Bug #6361
openopen5gs-upfd: Fix open5gs package assigning 1st IP address of the UE pool to the ogstun
90%
Description
Also, I had to tweak broken open5gs setup where open5gs-upfd ogtsun gets assigned IP address "10.45.0.1/16", but that IP address is actually also assigned to the first MS (my SWu emulator), and that creates problems in the network stack when the inner packet is decapsulated from GTP. In order to fix it:
> root@epc:~# ip addr del 10.45.0.1/16 dev ogstun > root@epc:~# ip route add 10.45.0.0/24 dev ogstun >According to lynxis this is a problem coming from open5gs package (file /etc/systemd/network/99-open5gs.network). The IP address is set in order to get the routing entry for free. Instead, it should only add the routing entry.
We should look into fixing the open5gs package to avoid having to apply those changes every time open5gs-upf is restarted.
Related issues
Updated by pespin 2 months ago
- Related to Feature #6235: osmo-epdg: gtp tunnel management added
Updated by pespin 2 months ago
The file comes from open5gs.git ./configs/systemd/99-open5gs.network:
[Match] Name=ogstun [Network] Address=10.45.0.1/16 Address=2001:db8:cafe::1/48 [Link] MTUBytes=1400 RequiredForOnline=false
At the same time, configs/open5gs/upf.yaml.in has:
session:
- subnet: 10.45.0.1/16
- subnet: 2001:db8:cafe::1/48
https://www.freedesktop.org/software/systemd/man/latest/systemd.network.html seems to have a "[Route]" option which could be used instead.
So this looks wrong. I'll do some tests to see if I can get something working with this and then submit a patch to open5gs upstream.
Updated by pespin 2 months ago
- Status changed from New to Feedback
- Assignee set to pespin
- % Done changed from 0 to 90
Tested fix and submitted upstream here: https://github.com/open5gs/open5gs/pull/2975
With this patch applied I no longer have to reapply rules every time I restart open5gs-upfd.
Updated by pespin 12 days ago
After change [1], open5gs should in theory properly identify difference between the subnet/pool of addresses and the local IP address set on the tundev, by means of "subnet" vs "gateway" fields in the config.
Since our config right now is:
roles/epc/defaults/main.yml
7:epc_ue_network: 10.45.0.0/16
roles/epc/templates/smf.yaml
37: - subnet: {{ epc_ue_network }}
roles/epc/templates/upf.yaml
21: - subnet: {{ epc_ue_network }}
Then we are properly defining in config file that we are not using an IP address for the gateway and hence .1 can be allocated for an UE.
However, open5gs maintainer mentioned he wants to keep assigning an IP address (.1) to the tundev in default setup, which means the default config is now (note the extra "gateway" field):
- subnet: 10.45.0.0/16
gateway: 10.45.0.1
Similarly, the default systemd file still contains code to set the IP address on the tundev (./configs/systemd/99-open5gs.network):
[Network] Address=10.45.0.1/16 Address=2001:db8:cafe::1/48
So our patch is still needed to avoid setting the IP address on the tundev.
It may make sense to update our upstream PR to include the explicit network routing rules, so removing the IP address is just a matter of commenting out the 2 "Address=" lines. Right now, if one does that with default systemd file, routing will be broken since the IP address are the one setting the implicit routing when they are added.
lynxis we can also simplify our setup by using open5gs default setup, where we let systemd add the IP address and we use something like the following in our open5gs (you must use current open5gs main!):
- subnet: 10.45.0.0/16
gateway: 10.45.0.1
[1] https://github.com/open5gs/open5gs/commit/a6830b30a0093ed2fa9d563445bf67026588a8f2
Updated by pespin 5 days ago
- Assignee changed from pespin to lynxis
I reworked my patch to explicitly set the routes and it was merged already upstream before release 2.7.1:
https://github.com/open5gs/open5gs/commit/c0a520f32a3c70aefc393f74ced365004fe8be75
So now, the consideration regarding what to do in our testing setup remains. We either:
- We use a smfd/upfd .cfg where we don't assign an IP addresss to the tundev, then remove the "Addr=" from the systemd .network file
- We use default config where smfd/upfd.cfg sets an IP address to the tundev, then we don't need to modify the systemd .network file (we may if we also changed the default subnet).
lynxis assigning to you and letting you decide which of the two above we want, since AFAIC you still have to apply the last ansible modifications to get everything set up properly in ansible-prototype.git.
