Changes between Version 26 and Version 27 of GENILTE/LTEDeployment

Timestamp:

06/13/17 16:26:01 (7 years ago)

Author:

lnevers@bbn.com

Comment:

--

GENILTE/LTEDeployment

@@ -138 +138 @@
 == Configurations changes ==
 
-
-
-TBD
+The following '''openair-cn''' configuration files were modified for the BBN Site :
+{{{
+lnevers@gpo-pc:~/openair-cn/ETC$ git status --verbose
+On branch master
+Your branch is up-to-date with 'origin/master'.
+Changes not staged for commit:
+  (use "git add <file>..." to update what will be committed)
+  (use "git checkout -- <file>..." to discard changes in working directory)
+
+        modified:   ../BUILD/TOOLS/build_helper
+        modified:   acl.conf
+        modified:   hss.conf
+        modified:   hss_fd.conf
+        modified:   mme.conf
+        modified:   mme_fd.conf
+        modified:   spgw.conf
+        modified:   ../SRC/SECU/nas_stream_eea2.c
+
+Untracked files:
+  (use "git add <file>..." to include in what will be committed)
+
+        ../BUILD/MME/BUILD/
+        ../BUILD/MME/CMakeLists.txt
+        ../BUILD/SPGW/BUILD/
+        ../BUILD/SPGW/CMakeLists.txt
+
+no changes added to commit (use "git add" and/or "git commit -a")
+lnevers@gpo-pc:~/openair-cn/ETC$ 
+}}}
+
+Following are details for each modification for all files modified.  A build script and MME, HSS and SPGW configuration files were modified:
+
+{{{
+lnevers@gpo-pc:~/openair-cn/ETC$ git diff 
+diff --git a/BUILD/TOOLS/build_helper b/BUILD/TOOLS/build_helper
+index 14db791..ce402c4 100644
+--- a/BUILD/TOOLS/build_helper
++++ b/BUILD/TOOLS/build_helper
+@@ -644,8 +644,8 @@ check_install_hss_software() {
+   $SUDO apt-get install $OPTION \
+     phpmyadmin \
+     python-pexpect \
+-    php5 \
+-    libapache2-mod-php5 
++    php7.0 \
++    libapache2-mod-php7.0 
+ }
+ 
+ #-------------------------------------------------------------------------------
+diff --git a/ETC/acl.conf b/ETC/acl.conf
+index 953f598..16618d6 100644
+--- a/ETC/acl.conf
++++ b/ETC/acl.conf
+@@ -16,4 +16,4 @@
+ # It is specified for example as:
+ # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net
+ 
+-ALLOW_OLD_TLS   *.openair4G.eur
++ALLOW_OLD_TLS   *.bbn.com
+diff --git a/ETC/hss.conf b/ETC/hss.conf
+index e385c08..0e2666d 100644
+--- a/ETC/hss.conf
++++ b/ETC/hss.conf
+@@ -22,13 +22,13 @@ HSS :
+ {
+ ## MySQL mandatory options
+ MYSQL_server = "127.0.0.1";     # HSS S6a bind address
+-MYSQL_user   = "@MYSQL_user@";  # Database server login
+-MYSQL_pass   = "@MYSQL_pass@";  # Database server password
++MYSQL_user   = "root";          # Database server login
++MYSQL_pass   = "linux";         # Database server password
+ MYSQL_db     = "oai_db";        # Your database name 
+ 
+ ## HSS options
+-OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database
+-#OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database
++#OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database
++OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database
+ 
+ RANDOM = "true";                                   # True random or only pseudo random (for subscriber vector generation)
+ 
+diff --git a/ETC/hss_fd.conf b/ETC/hss_fd.conf
+index 02b2474..a74e144 100644
+--- a/ETC/hss_fd.conf
++++ b/ETC/hss_fd.conf
+@@ -4,11 +4,11 @@
+ # that the Identity used is a valid FQDN for the peer. This parameter can be 
+ # omitted, in that case the framework will attempt to use system default value 
+ # (as returned by hostname --fqdn). 
+-Identity = "hss.openair4G.eur";
++Identity = "hss.bbn.com";
+ 
+ # In Diameter, all peers also belong to a Realm. If the realm is not specified,
+ # the framework uses the part of the Identity after the first dot.
+-Realm = "openair4G.eur";
++Realm = "bbn.com";
+ 
+ 
+ # This parameter is mandatory, even if it is possible to disable TLS for peers 
+diff --git a/ETC/mme.conf b/ETC/mme.conf
+index 1d8d9b5..7b4aa7d 100644
+--- a/ETC/mme.conf
++++ b/ETC/mme.conf
+@@ -21,7 +21,8 @@
+ 
+ MME : 
+ {
+-    REALM                                     = "openair4G.eur";                # YOUR REALM HERE
