[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
neels has submitted this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. manual: explain GTP Echo workaround for tunmap Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c --- M doc/manuals/chapters/running.adoc 1 file changed, 62 insertions(+), 7 deletions(-) Approvals: pespin: Looks good to me, but someone else must approve Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/doc/manuals/chapters/running.adoc b/doc/manuals/chapters/running.adoc index 8e1d5ee..eda1a6d 100644 --- a/doc/manuals/chapters/running.adoc +++ b/doc/manuals/chapters/running.adoc @@ -99,10 +99,10 @@ GTP kernel module configuration in the `tunend` section can be omitted for sites that serve only as GTP forwarding proxy, without encapsulation/decapsulation of -GTP payloads. +GTP payloads -- except to provide GTP Echo service, see <>. -Likewise, netfilter configuration in the `tunmap` section can be omitted for -sites only serving as GTP tunnel endpoint. +Netfilter configuration in the `tunmap` section can be omitted for sites only +serving as GTP tunnel endpoint. [[gtp_module]] === Configure Linux Kernel GTP Module for `tunend` @@ -167,11 +167,57 @@ The Linux kernel netfilter module is used for GTP tunnel proxying, also known as tunnel forwarding or tunnel mapping. -Using the netfilter module usually requires no configuration in `osmo-upf.cfg`. +When using the netfilter module, you may set up `osmo-upf.cfg` for: +- GTP Echo (required) +- nft table name (optional) -`osmo-upf` creates a new netfilter table, under which it submits rule sets for -GTP tunnel proxying. This table name defaults to `osmo-upf`. A custom table name -can be configured in `osmo-upf.cfg` like this: +[[gtp_echo]] + GTP Echo + +You need to ensure that OsmoUPF responds to GTP Echo requests. +- A GTP device configured for `tunend` implicitly includes a GTP Echo service. +- For `tunmap`, no GTP Echo mechanism is implemented. + +So, when your use case is `tunmap` only, you should still add a GTP device as +for `tunend`, only to provide the GTP Echo service. + +Here are some options to do so: + +If you have no GTP devices configured in `osmo-upf.cfg` yet, you can add a +single GTP device without a specific IP address, in order to respond to GTP-U +Echo requests on all interfaces to anyone that is asking: + + +tunend + dev create gtp-echo + + +Note that `gtp-echo` is just an arbitrary GTP device name, choose any string +that makes a valid network device name and is still available, as in the `dev` +argument in the `ip addr show dev` command on Linux. + +This will bind osmo-upf on 0.0.0.0:2152 to respond to GTP Echo requests. + +If you would like to limit GTP Echo responses to specific network interfaces, +you need to add a separate GTP device per local IP address: + + +tunend + dev create gtp-echo1 192.168.0.23 + dev create gtp-echo2 10.9.8.17 + + +This will bind osmo-upf only on 192.168.0.23:2152 and 10.9.8.17:2152 to respond +to GTP Echo requests. + +For creating and manipulating a GTP device in more versatile ways, see +<>. + + nft Table Name + +For `tunmap`, `osmo-upf` creates a new nft table, under which it submits +rule sets for GTP tunnel proxying. This table name defaults to `osmo-upf`. A +custom table name can be configured in `osmo-upf.cfg` like this: tunmap -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Reviewer: neels Gerrit-Reviewer: pespin Gerrit-MessageType: merged
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: neels. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 3: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Reviewer: pespin Gerrit-Attention: neels Gerrit-Comment-Date: Sat, 13 Apr 2024 16:23:48 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: laforge, neels. pespin has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 3: Code-Review+1 -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Reviewer: pespin Gerrit-Attention: neels Gerrit-Attention: laforge Gerrit-Comment-Date: Sat, 13 Apr 2024 14:59:38 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: laforge. neels has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 3: (3 comments) File doc/manuals/chapters/running.adoc: https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/b3d6d7ec_892517df PS1, Line 105: serving as GTP tunnel endpoint. > do you mean this section? Done https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/7362ffd2_0eefbee2 PS1, Line 177: GTP peer > is that "GTP peer" a term in the specification? The term I have in memory is > "GSN", but that's prob […] Done https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/ad8d41fd_1cd7f93f PS1, Line 212: netfilter > nft / nftables table Done -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Attention: laforge Gerrit-Comment-Date: Sat, 13 Apr 2024 01:42:07 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: neels Comment-In-Reply-To: laforge Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: laforge. neels has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 3: (1 comment) File doc/manuals/chapters/running.adoc: https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/17b8c48d_78c01203 PS1, Line 172: netfilter > it s a nftables or nft table. […] thanks for the clarification, i wasn't fully aware of that when i wrote the patch -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Attention: laforge Gerrit-Comment-Date: Sat, 13 Apr 2024 01:41:48 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: laforge Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: neels. Hello Jenkins Builder, laforge, I'd like you to reexamine a change. Please visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email to look at the new patch set (#2). The following approvals got outdated and were removed: Verified+1 by Jenkins Builder Change subject: manual: explain GTP Echo workaround for tunmap .. manual: explain GTP Echo workaround for tunmap Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c --- M doc/manuals/chapters/running.adoc 1 file changed, 62 insertions(+), 7 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/67/35667/2 -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 2 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Attention: neels Gerrit-MessageType: newpatchset
