paulmataruso/docker_open5gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: paulmataruso:improve_5g_ims
Branches Tags
paulmataruso:master paulmataruso:exp_5g_ims_pyhss paulmataruso:roaming paulmataruso:improve_5g_ims
..
compare: paulmataruso:master
Branches Tags
paulmataruso:exp_5g_ims_pyhss paulmataruso:master paulmataruso:roaming paulmataruso:improve_5g_ims

38 Commits
improve_5g ... master

Author SHA1 Message Date
herlesupreeth
a1552374f2 Fix paths for dockerfile in case of custom deployments 2025-02-09 17:06:12 +01:00
herlesupreeth
21e205f58f Add experimental deployment of openSIP IMS with open5gs HSS Cx 2025-02-09 17:06:12 +01:00
herlesupreeth
b902dfd818 Merge deployment using openSIP IMS onto master branch 
Co-authored-by: Razvan Crainea <razvan@opensips.org>
 2025-02-09 17:05:31 +01:00
herlesupreeth
2966d59e93 Remove exposing of UDP port 5868 2025-02-09 14:47:55 +01:00
herlesupreeth
089371b7ab Move deployment with open5gs HSS for Cx under custom deployment scenarios 2025-02-09 14:38:45 +01:00
Daniil
b6fd869b44 Fix README.md (#413) 2025-01-30 07:27:52 +01:00
Aitor Iturrioz
bcbd2e8baa Fix OIA binary path (#410) 
Signed-off-by: Aitor Iturrioz <aiturrioz@tknika.eus>
 2025-01-23 17:33:07 +01:00
herlesupreeth
cd731f73db Include slicing under custom deployment scenarios 2025-01-17 20:11:33 +01:00
herlesupreeth
661def8dd2 Refactor to facilitate deployment of multiple instances of a service 2025-01-17 18:14:21 +01:00
herlesupreeth
fa9a7983fa Add other deployment files used along with custom deployment with eUPF 2025-01-12 17:32:33 +01:00
herlesupreeth
97a0ae42e4 Add deployment using eUPF under custom deployments 
Co-authored-by: Pedro Valente <pedro.valente@ua.pt>
 2025-01-12 16:38:01 +01:00
herlesupreeth
7d5524319a Configure name for docker network and volumes 2025-01-11 20:03:10 +01:00
herlesupreeth
4ade89a167 Remove TUN interface name from SMF configuration files 2025-01-11 16:48:41 +01:00
herlesupreeth
9af58c1c8c Use latest commits of open5gs repo 2025-01-11 16:31:29 +01:00
herlesupreeth
2e182da98f Use latest srsRAN QoS configuration file 2024-12-26 20:37:40 +01:00
Nacho Mata
623453d881 Use latest srsRAN gnb config file syntax (#398) 2024-12-13 19:04:54 +01:00
herlesupreeth
0ee1be4ae7 Use latest srsRAN code containing fix for VoNR call 2024-12-12 17:42:22 +01:00
b3c3ll
ff550f8ce1 Using Grafana image instead of building it! (#386) 
* Using Grafana image instead of building it

* Using Grafana image instead of building it!

* latest prometheus version 2.55.0

* Update .env

Revert to the original IP for UEs

---------

Co-authored-by: B3c3ll <you@example.com>
 2024-11-07 19:50:46 +01:00
Tanish
0a6c673771 Update Dockerfile 
include iperf3, tcpdump, traceroute
 2024-09-20 15:21:17 +02:00
Jiaxun Yang
e0fc730139 README.md: Docuemnt how to pull prebuilt images 
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-09-18 15:21:24 +02:00
Jiaxun Yang
ec108d8ffe Fix OAI build 
Upgrade to Ubuntu jammy so we have new limesuite and soapysdr
in system repo.

Use fixed v2.1 base.

Build UHD from source so that TDD patch will be applied.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-09-18 15:21:24 +02:00
Jiaxun Yang
31709dd7b9 Build all images 
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-09-18 15:21:24 +02:00
herlesupreeth
b7b70f7cfd Use ubuntu jammy image for building UERANSIM 2024-08-29 16:03:31 +02:00
Jiaxun Yang
07ea6561ce Disable fail-fast for github action 
So we can see result of other builds.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-08-29 15:15:23 +02:00
Jiaxun Yang
20245f2685 Disable cache for github action 
As Docker's cache subsystem cat't detect update to external
sources it's better just disable it.

Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-08-29 15:15:23 +02:00
Jiaxun Yang
9082e2e937 Add github action to build image and upload to ghcr.io 
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
 2024-08-28 13:46:58 +02:00
herlesupreeth
abbe26929b Change subnet configuration as per new format in open5gs 2024-08-22 10:00:42 +02:00
herlesupreeth
78c7396d00 Change logging configuration as per new format for open5gs components 2024-08-22 09:48:13 +02:00
herlesupreeth
c5dd48321a Use latest code from open5gs, srsRAN_4G and srsRAN_Project repo 2024-08-11 18:44:41 +02:00
herlesupreeth
1b94e7b993 Enable N5 interface only in 5G deployment 2024-08-11 17:59:22 +02:00
herlesupreeth
fdd47330d4 Add NRF-NFM subscription for PCF registration notification 2024-08-11 17:54:47 +02:00
herlesupreeth
b9d8511f04 Support NRF-NFM in P-CSCF 2024-08-11 17:54:35 +02:00
herlesupreeth
86e72238c7 Add HTTP2 server and HTTP client module initialization for N5 support 2024-08-11 17:54:24 +02:00
herlesupreeth
90429865f4 Remove pyHSS db fix patch file 2024-08-11 17:48:30 +02:00
herlesupreeth
f72dfe156c Use latest tag for pyHSS 2024-08-11 17:46:28 +02:00
herlesupreeth
2b2c48ba69 Use latest commits from pyHSS 2024-08-11 17:46:12 +02:00
herlesupreeth
4e2ab89e71 Change log levels of osmomsc and osmohlr to debug 2024-08-11 17:41:14 +02:00
herlesupreeth
f8fa9f52f3 Fix SGsAP functioning with latest osmomsc and omsohlr 2024-08-11 16:17:14 +02:00
152 changed files with 14652 additions and 1549 deletions
Expand all files Collapse all files

2
.env
View File

@@ -129,6 +129,8 @@ SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24

100
.github/workflows/docker-publish.yml vendored Normal file
View File

@@ -0,0 +1,100 @@
name: Docker
on:
push:
pull_request:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- image: docker_open5gs
context: base
file: Dockerfile
- image: docker_kamailio
context: ims_base
file: Dockerfile
- image: docker_srslte
context: srslte
file: Dockerfile
- image: docker_srsran
context: srsran
file: Dockerfile
- image: docker_ueransim
context: ueransim
file: Dockerfile
- image: docker_dns
context: dns
file: Dockerfile
- image: docker_mysql
context: mysql
file: Dockerfile
- image: docker_pyhss
context: pyhss
file: Dockerfile
- image: docker_osmomsc
context: osmomsc
file: Dockerfile
- image: docker_osmohlr
context: osmohlr
file: Dockerfile
- image: docker_metrics
context: metrics
file: Dockerfile
- image: docker_rtpengine
context: rtpengine
file: Dockerfile
- image: docker_oai_enb
context: oai
file: enb_dockerfile
- image: docker_oai_gnb
context: oai
file: gnb_dockerfile
- image: docker_eupf
context: eupf
file: Dockerfile
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.image }}
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v6
with:
context: ${{ matrix.context }}
file: ${{ matrix.context }}/${{ matrix.file }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
no-cache: true

31
4g-external-ims-deploy.yaml
View File

@@ -1,4 +1,3 @@
version: '3'
services:
mongo:
image: mongo:6.0
@@ -43,7 +42,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=hss-1
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
@@ -68,7 +67,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc-1
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
@@ -89,7 +88,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu-1
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
@@ -109,7 +108,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=smf-1
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
@@ -136,7 +135,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=upf-1
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
@@ -166,7 +165,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=mme-1
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
@@ -191,7 +190,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf-1
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
@@ -276,7 +275,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc-1
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
@@ -296,7 +295,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr-1
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
@@ -320,15 +319,23 @@ services:
default:
ipv4_address: ${METRICS_IP}
grafana:
build: ./grafana
image: docker_grafana
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:

39
4g-volte-deploy.yaml
View File

@@ -1,4 +1,3 @@
version: '3'
services:
mongo:
image: mongo:6.0
@@ -43,7 +42,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=hss-1
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
@@ -70,7 +69,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc-1
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
@@ -91,7 +90,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu-1
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
@@ -111,7 +110,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=smf-1
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
@@ -140,7 +139,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=upf-1
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
@@ -171,7 +170,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=mme-1
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
@@ -198,7 +197,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf-1
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
@@ -309,7 +308,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=icscf-1
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
@@ -333,7 +332,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=scscf-1
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
@@ -360,7 +359,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf-1
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
@@ -391,7 +390,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=smsc-1
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
@@ -412,7 +411,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc-1
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
@@ -432,7 +431,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr-1
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
@@ -456,15 +455,23 @@ services:
default:
ipv4_address: ${METRICS_IP}
grafana:
build: ./grafana
image: docker_grafana
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:

494
4g-volte-opensips-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,494 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .env
environment:
- COMPONENT_NAME=webui
volumes:
- ./webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ./pcrf:/mnt/pcrf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ./rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .env
volumes:
- ./rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ./mysql
image: docker_mysql
container_name: mysql
env_file:
- .env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ./pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ./pyhss:/mnt/pyhss
- ./pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
depends_on:
- dns
- mysql
expose:
- "3868/udp"
- "3868/tcp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: opensips/opensips:ims-ce
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=icscf
entrypoint: /mnt/icscf/icscf_init.sh
depends_on:
- dns
- mysql
- pyhss
expose:
- "3869/udp"
- "3869/tcp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: opensips/opensips:ims-ce
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=scscf
entrypoint: /mnt/scscf/scscf_init.sh
depends_on:
- dns
- mysql
- pyhss
expose:
- "3870/udp"
- "3870/tcp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: opensips/opensips:ims-ce
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ./opensips_ims_pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
entrypoint: /mnt/pcscf/pcscf_init.sh
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "3871/udp"
- "3871/tcp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ./smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ./osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ./osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ./osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ./osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ./metrics
image: docker_metrics
container_name: metrics
env_file:
- .env
volumes:
- ./metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata: {}
dbdata: {}

71
README.md
View File

@@ -1,12 +1,14 @@
# docker_open5gs
Quite contrary to the name of the repository, this repository contains docker files to deploy an Over-The-Air (OTA) or RF simulated 4G/5G network using following projects:
- Core Network (4G/5G) - open5gs - https://github.com/open5gs/open5gs
- IMS (Only 4G supported i.e. VoLTE) - kamailio
- IMS (Only 4G supported i.e. VoLTE) - kamailio - https://github.com/kamailio/kamailio
- IMS (Only 4G supported i.e. VoLTE) - openSIP IMS CE - https://ce.opensips.org/opensips-ims
- IMS HSS - https://github.com/nickvsnetworking/pyhss
- Osmocom HLR - https://github.com/osmocom/osmo-hlr
- Osmocom MSC - https://github.com/osmocom/osmo-msc
- srsRAN (4G/5G) - https://github.com/srsran/srsRAN
- UERANSIM (5G) - https://github.com/aligungr/UERANSIM
- eUPF (5G) - https://github.com/edgecomllc/eupf
## Tested Setup
@@ -25,13 +27,73 @@ RF simulated setups:
- srsRAN (gNB + UE) simulation over ZMQ
- UERANSIM (gNB + UE) simulator
## Building docker images
## Prepare Docker images
* Mandatory requirements:
* [docker-ce](https://docs.docker.com/install/linux/docker-ce/ubuntu) - Version 22.0.5 or above
* [docker compose](https://docs.docker.com/compose) - Version 2.14 or above
You can either pull the pre-built docker images or build them from the source.
### Get Pre-built Docker images
Pull base images:
```
docker pull ghcr.io/herlesupreeth/docker_open5gs:master
docker tag ghcr.io/herlesupreeth/docker_open5gs:master docker_open5gs
docker pull ghcr.io/herlesupreeth/docker_grafana:master
docker tag ghcr.io/herlesupreeth/docker_grafana:master docker_grafana
docker pull ghcr.io/herlesupreeth/docker_metrics:master
docker tag ghcr.io/herlesupreeth/docker_metrics:master docker_metrics
```
You can also pull the pre-built images for additional components
For IMS components:
```
docker pull ghcr.io/herlesupreeth/docker_osmohlr:master
docker tag ghcr.io/herlesupreeth/docker_osmohlr:master docker_osmohlr
docker pull ghcr.io/herlesupreeth/docker_osmomsc:master
docker tag ghcr.io/herlesupreeth/docker_osmomsc:master docker_osmomsc
docker pull ghcr.io/herlesupreeth/docker_pyhss:master
docker tag ghcr.io/herlesupreeth/docker_pyhss:master docker_pyhss
docker pull ghcr.io/herlesupreeth/docker_kamailio:master
docker tag ghcr.io/herlesupreeth/docker_kamailio:master docker_kamailio
docker pull ghcr.io/herlesupreeth/docker_mysql:master
docker tag ghcr.io/herlesupreeth/docker_mysql:master docker_mysql
```
For srsRAN components:
```
docker pull ghcr.io/herlesupreeth/docker_srslte:master
docker tag ghcr.io/herlesupreeth/docker_srslte:master docker_srslte
docker pull ghcr.io/herlesupreeth/docker_srsran:master
docker tag ghcr.io/herlesupreeth/docker_srsran:master docker_srsran
```
For UERANSIM components:
```
docker pull ghcr.io/herlesupreeth/docker_ueransim:master
docker tag ghcr.io/herlesupreeth/docker_ueransim:master docker_ueransim
```
For OAI components:
```
docker pull ghcr.io/herlesupreeth/docker_oai_enb:master
docker tag ghcr.io/herlesupreeth/docker_oai_enb:master docker_oai_enb
docker pull ghcr.io/herlesupreeth/docker_oai_ue:master
docker tag ghcr.io/herlesupreeth/docker_oai_ue:master docker_oai_ue
```
### Build Docker images from source
#### Clone repository and build base docker image of open5gs, kamailio, srsRAN_4G, srsRAN_Project, ueransim
```
@@ -212,9 +274,12 @@ with
###### 4G deployment
```
# 4G Core Network + IMS + SMS over SGs
# 4G Core Network + IMS + SMS over SGs (uses Kamailio IMS)
docker compose -f 4g-volte-deploy.yaml up
# 4G Core Network + IMS + SMS over SGs (uses openSIPS IMS)
docker compose -f 4g-volte-opensips-ims-deploy.yaml up
# srsRAN eNB using SDR (OTA)
docker compose -f srsenb.yaml up -d && docker container attach srsenb

3
base/Dockerfile
View File

@@ -102,6 +102,9 @@ RUN apt-get update && \
python3-pip \
iptables \
iperf \
iperf3 \
traceroute \
tcpdump \
mongodb-clients \
gnupg && \
apt-get autoremove -y && apt-get autoclean

90
base/open5gs_init.sh
View File

@@ -11,8 +11,8 @@
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# 2. Redistributions in binary form must reproduce the above copyright notice, this
# list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
@@ -30,70 +30,70 @@ export LD_LIBRARY_PATH=/open5gs/install/lib/$(uname -m)-linux-gnu
if [[ -z "$COMPONENT_NAME" ]]; then
echo "Error: COMPONENT_NAME environment variable not set"; exit 1;
elif [[ "$COMPONENT_NAME" =~ ^(amf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(amf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/amf/amf_init.sh && \
/mnt/amf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-amfd
elif [[ "$COMPONENT_NAME" =~ ^(ausf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(ausf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/ausf/ausf_init.sh && \
/mnt/ausf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-ausfd
elif [[ "$COMPONENT_NAME" =~ ^(bsf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(bsf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/bsf/bsf_init.sh && sleep 10 && \
/mnt/bsf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-bsfd
elif [[ "$COMPONENT_NAME" =~ ^(hss-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(hss[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/hss/hss_init.sh && \
/mnt/hss/${COMPONENT_NAME}_init.sh && \
cd install/bin && sleep 10 && ./open5gs-hssd
elif [[ "$COMPONENT_NAME" =~ ^(mme-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(mme[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/mme/mme_init.sh && \
/mnt/mme/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-mmed
elif [[ "$COMPONENT_NAME" =~ ^(nrf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(nrf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/nrf/nrf_init.sh && \
cd install/bin && ./open5gs-nrfd
elif [[ "$COMPONENT_NAME" =~ ^(scp-[[:digit:]]+$) ]]; then
/mnt/nrf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-nrfd
elif [[ "$COMPONENT_NAME" =~ ^(scp[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/scp/scp_init.sh && \
cd install/bin && ./open5gs-scpd
elif [[ "$COMPONENT_NAME" =~ ^(nssf-[[:digit:]]+$) ]]; then
/mnt/scp/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-scpd
elif [[ "$COMPONENT_NAME" =~ ^(nssf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/nssf/nssf_init.sh && \
cd install/bin && ./open5gs-nssfd
elif [[ "$COMPONENT_NAME" =~ ^(pcf-[[:digit:]]+$) ]]; then
/mnt/nssf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-nssfd
elif [[ "$COMPONENT_NAME" =~ ^(pcf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/pcf/pcf_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcfd
elif [[ "$COMPONENT_NAME" =~ ^(pcrf-[[:digit:]]+$) ]]; then
/mnt/pcf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcfd
elif [[ "$COMPONENT_NAME" =~ ^(pcrf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/pcrf/pcrf_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcrfd
elif [[ "$COMPONENT_NAME" =~ ^(sgwc-[[:digit:]]+$) ]]; then
/mnt/pcrf/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-pcrfd
elif [[ "$COMPONENT_NAME" =~ ^(sgwc[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/sgwc/sgwc_init.sh && \
cd install/bin && ./open5gs-sgwcd
elif [[ "$COMPONENT_NAME" =~ ^(sgwu-[[:digit:]]+$) ]]; then
/mnt/sgwc/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-sgwcd
elif [[ "$COMPONENT_NAME" =~ ^(sgwu[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/sgwu/sgwu_init.sh && \
cd install/bin && ./open5gs-sgwud
elif [[ "$COMPONENT_NAME" =~ ^(smf-[[:digit:]]+$) ]]; then
/mnt/sgwu/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-sgwud
elif [[ "$COMPONENT_NAME" =~ ^(smf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/smf/smf_init.sh && \
cd install/bin && ./open5gs-smfd
elif [[ "$COMPONENT_NAME" =~ ^(udm-[[:digit:]]+$) ]]; then
/mnt/smf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-smfd
elif [[ "$COMPONENT_NAME" =~ ^(udm[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/udm/udm_init.sh && \
cd install/bin && ./open5gs-udmd
elif [[ "$COMPONENT_NAME" =~ ^(udr-[[:digit:]]+$) ]]; then
/mnt/udm/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-udmd
elif [[ "$COMPONENT_NAME" =~ ^(udr[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/udr/udr_init.sh && sleep 10 && \
cd install/bin && ./open5gs-udrd
elif [[ "$COMPONENT_NAME" =~ ^(upf-[[:digit:]]+$) ]]; then
/mnt/udr/${COMPONENT_NAME}_init.sh && sleep 10 && \
cd install/bin && ./open5gs-udrd
elif [[ "$COMPONENT_NAME" =~ ^(upf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/upf/upf_init.sh && \
cd install/bin && ./open5gs-upfd
/mnt/upf/${COMPONENT_NAME}_init.sh && \
cd install/bin && ./open5gs-upfd
elif [[ "$COMPONENT_NAME" =~ ^(webui) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
sleep 10 && /mnt/webui/webui_init.sh

