN COMPLETE chunk has been lost, side B will re-transmit SHUTDOWN ACK chunk after t2 timer (RFC 4960 term) expiration.

    When side A receives this retransmitted SHUTDOWN ACK chunk, it will not be able to determinate to which association it belongs, because that association has already been closed. So, side A will treat this packet as “out of the blue”. RFC 4960 chapter 8.4 describes how to handle out of the blue packet, bullet #5 describes how to handle “out of the blue” SHUTDOWN ACK.

    In this case side A will reply with SHUTDOWN COMPLETE. However, packet that carries SHUTDOWN COMPLETE chunk will be slightly different from the original one. The new packet will have t-bit set to 1 and contain what is called reflected verification tag (which is just verification tag from the packet that contained SHUTDOWN ACK). A B Shutdown(v1) --------------------> Shutdown_ack(v2) <-------------------- Shutdown_complete(v1) -------LOST-------- Shutdown_ack(v2) <-------------------- Shutdown_complete(v2), t-bit=1 -------------------->

    Side B knows how to handle packet with t-bit set to 1 and process SHUTDOWN COMPLETE.

    As far as you can see, side A does not keep any state information once it sent SHUTDOWN COMPLETE. If any packets belong to this association arrives after that, they will be treated as “out of the blue”.