Contents
Data Network +IMS (GMSC)
In this guide I discuss how we configure multiple Virtual Machine interfaces by using VLAN or IP Aliases.
How to generate multiple interfaces using IP Aliases
The configuration of the interfaces on a Virtual Machine can be set-up by using VLAN or IP Aliases. I recommend Aliases, as in the table below.
I usually need to create multiple interfaces due to the fact that GTP does not accept to change ports. I do this by having both PGW and SGSN on same server. Unless I set two YateUCNs with different features support, I use a workaround for having both features on same machine.
In order to configure multiple Virtual Machines Interfaces using IP Aliases, I follow these steps:
a) Create IP aliases:
Network Class C: ifconfig enp0s3:{alias_name} 192.168.{alias_name}.{IP_VM} netmask 255.255.255.0 up– if my Virtual Machine is a class C: IP 192.168.168.163– ex1: ifconfig enp0s3:10 192.168.10.163 netmask 255.255.255.0 up
– ex2: ifconfig enp0s3:11 192.168.11.163 netmask 255.255.255.0 up
Network Class B: ifconfig enp0s3:{alias_name} 10.{alias_name}.{IP_VM} netmask 255.255.0.0 up
– if my Virtual Machine is a class B: IP 10.101.99.165
– ex1: ifconfig enp0s3:25 10.25.99.165 netmask 255.255.0.0 up
– ex2: ifconfig enp0s3:35 10.35.99.165 netmask 255.255.0.0 up
b) Save IP aliases:
After creating the Aliases, I save them, otherwise I’ll lose VM information at reboot.
-> cd /etc/sysconfig/network-scripts
-> I create a new file with the name ifcfg-enp0s3:{alias_name} using vim
Ex:
-> vim ifcfg-enp0s3:25
-> I add the alias configuration info in the new file
Ex:
ISALIAS=yes
DEVICE=enp0s3:25
BOOTPROTO=static
IPADDR=10.25.99.165
NETMASK=255.255.0.0
NETWORK=10.25.0.0
BROADCAST=10.25.255.255
ONBOOT=yes
METRIC=30
MII_NOT_SUPPORTED=yes
USERCTL=yes
RESOLV_MODS=no
ACCOUNTING=no
IPV6INIT=no
IPV6TO4INIT=no
c) Bring up the alias interfaces
Option 1:
I perform ifup command on the main interface
ex. ifup enp0s3
Option 2:
I restart network.service by using this command:
systemctl restart network.service
I also set address/mask length/optionally gateway for IPv4, where gateway refers to User Gi/SGi interface.
If I don’t set the gateway, then I configure local NAT using iptables.
How to setup local NAT using iptables
Address/mask length/optionally gateway for IPv4, where gateway refers to User Gi/SGi interface.
If I don’t use a gateway, then I configure local NAT using iptables – the IP I use is the head of the PDN tunnel. Tunnels for PDN and IMS are automatically generated from MMI.
a) ex command: iptables -t nat -A POSTROUTING -s 100.84.0.0/16 ! -d 100.84.0.0/16 -m comment –comment “tun-pdn internet for Subscribers” -j MASQUERADE
b) iptables-save (this command only displays the result, it doesn’t save it)
c) Save configuration, otherwise they will be lost at VM restart.
Option 1: -> iptables-save > /etc/sysconfig/iptables
Option 2: -> write manually the result of ‘iptables-save’ command in /etc/sysconfig/iptables
(To restore iptables to initial settings: iptables-restore )
d) if not already enabled, enable iptables.services:systemctl enable iptables.service
For internet to work IP forward should be 1 not 0.
When I want to check the IP forward value I use this command path:
cat /proc/sys/net/ipv4/ip_forward
To set the IP forward to 1:
– temporary (on reboot this will be lost):
echo 1 > /proc/sys/net/ipv4/ip_forward
– permanently:
cd /etc/sysctl.d/ * and add in config file: net.ipv4.ip_forward = 1
in order to load configuration files run sysctl –system
* Usually this configuration should be customized in /etc/sysctl.conf but from systemd version 207 (can check systemd version with ‘ systemctl –version ‘ command ), systemd only applies settings from /etc/sysctl.d/*.conf
If iptables.service is active at reboot, the info from the iptables file are read automatically.
The iptables.service is supposed to
run /usr/libexec/iptables.init
which then runs /sbin/iptables-restore,
which reads the rules from /etc/sysconfig/iptables
So if iptables.service is enabled and my configuration is fine, then it should work.
To verify if iptables.service is enabled I run:
systemctl is-enabled iptables.service
If I want to enable iptables.service I run:
systemctl enable iptables.service