139
custom_deployments/open5gs_hss_cx/.custom_env Normal file
View File

@@ -0,0 +1,139 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
HSS_BIND_PORT=3875
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011234567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

336
custom_deployments/open5gs_hss_cx/4g-external-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,336 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
# ports:
# - "${HSS_BIND_PORT}:${HSS_BIND_PORT}/sctp"
# - "${HSS_BIND_PORT}:${HSS_BIND_PORT}/tcp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "${SGWU_ADVERTISE_IP}:2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
# sysctls:
# - net.ipv4.ip_forward=1
# - net.ipv6.conf.all.disable_ipv6=0
network_mode: host
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "${PCRF_BIND_PORT}/tcp"
- "${PCRF_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
# ports:
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/sctp"
# - "${PCRF_BIND_PORT}:${PCRF_BIND_PORT}/tcp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

465
custom_deployments/open5gs_hss_cx/4g-volte-deploy.yaml Normal file
View File

@@ -0,0 +1,465 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- hss
expose:
- "3869/udp"
- "3869/tcp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- hss
expose:
- "3870/udp"
- "3870/tcp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "3871/udp"
- "3871/tcp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

471
custom_deployments/open5gs_hss_cx/4g-volte-opensips-ims-deploy.yaml Normal file
View File

@@ -0,0 +1,471 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
hss:
image: docker_open5gs
container_name: hss
env_file:
- .custom_env
environment:
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
depends_on:
- mongo
expose:
- "${HSS_BIND_PORT}/tcp"
- "${HSS_BIND_PORT}/sctp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${HSS_IP}
sgwc:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwc
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwc
volumes:
- ../../sgwc:/mnt/sgwc
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2123/udp"
- "8805/udp"
networks:
default:
ipv4_address: ${SGWC_IP}
sgwu:
image: docker_open5gs
depends_on:
- smf
- upf
container_name: sgwu
env_file:
- .custom_env
environment:
- COMPONENT_NAME=sgwu
volumes:
- ../../sgwu:/mnt/sgwu
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "8805/udp"
- "2152/udp"
# ports:
# - "2152:2152/udp"
networks:
default:
ipv4_address: ${SGWU_IP}
smf:
image: docker_open5gs
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=4G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
upf:
image: docker_open5gs
depends_on:
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ../../upf:/mnt/upf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
networks:
default:
ipv4_address: ${UPF_IP}
mme:
image: docker_open5gs
depends_on:
- hss
- sgwc
- sgwu
- smf
- upf
- osmomsc
container_name: mme
env_file:
- .custom_env
environment:
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "36412/sctp"
- "2123/udp"
- "9091/tcp"
# ports:
# - "36412:36412/sctp"
networks:
default:
ipv4_address: ${MME_IP}
pcrf:
image: docker_open5gs
container_name: pcrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
- ../../pcrf:/mnt/pcrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
networks:
default:
ipv4_address: ${PCRF_IP}
dns:
build: ./dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ./dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
icscf:
image: opensips/opensips:ims-ce
container_name: icscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
entrypoint: /mnt/icscf/icscf_init.sh
depends_on:
- dns
- mysql
- hss
expose:
- "3869/udp"
- "3869/tcp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: opensips/opensips:ims-ce
container_name: scscf
dns: ${DNS_IP}
volumes:
- ./opensips_ims_scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
entrypoint: /mnt/scscf/scscf_init.sh
depends_on:
- dns
- mysql
- hss
expose:
- "3870/udp"
- "3870/tcp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: opensips/opensips:ims-ce
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../opensips_ims_pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=4G
entrypoint: /mnt/pcscf/pcscf_init.sh
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "3871/udp"
- "3871/tcp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
osmomsc:
build: ../../osmomsc
image: docker_osmomsc
container_name: osmomsc
volumes:
- ../../osmomsc:/mnt/osmomsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
- "29118/sctp"
- "2775/tcp"
networks:
default:
ipv4_address: ${OSMOMSC_IP}
osmohlr:
build: ../../osmohlr
image: docker_osmohlr
container_name: osmohlr
volumes:
- ../../osmohlr:/mnt/osmohlr
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
default:
ipv4_address: ${OSMOHLR_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

37
custom_deployments/open5gs_hss_cx/README.md Normal file
View File

@@ -0,0 +1,37 @@
## Deployment description
This custom deployment showcases using of open5gs HSS for Cx interface (towards ICSCF/SCSCF) rather than using pyHSS.
## Limitation
In order to change the iFCs or any other IMS service related provisioning information one need to modify the code and re-compile open5gs i.e. no way to configure them via GUI as we have with pyHSS.
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```
### Scenario deployment
Deploy the 4G EPC + IMS.
```
cd custom_deployments/open5gs_hss_cx
docker compose -f 4g-volte-deploy.yaml up
```
Deploy srsRAN eNB using SDR (OTA)
```
docker compose -f srsenb.yaml up -d && docker container attach srsenb
```

14
grafana/Dockerfile → custom_deployments/open5gs_hss_cx/dns/Dockerfile
View File

@@ -24,16 +24,14 @@
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM ubuntu:jammy
FROM ubuntu:focal
ENV DEBIAN_FRONTEND=noninteractive
# Install updates and dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends apt-transport-https software-properties-common wget && \
mkdir -p /etc/apt/keyrings/ && \
wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg && \
echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee -a /etc/apt/sources.list.d/grafana.list && \
apt-get update && \
apt-get install -y --no-install-recommends grafana
apt-get -y install tcpdump screen tmux ntp ntpdate iproute2 net-tools \
iputils-ping bind9
CMD /mnt/grafana/grafana_init.sh
CMD /mnt/dns/dns_init.sh && \
/usr/sbin/named -c /etc/bind/named.conf -g -u bind

63
custom_deployments/open5gs_hss_cx/dns/dns_init.sh Executable file
View File

@@ -0,0 +1,63 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/dns/epc_zone /etc/bind
cp /mnt/dns/ims_zone /etc/bind
cp /mnt/dns/pub_3gpp_zone /etc/bind
cp /mnt/dns/e164.arpa /etc/bind
cp /mnt/dns/named.conf /etc/bind
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && PUB_3GPP_DOMAIN="mnc${MNC}.mcc${MCC}.pub.3gppnetwork.org" || PUB_3GPP_DOMAIN="mnc0${MNC}.mcc${MCC}.pub.3gppnetwork.org"
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/epc_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/epc_zone
[ -z "$PCRF_PUB_IP" ] && sed -i 's|PCRF_IP|'$PCRF_IP'|g' /etc/bind/epc_zone || sed -i 's|PCRF_IP|'$PCRF_PUB_IP'|g' /etc/bind/epc_zone
[ -z "$HSS_PUB_IP" ] && sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/bind/epc_zone || sed -i 's|HSS_IP|'$HSS_PUB_IP'|g' /etc/bind/epc_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/ims_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/ims_zone
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/bind/ims_zone
sed -i 's|SMSC_IP|'$SMSC_IP'|g' /etc/bind/ims_zone
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/pub_3gpp_zone
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|ENTITLEMENT_SERVER_IP|'$ENTITLEMENT_SERVER_IP'|g' /etc/bind/pub_3gpp_zone
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/e164.arpa
sed -i 's|DNS_IP|'$DNS_IP'|g' /etc/bind/e164.arpa
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/bind/named.conf
sed -i 's|PUB_3GPP_DOMAIN|'$PUB_3GPP_DOMAIN'|g' /etc/bind/named.conf
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

14
custom_deployments/open5gs_hss_cx/dns/e164.arpa Normal file
View File

@@ -0,0 +1,14 @@
$TTL 1h
@ IN SOA ns.e164.arpa. root.e164.arpa. (
2009010918 ;serial
3600 ;refresh
3600 ;retry
3600 ;expire
3600 ;minimum TTL
)
@ IN NS e164.arpa.
@ IN A DNS_IP
; Wildcard to match any tel:+xxxx and change to sip:xxxx@IMS_DOMAIN
* IN NAPTR 10 100 "u" "E2U+sip" "!(^.*$)!sip:\\1@IMS_DOMAIN!" .
* IN NAPTR 20 100 "u" "E2U+sip" "!(^.*$)!sip:+\\1@IMS_DOMAIN!" .

15
custom_deployments/open5gs_hss_cx/dns/epc_zone Normal file
View File

@@ -0,0 +1,15 @@
$ORIGIN EPC_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS epcns
epcns 1D IN A DNS_IP
pcrf 1D IN A PCRF_IP
hss 1D IN A HSS_IP

27
custom_deployments/open5gs_hss_cx/dns/ims_zone Normal file
View File

@@ -0,0 +1,27 @@
$ORIGIN IMS_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS ns
ns 1D IN A DNS_IP
pcscf 1D IN A PCSCF_IP
_sip._udp.pcscf 1D SRV 0 0 5060 pcscf
_sip._tcp.pcscf 1D SRV 0 0 5060 pcscf
icscf 1D IN A ICSCF_IP
_sip._udp 1D SRV 0 0 4060 icscf
_sip._tcp 1D SRV 0 0 4060 icscf
scscf 1D IN A SCSCF_IP
_sip._udp.scscf 1D SRV 0 0 6060 scscf
_sip._tcp.scscf 1D SRV 0 0 6060 scscf
smsc 1D IN A SMSC_IP
_sip._udp.smsc 1D SRV 0 0 7090 smsc
_sip._tcp.smsc 1D SRV 0 0 7090 smsc

53
custom_deployments/open5gs_hss_cx/dns/named.conf Normal file
View File

@@ -0,0 +1,53 @@
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
8.8.8.8;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
allow-query { any; };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "IMS_DOMAIN" {
type master;
file "/etc/bind/ims_zone";
};
zone "EPC_DOMAIN" {
type master;
file "/etc/bind/epc_zone";
};
zone "PUB_3GPP_DOMAIN" {
type master;
file "/etc/bind/pub_3gpp_zone";
};
zone "e164.arpa" {
type master;
file "/etc/bind/e164.arpa";
};

13
custom_deployments/open5gs_hss_cx/dns/pub_3gpp_zone Normal file
View File

@@ -0,0 +1,13 @@
$ORIGIN PUB_3GPP_DOMAIN.
$TTL 1W
@ 1D IN SOA localhost. root.localhost. (
1 ; serial
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS pubns
pubns 1D IN A DNS_IP
aes 1D IN A ENTITLEMENT_SERVER_IP

267
custom_deployments/open5gs_hss_cx/hss/hss.conf Normal file
View File

@@ -0,0 +1,267 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "hss.EPC_DOMAIN";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "EPC_DOMAIN";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
Port = HSS_BIND_PORT;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "HSS_IP";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "/open5gs/install/etc/freeDiameter/hss.cert.pem", "/open5gs/install/etc/freeDiameter/hss.key.pem";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "/open5gs/install/etc/freeDiameter/cacert.pem";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_mip6i.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nasreq.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "mme.EPC_DOMAIN" { ConnectTo = "MME_IP"; Port = 3868; No_TLS; };
ConnectPeer = "icscf.IMS_DOMAIN" { ConnectTo = "ICSCF_IP"; Port = ICSCF_BIND_PORT; No_TLS; };
ConnectPeer = "scscf.IMS_DOMAIN" { ConnectTo = "SCSCF_IP"; Port = SCSCF_BIND_PORT; No_TLS; };
##############################################################

13
custom_deployments/open5gs_hss_cx/hss/hss.yaml Normal file
View File

@@ -0,0 +1,13 @@
db_uri: mongodb://MONGO_IP/open5gs
logger:
file:
path: /open5gs/install/var/log/open5gs/hss.log
global:
max:
ue: MAX_NUM_UE
hss:
freeDiameter: /open5gs/install/etc/freeDiameter/hss.conf
sms_over_ims: "sip:smsc.IMS_DOMAIN:7090"

62
custom_deployments/open5gs_hss_cx/hss/hss_init.sh Executable file
View File

@@ -0,0 +1,62 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export DB_URI="mongodb://${MONGO_IP}/open5gs"
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
ln -s /usr/bin/mongo /usr/bin/mongosh
sed -i "s|localhost|$MONGO_IP|" /open5gs/misc/db/open5gs-dbctl
cp /mnt/hss/hss.yaml install/etc/open5gs
cp /mnt/hss/hss.conf install/etc/freeDiameter
cp /mnt/hss/make_certs.sh install/etc/freeDiameter
sed -i 's|HSS_IP|'$HSS_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' install/etc/freeDiameter/hss.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/hss.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' install/etc/freeDiameter/hss.conf
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' install/etc/freeDiameter/hss.conf
sed -i 's|LD_LIBRARY_PATH|'$LD_LIBRARY_PATH'|g' install/etc/freeDiameter/hss.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/make_certs.sh
sed -i 's|MONGO_IP|'$MONGO_IP'|g' install/etc/open5gs/hss.yaml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' install/etc/open5gs/hss.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/hss.yaml
# Generate TLS certificates
./install/etc/freeDiameter/make_certs.sh install/etc/freeDiameter
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

29
custom_deployments/open5gs_hss_cx/hss/make_certs.sh Executable file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
if [ 1 -ne $# ]
then
echo You must specify output directory : ./make_certs.sh ./freeDiameter
exit;
fi
rm -rf demoCA
mkdir demoCA
echo 01 > demoCA/serial
touch demoCA/index.txt.attr
touch demoCA/index.txt
# Generate .rnd if it does not exist
openssl rand -out /root/.rnd -hex 256
# CA self certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out $1/cacert.pem -keyout cakey.pem -subj /CN=ca.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
#hss
openssl genrsa -out $1/hss.key.pem 1024
openssl req -new -batch -out hss.csr.pem -key $1/hss.key.pem -subj /CN=hss.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
openssl ca -cert $1/cacert.pem -days 3650 -keyfile cakey.pem -in hss.csr.pem -out $1/hss.cert.pem -outdir . -batch
rm -f 01.pem 02.pem 03.pem 04.pem
rm -f cakey.pem
rm -f hss.csr.pem

53
custom_deployments/open5gs_hss_cx/icscf/icscf.cfg Normal file
View File

@@ -0,0 +1,53 @@
# SIP / UDP
listen=udp:ICSCF_IP:4060
# SIP / TCP
listen=tcp:ICSCF_IP:4060
# SIP / TCP/TLS
#listen=tls:ICSCF_IP:4061
alias=IMS_DOMAIN
#!define NETWORKNAME "IMS_DOMAIN"
#!define EPC_REALM "EPC_DOMAIN"
#!define HOSTNAME "icscf.IMS_DOMAIN"
#!subst "/NETWORKNAME/IMS_DOMAIN/"
#!define ENUM_SUFFIX "IMS_DOMAIN."
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
#!define DB_URL "mysql://icscf:heslo@MYSQL_IP/icscf"
##!define DB_URL2 "con2=>mysql://icscf:heslo@MYSQL_IP/icscf"
# Allowed IPs for XML-RPC-Queries
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
# *** To run in debug mode:
# - define WITH_DEBUG
#
# *** To enable TLS support execute:
# - adjust CFGDIR/tls.cfg as needed
# - define WITH_TLS
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
# - adjust route[XMLRPC] for access policy
#
# *** To enable a Homer SIP-Capter-Node:
# - define CAPTURE_NODE with a proper address
#
# *** To forwarding to PSTN for unknown users:
# - define PEERING
#
# Enabled Features for this host:
##!define WITH_DEBUG
#!define WITH_TCP
##!define WITH_TLS
#!define WITH_XMLRPC
##!define PEERING
##!define FALLBACK_AUTH

34
custom_deployments/open5gs_hss_cx/icscf/icscf.xml Normal file
View File

@@ -0,0 +1,34 @@
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer
FQDN="icscf.IMS_DOMAIN"
Realm="IMS_DOMAIN"
Vendor_Id="10415"
Product_Name="CDiameterPeer"
AcceptUnknownPeers="1"
DropUnknownOnDisconnect="1"
Tc="30"
Workers="16"
QueueLength="32"
TransactionTimeout="5"
SessionsHashSize="128"
DefaultAuthSessionTimeout="3600"
MaxAuthSessionTimeout="3600"
>
<Peer FQDN="hss.EPC_DOMAIN" Realm="EPC_DOMAIN" port="HSS_BIND_PORT"/>
<Acceptor port="ICSCF_BIND_PORT" bind="ICSCF_IP"/>
<Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
<Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
<Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
<Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
<!--
Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
Supported-Vendor-ID AVPs
-->
<SupportedVendor vendor="10415" />
<DefaultRoute FQDN="hss.EPC_DOMAIN" metric="10"/>
</DiameterPeer>

96
custom_deployments/open5gs_hss_cx/icscf/icscf_init.sh Executable file
View File

@@ -0,0 +1,96 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/kamailio_icscf
cp /mnt/icscf/icscf.cfg /etc/kamailio_icscf
cp /mnt/icscf/icscf.xml /etc/kamailio_icscf
cp /mnt/icscf/kamailio_icscf.cfg /etc/kamailio_icscf
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create ICSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='icscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database icscf;"
mysql -u root -h ${MYSQL_IP} icscf < /usr/local/src/kamailio/misc/examples/ims/icscf/icscf.sql
ICSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'icscf' AND Host = '%')"`
if [[ "$ICSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'icscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'provisioning'@'%' IDENTIFIED WITH mysql_native_password BY 'provi'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'icscf'@'$ICSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'provisioning'@'$ICSCF_IP' IDENTIFIED WITH mysql_native_password BY 'provi'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'icscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'icscf'@'$ICSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'provisioning'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON icscf.* TO 'provisioning'@'$ICSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
DOMAIN_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM nds_trusted_domains WHERE trusted_domain='$IMS_DOMAIN';"`
if [[ "$DOMAIN_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO nds_trusted_domains (trusted_domain) VALUES ('$IMS_DOMAIN');"
fi
URI_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM s_cscf WHERE s_cscf_uri='sip:scscf.$IMS_DOMAIN:6060';"`
if [[ "$URI_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO s_cscf (name, s_cscf_uri) VALUES ('First and only S-CSCF', 'sip:scscf.$IMS_DOMAIN:6060');"
fi
SCSCF_ID=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT id FROM s_cscf WHERE s_cscf_uri='sip:scscf.$IMS_DOMAIN:6060' LIMIT 1;"`
CAP_PRESENT=`mysql -u root -h ${MYSQL_IP} icscf -s -N -e "SELECT count(*) FROM s_cscf_capabilities WHERE id_s_cscf='$SCSCF_ID';"`
if [[ "$CAP_PRESENT" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO s_cscf_capabilities (id_s_cscf, capability) VALUES ('$SCSCF_ID', 0),('$SCSCF_ID', 1);"
fi
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

639
custom_deployments/open5gs_hss_cx/icscf/kamailio_icscf.cfg Normal file
View File

@@ -0,0 +1,639 @@
#!KAMAILIO
#
# This config file implements the basic I-CSCF functionality
# - web: http://www.kamailio.org
# - git: http://sip-router.org
#
# Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
# for an explanation of possible statements, functions and parameters.
#
# Direct your questions about this file to: <sr-users@lists.kamailio.org>.
#
# For more information about the various parameters, functions and statements
# try http://sip-router.org/wiki/ .
#
system.shutdownmode = 0 desc "System shutdown mode"
system.service = "Interrogating-CSCF" desc "Function of this server"
include_file "icscf.cfg"
####### Defined Values #########
# *** Value defines - IDs used later in config
# - flags
# FLT_ - per transaction (message) flags
# FLB_ - per branch flags
#!define FLT_CAPTURE 1
#!ifdef WITH_XMLRPC
listen=tcp:127.0.0.1:4060
#!endif
####### Global Parameters #########
#!ifdef WITH_DEBUG
debug=5
log_stderror=yes
sip_warning=yes
#!else
debug=2
log_stderror=no
sip_warning=no
#!endif
user_agent_header="User-Agent: Kamailio I-CSCF"
server_header="Server: Kamailio I-CSCF"
/* comment the next line to enable the auto discovery of local aliases
based on reverse DNS on IPs (default on) */
auto_aliases=no
# Do SRV-Loadbalancing:
dns_srv_lb=on
# Always: Also try IPv6:
dns_try_ipv6=on
# Query NAPTR-Records as well:
dns_try_naptr=no
#!ifdef WITH_XMLRPC
#!ifndef WITH_TCP
#!define WITH_TCP
#!endif
#!ifndef TCP_PROCESSES
# Number of TCP Processes
#!define TCP_PROCESSES 3
#!endif
#!endif
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime=3615
#!ifdef TCP_PROCESSES
tcp_children=TCP_PROCESSES
#!endif
#!else
disable_tcp=yes
#!endif
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
children=4
# ------------------ module loading ----------------------------------
mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/:/usr/local/lib64/kamailio/modules"
# (we try both the lib64 and the lib directory)
loadmodule "tm"
loadmodule "sl"
loadmodule "rr"
loadmodule "pv"
loadmodule "textops"
loadmodule "maxfwd"
loadmodule "sanity"
loadmodule "siputils"
loadmodule "kex"
loadmodule "tmx"
loadmodule "pike"
loadmodule "corex"
# Control interfaces:
loadmodule "ctl"
loadmodule "cfg_rpc"
#!ifdef WITH_XMLRPC
loadmodule "xmlrpc"
#!endif
# Load the according DB-Module:
loadmodule "db_mysql"
#!ifdef DB_URL2
loadmodule "db_cluster"
#!endif
loadmodule "cdp.so"
loadmodule "cdp_avp.so"
loadmodule "xlog.so"
loadmodule "ims_icscf.so"
#!ifdef CAPTURE_NODE
loadmodule "siptrace.so"
#!endif
#!ifdef WITH_DEBUG
loadmodule "debugger.so"
#!endif
#!ifdef WITH_TLS
loadmodule "tls.so"
#!endif
#!ifdef PEERING
loadmodule "enum"
loadmodule "dispatcher"
#!endif
# ----------------- setting module-specific parameters ---------------
#!ifdef DB_URL2
# ----- db_cluster params -----
modparam("db_cluster", "connection", DB_URL)
modparam("db_cluster", "connection", DB_URL2)
modparam("db_cluster", "cluster", "cluster1=>con1=2s2s;con2=1s1s")
#!endif
loadmodule "jsonrpcs.so"
# ----- jsonrpcs params -----
modparam("jsonrpcs", "pretty_format", 1)
/* set the path to RPC fifo control file */
modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
/* set the path to RPC unix socket control file */
modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kamailio_rpc.sock")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- cdp params --
modparam("cdp","config_file","/etc/kamailio_icscf/icscf.xml")
# ----- icscf params -----
# Comment the following line to enable realm routing
#!ifdef CXDX_FORCED_PEER
modparam("ims_icscf", "cxdx_forced_peer", CXDX_FORCED_PEER)
#!endif
modparam("ims_icscf","cxdx_dest_realm", EPC_REALM)
# DB-URL, where information about S-CSCF-Server can be found:
#!ifdef DB_URL2
modparam("ims_icscf", "db_url", "cluster://cluster1")
#!else
modparam("ims_icscf", "db_url", DB_URL)
#!endif
#!ifdef PEERING
# Route which is executed, in case HSS returned "User-Unknown" on LIR request
modparam("ims_icscf","route_lir_user_unknown", "lir_term_user_unknown")
#!endif
#!ifdef FALLBACK_AUTH
# Route which is executed, in case HSS returned "User-Unknown" on UAR request
modparam("ims_icscf","route_uar_user_unknown", "uar_term_user_unknown")
#!endif
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config", "/etc/kamailio_icscf/tls.cfg")
#!endif
#!ifdef WITH_XMLRPC
# ----- xmlrpc params -----
modparam("xmlrpc", "route", "XMLRPC");
modparam("xmlrpc", "url_match", "^/RPC")
#!endif
# ----- ctl params -----
modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
#!ifdef WITH_DEBUG
# ----- debugger params -----
modparam("debugger", "cfgtrace", 1)
#!endif
#!ifdef CAPTURE_NODE
# Destination, where to send the traffic
modparam("siptrace", "duplicate_uri", CAPTURE_NODE)
# Trace all traffic
modparam("siptrace", "trace_on", 1)
modparam("siptrace", "trace_to_database", 0)
modparam("siptrace", "trace_flag", FLT_CAPTURE)
modparam("siptrace", "hep_mode_on", 1)
#!endif
#!ifdef PEERING
# ----- enum params -----
modparam("enum", "domain_suffix", ENUM_SUFFIX)
#!endif
# ----- tm params -----
# auto-discard branches from previous serial forking leg
modparam("tm", "failure_reply_mode", 3)
# default retransmission timeout: 10sec
modparam("tm", "fr_timer", 10000)
# default invite retransmission timeout after 1xx: 120sec
modparam("tm", "fr_inv_timer", 120000)
# Don't reply automatically with "100 Trying"
modparam("tm", "auto_inv_100", 0)
#!ifdef WITH_DEBUG
#loadmodule "debugger.so"
modparam("debugger", "mod_hash_size", 5)
modparam("debugger", "mod_level_mode", 1)
modparam("debugger", "mod_level", "cdp=3")
modparam("debugger", "mod_level", "ims_icscf=3")
#!endif
# ------------------------- request routing logic -------------------
# main routing logic
route{
#!ifdef WITH_DEBUG
xlog("I-CSCF >>>>>>>>>>>>>>>>>>>> $rm $ru ($fu => $tu ($si:$sp) to $tu, $ci)\n");
#!endif
# if !($rU =~ "\+.*") {
# prefix("+");
# }
# per request initial checks
route(REQINIT);
if (is_method("REGISTER")) {
route(register);
}
if (is_method("NOTIFY") && search("^(Event|o)([ \t]*):([ \t]*)reg")) {
if (!t_relay()) {
sl_reply_error();
}
exit;
}
if (is_method("INVITE|SUBSCRIBE|MESSAGE|INFO|PUBLISH|CANCEL")) {
route(initial_request);
} else {
# Shouldn't get here unless missconfigured (add more methods as initial) or
# somebody is routing unknown messages
append_to_reply("Allow: INVITE,SUBSCRIBE,MESSAGE,INFO,PUBLISH,CANCEL\r\n");
send_reply("406","Initial Request Method not allowed at the I-CSCF");
break;
}
}
######################################################################
# Helper routes (Basic-Checks, NAT-Handling/RTP-Control, XML-RPC)
######################################################################
# Per SIP request initial checks
route[REQINIT] {
$var(used) = 1 - ($stat(free_size) / $stat(total_size));
xlog("L_DBG", "Mem: Total $stat(total_size), Free $stat(free_size) [$var(used)% used]\n");
if ($var(used) > 95) {
send_reply("503", "Server overloaded");
exit;
}
# Trace this message
#!ifdef CAPTURE_NODE
sip_trace();
setflag(FLT_CAPTURE);
#!endif
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if(!sanity_check("1511", "7")) {
xlog("Malformed SIP message from $si:$sp\n");
exit;
}
# Check for shutdown mode:
if (!has_totag() && ($sel(cfg_get.system.shutdownmode) > 0)) {
send_reply("503", "Server shutting down");
exit;
}
# Reply to OPTIONS:
if (is_method("OPTIONS") && (uri==myself)) {
options_reply();
exit;
}
# Ignore Re-Transmits:
if (t_lookup_request()) {
exit;
}
if (is_method("INVITE|REGISTER")) {
send_reply("100", "Trying");
}
}
######################################################################
# XMLRPC routing
######################################################################
#!ifdef WITH_XMLRPC
route[XMLRPC] {
if ((method=="POST" || method=="GET")
#!ifdef XMLRPC_WHITELIST_1
&& ((src_ip == XMLRPC_WHITELIST_1)
#!ifdef XMLRPC_WHITELIST_2
|| (src_ip == XMLRPC_WHITELIST_2)
#!endif
#!ifdef XMLRPC_WHITELIST_3
|| (src_ip == XMLRPC_WHITELIST_3)
#!endif
)
#!endif
) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
set_reply_close();
set_reply_no_connect();
dispatch_rpc();
exit;
}
send_reply("403", "Forbidden");
exit;
}
#!endif
######################################################################
# Handling of REGISTER requests
######################################################################
route[register]
{
t_set_fr(5000, 5000);
#first check if we have an S-CSCF list
if (I_scscf_select("0")) {
#there is an S-CSCF list - no need to do a UAR
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
send_reply("500","Error forwarding towards S-CSCF");
}
} else {
#no S-CSCF list therefore must do UAR
#free this from the failed I_scscf_select call
I_scscf_drop();
# Do an asynchronous UAR:
#0=REG/DEREG; 1=REG+Capabilities
if (!I_perform_user_authorization_request("REG_UAR_REPLY","0")) {
send_reply("500", "Error in Request");
}
}
exit;
}
route[REG_UAR_REPLY]
{
#xlog("$$avp(s:uaa_return_code) = $avp(s:uaa_return_code)\n");
#this is async so to know status we have to check the reply avp
switch ($avp(s:uaa_return_code)){
case 1: #success
if (I_scscf_select("0")){
t_on_failure("register_failure");
t_on_reply("register_reply");
#now relay to appropriate SCSCF
if (!t_relay()) {
t_reply("500", "Error forwarding to SCSCF");
}
} else {#select failed
I_scscf_drop();
t_reply("500", "Server error on SCSCF Select (UAR)");
}
break;
case -1: #failure
xlog("L_ERR", "UAR failure - error response sent from module\n");
break;
case -2: #error
xlog("L_ERR", "UAR error - sending error response now\n");
t_reply("500", "UAR failed");
break;
default:
xlog("L_ERR", "Unknown return code from UAR, value is [$avp(s:uaa_return_code)]\n");
t_reply("500", "Unknown response code from UAR");
break;
}
}
######################################################################
# Replies to REGISTER requests,
######################################################################
onreply_route[register_reply]
{
xlog("L_DBG", "Enter register reply block");
if (!t_check_status("(408)|(480)")){
if (!t_check_status("(401)")){
xlog("L_DBG", "dropping scscf list on register failure");
I_scscf_drop();
} else {
xlog("L_DBG", "This is a 401 - keep scscf list to do optimisation");
}
}
break;
}
######################################################################
# Failed REGISTERs
######################################################################
failure_route[register_failure]
{
if (t_branch_timeout() || t_check_status("([5-6][0-9][0-9])")){
if (I_scscf_select("1")) {
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards next S-CSCF");
break;
}
break;
} else {
t_reply("500", "Server error on UAR select next S-CSCF");
break;
}
} else {
if (!t_check_status("(401)")){
xlog("L_DBG", "dropping scscf list on register failure");
I_scscf_drop();
} else {
xlog("L_DBG", "This is a 401 - keep scscf list to do optimisation");
}
break;
}
}
######################################################################
# Initial requests
######################################################################
route[initial_request]
{
# $avp(prefix)="+";
# $ru= $(ru{s.rm,$avp(prefix)});
xlog("$$ru => $ru\n");
I_perform_location_information_request("LIR_REPLY", "0");
}
route[LIR_REPLY] {
if ($avp(lia_return_code) == 1) {
if (I_scscf_select("0")) {
xlog("L_DBG", "ru = $ru, du = $du\n");
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards S-CSCF");
break;
}
break;
} else {
xlog("L_DBG", "dropping scscf list on initial request");
I_scscf_drop();
t_reply("500", "Server error on LIR select S-CSCF");
break;
}
} else {
t_reply("500", "Server error on LIR");
break;
}
break;
}
######################################################################
# Replies to initial requests
######################################################################
onreply_route[initial_request_reply]
{
xlog("L_DBG", "Enter initial request request block");
if (!t_check_status("(408)")){
xlog("L_DBG", "dropping scscf list on initial request reply");
I_scscf_drop();
}
break;
}
######################################################################
# Failed initial requests
######################################################################
failure_route[initial_request_failure]
{
xlog("L_DBG", "Enter initial request failure block");
if (t_check_status("(408)")){
xlog("L_DBG", "Got a failure for initial request");
if (I_scscf_select("1")) {
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards next S-CSCF");
break;
}
break;
} else {
t_reply("500", "Server error on LIR select next S-CSCF");
break;
}
} else {
xlog("L_DBG", "dropping scscf list on initial request failure");
I_scscf_drop();
}
break;
}
#!ifdef PEERING
######################################################################
# HSS returned "User-Unknown" on LIR request
######################################################################
route[lir_term_user_unknown]
{
if (uri =~ "tel:.*") {
# Let's check, if the number can be found in ENUM:
if(!enum_query()) {
# ENUM failed, send it to the PSTN-Gateway:
route(PSTN);
break;
}
# ENUM resolved to another domain
if ($rd != NETWORKNAME) {
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding to external domain");
exit;
};
exit;
} else {
t_reply("604","Does not exist anywhere - HSS User Unknown");
exit;
};
} else {
# we received a request for our domain (non-tel), but HSS said "User Unknown"
if ($rd != NETWORKNAME) {
t_reply("604","Does not exist anywhere - HSS User Unknown");
exit;
} else {
# try to forward non-tel request to other domain
t_on_reply("initial_request_reply");
t_on_failure("initial_request_failure");
if (!t_relay()) {
t_reply("500","Error forwarding to external domain");
exit;
};
exit;
};
};
}
######################################################################
# Send calls to the PSTN-Gateways:
######################################################################
route[PSTN]
{
t_on_failure("PSTN_failure");
# Relay the request towards the PSTN-Gateway:
if (!ds_select_dst("1", "4")) {
send_reply("503", "Service not available");
exit;
}
# Relay the request:
if (!t_relay()) {
send_reply("503", "Service not available");
exit;
};
exit;
}
######################################################################
# manage failure routing cases, perform failover
######################################################################
failure_route[PSTN_failure] {
# Choose another gateway, in case we
# - get a local generated "408"
# - receive a 5xx or 6xx reply from the proxy.
if (t_branch_timeout() || t_check_status("[5-6]..")) {
if (ds_next_dst()) {
# Do Failover in case problems:
t_on_failure("PSTN_failure");
# Relay the request:
if (!t_relay()) {
send_reply("503", "Service not available");
exit;
};
} else {
# Add a header, to indicate the phone should try again in 30 seconds.
append_hf("Retry-After: 30\r\n");
send_reply("503", "Service not available");
}
exit;
}
}
#!endif
#!ifdef FALLBACK_AUTH
######################################################################
# HSS returned "User-Unknown" on UAR request,
# try to send it to any S-CSCF for authentication
######################################################################
route[uar_term_user_unknown]
{
$rd = "scscf."+NETWORKNAME;
t_on_reply("register_reply");
t_on_failure("register_failure");
if (!t_relay()) {
t_reply("500","Error forwarding towards S-CSCF");
break;
}
break;
}
#!endif

30
custom_deployments/open5gs_hss_cx/mme/make_certs.sh Executable file
View File

@@ -0,0 +1,30 @@
#!/bin/sh
if [ 1 -ne $# ]
then
echo You must specify output directory : ./make_certs.sh ./freeDiameter
exit;
fi
rm -rf demoCA
mkdir demoCA
echo 01 > demoCA/serial
touch demoCA/index.txt.attr
touch demoCA/index.txt
# Generate .rnd if it does not exist
openssl rand -out /root/.rnd -hex 256
# CA self certificate
openssl req -new -batch -x509 -days 3650 -nodes -newkey rsa:1024 -out $1/cacert.pem -keyout cakey.pem -subj /CN=ca.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
#mme
openssl genrsa -out $1/mme.key.pem 1024
openssl req -new -batch -out mme.csr.pem -key $1/mme.key.pem -subj /CN=mme.EPC_DOMAIN/C=KO/ST=Seoul/L=Nowon/O=Open5GS/OU=Tests
openssl ca -cert $1/cacert.pem -days 3650 -keyfile cakey.pem -in mme.csr.pem -out $1/mme.cert.pem -outdir . -batch
rm -rf demoCA
rm -f 01.pem 02.pem 03.pem 04.pem
rm -f cakey.pem
rm -f mme.csr.pem

