diff options
author | Neels Hofmeyr <neels@hofmeyr.de> | 2017-11-18 17:37:09 +0100 |
---|---|---|
committer | Neels Hofmeyr <neels@hofmeyr.de> | 2018-11-27 18:27:47 +0100 |
commit | 606837597ff0764497c4eab1c34f2256ccc7ac7d (patch) | |
tree | 958540e1eb8253c11339ca8f08738797ee6c1974 /doc | |
parent | 5f8b332e6b5b536ca155bdca403a37253189ef37 (diff) |
OsmoGGSN: add Routing section for IP forward and masquerading
Change-Id: Ie49ca7a45113f49e89ce09017500008cbec757f5
Diffstat (limited to 'doc')
-rw-r--r-- | doc/manuals/chapters/running.adoc | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/doc/manuals/chapters/running.adoc b/doc/manuals/chapters/running.adoc index ef899b5..83470e8 100644 --- a/doc/manuals/chapters/running.adoc +++ b/doc/manuals/chapters/running.adoc @@ -20,6 +20,38 @@ arguments: used. If none is specified, use `osmo-ggsn.cfg` in the current working directory. +=== Routing + +Operating the OpenGGSN tun device naturally creates a network setup with +multiple interfaces. Consider: + +* Typical Linux setups prevent forwarding of packets between separate + interfaces by default. To let subscribers reach the internet uplink from the + tun device, it may be required to enable IP forwarding. + +* Having a locally defined address range assigned to the tun device requires + either sensible routing for this address range, or that masquerading is + enabled to allow your single uplink IP address to "proxy" for the tun. + +These are decisions to be made on a network administration level. + +In a trivial case where you have a single box serving GPRS to few subscribers +on an arbitrary IP address range not known in the larger network, the easiest +way to enable GPRS uplink would be to enable IP forwarding and masquerading. + +To manually enable IPv4 forwarding and masquerading ad-hoc, you can do: + +---- +sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward" +iptables -t nat -A POSTROUTING -o '*' -j MASQUERADE +---- + +(You may want to replace `*` with the network device name, like `-o eth0`) + +There are various ways to enable these settings persistently, please refer to +your distribution's documentation -- e.g. look for @net.ipv4.ip_forward=1@ in +@/etc/sysctl.d/@, and https://wiki.debian.org/iptables for masquerading. + === Multiple instances Running multiple instances of `osmo-ggsn` is possible if all GGSN instances |