paulmataruso/docker-open5gs-prod-315010
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Paul Mataruso
2025-08-21 01:07:07 +00:00
commit e57af8a8e9
305 changed files with 40120 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

384
4g-external-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,384 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "${SGWU_ADVERTISE_IP}:2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
# sysctls:
# - net.ipv4.ip_forward=1
# - net.ipv6.conf.all.disable_ipv6=0
network_mode: host
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
# ports:
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/sctp"
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/tcp"
networks:
default:
ipv4_address: ${PCRF_IP}
ocs:
build: ./ocs
image: docker_ocs
container_name: ocs
env_file:
- .env
environment:
- COMPONENT_NAME=ocs
depends_on:
- smf
volumes:
- ./ocs:/mnt/ocs
- ocsdbdata:/home/otp/db
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${OCS_BIND_PORT}/tcp"
- "${OCS_BIND_PORT}/sctp"
- "8083/tcp"
ports:
- "8083:8083/tcp"
networks:
default:
ipv4_address: ${OCS_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
ports:
# - "${PYHSS_BIND_PORT}:${PYHSS_BIND_PORT}/sctp"
# - "${PYHSS_BIND_PORT}:${PYHSS_BIND_PORT}/tcp"
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata
ocsdbdata:
name: docker_open5gs_ocsdbdata

486
4g-volte-deploy.yaml Normal file
View File

@@ -0,0 +1,486 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
ports:
- "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
ports:
- "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ./rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .env
volumes:
- ./rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ./pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ./smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

512
4g-volte-ocs-deploy.yaml Normal file
View File

@@ -0,0 +1,512 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
ocs:
build: ./ocs
image: docker_ocs
container_name: ocs
env_file:
- .env
environment:
- COMPONENT_NAME=ocs
depends_on:
- smf
volumes:
- ./ocs:/mnt/ocs
- ocsdbdata:/home/otp/db
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${OCS_BIND_PORT}/tcp"
- "${OCS_BIND_PORT}/sctp"
- "8083/tcp"
ports:
- "8083:8083/tcp"
networks:
default:
ipv4_address: ${OCS_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ./rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .env
volumes:
- ./rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ./pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ./smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata
ocsdbdata:
name: docker_open5gs_ocsdbdata

483
4g-volte-opensips-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,483 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ./rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .env
volumes:
- ./rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_opensips
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_opensips
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_opensips
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ./opensips_ims_pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ./smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata: {}
dbdata: {}

25
LICENSE Normal file
View File

@@ -0,0 +1,25 @@
BSD 2-Clause License
Copyright (c) 2020, Supreeth Herle
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

513
README.md Normal file
View File

@@ -0,0 +1,513 @@
# docker_open5gs
Quite contrary to the name of the repository, this repository contains docker files to deploy an Over-The-Air (OTA) or RF simulated 4G/5G network using following projects:
- Core Network (4G/5G) - open5gs - https://github.com/open5gs/open5gs
- IMS (VoLTE + VoNR) - kamailio - https://github.com/kamailio/kamailio
- IMS (Only 4G supported i.e. VoLTE) - openSIP IMS CE - https://ce.opensips.org/opensips-ims
- IMS HSS - https://github.com/nickvsnetworking/pyhss
- Osmocom HLR - https://github.com/osmocom/osmo-hlr
- Osmocom MSC - https://github.com/osmocom/osmo-msc
- srsRAN_4G (4G eNB + 4G UE + 5G UE) - https://github.com/srsran/srsRAN_4G
- srsRAN_Project (5G gNB) - https://github.com/srsran/srsRAN_Project
- UERANSIM (5G gNB + 5G UE) - https://github.com/aligungr/UERANSIM
- eUPF (5G UPF) - https://github.com/edgecomllc/eupf
- OpenSIPS IMS - https://github.com/OpenSIPS/opensips
- Sigscale OCS - https://github.com/sigscale/ocs
## Tested Setup
Docker host machine
- Ubuntu 22.04 or above
Over-The-Air setups:
- srsRAN_Project gNB using Ettus USRP B210
- srsRAN_Project (5G gNB) using LibreSDR (USRP B210 clone)
- srsRAN_4G eNB using LimeSDR Mini v1.3
- srsRAN_4G eNB using LimeSDR-USB
- srsRAN_4G eNB using LibreSDR (USRP B210 clone)
RF simulated setups:
- srsRAN_4G (eNB + UE) simulation over ZMQ
- srsRAN_Project (5G gNB) + srsRAN_4G (5G UE) simulation over ZMQ
- UERANSIM (gNB + UE) simulator
## Prepare Docker images
* Mandatory requirements:
* [docker-ce](https://docs.docker.com/install/linux/docker-ce/ubuntu) - Version 22.0.5 or above
* [docker compose](https://docs.docker.com/compose) - Version 2.14 or above
You can either pull the pre-built docker images or build them from the source.
### Get Pre-built Docker images
Pull base images:
```
docker pull ghcr.io/herlesupreeth/docker_open5gs:master
docker tag ghcr.io/herlesupreeth/docker_open5gs:master docker_open5gs
docker pull ghcr.io/herlesupreeth/docker_grafana:master
docker tag ghcr.io/herlesupreeth/docker_grafana:master docker_grafana
docker pull ghcr.io/herlesupreeth/docker_metrics:master
docker tag ghcr.io/herlesupreeth/docker_metrics:master docker_metrics
```
You can also pull the pre-built images for additional components
For IMS components:
```
docker pull ghcr.io/herlesupreeth/docker_osmohlr:master
docker tag ghcr.io/herlesupreeth/docker_osmohlr:master docker_osmohlr
docker pull ghcr.io/herlesupreeth/docker_osmomsc:master
docker tag ghcr.io/herlesupreeth/docker_osmomsc:master docker_osmomsc
docker pull ghcr.io/herlesupreeth/docker_pyhss:master
docker tag ghcr.io/herlesupreeth/docker_pyhss:master docker_pyhss
docker pull ghcr.io/herlesupreeth/docker_kamailio:master
docker tag ghcr.io/herlesupreeth/docker_kamailio:master docker_kamailio
docker pull ghcr.io/herlesupreeth/docker_mysql:master
docker tag ghcr.io/herlesupreeth/docker_mysql:master docker_mysql
docker pull ghcr.io/herlesupreeth/docker_opensips:master
docker tag ghcr.io/herlesupreeth/docker_opensips:master docker_opensips
```
For srsRAN components:
```
docker pull ghcr.io/herlesupreeth/docker_srslte:master
docker tag ghcr.io/herlesupreeth/docker_srslte:master docker_srslte
docker pull ghcr.io/herlesupreeth/docker_srsran:master
docker tag ghcr.io/herlesupreeth/docker_srsran:master docker_srsran
```
For UERANSIM components:
```
docker pull ghcr.io/herlesupreeth/docker_ueransim:master
docker tag ghcr.io/herlesupreeth/docker_ueransim:master docker_ueransim
```
For OAI components:
```
docker pull ghcr.io/herlesupreeth/docker_oai_enb:master
docker tag ghcr.io/herlesupreeth/docker_oai_enb:master docker_oai_enb
docker pull ghcr.io/herlesupreeth/docker_oai_gnb:master
docker tag ghcr.io/herlesupreeth/docker_oai_gnb:master docker_oai_gnb
```
For EUPF component:
```
docker pull ghcr.io/herlesupreeth/docker_eupf:master
docker tag ghcr.io/herlesupreeth/docker_eupf:master docker_eupf
```
For Sigscale OCS component:
```
docker pull ghcr.io/herlesupreeth/docker_ocs:master
docker tag ghcr.io/herlesupreeth/docker_ocs:master docker_ocs
```
### Build Docker images from source
#### Clone repository and build base docker image of open5gs, kamailio, srsRAN_4G, srsRAN_Project, ueransim
```
# Build docker images for open5gs EPC/5GC components
git clone https://github.com/herlesupreeth/docker_open5gs
cd docker_open5gs/base
docker build --no-cache --force-rm -t docker_open5gs .
# Build docker images for kamailio IMS components
cd ../ims_base
docker build --no-cache --force-rm -t docker_kamailio .
# Build docker images for srsRAN_4G eNB + srsUE (4G+5G)
cd ../srslte
docker build --no-cache --force-rm -t docker_srslte .
# Build docker images for srsRAN_Project gNB
cd ../srsran
docker build --no-cache --force-rm -t docker_srsran .
# Build docker images for UERANSIM (gNB + UE)
cd ../ueransim
docker build --no-cache --force-rm -t docker_ueransim .
# Build docker images for EUPF
cd ../eupf
docker build --no-cache --force-rm -t docker_eupf .
# Build docker images for OpenSIPS IMS
cd ../opensips_ims_base
docker build --no-cache --force-rm -t docker_opensips .
```
#### Build docker images for additional components
```
cd ..
set -a
source .env
set +a
sudo ufw disable
sudo sysctl -w net.ipv4.ip_forward=1
sudo cpupower frequency-set -g performance
# For 4G deployment only
docker compose -f 4g-volte-deploy.yaml build
# For 5G deployment only
docker compose -f sa-deploy.yaml build
```
## Network and deployment configuration
The setup can be mainly deployed in two ways:
1. Single host setup where eNB/gNB and (EPC+IMS)/5GC are deployed on a single host machine
2. Multi host setup where eNB/gNB is deployed on a separate host machine than (EPC+IMS)/5GC
### Single Host setup configuration
Edit only the following parameters in **.env** as per your setup
```
MCC
MNC
DOCKER_HOST_IP --> This is the IP address of the host running your docker setup
UE_IPV4_INTERNET --> Change this to your desired (Not conflicted) UE network ip range for internet APN
UE_IPV4_IMS --> Change this to your desired (Not conflicted) UE network ip range for ims APN
```
### Multihost setup configuration
#### 4G deployment
###### On the host running the (EPC+IMS)
Edit only the following parameters in **.env** as per your setup
```
MCC
MNC
DOCKER_HOST_IP --> This is the IP address of the host running (EPC+IMS)
SGWU_ADVERTISE_IP --> Change this to value of DOCKER_HOST_IP
UE_IPV4_INTERNET --> Change this to your desired (Not conflicted) UE network ip range for internet APN
UE_IPV4_IMS --> Change this to your desired (Not conflicted) UE network ip range for ims APN
```
Under **mme** section in docker compose file (**4g-volte-deploy.yaml**), uncomment the following part
```
...
# ports:
# - "36412:36412/sctp"
...
```
Then, uncomment the following part under **sgwu** section
```
...
# ports:
# - "2152:2152/udp"
...
```
###### On the host running the eNB
Edit only the following parameters in **.env** as per your setup
```
MCC
MNC
DOCKER_HOST_IP --> This is the IP address of the host running eNB
MME_IP --> Change this to IP address of host running (EPC+IMS)
SRS_ENB_IP --> Change this to the IP address of the host running eNB
```
Replace the following part in the docker compose file (**srsenb.yaml**)
```
networks:
default:
ipv4_address: ${SRS_ENB_IP}
networks:
default:
external:
name: docker_open5gs_default
```
with
```
network_mode: host
```
#### 5G SA deployment
###### On the host running the 5GC
Edit only the following parameters in **.env** as per your setup
```
MCC
MNC
DOCKER_HOST_IP --> This is the IP address of the host running 5GC
UPF_ADVERTISE_IP --> Change this to value of DOCKER_HOST_IP
UE_IPV4_INTERNET --> Change this to your desired (Not conflicted) UE network ip range for internet APN
UE_IPV4_IMS --> Change this to your desired (Not conflicted) UE network ip range for ims APN
```
Under **amf** section in docker compose file (**sa-deploy.yaml**), uncomment the following part
```
...
# ports:
# - "38412:38412/sctp"
...
```
Then, uncomment the following part under **upf** section
```
...
# ports:
# - "2152:2152/udp"
...
```
###### On the host running the gNB
Edit only the following parameters in **.env** as per your setup
```
MCC
MNC
DOCKER_HOST_IP --> This is the IP address of the host running gNB
AMF_IP --> Change this to IP address of host running 5GC
SRS_GNB_IP --> Change this to the IP address of the host running gNB
```
Replace the following part in the docker compose file (**srsgnb.yaml**)
```
networks:
default:
ipv4_address: ${SRS_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default
```
with
```
network_mode: host
```
## Network Deployment
###### 4G deployment
```
# 4G Core Network + IMS + SMS over SGs (uses Kamailio IMS)
docker compose -f 4g-volte-deploy.yaml up
# 4G Core Network + IMS + SMS over SGs (uses openSIPS IMS)
docker compose -f 4g-volte-opensips-ims-deploy.yaml up
# srsRAN eNB using SDR (OTA)
docker compose -f srsenb.yaml up -d && docker container attach srsenb
# srsRAN ZMQ eNB (RF simulated)
docker compose -f srsenb_zmq.yaml up -d && docker container attach srsenb_zmq
# srsRAN ZMQ 4G UE (RF simulated)
docker compose -f srsue_zmq.yaml up -d && docker container attach srsue_zmq
```
###### 5G SA deployment
```
# 5G Core Network
docker compose -f sa-deploy.yaml up
# srsRAN gNB using SDR (OTA)
docker compose -f srsgnb.yaml up -d && docker container attach srsgnb
# srsRAN ZMQ gNB (RF simulated)
docker compose -f srsgnb_zmq.yaml up -d && docker container attach srsgnb_zmq
# srsRAN ZMQ 5G UE (RF simulated)
docker compose -f srsue_5g_zmq.yaml up -d && docker container attach srsue_5g_zmq
# UERANSIM gNB (RF simulated)
docker compose -f nr-gnb.yaml up -d && docker container attach nr_gnb
# UERANSIM NR-UE (RF simulated)
docker compose -f nr-ue.yaml up -d && docker container attach nr_ue
```
## Docker Compose files overview
This repository provides several Docker Compose files to support different deployment scenarios and components. Below is a summary of the compose files and their purposes:
| Compose File | Description |
|------------------------------------|----------------------------------------------------------------------------------------------------|
| `4g-volte-deploy.yaml` | Deploys 4G Core Network (EPC) with IMS (VoLTE) using Kamailio. |
| `4g-volte-opensips-ims-deploy.yaml`| Deploys 4G Core Network with IMS using OpenSIPS. |
| `sa-deploy.yaml` | Deploys 5G Standalone (SA) Core Network (5GC). |
| `sa-vonr-deploy.yaml` | Deploys 5G Standalone (SA) Core Network (5GC) with IMS (VoNR) using Kamailio. |
| `srsenb.yaml` | Deploys srsRAN 4G eNB for OTA setups using SDR hardware. |
| `srsenb_zmq.yaml` | Deploys srsRAN 4G eNB for RF simulated setups over ZMQ. |
| `srsue_zmq.yaml` | Deploys srsRAN 4G UE for RF simulated setups over ZMQ. |
| `srsran.yaml` | Deploys srsRAN_4G components (eNB/UE). |
| `srsgnb.yaml` | Deploys srsRAN 5G gNB for OTA setups using SDR hardware. |
| `srsgnb_zmq.yaml` | Deploys srsRAN 5G gNB for RF simulated setups over ZMQ. |
| `srsue_5g_zmq.yaml` | Deploys srsRAN 5G UE for RF simulated setups over ZMQ. |
| `nr-gnb.yaml` | Deploys UERANSIM 5G gNB simulator. |
| `nr-ue.yaml` | Deploys UERANSIM 5G UE simulator. |
| `4g-volte-ocs-deploy.yaml` | Deploys 4G Core Network (EPC) + Sigscale OCS with IMS (VoLTE) using Kamailio. |
| `4g-external-ims-deploy.yaml` | Deploys 4G Core Network (EPC) + Sigscale OCS + PyHSS (IMS) with no IMS components. |
| `sa-vonr-ibcf-deploy.yaml` | Deploys 5G Standalone (SA) Core Network (5GC) + IMS (VoNR) using Kamailio + IBCF. |
| `sa-vonr-opensips-ims-deploy.yaml` | Deploys 5G Standalone (SA) Core Network (5GC) with IMS (VoNR) using OpenSIPS (Experimental). |
| `oaienb.yaml` | Deploys OAI eNB for OTA setups using SDR hardware (Untested and Unmaintained). |
| `oaignb.yaml` | Deploys OAI 5G gNB for OTA setups using SDR hardware (Untested and Unmaintained). |
## Provisioning of SIM information
### Provisioning of SIM information in open5gs HSS as follows:
Open (http://<DOCKER_HOST_IP>:9999) in a web browser, where <DOCKER_HOST_IP> is the IP of the machine/VM running the open5gs containers. Login with following credentials
```
Username : admin
Password : 1423
```
Using Web UI, add a subscriber
#### or using cli
```
sudo docker exec -it hss misc/db/open5gs-dbctl add 001010123456790 8baf473f2f8fd09487cccbd7097c6862 8E27B6AF0E692E750F32667A3B14605D
```
### Provisioning of IMSI and MSISDN with OsmoHLR as follows:
1. First, telnet to OsmoHLR from host machine using the following command:
```
$ telnet 172.22.0.32 4258
OsmoHLR> enable
OsmoHLR#
```
2. Then, register the subscriber information as in following example:
```
OsmoHLR# subscriber imsi 001010123456790 create
OsmoHLR# subscriber imsi 001010123456790 update msisdn 9076543210
```
**Replace IMSI and MSISDN as per your programmed SIM**
### Provisioning of SIM information in pyHSS is as follows:
1. Goto http://<DOCKER_HOST_IP>:8080/docs/
2. Select **apn** -> **Create new APN** -> Press on **Try it out**. Then, in payload section use the below JSON and then press **Execute**
```
{
"apn": "internet",
"apn_ambr_dl": 0,
"apn_ambr_ul": 0
}
```
Take note of **apn_id** specified in **Response body** under **Server response** for **internet** APN
Repeat creation step for following payload
```
{
"apn": "ims",
"apn_ambr_dl": 0,
"apn_ambr_ul": 0
}
```
Take note of **apn_id** specified in **Response body** under **Server response** for **ims** APN
**Execute this step of APN creation only once**
3. Next, select **auc** -> **Create new AUC** -> Press on **Try it out**. Then, in payload section use the below example JSON to fill in ki, opc and amf for your SIM and then press **Execute**
```
{
"ki": "8baf473f2f8fd09487cccbd7097c6862",
"opc": "8E27B6AF0E692E750F32667A3B14605D",
"amf": "8000",
"sqn": 0,
"imsi": "001010123456790"
}
```
Take note of **auc_id** specified in **Response body** under **Server response**
**Replace imsi, ki, opc and amf as per your programmed SIM**
4. Next, select **subscriber** -> **Create new SUBSCRIBER** -> Press on **Try it out**. Then, in payload section use the below example JSON to fill in imsi, auc_id and apn_list for your SIM and then press **Execute**
```
{
"imsi": "001010123456790",
"enabled": true,
"auc_id": 1,
"default_apn": 1,
"apn_list": "1,2",
"msisdn": "9076543210",
"ue_ambr_dl": 0,
"ue_ambr_ul": 0
}
```
- **auc_id** is the ID of the **AUC** created in the previous steps
- **default_apn** is the ID of the **internet** APN created in the previous steps
- **apn_list** is the comma separated list of APN IDs allowed for the UE i.e. APN ID for **internet** and **ims** APN created in the previous steps
**Replace imsi and msisdn as per your programmed SIM**
5. Finally, select **ims_subscriber** -> **Create new IMS SUBSCRIBER** -> Press on **Try it out**. Then, in payload section use the below example JSON to fill in imsi, msisdn, msisdn_list, scscf_peer, scscf_realm and scscf for your SIM/deployment and then press **Execute**
```
{
"imsi": "001010123456790",
"msisdn": "9076543210",
"sh_profile": "string",
"scscf_peer": "scscf.ims.mnc001.mcc001.3gppnetwork.org",
"msisdn_list": "[9076543210]",
"ifc_path": "default_ifc.xml",
"scscf": "sip:scscf.ims.mnc001.mcc001.3gppnetwork.org:6060",
"scscf_realm": "ims.mnc001.mcc001.3gppnetwork.org"
}
```
**Replace imsi, msisdn and msisdn_list as per your programmed SIM**
**Replace scscf_peer, scscf and scscf_realm as per your deployment**
### Provisioning of Diameter Peer + Subscriber information in Sigscale OCS as follows (Skip if OCS is not deployed):
1. Goto http://<DOCKER_HOST_IP>:8083
2. Login with following credentials
```
Username : admin
Password : admin
```
3. Configure SMF as Diameter Peer as mentioned here - https://sigscale.atlassian.net/wiki/spaces/SO/pages/3833890/How-To+with+OCS#Add-an-DIAMETER-client-(DRA%2FSGSN%2FPGW)
NOTE: IP address must be equal to **SMF_IP** in **.env** file and the Protocol must be set to Diameter.
4. Subscriber information can be provisioned as mentioned here - https://sigscale.atlassian.net/wiki/spaces/SO/pages/3833890/How-To+with+OCS#Add-a-subscriber
NOTE: The IMSI and the MSISDN must be equal to the one provisioned in open5gs HSS and/or pyHSS.
## Not supported
- IPv6 usage in Docker