266
custom_deployments/open5gs_hss_cx/mme/mme.conf Normal file
View File

@@ -0,0 +1,266 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
Identity = "mme.EPC_DOMAIN";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
Realm = "EPC_DOMAIN";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
ListenOn = "MME_IP";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
TLS_Cred = "/open5gs/install/etc/freeDiameter/mme.cert.pem", "/open5gs/install/etc/freeDiameter/mme.key.pem";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
TLS_CA = "/open5gs/install/etc/freeDiameter/cacert.pem";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dbg_msg_dumps.fdx" : "0x8888";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_rfc5777.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_mip6i.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nasreq.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_nas_mipv6.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca.fdx";
LoadExtension = "LD_LIBRARY_PATH/freeDiameter/dict_dcca_3gpp.fdx";
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
ConnectPeer = "hss.EPC_DOMAIN" { ConnectTo = "HSS_IP"; Port = HSS_BIND_PORT; No_TLS; };
##############################################################

59
custom_deployments/open5gs_hss_cx/mme/mme.yaml Normal file
View File

@@ -0,0 +1,59 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/mme.log
global:
max:
ue: MAX_NUM_UE
mme:
freeDiameter: /open5gs/install/etc/freeDiameter/mme.conf
s1ap:
server:
- dev: MME_IF
gtpc:
server:
- dev: MME_IF
client:
sgwc:
- address: SGWC_IP
smf:
- address: SMF_IP
sgsap:
server:
- address: OSMOMSC_IP
map:
tai:
plmn_id:
mcc: MCC
mnc: MNC
tac: 1
lai:
plmn_id:
mcc: MCC
mnc: MNC
lac: 1
gummei:
- plmn_id:
mcc: MCC
mnc: MNC
mme_gid: 2
mme_code: 1
tai:
- plmn_id:
mcc: MCC
mnc: MNC
tac: 1
security:
integrity_order : [ EIA2, EIA1, EIA0 ]
ciphering_order : [ EEA0, EEA1, EEA2 ]
network_name:
full: Open5GS
mme_name: open5gs-mme0
metrics:
server:
- address: MME_IP
port: 9091
time:
t3412:
value: 540

57
custom_deployments/open5gs_hss_cx/mme/mme_init.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
cp /mnt/mme/mme.yaml install/etc/open5gs
cp /mnt/mme/mme.conf install/etc/freeDiameter
cp /mnt/mme/make_certs.sh install/etc/freeDiameter
sed -i 's|MNC|'$MNC'|g' install/etc/open5gs/mme.yaml
sed -i 's|MCC|'$MCC'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IF|'$IF_NAME'|g' install/etc/open5gs/mme.yaml
sed -i 's|OSMOMSC_IP|'$OSMOMSC_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|SGWC_IP|'$SGWC_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/mme.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/mme.yaml
sed -i 's|MME_IP|'$MME_IP'|g' install/etc/freeDiameter/mme.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' install/etc/freeDiameter/mme.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/mme.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' install/etc/freeDiameter/mme.conf
sed -i 's|LD_LIBRARY_PATH|'$LD_LIBRARY_PATH'|g' install/etc/freeDiameter/mme.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' install/etc/freeDiameter/make_certs.sh
# Generate TLS certificates
./install/etc/freeDiameter/make_certs.sh install/etc/freeDiameter
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

14
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/freeDiameter.conf Normal file
View File

@@ -0,0 +1,14 @@
Identity = "icscf.IMS_DOMAIN";
Realm = "IMS_DOMAIN";
Port = ICSCF_BIND_PORT;
ListenOn = "ICSCF_IP";
SecPort = 0;
No_SCTP;
NoRelay;
ConnectPeer = "hss.EPC_DOMAIN" {
Realm = "EPC_DOMAIN";
No_TLS;
ConnectTo = "HSS_IP";
port = HSS_BIND_PORT;
};

32
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/icscf.dictionary Normal file
View File

@@ -0,0 +1,32 @@
VENDOR 10415 TGPP
ATTRIBUTE Visited-Network-Identifier 600 string 10415
ATTRIBUTE Public-Identity 601 string 10415
ATTRIBUTE Server-Name 602 string 10415
APPLICATION-AUTH 16777216/10415 3GPP Cx
REQUEST 300 User-Authorization Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
User-Name | REQUIRED | 1
Public-Identity | REQUIRED | 1
Visited-Network-Identifier | REQUIRED | 1
}
ANSWER 300 User-Authorization Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Experimental-Result | REQUIRED | 1
}

51
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/icscf_init.sh Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/opensips
cp /mnt/icscf/freeDiameter.conf /etc/opensips
cp /mnt/icscf/icscf.dictionary /etc/opensips
cp /mnt/icscf/opensips.cfg /etc/opensips
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/opensips/opensips.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/opensips.cfg
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
exec /usr/sbin/opensips -F $@

226
custom_deployments/open5gs_hss_cx/opensips_ims_icscf/opensips.cfg Normal file
View File

@@ -0,0 +1,226 @@
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
/* uncomment the following lines to enable debugging */
#debug_mode=yes
log_level=3
xlog_level=3
log_stderror=yes
log_stdout=yes
log_facility=LOG_LOCAL0
udp_workers=4
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
socket=udp:ICSCF_IP:4060
socket=tcp:ICSCF_IP:4060
alias="icscf.IMS_DOMAIN"
#set module path
mpath="/usr/lib/x86_64-linux-gnu/opensips/modules"
####### Modules Section ########
####### http module ######
loadmodule "httpd.so"
modparam("httpd", "ip", "ICSCF_IP")
modparam("httpd", "port", 8080)
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/run/opensips/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "working_mode_preset", "single-instance-no-db")
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure to enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
#### aaa_diameter module
loadmodule "aaa_diameter.so"
modparam("aaa_diameter", "fd_log_level", 1) # max amount of logging, quite annoying
modparam("aaa_diameter", "realm", "EPC_DOMAIN")
modparam("aaa_diameter", "peer_identity", "hss")
modparam("aaa_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/icscf.dictionary")
#### JSON module
loadmodule "json.so"
####### Routing Logic ########
# main request routing logic
route{
xlog("L_INFO", "[$ci] Start route time [$Tf] method ($rm) r-uri ($ru) \n");
if (!mf_process_maxfwd_header(10)) {
send_reply(483,"Too Many Hops");
exit;
}
if (has_totag()) {
# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}
# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply(404,"Not here");
exit;
}
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("log","failed");
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}
# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}
# absorb retransmissions, but do not create transaction
t_check_trans();
if (is_method("REGISTER")) {
xlog("L_INFO", "[$ci] Received REGISTER for $tu - doing UAR\n");
$var(payload) = "[
{ \"Session-Id\": \"icscf.IMS_DOMAIN;"+$Ts+"."+$Tsm+";"+$pp+"\" },
{ \"Origin-Host\": \"icscf.IMS_DOMAIN\" },
{ \"Origin-Realm\": \"IMS_DOMAIN\" },
{ \"Destination-Realm\": \"EPC_DOMAIN\" },
{ \"Vendor-Specific-Application-Id\": [{\"Vendor-Id\": 10415},
{\"Auth-Application-Id\": 16777216}]},
{ \"Auth-Session-State\": 1 },
{ \"User-Name\": \""+$fU+"@"+$fd+"\" },
{ \"Public-Identity\": \""+$fu+"\" },
{ \"Visited-Network-Identifier\": \"IMS_DOMAIN\" }
]";
$var(rc) = dm_send_request(16777216, 300, $var(payload), $var(rpl_avps));
xlog("[$ci] UAA rc: $var(rc), UAA AVPs: $var(rpl_avps)\n");
$var(server_name) = NULL;
$json(rpl_avps) := $var(rpl_avps);
for ($var(item) in $(json(rpl_avps)[*])) {
$json(item) := $var(item);
for ($var(key) in $(json(item.keys)[*])) {
if ($var(key) == "Server-Name") {
$var(server_name) = $json(item/$var(key));
break;
}
}
if ($var(server_name) != NULL)
break;
}
if ($var(server_name) == NULL) {
xlog("L_ERR", "[$ci] No server available! Relaying to default S-CSCF\n");
$var(server_name) = "sip:scscf.IMS_DOMAIN:6060";
}
# relay to S-CSCF
xlog("L_INFO", "[$ci] using S-CSCF $var(server_name)\n");
$ru = $var(server_name);
route(relay);
exit;
}
send_reply(503,"Not Implemented");
exit;
}
route[relay] {
if (!t_relay()) {
send_reply(500,"Internal Error");
}
exit;
}

14
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/freeDiameter.conf Normal file
View File

@@ -0,0 +1,14 @@
Identity = "scscf.IMS_DOMAIN";
Realm = "IMS_DOMAIN";
Port = SCSCF_BIND_PORT;
ListenOn = "SCSCF_IP";
SecPort = 0;
No_SCTP;
NoRelay;
ConnectPeer = "hss.EPC_DOMAIN" {
Realm = "EPC_DOMAIN";
No_TLS;
ConnectTo = "HSS_IP";
port = HSS_BIND_PORT;
};

301
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/opensips.cfg Normal file
View File

@@ -0,0 +1,301 @@
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
/* uncomment the following lines to enable debugging */
#debug_mode=yes
log_level=3
xlog_level=3
log_stderror=yes
log_stdout=yes
xlog_buf_size=16384
log_facility=LOG_LOCAL0
udp_workers=4
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
socket=udp:SCSCF_IP:6060
socket=tcp:SCSCF_IP:6060
alias="scscf.IMS_DOMAIN"
#set module path
mpath="/usr/lib/x86_64-linux-gnu/opensips/modules"
####### Modules Section ########
#### MYSQL module
loadmodule "db_mysql.so"
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/run/opensips/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "working_mode_preset", "single-instance-no-db")
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "attr_avp", "$avp(attr)")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure to enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
#### aaa_diameter module
loadmodule "aaa_diameter.so"
modparam("aaa_diameter", "fd_log_level", 1) # max amount of logging, quite annoying
modparam("aaa_diameter", "realm", "EPC_DOMAIN")
modparam("aaa_diameter", "peer_identity", "hss")
modparam("aaa_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/scscf.dictionary")
loadmodule "auth_aka.so"
modparam("auth_aka", "default_av_mgm", "diameter")
modparam("auth_aka", "default_qop", "auth,auth-int")
loadmodule "aka_av_diameter.so"
modparam("aka_av_diameter", "realm",
"scscf.IMS_DOMAIN")
modparam("aka_av_diameter", "aaa_url",
"diameter:/etc/opensips/freeDiameter.conf;extra-avps-file:/etc/opensips/scscf.dictionary")
#### dialplan module
loadmodule "dialplan.so"
modparam("dialplan","db_url", "mysql://opensips_scscf:heslo@MYSQL_IP/opensips_scscf")
#### auth module
loadmodule "auth.so"
#### JSON module
loadmodule "json.so"
#### XML module
loadmodule "xml.so"
####### Routing Logic ########
# main request routing logic
route{
xlog("L_INFO", "[$ci] Start route time [$Tf] method ($rm) r-uri ($ru) \n");
if (!mf_process_maxfwd_header(10)) {
send_reply(483,"Too Many Hops");
exit;
}
if (has_totag()) {
# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}
# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply(404,"Not here");
exit;
}
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("log","failed");
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}
# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}
# absorb retransmissions, but do not create transaction
t_check_trans();
if (is_method("REGISTER")) {
xlog("L_INFO", "[$ci] Received REGISTER for $tu - doing authorization\n");
if (!aka_www_authorize()) {
if (!async(aka_www_challenge(), aka_resume_mar))
t_reply(500, "Internal Error");
exit;
}
xlog("L_INFO", "[$ci] Received REGISTER for $tu - authorized, doing SAR\n");
$var(payload) = "[
{ \"Session-Id\": \"scscf.IMS_DOMAIN;"+$Ts+"."+$Tsm+";"+$pp+"\" },
{ \"Origin-Host\": \"scscf.IMS_DOMAIN\" },
{ \"Origin-Realm\": \"IMS_DOMAIN\" },
{ \"Destination-Realm\": \"EPC_DOMAIN\" },
{ \"Vendor-Specific-Application-Id\": [{\"Vendor-Id\": 10415},
{\"Auth-Application-Id\": 16777216}]},
{ \"Auth-Session-State\": 1 },
{ \"User-Name\": \""+$fU+"@"+$fd+"\" },
{ \"Public-Identity\": \""+$fu+"\" },
{ \"Server-Assignment-Type\": 1 },
{ \"User-Data-Already-Available\": 0},
{ \"Server-Name\": \"sip:scscf.IMS_DOMAIN:6060\" }
]";
if (!async(dm_send_request(16777216, 301, $var(payload), $var(rpl_avps)), aka_resume_sar)) {
t_reply(500, "Internal Error");
exit;
}
exit;
} else if (is_method("INVITE")) {
xlog("L_INFO", "[$ci] Received INVITE for $tu/$ru - checking dialplan\n");
loose_route(); # consume preloaded routes
if (!record_route()) {
xlog("L_ERR", "[$ci] Cannot do record_route()\n");
t_reply(503, "Internal Error");
exit;
}
if ($ru =~ "^tel:") {
$var(tel_user) = $rU;
$var(tel_domain) = $(ru{uri.param,phone-context});
$ru = "sip:" + $var(tel_user) + "@" + $var(tel_domain);
} else {
$rU = $(rU{s.select,0,;});
}
if (!dp_translate(1, $rU, $var(dialplan))) {
$var(dialplan) = "USER";
xlog("L_DBG", "[$ci] unknown dialplan - considering $var(dialplan)\n");
}
xlog("L_INFO", "[$ci] Dial $rU is a $var(dialplan) dialplan\n");
switch ($var(dialplan)) {
case "USER":
xlog("L_INFO", "[$ci] lookup user $rU/$(oU{s.select,0,;})\n");
if (!lookup("location")) {
xlog("L_ERR", "[$ci] Received INVITE for $tu/$ru not registered - sending to service\n");
t_reply(404, "User not found");
exit;
}
break;
case "SERVICE":
# TODO: handle service
case "APPLICATION":
# TODO: handle application server
default:
xlog("L_ERR", "[$ci] unknown $var(dialplan) dialplan\n");
t_reply(503, "Unknown dialplan");
exit;
}
if (!t_relay()) {
xlog("L_ERR", "[$ci] Cannot relay to $ru\n");
t_reply(503, "Internal Error");
}
exit;
}
send_reply(503,"Not Implemented");
exit;
}
route[relay] {
if (!t_relay()) {
send_reply(500,"Internal Error");
}
exit;
}
route[aka_resume_mar] {
xlog("L_DBG", "[$ci] MAA rc: $rc\n");
}
route[aka_resume_sar] {
xlog("[$ci] SAA rc: $var(rc), SAA AVPs: $var(rpl_avps)\n");
$avp(attr) = $ct.fields(params);
append_to_reply("Service-Route: <sip:orig@scscf.IMS_DOMAIN:6060;lr>\r\n");
$json(rpl_avps) := $var(rpl_avps);
for ($var(item) in $(json(rpl_avps)[*])) {
$json(item) := $var(item);
for ($var(key) in $(json(item.keys)[*])) {
if ($var(key) == "Cx-User-Data") {
$xml(data) := $json(item/$var(key));
$xml(profile) := $xml(data/IMSSubscription/ServiceProfile);
$var(idx) = 0;
while ($xml(profile/ServiceProfile/PublicIdentity[$var(idx)]) != NULL) {
append_to_reply("P-Associated-URI: <$xml(profile/ServiceProfile/PublicIdentity[$var(idx)]/Identity.val)>\r\n");
$var(idx) = $var(idx) + 1;
}
}
}
}
if (!save("location", "path-lazy")) {
t_reply(503, "Internal Error");
exit;
}
}

105
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/scscf.dictionary Normal file
View File

@@ -0,0 +1,105 @@
VENDOR 10415 TGPP
ATTRIBUTE Visited-Network-Identifier 600 string 10415
ATTRIBUTE Public-Identity 601 string 10415
ATTRIBUTE Server-Name 602 string 10415
ATTRIBUTE Mandatory-Capability 604 unsigned32 10415
ATTRIBUTE Optional-Capability 605 unsigned32 10415
ATTRIBUTE Cx-User-Data 606 string 10415
ATTRIBUTE 3GPP-SIP-Number-Auth-Items 607 unsigned32 10415
ATTRIBUTE 3GPP-SIP-Authentication-Scheme 608 utf8string 10415
ATTRIBUTE 3GPP-SIP-Authenticate 609 hexstring 10415
ATTRIBUTE 3GPP-SIP-Authorization 610 hexstring 10415
ATTRIBUTE 3GPP-SIP-Authentication-Context 611 string 10415
ATTRIBUTE 3GPP-SIP-Item-Number 613 unsigned32 10415
ATTRIBUTE Server-Assignment-Type 614 unsigned32 10415
ATTRIBUTE User-Data-Already-Available 624 unsigned32 10415
ATTRIBUTE Confidentiality-Key 625 hexstring 10415
ATTRIBUTE Integrity-Key 626 hexstring 10415
ATTRIBUTE Primary-Event-Charging-Function-Name 619 string 10415
ATTRIBUTE Secondary-Event-Charging-Function-Name 620 string 10415
ATTRIBUTE Primary-Charging-Collection-Function-Name 621 string 10415
ATTRIBUTE Secondary-Charging-Collection-Function-Name 622 string 10415
ATTRIBUTE 3GPP-SIP-Auth-Data-Item 612 grouped 10415
{
3GPP-SIP-Item-Number | OPTIONAL | 1
3GPP-SIP-Authentication-Scheme | OPTIONAL | 1
3GPP-SIP-Authenticate | OPTIONAL | 1
3GPP-SIP-Authorization | OPTIONAL | 1
3GPP-SIP-Authentication-Context | OPTIONAL | 1
Confidentiality-Key | OPTIONAL | 1
Integrity-Key | OPTIONAL | 1
}
ATTRIBUTE Charging-Information 618 grouped 10415
{
Primary-Event-Charging-Function-Name | OPTIONAL | 1
Secondary-Event-Charging-Function-Name | OPTIONAL | 1
Primary-Charging-Collection-Function-Name | OPTIONAL | 1
Secondary-Charging-Collection-Function-Name | OPTIONAL | 1
}
APPLICATION-AUTH 16777216/10415 3GPP Cx
REQUEST 301 Server-Assignment Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
Server-Name | REQUIRED | 1
User-Name | REQUIRED | 1
Server-Assignment-Type | REQUIRED | 1
User-Data-Already-Available | REQUIRED | 1
}
ANSWER 301 Server-Assignment Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
User-Name | REQUIRED | 1
Cx-User-Data | REQUIRED | 1
Charging-Information | OPTIONAL | 1
Result-Code | REQUIRED | 1
}
REQUEST 303 Multimedia-Auth Request
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Realm | REQUIRED | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
3GPP-SIP-Number-Auth-Items | REQUIRED | 1
3GPP-SIP-Auth-Data-Item | REQUIRED | 1
Server-Name | REQUIRED | 1
}
ANSWER 303 Multimedia-Auth Answer
{
Session-Id | REQUIRED | 1
Origin-Host | REQUIRED | 1
Origin-Realm | REQUIRED | 1
Destination-Host | OPTIONAL | 1
Destination-Realm | OPTIONAL | 1
Vendor-Specific-Application-Id | REQUIRED | 1
Auth-Session-State | REQUIRED | 1
Public-Identity | REQUIRED | 1
3GPP-SIP-Number-Auth-Items | REQUIRED | 1
3GPP-SIP-Auth-Data-Item | REQUIRED | 1
User-Name | REQUIRED | 1
Result-Code | REQUIRED | 1
}

