forked from acouzens/open5gs
Update document
This commit is contained in:
parent
bd080f5095
commit
13fd9afbd1
|
@ -37,7 +37,7 @@ example_conf = '''
|
||||||
volte.yaml
|
volte.yaml
|
||||||
vonr.yaml
|
vonr.yaml
|
||||||
slice.yaml
|
slice.yaml
|
||||||
srslte.yaml
|
srsenb.yaml
|
||||||
non3gpp.yaml
|
non3gpp.yaml
|
||||||
'''.split()
|
'''.split()
|
||||||
|
|
||||||
|
|
|
@ -57,13 +57,13 @@ mme:
|
||||||
- addr: 127.0.0.2
|
- addr: 127.0.0.2
|
||||||
gummei:
|
gummei:
|
||||||
plmn_id:
|
plmn_id:
|
||||||
mcc: 999
|
mcc: 901
|
||||||
mnc: 70
|
mnc: 70
|
||||||
mme_gid: 2
|
mme_gid: 2
|
||||||
mme_code: 1
|
mme_code: 1
|
||||||
tai:
|
tai:
|
||||||
plmn_id:
|
plmn_id:
|
||||||
mcc: 999
|
mcc: 901
|
||||||
mnc: 70
|
mnc: 70
|
||||||
tac: 7
|
tac: 7
|
||||||
security:
|
security:
|
||||||
|
@ -125,19 +125,19 @@ amf:
|
||||||
- addr: 127.0.0.5
|
- addr: 127.0.0.5
|
||||||
guami:
|
guami:
|
||||||
- plmn_id:
|
- plmn_id:
|
||||||
mcc: 999
|
mcc: 901
|
||||||
mnc: 70
|
mnc: 70
|
||||||
amf_id:
|
amf_id:
|
||||||
region: 2
|
region: 2
|
||||||
set: 1
|
set: 1
|
||||||
tai:
|
tai:
|
||||||
- plmn_id:
|
- plmn_id:
|
||||||
mcc: 999
|
mcc: 901
|
||||||
mnc: 70
|
mnc: 70
|
||||||
tac: 1
|
tac: 1
|
||||||
plmn_support:
|
plmn_support:
|
||||||
- plmn_id:
|
- plmn_id:
|
||||||
mcc: 999
|
mcc: 901
|
||||||
mnc: 70
|
mnc: 70
|
||||||
s_nssai:
|
s_nssai:
|
||||||
- sst: 1
|
- sst: 1
|
|
@ -418,37 +418,6 @@ Enter the subscriber details of your SIM cards using this tool, to save the subs
|
||||||
|
|
||||||
In order to bridge between the PGWU/UPF and WAN (Internet), you must enable IP forwarding and add a NAT rule to your IP Tables.
|
In order to bridge between the PGWU/UPF and WAN (Internet), you must enable IP forwarding and add a NAT rule to your IP Tables.
|
||||||
|
|
||||||
**Note:** For the first run, it makes things simpler if you do not have any rules in the IP/NAT tables. If a program such as docker has already set up a rule, you will need to add rules differently.
|
|
||||||
{: .notice--danger}
|
|
||||||
|
|
||||||
You can check your current IP Table rules with the following commands (these tables are empty):
|
|
||||||
```bash
|
|
||||||
### Check IP Tables
|
|
||||||
$ sudo iptables -L
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain FORWARD (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
### Check NAT Tables
|
|
||||||
$ sudo iptables -L -t nat
|
|
||||||
Chain PREROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain POSTROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
```
|
|
||||||
|
|
||||||
To enable forwarding and add the NAT rule, enter
|
To enable forwarding and add the NAT rule, enter
|
||||||
```bash
|
```bash
|
||||||
### Enable IPv4/IPv6 Forwarding
|
### Enable IPv4/IPv6 Forwarding
|
||||||
|
@ -460,9 +429,26 @@ $ sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE
|
||||||
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Configure the firewall correctly. Some operating systems (Ubuntu) by default enable firewall rules to block traffic.
|
||||||
|
```bash
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
$ sudo ufw enable
|
||||||
|
Firewall is active and enabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: active
|
||||||
|
$ sudo ufw disable
|
||||||
|
Firewall stopped and disabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
```
|
||||||
|
|
||||||
Optionally, you may consider the settings below for security purposes.
|
Optionally, you may consider the settings below for security purposes.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted
|
||||||
|
$ sudo iptables -I INPUT -i ogstun -j ACCEPT
|
||||||
|
|
||||||
### Prevent UE's from connecting to the host on which UPF is running
|
### Prevent UE's from connecting to the host on which UPF is running
|
||||||
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP
|
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP
|
||||||
$ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
$ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
||||||
|
@ -473,9 +459,6 @@ $ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
||||||
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
|
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note:** The above assumes you do not have any existing rules in the filter and nat tables. If a program such as docker has already set up rules, you may need to add the Open5GS related rules differently.