59
amf/amf.yaml Normal file
View File

@@ -0,0 +1,59 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/amf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
amf:
sbi:
server:
- address: AMF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
ngap:
server:
- address: AMF_IP
guami:
- plmn_id:
mcc: MCC
mnc: MNC
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: MCC
mnc: MNC
tac: TAC
plmn_support:
- plmn_id:
mcc: MCC
mnc: MNC
s_nssai:
- sst: 1
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
metrics:
server:
- address: AMF_IP
port: 9091
time:
t3512:
value: 540

39
amf/amf_init.sh Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/amf/amf.yaml install/etc/open5gs
sed -i 's|AMF_IP|'$AMF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|MNC|'$MNC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MCC|'$MCC'|g' install/etc/open5gs/amf.yaml
sed -i 's|TAC|'$TAC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/amf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

24
ausf/ausf.yaml Normal file
View File

@@ -0,0 +1,24 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/ausf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
ausf:
sbi:
server:
- address: AUSF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777

36
ausf/ausf_init.sh Executable file
View File

@@ -0,0 +1,36 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/ausf/ausf.yaml install/etc/open5gs
sed -i 's|AUSF_IP|'$AUSF_IP'|g' install/etc/open5gs/ausf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/ausf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/ausf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/ausf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

133
base/Dockerfile Normal file
View File

@@ -0,0 +1,133 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM ubuntu:focal as builder
ENV DEBIAN_FRONTEND=noninteractive
# Install updates and dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3-pip \
python3-setuptools \
python3-wheel \
ninja-build \
build-essential \
flex \
bison \
git \
cmake \
libsctp-dev \
libgnutls28-dev \
libgcrypt-dev \
libssl-dev \
libidn11-dev \
libmongoc-dev \
libbson-dev \
libyaml-dev \
meson \
mongodb \
curl \
gnupg \
ca-certificates \
libmicrohttpd-dev \
libcurl4-gnutls-dev \
libnghttp2-dev \
libtins-dev \
libidn11-dev \
libtalloc-dev
RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
NODE_MAJOR=20 && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && apt install nodejs -y
# Get open5gs code and install
RUN git clone --recursive https://github.com/open5gs/open5gs && cd open5gs && \
git checkout 8e286b67f1ccdd1d6bc31d36b553991337583f33 && meson build --prefix=`pwd`/install && \
ninja -C build && cd build && ninja install && \
mkdir -p /open5gs/install/include
# Building WebUI of open5gs
RUN cd open5gs/webui && npm ci
# Build final image
FROM ubuntu:focal
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -y --no-install-recommends \
curl \
ca-certificates \
libssl-dev \
libyaml-dev \
libmicrohttpd-dev \
libmongoc-dev \
libsctp-dev \
libcurl4-gnutls-dev \
libtins-dev \
libidn11-dev \
libtalloc-dev \
netbase \
ifupdown \
net-tools \
iputils-ping \
python3-setuptools \
python3-wheel \
python3-pip \
iptables \
iperf \
iperf3 \
traceroute \
tcpdump \
mongodb-clients \
gnupg && \
apt-get autoremove -y && apt-get autoclean
RUN pip3 install click
RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
NODE_MAJOR=20 && \
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \
apt-get update && apt install nodejs -y
RUN update-ca-certificates
COPY --from=builder /open5gs/install/bin /open5gs/install/bin
COPY --from=builder /open5gs/install/etc /open5gs/install/etc
COPY --from=builder /open5gs/install/include /open5gs/install/include
COPY --from=builder /open5gs/install/lib /open5gs/install/lib
COPY --from=builder /open5gs/webui /open5gs/webui
COPY --from=builder /open5gs/misc/db /open5gs/misc/db
# Set the working directory to open5gs
WORKDIR open5gs
COPY open5gs_init.sh /
CMD /open5gs_init.sh

102
base/open5gs_init.sh Executable file
View File

@@ -0,0 +1,102 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice, this
# list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LD_LIBRARY_PATH=/open5gs/install/lib/$(uname -m)-linux-gnu
if [[ -z "$COMPONENT_NAME" ]]; then
echo "Error: COMPONENT_NAME environment variable not set"; exit 1;
elif [[ "$COMPONENT_NAME" =~ ^(amf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/amf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-amfd
elif [[ "$COMPONENT_NAME" =~ ^(ausf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/ausf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-ausfd
elif [[ "$COMPONENT_NAME" =~ ^(bsf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/bsf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-bsfd
elif [[ "$COMPONENT_NAME" =~ ^(hss[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/hss/${COMPONENT_NAME}_init.sh && \
cd install/bin && sleep 10 && ./open5gs-hssd
elif [[ "$COMPONENT_NAME" =~ ^(mme[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/mme/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-mmed
elif [[ "$COMPONENT_NAME" =~ ^(nrf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/nrf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-nrfd
elif [[ "$COMPONENT_NAME" =~ ^(scp[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/scp/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-scpd
elif [[ "$COMPONENT_NAME" =~ ^(nssf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/nssf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-nssfd
elif [[ "$COMPONENT_NAME" =~ ^(pcf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/pcf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcfd
elif [[ "$COMPONENT_NAME" =~ ^(pcrf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/pcrf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcrfd
elif [[ "$COMPONENT_NAME" =~ ^(sgwc[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/sgwc/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-sgwcd
elif [[ "$COMPONENT_NAME" =~ ^(sgwu[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/sgwu/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-sgwud
elif [[ "$COMPONENT_NAME" =~ ^(smf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/smf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-smfd
elif [[ "$COMPONENT_NAME" =~ ^(udm[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/udm/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-udmd
elif [[ "$COMPONENT_NAME" =~ ^(udr[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/udr/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-udrd
elif [[ "$COMPONENT_NAME" =~ ^(upf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/upf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-upfd
elif [[ "$COMPONENT_NAME" =~ ^(webui) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
sleep 10 && /mnt/webui/webui_init.sh
else
echo "Error: Invalid component name: '$COMPONENT_NAME'"
fi

26
bsf/bsf.yaml Normal file
View File

@@ -0,0 +1,26 @@
db_uri: mongodb://MONGO_IP/open5gs
logger:
file:
path: /open5gs/install/var/log/open5gs/bsf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
bsf:
sbi:
server:
- address: BSF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777

39
bsf/bsf_init.sh Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export DB_URI="mongodb://${MONGO_IP}/open5gs"
cp /mnt/bsf/bsf.yaml install/etc/open5gs
sed -i 's|BSF_IP|'$BSF_IP'|g' install/etc/open5gs/bsf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/bsf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/bsf.yaml
sed -i 's|MONGO_IP|'$MONGO_IP'|g' install/etc/open5gs/bsf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/bsf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

149
custom_deployments/open5gs_hss_cx/.custom_env Normal file
View File

@@ -0,0 +1,149 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TAC=1
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
HSS_BIND_PORT=3875
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
# Allowed values for UPF_TUNTAP_MODE are 'tun' or 'tap'
# If 'tap' is used as IF mode, then UPF_INTERNET_APN_IF_NAME and UPF_IMS_APN_IF_NAME must contain string 'tap'
UPF_TUNTAP_MODE=tun
UPF_INTERNET_APN_IF_NAME=ogstun
UPF_IMS_APN_IF_NAME=ogstun2
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011234567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# OCS
OCS_IP=172.22.0.40
OCS_BIND_PORT=3872
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

336
custom_deployments/open5gs_hss_cx/4g-external-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,336 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
# ports:
# - "${HSS_BIND_PORT}:${HSS_BIND_PORT}/sctp"
# - "${HSS_BIND_PORT}:${HSS_BIND_PORT}/tcp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "${SGWU_ADVERTISE_IP}:2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
# sysctls:
# - net.ipv4.ip_forward=1
# - net.ipv6.conf.all.disable_ipv6=0
network_mode: host
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
# ports:
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/sctp"
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/tcp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

464
custom_deployments/open5gs_hss_cx/4g-volte-deploy.yaml Normal file
View File

@@ -0,0 +1,464 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- hss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- hss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

462
custom_deployments/open5gs_hss_cx/4g-volte-opensips-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,462 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
icscf:
image: docker_opensips
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- hss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_opensips
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- hss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_opensips
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../opensips_ims_pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

37
custom_deployments/open5gs_hss_cx/README.md Normal file
View File

@@ -0,0 +1,37 @@
## Deployment description
This custom deployment showcases using of open5gs HSS for Cx interface (towards ICSCF/SCSCF) rather than using pyHSS.
## Limitation
In order to change the iFCs or any other IMS service related provisioning information one need to modify the code and re-compile open5gs i.e. no way to configure them via GUI as we have with pyHSS.
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```
### Scenario deployment
Deploy the 4G EPC + IMS.
```
cd custom_deployments/open5gs_hss_cx
docker compose -f 4g-volte-deploy.yaml up
```
Deploy srsRAN eNB using SDR (OTA)
```
docker compose -f srsenb.yaml up -d && docker container attach srsenb
```

37
custom_deployments/open5gs_hss_cx/dns/Dockerfile Normal file
View File

@@ -0,0 +1,37 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM ubuntu:focal
ENV DEBIAN_FRONTEND=noninteractive
# Install updates and dependencies
RUN apt-get update && \
apt-get -y install tcpdump screen tmux ntp ntpdate iproute2 net-tools \
iputils-ping bind9
CMD /mnt/dns/dns_init.sh && \
/usr/sbin/named -c /etc/bind/named.conf -g -u bind

63
custom_deployments/open5gs_hss_cx/dns/dns_init.sh Executable file
View File

@@ -0,0 +1,63 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/dns/epc_zone /etc/bind
cp /mnt/dns/ims_zone /etc/bind
cp /mnt/dns/pub_3gpp_zone /etc/bind
cp /mnt/dns/e164.arpa /etc/bind
cp /mnt/dns/named.conf /etc/bind
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && PUB_3GPP_DOMAIN="mnc${MNC}.mcc${MCC}.pub.3gppnetwork.org" || PUB_3GPP_DOMAIN="mnc0${MNC}.mcc${MCC}.pub.3gppnetwork.org"
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/epc_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/epc_zone
[ -z "$PCRF_PUB_IP" ] && sed -i 's|PCRF_IP|'$PCRF_IP'|g' /etc/bind/epc_zone || sed -i 's|PCRF_IP|'$PCRF_PUB_IP'|g' /etc/bind/epc_zone
[ -z "$HSS_PUB_IP" ] && sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/bind/epc_zone || sed -i 's|HSS_IP|'$HSS_PUB_IP'|g' /etc/bind/epc_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/ims_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/ims_zone
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|SMSC_IP|'$SMSC_IP'|g' /etc/bind/ims_zone
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/pub_3gpp_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|ENTITLEMENT_SERVER_IP|'$ENTITLEMENT_SERVER_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/e164.arpa
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/e164.arpa
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/named.conf
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

14
custom_deployments/open5gs_hss_cx/dns/e164.arpa Normal file
View File

@@ -0,0 +1,14 @@
$TTL 1h
@ IN SOA ns.e164.arpa. root.e164.arpa. (
2009010918 ;serial
3600 ;refresh
3600 ;retry
3600 ;expire
3600 ;minimum TTL
)
@ IN NS e164.arpa.
@ IN A DNS_IP
; Wildcard to match any tel:+xxxx and change to sip:xxxx@IMS_DOMAIN
* IN NAPTR 10 100 "u" "E2U+sip" "!(^.*$)!sip:\\1@IMS_DOMAIN!" .
* IN NAPTR 20 100 "u" "E2U+sip" "!(^.*$)!sip:+\\1@IMS_DOMAIN!" .

