2017-10-13 12:32:24 +00:00
|
|
|
/*
|
2017-09-05 16:12:14 +00:00
|
|
|
* OsmoGGSN - Gateway GPRS Support Node
|
2004-09-17 11:30:40 +00:00
|
|
|
* Copyright (C) 2002, 2003, 2004 Mondru AB.
|
2017-08-12 13:07:02 +00:00
|
|
|
* Copyright (C) 2017 by Harald Welte <laforge@gnumonks.org>
|
2017-10-13 12:32:24 +00:00
|
|
|
*
|
2003-04-11 09:40:12 +00:00
|
|
|
* The contents of this file may be used under the terms of the GNU
|
|
|
|
|
* General Public License Version 2, provided that the above copyright
|
|
|
|
|
* notice and this permission notice is included in all copies or
|
|
|
|
|
* substantial portions of the software.
|
2017-10-13 12:32:24 +00:00
|
|
|
*
|
2002-12-16 13:33:51 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* ggsn.c
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifdef __linux__
|
|
|
|
|
#define _GNU_SOURCE 1 /* strdup() prototype, broken arpa/inet.h */
|
|
|
|
|
#endif
|
|
|
|
|
|
2004-09-17 11:30:40 +00:00
|
|
|
#include "../config.h"
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_STDINT_H
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#endif
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <getopt.h>
|
2002-12-16 13:33:51 +00:00
|
|
|
#include <ctype.h>
|
|
|
|
|
#include <signal.h>
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <unistd.h>
|
2016-08-02 15:10:38 +00:00
|
|
|
#include <inttypes.h>
|
2002-12-16 13:33:51 +00:00
|
|
|
#include <errno.h>
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/ioctl.h>
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <net/if.h>
|
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <netinet/ip.h>
|
|
|
|
|
#include <netinet/ip6.h>
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <osmocom/core/application.h>
|
2016-08-02 15:10:38 +00:00
|
|
|
#include <osmocom/core/select.h>
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <osmocom/core/stats.h>
|
|
|
|
|
#include <osmocom/core/rate_ctr.h>
|
|
|
|
|
#include <osmocom/core/timer.h>
|
2016-08-02 15:10:38 +00:00
|
|
|
#include <osmocom/ctrl/control_if.h>
|
|
|
|
|
#include <osmocom/ctrl/control_cmd.h>
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <osmocom/ctrl/control_vty.h>
|
2016-08-02 15:10:38 +00:00
|
|
|
#include <osmocom/ctrl/ports.h>
|
2017-08-12 13:07:02 +00:00
|
|
|
#include <osmocom/vty/telnet_interface.h>
|
|
|
|
|
#include <osmocom/vty/logging.h>
|
|
|
|
|
#include <osmocom/vty/stats.h>
|
|
|
|
|
#include <osmocom/vty/ports.h>
|
|
|
|
|
#include <osmocom/vty/command.h>
|
|
|
|
|
#include <osmocom/gsm/apn.h>
|
2016-08-02 15:10:38 +00:00
|
|
|
|
2010-09-07 15:01:20 +00:00
|
|
|
#include "../lib/tun.h"
|
|
|
|
|
#include "../lib/ippool.h"
|
|
|
|
|
#include "../lib/syserr.h"
|
2017-08-02 17:49:47 +00:00
|
|
|
#include "../lib/in46_addr.h"
|
2002-12-16 13:33:51 +00:00
|
|
|
#include "../gtp/pdp.h"
|
|
|
|
|
#include "../gtp/gtp.h"
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
#include "gtp-kernel.h"
|
2017-08-08 21:27:22 +00:00
|
|
|
#include "icmpv6.h"
|
2017-08-12 13:07:02 +00:00
|
|
|
#include "ggsn.h"
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
void *tall_ggsn_ctx;
|
|
|
|
|
|
|
|
|
|
static int end = 0;
|
|
|
|
|
static int daemonize = 0;
|
|
|
|
|
static struct ctrl_handle *g_ctrlh;
|
2003-04-11 09:40:12 +00:00
|
|
|
|
|
|
|
|
struct ul255_t qos;
|
|
|
|
|
struct ul255_t apn;
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
#define LOGPAPN(level, apn, fmt, args...) \
|
|
|
|
|
LOGP(DGGSN, level, "APN(%s): " fmt, (apn)->cfg.name, ## args)
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
#define LOGPGGSN(level, ggsn, fmt, args...) \
|
|
|
|
|
LOGP(DGGSN, level, "GGSN(%s): " fmt, (ggsn)->cfg.name, ## args)
|
|
|
|
|
|
2017-09-25 08:35:34 +00:00
|
|
|
#define LOGPPDP(level, pdp, fmt, args...) LOGPDPX(DGGSN, level, pdp, fmt, ## args)
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
static int ggsn_tun_fd_cb(struct osmo_fd *fd, unsigned int what);
|
|
|
|
|
static int cb_tun_ind(struct tun_t *tun, void *pack, unsigned len);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static void pool_close_all_pdp(struct ippool_t *pool)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
unsigned int i;
|
|
|
|
|
|
|
|
|
|
if (!pool)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < pool->listsize; i++) {
|
|
|
|
|
struct ippoolm_t *member = &pool->member[i];
|
|
|
|
|
struct pdp_t *pdp;
|
|
|
|
|
|
|
|
|
|
if (!member->inuse)
|
|
|
|
|
continue;
|
|
|
|
|
pdp = member->peer;
|
|
|
|
|
if (!pdp)
|
|
|
|
|
continue;
|
|
|
|
|
LOGPPDP(LOGL_DEBUG, pdp, "Sending DELETE PDP CTX due to shutdown\n");
|
|
|
|
|
gtp_delete_context_req(pdp->gsn, pdp, NULL, 1);
|
|
|
|
|
}
|
2010-05-04 09:02:54 +00:00
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
int apn_stop(struct apn_ctx *apn, bool force)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPAPN(LOGL_NOTICE, apn, "%sStopping\n", force ? "FORCED " : "");
|
|
|
|
|
/* check if pools have any active PDP contexts and bail out */
|
|
|
|
|
pool_close_all_pdp(apn->v4.pool);
|
|
|
|
|
pool_close_all_pdp(apn->v6.pool);
|
|
|
|
|
|
|
|
|
|
/* shutdown whatever old state might be left */
|
|
|
|
|
if (apn->tun.tun) {
|
|
|
|
|
/* run ip-down script */
|
|
|
|
|
if (apn->tun.cfg.ipdown_script) {
|
|
|
|
|
LOGPAPN( LOGL_INFO, apn, "Running %s\n", apn->tun.cfg.ipdown_script);
|
|
|
|
|
tun_runscript(apn->tun.tun, apn->tun.cfg.ipdown_script);
|
|
|
|
|
}
|
|
|
|
|
/* release tun device */
|
2017-10-01 10:15:56 +00:00
|
|
|
LOGPAPN(LOGL_INFO, apn, "Closing TUN device %s\n", apn->tun.tun->devname);
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_fd_unregister(&apn->tun.fd);
|
|
|
|
|
tun_free(apn->tun.tun);
|
|
|
|
|
apn->tun.tun = NULL;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2017-11-08 06:49:15 +00:00
|
|
|
gtp_kernel_stop(apn->tun.cfg.dev_name);
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
if (apn->v4.pool) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Releasing IPv4 pool\n");
|
|
|
|
|
ippool_free(apn->v4.pool);
|
|
|
|
|
apn->v4.pool = NULL;
|
|
|
|
|
}
|
|
|
|
|
if (apn->v6.pool) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Releasing IPv6 pool\n");
|
|
|
|
|
ippool_free(apn->v6.pool);
|
|
|
|
|
apn->v6.pool = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
apn->started = false;
|
|
|
|
|
return 0;
|
2002-12-16 13:33:51 +00:00
|
|
|
}
|
|
|
|
|
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
|
2017-11-08 05:33:55 +00:00
|
|
|
static int alloc_ippool_blacklist(struct apn_ctx *apn, struct in46_prefix **blacklist, bool ipv6)
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
int flags, len, len2, i;
|
|
|
|
|
|
2017-11-08 06:24:07 +00:00
|
|
|
*blacklist = NULL;
|
|
|
|
|
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
if (ipv6)
|
|
|
|
|
flags = IP_TYPE_IPv6_NONLINK;
|
|
|
|
|
else
|
|
|
|
|
flags = IP_TYPE_IPv4;
|
|
|
|
|
|
|
|
|
|
while (1) {
|
2017-11-08 06:24:07 +00:00
|
|
|
len = netdev_ip_local_get(apn->tun.cfg.dev_name, NULL, 0, flags);
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
if (len < 1)
|
|
|
|
|
return len;
|
|
|
|
|
|
|
|
|
|
*blacklist = talloc_zero_size(apn, len * sizeof(struct in46_prefix));
|
2017-11-08 06:24:07 +00:00
|
|
|
len2 = netdev_ip_local_get(apn->tun.cfg.dev_name, *blacklist, len, flags);
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
if (len2 < 1) {
|
|
|
|
|
talloc_free(*blacklist);
|
2017-11-08 06:24:07 +00:00
|
|
|
*blacklist = NULL;
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
return len2;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-08 06:24:07 +00:00
|
|
|
if (len2 > len) { /* iface was added between 2 calls, repeat operation */
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
talloc_free(*blacklist);
|
