ICMP replies not received in UE

We have deployed free5gc core and ran services using juju charms onto microk8s environment in AWS. We can see that PDU session is established from amf and ran logs.

1. When we do ‘ping -I eth1 “upf_ip_eth1”’ , UPF is sending icmp echo replies to UE ( as seen in ngrep capture) but in UE we cannot see packets receiving.
2. Same issue observed for ‘ping -I eth1 google.com’.

We have an UE , RAN, UPF pod and NAT_app pod (which is providing the Data network interface ie eth1 to UPF pod).
Gtp5g version : 1.0.3b
In UPF and natapp , ip forwarding is enabled. In UPF , below NAT rule is applied

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

I tried with similar NAT rule in natapp pod too and this time ICMP replies are seen in UE and two-way traffic captured in natapp pod ,however no capture in upfgtp interface in UPF pod.

We have configured calico to allow icmp. Can anyone suggest what steps we need to do resolve this issue ? Any routing changes in uerouting / SMF ? Is that NAT rule correct ? Do we need to enable IP forwarding and NAT in UE too ?

Hi @deconixmj

There is some k8s implementations out there. Try to refer to those implementations to configure correctly your environment:

• https://github.com/Orange-OpenSource/towards5gs-helm
• https://github.com/sumichaaan/free5gc-k8s

Réf: https://github.com/calee0219/awesome-5g

Hi @abousselmi,

Thanks for the reply. These links refer to helm based setup and our helm based setup is working correctly (It does not have NAT). The issue is with the Juju charms based setup. Anyway I am comparing both the environments ,will go through above links and come back.

Thanks.