neels has submitted this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email )
Change subject: manual: explain GTP Echo workaround for tunmap ...................................................................... manual: explain GTP Echo workaround for tunmap Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c --- M doc/manuals/chapters/running.adoc 1 file changed, 62 insertions(+), 7 deletions(-) Approvals: pespin: Looks good to me, but someone else must approve Jenkins Builder: Verified laforge: Looks good to me, approved diff --git a/doc/manuals/chapters/running.adoc b/doc/manuals/chapters/running.adoc index 8e1d5ee..eda1a6d 100644 --- a/doc/manuals/chapters/running.adoc +++ b/doc/manuals/chapters/running.adoc @@ -99,10 +99,10 @@ GTP kernel module configuration in the `tunend` section can be omitted for sites that serve only as GTP forwarding proxy, without encapsulation/decapsulation of -GTP payloads. +GTP payloads -- except to provide GTP Echo service, see <<gtp_echo>>. -Likewise, netfilter configuration in the `tunmap` section can be omitted for -sites only serving as GTP tunnel endpoint. +Netfilter configuration in the `tunmap` section can be omitted for sites only +serving as GTP tunnel endpoint. [[gtp_module]] === Configure Linux Kernel GTP Module for `tunend` @@ -167,11 +167,57 @@ The Linux kernel netfilter module is used for GTP tunnel proxying, also known as tunnel forwarding or tunnel mapping. -Using the netfilter module usually requires no configuration in `osmo-upf.cfg`. +When using the netfilter module, you may set up `osmo-upf.cfg` for: +- GTP Echo (required) +- nft table name (optional) -`osmo-upf` creates a new netfilter table, under which it submits rule sets for -GTP tunnel proxying. This table name defaults to `osmo-upf`. A custom table name -can be configured in `osmo-upf.cfg` like this: +[[gtp_echo]] +==== GTP Echo + +You need to ensure that OsmoUPF responds to GTP Echo requests. +- A GTP device configured for `tunend` implicitly includes a GTP Echo service. +- For `tunmap`, no GTP Echo mechanism is implemented. + +So, when your use case is `tunmap` only, you should still add a GTP device as +for `tunend`, only to provide the GTP Echo service. + +Here are some options to do so: + +If you have no GTP devices configured in `osmo-upf.cfg` yet, you can add a +single GTP device without a specific IP address, in order to respond to GTP-U +Echo requests on all interfaces to anyone that is asking: + +---- +tunend + dev create gtp-echo +---- + +Note that `gtp-echo` is just an arbitrary GTP device name, choose any string +that makes a valid network device name and is still available, as in the `dev` +argument in the `ip addr show dev` command on Linux. + +This will bind osmo-upf on 0.0.0.0:2152 to respond to GTP Echo requests. + +If you would like to limit GTP Echo responses to specific network interfaces, +you need to add a separate GTP device per local IP address: + +---- +tunend + dev create gtp-echo1 192.168.0.23 + dev create gtp-echo2 10.9.8.17 +---- + +This will bind osmo-upf only on 192.168.0.23:2152 and 10.9.8.17:2152 to respond +to GTP Echo requests. + +For creating and manipulating a GTP device in more versatile ways, see +<<gtp_module>>. + +==== nft Table Name + +For `tunmap`, `osmo-upf` creates a new nft table, under which it submits +rule sets for GTP tunnel proxying. This table name defaults to `osmo-upf`. A +custom table name can be configured in `osmo-upf.cfg` like this: ---- tunmap -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/35667?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Ic824fc876d1fad181254cb6894e51464c443b53c Gerrit-Change-Number: 35667 Gerrit-PatchSet: 3 Gerrit-Owner: neels <nhofm...@sysmocom.de> Gerrit-Reviewer: Jenkins Builder Gerrit-Reviewer: laforge <lafo...@osmocom.org> Gerrit-Reviewer: neels <nhofm...@sysmocom.de> Gerrit-Reviewer: pespin <pes...@sysmocom.de> Gerrit-MessageType: merged