15
custom_deployments/open5gs_hss_cx/dns/epc_zone Normal file
View File

@@ -0,0 +1,15 @@
$ORIGIN EPC_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS epcns
epcns 1D IN A DNS_IP
pcrf 1D IN A PCRF_IP
hss 1D IN A HSS_IP

27
custom_deployments/open5gs_hss_cx/dns/ims_zone Normal file
View File

@@ -0,0 +1,27 @@
$ORIGIN IMS_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS ns
ns 1D IN A DNS_IP
pcscf 1D IN A PCSCF_IP
_sip._udp.pcscf 1D SRV 0 0 5060 pcscf
_sip._tcp.pcscf 1D SRV 0 0 5060 pcscf
icscf 1D IN A ICSCF_IP
_sip._udp 1D SRV 0 0 4060 icscf
_sip._tcp 1D SRV 0 0 4060 icscf
scscf 1D IN A SCSCF_IP
_sip._udp.scscf 1D SRV 0 0 6060 scscf
_sip._tcp.scscf 1D SRV 0 0 6060 scscf
smsc 1D IN A SMSC_IP
_sip._udp.smsc 1D SRV 0 0 7090 smsc
_sip._tcp.smsc 1D SRV 0 0 7090 smsc

53
custom_deployments/open5gs_hss_cx/dns/named.conf Normal file
View File

@@ -0,0 +1,53 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
allow-query { any; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "IMS_DOMAIN" {
type master;
file "/etc/bind/ims_zone";
};
zone "EPC_DOMAIN" {
type master;
file "/etc/bind/epc_zone";
};
zone "PUB_3GPP_DOMAIN" {
type master;
file "/etc/bind/pub_3gpp_zone";
};
zone "e164.arpa" {
type master;
file "/etc/bind/e164.arpa";
};

13
custom_deployments/open5gs_hss_cx/dns/pub_3gpp_zone Normal file
View File

@@ -0,0 +1,13 @@
$ORIGIN PUB_3GPP_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS pubns
pubns 1D IN A DNS_IP
aes 1D IN A ENTITLEMENT_SERVER_IP

267
custom_deployments/open5gs_hss_cx/hss/hss.conf Normal file
View File

@@ -0,0 +1,267 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "hss.EPC_DOMAIN";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "EPC_DOMAIN";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
Port = HSS_BIND_PORT;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "HSS_IP";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "/open5gs/install/etc/freeDiameter/hss.cert.pem", "/open5gs/install/etc/freeDiameter/hss.key.pem";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "/open5gs/install/etc/freeDiameter/cacert.pem";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_mip6i.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nasreq.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "mme.EPC_DOMAIN" { ConnectTo = "MME_IP"; Port = 3868; No_TLS; };
ConnectPeer = "icscf.IMS_DOMAIN" { ConnectTo = "ICSCF_IP"; Port = ICSCF_BIND_PORT; No_TLS; };
ConnectPeer = "scscf.IMS_DOMAIN" { ConnectTo = "SCSCF_IP"; Port = SCSCF_BIND_PORT; No_TLS; };
##############################################################

13
custom_deployments/open5gs_hss_cx/hss/hss.yaml Normal file
View File

@@ -0,0 +1,13 @@
db_uri: mongodb://MONGO_IP/open5gs
logger:
file:
path: /open5gs/install/var/log/open5gs/hss.log
global:
max:
ue: MAX_NUM_UE
hss:
freeDiameter: /open5gs/install/etc/freeDiameter/hss.conf
sms_over_ims: "sip:smsc.IMS_DOMAIN:7090"

62
custom_deployments/open5gs_hss_cx/hss/hss_init.sh Executable file
View File

@@ -0,0 +1,62 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export DB_URI="mongodb://${MONGO_IP}/open5gs"
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
ln -s /usr/bin/mongo /usr/bin/mongosh
sed -i "s|localhost|$MONGO_IP|" /open5gs/misc/db/open5gs-dbctl
cp /mnt/hss/hss.yaml install/etc/open5gs
cp /mnt/hss/hss.conf install/etc/freeDiameter
cp /mnt/hss/make_certs.sh install/etc/freeDiameter
sed -i 's|HSS_IP|'$HSS_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/hss.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' install/etc/freeDiameter/hss.conf
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|LD_LIBRARY_PATH|'$LD_LIBRARY_PATH'|g' install/etc/freeDiameter/hss.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/make_certs.sh
sed -i 's|MONGO_IP|'$MONGO_IP'|g' install/etc/open5gs/hss.yaml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' install/etc/open5gs/hss.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/hss.yaml
# Generate TLS certificates
./install/etc/freeDiameter/make_certs.sh install/etc/freeDiameter
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

29
custom_deployments/open5gs_hss_cx/hss/make_certs.sh Executable file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
if [ 1 -ne $# ]
then
echo You must specify output directory : ./make_certs.sh ./freeDiameter
exit;
fi
rm -rf demoCA
mkdir demoCA
echo 01 > demoCA/serial
touch demoCA/index.txt.attr
touch demoCA/index.txt
# Generate .rnd if it does not exist
openssl rand -out /root/.rnd -hex 256
# CA self certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out $1/cacert.pem -keyout cakey.pem -subj /CN=ca.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
#hss
openssl genrsa -out $1/hss.key.pem 1024
openssl req -new -batch -out hss.csr.pem -key $1/hss.key.pem -subj /CN=hss.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
openssl ca -cert $1/cacert.pem -days 3650 -keyfile cakey.pem -in hss.csr.pem -out $1/hss.cert.pem -outdir . -batch
rm -f 01.pem 02.pem 03.pem 04.pem
rm -f cakey.pem
rm -f hss.csr.pem

57
custom_deployments/open5gs_hss_cx/icscf/icscf.cfg Normal file
View File

@@ -0,0 +1,57 @@
# SIP / UDP
listen=udp:ICSCF_IP:4060
# SIP / TCP
listen=tcp:ICSCF_IP:4060
# SIP / TCP/TLS
#listen=tls:ICSCF_IP:4061
alias=IMS_DOMAIN
#!define NETWORKNAME "IMS_DOMAIN"
#!define EPC_REALM "EPC_DOMAIN"
#!define HOSTNAME "icscf.IMS_DOMAIN"
#!subst "/NETWORKNAME/IMS_DOMAIN/"
#!define ENUM_SUFFIX "e164.arpa."
# Maximum lifetime of a subscription in seconds (same is advertised to UE)
#!substdef "/UE_SUBSCRIPTION_EXPIRES/SUBSCRIPTION_EXPIRES_ENV/g"
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
#!define DB_URL "mysql://icscf:heslo@MYSQL_IP/icscf"
##!define DB_URL2 "con2=>mysql://icscf:heslo@MYSQL_IP/icscf"
# Allowed IPs for XML-RPC-Queries
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
# *** To run in debug mode:
# - define WITH_DEBUG
#
# *** To enable TLS support execute:
# - adjust CFGDIR/tls.cfg as needed
# - define WITH_TLS
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
# - adjust route[XMLRPC] for access policy
#
# *** To enable a Homer SIP-Capter-Node:
# - define CAPTURE_NODE with a proper address
#
# *** To forwarding to PSTN for unknown users:
# - define PEERING
#
# Enabled Features for this host:
##!define WITH_DEBUG
##!define WITH_DEBUG_TRACE
#!define WITH_TCP
##!define WITH_TLS
#!define WITH_XMLRPC
##!define PEERING
##!define FALLBACK_AUTH

34
custom_deployments/open5gs_hss_cx/icscf/icscf.xml Normal file
View File

@@ -0,0 +1,34 @@
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer
FQDN="icscf.IMS_DOMAIN"
Realm="IMS_DOMAIN"
Vendor_Id="10415"
Product_Name="CDiameterPeer"
AcceptUnknownPeers="1"
DropUnknownOnDisconnect="1"
Tc="30"
Workers="16"
QueueLength="32"
TransactionTimeout="5"
SessionsHashSize="128"
DefaultAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
MaxAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
>
<Peer FQDN="hss.EPC_DOMAIN" Realm="EPC_DOMAIN" port="HSS_BIND_PORT"/>
<Acceptor port="ICSCF_BIND_PORT" bind="ICSCF_IP"/>
<Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
<Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
<Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
<Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
<!--
Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
Supported-Vendor-ID AVPs
-->
<SupportedVendor vendor="10415" />
<DefaultRoute FQDN="hss.EPC_DOMAIN" metric="10"/>
</DiameterPeer>

100
custom_deployments/open5gs_hss_cx/icscf/icscf_init.sh Executable file
View File

@@ -0,0 +1,100 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/kamailio_icscf
cp /mnt/icscf/icscf.cfg /etc/kamailio_icscf
cp /mnt/icscf/icscf.xml /etc/kamailio_icscf
cp /mnt/icscf/kamailio_icscf.cfg /etc/kamailio_icscf
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create ICSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='icscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database icscf;"
mysql -u root -h ${MYSQL_IP} icscf < /usr/local/src/kamailio/misc/examples/ims/icscf/icscf.sql
ICSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'icscf' AND Host = '%')"`
if [[ "$ICSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'icscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'provisioning'@'%' IDENTIFIED WITH mysql_native_password BY 'provi'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'icscf'@'$ICSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'provisioning'@'$ICSCF_IP' IDENTIFIED WITH mysql_native_password BY 'provi'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'icscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'icscf'@'$ICSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'provisioning'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'provisioning'@'$ICSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
DOMAIN_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM nds_trusted_domains WHERE trusted_domain='$IMS_DOMAIN';"`
if [[ "$DOMAIN_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO nds_trusted_domains (trusted_domain) VALUES ('$IMS_DOMAIN');"
fi
URI_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM s_cscf WHERE s_cscf_uri='sip:scscf.$IMS_DOMAIN:6060';"`
if [[ "$URI_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO s_cscf (name, s_cscf_uri) VALUES ('First and only S-CSCF', 'sip:scscf.$IMS_DOMAIN:6060');"
fi
SCSCF_ID=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT id FROM s_cscf WHERE s_cscf_uri='sip:scscf.$IMS_DOMAIN:6060' LIMIT 1;"`
CAP_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM s_cscf_capabilities WHERE id_s_cscf='$SCSCF_ID';"`
if [[ "$CAP_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO s_cscf_capabilities (id_s_cscf, capability) VALUES ('$SCSCF_ID', 0),('$SCSCF_ID', 1);"
fi
SUBSCRIPTION_EXPIRES_ENV=3600
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

643
custom_deployments/open5gs_hss_cx/icscf/kamailio_icscf.cfg Normal file
View File

@@ -0,0 +1,643 @@
#!KAMAILIO
#
# This config file implements the basic I-CSCF functionality
# - web: http://www.kamailio.org
# - git: http://sip-router.org
#
# Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
# for an explanation of possible statements, functions and parameters.
#
# Direct your questions about this file to: <sr-users@lists.kamailio.org>.
#
# For more information about the various parameters, functions and statements
# try http://sip-router.org/wiki/ .
#
system.shutdownmode = 0 desc "System shutdown mode"
system.service = "Interrogating-CSCF" desc "Function of this server"
include_file "icscf.cfg"
####### Defined Values #########
# *** Value defines - IDs used later in config
# - flags
# FLT_ - per transaction (message) flags
# FLB_ - per branch flags
#!define FLT_CAPTURE 1
#!ifdef WITH_XMLRPC
listen=tcp:127.0.0.1:4060
#!endif
####### Global Parameters #########
debug=2
log_stderror=no
sip_warning=no
user_agent_header="User-Agent: Kamailio I-CSCF"
server_header="Server: Kamailio I-CSCF"
log_name="icscf"
log_prefix_mode=1
log_prefix="{$mt $hdr(CSeq) $ci $cfg(route)} "
/* comment the next line to enable the auto discovery of local aliases
based on reverse DNS on IPs (default on) */
auto_aliases=no
# Do SRV-Loadbalancing:
dns_srv_lb=on
# Always: Also try IPv6:
dns_try_ipv6=on
# Query NAPTR-Records as well:
dns_try_naptr=no
#!ifdef WITH_XMLRPC
#!ifndef WITH_TCP
#!define WITH_TCP
#!endif
#!ifndef TCP_PROCESSES
# Number of TCP Processes
#!define TCP_PROCESSES 3
#!endif
#!endif
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime=UE_SUBSCRIPTION_EXPIRES
#!ifdef TCP_PROCESSES
tcp_children=TCP_PROCESSES
#!endif
#!else
disable_tcp=yes
#!endif
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
children=4
# ------------------ module loading ----------------------------------
mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/:/usr/local/lib64/kamailio/modules"
# (we try both the lib64 and the lib directory)
loadmodule "tm"
loadmodule "sl"
loadmodule "rr"
loadmodule "pv"
loadmodule "textops"
loadmodule "maxfwd"
loadmodule "sanity"
loadmodule "siputils"
loadmodule "kex"
loadmodule "tmx"
loadmodule "pike"
loadmodule "corex"
# Control interfaces:
loadmodule "ctl"
loadmodule "cfg_rpc"
#!ifdef WITH_XMLRPC
loadmodule "xmlrpc"
#!endif
# Load the according DB-Module:
loadmodule "db_mysql"
#!ifdef DB_URL2
loadmodule "db_cluster"
#!endif
loadmodule "cdp.so"
loadmodule "cdp_avp.so"
loadmodule "xlog.so"
loadmodule "ims_icscf.so"
#!ifdef CAPTURE_NODE
loadmodule "siptrace.so"
#!endif
#!ifdef WITH_DEBUG
loadmodule "debugger.so"
#!endif
#!ifdef WITH_TLS
loadmodule "tls.so"
#!endif
#!ifdef PEERING
loadmodule "enum"
loadmodule "dispatcher"
#!endif
# ----------------- setting module-specific parameters ---------------
#!ifdef DB_URL2
# ----- db_cluster params -----
modparam("db_cluster", "connection", DB_URL)
modparam("db_cluster", "connection", DB_URL2)
modparam("db_cluster", "cluster", "cluster1=>con1=2s2s;con2=1s1s")
#!endif
loadmodule "jsonrpcs.so"
# ----- jsonrpcs params -----
modparam("jsonrpcs", "pretty_format", 1)
/* set the path to RPC fifo control file */
modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
/* set the path to RPC unix socket control file */
modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kamailio_rpc.sock")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- cdp params --
modparam("cdp","config_file","/etc/kamailio_icscf/icscf.xml")
# ----- icscf params -----
# Comment the following line to enable realm routing
#!ifdef CXDX_FORCED_PEER
modparam("ims_icscf", "cxdx_forced_peer", CXDX_FORCED_PEER)
#!endif
modparam("ims_icscf","cxdx_dest_realm", EPC_REALM)
# DB-URL, where information about S-CSCF-Server can be found:
#!ifdef DB_URL2
modparam("ims_icscf", "db_url", "cluster://cluster1")
#!else
modparam("ims_icscf", "db_url", DB_URL)
#!endif
#!ifdef PEERING
# Route which is executed, in case HSS returned "User-Unknown" on LIR request
modparam("ims_icscf","route_lir_user_unknown", "lir_term_user_unknown")
#!endif
#!ifdef FALLBACK_AUTH
# Route which is executed, in case HSS returned "User-Unknown" on UAR request
modparam("ims_icscf","route_uar_user_unknown", "uar_term_user_unknown")
#!endif
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config", "/etc/kamailio_icscf/tls.cfg")
#!endif
#!ifdef WITH_XMLRPC
# ----- xmlrpc params -----
modparam("xmlrpc", "route", "XMLRPC");
modparam("xmlrpc", "url_match", "^/RPC")
#!endif
# ----- ctl params -----
modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
#!ifdef WITH_DEBUG
# ----- debugger params -----
modparam("debugger", "mod_hash_size", 5)
modparam("debugger", "mod_level_mode", 1)
modparam("debugger", "mod_level", "xlog=3")
modparam("debugger", "mod_level", "cdp=3")
modparam("debugger", "mod_level", "ims_icscf=3")
#!ifdef WITH_DEBUG_TRACE
modparam("debugger", "cfgtrace", 1)
#!endif
#!endif
#!ifdef CAPTURE_NODE
# Destination, where to send the traffic
modparam("siptrace", "duplicate_uri", CAPTURE_NODE)
# Trace all traffic
modparam("siptrace", "trace_on", 1)
modparam("siptrace", "trace_to_database", 0)
modparam("siptrace", "trace_flag", FLT_CAPTURE)
modparam("siptrace", "hep_mode_on", 1)
#!endif
#!ifdef PEERING
# ----- enum params -----
modparam("enum", "domain_suffix", ENUM_SUFFIX)
#!endif
# ----- tm params -----
# auto-discard branches from previous serial forking leg
modparam("tm", "failure_reply_mode", 3)
# default retransmission timeout: 10sec
modparam("tm", "fr_timer", 10000)
# default invite retransmission timeout after 1xx: 120sec
modparam("tm", "fr_inv_timer", 120000)
# Don't reply automatically with "100 Trying"
modparam("tm", "auto_inv_100", 0)
#!ifdef WITH_DEBUG
#loadmodule "debugger.so"
modparam("debugger", "mod_hash_size", 5)
modparam("debugger", "mod_level_mode", 1)
modparam("debugger", "mod_level", "cdp=3")
modparam("debugger", "mod_level", "ims_icscf=3")
#!endif
# ------------------------- request routing logic -------------------
# main routing logic
route{
#!ifdef WITH_DEBUG
xlog("I-CSCF >>>>>>>>>>>>>>>>>>>> $rm $ru ($fu => $tu ($si:$sp) to $tu, $ci)\n");
#!endif
# if !($rU =~ "\+.*") {
# prefix("+");
# }
# per request initial checks
route(REQINIT);
if (is_method("REGISTER")) {
route(register);
}
if (is_method("NOTIFY") && search("^(Event|o)([ \t]*):([ \t]*)reg")) {
if (!t_relay()) {
sl_reply_error();
}
exit;
}
if (is_method("INVITE|SUBSCRIBE|MESSAGE|INFO|PUBLISH|CANCEL")) {
route(initial_request);
} else {
# Shouldn't get here unless missconfigured (add more methods as initial) or
# somebody is routing unknown messages
append_to_reply("Allow: INVITE,SUBSCRIBE,MESSAGE,INFO,PUBLISH,CANCEL\r\n");
send_reply("406","Initial Request Method not allowed at the I-CSCF");
break;
}
}
######################################################################
# Helper routes (Basic-Checks, NAT-Handling/RTP-Control, XML-RPC)
######################################################################
# Per SIP request initial checks
route[REQINIT] {
$var(used) = 1 - ($stat(free_size) / $stat(total_size));
xlog("L_DBG", "Mem: Total $stat(total_size), Free $stat(free_size) [$var(used)% used]\n");
if ($var(used) > 95) {
send_reply("503", "Server overloaded");
exit;
}
# Trace this message
#!ifdef CAPTURE_NODE
sip_trace();
setflag(FLT_CAPTURE);
#!endif
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if(!sanity_check("1511", "7")) {
xlog("Malformed SIP message from $si:$sp\n");
exit;
}
# Check for shutdown mode:
if (!has_totag() && ($sel(cfg_get.system.shutdownmode) > 0)) {
send_reply("503", "Server shutting down");
exit;
}
# Reply to OPTIONS:
if (is_method("OPTIONS") && (uri==myself)) {
options_reply();
exit;
}
# Ignore Re-Transmits:
if (t_lookup_request()) {
exit;
}
if (is_method("INVITE|REGISTER")) {
send_reply("100", "Trying");
}
}
######################################################################
# XMLRPC routing
######################################################################
#!ifdef WITH_XMLRPC
route[XMLRPC] {
if ((method=="POST" || method=="GET")
#!ifdef XMLRPC_WHITELIST_1
&& ((src_ip == XMLRPC_WHITELIST_1)
#!ifdef XMLRPC_WHITELIST_2
|| (src_ip == XMLRPC_WHITELIST_2)
#!endif
#!ifdef XMLRPC_WHITELIST_3
|| (src_ip == XMLRPC_WHITELIST_3)
#!endif
)
#!endif
) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
set_reply_close();
set_reply_no_connect();
dispatch_rpc();
exit;
}
send_reply("403", "Forbidden");
exit;
}
#!endif
######################################################################
# Handling of REGISTER requests
######################################################################
route[register]
{
t_set_fr(5000, 5000);
#first check if we have an S-CSCF list
if (I_scscf_select("0")) {
#there is an S-CSCF list - no need to do a UAR
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
send_reply("500","Error forwarding towards S-CSCF");
}
} else {
#no S-CSCF list therefore must do UAR
#free this from the failed I_scscf_select call
I_scscf_drop();
# Do an asynchronous UAR:
#0=REG/DEREG; 1=REG+Capabilities
if (!I_perform_user_authorization_request("REG_UAR_REPLY","0")) {
send_reply("500", "Error in Request");
}
}
exit;
}
route[REG_UAR_REPLY]
{
#xlog("$$avp(s:uaa_return_code) = $avp(s:uaa_return_code)\n");
#this is async so to know status we have to check the reply avp
switch ($avp(s:uaa_return_code)) {
case 1: #success
if (I_scscf_select("0")) {
t_on_failure("register_failure");
t_on_reply("register_reply");
#now relay to appropriate SCSCF
if (!t_relay()) {
t_reply("500", "Error forwarding to SCSCF");
}
} else {#select failed
I_scscf_drop();
t_reply("500", "Server error on SCSCF Select (UAR)");
}
break;
case -1: #failure
xlog("L_ERR", "UAR failure - error response sent from module\n");
break;
case -2: #error
xlog("L_ERR", "UAR error - sending error response now\n");
t_reply("500", "UAR failed");
break;
default:
xlog("L_ERR", "Unknown return code from UAR, value is [$avp(s:uaa_return_code)]\n");
t_reply("500", "Unknown response code from UAR");
break;
}
}
######################################################################
# Replies to REGISTER requests,
######################################################################
onreply_route[register_reply]
{
xlog("L_DBG", "Enter register reply block");
if (!t_check_status("(408)|(480)")){
if (!t_check_status("(401)")){
xlog("L_DBG", "dropping scscf list on register failure");
I_scscf_drop();
} else {
xlog("L_DBG", "This is a 401 - keep scscf list to do optimisation");
}
}
break;
}
######################################################################
# Failed REGISTERs
######################################################################
failure_route[register_failure]
{
if (t_branch_timeout() || t_check_status("([5-6][0-9][0-9])")){
if (I_scscf_select("1")) {
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards next S-CSCF");
break;
}
break;
} else {
t_reply("500", "Server error on UAR select next S-CSCF");
break;
}
} else {
if (!t_check_status("(401)")){
xlog("L_DBG", "dropping scscf list on register failure");
I_scscf_drop();
} else {
xlog("L_DBG", "This is a 401 - keep scscf list to do optimisation");
}
break;
}
}
######################################################################
# Initial requests
######################################################################
route[initial_request]
{
# $avp(prefix)="+";
# $ru= $(ru{s.rm,$avp(prefix)});
xlog("$$ru => $ru\n");
I_perform_location_information_request("LIR_REPLY", "0");
}
route[LIR_REPLY] {
if ($avp(lia_return_code) == 1) {
if (I_scscf_select("0")) {
xlog("L_DBG", "ru = $ru, du = $du\n");
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards S-CSCF");
break;
}
break;
} else {
xlog("L_DBG", "dropping scscf list on initial request");
I_scscf_drop();
t_reply("500", "Server error on LIR select S-CSCF");
break;
}
} else {
t_reply("500", "Server error on LIR");
break;
}
break;
}
######################################################################
# Replies to initial requests
######################################################################
onreply_route[initial_request_reply]
{
xlog("L_DBG", "Enter initial request request block");
if (!t_check_status("(408)")){
xlog("L_DBG", "dropping scscf list on initial request reply");
I_scscf_drop();
}
break;
}
######################################################################
# Failed initial requests
######################################################################
failure_route[initial_request_failure]
{
xlog("L_DBG", "Enter initial request failure block");
if (t_check_status("(408)")){
xlog("L_DBG", "Got a failure for initial request");
if (I_scscf_select("1")) {
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards next S-CSCF");
break;
}
break;
} else {
t_reply("500", "Server error on LIR select next S-CSCF");
break;
}
} else {
xlog("L_DBG", "dropping scscf list on initial request failure");
I_scscf_drop();
}
break;
}
#!ifdef PEERING
######################################################################
# HSS returned "User-Unknown" on LIR request
######################################################################
route[lir_term_user_unknown]
{
if (uri =~ "tel:.*") {
# Let's check, if the number can be found in ENUM:
if(!enum_query()) {
# ENUM failed, send it to the PSTN-Gateway:
route(PSTN);
break;
}
# ENUM resolved to another domain
if ($rd != NETWORKNAME) {
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding to external domain");
exit;
};
exit;
} else {
t_reply("604","Does not exist anywhere - HSS User Unknown");
exit;
};
} else {
# we received a request for our domain (non-tel), but HSS said "User Unknown"
if ($rd != NETWORKNAME) {
t_reply("604","Does not exist anywhere - HSS User Unknown");
exit;
} else {
# try to forward non-tel request to other domain
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding to external domain");
exit;
};
exit;
};
};
}
######################################################################
# Send calls to the PSTN-Gateways:
######################################################################
route[PSTN]
{
t_on_failure("PSTN_failure");
# Relay the request towards the PSTN-Gateway:
if (!ds_select_dst("1", "4")) {
send_reply("503", "Service not available");
exit;
}
# Relay the request:
if (!t_relay()) {
send_reply("503", "Service not available");
exit;
};
exit;
}
######################################################################
# manage failure routing cases, perform failover
######################################################################
failure_route[PSTN_failure] {
# Choose another gateway, in case we
# - get a local generated "408"
# - receive a 5xx or 6xx reply from the proxy.
if (t_branch_timeout() || t_check_status("[5-6]..")) {
if (ds_next_dst()) {
# Do Failover in case problems:
t_on_failure("PSTN_failure");
# Relay the request:
if (!t_relay()) {
send_reply("503", "Service not available");
exit;
};
} else {
# Add a header, to indicate the phone should try again in 30 seconds.
append_hf("Retry-After: 30\r\n");
send_reply("503", "Service not available");
}
exit;
}
}
#!endif
#!ifdef FALLBACK_AUTH
######################################################################
# HSS returned "User-Unknown" on UAR request,
# try to send it to any S-CSCF for authentication
######################################################################
route[uar_term_user_unknown]
{
$rd = "scscf."+NETWORKNAME;
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards S-CSCF");
break;
}
break;
}
#!endif

30
custom_deployments/open5gs_hss_cx/mme/make_certs.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/bin/sh
if [ 1 -ne $# ]
then
echo You must specify output directory : ./make_certs.sh ./freeDiameter
exit;
fi
rm -rf demoCA
mkdir demoCA
echo 01 > demoCA/serial
touch demoCA/index.txt.attr
touch demoCA/index.txt
# Generate .rnd if it does not exist
openssl rand -out /root/.rnd -hex 256
# CA self certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out $1/cacert.pem -keyout cakey.pem -subj /CN=ca.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
#mme
openssl genrsa -out $1/mme.key.pem 1024
openssl req -new -batch -out mme.csr.pem -key $1/mme.key.pem -subj /CN=mme.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
openssl ca -cert $1/cacert.pem -days 3650 -keyfile cakey.pem -in mme.csr.pem -out $1/mme.cert.pem -outdir . -batch
rm -rf demoCA
rm -f 01.pem 02.pem 03.pem 04.pem
rm -f cakey.pem
rm -f mme.csr.pem

266
custom_deployments/open5gs_hss_cx/mme/mme.conf Normal file
View File

@@ -0,0 +1,266 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "mme.EPC_DOMAIN";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "EPC_DOMAIN";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "MME_IP";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "/open5gs/install/etc/freeDiameter/mme.cert.pem", "/open5gs/install/etc/freeDiameter/mme.key.pem";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "/open5gs/install/etc/freeDiameter/cacert.pem";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_mip6i.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nasreq.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "hss.EPC_DOMAIN" { ConnectTo = "HSS_IP"; Port = HSS_BIND_PORT; No_TLS; };
##############################################################

59
custom_deployments/open5gs_hss_cx/mme/mme.yaml Normal file
View File

@@ -0,0 +1,59 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/mme.log
global:
max:
ue: MAX_NUM_UE
mme:
freeDiameter: /open5gs/install/etc/freeDiameter/mme.conf
s1ap:
server:
- dev: MME_IF
gtpc:
server:
- dev: MME_IF
client:
sgwc:
- address: SGWC_IP
smf:
- address: SMF_IP
sgsap:
server:
- address: OSMOMSC_IP
map:
tai:
plmn_id:
mcc: MCC
mnc: MNC
tac: TAC
lai:
plmn_id:
mcc: MCC
mnc: MNC
lac: 1
gummei:
- plmn_id:
mcc: MCC
mnc: MNC
mme_gid: 2
mme_code: 1
tai:
- plmn_id:
mcc: MCC
mnc: MNC
tac: TAC
security:
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
mme_name: open5gs-mme0
metrics:
server:
- address: MME_IP
port: 9091
time:
t3412:
value: 540

58
custom_deployments/open5gs_hss_cx/mme/mme_init.sh Executable file
View File

@@ -0,0 +1,58 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
cp /mnt/mme/mme.yaml install/etc/open5gs
cp /mnt/mme/mme.conf install/etc/freeDiameter
cp /mnt/mme/make_certs.sh install/etc/freeDiameter
sed -i 's|MNC|'$MNC'|g' install/etc/open5gs/mme.yaml
sed -i 's|MCC|'$MCC'|g' install/etc/open5gs/mme.yaml
sed -i 's|TAC|'$TAC'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IF|'$IF_NAME'|g' install/etc/open5gs/mme.yaml
sed -i 's|OSMOMSC_IP|'$OSMOMSC_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|SGWC_IP|'$SGWC_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/freeDiameter/mme.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' install/etc/freeDiameter/mme.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/mme.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' install/etc/freeDiameter/mme.conf
sed -i 's|LD_LIBRARY_PATH|'$LD_LIBRARY_PATH'|g' install/etc/freeDiameter/mme.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/make_certs.sh
# Generate TLS certificates
./install/etc/freeDiameter/make_certs.sh install/etc/freeDiameter
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

14
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/freeDiameter.conf Normal file
View File

@@ -0,0 +1,14 @@
Identity = "icscf.IMS_DOMAIN";
Realm = "IMS_DOMAIN";
Port = ICSCF_BIND_PORT;
ListenOn = "ICSCF_IP";
SecPort = 0;
No_SCTP;
NoRelay;
ConnectPeer = "hss.EPC_DOMAIN" {
Realm = "EPC_DOMAIN";
No_TLS;
ConnectTo = "HSS_IP";
port = HSS_BIND_PORT;
};

32
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/icscf.dictionary Normal file
View File

@@ -0,0 +1,32 @@
VENDOR 10415 TGPP
ATTRIBUTE Visited-Network-Identifier 600 string 10415
ATTRIBUTE Public-Identity 601 string 10415
ATTRIBUTE Server-Name 602 string 10415
APPLICATION-AUTH 16777216/10415 3GPP Cx
REQUEST 300 User-Authorization Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
User-Name | REQUIRED | 1
Public-Identity | REQUIRED | 1
Visited-Network-Identifier | REQUIRED | 1
}
ANSWER 300 User-Authorization Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Experimental-Result | REQUIRED | 1
}

54
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/icscf_init.sh Executable file
View File