|
|
||||||
{: .notice--danger}
|
|
||||||
|
|
||||||
## 5. Turn on your eNB/gNB and UE
|
## 5. Turn on your eNB/gNB and UE
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -468,37 +468,13 @@ To add subscriber information, you can do WebUI operations in the following orde
|
||||||
**Note:** Subscribers added with this tool immediately register in the Open5GS HSS/UDR without the need to restart any daemon. However, if you use the WebUI to change subscriber profile, you must restart the Open5GS AMF/MME daemon for the changes to take effect.
|
**Note:** Subscribers added with this tool immediately register in the Open5GS HSS/UDR without the need to restart any daemon. However, if you use the WebUI to change subscriber profile, you must restart the Open5GS AMF/MME daemon for the changes to take effect.
|
||||||
{: .notice--warning}
|
{: .notice--warning}
|
||||||
|
|
||||||
### IP routing + NAT for UE internet connectivity
|
#### Adding a route for the UE to have WAN connectivity {#UEInternet}
|
||||||
---
|
---
|
||||||
|
|
||||||
To allow your phones to connect to the internet, you must run the following command on the host running Open5GS-PGW:
|
In order to bridge between the PGWU/UPF and WAN (Internet), you must enable IP forwarding and add a NAT rule to your IP Tables.
|
||||||
|
|
||||||
|
To enable forwarding and add the NAT rule, enter
|
||||||
```bash
|
```bash
|
||||||
### Check IP Table 'forward'
|
|
||||||
$ sudo iptables -L
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain FORWARD (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
### Check IP Table 'nat'
|
|
||||||
$ sudo iptables -L -t nat
|
|
||||||
Chain PREROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain POSTROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
### Enable IPv4/IPv6 Forwarding
|
### Enable IPv4/IPv6 Forwarding
|
||||||
$ sudo sysctl -w net.ipv4.ip_forward=1
|
$ sudo sysctl -w net.ipv4.ip_forward=1
|
||||||
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1
|
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1
|
||||||
|
@ -508,9 +484,26 @@ $ sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE
|
||||||
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Configure the firewall correctly. Some operating systems (Ubuntu) by default enable firewall rules to block traffic.
|
||||||
|
```bash
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
$ sudo ufw enable
|
||||||
|
Firewall is active and enabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: active
|
||||||
|
$ sudo ufw disable
|
||||||
|
Firewall stopped and disabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
```
|
||||||
|
|
||||||
Optionally, you may consider the settings below for security purposes.
|
Optionally, you may consider the settings below for security purposes.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted
|
||||||
|
$ sudo iptables -I INPUT -i ogstun -j ACCEPT
|
||||||
|
|
||||||
### Prevent UE's from connecting to the host on which UPF is running
|
### Prevent UE's from connecting to the host on which UPF is running
|
||||||
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP
|
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP
|
||||||
$ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
$ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
||||||
|
@ -521,10 +514,7 @@ $ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
||||||
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
|
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note:** The above assumes you do not have any existing rules in the filter and nat tables. If a program such as docker has already set up rules, you may need to add the Open5GS related rules differently.
|
## 5. Turn on your eNB/gNB and UE
|
||||||
{: .notice--danger}
|
|
||||||
|
|
||||||
### Turn on your eNodeB and Phone
|
|
||||||
---
|
---
|
||||||
|
|
||||||
- You can see actual traffic through wireshark -- [[srsenb.pcapng]]({{ site.url }}{{ site.baseurl }}/assets/pcapng/srsenb.pcapng).
|
- You can see actual traffic through wireshark -- [[srsenb.pcapng]]({{ site.url }}{{ site.baseurl }}/assets/pcapng/srsenb.pcapng).
|
||||||
|
|
|
@ -151,21 +151,6 @@ __DNN/APN Requested by UE not present in UDM/HSS:__
|
||||||
Ensure the DNNs/APNs requested by the UE are present in the UDM/HSS.
|
Ensure the DNNs/APNs requested by the UE are present in the UDM/HSS.
|
||||||
|
|
||||||
|
|
||||||
#### UE shows "5G" or "LTE" Connection but has no IP Connectivity to the outside World
|
|
||||||
If your device shows as connected (Includes 5G/LTE symbol) there are a few simple things to check to diagnose connectivity issues:
|
|
||||||
* The UPF can contact the outside world (Can resolve DNS, browse, etc)
|
|
||||||
* Check if the interface connected to the internet is correctly `NAT` with the `ogstun` interface.
|
|
||||||
- Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted
|
|
||||||
```
|
|
||||||
$ sudo iptables -I INPUT -i ogstun -j ACCEPT
|
|
||||||
```
|
|
||||||
* Check if the UE's IP can be pinged successfully by performing `ping <IP of UE>` -- [e.g. `ping 10.45.0.2`]
|
|
||||||
* Configure the firewall correctly. Some operating systems (Ubuntu) by default enable firewall rules to block traffic
|
|
||||||
- Explicitly disable it to see if it resolves the problem of granting data access to the UE by doing
|
|
||||||
```
|
|
||||||
$ sudo ufw disable
|
|
||||||
```
|
|
||||||
|
|
||||||
## Further Debugging
|
## Further Debugging
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ First, you have to prepare USRP B200/B210 to run srsRAN. However, please keep in
|
||||||
For USRP B200/B210, you can use a GPS antenna for clock synchronization. Of course, it can work without a GPS antenna, but if you have that antenna, it's a good to have a window near your desk where you can put the small GPS patch antenna. In my case, a 1 to 2 meters antenna cable is used between desk/computer and the window.
|
For USRP B200/B210, you can use a GPS antenna for clock synchronization. Of course, it can work without a GPS antenna, but if you have that antenna, it's a good to have a window near your desk where you can put the small GPS patch antenna. In my case, a 1 to 2 meters antenna cable is used between desk/computer and the window.
|
||||||
|
|
||||||
This document will be described with the following equipment.
|
This document will be described with the following equipment.
|
||||||
- i5-8500 PC with Ubuntu 20.04(focal)
|
- i5-8500 PC with Ubuntu 22.04(jammy)
|
||||||
- USRP B200/B210 with USB 3.0
|
- USRP B200/B210 with USB 3.0
|
||||||
- iPhone XS
|
- iPhone XS
|
||||||
- sysmoUSIM-SJS1
|
- sysmoUSIM-SJS1
|
||||||
|
@ -46,7 +46,7 @@ Bascially, you can learn how to use it in the [sysmoUSIM manual](https://www.sys
|
||||||
|
|
||||||
###### Install dependencies:
|
###### Install dependencies:
|
||||||
```
|
```
|
||||||
$ sudo apt-get install pcscd pcsc-tools libccid libpcsclite-dev python-pyscard
|
$ sudo apt-get install pcscd pcsc-tools libccid libpcsclite-dev python3-pyscard
|
||||||
```
|
```
|
||||||
- Connect SIM card reader to your computer and insert programmable SIM card to the reader.
|
- Connect SIM card reader to your computer and insert programmable SIM card to the reader.
|
||||||
|
|
||||||
|
@ -70,8 +70,13 @@ Sun May 26 14:26:12 2019
|
||||||
###### Get the code of PySIM with installing dependency:
|
###### Get the code of PySIM with installing dependency:
|
||||||
|
|
||||||
```
|
```
|
||||||
$ sudo apt-get install python-pyscard python-serial python-pip
|
$ sudo apt-get install --no-install-recommends \
|
||||||
$ pip install pytlv
|
pcscd libpcsclite-dev \
|
||||||
|
python3 \
|
||||||
|
python3-setuptools \
|
||||||
|
python3-pyscard \
|
||||||
|
python3-pip
|
||||||
|
pip3 install --user -r requirements.txt
|
||||||
$ git clone git://git.osmocom.org/pysim
|
$ git clone git://git.osmocom.org/pysim
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -122,7 +127,7 @@ Most Linux distributions provide UHD as part of their package management. On *De
|
||||||
```bash
|
```bash
|
||||||
$ sudo add-apt-repository ppa:ettusresearch/uhd
|
$ sudo add-apt-repository ppa:ettusresearch/uhd
|
||||||
$ sudo apt update
|
$ sudo apt update
|
||||||
$ sudo apt install libuhd-dev libuhd003 uhd-host
|
$ sudo apt install libuhd-dev uhd-host
|
||||||
```
|
```
|
||||||
|
|
||||||
After installing, you need to download the FPGA images packages by running _uhd images downloader_ on the command line (the actual path may differ based on your installation):
|
After installing, you need to download the FPGA images packages by running _uhd images downloader_ on the command line (the actual path may differ based on your installation):
|
||||||
|
@ -133,7 +138,7 @@ $ sudo /usr/lib/uhd/utils/uhd_images_downloader.py
|
||||||
|
|
||||||
#### 2. srsRAN
|
#### 2. srsRAN
|
||||||
|
|
||||||
On *Ubuntu 20.04(focal)*, one can install the required libraries with:
|
On *Ubuntu 22.04(jammy)*, one can install the required libraries with:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ sudo apt install cmake libfftw3-dev libmbedtls-dev libboost-program-options-dev libconfig++-dev libsctp-dev
|
$ sudo apt install cmake libfftw3-dev libmbedtls-dev libboost-program-options-dev libconfig++-dev libsctp-dev
|
||||||
|
@ -144,9 +149,9 @@ Download and build srsLTE:
|
||||||
```bash
|
```bash
|
||||||
$ git clone https://github.com/srsRAN/srsRAN.git
|
$ git clone https://github.com/srsRAN/srsRAN.git
|
||||||
$ cd srsRAN
|
$ cd srsRAN
|
||||||
$ git checkout release_21_10
|
$ git checkout release_22_10
|
||||||
$ git rev-parse HEAD
|
$ git rev-parse HEAD
|
||||||
5275f33360f1b3f1ee8d1c4d9ae951ac7c4ecd4e
|
254cc719a9a31f64ce0262f4ca6ab72b1803477d
|
||||||
$ mkdir build
|
$ mkdir build
|
||||||
$ cd build
|
$ cd build
|
||||||
$ cmake ../
|
$ cmake ../
|
||||||
|
@ -156,13 +161,8 @@ $ make test
|
||||||
|
|
||||||
#### 3. Open5GS
|
#### 3. Open5GS
|
||||||
|
|
||||||
Install the MongoDB packages.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
```
|
|
||||||
|
|
||||||
The Open5GS package is available on the recent versions of *Ubuntu*.
|
The Open5GS package is available on the recent versions of *Ubuntu*.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Install the MongoDB Packages
|
# Install the MongoDB Packages
|
||||||
$ wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -
|
$ wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -
|
||||||
|
@ -170,13 +170,8 @@ $ echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongo
|
||||||
$ sudo apt update
|
$ sudo apt update
|
||||||
$ sudo apt install mongodb-org
|
$ sudo apt install mongodb-org
|
||||||
|
|
||||||
# Getting the authentication key
|
|
||||||
$ sudo apt install wget
|
|
||||||
$ wget https://download.opensuse.org/repositories/home:/acetcom:/open5gs:/latest/xUbuntu_20.04/Release.key
|
|
||||||
$ sudo apt-key add Release.key
|
|
||||||
|
|
||||||
# Installing Open5GS
|
# Installing Open5GS
|
||||||
$ sudo sh -c "echo 'deb https://download.opensuse.org/repositories/home:/acetcom:/open5gs:/latest/xUbuntu_20.04/ ./' > /etc/apt/sources.list.d/open5gs.list"
|
$ sudo add-apt-repository ppa:open5gs/latest
|
||||||
$ sudo apt update
|
$ sudo apt update
|
||||||
$ sudo apt install open5gs
|
$ sudo apt install open5gs
|
||||||
```
|
```
|
||||||
|
@ -239,17 +234,20 @@ Then proceed as follows:
|
||||||
Modify [install/etc/open5gs/mme.yaml](https://github.com/{{ site.github_username }}/open5gs/blob/main/configs/open5gs/mme.yaml.in) to set the S1AP IP address, PLMN ID, and TAC.
|
Modify [install/etc/open5gs/mme.yaml](https://github.com/{{ site.github_username }}/open5gs/blob/main/configs/open5gs/mme.yaml.in) to set the S1AP IP address, PLMN ID, and TAC.
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
$ diff -u /etc/open5gs/mme.yaml.old /etc/open5gs/mme.yaml
|
$ diff --git a/configs/open5gs/mme.yaml.in b/configs/open5gs/mme.yaml.in
|
||||||
--- mme.yaml 2020-09-05 20:52:28.648235143 -0400
|
index 722648dd6..c998a1e47 100644
|
||||||
+++ mme.yaml.new 2020-09-05 20:56:05.434484208 -0400
|
--- a/configs/open5gs/mme.yaml.in
|
||||||
@@ -253,20 +253,20 @@ mme:
|
+++ b/configs/open5gs/mme.yaml.in
|
||||||
|
@@ -251,7 +251,7 @@ logger:
|
||||||
|
mme:
|
||||||
|
freeDiameter: @sysconfdir@/freeDiameter/mme.conf
|
||||||
s1ap:
|
s1ap:
|
||||||
- - addr: 127.0.0.2
|
- - addr: 127.0.0.2
|
||||||
+ - addr: 10.10.0.2
|
+ - addr: 127.0.1.2
|
||||||
gtpc:
|
gtpc:
|
||||||
- addr: 127.0.0.2
|
- addr: 127.0.0.2
|
||||||
metrics:
|
metrics:
|
||||||
addr: 127.0.0.2
|
@@ -259,15 +259,15 @@ mme:
|
||||||
port: 9090
|
port: 9090
|
||||||
gummei:
|
gummei:
|
||||||
plmn_id:
|
plmn_id:
|
||||||
|
@ -263,66 +261,25 @@ $ diff -u /etc/open5gs/mme.yaml.old /etc/open5gs/mme.yaml
|
||||||
plmn_id:
|
plmn_id:
|
||||||
- mcc: 999
|
- mcc: 999
|
||||||
- mnc: 70
|
- mnc: 70
|
||||||
|
- tac: 1
|
||||||
+ mcc: 310
|
+ mcc: 310
|
||||||
+ mnc: 789
|
+ mnc: 789
|
||||||
tac: 1
|
+ tac: 5
|
||||||
security:
|
security:
|
||||||
integrity_order : [ EIA2, EIA1, EIA0 ]
|
integrity_order : [ EIA2, EIA1, EIA0 ]
|
||||||
|
ciphering_order : [ EEA0, EEA1, EEA2 ]
|
||||||
```
|
```
|
||||||
|
|
||||||
Modify [install/etc/open5gs/sgwu.yaml](https://github.com/{{ site.github_username }}/open5gs/blob/main/configs/open5gs/sgwu.yaml.in) to set the GTP-U IP address.
|
|
||||||
```diff
|
|
||||||
$ diff --git a/configs/open5gs/sgwu.yaml.in b/configs/open5gs/sgwu.yaml.in
|
|
||||||
index 8ccf94378..25b6884a3 100644
|
|
||||||
--- a/configs/open5gs/sgwu.yaml.in
|
|
||||||
+++ b/configs/open5gs/sgwu.yaml.in
|
|
||||||
@@ -100,7 +100,7 @@ sgwu:
|
|
||||||
pfcp:
|
|
||||||
- addr: 127.0.0.6
|
|
||||||
gtpu:
|
|
||||||
- - addr: 127.0.0.6
|
|
||||||
+ - addr: 10.11.0.6
|
|
||||||
|
|
||||||
#
|
|
||||||
# sgwc:
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
After changing conf files, please restart Open5GS daemons.
|
After changing conf files, please restart Open5GS daemons.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ sudo systemctl restart open5gs-mmed.service
|
$ sudo systemctl restart open5gs-mmed.service
|
||||||
$ sudo systemctl restart open5gs-sgwud.service
|
|
||||||
```
|
```
|
||||||
|
|
||||||
If your phone can connect to internet, you must run the following command in Open5GS-PGW installed host.
|
In order to bridge between the PGWU/UPF and WAN (Internet), you must enable IP forwarding and add a NAT rule to your IP Tables.
|
||||||
|
|
||||||
|
To enable forwarding and add the NAT rule, enter
|
||||||
```bash
|
```bash
|
||||||
### Check IP Tables
|
|
||||||
$ sudo iptables -L
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain FORWARD (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
### Check NAT Tables
|
|
||||||
$ sudo iptables -L -t nat
|
|
||||||
Chain PREROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain INPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain OUTPUT (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
Chain POSTROUTING (policy ACCEPT)
|
|
||||||
target prot opt source destination
|
|
||||||
|
|
||||||
### Enable IPv4/IPv6 Forwarding
|
### Enable IPv4/IPv6 Forwarding
|
||||||
$ sudo sysctl -w net.ipv4.ip_forward=1
|
$ sudo sysctl -w net.ipv4.ip_forward=1
|
||||||
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1
|
$ sudo sysctl -w net.ipv6.conf.all.forwarding=1
|
||||||
|
@ -332,8 +289,35 @@ $ sudo iptables -t nat -A POSTROUTING -s 10.45.0.0/16 ! -o ogstun -j MASQUERADE
|
||||||
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
$ sudo ip6tables -t nat -A POSTROUTING -s 2001:db8:cafe::/48 ! -o ogstun -j MASQUERADE
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note:** For the first time, it is a good condition if you do not have any rules in the IP/NAT tables. If a program such as docker has already set up a rule, you will need to add a rule differently.
|
Configure the firewall correctly. Some operating systems (Ubuntu) by default enable firewall rules to block traffic.
|
||||||
{: .notice--danger}
|
```bash
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
$ sudo ufw enable
|
||||||
|
Firewall is active and enabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: active
|
||||||
|
$ sudo ufw disable
|
||||||
|
Firewall stopped and disabled on system startup
|
||||||
|
$ sudo ufw status
|
||||||
|
Status: inactive
|
||||||
|
```
|
||||||
|
|
||||||
|
Optionally, you may consider the settings below for security purposes.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
### Ensure that the packets in the `INPUT` chain to the `ogstun` interface are accepted
|
||||||
|
$ sudo iptables -I INPUT -i ogstun -j ACCEPT
|
||||||
|
|
||||||
|
### Prevent UE's from connecting to the host on which UPF is running
|
||||||
|
$ sudo iptables -I INPUT -s 10.45.0.0/16 -j DROP
|
||||||
|
$ sudo ip6tables -I INPUT -s 2001:db8:cafe::/48 -j DROP
|
||||||
|
|
||||||
|
### If your core network runs over multiple hosts, you probably want to block
|
||||||
|
### UE originating traffic from accessing other network functions.
|
||||||
|
### Replace x.x.x.x/y with the VNFs IP/subnet
|
||||||
|
$ sudo iptables -I FORWARD -s 10.45.0.0/16 -d x.x.x.x/y -j DROP
|
||||||
|
```
|
||||||
|
|
||||||
#### 2. srsRAN
|
#### 2. srsRAN
|
||||||
Change back to the srsRAN source directory and copy the main config example as well as all additional config files for RR, SIB and DRB.
|
Change back to the srsRAN source directory and copy the main config example as well as all additional config files for RR, SIB and DRB.
|
||||||
|
@ -343,15 +327,14 @@ $ cp srsenb/enb.conf.example srsenb/enb.conf
|
||||||
$ cp srsenb/rr.conf.example srsenb/rr.conf
|
$ cp srsenb/rr.conf.example srsenb/rr.conf
|
||||||
$ cp srsenb/drb.conf.example srsenb/drb.conf
|
$ cp srsenb/drb.conf.example srsenb/drb.conf
|
||||||
$ cp srsenb/sib.conf.example srsenb/sib.conf
|
$ cp srsenb/sib.conf.example srsenb/sib.conf
|
||||||
$ cp srsenb/sib.conf.mbsfn.example srsenb/sib.conf.mbsfn
|
|
||||||
```
|
```
|
||||||
|
|
||||||
You should check your phone frequency. If your phone does not support Band-3, you should use a different DL EARFCN value.
|
You should check your phone frequency. If your phone does not support Band-3, you should use a different DL EARFCN value.
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
$ diff -u enb.conf.example enb.conf
|
$ diff -u enb.conf.example enb.conf
|
||||||
-- enb.conf.example 2022-01-19 20:30:13.612993155 +0900
|
--- enb.conf.example 2022-12-11 10:04:37.519188021 +0900
|
||||||
+++ enb.conf 2022-01-19 21:04:15.674419300 +0900
|
+++ enb.conf 2022-12-11 10:45:13.746995146 +0900
|
||||||
@@ -20,9 +20,9 @@
|
@@ -20,9 +20,9 @@
|
||||||
#####################################################################
|
#####################################################################
|
||||||
[enb]
|
[enb]
|
||||||
|
@ -365,36 +348,18 @@ $ diff -u enb.conf.example enb.conf
|
||||||
gtp_bind_addr = 127.0.1.1
|
gtp_bind_addr = 127.0.1.1
|
||||||
s1c_bind_addr = 127.0.1.1
|
s1c_bind_addr = 127.0.1.1
|
||||||
s1c_bind_port = 0
|
s1c_bind_port = 0
|
||||||
@@ -67,7 +67,7 @@
|
|
||||||
tx_gain = 80
|
|
||||||
rx_gain = 40
|
|
||||||
|
|
||||||
-#device_name = auto
|
|
||||||
+device_name = auto
|
|
||||||
|
|
||||||
# For best performance in 2x2 MIMO and >= 15 MHz use the following device_args settings:
|
|
||||||
# USRP B210: num_recv_frames=64,num_send_frames=64
|
|
||||||
@@ -81,7 +81,7 @@
|
|
||||||
|
|
||||||
# Example for ZMQ-based operation with TCP transport for I/Q samples
|
|
||||||
#device_name = zmq
|
|
||||||
-#device_args = fail_on_disconnect=true,tx_port=tcp://*:2000,rx_port=tcp://localhost:2001,id=enb,base_srate=23.04e6
|
|
||||||
+device_args = clock=external
|
|
||||||
|
|
||||||
#####################################################################
|
|
||||||
# Packet capture configuration
|
|
||||||
```
|
```
|
||||||
|
|
||||||
```diff
|
```diff
|
||||||
$ diff -u rr.conf.example rr.conf
|
$ diff -u rr.conf.example rr.conf
|
||||||
-- rr.conf.example 2022-01-19 20:30:13.620992794 +0900
|
--- rr.conf.example 2022-12-11 10:04:37.523187831 +0900
|
||||||
+++ rr.conf 2022-01-19 21:05:21.959044145 +0900
|
+++ rr.conf 2022-12-11 10:42:23.590401941 +0900
|
||||||
@@ -55,10 +55,10 @@
|
@@ -55,10 +55,10 @@
|
||||||
{
|
{
|
||||||
// rf_port = 0;
|
// rf_port = 0;
|
||||||
cell_id = 0x01;
|
cell_id = 0x01;
|
||||||
- tac = 0x0007;
|
- tac = 0x0007;
|
||||||
+ tac = 0x0002;
|
+ tac = 0x0005;
|
||||||
pci = 1;
|
pci = 1;
|
||||||
// root_seq_idx = 204;
|
// root_seq_idx = 204;
|
||||||
- dl_earfcn = 3350;
|
- dl_earfcn = 3350;
|
||||||
|
@ -406,29 +371,44 @@ $ diff -u rr.conf.example rr.conf
|
||||||
nr_cell_list =
|
nr_cell_list =
|
||||||
(
|
(
|
||||||
// no NR cells
|
// no NR cells
|
||||||
|
-);
|
||||||
|
\ No newline at end of file
|
||||||
|
+);
|
||||||
```
|
```
|
||||||
|
|
||||||
MME Address, TAC, PLMN ID, DL EARFCN, and Device Argument are updated as belows.
