[PATCH] osmo-gsm-manuals[master]: OsmoGGSN: add Routing section for IP forward and masquerading

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Mon Nov 20 14:15:18 UTC 2017 

Hello Jenkins Builder,

I'd like you to reexamine a change.  Please visit

    https://gerrit.osmocom.org/4912

to look at the new patch set (#2).

OsmoGGSN: add Routing section for IP forward and masquerading

Change-Id: Ie49ca7a45113f49e89ce09017500008cbec757f5
---
M OsmoGGSN/chapters/running.adoc
1 file changed, 32 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-gsm-manuals refs/changes/12/4912/2

diff --git a/OsmoGGSN/chapters/running.adoc b/OsmoGGSN/chapters/running.adoc
index ef899b5..83470e8 100644
--- a/OsmoGGSN/chapters/running.adoc
+++ b/OsmoGGSN/chapters/running.adoc
@@ -20,6 +20,38 @@
 	used. If none is specified, use `osmo-ggsn.cfg` in the current
 	working directory.
 
+=== Routing
+
+Operating the OpenGGSN tun device naturally creates a network setup with
+multiple interfaces. Consider:
+
+* Typical Linux setups prevent forwarding of packets between separate
+  interfaces by default. To let subscribers reach the internet uplink from the
+  tun device, it may be required to enable IP forwarding.
+
+* Having a locally defined address range assigned to the tun device requires
+  either sensible routing for this address range, or that masquerading is
+  enabled to allow your single uplink IP address to "proxy" for the tun.
+
+These are decisions to be made on a network administration level.
+
+In a trivial case where you have a single box serving GPRS to few subscribers
+on an arbitrary IP address range not known in the larger network, the easiest
+way to enable GPRS uplink would be to enable IP forwarding and masquerading.
+
+To manually enable IPv4 forwarding and masquerading ad-hoc, you can do:
+
+----
+sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
+iptables -t nat -A POSTROUTING -o '*' -j MASQUERADE
+----
+
+(You may want to replace `*` with the network device name, like `-o eth0`)
+
+There are various ways to enable these settings persistently, please refer to
+your distribution's documentation -- e.g. look for @net.ipv4.ip_forward=1@ in
+@/etc/sysctl.d/@, and https://wiki.debian.org/iptables for masquerading.
+
 === Multiple instances
 
 Running multiple instances of `osmo-ggsn` is possible if all GGSN instances

-- 
To view, visit https://gerrit.osmocom.org/4912
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ie49ca7a45113f49e89ce09017500008cbec757f5
Gerrit-PatchSet: 2
Gerrit-Project: osmo-gsm-manuals
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>
Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Neels Hofmeyr <nhofmeyr at sysmocom.de>

More information about the gerrit-log mailing list