@@ -0,0 +1,54 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/opensips
cp /mnt/icscf/freeDiameter.conf /etc/opensips
cp /mnt/icscf/icscf.dictionary /etc/opensips
cp /mnt/icscf/opensips.cfg /etc/opensips
# For mi_fifo module.
mkdir -p /var/run/opensips
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/opensips/opensips.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/opensips.cfg
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
exec opensips -f /etc/opensips/opensips.cfg -F $@

226
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/opensips.cfg Normal file
View File

@@ -0,0 +1,226 @@
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
/* uncomment the following lines to enable debugging */
#debug_mode=yes
log_level=3
xlog_level=3
log_stderror=yes
log_stdout=yes
log_facility=LOG_LOCAL0
udp_workers=4
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
socket=udp:ICSCF_IP:4060
socket=tcp:ICSCF_IP:4060
alias="icscf.IMS_DOMAIN"
#set module path
mpath="/usr/local/opensips/modules"
####### Modules Section ########
####### http module ######
loadmodule "httpd.so"
modparam("httpd", "ip", "ICSCF_IP")
modparam("httpd", "port", 8080)
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/var/run/opensips/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "working_mode_preset", "single-instance-no-db")
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure to enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
#### aaa_diameter module
loadmodule "aaa_diameter.so"
modparam("aaa_diameter", "fd_log_level", 1) # max amount of logging, quite annoying
modparam("aaa_diameter", "realm", "EPC_DOMAIN")
modparam("aaa_diameter", "peer_identity", "hss")
modparam("aaa_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/icscf.dictionary")
#### JSON module
loadmodule "json.so"
####### Routing Logic ########
# main request routing logic
route{
xlog("L_INFO", "[$ci] Start route time [$Tf] method ($rm) r-uri ($ru) \n");
if (!mf_process_maxfwd_header(10)) {
send_reply(483,"Too Many Hops");
exit;
}
if (has_totag()) {
# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}
# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply(404,"Not here");
exit;
}
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("log","failed");
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}
# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}
# absorb retransmissions, but do not create transaction
t_check_trans();
if (is_method("REGISTER")) {
xlog("L_INFO", "[$ci] Received REGISTER for $tu - doing UAR\n");
$var(payload) = "[
{ \"Session-Id\": \"icscf.IMS_DOMAIN;"+$Ts+"."+$Tsm+";"+$pp+"\" },
{ \"Origin-Host\": \"icscf.IMS_DOMAIN\" },
{ \"Origin-Realm\": \"IMS_DOMAIN\" },
{ \"Destination-Realm\": \"EPC_DOMAIN\" },
{ \"Vendor-Specific-Application-Id\": [{\"Vendor-Id\": 10415},
{\"Auth-Application-Id\": 16777216}]},
{ \"Auth-Session-State\": 1 },
{ \"User-Name\": \""+$fU+"@"+$fd+"\" },
{ \"Public-Identity\": \""+$fu+"\" },
{ \"Visited-Network-Identifier\": \"IMS_DOMAIN\" }
]";
$var(rc) = dm_send_request(16777216, 300, $var(payload), $var(rpl_avps));
xlog("[$ci] UAA rc: $var(rc), UAA AVPs: $var(rpl_avps)\n");
$var(server_name) = NULL;
$json(rpl_avps) := $var(rpl_avps);
for ($var(item) in $(json(rpl_avps)[*])) {
$json(item) := $var(item);
for ($var(key) in $(json(item.keys)[*])) {
if ($var(key) == "Server-Name") {
$var(server_name) = $json(item/$var(key));
break;
}
}
if ($var(server_name) != NULL)
break;
}
if ($var(server_name) == NULL) {
xlog("L_ERR", "[$ci] No server available! Relaying to default S-CSCF\n");
$var(server_name) = "sip:scscf.IMS_DOMAIN:6060";
}
# relay to S-CSCF
xlog("L_INFO", "[$ci] using S-CSCF $var(server_name)\n");
$ru = $var(server_name);
route(relay);
exit;
}
send_reply(503,"Not Implemented");
exit;
}
route[relay] {
if (!t_relay()) {
send_reply(500,"Internal Error");
}
exit;
}

14
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/freeDiameter.conf Normal file
View File

@@ -0,0 +1,14 @@
Identity = "scscf.IMS_DOMAIN";
Realm = "IMS_DOMAIN";
Port = SCSCF_BIND_PORT;
ListenOn = "SCSCF_IP";
SecPort = 0;
No_SCTP;
NoRelay;
ConnectPeer = "hss.EPC_DOMAIN" {
Realm = "EPC_DOMAIN";
No_TLS;
ConnectTo = "HSS_IP";
port = HSS_BIND_PORT;
};

311
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/opensips.cfg Normal file
View File

@@ -0,0 +1,311 @@
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
/* uncomment the following lines to enable debugging */
#debug_mode=yes
log_level=3
xlog_level=3
log_stderror=yes
log_stdout=yes
xlog_buf_size=16384
log_facility=LOG_LOCAL0
udp_workers=4
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
socket=udp:SCSCF_IP:6060
socket=tcp:SCSCF_IP:6060
alias="scscf.IMS_DOMAIN"
#set module path
mpath="/usr/local/opensips/modules"
####### Modules Section ########
#### MYSQL module
loadmodule "db_mysql.so"
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/var/run/opensips/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "working_mode_preset", "single-instance-no-db")
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "attr_avp", "$avp(attr)")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure to enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
#### aaa_diameter module
loadmodule "aaa_diameter.so"
modparam("aaa_diameter", "fd_log_level", 1) # max amount of logging, quite annoying
modparam("aaa_diameter", "realm", "EPC_DOMAIN")
modparam("aaa_diameter", "peer_identity", "hss")
modparam("aaa_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/scscf.dictionary")
loadmodule "auth_aka.so"
modparam("auth_aka", "default_av_mgm", "diameter")
modparam("auth_aka", "default_qop", "auth")
loadmodule "aka_av_diameter.so"
modparam("aka_av_diameter", "realm",
"scscf.IMS_DOMAIN")
modparam("aka_av_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/scscf.dictionary")
#### dialplan module
loadmodule "dialplan.so"
modparam("dialplan","db_url", "mysql://opensips_scscf:heslo@MYSQL_IP/opensips_scscf")
#### auth module
loadmodule "auth.so"
#### JSON module
loadmodule "json.so"
#### XML module
loadmodule "xml.so"
####### Routing Logic ########
# main request routing logic
route{
xlog("L_INFO", "[$ci] Start route time [$Tf] method ($rm) r-uri ($ru) \n");
if (!mf_process_maxfwd_header(10)) {
send_reply(483,"Too Many Hops");
exit;
}
if (has_totag()) {
# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}
# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply(404,"Not here");
exit;
}
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("log","failed");
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}
# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}
# absorb retransmissions, but do not create transaction
t_check_trans();
if (is_method("REGISTER")) {
xlog("L_INFO", "[$ci] Received REGISTER for $tu - doing authorization\n");
if (!aka_www_authorize()) {
if (!async(aka_www_challenge(), aka_resume_mar))
t_reply(500, "Internal Error");
exit;
}
xlog("L_INFO", "[$ci] Received REGISTER for $tu - authorized, doing SAR\n");
$var(payload) = "[
{ \"Session-Id\": \"scscf.IMS_DOMAIN;"+$Ts+"."+$Tsm+";"+$pp+"\" },
{ \"Origin-Host\": \"scscf.IMS_DOMAIN\" },
{ \"Origin-Realm\": \"IMS_DOMAIN\" },
{ \"Destination-Realm\": \"EPC_DOMAIN\" },
{ \"Vendor-Specific-Application-Id\": [{\"Vendor-Id\": 10415},
{\"Auth-Application-Id\": 16777216}]},
{ \"Auth-Session-State\": 1 },
{ \"User-Name\": \""+$fU+"@"+$fd+"\" },
{ \"Public-Identity\": \""+$fu+"\" },
{ \"Server-Assignment-Type\": 1 },
{ \"User-Data-Already-Available\": 0},
{ \"Server-Name\": \"sip:scscf.IMS_DOMAIN:6060\" }
]";
if (!async(dm_send_request(16777216, 301, $var(payload), $var(rpl_avps)), aka_resume_sar)) {
t_reply(500, "Internal Error");
exit;
}
exit;
} else if (is_method("INVITE")) {
xlog("L_INFO", "[$ci] Received INVITE for $tu/$ru - checking dialplan\n");
loose_route(); # consume preloaded routes
if (!record_route()) {
xlog("L_ERR", "[$ci] Cannot do record_route()\n");
t_reply(503, "Internal Error");
exit;
}
if ($ru =~ "^tel:") {
$var(tel_user) = $rU;
$var(tel_domain) = $(ru{uri.param,phone-context});
$ru = "sip:" + $var(tel_user) + "@" + $var(tel_domain);
} else {
$rU = $(rU{s.select,0,;});
}
if (!dp_translate(1, $rU, $var(dialplan))) {
$var(dialplan) = "USER";
xlog("L_DBG", "[$ci] unknown dialplan - considering $var(dialplan)\n");
}
xlog("L_INFO", "[$ci] Dial $rU is a $var(dialplan) dialplan\n");
switch ($var(dialplan)) {
case "USER":
xlog("L_INFO", "[$ci] lookup user $rU/$(oU{s.select,0,;})\n");
if (!lookup("location")) {
xlog("L_ERR", "[$ci] Received INVITE for $tu/$ru not registered - sending to service\n");
t_reply(404, "User not found");
exit;
}
break;
case "SERVICE":
# TODO: handle service
case "APPLICATION":
# TODO: handle application server
default:
xlog("L_ERR", "[$ci] unknown $var(dialplan) dialplan\n");
t_reply(503, "Unknown dialplan");
exit;
}
if (!t_relay()) {
xlog("L_ERR", "[$ci] Cannot relay to $ru\n");
t_reply(503, "Internal Error");
}
exit;
}
send_reply(503,"Not Implemented");
exit;
}
route[relay] {
if (!t_relay()) {
send_reply(500,"Internal Error");
}
exit;
}
route[aka_resume_mar] {
xlog("L_DBG", "[$ci] MAA rc: $rc\n");
}
route[aka_resume_sar] {
xlog("[$ci] SAA rc: $var(rc), SAA AVPs: $var(rpl_avps)\n");
$avp(attr) = $ct.fields(params);
append_to_reply("Service-Route: <sip:orig@scscf.IMS_DOMAIN:6060;lr>\r\n");
$json(rpl_avps) := $var(rpl_avps);
for ($var(item) in $(json(rpl_avps)[*])) {
$json(item) := $var(item);
for ($var(key) in $(json(item.keys)[*])) {
if ($var(key) == "Cx-User-Data") {
$xml(data) := $json(item/$var(key));
$xml(profile) := $xml(data/IMSSubscription/ServiceProfile);
$var(idx) = 0;
while ($xml(profile/ServiceProfile/PublicIdentity[$var(idx)]) != NULL) {
append_to_reply("P-Associated-URI: <$xml(profile/ServiceProfile/PublicIdentity[$var(idx)]/Identity.val)>\r\n");
$var(uri) = $xml(profile/ServiceProfile/PublicIdentity[$var(idx)]/Identity.val);
if ($var(uri) == $tu) {
# Save AoR for IMPU in format sip:IMSI@IMS_DOMAIN and send 200 response.
if (!save("location", "path-lazy")) {
t_reply(503, "Internal Error");
exit;
}
} else {
# Save AoR for IMPU in other formats and dont send response.
if (!save("location", "no-reply, path-lazy", $var(uri))) {
t_reply(503, "Internal Error");
exit;
}
}
$var(idx) = $var(idx) + 1;
}
}
}
}
}

105
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/scscf.dictionary Normal file
View File

@@ -0,0 +1,105 @@
VENDOR 10415 TGPP
ATTRIBUTE Visited-Network-Identifier 600 string 10415
ATTRIBUTE Public-Identity 601 string 10415
ATTRIBUTE Server-Name 602 string 10415
ATTRIBUTE Mandatory-Capability 604 unsigned32 10415
ATTRIBUTE Optional-Capability 605 unsigned32 10415
ATTRIBUTE Cx-User-Data 606 string 10415
ATTRIBUTE 3GPP-SIP-Number-Auth-Items 607 unsigned32 10415
ATTRIBUTE 3GPP-SIP-Authentication-Scheme 608 utf8string 10415
ATTRIBUTE 3GPP-SIP-Authenticate 609 hexstring 10415
ATTRIBUTE 3GPP-SIP-Authorization 610 hexstring 10415
ATTRIBUTE 3GPP-SIP-Authentication-Context 611 string 10415
ATTRIBUTE 3GPP-SIP-Item-Number 613 unsigned32 10415
ATTRIBUTE Server-Assignment-Type 614 unsigned32 10415
ATTRIBUTE User-Data-Already-Available 624 unsigned32 10415
ATTRIBUTE Confidentiality-Key 625 hexstring 10415
ATTRIBUTE Integrity-Key 626 hexstring 10415
ATTRIBUTE Primary-Event-Charging-Function-Name 619 string 10415
ATTRIBUTE Secondary-Event-Charging-Function-Name 620 string 10415
ATTRIBUTE Primary-Charging-Collection-Function-Name 621 string 10415
ATTRIBUTE Secondary-Charging-Collection-Function-Name 622 string 10415
ATTRIBUTE 3GPP-SIP-Auth-Data-Item 612 grouped 10415
{
3GPP-SIP-Item-Number | OPTIONAL | 1
3GPP-SIP-Authentication-Scheme | OPTIONAL | 1
3GPP-SIP-Authenticate | OPTIONAL | 1
3GPP-SIP-Authorization | OPTIONAL | 1
3GPP-SIP-Authentication-Context | OPTIONAL | 1
Confidentiality-Key | OPTIONAL | 1
Integrity-Key | OPTIONAL | 1
}
ATTRIBUTE Charging-Information 618 grouped 10415
{
Primary-Event-Charging-Function-Name | OPTIONAL | 1
Secondary-Event-Charging-Function-Name | OPTIONAL | 1
Primary-Charging-Collection-Function-Name | OPTIONAL | 1
Secondary-Charging-Collection-Function-Name | OPTIONAL | 1
}
APPLICATION-AUTH 16777216/10415 3GPP Cx
REQUEST 301 Server-Assignment Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
Server-Name | REQUIRED | 1
User-Name | REQUIRED | 1
Server-Assignment-Type | REQUIRED | 1
User-Data-Already-Available | REQUIRED | 1
}
ANSWER 301 Server-Assignment Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
User-Name | REQUIRED | 1
Cx-User-Data | REQUIRED | 1
Charging-Information | OPTIONAL | 1
Result-Code | REQUIRED | 1
}
REQUEST 303 Multimedia-Auth Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
3GPP-SIP-Number-Auth-Items | REQUIRED | 1
3GPP-SIP-Auth-Data-Item | REQUIRED | 1
Server-Name | REQUIRED | 1
}
ANSWER 303 Multimedia-Auth Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
3GPP-SIP-Number-Auth-Items | REQUIRED | 1
3GPP-SIP-Auth-Data-Item | REQUIRED | 1
User-Name | REQUIRED | 1
Result-Code | REQUIRED | 1
}

79
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/scscf_init.sh Executable file
View File

@@ -0,0 +1,79 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/opensips
cp /mnt/scscf/freeDiameter.conf /etc/opensips
cp /mnt/scscf/scscf.dictionary /etc/opensips
cp /mnt/scscf/opensips.cfg /etc/opensips
# For mi_fifo module.
mkdir -p /var/run/opensips
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create SCSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='opensips_scscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database opensips_scscf;"
mysql -u root -h ${MYSQL_IP} opensips_scscf < /usr/local/share/opensips/mysql/standard-create.sql
mysql -u root -h ${MYSQL_IP} opensips_scscf < /usr/local/share/opensips/mysql/dialplan-create.sql
SCSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'opensips_scscf' AND Host = '%')"`
if [[ "$SCSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'opensips_scscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'opensips_scscf'@'$SCSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON opensips_scscf.* TO 'opensips_scscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON opensips_scscf.* TO 'opensips_scscf'@'$SCSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/opensips/opensips.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/opensips/opensips.cfg
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
exec opensips -f /etc/opensips/opensips.cfg -F $@

