UPF not forwarding - no ARP to host

Q/A
#1

Hello

I have a split system with UPF on one box, all control-plane elements in a VM.

My N3 network is 10.0.30.0/24. My N6 is 10.0.40.0/24.

The N6 address of the UPF is 10.0.40.1. The host I am trying to reach is 10.0.40.4.

I see traffic from my UE (60.60.0.1) as both GTP and in the kernel, but I do not see it exit the host.

Trace attached.UPF2.pcap (7.6 KB)

I have ipv4 forwarding enabled, ufw disabled. My interfaces and ARP cache below. I do not see the UPR ARP for 10.0.40.3?

Thank you.

David

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.5.23.28 netmask 255.255.255.0 broadcast 10.5.23.255
inet6 fe80::d294:66ff:fe0a:795b prefixlen 64 scopeid 0x20
ether d0:94:66:0a:79:5b txqueuelen 1000 (Ethernet)
RX packets 34899 bytes 19011737 (19.0 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13035 bytes 3126516 (3.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 18

enp4s0f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.40.1 netmask 255.255.255.0 broadcast 10.0.40.255
inet6 fe80::ee0d:9aff:fe37:d21a prefixlen 64 scopeid 0x20
ether ec:0d:9a:37:d2:1a txqueuelen 1000 (Ethernet)
RX packets 4 bytes 330 (330.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 1874 (1.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp4s0f1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.30.1 netmask 255.255.255.0 broadcast 10.0.30.255
inet6 fe80::ee0d:9aff:fe37:d21b prefixlen 64 scopeid 0x20
ether ec:0d:9a:37:d2:1b txqueuelen 1000 (Ethernet)
RX packets 325 bytes 45584 (45.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 1874 (1.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 276 bytes 21679 (21.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 276 bytes 21679 (21.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

upfgtp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 0
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 11 bytes 1012 (1.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

root@free5GCUPF:~/free5gc/src/upf/build# arp -a
? (10.0.40.254) at 00:aa:00:00:00:01 [ether] on enp4s0f0
_gateway (10.5.23.10) at 00:86:9c:0a:a5:41 [ether] on eno1
? (10.5.23.1) at 00:04:96:9e:70:a6 [ether] on eno1
? (10.0.30.254) at 00:aa:00:00:00:01 [ether] on enp4s0f1
? (10.5.23.30) at 46:86:ed:a6:86:5b [ether] on eno1

#2

Hi,
Please check these as below.

  1. UPF can access 10.0.40.4. (mtr -a 10.0.40.1 10.0.40.4)

  2. Check iptables or other firewall can allow Linux to forward packets. There are two iptables samples as below. Existing one of them is OK. (sudo iptables -nvL)

    • Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    • ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0

Please provide routing table (ip route) and iptables (sudo iptables -nvL) for us to debug if above method is not work.