Re: [PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
From: Andreas SchultzDate: Tue, 14 Mar 2017 13:42:44 +0100 (CET) > The specific use case of the API that is no longer supported was never used by > anyone. The only supported and documented API for the GTP module is libgtpnl. > libgtpnl has always required the now mandatory fields. Therefor the externally > supported API does not change. That's not how kernel development works, sorry. Any user visible interface the kernel exports is not to be broken, even if you think you control the one library that makes use of it. This is especially important for netlink because netlink is more like a networking protocol, that arbitrary programs can listen to for events.
Re: [PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
Hi Andreas, On Tue, Mar 14, 2017 at 02:42:16PM +0100, Pablo Neira Ayuso wrote: > On Tue, Mar 14, 2017 at 01:42:44PM +0100, Andreas Schultz wrote: > > The only supported and documented API for the GTP module is libgtpnl. > > No, the netlink interface itself if the API. > > Stopping trying to find a reason to break API, that is a no-go. As much as one might dislike it as a developer in this particular case, the Linux kernel has the very well communicated rule: All userspace visible interfaces must not change in an incompatible way. This includes of course all the syscalls, the ioctl() parameters but also the netlink interfaces of the networking stack. The statement "nobody ever used it" is a statement you can never make in FOSS software, as you don't know of 99.999% of all the users of your software. The fact that none of the FOSS projects that any of us was involved in may not have used a certain feature doesn't mean nobody else has been using it privately, quietly. Keep in mind that several Linux distributions have already been shipping the gtp module as part of their stable releases meanwhile. Also, no matter what Pablo or I may think about, there are general rules about how Linux kernel development is done (from coding style to merge windows, and also userspace compatibility), and we all have to obey them. There's little point in discussing about them, we all just have to live with them. Regards, Harald -- - Harald Weltehttp://laforge.gnumonks.org/ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
Re: [PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
On Tue, Mar 14, 2017 at 01:42:44PM +0100, Andreas Schultz wrote: > > It is definitely not acceptable to break the existing API. > > The specific use case of the API that is no longer supported was never used by > anyone. [...] Yes, this was used openggsn and I tested this with a full blown FOSS setup. Yes, a toy thing compared to the proprietary equipment you deal with, but we always started with things like this. > The only supported and documented API for the GTP module is libgtpnl. No, the netlink interface itself if the API. Stopping trying to find a reason to break API, that is a no-go.
Re: [PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
- On Mar 14, 2017, at 12:45 PM, pablo pa...@netfilter.org wrote: > On Tue, Mar 14, 2017 at 12:25:44PM +0100, Andreas Schultz wrote: > [...] >> API impact: >> --- >> >> This is probably the most problematic part of this series... >> >> The removeal of the TEID form the netdevice also means that the gtp genl API >> for retriving tunnel information and removing tunnels needs to be adjusted. >> >> Before this change it was possible to change a GTP tunnel using the gtp >> netdevice id and the teid. The teid is no longer unique per gtp netdevice. >> After this change it has to be either the netdevice and MS IP or the GTP >> socket and teid. > > Then we have to introduce some explicit VRF concept or such to sort > out this. > > It is definitely not acceptable to break the existing API. The specific use case of the API that is no longer supported was never used by anyone. The only supported and documented API for the GTP module is libgtpnl. libgtpnl has always required the now mandatory fields. Therefor the externally supported API does not change. Regards Andreas
Re: [PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
On Tue, Mar 14, 2017 at 12:25:44PM +0100, Andreas Schultz wrote: [...] > API impact: > --- > > This is probably the most problematic part of this series... > > The removeal of the TEID form the netdevice also means that the gtp genl API > for retriving tunnel information and removing tunnels needs to be adjusted. > > Before this change it was possible to change a GTP tunnel using the gtp > netdevice id and the teid. The teid is no longer unique per gtp netdevice. > After this change it has to be either the netdevice and MS IP or the GTP > socket and teid. Then we have to introduce some explicit VRF concept or such to sort out this. It is definitely not acceptable to break the existing API.
[PATCH net-next 0/4] gtp: support multiple APN's per GTP endpoint
Support multiple APN's per GTP endpoint and as an additional benefit support multiple GTP sockets per GTP entity. Use case multiple APN's: In 3GPP a APN is control path construct. When mappend into the data path, it mean that UE IP's can be source from independended IP networks with overlaping IP ranges. 3GPP, TS 29.061 version 13.6.0 Release 13, Section 11.3 describes this as: > 2. each private network manages its own addressing. In general this will >result in different private networks having overlapping address ranges. >A logically separate connection (e.g. an IP in IP tunnel or layer 2 >virtual circuit) is used between the GGSN/P-GW and each private network. >In this case the IP address alone is not necessarily unique. The pair >of values, Access Point Name (APN) and IPv4 address and/or IPv6 prefixes, >is unique. To support such a setup, each APN is mapped to a Linux network device. VRF-Lite, network namespaces or other mechanismns can the be used to realize the full separation of the per APN IP networks. Use case multiple GTP sockets per GTP entity: - A GTP entity like a PGW can use multiple GTP sockets for: * separate IPv4 and IPv6 transport endpoints * support multiple reference points in separated IP networks, e.g. have Gn/Gp/S5/S8 in a GRX attaches network and S2a/S2b in another private network Especially the S2a/S2b separation is an important scenario. The networks use for roaming and non roaming attachment (Gn/Gp/S5/S8 reference points) are usually different from the connection for trusted and untrusted WiFi access (S2a/S2b). Will the GTP transport networks are separated, it is still desirable to terminated the tunnels in the same GTP entity to ensure uninterrupted IP connectivity during 3G/LTE to/from WiFi handover. Implementation: --- APN's are a control path construct, the identification of the associated network device need therefore to be bound to be tunnel endpoint identifier. This series moves the hash for the incoming tunnel endpoint identifiers into the socket to support multiple network devices per GTP socket. It the adds a method of enabling the GTP encapsulation on a socket without having to bound the socket to a network device and finally allows to specify a GTP socket per PDP context. API impact: --- This is probably the most problematic part of this series... The removeal of the TEID form the netdevice also means that the gtp genl API for retriving tunnel information and removing tunnels needs to be adjusted. Before this change it was possible to change a GTP tunnel using the gtp netdevice id and the teid. The teid is no longer unique per gtp netdevice. After this change it has to be either the netdevice and MS IP or the GTP socket and teid. Fortunatly, libgtpnl has always populated the Link Id, TEID, GSN Peer IP and MS IP. The library interface has ensured that all information that is mandatory after this change is guaranteed to be present. The only project that doesn't use libgtpnl (OpenAir-CN) is also populating all of those values. The API change will therefore not break any existing userspace applications. -- Andreas Schultz (4): gtp: move TEID hash to per socket structure gtp: add genl cmd to enable GTP encapsulation on UDP socket gtp: add support to select a GTP socket during PDP context creation Extend Kernel GTP-U tunneling documentation Documentation/networking/gtp.txt | 103 ++- drivers/net/gtp.c| 263 --- include/uapi/linux/gtp.h | 4 + 3 files changed, 292 insertions(+), 78 deletions(-) -- 2.10.2