[[PageOutline]] = !OpenAirInterface ePC GENI Site Deployment = GENI !OpenAirInterface Evolved Packet Core (ePC) software deployment is captured in this page. See the [wiki:GENILTE/LTESites GENI LTE EPc Sites] page for details about sites where this setup is deployed. These are reference OAI pages, that provide details about the Kernel and Software deployed at the GENI LTE sites: * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/home OpenAirInterface Project] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup RAN Kernel Requirements] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/HowToConnectCOTSUEwithOAIeNBNew Connect OAI eNB] The GENI ePC installation will use these major component in the OAI ePC: - Mobility Management Entity (MME) - Home Subscriber Server (HSS) - Serving and PDN Gateway (SPGW=S+P-GW) == Prerequisites == The [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/home OpenAirInterface(OAI)] software '''must''' run on a dedicated bare metal node for ExoGENI or Raw-pc for InstaGENI sites. The OAI ePC requires a [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network (RAN) Low-latency kernel] installation, which is available for Ubuntu 14.04 for the master branch. The master branch version/Ubuntu 14.04 is used for the GENI installations. = Get GENI Resource = Reserve a dedicate raw pc for use as the ePC hosts. Use the following RSpecs: - [Attach InstaGENI Gen7/8/9 Ubuntu14 raw pc request Rspec] - [Attach ExoGENI bare metal node request RSpec] Request the appropriate device for you site (IG, EG). == BIOS Requirements == The [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network Kernel] has requirements to disable all power management features in the BIOS (sleep states, in particular C-states) and CPU frequency scaling (Intel SpeedStep). You also need to disable hyper-threading, CPU frequency control, C-States, P-States and any other power management feature from BIOS. = InstaGENI Site Installation = == Installing 4.8 Kernel on IG EPC Resource == After an Ubuntu 16 Raw PC was reserved in the GPO IG rack, the following procedure was followed to create the ePC setup: {{{ # Note the Ubuntu 16.04.1l image delivers a GNU/Linux 4.4.0-34-generic sudo apt-get update sudo apt-get -y upgrade # Note the next step requests a conflicting grub change. The procedure kept existing grub sudo apt-get -y dist-upgrade sudo reboot # Note system comes up with Kernel 4.4.0-78-generic sudo apt-get install --install-recommends xserver-xorg-hwe-16.04 sudo reboot # Note system comes up with Kernel 4.8.0-53-generic }}} Next step is optional, disk was resized to make sure there is all possible disk space available: {{{ sudo apt-get install gparted -y # Note resize /dev/sda1 from 16G to 19G and create partition /dev/sda2 from from "unallocated" 900G type=ext4 and named extra # Next add new partition to files system files sudo mkdir /extra sudo vi /etc/fstab # Make file system part of persistent definition by inserting the following to /etc/fstab /dev/sda2 /extra ext4 defaults 0 0 # Mount newly added file system and change ownership sudo mount /extra sudo chown -R lnevers:ch--OpenFlowTuto /extra/ }}} Enable GPRS Tunneling Protocol kernel module {{{ sudo modprobe gtp }}} == Installing OAI Software == Assuming you have completed the 4.8 Kernel installation, we proceed to install the !OpenAirInterface software as specified in the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository]. Follow the instructions on the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository] page. The wiki OAI Repository has a wiki page that captures [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/HowToConnectCOTSUEwithOAIeNBNew How to Connect OAI ePC with COTS User Equipment]. Following are installation steps followed: {{{ # Note some prerequisites installation and configured sudo apt-get install i7z cpufrequtils -y sudo vi /etc/default/cpufrequtils # insert the following in the file GOVERNOR="performance" sudo update-rc.d ondemand disable sudo reboot }}} Next the installation of the OAI packages: {{{ sudo apt-get update sudo apt-get install subversion git git config --global user.name "Luisa Nevers" git config --global user.email "luisa.nevers@raytheon.com" echo -n | openssl s_client -showcerts -connect gitlab.eurecom.fr:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-certificates.crt git config --global http.sslverify false }}} Put in place links for additional disk space: {{{ cd /extra git clone https://gitlab.eurecom.fr/oai/openairinterface5g.git git clone https://gitlab.eurecom.fr/oai/openair-cn.git git clone https://gitlab.eurecom.fr/oai/xtables-addons-oai.git ln -s /extra/open* ~/. ln -s /extra/xtable* ~/. }}} Build eNB/ePC packages: {{{ # Building eNB. cd ~/openairinterface5g source oaienv cd cmake_targets ./build_oai -I # Building ePC: cd ~/openair-cn/SCRIPTS ./build_mme -i # sudo apt-get install mysql-server --reinstall -y ./build_hss -i ./build_spgw -i }}} == Configurations changes == The following '''openair-cn''' configuration files were modified for the BBN Site : {{{ lnevers@gpo-pc:~/openair-cn/ETC$ git status --verbose On branch master Your branch is up-to-date with 'origin/master'. Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git checkout -- ..." to discard changes in working directory) modified: ../BUILD/TOOLS/build_helper modified: acl.conf modified: hss.conf modified: hss_fd.conf modified: mme.conf modified: mme_fd.conf modified: spgw.conf modified: ../SRC/SECU/nas_stream_eea2.c Untracked files: (use "git add ..." to include in what will be committed) ../BUILD/MME/BUILD/ ../BUILD/MME/CMakeLists.txt ../BUILD/SPGW/BUILD/ ../BUILD/SPGW/CMakeLists.txt no changes added to commit (use "git add" and/or "git commit -a") lnevers@gpo-pc:~/openair-cn/ETC$ }}} Following are details for each modification for all files modified. A build script and MME, HSS and SPGW configuration files were modified: {{{ lnevers@gpo-pc:~/openair-cn/ETC$ git diff diff --git a/BUILD/TOOLS/build_helper b/BUILD/TOOLS/build_helper index 14db791..ce402c4 100644 --- a/BUILD/TOOLS/build_helper +++ b/BUILD/TOOLS/build_helper @@ -644,8 +644,8 @@ check_install_hss_software() { $SUDO apt-get install $OPTION \ phpmyadmin \ python-pexpect \ - php5 \ - libapache2-mod-php5 + php7.0 \ + libapache2-mod-php7.0 } #------------------------------------------------------------------------------- diff --git a/ETC/acl.conf b/ETC/acl.conf index 953f598..16618d6 100644 --- a/ETC/acl.conf +++ b/ETC/acl.conf @@ -16,4 +16,4 @@ # It is specified for example as: # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net -ALLOW_OLD_TLS *.openair4G.eur +ALLOW_OLD_TLS *.bbn.com diff --git a/ETC/hss.conf b/ETC/hss.conf index e385c08..0e2666d 100644 --- a/ETC/hss.conf +++ b/ETC/hss.conf @@ -22,13 +22,13 @@ HSS : { ## MySQL mandatory options MYSQL_server = "127.0.0.1"; # HSS S6a bind address -MYSQL_user = "@MYSQL_user@"; # Database server login -MYSQL_pass = "@MYSQL_pass@"; # Database server password +MYSQL_user = "root"; # Database server login +MYSQL_pass = "linux"; # Database server password MYSQL_db = "oai_db"; # Your database name ## HSS options -OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database -#OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database +#OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database +OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database RANDOM = "true"; # True random or only pseudo random (for subscriber vector generation) diff --git a/ETC/hss_fd.conf b/ETC/hss_fd.conf index 02b2474..a74e144 100644 --- a/ETC/hss_fd.conf +++ b/ETC/hss_fd.conf @@ -4,11 +4,11 @@ # that the Identity used is a valid FQDN for the peer. This parameter can be # omitted, in that case the framework will attempt to use system default value # (as returned by hostname --fqdn). -Identity = "hss.openair4G.eur"; +Identity = "hss.bbn.com"; # In Diameter, all peers also belong to a Realm. If the realm is not specified, # the framework uses the part of the Identity after the first dot. -Realm = "openair4G.eur"; +Realm = "bbn.com"; # This parameter is mandatory, even if it is possible to disable TLS for peers