Hi again.
I'm still having problem really getting the sgsnemu and ggsn to talk to each other. When I use 127.0.0.1 and 127.0.0.2 as the listen and remote for the sgsnemu and 127.0.0.2 as listen and 127.0.0.0/24 as network in the ggsn conf, the sgsnemu says "Received echo response Received create PDP context response. IP address: 127.0.0.2" and then nothing happens. When using two computers, one running ggsn and one sgsnemu with the ip-addresses as 192.168.1.14 and 192.168.1.11 respectively, the sgsnemu doesn't seem to get connented. It prints out "idletime.tv_sec 3, idleTime.tv_usec 0" over and over, and "Echo Request timed out". The picture attached is from wireshark on the ggsn computer.
I lookt at the pcap you send and it looks like what I would like for my setup.
You talk mentioned using symoBTS how much does it cost? And how long is a delivery for it?
Regards Terje Skow
2016-03-01 12:56 GMT+01:00 Terje Kristoffer Skow terjeks@stud.ntnu.no:
Thank you very much!!
I will have some work getting through this, but I recon I'll have some more questions later.
Again thank you
2016-03-01 12:39 GMT+01:00 Neels Hofmeyr nhofmeyr@sysmocom.de:
On Tue, Mar 01, 2016 at 11:12:01AM +0100, Terje Kristoffer Hybbestad Skow wrote:
The "logfile /tmp/foo" did gave an error message saying "unrecognized option".
It seems the logfile option was added on 2014-03-23 with commit 9c0ff4fafe4276396125a52c89d36967566fe08c. It may make sense if you build your osmocom stack from the git sources to benefit from the latest fixes.
See http://git.osmocom.org, specifically you'd probably want to clone and build
git://git.osmocom.org/libosmocore git://git.osmocom.org/openggsn
The build steps being for example
autoreconf -fi ./configure make sudo make install
I'm going to look at DNS packets going through a GGSN to try and find
ways
to detect DNS tunnels, do you have any recommendations how to do this? I do not have the time or resources to use real UE's so I hope to
simulate
it on a computer using VMs or something like that.
I have looked at this:
http://openbsc.osmocom.org/trac/wiki/OpenBSC_GPRS as
The BTS is for communicating with a phone over the air interface. Abis and osmo-nitb are used for voice calls only. The SGSN is needed for real networks, you should be fine with the sgsnemu. So all you need is sgsnemu and openggsn.
You want to figure out how to use the sgsnemu, starting with a route into the tunnel device that sgsnemu opens up. So you need to look at the 'ip route' commands (if you're on linux). I guess you won't need VMs; granted, it might make it easier to avoid circular routes (to IP addresses that should only be seen on the GGSN side), but certainly not a necessary prerequisite.
I tried to ping through the sgsnemu tunnel once but saw, as I mentioned, that the GGSN thwarts GTP messages without a proper context being created first. It shouldn't be too hard, but I haven't investigated further. So you'd want to understand the GTP Ctrl & User messages to setup a PGP context (TEIs and stuff), and figure out how sgsnemu might make your life easier in that regard. You probably want to read ETSI 29.060 to figure out GTP:
http://www.etsi.org/deliver/etsi_ts/129000_129099/129060/03.19.00_60/ts_1290... You may find attached pcap file interesting (open in wireshark and note that the DNS queries are transmitted over GTP between SGSN and GGSN even though wireshark tends to show only the DNS and src/dest enclosed in the GTP). And again, you may look at http://git.osmocom.org/openbsc/tree/openbsc/tests/gtphub/gtphub_test.c about simplistic code examples of composing a PGP context conversation.
If you'd like any more answers to questions you didn't ask ;) just give us a shout...
~Neels
--
- Neels Hofmeyr nhofmeyr@sysmocom.de http://www.sysmocom.de/
=======================================================================
- sysmocom - systems for mobile communications GmbH
- Alt-Moabit 93
- 10559 Berlin, Germany
- Sitz / Registered office: Berlin, HRB 134158 B
- Geschäftsführer / Managing Directors: Holger Freyther, Harald Welte
On Mon, Apr 11, 2016 at 01:25:26PM +0200, Terje Kristoffer Hybbestad Skow wrote:
the sgsnemu says "Received echo response Received create PDP context response."
That looks like the sgsnemu has successfully connected to the GGSN. The Echo is sent from sgsnemu to the GGSN, and the GGSN replies with an Echo Response.
The sgsnemu apparently also creates a PDP context.
IP address: 127.0.0.2
That seems a bit weirdly configured. The SGSN and GGSN are usually in a "private" part of your core network, and the GGSN passes a "public" IP to the subscriber. Here it seems your GGSN has given you a "public" IP address that is the same as your private GGSN's IP address. So you would assign a "public" IP address range to your GGSN, not entirely unlike DHCP, so that the IP address returned by the GGSN is the one that the outside network would use to contact your subscriber via the GGSN.
So the GGSN should have a network more like 10.42.23.0/24 configured. Or maybe 192.168.1.128/25, not sure about your network.
outside network ^ | | V 10.42.23.129 <-- public IP of subscriber GGSN ^ 127.0.0.2 | (|)--- GTP "tunnel" | V 127.0.0.1 SGSN ^ | * <--- (some GSM components omitted) | V subscriber: "ok, so I'm 10.42.23.129 to the world outside, thanks!"
In your case, 'SGSN' down to 'subscriber' are emulated by sgsnemu, which is incredibly useful.
and then nothing happens.
Nothing would happen until you actually send packets via the tun interface created by sgsnemu. You can start by using ping on the tun interface, like `ping -I tun0 192.168.1.1`, depending on your network.
Note that both sgsnemu and OpenGGSN each create a tun device.
Looking at it again now, I may have misunderstood the reason why sgsnemu didn't work for me. I thought sgsnemu omitted setting up a PDP Context, but from above output that actually seems to have happened.
I'd try it again now, just for you ;) but unfortunately I don't have the time resources. I think it would be good if you got into the source code and the GTP specs to really get into the subject...
When using two computers, one running ggsn and one sgsnemu with the ip-addresses as 192.168.1.14 and 192.168.1.11 respectively, the sgsnemu doesn't seem to get connented. It prints out "idletime.tv_sec 3, idleTime.tv_usec 0" over and over, and "Echo Request timed out".
Looks like your sgsnemu IP cannot reach the GGSN IP. You see ARPs to find out who is 192.168.1.14, but no-one is answering. I can't debug your basic network setup from here, so you have to fix that yourself...
You talk mentioned using symoBTS how much does it cost? And how long is a delivery for it?
As much as sysmocom would like you to purchase a sysmoBTS, I don't think you want to go down this road: you'd have to register a part of the public GSM frequency spectrum, provision your own SIM card, ...
If you'd still want to, look at [1] and write to sales@sysmocom.de. The BTS aren't in our shop [2] for radio frequency spectrum legislatory reasons -- we're not allowed to sell sysmoBTS everywhere. [1] https://www.sysmocom.de/products/ [2] http://shop.sysmocom.de/
BTW, I did remind you to allow forwarding and masquerading for the GGSN? The GGSN unpacks the traffic from GTP and then sends it into the tun device it created. So what falls out the GGSN's tunnel is to be handled/routed by the linux kernel, and so, for testing, you'd typically use below setup; this should only become necessary after you've resolved the other details above: sudo -s echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE (replace eth0 if you're using another interface for the GGSN)
~Neels
osmocom-net-gprs@lists.osmocom.org
-
Neels Hofmeyr -
Terje Kristoffer Hybbestad Skow