lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Yf6rKbkyzCnZE/10@nataraja>
Date:   Sat, 5 Feb 2022 17:51:53 +0100
From:   Harald Welte <laforge@...ocom.org>
To:     Marcin Szycik <marcin.szycik@...ux.intel.com>
Cc:     netdev@...r.kernel.org, michal.swiatkowski@...ux.intel.com,
        wojciech.drewek@...el.com, davem@...emloft.net, kuba@...nel.org,
        pablo@...filter.org, osmocom-net-gprs@...ts.osmocom.org
Subject: Re: [RFC PATCH net-next v4 4/6] gtp: Implement GTP echo response

Hi Marcin, Wojciech,

I would prefer to move this patch to right after introducing the
kernel-socket mode, as the former makes no sense without this patch.

Now that this patch implements responding to the GTP ECHO procedure,
one interesting question that comes to mind is how you would foresee
outbound GTP echo procedures to be used in this new use pattern.

With the existing (userspace creates the socket) pattern, the userspace
instance can at any point send GTP ECHO request packets to any of the
peers, while I don't really see how this would work if the socket is in
the kernel.

The use of the outbound ECHO procedure is not required for GTP-U by TS
29.060, so spec-wise it is fine to not support it.  It just means
that any higher-layer applications using this 'socketless' use pattern
will be deprived of being able to check for GTP-U path failure.

IMHO, this is non-negligable, as there are no other rqeust-response
message pairs on the GTP-U plane,  so transmitting and receiving ECHO
is the only way a control plane / management instance has to detect
GTP-U path failure.

So without being able to trigger GTP-ECHO, things could look prefectly
fine on the GPT-C side of things, but GTP-U may not be working at all.

Remember, GTP-U uses different IP addresses and also typically completely
different hosts/systems, so having GTP-C connectivity between two GSN
doesn't say anything about the GTP-U path.

Regards,
	Harald

-- 
- Harald Welte <laforge@...ocom.org>            http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
                                                  (ETSI EN 300 175-7 Ch. A6)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