SCTP in GCP

shiv1kask · October 20, 2024, 11:41am

hi,

My name is Shiva. I am trying to deploy Open5GS in GCP. Towards that I did the following:

I created a VM in GCP.
I installed Open5GS following the steps as mentioned in https://open5gs.org/open5gs/docs/guide/01-quickstart/
I created firewalls for
webui: 3000/tcp
N2 connection: 38412/sctp (ingress and egress both)
I am able to access webui from outside GCP using public-ip:3000

However I am unable to access the sctp connection on 38412 port from outside GCP.

Strangely, I am able to access sctp connection on 38412 port from another GCP VM which is installed in another GCP account.

When I do sudo nmap -sY <public-ip> -p 38412 from GCP SSH terminal I am able to see that the sctp port as open.
However when I run the same command from my laptop, the port is shown as filtered.

As mentioned in https://open5gs.org/open5gs/docs/troubleshoot/01-simple-issues/ the issue could be sctp connection.

I am using sctp_test tool to check connectivity from laptop to GCP VM. I don’t see any packet transfer.

Do we need to do any special things for sctp connection?

Any suggestions?

Thank you,
Shiva

kensan · October 25, 2024, 2:04pm

Hi @shiv1kask ,

Welcome to Google Cloud Community!

Here are some basic troubleshooting guides that may help in resolving the issue:

Be sure to check any firewall rules on your laptop that might block the traffic(antivirus, etc). If you are using a corporate firewall make sure it doesn’t have any SCTP restrictions.
Do a basic connectivity testing from your laptop to VM. If you can’t ping your VM’s IP address, run a traceroute to see which network hop is causing the connection failure. This will help you identify the problem area.
Make sure that the sctp_test tool you are using is set up to connect to the correct IP address and port. Additionally, review the tool’s logs for any error messages.
Temporarily disable the firewall on your GCP VM to see if the issue is there. If SCTP works, then it’s definitely a firewall configuration problem. Ensure your GCP firewall rules explicitly allow SCTP traffic on port 38412. Many firewalls default to TCP/UDP and require specific rules for SCTP.

Stateful rules can maintain connection context and allow related traffic.You may also check Protocol forwarding, it utilizes a regional forwarding rule to direct packets of a specific protocol to a single virtual machine.

If the issue is not resolved, it is recommended to contact Google Cloud Support. When contacting them, provide comprehensive details and include screenshots. This will help them better understand and address your issue.

I hope the above information is helpful.

shiv1kask · October 26, 2024, 2:15am

Hi Kensan,

Thanks for your reply and its useful information. However we could resolve the issue by assigning a static public IP to our router. I am not sure how this resolved the issue but it works.

I am new to networking, for my learning, could you please share any thoughts on this.

Thanks

Shiva

Topic		Replies	Views
Can't access GCP hosted rtsp stream externally Compute Infrastructure server-configuration	1	4	November 2, 2023
Unable to connect from external IP to googlecloud Compute Infrastructure server-configuration	3	21	June 8, 2024
VM Ports not working. Compute Infrastructure compute-engine	5	26	March 14, 2025

SCTP in GCP

AI Suggested topics