4.4 KiB
福建项目:GTP层隧道地址为IPv6时,更新GTP IPV6隧道地址时按照IPV4处理导致GTP IPV6隧道地址错误,导致5G环境安全策略日志中存在大量S-GW IP错误的现象
| ID | Creation Date | Assignee | Status |
|---|---|---|---|
| OMPUB-526 | 2022-06-15T10:15:15.000+0800 | 刘学利 | 已关闭 |
以移动5G一台功能端(192.168.13.5)为例,GTP中的P-GW、S-GW IP应为2409:8304:4040:5301::xxxx 但是在实际的安全策略日志中,S-GW IP写成了4040:5301:2409:8034::xxxx 如下图: !image-2022-06-15-10-13-16-119.png|thumbnail!
附件中是导出的日志及192.168.13.5上用tcpdump_mesa捕获的pcap包liuxueli commented on 2022-06-15T11:43:46.462+0800:
- 读包能复现本BUG,sapp的BUG,数据包:[^http-gtp-ipv6-addr-erorr.pcap]
gitlab commented on 2022-06-15T15:05:04.276+0800:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|846204eae3] of [MESA Platform / sapp|https://git.mesalab.cn/MESA_Platform/sapp] on branch [bugfix-OMPUB-526|https://git.mesalab.cn/MESA_Platform/sapp/-/tree/bugfix-OMPUB-526]:{quote}OMPUB-526: GTP层为地址IPv6时,更新GTPIPV6隧道地址时按照IPV4处理导致GTP IPV6隧道地址错误{quote}
gitlab commented on 2022-06-15T15:31:32.360+0800:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/MESA_Platform/sapp/-/merge_requests/296] of [MESA Platform / sapp|https://git.mesalab.cn/MESA_Platform/sapp] on branch [bugfix-OMPUB-526|https://git.mesalab.cn/MESA_Platform/sapp/-/tree/bugfix-OMPUB-526]:{quote}OMPUB-526: GTP层为地址IPv6时,更新GTPIPV6隧道地址时按照IPV4处理导致GTP IPV6隧道地址错误; TSG-10916: 重传数据包未更新lasttime导致流提前淘汰{quote}
liuxueli commented on 2022-06-15T16:42:45.761+0800:
- 20222-06-15 16:36:27在福建13.5上已更新,[~yangyang] 观察日志是否还存在问题。
liuxueli commented on 2022-06-16T14:22:26.334+0800:
- 20222-06-16 14:20:00提供更新数据包,SAPP开启内存池,app_sketch_local降低内存使用。 ** {code:java} [root@FJYD-QZ-CD5G-SERVER-5 update_20220616]# ll total 1792 -rw-r--r-- 1 root root 74016 Jun 16 13:45 app_sketch_local-4.3.6.b9388e8-1.el7.x86_64.rpm -rw-r--r-- 1 root root 33072 Jun 16 13:45 ftp-1.0.14.02d6a2c-1.el7.x86_64.rpm -rw-r--r-- 1 root root 558512 Jun 16 13:45 sapp-4.2.87.846204e-1.el7.x86_64.rpm -rw-r--r-- 1 root root 1153216 Jun 16 13:45 ssl-2.0.10.e8f6986-1.el7.x86_64.rpm -rwxrwxrwx 1 root root 420 Jun 16 13:57 update.sh [root@FJYD-QZ-CD5G-SERVER-5 update_20220616]# {code}
gitlab commented on 2022-06-17T09:56:08.189+0800:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a commit|57ec6f6513] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.06-firewall-v4|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.06-firewall-v4]:{quote}更新sapp、quic、app_sketch_local,修复:{quote}
gitlab commented on 2022-06-17T09:56:20.241+0800:
[刘学利|https://git.mesalab.cn/liuxueli] mentioned this issue in [a merge request|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/merge_requests/808] of [TSG / tsg-os-buildimage|https://git.mesalab.cn/tsg/tsg-os-buildimage] on branch [update-22.06-firewall-v4|https://git.mesalab.cn/tsg/tsg-os-buildimage/-/tree/update-22.06-firewall-v4]:{quote}更新sapp、quic、app_sketch_local,修复:{quote}
Attachments
Attachment: 5G_20220615_01.pcap
Attachment: http-gtp-ipv6-addr-erorr.pcap
Attachment: image-2022-06-15-10-13-16-119.png
Attachment: securityEvents+(8).xlsx