293
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel6.xsd Normal file
View File

@@ -0,0 +1,293 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0" />
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

301
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel7.xsd Normal file
View File

@@ -0,0 +1,301 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_UNREGISTERED</label>
<definition xml:lang="en">Originating Session for an unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0"/>
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

379
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel8.xsd Normal file
View File

@@ -0,0 +1,379 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_UNREGISTERED</label>
<definition xml:lang="en">Originating Session for an unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="4"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_IMPU</label>
<definition xml:lang="en">Identity is a Wildcarded Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">IMPU WILDCARD</label>
<definition xml:lang="en">Identity is a Wildcard for Public User Identities.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tPublicIdentityExtension2" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentityExtension2">
<xs:sequence>
<xs:element name="DisplayName" type="tDisplayName" minOccurs="0"/>
<xs:element name="AliasIdentityGroupID" type="tAliasIdentityGroupID" minOccurs="0"/>
<xs:element name="Extension" type="tPublicIdentityExtension3" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentityExtension3">
<xs:sequence>
<xs:element name="WildcardedIMPU" type="xs:anyURI" minOccurs="0"/>
<xs:element name="ServiceLevelTraceInfo" type="tServiceLevelTraceInfo" minOccurs="0"/>
<xs:element name="SIPURIParameters" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tDisplayName" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tAliasIdentityGroupID" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tServiceLevelTraceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tListOfServiceIds">
<xs:sequence>
<xs:element name="ServiceId" type="tString" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCNServicesAuthorizationExtension">
<xs:sequence>
<xs:element name="ListOfServiceIds" type="tListOfServiceIds" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0"/>
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tCNServicesAuthorizationExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tApplicationServerExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServerExtension">
<xs:sequence>
<xs:element name="IncludeRegisterRequest" type="tIncludeRegisterRequest" minOccurs="0" maxOccurs="1"/>
<xs:element name="IncludeRegisterResponse" type="tIncludeRegisterResponse" minOccurs="0" maxOccurs="1"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIncludeRegisterRequest">
<xs:sequence>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIncludeRegisterResponse">
<xs:sequence>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

1
custom_deployments/open5gs_hss_cx/scscf/dispatcher.list Normal file
View File

@@ -0,0 +1 @@
# ng-voice Interconnect

1281
custom_deployments/open5gs_hss_cx/scscf/kamailio_scscf.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

89
custom_deployments/open5gs_hss_cx/scscf/scscf.cfg Normal file
View File

@@ -0,0 +1,89 @@
# SIP / UDP
listen=udp:SCSCF_IP:6060
# SIP / TCP
listen=tcp:SCSCF_IP:6060
# SIP / TCP/TLS
#listen=tls:SCSCF_IP:6061
#!define NETWORKNAME "IMS_DOMAIN"
#!define EPC_REALM "EPC_DOMAIN"
#!define NETWORKNAME_ESC "IMS_SLASH_DOMAIN"
#!define HOSTNAME "scscf.IMS_DOMAIN"
#!define HOSTNAME_ESC "scscf\.IMS_SLASH_DOMAIN"
#!define URI "sip:scscf.IMS_DOMAIN:6060"
#!subst "/NETWORKNAME/IMS_DOMAIN/"
alias=scscf.IMS_DOMAIN
# ENUM-Server to query:
#!define ENUM_SUFFIX "e164.arpa."
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
# For use with a single database:
#!define DB_URL "mysql://scscf:heslo@MYSQL_IP/scscf"
# For use with DB_Cluster: con1 (primary), con2 (backup)
##!define DB_URL "con1=>mysql://scscf:heslo@MYSQL_IP/scscf"
##!define DB_URL2 "con2=>mysql://scscf:heslo@MYSQL_IP/scscf"
# Select Authorization Algorhithm:
##!define REG_AUTH_DEFAULT_ALG "AKAv1-MD5"
##!define REG_AUTH_DEFAULT_ALG "AKAv2-MD5"
##!define REG_AUTH_DEFAULT_ALG "MD5"
##!define REG_AUTH_DEFAULT_ALG "CableLabs-Digest"
##!define REG_AUTH_DEFAULT_ALG "3GPP-Digest"
##!define REG_AUTH_DEFAULT_ALG "TISPAN-HTTP_DIGEST_MD5"
# Let the HSS decide
#!define REG_AUTH_DEFAULT_ALG "HSS-Selected"
# Number of TCP Processes
#!define TCP_PROCESSES 3
# Maximum lifetime of a subscription in seconds (same is advertised to UE)
#!substdef "/UE_SUBSCRIPTION_EXPIRES/SUBSCRIPTION_EXPIRES_ENV/g"
##!define RO_FORCED_PEER "32260@3gpp.org"
#!define RO_DESTINATION "hssocs.voiceblue.com"
#!define RO_ROOT "32260@3gpp.org"
#!define RO_EXT "ext"
#!define RO_MNC "02"
#!define RO_MCC "001"
#(see https://en.wikipedia.org/wiki/Mobile_country_code_(MCC))
#!define RO_RELEASE "8"
# See http://tools.ietf.org/html/rfc4006#section-4.1.2 for the definition of the Service-Context
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
# Several features can be enabled using '#!define WITH_FEATURE' directives:
#
# *** To run in debug mode:
# - define WITH_DEBUG
#
# *** To enable TCP support execute:
# - define WITH_TCP
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
# - this will automagically enable TCP
#
# *** To enable the Ro-Interface:
# - Configure Ro-Diameter-Interface in scscf.xml
# - define WITH_RO
#
# *** To enable a Homer SIP-Capter-Node:
# - define CAPTURE_NODE with a proper address
#
# Enabled Features for this host:
##!define WITH_DEBUG
##!define WITH_DEBUG_TRACE
#!define WITH_TCP
##!define WITH_XMLRPC
##!define WITH_RO
##!define WITH_RO_TERM
#!define WITH_AUTH

36
custom_deployments/open5gs_hss_cx/scscf/scscf.xml Normal file
View File

@@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer
FQDN="scscf.IMS_DOMAIN"
Realm="IMS_DOMAIN"
Vendor_Id="10415"
Product_Name="CDiameterPeer"
AcceptUnknownPeers="1"
DropUnknownOnDisconnect="1"
Tc="30"
Workers="16"
QueueLength="32"
TransactionTimeout="5"
SessionsHashSize="128"
DefaultAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
MaxAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
>
<Peer FQDN="hss.EPC_DOMAIN" Realm="EPC_DOMAIN" port="HSS_BIND_PORT"/>
<Acceptor port="SCSCF_BIND_PORT" bind="SCSCF_IP"/>
<Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
<Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
<Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
<Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
<Auth id="4" vendor="10415"/> <!--3GPP Ro -->
<Acct id="4" vendor="10415" />
<!--
Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
Supported-Vendor-ID AVPs
-->
<SupportedVendor vendor="10415" />
<DefaultRoute FQDN="hss.EPC_DOMAIN" metric="10"/>
</DiameterPeer>

87
custom_deployments/open5gs_hss_cx/scscf/scscf_init.sh Executable file
View File

@@ -0,0 +1,87 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/kamailio_scscf
cp /mnt/scscf/scscf.cfg /etc/kamailio_scscf
cp /mnt/scscf/scscf.xml /etc/kamailio_scscf
cp /mnt/scscf/kamailio_scscf.cfg /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel6.xsd /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel7.xsd /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel8.xsd /etc/kamailio_scscf
cp /mnt/scscf/dispatcher.list /etc/kamailio_scscf
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create SCSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='scscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database scscf;"
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/standard-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/presence-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_usrloc_scscf-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_dialog-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_charging-create.sql
SCSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'scscf' AND Host = '%')"`
if [[ "$SCSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'scscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'scscf'@'$SCSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON scscf.* TO 'scscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON scscf.* TO 'scscf'@'$SCSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
export IMS_SLASH_DOMAIN=`echo $IMS_DOMAIN | sed 's/\./\\\./g'`
SUBSCRIPTION_EXPIRES_ENV=3600
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|IMS_SLASH_DOMAIN|'$IMS_SLASH_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' /etc/kamailio_scscf/scscf.xml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

30
custom_deployments/open5gs_hss_cx/srsenb.yaml Normal file
View File

@@ -0,0 +1,30 @@
version: '3'
services:
srsenb:
image: docker_srslte
container_name: srsenb
stdin_open: true
tty: true
privileged: true
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../srslte:/mnt/srslte
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=enb
expose:
- "36412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${SRS_ENB_IP}
networks:
default:
external:
name: docker_open5gs_default

169
custom_deployments/slicing/.custom_env Normal file
View File

@@ -0,0 +1,169 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TAC=1
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
SMF2_IP=172.22.0.100
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
UPF2_IP=172.22.0.90
UPF2_ADVERTISE_IP=172.22.0.90
# Allowed values for UPF_TUNTAP_MODE are 'tun' or 'tap'
# If 'tap' is used as IF mode, then UPF_INTERNET_APN_IF_NAME and UPF_IMS_APN_IF_NAME must contain string 'tap'
UPF_TUNTAP_MODE=tun
# If 'tap' is used as IF mode, then UPF2_PRIVATE_APN_IF_NAME must contain string 'tap'
UPF2_TUNTAP_MODE=tun
UPF_INTERNET_APN_IF_NAME=ogstun
UPF_IMS_APN_IF_NAME=ogstun2
UPF2_PRIVATE_APN_IF_NAME=ogstun
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# PYHSS
PYHSS_IP=172.22.0.18
PYHSS_BIND_PORT=3875
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
NR_UE2_IP=172.22.0.91
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011224567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
UE2_IMEI=356938035643804
UE2_IMEISV=4370816125816152
UE2_IMSI=001011224567896
UE2_KI=8baf473f2f8fd09487cccbd7097c6862
UE2_OP=11111111111111111111111111111111
UE2_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# OCS
OCS_IP=172.22.0.40
OCS_BIND_PORT=3872
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# UE IPv4 Subnet Range for APN=private
UE_IPV4_PRIVATE=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

45
custom_deployments/slicing/README.md Normal file
View File

@@ -0,0 +1,45 @@
## Deployment description
This custom deployment showcases a slicing scenario by deploying two instances of open5gs SMF and UPF each handling an individual slice configuration.
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```
### Scenario deployment
Deploy the 5G SA network consisting of two slices.
```
cd custom_deployments/slicing
docker compose -f sa-deploy.yaml up
```
Deploy UERANSIM gNB (RF simulated).
```
docker compose -f nr-gnb.yaml up -d && docker container attach nr_gnb
```
Deploy UERANSIM NR-UE (RF simulated) for first slice.
```
docker compose -f nr-ue.yaml up -d && docker container attach nr_ue
```
Deploy UERANSIM NR-UE (RF simulated) for second slice.
```
docker compose -f nr-ue2.yaml up -d && docker container attach nr_ue2
```

62
custom_deployments/slicing/amf/amf.yaml Normal file
View File

@@ -0,0 +1,62 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/amf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
amf:
sbi:
server:
- address: AMF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
ngap:
server:
- address: AMF_IP
guami:
- plmn_id:
mcc: MCC
mnc: MNC
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: MCC
mnc: MNC
tac: TAC
plmn_support:
- plmn_id:
mcc: MCC
mnc: MNC
s_nssai:
- sst: 1
sd: 000001
- sst: 1
sd: 000002
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
metrics:
server:
- address: AMF_IP
port: 9091
time:
t3512:
value: 540

39
custom_deployments/slicing/amf/amf_init.sh Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/amf/amf.yaml install/etc/open5gs
sed -i 's|AMF_IP|'$AMF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|MNC|'$MNC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MCC|'$MCC'|g' install/etc/open5gs/amf.yaml
sed -i 's|TAC|'$TAC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/amf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

29
custom_deployments/slicing/nr-gnb.yaml Normal file
View File

@@ -0,0 +1,29 @@
version: '3'
services:
nr_gnb:
image: docker_ueransim
container_name: nr_gnb
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-gnb
expose:
- "38412/sctp"
- "2152/udp"
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/slicing/nr-ue.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue:
image: docker_ueransim
container_name: nr_ue
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/slicing/nr-ue2.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue2:
image: docker_ueransim
container_name: nr_ue2
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue2
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE2_IP}
networks:
default:
external:
name: docker_open5gs_default

34
custom_deployments/slicing/nssf/nssf.yaml Normal file
View File

@@ -0,0 +1,34 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/nssf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
nssf:
sbi:
server:
- address: NSSF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
nsi:
- uri: http://NRF_IP:7777
s_nssai:
sst: 1
sd: 000001
- uri: http://NRF_IP:7777
s_nssai:
sst: 1
sd: 000002

37
custom_deployments/slicing/nssf/nssf_init.sh Executable file
View File

@@ -0,0 +1,37 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/nssf/nssf.yaml install/etc/open5gs
sed -i 's|NSSF_IP|'$NSSF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/nssf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

401
custom_deployments/slicing/sa-deploy.yaml Normal file
View File

@@ -0,0 +1,401 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
depends_on:
- nrf
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
smf2:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf2
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf2
- DEPLOY_MODE=5G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF2_IP}
upf:
image: docker_open5gs
depends_on:
- nrf
- scp
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
# ports:
# - "2152:2152/udp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
upf2:
image: docker_open5gs
depends_on:
- nrf
- scp
- smf2
container_name: upf2
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf2
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
# ports:
# - "2152:2152/udp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF2_IP}
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ./amf:/mnt/amf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ./nssf:/mnt/nssf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata

70
custom_deployments/slicing/smf/ip_utils.py Executable file
View File

@@ -0,0 +1,70 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import sys
import ipaddress
"""
Script used to fetch first IP address in a given IP range. i.e. the calling bash script reads the std output
Usage in command line:
e.g:
$ python3 ip_utils.py --ip_range 192.168.100.0/24
$ python3 ip_utils.py --ip_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--ip_range',
required=True,
callback=validate_ip_net,
help='UE IPv4/IPv6 Address range in CIDR format e.g. 192.168.100.0/24 or 2001:230:cafe::/48')
def start(ip_range):
# Get the first IP address in the IP range and netmask prefix length
first_ip_addr = next(ip_range.hosts(), None)
if not first_ip_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ip_addr = first_ip_addr.exploded
print(str(first_ip_addr))
if __name__ == '__main__':
try:
start()
sys.exit(0)
except ValueError:
sys.exit(1)

64
custom_deployments/slicing/smf/smf.yaml Normal file
View File

@@ -0,0 +1,64 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/smf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
parameter:
no_ipv4v6_local_addr_in_packet_filter: true
smf:
info:
- s_nssai:
- sst: 1
sd: 000001
dnn:
- internet
sbi:
server:
- address: SMF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
gtpc:
server:
- address: SMF_IP
gtpu:
server:
- address: SMF_IP
pfcp:
server:
- address: SMF_IP
client:
upf:
- address: UPF_IP
dnn: internet
session:
- subnet: UE_IPV4_INTERNET_APN_SUBNET
gateway: UE_IPV4_INTERNET_APN_GATEWAY_IP
dnn: internet
- subnet: 2001:230:cafe::/48
gateway: 2001:230:cafe::1
dnn: internet
dns:
- SMF_DNS1
- SMF_DNS2
- 2001:4860:4860::8888
- 2001:4860:4860::8844
p-cscf:
- PCSCF_IP
mtu: 1450
metrics:
server:
- address: SMF_IP
port: 9091

64
custom_deployments/slicing/smf/smf2.yaml Normal file
View File

@@ -0,0 +1,64 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/smf2.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
parameter:
no_ipv4v6_local_addr_in_packet_filter: true
smf:
info:
- s_nssai:
- sst: 1
sd: 000002
dnn:
- private
sbi:
server:
- address: SMF2_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
gtpc:
server:
- address: SMF2_IP
gtpu:
server:
- address: SMF2_IP
pfcp:
server:
- address: SMF2_IP
client:
upf:
- address: UPF2_IP
dnn: private
session:
- subnet: UE_IPV4_PRIVATE_APN_SUBNET
gateway: UE_IPV4_PRIVATE_APN_GATEWAY_IP
dnn: private
- subnet: 2001:230:fafe::/48
gateway: 2001:230:fafe::1
dnn: private
dns:
- SMF_DNS1
- SMF_DNS2
- 2001:4860:4860::8888
- 2001:4860:4860::8844
p-cscf:
- PCSCF_IP
mtu: 1450
metrics:
server:
- address: SMF2_IP
port: 9091