++    REALM                                     = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com";                # YOUR REALM HERE
++    PID_DIRECTORY                             = "/var/run";
+     # Define the limits of the system in terms of served eNB and served UE.
+     # When the limits will be reached, overload procedure will take place.
+     MAXENB                                    = 2;                              # power of 2
+@@ -74,7 +75,7 @@ MME :
+     # MME code DEFAULT  size = 8 bits
+     # MME GROUP ID size = 16 bits
+     GUMMEI_LIST = ( 
+-         {MCC="208" ; MNC="93"; MME_GID="4" ; MME_CODE="1"; }                   # YOUR GUMMEI CONFIG HERE
++         {MCC="001" ; MNC="01"; MME_GID="4" ; MME_CODE="1"; }                   # YOUR GUMMEI CONFIG HERE
+     );
+ 
+     # ------- MME served TAIs
+@@ -83,7 +84,7 @@ MME :
+     # maximum of 16 TAIs, comma separated
+     # !!! Actually use only one PLMN
+     TAI_LIST = ( 
+-         {MCC="208" ; MNC="93";  TAC = "1"; }                                 # YOUR TAI CONFIG HERE
++         {MCC="001" ; MNC="01";  TAC = "1"; }                                 # YOUR TAI CONFIG HERE
+     );
+     
+     
+@@ -149,8 +150,8 @@ MME :
+     NETWORK_INTERFACES : 
+     {
+         # MME binded interface for S1-C or S1-MME  communication (S1AP), can be ethernet interface, virtual ethernet interface, we don't advise wireless inteaces
+-        MME_INTERFACE_NAME_FOR_S1_MME         = "eth0";                         # YOUR NETWORK CONFIG HERE
+-        MME_IPV4_ADDRESS_FOR_S1_MME           = "192.168.11.17/24";             # YOUR NETWORK CONFIG HERE
++        MME_INTERFACE_NAME_FOR_S1_MME         = "vlan3740";                         # YOUR NETWORK CONFIG HERE
++        MME_IPV4_ADDRESS_FOR_S1_MME           = "10.3.2.11/16";             # YOUR NETWORK CONFIG HERE
+ 
+         # MME binded interface for S11 communication (GTPV2-C)
+         MME_INTERFACE_NAME_FOR_S11_MME        = "lo";                           # YOUR NETWORK CONFIG HERE
+@@ -196,7 +197,7 @@ MME :
+     TESTING :
+     {
+         # file should be copied here from source tree by following command: run_mme --install-mme-files ...
+-        SCENARIO_FILE = "/usr/local/share/oai/test/MME/no_regression.xml";
++        SCENARIO_FILE = "/usr/local/share/oai/test/mme/no_regression.xml";
+     };
+ };
+ 
+@@ -205,4 +206,7 @@ S-GW :
+     # S-GW binded interface for S11 communication (GTPV2-C), if none selected the ITTI message interface is used
+     SGW_IPV4_ADDRESS_FOR_S11                = "127.0.11.2/8";                   # YOUR NETWORK CONFIG HERE
+ 
+-};
+\ No newline at end of file
++    S-GW_LIST_SELECTION = (
++         {ID="tac-lb01.tac-hb00.tac.epc.mnc001.mcc001.3gppnetwork.org" ; SGW_IPV4_ADDRESS_FOR_S11="127.0.11.2/8";}
++    );
++};
+diff --git a/ETC/mme_fd.conf b/ETC/mme_fd.conf
+index 0a91619..dc33332 100644
+--- a/ETC/mme_fd.conf
++++ b/ETC/mme_fd.conf
+@@ -1,8 +1,8 @@
+ # -------- Local ---------
+ 
+ # Uncomment if the framework cannot resolv it.
+-Identity = "yang.openair4G.eur";
+-Realm = "openair4G.eur";
++Identity = "gpo-pc.donotdelete.ch-geni-net.instageni.gpolab.bbn.com";
++Realm = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com";
+ 
+ # TLS configuration (see previous section)
+ TLS_Cred = "/usr/local/etc/oai/freeDiameter/mme.cert.pem",
+@@ -100,4 +100,4 @@ LoadExtension = "dict_s6a.fdx";
+ # incoming connections from other peers, see the acl_wl.fdx? extension which 
+ # allows exactly this. 
+ 
+-ConnectPeer= "hss.openair4G.eur" { ConnectTo = "127.0.0.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868;  realm = "openair4G.eur";};
++ConnectPeer= "hss.donotdelete.ch-geni-net.instageni.gpolab.bbn.com" { ConnectTo = "127.0.33.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868;  realm = onotdelete.ch-geni-net.instageni.gpolab.bbn.com";};
+diff --git a/ETC/spgw.conf b/ETC/spgw.conf
+index 8095ec3..c9abe7c 100644
+--- a/ETC/spgw.conf
++++ b/ETC/spgw.conf
+@@ -27,8 +27,8 @@ S-GW :
