OpenGGSN

Terje Kristoffer Hybbestad Skow terjeks at stud.ntnu.no
Tue Mar 1 11:56:00 UTC 2016


Thank you very much!!

I will have some work getting through this, but I recon I'll have some more
questions later.

Again thank you

2016-03-01 12:39 GMT+01:00 Neels Hofmeyr <nhofmeyr at sysmocom.de>:

> On Tue, Mar 01, 2016 at 11:12:01AM +0100, Terje Kristoffer Hybbestad Skow
> wrote:
> > The "logfile /tmp/foo" did gave an error message saying "unrecognized
> > option".
>
> It seems the logfile option was added on 2014-03-23 with commit
> 9c0ff4fafe4276396125a52c89d36967566fe08c. It may make sense if you build
> your osmocom stack from the git sources to benefit from the latest fixes.
>
> See http://git.osmocom.org, specifically you'd probably want to clone and
> build
>
> git://git.osmocom.org/libosmocore
> git://git.osmocom.org/openggsn
>
> The build steps being for example
>
>    autoreconf -fi
>    ./configure
>    make
>    sudo make install
>
>
> > I'm going to look at DNS packets going through a GGSN to try and find
> ways
> > to detect DNS tunnels, do you have any recommendations how to do this?
> > I do not have the time or resources to use real UE's so I hope to
> simulate
> > it on a computer using VMs or something like that.
>
> > I have looked at this: http://openbsc.osmocom.org/trac/wiki/OpenBSC_GPRS
> as
>
> The BTS is for communicating with a phone over the air interface. Abis and
> osmo-nitb are used for voice calls only. The SGSN is needed for real
> networks,
> you should be fine with the sgsnemu. So all you need is sgsnemu and
> openggsn.
>
> You want to figure out how to use the sgsnemu, starting with a route into
> the
> tunnel device that sgsnemu opens up. So you need to look at the 'ip route'
> commands (if you're on linux). I guess you won't need VMs; granted, it
> might
> make it easier to avoid circular routes (to IP addresses that should only
> be
> seen on the GGSN side), but certainly not a necessary prerequisite.
>
> I tried to ping through the sgsnemu tunnel once but saw, as I mentioned,
> that
> the GGSN thwarts GTP messages without a proper context being created
> first. It
> shouldn't be too hard, but I haven't investigated further. So you'd want to
> understand the GTP Ctrl & User messages to setup a PGP context (TEIs and
> stuff), and figure out how sgsnemu might make your life easier in that
> regard.
> You probably want to read ETSI 29.060 to figure out GTP:
>
> http://www.etsi.org/deliver/etsi_ts/129000_129099/129060/03.19.00_60/ts_129060v031900p.pdf
> You may find attached pcap file interesting (open in wireshark and note
> that
> the DNS queries are transmitted over GTP between SGSN and GGSN even though
> wireshark tends to show only the DNS and src/dest enclosed in the GTP).
> And again, you may look at
> http://git.osmocom.org/openbsc/tree/openbsc/tests/gtphub/gtphub_test.c
> about simplistic code examples of composing a PGP context conversation.
>
> If you'd like any more answers to questions you didn't ask ;)
> just give us a shout...
>
> ~Neels
>
> --
> - Neels Hofmeyr <nhofmeyr at sysmocom.de>          http://www.sysmocom.de/
> =======================================================================
> * sysmocom - systems for mobile communications GmbH
> * Alt-Moabit 93
> * 10559 Berlin, Germany
> * Sitz / Registered office: Berlin, HRB 134158 B
> * Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/osmocom-net-gprs/attachments/20160301/007077bf/attachment.html>


More information about the osmocom-net-gprs mailing list