diff --git a/ETC/mme.conf b/ETC/mme.conf index 1d8d9b5..7b4aa7d 100644 --- a/ETC/mme.conf +++ b/ETC/mme.conf @@ -21,7 +21,8 @@ MME : { - REALM = "openair4G.eur"; # YOUR REALM HERE + REALM = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; # YOUR REALM HERE + PID_DIRECTORY = "/var/run"; # Define the limits of the system in terms of served eNB and served UE. # When the limits will be reached, overload procedure will take place. MAXENB = 2; # power of 2 @@ -74,7 +75,7 @@ MME : # MME code DEFAULT size = 8 bits # MME GROUP ID size = 16 bits GUMMEI_LIST = ( - {MCC="208" ; MNC="93"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE + {MCC="001" ; MNC="01"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE ); # ------- MME served TAIs @@ -83,7 +84,7 @@ MME : # maximum of 16 TAIs, comma separated # !!! Actually use only one PLMN TAI_LIST = ( - {MCC="208" ; MNC="93"; TAC = "1"; } # YOUR TAI CONFIG HERE + {MCC="001" ; MNC="01"; TAC = "1"; } # YOUR TAI CONFIG HERE ); @@ -149,8 +150,8 @@ MME : NETWORK_INTERFACES : { # MME binded interface for S1-C or S1-MME communication (S1AP), can be ethernet interface, virtual ethernet interface, we don't advise wireless inteaces - MME_INTERFACE_NAME_FOR_S1_MME = "eth0"; # YOUR NETWORK CONFIG HERE - MME_IPV4_ADDRESS_FOR_S1_MME = "192.168.11.17/24"; # YOUR NETWORK CONFIG HERE + MME_INTERFACE_NAME_FOR_S1_MME = "vlan3740"; # YOUR NETWORK CONFIG HERE + MME_IPV4_ADDRESS_FOR_S1_MME = "10.3.2.11/16"; # YOUR NETWORK CONFIG HERE # MME binded interface for S11 communication (GTPV2-C) MME_INTERFACE_NAME_FOR_S11_MME = "lo"; # YOUR NETWORK CONFIG HERE @@ -196,7 +197,7 @@ MME : TESTING : { # file should be copied here from source tree by following command: run_mme --install-mme-files ... - SCENARIO_FILE = "/usr/local/share/oai/test/MME/no_regression.xml"; + SCENARIO_FILE = "/usr/local/share/oai/test/mme/no_regression.xml"; }; }; @@ -205,4 +206,7 @@ S-GW : # S-GW binded interface for S11 communication (GTPV2-C), if none selected the ITTI message interface is used SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # YOUR NETWORK CONFIG HERE -}; \ No newline at end of file + S-GW_LIST_SELECTION = ( + {ID="tac-lb01.tac-hb00.tac.epc.mnc001.mcc001.3gppnetwork.org" ; SGW_IPV4_ADDRESS_FOR_S11="127.0.11.2/8";} + ); +}; diff --git a/ETC/mme_fd.conf b/ETC/mme_fd.conf index 0a91619..dc33332 100644 --- a/ETC/mme_fd.conf +++ b/ETC/mme_fd.conf @@ -1,8 +1,8 @@ # -------- Local --------- # Uncomment if the framework cannot resolv it. -Identity = "yang.openair4G.eur"; -Realm = "openair4G.eur"; +Identity = "gpo-pc.donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; +Realm = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; # TLS configuration (see previous section) TLS_Cred = "/usr/local/etc/oai/freeDiameter/mme.cert.pem", @@ -100,4 +100,4 @@ LoadExtension = "dict_s6a.fdx"; # incoming connections from other peers, see the acl_wl.fdx? extension which # allows exactly this. -ConnectPeer= "hss.openair4G.eur" { ConnectTo = "127.0.0.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = "openair4G.eur";}; +ConnectPeer= "hss.donotdelete.ch-geni-net.instageni.gpolab.bbn.com" { ConnectTo = "127.0.33.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = onotdelete.ch-geni-net.instageni.gpolab.bbn.com";}; diff --git a/ETC/spgw.conf b/ETC/spgw.conf index 8095ec3..c9abe7c 100644 --- a/ETC/spgw.conf +++ b/ETC/spgw.conf @@ -27,8 +27,8 @@ S-GW : SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # STRING, CIDR, YOUR NETWORK CONFIG HERE # S-GW binded interface for S1-U communication (GTPV1-U) can be ethernet interface, virtual ethernet interface, we don't advise wireless interfaces - SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "eth0"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run on e host - SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "192.168.11.17/24"; # STRING, CIDR, YOUR NETWORK CONFIG HERE + SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "vlan3740"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run eNB host + SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "10.3.2.11/16"; # STRING, CIDR, YOUR