+         SGW_IPV4_ADDRESS_FOR_S11                = "127.0.11.2/8";               # STRING, CIDR, YOUR NETWORK CONFIG HERE
+ 
+         # S-GW binded interface for S1-U communication (GTPV1-U) can be ethernet interface, virtual ethernet interface, we don't advise wireless interfaces
+-        SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP    = "eth0";                       # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run on e host
+-        SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP      = "192.168.11.17/24";           # STRING, CIDR, YOUR NETWORK CONFIG HERE
++        SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP    = "vlan3740";                       # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run  eNB host
++        SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP      = "10.3.2.11/16";           # STRING, CIDR, YOUR NETWORK CONFIG HERE
+         SGW_IPV4_PORT_FOR_S1U_S12_S4_UP         = 2152;                         # INTEGER, port number, PREFER NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
+ 
+         # S-GW binded interface for S5 or S8 communication, not implemented, so leave it to none
+@@ -76,9 +76,9 @@ P-GW =
+         PGW_INTERFACE_NAME_FOR_S5_S8          = "none";                         # STRING, interface name, DO NOT CHANGE (NOT IMPLEMENTED YET)
+ 
+         # P-GW binded interface for SGI (egress/ingress internet traffic)
+-        PGW_INTERFACE_NAME_FOR_SGI            = "eth3";                         # STRING, YOUR NETWORK CONFIG HERE
+-        PGW_MASQUERADE_SGI                    = "no";                           # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if youut "yes".
+-        UE_TCP_MSS_CLAMPING                   = "no";                           # STRING, {"yes", "no"}. 
++        PGW_INTERFACE_NAME_FOR_SGI            = "enp3s0f0";                         # STRING, YOUR NETWORK CONFIG HERE
++        PGW_MASQUERADE_SGI                    = "yes";                           # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if yoput "yes".
++        UE_TCP_MSS_CLAMPING                   = "yes";                           # STRING, {"yes", "no"}. 
+     };
+     
+     # Pool of UE assigned IP addresses
+@@ -93,12 +93,11 @@ P-GW =
+     };
+     
+     # DNS address communicated to UEs
+-    DEFAULT_DNS_IPV4_ADDRESS     = "8.8.8.8";                                   # YOUR NETWORK CONFIG HERE
+-    DEFAULT_DNS_SEC_IPV4_ADDRESS = "8.8.4.4";                                   # YOUR NETWORK CONFIG HERE
++    DEFAULT_DNS_IPV4_ADDRESS     = "128.33.0.20";                                   # YOUR NETWORK CONFIG HERE
++    DEFAULT_DNS_SEC_IPV4_ADDRESS = "128.33.1.20";                                   # YOUR NETWORK CONFIG HERE
+ 
+     # Non standard feature, normally should be set to "no", but you may need to set to yes for UE that do not explicitly request a PDN address through NAS sialling
+-    FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "no";                           # STRING, {"yes", "no"}. 
+-    UE_MTU                                    = 1500                            # INTEGER
++    FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "yes";                           # STRING, {"yes", "no"}. 
++    UE_MTU                                    = 1488                            # INTEGER
++    GTPV1U_REALIZATION                        = "GTP_KERNEL_MODULE";            # STRING {"NO_GTP_KERNEL_AVAILABLE", "GTP_KERNEL_MODULE", "GTP_KERNEL"}. In aontainer you may not be able 
+ };
+-
+-
+diff --git a/SRC/SECU/nas_stream_eea2.c b/SRC/SECU/nas_stream_eea2.c
+index 83f331e..86c8d50 100644
+--- a/SRC/SECU/nas_stream_eea2.c
++++ b/SRC/SECU/nas_stream_eea2.c
+@@ -61,7 +61,7 @@ nas_stream_encrypt_eea2 (
+   /*
+    * Other bits are 0
+    */
+-  nettle_aes128.set_encrypt_key (ctx, stream_cipher->key_length, stream_cipher->key);
++  nettle_aes128.set_encrypt_key (ctx, stream_cipher->key);
+   nettle_ctr_crypt (ctx, nettle_aes128.encrypt, nettle_aes128.block_size, m, byte_length, data, stream_cipher->message);
+ 
+   if (zero_bit > 0)
+}}}}
+
+