2017-11-08 06:24:07 +00:00
|
|
|
*blacklist = NULL;
|
|
|
|
|
} else
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < len2; i++)
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Blacklist tun IP %s\n",
|
|
|
|
|
in46p_ntoa(&(*blacklist)[i]));
|
|
|
|
|
|
|
|
|
|
return len2;
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* actually start the APN with its current config */
|
|
|
|
|
int apn_start(struct apn_ctx *apn)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
int ippool_flags = IPPOOL_NONETWORK | IPPOOL_NOBROADCAST;
|
2017-10-16 12:41:37 +00:00
|
|
|
struct in46_prefix ipv6_tun_linklocal_ip;
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
struct in46_prefix *blacklist;
|
|
|
|
|
int blacklist_size;
|
2017-12-14 10:19:10 +00:00
|
|
|
int rc;
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (apn->started)
|
|
|
|
|
return 0;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPAPN(LOGL_INFO, apn, "Starting\n");
|
|
|
|
|
switch (apn->cfg.gtpu_mode) {
|
|
|
|
|
case APN_GTPU_MODE_TUN:
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Opening TUN device %s\n", apn->tun.cfg.dev_name);
|
|
|
|
|
if (tun_new(&apn->tun.tun, apn->tun.cfg.dev_name)) {
|
|
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to configure tun device\n");
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Opened TUN device %s\n", apn->tun.tun->devname);
|
|
|
|
|
|
|
|
|
|
/* Register with libosmcoore */
|
|
|
|
|
osmo_fd_setup(&apn->tun.fd, apn->tun.tun->fd, BSC_FD_READ, ggsn_tun_fd_cb, apn, 0);
|
|
|
|
|
osmo_fd_register(&apn->tun.fd);
|
|
|
|
|
|
|
|
|
|
/* Set TUN library callback */
|
|
|
|
|
tun_set_cb_ind(apn->tun.tun, cb_tun_ind);
|
|
|
|
|
|
|
|
|
|
if (apn->v4.cfg.ifconfig_prefix.addr.len) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Setting tun IP address %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v4.cfg.ifconfig_prefix));
|
|
|
|
|
if (tun_setaddr(apn->tun.tun, &apn->v4.cfg.ifconfig_prefix.addr, NULL,
|
|
|
|
|
apn->v4.cfg.ifconfig_prefix.prefixlen)) {
|
|
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv4 address %s: %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v4.cfg.ifconfig_prefix), strerror(errno));
|
|
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (apn->v6.cfg.ifconfig_prefix.addr.len) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 address %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v6.cfg.ifconfig_prefix));
|
|
|
|
|
if (tun_setaddr(apn->tun.tun, &apn->v6.cfg.ifconfig_prefix.addr, NULL,
|
|
|
|
|
apn->v6.cfg.ifconfig_prefix.prefixlen)) {
|
2017-10-01 10:16:17 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 address %s: %s. "
|
|
|
|
|
"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
|
2017-08-12 13:07:02 +00:00
|
|
|
in46p_ntoa(&apn->v6.cfg.ifconfig_prefix), strerror(errno));
|
|
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-14 13:09:13 +00:00
|
|
|
if (apn->v6.cfg.ll_prefix.addr.len) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Setting tun IPv6 link-local address %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v6.cfg.ll_prefix));
|
|
|
|
|
if (tun_addaddr(apn->tun.tun, &apn->v6.cfg.ll_prefix.addr, NULL,
|
|
|
|
|
apn->v6.cfg.ll_prefix.prefixlen)) {
|
|
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to set tun IPv6 link-local address %s: %s. "
|
|
|
|
|
"Ensure you have ipv6 support and not used the disable_ipv6 sysctl?\n",
|
|
|
|
|
in46p_ntoa(&apn->v6.cfg.ll_prefix), strerror(errno));
|
|
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
apn->v6_lladdr = apn->v6.cfg.ll_prefix.addr.v6;
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (apn->tun.cfg.ipup_script) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Running ip-up script %s\n",
|
|
|
|
|
apn->tun.cfg.ipup_script);
|
|
|
|
|
tun_runscript(apn->tun.tun, apn->tun.cfg.ipup_script);
|
|
|
|
|
}
|
2017-09-24 12:00:34 +00:00
|
|
|
|
2017-12-14 13:09:13 +00:00
|
|
|
if (apn->cfg.apn_type_mask & (APN_TYPE_IPv6|APN_TYPE_IPv4v6) &&
|
|
|
|
|
apn->v6.cfg.ll_prefix.addr.len == 0) {
|
2017-12-14 10:19:10 +00:00
|
|
|
rc = tun_ip_local_get(apn->tun.tun, &ipv6_tun_linklocal_ip, 1, IP_TYPE_IPv6_LINK);
|
|
|
|
|
if (rc < 1) {
|
|
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Cannot obtain IPv6 link-local address of interface: %s\n",
|
|
|
|
|
rc ? strerror(errno) : "tun interface has no link-local IP assigned");
|
2017-09-24 12:00:34 +00:00
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2017-10-16 12:41:37 +00:00
|
|
|
apn->v6_lladdr = ipv6_tun_linklocal_ip.addr.v6;
|
2017-09-24 12:00:34 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* set back-pointer from TUN device to APN */
|
|
|
|
|
apn->tun.tun->priv = apn;
|
|
|
|
|
break;
|
|
|
|
|
case APN_GTPU_MODE_KERNEL_GTP:
|
2017-11-08 06:50:53 +00:00
|
|
|
LOGPAPN(LOGL_INFO, apn, "Opening Kernel GTP device %s\n", apn->tun.cfg.dev_name);
|
2017-11-08 05:09:51 +00:00
|
|
|
if (apn->cfg.apn_type_mask & (APN_TYPE_IPv6|APN_TYPE_IPv4v6)) {
|
|
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Kernel GTP currently supports only IPv4\n");
|
|
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
/* use GTP kernel module for data packet encapsulation */
|
2017-11-08 06:09:58 +00:00
|
|
|
if (gtp_kernel_init(apn->ggsn->gsn, apn->tun.cfg.dev_name,
|
|
|
|
|
&apn->v4.cfg.ifconfig_prefix, apn->tun.cfg.ipup_script) < 0) {
|
2017-11-08 05:09:51 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Unknown GTPU Mode %d\n", apn->cfg.gtpu_mode);
|
|
|
|
|
return -1;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Create IPv4 pool */
|
|
|
|
|
if (apn->v4.cfg.dynamic_prefix.addr.len) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Creating IPv4 pool %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v4.cfg.dynamic_prefix));
|
2017-11-08 05:33:55 +00:00
|
|
|
if ((blacklist_size = alloc_ippool_blacklist(apn, &blacklist, false)) < 0)
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed obtaining IPv4 tun IPs\n");
|
2017-08-12 13:07:02 +00:00
|
|
|
if (ippool_new(&apn->v4.pool, &apn->v4.cfg.dynamic_prefix,
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
&apn->v4.cfg.static_prefix, ippool_flags,
|
|
|
|
|
blacklist, blacklist_size)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to create IPv4 pool\n");
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
talloc_free(blacklist);
|
2017-08-12 13:07:02 +00:00
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
talloc_free(blacklist);
|
2017-08-12 13:07:02 +00:00
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Create IPv6 pool */
|
|
|
|
|
if (apn->v6.cfg.dynamic_prefix.addr.len) {
|
|
|
|
|
LOGPAPN(LOGL_INFO, apn, "Creating IPv6 pool %s\n",
|
|
|
|
|
in46p_ntoa(&apn->v6.cfg.dynamic_prefix));
|
2017-11-08 05:33:55 +00:00
|
|
|
if ((blacklist_size = alloc_ippool_blacklist(apn, &blacklist, true)) < 0)
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed obtaining IPv6 tun IPs\n");
|
2017-08-12 13:07:02 +00:00
|
|
|
if (ippool_new(&apn->v6.pool, &apn->v6.cfg.dynamic_prefix,
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
&apn->v6.cfg.static_prefix, ippool_flags,
|
|
|
|
|
blacklist, blacklist_size)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPAPN(LOGL_ERROR, apn, "Failed to create IPv6 pool\n");
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
talloc_free(blacklist);
|
2017-08-12 13:07:02 +00:00
|
|
|
apn_stop(apn, false);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
ippool: Implement and use blacklist instead of blindly using IPPOOL_NOGATEWAY
Commit dda21ed7d4a897c9284c69175d0da598598eae40 modified previous calls
to ippool_new() removing the pass of flags to avoid allocating certain
problematic IPs from the pool to MS, such as the network, gateway and
broadcast IPs.
