Amarisoft

How to redirect traffic from UE to another network

 

For this, your UE instance must have tun_setup_script enabled.

If you want traffic arriving at UE instance side to be redirected to a physical network, here is what you must do.

 

Prerequisite

Let's call MyNET the physical network to use.The PC running UE simulator must have an interface connected to MyNet.
Let's call ethX the name of the interface and let's assume it is connectedon a X.X.X.X/24 subnet.

We assume you are using the default ue-ifup script provided within AmarisoftUE simulator release.

All the script lines will have to be added at the end of ue-ifup script.

 

Create interface for UE on MyNet

For each UE, will will create a macvlan interface.
As name must be unique, we will use $ue_id to make it work on each UE.
Add the following to ue-ifup script:

# Physical interface to use ifname_phy="ethX" # Macvlan interface bound on physical interface to use in namespace ifname_virt="${ifname_phy}${ue_id}" # Create macvlan interface ip link add link $ifname_phy name $ifname_virt type macvlan mode bridge # Add macvlan to namespace and set it up ip link set $ifname_virt netns $ue_id ip netns exec $ue_id ip link set $ifname_virt up

 

Configure interface

Each UE interface must have an IP address on MyNet.

You can use DHCP:

ip netns exec $ue_id dhclient $ifname_virt

Or configure it manually:

ip netns exec $ue_id ip addr add $virt_ip/24 dev $ifname_virt

Note that in static case, $virt_ip must be different for each UE.

 

Configure NAT

Then let's configure NAT on UE:

# Configure NAT ip netns exec $ue_id bash -c "echo 1 > /proc/sys/net/ipv4/ip_forward" ip netns exec $ue_id iptables -t nat -A POSTROUTING -o ${ifname_virt} -j MASQUERADE

 

Add port forwarding

Port forwarding will allow IP traffic reaching UE to be forwarded toanother server on MyNET.

Let's try to reach SSH server on MySSH, which IP is x.x.x.x on MyNet.

IP="x.x.x.x" # Set port forwarding for SSH ip netns exec $ue_id iptables -A PREROUTING -t nat -i $ifname -p tcp --dport 22 -j DNAT --to $IP:22 ip netns exec $ue_id iptables -A FORWARD -p tcp -d $IP --dport 22 -j ACCEPT

 

Let's test

Let's assume UE got 192.168.3.2 as IP from HSS.

ssh <user>@192.168.3.2

Will connect to SSH server MySSH through UE.

© 2024 All rights reserved | Legal notice |