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: neels. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 1: -Code-Review (4 comments) Patchset: PS1: > I would remove the entire "tunend can be removed for forwarding-only" > section. It's misleading. […] I'm not sure what exactly I was reading / referring to at the time. Let's ignore this comment, please. File doc/manuals/chapters/running.adoc: https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/2d7ddd38_fd25f593 PS1, Line 172: netfilter it s a nftables or nft table. "netfilter" is a set of kernel hooks in the network stack that have no tables. various packet filtering techniques (iptables, arptables, ip6tables and last nftables) are packet filter ruleset engines that have tables. https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/053a0cf7_e239e8ff PS1, Line 177: GTP peer is that "GTP peer" a term in the specification? The term I have in memory is "GSN", but that's probably too old-fashioned as it is from the 2G/3G days where we had SGSN/GGSN. I'm worried about "peer" here being interprete as "the remote peer". But we're actually talking about our local UPF node, not a remote peer. https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/44e0c63a_8208db06 PS1, Line 212: netfilter nft / nftables table -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 1 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Attention: neels Gerrit-Comment-Date: Fri, 15 Mar 2024 20:25:32 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Comment-In-Reply-To: laforge Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
neels has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 1: (1 comment) File doc/manuals/chapters/running.adoc: https://gerrit.osmocom.org/c/osmo-upf/+/35667/comment/86d4bc94_429a9657 PS1, Line 105: serving as GTP tunnel endpoint. do you mean this section? -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 1 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Comment-Date: Thu, 25 Jan 2024 01:07:01 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
Attention is currently required from: neels. laforge has posted comments on this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. Patch Set 1: Code-Review-1 (1 comment) Patchset: PS1: I would remove the entire "tunend can be removed for forwarding-only" section. It's misleading. Everyone will always need to answert to GTP ECHO REQ in any spec-compliant deployment. I'd argue the user is not interested in reading about a hypothetical scenario without echo-req/resp that never occurs in the real-world. They want to know what to do for a normal configuration. -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 1 Gerrit-Owner: neels Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge Gerrit-Attention: neels Gerrit-Comment-Date: Wed, 24 Jan 2024 08:33:47 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment
[M] Change in osmo-upf[master]: manual: explain GTP Echo workaround for tunmap
neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email ) Change subject: manual: explain GTP Echo workaround for tunmap .. manual: explain GTP Echo workaround for tunmap Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c --- M doc/manuals/chapters/running.adoc 1 file changed, 56 insertions(+), 7 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/67/35667/1 diff --git a/doc/manuals/chapters/running.adoc b/doc/manuals/chapters/running.adoc index 32db271..d1a399b 100644 --- a/doc/manuals/chapters/running.adoc +++ b/doc/manuals/chapters/running.adoc @@ -99,10 +99,10 @@ GTP kernel module configuration in the `tunend` section can be omitted for sites that serve only as GTP forwarding proxy, without encapsulation/decapsulation of -GTP payloads. +GTP payloads -- except to provide GTP Echo service, see <>. -Likewise, netfilter configuration in the `tunmap` section can be omitted for -sites only serving as GTP tunnel endpoint. +Netfilter configuration in the `tunmap` section can be omitted for sites only +serving as GTP tunnel endpoint. [[gtp_module]] === Configure Linux Kernel GTP Module for `tunend` @@ -167,11 +167,51 @@ The Linux kernel netfilter module is used for GTP tunnel proxying, also known as tunnel forwarding or tunnel mapping. -Using the netfilter module usually requires no configuration in `osmo-upf.cfg`. +When using the netfilter module, you may set up `osmo-upf.cfg` for: +- GTP Echo (required) +- netfilter table name (optional) -`osmo-upf` creates a new netfilter table, under which it submits rule sets for -GTP tunnel proxying. This table name defaults to `osmo-upf`. A custom table name -can be configured in `osmo-upf.cfg` like this: +[[gtp_echo]] + GTP Echo + +Each GTP peer should respond directly to GTP Echo requests. +- A GTP device configured for `tunend` implicitly includes a GTP Echo service. +- For `tunmap`, no GTP Echo mechanism is implemented. + +So, when your use case is `tunmap`, you should still add a GTP device as for +`tunend`, only to provide the GTP Echo service. There are some options: + +If you have no GTP devices configured in `osmo-upf.cfg` yet, you can add a +single GTP device without a specific IP address, in order to respond to GTP-U +Echo requests on all interfaces to anyone that is asking: + + +tunend + dev create gtp-echo + + +This will bind osmo-upf on 0.0.0.0:2152 to respond to GTP Echo requests. + +If you would like to limit GTP Echo responses to specific network interfaces, +you need to add a separate GTP device per local IP address: + + +tunend + dev create gtp-echo1 192.168.0.23 + dev create gtp-echo2 10.9.8.17 + + +This will bind osmo-upf only on 192.168.0.23:2152 and 10.9.8.17:2152 to respond +to GTP Echo requests. + +For creating and manipulating a GTP device in more versatile ways, see +<>. + + netfilter Table Name + +For `tunmap`, `osmo-upf` creates a new netfilter table, under which it submits +rule sets for GTP tunnel proxying. This table name defaults to `osmo-upf`. A +custom table name can be configured in `osmo-upf.cfg` like this: tunmap -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 1 Gerrit-Owner: neels Gerrit-MessageType: newchange