57
custom_deployments/slicing/smf/smf2_init.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
UE_IPV4_PRIVATE_APN_GATEWAY_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_PRIVATE)
cp /mnt/smf/smf2.yaml install/etc/open5gs/smf.yaml
if [[ ${DEPLOY_MODE} == 4G ]];
then
echo "Error: Invalid deployment mode for SMF: '$DEPLOY_MODE'"
exit 1
fi
sed -i 's|SMF2_IP|'$SMF2_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UPF2_IP|'$UPF2_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS1|'$SMF_DNS1'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS2|'$SMF_DNS2'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_PRIVATE_APN_GATEWAY_IP|'$UE_IPV4_PRIVATE_APN_GATEWAY_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_PRIVATE_APN_SUBNET|'$UE_IPV4_PRIVATE'|g' install/etc/open5gs/smf.yaml
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/smf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

60
custom_deployments/slicing/smf/smf_init.sh Executable file
View File

@@ -0,0 +1,60 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
UE_IPV4_INTERNET_APN_GATEWAY_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_INTERNET)
UE_IPV4_IMS_TUN_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_IMS)
cp /mnt/smf/smf.yaml install/etc/open5gs
if [[ ${DEPLOY_MODE} == 4G ]];
then
echo "Error: Invalid deployment mode for SMF: '$DEPLOY_MODE'"
exit 1
fi
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UPF_IP|'$UPF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS1|'$SMF_DNS1'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS2|'$SMF_DNS2'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_INTERNET_APN_GATEWAY_IP|'$UE_IPV4_INTERNET_APN_GATEWAY_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_INTERNET_APN_SUBNET|'$UE_IPV4_INTERNET'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_IMS_TUN_IP|'$UE_IPV4_IMS_TUN_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_IMS_SUBNET|'$UE_IPV4_IMS'|g' install/etc/open5gs/smf.yaml
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/smf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

25
custom_deployments/slicing/ueransim/ueransim-gnb.yaml Normal file
View File

@@ -0,0 +1,25 @@
mcc: 'MCC' # Mobile Country Code value
mnc: 'MNC' # Mobile Network Code value (2 or 3 digits)
nci: '0x000000010' # NR Cell Identity (36-bit)
idLength: 32 # NR gNB ID length in bits [22...32]
tac: TAC # Tracking Area Code
linkIp: NR_GNB_IP # gNB's local IP address for Radio Link Simulation (Usually same with local IP)
ngapIp: NR_GNB_IP # gNB's local IP address for N2 Interface (Usually same with local IP)
gtpIp: NR_GNB_IP # gNB's local IP address for N3 Interface (Usually same with local IP)
# List of AMF address information
amfConfigs:
- address: AMF_IP
port: 38412
# List of supported S-NSSAIs by this gNB
slices:
- sst: 1
sd: 0x000001
- sst: 1
sd: 0x000002
# Indicates whether or not SCTP stream number errors should be ignored.
ignoreStreamIds: true

40
custom_deployments/slicing/ueransim/ueransim-gnb_init.sh Executable file
View File

@@ -0,0 +1,40 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|TAC|'$TAC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|AMF_IP|'$AMF_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

72
custom_deployments/slicing/ueransim/ueransim-ue.yaml Normal file
View File

@@ -0,0 +1,72 @@
# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 or 16 digits)
supi: 'imsi-UE1_IMSI'
# Mobile Country Code value of HPLMN
mcc: 'MCC'
# Mobile Network Code value of HPLMN (2 or 3 digits)
mnc: 'MNC'
# Permanent subscription key
key: 'UE1_KI'
# Operator code (OP or OPC) of the UE
op: 'UE1_OP'
# This value specifies the OP type and it can be either 'OP' or 'OPC'
opType: 'OP'
# Authentication Management Field (AMF) value
amf: 'UE1_AMF'
# IMEI number of the device. It is used if no SUPI is provided
imei: 'UE1_IMEI'
# IMEISV number of the device. It is used if no SUPI and IMEI is provided
imeiSv: 'UE1_IMEISV'
# List of gNB IP addresses for Radio Link Simulation
gnbSearchList:
- NR_GNB_IP
# UAC Access Identities Configuration
uacAic:
mps: false
mcs: false
# UAC Access Control Class
uacAcc:
normalClass: 0
class11: false
class12: false
class13: false
class14: false
class15: false
# Initial PDU sessions to be established
sessions:
- type: 'IPv4'
apn: 'internet'
slice:
sst: 1
sd: 0x000001
# Configured NSSAI for this UE by HPLMN
configured-nssai:
- sst: 1
sd: 0x000001
# Default Configured NSSAI for this UE
default-nssai:
- sst: 1
sd: 0x000001
# Supported encryption algorithms by this UE
integrity:
IA1: true
IA2: true
IA3: true
# Supported integrity algorithms by this UE
ciphering:
EA1: true
EA2: true
EA3: true
# Integrity protection maximum data rate for user plane
integrityMaxRate:
uplink: 'full'
downlink: 'full'

72
custom_deployments/slicing/ueransim/ueransim-ue2.yaml Normal file
View File

@@ -0,0 +1,72 @@
# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 or 16 digits)
supi: 'imsi-UE2_IMSI'
# Mobile Country Code value of HPLMN
mcc: 'MCC'
# Mobile Network Code value of HPLMN (2 or 3 digits)
mnc: 'MNC'
# Permanent subscription key
key: 'UE2_KI'
# Operator code (OP or OPC) of the UE
op: 'UE2_OP'
# This value specifies the OP type and it can be either 'OP' or 'OPC'
opType: 'OP'
# Authentication Management Field (AMF) value
amf: 'UE2_AMF'
# IMEI number of the device. It is used if no SUPI is provided
imei: 'UE2_IMEI'
# IMEISV number of the device. It is used if no SUPI and IMEI is provided
imeiSv: 'UE2_IMEISV'
# List of gNB IP addresses for Radio Link Simulation
gnbSearchList:
- NR_GNB_IP
# UAC Access Identities Configuration
uacAic:
mps: false
mcs: false
# UAC Access Control Class
uacAcc:
normalClass: 0
class11: false
class12: false
class13: false
class14: false
class15: false
# Initial PDU sessions to be established
sessions:
- type: 'IPv4'
apn: 'private'
slice:
sst: 1
sd: 0x000002
# Configured NSSAI for this UE by HPLMN
configured-nssai:
- sst: 1
sd: 0x000002
# Default Configured NSSAI for this UE
default-nssai:
- sst: 1
sd: 0x000002
# Supported encryption algorithms by this UE
integrity:
IA1: true
IA2: true
IA3: true
# Supported integrity algorithms by this UE
ciphering:
EA1: true
EA2: true
EA3: true
# Integrity protection maximum data rate for user plane
integrityMaxRate:
uplink: 'full'
downlink: 'full'

44
custom_deployments/slicing/ueransim/ueransim-ue2_init.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_KI|'$UE2_KI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_OP|'$UE2_OP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_AMF|'$UE2_AMF'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMEISV|'$UE2_IMEISV'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMEI|'$UE2_IMEI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMSI|'$UE2_IMSI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

44
custom_deployments/slicing/ueransim/ueransim-ue_init.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_KI|'$UE1_KI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_OP|'$UE1_OP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_AMF|'$UE1_AMF'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMEISV|'$UE1_IMEISV'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMEI|'$UE1_IMEI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMSI|'$UE1_IMSI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

70
custom_deployments/slicing/upf/ip_utils.py Executable file
View File

@@ -0,0 +1,70 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import sys
import ipaddress
"""
Script used to fetch first IP address in a given IP range. i.e. the calling bash script reads the std output
Usage in command line:
e.g:
$ python3 ip_utils.py --ip_range 192.168.100.0/24
$ python3 ip_utils.py --ip_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--ip_range',
required=True,
callback=validate_ip_net,
help='UE IPv4/IPv6 Address range in CIDR format e.g. 192.168.100.0/24 or 2001:230:cafe::/48')
def start(ip_range):
# Get the first IP address in the IP range and netmask prefix length
first_ip_addr = next(ip_range.hosts(), None)
if not first_ip_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ip_addr = first_ip_addr.exploded
print(str(first_ip_addr))
if __name__ == '__main__':
try:
start()
sys.exit(0)
except ValueError:
sys.exit(1)

111
custom_deployments/slicing/upf/tun_if.py Executable file
View File

@@ -0,0 +1,111 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import subprocess
import ipaddress
"""
Usage in command line:
e.g:
$ python3 tun_if.py --tun_ifname ogstun --tun_ifmode tun --ipv4_range 192.168.100.0/24 --ipv6_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--tun_ifname',
required=True,
help='TUN interface name e.g. ogstun')
@click.option('--tun_ifmode',
required=True,
type=click.Choice(['tun', 'tap']),
help='TUN interface mode e.g. tun or tap')
@click.option('--ipv4_range',
required=True,
callback=validate_ip_net,
help='UE IPv4 Address range in CIDR format e.g. 192.168.100.0/24')
@click.option('--ipv6_range',
required=True,
callback=validate_ip_net,
help='UE IPv6 Address range in CIDR format e.g. 2001:230:cafe::/48')
@click.option('--nat_rule',
default='yes',
help='Option specifying whether to add NATing iptables rule or not')
def start(tun_ifname,
tun_ifmode,
ipv4_range,
ipv6_range,
nat_rule):
# Get the first IP address in the IP range and netmask prefix length
first_ipv4_addr = next(ipv4_range.hosts(), None)
if not first_ipv4_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ipv4_addr = first_ipv4_addr.exploded
first_ipv6_addr = next(ipv6_range.hosts(), None)
if not first_ipv6_addr:
raise ValueError('Invalid UE IPv6 range. Only one IP given')
else:
first_ipv6_addr = first_ipv6_addr.exploded
ipv4_netmask_prefix = ipv4_range.prefixlen
ipv6_netmask_prefix = ipv6_range.prefixlen
# Setup the TUN/TAP interface, set IP address and setup IPtables
execute_bash_cmd('ip tuntap add name ' + tun_ifname + ' mode ' + tun_ifmode)
execute_bash_cmd('ip addr add ' + first_ipv4_addr + '/' +
str(ipv4_netmask_prefix) + ' dev ' + tun_ifname)
execute_bash_cmd('ip addr add ' + first_ipv6_addr + '/' +
str(ipv6_netmask_prefix) + ' dev ' + tun_ifname)
execute_bash_cmd('ip link set ' + tun_ifname + ' mtu 1450')
execute_bash_cmd('ip link set ' + tun_ifname + ' up')
if nat_rule == 'yes':
execute_bash_cmd('if ! iptables-save | grep -- \"-A POSTROUTING -s ' + ipv4_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE\" ; then ' +
'iptables -t nat -A POSTROUTING -s ' + ipv4_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE; fi')
execute_bash_cmd('if ! ip6tables-save | grep -- \"-A POSTROUTING -s ' + ipv6_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE\" ; then ' +
'ip6tables -t nat -A POSTROUTING -s ' + ipv6_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE; fi')
execute_bash_cmd('if ! iptables-save | grep -- \"-A INPUT -i ' + tun_ifname + ' -j ACCEPT\" ; then ' +
'iptables -A INPUT -i ' + tun_ifname + ' -j ACCEPT; fi')
execute_bash_cmd('if ! ip6tables-save | grep -- \"-A INPUT -i ' + tun_ifname + ' -j ACCEPT\" ; then ' +
'ip6tables -A INPUT -i ' + tun_ifname + ' -j ACCEPT; fi')
def execute_bash_cmd(bash_cmd):
return subprocess.run(bash_cmd, stdout=subprocess.PIPE, shell=True)
if __name__ == '__main__':
start()

33
custom_deployments/slicing/upf/upf.yaml Normal file
View File

@@ -0,0 +1,33 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/upf.log
global:
max:
ue: MAX_NUM_UE
upf:
pfcp:
server:
- address: UPF_IP
client:
smf:
- address: SMF_IP
dnn: internet
gtpu:
server:
- address: UPF_IP
advertise: UPF_ADVERTISE_IP
session:
- subnet: UE_IPV4_INTERNET_APN_SUBNET
gateway: UE_IPV4_INTERNET_APN_GATEWAY_IP
dnn: internet
dev: UPF_INTERNET_APN_IF_NAME
- subnet: 2001:230:cafe::/48
gateway: 2001:230:cafe::1
dnn: internet
dev: UPF_INTERNET_APN_IF_NAME
metrics:
server:
- address: UPF_IP
port: 9091

33
custom_deployments/slicing/upf/upf2.yaml Normal file
View File

@@ -0,0 +1,33 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/upf2.log
global:
max:
ue: MAX_NUM_UE
upf:
pfcp:
server:
- address: UPF2_IP
client:
smf:
- address: SMF2_IP
dnn: private
gtpu:
server:
- address: UPF2_IP
advertise: UPF2_ADVERTISE_IP
session:
- subnet: UE_IPV4_PRIVATE_APN_SUBNET
gateway: UE_IPV4_PRIVATE_APN_GATEWAY_IP
dnn: private
dev: UPF2_PRIVATE_APN_IF_NAME
- subnet: 2001:230:fafe::/48
gateway: 2001:230:fafe::1
dnn: private
dev: UPF2_PRIVATE_APN_IF_NAME
metrics:
server:
- address: UPF2_IP
port: 9091

72
custom_deployments/slicing/upf/upf2_init.sh Executable file
View File

@@ -0,0 +1,72 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
# use nftables instead of iptables
update-alternatives --set iptables `which iptables-nft`
update-alternatives --set ip6tables `which ip6tables-nft`
# Remove UPF Interfaces if they exist
ip link delete $UPF2_PRIVATE_APN_IF_NAME 2>/dev/null
# Validate interface names based on UPF2_TUNTAP_MODE
if [ "$UPF2_TUNTAP_MODE" = "tap" ]; then
if [[ "$UPF2_PRIVATE_APN_IF_NAME" != *"tap"* ]] || [[ "$UPF_IMS_APN_IF_NAME" != *"tap"* ]]; then
echo "Error: When UPF2_TUNTAP_MODE is 'tap', both UPF2_PRIVATE_APN_IF_NAME and UPF_IMS_APN_IF_NAME must contain 'tap'"
exit 1
fi
elif [ "$UPF2_TUNTAP_MODE" = "tun" ]; then
if [[ "$UPF2_PRIVATE_APN_IF_NAME" == *"tap"* ]] || [[ "$UPF_IMS_APN_IF_NAME" == *"tap"* ]]; then
echo "Error: When UPF2_TUNTAP_MODE is 'tun', UPF2_PRIVATE_APN_IF_NAME and UPF_IMS_APN_IF_NAME must not contain 'tap'"
exit 1
fi
else
echo "Error: UPF2_TUNTAP_MODE must be either 'tap' or 'tun'"
exit 1
fi
python3 /mnt/upf/tun_if.py --tun_ifname $UPF2_PRIVATE_APN_IF_NAME --tun_ifmode $UPF2_TUNTAP_MODE --ipv4_range $UE_IPV4_PRIVATE --ipv6_range 2001:230:fafe::/48
UE_IPV4_PRIVATE_APN_GATEWAY_IP=$(python3 /mnt/upf/ip_utils.py --ip_range $UE_IPV4_PRIVATE)
cp /mnt/upf/upf2.yaml install/etc/open5gs/upf.yaml
sed -i 's|UPF2_IP|'$UPF2_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|SMF2_IP|'$SMF2_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_PRIVATE_APN_GATEWAY_IP|'$UE_IPV4_PRIVATE_APN_GATEWAY_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_PRIVATE_APN_SUBNET|'$UE_IPV4_PRIVATE'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF2_ADVERTISE_IP|'$UPF2_ADVERTISE_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF2_PRIVATE_APN_IF_NAME|'$UPF2_PRIVATE_APN_IF_NAME'|g' install/etc/open5gs/upf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