Today I did some unsucessful tests with osmo-ggsn with a pool "ip prefix
dynamic 176.16.222.0/24", and thus IP 176.16.222.0 was being assigned to
the MS. De-capsulated DNS packets were received in the tun interface,
but the Linux system in there was unable to correctly forward the
packets to the gateway interface connected to the Internet. However,
adding a second MS which got 176.16.222.1 had its packets forwarded
correctly.
However, previous implementation relies on flag IPPOOL_NOGATEWAY flag to
blindly blacklist first IP after the network ip (ie, .0 and .1 are
removed), which limits the IP reserved for the tun device to be .1. If a
different IP in the range is assigned, it may cause issues. As a result,
a blacklist is introduced in this commit to dynamically fetch the tun IP
address and exlucde it from the pool of available IPs.
Change-Id: I8e91f7280d60490c858a769dd578c1c8e54e9243
2017-10-16 12:52:25 +00:00
|
|
|
talloc_free(blacklist);
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
LOGPAPN(LOGL_NOTICE, apn, "Successfully started\n");
|
|
|
|
|
apn->started = true;
|
|
|
|
|
return 0;
|
2004-01-09 15:19:20 +00:00
|
|
|
}
|
|
|
|
|
|
2017-05-04 15:45:10 +00:00
|
|
|
static bool send_trap(const struct gsn_t *gsn, const struct pdp_t *pdp, const struct ippoolm_t *member, const char *var)
|
|
|
|
|
{
|
2017-08-02 17:49:47 +00:00
|
|
|
char addrbuf[256];
|
2017-05-04 15:45:10 +00:00
|
|
|
char val[NAMESIZE];
|
|
|
|
|
|
2017-08-02 17:49:47 +00:00
|
|
|
const char *addrstr = in46a_ntop(&member->addr, addrbuf, sizeof(addrbuf));
|
|
|
|
|
|
2017-08-12 17:29:16 +00:00
|
|
|
snprintf(val, sizeof(val), "%s,%s", imsi_gtp2str(&pdp->imsi), addrstr);
|
2017-05-04 15:45:10 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (ctrl_cmd_send_trap(g_ctrlh, var, val) < 0) {
|
|
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Failed to create and send TRAP %s\n", var);
|
2017-05-04 15:45:10 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
static int delete_context(struct pdp_t *pdp)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
struct gsn_t *gsn = pdp->gsn;
|
2017-11-08 06:09:58 +00:00
|
|
|
struct apn_ctx *apn = pdp->priv;
|
2017-12-06 18:26:25 +00:00
|
|
|
struct ippoolm_t *member;
|
|
|
|
|
int i;
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
LOGPPDP(LOGL_INFO, pdp, "Deleting PDP context\n");
|
2016-10-14 11:38:05 +00:00
|
|
|
|
2017-12-06 18:26:25 +00:00
|
|
|
for (i = 0; i < 2; i++) {
|
|
|
|
|
if (pdp->peer[i]) {
|
|
|
|
|
member = pdp->peer[i];
|
|
|
|
|
send_trap(gsn, pdp, member, "imsi-rem-ip"); /* TRAP with IP removal */
|
|
|
|
|
ippool_freeip(member->pool, member);
|
|
|
|
|
} else if(i == 0)
|
|
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Cannot find/free IP Pool member\n");
|
|
|
|
|
}
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
|
2017-11-08 06:09:58 +00:00
|
|
|
if (gtp_kernel_tunnel_del(pdp, apn->tun.cfg.dev_name)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Cannot delete tunnel from kernel:%s\n",
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
strerror(errno));
|
|
|
|
|
}
|
|
|
|
|
|
2011-11-02 12:06:18 +00:00
|
|
|
return 0;
|
2002-12-16 13:33:51 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-09 18:28:52 +00:00
|
|
|
#include <osmocom/gsm/tlv.h>
|
|
|
|
|
|
|
|
|
|
/* 3GPP TS 24.008 10.6.5.3 */
|
|
|
|
|
enum pco_protocols {
|
|
|
|
|
PCO_P_LCP = 0xC021,
|
|
|
|
|
PCO_P_PAP = 0xC023,
|
|
|
|
|
PCO_P_CHAP = 0xC223,
|
|
|
|
|
PCO_P_IPCP = 0x8021,
|
|
|
|
|
PCO_P_PCSCF_ADDR = 0x0001,
|
|
|
|
|
PCO_P_IM_CN_SS_F = 0x0002,
|
|
|
|
|
PCO_P_DNS_IPv6_ADDR = 0x0003,
|
|
|
|
|
PCO_P_POLICY_CTRL_REJ = 0x0004, /* only in Network->MS */
|
|
|
|
|
PCO_P_MS_SUP_NETREQ_BCI = 0x0005,
|
|
|
|
|
/* reserved */
|
|
|
|
|
PCO_P_DSMIPv6_HA_ADDR = 0x0007,
|
|
|
|
|
PCO_P_DSMIPv6_HN_PREF = 0x0008,
|
|
|
|
|
PCO_P_DSMIPv6_v4_HA_ADDR= 0x0009,
|
|
|
|
|
PCO_P_IP_ADDR_VIA_NAS = 0x000a, /* only MS->Network */
|
|
|
|
|
PCO_P_IPv4_ADDR_VIA_DHCP= 0x000b, /* only MS->Netowrk */
|
|
|
|
|
PCO_P_PCSCF_IPv4_ADDR = 0x000c,
|
|
|
|
|
PCO_P_DNS_IPv4_ADDR = 0x000d,
|
|
|
|
|
PCO_P_MSISDN = 0x000e,
|
|
|
|
|
PCO_P_IFOM_SUPPORT = 0x000f,
|
|
|
|
|
PCO_P_IPv4_LINK_MTU = 0x0010,
|
|
|
|
|
PCO_P_MS_SUPP_LOC_A_TFT = 0x0011,
|
|
|
|
|
PCO_P_PCSCF_RESEL_SUP = 0x0012, /* only MS->Network */
|
|
|
|
|
PCO_P_NBIFOM_REQ = 0x0013,
|
|
|
|
|
PCO_P_NBIFOM_MODE = 0x0014,
|
|
|
|
|
PCO_P_NONIP_LINK_MTU = 0x0015,
|
|
|
|
|
PCO_P_APN_RATE_CTRL_SUP = 0x0016,
|
|
|
|
|
PCO_P_PS_DATA_OFF_UE = 0x0017,
|
|
|
|
|
PCO_P_REL_DATA_SVC = 0x0018,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* determine if PCO contains given protocol */
|
|
|
|
|
static bool pco_contains_proto(struct ul255_t *pco, uint16_t prot)
|
|
|
|
|
{
|
|
|
|
|
uint8_t *cur = pco->v + 1;
|
|
|
|
|
|
|
|
|
|
/* iterate over PCO and check if protocol contained */
|
2017-08-30 13:51:24 +00:00
|
|
|
while (cur + 3 <= pco->v + pco->l) {
|
2017-08-09 18:28:52 +00:00
|
|
|
uint16_t cur_prot = osmo_load16be(cur);
|
|
|
|
|
uint8_t cur_len = cur[2];
|
|
|
|
|
if (cur_prot == prot)
|
|
|
|
|
return true;
|
2017-08-30 13:51:24 +00:00
|
|
|
cur += cur_len + 3;
|
2017-08-09 18:28:52 +00:00
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* determine if PDP context has IPv6 support */
