Modeling and Performance Evaluation of SCTP as Transport Protocol for Firewall Control

  • Sebastian Kiesel
  • Michael Scharf
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3976)


Firewalls are a crucial building block for securing IP networks. The usage of out-of-band-signaling protocols (such as SIP) for VoIP and multimedia applications requires a dynamic control of these firewalls, which can be implemented using the Simple Middlebox Configuration Protocol (SIMCO). In this paper, we study the performance of SCTP and TCP as transport protocols for the transaction-based signaling protocol SIMCO, which requires small end-to-end delays. We present an analytical model in order to quantify the impact of head-of-line blocking in SCTP. Both, the model and measurements reveal that SCTP can significantly reduce the SIMCO response times by leveraging transmission over multiple parallel streams. While a few SCTP streams can almost completely avoid head-of-line blocking, our measurements show that TCP may suffer from rather large end-to-end delays.


Packet Loss Transmission Control Protocol Session Initiation Protocol Policy Rule Transport Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Camarillo, G., Kantola, R., Schulzrinne, H.: Evaluation of Transport Protocols for the Session Initiation Protocol. IEEE Network 17(5) (2003)Google Scholar
  2. 2.
    Kamal, H., Penoff, B., Wagner, A.: SCTP versus TCP for MPI. In: Proc. Supercomputing 2005, Seattle, USA (November 2005)Google Scholar
  3. 3.
    Müller, A., Kiesel, S.: Issues with the Interworking of Application Layer Protocols and the MIDCOM Architecture. In: Proc. Eunice Summer School (2004)Google Scholar
  4. 4.
    Stiemerling, M., Quittek, J., Cadar, C.: Simple Middlebox Configuration (SIMCO) Protocol Version 3.0. IETF draft - work in progress (May 2005)Google Scholar
  5. 5.
    ITU-T Study Group 2, “Network grade of service parameters and target values for circuit-switched services in the evolving ISDN,” ITU-T, Rec. E.721 (May 1999)Google Scholar
  6. 6.
    ITU-T Study Group XI, Introduction to CCITT Signalling System No. 7, ITU-T, Recommendation Q.700 (March 1993)Google Scholar
  7. 7.
    Kiesel, S.: On the Use of Cryptographic Cookies for Transport Layer Connection Establishment. In: Proc. EUNICE Summer School (2002)Google Scholar
  8. 8.
    Kiesel, S.: SIMCO over SCTP. IETF draft - work in progress (October 2005)Google Scholar
  9. 9.
    Stewart, R.: Stream Control Transmission Protocol (SCTP) Specification Errata and Issues. IETF draft - work in progress (October 2005)Google Scholar
  10. 10.
    Blankenhorn, C.: Evaluation of SCTP as Transport Protocol for Transaction-based Applications at the Example of a Protocol for Firewall Control. Student project, University of Stuttgart, IKR (2005) (in German)Google Scholar
  11. 11.
    Müller, A.: Extension of a SIP proxy by security functions. Student project, University of Stuttgart, IKR (2004) (in German)Google Scholar
  12. 12.
    Kiesel, S., Scharf, M., Beutel, S., Ruschival, T.: Performance Measurement Results of SIMCO over TCP and SCTP. University of Stuttgart, IKR, Internal Report 53 (2006)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Sebastian Kiesel
    • 1
  • Michael Scharf
    • 1
  1. 1.Institute of Communication Networks and Computer EngineeringUniversity of StuttgartGermany

Personalised recommendations