neels has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-upf/+/36753?usp=email ) Change subject: tunmap: always set GTP-U source port to 2152 when forwarding ...................................................................... tunmap: always set GTP-U source port to 2152 when forwarding We see GTP-U originating from ports other than 2152 in the field. When osmo-upf forwards these, we want to forward from our GTP-U port 2152, since that is the only port osmo-upf has bound for GTP-U (for echo). According to 3GPP TS 29.060, the *destination* port for GTP-U shall be 2152 -- but the source port is apparently allowed to be different. Before this patch, we would forward GTP-U like this: 3.3.3.3:33333 -> (3.3.3.4:2152 UPF 2.2.2.2:33333) -> 1.1.1.1:2152 ^^^^^ Instead we want to always send from UDP source port 2152: 3.3.3.3:33333 -> (3.3.3.4:2152 UPF 2.2.2.2:2152) -> 1.1.1.1:2152 ^^^^ This hasn't shown up before because so far all GTP-U peers we saw consistently used source port 2152. Related: SYS#6773 Change-Id: Idaf43f1c2b915846b50a8b97305f0229e34ad539 --- M src/osmo-upf/upf_nft.c 1 file changed, 32 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-upf refs/changes/53/36753/1 diff --git a/src/osmo-upf/upf_nft.c b/src/osmo-upf/upf_nft.c index 4401f1e..c14dbf7 100644 --- a/src/osmo-upf/upf_nft.c +++ b/src/osmo-upf/upf_nft.c @@ -177,7 +177,7 @@ * # add chain for verdict map in postrouting * add chain inet osmo-upf tunmap-post-123 * # mangle source address and GTP TID at postrouting - * add rule inet osmo-upf tunmap-post-123 ip saddr set 2.2.2.1 @ih,32,32 set 0x00000102 counter accept + * add rule inet osmo-upf tunmap-post-123 ip saddr set 2.2.2.1 udp sport set 2152 @ih,32,32 set 0x00000102 counter accept * * # add elements to verdict map, jump to chain * add element inet osmo-upf tunmap-pre { 2.2.2.3 . 0x00000203 : jump tunmap-pre-123 } @@ -200,6 +200,7 @@ args->table_name, from_peer->chain_id); OSMO_STRBUF_PRINTF(sb, " ip saddr set "); OSMO_STRBUF_APPEND(sb, osmo_sockaddr_to_str_buf2, to_peer->addr_local); + OSMO_STRBUF_PRINTF(sb, " udp sport set 2152"); OSMO_STRBUF_PRINTF(sb, " @ih,32,32 set 0x%x", to_peer->teid_remote); OSMO_STRBUF_PRINTF(sb, " counter accept;\n"); -- To view, visit https://gerrit.osmocom.org/c/osmo-upf/+/36753?usp=email To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-upf Gerrit-Branch: master Gerrit-Change-Id: Idaf43f1c2b915846b50a8b97305f0229e34ad539 Gerrit-Change-Number: 36753 Gerrit-PatchSet: 1 Gerrit-Owner: neels <nhofmeyr(a)sysmocom.de> Gerrit-MessageType: newchange