[[PageOutline]] = !OpenAirInterface ePC GENI Site Deployment = GENI !OpenAirInterface Evolved Packet Core (ePC) software deployment is captured in this page. See the [wiki:GENILTE/LTESites GENI LTE EPc Sites] page for details about sites where this setup is deployed. These are reference OAI pages, that provide details about the Kernel and Software deployed at the GENI LTE sites: * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/home OpenAirInterface Project] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup RAN Kernel Requirements] * [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/HowToConnectCOTSUEwithOAIeNBNew Connect OAI eNB] The GENI ePC installation will use these major component in the OAI ePC: - Mobility Management Entity (MME) - Home Subscriber Server (HSS) - Serving and PDN Gateway (SPGW=S+P-GW) == Prerequisites == The [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/home OpenAirInterface(OAI)] software '''must''' run on a dedicated bare metal node for ExoGENI or Raw-pc for InstaGENI sites. The OAI ePC requires a [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network (RAN) Low-latency kernel] installation, which is available for Ubuntu 14.04 for the master branch. The master branch version/Ubuntu 14.04 is used for the GENI installations. = Get GENI Resource = Reserve a dedicate raw pc for use as the ePC hosts. Use the following RSpecs: - [Attach InstaGENI Gen7/8/9 Ubuntu14 raw pc request Rspec] - [Attach ExoGENI bare metal node request RSpec] Request the appropriate device for you site (IG, EG). == BIOS Requirements == The [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/OpenAirKernelMainSetup Radio Access Network Kernel] has requirements to disable all power management features in the BIOS (sleep states, in particular C-states) and CPU frequency scaling (Intel SpeedStep). You also need to disable hyper-threading, CPU frequency control, C-States, P-States and any other power management feature from BIOS. = InstaGENI Site Installation = == Installing 4.8 Kernel on IG EPC Resource == After an Ubuntu 16 Raw PC was reserved in the GPO IG rack, the following procedure was followed to create the ePC setup: {{{ # Note the Ubuntu 16.04.1l image delivers a GNU/Linux 4.4.0-34-generic sudo apt-get update sudo apt-get -y upgrade # Note the next step requests a conflicting grub change. The procedure kept existing grub sudo apt-get -y dist-upgrade sudo reboot # Note system comes up with Kernel 4.4.0-78-generic sudo apt-get install --install-recommends xserver-xorg-hwe-16.04 sudo reboot # Note system comes up with Kernel 4.8.0-53-generic }}} Next step is optional, disk was resized to make sure there is all possible disk space available: {{{ sudo apt-get install gparted -y # Note resize /dev/sda1 from 16G to 19G and create partition /dev/sda2 from from "unallocated" 900G type=ext4 and named extra # Next add new partition to files system files sudo mkdir /extra sudo vi /etc/fstab # Make file system part of persistent definition by inserting the following to /etc/fstab /dev/sda2 /extra ext4 defaults 0 0 # Mount newly added file system and change ownership sudo mount /extra sudo chown -R lnevers:ch--OpenFlowTuto /extra/ }}} Enable GPRS Tunneling Protocol kernel module {{{ sudo modprobe gtp }}} == Installing OAI Software == Assuming you have completed the 4.8 Kernel installation, we proceed to install the !OpenAirInterface software as specified in the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository]. Follow the instructions on the [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/GetSources OAI Repository] page. The wiki OAI Repository has a wiki page that captures [https://gitlab.eurecom.fr/oai/openairinterface5g/wikis/HowToConnectCOTSUEwithOAIeNBNew How to Connect OAI ePC with COTS User Equipment]. Following are installation steps followed: {{{ # Note some prerequisites installation and configured sudo apt-get install i7z cpufrequtils -y sudo vi /etc/default/cpufrequtils # insert the following in the file GOVERNOR="performance" sudo update-rc.d ondemand disable sudo reboot }}} Next the installation of the OAI packages: {{{ sudo apt-get update sudo apt-get install subversion git git config --global user.name "Luisa Nevers" git config --global user.email "luisa.nevers@raytheon.com" echo -n | openssl s_client -showcerts -connect gitlab.eurecom.fr:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-certificates.crt git config --global http.sslverify false }}} Put in place links for additional disk space: {{{ cd /extra git clone https://gitlab.eurecom.fr/oai/openairinterface5g.git git clone https://gitlab.eurecom.fr/oai/openair-cn.git git clone https://gitlab.eurecom.fr/oai/xtables-addons-oai.git ln -s /extra/open* ~/. ln -s /extra/xtable* ~/. }}} Build eNB/ePC packages: {{{ # Building eNB. cd ~/openairinterface5g source oaienv cd cmake_targets ./build_oai -I # Building ePC: cd ~/openair-cn/ git checkout develop cd SCRIPTS ./build_mme -i # sudo apt-get install mysql-server --reinstall -y ./build_hss -i ./build_spgw -i }}} == ePC OAI Configurations changes == The following '''openair-cn''' configuration files were modified for the BBN Site : {{{ lnevers@gpo-pc:~/openair-cn/ETC$ git status --verbose On branch master Your branch is up-to-date with 'origin/master'. Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git checkout -- ..." to discard changes in working directory) modified: ../BUILD/TOOLS/build_helper modified: acl.conf modified: hss.conf modified: hss_fd.conf modified: mme.conf modified: mme_fd.conf modified: spgw.conf modified: ../SRC/SECU/nas_stream_eea2.c Untracked files: (use "git add ..." to include in what will be committed) ../BUILD/MME/BUILD/ ../BUILD/MME/CMakeLists.txt ../BUILD/SPGW/BUILD/ ../BUILD/SPGW/CMakeLists.txt no changes added to commit (use "git add" and/or "git commit -a") lnevers@gpo-pc:~/openair-cn/ETC$ }}} Following are details for each modification for all files modified. A build script and MME, HSS and SPGW configuration files were modified: {{{ lnevers@gpo-pc:~/openair-cn/ETC$ git diff diff --git a/BUILD/TOOLS/build_helper b/BUILD/TOOLS/build_helper index 14db791..ce402c4 100644 --- a/BUILD/TOOLS/build_helper +++ b/BUILD/TOOLS/build_helper @@ -644,8 +644,8 @@ check_install_hss_software() { $SUDO apt-get install $OPTION \ phpmyadmin \ python-pexpect \ - php5 \ - libapache2-mod-php5 + php7.0 \ + libapache2-mod-php7.0 } #------------------------------------------------------------------------------- diff --git a/ETC/acl.conf b/ETC/acl.conf index 953f598..16618d6 100644 --- a/ETC/acl.conf +++ b/ETC/acl.conf @@ -16,4 +16,4 @@ # It is specified for example as: # ALLOW_IPSEC vpn.example.net vpn2.example.net *.vpn.example.net -ALLOW_OLD_TLS *.openair4G.eur +ALLOW_OLD_TLS *.bbn.com diff --git a/ETC/hss.conf b/ETC/hss.conf index e385c08..0e2666d 100644 --- a/ETC/hss.conf +++ b/ETC/hss.conf @@ -22,13 +22,13 @@ HSS : { ## MySQL mandatory options MYSQL_server = "127.0.0.1"; # HSS S6a bind address -MYSQL_user = "@MYSQL_user@"; # Database server login -MYSQL_pass = "@MYSQL_pass@"; # Database server password +MYSQL_user = "root"; # Database server login +MYSQL_pass = "linux"; # Database server password MYSQL_db = "oai_db"; # Your database name ## HSS options -OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database -#OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database +#OPERATOR_key = "1006020f0a478bf6b699f15c062e42b3"; # OP key matching your database +OPERATOR_key = "11111111111111111111111111111111"; # OP key matching your database RANDOM = "true"; # True random or only pseudo random (for subscriber vector generation) diff --git a/ETC/hss_fd.conf b/ETC/hss_fd.conf index 02b2474..a74e144 100644 --- a/ETC/hss_fd.conf +++ b/ETC/hss_fd.conf @@ -4,11 +4,11 @@ # that the Identity used is a valid FQDN for the peer. This parameter can be # omitted, in that case the framework will attempt to use system default value # (as returned by hostname --fqdn). -Identity = "hss.openair4G.eur"; +Identity = "hss.bbn.com"; # In Diameter, all peers also belong to a Realm. If the realm is not specified, # the framework uses the part of the Identity after the first dot. -Realm = "openair4G.eur"; +Realm = "bbn.com"; # This parameter is mandatory, even if it is possible to disable TLS for peers diff --git a/ETC/mme.conf b/ETC/mme.conf index 1d8d9b5..7b4aa7d 100644 --- a/ETC/mme.conf +++ b/ETC/mme.conf @@ -21,7 +21,8 @@ MME : { - REALM = "openair4G.eur"; # YOUR REALM HERE + REALM = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; # YOUR REALM HERE + PID_DIRECTORY = "/var/run"; # Define the limits of the system in terms of served eNB and served UE. # When the limits will be reached, overload procedure will take place. MAXENB = 2; # power of 2 @@ -74,7 +75,7 @@ MME : # MME code DEFAULT size = 8 bits # MME GROUP ID size = 16 bits GUMMEI_LIST = ( - {MCC="208" ; MNC="93"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE + {MCC="001" ; MNC="01"; MME_GID="4" ; MME_CODE="1"; } # YOUR GUMMEI CONFIG HERE ); # ------- MME served TAIs @@ -83,7 +84,7 @@ MME : # maximum of 16 TAIs, comma separated # !!! Actually use only one PLMN TAI_LIST = ( - {MCC="208" ; MNC="93"; TAC = "1"; } # YOUR TAI CONFIG HERE + {MCC="001" ; MNC="01"; TAC = "1"; } # YOUR TAI CONFIG HERE ); @@ -149,8 +150,8 @@ MME : NETWORK_INTERFACES : { # MME binded interface for S1-C or S1-MME communication (S1AP), can be ethernet interface, virtual ethernet interface, we don't advise wireless inteaces - MME_INTERFACE_NAME_FOR_S1_MME = "eth0"; # YOUR NETWORK CONFIG HERE - MME_IPV4_ADDRESS_FOR_S1_MME = "192.168.11.17/24"; # YOUR NETWORK CONFIG HERE + MME_INTERFACE_NAME_FOR_S1_MME = "vlan3740"; # YOUR NETWORK CONFIG HERE + MME_IPV4_ADDRESS_FOR_S1_MME = "10.3.2.11/16"; # YOUR NETWORK CONFIG HERE # MME binded interface for S11 communication (GTPV2-C) MME_INTERFACE_NAME_FOR_S11_MME = "lo"; # YOUR NETWORK CONFIG HERE @@ -196,7 +197,7 @@ MME : TESTING : { # file should be copied here from source tree by following command: run_mme --install-mme-files ... - SCENARIO_FILE = "/usr/local/share/oai/test/MME/no_regression.xml"; + SCENARIO_FILE = "/usr/local/share/oai/test/mme/no_regression.xml"; }; }; @@ -205,4 +206,7 @@ S-GW : # S-GW binded interface for S11 communication (GTPV2-C), if none selected the ITTI message interface is used SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # YOUR NETWORK CONFIG HERE -}; \ No newline at end of file + S-GW_LIST_SELECTION = ( + {ID="tac-lb01.tac-hb00.tac.epc.mnc001.mcc001.3gppnetwork.org" ; SGW_IPV4_ADDRESS_FOR_S11="127.0.11.2/8";} + ); +}; diff --git a/ETC/mme_fd.conf b/ETC/mme_fd.conf index 0a91619..dc33332 100644 --- a/ETC/mme_fd.conf +++ b/ETC/mme_fd.conf @@ -1,8 +1,8 @@ # -------- Local --------- # Uncomment if the framework cannot resolv it. -Identity = "yang.openair4G.eur"; -Realm = "openair4G.eur"; +Identity = "gpo-pc.donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; +Realm = "donotdelete.ch-geni-net.instageni.gpolab.bbn.com"; # TLS configuration (see previous section) TLS_Cred = "/usr/local/etc/oai/freeDiameter/mme.cert.pem", @@ -100,4 +100,4 @@ LoadExtension = "dict_s6a.fdx"; # incoming connections from other peers, see the acl_wl.fdx? extension which # allows exactly this. -ConnectPeer= "hss.openair4G.eur" { ConnectTo = "127.0.0.