NETWORK CONFIG HERE SGW_IPV4_PORT_FOR_S1U_S12_S4_UP = 2152; # INTEGER, port number, PREFER NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING # S-GW binded interface for S5 or S8 communication, not implemented, so leave it to none @@ -76,9 +76,9 @@ P-GW = PGW_INTERFACE_NAME_FOR_S5_S8 = "none"; # STRING, interface name, DO NOT CHANGE (NOT IMPLEMENTED YET) # P-GW binded interface for SGI (egress/ingress internet traffic) - PGW_INTERFACE_NAME_FOR_SGI = "eth3"; # STRING, YOUR NETWORK CONFIG HERE - PGW_MASQUERADE_SGI = "no"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if youut "yes". - UE_TCP_MSS_CLAMPING = "no"; # STRING, {"yes", "no"}. + PGW_INTERFACE_NAME_FOR_SGI = "enp3s0f0"; # STRING, YOUR NETWORK CONFIG HERE + PGW_MASQUERADE_SGI = "yes"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if yoput "yes". + UE_TCP_MSS_CLAMPING = "yes"; # STRING, {"yes", "no"}. }; # Pool of UE assigned IP addresses @@ -93,12 +93,11 @@ P-GW = }; # DNS address communicated to UEs - DEFAULT_DNS_IPV4_ADDRESS = "8.8.8.8"; # YOUR NETWORK CONFIG HERE - DEFAULT_DNS_SEC_IPV4_ADDRESS = "8.8.4.4"; # YOUR NETWORK CONFIG HERE + DEFAULT_DNS_IPV4_ADDRESS = "128.33.0.20"; # YOUR NETWORK CONFIG HERE + DEFAULT_DNS_SEC_IPV4_ADDRESS = "128.33.1.20"; # YOUR NETWORK CONFIG HERE # Non standard feature, normally should be set to "no", but you may need to set to yes for UE that do not explicitly request a PDN address through NAS sialling - FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "no"; # STRING, {"yes", "no"}. - UE_MTU = 1500 # INTEGER + FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "yes"; # STRING, {"yes", "no"}. + UE_MTU = 1488 # INTEGER + GTPV1U_REALIZATION = "GTP_KERNEL_MODULE"; # STRING {"NO_GTP_KERNEL_AVAILABLE", "GTP_KERNEL_MODULE", "GTP_KERNEL"}. In aontainer you may not be able }; - - diff --git a/SRC/SECU/nas_stream_eea2.c b/SRC/SECU/nas_stream_eea2.c index 83f331e..86c8d50 100644 --- a/SRC/SECU/nas_stream_eea2.c +++ b/SRC/SECU/nas_stream_eea2.c @@ -61,7 +61,7 @@ nas_stream_encrypt_eea2 ( /* * Other bits are 0 */ - nettle_aes128.set_encrypt_key (ctx, stream_cipher->key_length, stream_cipher->key); + nettle_aes128.set_encrypt_key (ctx, stream_cipher->key); nettle_ctr_crypt (ctx, nettle_aes128.encrypt, nettle_aes128.block_size, m, byte_length, data, stream_cipher->message); if (zero_bit > 0) }}}} ------------------- NOTE: Instructions below were tried initially, but eventually dropped -------------------- == Installing the RAN Kernel on InstaGENI Gen8 Hosts == This was the originally suggested approach, which was not used due to issues on older racks (Gen7). If you installation is on an InstaGENI with HP Gen8 hosts, login to the raw-pc that you reserved and and execute these commands for the package version of the Kernel Master branch: {{{ git clone https://gitlab.eurecom.fr/oai/linux-4.7.x.git cd linux-4.7.x sudo dpkg -i linux-headers-4.7.7-oaiepc_4.7.7-oaiepc-10.00.Custom_amd64.deb linux-image-4.7.7-oaiepc_4.7.7-oaiepc-10.00.Custom_amd64.deb }}} The above command is an excerpt from the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network Kernel] wiki page. == Installing the RAN Kernel on InstaGENI Gen7 Hosts == If you installation is on an InstaGENI with HP Gen7 hosts, login to the raw-pc that you reserved and and execute the steps details at the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network Kernel] wiki page. You must follow the instruction for Ubuntu 14 and the Ran Master branch. As a reference the GPO IG Gen7 raw pc installation history was captured in the attached file named install-log-gpo-pc1-gen7.txt. == Hostnames and domain-name configuration == Append the following lines to /etc/hosts: {{{ 127.0.1.1 nano.orbit-lab.org nano 127.0.1.1 hss.orbit-lab.org hss }}} Remove /etc/hostname file {{{ sudo rm /etc/hostname }}} Change the hostname: {{{ sudo hostnamectl set-hostname nano }}} Logout and login again to verify hostname change and verify name resolution: {{{ lnevers@nano:~$ sudo getent hosts nano 127.0.1.1 nano.orbit-lab.org nano }}}