Skip to content

[e2e] check if UE traffic with non-assigned IP address is not passing.#303

Open
sergeymatov wants to merge 1 commit intomasterfrom
e2e/ip-spoofing
Open

[e2e] check if UE traffic with non-assigned IP address is not passing.#303
sergeymatov wants to merge 1 commit intomasterfrom
e2e/ip-spoofing

Conversation

@sergeymatov
Copy link
Contributor

No description provided.

Copy link
Member

@RoadRunnr RoadRunnr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The description of the changeset is invalid.

A UPF should do that the PDRs and FARs tell it to do. If the PDRs permit IPs other then the UE IP, then it is the job of the UPF to forward them. It has not bussines to infer rules that are not setup by the control path.

There are valid use cases, where devices behind a UE send data with source IPs that do not match the UEs IP.

That does not mean the the test is invalid. Ensuring that only source IPs matched by PDRs/FARs are forwarded is a valid check.

However, it would be possible to create PDRs/FARs that permit additional IP ranges as source IPs. In that case, those IPs should be forwarded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants