140 | | |
141 | | |
142 | | TBD |
| 140 | The following '''openair-cn''' configuration files were modified for the BBN Site : |
| 141 | {{{ |
| 142 | lnevers@gpo-pc:~/openair-cn/ETC$ git status --verbose |
| 143 | On branch master |
| 144 | Your branch is up-to-date with 'origin/master'. |
| 145 | Changes not staged for commit: |
| 146 | (use "git add <file>..." to update what will be committed) |
| 147 | (use "git checkout -- <file>..." to discard changes in working directory) |
| 148 | |
| 149 | modified: ../BUILD/TOOLS/build_helper |
| 150 | modified: acl.conf |
| 151 | modified: hss.conf |
| 152 | modified: hss_fd.conf |
| 153 | modified: mme.conf |
| 154 | modified: mme_fd.conf |
| 155 | modified: spgw.conf |
| 156 | modified: ../SRC/SECU/nas_stream_eea2.c |
| 157 | |
| 158 | Untracked files: |
| 159 | (use "git add <file>..." to include in what will be committed) |
| 160 | |
| 161 | ../BUILD/MME/BUILD/ |
| 162 | ../BUILD/MME/CMakeLists.txt |
| 163 | ../BUILD/SPGW/BUILD/ |
| 164 | ../BUILD/SPGW/CMakeLists.txt |
| 165 | |
| 166 | no changes added to commit (use "git add" and/or "git commit -a") |
| 167 | lnevers@gpo-pc:~/openair-cn/ETC$ |
| 168 | }}} |
| 169 | |
| 170 | Following are details for each modification for all files modified. A build script and MME, HSS and SPGW configuration files were modified: |
| 171 | |
| 172 | {{{ |
| 173 | lnevers@gpo-pc:~/openair-cn/ETC$ git diff |
| 174 | diff --git a/BUILD/TOOLS/build_helper b/BUILD/TOOLS/build_helper |
| 175 | index 14db791..ce402c4 100644 |
| 176 | --- a/BUILD/TOOLS/build_helper |
| 177 | +++ b/BUILD/TOOLS/build_helper |
| 178 | @@ -644,8 +644,8 @@ check_install_hss_software() { |
| 179 | $SUDO apt-get install $OPTION \ |
| 180 | phpmyadmin \ |
| 181 | python-pexpect \ |
| 182 | - php5 \ |
| 183 | - libapache2-mod-php5 |
| 184 | + php7.0 \ |
| 185 | + libapache2-mod-php7.0 |
| 186 | } |
| 187 | |
| 188 | #------------------------------------------------------------------------------- |
| 189 | diff --git a/ETC/acl.conf b/ETC/acl.conf |
| 190 | index 953f598..16618d6 100644 |
| 191 | --- a/ETC/acl.conf |
| 192 | +++ b/ETC/acl.conf |
| 193 | @@ -16,4 +16,4 @@ |
| 194 | # It is specified for example as: |
| 195 | # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net |
| 196 | |
| 197 | -ALLOW_OLD_TLS *.openair4G.eur |
| 198 | +ALLOW_OLD_TLS *.bbn.com |
| 199 | diff --git a/ETC/hss.conf b/ETC/hss.conf |
| 200 | index e385c08..0e2666d 100644 |
| 201 | --- a/ETC/hss.conf |
| 202 | +++ b/ETC/hss.conf |
| 203 | @@ -22,13 +22,13 @@ HSS : |
| 204 | { |
| 205 | ## MySQL mandatory options |
| 206 | MYSQL_server = "127.0.0.1"; # HSS S6a bind address |
| 207 | -MYSQL_user = "@MYSQL_user@"; # Database server login |
| 208 | -MYSQL_pass = "@MYSQL_pass@"; # Database server password |
| 209 | +MYSQL_user = "root"; # Database server login |
| 210 | +MYSQL_pass = "linux"; # Database server password |
| 211 | MYSQL_db = "oai_db"; # Your database name |
| 212 | |
| 213 | ## HSS options |
| 214 | -OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database |
| 215 | -#OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database |
| 216 | +#OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database |
| 217 | +OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database |
| 218 | |
| 219 | RANDOM = "true"; # True random or only pseudo random (for subscriber vector generation) |
| 220 | |
| 221 | diff --git a/ETC/hss_fd.conf b/ETC/hss_fd.conf |
| 222 | index 02b2474..a74e144 100644 |
| 223 | --- a/ETC/hss_fd.conf |
| 224 | +++ b/ETC/hss_fd.conf |
| 225 | @@ -4,11 +4,11 @@ |
| 226 | # that the Identity used is a valid FQDN for the peer. This parameter can be |
| 227 | # omitted, in that case the framework will attempt to use system default value |
| 228 | # (as returned by hostname --fqdn). |
| 229 | -Identity = "hss.openair4G.eur"; |
| 230 | +Identity = "hss.bbn.com"; |
| 231 | |
| 232 | # In Diameter, all peers also belong to a Realm. If the realm is not specified, |
| 233 | # the framework uses the part of the Identity after the first dot. |
| 234 | -Realm = "openair4G.eur"; |
| 235 | +Realm = "bbn.com"; |
| 236 | |
| 237 | |
| 238 | # This parameter is mandatory, even if it is possible to disable TLS for peers |
| 239 | diff --git a/ETC/mme.conf b/ETC/mme.conf |
| 240 | index 1d8d9b5..7b4aa7d 100644 |
| 241 | --- a/ETC/mme.conf |
| 242 | +++ b/ETC/mme.conf |
| 243 | @@ -21,7 +21,8 @@ |
| 244 | |
| 245 | MME : |
| 246 | { |
| 247 | - REALM = "openair4G.eur"; # YOUR REALM HERE |
| 248 | + REALM = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; # YOUR REALM HERE |
| 249 | + PID_DIRECTORY = "/var/run"; |
| 250 | # Define the limits of the system in terms of served eNB and served UE. |
| 251 | # When the limits will be reached, overload procedure will take place. |
| 252 | MAXENB = 2; # power of 2 |
| 253 | @@ -74,7 +75,7 @@ MME : |
| 254 | # MME code DEFAULT size = 8 bits |
| 255 | # MME GROUP ID size = 16 bits |
| 256 | GUMMEI_LIST = ( |
| 257 | - {MCC="208" ; MNC="93"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE |
| 258 | + {MCC="001" ; MNC="01"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE |
| 259 | ); |
| 260 | |
| 261 | # ------- MME served TAIs |
| 262 | @@ -83,7 +84,7 @@ MME : |
| 263 | # maximum of 16 TAIs, comma separated |
| 264 | # !!! Actually use only one PLMN |
| 265 | TAI_LIST = ( |
| 266 | - {MCC="208" ; MNC="93"; TAC = "1"; } # YOUR TAI CONFIG HERE |
| 267 | + {MCC="001" ; MNC="01"; TAC = "1"; } # YOUR TAI CONFIG HERE |
| 268 | ); |
| 269 | |
| 270 | |
| 271 | @@ -149,8 +150,8 @@ MME : |
| 272 | NETWORK_INTERFACES : |
| 273 | { |
| 274 | # MME binded interface for S1-C or S1-MME communication (S1AP), can be ethernet interface, virtual ethernet interface, we don't advise wireless inteaces |
| 275 | - MME_INTERFACE_NAME_FOR_S1_MME = "eth0"; # YOUR NETWORK CONFIG HERE |
| 276 | - MME_IPV4_ADDRESS_FOR_S1_MME = "192.168.11.17/24"; # YOUR NETWORK CONFIG HERE |
| 277 | + MME_INTERFACE_NAME_FOR_S1_MME = "vlan3740"; # YOUR NETWORK CONFIG HERE |
| 278 | + MME_IPV4_ADDRESS_FOR_S1_MME = "10.3.2.11/16"; # YOUR NETWORK CONFIG HERE |
| 279 | |
| 280 | # MME binded interface for S11 communication (GTPV2-C) |
| 281 | MME_INTERFACE_NAME_FOR_S11_MME = "lo"; # YOUR NETWORK CONFIG HERE |
| 282 | @@ -196,7 +197,7 @@ MME : |
| 283 | TESTING : |
| 284 | { |
| 285 | # file should be copied here from source tree by following command: run_mme --install-mme-files ... |
| 286 | - SCENARIO_FILE = "/usr/local/share/oai/test/MME/no_regression.xml"; |
| 287 | + SCENARIO_FILE = "/usr/local/share/oai/test/mme/no_regression.xml"; |
| 288 | }; |
| 289 | }; |
| 290 | |
| 291 | @@ -205,4 +206,7 @@ S-GW : |
| 292 | # S-GW binded interface for S11 communication (GTPV2-C), if none selected the ITTI message interface is used |
| 293 | SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # YOUR NETWORK CONFIG HERE |
| 294 | |
| 295 | -}; |
| 296 | \ No newline at end of file |
| 297 | + S-GW_LIST_SELECTION = ( |
| 298 | + {ID="tac-lb01.tac-hb00.tac.epc.mnc001.mcc001.3gppnetwork.org" ; SGW_IPV4_ADDRESS_FOR_S11="127.0.11.2/8";} |
| 299 | + ); |
| 300 | +}; |
| 301 | diff --git a/ETC/mme_fd.conf b/ETC/mme_fd.conf |
| 302 | index 0a91619..dc33332 100644 |
| 303 | --- a/ETC/mme_fd.conf |
| 304 | +++ b/ETC/mme_fd.conf |
| 305 | @@ -1,8 +1,8 @@ |
| 306 | # -------- Local --------- |
| 307 | |
| 308 | # Uncomment if the framework cannot resolv it. |
| 309 | -Identity = "yang.openair4G.eur"; |
| 310 | -Realm = "openair4G.eur"; |
| 311 | +Identity = "gpo-pc.donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; |
| 312 | +Realm = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; |
| 313 | |
| 314 | # TLS configuration (see previous section) |
| 315 | TLS_Cred = "/usr/local/etc/oai/freeDiameter/mme.cert.pem", |
| 316 | @@ -100,4 +100,4 @@ LoadExtension = "dict_s6a.fdx"; |
| 317 | # incoming connections from other peers, see the acl_wl.fdx? extension which |
| 318 | # allows exactly this. |
| 319 | |
| 320 | -ConnectPeer= "hss.openair4G.eur" { ConnectTo = "127.0.0.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = "openair4G.eur";}; |
| 321 | +ConnectPeer= "hss.donotdelete.ch-geni-net.instageni.gpolab.bbn.com" { ConnectTo = "127.0.33.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = onotdelete.ch-geni-net.instageni.gpolab.bbn.com";}; |
| 322 | diff --git a/ETC/spgw.conf b/ETC/spgw.conf |
| 323 | index 8095ec3..c9abe7c 100644 |
| 324 | --- a/ETC/spgw.conf |
| 325 | +++ b/ETC/spgw.conf |
| 326 | @@ -27,8 +27,8 @@ S-GW : |
| 327 | SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # STRING, CIDR, YOUR NETWORK CONFIG HERE |
| 328 | |
| 329 | # S-GW binded interface for S1-U communication (GTPV1-U) can be ethernet interface, virtual ethernet interface, we don't advise wireless interfaces |
| 330 | - SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "eth0"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run on e host |
| 331 | - SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "192.168.11.17/24"; # STRING, CIDR, YOUR NETWORK CONFIG HERE |
| 332 | + SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "vlan3740"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run eNB host |
| 333 | + SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "10.3.2.11/16"; # STRING, CIDR, YOUR NETWORK CONFIG HERE |
| 334 | SGW_IPV4_PORT_FOR_S1U_S12_S4_UP = 2152; # INTEGER, port number, PREFER NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING |
| 335 | |
| 336 | # S-GW binded interface for S5 or S8 communication, not implemented, so leave it to none |
| 337 | @@ -76,9 +76,9 @@ P-GW = |
| 338 | PGW_INTERFACE_NAME_FOR_S5_S8 = "none"; # STRING, interface name, DO NOT CHANGE (NOT IMPLEMENTED YET) |
| 339 | |
| 340 | # P-GW binded interface for SGI (egress/ingress internet traffic) |
| 341 | - PGW_INTERFACE_NAME_FOR_SGI = "eth3"; # STRING, YOUR NETWORK CONFIG HERE |
| 342 | - PGW_MASQUERADE_SGI = "no"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if youut "yes". |
| 343 | - UE_TCP_MSS_CLAMPING = "no"; # STRING, {"yes", "no"}. |
| 344 | + PGW_INTERFACE_NAME_FOR_SGI = "enp3s0f0"; # STRING, YOUR NETWORK CONFIG HERE |
| 345 | + PGW_MASQUERADE_SGI = "yes"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if yoput "yes". |
| 346 | + UE_TCP_MSS_CLAMPING = "yes"; # STRING, {"yes", "no"}. |
| 347 | }; |
| 348 | |
| 349 | # Pool of UE assigned IP addresses |
| 350 | @@ -93,12 +93,11 @@ P-GW = |
| 351 | }; |
| 352 | |
| 353 | # DNS address communicated to UEs |
| 354 | - DEFAULT_DNS_IPV4_ADDRESS = "8.8.8.8"; # YOUR NETWORK CONFIG HERE |
| 355 | - DEFAULT_DNS_SEC_IPV4_ADDRESS = "8.8.4.4"; # YOUR NETWORK CONFIG HERE |
| 356 | + DEFAULT_DNS_IPV4_ADDRESS = "128.33.0.20"; # YOUR NETWORK CONFIG HERE |
| 357 | + DEFAULT_DNS_SEC_IPV4_ADDRESS = "128.33.1.20"; # YOUR NETWORK CONFIG HERE |
| 358 | |
| 359 | # Non standard feature, normally should be set to "no", but you may need to set to yes for UE that do not explicitly request a PDN address through NAS sialling |
| 360 | - FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "no"; # STRING, {"yes", "no"}. |
| 361 | - UE_MTU = 1500 # INTEGER |
| 362 | + FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "yes"; # STRING, {"yes", "no"}. |
| 363 | + UE_MTU = 1488 # INTEGER |
| 364 | + GTPV1U_REALIZATION = "GTP_KERNEL_MODULE"; # STRING {"NO_GTP_KERNEL_AVAILABLE", "GTP_KERNEL_MODULE", "GTP_KERNEL"}. In aontainer you may not be able |
| 365 | }; |
| 366 | - |
| 367 | - |
| 368 | diff --git a/SRC/SECU/nas_stream_eea2.c b/SRC/SECU/nas_stream_eea2.c |
| 369 | index 83f331e..86c8d50 100644 |
| 370 | --- a/SRC/SECU/nas_stream_eea2.c |
| 371 | +++ b/SRC/SECU/nas_stream_eea2.c |
| 372 | @@ -61,7 +61,7 @@ nas_stream_encrypt_eea2 ( |
| 373 | /* |
| 374 | * Other bits are 0 |
| 375 | */ |
| 376 | - nettle_aes128.set_encrypt_key (ctx, stream_cipher->key_length, stream_cipher->key); |
| 377 | + nettle_aes128.set_encrypt_key (ctx, stream_cipher->key); |
| 378 | nettle_ctr_crypt (ctx, nettle_aes128.encrypt, nettle_aes128.block_size, m, byte_length, data, stream_cipher->message); |
| 379 | |
| 380 | if (zero_bit > 0) |
| 381 | }}}} |
| 382 | |
| 383 | |