How to tunnel ip over GTP (GPRS Tunnelling Protocol)

How to tunnel ip over GTP (GPRS Tunnelling Protocol)

Post by Phil » Sun, 05 Jun 2005 07:11:43



I want to tunnel ip traffic over GTP, for eventual delivery to a mobile
device (e.g. mobile phone), but I have no idea how to do this and would
appreciate some pointers. GTP is a 3GPP protocol that encapsulates ip in
UDP packets.

My first thought is for individual GTP tunnels to appear as linux network
interfaces, similar to the standard GRE tunnel implementation, so that I
can take advantage of the linux routing and traffic control features.

Unfortunately I have no idea how I'd implement a tunnel (e.g. do I need
to create a kernel module) and can't find anything describing how to do
it, although I've found lots of things on how to configure one of the
existing tunnel implementations.

I may also be completely wrong and there may be a much easier way to do it
(e.g. using netfilter).

I've read the usual linux networking howtos (linux networking, advanced
routing and traffic control)

Any advice appreciated.

Regards,
Phil

 
 
 

How to tunnel ip over GTP (GPRS Tunnelling Protocol)

Post by Phil » Mon, 06 Jun 2005 05:44:38


Quote:> I want to tunnel ip traffic over GTP, for eventual delivery to a mobile
> device (e.g. mobile phone), but I have no idea how to do this and would
> appreciate some pointers. GTP is a 3GPP protocol that encapsulates ip in
> UDP packets.

> My first thought is for individual GTP tunnels to appear as linux network
> interfaces, similar to the standard GRE tunnel implementation, so that I
> can take advantage of the linux routing and traffic control features.

> Unfortunately I have no idea how I'd implement a tunnel (e.g. do I need
> to create a kernel module) and can't find anything describing how to do
> it, although I've found lots of things on how to configure one of the
> existing tunnel implementations.

> I may also be completely wrong and there may be a much easier way to do it
> (e.g. using netfilter).

> I've read the usual linux networking howtos (linux networking, advanced
> routing and traffic control)

I've stumbled across the tun/tap module and this looks like what I need.

Any comments?

Regards,
Phil

 
 
 

How to tunnel ip over GTP (GPRS Tunnelling Protocol)

Post by James Knot » Mon, 06 Jun 2005 08:48:06



>> I've read the usual linux networking howtos (linux networking, advanced
>> routing and traffic control)

> I've stumbled across the tun/tap module and this looks like what I need.

> Any comments?

You might want to consider OpenVPN, which comes with some Linux distros.
There's also a Windows version available.
 
 
 

How to tunnel ip over GTP (GPRS Tunnelling Protocol)

Post by Tauno Voipi » Mon, 06 Jun 2005 22:24:59



>>I want to tunnel ip traffic over GTP, for eventual delivery to a mobile
>>device (e.g. mobile phone), but I have no idea how to do this and would
>>appreciate some pointers. GTP is a 3GPP protocol that encapsulates ip in
>>UDP packets.

>>My first thought is for individual GTP tunnels to appear as linux network
>>interfaces, similar to the standard GRE tunnel implementation, so that I
>>can take advantage of the linux routing and traffic control features.

>>Unfortunately I have no idea how I'd implement a tunnel (e.g. do I need
>>to create a kernel module) and can't find anything describing how to do
>>it, although I've found lots of things on how to configure one of the
>>existing tunnel implementations.

>>I may also be completely wrong and there may be a much easier way to do it
>>(e.g. using netfilter).

>>I've read the usual linux networking howtos (linux networking, advanced
>>routing and traffic control)

> I've stumbled across the tun/tap module and this looks like what I need.

> Any comments?

> Regards,
> Phil

tun/tap is just an interface adapter between a network interface
and a character interface. It is intended to give an opportunity
for network traffic processing (e.g. VPN tunnel) without needing
to always compile the code into the kernel.

Both types (tun/tap) have two interfaces: one network interface and
one character interface, and the module shuffles the packets between
the interfaces: what comes in from the network interface, goes out
via the character interface and vice versa.