76
custom_deployments/open5gs_hss_cx/opensips_ims_scscf/scscf_init.sh Executable file
View File

@@ -0,0 +1,76 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/opensips
cp /mnt/scscf/freeDiameter.conf /etc/opensips
cp /mnt/scscf/scscf.dictionary /etc/opensips
cp /mnt/scscf/opensips.cfg /etc/opensips
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create SCSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='opensips_scscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database opensips_scscf;"
mysql -u root -h ${MYSQL_IP} opensips_scscf < /usr/share/opensips/mysql/standard-create.sql
mysql -u root -h ${MYSQL_IP} opensips_scscf < /usr/share/opensips/mysql/dialplan-create.sql
SCSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'opensips_scscf' AND Host = '%')"`
if [[ "$SCSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'opensips_scscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'opensips_scscf'@'$SCSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON opensips_scscf.* TO 'opensips_scscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON opensips_scscf.* TO 'opensips_scscf'@'$SCSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_IP|'$HSS_IP'|g' /etc/opensips/freeDiameter.conf
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/freeDiameter.conf
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' /etc/opensips/freeDiameter.conf
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/opensips/opensips.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/opensips/opensips.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/opensips/opensips.cfg
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
exec /usr/sbin/opensips -F $@

293
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel6.xsd Normal file
View File

@@ -0,0 +1,293 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0" />
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

301
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel7.xsd Normal file
View File

@@ -0,0 +1,301 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_UNREGISTERED</label>
<definition xml:lang="en">Originating Session for an unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0"/>
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

379
custom_deployments/open5gs_hss_cx/scscf/CxDataType_Rel8.xsd Normal file
View File

@@ -0,0 +1,379 @@
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:simpleType name="tPriority" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tProfilePartIndicator" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">REGISTERED</label>
<definition xml:lang="en">iFC is part of the registered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">UNREGISTERED</label>
<definition xml:lang="en">iFC is part of the unregistered profile</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tSharedIFCSetID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tGroupID" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tRegistrationType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="2"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">INITIAL_REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to initial registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">RE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to re-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DE-REGISTRATION</label>
<definition xml:lang="en">Matches to REGISTER messages that are related to de-registration</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDefaultHandling" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="1"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_CONTINUED</label>
<definition xml:lang="en">Session Continued</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">SESSION_TERMINATED</label>
<definition xml:lang="en">Session Terminated</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tDirectionOfRequest" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:maxInclusive value="3"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_SESSION</label>
<definition xml:lang="en">Originating Session</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_REGISTERED</label>
<definition xml:lang="en">Terminating Session for registered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">TERMINATING_UNREGISTERED</label>
<definition xml:lang="en">Terminating Session for unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">ORIGINATING_UNREGISTERED</label>
<definition xml:lang="en">Originating Session for an unregistered user</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tPrivateID" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tSIP_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tTEL_URL" final="list restriction">
<xs:restriction base="xs:anyURI"/>
</xs:simpleType>
<xs:simpleType name="tIdentity" final="list restriction">
<xs:union memberTypes="tSIP_URL tTEL_URL"/>
</xs:simpleType>
<xs:simpleType name="tIdentityType" final="list restriction">
<xs:restriction base="xs:unsignedByte">
<xs:minInclusive value="0"/>
<xs:maxInclusive value="4"/>
<xs:enumeration value="0">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">PUBLIC_USER_IDENTITY</label>
<definition xml:lang="en">Identity is a Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="1">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">DISTINCT_PSI</label>
<definition xml:lang="en">Identity is a distinct Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="2">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_PSI</label>
<definition xml:lang="en">Identity matches a wildcarded Public Service Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="3">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">WILDCARDED_IMPU</label>
<definition xml:lang="en">Identity is a Wildcarded Public User Identity.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
<xs:enumeration value="4">
<xs:annotation>
<xs:documentation>
<label xml:lang="en">IMPU WILDCARD</label>
<definition xml:lang="en">Identity is a Wildcard for Public User Identities.</definition>
</xs:documentation>
</xs:annotation>
</xs:enumeration>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tPublicIdentityExtension">
<xs:sequence>
<xs:element name="IdentityType" type="tIdentityType" minOccurs="0"/>
<xs:element name="WildcardedPSI" type="xs:anyURI" minOccurs="0"/>
<xs:element name="Extension" type="tPublicIdentityExtension2" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentityExtension2">
<xs:sequence>
<xs:element name="DisplayName" type="tDisplayName" minOccurs="0"/>
<xs:element name="AliasIdentityGroupID" type="tAliasIdentityGroupID" minOccurs="0"/>
<xs:element name="Extension" type="tPublicIdentityExtension3" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentityExtension3">
<xs:sequence>
<xs:element name="WildcardedIMPU" type="xs:anyURI" minOccurs="0"/>
<xs:element name="ServiceLevelTraceInfo" type="tServiceLevelTraceInfo" minOccurs="0"/>
<xs:element name="SIPURIParameters" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="tDisplayName" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tAliasIdentityGroupID" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tServiceLevelTraceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tServiceInfo" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tString" final="list restriction">
<xs:restriction base="xs:string">
<xs:minLength value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="tBool">
<xs:restriction base="xs:boolean"/>
</xs:simpleType>
<xs:simpleType name="tSubscribedMediaProfileId" final="list restriction">
<xs:restriction base="xs:int">
<xs:minInclusive value="0"/>
</xs:restriction>
</xs:simpleType>
<xs:complexType name="tExtension">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfileExtension">
<xs:sequence>
<xs:element name="SharedIFCSetID" type="tSharedIFCSetID" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTriExtension">
<xs:sequence>
<xs:element name="RegistrationType" type="tRegistrationType" minOccurs="0" maxOccurs="2"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tListOfServiceIds">
<xs:sequence>
<xs:element name="ServiceId" type="tString" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCNServicesAuthorizationExtension">
<xs:sequence>
<xs:element name="ListOfServiceIds" type="tListOfServiceIds" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIMSSubscription">
<xs:sequence>
<xs:element name="PrivateID" type="tPrivateID"/>
<xs:element name="ServiceProfile" type="tServiceProfile" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tServiceProfile">
<xs:sequence>
<xs:element name="PublicIdentity" type="tPublicIdentity" maxOccurs="unbounded"/>
<xs:element name="CoreNetworkServicesAuthorization" type="tCoreNetworkServicesAuthorization" minOccurs="0"/>
<xs:element name="InitialFilterCriteria" type="tInitialFilterCriteria" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tServiceProfileExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tCoreNetworkServicesAuthorization">
<xs:sequence>
<xs:element name="SubscribedMediaProfileId" type="tSubscribedMediaProfileId" minOccurs="0"/>
<xs:element name="Extension" type="tCNServicesAuthorizationExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tInitialFilterCriteria">
<xs:sequence>
<xs:element name="Priority" type="tPriority"/>
<xs:element name="TriggerPoint" type="tTrigger" minOccurs="0"/>
<xs:element name="ApplicationServer" type="tApplicationServer"/>
<xs:element name="ProfilePartIndicator" type="tProfilePartIndicator" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tTrigger">
<xs:sequence>
<xs:element name="ConditionTypeCNF" type="tBool"/>
<xs:element name="SPT" type="tSePoTri" maxOccurs="unbounded"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSePoTri">
<xs:sequence>
<xs:element name="ConditionNegated" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Group" type="tGroupID" maxOccurs="unbounded"/>
<xs:choice>
<xs:element name="RequestURI" type="tString"/>
<xs:element name="Method" type="tString"/>
<xs:element name="SIPHeader" type="tHeader"/>
<xs:element name="SessionCase" type="tDirectionOfRequest"/>
<xs:element name="SessionDescription" type="tSessionDescription"/>
</xs:choice>
<xs:element name="Extension" type="tSePoTriExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tHeader">
<xs:sequence>
<xs:element name="Header" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tSessionDescription">
<xs:sequence>
<xs:element name="Line" type="tString"/>
<xs:element name="Content" type="tString" minOccurs="0"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServer">
<xs:sequence>
<xs:element name="ServerName" type="tSIP_URL"/>
<xs:element name="DefaultHandling" type="tDefaultHandling" minOccurs="0"/>
<xs:element name="ServiceInfo" type="tServiceInfo" minOccurs="0"/>
<xs:element name="Extension" type="tApplicationServerExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tPublicIdentity">
<xs:sequence>
<xs:element name="BarringIndication" type="tBool" default="0" minOccurs="0"/>
<xs:element name="Identity" type="tIdentity"/>
<xs:element name="Extension" type="tPublicIdentityExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tApplicationServerExtension">
<xs:sequence>
<xs:element name="IncludeRegisterRequest" type="tIncludeRegisterRequest" minOccurs="0" maxOccurs="1"/>
<xs:element name="IncludeRegisterResponse" type="tIncludeRegisterResponse" minOccurs="0" maxOccurs="1"/>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIncludeRegisterRequest">
<xs:sequence>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="tIncludeRegisterResponse">
<xs:sequence>
<xs:element name="Extension" type="tExtension" minOccurs="0"/>
<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:element name="IMSSubscription" type="tIMSSubscription"/>
</xs:schema>

1
custom_deployments/open5gs_hss_cx/scscf/dispatcher.list Normal file
View File

@@ -0,0 +1 @@
# ng-voice Interconnect

1276
custom_deployments/open5gs_hss_cx/scscf/kamailio_scscf.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

85
custom_deployments/open5gs_hss_cx/scscf/scscf.cfg Normal file
View File

@@ -0,0 +1,85 @@
# SIP / UDP
listen=udp:SCSCF_IP:6060
# SIP / TCP
listen=tcp:SCSCF_IP:6060
# SIP / TCP/TLS
#listen=tls:SCSCF_IP:6061
#!define NETWORKNAME "IMS_DOMAIN"
#!define EPC_REALM "EPC_DOMAIN"
#!define NETWORKNAME_ESC "IMS_SLASH_DOMAIN"
#!define HOSTNAME "scscf.IMS_DOMAIN"
#!define HOSTNAME_ESC "scscf\.IMS_SLASH_DOMAIN"
#!define URI "sip:scscf.IMS_DOMAIN:6060"
#!subst "/NETWORKNAME/IMS_DOMAIN/"
alias=scscf.IMS_DOMAIN
# ENUM-Server to query:
#!define ENUM_SUFFIX "IMS_DOMAIN."
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"
# Connection URL for the database:
# For use with a single database:
#!define DB_URL "mysql://scscf:heslo@MYSQL_IP/scscf"
# For use with DB_Cluster: con1 (primary), con2 (backup)
##!define DB_URL "con1=>mysql://scscf:heslo@MYSQL_IP/scscf"
##!define DB_URL2 "con2=>mysql://scscf:heslo@MYSQL_IP/scscf"
# Select Authorization Algorhithm:
##!define REG_AUTH_DEFAULT_ALG "AKAv1-MD5"
##!define REG_AUTH_DEFAULT_ALG "AKAv2-MD5"
##!define REG_AUTH_DEFAULT_ALG "MD5"
##!define REG_AUTH_DEFAULT_ALG "CableLabs-Digest"
##!define REG_AUTH_DEFAULT_ALG "3GPP-Digest"
##!define REG_AUTH_DEFAULT_ALG "TISPAN-HTTP_DIGEST_MD5"
# Let the HSS decide
#!define REG_AUTH_DEFAULT_ALG "HSS-Selected"
# Number of TCP Processes
#!define TCP_PROCESSES 3
##!define RO_FORCED_PEER "32260@3gpp.org"
#!define RO_DESTINATION "hssocs.voiceblue.com"
#!define RO_ROOT "32260@3gpp.org"
#!define RO_EXT "ext"
#!define RO_MNC "02"
#!define RO_MCC "001"
#(see https://en.wikipedia.org/wiki/Mobile_country_code_(MCC))
#!define RO_RELEASE "8"
# See http://tools.ietf.org/html/rfc4006#section-4.1.2 for the definition of the Service-Context
##!define XMLRPC_WHITELIST_1 "127.0.0.1"
##!define XMLRPC_WHITELIST_2 "127.0.0.1"
##!define XMLRPC_WHITELIST_3 "127.0.0.1"
# Several features can be enabled using '#!define WITH_FEATURE' directives:
#
# *** To run in debug mode:
# - define WITH_DEBUG
#
# *** To enable TCP support execute:
# - define WITH_TCP
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
# - this will automagically enable TCP
#
# *** To enable the Ro-Interface:
# - Configure Ro-Diameter-Interface in scscf.xml
# - define WITH_RO
#
# *** To enable a Homer SIP-Capter-Node:
# - define CAPTURE_NODE with a proper address
#
# Enabled Features for this host:
##!define WITH_DEBUG
#!define WITH_TCP
##!define WITH_XMLRPC
##!define WITH_RO
##!define WITH_RO_TERM
#!define WITH_AUTH

36
custom_deployments/open5gs_hss_cx/scscf/scscf.xml Normal file
View File

@@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<DiameterPeer
FQDN="scscf.IMS_DOMAIN"
Realm="IMS_DOMAIN"
Vendor_Id="10415"
Product_Name="CDiameterPeer"
AcceptUnknownPeers="1"
DropUnknownOnDisconnect="1"
Tc="30"
Workers="16"
QueueLength="32"
TransactionTimeout="5"
SessionsHashSize="128"
DefaultAuthSessionTimeout="3600"
MaxAuthSessionTimeout="3600"
>
<Peer FQDN="hss.EPC_DOMAIN" Realm="EPC_DOMAIN" port="HSS_BIND_PORT"/>
<Acceptor port="SCSCF_BIND_PORT" bind="SCSCF_IP"/>
<Auth id="16777216" vendor="10415"/><!-- 3GPP Cx -->
<Auth id="16777216" vendor="4491"/><!-- CableLabs Cx -->
<Auth id="16777216" vendor="13019"/><!-- ETSI/TISPAN Cx -->
<Auth id="16777216" vendor="0"/><!-- ETSI/TISPAN Cx -->
<Auth id="4" vendor="10415"/> <!--3GPP Ro -->
<Acct id="4" vendor="10415" />
<!--
Supported Vendor IDs - list of values which will be sent in the CER/CEA in the
Supported-Vendor-ID AVPs
-->
<SupportedVendor vendor="10415" />
<DefaultRoute FQDN="hss.EPC_DOMAIN" metric="10"/>
</DiameterPeer>

83
custom_deployments/open5gs_hss_cx/scscf/scscf_init.sh Executable file
View File

@@ -0,0 +1,83 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
[ ${#MNC} == 3 ] && IMS_DOMAIN="ims.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || IMS_DOMAIN="ims.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
mkdir -p /etc/kamailio_scscf
cp /mnt/scscf/scscf.cfg /etc/kamailio_scscf
cp /mnt/scscf/scscf.xml /etc/kamailio_scscf
cp /mnt/scscf/kamailio_scscf.cfg /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel6.xsd /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel7.xsd /etc/kamailio_scscf
cp /mnt/scscf/CxDataType_Rel8.xsd /etc/kamailio_scscf
cp /mnt/scscf/dispatcher.list /etc/kamailio_scscf
while ! mysqladmin ping -h ${MYSQL_IP} --silent; do
sleep 5;
done
# Sleep until permissions are set
sleep 10;
# Create SCSCF database, populate tables and grant privileges
if [[ -z "`mysql -u root -h ${MYSQL_IP} -qfsBe "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='scscf'" 2>&1`" ]];
then
mysql -u root -h ${MYSQL_IP} -e "create database scscf;"
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/standard-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/presence-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_usrloc_scscf-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_dialog-create.sql
mysql -u root -h ${MYSQL_IP} scscf < /usr/local/src/kamailio/utils/kamctl/mysql/ims_charging-create.sql
SCSCF_USER_EXISTS=`mysql -u root -h ${MYSQL_IP} -s -N -e "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE User = 'scscf' AND Host = '%')"`
if [[ "$SCSCF_USER_EXISTS" == 0 ]]
then
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'scscf'@'%' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "CREATE USER 'scscf'@'$SCSCF_IP' IDENTIFIED WITH mysql_native_password BY 'heslo'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON scscf.* TO 'scscf'@'%'";
mysql -u root -h ${MYSQL_IP} -e "GRANT ALL ON scscf.* TO 'scscf'@'$SCSCF_IP'";
mysql -u root -h ${MYSQL_IP} -e "FLUSH PRIVILEGES;"
fi
fi
export IMS_SLASH_DOMAIN=`echo $IMS_DOMAIN | sed 's/\./\\\./g'`
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|IMS_SLASH_DOMAIN|'$IMS_SLASH_DOMAIN'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/kamailio_scscf/scscf.cfg
sed -i 's|SCSCF_IP|'$SCSCF_IP'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|EPC_DOMAIN|'$EPC_DOMAIN'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|HSS_BIND_PORT|'$HSS_BIND_PORT'|g' /etc/kamailio_scscf/scscf.xml
sed -i 's|SCSCF_BIND_PORT|'$SCSCF_BIND_PORT'|g' /etc/kamailio_scscf/scscf.xml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

30
custom_deployments/open5gs_hss_cx/srsenb.yaml Normal file
View File

@@ -0,0 +1,30 @@
version: '3'
services:
srsenb:
image: docker_srslte
container_name: srsenb
stdin_open: true
tty: true
privileged: true
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../srslte:/mnt/srslte
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=enb
expose:
- "36412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${SRS_ENB_IP}
networks:
default:
external:
name: docker_open5gs_default

156
custom_deployments/slicing/.custom_env Normal file
View File

@@ -0,0 +1,156 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
SMF2_IP=172.22.0.100
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
UPF2_IP=172.22.0.90
UPF2_ADVERTISE_IP=172.22.0.90
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# PYHSS
PYHSS_IP=172.22.0.18
PYHSS_BIND_PORT=3875
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
NR_UE2_IP=172.22.0.91
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011224567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
UE2_IMEI=356938035643804
UE2_IMEISV=4370816125816152
UE2_IMSI=001011224567896
UE2_KI=8baf473f2f8fd09487cccbd7097c6862
UE2_OP=11111111111111111111111111111111
UE2_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# UE IPv4 Subnet Range for APN=private
UE_IPV4_PRIVATE=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