73
custom_deployments/slicing/upf/upf_init.sh Executable file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
# use nftables instead of iptables
update-alternatives --set iptables `which iptables-nft`
update-alternatives --set ip6tables `which ip6tables-nft`
# Remove UPF Interfaces if they exist
ip link delete $UPF_INTERNET_APN_IF_NAME 2>/dev/null
# Validate interface names based on UPF_TUNTAP_MODE
if [ "$UPF_TUNTAP_MODE" = "tap" ]; then
if [[ "$UPF_INTERNET_APN_IF_NAME" != *"tap"* ]] || [[ "$UPF_IMS_APN_IF_NAME" != *"tap"* ]]; then
echo "Error: When UPF_TUNTAP_MODE is 'tap', both UPF_INTERNET_APN_IF_NAME and UPF_IMS_APN_IF_NAME must contain 'tap'"
exit 1
fi
elif [ "$UPF_TUNTAP_MODE" = "tun" ]; then
if [[ "$UPF_INTERNET_APN_IF_NAME" == *"tap"* ]] || [[ "$UPF_IMS_APN_IF_NAME" == *"tap"* ]]; then
echo "Error: When UPF_TUNTAP_MODE is 'tun', UPF_INTERNET_APN_IF_NAME and UPF_IMS_APN_IF_NAME must not contain 'tap'"
exit 1
fi
else
echo "Error: UPF_TUNTAP_MODE must be either 'tap' or 'tun'"
exit 1
fi
python3 /mnt/upf/tun_if.py --tun_ifname $UPF_INTERNET_APN_IF_NAME --tun_ifmode $UPF_TUNTAP_MODE --ipv4_range $UE_IPV4_INTERNET --ipv6_range 2001:230:cafe::/48
UE_IPV4_INTERNET_APN_GATEWAY_IP=$(python3 /mnt/upf/ip_utils.py --ip_range $UE_IPV4_INTERNET)
cp /mnt/upf/upf.yaml install/etc/open5gs
sed -i 's|UPF_IP|'$UPF_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_INTERNET_APN_GATEWAY_IP|'$UE_IPV4_INTERNET_APN_GATEWAY_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_INTERNET_APN_SUBNET|'$UE_IPV4_INTERNET'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_IMS_TUN_IP|'$UE_IPV4_IMS_TUN_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_IMS_SUBNET|'$UE_IPV4_IMS'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF_ADVERTISE_IP|'$UPF_ADVERTISE_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF_INTERNET_APN_IF_NAME|'$UPF_INTERNET_APN_IF_NAME'|g' install/etc/open5gs/upf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

152
custom_deployments/with_eupf/.custom_env Normal file
View File

@@ -0,0 +1,152 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TAC=1
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
# Allowed values for UPF_TUNTAP_MODE are 'tun' or 'tap'
# If 'tap' is used as IF mode, then UPF_INTERNET_APN_IF_NAME and UPF_IMS_APN_IF_NAME must contain string 'tap'
UPF_TUNTAP_MODE=tun
UPF_INTERNET_APN_IF_NAME=ogstun
UPF_IMS_APN_IF_NAME=ogstun2
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# PYHSS
PYHSS_IP=172.22.0.18
PYHSS_BIND_PORT=3875
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011234567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# OCS
OCS_IP=172.22.0.40
OCS_BIND_PORT=3872
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

27
custom_deployments/with_eupf/README.md Normal file
View File

@@ -0,0 +1,27 @@
## Deployment description
This custom deployment uses eUPF (https://github.com/edgecomllc/eupf) rather than open5gs UPF for 5G SA network deployment
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Build docker images for eUPF
eUPF docker image needs to be built before deploying
```
cd ../../eupf
docker build --no-cache --force-rm -t docker_eupf .
```
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```

29
custom_deployments/with_eupf/nr-gnb.yaml Normal file
View File

@@ -0,0 +1,29 @@
version: '3'
services:
nr_gnb:
image: docker_ueransim
container_name: nr_gnb
stdin_open: true
tty: true
volumes:
- ../../ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-gnb
expose:
- "38412/sctp"
- "2152/udp"
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/with_eupf/nr-ue.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue:
image: docker_ueransim
container_name: nr_ue
stdin_open: true
tty: true
volumes:
- ../../ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

34
custom_deployments/with_eupf/oaignb.yaml Normal file
View File

@@ -0,0 +1,34 @@
version: '3'
services:
oaignb:
build:
context: oai
dockerfile: gnb_dockerfile
image: docker_oai_gnb
container_name: oaignb
stdin_open: true
tty: true
privileged: true
sysctls:
- net.ipv4.ip_forward=1
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../oai:/mnt/oai
- ../../log:/openairinterface5g/cmake_targets/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
expose:
- "38412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${OAI_ENB_IP}
networks:
default:
external:
name: docker_open5gs_default

362
custom_deployments/with_eupf/sa-deploy.yaml Normal file
View File

@@ -0,0 +1,362 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
depends_on:
- nrf
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
eupf:
image: docker_eupf
depends_on:
- nrf
- scp
- smf
container_name: eupf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=eupf
volumes:
- ../../eupf:/mnt/eupf
- /sys/fs/bpf:/sys/fs/bpf
- /sys/kernel/debug:/sys/kernel/debug:ro
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
- "8181/tcp"
# ports:
# - "2152:2152/udp"
ulimits:
memlock: -1
cap_add:
- NET_ADMIN
- SYS_ADMIN
privileged: true
sysctls:
- net.ipv4.conf.all.forwarding=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
eupf-routes:
image: nicolaka/netshoot
network_mode: host
privileged: true
container_name: eupf-routes
env_file:
- .custom_env
command:
- /bin/sh
- -c
- |
ip ro add ${UE_IPV4_INTERNET} via ${UPF_IP} && \
iptables -t nat -A POSTROUTING -s ${UE_IPV4_INTERNET} -j MASQUERADE && \
sysctl -w net.ipv4.conf.all.accept_local=1
echo "done"
tail -f /dev/null
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ../../amf:/mnt/amf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ../../nssf:/mnt/nssf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata

549
custom_deployments/with_eupf/sa-vonr-deploy.yaml Normal file
View File

@@ -0,0 +1,549 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
depends_on:
- nrf
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
eupf:
image: docker_eupf
depends_on:
- nrf
- scp
- smf
container_name: eupf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=eupf
volumes:
- ../../eupf:/mnt/eupf
- /sys/fs/bpf:/sys/fs/bpf
- /sys/kernel/debug:/sys/kernel/debug:ro
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
- "8181/tcp"
# ports:
# - "2152:2152/udp"
ulimits:
memlock: -1
cap_add:
- NET_ADMIN
- SYS_ADMIN
privileged: true
sysctls:
- net.ipv4.conf.all.forwarding=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
eupf-routes:
image: nicolaka/netshoot
network_mode: host
privileged: true
container_name: eupf-routes
env_file:
- .custom_env
command:
- /bin/sh
- -c
- |
ip ro add ${UE_IPV4_INTERNET} via ${UPF_IP} && \
iptables -t nat -A POSTROUTING -s ${UE_IPV4_INTERNET} -j MASQUERADE && \
sysctl -w net.ipv4.conf.all.accept_local=1
echo "done"
tail -f /dev/null
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ../../amf:/mnt/amf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ../../nssf:/mnt/nssf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
dns:
build: ../../dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ../../dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ../../pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ../../pyhss:/mnt/pyhss
- ../../pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ../../icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ../../scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=5G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

30
custom_deployments/with_eupf/srsgnb.yaml Normal file
View File

@@ -0,0 +1,30 @@
version: '3'
services:
srsgnb:
image: docker_srsran
container_name: srsgnb
stdin_open: true
tty: true
privileged: true
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../srsran:/mnt/srsran
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=gnb
expose:
- "38412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${SRS_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

28
custom_deployments/with_eupf/srsgnb_zmq.yaml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
services:
srsgnb_zmq:
image: docker_srsran
container_name: srsgnb_zmq
stdin_open: true
tty: true
privileged: true
volumes:
- ../../srsran:/mnt/srsran
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=gnb_zmq
expose:
- "38412/sctp"
- "2152/udp"
- "2000/tcp"
- "2001/tcp"
networks:
default:
ipv4_address: ${SRS_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

28
custom_deployments/with_eupf/srsue_5g_zmq.yaml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
services:
srsue_5g_zmq:
image: docker_srslte
container_name: srsue_5g_zmq
stdin_open: true
tty: true
cap_add:
- NET_ADMIN
privileged: true
volumes:
- ../../srslte:/mnt/srslte
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ue_5g_zmq
expose:
- "2000/tcp"
- "2001/tcp"
networks:
default:
ipv4_address: ${SRS_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

712
deploy-all.yaml Normal file
View File

@@ -0,0 +1,712 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .env
environment:
- COMPONENT_NAME=nrf
volumes:
- ./nrf:/mnt/nrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
depends_on:
- nrf
container_name: scp
env_file:
- .env
environment:
- COMPONENT_NAME=scp
volumes:
- ./scp:/mnt/scp
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .env
environment:
- COMPONENT_NAME=ausf
volumes:
- ./ausf:/mnt/ausf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .env
environment:
- COMPONENT_NAME=udr
volumes:
- ./udr:/mnt/udr
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .env
environment:
- COMPONENT_NAME=udm
volumes:
- ./udm:/mnt/udm
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .env
environment:
- COMPONENT_NAME=pcf
volumes:
- ./pcf:/mnt/pcf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .env
environment:
- COMPONENT_NAME=bsf
volumes:
- ./bsf:/mnt/bsf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .env
environment:
- COMPONENT_NAME=nssf
volumes:
- ./nssf:/mnt/nssf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=ALL
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- nrf
- scp
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
# ports:
# - "2152:2152/udp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .env
environment:
- COMPONENT_NAME=amf
volumes:
- ./amf:/mnt/amf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
ocs:
build: ./ocs
image: docker_ocs
container_name: ocs
env_file:
- .env
environment:
- COMPONENT_NAME=ocs
depends_on:
- smf
volumes:
- ./ocs:/mnt/ocs
- ocsdbdata:/home/otp/db
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${OCS_BIND_PORT}/tcp"
- "${OCS_BIND_PORT}/sctp"
- "8083/tcp"
ports:
- "8083:8083/tcp"
networks:
default:
ipv4_address: ${OCS_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ./rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .env
volumes:
- ./rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "${PYHSS_BIND_PORT}/tcp"
- "${PYHSS_BIND_PORT}/sctp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${ICSCF_BIND_PORT}/tcp"
- "${ICSCF_BIND_PORT}/sctp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "${SCSCF_BIND_PORT}/tcp"
- "${SCSCF_BIND_PORT}/sctp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ./pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=ALL
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "${PCSCF_BIND_PORT}/tcp"
- "${PCSCF_BIND_PORT}/sctp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ./smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata
ocsdbdata:
name: docker_open5gs_ocsdbdata

37
dns/Dockerfile Normal file
View File

@@ -0,0 +1,37 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM ubuntu:focal
ENV DEBIAN_FRONTEND=noninteractive
# Install updates and dependencies
RUN apt-get update && \
apt-get -y install tcpdump screen tmux ntp ntpdate iproute2 net-tools \
iputils-ping bind9
CMD /mnt/dns/dns_init.sh && \
/usr/sbin/named -c /etc/bind/named.conf -g -u bind

64
dns/dns_init.sh Executable file
View File

@@ -0,0 +1,64 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/dns/epc_zone /etc/bind
cp /mnt/dns/ims_zone /etc/bind
cp /mnt/dns/pub_3gpp_zone /etc/bind
cp /mnt/dns/e164.arpa /etc/bind
cp /mnt/dns/named.conf /etc/bind
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && PUB_3GPP_DOMAIN="mnc${MNC}.mcc${MCC}.pub.3gppnetwork.org" || PUB_3GPP_DOMAIN="mnc0${MNC}.mcc${MCC}.pub.3gppnetwork.org"
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/epc_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/epc_zone
[ -z "$PCRF_PUB_IP" ] && sed -i 's|PCRF_IP|'$PCRF_IP'|g' /etc/bind/epc_zone || sed -i 's|PCRF_IP|'$PCRF_PUB_IP'|g' /etc/bind/epc_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/ims_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/ims_zone
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|PYHSS_IP|'$PYHSS_IP'|g' /etc/bind/ims_zone
sed -i 's|SMSC_IP|'$SMSC_IP'|g' /etc/bind/ims_zone
sed -i 's|IBCF_IP|'$IBCF_IP'|g' /etc/bind/ims_zone
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/pub_3gpp_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|ENTITLEMENT_SERVER_IP|'$ENTITLEMENT_SERVER_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/e164.arpa
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/e164.arpa
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/named.conf
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

17
dns/e164.arpa Normal file
View File

@@ -0,0 +1,17 @@
$TTL 1h
@ IN SOA ns.e164.arpa. root.e164.arpa. (
2009010918 ;serial
3600 ;refresh
3600 ;retry
3600 ;expire
3600 ;minimum TTL
)
@ IN NS e164.arpa.
@ IN A DNS_IP
; Wildcard to match any tel:+xxxx and change to sip:xxxx@IMS_DOMAIN
* IN NAPTR 10 100 "u" "E2U+sip" "!(^.*$)!sip:\\1@IMS_DOMAIN!" .
; Record to route calls starting with DE +49 to IBCF :
*.9.4 IN NAPTR 20 100 "u" "E2U+sip" "!(^.*$)!sip:\\1@ibcf.IMS_DOMAIN!" .
; Add more country codes to route over IBCF using the same format as below. You may need also to adjust the dialplan in Asterisk, e.g. for UK +44:
; *.4.4 IN NAPTR 20 100 "u" "E2U+sip" "!(^.*$)!sip:\\1@ibcf.IMS_DOMAIN!" .

13
dns/epc_zone Normal file
View File

@@ -0,0 +1,13 @@
$ORIGIN EPC_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS epcns
epcns 1D IN A DNS_IP
pcrf 1D IN A PCRF_IP

37
dns/ims_zone Normal file
View File

@@ -0,0 +1,37 @@
$ORIGIN IMS_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS ns
ns 1D IN A DNS_IP
pcscf 1D IN A PCSCF_IP
_sip._udp.pcscf 1D SRV 0 0 5060 pcscf
_sip._tcp.pcscf 1D SRV 0 0 5060 pcscf
icscf 1D IN A ICSCF_IP
_sip._udp 1D SRV 0 0 4060 icscf
_sip._tcp 1D SRV 0 0 4060 icscf
scscf 1D IN A SCSCF_IP
_sip._udp.scscf 1D SRV 0 0 6060 scscf
_sip._tcp.scscf 1D SRV 0 0 6060 scscf
hss 1D IN A PYHSS_IP
smsc 1D IN A SMSC_IP
_sip._udp.smsc 1D SRV 0 0 7090 smsc
_sip._tcp.smsc 1D SRV 0 0 7090 smsc
ibcf 1D IN A IBCF_IP
_sip._udp.ibcf 1D SRV 0 0 5090 ibcf
_sip._tcp.ibcf 1D SRV 0 0 5090 ibcf
voicemail 1D IN A IBCF_IP
_sip._udp.voicemail 1D SRV 0 0 5090 voicemail
_sip._tcp.voicemail 1D SRV 0 0 5090 voicemail

53
dns/named.conf Normal file
View File

@@ -0,0 +1,53 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
allow-query { any; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "IMS_DOMAIN" {
type master;
file "/etc/bind/ims_zone";
};
zone "EPC_DOMAIN" {
type master;
file "/etc/bind/epc_zone";
};
zone "PUB_3GPP_DOMAIN" {
type master;
file "/etc/bind/pub_3gpp_zone";
};
zone "e164.arpa" {
type master;
file "/etc/bind/e164.arpa";
};

13
dns/pub_3gpp_zone Normal file
View File

@@ -0,0 +1,13 @@
$ORIGIN PUB_3GPP_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS pubns
pubns 1D IN A DNS_IP
aes 1D IN A ENTITLEMENT_SERVER_IP

Some files were not shown because too many files have changed in this diff Show More