|
|
|
|
|
static bool pdp_has_v4(struct pdp_t *pdp)
|
|
|
|
|
{
|
|
|
|
|
if (pdp->eua.l == 4+2)
|
|
|
|
|
return true;
|
|
|
|
|
else
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* construct an IPCP PCO from up to two given DNS addreses */
|
|
|
|
|
static int build_ipcp_pco(struct msgb *msg, uint8_t id, const struct in46_addr *dns1,
|
|
|
|
|
const struct in46_addr *dns2)
|
|
|
|
|
{
|
|
|
|
|
uint8_t *len1, *len2;
|
|
|
|
|
uint8_t *start = msg->tail;
|
|
|
|
|
unsigned int len_appended;
|
|
|
|
|
|
|
|
|
|
/* Three byte T16L header */
|
|
|
|
|
msgb_put_u16(msg, 0x8021); /* IPCP */
|
|
|
|
|
len1 = msgb_put(msg, 1); /* Length of contents: delay */
|
|
|
|
|
|
|
|
|
|
msgb_put_u8(msg, 0x02); /* ACK */
|
|
|
|
|
msgb_put_u8(msg, id); /* ID: Needs to match request */
|
|
|
|
|
msgb_put_u8(msg, 0x00); /* Length MSB */
|
|
|
|
|
len2 = msgb_put(msg, 1); /* Length LSB: delay */
|
|
|
|
|
|
|
|
|
|
if (dns1 && dns1->len == 4) {
|
|
|
|
|
msgb_put_u8(msg, 0x81); /* DNS1 Tag */
|
|
|
|
|
msgb_put_u8(msg, 2 + dns1->len);/* DNS1 Length, incl. TL */
|
2017-12-03 20:43:50 +00:00
|
|
|
msgb_put_u32(msg, ntohl(dns1->v4.s_addr));
|
2017-08-12 13:07:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (dns2 && dns2->len == 4) {
|
|
|
|
|
msgb_put_u8(msg, 0x83); /* DNS2 Tag */
|
|
|
|
|
msgb_put_u8(msg, 2 + dns2->len);/* DNS2 Length, incl. TL */
|
2017-12-03 20:43:50 +00:00
|
|
|
msgb_put_u32(msg, ntohl(dns2->v4.s_addr));
|
2017-08-12 13:07:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* patch in length values */
|
|
|
|
|
len_appended = msg->tail - start;
|
|
|
|
|
*len1 = len_appended - 3;
|
|
|
|
|
*len2 = len_appended - 3;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-09 18:28:52 +00:00
|
|
|
/* process one PCO request from a MS/UE, putting together the proper responses */
|
2017-08-12 13:07:02 +00:00
|
|
|
static void process_pco(struct apn_ctx *apn, struct pdp_t *pdp)
|
2017-08-09 18:28:52 +00:00
|
|
|
{
|
|
|
|
|
struct msgb *msg = msgb_alloc(256, "PCO");
|
2017-08-12 13:07:02 +00:00
|
|
|
unsigned int i;
|
|
|
|
|
|
|
|
|
|
OSMO_ASSERT(msg);
|
2017-08-09 18:28:52 +00:00
|
|
|
msgb_put_u8(msg, 0x80); /* ext-bit + configuration protocol byte */
|
|
|
|
|
|
|
|
|
|
/* FIXME: also check if primary / secondary DNS was requested */
|
|
|
|
|
if (pdp_has_v4(pdp) && pco_contains_proto(&pdp->pco_req, PCO_P_IPCP)) {
|
|
|
|
|
/* FIXME: properly implement this for IPCP */
|
2017-08-12 13:07:02 +00:00
|
|
|
build_ipcp_pco(msg, 0, &apn->v4.cfg.dns[0], &apn->v4.cfg.dns[1]);
|
2017-08-09 18:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pco_contains_proto(&pdp->pco_req, PCO_P_DNS_IPv6_ADDR)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
for (i = 0; i < ARRAY_SIZE(apn->v6.cfg.dns); i++) {
|
|
|
|
|
struct in46_addr *i46a = &apn->v6.cfg.dns[i];
|
|
|
|
|
if (i46a->len != 16)
|
|
|
|
|
continue;
|
|
|
|
|
msgb_t16lv_put(msg, PCO_P_DNS_IPv6_ADDR, i46a->len, i46a->v6.s6_addr);
|
|
|
|
|
}
|
2017-08-09 18:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pco_contains_proto(&pdp->pco_req, PCO_P_DNS_IPv4_ADDR)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
for (i = 0; i < ARRAY_SIZE(apn->v4.cfg.dns); i++) {
|
|
|
|
|
struct in46_addr *i46a = &apn->v4.cfg.dns[i];
|
|
|
|
|
if (i46a->len != 4)
|
|
|
|
|
continue;
|
|
|
|
|
msgb_t16lv_put(msg, PCO_P_DNS_IPv4_ADDR, i46a->len, (uint8_t *)&i46a->v4);
|
|
|
|
|
}
|
2017-08-09 18:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (msgb_length(msg) > 1) {
|
|
|
|
|
memcpy(pdp->pco_neg.v, msgb_data(msg), msgb_length(msg));
|
|
|
|
|
pdp->pco_neg.l = msgb_length(msg);
|
|
|
|
|
} else
|
|
|
|
|
pdp->pco_neg.l = 0;
|
|
|
|
|
|
|
|
|
|
msgb_free(msg);
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-14 14:22:16 +00:00
|
|
|
static bool apn_supports_ipv4(const struct apn_ctx *apn)
|
|
|
|
|
{
|
|
|
|
|
if (apn->v4.cfg.static_prefix.addr.len || apn->v4.cfg.dynamic_prefix.addr.len)
|
|
|
|
|
return true;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool apn_supports_ipv6(const struct apn_ctx *apn)
|
|
|
|
|
{
|
|
|
|
|
if (apn->v6.cfg.static_prefix.addr.len || apn->v6.cfg.dynamic_prefix.addr.len)
|
|
|
|
|
return true;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2011-11-02 12:06:18 +00:00
|
|
|
int create_context_ind(struct pdp_t *pdp)
|
|
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
static char name_buf[256];
|
|
|
|
|
struct gsn_t *gsn = pdp->gsn;
|
|
|
|
|
struct ggsn_ctx *ggsn = gsn->priv;
|
2017-12-06 18:26:25 +00:00
|
|
|
struct in46_addr addr[2];
|
|
|
|
|
struct ippoolm_t *member = NULL;
|
2017-08-12 13:07:02 +00:00
|
|
|
struct apn_ctx *apn;
|
2017-12-06 18:26:25 +00:00
|
|
|
int rc, num_addr, i;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_apn_to_str(name_buf, pdp->apn_req.v, pdp->apn_req.l);
|
|
|
|
|
|
|
|
|
|
LOGPPDP(LOGL_DEBUG, pdp, "Processing create PDP context request for APN '%s'\n", name_buf);
|
|
|
|
|
|
|
|
|
|
/* First find an exact APN name match */
|
|
|
|
|
apn = ggsn_find_apn(ggsn, name_buf);
|
2017-10-01 05:36:52 +00:00
|
|
|
/* ignore if the APN has not been started */
|
create_context_ind(): Fix crash on apn not found
Program terminated with signal SIGSEGV, Segmentation fault.
