[S] Change in osmo-upf[master]: tunmap: always set GTP-U source port to 2152 when forwarding - gerrit-log

8 May 2024

neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-upf/+/36753?usp=email )
Change subject: tunmap: always set GTP-U source port to 2152 when forwarding
......................................................................
tunmap: always set GTP-U source port to 2152 when forwarding
We see GTP-U originating from ports other than 2152 in the field. When
osmo-upf forwards these, we want to forward from our GTP-U port 2152,
since that is the only port osmo-upf has bound for GTP-U (for echo).
According to 3GPP TS 29.060, the *destination* port for GTP-U shall be
2152 -- but the source port is apparently allowed to be different.
Before this patch, we would forward GTP-U like this:
3.3.3.3:33333 -> (3.3.3.4:2152  UPF  2.2.2.2:33333) -> 1.1.1.1:2152
                                               ^^^^^
Instead we want to always send from UDP source port 2152:
3.3.3.3:33333 -> (3.3.3.4:2152  UPF  2.2.2.2:2152) -> 1.1.1.1:2152
                                               ^^^^
This hasn't shown up before because so far all GTP-U peers we saw
consistently used source port 2152.
Related: SYS#6773
Change-Id: Idaf43f1c2b915846b50a8b97305f0229e34ad539
---
M src/osmo-upf/upf_nft.c
1 file changed, 32 insertions(+), 1 deletion(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/53/36753/1

diff --git a/src/osmo-upf/upf_nft.c b/src/osmo-upf/upf_nft.c
index 4401f1e..c14dbf7 100644
--- a/src/osmo-upf/upf_nft.c
+++ b/src/osmo-upf/upf_nft.c
@@ -177,7 +177,7 @@
     * # add chain for verdict map in postrouting
     * add chain inet osmo-upf tunmap-post-123
     * # mangle source address and GTP TID at postrouting
-	 * add rule inet osmo-upf tunmap-post-123 ip saddr set 2.2.2.1 @ih,32,32 set 0x00000102 counter accept
+	 * add rule inet osmo-upf tunmap-post-123 ip saddr set 2.2.2.1 udp sport set 2152 @ih,32,32 set 0x00000102 counter accept
     *
     * # add elements to verdict map, jump to chain
     * add element inet osmo-upf tunmap-pre { 2.2.2.3 . 0x00000203 : jump tunmap-pre-123 }
@@ -200,6 +200,7 @@
    		   args->table_name, from_peer->chain_id);
    OSMO_STRBUF_PRINTF(sb, " ip saddr set ");
    OSMO_STRBUF_APPEND(sb, osmo_sockaddr_to_str_buf2, to_peer->addr_local);
+	OSMO_STRBUF_PRINTF(sb, " udp sport set 2152");
    OSMO_STRBUF_PRINTF(sb, " @ih,32,32 set 0x%x", to_peer->teid_remote);
    OSMO_STRBUF_PRINTF(sb, " counter accept;\n");
-- 
To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/36753?usp=email
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-upf
Gerrit-Branch: master
Gerrit-Change-Id: Idaf43f1c2b915846b50a8b97305f0229e34ad539
Gerrit-Change-Number: 36753
Gerrit-PatchSet: 1
Gerrit-Owner: neels nhofmeyr@sysmocom.de
Gerrit-MessageType: newchange



    