A tun interface is an IP interface, and a tap interface is a data
link level interface (e.g. Ethernet).

If you can route the traffic of interest via the tun/tap device,
it's pretty probably what you need.

HTH

--

Tauno Voipio
tauno voipio (at) iki fi

 
 
 

1. ipip tunnel won't tunnel

It is entirely possible that I'm just really thickheaded, and I'm not
getting something very fundamental, but either way I've got big problems
with ipip tunneling between a cisco with a network behind it and a linux
machine with a network behind it.

Here's the deal:
I have a network 111.111.111.0 netmask 255.255.255.192 that lives behind
the ehternet0 of a cisco with an address of 111.111.111.1 netmask
255.255.255.192. The serial side of the cisco lives at 222.222.222.1
netmask 255.255.255.252.

I have a network at the linux machine (2.0.34) that has a serial (ppp)
connection of 333.333.333.1 netmask 255.255.255.0 (sorry, you'll have to
put up with the 333's for now) and on the ethernet 0 side of the linux
box, i have 3 machines.

I want these three machines to have addresses in the network
111.111.111.64 netmask 255.255.255.192 (subnet of the class C from
ethernet 0 of the cisco, above).

Here's what I've told the cisco:
interface tunnel 0
ip address 111.111.111.65 255.255.255.192
tunnel source serial 0
tunnel destination 333.333.333.1 (this is the last time you have to
cringe over 333's)
tunnel mode ipip

Here's what I've told the linux machine
ifconfig tunl0 111.111.111.66 netmask 255.255.255.192
ifconfig eth0 111.111.111.66 netmask 255.255.255.192 (same ip as tunl0)

Now, at this point, sometimes I can ping 111.111.111.66 from the cisco,
but only once.  After the first time, I can never get a second shot.

I've also attempted this on the linux machine
ifconfig tunl0 111.111.111.66 netmask 255.255.255.192
ifconfig eth0 111.111.111.67 netmask 255.255.255.192 (diff ip, same net
as tunl0)

I've also attempted this on the linux machine
ifconfig tunl0 111.111.111.65 netmask 255.255.255.192 (same ip as
cisco's tunnel 0)
ifconfig eth0 111.111.111.66 netmask 255.255.255.192 (diff ip, same net
as tunl0)

and, yes, I've also attemted this on the linux machine
ifconfig tunl0 111.111.111.65 netmask 255.255.255.192 (same ip as
cisco's tunnel 0)
ifconfig eth0 111.111.111.65 netmask 255.255.255.192 (same ip as tunl0)

Sooner or later, all of these configurations route me out of the cisco
(I sit at the linux machine and have to drive to work to reset the
router [this gets very old very fast])

All of these configurations have been awfully close, though, I think.  I
think so, because I can usually manage a traceroute or a ping before the
whole work locks up.

I'm stumped.  All I want to do is route the .64 network from work to
here (home [yes, it's legit]).  All IP addresses used in this example
are to be considered real addresses (changed to protect the guilty).

I'll email a beer to the first person who comes up with an acceptable
solution.  I'm desparate, although that could just be from driving into
work 4 times today to reset the cisco...

I'd appreciate any help.

Jeff...

2. what is going wrong? dsi_stream_read(-1): connection reset by peer

3. Secure Tunnel Bridging (was: Re: Encrypted tunnels through the internet???)

4. Dell inspiron 3000

5. Does Linux IPIP tunnelling work with Cisco NOS tunnels?

6. Startx does not work.

7. Configuring net (IP-tunnel, IP-Alias, Proxy-ARP, NAT, IP-Masq?)

8. ipfw with uid

9. Modules for IP over IP tunneling in latest Linux kernels

10. Help with setup of IP-IP Tunnel on linux

11. IP-IP tunneling and multi-line PPP?

12. IP-in-IP tunnel configuration between to Solaris 2.5 SPARCstations

13. IP Tunneling + IP Forwarding