Subject: SCTP: Stateless multi-homing support with adjustment of the Verification Tag

Subject: SCTP: Stateless multi-homing support with adjustment of the Verification Tag

[Denis M.]

Hello,

Could you consider some improvements in linux SCTP implementation.

Motivation: Implementation of the stateless balancing of the SCTP
multi-homing inbound connections through L4 LB (for instance IPVS
subsystem) based on Verification Tag.

Idea:
1. We need a deterministic algorithm to find a proper backend host. We
may encode the host index into SCTP Verification Tag. I know that RFC
recommends generating Verification Tag randomly, but this could
drastically simplify implementation of the L4 LB.
2. On the L4 LB side we restore the host index from Verification Tag
and route the packet to a certain host from the backend pool.

Implementation:

1. add new sysctl parameter <sysctl.c>:

> {
> .procname = "vtag_hindex",
> .data = &init_net.sctp_vtag_hindex,
> .maxlen = sizeof(unsigned int),
> .mode = 0644,
> .proc_handler = proc_dointvec_minmax,
> .extra1 = SYSCTL_ZERO,
> .extra2 = &vtag_hindex_max,
> },


2. use this parameter in sctp_generate_tag function <sm_make_chunk.c>

> /* Select a new verification tag.  */
> __u32 sctp_generate_tag(const struct sctp_endpoint *ep)
> {
> /* I believe that this random number generator complies with RFC1750.
> * A tag of 0 is reserved for special cases (e.g. INIT).
> */
> __u32 x;
> unsigned char* cx = (unsigned char*)&x;
> unsigned char hindex;
>
> do {
> get_random_bytes(&x, sizeof(__u32));
> } while (x == 0);
>
> hindex = ep->base.net->sctp_vtag_hindex;
> if (hindex) {
> cx[0] =  cx[1] ^ cx[2] ^ cx[3] ^ hindex;
> pr_info("sctp_generate_tag(): adjust vtag=%u:%u\n", x, hindex);
> }
>
> return x;
> }



Regards,
Denis Muratov