45
custom_deployments/slicing/README.md Normal file
View File

@@ -0,0 +1,45 @@
## Deployment description
This custom deployment showcases a slicing scenario by deploying two instances of open5gs SMF and UPF each handling an individual slice configuration.
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```
### Scenario deployment
Deploy the 5G SA network consisting of two slices.
```
cd custom_deployments/slicing
docker compose -f sa-deploy.yaml up
```
Deploy UERANSIM gNB (RF simulated).
```
docker compose -f nr-gnb.yaml up -d && docker container attach nr_gnb
```
Deploy UERANSIM NR-UE (RF simulated) for first slice.
```
docker compose -f nr-ue.yaml up -d && docker container attach nr_ue
```
Deploy UERANSIM NR-UE (RF simulated) for second slice.
```
docker compose -f nr-ue2.yaml up -d && docker container attach nr_ue2
```

62
custom_deployments/slicing/amf/amf.yaml Normal file
View File

@@ -0,0 +1,62 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/amf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
amf:
sbi:
server:
- address: AMF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
ngap:
server:
- address: AMF_IP
guami:
- plmn_id:
mcc: MCC
mnc: MNC
amf_id:
region: 2
set: 1
tai:
- plmn_id:
mcc: MCC
mnc: MNC
tac: 1
plmn_support:
- plmn_id:
mcc: MCC
mnc: MNC
s_nssai:
- sst: 1
sd: 000001
- sst: 1
sd: 000002
security:
integrity_order : [ NIA2, NIA1, NIA0 ]
ciphering_order : [ NEA0, NEA1, NEA2 ]
network_name:
full: Open5GS
amf_name: open5gs-amf0
metrics:
server:
- address: AMF_IP
port: 9091
time:
t3512:
value: 540

38
custom_deployments/slicing/amf/amf_init.sh Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/amf/amf.yaml install/etc/open5gs
sed -i 's|AMF_IP|'$AMF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/amf.yaml
sed -i 's|MNC|'$MNC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MCC|'$MCC'|g' install/etc/open5gs/amf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/amf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

29
custom_deployments/slicing/nr-gnb.yaml Normal file
View File

@@ -0,0 +1,29 @@
version: '3'
services:
nr_gnb:
image: docker_ueransim
container_name: nr_gnb
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-gnb
expose:
- "38412/sctp"
- "2152/udp"
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/slicing/nr-ue.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue:
image: docker_ueransim
container_name: nr_ue
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/slicing/nr-ue2.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue2:
image: docker_ueransim
container_name: nr_ue2
stdin_open: true
tty: true
volumes:
- ./ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue2
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE2_IP}
networks:
default:
external:
name: docker_open5gs_default

34
custom_deployments/slicing/nssf/nssf.yaml Normal file
View File

@@ -0,0 +1,34 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/nssf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
nssf:
sbi:
server:
- address: NSSF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
nsi:
- uri: http://NRF_IP:7777
s_nssai:
sst: 1
sd: 000001
- uri: http://NRF_IP:7777
s_nssai:
sst: 1
sd: 000002

37
custom_deployments/slicing/nssf/nssf_init.sh Executable file
View File

@@ -0,0 +1,37 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cp /mnt/nssf/nssf.yaml install/etc/open5gs
sed -i 's|NSSF_IP|'$NSSF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/nssf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/nssf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

403
custom_deployments/slicing/sa-deploy.yaml Normal file
View File

@@ -0,0 +1,403 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
smf2:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf2
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf2
- DEPLOY_MODE=5G
volumes:
- ./smf:/mnt/smf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF2_IP}
upf:
image: docker_open5gs
depends_on:
- nrf
- scp
- smf
container_name: upf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
# ports:
# - "2152:2152/udp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
upf2:
image: docker_open5gs
depends_on:
- nrf
- scp
- smf2
container_name: upf2
env_file:
- .custom_env
environment:
- COMPONENT_NAME=upf2
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
# ports:
# - "2152:2152/udp"
cap_add:
- NET_ADMIN
privileged: true
sysctls:
- net.ipv4.ip_forward=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF2_IP}
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ./amf:/mnt/amf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ./nssf:/mnt/nssf
- ./log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata

70
custom_deployments/slicing/smf/ip_utils.py Executable file
View File

@@ -0,0 +1,70 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import sys
import ipaddress
"""
Script used to fetch first IP address in a given IP range. i.e. the calling bash script reads the std output
Usage in command line:
e.g:
$ python3 ip_utils.py --ip_range 192.168.100.0/24
$ python3 ip_utils.py --ip_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--ip_range',
required=True,
callback=validate_ip_net,
help='UE IPv4/IPv6 Address range in CIDR format e.g. 192.168.100.0/24 or 2001:230:cafe::/48')
def start(ip_range):
# Get the first IP address in the IP range and netmask prefix length
first_ip_addr = next(ip_range.hosts(), None)
if not first_ip_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ip_addr = first_ip_addr.exploded
print(str(first_ip_addr))
if __name__ == '__main__':
try:
start()
sys.exit(0)
except ValueError:
sys.exit(1)

64
custom_deployments/slicing/smf/smf.yaml Normal file
View File

@@ -0,0 +1,64 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/smf.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
parameter:
no_ipv4v6_local_addr_in_packet_filter: true
smf:
info:
- s_nssai:
- sst: 1
sd: 000001
dnn:
- internet
sbi:
server:
- address: SMF_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
gtpc:
server:
- address: SMF_IP
gtpu:
server:
- address: SMF_IP
pfcp:
server:
- address: SMF_IP
client:
upf:
- address: UPF_IP
dnn: internet
session:
- subnet: UE_IPV4_INTERNET_SUBNET
gateway: UE_IPV4_INTERNET_TUN_IP
dnn: internet
- subnet: 2001:230:cafe::/48
gateway: 2001:230:cafe::1
dnn: internet
dns:
- SMF_DNS1
- SMF_DNS2
- 2001:4860:4860::8888
- 2001:4860:4860::8844
p-cscf:
- PCSCF_IP
mtu: 1450
metrics:
server:
- address: SMF_IP
port: 9091

64
custom_deployments/slicing/smf/smf2.yaml Normal file
View File

@@ -0,0 +1,64 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/smf2.log
sbi:
server:
no_tls: true
client:
no_tls: true
global:
max:
ue: MAX_NUM_UE
parameter:
no_ipv4v6_local_addr_in_packet_filter: true
smf:
info:
- s_nssai:
- sst: 1
sd: 000002
dnn:
- private
sbi:
server:
- address: SMF2_IP
port: 7777
client:
nrf:
- uri: http://NRF_IP:7777
scp:
- uri: http://SCP_IP:7777
gtpc:
server:
- address: SMF2_IP
gtpu:
server:
- address: SMF2_IP
pfcp:
server:
- address: SMF2_IP
client:
upf:
- address: UPF2_IP
dnn: private
session:
- subnet: UE_IPV4_PRIVATE_SUBNET
gateway: UE_IPV4_PRIVATE_TUN_IP
dnn: private
- subnet: 2001:230:fafe::/48
gateway: 2001:230:fafe::1
dnn: private
dns:
- SMF_DNS1
- SMF_DNS2
- 2001:4860:4860::8888
- 2001:4860:4860::8844
p-cscf:
- PCSCF_IP
mtu: 1450
metrics:
server:
- address: SMF2_IP
port: 9091

57
custom_deployments/slicing/smf/smf2_init.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
UE_IPV4_PRIVATE_TUN_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_PRIVATE)
cp /mnt/smf/smf2.yaml install/etc/open5gs/smf.yaml
if [[ ${DEPLOY_MODE} == 4G ]];
then
echo "Error: Invalid deployment mode for SMF: '$DEPLOY_MODE'"
exit 1
fi
sed -i 's|SMF2_IP|'$SMF2_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UPF2_IP|'$UPF2_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS1|'$SMF_DNS1'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS2|'$SMF_DNS2'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_PRIVATE_TUN_IP|'$UE_IPV4_PRIVATE_TUN_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_PRIVATE_SUBNET|'$UE_IPV4_PRIVATE'|g' install/etc/open5gs/smf.yaml
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/smf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

60
custom_deployments/slicing/smf/smf_init.sh Executable file
View File

@@ -0,0 +1,60 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
[ ${#MNC} == 3 ] && EPC_DOMAIN="epc.mnc${MNC}.mcc${MCC}.3gppnetwork.org" || EPC_DOMAIN="epc.mnc0${MNC}.mcc${MCC}.3gppnetwork.org"
UE_IPV4_INTERNET_TUN_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_INTERNET)
UE_IPV4_IMS_TUN_IP=$(python3 /mnt/smf/ip_utils.py --ip_range $UE_IPV4_IMS)
cp /mnt/smf/smf.yaml install/etc/open5gs
if [[ ${DEPLOY_MODE} == 4G ]];
then
echo "Error: Invalid deployment mode for SMF: '$DEPLOY_MODE'"
exit 1
fi
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SCP_IP|'$SCP_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|NRF_IP|'$NRF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UPF_IP|'$UPF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS1|'$SMF_DNS1'|g' install/etc/open5gs/smf.yaml
sed -i 's|SMF_DNS2|'$SMF_DNS2'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_INTERNET_TUN_IP|'$UE_IPV4_INTERNET_TUN_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_INTERNET_SUBNET|'$UE_IPV4_INTERNET'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_IMS_TUN_IP|'$UE_IPV4_IMS_TUN_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|UE_IPV4_IMS_SUBNET|'$UE_IPV4_IMS'|g' install/etc/open5gs/smf.yaml
sed -i 's|PCSCF_IP|'$PCSCF_IP'|g' install/etc/open5gs/smf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/smf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

25
custom_deployments/slicing/ueransim/ueransim-gnb.yaml Normal file
View File

@@ -0,0 +1,25 @@
mcc: 'MCC' # Mobile Country Code value
mnc: 'MNC' # Mobile Network Code value (2 or 3 digits)
nci: '0x000000010' # NR Cell Identity (36-bit)
idLength: 32 # NR gNB ID length in bits [22...32]
tac: 1 # Tracking Area Code
linkIp: NR_GNB_IP # gNB's local IP address for Radio Link Simulation (Usually same with local IP)
ngapIp: NR_GNB_IP # gNB's local IP address for N2 Interface (Usually same with local IP)
gtpIp: NR_GNB_IP # gNB's local IP address for N3 Interface (Usually same with local IP)
# List of AMF address information
amfConfigs:
- address: AMF_IP
port: 38412
# List of supported S-NSSAIs by this gNB
slices:
- sst: 1
sd: 0x000001
- sst: 1
sd: 0x000002
# Indicates whether or not SCTP stream number errors should be ignored.
ignoreStreamIds: true

10
ueransim/open5gs_gnb_init.sh → custom_deployments/slicing/ueransim/ueransim-gnb_init.sh
View File

@@ -28,12 +28,12 @@
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/open5gs-gnb.yaml /UERANSIM/config/open5gs-gnb.yaml
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/open5gs-gnb.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/open5gs-gnb.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/open5gs-gnb.yaml
sed -i 's|AMF_IP|'$AMF_IP'|g' /UERANSIM/config/open5gs-gnb.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|AMF_IP|'$AMF_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

72
custom_deployments/slicing/ueransim/ueransim-ue.yaml Normal file
View File

@@ -0,0 +1,72 @@
# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 or 16 digits)
supi: 'imsi-UE1_IMSI'
# Mobile Country Code value of HPLMN
mcc: 'MCC'
# Mobile Network Code value of HPLMN (2 or 3 digits)
mnc: 'MNC'
# Permanent subscription key
key: 'UE1_KI'
# Operator code (OP or OPC) of the UE
op: 'UE1_OP'
# This value specifies the OP type and it can be either 'OP' or 'OPC'
opType: 'OP'
# Authentication Management Field (AMF) value
amf: 'UE1_AMF'
# IMEI number of the device. It is used if no SUPI is provided
imei: 'UE1_IMEI'
# IMEISV number of the device. It is used if no SUPI and IMEI is provided
imeiSv: 'UE1_IMEISV'
# List of gNB IP addresses for Radio Link Simulation
gnbSearchList:
- NR_GNB_IP
# UAC Access Identities Configuration
uacAic:
mps: false
mcs: false
# UAC Access Control Class
uacAcc:
normalClass: 0
class11: false
class12: false
class13: false
class14: false
class15: false
# Initial PDU sessions to be established
sessions:
- type: 'IPv4'
apn: 'internet'
slice:
sst: 1
sd: 0x000001
# Configured NSSAI for this UE by HPLMN
configured-nssai:
- sst: 1
sd: 0x000001
# Default Configured NSSAI for this UE
default-nssai:
- sst: 1
sd: 0x000001
# Supported encryption algorithms by this UE
integrity:
IA1: true
IA2: true
IA3: true
# Supported integrity algorithms by this UE
ciphering:
EA1: true
EA2: true
EA3: true
# Integrity protection maximum data rate for user plane
integrityMaxRate:
uplink: 'full'
downlink: 'full'

72
custom_deployments/slicing/ueransim/ueransim-ue2.yaml Normal file
View File

@@ -0,0 +1,72 @@
# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 or 16 digits)
supi: 'imsi-UE2_IMSI'
# Mobile Country Code value of HPLMN
mcc: 'MCC'
# Mobile Network Code value of HPLMN (2 or 3 digits)
mnc: 'MNC'
# Permanent subscription key
key: 'UE2_KI'
# Operator code (OP or OPC) of the UE
op: 'UE2_OP'
# This value specifies the OP type and it can be either 'OP' or 'OPC'
opType: 'OP'
# Authentication Management Field (AMF) value
amf: 'UE2_AMF'
# IMEI number of the device. It is used if no SUPI is provided
imei: 'UE2_IMEI'
# IMEISV number of the device. It is used if no SUPI and IMEI is provided
imeiSv: 'UE2_IMEISV'
# List of gNB IP addresses for Radio Link Simulation
gnbSearchList:
- NR_GNB_IP
# UAC Access Identities Configuration
uacAic:
mps: false
mcs: false
# UAC Access Control Class
uacAcc:
normalClass: 0
class11: false
class12: false
class13: false
class14: false
class15: false
# Initial PDU sessions to be established
sessions:
- type: 'IPv4'
apn: 'private'
slice:
sst: 1
sd: 0x000002
# Configured NSSAI for this UE by HPLMN
configured-nssai:
- sst: 1
sd: 0x000002
# Default Configured NSSAI for this UE
default-nssai:
- sst: 1
sd: 0x000002
# Supported encryption algorithms by this UE
integrity:
IA1: true
IA2: true
IA3: true
# Supported integrity algorithms by this UE
ciphering:
EA1: true
EA2: true
EA3: true
# Integrity protection maximum data rate for user plane
integrityMaxRate:
uplink: 'full'
downlink: 'full'

44
custom_deployments/slicing/ueransim/ueransim-ue2_init.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_KI|'$UE2_KI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_OP|'$UE2_OP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_AMF|'$UE2_AMF'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMEISV|'$UE2_IMEISV'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMEI|'$UE2_IMEI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE2_IMSI|'$UE2_IMSI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

44
custom_deployments/slicing/ueransim/ueransim-ue_init.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
cp /mnt/ueransim/${COMPONENT_NAME}.yaml /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_KI|'$UE1_KI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_OP|'$UE1_OP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_AMF|'$UE1_AMF'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMEISV|'$UE1_IMEISV'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMEI|'$UE1_IMEI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|UE1_IMSI|'$UE1_IMSI'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/${COMPONENT_NAME}.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

70
custom_deployments/slicing/upf/ip_utils.py Executable file
View File

@@ -0,0 +1,70 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import sys
import ipaddress
"""
Script used to fetch first IP address in a given IP range. i.e. the calling bash script reads the std output
Usage in command line:
e.g:
$ python3 ip_utils.py --ip_range 192.168.100.0/24
$ python3 ip_utils.py --ip_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--ip_range',
required=True,
callback=validate_ip_net,
help='UE IPv4/IPv6 Address range in CIDR format e.g. 192.168.100.0/24 or 2001:230:cafe::/48')
def start(ip_range):
# Get the first IP address in the IP range and netmask prefix length
first_ip_addr = next(ip_range.hosts(), None)
if not first_ip_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ip_addr = first_ip_addr.exploded
print(str(first_ip_addr))
if __name__ == '__main__':
try:
start()
sys.exit(0)
except ValueError:
sys.exit(1)

108
custom_deployments/slicing/upf/tun_if.py Executable file
View File

@@ -0,0 +1,108 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import click
import subprocess
import ipaddress
"""
Usage in command line:
e.g:
$ python3 tun_if.py --tun_ifname ogstun --ipv4_range 192.168.100.0/24 --ipv6_range 2001:230:cafe::/48
"""
def validate_ip_net(ctx, param, value):
try:
ip_net = ipaddress.ip_network(value)
return ip_net
except ValueError:
raise click.BadParameter(
'Value does not represent a valid IPv4/IPv6 range')
@click.command()
@click.option('--tun_ifname',
required=True,
help='TUN interface name e.g. ogstun')
@click.option('--ipv4_range',
required=True,
callback=validate_ip_net,
help='UE IPv4 Address range in CIDR format e.g. 192.168.100.0/24')
@click.option('--ipv6_range',
required=True,
callback=validate_ip_net,
help='UE IPv6 Address range in CIDR format e.g. 2001:230:cafe::/48')
@click.option('--nat_rule',
default='yes',
help='Option specifying whether to add NATing iptables rule or not')
def start(tun_ifname,
ipv4_range,
ipv6_range,
nat_rule):
# Get the first IP address in the IP range and netmask prefix length
first_ipv4_addr = next(ipv4_range.hosts(), None)
if not first_ipv4_addr:
raise ValueError('Invalid UE IPv4 range. Only one IP given')
else:
first_ipv4_addr = first_ipv4_addr.exploded
first_ipv6_addr = next(ipv6_range.hosts(), None)
if not first_ipv6_addr:
raise ValueError('Invalid UE IPv6 range. Only one IP given')
else:
first_ipv6_addr = first_ipv6_addr.exploded
ipv4_netmask_prefix = ipv4_range.prefixlen
ipv6_netmask_prefix = ipv6_range.prefixlen
# Setup the TUN interface, set IP address and setup IPtables
# if ls /sys/class/net | grep "ogstun" ; then ip link delete ogstun; fi
execute_bash_cmd('ip tuntap add name ' + tun_ifname + ' mode tun')
execute_bash_cmd('ip addr add ' + first_ipv4_addr + '/' +
str(ipv4_netmask_prefix) + ' dev ' + tun_ifname)
execute_bash_cmd('ip addr add ' + first_ipv6_addr + '/' +
str(ipv6_netmask_prefix) + ' dev ' + tun_ifname)
execute_bash_cmd('ip link set ' + tun_ifname + ' mtu 1450')
execute_bash_cmd('ip link set ' + tun_ifname + ' up')
if nat_rule == 'yes':
execute_bash_cmd('if ! iptables-save | grep -- \"-A POSTROUTING -s ' + ipv4_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE\" ; then ' +
'iptables -t nat -A POSTROUTING -s ' + ipv4_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE; fi')
execute_bash_cmd('if ! ip6tables-save | grep -- \"-A POSTROUTING -s ' + ipv6_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE\" ; then ' +
'ip6tables -t nat -A POSTROUTING -s ' + ipv6_range.with_prefixlen + ' ! -o ' + tun_ifname + ' -j MASQUERADE; fi')
execute_bash_cmd('if ! iptables-save | grep -- \"-A INPUT -i ' + tun_ifname + ' -j ACCEPT\" ; then ' +
'iptables -A INPUT -i ' + tun_ifname + ' -j ACCEPT; fi')
execute_bash_cmd('if ! ip6tables-save | grep -- \"-A INPUT -i ' + tun_ifname + ' -j ACCEPT\" ; then ' +
'ip6tables -A INPUT -i ' + tun_ifname + ' -j ACCEPT; fi')
def execute_bash_cmd(bash_cmd):
# print("Executing: /bin/bash -c " + bash_cmd)
return subprocess.run(bash_cmd, stdout=subprocess.PIPE, shell=True)
if __name__ == '__main__':
start()

32
custom_deployments/slicing/upf/upf.yaml Normal file
View File

@@ -0,0 +1,32 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/upf.log
global:
max:
ue: MAX_NUM_UE
upf:
pfcp:
server:
- address: UPF_IP
client:
smf:
- address: SMF_IP
dnn: internet
gtpu:
server:
- address: UPF_IP
advertise: UPF_ADVERTISE_IP
session:
- subnet: UE_IPV4_INTERNET_SUBNET
gateway: UE_IPV4_INTERNET_TUN_IP
dnn: internet
dev: ogstun
- subnet: 2001:230:cafe::/48
gateway: 2001:230:cafe::1
dnn: internet
metrics:
server:
- address: UPF_IP
port: 9091

33
custom_deployments/slicing/upf/upf2.yaml Normal file
View File

@@ -0,0 +1,33 @@
logger:
file:
path: /open5gs/install/var/log/open5gs/upf2.log
global:
max:
ue: MAX_NUM_UE
upf:
pfcp:
server:
- address: UPF2_IP
client:
smf:
- address: SMF2_IP
dnn: private
gtpu:
server:
- address: UPF2_IP
advertise: UPF2_ADVERTISE_IP
session:
- subnet: UE_IPV4_PRIVATE_SUBNET
gateway: UE_IPV4_PRIVATE_TUN_IP
dnn: private
dev: ogstun
- subnet: 2001:230:fafe::/48
gateway: 2001:230:fafe::1
dnn: private
dev: ogstun
metrics:
server:
- address: UPF2_IP
port: 9091

48
custom_deployments/slicing/upf/upf2_init.sh Executable file
View File

@@ -0,0 +1,48 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
python3 /mnt/upf/tun_if.py --tun_ifname ogstun --ipv4_range $UE_IPV4_PRIVATE --ipv6_range 2001:230:fafe::/48
UE_IPV4_PRIVATE_TUN_IP=$(python3 /mnt/upf/ip_utils.py --ip_range $UE_IPV4_PRIVATE)
cp /mnt/upf/upf2.yaml install/etc/open5gs/upf.yaml
sed -i 's|UPF2_IP|'$UPF2_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|SMF2_IP|'$SMF2_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_PRIVATE_TUN_IP|'$UE_IPV4_PRIVATE_TUN_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_PRIVATE_SUBNET|'$UE_IPV4_PRIVATE'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF2_ADVERTISE_IP|'$UPF2_ADVERTISE_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/upf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

49
custom_deployments/slicing/upf/upf_init.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export LC_ALL=C.UTF-8
export LANG=C.UTF-8
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
python3 /mnt/upf/tun_if.py --tun_ifname ogstun --ipv4_range $UE_IPV4_INTERNET --ipv6_range 2001:230:cafe::/48
UE_IPV4_INTERNET_TUN_IP=$(python3 /mnt/upf/ip_utils.py --ip_range $UE_IPV4_INTERNET)
cp /mnt/upf/upf.yaml install/etc/open5gs
sed -i 's|UPF_IP|'$UPF_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|SMF_IP|'$SMF_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_INTERNET_TUN_IP|'$UE_IPV4_INTERNET_TUN_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_INTERNET_SUBNET|'$UE_IPV4_INTERNET'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_IMS_TUN_IP|'$UE_IPV4_IMS_TUN_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|UE_IPV4_IMS_SUBNET|'$UE_IPV4_IMS'|g' install/etc/open5gs/upf.yaml
sed -i 's|UPF_ADVERTISE_IP|'$UPF_ADVERTISE_IP'|g' install/etc/open5gs/upf.yaml
sed -i 's|MAX_NUM_UE|'$MAX_NUM_UE'|g' install/etc/open5gs/upf.yaml
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

142
custom_deployments/with_eupf/.custom_env Normal file
View File

@@ -0,0 +1,142 @@
# Set proper timezone to sync times between docker host and containers
#TZ=Europe/Berlin
MCC=001
MNC=01
TEST_NETWORK=172.22.0.0/24
DOCKER_HOST_IP=192.168.1.223
# MONGODB
MONGO_IP=172.22.0.2
# HSS - open5gs
HSS_IP=172.22.0.3
# PCRF
PCRF_IP=172.22.0.4
PCRF_BIND_PORT=3873
# SGW
SGWC_IP=172.22.0.5
SGWU_IP=172.22.0.6
SGWU_ADVERTISE_IP=172.22.0.6
# SMF
SMF_IP=172.22.0.7
SMF_DNS1=8.8.8.8
SMF_DNS2=8.8.4.4
# UPF
UPF_IP=172.22.0.8
UPF_ADVERTISE_IP=172.22.0.8
# MME
MME_IP=172.22.0.9
# AMF
AMF_IP=172.22.0.10
# AUSF
AUSF_IP=172.22.0.11
# NRF
NRF_IP=172.22.0.12
# UDM
UDM_IP=172.22.0.13
# UDR
UDR_IP=172.22.0.14
# IMS DNS
DNS_IP=172.22.0.15
# RTPENGINE
RTPENGINE_IP=172.22.0.16
# MYSQL
MYSQL_IP=172.22.0.17
# PYHSS
PYHSS_IP=172.22.0.18
PYHSS_BIND_PORT=3875
# ICSCF
ICSCF_IP=172.22.0.19
ICSCF_BIND_PORT=3869
# SCSCF
SCSCF_IP=172.22.0.20
SCSCF_BIND_PORT=3870
# PCSCF
PCSCF_IP=172.22.0.21
PCSCF_BIND_PORT=3871
# SRSLTE ENB
SRS_ENB_IP=172.22.0.22
# UERANSIM
NR_GNB_IP=172.22.0.23
NR_UE_IP=172.22.0.24
UE1_IMEI=356938035643803
UE1_IMEISV=4370816125816151
UE1_IMSI=001011234567895
UE1_KI=8baf473f2f8fd09487cccbd7097c6862
UE1_OP=11111111111111111111111111111111
UE1_AMF=8000
# OAI ENB
OAI_ENB_IP=172.22.0.25
# OPEN5GS WEBUI
WEBUI_IP=172.22.0.26
# PCF
PCF_IP=172.22.0.27
# NSSF
NSSF_IP=172.22.0.28
# BSF
BSF_IP=172.22.0.29
# ENTITLEMENT SERVER
ENTITLEMENT_SERVER_IP=172.22.0.30
# OSMOMSC
OSMOMSC_IP=172.22.0.31
# OSMOHLR
OSMOHLR_IP=172.22.0.32
# SMSC
SMSC_IP=172.22.0.33
# SRSLTE UE
SRS_UE_IP=172.22.0.34
# SCP
SCP_IP=172.22.0.35
# METRICS
METRICS_IP=172.22.0.36
# SRSRAN GNB
SRS_GNB_IP=172.22.0.37
# GRAFANA
GRAFANA_IP=172.22.0.39
GRAFANA_USERNAME=open5gs
GRAFANA_PASSWORD=open5gs
# UE IPv4 Subnet Range for APN=internet
UE_IPV4_INTERNET=192.168.100.0/24
# UE IPv4 Subnet Range for APN=ims
UE_IPV4_IMS=192.168.101.0/24
# Maximum Number of UEs
MAX_NUM_UE=1024

27
custom_deployments/with_eupf/README.md Normal file
View File

@@ -0,0 +1,27 @@
## Deployment description
This custom deployment uses eUPF (https://github.com/edgecomllc/eupf) rather than open5gs UPF for 5G SA network deployment
## Additional steps
Most of the steps to be followed are similar to the steps mentioned in the [README in the root folder](../../README.md). However, additional steps mentioned below must be taken into account while deploying this custom deployment scenario.
### Build docker images for eUPF
eUPF docker image needs to be built before deploying
```
cd ../../eupf
docker build --no-cache --force-rm -t docker_eupf .
```
### Loading environmental variables for custom deployment
**Warning**
For custom deployments, you must modify/use only the [**.custom_env**](.custom_env) file rather than the [**.env** in the root folder](../../.env).
```
set -a
source .custom_env
set +a
```

29
custom_deployments/with_eupf/nr-gnb.yaml Normal file
View File

@@ -0,0 +1,29 @@
version: '3'
services:
nr_gnb:
image: docker_ueransim
container_name: nr_gnb
stdin_open: true
tty: true
volumes:
- ../../ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-gnb
expose:
- "38412/sctp"
- "2152/udp"
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

27
custom_deployments/with_eupf/nr-ue.yaml Normal file
View File

@@ -0,0 +1,27 @@
version: '3'
services:
nr_ue:
image: docker_ueransim
container_name: nr_ue
stdin_open: true
tty: true
volumes:
- ../../ueransim:/mnt/ueransim
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ueransim-ue
expose:
- "4997/udp"
cap_add:
- NET_ADMIN
privileged: true
networks:
default:
ipv4_address: ${NR_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

34
custom_deployments/with_eupf/oaignb.yaml Normal file
View File

@@ -0,0 +1,34 @@
version: '3'
services:
oaignb:
build:
context: oai
dockerfile: gnb_dockerfile
image: docker_oai_gnb
container_name: oaignb
stdin_open: true
tty: true
privileged: true
sysctls:
- net.ipv4.ip_forward=1
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../oai:/mnt/oai
- ../../log:/openairinterface5g/cmake_targets/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
expose:
- "38412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${OAI_ENB_IP}
networks:
default:
external:
name: docker_open5gs_default

362
custom_deployments/with_eupf/sa-deploy.yaml Normal file
View File

@@ -0,0 +1,362 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
eupf:
image: docker_eupf
depends_on:
- nrf
- scp
- smf
container_name: eupf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=eupf
volumes:
- ../../eupf:/mnt/eupf
- /sys/fs/bpf:/sys/fs/bpf
- /sys/kernel/debug:/sys/kernel/debug:ro
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
- "8181/tcp"
# ports:
# - "2152:2152/udp"
ulimits:
memlock: -1
cap_add:
- NET_ADMIN
- SYS_ADMIN
privileged: true
sysctls:
- net.ipv4.conf.all.forwarding=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
eupf-routes:
image: nicolaka/netshoot
network_mode: host
privileged: true
container_name: eupf-routes
env_file:
- .custom_env
command:
- /bin/sh
- -c
- |
ip ro add ${UE_IPV4_INTERNET} via ${UPF_IP} && \
iptables -t nat -A POSTROUTING -s ${UE_IPV4_INTERNET} -j MASQUERADE && \
sysctl -w net.ipv4.conf.all.accept_local=1
echo "done"
tail -f /dev/null
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ../../amf:/mnt/amf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ../../nssf:/mnt/nssf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata

549
custom_deployments/with_eupf/sa-vonr-deploy.yaml Normal file
View File

@@ -0,0 +1,549 @@
services:
mongo:
image: mongo:6.0
container_name: mongo
command: --bind_ip 0.0.0.0
env_file:
- .custom_env
volumes:
- mongodbdata:/data/db
- mongodbdata:/data/configdb
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "27017/udp"
- "27017/tcp"
networks:
default:
ipv4_address: ${MONGO_IP}
webui:
image: docker_open5gs
container_name: webui
depends_on:
- mongo
env_file:
- .custom_env
environment:
- COMPONENT_NAME=webui
volumes:
- ../../webui:/mnt/webui
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9999/tcp"
ports:
- "9999:9999/tcp"
networks:
default:
ipv4_address: ${WEBUI_IP}
nrf:
image: docker_open5gs
container_name: nrf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nrf
volumes:
- ../../nrf:/mnt/nrf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NRF_IP}
scp:
image: docker_open5gs
container_name: scp
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scp
volumes:
- ../../scp:/mnt/scp
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${SCP_IP}
ausf:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: ausf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ausf
volumes:
- ../../ausf:/mnt/ausf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${AUSF_IP}
udr:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: udr
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udr
volumes:
- ../../udr:/mnt/udr
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDR_IP}
udm:
image: docker_open5gs
depends_on:
- nrf
- scp
container_name: udm
env_file:
- .custom_env
environment:
- COMPONENT_NAME=udm
volumes:
- ../../udm:/mnt/udm
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${UDM_IP}
smf:
image: docker_open5gs
depends_on:
- nrf
- scp
- amf
container_name: smf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smf
- DEPLOY_MODE=5G
volumes:
- ../../smf:/mnt/smf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3868/udp"
- "3868/tcp"
- "3868/sctp"
- "5868/udp"
- "5868/tcp"
- "5868/sctp"
- "8805/udp"
- "2123/udp"
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${SMF_IP}
eupf:
image: docker_eupf
depends_on:
- nrf
- scp
- smf
container_name: eupf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=eupf
volumes:
- ../../eupf:/mnt/eupf
- /sys/fs/bpf:/sys/fs/bpf
- /sys/kernel/debug:/sys/kernel/debug:ro
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "2152/udp"
- "8805/udp"
- "9091/tcp"
- "8181/tcp"
# ports:
# - "2152:2152/udp"
ulimits:
memlock: -1
cap_add:
- NET_ADMIN
- SYS_ADMIN
privileged: true
sysctls:
- net.ipv4.conf.all.forwarding=1
#- net.ipv6.conf.all.disable_ipv6=0
networks:
default:
ipv4_address: ${UPF_IP}
eupf-routes:
image: nicolaka/netshoot
network_mode: host
privileged: true
container_name: eupf-routes
env_file:
- .custom_env
command:
- /bin/sh
- -c
- |
ip ro add ${UE_IPV4_INTERNET} via ${UPF_IP} && \
iptables -t nat -A POSTROUTING -s ${UE_IPV4_INTERNET} -j MASQUERADE && \
sysctl -w net.ipv4.conf.all.accept_local=1
echo "done"
tail -f /dev/null
amf:
image: docker_open5gs
depends_on:
- nrf
- scp
- ausf
- udm
- udr
- pcf
- bsf
container_name: amf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=amf
volumes:
- ../../amf:/mnt/amf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "38412/sctp"
- "7777/tcp"
- "9091/tcp"
# ports:
# - "38412:38412/sctp"
networks:
default:
ipv4_address: ${AMF_IP}
pcf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: pcf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcf
volumes:
- ../../pcf:/mnt/pcf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
- "9091/tcp"
networks:
default:
ipv4_address: ${PCF_IP}
bsf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: bsf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=bsf
volumes:
- ../../bsf:/mnt/bsf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${BSF_IP}
nssf:
image: docker_open5gs
depends_on:
- nrf
- scp
- mongo
container_name: nssf
env_file:
- .custom_env
environment:
- COMPONENT_NAME=nssf
volumes:
- ../../nssf:/mnt/nssf
- ../../log:/open5gs/install/var/log/open5gs
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "7777/tcp"
networks:
default:
ipv4_address: ${NSSF_IP}
metrics:
build: ../../metrics
image: docker_metrics
container_name: metrics
env_file:
- .custom_env
volumes:
- ../../metrics:/mnt/metrics
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "9090/tcp"
ports:
- "9090:9090/tcp"
networks:
default:
ipv4_address: ${METRICS_IP}
dns:
build: ../../dns
image: docker_dns
container_name: dns
env_file:
- .custom_env
volumes:
- ../../dns:/mnt/dns
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "53/udp"
networks:
default:
ipv4_address: ${DNS_IP}
rtpengine:
build: ../../rtpengine
image: docker_rtpengine
container_name: rtpengine
privileged: true
env_file:
- .custom_env
volumes:
- ../../rtpengine:/mnt/rtpengine
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
cap_add:
- NET_ADMIN
environment:
- TABLE=0
- INTERFACE=${RTPENGINE_IP}
- LISTEN_NG=${RTPENGINE_IP}:2223
- PIDFILE=/run/ngcp-rtpengine-daemon.pid
- PORT_MAX=50000
- PORT_MIN=49000
- NO_FALLBACK=no
- TOS=184
expose:
- "2223/udp"
- "49000-50000/udp"
networks:
default:
ipv4_address: ${RTPENGINE_IP}
mysql:
build: ../../mysql
image: docker_mysql
container_name: mysql
env_file:
- .custom_env
volumes:
- dbdata:/var/lib/mysql
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
expose:
- "3306/tcp"
networks:
default:
ipv4_address: ${MYSQL_IP}
pyhss:
build: ../../pyhss
image: docker_pyhss
container_name: pyhss
dns: ${DNS_IP}
volumes:
- ../../pyhss:/mnt/pyhss
- ../../pyhss/logs:/pyhss/log/
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
depends_on:
- dns
- mysql
expose:
- "3868/udp"
- "3868/tcp"
- "8080/tcp"
ports:
- "8080:8080/tcp"
networks:
default:
ipv4_address: ${PYHSS_IP}
icscf:
image: docker_kamailio
container_name: icscf
dns: ${DNS_IP}
volumes:
- ../../icscf:/mnt/icscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "3869/udp"
- "3869/tcp"
- "4060/udp"
- "4060/tcp"
networks:
default:
ipv4_address: ${ICSCF_IP}
scscf:
image: docker_kamailio
container_name: scscf
dns: ${DNS_IP}
volumes:
- ../../scscf:/mnt/scscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
- pyhss
expose:
- "3870/udp"
- "3870/tcp"
- "6060/udp"
- "6060/tcp"
networks:
default:
ipv4_address: ${SCSCF_IP}
pcscf:
image: docker_kamailio
container_name: pcscf
dns: ${DNS_IP}
privileged: true
cap_add:
- NET_ADMIN
volumes:
- ../../pcscf:/mnt/pcscf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=5G
depends_on:
- dns
- mysql
- rtpengine
- icscf
- scscf
expose:
- "3871/udp"
- "3871/tcp"
- "5060/tcp"
- "5060/udp"
- "5100-5120/tcp"
- "5100-5120/udp"
- "6100-6120/tcp"
- "6100-6120/udp"
networks:
default:
ipv4_address: ${PCSCF_IP}
smsc:
image: docker_kamailio
container_name: smsc
dns: ${DNS_IP}
volumes:
- ../../smsc:/mnt/smsc
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
expose:
- "7090/udp"
- "7090/tcp"
networks:
default:
ipv4_address: ${SMSC_IP}
grafana:
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .custom_env
volumes:
- grafana_data:/var/lib/grafana
- ../../grafana/:/etc/grafana/provisioning/
- ../../grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:
- "3000:3000/tcp"
networks:
default:
ipv4_address: ${GRAFANA_IP}
networks:
default:
name: docker_open5gs_default
ipam:
config:
- subnet: ${TEST_NETWORK}
volumes:
grafana_data:
name: grafana_data
mongodbdata:
name: docker_open5gs_mongodbdata
dbdata:
name: docker_open5gs_dbdata

30
custom_deployments/with_eupf/srsgnb.yaml Normal file
View File

@@ -0,0 +1,30 @@
version: '3'
services:
srsgnb:
image: docker_srsran
container_name: srsgnb
stdin_open: true
tty: true
privileged: true
devices:
- "/dev/bus"
volumes:
- /dev/serial:/dev/serial:ro
- /dev/bus/usb:/dev/bus/usb:ro
- ../../srsran:/mnt/srsran
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=gnb
expose:
- "38412/sctp"
- "2152/udp"
networks:
default:
ipv4_address: ${SRS_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

28
custom_deployments/with_eupf/srsgnb_zmq.yaml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
services:
srsgnb_zmq:
image: docker_srsran
container_name: srsgnb_zmq
stdin_open: true
tty: true
privileged: true
volumes:
- ../../srsran:/mnt/srsran
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=gnb_zmq
expose:
- "38412/sctp"
- "2152/udp"
- "2000/tcp"
- "2001/tcp"
networks:
default:
ipv4_address: ${SRS_GNB_IP}
networks:
default:
external:
name: docker_open5gs_default

28
custom_deployments/with_eupf/srsue_5g_zmq.yaml Normal file
View File

@@ -0,0 +1,28 @@
version: '3'
services:
srsue_5g_zmq:
image: docker_srslte
container_name: srsue_5g_zmq
stdin_open: true
tty: true
cap_add:
- NET_ADMIN
privileged: true
volumes:
- ../../srslte:/mnt/srslte
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
env_file:
- .custom_env
environment:
- COMPONENT_NAME=ue_5g_zmq
expose:
- "2000/tcp"
- "2001/tcp"
networks:
default:
ipv4_address: ${SRS_UE_IP}
networks:
default:
external:
name: docker_open5gs_default

57
deploy-all.yaml
View File

@@ -1,4 +1,3 @@
version: '3'
services:
mongo:
image: mongo:6.0
@@ -43,7 +42,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=nrf-1
- COMPONENT_NAME=nrf
volumes:
- ./nrf:/mnt/nrf
- ./log:/open5gs/install/var/log/open5gs
@@ -60,7 +59,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=scp-1
- COMPONENT_NAME=scp
volumes:
- ./scp:/mnt/scp
- ./log:/open5gs/install/var/log/open5gs
@@ -80,7 +79,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=ausf-1
- COMPONENT_NAME=ausf
volumes:
- ./ausf:/mnt/ausf
- ./log:/open5gs/install/var/log/open5gs
@@ -101,7 +100,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=udr-1
- COMPONENT_NAME=udr
volumes:
- ./udr:/mnt/udr
- ./log:/open5gs/install/var/log/open5gs
@@ -121,7 +120,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=udm-1
- COMPONENT_NAME=udm
volumes:
- ./udm:/mnt/udm
- ./log:/open5gs/install/var/log/open5gs
@@ -142,7 +141,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcf-1
- COMPONENT_NAME=pcf
volumes:
- ./pcf:/mnt/pcf
- ./log:/open5gs/install/var/log/open5gs
@@ -164,7 +163,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=bsf-1
- COMPONENT_NAME=bsf
volumes:
- ./bsf:/mnt/bsf
- ./log:/open5gs/install/var/log/open5gs
@@ -185,7 +184,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=nssf-1
- COMPONENT_NAME=nssf
volumes:
- ./nssf:/mnt/nssf
- ./log:/open5gs/install/var/log/open5gs
@@ -202,7 +201,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=hss-1
- COMPONENT_NAME=hss
volumes:
- ./hss:/mnt/hss
- ./log:/open5gs/install/var/log/open5gs
@@ -229,7 +228,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwc-1
- COMPONENT_NAME=sgwc
volumes:
- ./sgwc:/mnt/sgwc
- ./log:/open5gs/install/var/log/open5gs
@@ -250,7 +249,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=sgwu-1
- COMPONENT_NAME=sgwu
volumes:
- ./sgwu:/mnt/sgwu
- ./log:/open5gs/install/var/log/open5gs
@@ -274,7 +273,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=smf-1
- COMPONENT_NAME=smf
- DEPLOY_MODE=ALL
volumes:
- ./smf:/mnt/smf
@@ -305,7 +304,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=upf-1
- COMPONENT_NAME=upf
volumes:
- ./upf:/mnt/upf
- ./log:/open5gs/install/var/log/open5gs
@@ -340,7 +339,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=amf-1
- COMPONENT_NAME=amf
volumes:
- ./amf:/mnt/amf
- ./log:/open5gs/install/var/log/open5gs
@@ -368,7 +367,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=mme-1
- COMPONENT_NAME=mme
volumes:
- ./mme:/mnt/mme
- ./log:/open5gs/install/var/log/open5gs
@@ -395,7 +394,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcrf-1
- COMPONENT_NAME=pcrf
depends_on:
- mongo
volumes:
@@ -508,7 +507,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=icscf-1
- COMPONENT_NAME=icscf
depends_on:
- dns
- mysql
@@ -532,7 +531,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=scscf-1
- COMPONENT_NAME=scscf
depends_on:
- dns
- mysql
@@ -559,7 +558,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=pcscf-1
- COMPONENT_NAME=pcscf
- DEPLOY_MODE=ALL
depends_on:
- dns
@@ -599,7 +598,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=smsc-1
- COMPONENT_NAME=smsc
depends_on:
- dns
- mysql
@@ -620,7 +619,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmomsc-1
- COMPONENT_NAME=osmomsc
depends_on:
- osmohlr
expose:
@@ -640,7 +639,7 @@ services:
env_file:
- .env
environment:
- COMPONENT_NAME=osmohlr-1
- COMPONENT_NAME=osmohlr
expose:
- "4222/tcp"
networks:
@@ -664,15 +663,23 @@ services:
default:
ipv4_address: ${METRICS_IP}
grafana:
build: ./grafana
image: docker_grafana
image: grafana/grafana:11.3.0
container_name: grafana
env_file:
- .env
volumes:
- grafana_data:/var/lib/grafana
- ./grafana/:/etc/grafana/provisioning/
- ./grafana:/mnt/grafana
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
- GF_SECURITY_ADMIN_USER=${GRAFANA_USERNAME}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
#- GF_INSTALL_PLUGINS=${GRAFANA_INSTALL_PLUGINS}
- GF_PATHS_PROVISIONING=/etc/grafana/provisioning
- GF_PATHS_DATA=/var/lib/grafana
- METRICS_IP=${METRICS_IP}
expose:
- "3000/tcp"
ports:

55
eupf/Dockerfile Normal file
View File

@@ -0,0 +1,55 @@
# BSD 2-Clause License
# Copyright (c) 2020, Supreeth Herle
# All rights reserved.
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
FROM ubuntu:jammy
ENV DEBIAN_FRONTEND=noninteractive
# Install updates and dependencies
RUN apt-get update && \
apt-get -y install wget git clang llvm gcc-multilib libbpf-dev \
net-tools iputils-ping git ifupdown iperf iptables
# Install Golang
RUN rm -rf /usr/local/go && wget https://go.dev/dl/go1.22.4.linux-amd64.tar.gz && \
tar -C /usr/local -xzf go1.22.4.linux-amd64.tar.gz
ENV PATH="/usr/local/go/bin:${PATH}"
# Install the Swag command line tool for Golang
RUN go install github.com/swaggo/swag/cmd/swag@v1.8.12
# Get eupf, compile and install
RUN export PATH=$(go env GOPATH)/bin:${PATH} && \
git clone https://github.com/edgecomllc/eupf.git && \
cd eupf && git checkout tags/v0.6.4 && \
go generate -v ./cmd/... && \
go build -v -o bin/eupf ./cmd/
# Set the working directory to eupf
WORKDIR eupf
CMD /mnt/eupf/eupf_init.sh

24
ueransim/open5gs_ue_init.sh → eupf/eupf_init.sh
View File

@@ -26,19 +26,21 @@
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
export PATH="/usr/local/go/bin:${PATH}"
export PATH=$(go env GOPATH)/bin:${PATH}
export IP_ADDR=$(awk 'END{print $1}' /etc/hosts)
export IF_NAME=$(ip r | awk '/default/ { print $5 }')
cp /mnt/ueransim/open5gs-ue.yaml /UERANSIM/config/open5gs-ue.yaml
sed -i 's|MNC|'$MNC'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|MCC|'$MCC'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_KI|'$UE1_KI'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_OP|'$UE1_OP'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_AMF|'$UE1_AMF'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_IMEISV|'$UE1_IMEISV'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_IMEI|'$UE1_IMEI'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|UE1_IMSI|'$UE1_IMSI'|g' /UERANSIM/config/open5gs-ue.yaml
sed -i 's|NR_GNB_IP|'$NR_GNB_IP'|g' /UERANSIM/config/open5gs-ue.yaml
exec ./bin/eupf \
--iface $IF_NAME \
--aaddr $UPF_IP:8181 \
--paddr $UPF_IP:8805 \
--maddr $UPF_IP:9091 \
--nodeid $UPF_IP \
--ueip false \
--ftup false \
--loglvl info \
--n3addr $UPF_ADVERTISE_IP $@
# Sync docker time
#ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

0
grafana/open5gs_dashboard.json → grafana/dashboards/open5gs_dashboard.json
View File

2
grafana/open5gs_dashboard.yml → grafana/dashboards/open5gs_dashboard.yml
View File

@@ -5,4 +5,4 @@ providers:
folder: Services # The folder where to place the dashboards
type: file
options:
path: /var/lib/grafana/dashboards
path: /etc/grafana/provisioning/dashboards

9
grafana/datasources/prometheus_open5gs.yml Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: 1
datasources:
- name: Open5Gs
type: prometheus
access: proxy
url: http://${METRICS_IP}:9090
disableDeletion: false
editable: true

6
grafana/prometheus_open5gs.yml
View File

@@ -1,6 +0,0 @@
apiVersion: 1
datasources:
- name: Open5Gs
type: prometheus
url: http://METRICS_IP:9090

3
icscf/icscf.cfg
View File

@@ -14,9 +14,6 @@ alias=IMS_DOMAIN
#!define ENUM_SUFFIX "IMS_DOMAIN."
# Maximum lifetime of a subscription in seconds (same is advertised to UE)
#!substdef "/UE_SUBSCRIPTION_EXPIRES/SUBSCRIPTION_EXPIRES_ENV/g"
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:127.0.0.1:9060"

4
icscf/icscf.xml
View File

@@ -11,8 +11,8 @@
QueueLength="32"
TransactionTimeout="5"
SessionsHashSize="128"
DefaultAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
MaxAuthSessionTimeout="SUBSCRIPTION_EXPIRES_ENV"
DefaultAuthSessionTimeout="3600"
MaxAuthSessionTimeout="3600"
>
<Peer FQDN="hss.IMS_DOMAIN" Realm="IMS_DOMAIN" port="PYHSS_BIND_PORT"/>

4
icscf/icscf_init.sh
View File

@@ -80,15 +80,11 @@ then
mysql -u root -h ${MYSQL_IP} icscf -e "INSERT INTO s_cscf_capabilities (id_s_cscf, capability) VALUES ('$SCSCF_ID', 0),('$SCSCF_ID', 1);"
fi
SUBSCRIPTION_EXPIRES_ENV=3600
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|MYSQL_IP|'$MYSQL_IP'|g' /etc/kamailio_icscf/icscf.cfg
sed -i 's|ICSCF_IP|'$ICSCF_IP'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|SUBSCRIPTION_EXPIRES_ENV|'$SUBSCRIPTION_EXPIRES_ENV'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|IMS_DOMAIN|'$IMS_DOMAIN'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|PYHSS_BIND_PORT|'$PYHSS_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml
sed -i 's|ICSCF_BIND_PORT|'$ICSCF_BIND_PORT'|g' /etc/kamailio_icscf/icscf.xml

2
icscf/kamailio_icscf.cfg
View File

@@ -69,7 +69,7 @@ dns_try_naptr=no
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime=UE_SUBSCRIPTION_EXPIRES
tcp_connection_lifetime=3615
#!ifdef TCP_PROCESSES
tcp_children=TCP_PROCESSES
#!endif

4
ims_base/Dockerfile
View File

@@ -38,8 +38,8 @@ RUN apt-get update && \
# Fetch Kamailio code
RUN mkdir -p /usr/local/src/ && cd /usr/local/src/ && \
git clone https://github.com/herlesupreeth/kamailio && \
cd kamailio && git checkout fix_notify_on_re_subscribe2
git clone https://github.com/kamailio/kamailio && \
cd kamailio && git checkout 0da3eb3f94c087b272ebbe19c42fd933146482f8
# Build and Install Kamailio
RUN cd /usr/local/src/kamailio && make cfg

16
ims_base/kamailio_init.sh
View File

@@ -28,27 +28,27 @@
if [[ -z "$COMPONENT_NAME" ]]; then
echo "Error: COMPONENT_NAME environment variable not set"; exit 1;
elif [[ "$COMPONENT_NAME" =~ ^(icscf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(icscf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/icscf/icscf_init.sh && \
/mnt/icscf/${COMPONENT_NAME}_init.sh && \
mkdir -p /var/run/kamailio_icscf && \
rm -f /kamailio_icscf.pid && \
kamailio -f /etc/kamailio_icscf/kamailio_icscf.cfg -P /kamailio_icscf.pid -DD -E -e
elif [[ "$COMPONENT_NAME" =~ ^(scscf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(scscf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/scscf/scscf_init.sh && \
/mnt/scscf/${COMPONENT_NAME}_init.sh && \
mkdir -p /var/run/kamailio_scscf && \
rm -f /kamailio_scscf.pid && \
kamailio -f /etc/kamailio_scscf/kamailio_scscf.cfg -P /kamailio_scscf.pid -DD -E -e
elif [[ "$COMPONENT_NAME" =~ ^(pcscf-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(pcscf[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/pcscf/pcscf_init.sh && \
/mnt/pcscf/${COMPONENT_NAME}_init.sh && \
mkdir -p /var/run/kamailio_pcscf && \
rm -f /kamailio_pcscf.pid && \
kamailio -f /etc/kamailio_pcscf/kamailio_pcscf.cfg -P /kamailio_pcscf.pid -DD -E -e
elif [[ "$COMPONENT_NAME" =~ ^(smsc-[[:digit:]]+$) ]]; then
elif [[ "$COMPONENT_NAME" =~ ^(smsc[[:digit:]]*$) ]]; then
echo "Deploying component: '$COMPONENT_NAME'"
/mnt/smsc/smsc_init.sh && \
/mnt/smsc/${COMPONENT_NAME}_init.sh && \
mkdir -p /var/run/kamailio_smsc && \
rm -f /kamailio_smsc.pid && \
kamailio -f /etc/kamailio_smsc/kamailio_smsc.cfg -P /kamailio_smsc.pid -DD -E -e

2
ims_base/modules.lst
View File

@@ -16,7 +16,7 @@ static_modules=
skip_modules=
# the list of modules to exclude from compile list
exclude_modules= malloc_test app_sqlang acc_json acc_radius app_java app_lua app_lua_sr app_mono app_perl app_python app_python3 app_python3s app_ruby app_ruby_proc auth_ephemeral auth_identity auth_radius cnxcc cplc crypto db2_ldap db_berkeley db_cassandra db_mongodb db_oracle db_perlvdb db_postgres db_redis db_sqlite db_unixodbc dnssec erlang evapi geoip geoip2 gzcompress h350 ims_qos_npn janssonrpcc jsonrpcc jwt kafka kazoo lcr ldap log_systemd lost lwsc memcached microhttpd misc_radius mqtt msrp nats ndb_cassandra ndb_mongodb ndb_redis nsq osp peering phonenum presence_dfks print rabbitmq regex rls rtp_media_server ruxc secsipid secsipid_proc slack snmpstats stirshaken systemdops tls_wolfssl tlsa topos_redis websocket xhttp_pi xmpp $(skip_modules)
exclude_modules= malloc_test app_sqlang acc_json acc_radius app_java app_lua app_lua_sr app_mono app_perl app_python app_python3 app_python3s app_ruby app_ruby_proc auth_ephemeral auth_identity auth_radius cnxcc cplc crypto db2_ldap db_berkeley db_cassandra db_mongodb db_oracle db_perlvdb db_postgres db_redis db_sqlite db_unixodbc dnssec erlang evapi geoip geoip2 gzcompress h350 janssonrpcc jsonrpcc jwt kafka kazoo lcr ldap log_systemd lost lwsc memcached microhttpd misc_radius mqtt nats ndb_cassandra ndb_mongodb ndb_redis nsq osp peering phonenum rabbitmq regex rls rtp_media_server ruxc secsipid secsipid_proc slack snmpstats stirshaken systemdops tls_wolfssl tlsa topos_redis websocket xhttp_pi xmpp $(skip_modules)
modules_all= $(filter-out modules/CVS,$(wildcard modules/*))
modules_noinc= $(filter-out $(addprefix modules/, $(exclude_modules) $(static_modules)), $(modules_all))

Some files were not shown because too many files have changed in this diff Show More