|
MME Address, TAC, PLMN ID, DL EARFCN, and Device Argument are updated as belows.
|
||||||
|
|
||||||
```
|
```
|
||||||
MME Address : 127.0.1.2
|
MME Address : 127.0.1.2
|
||||||
TAC : 2
|
TAC : 5
|
||||||
PLMN ID : MNC(310), MCC(789) programmed USIM with a card reader
|
PLMN ID : MNC(310), MCC(789) programmed USIM with a card reader
|
||||||
DL EARFCN : Band-3 - from your Phone
|
DL EARFCN : Band-3 - from your Phone
|
||||||
Device Argument : Clock source from external GPS-DO
|
Device Argument : Clock source from external GPS-DO
|
||||||
```
|
```
|
||||||
|
|
||||||
If you are not using GPS-DO, you can just comment out `device_args` as shown below.
|
If you are using GPS-DO, you need to add `device_args` as shown below.
|
||||||
```diff
|
```diff
|
||||||
$ diff -u enb.conf enb.conf.no_gps_do
|
$ diff -u enb.conf.example enb.conf
|
||||||
--- enb.conf 2022-01-19 21:08:32.941527373 +0900
|
--- enb.conf.example 2022-12-11 10:04:37.519188021 +0900
|
||||||
+++ enb.conf.no_gps_do 2022-01-19 21:10:18.612581261 +0900
|
+++ enb.conf 2022-12-11 10:44:25.565094551 +0900
|
||||||
@@ -81,7 +81,7 @@
|
@@ -20,9 +20,9 @@
|
||||||
|
#####################################################################
|
||||||
|
[enb]
|
||||||
|
enb_id = 0x19B
|
||||||
|
-mcc = 001
|
||||||
|
-mnc = 01
|
||||||
|
-mme_addr = 127.0.1.100
|
||||||
|
+mcc = 310
|
||||||
|
+mnc = 789
|
||||||
|
+mme_addr = 127.0.1.2
|
||||||
|
gtp_bind_addr = 127.0.1.1
|
||||||
|
s1c_bind_addr = 127.0.1.1
|
||||||
|
s1c_bind_port = 0
|
||||||
|
@@ -82,6 +82,7 @@
|
||||||
# Example for ZMQ-based operation with TCP transport for I/Q samples
|
# Example for ZMQ-based operation with TCP transport for I/Q samples
|
||||||
#device_name = zmq
|
#device_name = zmq
|
||||||
-device_args = clock=external
|
#device_args = fail_on_disconnect=true,tx_port=tcp://*:2000,rx_port=tcp://localhost:2001,id=enb,base_srate=23.04e6
|
||||||
+#device_args = fail_on_disconnect=true,tx_port=tcp://*:2000,rx_port=tcp://localhost:2001,id=enb,base_srate=23.04e6
|
+device_args = clock=external
|
||||||
|
|
||||||
#####################################################################
|
#####################################################################
|
||||||
# Packet capture configuration
|
# Packet capture configuration
|
||||||
|
@ -438,25 +418,30 @@ Now, run the srsRAN as follows:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ cd srsenb/
|
$ cd srsenb/
|
||||||
$ sudo UHD_IMAGES_DIR=/usr/share/uhd/images ../build/srsenb/src/srsenb ./enb.conf
|
$ sudo ../build/srsenb/src/srsenb ./enb.conf
|
||||||
|
[sudo] password for acetcom:
|
||||||
|
Active RF plugins: libsrsran_rf_uhd.so
|
||||||
|
Inactive RF plugins:
|
||||||
--- Software Radio Systems LTE eNodeB ---
|
--- Software Radio Systems LTE eNodeB ---
|
||||||
|
|
||||||
Reading configuration file ./enb.conf...
|
Reading configuration file ./enb.conf...
|
||||||
WARNING: cpu0 scaling governor is not set to performance mode. Realtime processing could be compromised. Consider setting it to performance mode before running the application.
|
WARNING: cpu0 scaling governor is not set to performance mode. Realtime processing could be compromised. Consider setting it to performance mode before running the application.
|
||||||
|
|
||||||
Built in Release mode using commit 5275f3336 on branch HEAD.
|
Built in Release mode using commit 254cc719a on branch HEAD.
|
||||||
|
|
||||||
connect(): Connection refused
|
|
||||||
Failed to initiate S1 connection. Attempting reconnection in 10 seconds
|
|
||||||
Opening 1 channels in RF device=default with args=default
|
Opening 1 channels in RF device=default with args=default
|
||||||
Available RF device list: UHD
|
Supported RF device list: UHD file
|
||||||
Trying to open RF device 'UHD'
|
Trying to open RF device 'UHD'
|
||||||
[INFO] [UHD] linux; GNU C++ version 9.3.0; Boost_107100; UHD_4.1.0.4-release
|
[INFO] [UHD] linux; GNU C++ version 11.2.0; Boost_107400; UHD_4.3.0.0-0ubuntu1~jammy1
|
||||||
[INFO] [LOGGING] Fastpath logging disabled at runtime.