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = "openair4G.eur";}; +ConnectPeer= "hss.donotdelete.ch-geni-net.instageni.gpolab.bbn.com" { ConnectTo = "127.0.33.1"; No_SCTP ; No_IPv6; Prefer_TCP; No_TLS; port = 3868; realm = onotdelete.ch-geni-net.instageni.gpolab.bbn.com";}; diff --git a/ETC/spgw.conf b/ETC/spgw.conf index 8095ec3..c9abe7c 100644 --- a/ETC/spgw.conf +++ b/ETC/spgw.conf @@ -27,8 +27,8 @@ S-GW : SGW_IPV4_ADDRESS_FOR_S11 = "127.0.11.2/8"; # STRING, CIDR, YOUR NETWORK CONFIG HERE # S-GW binded interface for S1-U communication (GTPV1-U) can be ethernet interface, virtual ethernet interface, we don't advise wireless interfaces - SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "eth0"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run on e host - SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "192.168.11.17/24"; # STRING, CIDR, YOUR NETWORK CONFIG HERE + SGW_INTERFACE_NAME_FOR_S1U_S12_S4_UP = "vlan3740"; # STRING, interface name, YOUR NETWORK CONFIG HERE, USE "lo" if S-GW run eNB host + SGW_IPV4_ADDRESS_FOR_S1U_S12_S4_UP = "10.3.2.11/16"; # STRING, CIDR, YOUR NETWORK CONFIG HERE SGW_IPV4_PORT_FOR_S1U_S12_S4_UP = 2152; # INTEGER, port number, PREFER NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING # S-GW binded interface for S5 or S8 communication, not implemented, so leave it to none @@ -76,9 +76,9 @@ P-GW = PGW_INTERFACE_NAME_FOR_S5_S8 = "none"; # STRING, interface name, DO NOT CHANGE (NOT IMPLEMENTED YET) # P-GW binded interface for SGI (egress/ingress internet traffic) - PGW_INTERFACE_NAME_FOR_SGI = "eth3"; # STRING, YOUR NETWORK CONFIG HERE - PGW_MASQUERADE_SGI = "no"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if youut "yes". - UE_TCP_MSS_CLAMPING = "no"; # STRING, {"yes", "no"}. + PGW_INTERFACE_NAME_FOR_SGI = "enp3s0f0"; # STRING, YOUR NETWORK CONFIG HERE + PGW_MASQUERADE_SGI = "yes"; # STRING, {"yes", "no"}. YOUR NETWORK CONFIG HERE, will do NAT for you if yoput "yes". + UE_TCP_MSS_CLAMPING = "yes"; # STRING, {"yes", "no"}. }; # Pool of UE assigned IP addresses @@ -93,12 +93,11 @@ P-GW = }; # DNS address communicated to UEs - DEFAULT_DNS_IPV4_ADDRESS = "8.8.8.8"; # YOUR NETWORK CONFIG HERE - DEFAULT_DNS_SEC_IPV4_ADDRESS = "8.8.4.4"; # YOUR NETWORK CONFIG HERE + DEFAULT_DNS_IPV4_ADDRESS = "128.33.0.20"; # YOUR NETWORK CONFIG HERE + DEFAULT_DNS_SEC_IPV4_ADDRESS = "128.33.1.20"; # YOUR NETWORK CONFIG HERE # Non standard feature, normally should be set to "no", but you may need to set to yes for UE that do not explicitly request a PDN address through NAS sialling - FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "no"; # STRING, {"yes", "no"}. - UE_MTU = 1500 # INTEGER + FORCE_PUSH_PROTOCOL_CONFIGURATION_OPTIONS = "yes"; # STRING, {"yes", "no"}. + UE_MTU = 1488 # INTEGER + GTPV1U_REALIZATION = "GTP_KERNEL_MODULE"; # STRING {"NO_GTP_KERNEL_AVAILABLE", "GTP_KERNEL_MODULE", "GTP_KERNEL"}. In aontainer you may not be able }; - - diff --git a/SRC/SECU/nas_stream_eea2.c b/SRC/SECU/nas_stream_eea2.c index 83f331e..86c8d50 100644 --- a/SRC/SECU/nas_stream_eea2.c +++ b/SRC/SECU/nas_stream_eea2.c @@ -61,7 +61,7 @@ nas_stream_encrypt_eea2 ( /* * Other bits are 0 */ - nettle_aes128.set_encrypt_key (ctx, stream_cipher->key_length, stream_cipher->key); + nettle_aes128.set_encrypt_key (ctx, stream_cipher->key); nettle_ctr_crypt (ctx, nettle_aes128.encrypt, nettle_aes128.block_size, m, byte_length, data, stream_cipher->message); if (zero_bit > 0) }}} = Base Station Configuration via NetSpan Tool = The GPO Base Station was configured with Rutgers NetSpan configuration management tool, which is accessible over the LTE Multipoint VLAN at this address: {{{http://10.3.0.252}}} This section captures the NetSpan Configuration for the BBN base station, other site will have different Node Types, Radio Profiles and Network Profiles. In particular for the Radio profile, the site's assigned frequency must be considered, more details in the Cell Radio Profile section below. The BBN Node had already been added before out first access, we assume some existing eNodeB was cloned and expect that additional site will start by cloning the BBN or other eNodeB entry and then modify its configuration. == Configure eNodeB settings == This section captures the procedure used for the BBN eNodeB node and it is assumed other site will use this as a reference, keeping in mind changes required for their sites Node Types, Radio Profiles and Network Profiles. == Select a Node to Clone == To access list of available nodes that can be cloned, select "Nodes" in the lower left corner home page. Double click on "nodes" and a list of nodes appears in the main panel: [[Image(NodesToChoose.jpeg)]] On the resulting page, in the main panel a list of nodes is shown that can be used for duplication. [[Image(NodesList.jpeg)]] In the resulting list, double click on node to be cloned and in the resulting page rename to your site, in our case "BBN eNodeB" was used. Click "Validate" and then click "OK" to save new node. == Configure Your eNodeB node == Access node configuration details, by selecting "Nodes" in the lower left corner of the home page and a list of nodes will be shown in the main panel. In our case we double click on the "BBN eNodeB" entry. In the resulting page, select the "Provision" tab, scroll to the bottom of the page and click "Edit" to modify settings. Following is a capture of the "BBN eNodeB" settings which use the Rutgers MMS and the BBN Cell Radio Profile: [[Image(BBN-eNodeB.jpeg)]] The "BBN_band-41" Cell Radio Profile was created for our setup. Each site must create its own Cell Ratio Profile and requires that you first know the EUTRA Absolute radio-frequency channel number (EARFCN) assignment for your site. A list of allocated upper and lower frequencies (MHz) is found at [http://wimax.orbit-lab.org/wiki/aaOperations#IPaddressassignment Orbit-Lab Site Operation Resources] page. For example the BBN Base Station configured in this example has the Lower Frequency 2573 MHz and the Upper Frequency 2583 MHz, a 10 MHz range. To calculate the BBN EARFCN an [http://niviuk.free.fr/lte_band.php LTE Frequency Calculator] was used where the Lower Frequency entered to determine te Band to be used in our Radio Cell Profile: [[Image(EARFCN.jpeg)]] Next we insert the calculate EARFCN DL value in the BBN Cell Radio Profile [[Image(BBBNetworkProfile.jpeg)]] Additionally, the Network Profile "AmeriSoftMME1000" will need the BBN MME address and handle use of VLAN tags(TBD?). But initial attempt to get setup running uses the MME at Rutgers, which includes these settings for the Network Profile: [[Image(AmeriSoftNetworkProfile.jpeg)]] Once all changes are validated and saved, force a node reset by selecting the "State And Control" tab, then in the "Reprovisioning and Actions" section select "Forced Reset Node" from the Action pull-down and click "OK". [[Image(ForceReset.jpeg)]] Once the Reset is completed, the node can be set in service also in the "State And Control" tab, in the "Service State" section select "Set In Service" from the "Action" pull-down: [[Image(SetInService.jpeg)]]