0 create_context_ind (pdp=0xb6b391b0 <pdpa>)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:453
453 if (!apn->started)
(gdb) bt
0 create_context_ind (pdp=0xb6b391b0 <pdpa>)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:453
1 0xb6b225e0 in gtp_create_pdp_ind (gsn=gsn@entry=0x74f28, version=version@entry=1, peer=0x0,
peer@entry=0xbee6ead4, fd=-1092167056, fd@entry=8, pack=pack@entry=0xbee6eae4, len=len@entry=179)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/gtp/gtp.c:1591
2 0xb6b245e4 in gtp_decaps1c (gsn=0x74f28)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/gtp/gtp.c:2986
3 0x41d770c0 in osmo_select_main () from /usr/lib/libosmocore.so.8
4 0x000121b8 in main (argc=4, argv=0xbee70e54)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:897
Fixes: dd266066c7cc96c797034da352cc9d72177c5780, b16c46b4c36383368eb1581e40d0a8ca751ddc53
Change-Id: Ie4ec74e87aaf1d067dd1717d986673be56c4d6ed
2017-10-11 18:32:55 +00:00
|
|
|
if (apn && !apn->started)
|
2017-10-01 05:36:52 +00:00
|
|
|
apn = NULL;
|
2017-10-01 10:28:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* then try default (if any) */
|
|
|
|
|
if (!apn)
|
|
|
|
|
apn = ggsn->cfg.default_apn;
|
2017-10-01 10:28:18 +00:00
|
|
|
/* ignore if the APN has not been started */
|
create_context_ind(): Fix crash on apn not found
Program terminated with signal SIGSEGV, Segmentation fault.
0 create_context_ind (pdp=0xb6b391b0 <pdpa>)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:453
453 if (!apn->started)
(gdb) bt
0 create_context_ind (pdp=0xb6b391b0 <pdpa>)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:453
1 0xb6b225e0 in gtp_create_pdp_ind (gsn=gsn@entry=0x74f28, version=version@entry=1, peer=0x0,
peer@entry=0xbee6ead4, fd=-1092167056, fd@entry=8, pack=pack@entry=0xbee6eae4, len=len@entry=179)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/gtp/gtp.c:1591
2 0xb6b245e4 in gtp_decaps1c (gsn=0x74f28)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/gtp/gtp.c:2986
3 0x41d770c0 in osmo_select_main () from /usr/lib/libosmocore.so.8
4 0x000121b8 in main (argc=4, argv=0xbee70e54)
at /usr/src/debug/osmo-ggsn/1.0.0+gitrAUTOINC+ab5e160937-r0/git/ggsn/ggsn.c:897
Fixes: dd266066c7cc96c797034da352cc9d72177c5780, b16c46b4c36383368eb1581e40d0a8ca751ddc53
Change-Id: Ie4ec74e87aaf1d067dd1717d986673be56c4d6ed
2017-10-11 18:32:55 +00:00
|
|
|
if (apn && !apn->started)
|
2017-10-01 10:28:18 +00:00
|
|
|
apn = NULL;
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (!apn) {
|
|
|
|
|
/* no APN found for what user requested */
|
|
|
|
|
LOGPPDP(LOGL_NOTICE, pdp, "Unknown APN '%s', rejecting\n", name_buf);
|
|
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_MISSING_APN);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-03 22:22:35 +00:00
|
|
|
/* FIXME: we manually force all context requests to dynamic here! */
|
|
|
|
|
if (pdp->eua.l > 2)
|
|
|
|
|
pdp->eua.l = 2;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2011-11-02 12:06:18 +00:00
|
|
|
memcpy(pdp->qos_neg0, pdp->qos_req0, sizeof(pdp->qos_req0));
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2011-11-02 12:06:18 +00:00
|
|
|
memcpy(pdp->qos_neg.v, pdp->qos_req.v, pdp->qos_req.l); /* TODO */
|
|
|
|
|
pdp->qos_neg.l = pdp->qos_req.l;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-12-06 18:26:25 +00:00
|
|
|
memset(addr, 0, sizeof(addr));
|
|
|
|
|
if ((num_addr = in46a_from_eua(&pdp->eua, addr)) < 0) {
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Cannot decode EUA from MS/SGSN: %s\n",
|
2017-08-02 22:00:23 +00:00
|
|
|
osmo_hexdump(pdp->eua.v, pdp->eua.l));
|
|
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_UNKNOWN_PDP);
|
|
|
|
|
return 0;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-12-06 18:26:25 +00:00
|
|
|
/* Allocate dynamic addresses from the pool */
|
|
|
|
|
for (i = 0; i < num_addr; i++) {
|
|
|
|
|
if (addr[i].len == sizeof(struct in_addr)) {
|
|
|
|
|
/* does this APN actually have an IPv4 pool? */
|
|
|
|
|
if (!apn_supports_ipv4(apn))
|
|
|
|
|
goto err_wrong_af;
|
|
|
|
|
|
|
|
|
|
rc = ippool_newip(apn->v4.pool, &member, &addr[i], 0);
|
|
|
|
|
if (rc < 0)
|
|
|
|
|
goto err_pool_full;
|
|
|
|
|
/* copy back */
|
|
|
|
|
memcpy(&addr[i].v4.s_addr, &member->addr.v4, 4);
|
|
|
|
|
|
|
|
|
|
} else if (addr[i].len == sizeof(struct in6_addr)) {
|
|
|
|
|
|
|
|
|
|
/* does this APN actually have an IPv6 pool? */
|
|
|
|
|
if (!apn_supports_ipv6(apn))
|
|
|
|
|
goto err_wrong_af;
|
|
|
|
|
|
|
|
|
|
rc = ippool_newip(apn->v6.pool, &member, &addr[i], 0);
|
|
|
|
|
if (rc < 0)
|
|
|
|
|
goto err_pool_full;
|
|
|
|
|
|
|
|
|
|
/* IPv6 doesn't really send the real/allocated address at this point, but just
|
|
|
|
|
* the link-identifier which the MS shall use for router solicitation */
|
|
|
|
|
/* initialize upper 64 bits to prefix, they are discarded by MS anyway */
|
|
|
|
|
memcpy(addr[i].v6.s6_addr, &member->addr.v6, 8);
|
|
|
|
|
/* use allocated 64bit prefix as lower 64bit, used as link id by MS */
|
|
|
|
|
memcpy(addr[i].v6.s6_addr+8, &member->addr.v6, 8);
|
|
|
|
|
} else
|
|
|
|
|
OSMO_ASSERT(0);
|
2017-10-14 14:22:16 +00:00
|
|
|
|
2017-12-06 18:26:25 +00:00
|
|
|
pdp->peer[i] = member;
|
|
|
|
|
member->peer = pdp;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
in46a_to_eua(addr, num_addr, &pdp->eua);
|
2003-01-28 16:13:57 +00:00
|
|
|
|
2017-12-06 18:26:25 +00:00
|
|
|
if (apn_supports_ipv4(apn)) {
|
2017-08-12 13:07:02 +00:00
|
|
|
/* TODO: In IPv6, EUA doesn't contain the actual IP addr/prefix! */
|
2017-11-08 06:09:58 +00:00
|
|
|
if (gtp_kernel_tunnel_add(pdp, apn->tun.cfg.dev_name) < 0) {
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Cannot add tunnel to kernel: %s\n", strerror(errno));
|
|
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_SYS_FAIL);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2017-12-06 18:26:25 +00:00
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
pdp->ipif = apn->tun.tun; /* TODO */
|
2017-11-08 06:09:58 +00:00
|
|
|
pdp->priv = apn;
|
2003-04-11 09:40:12 +00:00
|
|
|
|
2017-05-04 15:45:10 +00:00
|
|
|
if (!send_trap(gsn, pdp, member, "imsi-ass-ip")) { /* TRAP with IP assignment */
|
2016-08-02 15:10:38 +00:00
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_NO_RESOURCES);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
process_pco(apn, pdp);
|
2017-08-09 18:28:52 +00:00
|
|
|
|
2017-09-24 03:43:17 +00:00
|
|
|
/* Transmit G-PDU sequence numbers (only) if configured in APN */
|
|
|
|
|
pdp->tx_gpdu_seq = apn->cfg.tx_gpdu_seq;
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPPDP(LOGL_INFO, pdp, "Successful PDP Context Creation: APN=%s(%s), TEIC=%u, IP=%s\n",
|
|
|
|
|
name_buf, apn->cfg.name, pdp->teic_own, in46a_ntoa(&member->addr));
|
2011-11-02 12:06:18 +00:00
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_ACC_REQ);
|
|
|
|
|
return 0; /* Success */
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
err_pool_full:
|
|
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Cannot allocate IP address from pool (full!)\n");
|
|
|
|
|
gtp_create_context_resp(gsn, pdp, -rc);
|
|
|
|
|
return 0; /* Already in use, or no more available */
|
2017-10-14 14:22:16 +00:00
|
|
|
|
|
|
|
|
err_wrong_af:
|
|
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "APN doesn't support requested EUA / AF type\n");
|
|
|
|
|
gtp_create_context_resp(gsn, pdp, GTPCAUSE_UNKNOWN_PDP);
|
|
|
|
|
return 0;
|
2002-12-16 13:33:51 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Internet-originated IP packet, needs to be sent via GTP towards MS */
|
|
|
|
|
static int cb_tun_ind(struct tun_t *tun, void *pack, unsigned len)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
struct apn_ctx *apn = tun->priv;
|
2011-11-02 12:06:18 +00:00
|
|
|
struct ippoolm_t *ipm;
|
2017-08-02 17:49:47 +00:00
|
|
|
struct in46_addr dst;
|
2017-08-02 19:10:09 +00:00
|
|
|
struct iphdr *iph = (struct iphdr *)pack;
|
2017-08-02 19:48:16 +00:00
|
|
|
struct ip6_hdr *ip6h = (struct ip6_hdr *)pack;
|
2017-08-12 13:07:02 +00:00
|
|
|
struct ippool_t *pool;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-02 19:10:09 +00:00
|
|
|
if (iph->version == 4) {
|
2017-08-02 17:49:47 +00:00
|
|
|
if (len < sizeof(*iph) || len < 4*iph->ihl)
|
|
|
|
|
return -1;
|
|
|
|
|
dst.len = 4;
|
2017-08-02 19:10:09 +00:00
|
|
|
dst.v4.s_addr = iph->daddr;
|
2017-08-12 13:07:02 +00:00
|
|
|
pool = apn->v4.pool;
|
2017-08-02 19:48:16 +00:00
|
|
|
} else if (iph->version == 6) {
|
2017-08-08 16:10:43 +00:00
|
|
|
/* Due to the fact that 3GPP requires an allocation of a
|
|
|
|
|
* /64 prefix to each MS, we must instruct
|
|
|
|
|
* ippool_getip() below to match only the leading /64
|
|
|
|
|
* prefix, i.e. the first 8 bytes of the address */
|
|
|
|
|
dst.len = 8;
|
2017-08-02 19:48:16 +00:00
|
|
|
dst.v6 = ip6h->ip6_dst;
|
2017-08-12 13:07:02 +00:00
|
|
|
pool = apn->v6.pool;
|
2017-08-02 17:49:47 +00:00
|
|
|
} else {
|
2017-12-04 12:17:07 +00:00
|
|
|
LOGP(DTUN, LOGL_NOTICE, "non-IPv%u packet received from tun\n", iph->version);
|
2017-08-02 17:49:47 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* IPv6 packet but no IPv6 pool, or IPv4 packet with no IPv4 pool */
|
|
|
|
|
if (!pool)
|
|
|
|
|
return 0;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-12-05 15:30:37 +00:00
|
|
|
DEBUGP(DTUN, "Received packet for APN(%s) from tun %s", apn->cfg.name, tun->devname);
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
if (ippool_getip(pool, &ipm, &dst)) {
|
2017-12-05 15:30:37 +00:00
|
|
|
DEBUGPC(DTUN, " with no PDP contex!!\n");
|
2011-11-02 12:06:18 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2017-12-05 15:30:37 +00:00
|
|
|
DEBUGPC(DTUN, "\n");
|
2011-11-02 12:06:18 +00:00
|
|
|
|
|
|
|
|
if (ipm->peer) /* Check if a peer protocol is defined */
|
2017-08-12 13:07:02 +00:00
|
|
|
gtp_data_req(apn->ggsn->gsn, (struct pdp_t *)ipm->peer, pack, len);
|
2011-11-02 12:06:18 +00:00
|
|
|
return 0;
|
2002-12-16 13:33:51 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-08 21:27:22 +00:00
|
|
|
/* RFC3307 link-local scope multicast address */
|
|
|
|
|
static const struct in6_addr all_router_mcast_addr = {
|
|
|
|
|
.s6_addr = { 0xff,0x02,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,2 }
|
|
|
|
|
};
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* MS-originated GTP1-U packet, needs to be sent via TUN device */
|
|
|
|
|
static int encaps_tun(struct pdp_t *pdp, void *pack, unsigned len)
|
2011-11-02 12:06:18 +00:00
|
|
|
{
|
2017-08-08 21:27:22 +00:00
|
|
|
struct iphdr *iph = (struct iphdr *)pack;
|
|
|
|
|
struct ip6_hdr *ip6h = (struct ip6_hdr *)pack;
|
2017-09-24 12:00:34 +00:00
|
|
|
struct tun_t *tun = (struct tun_t *)pdp->ipif;
|
|
|
|
|
struct apn_ctx *apn = tun->priv;
|
|
|
|
|
|
|
|
|
|
OSMO_ASSERT(tun);
|
|
|
|
|
OSMO_ASSERT(apn);
|
2017-08-08 21:27:22 +00:00
|
|
|
|
2017-12-05 15:30:37 +00:00
|
|
|
LOGPPDP(LOGL_DEBUG, pdp, "Packet received on APN(%s): forwarding to tun %s\n", apn->cfg.name, tun->devname);
|
2017-08-08 21:27:22 +00:00
|
|
|
|
|
|
|
|
switch (iph->version) {
|
|
|
|
|
case 6:
|
|
|
|
|
/* daddr: all-routers multicast addr */
|
|
|
|
|
if (IN6_ARE_ADDR_EQUAL(&ip6h->ip6_dst, &all_router_mcast_addr))
|
2017-09-24 12:00:34 +00:00
|
|
|
return handle_router_mcast(pdp->gsn, pdp, &apn->v6_lladdr, pack, len);
|
2017-08-08 21:27:22 +00:00
|
|
|
break;
|
|
|
|
|
case 4:
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPPDP(LOGL_ERROR, pdp, "Packet from MS is neither IPv4 nor IPv6: %s\n",
|
|
|
|
|
osmo_hexdump(pack, len));
|
2017-08-08 21:27:22 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
return tun_encaps((struct tun_t *)pdp->ipif, pack, len);
|
|
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-09-05 16:12:14 +00:00
|
|
|
static char *config_file = "osmo-ggsn.cfg";
|
2017-08-12 13:07:02 +00:00
|
|
|
|
|
|
|
|
/* callback for tun device osmocom select loop integration */
|
|
|
|
|
static int ggsn_tun_fd_cb(struct osmo_fd *fd, unsigned int what)
|
2002-12-16 13:33:51 +00:00
|
|
|
{
|
2017-08-12 13:07:02 +00:00
|
|
|
struct apn_ctx *apn = fd->data;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
OSMO_ASSERT(what & BSC_FD_READ);
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
return tun_decaps(apn->tun.tun);
|
|
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* callback for libgtp osmocom select loop integration */
|
|
|
|
|
static int ggsn_gtp_fd_cb(struct osmo_fd *fd, unsigned int what)
|
|
|
|
|
{
|
|
|
|
|
struct ggsn_ctx *ggsn = fd->data;
|
|
|
|
|
int rc;
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
OSMO_ASSERT(what & BSC_FD_READ);
|
2004-01-09 15:19:20 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
switch (fd->priv_nr) {
|
|
|
|
|
case 0:
|
|
|
|
|
rc = gtp_decaps0(ggsn->gsn);
|
|
|
|
|
break;
|
|
|
|
|
case 1:
|
|
|
|
|
rc = gtp_decaps1c(ggsn->gsn);
|
|
|
|
|
break;
|
|
|
|
|
case 2:
|
|
|
|
|
rc = gtp_decaps1u(ggsn->gsn);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
OSMO_ASSERT(0);
|
|
|
|
|
break;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
return rc;
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
static void ggsn_gtp_tmr_start(struct ggsn_ctx *ggsn)
|
|
|
|
|
{
|
|
|
|
|
struct timeval next;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Retrieve next retransmission as timeval */
|
|
|
|
|
gtp_retranstimeout(ggsn->gsn, &next);
|
2014-03-23 09:07:26 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* re-schedule the timer */
|
|
|
|
|
osmo_timer_schedule(&ggsn->gtp_timer, next.tv_sec, next.tv_usec/1000);
|
|
|
|
|
}
|
2014-03-23 09:07:26 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* timer callback for libgtp retransmission and ping */
|
|
|
|
|
static void ggsn_gtp_tmr_cb(void *data)
|
|
|
|
|
{
|
|
|
|
|
struct ggsn_ctx *ggsn = data;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* do all the retransmissions as needed */
|
|
|
|
|
gtp_retrans(ggsn->gsn);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
ggsn_gtp_tmr_start(ggsn);
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* To exit gracefully. Used with GCC compilation flag -pg and gprof */
|
|
|
|
|
static void signal_handler(int s)
|
|
|
|
|
{
|
|
|
|
|
LOGP(DGGSN, LOGL_NOTICE, "signal %d received\n", s);
|
|
|
|
|
switch (s) {
|
|
|
|
|
case SIGINT:
|
2017-08-20 10:44:21 +00:00
|
|
|
case SIGTERM:
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGP(DGGSN, LOGL_NOTICE, "SIGINT received, shutting down\n");
|
|
|
|
|
end = 1;
|
|
|
|
|
break;
|
|
|
|
|
case SIGABRT:
|
|
|
|
|
case SIGUSR1:
|
|
|
|
|
talloc_report(tall_vty_ctx, stderr);
|
|
|
|
|
talloc_report_full(tall_ggsn_ctx, stderr);
|
|
|
|
|
break;
|
|
|
|
|
case SIGUSR2:
|
|
|
|
|
talloc_report_full(tall_vty_ctx, stderr);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Start a given GGSN */
|
|
|
|
|
int ggsn_start(struct ggsn_ctx *ggsn)
|
|
|
|
|
{
|
|
|
|
|
struct apn_ctx *apn;
|
|
|
|
|
int rc;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (ggsn->started)
|
|
|
|
|
return 0;
|
2017-08-09 18:28:52 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPGGSN(LOGL_INFO, ggsn, "Starting GGSN\n");
|
|
|
|
|
|
|
|
|
|
/* Start libgtp listener */
|
|
|
|
|
if (gtp_new(&ggsn->gsn, ggsn->cfg.state_dir, &ggsn->cfg.listen_addr.v4, GTP_MODE_GGSN)) {
|
|
|
|
|
LOGPGGSN(LOGL_ERROR, ggsn, "Failed to create GTP: %s\n", strerror(errno));
|
|
|
|
|
return -1;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
ggsn->gsn->priv = ggsn;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-09-05 15:41:20 +00:00
|
|
|
/* patch in different addresses to use (in case we're behind NAT, the listen
|
|
|
|
|
* address is different from what we advertise externally) */
|
|
|
|
|
if (ggsn->cfg.gtpc_addr.v4.s_addr)
|
|
|
|
|
ggsn->gsn->gsnc = ggsn->cfg.gtpc_addr.v4;
|
|
|
|
|
|
|
|
|
|
if (ggsn->cfg.gtpu_addr.v4.s_addr)
|
|
|
|
|
ggsn->gsn->gsnu = ggsn->cfg.gtpu_addr.v4;
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Register File Descriptors */
|
|
|
|
|
osmo_fd_setup(&ggsn->gtp_fd0, ggsn->gsn->fd0, BSC_FD_READ, ggsn_gtp_fd_cb, ggsn, 0);
|
|
|
|
|
rc = osmo_fd_register(&ggsn->gtp_fd0);
|
|
|
|
|
OSMO_ASSERT(rc == 0);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_fd_setup(&ggsn->gtp_fd1c, ggsn->gsn->fd1c, BSC_FD_READ, ggsn_gtp_fd_cb, ggsn, 1);
|
|
|
|
|
rc = osmo_fd_register(&ggsn->gtp_fd1c);
|
|
|
|
|
OSMO_ASSERT(rc == 0);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_fd_setup(&ggsn->gtp_fd1u, ggsn->gsn->fd1u, BSC_FD_READ, ggsn_gtp_fd_cb, ggsn, 2);
|
|
|
|
|
rc = osmo_fd_register(&ggsn->gtp_fd1u);
|
|
|
|
|
OSMO_ASSERT(rc == 0);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Start GTP re-transmission timer */
|
|
|
|
|
osmo_timer_setup(&ggsn->gtp_timer, ggsn_gtp_tmr_cb, ggsn);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
gtp_set_cb_data_ind(ggsn->gsn, encaps_tun);
|
|
|
|
|
gtp_set_cb_delete_context(ggsn->gsn, delete_context);
|
|
|
|
|
gtp_set_cb_create_context_ind(ggsn->gsn, create_context_ind);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
LOGPGGSN(LOGL_NOTICE, ggsn, "Successfully started\n");
|
|
|
|
|
ggsn->started = true;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
llist_for_each_entry(apn, &ggsn->apn_list, list)
|
|
|
|
|
apn_start(apn);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* Stop a given GGSN */
|
|
|
|
|
int ggsn_stop(struct ggsn_ctx *ggsn)
|
|
|
|
|
{
|
|
|
|
|
struct apn_ctx *apn;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (!ggsn->started)
|
|
|
|
|
return 0;
|
2016-08-02 15:10:38 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
/* iterate over all APNs and stop them */
|
|
|
|
|
llist_for_each_entry(apn, &ggsn->apn_list, list)
|
|
|
|
|
apn_stop(apn, true);
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_timer_del(&ggsn->gtp_timer);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_fd_unregister(&ggsn->gtp_fd1u);
|
|
|
|
|
osmo_fd_unregister(&ggsn->gtp_fd1c);
|
|
|
|
|
osmo_fd_unregister(&ggsn->gtp_fd0);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
if (ggsn->gsn) {
|
|
|
|
|
gtp_free(ggsn->gsn);
|
|
|
|
|
ggsn->gsn = NULL;
|
|
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
ggsn->started = false;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
ggsn: add support for GTP kernel data encapsulation
This patch adds the -g, --gtpnl=device option that allows you to
enable the GTP kernel tunneling mode in openggsn. You have to specify
the real downlink device that will be used to tunnel traffic, eg.
-g=eth0
This means that the gtp0 device will be created and it will use eth0
as the real device to encapsulate packet coming from the Internet that
are addressed to the MS (so the tunnel devuce encapsulates these IP
packets in GTP packets when traveling to the SGSN).
Alternatively, you can also add this to the ggsn.conf configuration file:
gtpnl eth0
The device has to be the real device that can route packets to the SGSN,
if you select the wrong device, the kernel routing code may not find a
way to reach the SSGN, you've been warned.
Therefore, if this option is set, the operational becomes the following:
1) A gtp0 device is created via rtnetlink and configure the socket
encapsulation infrastructure in the kernel.
2) Whenever a PDP context is created, this adds the necessary tunnel
configuration via genetlink GTP interface.
3) Whenever a PDP context is destroyed, this deletes the tunnel via
genetlink GTP interface.
4) Destroy the gtp0 device if ggsn is stopped, including all of the
existing tunnels.
You require the osmo-ggsn.git tree, which contains the kernel module
gtp.ko and the libgtpnl library that you have to compile and install.
Make sure you have loaded the gtp.ko kernel module before launching
the ggsn daemon using the kernel driver mode, otherwise you will get
a nice "operation not supported" error message ;-).
This patch also adds supports for "ipup" configuration option to invoke
an external script after the gtp0 device has been brought up. Typical
command to add the route to reach the MS behind the GGSN is required,
eg. ip route add 10.0.0.0/8 dev gtp0.
The (horrible) ggsn parser has been manually extended to support the
new configuration option. That code doesn't look nice, but it just
mimics what we already have there for consistency, please don't blame
me for that.
If you want to run in debugging mode, I suggest you to use:
sudo ggsn -c ggsn.conf -f -d
Note that you do have to run openggsn as root to bring up the gtp0
device. You have to see this message that announce that the GTP kernel
mode is enabled.
openggsn[1106]: ggsn.c: 656: Using the GTP kernel mode (genl ID is 25)
This patch also automagically sets up route to reach MS from Internet
just like tun mode does. This is fundamental to get this working,
better don't leave to the admin, he may forget to add this route.
In this patch, I tried to encapsulate this new feature as much as
possible as Harald initially suggested.
To compile this feature, you have to pass --enable-gtp-kernel, ie.
./configire --enable-gtp-kernel
Otherwise, the code to interact with the gtp kernel part is not compiled.
Signed-off-by: Andreas Schultz <aschultz@tpip.net>
2015-11-17 11:22:42 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
static void print_usage()
|
|
|
|
|
{
|
|
|
|
|
printf("Usage: osmo-ggsn [-h] [-D] [-c configfile] [-V]\n");
|
|
|
|
|
}
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
static void print_help()
|
|
|
|
|
{
|
|
|
|
|
printf( " Some useful help...\n"
|
|
|
|
|
" -h --help This help text\n"
|
|
|
|
|
" -D --daemonize Fork the process into a background daemon\n"
|
|
|
|
|
" -c --config-file filename The config file to use\n"
|
|
|
|
|
" -V --version Print the version of OsmoGGSN\n"
|
|
|
|
|
);
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
static void handle_options(int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
while (1) {
|
|
|
|
|
int option_index = 0, c;
|
|
|
|
|
static struct option long_options[] = {
|
|
|
|
|
{ "help", 0, 0, 'h' },
|
|
|
|
|
{ "daemonize", 0, 0, 'D' },
|
|
|
|
|
{ "config-file", 1, 0, 'c' },
|
|
|
|
|
{ "version", 0, 0, 'V' },
|
|
|
|
|
{ 0, 0, 0, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
c = getopt_long(argc, argv, "hdc:V", long_options, &option_index);
|
|
|
|
|
if (c == -1)
|
|
|
|
|
break;
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
switch (c) {
|
|
|
|
|
case 'h':
|
|
|
|
|
print_usage();
|
|
|
|
|
print_help();
|
|
|
|
|
exit(0);
|
|
|
|
|
case 'D':
|
|
|
|
|
daemonize = 1;
|
2011-11-02 12:06:18 +00:00
|
|
|
break;
|
2017-08-12 13:07:02 +00:00
|
|
|
case 'c':
|
|
|
|
|
config_file = optarg;
|
2011-11-02 12:06:18 +00:00
|
|
|
break;
|
2017-08-12 13:07:02 +00:00
|
|
|
case 'V':
|
|
|
|
|
print_version(1);
|
|
|
|
|
exit(0);
|
2011-11-02 12:06:18 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2017-08-12 13:07:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
int main(int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
struct ggsn_ctx *ggsn;
|
|
|
|
|
int rc;
|
|
|
|
|
|
2017-09-05 16:12:14 +00:00
|
|
|
tall_ggsn_ctx = talloc_named_const(NULL, 0, "OsmoGGSN");
|
2017-08-12 13:07:02 +00:00
|
|
|
msgb_talloc_ctx_init(tall_ggsn_ctx, 0);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-20 10:44:21 +00:00
|
|
|
/* Handle keyboard interrupt SIGINT */
|
2017-08-12 13:07:02 +00:00
|
|
|
signal(SIGINT, &signal_handler);
|
2017-08-20 10:44:21 +00:00
|
|
|
signal(SIGTERM, &signal_handler);
|
2017-08-12 13:07:02 +00:00
|
|
|
signal(SIGABRT, &signal_handler);
|
|
|
|
|
signal(SIGUSR1, &signal_handler);
|
|
|
|
|
signal(SIGUSR2, &signal_handler);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
osmo_init_ignore_signals();
|
|
|
|
|
osmo_init_logging(&log_info);
|
|
|
|
|
osmo_stats_init(tall_ggsn_ctx);
|
|
|
|
|
|
|
|
|
|
vty_init(&g_vty_info);
|
|
|
|
|
logging_vty_add_cmds(NULL);
|
|
|
|
|
osmo_stats_vty_add_cmds(&log_info);
|
|
|
|
|
ggsn_vty_init();
|
|
|
|
|
ctrl_vty_init(tall_ggsn_ctx);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
handle_options(argc, argv);
|
2011-11-02 12:06:18 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
rate_ctr_init(tall_ggsn_ctx);
|
|
|
|
|
|
|
|
|
|
rc = vty_read_config_file(config_file, NULL);
|
|
|
|
|
if (rc < 0) {
|
|
|
|
|
fprintf(stderr, "Failed to open config file: '%s'\n", config_file);
|
|
|
|
|
exit(2);
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
|
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
rc = telnet_init_dynif(tall_ggsn_ctx, NULL, vty_get_bind_addr(), OSMO_VTY_PORT_GGSN);
|
|
|
|
|
if (rc < 0)
|
|
|
|
|
exit(1);
|
2002-12-16 13:33:51 +00:00
|
|
|
|
2017-08-12 13:07:02 +00:00
|
|
|
g_ctrlh = ctrl_interface_setup(NULL, OSMO_CTRL_PORT_GGSN, NULL);
|
|
|
|
|
if (!g_ctrlh) {
|
|
|
|
|
LOGP(DGGSN, LOGL_ERROR, "Failed to create CTRL interface.\n");
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (daemonize) {
|
|
|
|
|
rc = osmo_daemonize();
|
|
|
|
|
if (rc < 0) {
|
|
|
|
|
perror("Error during daemonize");
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if 0
|
|
|
|
|
/* qos */
|
|
|
|
|
qos.l = 3;
|
|
|
|
|
qos.v[2] = (args_info.qos_arg) & 0xff;
|
|
|
|
|
qos.v[1] = ((args_info.qos_arg) >> 8) & 0xff;
|
|
|
|
|
qos.v[0] = ((args_info.qos_arg) >> 16) & 0xff;
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/* Main select loop */
|
|
|
|
|
while (!end) {
|
|
|
|
|
osmo_select_main(0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
llist_for_each_entry(ggsn, &g_ggsn_list, list)
|
|
|
|
|
ggsn_stop(ggsn);
|
|
|
|
|
|
|
|
|
|
return 1;
|
2011-11-02 12:06:18 +00:00
|
|
|
}
|