|
[INFO] [LOGGING] Fastpath logging disabled at runtime.
|
||||||
|
[INFO] [B200] Loading firmware image: /usr/share/uhd/images/usrp_b200_fw.hex...
|
||||||
Opening USRP channels=1, args: type=b200,master_clock_rate=23.04e6
|
Opening USRP channels=1, args: type=b200,master_clock_rate=23.04e6
|
||||||
[INFO] [UHD RF] RF UHD Generic instance constructed
|
[INFO] [UHD RF] RF UHD Generic instance constructed
|
||||||
[INFO] [B200] Detected Device: B200
|
[INFO] [B200] Detected Device: B200
|
||||||
|
[INFO] [B200] Loading FPGA image: /usr/share/uhd/images/usrp_b200_fpga.bin...
|
||||||
[INFO] [B200] Operating over USB 3.
|
[INFO] [B200] Operating over USB 3.
|
||||||
|
[INFO] [B200] Detecting internal GPSDO....
|
||||||
|
[INFO] [GPS] No GPSDO found
|
||||||
[INFO] [B200] Initialize CODEC control...
|
[INFO] [B200] Initialize CODEC control...
|
||||||
[INFO] [B200] Initialize Radio control...
|
[INFO] [B200] Initialize Radio control...
|
||||||
[INFO] [B200] Performing register loopback test...
|
[INFO] [B200] Performing register loopback test...
|
||||||
|
@ -467,6 +452,7 @@ RF device 'UHD' successfully opened
|
||||||
|
|
||||||
==== eNodeB started ===
|
==== eNodeB started ===
|
||||||
Type <t> to view trace
|
Type <t> to view trace
|
||||||
|
Setting frequency: DL=1845.0 Mhz, UL=1750.0 MHz for cc_idx=0 nof_prb=50
|
||||||
```
|
```
|
||||||
|
|
||||||
### Turn on your eNodeB and Phone
|
### Turn on your eNodeB and Phone
|
||||||
|
|
|
@ -772,8 +772,13 @@ ip addr add 192.168.101.1/24 dev ogstun2
|
||||||
ip addr add fd1f:76f3:da9b:0101::/48 dev ogstun2
|
ip addr add fd1f:76f3:da9b:0101::/48 dev ogstun2
|
||||||
ip link set ogstun2 mtu 1400
|
ip link set ogstun2 mtu 1400
|
||||||
ip link set ogstun2 up
|
ip link set ogstun2 up
|
||||||
|
iptables -t nat -A POSTROUTING -s 192.168.101.0/24 ! -o ogstun2 -j MASQUERADE
|
||||||
|
ip6tables -t nat -A POSTROUTING -s fd1f:76f3:da9b:0101::/48 ! -o ogstun2 -j MASQUERADE
|
||||||
iptables -I INPUT -i ogstun2 -j ACCEPT
|
iptables -I INPUT -i ogstun2 -j ACCEPT
|
||||||
ip6tables -I INPUT -i ogstun2 -j ACCEPT
|
ip6tables -I INPUT -i ogstun2 -j ACCEPT
|
||||||
|
|
||||||
|
ufw enable
|
||||||
|
ufw disable
|
||||||
```
|
```
|
||||||
|
|
||||||
Add users with following APN settings in Open5GS:
|
Add users with following APN settings in Open5GS:
|
||||||
|
|
|
@ -12,9 +12,10 @@ head_inline: "<style> ul { padding-bottom: 1em; } </style>"
|
||||||
|
|
||||||
- Tutorials
|
- Tutorials
|
||||||
- [Your First LTE](tutorial/01-your-first-lte)
|
- [Your First LTE](tutorial/01-your-first-lte)
|
||||||
|
- [5G SA COTS UE](https://docs.srsran.com/en/latest/app_notes/source/5g_sa_COTS/source/index.html) from [SRS](https://srs.io)
|
||||||
|
- [Metrics with Prometheus](tutorial/04-metrics-prometheus)
|
||||||
- [VoLTE Setup with Kamailio IMS and Open5GS](tutorial/02-VoLTE-setup)
|
- [VoLTE Setup with Kamailio IMS and Open5GS](tutorial/02-VoLTE-setup)
|
||||||
- [Dockerized VoLTE Setup](tutorial/03-VoLTE-dockerized)
|
- [Dockerized VoLTE Setup](tutorial/03-VoLTE-dockerized)
|
||||||
- [Metrics with Prometheus](tutorial/04-metrics-prometheus)
|
|
||||||
|
|
||||||
- Inside Source Code
|
- Inside Source Code
|
||||||
- [Detailed Architecture of Open5GS](https://chowdera.com/2022/151/202205312246348316.html)
|
- [Detailed Architecture of Open5GS](https://chowdera.com/2022/151/202205312246348316.html)
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue