Academic project based on OpenGGSN

Harald Welte laforge at
Mon Mar 21 16:18:41 UTC 2016

Hi Manuel,

On Mon, Mar 21, 2016 at 04:00:14PM +0100, Manuel José Muñoz Calero wrote:
> I am evaluating these days the possibility to do something interesting
> which could be used as my project and also to put my bit for the OpenGGSN
> project.

thanks for reaching out about this.

> Long story short, what about me implementing IPSec for GTP-C in OpenGGSN?
> Do you think it could be useful? Feasible?

I've quickly looked at the documents you linked, and they don't really
state anything beyond "use IPsec for GTP".  Specifically, the do not
specify how to do key distribution, how to set up the SAs, whether they
use a standard IKEv2 or something else, ...

As Linux has a fairly complete IPsec implementation consisting of the
kernel-level IPsec transforms with its netlink interface and e.g. the
Strongswan userland, I don't really think there is anything that would
need to be done in addition to configuring both this IPsec stack and

So what exactly would you want to do?  Am I missing something?

- Harald Welte <laforge at> 
"Privacy in residential applications is a desirable marketing option."
                                                  (ETSI EN 300 175-7 Ch. A6)

More information about the osmocom-net-gprs mailing list