SCTP support for OpenSSH

Robin Seggelmann seggelmann at fh-muenster.de
Thu May 31 07:26:04 EST 2012 

On 30.05.2012, at 17:41, Saku Ytti wrote:

> On 30 May 2012 17:43, Robin Seggelmann <seggelmann at fh-muenster.de> wrote:
> 
>> I have written a patch to add SCTP support for OpenSSH on systems with SCTP capabilities with the following features:
> 
> Cool. Forgive me if this is silly question. Does client dynamically
> runtime add/remove SCTP sessions when end points come available and
> unavailable? How about when DNS information changes runtime?

I'm not sure what you meant to ask. The client uses all available IP addresses to connect to a server. After the connection establishment, all addresses are tested with a HEARTBEAT message to determine with which of them the other endpoint is reachable. If addresses are not available anymore during the connection lifetime, for example because the network interface went down, they are marked as inactive and aren't used for this connection until they are available again. In the meantime another address is used as a fallback. If new addresses are available, they won't be used. This is only possible by monitoring the interfaces and using the ADD-IP extension to add the additional address "manually".

Regarding DNS, if you're using a hostname to connect to a server, it will be resolved and the connection will be established. If the DNS information changes during the connection lifetime, this has no effect, because the connection is already up and running and so no additional DNS lookup will be done. To have changing DNS information affecting the SCTP connection, you have to look the hostname up periodically and use the ADD-IP extension to add new addresses and remove old ones.

While these things are basically possible, they are quite complex and partially system dependent. So if these are often requested features, I could add this functionality later on, but I currently don't consider them as high priority. The first step right now is to have SCTP support at all, i.e. the first patch with the basic support has to be applied to the official source.

Best regards
Robin



> -- 
>   ++ytti
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

More information about the openssh-unix-dev mailing list